Search Results

Search found 2316 results on 93 pages for 'credentials'.

Page 11/93 | < Previous Page | 7 8 9 10 11 12 13 14 15 16 17 18  | Next Page >

  • Sharepoint asks for NTLM credentials for every unique URL. How do I stop it?

    - by CamronBute
    I'm tasked with troubleshooting a problem we're having with a SP2010 site. The app is external, and there are several clients that must connect. Some clients are receiving a crazy amount of credential requests when trying to log on. It appears to ask for every unique URL (eg. every different picture, link, etc) and it won't stop. Other clients are having no problems. I cannot seem to replicate the issue, either. I'm attempting to replicate by restricting all settings (including cookies) on my own browser, but to no avail. I put the HTTP request under a microscope, and it's asking for NTLM credentials. The client is using IE8, and the browser is running in Protected Mode, but the browser settings cannot be determined... I'm guessing this is a webserver thing, simply because it appears to be an authentication thing. What might the problem be?

    Read the article

  • EWS connect to ExchangeServer authentication specifications

    - by dankyy1
    Hi all I'm connecting to ExchangeServer with username,password,doain properities(my code below) but what how to define server uses Kerberos,ntlm or basic authentication e.g? thnx xchangeServiceBinding binding = new ExchangeServiceBinding(); ServicePointManager.ServerCertificateValidationCallback = CertificateValidationCallBack; System.Net.WebProxy proxyObject = new System.Net.WebProxy(); proxyObject.Credentials = System.Net.CredentialCache.DefaultCredentials; if (string.IsNullOrEmpty(credentials.UserName) || string.IsNullOrEmpty(credentials.Password) || string.IsNullOrEmpty(credentials.Domain)) throw new ArgumentNullException("The Crediantial values could not be null or empty."); binding.Credentials = new NetworkCredential(credentials.UserName, credentials.Password, credentials.Domain); if (string.IsNullOrEmpty(serverURL)) throw new ArgumentNullException("The Exchange server Url could not be null or empty."); binding.Url = serverURL; binding.UseDefaultCredentials = true; binding.Proxy = proxyObject; //TO DO:take version over parameter..or configration!! binding.RequestServerVersionValue = new RequestServerVersion(); binding.RequestServerVersionValue.Version = (ExchangeVersionType)Enum.Parse(typeof(ExchangeVersionType), serverVersion);// ExchangeVersionType.Exchange2007_SP1;//.Exchange2010;

    Read the article

  • How do you pass user credentials from WebClient to a WCF REST service?

    - by Alex
    I am trying to expose a WCT REST service and only users with valid username and password would be able to access it. The username and password are stored in a SQL database. Here is the service contract: public interface IDataService { [OperationContract] [WebGet(ResponseFormat = WebMessageFormat.Json)] byte[] GetData(double startTime, double endTime); } Here is the WCF configuration: <bindings> <webHttpBinding> <binding name="SecureBinding"> <security mode="Transport"> <transport clientCredentialType="Basic"/> </security> </binding> </webHttpBinding> </bindings> <behaviors> <serviceBehaviors> <behavior name="DataServiceBehavior"> <serviceMetadata httpGetEnabled="true"/> <serviceCredentials> <userNameAuthentication userNamePasswordValidationMode="Custom" customUserNamePasswordValidatorType= "CustomValidator, WCFHost" /> </serviceCredentials> </behavior> </serviceBehaviors> </behaviors> <services> <service behaviorConfiguration="DataServiceBehavior" name="DataService"> <endpoint address="" binding="webHttpBinding" bindingConfiguration="SecureBinding" contract="IDataService" /> </service> </services> I am accessing the service via the WebClient class within a Silverlight application. However, I have not been able to figure out how to pass the user credentials to the service. I tried various values for client.Credentials but none of them seems to trigger the code in my custom validator. I am getting the following error: The underlying connection was closed: An unexpected error occurred on a send. Here is some sample code I have tried: WebClient client = new WebClient(); client.Credentials = new NetworkCredential("name", "password", "domain"); client.OpenReadCompleted += new OpenReadCompletedEventHandler(GetData); client.OpenReadAsync(new Uri(uriString)); If I set the security mode to None, the whole thing works. I also tried other clientCredentialType values and none of them worked. I also self-hosted the WCF service to eliminate the issues related to IIS trying to authenticate a user before the service gets a chance. Any comment on what the underlying issues may be would be much appreciated. Thanks. Update: Thanks to Mehmet's excellent suggestions. Here is the tracing configuration I had: <system.diagnostics> <sources> <source name="System.ServiceModel" switchValue="Information, ActivityTracing" propagateActivity="true"> <listeners> <add name="xml" /> </listeners> </source> <source name="System.IdentityModel" switchValue="Information, ActivityTracing" propagateActivity="true"> <listeners> <add name="xml" /> </listeners> </source> </sources> <sharedListeners> <add name="xml" type="System.Diagnostics.XmlWriterTraceListener" initializeData="c:\Traces.svclog" /> </sharedListeners> </system.diagnostics> But I did not see any message coming from my Silverlight client. As for https vs http, I used https as follows: string baseAddress = "https://localhost:6600/"; _webServiceHost = new WebServiceHost(typeof(DataServices), new Uri(baseAddress)); _webServiceHost.Open(); However, I did not configure any SSL certificate. Is this the problem?

    Read the article

  • Can't login to Windows server 2008 (as any user, not even locally, not in safe mode but I have right credentials)

    - by Saix
    Just from nowhere I can't login to my Windows server 2008 machine. All the services like FTP server or webserver (which I'm actually not using, just remote desktop and FTP) are running. Whatever credentials I try (even/especialy administrator), it always says Unknown Username or bad password. I have already tried hard turn off/on and safe mode without luck. Also I already tried type in login name as SERVER NAME\user or Workgroup\user (every case sensitive scenario), still says I have wrong login. Usually we are using remote desktop to access the machine but local access over KVM doesn't work either. Now I'm lock out of any control or any way to do something. There's just logon screen preceding by ctrl+alt+del to login alert. Without me able to login I can't actually try to fix anything. Can't find much more on Internet except the SERVER NAME\user thing. Reinstall would be the last resort but I can't let things this way for much longer anyway. This server is vital. If it would be any help, I think automatic Windows updates are turned off and there were no updates or newly installed software for last couple years and just few soft restarts, non of them recently. It happened during it's runtime while all other services were still up and running, so this couldn't be just some Windows nasty screw up during boot or something. What could have possibly changed? What are my options now?

    Read the article

  • Data Source Security Part 1

    - by Steve Felts
    I’ve written a couple of articles on how to store data source security credentials using the Oracle wallet.  I plan to write a few articles on the various types of security available to WebLogic Server (WLS) data sources.  There are more options than you might think! There have been several enhancements in this area in WLS 10.3.6.  There are a couple of more enhancements planned for release WLS 12.1.2 that I will include here for completeness.  This isn’t intended as a teaser.  If you call your Oracle support person, you can get them now as minor patches to WLS 10.3.6.   The current security documentation is scattered in a few places, has a few incorrect statements, and is missing a few topics.  It also seems that the knowledge of how to apply some of these features isn’t written down.  The goal of these articles is to talk about WLS data source security in a unified way and to introduce some approaches to using the available features.  Introduction to WebLogic Data Source Security Options By default, you define a single database user and password for a data source.  You can store it in the data source descriptor or make use of the Oracle wallet.  This is a very simple and efficient approach to security.  All of the connections in the connection pool are owned by this user and there is no special processing when a connection is given out.  That is, it’s a homogeneous connection pool and any request can get any connection from a security perspective (there are other aspects like affinity).  Regardless of the end user of the application, all connections in the pool use the same security credentials to access the DBMS.   No additional information is needed when you get a connection because it’s all available from the data source descriptor (or wallet). java.sql.Connection conn =  mydatasource.getConnection(); Note: You can enter the password as a name-value pair in the Properties field (this not permitted for production environments) or you can enter it in the Password field of the data source descriptor. The value in the Password field overrides any password value defined in the Properties passed to the JDBC Driver when creating physical database connections. It is recommended that you use the Password attribute in place of the password property in the properties string because the Password value is encrypted in the configuration file (stored as the password-encrypted attribute in the jdbc-driver-params tag in the module file) and is hidden in the administration console.  The Properties and Password fields are located on the administration console Data Source creation wizard or Data Source Configuration tab. The JDBC API can also be used to programmatically specify a database user name and password as in the following.  java.sql.Connection conn = mydatasource.getConnection(“user”, “password”); According to the JDBC specification, it’s supposed to take a database user and associated password but different vendors implement this differently.  WLS, by default, treats this as an application server user and password.  The pair is authenticated to see if it’s a valid user and that user is used for WLS security permission checks.  By default, the user is then mapped to a database user and password using the data source credential mapper, so this API sort of follows the specification but database credentials are one-step removed from the application code.  More details and the rationale are described later. While the default approach is simple, it does mean that only one database user is doing all of the work.  You can’t figure out who actually did the update and you can’t restrict SQL operations by who is running the operation, at least at the database level.   Any type of per-user logic will need to be in the application code instead of having the database do it.  There are various WLS data source features that can be configured to provide some per-user information about the operations to the database. WebLogic Data Source Security Options This table describes the features available for WebLogic data sources to configure database security credentials and a brief description.  It also captures information about the compatibility of these features with one another. Feature Description Can be used with Can’t be used with User authentication (default) Default getConnection(user, password) behavior – validate the input and use the user/password in the descriptor. Set client identifier Proxy Session, Identity pooling, Use database credentials Use database credentials Instead of using the credential mapper, use the supplied user and password directly. Set client identifier, Proxy session, Identity pooling User authentication, Multi Data Source Set Client Identifier Set a client identifier property associated with the connection (Oracle and DB2 only). Everything Proxy Session Set a light-weight proxy user associated with the connection (Oracle-only). Set client identifier, Use database credentials Identity pooling, User authentication Identity pooling Heterogeneous pool of connections owned by specified users. Set client identifier, Use database credentials Proxy session, User authentication, Labeling, Multi-datasource, Active GridLink Note that all of these features are available with both XA and non-XA drivers. Currently, the Proxy Session and Use Database Credentials options are on the Oracle tab of the Data Source Configuration tab of the administration console (even though the Use Database Credentials feature is not just for Oracle databases – oops).  The rest of the features are on the Identity tab of the Data Source Configuration tab in the administration console (plan on seeing them all in one place in the future). The subsequent articles will describe these features in more detail.  Keep referring back to this table to see the big picture.

    Read the article

  • How to organize and manage multiple database credentials in application?

    - by Polaris878
    Okay, so I'm designing a stand-alone web service (using RestLET as my framework). My application is divided in to 3 layers: Data Layer (just above the database, provides APIs for connecting to/querying database, and a database object) Object layer (responsible for serialization from the data layer... provides objects which the client layer can use without worrying about database) Client layer (This layer is the RestLET web service... basically just creates objects from the object layer and fulfills webservice request) Now, for each object I create in the object layer, I want to use different credentials (so I can sandbox each object...). The object layer should not know the exact credentials (IE the login/pw/DB URL etc). What would be the best way to manage this? I'm thinking that I should have a super class Database object in my data layer... and each subclass will contain the required log-in information... this way my object layer can just go Database db = new SubDatabase(); and then continue using that database. On the client level, they would just be able to go ItemCollection items = new ItemCollection(); and have no idea/control over the database that gets connected. I'm asking this because I am trying to make my platform extensible, so that others can easily create services off of my platform. If anyone has any experience with these architectural problems or how to manage this sort of thing I'd appreciate any insight or advice... Feel free to ask questions if this is confusing. Thanks! My platform is Java, the REST framework I'm using is RestLET, my database is MySQL.

    Read the article

  • Outlook 2007 Does Not Accept Login Credentials, OWA Webmail Does. Troubleshooting Advice?

    - by Chris
    I am trying to connect Outlook 2007 to Exchange (Hosted Exchange from Rackspace). Soon, I will need to roll this out for our entire office. With the Exchange account added to Outlook, Outlook starts up and asks for the user's username and password. Unfortunately, it doesn't like the password I use for it. I can confirm this username (email address) and password combo works by using Outlook WebMail, and another user (in another network/office) confirmed the Exchange account does work within his Outlook client. In my network/office, I can confirm that an Outlook 2007 client (under Windows 7) can connect to the Hosted Exchange server from Rackspace. However, I have not been able to get Outlook 2007 (under Windows XP SP3) to connect to the very same Exchange server Outlook 2007 (under Windows 7) can connect to. Outlook continuously prompts me for the username and password and does not accept the correct combination. Now, regarding the Outlook client that cannot connect/login to Exchange: The user has full admin rights on the workstation We do not run a domain controller/LDAP The firewall on the workstation has been disabled Real time file scanning in Microsoft Security Essentials has been disabled There are no virus scanning applications that would interface with Outlook or an email server. The Exchange account is setup to run on a newly created Outlook profile The network firewall does not log any blocked attempts A packet capture at the router reveals communication between the workstation and the Exchange server or proxy (though, this is SSL encrypted, so I don't know what the computers are saying) I have applied a fix (Added DWORD value of 0 for DefConnectOpts under HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Outlook\RPC) that was recommended to make RPC function when the workstation does not have a default gateway set. Workstation is configured as DHCP. This fix did nothing, and it may be worth noting the RPC subkey was not present until I added it. RPC service is running on the workstation The program is not running under any compatibility mode. Side note: Outlook 2007 installs with compatibility mode for XP enabled by default in windows 7. Outlook 2007 will not even try to connect to exchange if this compatibility mode is checked. In windows xp, I tried checking compatibility mode for windows 2000, and was unable to connect to exchange as well. Here is the specific configuration I've used in a blank outlook profile: Microsoft Exchange Server: ##MASKED##-MBX-C18.mex07a.mlsrvr.com Username: (Full Email Address: [email protected]) Password: ##MASKED## Outlook Anywhere: Connect to Microsoft Exchange using HTTP Exchange Proxy Settings: Proxy Server: mex07a.emailsrvr.com Check "Connect using SSL only" Under "Only connect to proxy servers...", enter: msstd:mex07a.emailsrvr.com Check "On fast networks, connect using HTTP first, then connect using TCP/IP" Check "On slow networks, connect using HTTP first, then connect using TCP/IP" Proxy authentication settings: Basic Authentication Notes: mex07a.mlsrvr.com and mex07a.emailsrvr.com may look incorrect at first glance, but this is not a typo - these instructions were handed down from rackspace and are confirmed to be working, just not on this workstation. I have tried to use the RpcPing utility but must have been using it wrong. I got as far as "Bad Interface Descriptor". It would seem to me getting Outlook and Exchange to work together would be a breeze, especially since everything is done over port 80 with web services. Unfortunately, the user is stuck with WebMail access only, because Outlook won't accept the Exchange credentials. Do you have any ideas of other things I could try to debug this issue further? Any and all help is greatly appreciated. Thank you! -Chris

    Read the article

  • Samba shares won't automount on boot from fstab

    - by kelvin
    This question seems to have been asked a few times, but doesn't seem anybody has really solved it yet, at least not for my specific circumstance. I have FSAT setup to mount a CIFs share, but on boot up the share never gets mounted. However, if i run mount -a after boot up, it mounts everything just fine. Here's what my fstab looks like. Ignore the commented ones... I just did a few for testing purposes right now. //192.168.1.97/media /mnt/samba cifs credentials=/home/xbmc/.smbcredentials,rw,file_mode=0777,dir_mode=0777,sec=ntlm,auto 0 0 #//192.168.1.97/media/TV\040Shows /home/xbmc/TV\040Shows cifs credentials=/home/xbmc/.smbcredentials,rw,file_mode=0777,dir_mode=0777,sec=ntlm,auto //192.168.1.97/media/Movies /home/xbmc/Movies cifs credentials=/home/xbmc/.smbcredentials,rw,file_mode=0777,dir_mode=0777,sec=ntlm,auto 0 0 //192.168.1.97/media/Music /home/xbmc/Music cifs credentials=/home/xbmc/.smbcredentials,rw,file_mode=0777,dir_mode=0777,sec=ntlm,auto 0 0 #//192.168.1.97/media/3\040-\040My\040Pictures /home/xbmc/Pictures cifs credentials=/home/xbmc/.smbcredentials,rw,file_mode=0777,dir_mode=0777,sec=ntlm,auto #//192.168.1.97/media/XBMC /home/xbmc/Admin cifs credentials=/home/xbmc/.smbcredentials,rw,file_mode=0777,dir_mode=0777,sec=ntlm,auto Have seen a few things on the internet where it was believed its because the share isn't available yet (i.e. wifi not connected yet, etc) when it's attempting to mount. 1) Is there anyway to confirm that's the problem, 2) IF so, is there a solution? Is there some way to put a delay in fstab? Or how might i write a script to run mount -a a certain amount of time after boot? Found the option _netdev from a little research, included that in fstab but still the same result. Thanks for your help.

    Read the article

  • WCF - problem with local service (The server has rejected the client credentials.)

    - by H4mm3rHead
    Hi, I have a simple setup, a WPF application running on the machine and a WCF service hosted within a Windows Service on the same machine (always on the same machine). When i debug on one computer i can easily access the local WCF Service. When i run it on another machine i get an error: "The server has rejected the client credentials." Some of my observations are, that at my local machine i have no domain/network. Its my home machine. When at a customers site, it will not run, and gives the above error. Anyone got any ideas on why this is different on these computers? /Brian

    Read the article

  • storing user info/pass in web.config authentication

    - by Tomaszewski
    Hello, I am trying to write a simple internal app with some simple authentication. I'm also trying to make this quick and learn about the forms authentication via web.config. So i have my authentication working if I hard code my 'user name' and 'password' into C# code and do a simple conditional. However, I'm having a tough time storing the a user/pass to be checked against in the web.config file. The MSDN manual says to put this into the web.config: <authentication mode="Forms"> <forms loginUrl="login.aspx"> <credentials passwordFormat="SHA1"> <user name="user1" password="27CE4CA7FBF00685AF2F617E3F5BBCAFF7B7403C" /> <user name="user2" password="D108F80936F78DFDD333141EBC985B0233A30C7A" /> <user name="user3" password="7BDB09781A3F23885CD43177C0508B375CB1B7E9"/> </credentials> </forms> </authentication> However, the minute I add 'credentials' into the 'authentication' section, I get this error: Server Error in '/' Application. Configuration Error Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately. Parser Error Message: Unrecognized element 'credentials'. Source Error: Line 44: <authentication mode="Forms"> Line 45: <forms loginUrl="login.aspx" /> Line 46: <credentials> Line 47: Line 48: </credentials> Source File: C:\inetpub\wwwroot\asp\projects\passwordCatalog\passwordCatalog\web.config Line: 46 So my question is, how and where would I add the following in the web.config file? <credentials passwordFormat="SHA1"> <user name="johndoe" password="mypass123" /> </credentials>

    Read the article

  • Portable version of Sonicwall Global VPN Client? Install without administrator credentials?

    - by Sam Salisbury
    Does anyone know of a portable version of the Sonicwall Global VPN Client compatible with Windows 7 64 bit? I basically need to connect to my workplace during heavy snow here in Liverpool, and the only logon I have available on this computer is a non-administrator account (which won't let me install the program)... And I can't get hold of the administrator! If anyone knows of any alternative program/any hacks or other suggestions would be very welcome! Note I've tried extracting the MSI using 7-zip, which presented me with an MSI installer and "RunMSI.exe". The extracted MSI allowed me to get part way through the installation, and then asked for admin password again.

    Read the article

  • use nginx proxy_pass and rewrite to hide third party api credentials?

    - by brakertech
    Objective: I'd like to have nginx hide calls to a third party api Example Request: http://example.com/myapi/60601 Nginx rewritten proxy_pass request calls: http://api.remix.bestbuy.com/v1/stores(area(60601,10))?show=storeId,name&apiKey=redacted_24_character_string Code i've tried: This works but not for parameters location ^~ /myapi/ { rewrite ^/myapi/(.*) /api/check/$1/key/e95fad09aa5091b7734d1a268b53cef5 break; proxy_pass http://api.server.com/; }

    Read the article

  • is there a way to tail a log from remote server without using any user credentials?

    - by suhprano
    I run a script tailing a log in a remote server, like so: ssh userx@someip tail -f /data/current.log|python2.7 monitorlog.py There are dependencies and service requirements that disallows me to run the script off the remote server. (DB, ACLs, and path to another service is uses) Is there a way I can tail and monitor a log without using the ssh userx@someip? I thought about generating RSA keys but I think you still need a user to ssh.

    Read the article

  • using a Singleton to pass credentials in a multi-tenant application a code smell?

    - by Hans Gruber
    Currently working on a multi-tenant application that employs Shared DB/Shared Schema approach. IOW, we enforce tenant data segregation by defining a TenantID column on all tables. By convention, all SQL reads/writes must include a Where TenantID = '?' clause. Not an ideal solution, but hindsight is 20/20. Anyway, since virtually every page/workflow in our app must display tenant specific data, I made the (poor) decision at the project's outset to employ a Singleton to encapsulate the current user credentials (i.e. TenantID and UserID). My thinking at the time was that I didn't want to add a TenantID parameter to each and every method signature in my Data layer. Here's what the basic pseudo-code looks like: public class UserIdentity { public UserIdentity(int tenantID, int userID) { TenantID = tenantID; UserID = userID; } public int TenantID { get; private set; } public int UserID { get; private set; } } public class AuthenticationModule : IHttpModule { public void Init(HttpApplication context) { context.AuthenticateRequest += new EventHandler(context_AuthenticateRequest); } private void context_AuthenticateRequest(object sender, EventArgs e) { var userIdentity = _authenticationService.AuthenticateUser(sender); if (userIdentity == null) { //authentication failed, so redirect to login page, etc } else { //put the userIdentity into the HttpContext object so that //its only valid for the lifetime of a single request HttpContext.Current.Items["UserIdentity"] = userIdentity; } } } public static class CurrentUser { public static UserIdentity Instance { get { return HttpContext.Current.Items["UserIdentity"]; } } } public class WidgetRepository: IWidgetRepository{ public IEnumerable<Widget> ListWidgets(){ var tenantId = CurrentUser.Instance.TenantID; //call sproc with tenantId parameter } } As you can see, there are several code smells here. This is a singleton, so it's already not unit test friendly. On top of that you have a very tight-coupling between CurrentUser and the HttpContext object. By extension, this also means that I have a reference to System.Web in my Data layer (shudder). I want to pay down some technical debt this sprint by getting rid of this singleton for the reasons mentioned above. I have a few thoughts on what an better implementation might be, but if anyone has any guidance or lessons learned they could share, I would be much obliged.

    Read the article

  • Testing PayPal certificate on a different domain

    - by PHP thinker
    I have a PP-enabled site that needs to be tested. I've already tested it with Sandbox credentials and it works ok. The next step is to test it with live PayPal credentials on test server. Here I hit a wall, because using real credentials from liveserver.com on test.liveserver.com gives me error of "malformed url" (which as I read stands for "invalid credentials"). And here is the question: are PayPal credentials domain-bound? Can I get error message because I am using live api credentials on a subdomain(different domain)?

    Read the article

  • Consuming Web Service via Windows Authentication

    - by saravanaram
    I am just trying to consuming a web service in remote computer using windows authentication however login credentials are different in local & remote computer. Code Snippet: Dim objproxy As New WebReference.Service1 'Create a new instance of CredentialCache. Dim mycredentialCache As CredentialCache = New CredentialCache() 'Create a new instance of NetworkCredential using the client Dim credentials As NetworkCredential = New NetworkCredential("username", "pwd","domain") 'Add the NetworkCredential to the CredentialCache. 'mycredentialCache.Add(New Uri(objproxy.Url), "Basic", credentials) objproxy.Credentials = credentials It is timing out but when i use mycredentialCache.Add(New Uri(objproxy.Url), "Basic", credentials) I get "401 Unauthorized" message, Please assist.

    Read the article

  • Authenticating clients in the new WCF Http stack

    - by cibrax
    About this time last year, I wrote a couple of posts about how to use the “Interceptors” from the REST starker kit for implementing several authentication mechanisms like “SAML”, “Basic Authentication” or “OAuth” in the WCF Web programming model. The things have changed a lot since then, and Glenn finally put on our hands a new version of the Web programming model that deserves some attention and I believe will help us a lot to build more Http oriented services in the .NET stack. What you can get today from wcf.codeplex.com is a preview with some cool features like Http Processors (which I already discussed here), a new and improved version of the HttpClient library, Dependency injection and better TDD support among others. However, the framework still does not support an standard way of doing client authentication on the services (This is something planned for the upcoming releases I believe). For that reason, moving the existing authentication interceptors to this new programming model was one of the things I did in the last few days. In order to make authentication simple and easy to extend,  I first came up with a model based on what I called “Authentication Interceptors”. An authentication interceptor maps to an existing Http authentication mechanism and implements the following interface, public interface IAuthenticationInterceptor{ string Scheme { get; } bool DoAuthentication(HttpRequestMessage request, HttpResponseMessage response, out IPrincipal principal);} An authentication interceptors basically needs to returns the http authentication schema that implements in the property “Scheme”, and implements the authentication mechanism in the method “DoAuthentication”. As you can see, this last method “DoAuthentication” only relies on the HttpRequestMessage and HttpResponseMessage classes, making the testing of this interceptor very simple (There is no need to do some black magic with the WCF context or messages). After this, I implemented a couple of interceptors for supporting basic authentication and brokered authentication with SAML (using WIF) in my services. The following code illustrates how the basic authentication interceptors looks like. public class BasicAuthenticationInterceptor : IAuthenticationInterceptor{ Func<UsernameAndPassword, bool> userValidation; string realm;  public BasicAuthenticationInterceptor(Func<UsernameAndPassword, bool> userValidation, string realm) { if (userValidation == null) throw new ArgumentNullException("userValidation");  if (string.IsNullOrEmpty(realm)) throw new ArgumentNullException("realm");  this.userValidation = userValidation; this.realm = realm; }  public string Scheme { get { return "Basic"; } }  public bool DoAuthentication(HttpRequestMessage request, HttpResponseMessage response, out IPrincipal principal) { string[] credentials = ExtractCredentials(request); if (credentials.Length == 0 || !AuthenticateUser(credentials[0], credentials[1])) { response.StatusCode = HttpStatusCode.Unauthorized; response.Content = new StringContent("Access denied"); response.Headers.WwwAuthenticate.Add(new AuthenticationHeaderValue("Basic", "realm=" + this.realm));  principal = null;  return false; } else { principal = new GenericPrincipal(new GenericIdentity(credentials[0]), new string[] {});  return true; } }  private string[] ExtractCredentials(HttpRequestMessage request) { if (request.Headers.Authorization != null && request.Headers.Authorization.Scheme.StartsWith("Basic")) { string encodedUserPass = request.Headers.Authorization.Parameter.Trim();  Encoding encoding = Encoding.GetEncoding("iso-8859-1"); string userPass = encoding.GetString(Convert.FromBase64String(encodedUserPass)); int separator = userPass.IndexOf(':');  string[] credentials = new string[2]; credentials[0] = userPass.Substring(0, separator); credentials[1] = userPass.Substring(separator + 1);  return credentials; }  return new string[] { }; }  private bool AuthenticateUser(string username, string password) { var usernameAndPassword = new UsernameAndPassword { Username = username, Password = password };  if (this.userValidation(usernameAndPassword)) { return true; }  return false; }} This interceptor receives in the constructor a callback in the form of a Func delegate for authenticating the user and the “realm”, which is required as part of the implementation. The rest is a general implementation of the basic authentication mechanism using standard http request and response messages. I also implemented another interceptor for authenticating a SAML token with WIF. public class SamlAuthenticationInterceptor : IAuthenticationInterceptor{ SecurityTokenHandlerCollection handlers = null;  public SamlAuthenticationInterceptor(SecurityTokenHandlerCollection handlers) { if (handlers == null) throw new ArgumentNullException("handlers");  this.handlers = handlers; }  public string Scheme { get { return "saml"; } }  public bool DoAuthentication(HttpRequestMessage request, HttpResponseMessage response, out IPrincipal principal) { SecurityToken token = ExtractCredentials(request);  if (token != null) { ClaimsIdentityCollection claims = handlers.ValidateToken(token);  principal = new ClaimsPrincipal(claims);  return true; } else { response.StatusCode = HttpStatusCode.Unauthorized; response.Content = new StringContent("Access denied");  principal = null;  return false; } }  private SecurityToken ExtractCredentials(HttpRequestMessage request) { if (request.Headers.Authorization != null && request.Headers.Authorization.Scheme == "saml") { XmlTextReader xmlReader = new XmlTextReader(new StringReader(request.Headers.Authorization.Parameter));  var col = SecurityTokenHandlerCollection.CreateDefaultSecurityTokenHandlerCollection(); SecurityToken token = col.ReadToken(xmlReader);  return token; }  return null; }}This implementation receives a “SecurityTokenHandlerCollection” instance as part of the constructor. This class is part of WIF, and basically represents a collection of token managers to know how to handle specific xml authentication tokens (SAML is one of them). I also created a set of extension methods for injecting these interceptors as part of a service route when the service is initialized. var basicAuthentication = new BasicAuthenticationInterceptor((u) => true, "ContactManager");var samlAuthentication = new SamlAuthenticationInterceptor(serviceConfiguration.SecurityTokenHandlers); // use MEF for providing instancesvar catalog = new AssemblyCatalog(typeof(Global).Assembly);var container = new CompositionContainer(catalog);var configuration = new ContactManagerConfiguration(container); RouteTable.Routes.AddServiceRoute<ContactResource>("contact", configuration, basicAuthentication, samlAuthentication);RouteTable.Routes.AddServiceRoute<ContactsResource>("contacts", configuration, basicAuthentication, samlAuthentication); In the code above, I am injecting the basic authentication and saml authentication interceptors in the “contact” and “contacts” resource implementations that come as samples in the code preview. I will use another post to discuss more in detail how the brokered authentication with SAML model works with this new WCF Http bits. The code is available to download in this location.

    Read the article

  • Is this Ubuntu One DBus signal connection code correct?

    - by Chris Wilson
    This is my first time using DBus so I'm not entirely sure if I'm going about this the right way. I'm attempting to connect the the Ubuntu One DBus service and obtain login credentials for my app, however the slots I've connected to the DBus return signals detailed here never seem to be firing, despite a positive result being returned during the connection. Before I start looking for errors in the details relating to this specific service, could someone please tell me if this code would even work in the first place, or if I'm done something wrong here? int main() { UbuntuOneDBus *u1Dbus = new UbuntuOneDBus; if( u1Dbus->init() ){ qDebug() << "Message queued"; } } UbuntuOneDBus::UbuntuOneDBus() { service = "com.ubuntuone.Credentials"; path = "/credentials"; interface = "com.ubuntuone.CredentialsManagement"; method = "register"; signature = "a{ss} (Dict of {String, String})"; connectReturnSignals(); } bool UbuntuOneDBus::init() { QDBusMessage message = QDBusMessage::createMethodCall( service, path, interface, method ); bool queued = QDBusConnection::sessionBus().send( message ); return queued; } void UbuntuOneDBus::connectReturnSignals() { bool connectionSuccessful = false; connectionSuccessful = QDBusConnection::sessionBus().connect( service, path, interface, "CredentialsFound", "a{ss} (Dict of {String, String})", this, SLOT( credentialsFound() ) ); if( ! connectionSuccessful ) qDebug() << "Connection to DBus::CredentialsFound signal failed"; connectionSuccessful = QDBusConnection::systemBus().connect( service, path, interface, "CredentialsNotFound", "(nothing)", this, SLOT( credentialsNotFound() ) ); if( ! connectionSuccessful ) qDebug() << "Connection to DBus::CredentialsNotFound signal failed"; connectionSuccessful = QDBusConnection::systemBus().connect( service, path, interface, "CredentialsError", "a{ss} (Dict of {String, String})", this, SLOT( credential if( ! connectionSuccessful ) qDebug() << "Connection to DBus::CredentialsError signal failed"; } void UbuntuOneDBus::credentialsFound() { std::cout << "Credentials found" << std::endl; } void UbuntuOneDBus::credentialsNotFound() { std::cout << "Credentials not found" << std::endl; } void UbuntuOneDBus::credentialsError() { std::cout << "Credentials error" << std::endl; }

    Read the article

  • Cannot connect to windows share

    - by BCqrstoO
    I've been going through and pouring over resource for the past few hours and I cannot get my box to connect to my friends network drive. My friend doesn't use linux, but he's setup the network share like this: DPR:\\name\images and he's given me the username and password which I've verified is correct. It is located on 192.168.0.2 sudo mount -t cifs -o username=***,password=*** //name/images /media/name/ sudo mount.cifs //192.168.0.2/name/images /media/name/ -o credentials=~/name.credentials (I've confirmed that ~/name.credentials does have the correct credentials as well) Regardless of what I attempt I get mount error(13): Permission denied Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) I'm not sure what I'm doing wrong, but it's probably really simple and stupid. Thanks to any/all in advance. EDIT: I don't know if this helps, but I'm running Ubuntu 14.04.

    Read the article

  • what kind of credentials/prerequisites do you need to be a professional penetration tester ?

    - by dfafa
    does it take more than knowing Bt4 ? are there any one that just runs a scanner and no real labor involved ? would you be expected to be able to code your own exploits without having to dl from milw0rm and discover entry into a system by yourself, in other words, do you have to think outside the box even when there's so many tools that makes the job a lot easier ? would you ever be expected to be able to write your own scanners, exploits and etc ? i am also curious how people are able to write long pages of hex address, that magically causes some type of memory overflow...how are people guessing at the hex values for game hacks for instance ? are certification important ? what about formal school education ? I am a CS major.

    Read the article

< Previous Page | 7 8 9 10 11 12 13 14 15 16 17 18  | Next Page >