Dynamic Action ->When:click button->If:True->submit page.here i am doing a validation with a sql query.
SELECT * FROM TAB_MASTER
WHERE REQUEST_ID=:P4_SELECTED_REQ_ID AND (upper(USER_NAME)=upper(:APP_USER) OR
EXISTS (SELECT NULL FROM USER_ACCOUNT WHERE USER_ROLE='ADMIN' AND upper(USER_NAME)=upper(:APP_USER)));
means request can be confirmed by same user or another user with ADMIN role.if the above query will return 1 row only should process otherwise error message (no process).If there is no record(another user and no admin role) its working fine.but when it return 1 record(another user and admin role) its processing but error message is getting pop up what used for FALSE condition.
Also tried to set value to the output sql query to a hidden field then used validation as plsql/expression :HIDDEN_FIELD=1,but no luck.
Using flask-ldap3-login to query AD for my web app logins. Works for everyone; but, for users who have "()" in their First name in AD. Here's the Debug log.
UN-SUCCESSFULL LOGIN
DEBUG:root:Validating LDAPLoginForm against LDAP
DEBUG:flask_ldap3_login:Opening connection with bind user 'mybinduser#mydomain.com'
DEBUG:flask_ldap3_login:Successfully bound to LDAP as 'mybinduser#mydomain.com' for search_bind method
DEBUG:flask_ldap3_login:Performing an LDAP Search using filter '(&(objectclass=person)(sAMAccountName=ebadu))', base 'DC=mydomain,DC=com', and scope 'SUBTREE'
DEBUG:flask_ldap3_login:Opening connection with bind user 'CN=Badu\, Ericka (EB),OU=HELPDESK,DC=mydomain,DC=com'
DEBUG:flask_ldap3_login:Directly binding a connection to a server with user:'CN=Badu\, ericka (EB),OU=HELPDESK,DC=mydomain,DC=com'
DEBUG:flask_ldap3_login:Authentication was successful for user 'ebadu'
DEBUG:flask_ldap3_login:Searching for groups for specific user with filter '(&(objectclass=group)(uniqueMember=CN=Badu\, Ericka (EB),OU=HELPDESK,DC=mydomain,DC=com))' , base 'DC=mydomain,DC=com' and scope 'LEVEL'
ERROR:flask_ldap3_login:malformed filter
DEBUG:flask_ldap3_login:Destroying connection at <0x7f8629604c50>
DEBUG:flask_ldap3_login:Destroying connection at <0x7f8628eabf98>
SUCCESFULL LOGIN
DEBUG:root:Validating LDAPLoginForm against LDAP
DEBUG:flask_ldap3_login:Opening connection with bind user 'mybinduser#mydomain.com'
DEBUG:flask_ldap3_login:Successfully bound to LDAP as 'mybinduser#mydomain.com' for search_bind method
DEBUG:flask_ldap3_login:Performing an LDAP Search using filter '(&(objectclass=person)(sAMAccountName=mpeters))', base 'DC=mydomain,DC=com', and scope 'SUBTREE'
DEBUG:flask_ldap3_login:Opening connection with bind user 'CN=Peters\, Mike,OU=HELPDESK,DC=mydomain,DC=com'
DEBUG:flask_ldap3_login:Directly binding a connection to a server with user:'CN=Peters\, Mike,OU=HELPDESK,DC=mydomain,DC=com'
DEBUG:flask_ldap3_login:Authentication was successful for user 'mpeters'
DEBUG:flask_ldap3_login:Searching for groups for specific user with filter '(&(objectclass=group)(uniqueMember=CN=Peters\, Mike,OU=HELPDESK,DC=mydomain,DC=com))' , base 'DC=mydomain,DC=com' and scope 'LEVEL'
DEBUG:flask_ldap3_login:Destroying connection at <0x7f8629683828>
DEBUG:flask_ldap3_login:Destroying connection at <0x7f8628e91048>
The AD logs says "An account was successfully logged on"; however, the user does not log in to the app. The user has no issues login in with the AD credentials anywhere else.
What might be the issue?
This is the flask-ldap3-login code:
LDAP_USER_RDN_ATTR = 'cn'
LDAP_USER_LOGIN_ATTR = 'sAMAccountName'
LDAP_BASE_DN = 'DC=mydomain,DC=com'
LDAP_REQUIRED_GROUP = 'ou=helpdesk,dc=mydomain,dc=com'
LDAP_USER_SEARCH_SCOPE = 'SUBTREE'
But "malformed filter" usually means that the LDAP query sent to AD isn't valid somehow. I asked about odd characters on the account, since if some special characters are not encoded properly, they can be misinterpreted as special characters used in LDAP queries.
It could be a bug in your code, or a bug in flask-ldap3-login. If you show your code, I might be able to give you some pointers.
Also, see if you can enable debug logging. It may tell you what the actual filter is that made it bomb. I'm not familiar with flask-ldap3-login, but, looking at the documentation, this might do it?:
app.config['DEBUG'] = True
SOLVED! Seems to be solved in the latest version of flask-ldap3-login. I did not upgrade but modified existing code:
Replaced this:
`search_filter = '(&{group_filter}({members_attr}={user_dn}))'.format('`
`group_filter=self.config.get('LDAP_GROUP_OBJECT_FILTER'),`
`members_attr=self.config.get('LDAP_GROUP_MEMBERS_ATTR'),`
`user_dn=dn`
with this:
`safe_dn = ldap3.utils.conv.escape_filter_chars(dn)`
`search_filter = '(&{group_filter}({members_attr}={user_dn}))'.format(`
`group_filter=self.config.get('LDAP_GROUP_OBJECT_FILTER'),`
`members_attr=self.config.get('LDAP_GROUP_MEMBERS_ATTR'),`
`user_dn=safe_dn`
I need to set a custom page login in apex5.0
If login is invalid, the standard error msg should be displayed.
However, i have a table that contains an expiry date for the user. I want to add a check user is expired then he should not login the system and message 'No access' displayed. if sys_date > expiry_date.
How is it possible to do that?
The best way to do this is to create your own authentication scheme.
Create your own function which checks if username and password match with your user table, and then check if expiry_date > sysdate. Add a new authentication scheme (shared components -> authentication schemes -> create and select custom as the scheme type. Then add your function in there.
I am trying to create users from a POST request sent from curl/httpie commands. Users are created in the User Model, but the password is stored in raw string format. This is what i do.
http POST http://127.0.0.1:8000/user/ username=taco password=123
This creates a User with the following credentials.
Now when I enter my admin site, and click on the details of user created. The password shows like this.
Invalid password format or unknown hashing algorithm.
Raw passwords are not stored, so there is no way to see this user's password, but you can change the password using this form.
I have automatic token creation system on user post_save. Token is also created. but when i put.
http POST http://127.0.0.1:8000/obtain/ username=taco password=123
url***/obtain goes to views.obtain_auth_token imported from rest_framework.authtoken.views from which I receive the token for the specified User.
but I get a error saying..
"non_field_errors": [
"Unable to log in with provided credentials."
]
I basically want to signup(create) a user from terminal(http/curl) and obtain their token from "/obtain"
No worries It so happened that you cant post password in raw string.
so by capturing the .username and .password from the query paramenter. I wrote a a create user code on my view , and set the password using .setpassword().
Goal: I'm trying to get a Ruby on Rails application to send me emails whenever a user fails to log into OmniAuth. I want the e-mail to include (1) the username entered in the form, and (2) an MD5 hash of the password field.
Obstacle: OmniAuth returns a POST after a successful login, and a GET after an authentication failure. The "success" POST includes the username and a filtered password, but the "fail" GET does not include these two parameters.
So I guess my question is "Can I make OmniAuth return the parameters I want? If not, how can I make Rails remember the form data after it gets POST'ed to OmniAuth?"
I emailed the OmniAuth team and they gave me the solution below (thank you so much!):
You can do custom failure handling by adding an on_failure action.
OmniAuth.config.on_failure = Proc.new { |env| #do stuff }
https://github.com/intridea/omniauth/blob/master/lib/omniauth/failure_endpoint.rb
is the default failure endpoint as an example
So I added the following in config/initializers/omniauth.rb:
OmniAuth.config.on_failure = Proc.new{|env|
myLog = ActiveSupport::TaggedLogging.new(Logger.new("log/omniauth_log.txt"))
myLog.tagged("OmniAuth", "ENV") { myLog.info "Failed login attempt - username: #{env["rack.request.form_hash"]["username"]}, password: #{env["rack.request.form_hash"]["password"]} "}
OmniAuth::FailureEndpoint.new(env).redirect_to_failure}
...and it records the username and password correctly. All that's left to do is encrypt the password.
If you want to display everything that's going on, you can log #{env.inspect} itself. It's a very large hash though (that also contains smaller hashes), so maybe log #{env.inspect} once and pick out the fields relevant to your task.