Search Results

Search found 11785 results on 472 pages for 'password protection'.

Page 113/472 | < Previous Page | 109 110 111 112 113 114 115 116 117 118 119 120  | Next Page >

  • hibernate annotation bi-directional mapping

    - by smithystar
    I'm building a web application using Spring framework and Hibernate with annotation and get stuck with a simple mapping between two entities. I'm trying to create a many-to-many relationship between User and Course. I followed one of the Hibernate tutorials and my implementation is as follows: User class: @Entity @Table(name="USER") public class User { private Long id; private String email; private String password; private Set<Course> courses = new HashSet<Course>(0); @Id @GeneratedValue @Column(name="USER_ID") public Long getId() { return id; } public void setId(Long id) { this.id = id; } @Column(name="USER_EMAIL") public String getEmail() { return email; } public void setEmail(String email) { this.email = email; } @Column(name="USER_PASSWORD") public String getPassword() { return password; } public void setPassword(String password) { this.password = password; } @ManyToMany(cascade = CascadeType.ALL) @JoinTable(name = "USER_COURSE", joinColumns = { @JoinColumn(name = "USER_ID") }, inverseJoinColumns = { @JoinColumn(name = "COURSE_ID") }) public Set<Course> getCourses() { return courses; } public void setCourses(Set<Course> courses) { this.courses = courses; } } Course class: @Entity @Table(name="COURSE") public class Course { private Long id; private String name; @Id @GeneratedValue @Column(name="COURSE_ID") public Long getId() { return id; } public void setId(Long id) { this.id = id; } @Column(name="NAME") public String getName() { return name; } public void setName(String name) { this.name = name; } } The problem is that this implementation only allows me to go one way user.getCourses() What do I need to change, so I can go in both directions? user.getCourses() course.getUsers() Any help would be appreciated.

    Read the article

  • ios - how do I concatinate strings to create a url?

    - by GeekedOut
    I am trying to make a url by first collecting the parameters, and then in one statement creating the actual url. Here is what I am trying to do: NSString *urlString = @"http://www.some_login_url.com?email=%@&password=%@"; NSString *email = self.email.text; NSString *password = self.password.text; NSString *url_to_send = [NSString stringWithFormat:@"%@%@", urlString , email , password]; So what I wanted to do was replace the @ symbols with the values in the variables, but instead the second variable just got appended to the end of the string. How would I change the last line so I could put the right parameters in their correct spots? Thanks!!

    Read the article

  • SFTP in Python? (platform independent)

    - by Mark Wilbur
    I'm working on a simple tool that transfers files to a hard-coded location with the password also hard-coded. I'm a python novice, but thanks to ftplib, it was easy: import ftplib info= ('someuser', 'password') #hard-coded def putfile(file, site, dir, user=(), verbose=True): """ upload a file by ftp to a site/directory login hard-coded, binary transfer """ if verbose: print 'Uploading', file local = open(file, 'rb') remote = ftplib.FTP(site) remote.login(*user) remote.cwd(dir) remote.storbinary('STOR ' + file, local, 1024) remote.quit() local.close() if verbose: print 'Upload done.' if __name__ == '__main__': site = 'somewhere.com' #hard-coded dir = './uploads/' #hard-coded import sys, getpass putfile(sys.argv[1], site, dir, user=info) The problem is that I can't find any library that supports sFTP. What's the normal way to do something like this securely? Edit: Thanks to the answers here, I've gotten it working with Paramiko and this was the syntax. import paramiko host = "THEHOST.com" #hard-coded port = 22 transport = paramiko.Transport((host, port)) password = "THEPASSWORD" #hard-coded username = "THEUSERNAME" #hard-coded transport.connect(username = username, password = password) sftp = paramiko.SFTPClient.from_transport(transport) import sys path = './THETARGETDIRECTORY/' + sys.argv[1] #hard-coded localpath = sys.argv[1] sftp.put(localpath, path) sftp.close() transport.close() print 'Upload done.' Thanks again!

    Read the article

  • [PersistenceException: org.hibernate.exception.SQLGrammarException: could not execute query]

    - by doniyor
    i need help. i am trying to select from database thru sql statement in play framework, but it gives me error, i cannot figure out where the clue is. here is the code: @Transactional public static Users findByUsernameAndPassword(String username, String password){ String hash = DigestUtils.md5Hex(password); Query q = JPA.em().createNativeQuery("select * from USERS where" + "USERNAME=? and PASSWORD=?").setParameter(1, username).setParameter(2, password); List<Users> users = q.getResultList(); if(users.isEmpty()){ return null; } else{ return users.get(0); here is the eror message: [PersistenceException: org.hibernate.exception.SQLGrammarException: could not execute query] can someone help me please! any help i would appreciate! thanks

    Read the article

  • write to xml file using objective c

    - by Mith
    Hi, ok, I managed to read from xml file using NSXMLParser but now i don't know how to write to xml file. I have a xml file , say <?xml version="1.0" encoding="UTF-8"?> <root> <user id="abcd" password="pass1"/> <user id="efg" password="pass2"/> </root> Now when a new user enters details, I want to store them in a new tag.. lets say like, the id is "hhhh" and password is"pass3" I want to add a new tag with attributes as such <user id="hhhh" password="pass3"/> to the xml file. How should I do this. Please explain in an elaborate way . I am a newbie here. Any links to tutorials or examples will be much helpful. Thanks

    Read the article

  • how to listen to Enter button when using JOptionPane.showOptionDialog

    - by MemoryLeak
    I use: char[] password = null; JPasswordField jpf = new JPasswordField(30); java.lang.Object [] messageInput = { prompt, jpf }; java.lang.Object [] options = { jpf , "OK", "Cancel"}; int result = JOptionPane.showOptionDialog(null, messageInput, title, JOptionPane.OK_CANCEL_OPTION, JOptionPane.QUESTION_MESSAGE, null, options, ""); JOptionPane.showMessageDialog(null, result); if (result == 1) { password = jpf.getPassword(); } else if(result == JOptionPane.CANCEL_OPTION) { } return password; to get password, but this can not listen to the Enter button. I know if I set the options parameter to null, can make the dialog listen to "enter" button, but if I do that, the dialog don't focus to the textbox when show up. Can someone help me on this ? Thanks in advance !

    Read the article

  • How to disconnect an existing ruby sequel connection to a database?

    - by MG
    I mean the one which was previously established as DB = Sequel.sqlite('my_blog.db') or DB = Sequel.connect('postgres://user:password@localhost/my_db') or DB = Sequel.postgres('my_db', :user => 'user', :password => 'password', :host => 'localhost') or etcetera. The Sequel::Database class has no public instance method called "disconnect" or so though it has "connect" one. Maybe somebody already faced that problem. I would appreciate any idea.

    Read the article

  • Beginner Android Dev question navigating through intents, getting errors not sure how to fix it. I've tried rearranging and everything even tabbing.

    - by user554786
    /*I created this Sign-In page. I start by declaring variables for username/password & buttons. If user enters "test" as username & "test" as password and hits the login button, its supposed to go to the DrinksTwitter.class activity, else throw error message I created. To me the code and login makes perfect sense. I'm not sure why it wont go to the next activity I want it to go to */ package com.android.drinksonme; import android.app.Activity; import android.content.Intent; import android.os.Bundle; import android.view.View; import android.view.View.OnClickListener; import android.widget.Button; import android.widget.EditText; import android.widget.TextView; public class Screen2 extends Activity { // Declare our Views, so we can access them later private EditText etUsername; private EditText etPassword; private Button btnLogin; private Button btnSignUp; private TextView lblResult; @Override public void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.main); // Get the EditText and Button References etUsername = (EditText)findViewById(R.id.username); etPassword = (EditText)findViewById(R.id.password); btnLogin = (Button)findViewById(R.id.login_button); btnSignUp = (Button)findViewById(R.id.signup_button); lblResult = (TextView)findViewById(R.id.result); // Check Login String username = etUsername.getText().toString(); String password = etPassword.getText().toString(); if(username.equals("test") && password.equals("test")){ final Intent i = new Intent(Screen2.this, DrinksTwitter.class); btnLogin.setOnClickListener(new OnClickListener() { public void onClick(View v) { startActivity(i); } // lblResult.setText("Login successful."); else { /* ERROR- Syntax error on token "else", { expected */ lblResult.setText("Invalid username or password."); } } }); final Intent k = new Intent(Screen2.this, SignUp.class); btnSignUp.setOnClickListener(new OnClickListener() { public void onClick(View v) { startActivity(k); } }); /* ERROR- Syntax error, insert "}" to complete Statement*/ } }

    Read the article

  • Java AD Authentication across Trusted Domains

    - by benjiisnotcool
    I am trying to implement Active Directory authentication in Java which will be ran from a Linux machine. Our AD set-up will consist of multiple servers that share trust relationships with one another so for our test environment we have two domain controllers: test1.ad1.foo.com who trusts test2.ad2.bar.com. Using the code below I can successfully authenticate a user from test1 but not on test2: public class ADDetailsProvider implements ResultSetProvider { private String domain; private String user; private String password; public ADDetailsProvider(String user, String password) { //extract domain name if (user.contains("\\")) { this.user = user.substring((user.lastIndexOf("\\") + 1), user.length()); this.domain = user.substring(0, user.lastIndexOf("\\")); } else { this.user = user; this.domain = ""; } this.password = password; } /* Test from the command line */ public static void main (String[] argv) throws SQLException { ResultSetProvider res = processADLogin(argv[0], argv[1]); ResultSet results = null; res.assignRowValues(results, 0); System.out.println(argv[0] + " " + argv[1]); } public boolean assignRowValues(ResultSet results, int currentRow) throws SQLException { // Only want a single row if (currentRow >= 1) return false; try { ADAuthenticator adAuth = new ADAuthenticator(); LdapContext ldapCtx = adAuth.authenticate(this.domain, this.user, this.password); NamingEnumeration userDetails = adAuth.getUserDetails(ldapCtx, this.user); // Fill the result set (throws SQLException). while (userDetails.hasMoreElements()) { Attribute attr = (Attribute)userDetails.next(); results.updateString(attr.getID(), attr.get().toString()); } results.updateInt("authenticated", 1); return true; } catch (FileNotFoundException fnf) { Logger.getAnonymousLogger().log(Level.WARNING, "Caught File Not Found Exception trying to read cris_authentication.properties"); results.updateInt("authenticated", 0); return false; } catch (IOException ioe) { Logger.getAnonymousLogger().log(Level.WARNING, "Caught IO Excpetion processing login"); results.updateInt("authenticated", 0); return false; } catch (AuthenticationException aex) { Logger.getAnonymousLogger().log(Level.WARNING, "Caught Authentication Exception attempting to bind to LDAP for [{0}]", this.user); results.updateInt("authenticated", 0); return true; } catch (NamingException ne) { Logger.getAnonymousLogger().log(Level.WARNING, "Caught Naming Exception performing user search or LDAP bind for [{0}]", this.user); results.updateInt("authenticated", 0); return true; } } public void close() { // nothing needed here } /** * This method is called via a Postgres function binding to access the * functionality provided by this class. */ public static ResultSetProvider processADLogin(String user, String password) { return new ADDetailsProvider(user, password); } } public class ADAuthenticator { public ADAuthenticator() throws FileNotFoundException, IOException { Properties props = new Properties(); InputStream inStream = this.getClass().getClassLoader(). getResourceAsStream("com/bar/foo/ad/authentication.properties"); props.load(inStream); this.domain = props.getProperty("ldap.domain"); inStream.close(); } public LdapContext authenticate(String domain, String user, String pass) throws AuthenticationException, NamingException, IOException { Hashtable env = new Hashtable(); this.domain = domain; env.put(Context.INITIAL_CONTEXT_FACTORY, com.sun.jndi.ldap.LdapCtxFactory); env.put(Context.PROVIDER_URL, "ldap://" + test1.ad1.foo.com + ":" + 3268); env.put(Context.SECURITY_AUTHENTICATION, simple); env.put(Context.REFERRAL, follow); env.put(Context.SECURITY_PRINCIPAL, (domain + "\\" + user)); env.put(Context.SECURITY_CREDENTIALS, pass); // Bind using specified username and password LdapContext ldapCtx = new InitialLdapContext(env, null); return ldapCtx; } public NamingEnumeration getUserDetails(LdapContext ldapCtx, String user) throws NamingException { // List of attributes to return from LDAP query String returnAttributes[] = {"ou", "sAMAccountName", "givenName", "sn", "memberOf"}; //Create the search controls SearchControls searchCtls = new SearchControls(); searchCtls.setReturningAttributes(returnAttributes); //Specify the search scope searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE); // Specify the user to search against String searchFilter = "(&(objectClass=*)(sAMAccountName=" + user + "))"; //Perform the search NamingEnumeration answer = ldapCtx.search("dc=dev4,dc=dbt,dc=ukhealth,dc=local", searchFilter, searchCtls); // Only care about the first tuple Attributes userAttributes = ((SearchResult)answer.next()).getAttributes(); if (userAttributes.size() <= 0) throw new NamingException(); return (NamingEnumeration) userAttributes.getAll(); } From what I understand of the trust relationship, if trust1 receives a login attempt for a user in trust2, then it should forward the login attempt on to it and it works this out from the user's domain name. Is this correct or am I missing something or is this not possible using the method above? --EDIT-- The stack trace from the LDAP bind is {java.naming.provider.url=ldap://test1.ad1.foo.com:3268, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.security.authentication=simple, java.naming.referral=follow} 30-Oct-2012 13:16:02 ADDetailsProvider assignRowValues WARNING: Caught Authentication Exception attempting to bind to LDAP for [trusttest] Auth error is [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db0]

    Read the article

  • Knowing the user name in a Page

    - by ctacke
    Let's assume the following: I have an IIS web site set up IIS is configured to use Digest authentication I'm running an ASP.NET page The page has a code-behing assembly that overrides Page_Load When a user navigates to that page, I get a security prompt for the username and password. If the username and password are invalid (i.e. incorrect password) is there a way for the called page, in Page_Load to know, or does IIS handle this and return the 401 before the ASP.NET engine ever gets around to resolving the actual Page class that will get executed?

    Read the article

  • How to detect invalid user input in a Batch File?

    - by user2975367
    I want to use a batch file to ask for a password to continue, i have very simple code that works. @echo off :Begin cls echo. echo Enter Password set /p pass= if %pass%==Password goto Start :Start cls echo What would you like me to do? (Date/Chrome/Lock/Shutdown/Close) set /p task= if %task%==Date goto Task=Date if %task%==Chrome goto Task=Chrome if %task%==Lock goto Task=Lock if %task%==Shutdown goto Task=Shutdown if %task%==Close goto Task=Close I need to detect when the user entered an invalid password, i have spent an hour researching but i found nothing. I'm not advanced in any way so try and keep it very simple like the code above. Please help me.

    Read the article

  • How to use the values from session variables in jsp pages that got saved using @Scope("session") in the mvc controllers

    - by droidsites
    Doing a web site using spring mvc. I added a SignupController to handle all the sign up related requests. Once user signup I am adding that to a session using @Scope("session"). Below is the SignupController code, SignupController.java @Controller @Scope("session") public class SignupController { @Autowired SignupServiceInter signUpService; private static final Logger logger = Logger.getLogger(SignupController.class); private String sessionUser; @RequestMapping("/SignupService") public ModelAndView signUp(@RequestParam("userid") String userId, @RequestParam("password") String password,@RequestParam("mailid") String emailId){ logger.debug(" userId:"+userId+"::Password::"+password+"::"); String signupResult; try { signUpService.registerUser(userId, password,emailId); sessionUser = userId; //adding the sign up user to the session return new ModelAndView("userHomePage","loginResult","Success"); //Navigate to user Home page if everything goes right } catch (UserExistsException e) { signupResult = e.toString(); return new ModelAndView("signUp","loginResult", signupResult); //Navigate to signUp page back if user does not exist } } } I am using "sessionUser" variable to store the signed up User Id. My understanding is that when I use @Scope("session") for the controller all the instance variables will added to HttpSession. So by that understanding I tried to access this "SessionUser" in userHomePage.jsp as, userHomepage.jsp Welcome to <%=session.getAttribute("sessionUser")%> But it throws null. So my question is how to use the values from session variables in jsp pages that got saved using @Scope("session") in the mvc controllers. Note: My work around is that pass that signed User Id to jsp page through ModelAndView, but it seems passing the value like these among the pages takes me back to managing state among pages using QueryStrings days.

    Read the article

  • JQuery tab Selection problem?

    - by PeAk
    New to JQuery and I was wondering how do I keep any tabbed selected when a user reloads the web page? What part of my code do I need to change? Here is my JQuery code. $(document).ready(function() { //When page loads... $(".form-content").hide(); //Hide all content var firstMenu = $("#home-menu ul li:first"); firstMenu.show(); firstMenu.find("a").addClass("selected-link"); //Activate first tab $(".form-content:first").show(); //Show first tab content //On Click Event $("#home-menu ul li").click(function() { $("#home-menu ul li a").removeClass("selected-link"); //Remove any "selected-link" class $(this).find("a").addClass("selected-link"); //Add "selected-link" class to selected tab $(".form-content").hide(); //Hide all tab content var activeTab = $(this).find("a").attr("href"); //Find the href attribute value to identify the selected-link tab + content $(activeTab).fadeIn(); //Fade in the selected-link ID content return false; }); }); Here is the XHTML code. <div id="home-menu"> <ul> <li><a href="#personal-info-form" title="Personal Info Form Link">Personal Info</a></li> <li><a href="#contact-info-form" title="Contact Info Form Link">Contact Info</a></li> </ul> </div> <div> <div id="personal-info-form" class="form-content"> <h2>Personal Information</h2> <form method="post" action="index.php"> <fieldset> <ul> <li><label for="first_name">First Name: </label><input type="text" name="first_name" id="first_name" size="25" class="input-size" value="<?php if(!empty($first_name)){ echo $first_name; } ?>" /></li> <li><label for="middle_name">Middle Name: </label><input type="text" name="middle_name" id="middle_name" size="25" class="input-size" value="<?php if(!empty($middle_name)){ echo $middle_name; } ?>" /></li> <li><label for="last_name">Last Name: </label><input type="text" name="last_name" id="last_name" size="25" class="input-size" value="<?php if(!empty($last_name)){ echo $last_name; } ?>" /></li> <li><label for="password-1">Password: </label><input type="password" name="password1" id="password-1" size="25" class="input-size" /></li> <li><label for="password-2">Confirm Password: </label><input type="password" name="password2" id="password-2" size="25" class="input-size" /></li> <li><input type="submit" name="submit" value="Save Changes" class="save-button" /> <input type="submit" name="submit" value="Preview Changes" class="preview-changes-button" /></li> </ul> </fieldset> </form> </div> <div id="contact-info-form" class="form-content"> <h2>Contact Information</h2> <form method="post" action="index.php" id="contact-form"> <fieldset> <ul> <li><label for="address">Address 1: </label><input type="text" name="address" id="address" size="25" class="input-size" value="<?php if (isset($_POST['address'])) { echo $_POST['address']; } else if(!empty($address)) { echo $address; } ?>" /></li> <li><label for="address_two">Address 2: </label><input type="text" name="address_two" id="address_two" size="25" class="input-size" value="<?php if (isset($_POST['address_two'])) { echo $_POST['address_two']; } else if(!empty($address_two)) { echo $address_two; } ?>" /></li> <li><label for="city_town">City/Town: </label><input type="text" name="city_town" id="city_town" size="25" class="input-size" value="<?php if (isset($_POST['city_town'])) { echo $_POST['city_town']; } else if(!empty($city_town)) { echo $city_town; } ?>" /></li> <li><input type="submit" name="submit" value="Save Changes" class="save-button" /> <input type="hidden" name="contact_info_submitted" value="true" /> <input type="submit" name="submit" value="Preview Changes" class="preview-changes-button" /></li> </ul> </fieldset> </form> </div> </div>

    Read the article

  • Noob question about hibernate criteria

    - by Dimitri
    Hello, I have a class called User which has 2 properties : login/password. I am trying to authenticate a user in my application using hibernate criteria but my request doesn't work. [EDIT] The returned value is NULL. I have two users in my database for testing. Here is my code : @Override public User authenticate(String login, String password) throws NullPointerException { Session session = this.getSession(); User user = (User) session .createCriteria(User.class) .add( Restrictions.and( Property.forName("login").eq(login), Property.forName("password").eq(password) )).uniqueResult(); if (user == null){ throw new NullPointerException("User not found"); } return user; } Can someone tells me what is wrong with my code? Happy new Year 2011 !!

    Read the article

  • Resetting passwords without emailing the user

    - by Cory
    We need to provide a way to reset password for users who are using our website. The typical way is to send email to the user and ask to click on the link to reset. The issue is that we don't want to run a mail server just for the purpose of resetting password. Is there other clever way of reseting password without having to mail the user?

    Read the article

  • Is this the right way of handling command line arguments?

    - by shadyabhi
    ask_username = True ask_password = True ask_message = True ask_number = True def Usage(): print '\t-h, --help: View help' print '\t-u, --username: Username' print '\t-p, --password: Password' print '\t-n, --number: numbber to send the sms' print '\t-m, --message: Message to send' sys.exit(1) opts, args = getopt(sys.argv[1:], 'u:p:m:n:h',["username=","password=","message=","number=","help"]) print opts, args for o,v in opts: if o in ("-h", "--help"): Usage() elif o in ("-u", "--username"): username = v ask_username = False elif o in ("-p", "--password"): passwd = v ask_password = False elif o in ("-m", "--message"): message = v ask_message = False elif o in ("-n", "--number"): number = v ask_number = False #Credentials taken here if ask_username: username = raw_input("Enter USERNAME: ") if ask_password: passwd = getpass() if ask_message: message = raw_input("Enter Message: ") if ask_number: number = raw_input("Enter Mobile number: ") I dont think it is, because I am using 4 objects just for checking if command line argument was provided... Guide me with the best way of doing it..

    Read the article

  • Thread-safe get (accessor method)

    - by sonofdelphi
    I'm currently using the following code for thread-safe access of a variable. int gnVariable; void getVariableValue(int *pnValue) { acquireLock(); //Acquires the protection mechanism *pnValue = gnVariable; releaseLock(); //Releasing the protection mechanism } I would like to change my API signature to a more user-friendly int getVariableValue(void); How should I rewrite the function - such that the users of the API don't have to bother about the locking/unlocking details?

    Read the article

  • iPhone: trouble with wrong credentials

    - by user331396
    I am writing an iPhone App that uses a HTTPS/SOAP service which needs user credentials. After I change the password used for these credentials from a valid to an invalid one I still get a valid response from the service, as if the password was never changed. When I restart the app (with the invalid password) the app immediately receives the expected '401' message. Any hints what I might left out to code? Thx :)

    Read the article

  • [Linq to sql] query result what should i use Count() or Any()...

    - by Pandiya Chendur
    I am checking login of a user by this repository method, public bool getLoginStatus(string emailId, string password) { var query = from r in taxidb.Registrations where (r.EmailId == emailId && r.Password==password) select r; if (query.Count() != 0) { return true; } return false; } I saw in one of the previous questions !query.Any() would be faster... Which should i use? Any suggestion....

    Read the article

  • Rewrite inline javascript into jQuery

    - by cf_PhillipSenn
    How do I rewrite this using jQuery instead of the onchange event? <input name="PasswordName" type="password" id="passwordID"> <p> <input type="checkbox" onchange="document.getElementById('passwordID').type = this.checked ? 'text' : 'password'"> Show Password </p>

    Read the article

  • Connecting Linux to WatchGuard Firebox SSL (OpenVPN client)

    Recently, I got a new project assignment that requires to connect permanently to the customer's network through VPN. They are using a so-called SSL VPN. As I am using OpenVPN since more than 5 years within my company's network I was quite curious about their solution and how it would actually be different from OpenVPN. Well, short version: It is a disguised version of OpenVPN. Unfortunately, the company only offers a client for Windows and Mac OS which shouldn't bother any Linux user after all. OpenVPN is part of every recent distribution and can be activated in a couple of minutes - both client as well as server (if necessary). WatchGuard Firebox SSL - About dialog Borrowing some files from a Windows client installation Initially, I didn't know about the product, so therefore I went through the installation on Windows 8. No obstacles (and no restart despite installation of TAP device drivers!) here and the secured VPN channel was up and running in less than 2 minutes or so. Much appreciated from both parties - customer and me. Of course, this whole client package and my long year approved and stable installation ignited my interest to have a closer look at the WatchGuard client. Compared to the original OpenVPN client (okay, I have to admit this is years ago) this commercial product is smarter in terms of file locations during installation. You'll be able to access the configuration and key files below your roaming application data folder. To get there, simply enter '%AppData%\WatchGuard\Mobile VPN' in your Windows/File Explorer and confirm with Enter/Return. This will display the following files: Application folder below user profile with configuration and certificate files From there we are going to borrow four files, namely: ca.crt client.crt client.ovpn client.pem and transfer them to the Linux system. You might also be able to isolate those four files from a Mac OS client. Frankly, I'm just too lazy to run the WatchGuard client installation on a Mac mini only to find the folder location, and I'm going to describe why a little bit further down this article. I know that you can do that! Feedback in the comment section is appreciated. Configuration of OpenVPN (console) Depending on your distribution the following steps might be a little different but in general you should be able to get the important information from it. I'm going to describe the steps in Ubuntu 13.04 (Raring Ringtail). As usual, there are two possibilities to achieve your goal: console and UI. Let's what it is necessary to be done. First of all, you should ensure that you have OpenVPN installed on your system. Open your favourite terminal application and run the following statement: $ sudo apt-get install openvpn network-manager-openvpn network-manager-openvpn-gnome Just to be on the safe side. The four above mentioned files from your Windows machine could be copied anywhere but either you place them below your own user directory or you put them (as root) below the default directory: /etc/openvpn At this stage you would be able to do a test run already. Just in case, run the following command and check the output (it's the similar information you would get from the 'View Logs...' context menu entry in Windows: $ sudo openvpn --config client.ovpn Pay attention to the correct path to your configuration and certificate files. OpenVPN will ask you to enter your Auth Username and Auth Password in order to establish the VPN connection, same as the Windows client. Remote server and user authentication to establish the VPN Please complete the test run and see whether all went well. You can disconnect pressing Ctrl+C. Simplifying your life - authentication file In my case, I actually set up the OpenVPN client on my gateway/router. This establishes a VPN channel between my network and my client's network and allows me to switch machines easily without having the necessity to install the WatchGuard client on each and every machine. That's also very handy for my various virtualised Windows machines. Anyway, as the client configuration, key and certificate files are located on a headless system somewhere under the roof, it is mandatory to have an automatic connection to the remote site. For that you should first change the file extension '.ovpn' to '.conf' which is the default extension on Linux systems for OpenVPN, and then open the client configuration file in order to extend an existing line. $ sudo mv client.ovpn client.conf $ sudo nano client.conf You should have a similar content to this one here: dev tunclientproto tcp-clientca ca.crtcert client.crtkey client.pemtls-remote "/O=WatchGuard_Technologies/OU=Fireware/CN=Fireware_SSLVPN_Server"remote-cert-eku "TLS Web Server Authentication"remote 1.2.3.4 443persist-keypersist-tunverb 3mute 20keepalive 10 60cipher AES-256-CBCauth SHA1float 1reneg-sec 3660nobindmute-replay-warningsauth-user-pass auth.txt Note: I changed the IP address of the remote directive above (which should be obvious, right?). Anyway, the required change is marked in red and we have to create a new authentication file 'auth.txt'. You can give the directive 'auth-user-pass' any file name you'd like to. Due to my existing OpenVPN infrastructure my setup differs completely from the above written content but for sake of simplicity I just keep it 'as-is'. Okay, let's create this file 'auth.txt' $ sudo nano auth.txt and just put two lines of information in it - username on the first, and password on the second line, like so: myvpnusernameverysecretpassword Store the file, change permissions, and call openvpn with your configuration file again: $ sudo chmod 0600 auth.txt $ sudo openvpn --config client.conf This should now work without being prompted to enter username and password. In case that you placed your files below the system-wide location /etc/openvpn you can operate your VPNs also via service command like so: $ sudo service openvpn start client $ sudo service openvpn stop client Using Network Manager For newer Linux users or the ones with 'console-phobia' I'm going to describe now how to use Network Manager to setup the OpenVPN client. For this move your mouse to the systray area and click on Network Connections => VPN Connections => Configure VPNs... which opens your Network Connections dialog. Alternatively, use the HUD and enter 'Network Connections'. Network connections overview in Ubuntu Click on 'Add' button. On the next dialog select 'Import a saved VPN configuration...' from the dropdown list and click on 'Create...' Choose connection type to import VPN configuration Now you navigate to your folder where you put the client files from the Windows system and you open the 'client.ovpn' file. Next, on the tab 'VPN' proceed with the following steps (directives from the configuration file are referred): General Check the IP address of Gateway ('remote' - we used 1.2.3.4 in this setup) Authentication Change Type to 'Password with Certificates (TLS)' ('auth-pass-user') Enter User name to access your client keys (Auth Name: myvpnusername) Enter Password (Auth Password: verysecretpassword) and choose your password handling Browse for your User Certificate ('cert' - should be pre-selected with client.crt) Browse for your CA Certificate ('ca' - should be filled as ca.crt) Specify your Private Key ('key' - here: client.pem) Then click on the 'Advanced...' button and check the following values: Use custom gateway port: 443 (second value of 'remote' directive) Check the selected value of Cipher ('cipher') Check HMAC Authentication ('auth') Enter the Subject Match: /O=WatchGuard_Technologies/OU=Fireware/CN=Fireware_SSLVPN_Server ('tls-remote') Finally, you have to confirm and close all dialogs. You should be able to establish your OpenVPN-WatchGuard connection via Network Manager. For that, click on the 'VPN Connections => client' entry on your Network Manager in the systray. It is advised that you keep an eye on the syslog to see whether there are any problematic issues that would require some additional attention. Advanced topic: routing As stated above, I'm running the 'WatchGuard client for Linux' on my head-less server, and since then I'm actually establishing a secure communication channel between two networks. In order to enable your network clients to get access to machines on the remote side there are two possibilities to enable that: Proper routing on both sides of the connection which enables both-direction access, or Network masquerading on the 'client side' of the connection Following, I'm going to describe the second option a little bit more in detail. The Linux system that I'm using is already configured as a gateway to the internet. I won't explain the necessary steps to do that, and will only focus on the additional tweaks I had to do. You can find tons of very good instructions and tutorials on 'How to setup a Linux gateway/router' - just use Google. OK, back to the actual modifications. First, we need to have some information about the network topology and IP address range used on the 'other' side. We can get this very easily from /var/log/syslog after we established the OpenVPN channel, like so: $ sudo tail -n20 /var/log/syslog Or if your system is quite busy with logging, like so: $ sudo less /var/log/syslog | grep ovpn The output should contain PUSH received message similar to the following one: Jul 23 23:13:28 ios1 ovpn-client[789]: PUSH: Received control message: 'PUSH_REPLY,topology subnet,route 192.168.1.0 255.255.255.0,dhcp-option DOMAIN ,route-gateway 192.168.6.1,topology subnet,ping 10,ping-restart 60,ifconfig 192.168.6.2 255.255.255.0' The interesting part for us is the route command which I highlighted already in the sample PUSH_REPLY. Depending on your remote server there might be multiple networks defined (172.16.x.x and/or 10.x.x.x). Important: The IP address range on both sides of the connection has to be different, otherwise you will have to shuffle IPs or increase your the netmask. {loadposition content_adsense} After the VPN connection is established, we have to extend the rules for iptables in order to route and masquerade IP packets properly. I created a shell script to take care of those steps: #!/bin/sh -eIPTABLES=/sbin/iptablesDEV_LAN=eth0DEV_VPNS=tun+VPN=192.168.1.0/24 $IPTABLES -A FORWARD -i $DEV_LAN -o $DEV_VPNS -d $VPN -j ACCEPT$IPTABLES -A FORWARD -i $DEV_VPNS -o $DEV_LAN -s $VPN -j ACCEPT$IPTABLES -t nat -A POSTROUTING -o $DEV_VPNS -d $VPN -j MASQUERADE I'm using the wildcard interface 'tun+' because I have multiple client configurations for OpenVPN on my server. In your case, it might be sufficient to specify device 'tun0' only. Simplifying your life - automatic connect on boot Now, that the client connection works flawless, configuration of routing and iptables is okay, we might consider to add another 'laziness' factor into our setup. Due to kernel updates or other circumstances it might be necessary to reboot your system. Wouldn't it be nice that the VPN connections are established during the boot procedure? Yes, of course it would be. To achieve this, we have to configure OpenVPN to automatically start our VPNs via init script. Let's have a look at the responsible 'default' file and adjust the settings accordingly. $ sudo nano /etc/default/openvpn Which should have a similar content to this: # This is the configuration file for /etc/init.d/openvpn## Start only these VPNs automatically via init script.# Allowed values are "all", "none" or space separated list of# names of the VPNs. If empty, "all" is assumed.# The VPN name refers to the VPN configutation file name.# i.e. "home" would be /etc/openvpn/home.conf#AUTOSTART="all"#AUTOSTART="none"#AUTOSTART="home office"## ... more information which remains unmodified ... With the OpenVPN client configuration as described above you would either set AUTOSTART to "all" or to "client" to enable automatic start of your VPN(s) during boot. You should also take care that your iptables commands are executed after the link has been established, too. You can easily test this configuration without reboot, like so: $ sudo service openvpn restart Enjoy stable VPN connections between your Linux system(s) and a WatchGuard Firebox SSL remote server. Cheers, JoKi

    Read the article

  • ssh authentication nfs

    - by user40135
    Hi all I would like to do ssh from machine "ub0" to another machine "ub1" without using passwords. I setup using nfs on "ub0" but still I am asked to insert a password. Here is my scenario: * machine ub0 and ub1 have the same user "mpiu", with same pwd, same userid, and same group id * the 2 servers are sharing a folder that is the HOME directory for "mpiu" * I did a chmod 700 on the .ssh * I created a key using ssh-keygene -t dsa * I did "cat id_dsa.pub authorized_keys". On this last file I tried also chmod 600 and chmod 640 * off course I can guarantee that on machine ub1 the user "shared_user" can see the same fodler that wes mounted with no problem. Below the content of my .ssh folder Code: authorized_keys id_dsa id_dsa.pub known_hosts After all of this calling wathever function "ssh ub1 hostname" I am requested my password. Do you know what I can try? I also UNcommented in the ssh_config file for both machines this line IdentityFile ~/.ssh/id_dsa I also tried ssh -i $HOME/.ssh/id_dsa mpiu@ub1 Below the ssh -vv Code: OpenSSH_5.1p1 Debian-3ubuntu1, OpenSSL 0.9.8g 19 Oct 2007 OpenSSH_5.1p1 Debian-3ubuntu1, OpenSSL 0.9.8g 19 Oct 2007 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to ub1 [192.168.2.9] port 22. debug1: Connection established. debug2: key_type_from_name: unknown key type '-----BEGIN' debug2: key_type_from_name: unknown key type '-----END' debug1: identity file /mirror/mpiu/.ssh/id_dsa type 2 debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024 debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024 debug1: Remote protocol version 2.0, remote software version lshd-2.0.4 lsh - a GNU ssh debug1: no match: lshd-2.0.4 lsh - a GNU ssh debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.1p1 Debian-3ubuntu1 debug2: fd 3 setting O_NONBLOCK debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,[email protected],aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,[email protected],aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,[email protected],zlib debug2: kex_parse_kexinit: none,[email protected],zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,spki-sign-rsa debug2: kex_parse_kexinit: aes256-cbc,3des-cbc,blowfish-cbc,arcfour debug2: kex_parse_kexinit: aes256-cbc,3des-cbc,blowfish-cbc,arcfour debug2: kex_parse_kexinit: hmac-sha1,hmac-md5 debug2: kex_parse_kexinit: hmac-sha1,hmac-md5 debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: found hmac-md5 debug1: kex: server-client 3des-cbc hmac-md5 none debug2: mac_setup: found hmac-md5 debug1: kex: client-server 3des-cbc hmac-md5 none debug2: dh_gen_key: priv key bits set: 183/384 debug2: bits set: 1028/2048 debug1: sending SSH2_MSG_KEXDH_INIT debug1: expecting SSH2_MSG_KEXDH_REPLY debug1: Host 'ub1' is known and matches the RSA host key. debug1: Found key in /mirror/mpiu/.ssh/known_hosts:1 debug2: bits set: 1039/2048 debug1: ssh_rsa_verify: signature correct debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: /mirror/mpiu/.ssh/id_dsa (0xb874b098) debug1: Authentications that can continue: password,publickey debug1: Next authentication method: publickey debug1: Offering public key: /mirror/mpiu/.ssh/id_dsa debug2: we sent a publickey packet, wait for reply debug1: Authentications that can continue: password,publickey debug2: we did not send a packet, disable method debug1: Next authentication method: password mpiu@ub1's password: I hangs here!

    Read the article

  • How can I work around problems with certificate configuration in Remote Desktop Services?

    - by Michael Steele
    I am setting up a Remote Desktop Services farm, and am having trouble configuring certificates for it to use. A demonstration of the problem I'm seeing can be found in Step #4. At this point I am convinced that there are problems with the user interface, and am looking for ways around them. Is there any way to configure certificates in Remote Desktop Services so that the settings hold and are reflected in the GUI? If not, is there any way for me to verify that the settings are correct? Step #1 - Create certificate to be used. I've configured a certificate to use with RD Web Access. The certificate is stored with in the Certificates MMC on my RD Connection Broker, and I am configuring the farm from that computer. I found by letting RD Web Access generate its own certificate that the following properties are required: Enhanced Key Usage Server Authentication Client Authentication This may not be required, but the self-signed certificate includes it. Key Usage Digital Signature Key Agreement Subject Alternative Name DNS Name=domain.com Detour about self-signed certificate generation As a quick detour, I was able to work around a problem with creating self-signed certificates using powershell. The documentation for the New-RDCertificate cmdlet gives the following example: PS C:\> $password = ConvertTo-SecureString -string "password" -asplaintext -force New-RDCertificate -Role RDWebAccess -DnsName "test-rdwa.contoso.com" -Password $password -ConnectionBroker rdcb.contoso.com -ExportPath "c:\test-rdwa.pfx" Typing this into the shell will result in an error message claiming that a function, Get-Server cannot be found. Prior to using New-RDCertificate, you must import the RemoteDesktop Module with Import-Module RemoteDesktop. Step #2 - Observe out-of-box behavior The first time you visit the Deployment Properties dialog box by navigating to Server Manager - Remote Desktop Services - Collections and selecting "Edit Deployment Properties" from the "TASKS" dropdown list in the "COLLECTIONS" grouping, you will see the following screen: This window is misleading because the level field is listed as "Not Configured". If I understand correctly all three of the role services are using a self-signed certificate. For the RD Web Access role this can be verified by visiting the website: The certificate being used also appears in the Certificates MMC: Step #3 - Assign new certificate The Deployment Properties dialog box will allow me to select my existing certificate. The certificate must be placed within the local computers Certificates MMC in the "Personal" certificate store. The private key will need to be exportable, and you will need to provide the password. I temporarily exported my certificate to a file named temp.pfx with a password, and then imported it into Remote Desktop Services from there. Once this is done the GUI will indicate that it is ready to accept the new configuration. Once I click the "Apply" button, the GUI indicates success. This can be verified by visiting the RD Web Access web site a second time. There is no certificate error. Step #4 - The GUI fails to maintain its state If the GUI is closed and reopened, all of these settings appear to be lost. Actually, the certificate I configured is still being used. I am able to continue accessing the RD Web Access site without any certificate errors. Oddly, if I use the "Create new certificate..." button to generate a self-signed certificate this window will update to an "Untrusted" level. This setting will then be maintained through the opening and closing of the Deployment Properties dialog box. Is there anything I can do to have my settings appear to stick? I feel like something is wrong when the GUI claims I haven't fully configured certificates.

    Read the article

  • Cisco 678 Will Not Work using PPPoE - Possibly Because I Configured it Incorrectly..?

    - by Brian Stinar
    I am attempting to configure a Cisco 678 because I am totally sick on my Actiontec. However, I am running into some problems. It seems as though the Cisco is able to train the line, but I am unable to ping out. I am all right at programming, but still learning a lot when it comes to being a system administrator. I apologize in advance if I did something ridiculous, or am attempting to configure this device to do something it was not designed to do. It is almost like I am not correctly configuring the device to grab it's IP using PPPoA (like my Actiontec.) The output from "show running" (below) makes me think this too. Below are the commands I ran in order to configure this: # en # set nvram erase # write # reboot # en # set nat enable # set dhcp server enable # set PPP wan0-0 ipcp 0.0.0.0 # set ppp wan0-0 dns 0.0.0.0 # set PPP wan0-0 login xxxxx // My actual login # set PPP wan0-0 password yyyyy // My actual password # set PPP restart enabled # set int wan0-0 close # set int wan0-0 vpi 0 # set int wan0-0 vci 32 # set int wan0-0 open # write # reboot Here is the output from a few commands I thought could provide some useful information: cbos#ping 74.125.224.113 Sending 1 8 byte ping(s) to 74.125.224.113 every 2 second(s) Request timed out cbos#show version Cisco Broadband Operating System CBOS (tm) 678 Software (C678-I-M), Version v2.4.9 - Release Software Copyright (c) 1986-2001 by cisco Systems, Inc. Compiled Nov 17 2004 15:26:29 DMT FULL firmware version G96 NVRAM image at 0x1030f000 cbos#show errors - Current Error Messages - ## Ticks Module Level Message 0 000:00:00:00 PPP Info IPCP Open Event on wan0-0 1 000:00:00:14 ATM Info Wan0 Up 2 000:00:00:14 PPP Info PPP Up Event on wan0-0 3 000:00:01:54 PPP Info PPP Down Event on wan0-0 Total Number of Error Messages: 4 cbos#show interface wan0 wan0 ADSL Physical Port Line Trained Actual Configuration: Overhead Framing: 3 Trellis Coding: Enabled Standard Compliance: T1.413 Downstream Data Rate: 1184 Kbps Upstream Data Rate: 928 Kbps Interleave S Downstream: 4 Interleave D Downstream: 16 Interleave R Downstream: 16 Interleave S Upstream: 4 Interleave D Upstream: 8 Interleave R Upstream: 16 Modem Microcode: G96 DSP version: 0 Operating State: Showtime/Data Mode Configured: Echo Cancellation: Disabled Overhead Framing: 3 Coding Gain: Auto TX Power Attenuation: 0dB Trellis Coding: Enabled Bit Swapping: Disabled Standard Compliance: T1.413 Remote Standard Compliance: T1.413 Tx Start Bin: 0x6 Tx End Bin: 0x1f Data Interface: Utopia L1 Status: Local SNR Margin: 19.0dB Local Coding Gain: 7.5dB Local Transmit Power: 12.5dB Local Attenuation: 46.0dB Remote Attenuation: 31.0dB Local Counters: Interleaved RS Corrected Bytes: 0 Interleaved Symbols with CRC Errors: 2 No Cell Delineation Interleaved: 0 Out of Cell Delineation Interleaved: 0 Header Error Check Counter Interleaved: 0 Count of Severely Errored Frames: 0 Count of Loss of Signal Frames: 0 Remote Counters: Interleaved RS Corrected Bytes: 0 Interleaved Symbols with CRC Errors: 1 No Cell Delineation Interleaved: 0 Header Error Check Counter Interleaved: 0 Count of Severely Errored Frames: 0 Count of Loss of Signal Frames: 0 cbos#show int wan0-0 WAN0-0 ATM Logical Port PVC (VPI 0, VCI 32) is configured. ScalaRate set to Auto AAL 5 UBR Traffic IP Port Enabled cbos#show running Warning: traffic may pause while NVRAM is being accessed [[ CBOS = Section Start ]] NSOS MD5 Enable Password = XXXX NSOS MD5 Root Password = XXXX NSOS MD5 Commander Password = XXXX [[ PPP Device Driver = Section Start ]] PPP Port User Name = 00, "XXXX" PPP Port User Password = 00, XXXX PPP Port Option = 00, IPCP,IP Address,3,Auto,Negotiation Not Required,Negotiable ,IP,0.0.0.0 PPP Port Option = 00, IPCP,Primary DNS Server,129,Auto,Negotiation Not Required, Negotiable,IP,0.0.0.0 PPP Port Option = 00, IPCP,Secondary DNS Server,131,Auto,Negotiation Not Require d,Negotiable,IP,0.0.0.0 [[ ATM WAN Device Driver = Section Start ]] ATM WAN Virtual Connection Parms = 00, 0, 32, 0 [[ DHCP = Section Start ]] DHCP Server = enabled [[ IP Routing = Section Start ]] IP NAT = enabled [[ WEB = Section Start ]] WEB = enabled cbos# wtf...? Thank you all very much for taking the time to read this, and the help.

    Read the article

< Previous Page | 109 110 111 112 113 114 115 116 117 118 119 120  | Next Page >