Search Results

Search found 9696 results on 388 pages for 'proxy authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 117/388 | < Previous Page | 113 114 115 116 117 118 119 120 121 122 123 124  | Next Page >

  • How to scrape a _private_ google group?

    - by John
    Hi there, I'd like to scrape the discussion list of a private google group. It's a multi-page list and I might have to this later again so scripting sounds like the way to go. Since this is a private group, I need to login in my google account first. Unfortunately I can't manage to login using wget or ruby Net::HTTP. Surprisingly google groups is not accessible with the Client Login interface, so all the code samples are useless. My ruby script is embedded at the end of the post. The response to the authentication query is a 200-OK but no cookies in the response headers and the body contains the message "Your browser's cookie functionality is turned off. Please turn it on." I got the same output with wget. See the bash script at the end of this message. I don't know how to workaround this. am I missing something? Any idea? Thanks in advance. John Here is the ruby script: # a ruby script require 'net/https' http = Net::HTTP.new('www.google.com', 443) http.use_ssl = true path = '/accounts/ServiceLoginAuth' email='[email protected]' password='topsecret' # form inputs from the login page data = "Email=#{email}&Passwd=#{password}&dsh=7379491738180116079&GALX=irvvmW0Z-zI" headers = { 'Content-Type' => 'application/x-www-form-urlencoded', 'user-agent' => "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/533.2 (KHTML, like Gecko) Chrome/6.0"} # Post the request and print out the response to retrieve our authentication token resp, data = http.post(path, data, headers) puts resp resp.each {|h, v| puts h+'='+v} #warning: peer certificate won't be verified in this SSL session Here is the bash script: # A bash script for wget CMD="" CMD="$CMD --keep-session-cookies --save-cookies cookies.tmp" CMD="$CMD --no-check-certificate" CMD="$CMD --post-data='[email protected]&Passwd=topsecret&dsh=-8408553335275857936&GALX=irvvmW0Z-zI'" CMD="$CMD --user-agent='Mozilla'" CMD="$CMD https://www.google.com/accounts/ServiceLoginAuth" echo $CMD wget $CMD wget --load-cookies="cookies.tmp" http://groups.google.com/group/mygroup/topics?tsc=2

    Read the article

  • How to parse a raw HTTP response?

    - by Ed
    If I have a raw HTTP response as a string: HTTP/1.1 200 OK Date: Tue, 11 May 2010 07:28:30 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Server: gws X-XSS-Protection: 1; mode=block Connection: close <!doctype html><html>...</html> Is there an easy way I can parse it into an HttpListenerResponse object? Or at least some kind .NET object so I don't have to work with raw responses. What I'm doing currently is extracting the header key/value pairs and setting them on the HttpListenerResponse. But some headers can't be set, and then I have to cut out the body of the response and write it to the OutputStream. But the body could be gzipped, or it could be an image, which I can't get to work yet. And some responses contain random characters everywhere, which looks like an encoding problem. It's a lot of trouble. I'm getting a raw response because I'm using SOCKS to send an HTTP request. The program I'm working on is basically an HTTP proxy that can route requests through a SOCKS proxy, like Privoxy does.

    Read the article

  • How to authenticate a Windows Mobile client calling web services in a Web App

    - by cdonner
    I have a fairly complex business application written in ASP.NET that is deployed on a hosted server. The site uses Forms Authentication, and there are about a dozen different roles defined. Employees and customers are both users of the application. Now I have the requirement to develop a Windows Mobile client for the application that allows a very specialized set of tasks to be performed from a device, as opposed to a browser on a laptop. The client wants to increase productivity with this measure. Only employees will use this application. I feel that it would make sense to re-use the security infrastructure that is already in place. The client does not need offline capability. My thought is to deploy a set of web services to a folder of the existing site that only the new role "web service" has access to, and to use Forms Authentication (from a Windows Mobile 5/.Net 3.5 client). Can I do that, is that a good idea, and are there any code examples/references that you can point me to?

    Read the article

  • Reusing service proxies

    - by Hadi Eskandari
    I have a set of webservices that I connect to using Silverlight Client. I use proxies generated by "Add service reference" or SLSVCUTIL.exe tool to connect to this service. So far, I have only used one single service. Now I want to use another service on the same server. The problem is that, first service generated set of proxy classes for me, and second service will reuse the same set of classes (plus extra services/classes), e.g. CustomerService.SaveCustomer(Customer customer); OrderService.CheckCustomerLevel(Customer customer); The problem is when I add reference to the second service, I can not reuse the same namespace for the second one (VS error), and when I use a different namespace, the generated classes, although are essentially the same, reside in different namespace, hence different and I end up with two Customer classes in two different namespaces. Anyway around this? I just neeed to have two set of services, reusing the Customer class. I have already tried "reuse types in assembly / all assemblies" check mark when generating proxy classes, but it seems to have no effect. any help is greatly appreciated.

    Read the article

  • Why does Http Web Request and IWebProxy work at wierd times

    - by Mike Webb
    Another question about Web proxy. Here is my code: IWebProxy Proxya = System.Net.WebRequest.GetSystemWebProxy(); Proxya.Credentials = CredentialCache.DefaultNetworkCredentials; HttpWebRequest rqst = (HttpWebRequest)WebRequest.Create(targetServer); rqst.Proxy = Proxya; rqst.Timeout = 5000; try { rqst.GetResponse(); } catch(WebException wex) { connectErrMsg = wex.Message; proxyworks = false; } This code fails the first time it is called. After that on successive calls it works sometimes, but not others. It also never hits the catch block. Now the weird part. If I add a MessageBox.Show(msg) call in the first section of code before the GetResponse() call this all will work every time. Here is an example: try { // ========Here is where I make the call and get the response======== System.Windows.Forms.MessageBox.Show("Getting Response"); // ========This makes the whole thing work every time======== rqst.GetResponse(); } catch(WebException wex) { connectErrMsg = wex.Message; proxyworks = false; } I'm baffled about why it is behaving this way. I don't know if the timeout is not working (it's in milliseconds, not seconds, so should timeout after 5 seconds, right?...) or what is going on. The most confusing this is that the message box call makes it all work. So any help and suggestions on what is happening is appreciated. These are the kind of bugs that drive me absolutely out of my mind.

    Read the article

  • Adapting Machine Learning Algorithms to my Problem

    - by Berkay
    i'm working on a project and need your ideas, advices. First of all, let me tell my problem. There is power button and some other keys of a machine and there is only one user has authentication to use this machine.There are no other authentication methods, the machine is in public area in a company. the machine is working with the combination of pressing power button and some other keys. The order of pressing keys is secret but we don't trust it, anybody can learn the password and can access the machine. i have the capability of managing the key hold time and also some other metrics to measure the time differences between the key such as horizantal or vertical key press times (differences). and also i can measure the hold time etc. These all means i have some inputs, Now i'm trying to get a user profile by analysing these inputs. My idea is to get the authenticated user to press the password n times and create a threshold or something similar to that. This method also can be said BIOMETRICS, anyone else who knows the machine button combination, can try the password but if he is out of this range can not get access it. How can i adapt these into my algorithms? where should i start ? i don't want to delve deep into machine learning, and also i can see the in my first try i can get false positive and false negative values really high, but i can manage it by changing my inputs. thanks.

    Read the article

  • python-social-auth AuthCanceled exception

    - by vero4ka
    I'm using python-social-auth in my Django application for authentication via Facebook. But when a user tries to login and when it's been refirected to Facebook app page clicks on "Cancel" button, appears the following exception: ERROR 2014-01-03 15:32:15,308 base :: Internal Server Error: /complete/facebook/ Traceback (most recent call last): File "/home/vera/virtualenv/myapp/local/lib/python2.7/site-packages/django/core/handlers/base.py", line 114, in get_response response = wrapped_callback(request, *callback_args, **callback_kwargs) File "/home/vera/virtualenv/myapp/local/lib/python2.7/site-packages/django/views/decorators/csrf.py", line 57, in wrapped_view return view_func(*args, **kwargs) File "/home/vera/virtualenv/myapp/local/lib/python2.7/site-packages/social/apps/django_app/utils.py", line 45, in wrapper return func(request, backend, *args, **kwargs) File "/home/vera/virtualenv/myapp/local/lib/python2.7/site-packages/social/apps/django_app/views.py", line 21, in complete redirect_name=REDIRECT_FIELD_NAME, *args, **kwargs) File "/home/vera/virtualenv/myapp/local/lib/python2.7/site-packages/social/actions.py", line 54, in do_complete *args, **kwargs) File "/home/vera/virtualenv/myapp/local/lib/python2.7/site-packages/social/strategies/base.py", line 62, in complete return self.backend.auth_complete(*args, **kwargs) File "/home/vera/virtualenv/myapp/local/lib/python2.7/site-packages/social/backends/facebook.py", line 63, in auth_complete self.process_error(self.data) File "/home/vera/virtualenv/myapp/local/lib/python2.7/site-packages/social/backends/facebook.py", line 56, in process_error super(FacebookOAuth2, self).process_error(data) File "/home/vera/virtualenv/myapp/local/lib/python2.7/site-packages/social/backends/oauth.py", line 312, in process_error raise AuthCanceled(self, data.get('error_description', '')) AuthCanceled: Authentication process canceled Is the any way to catch it Django?

    Read the article

  • Unable to create website error (NEW)

    - by salvationishere
    I copied my ClickOnce deployment to my C:/Inetpub/ folder on my webserver and I deleted my Virtual directory. I deleted the WpfApplication1 folder beneath wwwroot in Win Explorer. Then I turned on Web Sharing for this folder. Then I viewed my IIS Manager and this new Share name appeared under wwwroot. So now under Inetpub folder on my web server I have the following directory path: C:\Inetpub\WpfApplication1\ with contents: Application Files publish.htm setup.exe WpfApplication1.application Next, I remapped both the publishing and installation URL's for the project to http://myserver/WpfApplication1/ And I clicked Publish Now. But after I performed a Publish Now operation, I got the following error on my development server (D610-M): Error 1 Failed to connect to 'http://myserver/WpfApplication1/' with the following error: Unable to create the Web site 'http://myserver/WpfApplication1/'. The Web server does not appear to have any authentication methods enabled. It asked for user authentication, but did not send a WWW-Authenticate header. 1 1 WpfApplication1 On my webserver, when I click Browse from the IIS Manager on the WpfApplication1 directory, it shows me the Install page. But after I click the Browse button, it returns an error which says: The remote name could not be resolved: 'd610-m' (D610-M is the name of my development server). How do I fix this?

    Read the article

  • DRY Authenticated Tasks in Cocoa (with distributed objects)

    - by arbales
    I'm kind of surprise/infuriated that the only way for me to run an authenticated task, like perhaps sudo gem install shi*t, is to make a tool with pre-written code. I'm writing a MacRuby application, which doesn't seem to expose the KAuthorization* constants/methods. So.. I learned Cocoa and Objective-C. My application creates a object, serves it and calls the a tool that elevates itself and then performs a selector on a distributed object (in the tool's thread). I hoped that the distributed object's methods would evaluated inside the tool, so I could use delegation to create "privileged" tasks. If this won't work, don't try to save it, I just want a DRY/cocoa solution. AuthHelper.m //AuthorizationExecuteWithPrivileges of this. AuthResponder* my_responder = [AuthResponder sharedResponder]; // Gets the proxy object (and it's delegate) NSString *selector = [NSString stringWithUTF8String:argv[3]]; NSLog(@"Performing selector: %@", selector); setuid(0); if ([[my_responder delegate] respondsToSelector:NSSelectorFromString(selector)]){ [[my_responder delegate] performSelectorOnMainThread:NSSelectorFromString(selector) withObject:nil waitUntilDone:YES]; } RandomController.m - (void)awakeFromNib { helperToolPath = [[[NSBundle mainBundle] resourcePath] stringByAppendingString:@"/AuthHelper"]; delegatePath = [[[NSBundle mainBundle] resourcePath] stringByAppendingString:@"/ABExtensions.rb"]; AuthResponder* my_responder = [AuthResponder initAsService]; [my_responder setDelegate:self]; } -(oneway void)install_gems{ NSArray *args = [NSArray arrayWithObjects: @"gem", @"install", @"sinatra", nil]; [NSTask launchedTaskWithLaunchPath:@"/usr/bin/sudo" arguments:args]; NSLog(@"Ran AuthResponder.delegate.install_gems"); // This prints. } ... other privileges tasks. "sudo gem update --system" for one. I'm guessing the proxy object is performing the selector in it's own thread, but I want the current (privileged thread) to do it so I can use sudo. Can I force the distributed object to evaluate the selector on the tool's thread? How else can I accomplish this dryly/cocoaly?

    Read the article

  • SharePoint 2010 / ASP.Net Integration - Looking for advice

    - by jpennal
    I have been Googling a problem that I have with trying to integrate the web application that I am working on with SharePoint 2010. The web application is a wiki style tool that allows users to log in via forms authentication or WIA against Active Directory and create content for themselves and others. What we would like to do is to allow a user have a page with the content they have created in our web application mixed in with content that they have living on the SharePoint server. For example, they may want to see a list of documents that they have on the SharePoint server mixed in with some of their content. To accomplish this, we would like to take the credentials the user has logged into our web application with (for example MYDOMAIN\jsmith) and be able to query SharePoint for the documents of that same user (MYDOMAIN\jsmith) WITHOUT the user being prompted to re-enter their credentials to access the SharePoint server (we are trying to avoid the double-hop problem) We have come up with some options for how we want to do this, but we are unsure of what the best approach is. For example, we could - Have a global user, shared by all users to get information we need from SharePoint. The downside is that we cannot filter SharePoint content to a particular user - We could store the users credentials when they log in, but that would only work for users authenticating via forms auth and would be a security issue that some users/clients would not like - Writing a SharePoint extension using WCF to allow us to access the information we need, however we'd still have the issue of figuring out how to impersonate the user we want. Neither of these options are ideal and in our investigation we came across the Claims Authentication/STS option which seems like it is trying to solve the problem we are having. So my question is, based on what I have written, is Claims/STS the best approach for us? We have not been able to find much direction on how to use this method to call into SharePoint from a Web Application and pass along the existing credentials. Does anyone have any experience with any of these issues?

    Read the article

  • Enable cross app redirects

    - by Gogster
    Hi all, We have load balancing set up on out two web server, however, a few users are being asked to login when they are being re-directed to a particular server to upload a document (we are trying to keep all uploaded documents on one server only), here is the code from web.config: <authentication mode="Forms"> <forms name="EAAAuthCookie" loginUrl="/login" defaultUrl="/members/home" protection="All" path="/" timeout="60000" slidingExpiration="true" enableCrossAppRedirects="true" /> </authentication> <machineKey decryption="AES" validation="SHA1" decryptionKey="7B4EC5B0C83631DF25D5B179EDDBF91B1C175B81C6F52102267D3D097FBF272A" validationKey="7D1F50788629CC342EE4985D85DE3D14F10654695912C0FFD439F54BED64F76A57A2D5E8180BC6FF052E0385C30558F5527D6C197C577A7F32DD8FF1CAC9F794" /> Here is the transfer code to the upload form: $('#addReport').click(function() { if ($.cookie('TransferURL') != '') { $("#iframeUploadReport").attr('src', $.cookie('TransferURL')); }; $('#overlay').fadeIn('slow'); }); <script type="text/C#" runat="server"> void Page_Load() { string cookieName = FormsAuthentication.FormsCookieName; string userName = Request.Cookies["HiddenUsername"].ToString(); string cookieValue = FormsAuthentication.GetAuthCookie(userName, false).Value; Response.Cookies["TransferURL"].Value = "http://eaa.cms.necinteractive.net/members/media-upload" + String.Format("?{0}={1}", cookieName, cookieValue); } </script> <iframe id="iframeUploadReport" src="http://eaa.cms.necinteractive.net/members/media-upload" width="500px" height="336px" frameborder="0" scrolling="no"></iframe> Can you see any obvious step we are missing? Thanks

    Read the article

  • Can per-user randomized salts be replaced with iterative hashing?

    - by Chas Emerick
    In the process of building what I'd like to hope is a properly-architected authentication mechanism, I've come across a lot of materials that specify that: user passwords must be salted the salt used should be sufficiently random and generated per-user ...therefore, the salt must be stored with the user record in order to support verification of the user password I wholeheartedly agree with the first and second points, but it seems like there's an easy workaround for the latter. Instead of doing the equivalent of (pseudocode here): salt = random(); hashedPassword = hash(salt . password); storeUserRecord(username, hashedPassword, salt); Why not use the hash of the username as the salt? This yields a domain of salts that is well-distributed, (roughly) random, and each individual salt is as complex as your salt function provides for. Even better, you don't have to store the salt in the database -- just regenerate it at authentication-time. More pseudocode: salt = hash(username); hashedPassword = hash(salt . password); storeUserRecord(username, hashedPassword); (Of course, hash in the examples above should be something reasonable, like SHA-512, or some other strong hash.) This seems reasonable to me given what (little) I know of crypto, but the fact that it's a simplification over widely-recommended practice makes me wonder whether there's some obvious reason I've gone astray that I'm not aware of.

    Read the article

  • Rails user authorization

    - by Zachary
    I am currently building a Rails app, and trying to figure out the best way to authenticate that a user owns whatever data object they are trying to edit. I already have an authentication system in place (restful-authentication), and I'm using a simple before_filter to make sure a user is logged in before they can reach certain areas of the website. However, I'm not sure the best way to handle a user trying to edit a specific piece of data - for example lets say users on my site can own Books, and they can edit the properties of the book (title, author, pages, etc), but they should only be able to do this for Books that -they- own. In my 'edit' method on the books controller I would have a find that only retrieved books owned by the current_user. However, if another user knew the id of the book, they could type in http://website.com/book/7/edit , and the controller would verify that they are logged in, then show the edit page for that book (seems to bypass the controller). What is the best way to handle this? Is it more of a Rails convention routing issue that I don't understand (being able to go straight to the edit page), or should I be adding in a before_find, before_save, before_update, etc callbacks to my model?

    Read the article

  • How is unautenticated site navigation handled in ASP.NET?

    - by Code Sherpa
    Hi. I am wondering how to do the following... I have a registration system. When the user successfully registers, he is then led down a series of data gathering pages (for his profile) and then, finally, ends on his profile's home page where he can start to use the site. All this happens without ever logging into the system so, he is unauthenticated and unconfirmed. My question is, how does this happen? How can I allow my user to be unauthenticated (and unconfirmed, but this I understand) and use all aspects of the Web site? The way I have things set up right now, my code should be doing this: case CreateProfileStatus.Success: //FormsAuthentication.SetAuthCookie(userName, false); Response.Redirect("NextPage.aspx", false); break; but, I am being redirected to the login page after registration which is not the result I want. This is what the relevant nodes in my web.config look like: <authentication mode="Forms"> <forms name=".AuthCookie" loginUrl="default.aspx" protection="All"/> </authentication> <authorization> <deny users="?"/> <allow roles="Administrators" /> </authorization> <anonymousIdentification enabled="true" cookieName=".ASPXANONYMOUS" cookieTimeout="100000" cookiePath="/" cookieRequireSSL="false" cookieSlidingExpiration="true" cookieProtection="Encryption" cookieless="UseCookies" domain="" /> When the user logs out after the registration and initial interaction with the site he will be required to log in upon return. At this point he must be authenticated but does not need to be confirmed for a period of time. Eventually, he will be reminded. So, how is this done? Thanks in advance.

    Read the article

  • C# connect to domain SQL Server 2005 from non-domain machine

    - by user304582
    Hi, I asked a question a few days ago (http://stackoverflow.com/questions/2795723/access-to-sql-server-2005-from-a-non-domain-machine-using-windows-authentication) which got some interesting, but not usable suggestions. I'd like to ask the question again, but make clear what my constraints are: I have a Windows domain within which a machine is running SQL Server 2005 and which is configured to support only Windows authentication. I would like to run a C# client application on a machine on the same network, but which is NOT on the domain, and access a database on the SQL Server 2005 instance. I CANNOT create or modify OS or SQL Server users on either machine, and I CANNOT make any changes to permissions or impersonation, and I CANNOT make use of runas. I know that I can write Perl and Java applications that can connect to the SQL Server database using only these four parameters: server name, database name, username (in the form domain\user), and password. In C# I have tried various things around: string connectionString = "Data Source=server;Initial Catalog=database;User Id=domain\user;Password=password"; SqlConnection connection = new SqlConnection(connectionString); connection.Open(); and tried setting integrated security to true and false, but nothing seems to work. Is what I am trying to do simply impossible in C#? Thanks for any help, Martin

    Read the article

  • IIS Restrict Access to Directory for table of users

    - by Dave
    I am trying to restrict access to files in a directory and it's sub directories based user rights. My user rights are stored in an MS SQL database in a custom format, however it is easy to query the list of users with rights to this directory. I need to know how to apply this to a web config on the server to authenticate against a query of a database table to determine if the username is authenticated and allowed to view the file. Of course if they are not they should be blocked / given a 404. I am using IIS and ASP.Net MVC3 with a form based security as opposed to the built in roles and responsibilities that was custom made for us and that works great. There are over 10k users tied to this non-Active Directory authentication so I am not planning to change my authentication type so please don't go there. It is not my decision on the choice of platform, or I would have gone with a LAMP server and been done with this. Edit 11-13-2012 @ 8:57a: In the web config can you put the result of an SQL query?

    Read the article

  • How to check whether user is login in web application?

    - by Morgan Cheng
    I want to learn the whole details of web application authentication. So, I decided to write a CodeIgniter authentication library from scratch. Now, I have to make design decision about how to determine whether one user is login. Basically, after user input username & password pair. A cookie is set for this session, following navigations in the web application will not require username & password. The server side will check whether the session cookie is valid to determine whether current user is login. The question is: how to determine whether cookie is valid cookie issued from server side? I can image the most simple way is to have the cookie value stored in session status as well. For each HTTP request, compare the value from cookie and the value from server session. (Since CodeIgniter session library store session variables in cookies, it is not applicable without some tweak.) This method requires storage in server side. For huge web application that is deployed in multiple datacenters. It is possible that user input username & password when browsing in one datacenter, while he/she access the web application in another datacenter later. The expected behavior is that user just input username & password once. As a result, all datacenters should be able to access the session status. That is possible not applicable even the session status is stored in external storage such as database. I tried Google. I login Google with Asian proxy which is supposed to direct me to datacenters in Asian. Then I switch to North American proxy which should direct me to datacenters in North America. It recognize my login without asking username and password again. So, is there any way to determine whether user is login without server side session status?

    Read the article

  • Is encrypting session id (or other authenticate value) in cookie useful at all?

    - by Ji
    In web development, when session state is enabled, a session id is stored in cookie(in cookieless mode, query string will be used instead). In asp.net, the session id is encrypted automatically. There are plenty of topics on the internet regarding how you should encrypt your cookie, including session id. I can understand why you want to encrypt private info such as DOB, but any private info should not be stored in cookie at first place. So for other cookie values such as session id, what is the purpose encryption? Does it add security at all? no matter how you secure it, it will be sent back to server for decryption. Be be more specific, For authentication purpose, turn off session, i don't want to deal with session time out any more store some sort of id value in the cookie, on the server side, check if the id value exists and matches, if it is, authenticate user. let the cookie value expire when browser session is ended, this way. vs Asp.net form authentication mechanism (it relies on session or session id, i think) does latter one offer better security?

    Read the article

  • How can I add SOAP Headers to a WSDL generated Borland C++ Builder 6 application.

    - by MJG
    Using a WSDL that requires a SOAP HEADER for Authentication (fragment below) code that gets generated when creating a web service client via the "WSDL Importer" has no concept of the Authentication Headers and there are no examples in BCB6 C++ Examples/WebServices directories that show how, and nothing on Web that I can find. Anyone with BCB6 C++ (not Delphi) have an example of adding SOAP Headers to a TRemotable subclass? <s:element name="AuthenticationHeader" type="tns:AuthenticationHeader"/> <s:complexType name="AuthenticationHeader"> <s:complexContent mixed="false"> <s:extension base="tns:UserAuthHeader"> <s:sequence> <s:element minOccurs="0" maxOccurs="1" name="Function" type="s:string"/> <s:element minOccurs="1" maxOccurs="1" name="TimeOutMilliSec" type="s:int"/> </s:sequence> </s:extension> </s:complexContent> </s:complexType> <s:complexType name="UserAuthHeader"> <s:sequence> <s:element minOccurs="0" maxOccurs="1" name="Username" type="s:string"/> <s:element minOccurs="0" maxOccurs="1" name="Password" type="s:string"/> </s:sequence> <s:anyAttribute/> </s:complexType>

    Read the article

  • Forwarding HTTP Request with Direct Server Return

    - by Daniel Crabtree
    I have servers spread across several data centers, each storing different files. I want users to be able to access the files on all servers through a single domain and have the individual servers return the files directly to the users. The following shows a simple example: 1) The user's browser requests http://www.example.com/files/file1.zip 2) Request goes to server A, based on the DNS A record for example.com. 3) Server A analyzes the request and works out that /files/file1.zip is stored on server B. 4) Server A forwards the request to server B. 5) Server B returns file1.zip directly to the user without going through server A. Note: steps 4 and 5 must be transparent to the user and cannot involve sending a redirect to the user as that would violate the requirement of a single domain. From my research, what I want to achieve is called "Direct Server Return" and it is a common setup for load balancing. It is also sometimes called a half reverse proxy. For step 4, it sounds like I need to do MAC Address Translation and then pass the request back onto the network and for servers outside the network of server A tunneling will be required. For step 5, I simply need to configure server B, as per the real servers in a load balancing setup. Namely, server B should have server A's IP address on the loopback interface and it should not answer any ARP requests for that IP address. My problem is how to actually achieve step 4? I have found plenty of hardware and software that can do this for simple load balancing at layer 4, but these solutions fall short and cannot handle the kind of custom routing I require. It seems like I will need to roll my own solution. Ideally, I would like to do the routing / forwarding at the web server level, i.e. in PHP or C# / ASP.net. However, I am open to doing it at a lower level such as Apache or IIS, or at an even lower level, i.e. a custom proxy service in front of everything.

    Read the article

  • Integrated Security on Reporting Services XML Datasource

    - by Nathan
    Hey all, I am working on setting up my report server to use a web service as an XML datasource. I seem to be having authentication issues between the web service and the report with I choose to use Integrated security. Here's what I have: 1) I have a website w/ an exposed service. This website is configured to run ONLY on Integrated Security. This means that we have all other modes turned off AND Enabled anonymous access turned off under directory security. 2) Within the Web.config of the website, I have the authentication mode set to Windows. 3) I have the report datasource set to being an XML data source. I have the correct URL to the service and have it set to Windows Integrated Security. Since I am making a hop from the Browser to the Reporting Server to the Web Service, I wonder if I am having an issue w/ Kerberos, but I am not sure. When I try to access the service, I get a 401 error. Here are the IIS logs that I am generating: 2011-01-07 14:52:12 W3SVC IP_ADDY POST /URL.asmx - 80 - IP_ADDY - 401 1 0 2011-01-07 14:52:12 W3SVC IP_ADDY POST /URL.asmx - 80 - IP_ADDY - 401 1 5 Has anyone worked out this issue before? Thanks!

    Read the article

  • I cannot seem to load an XML document using ASP (Classic), IIS6. Details inside.

    - by carny666
    So I am writing a web application for use within my organization. The application requires that it know who the current user is. This is done by calling the Request.ServerVariables("AUTH_USER") function, which works great as long as 'Anonymous Access' is disabled (unchecked) and 'Integrated Windows Authentication' is enabled (checked) within IIS for this subweb. Unfortunately by doing this I get an 'Access Denied' error when I hit the load method of the XML DOM. Example code: dim urlToXmlFile urlToXmlFile = "http://currentwebserver/currentsubweb/nameofxml.xml" dim xmlDom set xmlDom = Server.CreateObject("MSXML2.DOMDocument") xmlDom.async = false xmlDom.load( urlToXmlFile ) ' <-- this is where I get the error! I've looked everywhere and cannot find a solution. I should be able to load an XML file into the DOM regardless of the authentication method. Any help would be appreciated. So far the only two solutions I can come up with are: a) create a new subweb that JUST gets the current user name and somehow passes it back to my XML reading subweb. b) open up security on the entire system to 'Everyone', which works but our IS department wouldn't care for that.

    Read the article

  • Getting authentication token after a HttpSendRequest

    - by Jessica
    The following code will log in my application to a server. That server will return an authentication token if the login is successful. I need to use that token to query the server for information. egressMsg := pchar('email='+LabeledEdit1.text+'&&password='+MaskEdit1.Text+#0); egressMsg64 := pchar(Encode64(egressMsg)); Reserved := 0; // open connection hInternetConn := InternetOpen('MyApp', INTERNET_OPEN_TYPE_PRECONFIG, NIL, NIL, 0); if hInternetConn = NIL then begin ShowMessage('Error opening internet connection'); exit; end; // connect hHttpSession := InternetConnect(hInternetConn, 'myserver.com', INTERNET_DEFAULT_HTTP_PORT, '', '', INTERNET_SERVICE_HTTP, 0, 0); if hHttpSession = NIL then begin ShowMessage('Error connecting'); exit; end; // send request hHttpRequest := HttpOpenRequest(hHttpSession, 'POST', '/myapp/login', NIL, NIL, NIL, 0, 0); if hHttpRequest = NIL then begin ShowMessage('Error opening request'); exit; end; label2.caption := egressMsg64 + ' '+inttostr(length(egressMsg64)); res := HttpSendRequest(hHttpRequest, Nil, DWORD(-1), egressMsg64, length(egressMsg64)); if not res then begin ShowMessage('Error sending request ' + inttostr(GetLastError)); exit; end; BufferSize := Length(infoBuffer); res := HttpQueryInfo(hHttpRequest, HTTP_QUERY_STATUS_CODE, @infoBuffer, BufferSize, Reserved); if not res then begin ShowMessage('Error querrying request ' + inttostr(GetLastError)); exit; end; reply := infoBuffer; Memo1.Lines.Add(reply); if reply <> '200' then begin //error here end; // how to I get the token here!!!! InternetCloseHandle(hHttpRequest); InternetCloseHandle(hHttpSession); InternetCloseHandle(hInternetConn); How do I get that token? I tried querying the cookie, I tried InternetGetCookie() and a lot more. Code is appreciated Thanks jess EDIT I found that if you use InternetReadFile you can get that token. However that token comes out as an array of bytes. It's hard to use it later to send it to the server... anyone knows how to convert an array of bytes to pchar or string?

    Read the article

  • Squid proxy not serving modified html content

    - by Matthew
    I'm trying to use squid to modify the page content of web page requests. I followed the upside-down-ternet tutorial which showed instructions for how to flip images on pages. I need to change the actual html of the page. I've been trying to do the same thing as in the tutorial, but instead of editing the image I'm trying to edit the html page. Below is a php script I'm using to try to do it. All jpg images get flipped, but the content on the page does not get edited. The edited index.html files written contain the edited content, but the pages the users receive don't contain the edited content. #!/usr/bin/php <?php $temp = array(); while ( $input = fgets(STDIN) ) { $micro_time = microtime(); // Split the output (space delimited) from squid into an array. $temp = split(' ', $input); //Flip jpg images, this works correctly if (preg_match("/.*\.jpg/i", $temp[0])) { system("/usr/bin/wget -q -O /var/www/cache/$micro_time.jpg ". $temp[0]); system("/usr/bin/mogrify -flip /var/www/cache/$micro_time.jpg"); echo "http://127.0.0.1/cache/$micro_time.jpg\n"; } //Don't edit files that are obviously not html. $temp[0] contains url of file to get elseif (preg_match("/(jpg|png|gif|css|js|\(|\))/i", $temp[0], $matches)) { echo $input; } //Otherwise, could be html (e.g. `wget http://www.google.com` downloads index.html) else{ $time = time() . microtime(); //For unique directory names $time = preg_replace("/ /", "", $time); //Simplify things by removing the spaces mkdir("/var/www/cache/". $time); //Create unique folder system("/usr/bin/wget -q --directory-prefix=\"/var/www/cache/$time/\" ". $temp[0]); $filename = system("ls /var/www/cache/$time/"); //Get filename of downloaded file //File is html, edit the content (this does not work) if(preg_match("/.*\.html/", $filename)){ //Get the html file contents $contentfh = fopen("/var/www/cache/$time/". $filename, 'r'); $content = fread($contentfh, filesize("/var/www/cache/$time/". $filename)); fclose($contentfh); //Edit the html file contents $content = preg_replace("/<\/body>/i", "<!-- content served by proxy --></body>", $content); //Write the edited file $contentfh = fopen("/var/www/cache/$time/". $filename, 'w'); fwrite($contentfh, $content); fclose($contentfh); //Return the edited page echo "http://127.0.0.1/cache/$time/$filename\n"; } //Otherwise file is not html, don't edit else{ echo $input; } } } ?>

    Read the article

  • Gwt-gdata authentication

    - by Raffo
    Hi guys, I'm writing an application with GWT and I found on the internet that there's a library to use easily gdata features. In particular I need to use the integration with Google Calendar. I followed the official guide on gwt-gdata site to do the authentication ( http://code.google.com/p/gwt-gdata/wiki/GettingStarted ) but unfortunately, I got an error. This is the error: 17:59:12.463 [ERROR] [testmappa] Unable to load module entry point class testMappa.client.TestMappa (see associated exception for details) com.google.gwt.core.client.JavaScriptException: (TypeError): $wnd.google.accounts is undefined fileName: http://127.0.0.1:8888 lineNumber: 29 stack: ("http://www.google.com/calendar/feeds/")@http://127.0.0.1:8888:29 connect("http://127.0.0.1:8888/TestMappa.html?gwt.codesvr=127.0.0.1:9997","`gL1<a3s4B&Y{(Ci","127.0.0.1:9997","testmappa","2.0")@:0 ((void 0),"testmappa","http://127.0.0.1:8888/testmappa/")@http://127.0.0.1:8888/testmappa/hosted.html?testmappa:264 z()@http://127.0.0.1:8888/testmappa/testmappa.nocache.js:2 (-2)@http://127.0.0.1:8888/testmappa/testmappa.nocache.js:8 at com.google.gwt.dev.shell.BrowserChannelServer.invokeJavascript(BrowserChannelServer.java:195) at com.google.gwt.dev.shell.ModuleSpaceOOPHM.doInvoke(ModuleSpaceOOPHM.java:120) at com.google.gwt.dev.shell.ModuleSpace.invokeNative(ModuleSpace.java:507) at com.google.gwt.dev.shell.ModuleSpace.invokeNativeObject(ModuleSpace.java:264) at com.google.gwt.dev.shell.JavaScriptHost.invokeNativeObject(JavaScriptHost.java:91) at com.google.gwt.accounts.client.User.login(User.java) at testMappa.client.TestMappa.onModuleLoad(TestMappa.java:68) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at com.google.gwt.dev.shell.ModuleSpace.onLoad(ModuleSpace.java:369) at com.google.gwt.dev.shell.OophmSessionHandler.loadModule(OophmSessionHandler.java:185) at com.google.gwt.dev.shell.BrowserChannelServer.processConnection(BrowserChannelServer.java:380) at com.google.gwt.dev.shell.BrowserChannelServer.run(BrowserChannelServer.java:222) at java.lang.Thread.run(Thread.java:637) I'm not able to understand the reason of this error. My code is simply: String scope = "http://www.google.com/calendar/feeds/"; User.login(scope); And as far as I know it should work as it is. I don't know what to do and I'm here to ask how to solve this problem and if I can directly use gdata native java library, but I believe this other thing is not possible to be done for client-side gwt code (since the code is going to be converted to javascript). Thank you.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 113 114 115 116 117 118 119 120 121 122 123 124  | Next Page >