Login failed when integrating Gemini via iframe
Hello,
We are integrating our Gemini with another system (CMS) in a way when Gemini website is loaded in iframe. And we experience next behaviors.
When user is logged in Gemini in some browser tab, and when s/he opens custom page where Gemini is loaded to iframe, then s/he in is logged in automatically (as far as authentication cookies is shared). And this is ok.
But when there is no valid cookie (user doesn't have Gemini site opened), and when s/he tries to open custom page, then login page is opened in iframe. And when user fills in wrong password, then it shows error message. But when user fills in correct login/password, then next exception appears:
---
Access is denied.
Description: An error occurred while accessing the resources required to serve this request. The server may not be configured for access to the requested URL.
Error message 401.2.: Unauthorized: Logon failed due to server configuration. Verify that you have permission to view this directory or page based on the credentials you supplied and the authentication methods enabled on the Web server. Contact the Web server's administrator for additional assistance.
---
So that, user cannot login to Gemini in iframe.
Does anybody know how to workaround that issue?
UPDATE: Gemini and CMS solutions are on the different domains.
Thanks in advance.
slava.boyko
· 1 |
|
Friday, August 6, 2010, 5:22:39 PM |
0
|
Can you call Single Sign On in Gemini? |
||||
|
0
|
Hmm, so how can we leverage \security\SSO.aspx page in our iframe case? |
||||
|
0
|
|
||||
|
0
|
Thanks for trying to help, but unfortunately the problem is still there. |
||||
|
0
|
Slava, |
||||
|
0
|
Ok, I have set Anonymous access, but still user cannot login in iframe. When I enter valid login/pass and submit - nothing happens, and I see the same page like anonymous user. But when I logs in not in iframe - it is ok, I see projects list etc... |
||||
|
0
|
Using the sso page is quite simple, send the user and password: http://www.countersoft.com/downloads/v37/docs/GeminiManagementGuide.pdf (page 30). |
||||
|
0
|
Like I mentioned above, I tried SSO page, but this works strange - always redirects me to login page and makes log off if I am logged in same browser. So that, I am always redirected to login page when I navigate http://<gemini website>/security/SSO.aspx?username=<my login>&password=<my password> |
||||
|
0
|
I didn't find anything suspicious in Fiddler. Requests and responses look the same with same cookies etc. |
||||
|
0
|
Can you please try with another browser (eg FireFox)? |
||||
|
0
|
Interesting... it does work in Firefox! Thanks for that idea. |
||||
|
0
|
Haven't seen this before, so no idea. But it seems like it might be a cookie issue with IE and iframe? |
||||
|
0
|
Have seen this before with other apps. IE is blocking the cooky to store the loging. You see a icon in the status bar of IE, I think it's an eye or something. If you click there you can accept cookies from that website. Very annoying indeed (IE's behaviour). |
||||
|
0
|
Yes, thanks. It seems like IE blocks cookie (authentication cookie in my case) from another domain by default. Therefore, user either should allow cookie manually like you described, or add Gemini site to the Trusted Sites - it works as well, I tested. |
||||
|
0
|
Thank you both for sharing the solution |
||||
|