Updated Question: I try to Test FLEXCUBE in Weblogic, Firstly I create properties file and build ear file. After that I upload FCUBS ear file in Weblogic, and this is screenshot from weblogic
I open FCJNeoWeb and I see a Login screen Like that
Firstly, I create an user and password in FLEXCUBE and I login successfuly, and I see this screen
Untill now, all of things looks good. Hovewer, when I click one of the operaion in this page it give me null like that
Trace files :
Enter this link for Tracefile
Is there anyone have any idea about this operation ?
LOG File of RADTOOL :
The Screen of RADTOOL
This is very specific to Flexcube web service header value parts and not the generic values.
I have worked on this Flexcube web service before and i can tell you an values based on my experience.
Source--> System name which invoking this service(e.g EXTSYS,FCDB,etc) and same details of calling system must be maintained at flexcube level as well.
UBSCOMP--> by default its values is FCUBS
User id--> Flexcube application login user id. You can request for creation of userid for accessing this service
Branch --> Is the branch code(eg. 000, 101, etc) where your user have access to perform operations
Related
I have some applications served to my company users on EKS (i.e., Jenkins). In company we use Google Workspaces (GSuite) for email and stuff. So I want to allow users to login with Google creds to those applications I serve. I figured out I could use Cognito to achieve it but I cannot connect those and flow end with Google showing 403. Error: app_not_configured_for_user. In their documentation I can find:
Verify that the value in the saml:Issuer tag in the SAMLRequest matches the Entity ID value configured in the SAML Service Provider Details section in the Admin console. This value is case-sensitive.
but how do I debug it? I do not see a logs from neither AWS and Google sides :/
I think I followed all possible guides and I cannot find what I'm doing wrong. I found that Google has this page but they do not provide exact scenario for AWS Cognito. Anyways all of those are very similar so I guess I shouldn't have problems, but I do have.
What I did:
In Google Admin (one for workspaces) I created "Web and mobile app" of SAML type
I downloaded metadata file
In AWS Cognito console I created User Pool
I created IdP provider and uploaded metadata file there
I created application client
Using those values I filled fields ACS URL and Entity ID in Google Admin using values:
ACS URL: https://my-domain-i-just-created.auth.us-east-1.amazoncognito.com/saml2/idpresponse
Entity ID: urn:amazon:cognito:sp:us-east-1_myPoolId
I also selected Name ID format to be Persisted
In attribute mapping I mapped email value to http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress.
In AWS Cognito I enabled HostedUI and also created mapping of http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress to email field.
And now when I click View Hosted UI in AWS console it will redirect me to Google authentication and after it directly to before mentioned 403 app_not_configured_for_user page.
I tied it 3 times with slightly different configurations of mapping, signed responses, etc. but nothing gets me past that error.
Anyone tried to integrate it?
How to troubleshoot the 403 app_not_configured_for_user error related to SAML apps from the Google Workspace Admin console
The first thing you need to do is to grab a HAR file recording the whole login process and find the SAML request. Steps can be found here.
Once you get the file you can open it using that tool and search for SAMLreq at the top right (see image).
After that you will get a list of values containing information. You will have to check one by one until you find the one that has the SAML request in the request tab (see example below).
Once you get the value from the SAML request, copy it and you can use this tool to do a SAML decode and find the entity ID. You can use Ctrl + F and search for saml:Issuer to find the value faster. If the value does not match, then you know you have an error and you will need to contact the support team from the app to see which value is the correct one.
In case the value matches I would recommend opening a ticket to check with Google.
I'm having a server with power-bi reporting service installed and configured on it, and from my front-end that hosts the application, i've got angular 7 with proper power-bi components installed.
Since the report is on the server and it needs authentication to login, i get a user and password fill-in prompt in my website whenever i try to access this report, and after logging in, i can see the data of my report.
I'm wondering how to use Kerberos authentication so that i can set-up that username and password to login automatically without asking the user to enter them every time.
What i've done so far :
I've made and set a few SPN in my active directory, made a user in Active Directory Users and Computer and in it's Delegation tab, i've set it to Use any authentication protocol and added MSOLAPDisco and MSOLAPSvc.3 to it. i've added the user account credentials that i've made to service account and execution account in power bi Report server then i modified the rsreportserver config file to use the RSNegotiate before NTLM.
After trying to solve the issue with the mentioned above methods, i still get a NTLM method in network monitor which is installed in the Active Directory.
Any suggestions how to solve this issue? Thanks in advance.
I have a web app in Google App Engine (with Flask) that needs to ask the user for permissions.
I followed this explanation and it got me working great.
But how do I get the secret_file (or client_config) credentials?
All examples I saw used a local file - but that is not production safe! Is there any way to get it from the application credentials?
I also tried using oauth2client.client.GoogleCredentials.get_application_default() but that seems to be a service account which I can't use.
Creation of web app authorization credentials is discussed here.
Once you are done with the form, client_secret.json file will be generated and is downloadable via the API Console.
There will be a 'Download JSON' button at the right of the OAuth Client credential you created and at the upper part of the page when you click on the Client ID.
From this documentation, it is explained how to construct the authorization request using google-auth-oauthlib.flow module.
In Python, call the from_client_secrets_file method to retrieve the
client ID from a client_secret.json file. (You can also use the
from_client_config method, which passes the client configuration as it
originally appeared in a client secrets file but doesn't access the
file itself.)
I have some r code and I am having some issues with automatic authentication to access the spreadsheets in a shiny dashboard.
I have set up the servers on a VM and have been able to make r-studio server and shiny-server work. Problem now lies within app deployment. Currently I have been able to do this in a user session. But the problem is not that I am getting redirected to google authentication and it is not allowing me to do that on the server side so the execution halts.
This is shared with all googleAnalyticsR users.
If making a lot of API calls, please:
visit: XXXXXXXXXXXXX
for instructions on setting your own Google Project
2019-05-05 02:55:52> Set API cache
2019-05-05 02:55:52> No environment argument found, looked in
GA_AUTH_FILE
2019-05-05 02:55:52> No httr_oauth_cache file found at sc.httr-
oauth - creating new file.
Error in value[[3L]](cond) :
Authentication options didn't match existing session token and
not interactive session
so unable to manually reauthenticate
Calls: local ... tryCatch -> tryCatchList -> tryCatchOne ->
<Anonymous>
Execution halted
The expected results would not showcase an Execution Halted.
Furthermore on the server itself it is not really allowing me to actually allow for such extensions. So I am curious if someone had any suggestions. I can also offer the code if needed for the actual app.R.
You need to upload the sc.httr-oauth (or whatever you have called it) authentication token that is generated locally to the script's working directory on the server, so the authentication can find it. You should also make sure the permissions for the file lets Shiny update it.
You are seeing an error where its looking for the file but it not being present, it then attempts to re-authenticate by launching a browser but as its not a interactive R session it will fail (you can't log in for the OAuth2 flow)
You can specify the authentication token location in your script via ga_auth("file_location")
Frankly speaking azure still does not have direct way to set up alerts on continuous web job's so that one can get notification if web job stops for unknown reasons. After some investigation i found that logic apps are best way to do that. Here are the steps how one can achieve this
Go to azure web job, select properties and copy web hook url, username and password.
By default web hook url will have /run option at end to so remove that as you dont want to run webjob
Create a logic app setting following parameters in exact order
Recurrence - Your choice how frequently you want to run your logic
app
Initialize a variable for example status (type - string)
Call Http end point giving following details which you copied
earlier []2]
Add a step of parse
JSON response, pasting response so that logic app can create its own
schema
Pick the item name for
value you want to read for example i am using status
Add a condition for failure
Send the mail or whatever you want to do
Over all your Login app will look something like this
This is helpful, indeed. But I was facing issue with the web hook url authentication. The logic app connector was returning 401 – Unauthorized for the http request, as the password was encoded. Took a while to understand why it is throwing unauthorized even after providing correct credentials. Hence, copying the original password helped in that case ( if not anything else).