I have been using some tutorials to understand what properties must be set in the application.yml. There does not seem to be any documentation on the complete set of properties that can be set. Here's an example
security:
saml2:
relyingparty:
registration:
samlexample:
signing:
credentials:
- private-key-location: "classpath:credentials/private.key"
certificate-location: "classpath:credentials/certificate.crt"
decryption:
credentials:
- private-key-location: "classpath:credentials/private.key"
certificate-location: "classpath:credentials/certificate.crt"
identityprovider:
singlesignon:
sign-request: false
# metadata-uri: https://dev-2148273.okta.com/app/exk2iacdpvAt1bS3D5d7/sso/saml/metadata
metadata-location: "classpath:okta-metadata.xml"
Does anyone know of documentation related to which SAML properties I can set ? For example the last property is not correct. Instead of a URI, I wanted to create a file with the metadata and use that in the application.yml but I dont know what the property name is.
It would be helpful to have a webpage with documentation on the SAML 2 properties that can be set in application.yml.
I think you can deduce the full number of parameters in the class RelayingPartyRegistration which is what a registration is instantiated into:
https://docs.spring.io/spring-security/site/docs/5.5.3/api/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistration.html
As a matter of fact, there are ways in which you instead of adding properties add the registration as a class manually in which case this restriction should be obvious. Check example 130 here : https://docs.spring.io/spring-security/site/docs/current/reference/html5/#servlet-saml2login-sansboot
I wanted to create a file with the metadata and use that in the
application.yml but I dont know what the property name is.
I was able to use the file:/// URI prefix for the same metadata-uri property value. For example, a metadata file on a different Windows computer:
metadata-uri: file:///\\server\share_name$\path\to\file\metadata.xml
You might be able to adapt that for a file on the same server and provide only the absolute path.
I have been using some tutorials to understand what properties must be
set in the application.yml. There does not seem to be any
documentation on the complete set of properties that can be set
My sympathies, I have the same problem.
Related
i'm trying to use the Email verify service via send grid and after i'm write all the placeholders i'm getting this error: "SendGrid Template does not contain required placeholders", and I can't find any solution.
Can someone guide me with this?
Thank you!
You need to enable the "Template Engine" read access for your API key. You can do so here: https://app.sendgrid.com/settings/api_keys. Make sure it is read access only (i.e. the slider is in the middle).
I had the same problem. I used {{{ code }}} to load the dynamic data. In my case, its OTP. So I replaced {{{ code }}} with {{{twilio_code}}} and the problem was resolved.
As of today, the following applies : https://support.twilio.com/hc/en-us/articles/6554095919003-Error-SendGrid-Template-does-not-contain-required-placeholders-
Cause
This error message usually due to the SendGrid Dynamic template missing
at least one of the following placeholders:
- {{twilio_code}}
- {{twilio_message}}
- {{twilio_message_without_code}}
We can use
'PATCH /companies/:id' : 'CompanyController.find'
to update data.
One suggested me that I can use the alternative way:
'PATCH /companies/find?key=Value'
But I do not know what it works. Please explain me why we prefer ? mark than : mark in search path.
You can use either or. The biggest reason most people chose one or the other is just how they want to present the URL to the user.
Using a path variable (:) can symbolize you're accessing a defined resource, like a user ID, where as an argument (?) can symbolize you're are dynamically changing/searching something within a defined resource, like a token or search term.
From what I can tell that's the general practice I see:
example.com/user/:username
versus
example.com/user/?search="foo"
http://en.wikipedia.org/wiki/URL
If we are firing GET request, ? symbol is used to let the server know the url parameter variables starts from there. And this is commonly used. I didn't used : symbol instead of ?
You are probably messing the things up:
According to your example, :id indicates a variable that must me replaced by an actual value in some frameworks such as Express. See the documentation for details.
And ? indicates the beginning of the query string component according to the RFC 3986.
It's a rule to design rest api
you can find 'how to design a rest api'
Assuming below code is Sails.js
'PATCH /companies/:id' : 'CompanyController.find'
It will makes REST API that be mapped onto 'CompanyController.find' by using PathParam. Like this
www.example.com/companies/100
Second one will makes REST API by using QueryParam.
It also be mapped onto 'CompanyController.find'
/companies/find?key=Value
But the API format is different. Like this
www.example.com/companies/find?key=100
PathParam or QueryParam is fine to make REST API.
If the Key is primary for company entity,
I think PathParam is more proper than QueryParam.
So the thing is, this code works very well:
response["set-cookie"]="cookieName=#{#cookieValue.split.join}"
I can set a cookie, with a correct name and content (yes, split.join is correct too). But I need to set a domain too.
My website goes on domain like this: mysubdomain.mywebsite.com
But I need to set the cookie for domain mywebsite.com.
If I add it like this, the cookie is just not there:
response["set-cookie"]="cookieName=#{#cookieValue.split.join};Path=/;Domain=mywebsite.com"
I need to set a cookie with response["set-cookie"] because it is the only method that works for my long string. I tried every method, but I need to use this one.
So the question is: How can I set a domain by using response["set-cookie"] for setting cookie?
Well, prefer using an initializer here. Create a new file config/initializers/cookies.rb, and put the following code there:
options = {
key: 'your_cookie_name',
domain: 'your_domain'
}
Rails.application.config.session_store :cookie_store, options
This will make your cookie-related configuration at one place, although, it's not mandatory. You can still use the domain option to specify domain name for your cookie.
I wasn't able to make that works. I think Rails have some safety mechanism that prevents this (but it is correct to set cookie for domain from subdomain).
But I was able to do it by javascript:
document.cookie = "#{#cookieName}=#{#cookieContent};domain=yourdomain.com"
One line of code, works perfectly. Just put it in your view or to separate file and require it in application.js I am on subdomain but finally can set cookie for parent domain.
Two questions:
When you define a new route and you want to protect it by requiring an api_key to be set in the header, do you do it by specifying a security section under that route in the yaml file, or do you put it under parameters (or in both)? If it works by putting it under parameters, what's the point of putting it under security?
The yaml file can tell you that certain routes are protected by an api_key, but it doesn't specify the value of that key (as far as I know). Does it mean I need the write some custom middleware that intercepts my routes and checks the validity of the key, or it can be auto-generated by one of the swagger tools?
Thanks.
Im currently on the same journey as you. I do know this:
What to add in my swagger.json to accept api key
https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#securityRequirementObject
"security": [
{
"api_key": []
}
]
what to add in my controller ...
https://github.com/apigee-127/swagger-tools/blob/master/docs/Middleware.md
Pretty much use swagger-tools to use the middleware.swaggerSecurity.
What they dont tell you is how to validate the api_key
Well I found that it's simply taking the 'scopes' parameter which holds the actual key and comparing that against a list of valid keys that you have stored somewhere.
What I dont get is how to allow the flow to go to the next function (like 'next()' in express) or stop if there is an invalid API key supplied. There is a 'callback' parameter, but I dont know how to use it (yet).
I hope this works.
You do need to implement the security checks on your own. Swagger will help you define them, but implementing is your job.
Referring to the documentation here:
https://grails-plugins.github.io/grails-spring-security-core/guide/authentication.html#rememberMeCookie
I'm unable to get grails_remember_me to use secure cookie even though I've set it accordingly in Config.groovy:
grails.plugin.springsecurity.rememberMe.useSecureCookie = true
Am I missing something here?