Search Results

Search found 5866 results on 235 pages for 'authentication'.

Page 159/235 | < Previous Page | 155 156 157 158 159 160 161 162 163 164 165 166 | Next Page >

X11 for apache user

- by fuenfundachtzig

We are using inkscape to convert SVG images uploaded to our server via a web form. For this inkscape offers a batch mode via the -z option, but this batch mode has a flaw: When inkscape is run by the apache user, it breaks saying $ inkscape -z -W drawing.svg X11 connection rejected because of wrong authentication. The application 'inkscape' lost its connection to the display localhost:11.0; most likely the X server was shut down or you killed/destroyed the application. If you do the same as a normal user you also get errors: Xlib: connection to "localhost:11.0" refused by server Xlib: PuTTY X11 proxy: MIT-MAGIC-COOKIE-1 data did not match (inkscape:24050): Gdk-CRITICAL **: gdk_display_list_devices: assertion `GDK_IS_DISPLAY (display)' failed 301.27942 But at least inkscape gives the correct answer (here the number stating the width of the image). Does somebody know how to make this also work for the apache user? Does it make sense to authorize apache to use X (if so how)? In any case it doesn't feel like the right solution...

Read the article
PHP + IIS Application Pool Identity Windows\Temp permissions

- by Matt Boothman

I am currently running PHP (5.3) on IIS 7.5 on a Win2k8 R2 Web Edition Server and would like to know what, if any, problems or security vulnerabilities I may introduct into a system by assigning Read, Write, Modify & Execute permissions to either IUSR account or the IIS_USERS group for %SystemRoot%\Temp? Should I be altering permissions to that folder at all (as Windows reminds me I probably shouldn't when i attempt to change them)? Should I create a temp folder somewhere else and set permissions accordingly? The problem is when i set Anonymous Authentication (I'm guessing is a more secure option???) to use the App Pool identity, when starting sessions PHP gets stuck in a loop because it's unable to create session files in the %SystemRoot%\Temp folder due to lack of permission on the application pool user or IIS_USERS group. Another problem being ImageMagick (PHP Extension) is being denied access to %SystemRoot%\Temp to write temporary files so is throwing exceptions. I have tried searching Google however have not found anything that touches upon this subject specifically. Any help greatly appreciated.

Read the article
Connection string during installation

- by anon2009

Hi, I've been convinced to use windows setup files(msi) for the installation of my new windows forms application after I asked a question here and got some excellent answers (thank you all): http://serverfault.com/questions/97039/net-application-deployment Now i have a different question: My application will need to access a SQL Server to provide users with data, which means that the connection string must be stored in the client's app.config file. How should I handle this? During installation, the user enters the connection string to that database? How they get the connection string? In an email from the admin? What if the admin wants to use SQL authentication and need to put the user info at the connection string? So you know, the app will be sold via the internet, so I don't have any access to the admins or the network. Any suggestions? Thanks in advanced.

Read the article
How to tell httpd to preserve the proxied error message?

- by ZNK - M

I have an httpd server proxying the requests to 2 different tomcat servers. One of my server handles the authentication and returns a specific http error code 521 when the user already have a running session. My issue is httpd automatically maps this 521 error code to a 500 (internal server error) and then my client can not handle it properly. I have tried to disable ProxyErrorOverride, to remove the /error/HTTP_INTERNAL_SERVER_ERROR.html.var but it does not changes anything. How can I ask httpd to not change anything to the proxied message? <IfModule proxy_module> ProxyPass /context1 http://127.0.0.1:8001/context1 ProxyPass /context2 http://127.0.0.1:8002/context2 ProxyPreserveHost Off ProxyErrorOverride Off </IfModule> Thanks in advance httpd 2.2.22 (Win32) mod_ssl tomcat 7.25 windows 7 64-bits

Read the article
Web application design with distributed servers

- by Bonn

I want to build a web application/server with this structure: main-server sub-server transaction-server (create, update, delete) view-server (view, search) authentication-server documents-server reporting-server library-server e-learning-server The main-server acts as host server for sub-server. I can add many sub-servers and connect it to main-server (via plug-play interface maybe), then it can begin querying data from another sub-servers (which has been connected to the main-server). The sub-servers can be anywhere as long as connected to internet. The main-server can manage all sub-servers which are connected to it (query data, setting permission between sub-servers, etc). The purpose is simple, the web application will be huge as the company grows, so I want to distribute it into small connected plug-able servers. My question is, does the structure above already have a standardized method? or are there any different views? what are the technologies needed? I need a lot of researches before the execution plan begin. thanks a lot.

Read the article
connect to a headless virtualbox instance in Linux?

- by 130490868091234

I've started a headless virtualbox instance with this command: VBoxManage startvm "Ensembl67VirtualMachine" --type headless Waiting for VM "Ensembl67VirtualMachine" to power on... VM "Ensembl67VirtualMachine" has been successfully started. It is set up with Remote Desktop Server Port:5555 with Authentication Method: Null and Extended Features: Allow Multiple Connections and it's now running, but I don't know how to connect to it from the same laptop where it's running. I would like to be able to have it running on a terminal. I tried this but nothing happens: rdesktop localhost:5555 ERROR: localhost: unable to connect rdesktop 192.168.1.1:5555 Any ideas?

Read the article
IPSec on Domain Controllers and Trusted Domains

- by OneLogicalMyth

I am looking at configuring IPSec as follows: Isolation Request authentication for inbound and outbound connections Computer and user (Kerberos V5) I am looking to do a blanket deployment across all servers and domain controllers. Workstations I will leave as not set. What impact in terms of the domain controllers with the 2-way forest trust do think I would see? Should I exclude the IP addresses of the trusted domain controllers? I don't want to stop communication between the current and trusted forest, however I do want IPsec to be used within the current forest on all servers. The trusted forest is running 2008 R2 and the current forest is 2012 R2.

Read the article
My laptop was stolen. What do I need to do?

- by chris

My laptop was recently stolen. It was a corporate system running XP, which means it was part of a domain - I'm assuming that makes it impossible for someone to log into it, although I know there are ways to reset the local admin account. Is there any way to tell if someone boots it up? I was logged into gmail, using two factor authentication. I will change my password, but is there any chance of tracking any attempted accesses? Other than changing passwords on all my web accounts, is there anything else I need to do?

Read the article
Recommend an SFTP solution for Windows (Server & Client) that integrates well with Dreamweaver

- by aaandre

Could you please recommend a secure FTP solution for updating files on a remote windows server from windows workstations? We would like to replace the FTP-based workflow with a secure FTP one. Windows Server 2003 on the remotely hosted webserver, WinXP on the workstations. We manage the files via Dreamweaver's built-in FTP. My understanding is Dreamweaver supports sFTP out of the box so I guess I am looking for a good sFTP server for Windows Server 2003. Ideally, that would not require cygwin. Ideally, the solution would use authentication based on the existing windows accounts and permissions. Thank you!

Read the article
apache, shibboleth, load balancing aliase, ssl

- by Nikolaidis Fotis

Good morning folks Could you give me a bit of help with the following problem ? I have a dns load balancing mechanism and an alias (hostAlias) which may point to host01, or host02 I want to configure apache and shibboleth to work with that alias. What happens is ... User types : https://hostAlias (it points to host01) apache host01 : redirect to shibboleth shibboleth host01 : redirect to **https://hostAlias.cern.ch/Shibboleth.sso/ADFS** Now, there are two cases. Either this time hostAlias will point again to host01 , or it will point to host02. If it points to host02, host01 will not get the anwser and the authentication fails. Also, about ssl certificates, I guess that each host will need its own certificate. right ? Should I need a certificate with DNS aliases ? Thanks in advance !

Read the article
How to access remotly to a mysql server?

- by ÉricP

Hi, I'm trying to access my remote mysql server from my own computer. I uncommented: bind-address = 80.10.65.45 I added 80.10.65.45 as a server in privilege root 80.10.65.45 yes ALL PRIVILEGES yes I'm using Sequel Pro on MacosX to connect via SSH here is the debug log: debug1: Authentication succeeded (password). debug1: Local connections to LOCALHOST:58517 forwarded to remote address 127.0.0.1:3306 debug1: Local forwarding listening on ::1 port 58517. debug1: channel 0: new [port listener] debug1: Local forwarding listening on 127.0.0.1 port 58517. debug1: channel 1: new [port listener] debug1: Entering interactive session. debug1: Connection to port 58517 forwarding to 127.0.0.1 port 3306 requested. debug1: channel 2: new [direct-tcpip] channel 2: open failed: connect failed: Connection refused debug1: channel 2: free: direct-tcpip: listening port 58517 for 127.0.0.1 port 3306, connect from 127.0.0.1 port 58519, nchannels 3

Read the article
Apache https configurations

- by sissonb

I am trying to setup my domain name with a self signed cert. I created the cert and placed the server.key and server.crt files into C:/apache/config/ Then I updated my httpd.confg host to include the following, <VirtualHost 192.168.5.250:443> DocumentRoot C:/www ServerName mydomain.com:443 ServerAlias www.mydomain.com:443 SSLEngine on SSLCertificateFile C:/apache/conf/server.crt SSLCertificateKeyFile C:/apache/conf/server.key SSLVerifyClient none SSLProxyEngine off SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 CustomLog logs/ssl_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" </VirtualHost> Now when I go to https://mydomain.com I get the following error. SSL connection error Unable to make a secure connection to the server. This may be a problem with the server, or it may be requiring a client authentication certificate that you don't have. Error 107 (net::ERR_SSL_PROTOCOL_ERROR): SSL protocol error. Can anyone see what I'm doing wrong? Thanks!

Read the article
How to synchronize users, passwords, hosts, etc without NIS

- by joshxdr

I am administering a very small solaris 2.6 network with 4 boxes total. Is it possible to use scp or similar to replace NIS for synchronizing users, groups, hosts, etc? This network is only a small part of my job and I don't want to spend too much time on it, and I am worried the setup and maintenence of NIS will not pay off. I need it to behave like a proper multi-user system, when a user logs into any machine, the users, passwords, hosts, etc. are always the same. Is there an easy way to do this with scp? Right now I copy /etc/passwd from one box to another with scp, but sometimes I make mistakes or forget a step, and scp inside of shell scripts don't seem to works so well since they require password authentication. Any recommendations would be welcome.

Read the article
Web based interface for open SSL client certificates

- by Felix

Hi there! We are currently developing a apache2-based web application and want to invite some beta testers to give it a try. To be on the safe side, access should be provided by individual browser certificates (.p12) which are issued using a (fake) CA. Our users should be passing a complete register/login process and some of them will be granted administrative privileges within the application. That's why a preceding simple web-based authentication won't be sufficient. Atm, I am using a serverside shellscript to generate the certificates each time. Do you know about a small, web-based tool to simplify the process of generating / revoking those certificates? Maybe an overview of the CA's index.txt plus the option to revoke a cert and a link to download them directly?

Read the article
IIS permissions issue pointing docroot to Samba share

- by lalalalalalalambda

I have an IIS project which is stored on a Samba shared, network mounted with the following line: X: \\my-samba-server\dev /user:freddie Connectivity is fine, can read/write files from X:. In IIS, I'm trying to set it as the Physical path via \\my-samba-server\dev\folder\to\my\files, which results in the following 500.19 error: Config Error | Cannot read configuration file due to insufficient permissions It is by default trying to use the Pass-through authentication. If I try to set this to connect as the specific user freddie, I receive: The specified user does not exist What is the correct way to connect to a path which has been setup as described above? *Samba man pages indicate version 3.6 is on the Debian host

Read the article
Blocked connections passing through firewall. What is wrong?

- by Kiranu

In our company we have a small business router (Cisco RV082) on which we are using its standard configuration (block all incoming traffic). We also have an SMTP relay configured (using WS2008R2) so that our internal applications can send email through google apps (which requires authentication). The thing is that the server was being used to send spam. We fixed the problem by only allowing the server to relay email from our internal IP address range (10.0.0.0/16). My concern is that there was a way by which external IPs connected to the network and that underlying problem has not been fixed, but I cannot imagine how these machines connected. Any thoughts?

Read the article
MailServer Setting

- by Ashian

Hi I have a mail server on windows 2003 ( MailEnable) I setup mail server to authonticate users before sending mail. (This mail server requires authentication when attempting to send to a non-local e-mail address) but from yesterday , without change any setting I got many Message Delivery Delay from mail server for email address that I never try to sending email: I afraid that I someone try to sending Spam from my mail server,How can I check this possiblity ? and fix the problem. Thanks MailEnable: Message delivery has been delayed. Message is waiting at *.info for delivery to mailin-03.mx.aol.com. The message will be retried for another 29 hours. Reason: Mail Server for aol.com could not accept your email at this time. MailEnable will keep trying to deliver this message and will notify you of any progress. The remote mail server returned the error: 421-: (DNS:NR)

Read the article
IIS cannot access itself

- by dave

We are on a corporate network that uses ISA and I am having issues trying to not have requests go through ISA. I have IIS7 on my local Windows 7 machine that has websites and a service layer. The websites access the service layer using a xxxx.servicelayer.local address that is set up in my HOSTS file to point to 127.0.0.1. I have Windows Firewall client which I have disabled. I have tried both adding this address into IE so that it does not go through ISA and also disabled this section altogether. When the website (which is actually IIS making the request to itself) tries to access the service layer I receive an ISA error that proxy authentication has failed. Considering that everything I can see to configure is set to not go through the proxy, ISA, I cannot see how this is actually going through the proxy and giving this error. Is there something within Windows 7 that forces the proxy setting, some sort of caching or similar?

Read the article
How should I troubleshoot a problematic wireless connection on Linux?

- by Gearoid Murphy

I recently purchased a netgear 150 usb wireless dongle for use with my 11.10 Xubuntu amd64 system. Using the network-manager interface, I can see local wireless networks and enter the authentication details for my local wireless lan. Unfortunately, the connection does not seem to work, I keep getting notifications that my wireless has disconnected (but none indicating that I've connected). When I examine syslog, it seems to indicate that I've successfully associated with the wireless switch and that dhcp has successfully acquired an ip address but the log shows that the dhcp process keeps sending requests, eventually dropping the connection. 'ifconfig wlan0' never shows the dhcp address logged in syslog. I suspect that the problem lies with the usb dongle, my configuration or the wireless switch but I am not certain how to isolate the problem, can anyone provide some insight on how I should go about homing in on the cause of this problem or verifying the functionality of the individual components, thanks.

Read the article
Enabling SFTP Access within PLESK

- by spelley

I have a client who wants to ensure his upload is secure, so we are trying to enable SFTP for him on our Linux PLESK server. I have enabled SSH access to bin/bash for FTP accounts, and created a new user. When I attempt to SFTP using either the IP address or the domain name, this is the error FileZilla is giving me: Error: Authentication failed. Error: Critical error Error: Could not connect to server Here is some basic information regarding the server: Operating system Linux 2.6.24.5-20080421a Plesk Control Panel version psa v8.6.0_build86080930.03 os_CentOS 5 I had read in some places that I should reboot the SSH Service in Server - Services, however, there is no SSH Service within the list. I'm not really a server guy so it's quite possible I'm missing something obvious. Thanks for any help that you guys can provide!

Read the article
How does AuthzSVNAccessFile work?

- by grigy

I have set up an SVN repo with WebDAV access. For some reason it does not let checkout. Here is my httpd.conf part: <Location /svn> DAV svn SVNParentPath /home/svn/repositories AuthzSVNAccessFile /home/svn/dav_svn.authz Satisfy Any Require valid-user AuthType Basic AuthName "Subversion Repository" AuthUserFile /home/svn/dav_svn.passwd </Location> I have two repositories named "first" and "second" and the content of dav_svn.authz is: [first:/] doe = rw * = r [second:/] doe = rw grig = rw * = r When I'm trying to checkout the second with user doe, I get this in error_log: user doe: authentication failure for "/svn/second": Password Mismatch In order to understand what can be the problem I would like to better understand how the AuthzSVNAccessFile is supposed to work.

Read the article
concrete uses of LDAP?

- by ajsie

im new to LDAP. i wonder what are some concrete examples of using LDAP. things that are MUCH more easier to do when you got 3-7 linux computers in a small company network. one use that is very important for me seems to be that you configure LDAP to handle system authentication. then you dont have to create same accounts in all computers. are there other things that are a MUST DO for a small network to save more time? my small network is for apache servers and database servers. and should LDAP be in an own machine? cause i guess its not good to put it in apache or database servers since these are performance dependent.

Read the article
Sending emails with remote mail server in ASP.NET blocked by Windows firewall?

- by Dave

I want to migrate a web application from a Windows Server 2003 to a Windows Server 2008 R2. All works fine except sending emails from the application. If I configure the application to use the smtp server on "localhost" it works, but changing it to the "real" host name (e.g. mail.example.org) no mail is sent. The error message says, that the remote server needs a secure connection or smtp authentication. But since it works when using "localhost" instead of the host name I doubt that this is the problem. Also it's unlikely a problem with the mail server, I also tried it with another one. So for me it seems like the firewall is blocking the outgoing connection to the mail server. I tried to open port 25, but it still did not work. Maybe I just did it the wrong way.

Read the article
Why would a FaceBook application "work" on a profile, but not a page?

- by edt

I made a FaceBook application that works fine on profiles, but I can't figure out how to get it to show on a FaceBook page. For example, after I visit the application canvas URL, allow the application, then edit application settings and "add" to box and tab view... I cannot click the "plus" symbol to the left of the tabs in order to add a tab for the application. It does not appear in the list of available applications. Meanwhile, the application is working/showing up on profiles with no issues. I DID check the "Installable to Pages" checkbox on the application (authentication tab) settings. What could cause this? Here is the application canvas URL: http://apps.facebook.com/russian_girls/

Read the article
Can you specify git-shell in .ssh/authorized_keys to restrict access to only git commands via ssh?

- by Matt Connolly

I'd like to be able to use a ssh key for authentication, but still restrict the commands that can be executed over the ssh tunnel. With Subversion, I've achieved this by using a .ssh/authorized_keys file like: command="/usr/local/bin/svnserve -t --tunnel-user matt -r /path/to/repository",no-port-forwarding,no-agent-forwarding,no-X11-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAABIetc... I've tried this with "/usr/bin/git-shell" in the command, but I just get the funky old fatal: What do you think I am? A shell? error message.

Read the article

< Previous Page | 155 156 157 158 159 160 161 162 163 164 165 166 | Next Page >