OpenAM 13.0 - Zero Page Login using POST

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

OpenAM 13.0 - Zero Page Login using POST

Hikari Oishi
Hi,

I can not do Zero Page Login using POST as I expected.

I am using OpenAM 13.0 with the XUI.
and I am trying to Zero Page Login using POST as below.
$ curl \
  --data "IDToken1=demo&IDToken2=changeit" \
  https://example.com/openam/UI/Login

and then, redirecting is happened, and it's not succeeded.
Besides, I tried the following URL, and it's not succeeded.
https://example.com/openam/XUI/#login
https://example.com/openam/#login
https://example.com/openam/login

my settings of zeroPageLogin is as below.
"zeroPageLogin" : {
  "enabled":true,
  "refererWhitelist":[],
  "allowedWithoutReferer":true
}

Is there any solution do Zero Page Login using POST?

Regards,
--
Hikari Oishi
Network Solutions Dept. INTEC Inc.
1-1-25 Shin-urashima-cho Kanagawa-ku
Yokohama-shi Kanagawa 221-8520,Japan
_______________________________________________
Visit the OpenAM forum at https://forgerock.org/forum/fr-projects/openam/
OpenAM mailing list
[hidden email]
https://lists.forgerock.org/mailman/listinfo/openam
Reply | Threaded
Open this post in threaded view
|

Re: OpenAM 13.0 - Zero Page Login using POST

Alex Levin
Hello Hikari,

That looks like you may have a top level domain as your server url. Normally I would expect to see something like openam.example.com. Usually a domain cookie would be created e.g. .example.com, but we cannot do this for a top level domain like .com.
Please could you confirm the url you have for server and sites and also the dos aliases you have for your domain. You may need to scrap this and reconfigure with a proper domain depending on how you have this set up.

Regards,

Alex Levin
ForgeRock

> On 14 Mar 2016, at 11:24, Hikari Oishi <[hidden email]> wrote:
>
> Hi,
>
> I can not do Zero Page Login using POST as I expected.
>
> I am using OpenAM 13.0 with the XUI.
> and I am trying to Zero Page Login using POST as below.
> $ curl \
>  --data "IDToken1=demo&IDToken2=changeit" \
>  https://example.com/openam/UI/Login
>
> and then, redirecting is happened, and it's not succeeded.
> Besides, I tried the following URL, and it's not succeeded.
> https://example.com/openam/XUI/#login
> https://example.com/openam/#login
> https://example.com/openam/login
>
> my settings of zeroPageLogin is as below.
> "zeroPageLogin" : {
>  "enabled":true,
>  "refererWhitelist":[],
>  "allowedWithoutReferer":true
> }
>
> Is there any solution do Zero Page Login using POST?
>
> Regards,
> --
> Hikari Oishi
> Network Solutions Dept. INTEC Inc.
> 1-1-25 Shin-urashima-cho Kanagawa-ku
> Yokohama-shi Kanagawa 221-8520,Japan
> _______________________________________________
> Visit the OpenAM forum at https://forgerock.org/forum/fr-projects/openam/
> OpenAM mailing list
> [hidden email]
> https://lists.forgerock.org/mailman/listinfo/openam

_______________________________________________
Visit the OpenAM forum at https://forgerock.org/forum/fr-projects/openam/
OpenAM mailing list
[hidden email]
https://lists.forgerock.org/mailman/listinfo/openam
Reply | Threaded
Open this post in threaded view
|

Re: OpenAM 13.0 - Zero Page Login using POST

Hikari Oishi
Thanks, I correct the mistyped URL.
https://server.example.com/openam/UI/Login
https://server.example.com/openam/XUI/#login
https://server.example.com/openam/#login
https://server.example.com/openam/login

These URLs works Zero Page Login using GET via Chrome as below.
GET /openam/UI/Login?IDToken1=demo&IDToken2=changeit
Host: server.example.com

GET /openam/XUI/#login&IDToken1=demo&IDToken2=changeit
Host: server.example.com

GET /openam/#login?IDToken1=demo&IDToken2=changeit
Host: server.example.com

GET /openam/login?IDToken1=demo&IDToken2=changeit
Host: server.example.com

But these URLs does not work Zero Page Login using POST via Chrome.
Is there any URL to do Zero Page Login using POST with the XUI interface?

Regards,

On 2016/03/14 20:38, Alex Levin wrote:

> Hello Hikari,
>
> That looks like you may have a top level domain as your server url. Normally I would expect to see something like openam.example.com. Usually a domain cookie would be created e.g. .example.com, but we cannot do this for a top level domain like .com.
> Please could you confirm the url you have for server and sites and also the dos aliases you have for your domain. You may need to scrap this and reconfigure with a proper domain depending on how you have this set up.
>
> Regards,
>
> Alex Levin
> ForgeRock
>> On 14 Mar 2016, at 11:24, Hikari Oishi <[hidden email]> wrote:
>>
>> Hi,
>>
>> I can not do Zero Page Login using POST as I expected.
>>
>> I am using OpenAM 13.0 with the XUI.
>> and I am trying to Zero Page Login using POST as below.
>> $ curl \
>>   --data "IDToken1=demo&IDToken2=changeit" \
>>   https://example.com/openam/UI/Login
>>
>> and then, redirecting is happened, and it's not succeeded.
>> Besides, I tried the following URL, and it's not succeeded.
>> https://example.com/openam/XUI/#login
>> https://example.com/openam/#login
>> https://example.com/openam/login
>>
>> my settings of zeroPageLogin is as below.
>> "zeroPageLogin" : {
>>   "enabled":true,
>>   "refererWhitelist":[],
>>   "allowedWithoutReferer":true
>> }
>>
>> Is there any solution do Zero Page Login using POST?
>>
>> Regards,
>> --
>> Hikari Oishi
>> Network Solutions Dept. INTEC Inc.
>> 1-1-25 Shin-urashima-cho Kanagawa-ku
>> Yokohama-shi Kanagawa 221-8520,Japan
>> _______________________________________________
>> Visit the OpenAM forum at https://forgerock.org/forum/fr-projects/openam/
>> OpenAM mailing list
>> [hidden email]
>> https://lists.forgerock.org/mailman/listinfo/openam
>
> _______________________________________________
> Visit the OpenAM forum at https://forgerock.org/forum/fr-projects/openam/
> OpenAM mailing list
> [hidden email]
> https://lists.forgerock.org/mailman/listinfo/openam
>

--
Hikari Oishi  Network Solutions Dept. INTEC,Inc.
大石 光      株式会社インテック ネットワークソリューション部
住所   : 〒221-8520
          横浜市神奈川区新浦島町1-1-25
          (http://www.intec.co.jp/company/organization/yokohama.html)
電話   : 045-451-7473
FAX    : 045-451-2380
E-mail : [hidden email]
URL    : http://www.intec.co.jp/
_______________________________________________
Visit the OpenAM forum at https://forgerock.org/forum/fr-projects/openam/
OpenAM mailing list
[hidden email]
https://lists.forgerock.org/mailman/listinfo/openam
Reply | Threaded
Open this post in threaded view
|

Re: OpenAM 13.0 - Zero Page Login using POST

Jang2212
In reply to this post by Hikari Oishi
zero page login”
Reply | Threaded
Open this post in threaded view
|

Re: OpenAM 13.0 - Zero Page Login using POST

Jang2212
Hi All,
I am new to Forgerock and facing one problem in authentication. When hitting the http://localhost:8080/openam/json/authenticate using postman , Its returns me the token id and success URL :
{
"tokenId": "AQIC5wM2LY4Sfcylxw9On_6SjJKF8j82g-TfLos2HEaf-Q4.*AAJTSQACMDEAAlNLABMxNTEyODI0Mzg3MDQ5MjI4NTYyAAJTMQAA*",
"successUrl": "/openam/console"
}
But when i consume this rest API through Java Code, I get auth id as  :
{"authId":"eyAidHlwIjogIkpXVCIsICJhbGciOiAiSFMyNTYiIH0.eyAib3RrIjogImNlYXI5Y2Q3a2ptdWIyczgyajU2NDFiMDEzIiwgInJlYWxtIjogImRjPW9wZW5hbSxkYz1mb3JnZXJvY2ssZGM9b3JnIiwgInNlc3Npb25JZCI6ICJBUUlDNXdNMkxZNFNmY3owazFfRjZQcl94enk4cjJTNVFQN290LUxqU19RWWdRQS4qQUFKVFNRQUNNREVBQWxOTEFCUXROamN6TmpRNE1EYzVNalF4T0RVNU1UVXpNZ0FDVXpFQUFBLi4qIiB9.ZqD3bOuEpjAfKfqi4UcojqZClrMaFrHlV4w8bKBmeCE","template":"","stage":"DataStore1","header":"Sign in to OpenAM","callbacks":[{"type":"NameCallback","output":[{"name":"prompt","value":"User Name:"}],"input":[{"name":"IDToken1","value":""}]},{"type":"PasswordCallback","output":[{"name":"prompt","value":"Password:"}],"input":[{"name":"IDToken2","value":""}]}]}
 
Why I am not able to authenticate the user through my web application. I need help please...
Reply | Threaded
Open this post in threaded view
|

Re: OpenAM 13.0 - Zero Page Login using POST

WILBERT Romain-ext
Seems that you don't pass the authentication headers correctly. Can you post your client-side code ?

-----Message d'origine-----
De : [hidden email] [mailto:[hidden email]] De la part de Jang2212
Envoyé : lundi 1 août 2016 12:02
À : [hidden email]
Objet : Re: [OpenAM] OpenAM 13.0 - Zero Page Login using POST

Hi All,
I am new to Forgerock and facing one problem in authentication. When hitting the http://localhost:8080/openam/json/authenticate using postman , Its returns me the token id and success URL :
{
"tokenId":
"AQIC5wM2LY4Sfcylxw9On_6SjJKF8j82g-TfLos2HEaf-Q4.*AAJTSQACMDEAAlNLABMxNTEyODI0Mzg3MDQ5MjI4NTYyAAJTMQAA*",
"successUrl": "/openam/console"
}
But when i consume this rest API through Java Code, I get auth id as  :
{"authId":"eyAidHlwIjogIkpXVCIsICJhbGciOiAiSFMyNTYiIH0.eyAib3RrIjogImNlYXI5Y2Q3a2ptdWIyczgyajU2NDFiMDEzIiwgInJlYWxtIjogImRjPW9wZW5hbSxkYz1mb3JnZXJvY2ssZGM9b3JnIiwgInNlc3Npb25JZCI6ICJBUUlDNXdNMkxZNFNmY3owazFfRjZQcl94enk4cjJTNVFQN290LUxqU19RWWdRQS4qQUFKVFNRQUNNREVBQWxOTEFCUXROamN6TmpRNE1EYzVNalF4T0RVNU1UVXpNZ0FDVXpFQUFBLi4qIiB9.ZqD3bOuEpjAfKfqi4UcojqZClrMaFrHlV4w8bKBmeCE","template":"","stage":"DataStore1","header":"Sign
in to
OpenAM","callbacks":[{"type":"NameCallback","output":[{"name":"prompt","value":"User
Name:"}],"input":[{"name":"IDToken1","value":""}]},{"type":"PasswordCallback","output":[{"name":"prompt","value":"Password:"}],"input":[{"name":"IDToken2","value":""}]}]}
 
Why I am not able to authenticate the user through my web application. I need help please...



--
View this message in context: http://openam.27691.n7.nabble.com/OpenAM-13-0-Zero-Page-Login-using-POST-tp4745p5061.html
Sent from the OpenAM mailing list archive at Nabble.com.
_______________________________________________
Visit the OpenAM forum at https://forgerock.org/forum/fr-projects/openam/
OpenAM mailing list
[hidden email]
https://lists.forgerock.org/mailman/listinfo/openam
_______________________________________________
Visit the OpenAM forum at https://forgerock.org/forum/fr-projects/openam/
OpenAM mailing list
[hidden email]
https://lists.forgerock.org/mailman/listinfo/openam