Search Results

Search found 9318 results on 373 pages for 'django authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 212/373 | < Previous Page | 208 209 210 211 212 213 214 215 216 217 218 219  | Next Page >

  • ejabberd won't look at my host_config option

    - by John
    I'm new with ejabberd. What I want is to have a host myhost.domain.com which has an ldap authentication method. This all works fine if i modify the global options in AUTHENTICATION section in my ejabberd.cfg file. I am able to create two clients( defined in my LDAP directory ), and comunicate between them. Like i said, this works fine. But by aplying this authentication method globaly, it means that every hostname that i declare must use that. So i'm looking at {host_config, "myhost.domain.com" ...} But somehow i can't get ejabberd to look at that configuration, it just skips it. If i declare it like: {xhost_config, ...}, than in my ejabberd.log file i get a bad return error( so it knows that the configuration is there, but it won't look at it). Any suggestions? Thanks.

    Read the article

  • Access Control Service v2: Registering Web Identities in your Applications [concepts]

    - by Your DisplayName here!
    ACS v2 support two fundamental types of client identities– I like to call them “enterprise identities” (WS-*) and “web identities” (Google, LiveID, OpenId in general…). I also see two different “mind sets” when it comes to application design using the above identity types: Enterprise identities – often the fact that a client can present a token from a trusted identity provider means he is a legitimate user of the application. Trust relationships and authorization details have been negotiated out of band (often on paper). Web identities – the fact that a user can authenticate with Google et al does not necessarily mean he is a legitimate (or registered) user of an application. Typically additional steps are necessary (like filling out a form, email confirmation etc). Sometimes also a mixture of both approaches exist, for the sake of this post, I will focus on the web identity case. I got a number of questions how to implement the web identity scenario and after some conversations it turns out it is the old authentication vs. authorization problem that gets in the way. Many people use the IsAuthenticated property on IIdentity to make security decisions in their applications (or deny user=”?” in ASP.NET terms). That’s a very natural thing to do, because authentication was done inside the application and we knew exactly when the IsAuthenticated condition is true. Been there, done that. Guilty ;) The fundamental difference between these “old style” apps and federation is, that authentication is not done by the application anymore. It is done by a third party service, and in the case of web identity providers, in services that are not under our control (nor do we have a formal business relationship with these providers). Now the issue is, when you switch to ACS, and someone with a Google account authenticates, indeed IsAuthenticated is true – because that’s what he is! This does not mean, that he is also authorized to use the application. It just proves he was able to authenticate with Google. Now this obviously leads to confusion. How can we solve that? Easy answer: We have to deal with authentication and authorization separately. Job done ;) For many application types I see this general approach: Application uses ACS for authentication (maybe both enterprise and web identities, we focus on web identities but you could easily have a dual approach here) Application offers to authenticate (or sign in) via web identity accounts like LiveID, Google, Facebook etc. Application also maintains a database of its “own” users. Typically you want to store additional information about the user In such an application type it is important to have a unique identifier for your users (think the primary key of your user database). What would that be? Most web identity provider (and all the standard ACS v2 supported ones) emit a NameIdentifier claim. This is a stable ID for the client (scoped to the relying party – more on that later). Furthermore ACS emits a claims identifying the identity provider (like the original issuer concept in WIF). When you combine these two values together, you can be sure to have a unique identifier for the user, e.g.: Facebook-134952459903700\799880347 You can now check on incoming calls, if the user is already registered and if yes, swap the ACS claims with claims coming from your user database. One claims would maybe be a role like “Registered User” which can then be easily used to do authorization checks in the application. The WIF claims authentication manager is a perfect place to do the claims transformation. If the user is not registered, show a register form. Maybe you can use some claims from the identity provider to pre-fill form fields. (see here where I show how to use the Facebook API to fetch additional user properties). After successful registration (which may include other mechanisms like a confirmation email), flip the bit in your database to make the web identity a registered user. This is all very theoretical. In the next post I will show some code and provide a download link for the complete sample. More on NameIdentifier Identity providers “guarantee” that the name identifier for a given user in your application will always be the same. But different applications (in the case of ACS – different ACS namespaces) will see different name identifiers. This is by design to protect the privacy of users because identical name identifiers could be used to create “profiles” of some sort for that user. In technical terms they create the name identifier approximately like this: name identifier = Hash((Provider Internal User ID) + (Relying Party Address)) Why is this important to know? Well – when you change the name of your ACS namespace, the name identifiers will change as well and you will will lose your “connection” to your existing users. Oh an btw – never use any other claims (like email address or name) to form a unique ID – these can often be changed by users.

    Read the article

  • Product Support Webcast for Existing Customers: Security Scenarios with Oracle WebCenter Content

    - by John Klinke
    Learn how user authentication and authorization is now implemented in Oracle WebCenter Content by attending this 1-hour Advisor Webcast "Security Scenarios with WebCenter Content" on September 27, 2012 at 11:00am Eastern (16:00 UK / 17:00 CET / 8:00am Pacific / 9:00am Mountain) This 1-hour session is recommended for technical and functional users of Oracle WebCenter Content. In this session, we will explain how user authentication and authorization is implemented in WebCenter Content 11g as well as ways that single sign-on (SSO) can be used. Topics will include: - How authentication and authorization was handled in previous WebCenter Content Server versions - The WebLogic Server mechanisms now used to provide user access and content security - Dealing with external and internal users - Overview of the WebLogic Server LDAP provider configuration - How to differentiate Roles and Accounts - WebCenter Content credential mapping - Single Sign-on (SSO) - SAML and Kerberos Register now at http://bit.ly/PH7zDj

    Read the article

  • Apache2, making my site publicly available

    - by Shackler
    Hello, I want to make my apache 2 development server public to the internet, it is a Django based website. Here is my apache2 config: <VirtualHost *:80> Alias /media /home/user/myproject/statics Alias /admin_media /home/myuser/django/Django-1.1.1/django/contrib/admin/media WSGIScriptAlias / /home/myuser/myproject/myproject_wsgi.py WSGIDaemonProcess myproject user=myuser group=myuser threads=25 WSGIProcessGroup myproject </VirtualHost> When I do netstat -lntup I get: Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN - tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN - tcp6 0 0 :::80 :::* LISTEN - tcp6 0 0 :::22 :::* LISTEN - tcp6 0 0 ::1:631 :::* LISTEN - udp 0 0 0.0.0.0:5353 0.0.0.0:* - udp 0 0 0.0.0.0:38582 0.0.0.0:* I connect with ADSL thus I am behind a router. For this I have made my computer DMZ enabled to my machine. What can be the problem? When I try to login with my ip, I get my routers config page, when a friend tries to connect to me from internet, he gets "not authorized".

    Read the article

  • Apache virtualhost - only apply script if file does not exist in document root

    - by Brett Thomas
    Sorry for the newbie apache question. I'm wondering if it's possible to set up the following non-conventional apache virtualhost (for a Django app): -- If a file exists in the DocumentRoot (/var/www) it will be shown. So if /var/www/foo.html exists, then it can be seen at www.example.com/foo.html. -- If file does not exist, it is served via a virtualhost. I'm using mod_wsgi with a WSGIScriptAlias directive that points to a Django app. So if there is no /var/www/bar.html, www.example.com/bar.html will be passed to the Django app, which may or may not be a 404 error. One option is to create an Alias for each individual file/directory, but people want to be able to post a file without adding an alias, and we want to keep the above URL structure for legacy reasons. Simplified Virtualhost is: <VirtualHost *:80> ServerName www.example.com DocumentRoot /var/www WSGIScriptAlias / /path/to/django.wsgi <Directory /path/to/app> Order allow,deny Allow from all </Directory> Alias /hi.html /var/www/hi.html </VirtualHost> The goal is to have www.example.com/hi.html work as above, without the Alias line

    Read the article

  • Why is lighttpd and fastcgi keeping sending me the *.scgi file instead of the website content?

    - by e-satis
    I have the following config: server.modules = ( "mod_compress", "mod_access", "mod_alias", "mod_rewrite", "mod_redirect", "mod_secdownload", "mod_h264_streaming", "mod_flv_streaming", "mod_accesslog", "mod_auth", "mod_status", "mod_expire", "mod_fastcgi" ) [...] fastcgi.server = ( ".php" => (( "bin-path" => "/usr/bin/php-cgi", "socket" => "/var/tmp/lighttpd/php-fastcgi.socket" + var.PID, "max-procs" => 1, "kill-signal" => 9, "idle-timeout" => 10, "bin-environment" => ( "PHP_FCGI_CHILDREN" => "200", "PHP_FCGI_MAX_REQUESTS" => "1000" ), "/pyapps/essai/blondes.fcgi" => ( "main" => ( "socket" => "/var/tmp/lighttpd/django-fastcgi.socket", ), ), "bin-copy-environment" => ( "PATH", "SHELL", "USER" ), "broken-scriptfilename" => "enable" ))) [...] $HTTP["host"] =~ "(^|www\.)cam\.com(\:[0-9]*)?$" { server.document-root = "/home/cam/web/" accesslog.filename = "/home/cam/log/access.log" server.errorlog = "/home/cam/log/error.log" server.follow-symlink = "enable" # files to check for if .../ is requested server.indexfiles = ( "index.php", "index.html", "index.htm", "index.rb") url.rewrite = ( "^(/blondes/.*)$" => "/pyapps/essai/blondes.fcgi$1" ) } I have the following dir tree: /home/tv/web/ `-- pyapps `-- essai `-- __init__.py `-- blondes.fcgi `-- blondes.pid `-- django-fcgi.py `-- manage.py `-- manage.pyo `-- plop `-- settings.py `-- urls.py No error when restarting lighthttpd. The I run: ./manage.py runfcgi method=prefork socket=/var/tmp/lighttpd/django-fastcgi.socket daemonize=false pidfile=blondes.pid No errors neither. I then go to http://cam.com/blondes/. I offers me to download an empty file. I checked permissions but everything is set to the same user and group, and they work for the PHP site. The file /var/tmp/lighttpd/django-fastcgi.socket exists. When I reload the page, I got no output in error logs, nor in the manage.py runfcgi command. I probably missed something obvious, but what ?

    Read the article

  • Apache runs in console but not as a service?

    - by danspants
    I have an apache 2.2 server running Django. We have a network drive T: which we need constant access to within our Django app. When running Apache as a service, we cannot access this drive, as far as any django code is concerned the drive does not exist. If I add... <Directory "t:/"> Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory> to the httpd.conf file the service no longer runs, but I can start apache as a console and it works fine, Django can find the network drive and all is well. Why is there a difference between the console and the service? Should there be a difference? I have the service using my own log on so in theory it should have the same access as I do. I'm keen to keep it running as a service as it's far less obtrusive when I'm working on the server (unless there's a way to hide the console?). Any help would be most appreciated.

    Read the article

  • Building Extensions Using E-Business Suite SDK for Java

    - by Sara Woodhull
    We’ve just released Version 2.0.1 of Oracle E-Business Suite SDK for Java.  This new version has several great enhancements added after I wrote about the first version of the SDK in 2010.  In addition to the AppsDataSource and Java Authentication and Authorization Service (JAAS) features that are in the first version, the Oracle E-Business Suite SDK for Java now provides: Session management APIs, so you can share session information with Oracle E-Business Suite Setup script for UNIX/Linux for AppsDataSource and JAAS on Oracle WebLogic Server APIs for Message Dictionary, User Profiles, and NLS Javadoc for the APIs (included with the patch) Enhanced documentation included with Note 974949.1 These features can be used with either Release 11i or Release 12.  References AppsDataSource, Java Authentication and Authorization Service, and Utilities for Oracle E-Business Suite (Note 974949.1) FAQ for Integration of Oracle E-Business Suite and Oracle Application Development Framework (ADF) Applications (Doc ID 1296491.1) What's new in those references? Note 974949.1 is the place to look for the latest information as we come out with new versions of the SDK.  The patch number changes for each release.  Version 2.0.1 is contained in Patch 13882058, which is for both Release 11i and Release 12.  Note 974949.1 includes the following topics: Applying the latest patch Using Oracle E-Business Suite Data Sources Oracle E-Business Suite Implementation of Java Authentication and Authorization Service (JAAS) Utilities Error loggingSession management  Message Dictionary User profiles Navigation to External Applications Java EE Session Management Tutorial For those of you using the SDK with Oracle ADF, besides some Oracle ADF-specific documentation in Note 974949.1, we also updated the ADF Integration FAQ as well. EBS SDK for Java Use Cases The uses of the Oracle E-Business Suite SDK for Java fall into two general scenarios for integrating external applications with Oracle E-Business Suite: Application sharing a session with Oracle E-Business Suite Independent application (not shared session) With an independent application, the external application accesses Oracle E-Business  Suite data and server-side APIs, but it has a completely separate user interface. The external application may also launch pages from the Oracle E-Business Suite home page, but after the initial launch there is no further communication with the Oracle E-Business Suite user interface. Shared session integration means that the external application uses an Oracle E-Business Suite session (ICX session), shares session context information with Oracle E-Business Suite, and accesses Oracle E-Business Suite data. The external application may also launch pages from the Oracle E-Business Suite home page, or regions or pages from the external application may be embedded as regions within Oracle Application Framework pages. Both shared session applications and independent applications use the AppsDataSource feature of the Oracle E-Business Suite SDK for Java. Independent applications may also use the Java Authentication and Authorization (JAAS) and logging features of the SDK. Applications that are sharing the Oracle E-Business Suite session use the session management feature (instead of the JAAS feature), and they may also use the logging, profiles, and Message Dictionary features of the SDK.  The session management APIs allow you to create, retrieve, validate and cancel an Oracle E-Business Suite session (ICX session) from your external application.  Session information and context can travel back and forth between Oracle E-Business Suite and your application, allowing you to share session context information across applications. Note: Generally you would use the Java Authentication and Authorization (JAAS) feature of the SDK or the session management feature, but not both together. Send us your feedback Since the Oracle E-Business Suite SDK for Java is still pretty new, we’d like to know about who is using it and what you are trying to do with it.  We’d like to get this type of information: customer name and brief use case configuration and technologies (Oracle WebLogic Server or OC4J, plain Java, ADF, SOA Suite, and so on) project status (proof of concept, development, production) any other feedback you have about the SDK You can send me your feedback directly at Sara dot Woodhull at Oracle dot com, or you can leave it in the comments below.  Please keep in mind that we cannot answer support questions, so if you are having specific issues, please log a service request with Oracle Support. Happy coding! Related Articles New Whitepaper: Extending E-Business Suite 12.1.3 using Oracle Application Express To Customize or Not to Customize? New Whitepaper: Upgrading your Customizations to Oracle E-Business Suite Release 12 ATG Live Webcast: Upgrading your EBS 11i Customizations to Release 12

    Read the article

  • Unable to Sign in to the Microsoft Online Services Signin application from Windows 7 client located behind ISA firewall

    - by Ravindra Pamidi
    A while ago i helped a customer troubleshoot authentication problem with Microsoft Online Services Signin application.  This customer was evaluating Microsoft BPOS (Business Productivity Online Services) and was having trouble using the single sign on application behind ISA 2004 firewall.The network structure is fairly simple with single Windows 2003 Active Directory domain and Windows 7 clients. On a successful logon to the Microsoft Online Services Signin application, this application provides single signon functionality to all of Microsoft online services in the BPOS package. Symptoms:When trying to signin it fails with error "The service is currently unavailable. Please try again later. If problems continue, contact your service administrator". If ISA 2004 firewall is removed from the picture the authentication succeeds.Troubleshooting: Enabled ISA Server firewall logging along with Microsoft Network Monitor tool on the Windows 7 Client while reproducing the issue. Analysis of the ISA Server Firewall logs and Microsoft Network capture revealed that the Microsoft Online Services Sign In application when sending request to ISA Server does not send the domain credentials and as a result ISA Server responds with an error code of HTTP 407 Proxy authentication required listing out the supported authentication mechanisms.  The application in question is expected to send the credentials of the domain user in response to this request. However in this case, it fails to send the logged on user's domain credentials. Bit of researching on the Internet revealed that The "Microsoft Online Services Sign In" application by default does not support Outbound Internet Proxy authentication. In order for it to send the logged on user's domain credentials we had to make  changes to its configuration file "SignIn.exe.config" located under "Program Files\Microsoft Online Services\Sign In" folder. Step by Step details to configure the configuration file are documented on Microsoft TechNet website given below.  Configure your outbound authenticating proxy serverhttp://www.microsoft.com/online/help/en-us/helphowto/cc54100d-d149-45a9-8e96-f248ecb1b596.htm After the above problem was addressed we were still not able to use the "Microsoft Online Services Sign In" application and it failed with the same error.  Analysis of another network capture revealed that the application in question is now sending the required credentials and the connection seems to terminate at a later stage. Enabled verbose logging for the "Microsoft Online Services Sign In" application and then reproduced the problem. Analysis of the logs revealed a time difference between the local client and Microsoft Online services server of around seven minutes which is above the acceptable time skew of five minutes. Excerpt from Microsoft Online Services Sign In application verbose log:  1/26/2012 1:57:51 PM Verbose SingleSignOn.GetSSOGenericInterface SSO Interface URL: https://signinservice.apac.microsoftonline.com/ssoservice/UID1/26/2012 1:57:52 PM Exception SSOSignIn.SignIn The security timestamp is invalid because its creation time ('2012-01-26T08:34:52.767Z') is in the future. Current time is '2012-01-26T08:27:52.987Z' and allowed clock skew is '00:05:00'.1/26/2012 1:57:52 PM Exception SSOSignIn.SignIn  Although the Windows 7 Clients successfully synchronized time to the domain controller for the domain, the domain controller was not configured to synchronize time with external NTP servers. This caused a gradual drift in time on the network thus resulting in the above issue. Reconfigured the domain controller holding the PDC FSMO role to synchronize time with external time source ( time.nist.gov ) and edited the system policy on the ISA server firewall to allow NTP traffic to time.nist.gov Configure the time source for the forest:Windows Time Servicehttp://technet.microsoft.com/en-us/library/cc794937(WS.10).aspx Forced synchronization of Windows time using the command w32tm /resync on the domain controller and later on the clients each of which had corrected the seven minutes difference. This resolved the problem with logon to Microsoft Online Services Sign In.

    Read the article

  • Process for Securing Web Sites and Applications

    - by Aamir Hasan
    The following quick-start guide provides a detailed overview of how to configure security for IIS 6.0. Reduce the Attack Surface of the Web Server 1.       Enable only essential Windows Server 2003 components and services. 2.       Enable only essential IIS 6.0 components and services. 3.       Enable only essential Web service extensions. 4.       Enable only essential Multipurpose Internet Mail Extensions (MIME) types. 5.       Configure Windows Server 2003 security settings. Prevent Unauthorized Access to Web Sites and Applications 1.       Store content on a dedicated disk volume. 2.       Set IIS Web site permissions. 3.       Set IP address and domain name restrictions. 4.       Set the NTFS file system permissions. Isolate Web Sites and Applications 1.       Evaluate the effects of impersonation on application compatibility: 2·         Identify the impersonation behavior for ASP applications. 3·         Select the impersonation behavior for ASP.NET applications. 4.       Configure Web sites and applications for isolation. Configure User Authentication 1.       Configure Web site authentication. 2·         Select the Web site authentication method. 3·         Configure the Web site authentication method. 4.       Configure File Transfer Protocol (FTP) site authentication. Encrypt Confidential Data Exchanged with Clients 1.       Use Secure Sockets Layer (SSL) to encrypt confidential data. 2.       Use Internet Protocol security (IPSec) or virtual private network (VPN) with remote administration. Maintain Web Site and Application Security 1.       Obtain and apply current security patches. 2.       Enable Windows Server 2003 security logs. 3.       Enable file access auditing for Web site content. 4.       Configure IIS logs. 5.       Review security policies, processes, and procedures.  Note:To secure the Web sites and applications in a Web farm, use the process described in this chapter to configure security for each server in the Web farm. Link:http://www.studentacad.com/post/2010/04/28/Process-for-Securing-Web-Sites-and-Applications.aspx

    Read the article

  • Web Application Problems (web.config errors) HTTP 500.19 with IIS7.5 and ASP.NET v2

    - by Django Reinhardt
    This is driving the whole team crazy. There must be some simple mis-configured part of IIS or our Web Server, but every time we try to run out ASP.NET Web Application on IIS 7.5 we get the following error... Here's the error in full: HTTP Error 500.19 - Internal Server Error The requested page cannot be accessed because the related configuration data for the page is invalid. `Detailed Error Information` Module IIS Web Core Notification Unknown Handler Not yet determined Error Code 0x8007000d Config Error Config File \\?\E:\wwwroot\web.config Requested URL http://localhost:80/Default.aspx Physical Path Logon Method Not yet determined Logon User Not yet determined Config Source -1: 0: The machine is running Windows Server 2008 R2. We're developing our Web Application using Visual Studio 2008. According to Microsoft the code 8007000d means there's a syntax error in our web.config -- except the project builds and runs fine locally. Looking at the web.config in XML Notepad doesn't bring up any syntax errors, either. I'm assuming it must be some sort of poor configuration on my part...? Does anyone know where I might find further information about the error? Nothing is showing in EventViewer, either :( Not sure what else would be helpful to mention... Assistance is greatly appreciated. Thanks! UPDATES! - POSTED WEB.CONFIG BELOW Ok, since I posted the original question above, I've tracked down the precise lines in the web.config that were causing the error. Here are the lines (they appear between <System.webServer> tags)... <httpHandlers> <remove verb="*" path="*.asmx"/> <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=1.0.61025.0, Culture=neutral, PublicKeyToken=f2cb5667dc123a56"/> </httpHandlers> Note: If I delete the lines between the <httpHandlers> I STILL get the error. I literally have to delete <httpHandlers> (and the lines inbetween) to stop getting the above error. Once I've done this I get a new 500.19 error, however. Thankfully, this time IIS actually tells me which bit of the web.config is causing a problem... <handlers> <remove name="WebServiceHandlerFactory-Integrated"/> <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory,System.Web.Extensions, Version=1.0.61025.0, Culture=neutral, PublicKeyToken=f2cb5667dc123a56"/> <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=1.0.61025.0, Culture=neutral, PublicKeyToken=f2cb5667dc123a56"/> <add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=1.0.61025.0, Culture=neutral, PublicKeyToken=f2cb5667dc123a56"/> </handlers> Looking at these lines it's clear the problem has migrated further within the same <system.webServer> tag to the <handlers> tag. The new error is also more explicit and specifically complains that it doesn't recognize the attribute "validate" (as seen on the third line above). Removing this attribute then makes it complain that the same line doesn't have the required "name" attribute. Adding this attribute then brings up ASP.NET error... Could not load file or assembly 'System.web.Extensions, Version=1.0.61025.0, Culture=neutral, PublicKeyToken=f2cb5667dc123a56' or one of its dependencies. The system cannot find the file specified. Obviously I think these new errors have just arisen from me deleting the <httpHandlers> tags in the first place -- they're obviously needed by the application -- so the question remains: Why would these tags kick up an error in IIS in the first place??? Do I need to install something to IIS to make it work with them? Thanks again for any help. WEB.CONFIG Here's the troublesome bits of our web.Config... I hope this helps someone find our problem! <system.Web> <!-- stuff cut out --> <httpHandlers> <remove verb="*" path="*.asmx"/> <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=1.0.61025.0, Culture=neutral, PublicKeyToken=f2cb5667dc123a56"/> <add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=1.0.61025.0, Culture=neutral, PublicKeyToken=f2cb5667dc123a56"/> <add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=1.0.61025.0, Culture=neutral, PublicKeyToken=f2cb5667dc123a56" validate="false"/> </httpHandlers> <httpModules> <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=1.0.61025.0, Culture=neutral, PublicKeyToken=f2cb5667dc123a56"/> </httpModules> </system.web> <system.webServer> <validation validateIntegratedModeConfiguration="false"/> <modules> <add name="ScriptModule" preCondition="integratedMode" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=1.0.61025.0, Culture=neutral, PublicKeyToken=f2cb5667dc123a56"/> </modules> <remove verb="*" path="*.asmx"/> <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=1.0.61025.0, Culture=neutral, PublicKeyToken=f2cb5667dc123a56"/> <handlers> <remove name="WebServiceHandlerFactory-Integrated"/> <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory,System.Web.Extensions, Version=1.0.61025.0, Culture=neutral, PublicKeyToken=f2cb5667dc123a56"/> <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=1.0.61025.0, Culture=neutral, PublicKeyToken=f2cb5667dc123a56"/> <add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=1.0.61025.0, Culture=neutral, PublicKeyToken=f2cb5667dc123a56"/> </handlers> </system.webServer>

    Read the article

  • Does GoDaddy supports RESTful services via WCF

    - by Amir Naor
    After deploying a WCF RESTful service that i created using the REST started kit, i got several errors that i managed to solve following this post: http://www.edoverip.com/edoverip/index.php/2009/01/30/running-wcf-on-godaddy Now i'm stuck with this error: IIS specified authentication schemes 'Basic, Anonymous', but the binding only supports specification of exactly one authentication scheme. Valid authentication schemes are Digest, Negotiate, NTLM, Basic, or Anonymous. Change the IIS settings so that only a single authentication scheme is used I saw that others got to this point without a solution. GoDaddy support dont know nothing. Is it possible at all? Are there any web hosting services that you know that support that?

    Read the article

  • ActionMailer and Exchange

    - by Jason Nerer
    Hello Community, I successfully send Mails via SMTP using my Rails App and my Postfix Server. Now I need to move to an Exchange: Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959 that has POP3 and SMTP support enabled. I use actionmailer 1.2.5 and am not able to successfully login to the server while trying to send a mail. In case I use Mail.app sending and recieving works fine as long as I change the authentication schema to "Password". Checking the server looks like so: READ Nov 18 10:37:00.509 [kCFStreamSocketSecurityLevelNone] -- host:mail.my-mail-server-domain.com -- port:25 -- socket:0x11895cf20 -- thread:0x11b036a10 250-mail.my-mail-server-domain.com Hello [xxx.xxx.xxx.xxx] 250-TURN 250-SIZE 250-ETRN 250-PIPELINING 250-DSN 250-ENHANCEDSTATUSCODES 250-8bitmime 250-BINARYMIME 250-CHUNKING 250-VRFY 250-X-EXPS GSSAPI NTLM LOGIN 250-X-EXPS=LOGIN 250-AUTH GSSAPI NTLM LOGIN 250-AUTH=LOGIN 250-X-LINK2STATE 250-XEXCH50 250 OK WROTE Nov 18 10:37:00.852 [kCFStreamSocketSecurityLevelNone] -- host:mail.my-mail-server-domain.com -- port:25 -- socket:0x11895cf20 -- thread:0x11b036a10 AUTH LOGIN READ Nov 18 10:37:01.848 [kCFStreamSocketSecurityLevelNone] -- host:mail.my-mail-server-domain.com -- port:25 -- socket:0x11895cf20 -- thread:0x11b036a10 235 2.7.0 Authentication successful. So authentication method :login seems to be properly supported. Now when it comes to my configuration for actionmailer it looks like so: ActionMailer::Base.server_settings = { :address => "mail.my-mail-server-domain.com", :port => 25, :domain => "my-mail-server-domain.com", :authentication => :login, :user_name => "myusername", :password => "mypassword" } And I get authentication errors over and over. I also tried to change :user_name => "my-mail-server-domain.com\myusername" :user_name => "my-mail-server-domain.com\\myusername" :user_name => "myusername/my-mail-server-domain.com" :user_name => "[email protected]" but nothing works. Can anyone help me? Regards. Jason

    Read the article

  • Rack rSpec Controller Tests with Rack Middleware issue

    - by Roman Gonzalez
    Howdy, I'm having big trouble testing with rSpec's controller API. Right now I'm using a middleware authentication solution (Warden), and when I run the specs, the proxy added by the middleware is not there, and all the authentication tests are throwing NilPointerExceptions all over the place. It seems rSpec is not adding the middleware to the final app on purpose, and I would like to know if there is a way to monkey patch rSpec in order to make that go. I already tested the whole thing with cucumber, however this is a refactoring of an old authentication version and there is several Controller tests that depend on authentication logic in order to work. Thanks in advance.

    Read the article

  • OpenVPN on Ubuntu 11.10 - unable to redirect default gateway

    - by Vladimir Kadalashvili
    I'm trying to connect to connect to OpenVPN server from my Ubuntu 11.10 machine. I use the following command to do it (under root user): openvpn --config /home/vladimir/client.ovpn Everything seems to be OK, it connects normally without any warnings and errors, but when I try to browse the internet I see that I still use my own IP address, so VPN connection doesn't work. When I run openvpn command, it displays the following message among others: NOTE: unable to redirect default gateway -- Cannot read current default gateway from system I think it's the cause of this problem, but unfortunately I don't know how to fix it. Below is full output of openvpn command: Sat Jun 9 23:51:36 2012 OpenVPN 2.2.0 x86_64-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Jul 4 2011 Sat Jun 9 23:51:36 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Sat Jun 9 23:51:36 2012 Control Channel Authentication: tls-auth using INLINE static key file Sat Jun 9 23:51:36 2012 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Sat Jun 9 23:51:36 2012 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Sat Jun 9 23:51:36 2012 LZO compression initialized Sat Jun 9 23:51:36 2012 Control Channel MTU parms [ L:1542 D:166 EF:66 EB:0 ET:0 EL:0 ] Sat Jun 9 23:51:36 2012 Socket Buffers: R=[126976->200000] S=[126976->200000] Sat Jun 9 23:51:36 2012 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ] Sat Jun 9 23:51:36 2012 Local Options hash (VER=V4): '504e774e' Sat Jun 9 23:51:36 2012 Expected Remote Options hash (VER=V4): '14168603' Sat Jun 9 23:51:36 2012 UDPv4 link local: [undef] Sat Jun 9 23:51:36 2012 UDPv4 link remote: [AF_INET]94.229.78.130:1194 Sat Jun 9 23:51:37 2012 TLS: Initial packet from [AF_INET]94.229.78.130:1194, sid=13fd921b b42072ab Sat Jun 9 23:51:37 2012 VERIFY OK: depth=1, /CN=OpenVPN_CA Sat Jun 9 23:51:37 2012 VERIFY OK: nsCertType=SERVER Sat Jun 9 23:51:37 2012 VERIFY OK: depth=0, /CN=OpenVPN_Server Sat Jun 9 23:51:38 2012 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Sat Jun 9 23:51:38 2012 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Sat Jun 9 23:51:38 2012 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Sat Jun 9 23:51:38 2012 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Sat Jun 9 23:51:38 2012 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Sat Jun 9 23:51:38 2012 [OpenVPN_Server] Peer Connection Initiated with [AF_INET]94.229.78.130:1194 Sat Jun 9 23:51:40 2012 SENT CONTROL [OpenVPN_Server]: 'PUSH_REQUEST' (status=1) Sat Jun 9 23:51:40 2012 PUSH: Received control message: 'PUSH_REPLY,explicit-exit-notify,topology subnet,route-delay 5 30,dhcp-pre-release,dhcp-renew,dhcp-release,route-metric 101,ping 5,ping-restart 40,redirect-gateway def1,redirect-gateway bypass-dhcp,redirect-gateway autolocal,route-gateway 5.5.0.1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,register-dns,comp-lzo yes,ifconfig 5.5.117.43 255.255.0.0' Sat Jun 9 23:51:40 2012 Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:4: dhcp-pre-release (2.2.0) Sat Jun 9 23:51:40 2012 Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:5: dhcp-renew (2.2.0) Sat Jun 9 23:51:40 2012 Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:6: dhcp-release (2.2.0) Sat Jun 9 23:51:40 2012 Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:16: register-dns (2.2.0) Sat Jun 9 23:51:40 2012 OPTIONS IMPORT: timers and/or timeouts modified Sat Jun 9 23:51:40 2012 OPTIONS IMPORT: explicit notify parm(s) modified Sat Jun 9 23:51:40 2012 OPTIONS IMPORT: LZO parms modified Sat Jun 9 23:51:40 2012 OPTIONS IMPORT: --ifconfig/up options modified Sat Jun 9 23:51:40 2012 OPTIONS IMPORT: route options modified Sat Jun 9 23:51:40 2012 OPTIONS IMPORT: route-related options modified Sat Jun 9 23:51:40 2012 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified Sat Jun 9 23:51:40 2012 ROUTE: default_gateway=UNDEF Sat Jun 9 23:51:40 2012 TUN/TAP device tun0 opened Sat Jun 9 23:51:40 2012 TUN/TAP TX queue length set to 100 Sat Jun 9 23:51:40 2012 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0 Sat Jun 9 23:51:40 2012 /sbin/ifconfig tun0 5.5.117.43 netmask 255.255.0.0 mtu 1500 broadcast 5.5.255.255 Sat Jun 9 23:51:45 2012 NOTE: unable to redirect default gateway -- Cannot read current default gateway from system Sat Jun 9 23:51:45 2012 Initialization Sequence Completed Output of route command: Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default * 0.0.0.0 U 0 0 0 ppp0 5.5.0.0 * 255.255.0.0 U 0 0 0 tun0 link-local * 255.255.0.0 U 1000 0 0 wlan0 192.168.0.0 * 255.255.255.0 U 0 0 0 wlan0 stream-ts1.net. * 255.255.255.255 UH 0 0 0 ppp0 Output of ifconfig command: eth0 Link encap:Ethernet HWaddr 6c:62:6d:44:0d:12 inet6 addr: fe80::6e62:6dff:fe44:d12/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:54594 errors:0 dropped:0 overruns:0 frame:0 TX packets:59897 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:44922107 (44.9 MB) TX bytes:8839969 (8.8 MB) Interrupt:41 Base address:0x8000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:4561 errors:0 dropped:0 overruns:0 frame:0 TX packets:4561 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:685425 (685.4 KB) TX bytes:685425 (685.4 KB) ppp0 Link encap:Point-to-Point Protocol inet addr:213.206.63.44 P-t-P:213.206.34.4 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1 RX packets:53577 errors:0 dropped:0 overruns:0 frame:0 TX packets:58892 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:3 RX bytes:43667387 (43.6 MB) TX bytes:7504776 (7.5 MB) tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:5.5.117.43 P-t-P:5.5.117.43 Mask:255.255.0.0 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) wlan0 Link encap:Ethernet HWaddr 00:27:19:f6:b5:cf inet addr:192.168.0.1 Bcast:0.0.0.0 Mask:255.255.255.0 inet6 addr: fe80::227:19ff:fef6:b5cf/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:12079 errors:0 dropped:0 overruns:0 frame:0 TX packets:11178 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:1483691 (1.4 MB) TX bytes:4307899 (4.3 MB) So my question is - how to make OpenVPN redirect default gateway? Thanks!

    Read the article

  • problem with overriding autologin in spring security?

    - by sword101
    greetings everybody iam using spring security 3 remember me service as follows <http> <remember-me/> ....</http> and i want to perform some logic in the autologin so i tried to override the AbstractRememberMeServices as follows: package com.foo; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.springframework.security.core.Authentication; import org.springframework.security.web.authentication.RememberMeServices; public abstract class AbstractRememberMeServices implements RememberMeServices{ @Override public Authentication autoLogin(HttpServletRequest arg0, HttpServletResponse arg1) { System.out.println("Auto Login"); return null; } @Override public void loginSuccess(HttpServletRequest arg0, HttpServletResponse arg1, Authentication arg2) { System.out.println("Login Success"); } } but the autologin occurs with no action,the user auto login but the print statement is not printed? what's wrong?

    Read the article

  • Modal View Controller Undesirably Hides Tab Bar

    - by Kevin Sylvestre
    I am working on an application that requires user authentication to access a profile. The profile section is located solely under one tab (and all others tabs do not require authentication). I currently present a authentication view controller modally (and then dismiss on success) when the user selects the profile tab. However, this approach prevents the user from deciding not to register / login (that is, all tabs are hidden once the authentication screen is presented modally). I don't want the user to be able to dismiss the modal view controller, but rather have it modal only for the profile tab. Is this possible? Can I have tabs visible while having a modal view controller? What is the best approach here. Thanks.

    Read the article

  • IIS 7.5 What am I doing wrong?

    - by chugh97
    In IIS 7.5 under Windows 7 Utilmate, I have an application which is configured for authentication as follows: Anonymous & Windows In the ASP.NET Website, I have turned Forms authentication and identity impersonate = true I also deny any anonymous users. <authentication mode="Forms"> </authentication> <identity impersonate="true"/> <authorization> <deny user="?"> </authorization> IIS complains. What am I doing wrong... What I want to achieve :I want the windows Logged On User so I can build a FormsAuthentication ticket and pass it to a Passive STS. So in IIS I have anonymous and windows...If have only windows ticked, I cannot go onto the Login.aspx page as I have an extra parameter to be passed from there. So now in webconfig, I then disable anonymous users by saying deny user="?" , so it leaves me with the authenticated windows user but using Forms Authentication.You know what I mean??

    Read the article

  • Setting up a "cookieless domain" to improve site performance

    - by Django Reinhardt
    I was reading in Google's documentation about improving site speed. One of their recommendations is serving static content (images, css, js, etc.) from a "cookieless domain": Static content, such as images, JS and CSS files, don't need to be accompanied by cookies, as there is no user interaction with these resources. You can decrease request latency by serving static resources from a domain that doesn't serve cookies. Google then says that the best way to do this is to buy a new domain and set it to point to your current one: To reserve a cookieless domain for serving static content, register a new domain name and configure your DNS database with a CNAME record that points the new domain to your existing domain A record. Configure your web server to serve static resources from the new domain, and do not allow any cookies to be set anywhere on this domain. In your web pages, reference the domain name in the URLs for the static resources. This is pretty straight forward stuff, except for the bit where it says to "configure your web server to serve static resources from the new domain, and do not allow any cookies to be set anywhere on this domain". From what I've read, there's no setting in IIS that allows you to say "serve static resources", so how do I prevent ASP.NET from setting cookies on this new domain? At present, even if I'm just requesting a .jpg from the new domain, it sets a cookie on my browser, even though our application's cookies are set to our old domain. For example, ASP.NET sets an ".ASPXANONYMOUS" cookie that (as far as I'm aware) we're not telling it to do. Apologies if this is a real newb question, I'm new at this! Thanks.

    Read the article

  • Using DLL that using COM in C#

    - by chekalin-v
    I have been writing DLL on C++, that will be use in C#. DLL have some function, where I call hres = CoInitializeEx(NULL, COINIT_MULTITHREADED); and next call hres = CoInitializeSecurity( NULL, -1, // COM authentication NULL, // Authentication services NULL, // Reserved RPC_C_AUTHN_LEVEL_PKT, // Default authentication RPC_C_IMP_LEVEL_IMPERSONATE, // Default Impersonation NULL, // Authentication info EOAC_NONE, // Additional capabilities NULL // Reserved ); There are no error then I trying to use this dll in C++. But if I call function from DLL via C# application I see Error (80010106) Cannot change thread mode after it is set. I changed hres = CoInitializeEx(NULL, COINIT_MULTITHREADED); to hres = CoInitialize(NULL); After this changes error appear after CoInitializeSecurity: (80010119) Security must be initialized before any interfaces are marshalled or unmarshalled. It cannot be changed once initialized. How resolve this trouble?

    Read the article

  • problem with overriding autologin in spring framework?

    - by sword101
    greetings everybody iam using spring 3 remember me service as follows <http> <remember-me/> ....</http> and i want to perform some logic in the autologin so i tried to override the AbstractRememberMeServices as follows: package com.foo; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.springframework.security.core.Authentication; import org.springframework.security.web.authentication.RememberMeServices; public abstract class AbstractRememberMeServices implements RememberMeServices{ @Override public Authentication autoLogin(HttpServletRequest arg0, HttpServletResponse arg1) { System.out.println("Auto Login"); return null; } @Override public void loginSuccess(HttpServletRequest arg0, HttpServletResponse arg1, Authentication arg2) { System.out.println("Login Success"); } } but the autologin occurs with no action,the user auto login but the print statement is not printed? what's wrong?

    Read the article

  • struct assignment operator on arrays

    - by Django fan
    Suppose I defined a structure like this: struct person { char name [10]; int age; }; and declared two person variables: person Bob; person John; where Bob.name = "Bob", Bob.age = 30 and John.name = "John",John.age = 25. and I called Bob = John; struct person would do a Memberwise assignment and assign Johns's member values to Bob's. But arrays can't assign to arrays, so how does the assignment of the "name" array work?

    Read the article

  • ASP: Updating an image's IMAGEURL within a REPEATER

    - by Django Reinhardt
    Hi, I hope someone can help me. It's a pretty newbie question, I'm afraid. I have an image inside a repeater, and I would like to change its IMAGEURL based on parameter that's being passed to it. <asp:Repeater ID="Repeater" runat="server"> <HeaderTemplate> <asp:Image ID="imgType" runat="server" /> </HeaderTemplate> <ItemTemplate> <%# Eval("DisplayName")%> </ItemTemplate> <SeparatorTemplate> <hr /> </SeparatorTemplate> </asp:Repeater> There is a SWITCH statement in the code behind that is altering the IMAGEURL depending on what's being passed to it. Inevitably, however, the images ID ("imgType") is not visible to the SWITCH statement (presumably because it's inside a REPEATER). Any suggestions on the best way to implement this would be greatly appreciated. Sorry for such a newbie question. Thanks!

    Read the article

  • Prevent users from being able to access a webpage via web browser?

    - by Rob
    My friend and I are working on a program. This program is going to submit GET data to our webpage. However, we don't want users accessing the webpage any other way than the program. We can prevent users from sharing the program using HWID authentication, but nothing prevents them from using a packet scanner to get the URL of the webpage. We thought about user-agent authentication, which we will implement, but user-agents can easily be spoofed. So my question is, how can we prevent users from accessing the webpage directly, instead of through the program? Even if you don't have an answer that will completely work, anything that will help deter them would be nice. Currently we will be implementing: HWID Authentication to use the program User-Agent Authentication to access the web page Instant IP Blacklisting to anyone accessing the webpage without the proper User-Agent

    Read the article

  • How do I specify Open ID Realm in spring security ?

    - by Salvin Francis
    We are using Spring security in our application with support for username / password based authentication as well as Open id based authentication. The issue is that google gives a different open id for the return url specified and we have at least 2 different entry points in our application from where open id is configured into our system. Hence we decided to use open id realm. http://blog.stackoverflow.com/2009/0...ue-per-domain/ http://groups.google.com/group/googl...unts-api?pli=1 how is it possible to integrate realm into our spring configuration/code ? This is how we are doing it in traditional openid library code: AuthRequest authReq = consumerManager.authenticate(discovered, someReturnToUrl,"http://www.example.com"); This works and gives same open id for different urls from our site. our configuration: Code: ... <http auto-config="false"> <!-- <intercept-url> tags are here --> <remember-me user-service-ref="someRememberedService" key="some key" /> <form-login login-page="/Login.html" authentication-failure-url="/Login.html?error=true" always-use-default-target="false" default-target-url="/MainPage.html"/> <openid-login authentication-failure-url="/Login.html?error=true" always-use-default-target="true" default-target-url="/MainPage.html" user-service-ref="someOpenIdUserService"/> </http> ... <beans:bean id="someOpenIdUserService" class="com.something.MyOpenIDUserDetailsService"> </beans:bean> <beans:bean id="openIdAuthenticationProvider" class="com.something.MyOpenIDAuthenticationProvider"> <custom-authentication-provider /> <beans:property name="userDetailsService" ref="someOpenIdUserService"/> </beans:bean> ...

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 208 209 210 211 212 213 214 215 216 217 218 219  | Next Page >