Search Results

Search found 6525 results on 261 pages for 'restful authentication'.

Page 185/261 | < Previous Page | 181 182 183 184 185 186 187 188 189 190 191 192 | Next Page >

How do I use XQuartz with ssh on OS X?

- by cwd

I've downloaded the latest stable version of XQuartz on my Snow Leopard machine, and I'm trying to make an ssh connection with X forwarding but X11 keeps opening. How can I get OS X to use XQuartz? I had X11 installed I downloaded and installed XQuartz X11 is not open / running XQuartz is open and running I try and connect to a remote system using iTerm2: ssh user@remote -X X11 opens. XQuartz is still open, but I doubt it is doing anything. I also tried moving X11 to the trash but then the ssh connection will not complete, even though XQuartz is open. I also get the two warnings which I don't understand how to fix, even after reading the ssh man page. Warning: untrusted X11 forwarding setup failed: xauth key data not generated Warning: No xauth data; using fake authentication data for X11 forwarding.

Read the article
Why is it good to have website content files on a separate drive other than system (OS) drive?

- by Jeffrey

I am wondering what benefits will give me to move all website content files from the default inetpub directory (C:) to something like D:\wwwroot. By default IIS creates separate application pool for each website and I am using the built-in user and group (IURS) as the authentication method. I’ve made sure each site directory has the appropriate permission settings so I am not sure what benefits I will gain. Some of the environment settings are as below: VMWare Windows 2008 R2 64 IIS 7.5 C:\inetpub\site1 C:\inetpub\site2 Also as this article (moving the iis7 inetpub directory to a different drive) points out, not sure if it's worth the trouble to migrate files to a different drive: PLEASE BE AWARE OF THE FOLLOWING: WINDOWS SERVICING EVENTS (I.E. HOTFIXES AND SERVICE PACKS) WOULD STILL REPLACE FILES IN THE ORIGINAL DIRECTORIES. THE LIKELIHOOD THAT FILES IN THE INETPUB DIRECTORIES HAVE TO BE REPLACED BY SERVICING IS LOW BUT FOR THIS REASON DELETING THE ORIGINAL DIRECTORIES IS NOT POSSIBLE.

Read the article
Client-side certificates

- by walshms

My company purchased a wildcard certificate from a vendor. This certificate was successfully configured with Apache 2.2 to secure a subdomain. Everything on the SSL side works. Now I'm required to generate x509 client-side certificates to issue for this subdomain. I'm following along this page: (http://www.vanemery.com/Linux/Apache/apache-SSL.html), starting with "Creating Client Certificates for Authentication". I've generated the p12 files and successfully imported them into Firefox. When I browse to the site now, I get an error in FireFox that says "The connection to the server was reset while the page was loading." I think my problem is coming from not signing the client-side correctly. When I sign the client-side certificate, I'm using the PEM file (RapidSSL_CA_bundle.pem) from RapidSSL (who we bought the certificate from) for the -CA argument. For the -CAkey argument, I'm using the private key of the server. Is this correct?

Read the article
Apache mod_setenvif Server_Addr

- by user18330

I have an Apache server in a DMZ, reachaable on the LAN from 192.168.1.1, public 123.456.789.123. I'm trying to get it to require authentication if the inbound hits are coming from the public side. This doesn't seem to work: SetEnvIf SERVER_ADDR 123.456.789.123 local_nic=1 <Location /junk> Order Deny,Allow AuthName "Access required" AuthType Basic AuthUserFile /etc/httpd/conf/htpasswd Require valid-user </Location> What am I doing wrong? Sorry, HTML tags were wiping out my Apache directives.

Read the article
How secure is using "Normal password" for SMTP with connection type = STARTTLS?

- by harshath.jr

I'm using an email client for the first time - for the most part I've always used gmail via the web interface. Now I'm setting up thunderbird to connect to an email server of my own (on my own server, own domain name, etc). The server machine (and the email server on it) was preconfigured for me. Now i figured out away by which I'm able to send and receive email, but I noticed that in the outgoing and incoming servers section, the connection type was STARTTLS (and not SSL/TLS), and the Authentication Type was "Normal Password". Does this mean that the password will be sent across in plain text? I'm very paranoid about security - its the only way that it works for me. Can someone please post links that explain how SMTP (my outbound server) and IMAP (my inbound server) servers work, and what connection type means what? Thanks! PS: If this question does not belong here, please redirect me.

Read the article
OSGI, Servlets and JPA hello world / tutorial / example

- by Kamil

I want to build a web application which basically is a restful web-service serving json messages. I would like it to be as simple as possible. I was thinking about using servlets (with annotations). JPA as a database layer is a must - Toplink or Hibernate. Preferably working on Tomcat. I want to have app divided into modules serving different functionality (auth service, customer service, etc..). And I would like to be able to update those modules without reinstalling whole application on the server - like eclipse plugins, user is notified (when he enters webapp's home url) that update is available, clicks it, and app is downloading and installing updated module. I think this functionality can be made with OSGI, but I can't find any example code, or tutorial with simple hello world updatable servlet providing some data from database through jpa. I'm looking for an advice: - Is OSGI the right tool for this or it can be done with something simpler? - Where can I find some examples covering topic (or topics) which I need for this project. - Which OSGI implementation would be best-simplest for this task. *My knowledge of OSGI is basic. I know how bundles are described, I understand concept of OSGI container and what it does. I have never created any OSGI app yet.

Read the article
Multiple connections to the same Wireless Network in Windows 7

- by Jamek

Hello, my university just limited bandwidth to 512 kbps (that's 64 kB/s!) for each connection. I was thinking to make multiple connection to the same wireless network (called "internet"), is this possible under Windows 7? I know it's possible to connect to more than one WLAN through the "hostednetwork" concept in netsh: netsh wlan set hostednetwork mode=allow ssid=xxxxx netsh wlan start hostednetwork However this method doesn't seem to work, I don't know if it's due to the authentication method (through certificates while hostednetwork seems to support just a "passphrase") or because I'm already connected to that network with the same MAC. Can you think to some tool able to do this?

Read the article
Case in-sensitivity for Apache httpd Location directive

- by user57178

I am working with a solution that requires the usage of mod_proxy_balancer and an application server that both ignores case and mixes different case combinations in URLs found in generated content. The configuration works, however I have now a new requirement that causes problems. I should be able to create a location directive (as per http://httpd.apache.org/docs/current/mod/core.html#location ) and have the URL-path interpret in case insensitive mode. This requirement comes from the need to add authentication directives to the location. As you might guess, users (or the application in question) changing one letter to capital circumvents the protection instantly. The httpd runs on Unix platform so every configuration directive is apparently case sensitive by default. Should the regular expressions in the Location directive work in this case? Could someone please show me an example of such configuration that should work? In case a regular expression can not be forced to work case insensitively, what part of httpd's source code should I go around modifying?

Read the article
Multiple public keys for one user

- by Russell

This question is similar to SSH public key authentication - can one public key be used for multiple users? but it's the other way around. I'm experimenting on using ssh so any ssh server would work for your answers. Can I have multiple public keys link to the same user? What are the benefits of doing so? Also, can different home directories be set for different keys used (all of which link to the same user)? Please let me know if I'm unclear. Thanks.

Read the article
libcurl (c api) READFUNCTION for http PUT blocking forever

- by Duane

I am using libcurl for a RESTful library. I am having two problems with a PUT message, I am just trying to send a small content like "hello" via put. My READFUNCTION for PUT's blocks for a very large amount of time (minutes) when I follow the manual at curl.haxx.se and return a 0 indicating I have finished the content. (on os X) When I return something 0 this succeeds much faster (< 1 sec) When I run this on my linux machine (ubuntu 10.4) this blocking event appears to NEVER return when I return 0, if I change the behavior to return the size written libcurl appends all the data in the http body sending way more data and it fails with a "too much data" message from the server. my readfunction is below, any help would be greatly appreciated. I am using libcurl 7.20.1 typedef struct{ void *data; int body_size; int bytes_remaining; int bytes_written; } postdata; size_t readfunc(void *ptr, size_t size, size_t nmemb, void *stream) { if(stream) { postdata ud = (postdata)stream; if(ud->bytes_remaining) { if(ud->body_size > size*nmemb) { memcpy(ptr, ud->data+ud->bytes_written, size*nmemb); ud->bytes_written+=size+nmemb; ud->bytes_remaining = ud->body_size-size*nmemb; return size*nmemb; } else { memcpy(ptr, ud->data+ud->bytes_written, ud->bytes_remaining); ud->bytes_remaining=0; return 0; } }

Read the article
IIS7 folder permissions

- by Eanna

I build a basic WCF service that I now want to host in IIS7 under Windows Server 2008 R2. I added the service as an application under the default web site but whenever i try to run the application I get the following error: HTTP Error 500.19 - Internal Server Error The requested page cannot be accessed because the related configuration data for the page is invalid. Config Error - Cannot read configuration file due to insufficient permissions The only way I can get this service working is if i choose to "connect as" the server Administrator when adding the service. the "application user (pass-through authentication)" option does not seem to work. Could anyone help me out, I've just started using IIS7 and have no idea what to do... Thanks

Read the article
Truecrypt system partion partially encryted but then drive corrupted and won't boot - decrypting so I can access files to backup?

- by Dr.Seuss

So I was attempting to encrypt my (Windows 7) system drive with Truecrypt and it stopped at around 15% and said that there was a segment error and that it could not proceed until it was fixed. So, I restarted the computer and ran HDD Regenerator which subsequently fixed the bad sectors on the drive, but now my system cannot boot. So, I run a number of recovery disks to no avail (Windows repair is unable to fix) and the drive won't mount on a linux version run from a CD because the drive is encrypted. So I tried mounting the drive using Truecrypt under the Linux distribution on the disk and selected "Mount partition using system encryption without pre-boot authentication" so I can decrypt, but I get an error message about it only being possible once the entire system is encrypted. How do I get out of this mess? I need to be able to back up the data that's on that partially encrypted drive so I can reinstall my operating system.

Read the article
iPad revocable vpn access

- by carpat

I'm a programmer at my organization, but somehow got drafted into looking into some server stuff so forgive me of my ignorance: They want to give our sales people secure access to our internal sites using their iPads. This must be secure (obviously) but also revocable from the company's side (if someone quits they can no longer access our network). I see from http://support.apple.com/kb/HT1288 that the iPad supports "RSA SecurID", "CRYPTOCard", and "Kerberos" authentication methods. Will one of these do what we need? Are there any major differences between them?

Read the article
SharePoint Returning a 401.1 for a Specific User/Computer

- by Joe Gennari

We have a SharePoint Services 3.0 site set up supporting about 300 users right now. This report is isolated and has never been duplicated. We have one AD user who cannot log into the SharePoint site with his account from his machine and is subsequently returned a 401.1 error. If any other user tries to log on with their account from his machine, it works okay. If he moves to another machine and logs on, it works okay. The only solution to this point has been to install FireFox on the machine. When he authenticates with FF, everything is okay. Remedies tried so far: Cleared cookies/cache Turned off/on Integrated Windows Authentication in IE Downgraded IE 8 to IE 6 Removed site from Intranet Sites zone Renamed the machine Disjoined/Rejoined Domain

Read the article
Is visiting HTTPS websites on a public hotspot secure?

- by Calmarius

It's often said that HTTPS SSL/TLS connections are encrypted and said to be secure because the communication between the server and me is encrypted (also provides server authentication) so if someone sniffs my packets, they will need zillions of years to decrypt if using brute force in theory. Let's assume I'm on a public wifi and there is a malicious user on the same wifi who sniffs every packet. Now let's assume I'm trying to access my gmail account using this wifi. My browser does a SSL/TLS handshake with the server and gets the keys to use for encryption and decryption. If that malicious user sniffed all my incoming and outgoing packets. Can he calculate the same keys and read my encrypted traffic too or even send encrypted messages to the server in my name?

Read the article
Extend university wifi network [migrated]

- by asfasdoiuh ouhouhouh

i live in a university campus and i can get wifi signal on the outside of my window but not in the house. The solution i use at the moment is a usb wifi dongle outside connected to my laptop but the lack of an internal antenna make the connection quite unreliable at times. So i was trying to find another solution to improve the reception of my network. One idea is to setup a router on the outside (in a place with stronger signal) and redirect the connection inside the house with an ethernet cable but the problem is that our Uni Wifi is managed by a capitve portal (BlueSocket with DNS redirection to login page) and the authentication has to happen on the mac address that connect to the net (so the client appliance in this case). If I use a router with Mac-Clone capability i will be able to be redirected trough the captive portal on my laptop computer and login from there or i need to setup my router to fill in the login page by itself? There are other hardware/software solutions i can use to get what i want? Thank you all

Read the article
Using Quest AD cmdlets in an imported session

- by ASTX813

We are trying to use remote Powershell on our Exchange system: $rs = New-PSSession -ConnectionUri <uri> -ConfigurationName Microsoft.Exchange -Authentication Basic -Credential <username> -AllowRedirection Import-PSSession $rs After these commands, we can run Exchange cmdlets and all is well. However, we're unable to run any Quest Active Directory cmdlets. Yes, Quest is installed on the remote (as well as our local machines), and yes we are able to run those commands when running Powershell locally on the server. I tried -AllowClobber, but that didn't have an effect. Is there a way to get access to QAD?

Read the article
"Countersigning" a CA with openssl

- by Tom O'Connor

I'm pretty used to creating the PKI used for x509 authentication for whatever reason, SSL Client Verification being the main reason for doing it. I've just started to dabble with OpenVPN (Which I suppose is doing the same things as Apache would do with the Certificate Authority (CA) certificate) We've got a whole bunch of subdomains, and applicances which currently all present their own self-signed certificates. We're tired of having to accept exceptions in Chrome, and we think it must look pretty rough for our clients having our address bar come up red. For that, I'm comfortable to buy a SSL Wildcard CN=*.mycompany.com. That's no problem. What I don't seem to be able to find out is: Can we have our Internal CA root signed as a child of our wildcard certificate, so that installing that cert into guest devices/browsers/whatever doesn't present anything about an untrusted root? Also, on a bit of a side point, why does the addition of a wildcard double the cost of certificate purchase?

Read the article
Binding services to localhost and using SSH tunnels - can requests be forged?

- by Martin

Given a typical webserver, with Apache2, common PHP scripts and a DNS server, would it be sufficient from a security perspective to bind administration interfaces like phpmyadmin to localhost and access it via SSH tunnels? Or could somebody, who knew eg. that phpmyadmin (or any other commonly availible script) is listening at a certain port on localhost easily forge requests that would be executed if no other authentication was present? In other words: could somebody from somewhere in the internet easily forge a request, so that the webserver would accept it, thinking it originated from 127.0.0.1 if the server is listening on 127.0.0.1 only? If there were a risk, could it be somehow dealt with on a lower level than the application, eg. by using iptables? The idea being, that if someone found a weakness in a php script or apache, the network would still block this request because it did not arrive via a SSH-tunnel?

Read the article
Site Action Button Missing

- by David

I have a Moss 2007 site collection which was running smoothly. However, after moving to Forms Authentication connected to Active Directory neither my Farm Administrator account nor the 2 Site collection administrators can get past the site homepage. There is no Site Action buttons availabe. When I log into CA witht he Farm Administrator account the Site Action button exists there so I suspect its something to do with the permissions to the site application. I have tried to connect directly to the settings URL http://mysite/_layouts/settings.aspx etc but get the ususal error Error: Access Denied Current User You are currently signed in as: xxxx (Farm Administrator Account) Sign in as a different user Request access I get the same error when logging in with the site collection admin accounts. Ive also checked to make sure that the sites are not locked out.

Read the article
Different configurations for ssh client depending on ip address or hostname

- by John Smith Optional

I have this in my ~/.ssh/config directory: Host 12.34.56.78 IdentityFile ~/.ssh/my_identity_file When I ssh to 12.34.56.78, everything works fine. I'm asked for the passphrase for "my_identity_file" and I can connect to the server. However, sometimes I'd also like to ssh to another server. But whatever the server, if I do: ssh [email protected] I'm also asked for the passphrase for "my_identity_file" (even though the server has a different ip address). This is very annoying because I don't have the public key for this file set up on all my servers. I'd like to connect to this other server (an old shared hosting account) with a password, and now I cant. How do I manage to use the key authentication only with one server, and keep using password by default for servers that aren't listed in my ~/.ssh/config ? Thanks for your help.

Read the article
Windows 7, connecting to Samba shares

- by Colin Pickard

How can I connect to a Samba share with authentication using Windows 7? We have a bunch of Linux, HP-UX and AIX servers on our network with folders shared using Samba. These are not connected to our Active Directory or anything, we just type a user name and password when we connect to them. They still all work fine from Windows XP, but we've upgraded a couple of machines to Windows 7 and they can't access the shares. You get prompted for a password but it says "The specified network password is incorrect" (it's not).

Read the article
Save Usercredentials permanently without prompt when opening Document from Webdavserver

- by cpt.oneeye

i am opening a word document from a url like https://myurl.com/mydoc.doc. The Webdavserver uses Basic Authentication. At the beginning the Office 2003 is asking for the Username and Password. After i have typed them in I click the checkbox "Save Usercredentials" and the word is opened. When i open the document the next time the login prompt is appearing again (username and passwort are already set in the textfields and I only have to click "Ok"). Is it possible to avoid this one click and make office not show this prompt at all after the first login? Greetings Klaus

Read the article
Super user in LDAP?

- by John8894

I am running 10 Linux machines that is doing different types of work. The machines are configured to use LDAP authentication so when one user is configured in slapd he can login on all the machines. To make maintenance easier i want to create a root account in slapd so i can use this instead of the local root accounts when installing applications etc. but i am not sure on how to do this. Is it enough to create a user with the name root and gid/uid 0? should the local root be disabled somehow? I am fully aware that this is normally not a good idea from a security perspective, but as mentioned before this is a special case.

Read the article
Samba 4 or Active Directory

- by Jon Rhoades

Now that Samba 4 has finally been released we find ourselves in new position of having a choice of of either upgrading our Samba 3 domain to either a Samba 4 domain on Linux or a Windows AD domain on Windows 2012. Given that we are equally expert at managing Windows and Linux servers, is there any reason not to use Samba 4 over AD on Windows; specifically: Are there functional differences from a Windows/OS X client perspective? Are there issues with other services that use AD, such as storage appliances that use AD/Kerberos for authentication/authorisation. Will the Microsoft "System Centre" suite of tools and other similar products work seamlessly? How will Samba 4 handle AD's Multimaster DC model and FMSO roles. Are there any other issues to be aware of, such as vendor support?

Read the article

< Previous Page | 181 182 183 184 185 186 187 188 189 190 191 192 | Next Page >