In Grails how do you ask if the request coming in is http or https?
Should you approach this from the request object?
Use request.isSecure(). This isn't a Grails feature btw, it's in the javax.servlet.ServletRequest interface.
Related
I am trying to follow the ruby-saml example code for doing the outbound redirect and am hitting a CORs exception.
The code in question is:
request = OneLogin::RubySaml::Authrequest.new redirect_to(request.create(saml_settings))
When I try to call this via axios, I get an OPTIONS preflight which rejects me with a 302 and
Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.
So far, I have tried rack-cors, rails-reverse-proxy and a number of other things but I cannot get past this block.
Does anyone have some good instructions on how to fix this? Why is the redirect not being handled as a simple request? i.e. Why am I getting the OPTIONS preflight? Can I somehow make this a simple request?
Someone was saying that I will need to proxy through something like nginx but that seems overkill this.
rails 6, react if it matters.
The error you are experiencing is not related to SAML.
This is related to the fact that you are executing a redirection to a website which hostname mismatch the rails server hostname and the headers that are added on the request.
CORS explanation: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
You need to review your rack-cors settings as well as review if your Apache/Nginx configuration is configured properly.
https://enable-cors.org/server.html
Does anyone know any sort of API to test the connection with OKTA IDP is succeed or failed?
If connection is successful then we can carry on with other OKTA operation.
If connection is failed then perform necessary operation to fix it as per failure error message.
If there isn't any API is there any workaround to achieve it? If yes, can you help us?
Thanks in advance,
Ramesh
The method that you use for testing for a successful connection to Okta's REST API will depend on the programming language and method that your programming language uses to make HTTP requests.
Generally, you should configure your HTTP requests with a timeout and test for valid HTTP status codes. Your code should be configured to handle timed out HTTP requests or HTTP requests that don't return a status code.
In addition to handling HTTP and/or TCP/IP related errors, you should also handle the various errors that the Okta API will return. A list of errors codes is available here: http://developer.okta.com/docs/api/getting_started/error_codes.html
I had 3 servers with balancing: server-1.test.com, server-2.test.com, server3.test.com.
And I used domain https://test.com.
I want to make a POST request such as : curl -X POST https://test.com -d "title=test"
After that, if the post request was redirect by balancing to server-1.test.com. it would be ok. But if not, it would be change to GET request. So I couldn't get data from GET request. I knew that problem from https redirect. Any suggestions for it?
I can't use GET request for replace POST. because it was made by webhook of mailchimp.
For http call you can user http package in meteor.
You can also refer the themeteorchef tutorial for more understanding for http in meteor.
One more thing for http calls meteor uses sync call. So you can also use wrapasync in meteor for http calls for sending response back to client.
Is there some way to forward with Rails any incoming HTTP request to other web site as is, regardless of request type and its data?
In theory yes, you can collect a request headers, payload and details, and perform an HTTP request to another target reproducing the same request environment (cookies, headers, etc) effectively proxying the request... but I definitely think Rails is not the best solution for that.
You should definitely use a different approach and technology, for instance HAproxy or Nginx.
I am trying to check the incomming request to my server. Another server which has hosted MVC application. An action method is sending some data to my server. I am using Fiddler. But somehow it is not showing the incoming request.
Below mentioned are my settings in Fiddler Custom Rules..
static function OnBeforeRequest(oSession: Session) {
if (oSession.host.toLowerCase() == "IP Address:8888")
oSession.host = "IP Address:82";
}
Below mentioned are my Fiddler Options.
Am I missing anything ?
It sounds like you're trying to use Fiddler as a reverse proxy. You should read the steps at http://www.fiddler2.com/r/?reverseproxy. The biggest thing to understand is that when running as a reverse proxy, you only see traffic in Fiddler if the client's URL is changed to point at Fiddler.
If it is ssl connection then you need to enable option 'capture https connection' from 'https' tab. Did you try to invoke request from other browser like chrome ? Does fiddler capture anything?
You don't need custom rule for this case. It should work if you enable these settings. I have faced only some problems in other browsers like FF.
I'm not sure I can answer your question fully without knowing a few additional pieces of information.
If the request being made is not a HTTP request, Fiddler will not be able to handle it.
Also, if you're using the loopback address localhost then Fiddler may not be able to find it.