Search Results

Search found 16713 results on 669 pages for 'drupal configuration'.

Page 84/669 | < Previous Page | 80 81 82 83 84 85 86 87 88 89 90 91  | Next Page >

  • Using the OAM Mobile & Social SDK to secure native mobile apps - Part 2 : OAM Mobile & Social Server configuration

    - by kanishkmahajan
    Objective  In the second part of this blog post I'll now cover configuration of OAM to secure our sample native apps developed using the iOS SDK. First, here are some key server side concepts: Application Profiles: An application profile is a logical representation of your application within OAM server. It could be a web (html/javascript) or native (iOS or Android) application. Applications may have different requirements for AuthN/AuthZ, and therefore each application that interacts with OAM Mobile & Social REST services must be uniquely defined. Service Providers: Service providers represent the back end services that are accessed by applications. With OAM Mobile & Social these services are in the areas of authentication, authorization and user profile access. A Service Provider then defines a type or class of service for authentication, authorization or user profiles. For example, the JWTAuthentication provider performs authentication and returns JWT (JSON Web Tokens) to the application. In contrast, the OAMAuthentication also provides authentication but uses OAM SSO tokens Service Profiles:  A Service Profile is a logical envelope that defines a service endpoint URL for a service provider for the OAM Mobile & Social Service. You can create multiple service profiles for a service provider to define token capabilities and service endpoints. Each service provider instance requires atleast one corresponding service profile.The  OAM Mobile & Social Service includes a pre-configured service profile for each pre-configured service provider. Service Domains: Service domains bind together application profiles and service profiles with an optional security handler. So now let's configure the OAM server. Additional details are in the OAM Documentation and this post simply provides an outline of configuration tasks required to configure OAM for securing native apps.  Configuration  Create The Application Profile Log on to the Oracle Access Management console and from System Configuration -> Mobile and Social -> Mobile Services, select "Create" under Application Profiles. You would do this  step twice - once for each of the native apps - AvitekInventory and AvitekScheduler. Enter the parameters for the new Application profile: Name:  The application name. In this example we use 'InventoryApp' for the AvitekInventory app and 'SchedulerApp' for the AvitekScheduler app. The application name configured here must match the application name in the settings for the deployed iOS application. BaseSecret: Enter a password here. This does not need to match any existing password. It is used as an encryption key between the client and the OAM server.  Mobile Configuration: Enable this checkbox for any mobile applications. This enables the SDK to collect and send Mobile specific attributes to the OAM server.  Webview: Controls the type of browser that the iOS application will use. The embedded browser (default) will render the browser within the application. External will use the system standalone browser. External can sometimes be preferable for debugging URLScheme: The URL scheme associated with the iOS apps that is also used as a custom URL scheme to register O/S handlers that will take control when OAM transfers control to device. For the AvitekInventory and the AvitekScheduler apps I used osa:// and client:// respectively. You set this scheme in Xcode while developing your iOS Apps under Info->URL Types.  Bundle Identifier : The fully qualified name of your iOS application. You typically set this when you create a new Xcode project or under General->Identity in Xcode. For the AvitekInventory and AvitekScheduler apps these were com.us.oracle.AvitekInventory and com.us.oracle.AvitekScheduler respectively.  Create The Service Domain Select create under Service domains. Create a name for your domain (AvitekDomain is what I've used). The name configured must match the service domain set in the iOS application settings. Under "Application Profile Selection" click the browse button. Choose the application profiles that you created in the previous step one by one. Set the InventoryApp as the SSO agent (with an automatic priority of 1) and the SchedulerApp as the SSO client. This associates these applications with this service domain and configures them in a 'circle of trust'.  Advance to the next page of the wizard to configure the services for this domain. For this example we will use the following services:  Authentication:   This will use the JWT (JSON Web Token) format authentication provider. The iOS application upon successful authentication will receive a signed JWT token from OAM Mobile & Social service. This token will be used in subsequent calls to OAM. Use 'MobileOAMAuthentication' here. Authorization:  The authorization provider. The SDK makes calls to this provider endpoint to obtain authorization decisions on resource requests. Use 'OAMAuthorization' here. User Profile Service:  This is the service that provides user profile services (attribute lookup, attribute modification). It can be any directory configured as a data source in OAM.  And that's it! We're done configuring our native apps. In the next section, let's look at some additional features that were mentioned in the earlier post that are automated by the SDK for the app developer i.e. these are areas that require no additional coding by the app developer when developing with the SDK as they only require server side configuration: Additional Configuration  Offline Authentication Select this option in the service domain configuration to allow users to log in and authenticate to the application locally. Clear the box to block users from authenticating locally. Strong Authentication By simply selecting the OAAMSecurityHandlerPlugin while configuring mobile related Service Domains, the OAM Mobile&Social service allows sophisticated device and client application registration logic as well as the advanced risk and fraud analysis logic found in OAAM to be applied to mobile authentication. Let's look at some scenarios where the OAAMSecurityHandlerPlugin gets used. First, when we configure OAM and OAAM to integrate together using the TAP scheme, then that integration kicks off by selecting the OAAMSecurityHandlerPlugin in the mobile service domain. This is how the mobile device is now prompted for KBA,OTP etc depending on the TAP scheme integration and the OAM users registered in the OAAM database. Second, when we configured the service domain, there were claim attributes there that are already pre-configured in OAM Mobile&Social service and we simply accepted the default values- these are the set of attributes that will be fetched from the device and passed to the server during registration/authentication as device profile attributes. When a mobile application requests a token through the Mobile Client SDK, the SDK logic will send the Device Profile attributes as a part of an HTTP request. This set of Device Profile attributes enhances security by creating an audit trail for devices that assists device identification. When the OAAM Security Plug-in is used, a particular combination of Device Profile attribute values is treated as a device finger print, known as the Digital Finger Print in the OAAM Administration Console. Each finger print is assigned a unique fingerprint number. Each OAAM session is associated with a finger print and the finger print makes it possible to log (and audit) the devices that are performing authentication and token acquisition. Finally, if the jail broken option is selected while configuring an application profile, the SDK detects a device is jail broken based on configured policy and if the OAAM handler is configured the plug-in can allow or block access to client device depending on the OAAM policy as well as detect blacklisted, lost or stolen devices and send a wipeout command that deletes all the mobile &social relevant data and blocks the device from future access. 1024x768 Social Logins Finally, let's complete this post by adding configuration to configure social logins for mobile applications. Although the Avitek sample apps do not demonstrate social logins this would be an ideal exercise for you based on the sample code provided in the earlier post. I'll cover the server side configuration here (with Facebook as an example) and you can retrofit the code to accommodate social logins by following the steps outlined in "Invoking Authentication Services" and add code in LoginViewController and maybe create a new delegate - AvitekRPDelegate based on the description in the previous post. So, here all you will need to do is configure an application profile for social login, configure a new service domain that uses the social login application profile, register the app on Facebook and finally configure the Facebook OAuth provider in OAM with those settings. Navigate to Mobile and Social, click on "Internet Identity Services" and create a new application profile. Here are the relevant parameters for the new application profile (-also we're not registering the social user in OAM with this configuration below, however that is a key feature as well): Name:  The application name. This must match the name of the of mobile application profile created for your application under Mobile Services. We used InventoryApp for this example. SharedSecret: Enter a password here. This does not need to match any existing password. It is used as an encryption key between the client and the OAM Mobile and Social service.  Mobile Application Return URL: After the Relying Party (social) login, the OAM Mobile & Social service will redirect to the iOS application using this URI. This is defined under Info->URL type and we used 'osa', so we define this here as 'osa://' Login Type: Choose to allow only internet identity authentication for this exercise. Authentication Service Endpoint : Make sure that /internetidentityauthentication is selected. Login to http://developers.facebook.com using your Facebook account and click on Apps and register the app as InventoryApp. Note that the consumer key and API secret gets generated automatically by the Facebook OAuth server. Navigate back to OAM and under Mobile and Social, click on "Internet Identity Services" and edit the Facebook OAuth Provider. Add the consumer key and API secret from the Facebook developers site to the Facebook OAuth Provider: Navigate to Mobile Services. Click on New to create a new service domain. In this example we call the domain "AvitekDomainRP". The type should be 'Mobile Application' and the application credential type 'User Token'. Add the application "InventoryApp" to the domain. Advance the next page of the wizard. Select the  default service profiles but ensure that the Authentication Service is set to 'InternetIdentityAuthentication'. Finish the creation of the service domain.

    Read the article

  • how to configure a dedicated server as a web server using shell?

    - by alhoseany
    I need some good tutorials that covers the topic of initial configuration of a dedicated server as a secure powerful and up to date web server. The server will have centos6 and cpanel already installed. And will be hosting wordpress and joomla websites. Security and flexibility is my big concern. I know about how to forge website but i need something more advanced and optimized for wordpress and joomla.

    Read the article

  • Where does Mac OS X store file association information?

    - by Mehrdad
    I know there is a system preferences pane to manually modify the file associations in Mac OS X Leopard. However, I'm curious where does Leopard actually store these information? UPDATE: as I said, I'm not interested in methods to change them. I want to know the configuration file or database (like registry in Windows) where those mappings are stored.

    Read the article

  • How do I install Netatalk in Ubuntu 9.10 (tutorial)?

    - by Phobis
    I have never installed Netatalk before. I have to help someone get this up and running on a Ubuntu 9.10 server and I don't know if there is any special configuration or install steps I need to follow in Ubuntu 9.10 to get it up and running. I am doing this remotely through ssh, so I prefer instruction via command-line. Thanks!

    Read the article

  • Is memcache impacting my performence negatively?

    - by iTech
    I am using pressflow 6 and NewRelic seems to suggest that memcache is infact hurting performance as shown below : My settings.php file : # Varnish reverse proxy on localhost $conf['reverse_proxy'] = TRUE; $conf['reverse_proxy_addresses'] = array('127.0.0.1'); # Memcached configuration $conf['cache_inc'] = './sites/all/modules/memcache/memcache.inc'; $conf['memcache_servers'] = array( '127.0.0.1:11211' => 'default', ); ### END Mercury settings written on 2011-11-01T07:12:49-04:00

    Read the article

  • SQL Server Express with Advanced Services (with Reporting Services)???

    - by Fretwizard
    I have tried to download SQL Server 2005 Express edition about 4 times trying to find the correct version that has business intelligence studio and reporting services in it? Every time I try to unhide the advanced configuration during install, it's never there... Can anyone point me to the correct download? Looking for 2005 (not 2008) because my work SQL server that I am trying to learn this for is 2005, and the training material I have is for 2005 and VS 2008 does not want to integrate with SQL2008 express.

    Read the article

  • How to share internet over network

    - by abc
    i have a machine connected to internet, i want to set up proxy server or any other configuration that can help me to share internet over other machines in the same network machine may be of diff. platform (linux,mac, , windows), and server can be (either linux or windows) so how to configure now.. all machine are in network. Thanks

    Read the article

  • Sonar Analysis crashing with default configuration in Maven

    - by Robert Mandeville
    I'm starting to experiment with Sonar, and having trouble. I'm running everything on the same Red Hat Linux server, against Java 1.6.10. I launched the server with "bin/linux-x86-32" (the JVM is 32-bit). The sonar.log shows no SEVERE or ERROR and one WARNING, that I'm using the default Derby database (I'll fix that once I get things running at all). I am trying to build a Maven project that builds a JAR. I made no Sonar-specific changes (other than one described below). I can run "mvn clean install" with no problem. However, if I then run "mvn -e sonar:sonar", I get the stacktrace listed below. The server logs no events. I added the dependency "commons-pool:commons-pool:20030825.183949, but to no avail. Any idea as to what I'm doing wrong? [INFO] Error stacktraces are turned on. [INFO] Scanning for projects... [INFO] [INFO] ------------------------------------------------------------------------ [INFO] Building buildUtil 1.0 [INFO] ------------------------------------------------------------------------ [INFO] [INFO] --- sonar-maven-plugin:2.0:sonar (default-cli) @ buildUtil --- [INFO] Sonar version: 2.14 [WARN] [14:54:17.730] Derby database should be used for evaluation purpose only [INFO] [14:54:17.732] Create JDBC datasource [INFO] ------------------------------------------------------------------------ [INFO] BUILD FAILURE [INFO] ------------------------------------------------------------------------ [INFO] Total time: 2.130s [INFO] Finished at: Mon Apr 09 14:54:17 EDT 2012 [INFO] Final Memory: 8M/198M [INFO] ------------------------------------------------------------------------ [ERROR] Failed to execute goal org.codehaus.mojo:sonar-maven-plugin:2.0:sonar (default-cli) on project buildUtil: Can not execute Sonar: PicoLifecycleException: method 'public final org.sonar.core.persistence.DefaultDatabase org.sonar.core.persistence.DefaultDatabase.start()', instance 'org.sonar.batch.bootstrap.BatchDatabase@41b635, java.lang.RuntimeException: wrapper: org/apache/commons/pool/impl/GenericObjectPool: org.apache.commons.pool.impl.GenericObjectPool -> [Help 1] org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal org.codehaus.mojo:sonar-maven-plugin:2.0:sonar (default-cli) on project buildUtil: Can not execute Sonar at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:217) at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:153) at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:145) at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:84) at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:59) at org.apache.maven.lifecycle.internal.LifecycleStarter.singleThreadedBuild(LifecycleStarter.java:183) at org.apache.maven.lifecycle.internal.LifecycleStarter.execute(LifecycleStarter.java:161) at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:319) at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:156) at org.apache.maven.cli.MavenCli.execute(MavenCli.java:537) at org.apache.maven.cli.MavenCli.doMain(MavenCli.java:196) at org.apache.maven.cli.MavenCli.main(MavenCli.java:141) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced(Launcher.java:290) at org.codehaus.plexus.classworlds.launcher.Launcher.launch(Launcher.java:230) at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode(Launcher.java:409) at org.codehaus.plexus.classworlds.launcher.Launcher.main(Launcher.java:352) Caused by: org.apache.maven.plugin.MojoExecutionException: Can not execute Sonar at org.codehaus.mojo.sonar.Bootstraper.executeMojo(Bootstraper.java:118) at org.codehaus.mojo.sonar.Bootstraper.start(Bootstraper.java:65) at org.codehaus.mojo.sonar.SonarMojo.execute(SonarMojo.java:90) at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:101) at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:209) ... 19 more Caused by: org.picocontainer.PicoLifecycleException: PicoLifecycleException: method 'public final org.sonar.core.persistence.DefaultDatabase org.sonar.core.persistence.DefaultDatabase.start()', instance 'org.sonar.batch.bootstrap.BatchDatabase@41b635, java.lang.RuntimeException: wrapper at org.picocontainer.monitors.NullComponentMonitor.lifecycleInvocationFailed(NullComponentMonitor.java:77) at org.picocontainer.lifecycle.ReflectionLifecycleStrategy.monitorAndThrowReflectionLifecycleException(ReflectionLifecycleStrategy.java:132) at org.picocontainer.lifecycle.ReflectionLifecycleStrategy.invokeMethod(ReflectionLifecycleStrategy.java:115) at org.picocontainer.lifecycle.ReflectionLifecycleStrategy.start(ReflectionLifecycleStrategy.java:89) at org.picocontainer.injectors.AbstractInjectionFactory$LifecycleAdapter.start(AbstractInjectionFactory.java:84) at org.picocontainer.behaviors.AbstractBehavior.start(AbstractBehavior.java:169) at org.picocontainer.behaviors.Stored$RealComponentLifecycle.start(Stored.java:132) at org.picocontainer.behaviors.Stored.start(Stored.java:110) at org.picocontainer.DefaultPicoContainer.potentiallyStartAdapter(DefaultPicoContainer.java:1009) at org.picocontainer.DefaultPicoContainer.startAdapters(DefaultPicoContainer.java:1002) at org.picocontainer.DefaultPicoContainer.start(DefaultPicoContainer.java:760) at org.sonar.api.platform.ComponentContainer.startComponents(ComponentContainer.java:70) at org.sonar.batch.bootstrap.Module.start(Module.java:82) at org.sonar.batch.bootstrapper.Batch.startBatch(Batch.java:71) at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:58) at org.sonar.maven3.SonarMojo.execute(SonarMojo.java:143) at org.codehaus.mojo.sonar.Bootstraper.executeMojo(Bootstraper.java:113) ... 23 more Caused by: java.lang.RuntimeException: wrapper at org.picocontainer.lifecycle.ReflectionLifecycleStrategy.monitorAndThrowReflectionLifecycleException(ReflectionLifecycleStrategy.java:130) ... 38 more Caused by: java.lang.NoClassDefFoundError: org/apache/commons/pool/impl/GenericObjectPool at org.apache.commons.dbcp.BasicDataSourceFactory.createDataSource(BasicDataSourceFactory.java:152) at org.sonar.core.persistence.DefaultDatabase.initDatasource(DefaultDatabase.java:114) at org.sonar.core.persistence.DefaultDatabase.start(DefaultDatabase.java:60) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.picocontainer.lifecycle.ReflectionLifecycleStrategy.invokeMethod(ReflectionLifecycleStrategy.java:110) ... 37 more Caused by: java.lang.ClassNotFoundException: org.apache.commons.pool.impl.GenericObjectPool at org.codehaus.plexus.classworlds.strategy.SelfFirstStrategy.loadClass(SelfFirstStrategy.java:50) at org.codehaus.plexus.classworlds.realm.ClassRealm.loadClass(ClassRealm.java:244) at org.codehaus.plexus.classworlds.realm.ClassRealm.loadClass(ClassRealm.java:230) at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:320) ... 45 more [ERROR] [ERROR] Re-run Maven using the -X switch to enable full debug logging. [ERROR] [ERROR] For more information about the errors and possible solutions, please read the following articles: [ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException The POM I'm using is: <?xml version="1.0" encoding="UTF-8"?> <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> <modelVersion>4.0.0</modelVersion> <groupId>com.phoenix.build</groupId> <artifactId>buildUtil</artifactId> <version>1.0</version> <properties> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> </properties> <build> <sourceDirectory>src/main/java</sourceDirectory> <testSourceDirectory>src/test/java</testSourceDirectory> <plugins> <plugin> <artifactId>maven-compiler-plugin</artifactId> <version>2.3.2</version> <configuration> <source>1.6</source> <target>1.6</target> </configuration> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-surefire-plugin</artifactId> <version>2.7.2</version> <configuration> <excludes> <exclude>**/*integrationTest.java</exclude> </excludes> </configuration> <executions> <execution> <id>integration-tests</id> <phase>integration-test</phase> <goals> <goal>test</goal> </goals> <configuration> <skip>false</skip> <excludes> <exclude>none</exclude> </excludes> <includes> <include>**/*integrationTest.java</include> </includes> </configuration> </execution> </executions> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-jar-plugin</artifactId> <version>2.2</version> <executions> <execution> <goals> <goal>test-jar</goal> </goals> </execution> </executions> </plugin> </plugins> </build> <dependencies> <dependency> <groupId>commons-cli</groupId> <artifactId>commons-cli</artifactId> <version>1.2</version> <type>jar</type> <optional>false</optional> </dependency> <dependency> <groupId>jaxen</groupId> <artifactId>jaxen</artifactId> <version>1.1.1</version> <type>jar</type> <optional>false</optional> </dependency> <dependency> <groupId>dom4j</groupId> <artifactId>dom4j</artifactId> <version>1.6.1</version> <type>jar</type> <optional>false</optional> </dependency> <dependency> <groupId>junit</groupId> <artifactId>junit</artifactId> <version>4.8.2</version> <type>jar</type> <scope>test</scope> <optional>false</optional> </dependency> <dependency> <groupId>org.apache.maven</groupId> <artifactId>maven-artifact</artifactId> <version>2.0</version> <type>jar</type> <optional>false</optional> </dependency> <dependency> <groupId>org.codehaus.plexus</groupId> <artifactId>plexus-classworlds</artifactId> <version>2.2.2</version> <type>jar</type> <optional>false</optional> </dependency> <dependency> <groupId>com.ibm.db2</groupId> <artifactId>db2jcc</artifactId> <version>9.7</version> <type>jar</type> <optional>false</optional> </dependency> <dependency> <groupId>com.ibm.db2</groupId> <artifactId>Common</artifactId> <version>9.7</version> <type>jar</type> <optional>false</optional> </dependency> <dependency> <groupId>com.ibm.db2</groupId> <artifactId>db2fs</artifactId> <version>9.7</version> <type>jar</type> <optional>false</optional> </dependency> <dependency> <groupId>com.ibm.db2</groupId> <artifactId>db2java</artifactId> <version>9.7</version> <type>zip</type> <optional>false</optional> </dependency> <dependency> <groupId>com.ibm.db2</groupId> <artifactId>db2jcc_javax</artifactId> <version>9.7</version> <type>jar</type> <optional>false</optional> </dependency> <dependency> <groupId>com.ibm.db2</groupId> <artifactId>db2jcc_license_cisuz</artifactId> <version>9.7</version> <type>jar</type> <optional>false</optional> </dependency> <dependency> <groupId>com.ibm.db2</groupId> <artifactId>db2jcc_license_cu</artifactId> <version>9.7</version> <type>jar</type> <optional>false</optional> </dependency> <dependency> <groupId>com.ibm.db2</groupId> <artifactId>db2policy</artifactId> <version>9.7</version> <type>jar</type> <optional>false</optional> </dependency> <dependency> <groupId>com.ibm.db2</groupId> <artifactId>sqlj</artifactId> <version>9.7</version> <type>zip</type> <optional>false</optional> </dependency> <dependency> <groupId>com.ibm.db2</groupId> <artifactId>db2qgjava</artifactId> <version>9.7</version> <type>jar</type> <optional>false</optional> </dependency> </dependencies>

    Read the article

  • Configuring Hibernate logging using Log4j XML config file?

    - by James McMahon
    I haven't been able to find any documentation on how to configure Hibernate's logging using the XML style configuration file for Log4j. Is this even possible or do I have use a properties style configuration file to control Hibernate's logging? If anyone has any information or links to documentation it would appreciated. EDIT: Just to clarify, I am looking for example of the actual XML syntax to control Hibernate. EDIT2: Here is what I have in my XML config file. <?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE log4j:configuration SYSTEM "log4j.dtd"> <log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/"> <appender name="console" class="org.apache.log4j.ConsoleAppender"> <param name="Threshold" value="info"/> <param name="Target" value="System.out"/> <layout class="org.apache.log4j.PatternLayout"> <param name="ConversionPattern" value="%d{ABSOLUTE} [%t] %-5p %c{1} - %m%n"/> </layout> </appender> <appender name="rolling-file" class="org.apache.log4j.RollingFileAppender"> <param name="file" value="Program-Name.log"/> <param name="MaxFileSize" value="1000KB"/> <!-- Keep one backup file --> <param name="MaxBackupIndex" value="4"/> <layout class="org.apache.log4j.PatternLayout"> <param name="ConversionPattern" value="%d [%t] %-5p %l - %m%n"/> </layout> </appender> <root> <priority value ="debug" /> <appender-ref ref="console" /> <appender-ref ref="rolling-file" /> </root> </log4j:configuration> Logging works fine but I am looking for a way to step down and control the hibernate logging in way that separate from my application level logging, as it currently is flooding my logs. I have found examples of using the preference file to do this, I was just wondering how I can do this in a XML file.

    Read the article

  • DD-WRT RIP2 Router mode configuration

    - by Eduardo
    Can anybody tell me why my wireless router only redirects traffic to ADSL modem when it is on Gateway mode? These are the configurations when it is on RIP2 Router mode: ADSL Modem: ------------ LAN IP: 10.1.1.1 Subnet mask: 255.0.0.0 RIP v2 enabled in both directions Route: destination: 192.168.1.0 Subnet mask: 255.255.255.0 Gateway: 10.1.1.2 Wireless Router (DD-WRT) ------------------------ WAN IP: 10.1.1.2 WAN Subnet mask: 255.0.0.0 LAN IP: 192.168.1.1 LAN Subnet mask: 255.255.255.0 Operating mode: RIP2 Router Static Route: Destination LAN NET: 10.0.0.0 Subnet Mask: 255.0.0.0 Gateway: 10.1.1.1 Interface: LAN & WLAN

    Read the article

  • RAID 0 Volatile Volume Cache Mode configuration

    - by SnippetSpace
    I discovered that in IRST there is an option to set a cache mode for my 3 ssd raid 0 array. I've read the documentation by Intel and have some questions: Are there any overall benefits/risks from enabling cache mode? As I'm on a laptop, would write back be recommended? I read it increases chance of data loss on power interruption. What is the difference between how windows handles data integrity and the intel driver? Read only mode seems to have the benefit of faster reads, does it have any downsides? Thanks for your help guys!

    Read the article

  • IIS, multiple CPU cores, application pools and worker processes - best configuration for a single si

    - by Egghead Design
    Hi We use Kentico CMS and I've exchanged emails with them about a web garden deployment. We have a single site running on a server with 8 cpu cores. In line with Kentico's advice, we have not altered the application pool web garden setting from the default i.e. it is set to a maximum number of worker processes of 1. Our experience is that the site only uses one of the cpu cores - the others are idling. When I emailed them about this, their response was that the OS/IIS would handle this and use other cores as necessary even though the application pool only has a single worker process. Now, I've a lot of respect for the guys at Kentico, but this doesn't seem right to me? Surely, if we want to use all cores, we need to permit eight worker processes (and implement session state storage in SQL server)? Many thanks Tony

    Read the article

  • James - mail server configuration help needed

    - by Chaitanya
    Hi, I am trying to setup James mail server on a linux machine. The linux machine has public static ip address assigned. I installed James and added in the config.xml added the servername as mydomain.com. In the DNS for mydomain.com, I have created a A-record, say mx.mydomain.com, which corresponds to the ipaddress of the above mail server machine. Then added mx.mydomain.com as MX record for mydomain.com. In James, I have created a new user test. Then from gmail, I sent a mail to [email protected]. The mail is not received back and it didn't even bounce back. The linux machine is behind a firewall with only 22, 80, 8080 ports open for external network. My question here is, Do I require do open any other ports on the firewall so that the mail I send from gmail arrives to James? If it's not the port problem, any views on solving this issue? I don't want to send mails from this server. It's only for receiving the mails.

    Read the article

  • monit configuration for php-fpm

    - by Adam Jimenez
    I'm struggling to find a monit config for php-fpm that works. This is what I've tried: ### Monitoring php-fpm: the parent process. check process php-fpm with pidfile /var/run/php-fpm/php-fpm.pid group phpcgi # phpcgi group start program = "/etc/init.d/php-fpm start" stop program = "/etc/init.d/php-fpm stop" ## Test the UNIX socket. Restart if down. if failed unixsocket /var/run/php-fpm.sock then restart ## If the restarts attempts fail then alert. if 3 restarts within 5 cycles then timeout depends on php-fpm_bin depends on php-fpm_init ## Test the php-fpm binary. check file php-fpm_bin with path /usr/sbin/php-fpm group phpcgi if failed checksum then unmonitor if failed permission 755 then unmonitor if failed uid root then unmonitor if failed gid root then unmonitor ## Test the init scripts. check file php-fpm_init with path /etc/init.d/php-fpm group phpcgi if failed checksum then unmonitor if failed permission 755 then unmonitor if failed uid root then unmonitor if failed gid root then unmonitor But it fails because there is no php-fpm.sock (Centos 6)

    Read the article

  • My current iptable configuration doesn't work [on hold]

    - by Brad
    sudo chkconfig iptables off /etc/init.d/iptables on ### Clear/flush iptables sudo iptables -F sudo iptables -P INPUT ACCEPT sudo iptables -P OUTPUT ACCEPT sudo iptables -P FORWARD ACCEPT ### Allow SSH iptables -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth0 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT ### Allow YUM updates sudo iptables -A OUTPUT -o eth0 -p tcp --dport 80 --match owner --uid-owner 0 --state NEW,ESTABLISHED -j ACCEPT sudo iptables -A OUTPUT -o eth0 -p tcp --dport 443 --match owner --uid-owner 0 --state NEW,ESTABLISHED -j ACCEPT ### Add your rules form the link above, here # ftp,smtp,imap,http,https,pop3,imaps,pop3s sudo iptables -A INPUT -i eth0 -p tcp -m multiport --dports 21,25,143,80,443,110,993,995 -m state --state NEW,ESTABLISHED -j ACCEPT sudo iptables -A OUTPUT -o eth0 -p tcp -m multiport --sports 21,25,143,80,110,443,993,995 -m state --state NEW,ESTABLISHED -j ACCEPT ## allow dns sudo iptables -A OUTPUT -p udp -o eth0 --dport 53 -j ACCEPT && sudo iptables -A INPUT -p udp -i eth0 --sport 53 -j ACCEPT # handling pings sudo iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT && sudo iptables -A OUTPUT -p icmp --icmp-type echo-reply -j ACCEPT sudo iptables -A OUTPUT -p icmp --icmp-type echo-request -j ACCEPT && sudo iptables -A INPUT -p icmp --icmp-type echo-reply -j ACCEPT # manage ddos attacks sudo iptables -A INPUT -p tcp --dport 80 -m limit --limit 25/minute --limit-burst 100 -j ACCEPT ## Implement some logging so that we know what's getting dropped sudo iptables -N LOGGING sudo iptables -A INPUT -j LOGGING sudo iptables -A LOGGING -m limit --limit 2/min -j LOG --log-prefix "IPTables Packet Dropped: " --log-level 7 sudo iptables -A LOGGING -j DROP # once a rule affects traffic then it is no longer managed # so if the traffic has not been accepted, block it sudo iptables -A INPUT -j DROP sudo iptables -I INPUT 1 -i lo -j ACCEPT sudo iptables -A OUTPUT -j DROP # allow only internal port forwarding sudo iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT sudo iptables -P FORWARD DROP # create an iptables config file sudo iptables-save > /root/dsl.fw ### Append the following to the rc.local file sudo nano /etc/rc.local ####--- /sbin/iptables-restore < sudo /root/dsl.fw ####--- /etc/init.d/iptables save ## check to see if this setting is working great. sudo service iptables restart ## log out/in testing sudo chkconfig iptables on What is the problem with this setup? If I restart the server it doesn't allow me back in SSH, and there may be a problem with Yum Original source of information: https://gist.github.com/Jonathonbyrd/1274837#file-instructions

    Read the article

  • ASP.NET Web Server Hardware Configuration

    - by Santa Te Banta
    I'm planning on deploying my ASP.NET Web app in the production environment using a Windows Server 2003 machine. But I know nothing about the CPU brand names and what's best. I know 4 GB RAM, with anything over 3 GHz clock speed will be a good bet and will serve a large number of users. But tell me what's the latest and greatest processor brand-names for running a Windows Server 2003 OS today? And what edition of the Windows 2003 Server do I need out of the following, if I have to run a website to support about 100,000 (a hundred thousand) users, 60% of who are expected to be online at all times? Web Edition Standard Enterprise Datacenter source: http://en.wikipedia.org/wiki/Windows_Server_2003 The article says that the Web edition can only support up to 2 GB of RAM. Will that be sufficient for the above user population?

    Read the article

  • Squid configuration for proxy server

    - by Ian Rob
    I have a server with 10 ip's that I want to give access to some friends via authentication but I'm stuck on squid's config file. Let's say I have these ip's available on my server: 212.77.23.10 212.77.1.10 68.44.82.112 And I want to allocate each one of them to a different user like so: 212.77.23.10 goes to user manilodisan using password 123456 212.77.1.10 goes to user manilodisan1 using password 123456 68.44.82.112 goes to user manilodisan2 using password 123456 I managed to add the passwords and authentication works ok but how do I do to restrict one user to one of the available ip's? I have a basic setup from different bits I found over the internet but nothing seems to work. Here's my squid.conf (all comments are removed to make it lighter): acl ip1 myip 212.77.23.10 acl ip2 myip 212.77.1.10 tcp_outgoing_address 212.77.23.10 ip1 tcp_outgoing_address 212.77.1.10 ip2 http_port 8888 visible_hostname weezie auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squid-passwd acl ncsa_users proxy_auth REQUIRED http_access allow ncsa_users acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 # https acl SSL_ports port 563 # snews acl SSL_ports port 873 # rsync acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl Safe_ports port 631 # cups acl Safe_ports port 873 # rsync acl Safe_ports port 901 # SWAT acl purge method PURGE acl CONNECT method CONNECT http_access allow manager localhost http_access deny manager http_access allow purge localhost http_access deny purge http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost http_access deny all icp_access allow all hierarchy_stoplist cgi-bin ? access_log /var/log/squid/access.log squid acl QUERY urlpath_regex cgi-bin \? cache deny QUERY refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 acl apache rep_header Server ^Apache broken_vary_encoding allow apache extension_methods REPORT MERGE MKACTIVITY CHECKOUT hosts_file /etc/hosts forwarded_for off coredump_dir /var/spool/squid

    Read the article

  • Antivirus Configuration for dedicated SQL and dedicated IIS Servers

    - by Wayne Arthurton
    Our corporate standard is McAfee Enterprise, unfortunately this is non-negotiable. On two types of servers I'm responsible for, SQL & Web, we have noticed major performance issues with the corporate standard setup. Max scan time 45sec One policy for all processes Scan ALL files on write, read and open for backup Heuristics: Find unknown programs, trojans and macros Detect unwanted programs Exclude: EVT, LDF, LOG, MDF, VMD, , windows file protection) This of course still causes major slowdowns. IIS .NET recompiles are slow especially with SharePoint, SQL backups and restores, SQL Analysis Services, Integration Services and temp data from them as well. I have looked from time to time, for some best practices on setting up McAfee of SQL & SQL Analysis Service, SQL Integration Service, Visual Studio, Sharepoint, and .NET web servers in general. How do people setup McAfee enterprise on their corporate serves keeping security intact, but affecting performance as minimally as possible? Has anyone run across white papers on these setups? Obviously some are case by case, but there must be some best practices out there somewhere.

    Read the article

  • How to install nginx and install the configuration files too

    - by Burning the Codeigniter
    I've just completely uninstalled nginx 1.0.6 from my server (Ubuntu 11.04) using apt-get remove nginx rm -rf /etc/nginx/ rm -rf /usr/sbin/nginx rm /usr/share/man/man1/nginx.1.gz apt-get remove nginx* Now I want to install it again, however when starting nginx, I get errors such as: Restarting nginx: nginx: [emerg] open() "/etc/nginx/nginx.conf" failed (2: No such file or directory) Then I placed my own conf file, then I get a new error: Restarting nginx: nginx: [emerg] open() "/etc/nginx/mime.types" failed (2: No such file or directory) in /etc/nginx/nginx.conf:12 Now it seems that apt-get install nginx doesn't install it completely, I cleared the apt-get cache, doesn't seem to help. How can I get a full installation of nginx using apt-get?

    Read the article

  • HP D2D 4312 Bacula configuration

    - by krisdigitx
    I have configured 5 libraries on the HP D2D system Discovery on the Bacula server shows only the last library and not all libraries. Why? [root@server bacula]# iscsiadm --mode discovery --type sendtargets --portal 10.66.59.114 10.66.59.114:3260,1 iqn.1986-03.com.hp:storage.d2dbs.czj2020vvy.50014380075dca5e.library12.drive1 10.66.59.114:3260,1 iqn.1986-03.com.hp:storage.d2dbs.czj2020vvy.50014380075dcaf2.library12.robotics I can query it fine using... [root@server bacula]# mtx -f /dev/sg2 inquiry Product Type: Tape Drive Vendor ID: 'HP ' Product ID: 'Ultrium 5-SCSI ' Revision: 'ED51' Attached Changer API: No [root@bray bacula]# mtx -f /dev/sg3 inquiry Product Type: Medium Changer Vendor ID: 'HP ' Product ID: 'MSL G3 Series ' Revision: 'EL41' Attached Changer API: No [root@server bacula]# mtx -f /dev/sg3 status Storage Changer /dev/sg3:1 Drives, 97 Slots ( 1 Import/Export ) Data Transfer Element 0:Empty Storage Element 1:Full :VolumeTag=50507F82 Storage Element 2:Full :VolumeTag=50507F83 Storage Element 3:Full :VolumeTag=50507F84 Storage Element 4:Full :VolumeTag=50507F85 Storage Element 5:Full :VolumeTag=50507F86 Storage Element 6:Full :VolumeTag=50507F87 Storage Element 7:Full :VolumeTag=50507F88 Does anyone have any good documentation for implementing Bacula with an HP D2D tape drive for server backups, and how to allocate libraries?

    Read the article

  • james - mail server DNS configuration

    - by Chaitanya
    hi, I am setting up james mail server. I installed James and added in the config.xml added the servername as mydomain.com. In the DNS for mydomain.com, I have created a A-record, say mx.mydomain.com, which corresponds to the ipaddress of the above mail server machine. Then added mx.mydomain.com as MX record for mydomain.com. In James, I have created a new user test. From the user I have sent a mail to my gmail account. I see that the mail is accepted and the mail is in outgoing folder of James. But it's not relay to the gmail server. In the config.xml of James, I have added 8.8.8.8 and 8.8.4.4 as the dns server addresses, which are public DNS servers hosted by Google. IPTables on the machine is stopped. Thanks for your help!

    Read the article

  • DrayTek 2820 configuration using public IP addresses

    - by Kev
    I have a /29 range of public IP addresses assigned to me by my ISP. I'm trying to configure a SIP VOIP handset to register with my VOIP provider who recommend using public IP addresses rather than NAT. I have a DrayTek 2820 router flashed with the latest firmware and have configured my router as per DrayTek's FAQ at: How do I use a public subnet on the LAN (non-NAT operation ) ? My IP range is: xx.xx.94.16 -> xx.xx.94.23 This gives a usable range of: xx.xx.94.17 -> xx.xx.94.22 My router's public IP address is: xx.xx.94.17, the SIP VOIP handset is allocated xx.xx.94.18. I have a second internet connection and via that I can ping the handset. However for some reason I can't seem to get it to register with the provider. I tried adding a new Firewall filter to pass through from WAN to LAN: Source: ANY, Destination: xx.xx.94.18, UDP - Ports 1024 -> 65535 Out of interest I also tried opening port 80 to see if I could browse to the phone's admin web interface but no joy. I know that my ISP aren't blocking inbound service ports because I NAT Port Forwarded port 80 to one of my internal web servers and it rendered a test page I had set up. All the NAT settings are reset to factory defaults, i.e. there are no Port Redirection, DMZ Host, Open Ports or Address Mappings configured. The handset I'm using is a GrandStream GXP-2000. Is there anything else I should be doing?

    Read the article

  • sudo equivalent configuration on Solaris 10

    - by daedlus
    I am looking to configure on Solaris 10 to achieve the below: user=jon group=jtu jon is owner of /opt/app user=ken group=jtu ken is owner of /data On Linux I have added the below line %jtu ALL= NOPASSWD: /bin/*, /usr/bin/* so that jon is able to access /data/tmp and delete files. This doesn't work on solaris10 since there is no sudo by default. How do I configure Solaris 10 so jon can delete files in /data/tmp? Thanks

    Read the article

< Previous Page | 80 81 82 83 84 85 86 87 88 89 90 91  | Next Page >