I finally found a solution that works well and seems to be “the Keycloak way” to issue credentials to external applications. To create a new set of credentials, add a new Keycloak client and change the following settings: Standard Flow Enabled: OFF Direct Access Grants Enabled: OFF Access Type: Confidential Service Accounts Enabled: ON The … Read more
Try: var url = filterContext.HttpContext.Request.Url;
You need to implement the javax.servlet.Filter class, do the desired job in doFilter() method and map it on an URL pattern covering the restricted pages, /user/* maybe? Inside the doFilter() you should check the presence of the logged-in user in the session somehow. Further you also need to take JSF ajax and resource requests into … Read more
In order for MVC to understand anything about your JWT you basically have to tell it 🙂 . First, install the Jwt package from nuget: Install-Package Microsoft.Owin.Security.Jwt Then open up your Startup.cs file and add a new funtion that will tell MVC how to consume JWT. At basics your Startup will look something like: using … Read more
What I would do is subclass AuthorizeAttribute and override its HandleUnauthorizedRequest to return HTTP status code 403 if user is authenticated. I would then add a system.webServer\httpErrors section to my Web.Config to replace the default 403 with my custom page (this last part requires IIS 7+). Here’s how: public class MyAuthorizeAttribute : AuthorizeAttribute { protected … Read more
I’ve found through debugging requests coming in from JMeter that the HTTP Authorization Manager module doesn’t encode the username and password correctly. It puts a newline character after the username. To run a JMeter test against a Basic Auth protected endpoint, include the HTTP Header Manager and add the Basic Auth header yourself: Manually Encoding … Read more
The clue is in the return types: AuthorizeCore returns a boolean – it is decision making code. This should be limited to looking at the user’s identity and testing which roles they are in etc. etc. Basically it should answer the question: Do I want this user to proceed? It should not perform any additional … Read more
I think I’ve implemented something similar. My solution, based on NerdDinner tutorial, is following. When you sign the user in, add code like this: var authTicket = new FormsAuthenticationTicket( 1, // version userName, // user name DateTime.Now, // created DateTime.Now.AddMinutes(20), // expires rememberMe, // persistent? “Moderator;Admin” // can be used to store roles ); string … Read more
What Choco said will work if you want an array not an active record instance. If you want an active record instance, do: User.where(id: 5).select(:id, :first_name).take Here’s some more info. I’m not sure how much you do/don’t know, so I’ll assume you know less rather than more. I assume you realise what you’re doing above … Read more