Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Mayur Deore 5 posts 75 karma points
    24 days ago
    Mayur Deore
    0

    2FA Not working with httpErrors existingResponse="Replace"

    I am working on Umbraco 7.7.7 version, I have installed Umbraco 2FA Package. It was working perfectly. But after configuring web.config for custom errors, i have added httpErrors existingResponse="Replace" under system.WebServer after that 2FA stopped working.

    After some debugging I came to know that PostLogin Method of AuthenticationController returns response as 402 if 2FA is enabled for user,

    enter image description here

    which handled in Umbraco.controller.js. So when httpErrors existingResponse="Replace" configured in web.config,I get following error As you can see response from PostLogin is replaced and twoFactorView path vanished.

    As 402 is not configured in iis or iisexpress it shows "The custom error module does not recognize this error" for 402 status code.

    Please suggest me how can i get it to work?

    For now our team decided to handle all error in Application_Error event and turn custom errors off in web.config.

    Note: I have tested this scenario in 7.8.0,7.8.1 and 7.11.0..

  • Jan Skovgaard 10936 posts 21802 karma points MVP 4x admin c-trib
    24 days ago
    Jan Skovgaard
    0

    Hi Mayur

    I think this might be the bug reported here that you're experiencing? https://github.com/Offroadcode/Umbraco-2FA/issues/5

    Seems like it's still open.

    EDIT: Ah, sorry - These issues might not be related since the bug I linked too is about payment providers.

    Maybe it's worth filing this issue on GitHub as well though?

    /Jan

  • Mayur Deore 5 posts 75 karma points
    24 days ago
    Mayur Deore
    0

    Hi Jan

    Given 402 payment required error in link you shared, it's not actually error.

    The implementation of 2fa in postlogin method returns Paymentrequired response along with twoFactorView data for 2fa enabled users.

    There is check in umbraco.controller.js, if response is 402 then it shows twoFactorView received in same response. So this 402 error is intentionally returned by postlogin method.

    In fact not receiving 402 after login for 2fa enabled user will be actual issue.

    My issue is 402 response is managed by web.config customerrors. Because of this 402 response received in umbraco.controller.js does not contain twoFactorView. So I want to somehow skip 402 to be managed by web.config so client(Umbraco.controller.js) will receive response as it is.

  • Jan Skovgaard 10936 posts 21802 karma points MVP 4x admin c-trib
    24 days ago
    Jan Skovgaard
    1

    Hi Mayur

    Yeah I realized that after posting and edited my post - Still think it's worth filing an issue on the github issue tracker.

    /Jan

  • Mayur Deore 5 posts 75 karma points
    24 days ago
    Mayur Deore
    0

    Hi Jan, I can't find issues section in GitHub page of umbracocms. Could you please tell me how can I add this issue in github?

  • Jan Skovgaard 10936 posts 21802 karma points MVP 4x admin c-trib
    24 days ago
    Jan Skovgaard
    0

    Hi Mayur

    It's a 3rd party package created by the lovely team at Offroadcode so you will find the tracker at https://github.com/Offroadcode/Umbraco-2FA/issues

    It's metnioned on the package page but it can be a little anonymous and easy to overlook unfortunately.

    /Jan

  • Mayur Deore 5 posts 75 karma points
    24 days ago
    Mayur Deore
    0

    Hi Jan,

    I don't think the issue is from 3rd party package.

    The 402 response is from authenticationcontroller comes under Umbracocms.Web namespace present in UmbracoCMS. So the issue actually comes under UmbracoCMS not under umbraco2fa ( third-party package).

    And I am not able to find issue section on UmbracoCMS GitHub page.

  • Jan Skovgaard 10936 posts 21802 karma points MVP 4x admin c-trib
    24 days ago
    Jan Skovgaard
    1

    Ah ok, sorry for misunderstanding again - The issue tracker is currently not on GitHub but there is work done to move issues to GitHub and use it in the future - But for now issues for Umbraco needs to be reported here http://issues.umbraco.org/

    It's a bit confusing but hopefully it will soon be available on GitHub.

    /Jan

  • Mayur Deore 5 posts 75 karma points
    24 days ago
    Mayur Deore
    0

    Thank you Jan.

    Will update this issue there.

  • Lilyana Petkova 3 posts 73 karma points
    6 days ago
    Lilyana Petkova
    0

    The problem was in the CMS itself! It was working only on the built-in admin! But this bug is fixed after version 7.8!

Please Sign in or register to post replies

Write your reply to:

Draft