Jili88 casino login register Philippines sign up,NN777 live.REGISTER NOW GET FREE 888 PESOS REWARDS!

Forum Replies Created

Viewing 5 replies - 1 through 5 (of 5 total)

Forum: Plugins
In reply to: [Contact Form 7] Disable recaptcha v3 for all pages EXCEPT the one with a contact7 form

Tachi

(@aytacbalci)

@wackywired135 You are not alone with your request.
I also prefer to have the reCaptcha badge only enabled on the page with the contact7 form.

Edit: Well I decided to put back the previous version of contact7 (5.0.5) until the developer provides a solution.

This reply was modified 6 years, 3 months ago by Tachi.

Forum: Plugins
In reply to: [WP SAML Auth] Logout fails

Thread Starter Tachi

(@aytacbalci)

6 years, 9 months ago

I’ve found the solution!
I did not use the OneLogin SAML implementation. The solution had to do with the following two lines from the IdP:

[2018-06-14 12:22:44] DEBUG SingleLogout.processSAMLRequest() -> <strong>LogoutRequest MUST be signed</strong> if the HTTP POST or Redirect binding is used
[2018-06-14 12:22:44] DEBUG SingleLogout.processSAMLRequest() -> Security error

Unfortunately, the documentation at simpleSAMLphp.org is not very clear for a newbie.
In your simpleSAMLphp folder look for /config/authsources.php and add the following line 'sign.authnrequest' => TRUE, somewhere in the array(…); like below:

'default-sp' => array(
     'saml:SP',
     'sign.authnrequest' => TRUE,
     'entityID' => null,
     [more lines of code]
);

I hope this will be also useful for others.

This reply was modified 6 years, 9 months ago by Tachi.
This reply was modified 6 years, 9 months ago by Tachi. Reason: readability

Forum: Plugins
In reply to: [WP SAML Auth] Logout fails

Thread Starter Tachi

(@aytacbalci)

6 years, 9 months ago

Hi Daniel,
The issue is that logout from WP doesn’t work flawless and I don’t have a Pantheon site to open a support ticket. That’s why I posted an excerpt of debug messages from my IdP hoping you could tell me what is goging wrong in my setup.

At the moment when I hit logout in WP your plugin redirects me to the IdP, which returns an http 403 (forbidden) error.
My IdP suggested as a workaround to use a static page on the IdP as a redirect:

https://idp.domain.com/openaselect/sso/user/logout, or
https://idp.domain.com/logout

So my question would be: How would I change your plugin to use a redirect to a static page instead of a redirect to the WP login page?
Cheers, Aytac

Forum: Plugins
In reply to: [WP SAML Auth] Logout fails

Thread Starter Tachi

(@aytacbalci)

6 years, 9 months ago

Well, I got a debug log from the IdP. Could not make much sense out of it. I also do not know what to comment out to prevent sharing sensitive information. But here is an excerpt from what I’ve got mailed.

2018-06-14 12:22:44] DEBUG OAServlet.service() -> Processing: profiles request
[2018-06-14 12:22:44] DEBUG SingleLogout.processSAMLRequest() -> Binding URI: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect
[2018-06-14 12:22:44] DEBUG SingleLogout.logXML() -> <?xml version="1.0" encoding="UTF-8"?><samlp:LogoutRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Destination="https://idp.domain.com/openaselect/profiles/saml2/sso/logout" ID="_6b3aba31af09bf2843fa7cef167e920b8931c73e39" IssueInstant="2018-06-14T10:22:44Z" Version="2.0">
   <saml:Issuer>https://my.domain.com/simplesaml/module.php/saml/sp/metadata.php/sp_name</saml:Issuer>
   <saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient" NameQualifier="idp.domain.com">qxPNWW2KlYW2LYIq</saml:NameID>
   <samlp:SessionIndex>_-bglsZgoubUM6mV2CEhv7n06Ia_...(shortened)...bDnBDrse6U85aEgsUreG400wuWw</samlp:SessionIndex>
</samlp:LogoutRequest>

[2018-06-14 12:22:44] DEBUG SingleLogout.processSAMLRequest() -> LogoutRequest MUST be signed if the HTTP POST or Redirect binding is used
[2018-06-14 12:22:44] DEBUG SingleLogout.processSAMLRequest() -> Security error
com.alfaariss.oa.util.saml2.SAML2SecurityException: REQUEST_INVALID
        at com.alfaariss.oa.profile.saml2.profile.sso.SingleLogout.processSAMLRequest(Unknown Source)
        at com.alfaariss.oa.profile.saml2.profile.sso.SingleLogout.process(Unknown Source)
        at com.alfaariss.oa.profile.saml2.SAML2Profile.service(Unknown Source)
        at com.alfaariss.oa.OAServlet.service(Unknown Source)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
        at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:957)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:423)
        at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1079)
        at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:620)
        at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:318)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
        at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
        at java.lang.Thread.run(Thread.java:724)
[2018-06-14 12:22:47] DEBUG OAServlet.service() -> Processing: profiles request

This reply was modified 6 years, 9 months ago by Tachi.

Forum: Reviews
In reply to: [Google Analytics Opt-Out] Probably not GDPR compliant

Thread Starter Tachi

(@aytacbalci)

6 years, 9 months ago

I’m not a legal expert and the main thing you mainly hear about GDPR is: privacy by design and privacy by default. With that in mind I would say that opt-out is not privacy by default. So, I don’t think your plugin is GDPR compliant. I think your plugin should be an opt-in plugin to be GDPR compliant.

Some background information.
I’ve read a recent article about GDPR compliance of the 150 most popular websites in the Netherlands. Two third did not comply. Some site were already tracking, before you could say yes or no. On some site you have to accept everything to be able to enter the website. All or nothing is also not allowed with GDPR.

Viewing 5 replies - 1 through 5 (of 5 total)