Search Results

Search found 58094 results on 2324 pages for 'http status codes'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 108/2324 | < Previous Page | 104 105 106 107 108 109 110 111 112 113 114 115  | Next Page >

  • web application with secured sections, sessions and related trouble

    - by spirytus
    I would like to create web application with admin/checkout sections being secured. Assuming I have SSL set up for subdomain.mydomain.com I would like to make sure that all that top-secret stuff ;) like checkout pages and admin section is transferred securely. Would it be ok to structure my application as below? subdomain.mydomain.com adminSectionFolder adminPage1.php adminPage2.php checkoutPagesFolder checkoutPage1.php checkoutPage2.php checkoutPage3.php homepage.php loginPage.php someOtherPage.php someNonSecureFolder nonSecurePage1.php nonSecurePage2.php nonSecurePage3.php imagesFolder image1.jpg image2.jpg image3.jpg Users would access my web application via http as there is no need for SSL for homepage and similar. Checkout/admin pages would have to be accessed via https though (that I would ensure via .htaccess redirects). I would also like to have login form on every page of the site, including non-secure pages. Now my questions are: if I have form on non-secure page e.g http://subdomain.mydomain.com/homepage.php and that form sends data to http://subdomain.mydomain.com/loginPage.php, is data being send encrypted as if it were sent from https://subdomain.mydomain.com/homepage.php? I do realize users will not see padlock, but browser still should encrypt it, is it right? If on secure page loginPage.php (or any other accessed via https for that instance) I created session, session ID would be assigned, and in case of my web app. something like username of the logged in user. Would I be able to access these session variable from http://subdomain.mydomain.com/homepage.php to for example display greeting message? If session ID is stored in cookies then it would be trouble I assume, but could someone clarify how it should be done? It seems important to have username and password send over SSL. Related to above question I think.. would it actually make any sense to have login secured via SSL so usenrame/password would be transferred securely, and then session ID being transferred with no SSL? I mean wouldnt it be the same really if someone caught username and password being transferred, or caught session ID? Please let me know if I make sense here cause it feels like I'm missing something important. EDIT: I came up with idea but again please let me know if that would work. Having above, so assuming that sharing session between http and https is as secure as login in user via plain http (not https), I guess on all non secure pages, like homepage etc. I could check if user is already logged in, and if so from php redirect to https version of same page. So user fills in login form from homepage.php, over ssl details are send to backend so probably https://.../homepage.php. Trying to access http://.../someOtherPage.php script would always check if session is created and if so redirect user to https version of this page so https://.../someOtherPage.php. Would that work? 4.To avoid browser popping message "this page contains non secure items..." my links to css, images and all assets, e.g. in case of http://subdomain.mydomain.com/checkoutPage1.php should be absolute so "/images/image1.jpg" or relative so "../images/image1.jpg"? I guess one of those would have to work :) wow that's long post, thanks for your patience if you got that far and any answers :) oh yeh and I use php/apache on shared hosting

    Read the article

  • Receiving AJAX HTTP Response Code as 0

    - by shyam
    I have a pretty simple AJAX and PHP code. While calling the PHP through the AJAX it receives the response code as 0. The PHP code is successfully run, but I can't get the response. What does this status '0' denote and how can I solve this? function confirmUser(id) { xmlhttp=GetXmlHttpObject(); regid = id; if (xmlhttp==null) { alert ("Browser does not support HTTP Request"); return; } var url="confirm.php"; url=url+"?id="+id; url=url+"&a=confirm"; xmlhttp.onreadystatechange=function() { if (xmlhttp.readyState == 4 && xmlhttp.status == 200) { $("#txtHint" + regid).text("Awaiting confirmation"); } else { alert (xmlhttp.status); //this shows '0' } }; xmlhttp.open("GET",url,true); xmlhttp.send(null); } Well, this is the javascript I used. Pardon me if I should've added anything more than this. Also tell me what I missed. I appreciate your help

    Read the article

  • Help finding missing mumble-server dependencies

    - by Otoris
    I'm trying to install the mumble-server package using apt-get install mumble-server on Ubuntu 11.10 Server Edition on Rackspace Cloud. Problem is it can't find dependencies it should have found because they exist on launchpad.net? Dependencies message: Reading package lists... Done Building dependency tree Reading state information... Done Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming. The following information may help to resolve the situation: The following packages have unmet dependencies: mumble-server : Depends: libavahi-compat-libdnssd1 (>= 0.6.16) but it is not installable Depends: libprotobuf7 but it is not installable Depends: libqt4-dbus (>= 4:4.5.3) but it is not installable Depends: libqt4-network (>= 4:4.5.3) but it is not installable Depends: libqt4-sql (>= 4:4.5.3) but it is not installable Depends: libqt4-xml (>= 4:4.5.3) but it is not installable Depends: libqtcore4 (>= 4:4.7.0~beta1) but it is not installable Depends: libqt4-sql-sqlite but it is not installable E: Unable to correct problems, you have held broken packages. Any ideas on if I might be missing sources? I've been googling around and haven't found anyone else in this situation or anyone else not able to install the aforementioned packages. Thanks for your time! sources.list: deb http://mirror.rackspace.com/ubuntu/ oneiric restricted deb-src http://mirror.rackspace.com/ubuntu/ oneiric restricted ## Major bug fix updates produced after the final release of the ## distribution. deb http://mirror.rackspace.com/ubuntu/ oneiric-updates restricted deb-src http://mirror.rackspace.com/ubuntu/ oneiric-updates restricted ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team. Also, please note that software in universe WILL NOT receive any ## review or updates from the Ubuntu security team. deb http://mirror.rackspace.com/ubuntu/ oneiric universe deb-src http://mirror.rackspace.com/ubuntu/ oneiric universe deb http://mirror.rackspace.com/ubuntu/ oneiric-updates universe deb-src http://mirror.rackspace.com/ubuntu/ oneiric-updates universe ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team, and may not be under a free licence. Please satisfy yourself as to ## your rights to use the software. Also, please note that software in ## multiverse WILL NOT receive any review or updates from the Ubuntu ## security team. deb http://mirror.rackspace.com/ubuntu/ oneiric multiverse deb-src http://mirror.rackspace.com/ubuntu/ oneiric multiverse deb http://mirror.rackspace.com/ubuntu/ oneiric-updates multiverse deb-src http://mirror.rackspace.com/ubuntu/ oneiric-updates multiverse ## Uncomment the following two lines to add software from the 'backports' ## repository. ## N.B. software from this repository may not have been tested as ## extensively as that contained in the release, although it includes ## newer versions of some applications which may provide useful features. ## Also, please note that software in backports WILL NOT receive any review ## or updates from the Ubuntu security team. # deb http://us.archive.ubuntu.com/ubuntu/ oneiric-backports restricted universe multiverse # deb-src http://us.archive.ubuntu.com/ubuntu/ oneiric-backports restricted universe multiverse ## Uncomment the following two lines to add software from Canonical's ## 'partner' repository. This software is not part of Ubuntu, but is ## offered by Canonical and the respective vendors as a service to Ubuntu ## users. # deb http://archive.canonical.com/ubuntu oneiric partner # deb-src http://archive.canonical.com/ubuntu oneiric partner deb http://security.ubuntu.com/ubuntu oneiric-security restricted deb-src http://security.ubuntu.com/ubuntu oneiric-security restricted deb http://security.ubuntu.com/ubuntu oneiric-security universe deb-src http://security.ubuntu.com/ubuntu oneiric-security universe deb http://security.ubuntu.com/ubuntu oneiric-security multiverse deb-src http://security.ubuntu.com/ubuntu oneiric-security multiverse # Cool Kid Webmin/Usermin Here Brah deb http://download.webmin.com/download/repository sarge contrib deb http://webmin.mirror.somersettechsolutions.co.uk/repository sarge contrib

    Read the article

  • 401 Unauthorized using oauth with twitter on iPhone

    - by menkel
    I use Twitter-OAuth-iPhone. http://github.com/bengottlieb/Twitter-OAuth-iPhone/ when i try to login on twitte, I received an error 401 i received the delegate call for - (void) OAuthTwitterController: (SA_OAuthTwitterController *) controller authenticatedWithUsername: (NSString *) username { but when i try to send a tweet just after [_engine sendUpdate: [NSString stringWithFormat:@"Hello World"]]; i received an error 401 failed with error: Error Domain=HTTP Code=401 "Operation could not be completed. (HTTP error 401.)" i have check my twitter application setting Type: Client Default Access type: Read & Write

    Read the article

  • Why does IIS not support chunked transfer encoding?

    - by Graeme Perrow
    I am making an HTTP connection to an IIS web server and sending a POST request with the data encoded using Transfer-Encoding: chunked. When I do this, IIS simply closes the connection, with no error message or status code. According to the HTTP 1.1 spec, All HTTP/1.1 applications MUST be able to receive and decode the "chunked" transfer-coding so I don't understand why it's (a) not handling that encoding and (b) it's not sending back a status code. If I change the request to send the Content-Length rather than Transfer-Encoding, the query succeeds, but that's not always possible. When I try the same thing against Apache, I get a "411 Length required" status and a message saying "chunked Transfer-Encoding forbidden". Why do these servers not support this encoding?

    Read the article

  • Server.Transfer("error_404.aspx") in Application_Error returns a blank page

    - by qntmfred
    I look for HttpExceptions in the Application_Error sub of my global.asx Sub Application_Error(ByVal sender As Object, ByVal e As EventArgs) Dim ex As Exception = HttpContext.Current.Server.GetLastError() If ex IsNot Nothing Then If TypeOf (ex) Is HttpUnhandledException Then If ex.InnerException Is Nothing Then Server.Transfer("error.aspx", False) End If ex = ex.InnerException End If If TypeOf (ex) Is HttpException Then Dim httpCode As Integer = CType(ex, HttpException).GetHttpCode() If httpCode = 404 Then Server.ClearError() Server.Transfer("error_404.aspx", False) End If End If End If End Sub I can step through this code and confirm it does hit the Server.Transfer("error_404.aspx"), as well as the Page_Load of error_404.aspx, but all it shows is a blank page.

    Read the article

  • Windows Constants for Ctrl+X, Ctrl+C, and Ctrl+V

    - by Jonathan Wood
    I've got some older MFC code I wrote that I'm "freshening up" a bit. I have the following code in a window class' OnChar() handler. I really don't like using constants like 0x18. I'd like to make the code more readable. I know I can declare my own, but are there no Windows macros for these values? I couldn't find anything about this on the web. // Check for clipboard commands switch (nChar) { case 0x18: // Ctrl+X - Cut OnEditCut(); break; case 0x03: // Ctrl+C - Copy OnEditCopy(); break; case 0x16: // Ctrl+V - Paste OnEditPaste(); break; }

    Read the article

  • free sql script to get a list of countries, provinces/states and their cities.

    - by reggie
    I am working on a registration page for a php website as mysql as the backend database. I need a sql script to insert the list of countries with their associated provinces and the provinces with their associated cities. I need all the countries, provinces and cities all over the world which are related to each other. I can get the individual list of countries, provinces and cities but there is no list that relates them together.. any help appreciated.. thanks in advance.

    Read the article

  • How do you detect a website visitor's country (Specifically, US or not)?

    - by BigDave
    I need to show different links for US and non-US visitors to my site. This is for convenience only, so I am not looking for a super-high degree of accuracy, and security or spoofing are not a concern. I know there are geotargeting services and lists, but this seems like overkill since I only need to determine (roughly) if the person is in the US or not. I was thinking about using JavaScript to get the user's timezone, but this appears to only give the offset, so users in Canada, Mexico, and South America would have the same value as people in the US. Are there any other bits of information available either in JavaScript, or PHP, short of grabbing the IP address and doing a lookup, to determine this?

    Read the article

  • git: programmatically know by how much the branch is ahead/behind a remote branch

    - by Olivier
    I would like to extract the information that is printed after a github status, which looks like: # On branch master # Your branch is ahead of 'origin/master' by 2 commits. Of course I can parse the output of git status but this is not recommended since this human readable output is liable to change. There are two problems: How to know the remote tracked branch? It is often origin/branch but need not be. How to get the numbers? How to know whether it is ahead/behind? By how many commits? And what about the diverged branch case?

    Read the article

  • PHP File Serving Script: Unreliable Downloads?

    - by JGB146
    This post started as a question on ServerFault ( http://serverfault.com/questions/131156/user-receiving-partial-downloads ) but I determined that our php script was the culprit. So I'm issuing an updated question here about what I believe is the actual issue. I am using a php script to verify permissions and then serve up a file for users of my website to download. Most of the time, this works, but recently one user has been seeing problems with larger downloads. He is only getting ~80% of downloads for files that are 100MB in size. Also, all downloads from this script fail to report a filesize. Further, tests revealed that the same user COULD reliably download each of the failed files if given a direct link (at which point the filesize is reported). Here's the relevant snippet of code that we are using to serve the file: header("Content-type:$contenttype"); $len = filesize($filename); header("Content-Length: $len"); header("Content-Disposition: attachment; filename=".$title.".".$ext); readfile($filename); Note that $contenttype, $filename, $title, and $ext are all set correctly before we get here. These have been triple-checked. None of them are the problem. Also, $len does provide the correct filesize. While researching this issue, I came across this post: http://stackoverflow.com/questions/1334471/content-length-header-always-zero It seems that I am encountering the same issue. When I use the script, I get chunked encoding on the file and no size is set for content-length. I'm hypothesizing that something is going wrong on the large downloads, leading him to get a zero-length chunk before the end of the file. Here's what the headers look like for a direct request: http://www.grinderschool.com/videos/zfff5061b65ae00e8b21/KillsAids021.wmv GET /videos/zfff5061b65ae00e8b21/KillsAids021.wmv HTTP/1.1 Host: www.grinderschool.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3 (.NET CLR 3.5.30729) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.grinderschool.com/phpBB3/viewtopic.php?f=14&p=29468 Cookie: style_cookie=printonly; phpbb3_7c544_u=2; phpbb3_7c544_k=44b832912e5f887d; phpbb3_7c544_sid=e8852df42e08cc1b2250300c2897f78f; __utma=174624884.2719561324781918700.1251850714.1270986325.1270989003.575; __utmz=174624884.1264524375.411.12.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=low%20stakes%20poker%20videos; phpbb3_cmviy_k=; phpbb3_cmviy_u=2; phpbb3_cmviy_sid=d8df5c0943863004ca40ef9c392d371d; __utmb=174624884.4.10.1270989003; __utmc=174624884 Pragma: no-cache Cache-Control: no-cache HTTP/1.1 200 OK Date: Sun, 11 Apr 2010 12:57:41 GMT Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8l DAV/2 mod_auth_passthrough/2.1 FrontPage/5.0.2.2635 Last-Modified: Sun, 04 Apr 2010 12:51:06 GMT Etag: "eb42d6-7d9b843-48368aa6dc280" Accept-Ranges: bytes Content-Length: 131708995 Keep-Alive: timeout=10, max=30 Connection: Keep-Alive Content-Type: video/x-ms-wmv And here's what they look like for the request answered by my script: http://www.grinderschool.com/download_video_test.php?t=KillsAids021&format=wmv GET /download_video_test.php?t=KillsAids021&format=wmv HTTP/1.1 Host: www.grinderschool.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3 (.NET CLR 3.5.30729) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: style_cookie=printonly; phpbb3_7c544_u=2; phpbb3_7c544_k=44b832912e5f887d; phpbb3_7c544_sid=e8852df42e08cc1b2250300c2897f78f; __utma=174624884.2719561324781918700.1251850714.1270986325.1270989003.575; __utmz=174624884.1264524375.411.12.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=low%20stakes%20poker%20videos; phpbb3_cmviy_k=; phpbb3_cmviy_u=2; phpbb3_cmviy_sid=d8df5c0943863004ca40ef9c392d371d; __utmb=174624884.4.10.1270989003; __utmc=174624884 HTTP/1.1 200 OK Date: Sun, 11 Apr 2010 12:58:02 GMT Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8l DAV/2 mod_auth_passthrough/2.1 FrontPage/5.0.2.2635 X-Powered-By: PHP/5.2.11 Content-Disposition: attachment; filename=KillsAids021.wmv Vary: Accept-Encoding Content-Encoding: gzip Keep-Alive: timeout=10, max=30 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: video/x-ms-wmv So the question is...what can I do to make downloads from the script work properly? Again, for 99% of users, it works as is (though I find it annoying now that no filesize is reported and thus that no time estimate can be computed about the download).

    Read the article

  • svn hangs when connecting to server but only for me!

    - by vgm64
    I've checked out two repositories with svn and they both have some odd behavior when using commands like svn -u status. That command in particular will hang, and top says the process is sleeping. I can check out and update those repos (usually), but this in particular will hang until I kill -9 it. It doesn't happen on anyone else's computer (I'm running Mac OSX 10.6) who uses these repos. I just checked out a fresh clean version of one of the repos, and did svn -u status and it froze. Anyone have any thoughts? Could some settings be corrupted?

    Read the article

  • Converting "fr_FR" into "French (France)" in both directions. (Objective-C iPhone)

    - by Janice
    I can easily change a short region-code (en_US) into a longer string... but it there an easy way to also move in the other direction? [displayInEnglish displayNameForKey:NSLocaleIdentifier value:regionCountryCode]; "en_US" becomes "English (United States)". "English (United States)" becomes "en_US". I currently store the short region-code in a database.... but when I show some aggregate results... I need to display the longer strings to the user. Or should I just store the longer strings right in the database... and not even worry about "converting" them later? I'm trying to show a "dollars total" for each country. If you were a user... which would you more likely wish to see (for a currency-total list)? A "French" total A "France" total A "French (France)" total A "fr_Fr" total?

    Read the article

  • Force php through the .net engine in iis7

    - by Rippo
    I have converted a php to asp.net mvc and have it hosted with the Rackspace cloud. All works great apart from some php links are still linked from other sites and within search engines. My question is what do I need to add to my web.config to force php sites to go through the .net engine? These links work as expected as I can catch the 404 and redirect where need be:- http://www.securahome.net/myjunk.info http://www.securahome.net/myjunk.phpp However this one doesn't:- http://www.securahome.net/myjunk.php I have spoken to Rackspace cloud and they say "its not possible as IIS doesn't recognize php files. You can setup mime types to handle them" This however makes no sense and I think they did not understand the problem. Does anyone have a solution?

    Read the article

  • Color Code .inc in Dreamweaver CS4 Mac

    - by Nic Hubbard
    I have done this in all my previous versions, but I can't get it working in CS4. I have updated the MMDocumentTypes.xml file to add inc to the php section. Restarting Dreamweaver does not help. I even updated the Extensions.txt file, and that still does not work. Has anyone had this issue?

    Read the article

  • .htaccess Problem

    - by ocergynohtna
    I'm having trouble with redirecting urls using the .htaccess file. This is how my htaccess file looks like: Redirect 301 /file-name/example.php http://www.mysite.com/file-name/example-001.php Redirect 301 /section-name/example.php http://www.my-site.com/section-name/example-002.php RewriteEngine on RewriteCond %{HTTP_HOST} !^www.mysite.com$ [NC] RewriteRule ^(.*)$ http://www.mysite.com/$1 [L,R=301] RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^(.+)/(.*)$ hqtemplates/articles.php?file_name=$2 [L] php_value session.use_only_cookies 1 php_value session.use_trans_sid 0 Now the problem is that when I go to page: www.my-site.com/file-name/example.php instead of redirecting me to www.my-site.com/file-name/example-001.php it redirects me to www.my-site.com/file-name/example.php?file_name=example-001.php. For some reason it adds "?file_name=example-001.php" to the url. Anyone know's why this is happening and how to fix this?

    Read the article

  • Deux hackers mettent au point un robot capable de casser les codes PIN des smartphones Android en moins de 24 heures

    Deux hackers mettent au point un robot capable de casser les codes PIN des smartphones Android En moins de 24 heuresEn termes de sécurité, le mot de passe constitue la première barrière à laquelle doit souvent faire face un pirate informatique voulant s'approprier les informations confidentielles d'un utilisateur.D'après nos confrères de TheRegister, une récente étude réalisée par la firme de gestion des périphériques mobiles d'entreprise Fiberlink, révèle que 93 % des employés y ayant pris part utilisent un code PIN facilement cassable pour protéger leurs smartphones et tablettes tactiles.De plus en plus de personnes ont recours aux périphériques mobiles pour effectuer leurs travaux d'entrepris...

    Read the article

  • Android : des chercheurs transforment les accéléromètres en espions qui enregistrent des suites de chiffres comme ceux des codes PIN

    Android : des chercheurs transforment les accéléromètres en espions Capables d'enregistrer des suites de chiffres comme ceux des codes PIN Un professeur et un doctorant de l'Université de Pennsylvanie, accompagnés d'un chercheur d'IBM ont développé une preuve de faisabilité (PoC) particulièrement ingénieuse pour mettre au jour une faille de sécurité d'Android qui pourrait s'avérer particulièrement embarrassante. L'idée générale est d'utiliser l'accéléromètre et les capteurs de mouvements pour déterminer quelle touche tape l'utilisateur sur son écran. Le « truc » vient du fait qu'à chaque fois qu'une « touche » est choisie sur l'écran tactile, le smartphone bouge légèrement dans un sens ou...

    Read the article

  • netsh.exe: Error 87

    - by Ben
    I'm having some trouble creating a urlacl reservation in Windows Server 2008; probably this a rookie mistake. The command line I'm using is: netsh http add urlacl url=http://+:99898/ user=ben The error that I see is: Url reservation add failed, Error: 87 The parameter is incorrect. There is a local user account named 'ben' that has admin privileges. I've made sure to put a trailing slash after the port number in the URL. Google and MSDN documentation are letting me down now - does anyone have any clue what I'm doing incorrectly?

    Read the article

  • IIS7 - Lock Violation error, HTTP handlers, modules, and the <clear /> element

    - by Daniel Schaffer
    I have an ASP.NET site that uses its own set of HTTP handlers and does not need any modules. So, in IIS6, all I had to do was this in my web.config: <httpModules> <clear /> </httpModules> However, if I try to do the same in the system.webServer area for IIS7, I get a 500 error when I try to view the site, and in IIS manager when I try to view the handler mappings, I get a popup box with the message: There was an error while performing this operation Details: Filename: \?\C:\Sites\TheWebSiteGoesHere\web.config Line number: 39 Error: Lock violation Line 39 is where the <clear /> element is. Some googling led me to a solution involving running this command: %windir%\system32\inetsrv\appcmd.exe unlock config -section:system.webServer/modules ...but that did not solve the problem.

    Read the article

  • Troubleshooting Windows Authentication problems (no challenge) in IIS 7.5?

    - by Aaronaught
    I know that there are thousands of reports of people having trouble getting Integrated Windows Authentication to work with IIS, but they all seem to lead to web pages that don't apply or solutions that I've already tried. I've deployed dozens of sites like this before, so either there's something bizarre going on with the server/configuration, or I've been looking at this too long and not seeing the obvious. Simply put, everything works perfectly on my local machine, but falls apart on the production server, which as far as I can tell has the exact same configuration. On the local machine: The machine is running Windows 7 Ultimate, Service Pack 1, IIS 7.5. The site has been tested successfully, using both IIS and the VS Web Development Server. The IIS site config has all authentication methods disabled except Windows Authentication. The local machine is not on any domain. The Providers set up are Negotiate and NTLM (not Negotiate:Kerberos). Extended Protection is Off. All browsers tested (IE, Firefox, Chrome) show the challenge prompt and allow me to log in to the localhost domain with my (local) Windows account. All browsers tested also work using an opaque local IP address - so the browsers themselves don't seem to care whether the site appears "local" or "remote". I've added a display line to the web page which shows the currently-logged-in user and it shows exactly what I would expect (whichever local user I logged in with). On the remote machine: The server is running Windows Server 2008 R2, IIS 7.5. Loading the web page results in an immediate 401.2 error: You are not authorized to view this page due to invalid authentication headers. No challenge prompt ever appears. The IIS site config has all authentication methods disabled except Windows Authentication. The remote machine is not on any domain. The Providers set up are Negotiate and NTLM (not Negotiate:Kerberos). Extended Protection is Off. On the remote machine (remote desktop session), the same error appears in Internet Explorer regardless of whether the domain is localhost or the external IP address. If I try to view the remote web site from my local machine, the error is still 401, but a slightly different 401. No subcode, with the text: Access is denied due to invalid credentials. The Windows Authentication IIS role feature is installed. The WindowsAuthentication Module is added (at the Server level). The exact same error occurs if I turn off Windows Authentication and enable Basic Authentication. The site does load if I turn off Windows Authentication and enable Anonymous (obviously). I've already followed all of the troubleshooting steps on Microsoft Support: Troubleshooting HTTP 401 errors in IIS I've already tried the workaround shown on another Microsoft support page (supposedly to force NTLM as the only method). Last but not least, I tried turning on FREB for 401.2 errors and the results don't seem to tell me anything useful, all I see is the following warning: MODULE_SET_RESPONSE_ERROR_STATUS ModuleName IIS Web Core Notification 2 HttpStatus 401 HttpReason Unauthorized HttpSubStatus 2 ErrorCode 2147942405 ConfigExceptionInfo Notification AUTHENTICATE_REQUEST ErrorCode Access is denied. (0x80070005) ...this seems to just be telling me what I already know (that it's simply rejecting the request instead of negotiating the credentials). The trace does indicate that the WindowsAuthentication module is correctly loaded because there is a NOTIFY_MODULE_START line with ModuleName = WindowsAuthentication (and various other ASP.NET follow-up events - [un]fortunately, no interesting errors or warnings here). Can anyone tell me what I might be missing here? Quick Update: I'm a little uncomfortable sending a whole Wireshark dump as it would reveal IPs, URLs and other stuff, but I did a side-by-side comparison of the HTTP responses from localhost and the remote server in Fiddler, and it seems fairly self-evident what the problem is: Localhost: HTTP/1.1 401 Unauthorized Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.5 WWW-Authenticate: Negotiate WWW-Authenticate: NTLM X-Powered-By: ASP.NET Date: Sat, 17 Dec 2011 23:42:34 GMT Content-Length: 6399 Proxy-Support: Session-Based-Authentication Remote: HTTP/1.1 401 Unauthorized Content-Type: text/html Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET Date: Sat, 17 Dec 2011 23:43:13 GMT Content-Length: 1293 Aside from a few seemingly-inconsequential differences like cache-control, the main difference is that the remote server is not sending the WWW-Authenticate headers back to the client. So, I guess that narrows the question down to: Why is IIS not sending WWW-Authenticate headers when Windows Authentication appears to be installed, loaded, and exclusively enabled?

    Read the article

  • Problem Activating “Windows Communication Foundation Non-HTTP Activation” feature in Windows 7

    - by Escobar5
    I'm having the following problem. I'm installing SharePoint 2010 Beta so I need to activate the windows feature "Windows Communication Foundation Non-HTTP Activation". The problem is I cannot activate it, i get the message: "An error has occurred. Not all features were successfully changed" When i look at the log (C:\Windows\Logs\CBS\CBS.log) I found this error: Process output: [l:186 [186]"SMConfigInstaller[Error]: Failed in calling 'StartService' for service 'NetTcpActivator'. Error code: 0x8007042c Anyone can give me a clue of what is happening here?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 104 105 106 107 108 109 110 111 112 113 114 115  | Next Page >