In facebook application i define
Deauthorize Callback URL - http://www.domainname.com/3c/login/fblogin.xhtml
Valid OAuth redirect URIs - http://www.domainname.com/3c/login/fblogin.xhtml
-Site URL - http://www.domainname.com
now if someone access website like
http://domainname.com/3c
i am getting exception
Warning
Given URL is not allowed by the Application configuration.: One or more of the given URLs is not allowed by the App's settings. It must match the Website URL or Canvas URL, or the domain must be a subdomain of one of the App's domains.
Any one know how to resolve this issue
domainname.com is NOT www.domainname.com
If you have configured www.domainname.com as site URL then domainname.com is not allowed. If you do it the other way round it should work.
Related
I have gone through below posts. Still I am unable to understand redirection URI concept.
https://www.baeldung.com/spring-webclient-oauth2
https://docs.spring.io/spring-security/site/docs/5.0.7.RELEASE/reference/html/oauth2login-advanced.html#oauth2login-advanced-redirection-endpoint
https://docs.spring.io/spring-security/site/docs/5.2.x/reference/html/oauth2.html#oauth2login-sample-redirect-uri
In identity server , we get our client application registered and for code grant type, we tell that this would be our redirect URL i.e. https://someserver:port/
However, spring and other post suggests that to set redirect URI as {baseUrl}/login/oauth2/code/{registrationId}.
I am confused if i have set redirect URI as https://someserver:port/ in identity server , how {baseUrl}/login/oauth2/code/{registrationId} i.e. https://someserver:port/login/oauth2/code/{registrationId} will work.
Should it not give invalid redirect URI?
The "redirectUrl" parameter is to protect the exchange of an authorization code with an access token so that it's performed by a service available at one of the URLs approved for redirect.
If you use https://someserver:port/*, then it will match all endpoints on that server. When relying on the default Spring Security endpoint {baseUrl}/login/oauth2/code/{registrationId}, it's better to be specific in the redirect URL configuration and use https://someserver:port/login/oauth2/code/{registrationId} as the value. Both options work correctly, but the latter is more secure.
Can anybody help me to invoke Facebook OAuth Dailog for FB 2.4? I tried
http://www.facebook.com/dialog/oauth/?
client_id=APP_ID
&redirect_uri=REDIRECT_URL
&state=RANDOM_NUMBER_PREVENT_CSRF
&scope=email
&response_type=code
But I got error
Given URL is not allowed by the Application configuration: One or more of the given URLs is not allowed by the App's settings. It must match the Website URL or Canvas URL, or the domain must be a subdomain of one of the App's domains
When I check the saml trace it seems I'm not getting a response from FB for the above request. Did I miss anything? Please advice me on this. Thanks
I have developed an application which contacts a Sun One web server. The Web Server has Lotus domino and SiteMinder Plugin.
Below is the URL for the application
http://HostName.example.com
After hitting the URL in the browser, the URL is redirect to webserver and a login page appears with below URL.
http://HostName.example.com:9898/SiteMinderagent/forms/login.fcc?TYPE=
33554433&REALMOID=06-1716e557-15f3-100f-b9a4-835cc8200cb3&GUID=&SMAUTHREASON=
0&METHOD=GET&SMAGENTNAME=$SM$sHjbzl4f9R%2bcSa0%2fEgnu6oUQQPMQnUgkU6Zvx5zWZpQ%
3d&TARGET=$SM$http%3a%2f%2fshivalik%2ered%2eiplanet%2ecom%3a9898%2fvalidation%
2findex%2ehtml
After logging into the application, the request is redirect using the TARGET parameter( URL is decoded in the application) from the URL Now the login doesnot work if i block the HTTP requests. As the TARGET parameter is a HTTP request, I am unable to login into the application.
Is there any way I can change the TARGET parameter to HTTPS. Can i know in which file I can change it in the WebServer. The Sun One Web Server runs Solaris OS. I have tried hard finding the solution as I think the URL is appended with Query strings like SMAGENTNAME, SMAUTHREASON, TARGET in the Servlet of the Domino.
The TARGET parameter is populated with the URL originally presented by the user - i.e. in your example http://HostName.example.com will result in the TARGET query string parameter containing the same URL plus the other parameters generated by the SiteMinder agent.
Possible solutions in your case could be to hardcode the TARGET by putting something like the following on the top of login.fcc:
#TARGET=https://hostname.example.com/
That would cause the FCC to ignore the query string parameter that is POSTed and instead will hardcode it.
Alternatively if you need to preserve the path component of the URL (e.g. http://hostname.example.com/path/to/file.html) you could add some javascript to the FCC page. The standard implementation populates TARGET into an element so you could use JavaScript to parse the value and replace http:// with https:// if required. Make sure that your Agent Configuration has single and double quotes in BadFormChars (BadFormChars=%22,%27) to prevent XSS attacks.
There is also an Agent Config parameter HttpsPort that you can use to "trick" SiteMinder into thinking you're serving HTTPS traffic out of port 80 but you will have to test for any unintended side effects.
How can I prevent a user from accessing my app at myproject.appspot.com and force them to access it at myproject.com? I already have myproject.com working, but I don't want users to be able to access the myproject.appspot.com domain. I'm using Java Servlet/ServletFilter with 301 redirection.
Please guide me.
Check the HTTP referrer header and act correspondingly.
If it's on the right domain, serve normally, if not, redriect.
I'm working on a website, which uses the Facebook Login with Spring Social. Currently I playing around with the example for version 3.
On localhost this works as intended. Online however, I get the error message that the redirect URI is invalid. The Site URL in the Facebook app is defined as http://subdomain.domain.net/myapp/. The redirect_uri Facebook sends is http://localhost:8080/myapp/signin (taken from the URL error page parameter). This is the configuration I first used.
I already tried to create a new Facebook app, in case Facebook didn't update the configuration properly. Also I tried to add to the Spring Social ConnectController the application URL. Every time I get the same error.
Turns out I made a simple configuration mistake. I thought it was sufficient to configure the ConnectController, but I missed the ProviderSignInController. Like here in the documentation