Search Results

Search found 3366 results on 135 pages for 'openvpn auth ldap'.

Page 107/135 | < Previous Page | 103 104 105 106 107 108 109 110 111 112 113 114 | Next Page >

Looking for a way to get HTTP Digest Authentication headers from incoming http requests

- by duncancarroll

I've been working on a REST implementation with my existing Cake install, and it's looking great except that I want to use HTTP Digest Authentication for all requests (Basic Auth won't cut it). So great, I'll generate a header in the client app (which is not cake) and send it to my cake install. Only problem is, I can't find a method for extracting that Digest from the request... I've looked through the Cake API for something that I can use to get the Digest Header. You'd think that Request Handler would be able to grab it, but I can't find anything resembling that. There must be another method of getting the digest that I am overlooking? In the meantime I'm writing my own regex to parse it out of the Request... once I'm done I'll post it here so no one has to waste as much time as I did hunting for it.

Read the article
s3cmd setacl to grant 'Authenticated Users'

- by rynop

I'm using jgit to create a remote in s3. Problem I'm having is when I do a jgit push s3 master it creates the files in s3 as owned by me. I want to keep the files private, and be read/write by 'Authenticated users'. I'd like to be able to either set acl: authenticated-read in the ~/.jgit file OR be able to modify the acl after the push: s3cmd --add-header=x-amz-acl:authenticated-read setacl --acl-private s3://my.bucket/repo/* Neither of these work. How do i use jgit and push to s3 and keep it private, and let anyone with auth read/write?

Read the article
MongoDB db.serverStatus() gives error when running using tunnel that is targetted to api.cloudfoundry.com

- by Ajay

Following is the console session... C:\Users\xxx>vmc tunnel myMongoDB Getting tunnel connection info: OK Service connection info: username : uuuu password : pppp name : db url : mongodb://uuuu:[email protected]:25200/db Starting tunnel to myMongoDB on port 10000. 1: none 2: mongo 3: mongodump 4: mongorestore Which client would you like to start?: 2 Launching 'mongo --host localhost --port 10000 -u uuuu -p pppp db' MongoDB shell version: 2.0.6 connecting to: localhost:10000/db > db.serverStatus() { "errmsg" : "need to login", "ok" : 0 } > Which credentials should I use to login (assuming should use db.auth) to get rid of the error "{ "errmsg" : "need to login", "ok" : 0 }". When I run the same in micro CF on my machine it works ok and gives me the expected output. P.S. I'm trying this to get to know the current connections on my application, written in node.js. Trying to debug some issues with connections to the DB. If there is any other alternative that I can use please suggest that as well.

Read the article
PHP How to access constant defined outside class?

- by Ashley Ward

I have defined some constants eg: define('DB_HOSTNAME', 'localhost', true); define('DB_USERNAME', 'root', true); define('DB_PASSWORD', 'root', true); define('DB_DATABASE', 'authtest', true); now when I try to do this: class Auth{ function AuthClass() { $this->db_link = mysql_connect(DB_HOSTNAME, DB_USERNAME, DB_PASSWORD) or die(mysql_error()); } } I get an error. Why is this and what do I need to do? See, I've tried using (for example) global DB_HOSTNAME but this fails with an error.

Read the article
Django - Empty session data in ajax requests

- by ninja123

Hi guys, I have an ajax view where I want to set a session variable like such: def upload(request, *args, **kwargs): request.session['test'] = 'test' request.session.modified = True print request.session.items() I have another normal view something like this: def advertise(request): print request.session.items() I get these two strings printed to shell: [('test', 'test')] [('_auth_user_backend', 'django.contrib.auth.backends.ModelBackend'), ('_auth_user_id', 26L)] Why is the session data that I set in the ajax view not passing to my regular views? If I set session data in regular view, everything works as fine, but it seems that ajax requests contain empty session data? Anybody dealt with something like this before? Any suggestions are greatly appreciated. Thanks.

Read the article
How do I handle user authorization the safest way?

- by Irro

I'm developing a small website where I'm going to allow user to create accounts but I'm quite clueless when it comes to safety around authorizations. I have built my project in PHP with codeigniter and found a library (Tank Auth) that could handle authorization for me. It stores password in a safe way but I'm still worried about the part when the user sends their password to my server. One easy way to do it would be to send the password in a post-request but I would guess that it's quite easy to sniff such a password. Should I do something with the password on the client side before sending it to my server? And is there any good javascript libraries for this?

Read the article
Call REST service while impersonating a user that is already authorized to the glasfish server

- by user1894489

There are two web-applications deployed on a glassfish server. Both web applications provide a REST web service. the access to both web-services is secured via glassfish security constraints (at the moment BASIC Auth and file-realm). Let's say a user is accessing the service of web application A. After he is authorized, service A wants to call service B via REST client. Is there a way for a service to impersonate a user that is already authorized to the glasfish server? Maybe something like forwarding the security context or editing the headers? Is there another Filter? @Context private SecurityContext securityContext; username = securityContext.getUserPrincipal().getName(); password = ??? client.addFilter(new com.sun.jersey.api.client.filter.HTTPBasicAuthFilter(username, password)); Thanks!

Read the article
credit or minclass does not work well with pam_cracklib.so in common-password (opeSuSe 11.3)

- by Mario

I'm trying to implement password complexities on my pdc. It's a samba PDC with openLDAP backend. I tried cracklib-check but it looks like that I should have a decent and localize version of password library since the library out there usually comes in english. I also have another consideration that we will allow users to use any kind of password - even though it's dictionary based - as long as their passwords integrated with low/upper alphabet, digits, and other characters such as '$' or '_' (pam_cracklib.so calls them as classes). So here is my /etc/pam.d/common-password: #password requisite pam_pwcheck.so nullok cracklib password requisite pam_cracklib.so minclass=4 reject_username ##password requisite pam_cracklib.so \ ## dcredit=-1 ucredit=-1 lcredit=-1 ocredit=-1 reject_username password optional pam_gnome_keyring.so use_autht_ok password required pam_unix2.so use_authtok nullok The first commented line (with #) was the default configuration of openSuse 11.3. The 2nd/3rd (with leading ##) is another configuration I use when minclass=4 line is commented out. By the way, I have 'check password script' = /usr/local/sbin/crackcheck -d /usr/share/cracklib/pw_dict and passdb backend = ldapsam:ldap://127.0.0.1 parameters in smb.conf and cracklib-check works fine too. So here is the test I conduct. I logon to windows and then change my password. Sometimes it works fine that it trows error message - which what I wanted, but simple password with only lower alphabets can pass windows change password. Maybe I should make a new library which incorporates local vocabularies, but a guy out there (raise your hand please if you read this :) ) also experienced the same trouble with english word. Besides, what we really want is to let user to choose 2 or 3 format password out of 4 classes. Is there a bug or something with pam module in openSuse 11.3? Thank you in advance. Regards, Mario

Read the article
CVS in cmd/gui works only the third time I run a command.

- by Somebody still uses you MS-DOS

I'm using CVS in the command line. I'm in my repository folder. When I call a CVS command, I get... cvs [log aborted]: unrecognized auth response from localhost: -f [pserver aborted]: /opt/cvs/XXXXXX: no such repository ...2 times. The third time I run the command, it works with no problems. I tried to use a GUI client (CrossVC) and the same problem occurs. I tried inside gVim and Vim using VCSCommand and I'm having the same issues as well. I've tested with different times between each command, but I still have the same problems. I'm using a CVS configuration with stunnel. Why am I having problem with this setup? Why every time just the third time that I try to run the command that actually works?

Read the article
Sinatra: How do I provide access to a login form while preventing access to the rest of my Sinatra a

- by Brandon Toone

I recently created a Sinatra app with a login form (no basic auth). To prevent access to the app unless the user logged in I put a before block in place before do unless request.path_info == '/login' authenticated? end end I quickly realized that this prevented me from accessing resources in the public directory like my style sheet and logo unless authenticated first as well. To get around that I changed my filter to the following: before do unless request.path_info == '/login' || request.path_info == "/stylesheets/master.css" || request.path_info == "/images/logo.png" authenticated? end end If there were lots of resources I needed to provide exceptions to this way of making them would quickly become overwhelming. What is a better way to code this so I can make exceptions for the public directory or even its specific sub-directories and files like /stylesheets, /images, /images/bg.png but not /secret or /secret/eyes-only.pdf? Or ... Is there a completely different best-practice to handle this situation of locking down everything except the stuff related to logging in (handlers, views, resources)?

Read the article
Unable to remove invalid(orphaned?) SPNs

- by Brent

tldr version: Renamed domain from internal.domain.com to domain.com, have 4 SPNs that am unable to remove from DC. So my domain was internal.domain-name.com and I renamed it to domain-name.com and I thought everything was good. Several days later, I start setting up my RD Gateway and am noticing issues surrounding group policy. I run dcdiag and the SystemLog part fails. Starting test: SystemLog A warning event occurred. EventID: 0x00001796 Time Generated: 08/25/2014 02:48:30 Event String: Microsoft Windows Server has detected that NTLM authentication is presently being used between clients and this server. This event occurs once per boot of the server on the first time a client uses NTLM with this server. An error event occurred. EventID: 0xC0001B70 Time Generated: 08/25/2014 02:49:18 Event String: The SQL Server (MSSQLSERVER) service terminated with the following service-specific error: An error event occurred. EventID: 0xC0001B70 Time Generated: 08/25/2014 02:49:48 Event String: The SQL Server (MSSQLSERVER) service terminated with the following service-specific error: An error event occurred. EventID: 0xC0001B70 Time Generated: 08/25/2014 02:52:47 Event String: The SQL Server (MSSQLSERVER) service terminated with the following service-specific error: This made me check my AD for possible connections to the .internal domain. I found four which I remove by: setspn -D E3514235-4B06-11D1-AB04-00C04FC2DCD2/d79fa59c-74ad-4610-a5e6-b71866c7a157/internal.domain-name.com ServerName setspn -D HOST/ServerName.domain-name.com/internal.domain-name.com ServerName setspn -D GC/ServerName.domain-name.com/internal.domain-name.com ServerName setspn -D ldap/ServerName.domain-name.com/internal.domain-name.com ServerName Also, checking my dns records, there's an internal subdomain that I can delete but it comes back as well. I've tried removing the spns to no avail. Is there something I'm missing?

Read the article
Easiest way to do host name resolution with IPA?

- by Luke

We are currently using static LAN IP addresses for our internal non-public facing servers. We don't have DHCP configured. We're using Vyatta for our router and firewall. The firewall is configured to be zone based. We want to setup IPA for centralized authentication (LDAP+Kerberos). IPA is requiring resolvable host names. I want to avoid having to enter DNS records by hand. What is the most painless way to make host names resolvable that works with IPA in a Linux only environment? We arn't using anything to resolve host names now. Up until now we've been using static ip addresses and local users on each server. We've looked at BIND, DHCP (does that even solve the problem?), and multicast DNS. At this point we're not sure which solution would work best. Is there another option we haven't considered? Security is very important. We have multiple zones where each zone has very specific or no access to another zone. DNS for public domains is forwarded from Vyatta to our ISP's DNS server.

Read the article
django threadedcomments

- by Patrick

Hi folks, I would like to setup a comment systems on my site, using django threadedcomments, and I follow all the steps in the Tutorial, however, I get the following error: No module named newforms.util I am not sure what causing this issue, here is my configuration: #settings.py INSTALLED_APPS = ( 'django.contrib.admin', 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.sites', 'myproject.myapp', 'threadedcomments', ) #urls.py from django.conf import settings from django.conf.urls.defaults import * from django.contrib import admin admin.autodiscover() urlpatterns = patterns('', (r'^admin/', include(admin.site.urls)), (r'^threadedcomments/', include('threadedcomments.urls')), ) Please let me know if there is another better choice for commenting, as long as the comment system is flexible and able to do lot of customization, as well as threadedcomment, of coz, integrating with Rating, I am happy to use the other one. Thanks guys.

Read the article
Setting Up TFS Server outside of a domain

- by Ben

Hi Im trying to set up TFS 2010 on a machine that is connected to a network, but not on the domain. I am trying to connect this to a SQL Server that is also connected to the network and also not on the domain. When I run through the TFS configuration Wizard and try to connect to the SQL Server, it fails with a message "A connection can not be made...." which looks like it cant see the Server. However when i connect through SQL Management Studio it works when i use SQL Authentication (not Windows Auth). I beleive its failing because TFS needs to connect using Windows Authetication (please correct me if im wrong). I can not add the Windows Authentication for my TFS machine onto the SQL machine becuase they are on different domains (again, pleas correct me if I'm wrong). Does anyone have any suggestions? Thanks.

Read the article
Database Error django

- by Megan

DatabaseError at /admin/delmarva/event/ no such column: delmarva_event.eventdate I created a class in my models.py file: from django.db import models from django.contrib.auth.models import User class Event(models.Model): eventname = models.CharField(max_length = 100) eventdate = models.DateField() eventtime = models.TimeField() address = models.CharField(max_length = 200) user = models.ForeignKey(User) def __unicode__(self): return self.eventname and now when i try to view my events in my admin or my main_page it gives me the error that there is no eventdate. I tried syncing the db again but nothing changed. Also, I hashtagged eventdate out to see if I get a different error and then it states that delmarva_event.eventtime does not exist as well. I It is weird because it does not have a problem with eventname. Any suggestions would be greatly appreciated!

Read the article
Does GAE/OpenID/OAuth support xmlhttp proxy?

- by h2g2java

Currently, my code would construct the GWT form, which user would submit directly to openId (or any authenticaiton service). Such a method works fine. However, what if I had the gwt page server access the OpenID provider, is there a way/strategy for the server to mediate authentication between its client and the auth provider? I wish to know the answers with respect to GAE as the proxy and, regardless if GAE or Tomcat is the intended proxy, answers wrt Google Accounts OpenID OAuth If so, it would be wonderful if someone could describe the installation strategy.

Read the article
grails mail connection refused

- by mkoryak

it seems i have tried the mail config in the way that its docs said, but still i get: Error 500: Executing action [x] of controller [x] caused exception: Mail server connection failed; nested exception is javax.mail.MessagingException: Could not connect to SMTP I am using google apps for my email so [email protected] is using gmail. i cannot get grails to send out a test message on my dev box (win 7). my config is: host = "smtp.gmail.com" port = 465 username = "[email protected]" password = "x" props = ["mail.smtp.auth":"true", "mail.smtp.debug":"true", "mail.smtp.starttls.enable":"true", "mail.smtp.socketFactory.port":"465", "mail.smtp.socketFactory.class":"javax.net.ssl.SSLSocketFactory", "mail.smtp.socketFactory.fallback":"false"]

Read the article
Securing a REST API

- by Christopher McCann

I am in the middle of developing a REST API - the first one I ever have. The data being passed through the API is not of such a critical nature that there will be loss of life, economics etc if it was intercepted but at the same time I would like it to be secure. The data being transferred is simply like the data that would be transferred on Twitter or Facebook - not overly confidential but still should be kept private. What is the best way to secure this data? Am I best to use HTTP Basic Auth over SSL or should I be looking into something like OAuth. I have never really used REST much before so bit of a first for me. Thanks

Read the article
MVC Forms Authentication with custom database

- by AndrewVos

I'm trying to get forms authentication working for an mvc site. I have a custom database with a users table, and I would like to do my own password validation. I am logging in my user like this: if (PasswordHasher.Hash(password) == dataUser.Password) { FormsAuthentication.SetAuthCookie(email, true); return true; } The problem is, when the session expires obviously the user has to login again. I am thinking I should be storing this Auth cookie in my users table? Update: I'm obviously in desperate need of more education in this area. I just noticed that the user stays authenticated even after an iisreset. I guess what I'm asking is how can I get persistent and non persistent authentication working properly. I want a user to not have to login again if they click "remember", and if they don't then their authentication should expire when the forms authentication is set to expire.

Read the article
Is there a learnable filter in Thunderbird for non-spam messages (as in Opera Mail)?

- by Debilski

One feature I like very much about Opera Mail is that you can have learnable filters for any purpose. So not only can you filter spam messages but also messages that your friends sent you or info mails from web platforms without having to enter each and every mail address you want to filter. It actually works quite satisfying and you can combine it with string filtering, too. It does a few mistakes in the beginning but then improves quickly after you have removed some of the false positives. However, there are a couple of drawbacks with the Opera Mail module. The filters are only ‘virtual’. So, with IMAP there is no easy way of mirroring the filtered structure back on the server and when I’m using webmail I’ll see the whole unfiltered mess in the inbox folder. Opera’s not using the OS X address book — and neither does it use ldap (which is not too important for me at the moment). So, I’m not specifically looking for a Thunderbird solution here, a way to fix things in Opera or Apple Mail should do as well. Or some other E-Mail program I don’t even know about yet. (So, to be clear, I’d like to have: OS X Address Book integration, Learnable filters for any type of filtering, Ability to push filtered folder structure to the IMAP server) But I thought like, if it is possible then most probably there would be an add-on for Thunderbird available. Any ideas?

Read the article
postfix email gateway

- by k-h

I am setting up a postfix email gateway. It will not hold any mail but will accept email for my domain and forward it to another internal mailserver and relay mail out from the internal server. One of the main problems is that I am working on a live running system and this will be an upgrade so I am using a test domain which I will change at some point to the real domain. I tried various methods but found the simplest way (that worked) was to use a script to create an aliases file (from ldap entries). There are various problems with this method. The main one being that the entries can't be of the simple form [email protected] because the gateway doesn't know where to send them. They have to be of the form: [email protected]. What I would like doesn't seem hard but I can't get my head around the postfix documentation. There seem to be various ways but none of them seem to work. Most of the examples I have found on the web assume the mail is going to end up on the server. I want a list of users somewhere, preferably of the form: user1, user2, etc rather than [email protected] (I can easily generate this list) and I would like postfix to forward all email to example.com to a particular server: ie realmailserver.example.com. Can anyone suggest clues as to how I might do this?

Read the article
Membership systems for MVC4 that support RavenDB

- by brad oyler

I create a lot of quick "proof of concept" MVC apps and I actually found the SimpleMembership provider that shipped with the MVC4 templates to be very handy since it gets me up and running with user registration & OAuth in a matter of minutes. But...I've started to use RavenDb (on RavenHQ for a lot for my projects). So, I starting trying to implement my own "custom membership provider" based on the ExtendedMembershipProvider and while doing that I realized that didn't make much sense. I later stumbled upon 2 interesting projects that try to solve this exact problem: WorldDomination.Web.Auth: https://github.com/PureKrome/WorldDomination.Web.Authentication MemFlex: https://github.com/OdeToCode/Memflex Both are pretty interesting recent efforts and was wondering if these are the only ones being built right now. I'm essentially looking for nuget pkg that I can drop into a MVC4 app, connect to my RavenDb and be done. I'm willing to build this thing but don't want to duplicate any efforts that are already in motion. Thx!

Read the article
SVN Subversion use explicit cached credentials

- by Nick

I am trying to run a SVN command in a script, but the script is launched as a system service that has cached svn username/password credentials. I could always just put the username/password arguments in the command: svn info --username bob --password pass but I'd rather not have my username/password just sitting in a text file. I've discovered that my cached credentails (when run svn normally) end up here: C:\Documents and Settings\bob\Application Data\Subversion\auth\svn.simple\6ef188c2163f1ccc860a690b7ad21a15 Is there any way I could copy this cached credential file to where my script exists and just call that file explicitly?

Read the article
Changing gmail Settings with Ruby

- by Technocrat

I need to configure my gmail account(s) programmatically with Ruby. I checked out the apps api and it looks like the simplest possible solution would be to use ClientLogin for logging in and a simple XML PUT for changing the forwarding setting, for example. I wrote a little test script like so: http://gist.github.com/373457 It would appear that the call to ClientLogin works because it comes back with an Auth= token. When it sends the PUT request to google, however, it comes back with a RestClient::Unauthorized exception. I rewrote the script with pure net/https and it turns out the message I'm getting is invalid token, yet I can't figure out what is wrong with my token. Can anyone else see it?

Read the article
Where to place the login/authentication related actions in MVC

- by rogeriopvl

I've searched around and found that when implementing an authentication module in MVC architecture some people opt to place the login related actions in the User controller while others place it in a controller dedicated to authentication only. In pseudo-java-like code: class UserController extends Controller { public login() { //... } } Accessed with http://mydomain.com/user/login. vs. class AuthController extends Controller { public login() { //... } } Accessed with http://mydomain.com/auth/login. I would like to know which approach is better, and why. That is, if there's really any difference at all. Thanks in advance.

Read the article

< Previous Page | 103 104 105 106 107 108 109 110 111 112 113 114 | Next Page >