I have just migrated a Drupal 8 site to AWS EC2 instance. Everything seems to be working except for one thing - when I log in, I get Access Denied message.
It appears that the website validates the user admin credentials and redirects to the correct page at user/1 but the authentication cookie/session are not handled properly.
I have found this ticket but am not sure how much it pertains to my situation since I am not using (as far as I know) the Cloudfront.
Password access not working with AWS Cloudfront website using Drupal
Any help or advice on this is appreciated.
Related
I recently deployed a web app to test out Azure as a hosting platform.
The configuration is php 8 with local git. I was able to connect through git and deploy a website. When I try to navigate to the site I get a 404 error. I did some digging and if I use: myapp.azurewebsites.net/.auth/login/aad/callback it will redirect a couple times and take me to a landing page and then from there on I can navigate to my website... at least until the session ends and then I'm back to 404 errors.
This is a free azure deployment there is no special configuration or setup... I'm really just testing out azure as a hosting platform and wondering how to solve this issue.
The site is also configured such that only members of the tenant can access the site, which is by design, and I can authenticate and access the site but only after using myapp.azurewebsites.net/.auth/login/aad/callback
I would have expected.. so long as I have logged in and have an open session / cookie then I can freely navigate the page without first needing to use the callback
I suspect some sort of authentication or redirect issue but I've also followed the instructions in:
https://learn.microsoft.com/en-us/azure/app-service/configure-authentication-provider-aad
The app registration from step 1 was already done as part of the deployment of the site. Kind of odd that after I use the callback URL I'm able to access the site as normal for a while.
Suggestions?
Thanks!
I want to lock down a wordpress (PHP) project on GAE to be accessible only to domain users. I set up my app.yaml so all routes are login: required or login: admin , and in the appengine.google.com console, set it to use the "Google Apps domain" authentication type.
At first, it worked. However, now even if you are signed in to the domain, it behaves as if you are not authorized (returns error 500). I suspect that the difference is the instance was already warmed up the first time, whereas the second time, it was not.
Any way around this / has anyone experienced this problem and found a solution?
Problem:
ALL users cannot login to live frontend web application. When using known 'valid' login credentials, no validation 'invalid' error feedback is given, it simply returns the user to the login page and denies access. When using known 'invalid' credentials, the app does provide the correct 'invalid' validation error feedback.
Background:
One day users were able to login without incident, the next day all users (including super-admin users) were unable to login to the live website. Before incident, website had been up and running for well over 24 months with no login issues.
Also, passwords are hashed using sha1 and salted in the database. I have a lot of members, and asking members to re-register is to be avoided at all costs (assuming I can even get a super admin to be able to login).
Setup:
Symfony 1.4, PHP 5.4, MySQL, Plugins used: Doctrine Guard, ForkedDoctrineApply
Troubleshooting:
Incident appeared to have happened around about the time a scheduled upgrade on the host server from PHP 5.X to PHP 5.4. But I can't be certain. After the automatic upgrade took place, and the problem arose, the host was reverted back to the original PHP version and the login issue remained. Can I rule out a problem with the host PHP version??
Using control panel and symfony commands [symfony guard:create-user], I created a new user, which I verified as successful in the database. I then tried logging in with the newly-made credentials and the problem persists.
Used the registration form on the frontend and attempted to register a new user that way. No dice. User is not created.
Placed the following code on the template to verify authentication:
<?php if (($sf_user->isAuthenticated ())): ?>
Authenticated
<?php endif; ?>
Under no circumstance was I able to get "Authenticated" to print
Thoughts:
Since I am unable to get a validation error using know valid credentials (it just redirect to the login component without throwing an invalid error), I am led to believe that the credentials are indeed good and valid... I am therefore led to believe that something happened to the authentication process - or I got hacked somehow.
I'm stumped. Any help would be greatly appreciated.
I'm trying to run the example.php file that comes with the facebook sdk. I do have a hosting server that runs php, and also changed the ID's to the corresponding one on my app. Here is the message i'm getting:
This webpage is not available
The webpage at https://filipeximenes.com/facebook/ might be temporarily down or it may have moved permanently to a new web address.
Error 501 (net::ERR_INSECURE_RESPONSE): Unknown error.
i'm pointing the canvas to this adress: http://filipeximenes.com/facebook/
Thanks.
Based on your description, I think that this is your problem:
Do you have a valid security certificate on the hosting server? I ran into that problem recently when deploying an FB app. Since October, you have to have a valid cert even in sandbox mode for the FB app to run properly. If you don't have one it causes weird problems.
Just a thought that I hope helps.
One other thing to do from a debugging perspective is to take a look at the actual app running on your hosting server without viewing it via FB. If you get the same error message there, you know that it has nothing to do with the FB SDK.
Thanks!
Matt
We have a sharepoint instance on our network that we get automatically logged into by logging into Windows. (they do not get prompted to log in)
We have another web application that requires users to log in but it currently has it's own username/password setup.
Our goal is to get the other application (which we have built) to act the same way sharepoint does - if you are logged into windows it will log you right into the application.
Where do I start? (I assume this will require LDAP)
Any guidance would be greatly appreciated.
Our setup (windows):
Windows
IE7 & 8
Windows Active Directory managing users/password
Our setup (the other application):
RHEL (could be Windows Server if really necessary)
PHP 5
Apache
mySQL - username and password are stored in mySQL
Update:
Maybe a drawing would help: Look at this
You are looking to implement NTLM Authentication in the PHP application, see my prior answer on this:
Can a PHP intranet share Windows logins?
If your other web application uses Windows Integrated Authentication (NTLM or Kerberos authentication or even basic authentication) then it can act the same way. Depending on the browser, it can automatically remember and log into sites using one of these methods. Each browser may do it differently, though. IE has settings for automatically logging in based on the zone (Internet, Local intranet, trusted sites).
You would not necessarily need to have the have your other application use the same user store (AD/LDAP), but it would likely make sense.