Search Results

Search found 790 results on 32 pages for '401 internals'.

Page 10/32 | < Previous Page | 6 7 8 9 10 11 12 13 14 15 16 17 | Next Page >

Can not call web service with basic authentication using WCF

- by RexM

I've been given a web service written in Java that I'm not able to make any changes to. It requires the user authenticate with basic authentication to access any of the methods. The suggested way to interact with this service in .NET is by using Visual Studio 2005 with WSE 3.0 installed. This is an issue, since the project is already using Visual Studio 2008 (targeting .NET 2.0). I could do it in VS2005, however I do not want to tie the project to VS2005 or do it by creating an assembly in VS2005 and including that in the VS2008 solution (which basically ties the project to 2005 anyway for any future changes to the assembly). I think that either of these options would make things complicated for new developers by forcing them to install WSE 3.0 and keep the project from being able to use 2008 and features in .NET 3.5 in the future... ie, I truly believe using WCF is the way to go. I've been looking into using WCF for this, however I'm unsure how to get the WCF service to understand that it needs to send the authentication headers along with each request. I'm getting 401 errors when I attempt to do anything with the web service. This is what my code looks like: WebHttpBinding webBinding = new WebHttpBinding(); ChannelFactory<MyService> factory = new ChannelFactory<MyService>(webBinding, new EndpointAddress( "http://127.0.0.1:80/Service/Service/")); factory.Endpoint.Behaviors.Add(new WebHttpBehavior()); factory.Credentials.UserName.UserName = "username"; factory.Credentials.UserName.Password = "password"; MyService proxy = factory.CreateChannel(); proxy.postSubmission(_postSubmission); This will run and throw the following exception: "The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Basic realm=realm'." And this has an inner exception of: "The remote server returned an error: (401) Unauthorized." Any thoughts about what might be causing this issue would be greatly appreciated.

Read the article
How do I underline parent menu item but not children?

- by Steven

Using Wordpress menu "builder", I get the following code: //Pseaudo code <ul id="main-menu-main"> <li class="menu-item"><a></a></li> <li class="menu-item current-menu-ancestor"> <a></a> <ul class="sub-menu"> <li class="menu-item"><a></a></li> <li class="menu-item current-menu-item"><a></a></li> </ul> </li> </ul> // and I use the following CSS #menu-main-menu a:hover { text-decoration: underline; } #menu-main-menu .current-menu-ancestor a { text-decoration: underline; } The problem with my last css line, is that all a elements under current-menu-ancestor are underlined. I only want the link in current-menu-ancestor to be underlined. I think this should be pretty simple, but right now my head is not focused :-/ The full code for parent / child looks like this: <ul id="menu-main-menu" class="menu"> <li id="menu-item-401" class="menu-item-first menu-item menu-item-type-post_type menu-item-object-page current-page-ancestor current-menu-ancestor current-menu-parent current-page-parent current_page_parent current_page_ancestor menu-item-401"> <a>menu 1</a> <ul class="sub-menu"> <li id="menu-item-444" class="menu-item menu-item-type-post_type menu-item-object-page current-menu-item page_item page-item-415 current_page_item menu-item-444"> <a> sub 1</a> </li> </ul> </li>

Read the article
I am Unable to Post Xml to Linkedin Share API

- by Vijesh V.Nair

I am using Delphi 2010, with Indy 10.5.8(svn version) and oAuth.pas from chuckbeasley. I am able to collect token with app key and App secret, authorize token with a web page and Access the final token. Now I have to post a status with Linkedin’s Share API. I am getting a unauthorized response. My request and responses are giving bellow. Request, POST /v1/people/~/shares HTTP/1.0 Content-Encoding: utf-8 Content-Type: text/xml; charset=us-ascii Content-Length: 999 Authorization: OAuth oauth_consumer_key="xxx",oauth_signature_method="HMAC-SHA1",oauth_timestamp="1340438599",oauth_nonce="BB4C78E0A6EB452BEE0FAA2C3F921FC4",oauth_version="1.0",oauth_token="xxx",oauth_signature="Pz8%2FPz8%2FPz9ePzkxPyc%2FDD82Pz8%3D" Host: api.linkedin.com Accept: text/html, */* Accept-Encoding: identity User-Agent: Mozilla/3.0 (compatible; Indy Library) %3C%3Fxml+version=%25221.0%2522%2520encoding%253D%2522UTF-8%2522%253F%253E%253Cshare%253E%253Ccomment%253E83%2525%2520of%2520employers%2520will%2520use%2520social%2520media%2520to%2520hire%253A%252078%2525%2520LinkedIn%252C%252055%2525%2520Facebook%252C%252045%2525%2520Twitter%2520%255BSF%2520Biz%2520Times%255D%2520http%253A%252F%252Fbit.ly%252FcCpeOD%253C%252Fcomment%253E%253Ccontent%253E%253Ctitle%253ESurvey%253A%2520Social%2520networks%2520top%2520hiring%2520tool%2520-%2520San%2520Francisco%2520Business%2520Times%253C%252Ftitle%253E%253Csubmitted-url%253Ehttp%253A%252F%252Fsanfrancisco.bizjournals.com%252Fsanfrancisco%252Fstories%252F2010%252F06%252F28%252Fdaily34.html%253C%252Fsubmitted-url%253E%253Csubmitted-image-url%253Ehttp%253A%252F%252Fimages.bizjournals.com%252Ftravel%252Fcityscapes%252Fthumbs%252Fsm_sanfrancisco.jpg%253C%252Fsubmitted-image-url%253E%253C%252Fcontent%253E%253Cvisibility%253E%253Ccode%253Eanyone%253C%252Fcode%253E%253C%252Fvisibility%253E%253C%252Fshare%253E Response, HTTP/1.1 401 Unauthorized Server: Apache-Coyote/1.1 x-li-request-id: K14SWRPEPL Date: Sat, 23 Jun 2012 08:07:17 GMT Vary: * x-li-format: xml Content-Type: text/xml;charset=UTF-8 Content-Length: 341 Connection: keep-alive <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <error> <status>401</status> <timestamp>1340438838344</timestamp> <request-id>K14SWRPEPL</request-id> <error-code>0</error-code> <message>[unauthorized]. OAU:xxx|nnnnn|*01|*01:1340438599:Pz8/Pz8/Pz9ePzkxPyc/DD82Pz8=</message> </error> Please help. Regards, Vijesh Nair

Read the article
What permissions do I need to grant to run RavenDB in Server mode?

- by dalesmithtx

I'm reading through Rob Ashton's excellent blog post on RavenDB: http://codeofrob.com/archive/2010/05/09/ravendb-an-introduction.aspx and I'm working through the code as I read. But when I try to add an index, I get a 401 error. Here's the code: class Program { static void Main(string[] args) { using (var documentStore = new DocumentStore() { Url = "http://localhost:8080" }) { documentStore.Initialise(); documentStore.DatabaseCommands.PutIndex( "BasicEntityBySomeData", new IndexDefinition<BasicEntity, BasicEntity>() { Map = docs => from doc in docs where doc.SomeData != null select new { SomeData = doc.SomeData }, }); string entityId; using (var documentSession = documentStore.OpenSession()) { var entity = new BasicEntity() { SomeData = "Hello, World!", SomeOtherData = "This is just another property", }; documentSession.Store(entity); documentSession.SaveChanges(); entityId = entity.Id; var loadedEntity = documentSession.Load<BasicEntity>(entityId); Console.WriteLine(loadedEntity.SomeData); var docs = documentSession.Query<BasicEntity>("BasicEntityBySomeData") .Where("SomeData:Hello~") .WaitForNonStaleResults() .ToArray(); docs.ToList().ForEach(doc => Console.WriteLine(doc.SomeData)); Console.Read(); } } } It throws the 401 error when on the line that makes the PutIndex() call. Any ideas what permissions I need to apply? And where I need to apply them?

Read the article
IIS 7.5 can't access file from managed code

- by Bob

I am working on a project that is click-once deployed from an IIS 7.5 web server. After installing the parent application (i.e. setting up the IIS site) I am able to hit the url for the click-once app's config file from a remote box. HOWEVER, when I attempt to do the same thing from my app (and the stub app below), I get a 401 Unauthorized. What is the difference between hitting the URL from IE, and from a .NET app? The file and directory itself have full control granted to everyone on the webserver at the moment, and I am an admin on the box. We are using Windows Authentication with NTLM only. Thanks, -Bob Here is the stub app that produces the 401 - Unauthorized when on the doc.Load() line. I can hit the same URL successfully from IE and open the file... static void Main(string[] args) { Console.WriteLine("Config Test"); string filename = "http://dev-rs/myClient/myClickOnce/myApp.config.xml"; Console.WriteLine(filename); XmlDocument doc = new XmlDocument(); doc.Load(filename); Console.WriteLine("Loaded"); Console.WriteLine("Inner Text : " + doc.InnerText); }

Read the article
[iphone,twitter] Accessing the Twitter API through a proxy using NSURLConnectionsm, OAuth problem

- by akaii

I'm having no problems with sending an update directly via hxxps://api.twitter.com/, but the app (for the Iphone, I'm using NSURLConnections) I'm working is supposed to allow the user to select a preferred proxy (e.g. hxxps://twitter-proxy.appspot.com/api/ or hxxps://nest.onedd.net/api/), and I keep getting a 401 error (Failed to validate oauth signature and token) whenever I try to get an access token via these proxies. Even though I send my POST request to the proxy, I am still using the direct url for the api (https:// api.twitter.com/[rest api path]) in the base string. Despite the 401 error message above, the status code I'm actually getting from connection:didReceiveResponse: is 200, probably because it was able to successfully contact the proxy... Is there anything else that I need to consider when using a proxy to access the API? Should anything in the authorization header change, for example? Or the base string? I can manage to connect via Basic Auth without issue, but support for that will be dropped in a month. On a somewhat unrelated note... What are the possible causes of Twitter's error 403, and how do you distinguish between them? Is the only way to differentiate an error due to exceeding the status update limit for an hour (150 per hour) vs for a day (1000 per day) by checking the string reply returned in the response? Is there any way for me to simulate a status update limit error without going through the motions of actually sending 150/1000 tweets?

Read the article
Removing HttpModule for specific path in ASP.NET / IIS 7 application?

- by soccerdad

Most succinctly, my question is whether an ASP.NET 4.0 app running under IIS 7 integrated mode should be able to honor this portion of my Web.config file: <location path="auth/windows"> <system.webServer> <modules> <remove name="FormsAuthentication"/> </modules> </system.webServer> </location> I'm experimenting with mixed mode authentication (Windows and Forms - I know there are other questions on S.O. about the topic). Using IIS Manager, I've disabled Anonymous authentication to auth/windows/winauth.aspx, which is within the location path above. I have Failed Request Tracing set up to trace various HTTP status codes, including 302s. When I request the winauth.aspx page, a 302 HTTP status code is returned. If I look at the request trace, I can see that a 401 (unauthorized) was originally generated by the AnonymousAuthenticationModule. However, the FormsAuthenticationModule converts that to a 302, which is what the browser sees. So it seems as though my attempt to remove that module from the pipeline for pages in that path isn't working. But I'm not seeing any complaints anywhere (event viewer, yellow pages of death, etc.) that would indicate it's an invalid configuration. I want the 401 returned to the browser, which presumably would include an appropriate WWW-Authenticate header. A couple of other points: a) I do have <authentication mode="Forms"> in my Web.config, and that is what the 302 redirects to; b) I got the "name" of the module I'm trying to remove from the inetserv\config\applicationHost.config file. Anyone had any luck removing modules in this fashion? Thanks much, Donnie

Read the article
Google Data Api returning an invalid access token

- by kingdavies

I'm trying to pull a list of contacts from a google account. But Google returns a 401. The url used for requesting an authorization code: String codeUrl = 'https://accounts.google.com/o/oauth2/auth' + '?' + 'client_id=' + EncodingUtil.urlEncode(CLIENT_ID, 'UTF-8') + '&redirect_uri=' + EncodingUtil.urlEncode(MY_URL, 'UTF-8') + '&scope=' + EncodingUtil.urlEncode('https://www.google.com/m8/feeds/', 'UTF-8') + '&access_type=' + 'offline' + '&response_type=' + EncodingUtil.urlEncode('code', 'UTF-8') + '&approval_prompt=' + EncodingUtil.urlEncode('force', 'UTF-8'); Exchanging the returned authorization code for an access token (and refresh token): String params = 'code=' + EncodingUtil.urlEncode(authCode, 'UTF-8') + '&client_id=' + EncodingUtil.urlEncode(CLIENT_ID, 'UTF-8') + '&client_secret=' + EncodingUtil.urlEncode(CLIENT_SECRET, 'UTF-8') + '&redirect_uri=' + EncodingUtil.urlEncode(MY_URL, 'UTF-8') + '&grant_type=' + EncodingUtil.urlEncode('authorization_code', 'UTF-8'); Http con = new Http(); Httprequest req = new Httprequest(); req.setEndpoint('https://accounts.google.com/o/oauth2/token'); req.setHeader('Content-Type', 'application/x-www-form-urlencoded'); req.setBody(params); req.setMethod('POST'); Httpresponse reply = con.send(req); Which returns a JSON array with what looks like a valid access token: { "access_token" : "{access_token}", "token_type" : "Bearer", "expires_in" : 3600, "refresh_token" : "{refresh_token}" } However when I try and use the access token (either in code or curl) Google returns a 401: curl -H "Authorization: Bearer {access_token}" https://www.google.com/m8/feeds/contacts/default/full/ Incidentally the same curl command but with an access token acquired via https://code.google.com/oauthplayground/ works. Which leads me to believe there is something wrong with the exchanging authorization code for access token request as the returned access token does not work. I should add this is all within the expires_in time frame so its not that the access_token has expired

Read the article
Rails 2.x provide meaningful error message with http basic authentication

- by randombits

I'm using basic http authentication in my rails app via the following code: class ApplicationController < ActionController::Base helper :all # include all helpers, all the time before_filter :authenticate private def authenticate authenticate_or_request_with_http_basic do |username, password| if username.nil? || password.nil? render :inline => %(xml.instruct! :xml, :version => "1.0", :encoding => "UTF-8" xml.errors do xml.error('Could not authenticate you.') end), :type => :builder, :status => 401 end end end end The problem is, if you do a curl http://127.0.0.1:3000/foo/1.xml without providing the -u username:password flag, you get a dead beat response like this: HTTP/1.1 401 Unauthorized Cache-Control: no-cache WWW-Authenticate: Basic realm="Foo" X-Runtime: 1 Content-Type: text/html; charset=utf-8 Content-Length: 27 Server: WEBrick/1.3.1 (Ruby/1.9.1/2010-01-10) Date: Thu, 03 Jun 2010 03:09:18 GMT Connection: Keep-Alive HTTP Basic: Access denied. Is it possible at all to render the inline XML I have above in the event a username and password is not provided by the user?

Read the article
Cheatsheet: 2010 04.01 ~ 04.07

- by gOODiDEA

Web Web Performance Best Practices: How masters.com re-designed their site to boost performance – and what that re-design missed What’s wrong with extending the DOM John Resig on Advanced Javascript to Improve your Web App .NET Hammock for REST - a REST library for .NET Programming Windows Phone 7 Series by Charlez Petzold – Free EBook Testing the Lock-Free Queue Some Last-Minute New C# 4.0 Features - while (x --> 0) { Console.WriteLine("x = {0}", x); } Better Coding with Visual Studio 2010 Revisiting Asynchronous ASP.NET Pages Database Understanding RAID for SQL Server – Part 2 Cassandra Jump Start For The Windows Developer Cassandra Internals – Writing - Cassandra Write Operation Performance Explained Cassandra Internals – Reading - Cassandra Reads Performance Explained MongoDB Growing Up: Release 1.4 and Commercial Support by 10gen Why NoSQL Will Not Die How Many Hard Drives Do I Need to Support SQL Server? Other Presentation: CouchDB and Lucene MongoDB Cacti Graphs HBase vs Cassandra: why we moved How to use the DedicatedDumpFile registry value to overcome space limitations on the system drive when capturing a system memory dump

Read the article
SQL Saturday 194 - Exeter

- by Dave Ballantyne

Many kudos goes to Jonathan and Annette Allen and the others on the team for confirming SQL Saturday 194 in Exeter on the 8th and 9th of March. The event home page is here http://www.sqlsaturday.com/194/eventhome.aspx and I delighted that myself and Dave Morrison will be presenting a full day pre-con on the 8th on favourite subjects “TSQL and Internals”. Here is the full abstract : TSQL and internals - When faced with performance issues there are many lines of attack. Tuning the engine itself can get you so far, however for maximum effect you need to understand how the engine and how it translates SQL statements into performable actions. This is not a simple task, it is a massive task to deal with a multi-table join and the number of permutations can be immense. To back up this knowledge, we can create better performing TSQL and understand the impact that is has upon the engine and recognize the pitfalls and gotcha’s that exist in SQLServer. Ultimately, there is no ‘best way’ to perform a single task only many variations of ‘it depends’ , but now we can pick the most appropriate option for the required dataload. Over the years, there have been many myths and misconceptions have grown around the product, some have basis in older versions and some are just wrong. Continuing to build on the knowledge given so far these issue will be explored and broken down and proved or disproved. Finally we will look to the future and explore SQL Server 2012 and the new functionality that that brings and some of the common uses that we will be able to address. After completion of this days pre-con, attendees will have a more complete knowledge of execution plans, and how they relate to the physical and logical actions that SQLServer will be executing on their behalf. The attendees will also have a more rounded and fuller knowledge of TSQL and the implications of incorrectly defining a query. Dave is a fountain of knowledge on execution plans and optimizer internals and ,though i may flatter myself, I’m no shrinking violet when it comes to TSQL and such matters. I hope that if you cant join us, then there are other pre-cons available from other experts in their fields that may ‘float you boat’ too. The pre-con page is http://sqlsouthwest.co.uk/SQLSaturday_precon.htm Also, excitingly, this pre-con day is sponsored by Fusion-IO which is a great boon for the day. If you want a more of this then i am offering a 2 day TSQL course starting on the 19th of March. More details on this are available here

Read the article
IIS: 404 error on every file in a virtual directory.

- by Scott Chamberlain

I am trying to write my first WCF service for IIS 6.0. I followed the instructions on MSDN. I created the virtual directory, I can browse the directory fine but anything I click (even a sub-folder in that folder) gives me a 404 error. What am I missing that I can not access any files or folders? Any logs or whatnot you need just tell me where to find them in the comments and I will post them. UPDATE- Found the log, here is what it says when I connect and try to click on a sub folder. #Software: Microsoft Internet Information Services 6.0 #Version: 1.0 #Date: 2010-03-07 19:08:07 #Fields: date time s-sitename s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status 2010-03-07 19:08:07 W3SVC1 74.62.95.101 GET /prx2.php hash=AA70CBCE8DDD370B4A3E5F6500505C6FBA530220D856 80 - 221.192.199.35 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0) 404 0 2 #Software: Microsoft Internet Information Services 6.0 #Version: 1.0 #Date: 2010-03-07 22:21:20 #Fields: date time s-sitename s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status 2010-03-07 22:21:20 W3SVC1 127.0.0.1 GET /RemoteUserManagerService/ - 80 - 127.0.0.1 Mozilla/4.0+(compatible;+MSIE+8.0;+Windows+NT+5.2;+WOW64;+Trident/4.0;+.NET+CLR+3.0.04506.30;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506.648;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+.NET4.0C;+.NET4.0E) 401 2 2148074254 2010-03-07 22:21:26 W3SVC1 127.0.0.1 GET /RemoteUserManagerService/ - 80 - 127.0.0.1 Mozilla/4.0+(compatible;+MSIE+8.0;+Windows+NT+5.2;+WOW64;+Trident/4.0;+.NET+CLR+3.0.04506.30;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506.648;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+.NET4.0C;+.NET4.0E) 401 1 0 2010-03-07 22:21:26 W3SVC1 127.0.0.1 GET /RemoteUserManagerService/ - 80 webinfinity\srchamberlain 127.0.0.1 Mozilla/4.0+(compatible;+MSIE+8.0;+Windows+NT+5.2;+WOW64;+Trident/4.0;+.NET+CLR+3.0.04506.30;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506.648;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+.NET4.0C;+.NET4.0E) 200 0 0 2010-03-07 22:21:29 W3SVC1 127.0.0.1 GET /RemoteUserManagerService/bin/ - 80 - 127.0.0.1 Mozilla/4.0+(compatible;+MSIE+8.0;+Windows+NT+5.2;+WOW64;+Trident/4.0;+.NET+CLR+3.0.04506.30;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506.648;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+.NET4.0C;+.NET4.0E) 404 0 2

Read the article
IIS: 404 error on every file in a virtual directory.

- by Scott Chamberlain

I am trying to write my first WCF service for IIS 6.0. I followed the instructions on MSDN. I created the virtual directory, I can browse the directory fine but anything I click (even a sub-folder in that folder) gives me a 404 error. What am I missing that I can not access any files or folders? Any logs or whatnot you need just tell me where to find them in the comments and I will post them. UPDATE- Found the log, here is what it says when I connect and try to click on a sub folder. #Software: Microsoft Internet Information Services 6.0 #Version: 1.0 #Date: 2010-03-07 19:08:07 #Fields: date time s-sitename s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status 2010-03-07 19:08:07 W3SVC1 74.62.95.101 GET /prx2.php hash=AA70CBCE8DDD370B4A3E5F6500505C6FBA530220D856 80 - 221.192.199.35 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0) 404 0 2 #Software: Microsoft Internet Information Services 6.0 #Version: 1.0 #Date: 2010-03-07 22:21:20 #Fields: date time s-sitename s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status 2010-03-07 22:21:20 W3SVC1 127.0.0.1 GET /RemoteUserManagerService/ - 80 - 127.0.0.1 Mozilla/4.0+(compatible;+MSIE+8.0;+Windows+NT+5.2;+WOW64;+Trident/4.0;+.NET+CLR+3.0.04506.30;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506.648;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+.NET4.0C;+.NET4.0E) 401 2 2148074254 2010-03-07 22:21:26 W3SVC1 127.0.0.1 GET /RemoteUserManagerService/ - 80 - 127.0.0.1 Mozilla/4.0+(compatible;+MSIE+8.0;+Windows+NT+5.2;+WOW64;+Trident/4.0;+.NET+CLR+3.0.04506.30;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506.648;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+.NET4.0C;+.NET4.0E) 401 1 0 2010-03-07 22:21:26 W3SVC1 127.0.0.1 GET /RemoteUserManagerService/ - 80 webinfinity\srchamberlain 127.0.0.1 Mozilla/4.0+(compatible;+MSIE+8.0;+Windows+NT+5.2;+WOW64;+Trident/4.0;+.NET+CLR+3.0.04506.30;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506.648;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+.NET4.0C;+.NET4.0E) 200 0 0 2010-03-07 22:21:29 W3SVC1 127.0.0.1 GET /RemoteUserManagerService/bin/ - 80 - 127.0.0.1 Mozilla/4.0+(compatible;+MSIE+8.0;+Windows+NT+5.2;+WOW64;+Trident/4.0;+.NET+CLR+3.0.04506.30;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.04506.648;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729;+.NET4.0C;+.NET4.0E) 404 0 2 --Update again I found this here IIS6 Dynamic Content: A 404.2 entry in the W3C Extended Log file is recorded when a Web Extension is not enabled. Use the IIS Microsoft Management Console (MMC) snap-in to enable the appropriate Web extension. Default Web Extensions include: ASP, ASP.net, Server-Side Includes, WebDAV publishing, FrontPage Server Extensions, Common Gateway Interface (CGI). Custom extensions must be added and explicitly enabled. See the IIS 6.0 Help File for more information. I am guessing the 404 0 2 at the end of the log is a 404.2 error. I now know the why, I still don't know the how on how to fix it.

Read the article
Apache2 graceful restart stops proxying requests to passenger

- by Rob

Issue with apache mod proxy, it stops proxying requests after a graceful restart but not all the time. It seems to happen only on a Sunday when a graceful restart is triggered by logrotate. [Sun Sep 9 05:25:06 2012] [notice] SIGUSR1 received. Doing graceful restart [Sun Sep 9 05:25:06 2012] [notice] Apache/2.2.22 (Ubuntu) Phusion_Passenger/3.0.11 configured -- resuming normal operations [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(492) failed in child 26153 for worker proxy:reverse [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(486) failed in child 26153 for worker http://api.myservice.org/api [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(487) failed in child 26153 for worker http://api.myservice.org/editor/$1 [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(489) failed in child 26153 for worker http://api.myservice.org/build [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(490) failed in child 26153 for worker http://api.myservice.org/help [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(491) failed in child 26153 for worker http://api.myservice.org/motd.html [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(480) failed in child 26153 for worker http://api.myservice.org/api [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(481) failed in child 26153 for worker http://api.myservice.org/editor/$1 [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(483) failed in child 26153 for worker http://api.myservice.org/build [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(484) failed in child 26153 for worker http://api.myservice.org/help [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(485) failed in child 26153 for worker http://api.myservice.org/motd.html [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(479) failed in child 26153 for worker http://api.myservice.org/motd.html After these lines, the logs are flooded with 404's because the requests are not being proxied. It's worth noting that the destination is just another vhost on the same apache instance, but the vhost (http://api.myservice.org) is serving passenger (mod_rails) I was thinking that maybe there's some startup issues with the passenger workers not being ready during a graceful restart? After a full restart resolves it and everything returns to normal. //Edit Here's the vhost config, thanks :) <VirtualHost *:80> UseCanonicalName Off LogFormat "%V %h %l %u %t \"%r\" %s %b" vcommon <Directory /var/www/vhosts> RewriteEngine on AllowOverride All </Directory> RewriteEngine on RewriteCond /var/www/vhosts/%{SERVER_NAME} !-d RewriteCond /var/www/vhosts/%{SERVER_NAME} !-l RewriteRule ^ http://sitenotfound.myservice.org/ [R=302,L] VirtualDocumentRoot /var/www/vhosts/%0/current # Rewrite requests to /assets to map to the /var/file-store/<SERVER_NAME>/ RewriteMap lowercase int:tolower RewriteCond %{REQUEST_URI} ^/assets/ RewriteRule ^/assets/(.*)$ /var/file-store/${lowercase:%{SERVER_NAME}}/$1 # Map /login to /editor.html as it's far friendlier. RewriteCond %{REQUEST_URI} ^/login RewriteRule .* /editor.html [PT] # Forward some requests to the API ProxyPass /api http://api.myservice.org/api ProxyPass /site.json http://api.myservice.org/api/editor/site ProxyPassMatch ^/editor/(.*)$ http://api.myservice.org/editor/$1 ProxyPassMatch ^/api/(.*) http://api.myservice.org/api/$1 ProxyPass /build http://api.myservice.org/build ProxyPass /help http://api.myservice.org/help ProxyPass /motd.html http://api.myservice.org/motd.html <Proxy *> Order allow,deny Allow from all </Proxy> # TODO generate slightly more specific Error Documents for 401/403/500's, # but for now the 404 page is good enough ErrorDocument 401 /404.html ErrorDocument 403 /404.html ErrorDocument 404 /404.html ErrorDocument 500 /404.html </VirtualHost>

Read the article
Nagios not accepting regex in command

- by Creshal

I have this command defined: define command{ command_name check_http_sane command_line $USER1$/check_http -H $HOSTNAME$ -r "HTTP/1.1 (200|301|302|303|304|307|401|418|426)" } When I run it manually on command line, it works fine, but nagios (2.6) reports a "pattern not found" error. Do I need to escape something? Edit: As stated below, I solved it by replacing check_http with my own script which works (good enough for our use case, anyway). Script: http://pastebin.com/hNmz6Wa1

Read the article
I disconnected my cellphone while transferring files to its Mini SD card. Now the files aren't there

- by Martín Fixman

I use Ubuntu 9.10, and the MiniSD card shows as having the space used as if there were files. Baobab (the disk usage analyzer) shows that the card only has 118 MB used (of the 401 Ubuntu claims there are). Of course, I already tried the obvious (rebooting the phone, adding and removing files, etc.), but I don't want to format my card, because I still have some files on it, the transfer to my computer is slow, and because I use an old wire it fails often.

Read the article
.htaccess template, suggestions needed

- by purpler

# Defaults AddDefaultCharset UTF-8 DefaultLanguage en-US FileETag None Header unset ETag ServerSignature Off SetEnv TZ Europe/Belgrade # Rewrites Options +FollowSymLinks RewriteEngine On RewriteBase / # Redirect to WWW RewriteCond %{HTTP_HOST} ^serpentineseo.com RewriteRule (.*) http://www.serpentineseo.com/$1 [R=301,L] # Redirect index to root RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /.*index\.html\ HTTP/ RewriteRule ^(.*)index\.html$ /$1 [R=301,L] # Cache media files: ExpiresActive On ExpiresDefault A0 # Month <filesMatch "\.(gif|jpg|jpeg|png|ico|swf|js)$"> Header set Cache-Control "max-age=2592000, public" </filesMatch> # Week <FilesMatch "\.(css|pdf)$"> Header set Cache-Control "max-age=604800" </FilesMatch> # 10 Min <FilesMatch "\.(html|htm|txt)$"> Header set Cache-Control "max-age=600" </FilesMatch> # Do not cache <FilesMatch "\.(pl|php|cgi|spl|scgi|fcgi)$"> Header unset Cache-Control </FilesMatch> # Compress output <IfModule mod_deflate.c> <FilesMatch "\.(html|js|css)$"> SetOutputFilter DEFLATE </FilesMatch> </IfModule> # Error Documents ErrorDocument 206 /error/206.html ErrorDocument 401 /error/401.html ErrorDocument 403 /error/403.html ErrorDocument 404 /error/404.html ErrorDocument 500 /error/500.html # Prevent hotlinking RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http://(www\.)?serpentineseo.com/.*$ [NC] RewriteRule \.(gif|jpg|png)$ http://www.serpentineseo.com/images/angryman.png [R,L] # Prevent offline browsers RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR] RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:[email protected] [OR] RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR] RewriteCond %{HTTP_USER_AGENT} ^Custo [OR] RewriteCond %{HTTP_USER_AGENT} ^DISCo [OR] RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [OR] RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR] RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR] RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR] RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR] RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [OR] RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR] RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR] RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR] RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR] RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [OR] RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR] RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR] RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR] RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR] RewriteCond %{HTTP_USER_AGENT} ^HMView [OR] RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [OR] RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [OR] RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR] RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [OR] RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR] RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [OR] RewriteCond %{HTTP_USER_AGENT} ^larbin [OR] RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR] RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [OR] RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [OR] RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [OR] RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR] RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR] RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR] RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR] RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [OR] RewriteCond %{HTTP_USER_AGENT} ^NetZIP [OR] RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR] RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [OR] RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [OR] RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR] RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [OR] RewriteCond %{HTTP_USER_AGENT} ^pavuk [OR] RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR] RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR] RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR] RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR] RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR] RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR] RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR] RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR] RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR] RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [OR] RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR] RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [OR] RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [OR] RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR] RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR] RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR] RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [OR] RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [OR] RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR] RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR] RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [OR] RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [OR] RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR] RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR] RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR] RewriteCond %{HTTP_USER_AGENT} ^Wget [OR] RewriteCond %{HTTP_USER_AGENT} ^Widow [OR] RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [OR] RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR] RewriteCond %{HTTP_USER_AGENT} ^Zeus RewriteRule ^.*$ http://www.google.com [R,L] # Protect against DOS attacks by limiting file upload size LimitRequestBody 10240000 # Deny access to sensitive files <FilesMatch "\.(htaccess|psd|log)$"> Order Allow,Deny Deny from all </FilesMatch>

Read the article
.htaccess template, suggestions needed

- by purpler

DefaultLanguage en-US FileETag None Header unset ETag ServerSignature Off SetEnv TZ Europe/Belgrade # Rewrites Options +FollowSymLinks RewriteEngine On RewriteBase / # Redirect to WWW RewriteCond %{HTTP_HOST} ^serpentineseo.com RewriteRule (.*) http://www.serpentineseo.com/$1 [R=301,L] # Redirect index to root RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /.*index\.html\ HTTP/ RewriteRule ^(.*)index\.html$ /$1 [R=301,L] # Cache media files: ExpiresActive On ExpiresDefault A0 # Month <filesMatch "\.(gif|jpg|jpeg|png|ico|swf|js)$"> Header set Cache-Control "max-age=2592000, public" </filesMatch> # Week <FilesMatch "\.(css|pdf)$"> Header set Cache-Control "max-age=604800" </FilesMatch> # 10 Min <FilesMatch "\.(html|htm|txt)$"> Header set Cache-Control "max-age=600" </FilesMatch> # Do not cache <FilesMatch "\.(pl|php|cgi|spl|scgi|fcgi)$"> Header unset Cache-Control </FilesMatch> # Compress output <IfModule mod_deflate.c> <FilesMatch "\.(html|js|css)$"> SetOutputFilter DEFLATE </FilesMatch> </IfModule> # Error Documents ErrorDocument 206 /error/206.html ErrorDocument 401 /error/401.html ErrorDocument 403 /error/403.html ErrorDocument 404 /error/404.html ErrorDocument 500 /error/500.html # Prevent hotlinking RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http://(www\.)?serpentineseo.com/.*$ [NC] RewriteRule \.(gif|jpg|png)$ http://www.serpentineseo.com/images/angryman.png [R,L] # Prevent offline browsers RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR] RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:[email protected] [OR] RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR] RewriteCond %{HTTP_USER_AGENT} ^Custo [OR] RewriteCond %{HTTP_USER_AGENT} ^DISCo [OR] RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [OR] RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR] RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR] RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR] RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR] RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [OR] RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR] RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR] RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR] RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR] RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [OR] RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR] RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR] RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR] RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR] RewriteCond %{HTTP_USER_AGENT} ^HMView [OR] RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [OR] RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [OR] RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR] RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [OR] RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR] RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [OR] RewriteCond %{HTTP_USER_AGENT} ^larbin [OR] RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR] RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [OR] RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [OR] RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [OR] RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR] RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR] RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR] RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR] RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [OR] RewriteCond %{HTTP_USER_AGENT} ^NetZIP [OR] RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR] RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [OR] RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [OR] RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR] RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [OR] RewriteCond %{HTTP_USER_AGENT} ^pavuk [OR] RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR] RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR] RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR] RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR] RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR] RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR] RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR] RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR] RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR] RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [OR] RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR] RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [OR] RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [OR] RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR] RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR] RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR] RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [OR] RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [OR] RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR] RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR] RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [OR] RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [OR] RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR] RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR] RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR] RewriteCond %{HTTP_USER_AGENT} ^Wget [OR] RewriteCond %{HTTP_USER_AGENT} ^Widow [OR] RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [OR] RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR] RewriteCond %{HTTP_USER_AGENT} ^Zeus RewriteRule ^.*$ http://www.google.com [R,L] # Protect against DOS attacks by limiting file upload size LimitRequestBody 10240000 # Deny access to sensitive files <FilesMatch "\.(htaccess|psd|log)$"> Order Allow,Deny Deny from all </FilesMatch>

Read the article
Windows Server 2008 R2, IIS 7.5, Windows Authentication

- by nick

Ive a 7.5 IIS installed on my server with windows authentication enabled cause i need it for NTLM / SSO on intranet pages. when windows authentication is activated, iis cant authenticate himself on his own webserver.. thats the error i got in the iis log: 2011-11-24 08:47:10 10.50.2.91 POST /ldap.php - 80 - 10.50.2.91 SWIFT_LoginShare 401 2 5 0 so.. how can i make sure, using windows authentication, that iis authenticates himself? thx for your help

Read the article
Creating a fallback error page for nginx when root directory does not exist

- by Ruirize

I have set up an any-domain config on my nginx server - to reduce the amount of work needed when I open a new site/domain. This config allows me to simply create a folder in /usr/share/nginx/sites/ with the name of the domain/subdomain and then it just works.™ server { # Catch all domains starting with only "www." and boot them to non "www." domain. listen 80; server_name ~^www\.(.*)$; return 301 $scheme://$1$request_uri; } server { # Catch all domains that do not start with "www." listen 80; server_name ~^(?!www\.).+; client_max_body_size 20M; # Send all requests to the appropriate host root /usr/share/nginx/sites/$host; index index.html index.htm index.php; location / { try_files $uri $uri/ =404; } recursive_error_pages on; error_page 400 /errorpages/error.php?e=400&u=$uri&h=$host&s=$scheme; error_page 401 /errorpages/error.php?e=401&u=$uri&h=$host&s=$scheme; error_page 403 /errorpages/error.php?e=403&u=$uri&h=$host&s=$scheme; error_page 404 /errorpages/error.php?e=404&u=$uri&h=$host&s=$scheme; error_page 418 /errorpages/error.php?e=418&u=$uri&h=$host&s=$scheme; error_page 500 /errorpages/error.php?e=500&u=$uri&h=$host&s=$scheme; error_page 501 /errorpages/error.php?e=501&u=$uri&h=$host&s=$scheme; error_page 503 /errorpages/error.php?e=503&u=$uri&h=$host&s=$scheme; error_page 504 /errorpages/error.php?e=504&u=$uri&h=$host&s=$scheme; location ~ \.(php|html) { include /etc/nginx/fastcgi_params; fastcgi_pass 127.0.0.1:9000; fastcgi_intercept_errors on; } } However there is one issue that I'd like to resolve, and that is when a domain that doesn't have a folder in the sites directory, nginx throws an internal 500 error page because it cannot redirect to /errorpages/error.php as it doesn't exist. How can I create a fallback error page that will catch these failed requests?

Read the article
Apache - Only allow certain domains access to a Restful service

- by user18910

For certain Restful URIs I want to block certain domains from executing the requests. How can i do this with Apache? Is it possible For example: www.nottrusted.com calls my Restful Api Apache identifies the request is coming from a non-authorized site Apache blocks the caller and returns a 401 Is this possible? Is it easy for someone one spoof the domain? If a request comes from server side code of nottrusted.com will Apache catch the request? Thanks

Read the article
Symfony/Doctrine/SfGuardPlugin: Redirect to requested page (route), and not referrer

- by Prasad

I want to be able to take the user to the requested page after login, but this does not happen with sfGuard. ** My Register action requires SignIn ;) ** On the listing page [http://cim/frontend_dev.php/] - user clicks the 'Register' link [@register = register/index] - user is taken to 'Signin' page provided by sfGuard - after sign-in, user is taken back to the Listing page (instead of Register) This is quite annoying! But logical, because the referrer is the listing page. How can I change logic to make @register the referrer? Pl help. thanks public function executeSignin($request) { $user = $this->getUser(); $this->logMessage('Signin>>> form - isAuth() '.$user->isAuthenticated(), 'info'); if ($user->isAuthenticated()) { $this->getUser()->setAttribute('tenant', $this->getUser()->getGuardUser()->sfuser->Tenant->getID()); return $this->redirect($user->getReferer($request->getReferer())); } $class = sfConfig::get('app_sf_guard_plugin_signin_form', 'sfGuardFormSignin'); $this->form = new $class(); $referer = $user->getReferer($request->getReferer()); $this->logMessage('Signin>>> referer: '.$referer, 'info'); $this->logMessage('Signin>>> referer: '.$request->getReferer(), 'info'); if ($request->isMethod('post')) { $this->form->bind($request->getParameter('signin')); if ($this->form->isValid()) { $values = $this->form->getValues(); $this->getUser()->signin($values['user'], array_key_exists('remember', $values) ? $values['remember'] : false); $this->getUser()->setAttribute('tenant', $this->getUser()->getGuardUser()->sfuser->Tenant->getID()); $this->logMessage('Signin>>> sfUrl | @homepage: '.sfConfig::get('app_sf_guard_plugin_success_signin_url','@homepage'), 'info'); return $this->redirect("" != $referer ? $referer : sfConfig::get('app_sf_guard_plugin_success_signin_url','@homepage')); } } else { if ($request->isXmlHttpRequest()) { $this->getResponse()->setHeaderOnly(true); $this->getResponse()->setStatusCode(401); return sfView::NONE; } // if we have been forwarded, then the referer is the current URL // if not, this is the referer of the current request $user->setReferer($this->getContext()->getActionStack()->getSize() > 1 ? $request->getUri() : $request->getReferer()); $this->logMessage('Signin>>> oldy: '.$request->getUri(), 'info'); $this->logMessage('Signin>>> oldy: '.$request->getReferer(), 'info'); $module = sfConfig::get('sf_login_module'); if ($this->getModuleName() != $module) { return $this->redirect($module.'/'.sfConfig::get('sf_login_action')); } $this->getResponse()->setStatusCode(401); } } Trace: May 27 10:10:14 symfony [info] {sfPatternRouting} Connect sfRoute "sf_guard_signin" (/login) May 27 10:10:14 symfony [info] {sfPatternRouting} Connect sfRoute "sf_guard_signout" (/logout) May 27 10:10:14 symfony [info] {sfPatternRouting} Connect sfRoute "sf_guard_password" (/request_password) May 27 10:10:14 symfony [info] {sfPatternRouting} Match route "register" (/register) for /register with parameters array ( 'module' => 'register', 'action' => 'index',) May 27 10:10:14 symfony [info] {sfFilterChain} Executing filter "sfGuardRememberMeFilter" May 27 10:10:14 symfony [info] {sfFilterChain} Executing filter "sfRenderingFilter" May 27 10:10:14 symfony [info] {sfFilterChain} Executing filter "sfExecutionFilter" May 27 10:10:14 symfony [info] {registerActions} Call "registerActions->executeIndex()" May 27 10:10:14 symfony [info] {sfFrontWebController} Redirect to "http://cim/frontend_dev.php/login" May 27 10:10:14 symfony [info] {sfWebResponse} Send status "HTTP/1.1 302 Found" May 27 10:10:14 symfony [info] {sfWebResponse} Send header "Location: http://cim/frontend_dev.php/login" May 27 10:10:14 symfony [info] {sfWebResponse} Send header "Content-Type: text/html; charset=utf-8" May 27 10:10:14 symfony [info] {sfWebDebugLogger} Configuration 13.39 ms (9) May 27 10:10:14 symfony [info] {sfWebDebugLogger} Factories 50.02 ms (1) May 27 10:10:14 symfony [info] {sfWebDebugLogger} Action "register/index" 1.94 ms (1) May 27 10:10:14 symfony [info] {sfWebResponse} Send content (104 o) May 27 10:10:16 symfony [info] {sfPatternRouting} Connect sfRoute "sf_guard_signin" (/login) May 27 10:10:16 symfony [info] {sfPatternRouting} Connect sfRoute "sf_guard_signout" (/logout) May 27 10:10:16 symfony [info] {sfPatternRouting} Connect sfRoute "sf_guard_password" (/request_password) May 27 10:10:16 symfony [info] {sfPatternRouting} Match route "sf_guard_signin" (/login) for /login with parameters array ( 'module' => 'sfGuardAuth', 'action' => 'signin',) May 27 10:10:16 symfony [info] {sfFilterChain} Executing filter "sfGuardRememberMeFilter" May 27 10:10:16 symfony [info] {sfFilterChain} Executing filter "sfRenderingFilter" May 27 10:10:16 symfony [info] {sfFilterChain} Executing filter "sfExecutionFilter" May 27 10:10:16 symfony [info] {sfGuardAuthActions} Call "sfGuardAuthActions->executeSignin()" May 27 10:10:16 symfony [info] {sfGuardAuthActions} Signin>>> form - isAuth() May 27 10:10:16 symfony [info] {sfGuardAuthActions} Signin>>> referer: http://cim/frontend_dev.php/ May 27 10:10:16 symfony [info] {sfGuardAuthActions} Signin>>> referer: http://cim/frontend_dev.php/ May 27 10:10:16 symfony [info] {sfGuardAuthActions} Signin>>> oldy: http://cim/frontend_dev.php/login May 27 10:10:16 symfony [info] {sfGuardAuthActions} Signin>>> oldy: http://cim/frontend_dev.php/ May 27 10:10:16 symfony [info] {sfPHPView} Render "D:/projects/cim/plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/templates/signinSuccess.php" May 27 10:10:16 symfony [info] {sfPHPView} Decorate content with "D:\projects\cim\apps\frontend\templates/layout.php" May 27 10:10:16 symfony [info] {sfPHPView} Render "D:\projects\cim\apps\frontend\templates/layout.php" May 27 10:10:16 symfony [info] {main} Get slot "title" May 27 10:10:16 symfony [info] {sfWebResponse} Send status "HTTP/1.1 401 Unauthorized" May 27 10:10:16 symfony [info] {sfWebResponse} Send header "Content-Type: text/html; charset=utf-8" May 27 10:10:16 symfony [info] {sfWebDebugLogger} Configuration 16.06 ms (10) May 27 10:10:16 symfony [info] {sfWebDebugLogger} Factories 50.00 ms (1) May 27 10:10:16 symfony [info] {sfWebDebugLogger} Action "sfGuardAuth/signin" 14.53 ms (1) May 27 10:10:16 symfony [info] {sfWebDebugLogger} View "Success" for "sfGuardAuth/signin" 34.44 ms (1) May 27 10:10:16 symfony [info] {sfWebResponse} Send content (38057 o)

Read the article
Welcome to www.badapi.net, a REST API with badly-behaved endpoints

- by Elton Stoneman

Originally posted on: http://geekswithblogs.net/EltonStoneman/archive/2014/08/14/welcome-to-www.badapi.net-a-rest-api-with-badly-behaved-endpoints.aspxI've had a need in a few projects for a REST API that doesn't behave well - takes a long time to respond, or never responds, returns unexpected status codes etc.That can be very useful for testing that clients cope gracefully with unexpected responses.Till now I've always coded a stub API in the project and run it locally, but I've put a few 'misbehaved' endpoints together and published them at www.badapi.net, and the source is on GitHub here: sixeyed/badapi.net.You can browse to the home page and see the available endpoints. I'll be adding more as I think of them, and I may give the styling of the help pages a bit more thought...As of today's release, the misbehaving endpoints available to you are:GET longrunning?between={between}&and={and} - Waits for a (short) random period before returningGET verylongrunning?between={between}&and={and} -Waits for a (long) random period before returningGET internalservererror - Returns 500: Internal Server ErrorGET badrequest - Returns 400: BadRequestGET notfound - Returns 404: Not FoundGET unauthorized - Returns 401: UnauthorizedGET forbidden - Returns 403: ForbiddenGET conflict -Returns 409: ConflictGET status/{code}?reason={reason} - Returns the provided status code Go bad.

Read the article
At Collaborate 10 Next Week

- by shay.shmeltzer

I'm going to be at the Collaborate 10 conference next week doing a couple of sessions and hanging out in the JDeveloper booth at the demoground. My sessions are on Monday morning back to back: Developing Cutting Edge Web UI for Enterprise Applications - The Easy Way Monday, April 19 10:45 am - 11:45 am 401 The Fusion Development Experience Monday, April 19 12:00 pm - 12:30 pm 404 The first session will also be available for those watching the conference over the Web. If you want to see how Fusion applications are being built, and how you can use the same approach to do custom development for your applications, or create rich UIs for your applications then these would be good sessions to see. I'll also be doing shifts in the demo ground in a JDeveloper/ADF booth - so if you have any questions, complaints, or suggestions - or if you just want to understand what is this thing good for - come on over and we'll talk.

Read the article
Mixing Forms and Token Authentication in a single ASP.NET Application (the Details)

- by Your DisplayName here!

The scenario described in my last post works because of the design around HTTP modules in ASP.NET. Authentication related modules (like Forms authentication and WIF WS-Fed/Sessions) typically subscribe to three events in the pipeline – AuthenticateRequest/PostAuthenticateRequest for pre-processing and EndRequest for post-processing (like making redirects to a login page). In the pre-processing stage it is the modules’ job to determine the identity of the client based on incoming HTTP details (like a header, cookie, form post) and set HttpContext.User and Thread.CurrentPrincipal. The actual page (in the ExecuteHandler event) “sees” the identity that the last module has set. So in our case there are three modules in effect: FormsAuthenticationModule (AuthenticateRequest, EndRequest) WSFederationAuthenticationModule (AuthenticateRequest, PostAuthenticateRequest, EndRequest) SessionAuthenticationModule (AuthenticateRequest, PostAuthenticateRequest) So let’s have a look at the different scenario we have when mixing Forms auth and WS-Federation. Anoymous request to unprotected resource This is the easiest case. Since there is no WIF session cookie or a FormsAuth cookie, these modules do nothing. The WSFed module creates an anonymous ClaimsPrincipal and calls the registered ClaimsAuthenticationManager (if any) to transform it. The result (by default an anonymous ClaimsPrincipal) gets set. Anonymous request to FormsAuth protected resource This is the scenario where an anonymous user tries to access a FormsAuth protected resource for the first time. The principal is anonymous and before the page gets rendered, the Authorize attribute kicks in. The attribute determines that the user needs authentication and therefor sets a 401 status code and ends the request. Now execution jumps to the EndRequest event, where the FormsAuth module takes over. The module then converts the 401 to a redirect (302) to the forms login page. If authentication is successful, the login page sets the FormsAuth cookie. FormsAuth authenticated request to a FormsAuth protected resource Now a FormsAuth cookie is present, which gets validated by the FormsAuth module. This cookie gets turned into a GenericPrincipal/FormsIdentity combination. The WS-Fed module turns the principal into a ClaimsPrincipal and calls the registered ClaimsAuthenticationManager. The outcome of that gets set on the context. Anonymous request to STS protected resource This time the anonymous user tries to access an STS protected resource (a controller decorated with the RequireTokenAuthentication attribute). The attribute determines that the user needs STS authentication by checking the authentication type on the current principal. If this is not Federation, the redirect to the STS will be made. After successful authentication at the STS, the STS posts the token back to the application (using WS-Federation syntax). Postback from STS authentication After the postback, the WS-Fed module finds the token response and validates the contained token. If successful, the token gets transformed by the ClaimsAuthenticationManager, and the outcome is a) stored in a session cookie, and b) set on the context. STS authenticated request to an STS protected resource This time the WIF Session authentication module kicks in because it can find the previously issued session cookie. The module re-hydrates the ClaimsPrincipal from the cookie and sets it. FormsAuth and STS authenticated request to a protected resource This is kind of an odd case – e.g. the user first authenticated using Forms and after that using the STS. This time the FormsAuth module does its work, and then afterwards the session module stomps over the context with the session principal. In other words, the STS identity wins. What about roles? A common way to set roles in ASP.NET is to use the role manager feature. There is a corresponding HTTP module for that (RoleManagerModule) that handles PostAuthenticateRequest. Does this collide with the above combinations? No it doesn’t! When the WS-Fed module turns existing principals into a ClaimsPrincipal (like it did with the FormsIdentity), it also checks for RolePrincipal (which is the principal type created by role manager), and turns the roles in role claims. Nice! But as you can see in the last scenario above, this might result in unnecessary work, so I would rather recommend consolidating all role work (and other claims transformations) into the ClaimsAuthenticationManager. In there you can check for the authentication type of the incoming principal and act accordingly. HTH

Read the article

Search Results

Search found 790 results on 32 pages for '401 internals'.

Page 10/32 | < Previous Page | 6 7 8 9 10 11 12 13 14 15 16 17 | Next Page >

- by RexM

- by Steven

- by Vijesh V.Nair

- by dalesmithtx

- by Bob

- by akaii

- by soccerdad

- by kingdavies

- by randombits

- by gOODiDEA

- by Dave Ballantyne

- by Scott Chamberlain

- by Scott Chamberlain

- by Rob

- by Creshal

- by Martín Fixman

- by purpler

- by purpler

- by nick

- by Ruirize

- by user18910

- by Prasad

- by Elton Stoneman

- by shay.shmeltzer

- by Your DisplayName here!

< Previous Page | 6 7 8 9 10 11 12 13 14 15 16 17 | Next Page >