Sitecore ItemWebApi Gurus,
Why am I getting a response of "Access to site is not granted" every time I attempt to make a Sitecore ItemWebApi request?
Here are the security settings in my Sitecore.ItemWebApi.config
<site name="website">
<patch:attribute name="itemwebapi.mode">StandardSecurity</patch:attribute>
<patch:attribute name="itemwebapi.access">ReadOnly</patch:attribute>
<patch:attribute name="itemwebapi.allowanonymousaccess">false</patch:attribute>
</site>
</sites>
Here's how I'm setting up my ItemWebApi request (please note that I have used a fake username, password, and GUID for the purpose of stack overflow):
var client = new WebClient();
var n = new NameValueCollection();
n["X-Scitemwebapi-Username"] = "extranet\\Sample_Username";
n["X-Scitemwebapi-Password"] = "SamplePassword";
client.Headers.Add(n);
var result = client.DownloadString(
"http://localhost:11111/-/item/v1/?sc_itemid={11111111-1111-1111-1111-111111111111}&scope=c");
The response I get back from my request is always:
Access to site is not granted
I'm using sitecore 7.1.
Turns out I was using the wrong password for the user. The code above in my question is perfectly valid and will return a json response containing the desired information about a sitecore item.
I'd like to also add that you need to verify that the sitecore user which you are trying to authenticate with has been "enabled" in sitecore. I had added a user for my Item Web Api through a sitecore package and wasn't aware that when you do that, sitecore by default disables the user. You actually have to manually "enable" the user before it is active.
Related
I am using WSO2 as identity server and google authenticator as the identity provider. Login is working correctly. On my web application, I am asking the user to enter his email and then showing google login form. I want to show this email to be prefilled this form. Thanks.
You can do it. For that, you need to customize the OpenIDConnectAuthenticator.java to pass the login_hint to google.
Clone https://github.com/wso2-extensions/identity-outbound-auth-oidc.git.
It is recommended to checkout to the org.wso2.carbon.identity.application.authenticator.oidc version in your server(you can find it in IS_HOME/repository/components/dropins/)
Add these lines before response.sendRedirect(loginPage); in OpenIDConnectAuthenticator.java
String[] usernames = context.getAuthenticationRequest().getRequestQueryParam("username");
if (usernames != null && usernames.length > 0) {
loginPage = loginPage + "&login_hint=" + usernames[0];
}
These lines will get the username from the authentication initiation request and send it as login_hint to google.
Build the component using the following command.
mvn clean install
This will create org.wso2.carbon.identity.application.authenticator.oidc-5.1.17.jar in target folder.
Replace the existing org.wso2.carbon.identity.application.authenticator.oidc-.jar in the IS_HOME/repository/components/dropins folder.
Restart the IS server
When sending authentication request to IS append username=senthalank#gmail.com as url param
For example,
https://localhost:9443/oauth2/authorize?response_type=code&client_id=<cliend_id>&redirect_uri=http://localhost:8080/playground2/oauth2client&scope=openid&username=senthalank#gmail.com
I have local website with subdomains like:
localhost:55307
aaa.localhost:55307
bbb.localhost:55307
It works perfectly except authorization - if I log in in localhost:55307 I'm not logged in aaa.localhost:55307 because my subdomains are treated as separate domain. I looking for solution but I can't find any for Asp Identity (Form authentication in MVC 4 it's useless).
Based on some questions and answers in SO I did:
Edit CookieAuthenticationOptions class in Startup.Auth.cs as below:
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
CookieDomain = ".localhost",
ExpireTimeSpan = new TimeSpan(0,12,0,0,0),
Provider = new CookieAuthenticationProvider
{
// Enables the application to validate the security stamp when the user logs in.
// This is a security feature which is used when you change a password or add an external login to your account.
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
validateInterval: TimeSpan.FromMinutes(30),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
}
Get MachineKey from IIS Manager and add to web.config:
<system.web>
<authentication mode="None" />
<machineKey validationKey="61D42DE996486DEA64CEA26C0373C547E0D07108789662C2D2E15210A65C475925055009D962FEB3D5D93E9BEA3E3717187F1BCBF63E386EB198F641E6157044" decryptionKey="06CF7C1C31BDBD4E7056D0F3531BE253E98A658B50974155" validation="SHA1" decryption="Auto"/>
<compilation debug="true" targetFramework="4.5.2" />
<httpRuntime targetFramework="4.5.2" maxRequestLength="1073741824" />
</system.web>
Now i can login but cookies aren't shared - I still logged in one subdomain.
PS. I now that there is a lot of similar questions in StackOberflow but no one of them is about MVC 5 and ASP Identity and no of them got solutions.
May I ask how to update orders status with Sitecore Commerce 8 powered by Commerce Server. Or in sitecore 7.2 if possible.
Based on the class Sitecore.Commerce.Connect.CommerceServer.Orders.Models.CommerceOrder class, we tried to save StatusCode as "InProcess" but it was not updated.
CartServiceProvider provider = new CartServiceProvider();
var orderRequest = new SubmitVisitorOrderRequest(buyCart);
var orderResult = orderService.SubmitVisitorOrder(orderRequest);
var order = orderResult.Order as CommerceOrder;
order.StatusCode = "InProcess";
provider.SaveCart(new SaveCartRequest(order));
We have tried the code below but got an error.
https://social.msdn.microsoft.com/Forums/en-US/a4e74c33-cf4f-4a1b-843c-acf2514db3f2/how-to-update-purchase-order-status?forum=commserver2009#44ff5a5e-b6af-4b82-aebe-1c53beff9f5c
We modified the code to update status as admin
OrderSiteAgent orderAgent = new OrderSiteAgent("website", true, "");
Error : on line OrderManagementContext context = OrderManagementContext.Create(ordersAgent);
There was a problem reading the site resources from the Commerce Server administration database for the site 'website'. Please check that resources exist for the site and that the process has permission to access the database. The InnerException contains more details.
I am using Facebook JS sdk to show news feeds. the app works well for many users for for some users who have authorized my app doesn't bring reasonable result.
I use following code to get basic profile info which works for some users but for some it doesn't:
FB.api('/' + id + '?access_token=' + access_token, function (response) {
var strTitle = response['first_name'] + " " + response['last_name'];
});
In response object I receive only id, birth date, email, profile link but name is not available. Interestingly when I open profile link in my browser facebook says:
"Sorry, this page isn't available
The link you followed may be broken, or the page may have been removed."
after that my code can bring its posts but again the from name of the posts is missing in response object. The permissions list is attached as picture.
I can't understand what is going on and how can i fix this issue. Any help please?
The problem is that you are using the App center permissions feature (previously known for Authenticated referrals).
Use these settings to enter the set of permissions your app requires when displayed in App Center
You should be passing a login url with the scope array of permissions in JS SDK.
FB.login(function(response) {
// handle the response
}, {scope: 'email,user_likes'});
or via a login button
<div class="fb-login-button" scope="email,user_likes" data-show-faces="true" data-max-rows="3">Login with Facebook</div
SUM: I ended up having to form the XML manually. I also had to create an Operation and use its send(); method rather than just doing something like WebService.MyServiceFunction(); - not sure why that was the case.
I send off the request as follows:
var xm:XML =
<SetPropertiesForCurrentUser xmlns="http://asp.net/ApplicationServices/v200">
<values xmlns:d4p1="http://schemas.microsoft.com/2003/10/Serialization/Arrays" xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
<d4p1:KeyValueOfstringanyType>
<d4p1:Key>{obj.Key}</d4p1:Key>
<d4p1:Value xmlns:d6p1="http://www.w3.org/2001/XMLSchema" i:type="d6p1:string">{obj.Value}</d4p1:Value>
</d4p1:KeyValueOfstringanyType>
</values>
</SetPropertiesForCurrentUser>;
var profileService:WebService = new WebService();
profileService.useProxy = false;
profileService.loadWSDL(url);
var o:Operation = profileService.SetPropertiesForCurrentUser;
o.send(xm);
Here’s my scenario:
I have ASP.NET web services to handle authentication, user roles, and user profiles (default ASP.NET AuthenticationService, RoleService, and ProfileService, to be exact).
So from my Flex web app, I am able to successfully call the ASP.NET service. For example, something like this works fine:
var profileService:WebService = new WebService();
profileService.useProxy = false;
profileService.GetAllPropertiesForCurrentUser.addEventListener("result",getAllPropertiesForCurrentUser_EventHandler);
profileService.addEventListener("fault",getAllPropertiesForCurrentUserFault_EventHandler);
profileService.loadWSDL(url);
profileService.GetAllPropertiesForCurrentUser();
I run into trouble when I need to pass a Dictionary object to another function on the service (SetPropertiesForCurrentUser). The .NET service asks for this type of value:
System.Collections.Generic.IDictionary(Of String, Object)
Here are the two pertinent entries from the web.config entry from my ASP.NET service:
<properties>
<clear/>
<add name="coordinateFormat" />
</properties>
...
<profileService enabled="true"
readAccessProperties="coordinateFormat"
writeAccessProperties="coordinateFormat"/>
So after putting together a SOAP request from a Silverlight app (which works as expected) I’ve narrowed it down to a difference in the XML request sent to the SOAP handler:
From Flex:
<tns:Value>DMS</tns:Value>
From Silverlight:
<d4p1:Value xmlns:d6p1="http://www.w3.org/2001/XMLSchema" i:type="d6p1:string">DMS</d4p1:Value>
If I take the request generated by Flex, catch it with Fiddler, modify that one line to include the “type” namespace – it works.
Anyone have an idea how I can get that namespace onto my variable that is passed to the SOAP handler from Actionscript? Here is my code for sending off that SetPropertiesForCurrentUser function:
var obj:Object = {};
obj["Key"] = "coordinateFormat";
obj["Value"] = DMS;
var profileService:WebService = new WebService();
profileService.useProxy = false;
profileService.SetPropertiesForCurrentUser.addEventListener("result",setPropertiesForCurrentUser_EventHandler);
profileService.addEventListener("fault",setPropertiesForCurrentUserFault_EventHandler);
profileService.loadWSDL(url);
profileService.SetPropertiesForCurrentUser(new ArrayCollection([obj]),false);
Thanks,
Josh
The default SOAPEncoder that is used is some what limited in its capabilities (like not including the type attribute you mentioned above). Luckily, there is a way to control that by writing your own encoder.
see this link at adobe (read part about using custom web service serialization) Link on Adobe's Site