Search Results

Search found 9696 results on 388 pages for 'proxy authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 112/388 | < Previous Page | 108 109 110 111 112 113 114 115 116 117 118 119  | Next Page >

  • How to get roles with JSR 196 authentification in GlassFish?

    - by deamon
    I want to use a custom authentication module conforming to JSR 196 in GlassFish 3. The interface javax.security.auth.message.ServerAuth has the method: AuthStatus validateRequest( MessageInfo messageInfo, javax.security.auth.Subject clientSubject, javax.security.auth.Subject serviceSubject ) AuthStatus can be one of several constants like FAILURE or SUCCESS. The question is: How can I get the roles from a "role datebase" with JSR 196? Example: The server receives a request with a SSO token (CAS token for example), checks whether the token is valid, populates the remote user object with roles fetches from a database via JDBC or from REST service via http. Is the role fetching in the scope of JSR 196? How could that be implemented? Do I have to use JSR 196 together with JSR 115 to use custom authentication and a custom role source?

    Read the article

  • Any working tutorials for Authlogic?

    - by Mark Wilbur
    I've been trying to build my first rails app and have gotten stuck on the issue of user authentication. I've found a number of tutorials for using various plug-ins to do this, but so far every single one of them is out-dated, and as a result, broken! From what I've read, I think Authlogic may be the best fit for me, and I've tried two things: 1) Going through Railscast, episode #160 (which is a tutorial for setting it up) 2) Using Ryan B's nifty_authentication gem with the --authlogic tag In both cases, I get the following error as soon as I try to do anything with a user: undefined local variable or method `acts_as_authentic' for # I believe this is from the User model: class User < ActiveRecord::Base acts_as_authentic end I'm sure I've installed the authlogic gem, and I've added config.gem "authlogic" to my environment.rb Any ideas about what's wrong? Anybody know of a complete and up to date tutorial for adding user authentication?

    Read the article

  • Retrieving WSDL file from secure service

    - by Anonimo
    I have a Web Service developed with JAX-WS. I have secured the web service with BASIC authentication configured in Tomcat. When I try to access the web service using a Java client, I first need to create the port, and then specify the credentials, as follows: CustomerServiceClient customerServiceClient = new CustomerServiceBottomUpService(); //1 CustomerService customer = customerServiceClient.getCustomerServicePort(); //2 Map<String, Object> context = ((BindingProvider) customer).getRequestContext(); //3 context.put(BindingProvider.USERNAME_PROPERTY, "kermit"); //4 context.put(BindingProvider.PASSWORD_PROPERTY, "thefrog"); //5 The problem I have is that, after line 1, I get an Authorization error (HTTP 401) as I obviously haven't provided the server with the credentials yet. I am creating the client artifacts from a server WSDL, hence the authentication problem when creating the service, and don't want my clients to store the WSDL locally as it's just annoying for them. How can I get around this problem?

    Read the article

  • Jersey, Apache HTTPD, and javax.annotation.security usage

    - by Nick Klauer
    So I'm having a heck of a time trying to piece together what I think is a pretty simple implementation. This is very similar to another StackOverflow question only I can't leverage Tomcat to handle role based authentication. I have an Apache httpd server in front of my app that handles authentication and then passes LDAP roles to a Jersey service through Headers. I've created a servlet filter to parse the header and tease out the roles the request came from, which works fine globally to the app, but isn't fine-grained enough to dictate what an Admin could do that a User could not. I'm thinking I could use the javax.annotation.security annotations that JAX-RS supports, but I don't know how to take what I've parsed out using a servlet filter to set or instantiate the SecurityContext necessary for the roles @RolesAllowed.

    Read the article

  • SSHing into EC2 instance fails - -v details below!

    - by ming yeow
    Hi folks! I created a new ec2 instance, but i am unable to ssh in with the key i normally use with my other instances. The -v details are below. Thanks! debug1: Host 'dbl01' is known and matches the RSA host key. debug1: Found key in /Users/mingyeow/.ssh/known_hosts:26 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey debug1: Next authentication method: publickey debug1: Offering public key: /Users/mingyeow/.ssh/id_rsa debug1: Authentications that can continue: publickey debug1: Trying private key: /Users/mingyeow/.ssh/identity debug1: Trying private key: /Users/mingyeow/.ssh/id_dsa debug1: No more authentication methods to try. Permission denied (publickey).

    Read the article

  • WNA Configuration in OAM 11g

    - by P Patra
    Pre-Requisite: Kerberos authentication scheme has to exist. This is usually pre-configured OAM authentication scheme. It should have Authentication Level - "2", Challenge Method - "WNA", Challenge Direct URL - "/oam/server" and Authentication Module- "Kerberos". The default authentication scheme name is "KerberosScheme", this name can be changed. The DNS name has to be resolvable on the OAM Server. The DNS name with referrals to AD have to be resolvable on OAM Server. Ensure nslookup work for the referrals. Pre-Install: AD team to produce keytab file on the AD server by running ktpass command. Provide OAM Hostname to AD Team. Receive from AD team the following: Keypass file produced when running the ktpass command ktpass username ktpass password Copy the keytab file to convenient location in OAM install tree and rename the file if desired. For instance where oam-policy.xml file resides. i.e. /fa_gai2_d/idm/admin/domains/idm-admin/IDMDomain/config/fmwconfig/keytab.kt Configure WNA Authentication on OAM Server: Create config file krb.config and set the environment variable to the path to this file: KRB_CONFIG=/fa_gai2_d/idm/admin/domains/idm-admin/IDMDomain/config/fmwconfig/krb.conf The variable KRB_CONFIG has to be set in the profile for the user that OAM java container(i.e. Wbelogic Server) runs as, so that this setting is available to the OAM server. i.e. "applmgr" user. In the krb.conf file specify: [libdefaults] default_realm= NOA.ABC.COM dns_lookup_realm= true dns_lookup_kdc= true ticket_lifetime= 24h forwardable= yes [realms] NOA.ABC.COM={ kdc=hub21.noa.abc.com:88 admin_server=hub21.noa.abc.com:749 default_domain=NOA.ABC.COM [domain_realm] .abc.com=ABC.COM abc.com=ABC.COM .noa.abc.com=NOA.ABC.COM noa.abc.com=NOA.ABC.COM Where hub21.noa.abc.com is load balanced DNS VIP name for AD Server and NOA.ABC.COM is the name of the domain. Create authentication policy to WNA protect the resource( i.e. EBSR12) and choose the "KerberosScheme" as authentication scheme. Login to OAM Console => Policy Configuration Tab => Browse Tab => Shared Components => Application Domains => IAM Suite => Authentication Policies => Create Name: ABC WNA Auth Policy Authentication Scheme: KerberosScheme Failure URL: http://hcm.noa.abc.com/cgi-bin/welcome Edit System Configuration for Kerberos System Configuration Tab => Access Manager Settings => expand Authentication Modules => expand Kerberos Authentication Module => double click on Kerberos Edit "Key Tab File" textbox - put in /fa_gai2_d/idm/admin/domains/idm-admin/IDMDomain/config/fmwconfig/keytab.kt Edit "Principal" textbox - put in HTTP/[email protected] Edit "KRB Config File" textbox - put in /fa-gai2_d/idm/admin/domains/idm-admin/IDMDomain/config/fmwconfig/krb.conf Cilck "Apply" In the script setting environment for the WLS server where OAM is deployed set the variable: KRB_CONFIG=/fa_gai2_d/idm/admin/domains/idm-admin/IDMDomain/config/fmwconfig/krb.conf Re-start OAM server and OAM Server Container( Weblogic Server)

    Read the article

  • How to propagate spring security login to EJBs?

    - by tangens
    Context I have a J2EE application running on a JBoss 4.2.3 application server. The application is reachabe through a web interface. The authentication is done with basic authentication. Inside of the EJBs I ask the security context of the bean for the principal (the name of the logged in user) and do some authorization checks if this user is allowed to access this method of the EJB. The EJBs life inside a different ear than the servlets handling the web frontend, so I can't access the spring application context directly. Required change I want to switch to Spring Security for handling the user login. Question How can I propagate the spring login information to the JBoss security context so I can still use my EJBs without having to rewrite them? Ideas and links I already found a page talking about "Propagating Identity from Spring Security to the EJB Layer", but unfortunatelly it refers to an older version of Spring Security (Acegi) and I'm not familiar enough with Spring Security to make this work with the actual version (3.0.2).

    Read the article

  • zend framework 2 autentification using DbTable failure

    - by josepmra
    I have followed the zend instructions for implement my web Authentication using a database table. It's exactly the same code, but when render the page, the following exceptions appears: Zend\Authentication\Adapter\Exception\RuntimeException File: C:\xampp\htdocs\pfc\vendor\ZF2\library\Zend\Authentication\Adapter\DbTable.php Mensaje: The supplied parameters to DbTable failed to produce a valid sql statement, please check table and column names for validity. produced by this other: Zend\Db\Adapter\Exception\InvalidQueryException File: C:\xampp\htdocs\pfc\vendor\ZF2\library\Zend\Db\Adapter\Driver\Mysqli\Statement.php Mensaje: Statement couldn't be produced with sql: SELECT `users`.*, (CASE WHEN `password` = ? THEN 1 ELSE 0 END) AS `zend_auth_credential_match` FROM `users` WHERE `mail` = ? Seems to be that Statement.php can not execute the sql of above, but I send the sql by phpmyadmin replacing the ? for strings and work ok. I am sure that $dbAdapter works ok also because I have tested it and the columns name are "mail" and "password". This in my code, also I put the $dbAdapter test code. $dbAdapter = new DbAdapter(array( //This DbAdapter Work ok sure!! 'driver' => 'Mysqli', 'database' => 'securedraw', 'username' => 'root', 'password' => '' )); $fp = function($name) use ($dbAdapter) { return $dbAdapter->driver->formatParameterName($name);}; $sql = 'SELECT * FROM ' . $qi('users') . ' WHERE id = ' . $fp('id'); $statement = $dbAdapter->query($sql); $parameters = array('id' => 1); $sqlResult = $statement->execute($parameters); $row = $sqlResult->current(); $mail = $row['mail']; $password = $row['password']; //until here test $dbAdapter exitly!! //Start the auth proccess!! $authAdapter = new AuthDbTableAdapter($dbAdapter); $authAdapter->setTableName('users') ->setIdentityColumn('mail') ->setCredentialColumn('password'); $authAdapter->setIdentity('josep') ->setCredential('josep'); $authResult = $authAdapter->authenticate(); //This is the fail method!!!

    Read the article

  • Accessing resources on localhost using domain credentials

    - by jas
    I'm trying to set up Team Foundation Server 2010, Sharepoint Server 2010 and Report Server 2008R2. I apologize for how long my question/problem is but I'm really lost on where to even look so am being as descriptive as possible in hopes that I'm making sense. The goal: Since developers can be inside or outside the firewall there needs to be a single http point of entry to TFS that works regardless of which side of the firewall you are and needs to work with external access to SharePoint and Report Server. Meaning we have it set up in DNS so buildserver.mydomain.com: points to the build service box which contains all of the services listed at the top of this post and specific services are defined/located by the port number. This is working great on every machine inside and out except for from the build server itself. All services must be able to work using external URLs. If I use http:// buildserver.mydomain.com:4800/tfs (the external URL) from my notebook which is behind the firewall I'm able to login with my domain credentials as expected. If the other developer points to the same URL from their home which isn't on the domain they are also able to login using their domain credentials. However if I am directly on buildserver and call SharePoint, TFS or Reporting Server from (i.e. http:// buildserver.mydomain.com:4800) itself using the external URL, I am prompted for a username and password. Entering my domain credentials results in another prompt to enter my credentials again. It will prompt three times regardless of which credentials are used (I have rights as a domain admin) and then after the third prompt directs me to a blank white page as though access was denied. There are no errors displayed on the page and nothing ends up in the event viewer. From buildserver if i use just the host name (the internal URL), then I'm prompted a single time for credentials and it works. i.e. http:// buildserver:4800/tfs works from the server itself. The behavior is identical for any service requiring authentication. Meaning from the box itself Sharepoint Central Admin, SharePoint WebApp, TFS, TFS Web Access, Report Server and Report Manager all fail using the external URL but will succeed if called using the interal URL. So the problem comes into play when configuring all of the services to work together. The only way to configure TFS is locally from the server which means I must point to the internal reporting server url (http:// buildserver:4800/reports and reportServer respectively instead of http:// buildserver.domainname.com:4800 like they need to be) since external URLs aren't working from itself. If I configure TFS to use the internal URL for Report Server then creating team projects or working in the SharePoint site for the team project fails for anyone not inside the domain since their machines have no idea who http:// buildserver:/reports even is or how to resolve them. I have configured Sharepoint with Alternate Access Mappings as well as set up Report Server to listen for external URLs. The external URLs simply aren't working when called from the server itself. I hope this makes sense. Thanks for taking the time to read this rather verbose plea for help.

    Read the article

  • Authenticating a Server with Digital Signatures

    - by TomS
    I understand how Non-repudiation and Integrity are achieved with Digital Signatures, but it's the Authentication that I don't grasp yet. I'm developing a Client-Server application in C#, that should be capable of Authentication with Digital Certificates and Digital Signatures. I know how to check the validity and integrity of a Signature (with SignedCms.CheckSignature()), but how does this authenticates any of the parts involved? For example: The client asks the Server for a Digital Signature, The client receives the signature and validates it, If the validation succeeds, continue. The client could be a victim of a man-in-the middle attack and receive a valid signature in step 2. The validation would succeed, but the client wouldn't be talking to the right server. What am I missing?

    Read the article

  • Tomcat fails on first request in combination with jsvc

    - by Roalt
    I have a web application where the first request may take a few seconds as some singletons are initialised. I've used the mod_proxy and jsvc construction mentioned in this question and described on this page to connect apache with tomcat (data is served via SSL) For the sample Tomcat application, everything works as it should. However, when using my application I get the following error in my apache log: [Wed Feb 10 09:48:29 2010] [error] [client 130.12.1.26] (70014)End of file found: proxy: error reading status line from remote server localhost [Wed Feb 10 09:48:29 2010] [error] [client 130.12.1.26] proxy: Error reading from remote server returned by /MyWebApp/MyWebApp.faces and I get the following error in my tomcat output: 10/02/2010 09:48:29 9947 jsvc.exec error: Service exit with a return value of 1 I'm not an expert on this so I would like to know what's the cause of the problem and where I should look for an answer?

    Read the article

  • NHibernate Proxy Creation

    - by Chris Meek
    I have a class structure like the following class Container { public virtual int Id { get; set; } public IList<Base> Bases { get; set; } } class Base { public virtual int Id { get; set; } public virtual string Name { get; set; } } class EnemyBase : Base { public virtual int EstimatedSize { get; set; } } class FriendlyBase : Base { public virtual int ActualSize { get; set; } } Now when I ask the session for a particular Container it normally gives me the concrete EnemyBase and FriendlyBase objects in the Bases collection. I can then (if I so choose) cast them to their concrete types and do something specific with them. However, sometime I get a proxy of the "Base" class which is not castable to the concrete types. The same method is used both times with the only exception being that in the case that I get proxies I have added some related entities to the session (think the friendly base having a collection of people or something like that). Is there any way I can prevent it from doing the proxy creating and why would it choose to do this in some scenarios? UPDATE The mappings are generated with the automap feature of fluentnhibernate but look something like this when exported <hibernate-mapping xmlns="urn:nhibernate-mapping-2.2" default-access="property" auto-import="true" default-cascade="none" default-lazy="true"> <class xmlns="urn:nhibernate-mapping-2.2" mutable="true" name="Base" table="`Base`"> <id name="Id" type="System.Int32, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> <column name="Id" /> <generator class="MyIdGenerator" /> </id> <property name="Name" type="String"> <column name="Name" /> </property> <joined-subclass name="EnemyBase"> <key> <column name="Id" /> </key> <property name="EstimatedSize" type="Int"> <column name="EstimatedSize" /> </property> </joined-subclass> <joined-subclass name="FriendlyBase"> <key> <column name="Id" /> </key> <property name="ActualSize" type="Int"> <column name="ActualSize" /> </property> </joined-subclass> </class> </hibernate-mapping> <hibernate-mapping xmlns="urn:nhibernate-mapping-2.2" default-access="property" auto-import="true" default-cascade="none" default-lazy="true"> <class xmlns="urn:nhibernate-mapping-2.2" mutable="true" name="Container" table="`Container`"> <id name="Id" type="System.Int32, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> <column name="Id" /> <generator class="MyIdGenerator" /> </id> <bag cascade="all-delete-orphan" inverse="true" lazy="false" name="Bases" mutable="true"> <key> <column name="ContainerId" /> </key> <one-to-many class="Base" /> </bag> </class> </hibernate-mapping>

    Read the article

  • FormsAuthentication redirecting to login page when visiting root of website

    - by Ryan Lattimer
    I wanted to use FormsAuthentication to secure my static files as well on my site, so I followed the instructions located here http://learn.iis.net/page.aspx/244/how-to-take-advantage-of-the-iis7-integrated-pipeline/ under title "Enabling Forms Authentication for the Entire Application". Now though, when I try to visit the site by going directly to http://www.mysite.com I get redirected to http://www.mysite.com/Login.aspx?ReturnUrl=%2f instead of it using my DefaultDocument I have set. I can go to my default document by just visiting http://www.mysite.com/Home.aspx without any issues because it is set to allow anonymous access. Is there something I need to add into my web.config file to make iis7 allow anonymous access to the root? I tried adding with anonymous access but no such luck. Any help would be much appreciated. Both Home and the Login form allow anonymous. <location path="Home.aspx"> <system.web> <authorization> <allow users="*" /> </authorization> </system.web> </location> <location path="Login.aspx"> <system.web> <authorization> <allow users="*" /> </authorization> </system.web> </location> Login form is set as the loginUrl <authentication mode="Forms"> <forms protection="All" loginUrl="Login.aspx"> </forms> </authentication> Default document is set as Home.aspx <defaultDocument> <files> <add value="Home.aspx" /> </files> </defaultDocument> I have not removed any of the iis7 default documents. However, Home.aspx is first in the priority.

    Read the article

  • What is the appropriate terminology in Java when building remote proxies?

    - by Uri
    Suppose that I am implementing a remote proxy in Java to an object that is likely to reside on a remote server but may reside locally. There's my real object on the remote server, there's the local implementation (the proxy itself), and there's the interface I provide to my program which hides the details of where the object actually is. The local representation may contact a local or a remote implementation of the object. What is the standard terminology in Java for these things? What should I name my interfaces/classes? I've seen the terms Subjects, Images, and Implementations thrown around (probably from the GOF days), but I wonder what is acceptable way to do the naming for a framework written in Java.

    Read the article

  • How to expose MEX when I need the service to have NTLM authentication

    - by Ram Amos
    I'm developing a WCF service that is RESTful and SOAP, now both of them needs to be with NTLM authentication. I also want to expose a MEX endpoint so that others can easily reference the service and work with it. Now when I set IIS to require windows authentication I can use the REST service and make calls to the service succesfully, but when I want to reference the service with SVCUTIL it throws an error that it requires to be anonymous. Here's my web.config: <system.serviceModel> <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true"/> <bindings> <basicHttpBinding> <binding name="basicHttpBinding" maxReceivedMessageSize="214748563" maxBufferSize="214748563" maxBufferPoolSize="214748563"> <security mode="TransportCredentialOnly"> <transport clientCredentialType="Ntlm"> </transport> </security> </binding> </basicHttpBinding> <webHttpBinding> <binding name="webHttpBinding" maxReceivedMessageSize="214748563" maxBufferSize="214748563" maxBufferPoolSize="214748563"> <security mode="TransportCredentialOnly"> <transport clientCredentialType="Ntlm"> </transport> </security> </binding> </webHttpBinding> <mexHttpBinding> <binding name="mexHttpBinding"></binding> </mexHttpBinding> </bindings> <standardEndpoints> <webHttpEndpoint> <standardEndpoint name="" automaticFormatSelectionEnabled="true" helpEnabled="True"> </standardEndpoint> </webHttpEndpoint> </standardEndpoints> <services> <service name="Intel.ResourceScheduler.Service" behaviorConfiguration="Meta"> <clear /> <endpoint address="soap" name="SOAP" binding="basicHttpBinding" contract="Intel.ResourceScheduler.Service.IResourceSchedulerService" listenUriMode="Explicit" /> <endpoint address="" name="rest" binding="webHttpBinding" behaviorConfiguration="REST" contract="Intel.ResourceScheduler.Service.IResourceSchedulerService" /> <endpoint address="mex" name="mex" binding="mexHttpBinding" behaviorConfiguration="" contract="IMetadataExchange" /> </service> </services> <behaviors> <endpointBehaviors> <behavior name="REST"> <webHttp /> </behavior> <behavior name="WCFBehavior"> <dataContractSerializer maxItemsInObjectGraph="2147483647" /> </behavior> </endpointBehaviors> <serviceBehaviors> <behavior name="Meta"> <serviceMetadata httpGetEnabled="true"/> </behavior> <behavior name="REST"> <dataContractSerializer maxItemsInObjectGraph="2147483647" /> </behavior> <behavior name="WCFBehavior"> <serviceMetadata httpGetEnabled="true"/> <dataContractSerializer maxItemsInObjectGraph="2147483647" /> </behavior> <behavior name=""> <!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment --> <serviceMetadata httpGetEnabled="true" /> <!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information --> <serviceDebug includeExceptionDetailInFaults="false" /> </behavior> </serviceBehaviors> </behaviors> Any help will be appreciated.

    Read the article

  • VirtualServer reverseproxy works locally, but not from client

    - by Yep
    Setup: 2 Webservers pointed to 127.0.0.1:8080 and :8081. Curl validates they work as expected. Apache with the following virt hosts: NameVirtualHost 192.168.1.1:80 <VirtualHost 192.168.1.1:80> ServerAdmin [email protected] ProxyPass / http://127.0.0.1:8080/ ProxyPassReverse / http://127.0.0.1:8080/ ServerName 192.168.1.1 ServerAlias http://192.168.1.1 </VirtualHost> NameVirtualHost 192.168.1.2:80 <VirtualHost 192.168.1.2:80> ServerAdmin [email protected] ProxyPass / http://127.0.0.1:8081/ ProxyPassReverse / http://127.0.0.1:8081/ ServerName 192.168.1.2 ServerAlias http://192.168.1.2 </VirtualHost> On the server I can curl to the virtualhosts and receive appropriate responses. (curl 192.168.1.1 gives me the webservers response from localhost:8080, etc) remote hosts cannot however connect to 192.168.1.1 or .2 at all. What am I missing? Re: comments Yes, the default directory Directive is still in place. # Deny access to root file system <Directory /> Options None AllowOverride None Order Deny,Allow deny from all </Directory> No apache logs are generated when trying to reach 192.168.1.1 remotely. They do get generated when curl from local. If I point the webservers to *:8080 and *:8081 instead of binding to localhost, I can access them from a remote host via 192.168.1.1 and 192.168.1.2 if i specify the 8080 and 8081 ports (both ports work on both IP's, which is what I'm trying to avoid with apache reverse proxy bind to 80 on each interface) Edit2: curl verbose output: (similar for second webserver, and for 127.0.0.1:portnum) [user@host mingle_12_2_1]$ curl -v 192.168.1.1 * About to connect() to 192.168.1.1 port 80 * Trying 192.168.1.1... connected * Connected to 192.168.1.1 (192.168.1.1) port 80 > GET / HTTP/1.1 > User-Agent: curl/7.15.5 (x86_64-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5 > Host: 192.168.1.1 > Accept: */* > < HTTP/1.1 302 Found < Date: Tue, 16 Oct 2012 16:22:08 GMT < Server: Jetty(6.1.19) < Cache-Control: no-cache < Location: http://192.168.1.1/install < X-Runtime: 130 < Content-Type: text/html; charset=utf-8 < Content-Length: 94 < Connection: close Closing connection #0 <html><body>You are being <a href="http://192.168.1.1/install">redirected</a>.</body></html> log from the request local 192.168.1.1 - - [16/Oct/2012:12:22:08 -0400] "GET / HTTP/1.1" 302 94 no apache access log or error log generated when requests from remote clients.

    Read the article

  • anonymous access disabled but...

    - by Melody Friedenthal
    My web app (asp VB 2005) uses Windows authentication. If the user isn't part of a specific AD security group they don't get to edit the data; instead I redirect the user to a read-only page. The program works fine in the IDE. I published the web app to my laptop and Disabled anonymous access. When I ran the program I got redirected to the read-only page. I added a write event to the application event log to see what was going on, and found that the WindowsPrincipal.Identity.Name contained my laptop's ID, not my user name. I reassert: anonymous access is disabled in IIS and the web.config file has Windows Authentication. Can anyone suggest what else to check? Or can you explain what's going on?

    Read the article

  • One click login to my google apps solution how can I do it?

    - by Ali
    Hi guys I'm developing a google apps solution and I'm building on the tutorial application give by google at http://code.google.com/googleapps/marketplace/tutorial_php.html - the thing is that the example given sets up the application such that the user has to enter in manually the email address or username and then it takes the user through an authentication process whereby it asks the user if they wish to allow the application to be given access to the services mentioned in the manifest.xml file. Isn't there a better way to do this I mean like I want that when the user upon logging into his google apps account just has to click in the application link installed and straight on should be able to enter the application. Can't the process of authentication and all be transparent in the backdrop. I need help on this asap. Thanks a bunch!

    Read the article

  • What are best practices for securing the admin section of a website?

    - by UpTheCreek
    I'd like to know what people consider best practice for securing the Admin sections of websites, specifically from an authentication/access point of view. Of course there are obvious things, such as using SSL and logging all access, but I'm wondering just where above these basic steps people consider the bar to be set. For example: Are you just relying on the same authentication mechanism that you use for normal users? If not, what? Are you running the Admin section in the same 'application domain'? What steps do you take to make the admin section undiscovered? (or do you reject the while 'obscurity' thing)

    Read the article

  • Transport Security with Certificate Authentication

    - by Brian T
    I'm getting the following error when I access my webservice localhost/MyService/MyService.svc The SSL settings for the service 'SslRequireCert' does not match those of the IIS 'Ssl, SslNegotiateCert'. I've following the web.config examples as specified in http://msdn.microsoft.com/en-us/library/ms731074.aspx Here is my wcf server web.config: <?xml version="1.0" encoding="UTF-8"?> <configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0"> <appSettings /> <system.web> <identity impersonate="false" /> <roleManager enabled="true" /> <authentication mode="Windows" /> <customErrors mode="Off" /> <webServices> <protocols> <add name="HttpGet" /> <add name="HttpPost" /> </protocols> </webServices> </system.web> <system.webServer> <directoryBrowse enabled="true" /> <validation validateIntegratedModeConfiguration="false" /> <security> <authorization> <remove users="*" roles="" verbs="" /> <add accessType="Allow" users="*" roles="" /> </authorization> </security> </system.webServer> <system.serviceModel> <services> <service name="AspNetSqlProviderService" behaviorConfiguration="MyServiceBehavior"> <endpoint binding="wsHttpBinding" contract="Interface1" bindingConfiguration="CertificateWithTransportWSHttpBinding" /> <endpoint binding="wsHttpBinding" contract="Interface2" bindingConfiguration="CertificateWithTransportWSHttpBinding" /> <endpoint address="mex" binding="wsHttpBinding" bindingConfiguration="CertificateWithTransportWSHttpBinding" name="Metadata_Exchange" contract="IMetadataExchange" /> </service> </services> <behaviors> <serviceBehaviors> <behavior name="MyServiceBehavior"> <serviceDebug includeExceptionDetailInFaults="True" /> <serviceMetadata /> <serviceCredentials> <clientCertificate> <authentication trustedStoreLocation="LocalMachine" revocationMode="Online"/> </clientCertificate> </serviceCredentials> </behavior> </serviceBehaviors> </behaviors> <bindings> <wsHttpBinding> <binding name="CertificateWithTransportWSHttpBinding"> <security mode="Transport"> <transport clientCredentialType="Certificate" /> </security> </binding> </wsHttpBinding> </bindings> </system.serviceModel> </configuration> I've configured IIS as follows: https binding added using self signed certificate Under SSL settings, require SSL and accept client certificates is checked The self signed certificate has been added to the Local Computer Trusted Root CA. I can browse and execute the .asmx service definition, but the .svc gives me the error described above.

    Read the article

  • Smart Client App: How to give Different Settings for Different Users

    - by Daniel
    Hi! I have a smart client application being deployed with a CickOnce webpage. here's the current scenario. User runs the application, and the application shows a login form. User enters ID/Password in the login form, and the application sends that information to the server. The server authenticates the user and sends configuration and data to the application. Different users have different configuration and data for their application. I was concerned that anyone can download the application from the webpage if they know the URL. So I'm trying to change the authentication scheme, so that users can login at the webpage to download the application. I want to send the authentication info from the webpage(Program running at the server) to the smart client app, so that application can download the configuration information from the server, without prompting users to make a login again. How can the webpage send the ID/Passoword to the application securely?

    Read the article

  • Preferred Method Of Application Purchase

    - by Chuck
    This is more of a "programmers" question, but felt that it was technical enough to belong on Stack Overflow instead. I'm launching an application soon that will follow the shareware model of purchase. I've thought about implementing this in a few ways: Limited access to the application until they purchase Full access to the application but expires after 30 day, requiring them to purchase to retain utility. Full access to the application indefinitely, but with a 10-15 second pop-up box on start-up asking them to register -- like mIRC does (or used to do). The method of authentication will be web-based. I'll provide them with an authentication key and they'll put it in the application. Whenever the application boots up, it'll check my web service and determine whether the application is genuine or not. This isn't my question. My question is: Is there a preferred method of implementation? I'd like to piss off the users as little as possible, but I'd also like to get paid for my work.

    Read the article

  • Multiple formsauthentifications in the same application

    - by citronas
    Hi there, I was wondering if it is possible to use two different formsauthentification logins with the following directory structure: /default.aspx /login.aspx /web.config /subdirectory/sublogin.aspx /subdirectory/subdefault.aspx /subdirectory/web.config The web.config in the root contains the following settings: <authentication mode="Forms"> <forms protection="All" slidingExpiration="true" loginUrl="~/login.aspx" path="/"/> </authentication> <authorization> <deny users="?"/> </authorization> What I want to achieve is, that all directories except 'subdirectory' are protected by the login.aspx in the root. 'subdirectory' has its own login.aspx (sublogin.aspx) How would the correct content of the web.config in subdirectory look like?

    Read the article

  • Network update solutions for a company of ~20 (5 local, 15 remote)?

    - by Margaret
    Hi all This is probably going to be a bit up in the air, because we're still in the "reaching towards solutions" phase, but I figured I'd see what you guys had to say. Plus I honestly know very little about systems and what is good and bad pratice. My organisation has always more or less worked on the concept of local machines; since it primarily employed contractors who were working from home, each of those people was largely responsible for their own machine and backup procedures and the like. We're now expanding, though we're still reasonably small (we're up to about 20 staff members). Most people still work remotely, but we have a central office where about five people are working. But we're getting large enough that we're starting to think it would be a good idea to have a central file server, and things like that - if someone gets hit by a bus, we want someone else to know where to look for the files to continue their work. A lot of the people who work for us remotely work on projects for other companies as well, so I don't want to force them to log in to our server whenever they're on a network. But I do want to make connection to be as painless as possible to do so, to improve utilisation. The other thing is that we're getting more people who would like to remote into the office server and do their work there. Our current remote connection application is an SSH install that allows people access to the network; the problem is, it's a black box to me, and I've never understood how to even connect to it (despite supposedly being de facto sysadmin). Thus far I've been able to bounce questions about how to get it working to the guy who does know it well, but he's leaving the company soon. So we probably need a solution for this that I actually understand. We were knocking around the idea of implementing a VPN with some form of remote desktop, and someone mentioned that this was largely a matter of purchasing a router capable of it; I'm not sure of the truth of that statement. This is what we have in the office: Two shiny new i7 servers, each running Windows Server 2008. Precise eventual layout is still being debated, a little, but the current suggestion is that one is primary database crunching, while the other is a warm backup of the databases, along with running Reporting Services. They currently have SQL Server 2008 installed on them, which is being connected to via the 'sa' account. We're hoping to make each person use their own account (preferably one tied to the 'central' password we set up, so we can use Windows Authentication). An older server, running XP Pro, that we are currently using as a test bed for a project that requires access to older versions of software. This machine is also being used to take backups, but I'm thinking of moving that functionality elsewhere. A spare desktop from a guy who left the company (XP Pro). We're thinking of bumping up the hard disk space and using it as the magical file server that's going to solve one particular everything. Assorted desktops, laptops, etc, at least one for each person in the office (mix of Win XP and Win 7; occasionally a person who normally works remotely might drop in to the office and bring a laptop bearing Vista, but it's pretty rare). All are set up as local user accounts at the moment; I don't know if it's the best arrangement. Purchasing more hardware is not a big problem, but we figure we might as well make use of what we've got first. Is Active Directory a big magic wand that's going to solve all the world's problems? Is there some other arrangement we should be looking to instead?

    Read the article

  • Devise authenticating with username instead of email

    - by teknull
    I'm new to Devise and have it working fine by using an email address as the authentication key. However, I have a use case which requires a username instead and I can't seem to get it working. I've added a string column, "username" to the users table, changed the fields from :email to :username in the sign-in form, and have changed the authentication key in devise.rb to :username yet when I go to sign in I'm met with this prompt: "Please enter an email address". What am I doing wrong? **new.html.erb** <div><%= f.label :username %><br /> <%= f.email_field :username %></div> **User.rb** class User < ActiveRecord::Base # Include default devise modules. Others available are: # :token_authenticatable, :encryptable, :confirmable, :lockable, :timeoutable and :omniauthable devise :database_authenticatable, :registerable, :recoverable, :rememberable, :trackable, :validatable, :authentication_keys => [:username] # Setup accessible (or protected) attributes for your model attr_accessible :email, :password, :password_confirmation, :remember_me, :username # attr_accessible :title, :body end **devise.rb** config.authentication_keys = [ :username ]

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 108 109 110 111 112 113 114 115 116 117 118 119  | Next Page >