I'm using Spring Social to get some informations via the LinkedIn API. Everything works fine : I can connect to my application using LinkedIn, I can recover some granted informations about my connections...
However, sometimes, I can't access anymore to LinkedIn and get this error :
16:28:00,741 WARN [RestTemplate] GET request for "https://api.linkedin.com/v1/people/id=FNXqbb779g:(id,first-name,last-name,headline,location,industry,distance,relation-to-viewer,current-share,num-connections,num-connections-capped,summary,specialties,proposal-comments,associations,honors,interests,positions,publications,patents,languages,skills,certifications,educations,three-current-positions,three-past-positions,num-recommenders,recommendations-received,phone-numbers,im-accounts,twitter-accounts,date-of-birth,main-address,member-url-resources,picture-url,site-standard-profile-request:(url),api-public-profile-request:(url),site-public-profile-request:(url),api-standard-profile-request,public-profile-url)?format=json" resulted in 403 (Forbidden); invoking error handler
According to the error message, I'm not authorized to get the required informations (despite the fact that one minute before, I could access them).
Any ideas why ?
It seems that either your session token is getting expired or you're probably running into throttle limits. A session token is valid for some duration, you may need to check logs and see whether you are getting something like
"Your session has expired and the post data is lost. Please
re-authenticate and re-post the data"
Also check about throttle limits here:
https://developer-programs.linkedin.com/documents/throttle-limits
Related
I'm using Spring Security 4.2.13.RELEASE and spring-security-saml2-core 1.0.10.RELEASE.
The idp is Google (and I don't have access to its configuration).
My application is run on a tomcat-like server. After this short briefing, my issue!
Often, users complain about problem of connection, they are connect to their idp and when they try to access to my application they go to an error page. This page explain "Authentication Failed: Error validating SAML message". If they empty their web browser cache, they can have the right redirection to the idp and connect to my application.
Why appear this error? It seems configuration is right if they empty their cache.
I have change session time of tomcat to be the same of the idp, I also change maxAuthenticationAge and maxAssertionTime of WebSSOProfileConsumerImpl and WebSSOProfileConsumerHoKImpl but it seems the problem is steel here.
What should I do?
I have change the log level. The error was a session duration too short.
On the log, there is a stack exception bug this stack is only shown in debug mode.
maxAuthenticationAge was the right property to modifiy, I made a mistake on duration computation.
My current setup is the following:
Windows Server running an Active Directory.
Keycloak server runningon a WildFly.
Java test application with restricted access deployed on the WildFly.
The authorization flow is that a user from the AD requests access to the application, the user is granted a Kerberos ticket, and trying the get access to the same application with that specific ticket.
All the configuration with Kerberos, Keycloak and AD is done, and the agreements between the server and the client are running smoothly, but the last "GET" request, where the user has been granted access, it means making a request for the Keycloak redirect URL containing the OpenID-Connect parameters (state= and code=), returns a "bad request".
I am fairly new to the concept of using Keycloak as a SSO provider, so this could be something very trivial I missed.
[EDIT]
If I fire a request for the restriced page in Fiddler, it gives me a "No State Cookie", BUT when I use any kind of browser, it says "Forbidden", and my log says that ERROR [org.keycloak.adapters.OAuthRequestAuthenticator] (default task-9) failed verification of token: Invalid token issuer. Expected http://KEYCLOAK:9090/auth/realms/kerberos-realms/" but expected "http://keycloak:8080/auth/realms/kerberos-realm"
I actually did find a solution for it:
I tried to change the Fiddler client with a browser, and I got the problem where it told me that the issuer of the token wasn't as the expected one, and I found that in my standalone.xml, the authentication endpoint was spelled with upper case, and it expected one in lower. As for the "No state cookie", I guess that the browser handles a request of that kind, a bit different than Fiddler does.
I have a selenium script that runs fine but when I am executing the same script in loop it stops after some time (1 to 2 hours).
Following is the error:
INFO: ERROR in Record- session d5609515-432f-4b01-b93d-b3b5571e009d does not exist
Kindly help me.
It's seems that in that process you have time that the page not changing and the session expires, for example in bank account's sites if there is no action on page it will kill your session after x seconds.
keep always focus on the website even if you processing other thing's
Exception: ERROR in Record- session
d5609515-432f-4b01-b93d-b3b5571e009d does not exist
tells you that you trying to use driver for any propose with session identification that not exist expired, for what i know it's session timeout
one more important thing if you have to do your script for (1 to 2 hours) you need to think about ways to split it for better results, it's internet and it's not always stable.
Session Has Expired error on the Internet
ErrorWhen browsing a website that is database driven, requires a
login, or is secured, you may see a "Session Expired" or "Session Has
Expired" error. The causes of these error messages are detailed in the
following sections.
Inactivity - If you have not been doing anything on the page for a set length of time (often 10-30min) the server will time out your
session. This is often done for security reasons and to help increase
the overall speed of the web page. In other words if you were browsing
the page and get up and leave, go to lunch, or start browsing other
pages when you come back you need to re-login and create a new
session.
Date or time not correct - Make sure the date and time are properly set on your computer.
Cookies - If you are browsing anonymously or your browser does not have cookies enabled it causes many sessions to fail. Make sure your
Internet cookies are enabled.
Firewall or proxy - If you are connecting to the Internet behind a firewall or through a proxy the firewall or proxy may be restricting
or prohibiting the session from being established.
Other site related issue - If this issue is only occurring on a certain site and you're not encountering any of the above-related
issues it's possible that it could be the site encountering an issue.
Contact the company or Webmaster to verify the problem is not on their
end.
I am using cc-avenue jsp integration kit in my website. I have used the code which is provided by cc-avenue but when I try to checkout from my site it gives an error
10002 Merchant Authentication failed. Don't worry... It happens to
the best of us.
Please any one help me to resolve this problem.
This error can be caused by an incorrect merchant ID, an incorrect access code, or if the order originates from an unregistered URL. Make sure that all three of these values are correct.
For your security, CCAvenue does not report exactly which of these three values might be in error.
Update:
You can find CCAvenue setup for ASP.net from here: http://aravin.net/complete-guide-integrate-ccavenue-payment-gateway-asp-net-website-screenshot/
Also, you can find steps to solve the 10002 here: http://aravin.net/how-to-test-ccavenue-payment-gateway-in-localhost-avoid-error-code-10002-merchant-authentication-failed/
The Error code 10002 means that Access code or URL not valid so request you to confirm that you are posting the Access code value to CCAvenue and also confirm that the request URL posting to CCAvenue has to be the same as the registered URL with us, as we are having the URL Validation at our end.
The post action URL must be https://secure.ccavenue.com/transaction/transaction.do?command=initiateTransaction
Kindly confirm that you're passing the correct API keys in the integration kit.
We would like to inform you that the API keys that are generated in your account, are for the live website URL and live server (i.e. secure.ccavenue.com). Thus, if we receive any request other that the website URL, (e.g. Local host / sub-domain), or for the test server (i.e. https://test.ccavenue.com/transaction/transaction.do?command=initiateTransaction), you will get the merchant authentication failed error.
We request you to kindly check at your end.
Error Code: 10002 Merchant Authentication failed.
Don't worry... It happens to the best of us.
This might be due to incorrect MERCHANT ID, WORKING KEY or ACCESS CODE. The most likely it is possible due to incorrect URL so to make sure this is implemented on the Registered Domain for Testing URL/Live url for which the API keys are issued.
Please check the registered ccavenue Testing/Live URL for the same.
Are you using it on localhost?
If you need to test your code from your local machine, you should write to CCAvenue service desk at service#ccavenue.com with your merchant ID and localhost URL to white-list. Else CCAvenue will throw error "Merchant Authentication Failed".
Otherwise this error can be caused by an incorrect access code or if the order originates from an unregistered URL. Make sure that all three of these values are correct.
After your web address gets approved then recheck the new access key and working key
Also use https://secure.ccavenue.com/transaction/transaction.do?command=initiateTransaction this URL for payments
I was having same error.
Note below points
whitelist your IP or Domain - ask ccavenue care, they will do whitelist it.
it will work default in live envirement for URL https://secure.ccavenue.com/xyz
for development or test enrolment we need to ask ccavenue to enable our merchant id(need to give our merchant id) for test environment for URL https://test.ccavenue.com/xyz
Once it enable, then it will work. also double check your merchant_id and access_code too.
I'm using RestFB in order to connect our online photo sharing app to Facebook. But sometimes, Facebook is simply returning HTTP 400 errors to some queries. After investigation, the reasons can vary (number of posts on the wall limit reached, access token invalidated by user or even response time to long), but fact is: I don't know how to catch which error happened. That's a real issue, because obviously, the processing should not be the same: if the access token is invalidated, I would like to prompt the user in order to let him accept the application again, but if the FB plateform is simply unresponsive, I could for example try again after some time.
Any clue?
I'm Mark Allen (RestFB maintainer). Version 1.6 should address this bug.