Search Results

Search found 9696 results on 388 pages for 'proxy authentication'.

Page 100/388 | < Previous Page | 96 97 98 99 100 101 102 103 104 105 106 107  | Next Page >

• How to send connection type (SSH|Telnet) info in Radius Access Requests on Cisco router?

  - by Gianni Costanzi

  I've configured the following on a cisco router: aaa authentication login default group radius local ! radius-server host x.x.x.x auth-port 1012 acct-port 1013 radius-server host y.y.y.y auth-port 1012 acct-port 1013 radius-server retransmit 1 radius-server timeout 3 radius-server key 7 xxxxxxxxx I'd like to be able to specify some radius options in order to add information about the type of connection for which a user is being authenticated, i.e. I'd like the radius server to receive in the Cisco Router's Radius Access Request information about the connection being SSH or Telnet.. I'd like to find something that automatically adds this info in the access request, without specific configurations on VTY lines dedicated to SSH and to Telnet. Any idea about that?

  Read the article

• Nginx & Lua: Hacks, optimizations & observations

  - by Quintin Par

  Following this post on using Lua to increase nginx’s flexibility and in reducing load on the web stack I am curious to know how people are using Lua to enhance nginx’s capability. Are there any notable hacks, optimizations & observations using Lua? Hacks that people have used to discover capability with Nginx that would otherwise be complicated/impossible with a webserver or reverse proxy? Edit: Links: http://thechangelog.com/post/3249294699/super-nginx-killer-build-of-nginx-build-for-luajit-plus http://skillsmatter.com/podcast/home/scripting-nginx-with-lua/te-4729 http://devblog.mixlr.com/2012/06/26/how-we-use-nginx-lua-and-redis-to-beta-ify-mixlr/

  Read the article

• Subversion LDAP Configuration

  - by dbyrne

  I am configuring a subversion repository to use basic LDAP authentication. I have an entry in my http.conf file that looks like this: <Location /company/some/location> DAV svn SVNPath /repository/some/location AuthType Basic AuthName LDAP AuthBasicProvider ldap Require valid-user AuthLDAPBindDN "cn=SubversionAdmin,ou=admins,o=company.com" AuthLDAPBindPassword "XXXXXXX" AuthLDAPURL "ldap://company.com/ou=people,o=company.com?personid" </Location> This works fine for living, breathing people who need to log in. However, I also need to provide application accounts access to the repository. These accounts are in a different OU. Do I need to add a whole new <location> element, or can I add a second AuthLDAPURLto the existing entry?

  Read the article

• Nodejs for processing js and Nginx for handling everything else

  - by Kevin Parker

  I am having a nodejs running on port 8000 and nginx on port 80 on same server. I want Nginx to handle all the requests(image,css,etc) and forward js requests to nodejs server on port 8000. Is it possible to achieve this. i have configured nginx as reverse proxy but its forwarding every request to nodejs but i want nginx to process all except js. nginx/sites-enabled/default/ upstream nodejs { server localhost:8000; #nodejs } location / { proxy_pass http://192.168.2.21:8000; proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; proxy_redirect off; proxy_buffering off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; }

  Read the article

• Apache ProxyPass/ProxyPassReverse to IIS

  - by Dana

  We have an ASP.NET web application which is mapped to a folder on an apache hosted php site using ProxyPass.ProxyPassReverse. A couple of problems being encountered. cookies are being lost which breaks the site navigation, this can be overcome by setting the asp app as cookieless. Forms authentication is used on the ASP site, this is also broken withe the proxypass in place, suspect this is cookie related also. ASP site works ok when run from a domain/ip address. Use of a separate domain / sub-domain is not an option duew to client requirements.

  Read the article

• Picking up a lot of failed authentications for various accounts

  - by Josh K

  My server is getting a lot of various failed authentication attempts for various accounts. The most common one (that I've seen ) or the root account. I have since enabled Fail2Ban and ran several rootkit / malware checks to ensure I wasn't compromised. Is there anything else I should do? I only have three accounts enabled, and SSH access for only two. I have a full 48hr ban on anyone making more then six failed SSH login attempts. I do not have FTP enabled.

  Read the article

• Proxying fake domain to a localhost port

  - by Trevor Burnham

  I'd like to do much the same thing described at Redirect Domain Name to Localhost for web app development purposes, but with the twist that I'd like requests to fakedomain.com:80 to be routed to localhost:8080, say, so that I don't have to actually use my development machine's port 80. I'd welcome answers that take the form of: Small changes to configuration files like /etc/hosts, and/or An easy-to-configure proxy server I could run Note: Pow takes the approach of setting a firewall rule to forward all incoming traffic on port 80 to port 20559. That may be an acceptable solution, but ideally, I'd like to forward only a specific domain + port combination.

  Read the article

• Hiding a HTTP Auth-Realm by sending 404 to non-known IPs?

  - by zhenech

  I have an Apache (2.2) serving a web-app on example.com. That web-app has a debug-page reachable via example.com/debug. /debug is currently protected with a HTTP basic auth. As there is only a very small user-base who has access to the debug-page, I would like to hide it based on IP address and return 404 to clients not accessing from our VPN. Serving a 404 based on IP-address only is easy and is described in http://serverfault.com/a/13071. But as soon I add authentication, the users see a 401 instead of a 404. Basically, what I need is: if ($REMOTE_ADDR ~ 10.11.12.*): do_basic_auth (aka return 401) else: return 404

  Read the article

• SharePoint MOSS - Serve HTTP content on an HTTPS page without Mixed Content Warning?

  - by kcb263

  Our "portal-like" SharePoint site is served using HTTPS/SSL. So a user goes to https://web.company.com and sees content and different Web Parts. So far, no problem. The desire now is to have new Web Parts added that either frame HTTP content (such as Weather Bug) or HTTP RSS feeds. The issue that arises is that by doing this, results in a "Mixed Content" warning in the browser. Has anybody successfully been able to implement such a scenario, or one similar to it? The options we have looked at, unsuccessfully, have been: using Apache Reverse Proxy Server mirror an external site Custom Web Parts

  Read the article

• Unable to set NTFS permissions for ApplicationPoolIdentity on Windows 2008 SP2

  - by Kev

  On Windows 2008 R2 I am able to set NTFS permissions for an application pool's synthesised ApplicationPoolIdentity account thus: ICACLS d:\websites\site1\www /grant "IIS AppPool\site1":(CI)(OI)(M) The website's application pool is named site1 and is configured to run as ApplicationPoolIdentity. The site's authentication is also configured to authenticate as ApplicationPoolIdentity. I've done this a thousand times on Windows 2008 Standard Edition R2 with never a hitch. However if I try to do the same in Windows 2008 Standard Edition SP2 I get the error: IIS AppPool\site1: No mapping between account names and security IDs was done. Successfully processed 0 files; Failed processing 1 files I also notice that this fails if I try to set permissions for the application pool identity via the security GUI as well. I've seen this before and a reboot has cleared this issue but I'd like to know why this happens periodically. Googling around suggests other folks have hit this problem but there's never a satisfactory explanation. Why would this be?

  Read the article

• Is SmoothWall a good firewall alternative?

  - by Oden

  I found this linux distribution, called SmoothWall. I read its documentation and it looks pretty for me. The only problem is, that I'm not a big linux professional and I have also not a lot of experience but I want to know your thoughts about this "Firewall OS"! Can it be used for small-business environment, with 15-17 PC-s? I would use the server also as cache proxy. Is this a good idea? (I mean, using one server for two things)

  Read the article

• Trouble with mod_proxy and mongrel_rails

  - by x3ro

  Hey there I'm trying to set up a mod_proxy - mongrel combination, but somehow, apache/mod_proxy is unable to access mongrel locally. The following is my configuration for mod_proxy: ProxyRequests Off ProxyPreserveHost On <Location / ProxyPass http://localhost:3000/ ProxyPassReverse http://localhost:3000/ Order deny,allow Allow from all </Location Mongrel/Rails ist running just fine, because I can access it from my browser, and even with lynx on the server. However, I get the following error when trying to use the proxy: [error] [client 127.0.0.1] Invalid Content-Length I would appreciate any help :D PS: Oh, and the server is running Plesk to configure vhosts, if thats important.

  Read the article

• Chrome - Why am I automatically authenticated to a web app even after clearing browser cookies?

  - by Howiecamp

  I am accessing a web application using Chrome. If I sign out of the app and clear all Chrome history/cookies/etc (even Flash cookies which are now handled by Chrome in the same Clear History area) and then re-access the site, I am automatically logged in without being prompted for credentials. I then launched Chrome in Incognito mode and was able to reproduce the same behavior. However, the I was prompted upon the first logon while in Incognito mode. The web application behaves as expected in Internet Explorer 10. Some info about the application: It's a Sharepoint site using NTLM authentication The credentials are Active Directory-based, as the username is domain\username My connection is over the Internet and there is no AD relationship between my local Windows account, my Windows PC. In other words I (meaning my locally logged on user and my PC) are not in any way part of their AD domain. The site is running SSL on port 443 Why might Chrome be automatically authenticating me?

  Read the article

• Root certificate authority works windows/linux but not mac osx - (malformed)

  - by AKwhat

  I have created a self-signed root certificate authority which if I install onto windows, linux, or even using the certificate store in firefox (windows/linux/macosx) will work perfectly with my terminating proxy. I have installed it into the system keychain and I have set the certificate to always trust. Within the chrome browser details it says "The certificate that Chrome received during this connection attempt is not formatted correctly, so Chrome cannot use it to protect your information. Error type: Malformed certificate" I used this code to create the certificate: openssl genrsa -des3 -passout pass:***** -out private/server.key 4096 openssl req -batch -passin pass:***** -new -x509 -nodes -sha1 -days 3600 -key private/server.key -out server.crt -config ../openssl.cnf If the issue is NOT that it is malformed (because it works everywhere else) then what else could it be? Am I installing it incorrectly? Update I tried changing the certificate attributes, but to no avail: openssl genrsa -des -passout pass:***** -out private/server.key 2048 openssl req -batch -passin pass:***** -new -x509 -nodes -sha256 -days 3600 -key private/server.key -out server.crt -config ../openssl.cnf

  Read the article

• How to control remote access to Sonicwall VPN beyond passwords?

  - by pghcpa

  I have a SonicWall TZ-210. I want an extremely easy way to limit external remote access to the VPN beyond just username and password, but I do not wish to buy/deploy a OTP appliance because that is overkill for my situation. I also do not want to use IPSec because my remote users are roaming. I want the user to be in physical possession of something, whether that is a pre-configured client with an encrypted key or a certificate .cer/.pfx of some sort. SonicWall used to offer "Certificate Services" for authentication, but apparently discontinued that a long time ago. So, what is everyone using in its place? Beyond the "Fortune 500" expensive solution, how do I limit access to the VPN to only those users who have possession of a certificate file or some other file or something beyond passwords? Thanks.

  Read the article

• Nginx (for static files) and Apache (for dynamic content)?

  - by matthewsteiner

  So, my entire application runs on apache just fine. However, I want to test how much the requests per second increases if I put all static files through nginx instead. I found this thread: http://stackoverflow.com/questions/869001/how-to-serve-all-existing-static-files-directly-with-nginx-but-proxy-to-apache-t But I have a couple problems. I'm completely new to nginx, so I'm not sure where to put the configuration. (The file is at /etc/nginx/nginx.conf, but I don't know if I just add the code to the bottom or what?) Also, how can I have both servers running at the same time? Is it because they both listen on port 80? Right now I have to stop one to start the other, and that's as far as I've gotten. Thanks for any help.

  Read the article

• How to set up custom 401 error page or redirect in WSS3 SP2

  - by Stacy Vicknair

  I've got a WSS3 sharepoint site that requires windows authentication both in IIS and via the Sharepoint site. What I would like to do is in the case that a user does not provide valid AD credentials they are redirected to a custom error page. Currently, if the user immediately hits cancel when prompthey will see a plain text response of "401 UNAUTHORIZED". If they make an attempt and then hit cancel they instead see a blank page. I have looked into several options such as customErrors, httpModule interception (only saw examples for this after the user is authenticated), IIS Url rewrites (didn't see how this could help). Is there a good way to do this?

  Read the article

• Managing service passwords with Puppet

  - by Jeff Ferland

  I'm setting up my Bacula configuration in Puppet. One thing I want to do is ensure that each password field is different. My current thought is to hash the hostname with a secret value that would ensure each file daemon has a unique password and that password can be written to both the director configuration and the file server. I definitely don't want to use one universal password as that would permit anybody who might compromise one machine to get access to any machine through Bacula. Is there another way to do this other than using a hash function to generate the passwords? Clarification: This is NOT about user accounts for services. This is about the authentication tokens (to use another term) in the client / server files. Example snippet: Director { # define myself Name = <%= hostname $>-dir QueryFile = "/etc/bacula/scripts/query.sql" WorkingDirectory = "/var/lib/bacula" PidDirectory = "/var/run/bacula" Maximum Concurrent Jobs = 3 Password = "<%= somePasswordFunction =>" # Console password Messages = Daemon }

  Read the article

• SFTP: How to keep data out of the DMZ

  - by ChronoFish

  We are investigating solutions to the following problem: We have external (Internet) users who need access to sensitive information. We could offer it to them via SFTP which would offer a secure transport method. However, we don't want to maintain the data on server as it would then reside in the DMZ. Is there an SFTP server that has "copy on access" such that if the box in the DMZ were to be compromised, no actual data resided on that box? I am envisioning an SFTP Proxy or SFTP passthrough. Does such a product exist currently?

  Read the article

• How can I reroute a sub-domain to localhost + port number?

  - by urig

  I have several web applications running on my developer machine. They mimic our production web applications which are hosted on sub-domain. For example, consider: api.myserver.com - is mimicked by 127.0.0.1:8000 www.myserver.com - is mimicked by 127.0.0.1:8008 and so on... How can I make it so that, on my Windows 7 machine, HTTP calls to "api.myserver.com" (note the lack of port number) are redirected to 127.0.0.1:8000 etc? Note that this needs to apply both to client-side calls (in the browser) and server-side calls (from IIS to Python development server and vice versa). Do I need a proxy to run locally to achieve this? Can you recommend such a tool?

  Read the article

• Apache ProxyPass/ProxyPassReverse to IIS

  - by Dana

  We have an ASP.NET web application which is mapped to a folder on an apache hosted php site using ProxyPass.ProxyPassReverse. A couple of problems being encountered. cookies are being lost which breaks the site navigation, this can be overcome by setting the asp app as cookieless. Forms authentication is used on the ASP site, this is also broken withe the proxypass in place, suspect this is cookie related also. ASP site works ok when run from a domain/ip address. Use of a separate domain / sub-domain is not an option duew to client requirements.

  Read the article

• Cannot access folder locally, but can remotely

  - by Cylindric

  I'm having a peculiar problem on one of my servers at the moment, which seems to be related to authentication in some way, but I have no idea how to find the root of the problem. I have a folder on the server D:\Somefolder\Logs. If I am connected to the server via an RDP terminal, so essentially "local", I cannot access that folder - I get an access denied. If I am connecting from my machine to it using the share \server\d$\Somefolder\Logs, I can access it. I'm logging in to both machines as the same user. Permissions on the folder seem quite simple, CREATOR OWNER, SYSTEM and Administrators. I am a Domain Admin, and they are in the local "Administrators" group. It is also affecting things like access to SQL Server, so I don't think it's a simple folder-permissions thing. For example, I cannot connect SQL Management Studio to all the local SQL instances using a domain account, but I can if I connect remotely to it.

  Read the article

• Squid closing the connection on long HTTP GET requests

  - by Rhys

  When running a database query on a specific external site we use, Squid seems to cut off the connection after a consistent period of time (just over a minute). The query is submitted through a standard web form is that uses GET to query their database. Firefox 3 just displays a blank page. Internet Explorer throws a 'Page Cannot Be Displayed' error (tested in v6 and v8). When we perform the same query on the same machine, but bypass the Squid proxy, it works fine. The query takes about two and a half minutes to complete. There are a few timeout settings in Squid, but I honestly don't know what one to be looking at. Any possible solutions would be much appreciated. Cheers

  Read the article

• Workaround for API limits [closed]

  - by blunders

  Problem: Planning on building out a client services company that requires access to APIs. Most APIs are limited based on user, IP, etc. - and even though the API calls would be on a per client basis, there's no way to get usage not tied to IPs. (Theoretical) Solution: Have each client install on their network a proxy/VPN that would allow my systems to connect and use their assigned usage. So, it's possible there's a better solution than the one I've thought of, but it's the only one I've been able to come up with.

  Read the article

• reverse_proxy (mod_rewrite) and rails

  - by SooDesuNe

  I have front end rails app, that reverse proxies to any of a number of backend rails apps depending on URL, for example http://www.my_host.com/app_one reverse proxies to http://www.remote_host_running_app_one.com such that a URL like http://www.my_host.com/app_one/users will display the contents of http://www.remote_host_running_app_one.com/users I have a large, and ever expanding number of backends, so they can not be explicitly listed anywhere other than a database. This is no problem for mod_rewrite using a prg:/ rewrite map reverse proxy. The question is, the urls returned by rails helpers have the form /controller/action making them absolute to the root. This is a problem for the page served by mod_rewrite because links on the proxied page appear as absolute to the domain. i.e.: http://www.my_host.com/app_one/controller/action has links that end up looking like /controller/action/ when they need to look like /app_one/controller/action Is there a way to fix this server-side, so that the links will be routed correctly?

  Read the article

< Previous Page | 96 97 98 99 100 101 102 103 104 105 106 107  | Next Page >