Search Results

Search found 3452 results on 139 pages for 'zend auth'.

Page 121/139 | < Previous Page | 117 118 119 120 121 122 123 124 125 126 127 128 | Next Page >

IPsec tunnel to Android device not created even though there is an IKE SA

- by Quentin Swain

I'm trying to configure a VPN tunnel between an Android device running 4.1 and a Fedora 17 Linux box running strongSwan 5.0. The device reports that it is connected and strongSwan statusall returns that there is an IKE SA, but doesn't display a tunnel. I used the instructions for iOS in the wiki to generate certificates and configure strongSwan. Since Android uses a modified version of racoon this should work and since the connection is partly established I think I am on the right track. I don't see any errors about not being able to create the tunnel. This is the configuration for the strongSwan connection conn android2 keyexchange=ikev1 authby=xauthrsasig xauth=server left=96.244.142.28 leftsubnet=0.0.0.0/0 leftfirewall=yes leftcert=serverCert.pem right=%any rightsubnet=10.0.0.0/24 rightsourceip=10.0.0.2 rightcert=clientCert.pem ike=aes256-sha1-modp1024 auto=add This is the output of strongswan statusall Status of IKE charon daemon (strongSwan 5.0.0, Linux 3.3.4-5.fc17.x86_64, x86_64): uptime: 20 minutes, since Oct 31 10:27:31 2012 malloc: sbrk 270336, mmap 0, used 198144, free 72192 worker threads: 8 of 16 idle, 7/1/0/0 working, job queue: 0/0/0/0, scheduled: 7 loaded plugins: charon aes des sha1 sha2 md5 random nonce x509 revocation constraints pubkey pkcs1 pkcs8 pgp dnskey pem openssl fips-prf gmp xcbc cmac hmac attr kernel-netlink resolve socket-default stroke updown xauth-generic Virtual IP pools (size/online/offline): android-hybrid: 1/0/0 android2: 1/1/0 Listening IP addresses: 96.244.142.28 Connections: android-hybrid: %any...%any IKEv1 android-hybrid: local: [C=CH, O=strongSwan, CN=vpn.strongswan.org] uses public key authentication android-hybrid: cert: "C=CH, O=strongSwan, CN=vpn.strongswan.org" android-hybrid: remote: [%any] uses XAuth authentication: any android-hybrid: child: dynamic === dynamic TUNNEL android2: 96.244.142.28...%any IKEv1 android2: local: [C=CH, O=strongSwan, CN=vpn.strongswan.org] uses public key authentication android2: cert: "C=CH, O=strongSwan, CN=vpn.strongswan.org" android2: remote: [C=CH, O=strongSwan, CN=client] uses public key authentication android2: cert: "C=CH, O=strongSwan, CN=client" android2: remote: [%any] uses XAuth authentication: any android2: child: 0.0.0.0/0 === 10.0.0.0/24 TUNNEL Security Associations (1 up, 0 connecting): android2[3]: ESTABLISHED 10 seconds ago, 96.244.142.28[C=CH, O=strongSwan, CN=vpn.strongswan.org]...208.54.35.241[C=CH, O=strongSwan, CN=client] android2[3]: Remote XAuth identity: android android2[3]: IKEv1 SPIs: 4151e371ad46b20d_i 59a56390d74792d2_r*, public key reauthentication in 56 minutes android2[3]: IKE proposal: AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024 The output of ip -s xfrm policy src ::/0 dst ::/0 uid 0 socket in action allow index 3851 priority 0 ptype main share any flag (0x00000000) lifetime config: limit: soft 0(bytes), hard 0(bytes) limit: soft 0(packets), hard 0(packets) expire add: soft 0(sec), hard 0(sec) expire use: soft 0(sec), hard 0(sec) lifetime current: 0(bytes), 0(packets) add 2012-10-31 13:29:08 use - src ::/0 dst ::/0 uid 0 socket out action allow index 3844 priority 0 ptype main share any flag (0x00000000) lifetime config: limit: soft 0(bytes), hard 0(bytes) limit: soft 0(packets), hard 0(packets) expire add: soft 0(sec), hard 0(sec) expire use: soft 0(sec), hard 0(sec) lifetime current: 0(bytes), 0(packets) add 2012-10-31 13:29:08 use - src ::/0 dst ::/0 uid 0 socket in action allow index 3835 priority 0 ptype main share any flag (0x00000000) lifetime config: limit: soft 0(bytes), hard 0(bytes) limit: soft 0(packets), hard 0(packets) expire add: soft 0(sec), hard 0(sec) expire use: soft 0(sec), hard 0(sec) lifetime current: 0(bytes), 0(packets) add 2012-10-31 13:29:08 use - src ::/0 dst ::/0 uid 0 socket out action allow index 3828 priority 0 ptype main share any flag (0x00000000) lifetime config: limit: soft 0(bytes), hard 0(bytes) limit: soft 0(packets), hard 0(packets) expire add: soft 0(sec), hard 0(sec) expire use: soft 0(sec), hard 0(sec) lifetime current: 0(bytes), 0(packets) add 2012-10-31 13:29:08 use - src 0.0.0.0/0 dst 0.0.0.0/0 uid 0 socket in action allow index 3819 priority 0 ptype main share any flag (0x00000000) lifetime config: limit: soft 0(bytes), hard 0(bytes) limit: soft 0(packets), hard 0(packets) expire add: soft 0(sec), hard 0(sec) expire use: soft 0(sec), hard 0(sec) lifetime current: 0(bytes), 0(packets) add 2012-10-31 13:29:08 use 2012-10-31 13:29:39 src 0.0.0.0/0 dst 0.0.0.0/0 uid 0 socket out action allow index 3812 priority 0 ptype main share any flag (0x00000000) lifetime config: limit: soft 0(bytes), hard 0(bytes) limit: soft 0(packets), hard 0(packets) expire add: soft 0(sec), hard 0(sec) expire use: soft 0(sec), hard 0(sec) lifetime current: 0(bytes), 0(packets) add 2012-10-31 13:29:08 use 2012-10-31 13:29:22 src 0.0.0.0/0 dst 0.0.0.0/0 uid 0 socket in action allow index 3803 priority 0 ptype main share any flag (0x00000000) lifetime config: limit: soft 0(bytes), hard 0(bytes) limit: soft 0(packets), hard 0(packets) expire add: soft 0(sec), hard 0(sec) expire use: soft 0(sec), hard 0(sec) lifetime current: 0(bytes), 0(packets) add 2012-10-31 13:29:08 use 2012-10-31 13:29:20 src 0.0.0.0/0 dst 0.0.0.0/0 uid 0 socket out action allow index 3796 priority 0 ptype main share any flag (0x00000000) lifetime config: limit: soft 0(bytes), hard 0(bytes) limit: soft 0(packets), hard 0(packets) expire add: soft 0(sec), hard 0(sec) expire use: soft 0(sec), hard 0(sec) lifetime current: 0(bytes), 0(packets) add 2012-10-31 13:29:08 use 2012-10-31 13:29:20 So a xfrm policy isn't being created for the connection, even though there is an SA between device and strongswan. Executing ip -s xfrm policy on the android device results in the following output: src 0.0.0.0/0 dst 10.0.0.2/32 uid 0 dir in action allow index 40 priority 2147483648 share any flag (0x00000000) lifetime config: limit: soft (INF)(bytes), hard (INF)(bytes) limit: soft (INF)(packets), hard (INF)(packets) expire add: soft 0(sec), hard 0(sec) expire use: soft 0(sec), hard 0(sec) lifetime current: 0(bytes), 0(packets) add 2012-10-31 13:42:08 use - tmpl src 96.244.142.28 dst 25.239.33.30 proto esp spi 0x00000000(0) reqid 0(0x00000000) mode tunnel level required share any enc-mask 00000000 auth-mask 00000000 comp-mask 00000000 src 10.0.0.2/32 dst 0.0.0.0/0 uid 0 dir out action allow index 33 priority 2147483648 share any flag (0x00000000) lifetime config: limit: soft (INF)(bytes), hard (INF)(bytes) limit: soft (INF)(packets), hard (INF)(packets) expire add: soft 0(sec), hard 0(sec) expire use: soft 0(sec), hard 0(sec) lifetime current: 0(bytes), 0(packets) add 2012-10-31 13:42:08 use - tmpl src 25.239.33.30 dst 96.244.142.28 proto esp spi 0x00000000(0) reqid 0(0x00000000) mode tunnel level required share any enc-mask 00000000 auth-mask 00000000 comp-mask 00000000 src 0.0.0.0/0 dst 0.0.0.0/0 uid 0 dir 4 action allow index 28 priority 0 share any flag (0x00000000) lifetime config: limit: soft (INF)(bytes), hard (INF)(bytes) limit: soft (INF)(packets), hard (INF)(packets) expire add: soft 0(sec), hard 0(sec) expire use: soft 0(sec), hard 0(sec) lifetime current: 0(bytes), 0(packets) add 2012-10-31 13:42:04 use 2012-10-31 13:42:08 src 0.0.0.0/0 dst 0.0.0.0/0 uid 0 dir 3 action allow index 19 priority 0 share any flag (0x00000000) lifetime config: limit: soft (INF)(bytes), hard (INF)(bytes) limit: soft (INF)(packets), hard (INF)(packets) expire add: soft 0(sec), hard 0(sec) expire use: soft 0(sec), hard 0(sec) lifetime current: 0(bytes), 0(packets) add 2012-10-31 13:42:04 use 2012-10-31 13:42:08 src 0.0.0.0/0 dst 0.0.0.0/0 uid 0 dir 4 action allow index 12 priority 0 share any flag (0x00000000) lifetime config: limit: soft (INF)(bytes), hard (INF)(bytes) limit: soft (INF)(packets), hard (INF)(packets) expire add: soft 0(sec), hard 0(sec) expire use: soft 0(sec), hard 0(sec) lifetime current: 0(bytes), 0(packets) add 2012-10-31 13:42:04 use 2012-10-31 13:42:06 src 0.0.0.0/0 dst 0.0.0.0/0 uid 0 dir 3 action allow index 3 priority 0 share any flag (0x00000000) lifetime config: limit: soft (INF)(bytes), hard (INF)(bytes) limit: soft (INF)(packets), hard (INF)(packets) expire add: soft 0(sec), hard 0(sec) expire use: soft 0(sec), hard 0(sec) lifetime current: 0(bytes), 0(packets) add 2012-10-31 13:42:04 use 2012-10-31 13:42:07 Logs from charon: 00[DMN] Starting IKE charon daemon (strongSwan 5.0.0, Linux 3.3.4-5.fc17.x86_64, x86_64) 00[KNL] listening on interfaces: 00[KNL] em1 00[KNL] 96.244.142.28 00[KNL] fe80::224:e8ff:fed2:18b2 00[CFG] loading ca certificates from '/etc/strongswan/ipsec.d/cacerts' 00[CFG] loaded ca certificate "C=CH, O=strongSwan, CN=strongSwan CA" from '/etc/strongswan/ipsec.d/cacerts/caCert.pem' 00[CFG] loading aa certificates from '/etc/strongswan/ipsec.d/aacerts' 00[CFG] loading ocsp signer certificates from '/etc/strongswan/ipsec.d/ocspcerts' 00[CFG] loading attribute certificates from '/etc/strongswan/ipsec.d/acerts' 00[CFG] loading crls from '/etc/strongswan/ipsec.d/crls' 00[CFG] loading secrets from '/etc/strongswan/ipsec.secrets' 00[CFG] loaded RSA private key from '/etc/strongswan/ipsec.d/private/clientKey.pem' 00[CFG] loaded IKE secret for %any 00[CFG] loaded EAP secret for android 00[CFG] loaded EAP secret for android 00[DMN] loaded plugins: charon aes des sha1 sha2 md5 random nonce x509 revocation constraints pubkey pkcs1 pkcs8 pgp dnskey pem openssl fips-prf gmp xcbc cmac hmac attr kernel-netlink resolve socket-default stroke updown xauth-generic 08[NET] waiting for data on sockets 16[LIB] created thread 16 [15338] 16[JOB] started worker thread 16 11[CFG] received stroke: add connection 'android-hybrid' 11[CFG] conn android-hybrid 11[CFG] left=%any 11[CFG] leftsubnet=(null) 11[CFG] leftsourceip=(null) 11[CFG] leftauth=pubkey 11[CFG] leftauth2=(null) 11[CFG] leftid=(null) 11[CFG] leftid2=(null) 11[CFG] leftrsakey=(null) 11[CFG] leftcert=serverCert.pem 11[CFG] leftcert2=(null) 11[CFG] leftca=(null) 11[CFG] leftca2=(null) 11[CFG] leftgroups=(null) 11[CFG] leftupdown=ipsec _updown iptables 11[CFG] right=%any 11[CFG] rightsubnet=(null) 11[CFG] rightsourceip=96.244.142.3 11[CFG] rightauth=xauth 11[CFG] rightauth2=(null) 11[CFG] rightid=%any 11[CFG] rightid2=(null) 11[CFG] rightrsakey=(null) 11[CFG] rightcert=(null) 11[CFG] rightcert2=(null) 11[CFG] rightca=(null) 11[CFG] rightca2=(null) 11[CFG] rightgroups=(null) 11[CFG] rightupdown=(null) 11[CFG] eap_identity=(null) 11[CFG] aaa_identity=(null) 11[CFG] xauth_identity=(null) 11[CFG] ike=aes256-sha1-modp1024 11[CFG] esp=aes128-sha1-modp2048,3des-sha1-modp1536 11[CFG] dpddelay=30 11[CFG] dpdtimeout=150 11[CFG] dpdaction=0 11[CFG] closeaction=0 11[CFG] mediation=no 11[CFG] mediated_by=(null) 11[CFG] me_peerid=(null) 11[CFG] keyexchange=ikev1 11[KNL] getting interface name for %any 11[KNL] %any is not a local address 11[KNL] getting interface name for %any 11[KNL] %any is not a local address 11[CFG] left nor right host is our side, assuming left=local 11[CFG] loaded certificate "C=CH, O=strongSwan, CN=vpn.strongswan.org" from 'serverCert.pem' 11[CFG] id '%any' not confirmed by certificate, defaulting to 'C=CH, O=strongSwan, CN=vpn.strongswan.org' 11[CFG] added configuration 'android-hybrid' 11[CFG] adding virtual IP address pool 'android-hybrid': 96.244.142.3/32 13[CFG] received stroke: add connection 'android2' 13[CFG] conn android2 13[CFG] left=96.244.142.28 13[CFG] leftsubnet=0.0.0.0/0 13[CFG] leftsourceip=(null) 13[CFG] leftauth=pubkey 13[CFG] leftauth2=(null) 13[CFG] leftid=(null) 13[CFG] leftid2=(null) 13[CFG] leftrsakey=(null) 13[CFG] leftcert=serverCert.pem 13[CFG] leftcert2=(null) 13[CFG] leftca=(null) 13[CFG] leftca2=(null) 13[CFG] leftgroups=(null) 13[CFG] leftupdown=ipsec _updown iptables 13[CFG] right=%any 13[CFG] rightsubnet=10.0.0.0/24 13[CFG] rightsourceip=10.0.0.2 13[CFG] rightauth=pubkey 13[CFG] rightauth2=xauth 13[CFG] rightid=(null) 13[CFG] rightid2=(null) 13[CFG] rightrsakey=(null) 13[CFG] rightcert=clientCert.pem 13[CFG] rightcert2=(null) 13[CFG] rightca=(null) 13[CFG] rightca2=(null) 13[CFG] rightgroups=(null) 13[CFG] rightupdown=(null) 13[CFG] eap_identity=(null) 13[CFG] aaa_identity=(null) 13[CFG] xauth_identity=(null) 13[CFG] ike=aes256-sha1-modp1024 13[CFG] esp=aes128-sha1-modp2048,3des-sha1-modp1536 13[CFG] dpddelay=30 13[CFG] dpdtimeout=150 13[CFG] dpdaction=0 13[CFG] closeaction=0 13[CFG] mediation=no 13[CFG] mediated_by=(null) 13[CFG] me_peerid=(null) 13[CFG] keyexchange=ikev0 13[KNL] getting interface name for %any 13[KNL] %any is not a local address 13[KNL] getting interface name for 96.244.142.28 13[KNL] 96.244.142.28 is on interface em1 13[CFG] loaded certificate "C=CH, O=strongSwan, CN=vpn.strongswan.org" from 'serverCert.pem' 13[CFG] id '96.244.142.28' not confirmed by certificate, defaulting to 'C=CH, O=strongSwan, CN=vpn.strongswan.org' 13[CFG] loaded certificate "C=CH, O=strongSwan, CN=client" from 'clientCert.pem' 13[CFG] id '%any' not confirmed by certificate, defaulting to 'C=CH, O=strongSwan, CN=client' 13[CFG] added configuration 'android2' 13[CFG] adding virtual IP address pool 'android2': 10.0.0.2/32 08[NET] received packet: from 208.54.35.241[32235] to 96.244.142.28[500] 15[CFG] looking for an ike config for 96.244.142.28...208.54.35.241 15[CFG] candidate: %any...%any, prio 2 15[CFG] candidate: 96.244.142.28...%any, prio 5 15[CFG] found matching ike config: 96.244.142.28...%any with prio 5 01[JOB] next event in 29s 999ms, waiting 15[IKE] received NAT-T (RFC 3947) vendor ID 15[IKE] received draft-ietf-ipsec-nat-t-ike-02 vendor ID 15[IKE] received draft-ietf-ipsec-nat-t-ike-02\n vendor ID 15[IKE] received draft-ietf-ipsec-nat-t-ike-00 vendor ID 15[IKE] received XAuth vendor ID 15[IKE] received Cisco Unity vendor ID 15[IKE] received DPD vendor ID 15[IKE] 208.54.35.241 is initiating a Main Mode IKE_SA 15[IKE] IKE_SA (unnamed)[1] state change: CREATED => CONNECTING 15[CFG] selecting proposal: 15[CFG] proposal matches 15[CFG] received proposals: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:AES_CBC_256/HMAC_MD5_96/PRF_HMAC_MD5/MODP_1024, IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:AES_CBC_128/HMAC_MD5_96/PRF_HMAC_MD5/MODP_1024, IKE:3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:3DES_CBC/HMAC_MD5_96/PRF_HMAC_MD5/MODP_1024, IKE:DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:DES_CBC/HMAC_MD5_96/PRF_HMAC_MD5/MODP_1024 15[CFG] configured proposals: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/3DES_CBC/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/HMAC_MD5_96/HMAC_SHA1_96/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/AES_XCBC_96/AES_CMAC_96/PRF_HMAC_MD5/PRF_HMAC_SHA1/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_AES128_XCBC/PRF_AES128_CMAC/MODP_2048/MODP_2048_224/MODP_2048_256/MODP_1536/MODP_4096/MODP_8192/MODP_1024/MODP_1024_160 15[CFG] selected proposal: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024 15[NET] sending packet: from 96.244.142.28[500] to 208.54.35.241[32235] 04[NET] sending packet: from 96.244.142.28[500] to 208.54.35.241[32235] 15[MGR] checkin IKE_SA (unnamed)[1] 15[MGR] check-in of IKE_SA successful. 08[NET] received packet: from 208.54.35.241[32235] to 96.244.142.28[500] 08[NET] waiting for data on sockets 07[MGR] checkout IKE_SA by message 07[MGR] IKE_SA (unnamed)[1] successfully checked out 07[NET] received packet: from 208.54.35.241[32235] to 96.244.142.28[500] 07[LIB] size of DH secret exponent: 1023 bits 07[IKE] remote host is behind NAT 07[IKE] sending cert request for "C=CH, O=strongSwan, CN=strongSwan CA" 07[ENC] generating NAT_D_V1 payload finished 07[NET] sending packet: from 96.244.142.28[500] to 208.54.35.241[32235] 07[MGR] checkin IKE_SA (unnamed)[1] 07[MGR] check-in of IKE_SA successful. 04[NET] sending packet: from 96.244.142.28[500] to 208.54.35.241[32235] 08[NET] received packet: from 208.54.35.241[35595] to 96.244.142.28[4500] 10[IKE] ignoring certificate request without data 10[IKE] received end entity cert "C=CH, O=strongSwan, CN=client" 10[CFG] looking for XAuthInitRSA peer configs matching 96.244.142.28...208.54.35.241[C=CH, O=strongSwan, CN=client] 10[CFG] candidate "android-hybrid", match: 1/1/2/2 (me/other/ike/version) 10[CFG] candidate "android2", match: 1/20/5/1 (me/other/ike/version) 10[CFG] selected peer config "android2" 10[CFG] certificate "C=CH, O=strongSwan, CN=client" key: 2048 bit RSA 10[CFG] using trusted ca certificate "C=CH, O=strongSwan, CN=strongSwan CA" 10[CFG] checking certificate status of "C=CH, O=strongSwan, CN=client" 10[CFG] ocsp check skipped, no ocsp found 10[CFG] certificate status is not available 10[CFG] certificate "C=CH, O=strongSwan, CN=strongSwan CA" key: 2048 bit RSA 10[CFG] reached self-signed root ca with a path length of 0 10[CFG] using trusted certificate "C=CH, O=strongSwan, CN=client" 10[IKE] authentication of 'C=CH, O=strongSwan, CN=client' with RSA successful 10[ENC] added payload of type ID_V1 to message 10[ENC] added payload of type SIGNATURE_V1 to message 10[IKE] authentication of 'C=CH, O=strongSwan, CN=vpn.strongswan.org' (myself) successful 10[IKE] queueing XAUTH task 10[IKE] sending end entity cert "C=CH, O=strongSwan, CN=vpn.strongswan.org" 10[NET] sending packet: from 96.244.142.28[4500] to 208.54.35.241[35595] 04[NET] sending packet: from 96.244.142.28[4500] to 208.54.35.241[35595] 10[IKE] activating new tasks 10[IKE] activating XAUTH task 10[NET] sending packet: from 96.244.142.28[4500] to 208.54.35.241[35595] 04[NET] sending packet: from 96.244.142.28[4500] to 208.54.35.241[35595] 01[JOB] next event in 3s 999ms, waiting 10[MGR] checkin IKE_SA android2[1] 10[MGR] check-in of IKE_SA successful. 08[NET] received packet: from 208.54.35.241[35595] to 96.244.142.28[4500] 08[NET] waiting for data on sockets 12[MGR] checkout IKE_SA by message 12[MGR] IKE_SA android2[1] successfully checked out 12[NET] received packet: from 208.54.35.241[35595] to 96.244.142.28[4500] 12[MGR] checkin IKE_SA android2[1] 12[MGR] check-in of IKE_SA successful. 08[NET] received packet: from 208.54.35.241[35595] to 96.244.142.28[4500] 16[MGR] checkout IKE_SA by message 16[MGR] IKE_SA android2[1] successfully checked out 16[NET] received packet: from 208.54.35.241[35595] to 96.244.142.28[4500] 08[NET] waiting for data on sockets 16[IKE] XAuth authentication of 'android' successful 16[IKE] reinitiating already active tasks 16[IKE] XAUTH task 16[NET] sending packet: from 96.244.142.28[4500] to 208.54.35.241[35595] 04[NET] sending packet: from 96.244.142.28[4500] to 208.54.35.241[35595] 16[MGR] checkin IKE_SA android2[1] 01[JOB] next event in 3s 907ms, waiting 16[MGR] check-in of IKE_SA successful. 08[NET] received packet: from 208.54.35.241[35595] to 96.244.142.28[4500] 09[MGR] checkout IKE_SA by message 09[MGR] IKE_SA android2[1] successfully checked out 09[NET] received packet: from 208.54.35.241[35595] to 96.244.142.28[4500] .8rS 09[IKE] IKE_SA android2[1] established between 96.244.142.28[C=CH, O=strongSwan, CN=vpn.strongswan.org]...208.54.35.241[C=CH, O=strongSwan, CN=client] 09[IKE] IKE_SA android2[1] state change: CONNECTING => ESTABLISHED 09[IKE] scheduling reauthentication in 3409s 09[IKE] maximum IKE_SA lifetime 3589s 09[IKE] activating new tasks 09[IKE] nothing to initiate 09[MGR] checkin IKE_SA android2[1] 09[MGR] check-in of IKE_SA successful. 09[MGR] checkout IKE_SA 09[MGR] IKE_SA android2[1] successfully checked out 09[MGR] checkin IKE_SA android2[1] 09[MGR] check-in of IKE_SA successful. 01[JOB] next event in 3s 854ms, waiting 08[NET] waiting for data on sockets 08[NET] received packet: from 208.54.35.241[35595] to 96.244.142.28[4500] 14[MGR] checkout IKE_SA by message 14[MGR] IKE_SA android2[1] successfully checked out 14[NET] received packet: from 208.54.35.241[35595] to 96.244.142.28[4500] 14[IKE] processing INTERNAL_IP4_ADDRESS attribute 14[IKE] processing INTERNAL_IP4_NETMASK attribute 14[IKE] processing INTERNAL_IP4_DNS attribute 14[IKE] processing INTERNAL_IP4_NBNS attribute 14[IKE] processing UNITY_BANNER attribute 14[IKE] processing UNITY_DEF_DOMAIN attribute 14[IKE] processing UNITY_SPLITDNS_NAME attribute 14[IKE] processing UNITY_SPLIT_INCLUDE attribute 14[IKE] processing UNITY_LOCAL_LAN attribute 14[IKE] processing APPLICATION_VERSION attribute 14[IKE] peer requested virtual IP %any 14[CFG] assigning new lease to 'android' 14[IKE] assigning virtual IP 10.0.0.2 to peer 'android' 14[NET] sending packet: from 96.244.142.28[4500] to 208.54.35.241[35595] 14[MGR] checkin IKE_SA android2[1] 14[MGR] check-in of IKE_SA successful. 04[NET] sending packet: from 96.244.142.28[4500] to 208.54.35.241[35595] 08[NET] waiting for data on sockets 01[JOB] got event, queuing job for execution 01[JOB] next event in 91ms, waiting 13[MGR] checkout IKE_SA 13[MGR] IKE_SA android2[1] successfully checked out 13[MGR] checkin IKE_SA android2[1] 13[MGR] check-in of IKE_SA successful. 01[JOB] got event, queuing job for execution 01[JOB] next event in 24s 136ms, waiting 15[MGR] checkout IKE_SA 15[MGR] IKE_SA android2[1] successfully checked out 15[MGR] checkin IKE_SA android2[1] 15[MGR] check-in of IKE_SA successful.

Read the article
trying to use mod_proxy with httpd and tomcat

- by techsjs2012

I been trying to use mod_proxy with httpd and tomcat... I have on VirtualBox running Scientific Linux which has httpd and tomcat 6 on it.. I made two nodes of tomcat6. I followed this guide like 10 times and still cant get the 2nd node of tomcat working.. http://www.richardnichols.net/2010/08/5-minute-guide-clustering-apache-tomcat/ Here is the lines from my http.conf file <Proxy balancer://testcluster stickysession=JSESSIONID> BalancerMember ajp://127.0.0.1:8009 min=10 max=100 route=node1 loadfactor=1 BalancerMember ajp://127.0.0.1:8109 min=10 max=100 route=node2 loadfactor=1 </Proxy> ProxyPass /examples balancer://testcluster/examples <Location /balancer-manager> SetHandler balancer-manager AuthType Basic AuthName "Balancer Manager" AuthUserFile "/etc/httpd/conf/.htpasswd" Require valid-user </Location> Now here is my server.xml from node1 <?xml version='1.0' encoding='utf-8'?>   <Server port="8005" shutdown="SHUTDOWN">  <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />  <Listener className="org.apache.catalina.core.JasperListener" />  <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />  <Listener className="org.apache.catalina.mbeans.ServerLifecycleListener" /> <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />  <GlobalNamingResources>  <Resource name="UserDatabase" auth="Container" type="org.apache.catalina.UserDatabase" description="User database that can be updated and saved" factory="org.apache.catalina.users.MemoryUserDatabaseFactory" pathname="conf/tomcat-users.xml" /> </GlobalNamingResources>  <Service name="Catalina">         <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />   <Engine name="Catalina" defaultHost="localhost" jvmRoute="node1">      <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/>  <Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">     </Host> </Engine> </Service> </Server> now here is the server.xml file from node2 <?xml version='1.0' encoding='utf-8'?>   <Server port="8105" shutdown="SHUTDOWN">  <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />  <Listener className="org.apache.catalina.core.JasperListener" />  <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />  <Listener className="org.apache.catalina.mbeans.ServerLifecycleListener" /> <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />  <GlobalNamingResources>  <Resource name="UserDatabase" auth="Container" type="org.apache.catalina.UserDatabase" description="User database that can be updated and saved" factory="org.apache.catalina.users.MemoryUserDatabaseFactory" pathname="conf/tomcat-users.xml" /> </GlobalNamingResources>  <Service name="Catalina">         <Connector port="8109" protocol="AJP/1.3" redirectPort="8443" />   <Engine name="Catalina" defaultHost="localhost" jvmRoute="node2">      <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/>  <Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">     </Host> </Engine> </Service> </Server> I dont know what it is. but I been trying for days

Read the article
Error "exit signal Bus error (7)" How to continue after making a backtrace?

- by Mikel

I have a Centos Server in 1and1 with Apache, Magento, MagentoBooster and Xcache installed. The server usually (1-8 times per day) prints this error "exit signal Bus error (7)" and sometimes this causes Apache not to respond. I have made a backtrace with GDB, but I don't know how to continue. gdb /usr/sbin/httpd core.XXXX --batch --quiet -ex "thread apply all bt full" backtrace.log The backtrace: [New Thread 15312] [Thread debugging using libthread_db enabled] Core was generated by `/usr/sbin/httpd'. Program terminated with signal 7, Bus error. #0 0x00002abcf6c7324e in memcpy () from /lib64/libc.so.6 Thread 1 (Thread 0x2abcf8c72300 (LWP 15312)): #0 0x00002abcf6c7324e in memcpy () from /lib64/libc.so.6 No symbol table info available. #1 0x00002abd02e6b9c7 in ?? () from /usr/lib64/php/modules//php_ioncube_loader_lin_5.2_x86_64.so No symbol table info available. #2 0x00002abd02ed4d47 in _zval_dup () from /usr/lib64/php/modules//php_ioncube_loader_lin_5.2_x86_64.so No symbol table info available. #3 0x00002abd02ecdffb in ?? () from /usr/lib64/php/modules//php_ioncube_loader_lin_5.2_x86_64.so No symbol table info available. #4 0x00002abd02c32636 in xc_compile_file (h=0x7fffc3e7e4f0, type=2) at /opt/xcache-1.3.2-rc1/xcache.c:1060 __orig_bailout = 0x7fffc3e88f10 __bailout = {{__jmpbuf = {46991244125792, 3379122525071325456, 46991369192208, 140736480142576, 140736480142656, 46991244125792, 3379207471940512272, 3379122524988693332}, __mask_was_saved = 0, __saved_mask = {__val = {46991369228841, 46991369206800, 46991369195208, 46991382361728, 46991369196536, 46991369206984, 46991369210744, 0, 46991240130544, 140733193388033, 0, 140736480142296, 46991240361284, 46991369207528, 46991369232128, 3}}}} sandbox = {alloc = 0, filename = 0x2abd078dd0e0 "/var/www/vhosts/DOMAIN/httpdocs/var/ait_rewrite/67b58abff9e6bd7b400bb2fc1903bf2f.php", orig_included_files = {nTableSize = 256, nTableMask = 255, nNumOfElements = 191, nNextFreeElement = 0, pInternalPointer = 0x2abcf4da53d0, pListHead = 0x2abcf4da53d0, pListTail = 0x2abd07dfeb28, arBuckets = 0x2abd0896d690, pDestructor = 0, persistent = 0 '\000', nApplyCount = 0 '\000', bApplyProtection = 1 '\001'}, tmp_included_files = 0x2abd0069e830, orig_zend_constants = 0x2abd0d630b60, tmp_zend_constants = {nTableSize = 2048, nTableMask = 2047, nNumOfElements = 1559, nNextFreeElement = 0, pInternalPointer = 0x2abd08283760, pListHead = 0x2abd08283760, pListTail = 0x2abd08320810, arBuckets = 0x2abd08302aa0, pDestructor = 0x2abd02c34850 <xc_free_zend_constant>, persistent = 1 '\001', nApplyCount = 0 '\000', bApplyProtection = 1 '\001'}, orig_function_table = 0x2abd0d61f340, orig_class_table = 0x2abd0d61f2b0, orig_auto_globals = 0x2abd0d618910, tmp_function_table = {nTableSize = 2048, nTableMask = 2047, nNumOfElements = 1555, nNextFreeElement = 0, pInternalPointer = 0x2abd08320ce0, pListHead = 0x2abd08320ce0, pListTail = 0x2abd0933fe60, arBuckets = 0x2abd079c8500, pDestructor = 0x2abd0033e1d0 <zend_function_dtor>, persistent = 1 '\001', nApplyCount = 0 '\000', bApplyProtection = 0 '\000'}, tmp_class_table = { nTableSize = 16, nTableMask = 15, nNumOfElements = 0, nNextFreeElement = 0, pInternalPointer = 0x0, pListHead = 0x0, pListTail = 0x0, arBuckets = 0x2abd079dbf60, pDestructor = 0x2abd0033dcf0 <destroy_zend_class>, persistent = 1 '\001', nApplyCount = 0 '\000', bApplyProtection = 0 '\000'}, tmp_auto_globals = {nTableSize = 16, nTableMask = 15, nNumOfElements = 9, nNextFreeElement = 0, pInternalPointer = 0x2abd0933ffc0, pListHead = 0x2abd0933ffc0, pListTail = 0x2abd093403e0, arBuckets = 0x2abd09340470, pDestructor = 0, persistent = 1 '\001', nApplyCount = 0 '\000', bApplyProtection = 0 '\000'}, tmp_internal_constant_tail = 0x2abd08320810, tmp_internal_function_tail = 0x2abd0933fe60, tmp_internal_class_tail = 0x0, orig_user_error_handler_error_reporting = 8191} op_array = <value optimized out> xce = {type = XC_TYPE_PHP, hvalue = 2460, next = 0x2abd0d939e60, cache = 0x2abd0d90b038, size = 10, refcount = 46991369191320, hits = 4, ctime = 46991362335072, atime = 8, dtime = 46991240673248, ttl = 46991369192096, name = {lval = 46991363920096, dval = 2.3216818564143281e-310, str = { val = 0x2abd078dd0e0 "/var/www/vhosts/DOMAIN/httpdocs/var/ait_rewrite/67b58abff9e6bd7b400bb2fc1903bf2f.php", len = 107}, ht = 0x2abd078dd0e0, obj = {handle = 126734560, handlers = 0x2abd0000006b}}, data = {php = 0x7fffc3e7e440, var = 0x7fffc3e7e440}, have_references = 0 '\000'} stored_xce = 0x0 php = {sourcesize = 8947, device = 64769, inode = 9907963, mtime = 1353055102, op_array = 0x2abd00344004, constinfo_cnt = 1, constinfos = 0x0, funcinfo_cnt = 132120232, funcinfos = 0x8, classinfo_cnt = 8, classinfos = 0x0, have_early_binding = 168 '\250', autoglobal_cnt = 10941, autoglobals = 0x8} cache = 0x2abd0d90b038 catched = <value optimized out> filename = <value optimized out> opened_path_buffer = "\000\000\000\000\000\000\000\000I\032\065\000\275*\000\000\300\347i\000\275*\000\000\001\000\000\000\000\000\000\000\377\377\377\377\000\000\000\000\000\000\000\000\003\000\000\000[\337\227\337,\002pr\n\000\000\000\000\000\000\000P\323\347\303\377\177\000\000\357\367\220\b\275*\000\000\243\002M\a\275*\000\000\005", '\000' <repeats 15 times>"\357, \367\220\b\275*\000\000\244\002M\a\275*\000\000Du0\000\275*\000\000\b\000\000\000\000\000\000\000\232b=\365\000\000\000\000\002\000\000\000\377\177\000\000\005\000\000\000\275*\000\000\220\322\347\303\377\177\000\000\000\020\000\000\000\000\000\000,\324\347\303\377\177\000\000`\321\347\303^", '\000' <repeats 27 times>, "\f\000\000 \001", '\000' <repeats 11 times>"\260, \322\347\303", '\000' <repeats 12 times>, "P\323\347\303\377\177\000\000x\225\332\364\004\000\000\000\001\000\000\000\031\000\000\000\300\331\336\a\275*\000\000\300\331\336\a\275*\000\000"... old_constinfo_cnt = 1559 old_funcinfo_cnt = 1555 old_classinfo_cnt = 0 #5 0x00002abd003290bf in compile_filename () from /etc/httpd/modules/libphp5.so No symbol table info available. #6 0x00002abd00398ded in ?? () from /etc/httpd/modules/libphp5.so No symbol table info available. #7 0x00002abd0036628c in execute () from /etc/httpd/modules/libphp5.so No symbol table info available. #8 0x00002abd0033b796 in zend_call_function () from /etc/httpd/modules/libphp5.so No symbol table info available. #9 0x00002abd0035b1e1 in zend_call_method () from /etc/httpd/modules/libphp5.so No symbol table info available. #10 0x00002abd00273bf4 in zif_spl_autoload_call () from /etc/httpd/modules/libphp5.so No symbol table info available. #11 0x00002abd0033b945 in zend_call_function () from /etc/httpd/modules/libphp5.so No symbol table info available. #12 0x00002abd0033c51e in zend_lookup_class_ex () from /etc/httpd/modules/libphp5.so No symbol table info available. #13 0x00002abd0033c728 in zend_fetch_class () from /etc/httpd/modules/libphp5.so No symbol table info available. #14 0x00002abd003a61ab in ?? () from /etc/httpd/modules/libphp5.so No symbol table info available. #15 0x00002abd0036628c in execute () from /etc/httpd/modules/libphp5.so No symbol table info available. #16 0x00002abd00366b91 in ?? () from /etc/httpd/modules/libphp5.so No symbol table info available. #17 0x00002abd0036628c in execute () from /etc/httpd/modules/libphp5.so No symbol table info available. #18 0x00002abd00366b91 in ?? () from /etc/httpd/modules/libphp5.so No symbol table info available. #19 0x00002abd0036628c in execute () from /etc/httpd/modules/libphp5.so No symbol table info available. #20 0x00002abd00366b91 in ?? () from /etc/httpd/modules/libphp5.so No symbol table info available. #21 0x00002abd0036628c in execute () from /etc/httpd/modules/libphp5.so No symbol table info available. #22 0x00002abd00366b91 in ?? () from /etc/httpd/modules/libphp5.so No symbol table info available. #23 0x00002abd0036628c in execute () from /etc/httpd/modules/libphp5.so No symbol table info available. #24 0x00002abd00366b91 in ?? () from /etc/httpd/modules/libphp5.so No symbol table info available. #25 0x00002abd0036628c in execute () from /etc/httpd/modules/libphp5.so No symbol table info available. #26 0x00002abd00366b91 in ?? () from /etc/httpd/modules/libphp5.so No symbol table info available. #27 0x00002abd0036628c in execute () from /etc/httpd/modules/libphp5.so No symbol table info available. #28 0x00002abd00366b91 in ?? () from /etc/httpd/modules/libphp5.so No symbol table info available. #29 0x00002abd0036628c in execute () from /etc/httpd/modules/libphp5.so No symbol table info available. #30 0x00002abd00366b91 in ?? () from /etc/httpd/modules/libphp5.so No symbol table info available. #31 0x00002abd0036628c in execute () from /etc/httpd/modules/libphp5.so No symbol table info available. #32 0x00002abd00366b91 in ?? () from /etc/httpd/modules/libphp5.so No symbol table info available. #33 0x00002abd0036628c in execute () from /etc/httpd/modules/libphp5.so No symbol table info available. #34 0x00002abd00366b91 in ?? () from /etc/httpd/modules/libphp5.so No symbol table info available. #35 0x00002abd0036628c in execute () from /etc/httpd/modules/libphp5.so No symbol table info available. #36 0x00002abd00366b91 in ?? () from /etc/httpd/modules/libphp5.so No symbol table info available. #37 0x00002abd0036628c in execute () from /etc/httpd/modules/libphp5.so No symbol table info available. #38 0x00002abd00346943 in zend_execute_scripts () from /etc/httpd/modules/libphp5.so No symbol table info available. #39 0x00002abd00306898 in php_execute_script () from /etc/httpd/modules/libphp5.so No symbol table info available. #40 0x00002abd003cb09d in ?? () from /etc/httpd/modules/libphp5.so No symbol table info available. #41 0x00002abcf4cfca0a in ap_run_handler () No symbol table info available. #42 0x00002abcf4cffe98 in ap_invoke_handler () No symbol table info available. #43 0x00002abcf4d0a74a in ap_internal_redirect () No symbol table info available. #44 0x00002abcfdb45bf0 in ap_make_dirstr_parent () from /etc/httpd/modules/mod_rewrite.so No symbol table info available. #45 0x00002abcf4cfca0a in ap_run_handler () No symbol table info available. #46 0x00002abcf4cffe98 in ap_invoke_handler () No symbol table info available. #47 0x00002abcf4d0a8f8 in ap_process_request () No symbol table info available. #48 0x00002abcf4d07b30 in ?? () No symbol table info available. #49 0x00002abcf4d03c92 in ap_run_process_connection () No symbol table info available. #50 0x00002abcf4d0e7a9 in ?? () No symbol table info available. #51 0x00002abcf4d0ea3a in ?? () No symbol table info available. #52 0x00002abcf4d0f29d in ap_mpm_run () No symbol table info available. #53 0x00002abcf4ce9e48 in main () No symbol table info available. Can anyone help me? ADITIONAL INFO php -v PHP 5.2.10 (cli) (built: Nov 13 2009 11:44:05) Copyright (c) 1997-2009 The PHP Group Zend Engine v2.2.0, Copyright (c) 1998-2009 Zend Technologies with XCache v1.3.2-rc1, Copyright (c) 2005-2011, by mOo with the ionCube PHP Loader v3.1.28, Copyright (c) 2002-2007, by ionCube Ltd. httpd -v Server version: Apache/2.2.3 Server built: May 4 2011 06:51:15 Apache modules: core prefork http_core mod_so mod_auth_basic mod_auth_digest mod_authn_file mod_authn_alias mod_authn_anon mod_authn_dbm mod_authn_default mod_authz_host mod_authz_user mod_authz_owner mod_authz_groupfile mod_authz_dbm mod_authz_default util_ldap mod_authnz_ldap mod_include mod_log_config mod_logio mod_env mod_ext_filter mod_mime_magic mod_expires mod_deflate mod_headers mod_usertrack mod_setenvif mod_mime mod_dav mod_status mod_autoindex mod_info mod_dav_fs mod_vhost_alias mod_negotiation mod_dir mod_actions mod_speling mod_userdir mod_alias mod_rewrite mod_proxy mod_proxy_balancer mod_proxy_ftp mod_proxy_http mod_proxy_connect mod_cache mod_suexec mod_disk_cache mod_file_cache mod_mem_cache mod_cgi mod_version mod_fcgid mod_perl mod_php5 mod_proxy_ajp mod_python mod_ssl Aditional modules: dbase ionCube Loader sysvsem sysvshm EDIT (November 18) I have disabled some suspicious modules and the error persist. The new backtrace: [New Thread 12403] [Thread debugging using libthread_db enabled] Core was generated by `/usr/sbin/httpd'. Program terminated with signal 7, Bus error. #0 0x00002b0c5754a24e in memcpy () from /lib64/libc.so.6 Thread 1 (Thread 0x2b0c59549300 (LWP 12403)): #0 0x00002b0c5754a24e in memcpy () from /lib64/libc.so.6 No symbol table info available. #1 0x00002b0c558519c7 in ?? () from /usr/lib64/php/modules//php_ioncube_loader_lin_5.2_x86_64.so No symbol table info available. #2 0x00002b0c558bad47 in _zval_dup () from /usr/lib64/php/modules//php_ioncube_loader_lin_5.2_x86_64.so No symbol table info available. #3 0x00002b0c558b3ffb in ?? () from /usr/lib64/php/modules//php_ioncube_loader_lin_5.2_x86_64.so No symbol table info available. #4 0x00002b0c60d650bf in compile_filename () from /etc/httpd/modules/libphp5.so No symbol table info available. #5 0x00002b0c60dd4ded in ?? () from /etc/httpd/modules/libphp5.so No symbol table info available. #6 0x00002b0c60da228c in execute () from /etc/httpd/modules/libphp5.so No symbol table info available. #7 0x00002b0c60d77796 in zend_call_function () from /etc/httpd/modules/libphp5.so No symbol table info available. #8 0x00002b0c60d971e1 in zend_call_method () from /etc/httpd/modules/libphp5.so No symbol table info available. #9 0x00002b0c60cafbf4 in zif_spl_autoload_call () from /etc/httpd/modules/libphp5.so No symbol table info available. #10 0x00002b0c60d77945 in zend_call_function () from /etc/httpd/modules/libphp5.so No symbol table info available. #11 0x00002b0c60d7851e in zend_lookup_class_ex () from /etc/httpd/modules/libphp5.so No symbol table info available. #12 0x00002b0c60d78728 in zend_fetch_class () from /etc/httpd/modules/libphp5.so No symbol table info available. #13 0x00002b0c60de21ab in ?? () from /etc/httpd/modules/libphp5.so No symbol table info available. #14 0x00002b0c60da228c in execute () from /etc/httpd/modules/libphp5.so No symbol table info available. #15 0x00002b0c60da2b91 in ?? () from /etc/httpd/modules/libphp5.so No symbol table info available. #16 0x00002b0c60da228c in execute () from /etc/httpd/modules/libphp5.so No symbol table info available. #17 0x00002b0c60da2b91 in ?? () from /etc/httpd/modules/libphp5.so No symbol table info available. #18 0x00002b0c60da228c in execute () from /etc/httpd/modules/libphp5.so No symbol table info available. #19 0x00002b0c60da2b91 in ?? () from /etc/httpd/modules/libphp5.so No symbol table info available. #20 0x00002b0c60da228c in execute () from /etc/httpd/modules/libphp5.so No symbol table info available. #21 0x00002b0c60da2b91 in ?? () from /etc/httpd/modules/libphp5.so No symbol table info available. #22 0x00002b0c60da228c in execute () from /etc/httpd/modules/libphp5.so No symbol table info available. #23 0x00002b0c60da2b91 in ?? () from /etc/httpd/modules/libphp5.so No symbol table info available. #24 0x00002b0c60da228c in execute () from /etc/httpd/modules/libphp5.so No symbol table info available. #25 0x00002b0c60da2b91 in ?? () from /etc/httpd/modules/libphp5.so No symbol table info available. #26 0x00002b0c60da228c in execute () from /etc/httpd/modules/libphp5.so No symbol table info available. #27 0x00002b0c60da2b91 in ?? () from /etc/httpd/modules/libphp5.so No symbol table info available. #28 0x00002b0c60da228c in execute () from /etc/httpd/modules/libphp5.so No symbol table info available. #29 0x00002b0c60da2b91 in ?? () from /etc/httpd/modules/libphp5.so No symbol table info available. #30 0x00002b0c60da228c in execute () from /etc/httpd/modules/libphp5.so No symbol table info available. #31 0x00002b0c60da2b91 in ?? () from /etc/httpd/modules/libphp5.so No symbol table info available. #32 0x00002b0c60da228c in execute () from /etc/httpd/modules/libphp5.so No symbol table info available. #33 0x00002b0c60da2b91 in ?? () from /etc/httpd/modules/libphp5.so No symbol table info available. #34 0x00002b0c60da228c in execute () from /etc/httpd/modules/libphp5.so No symbol table info available. #35 0x00002b0c60da2b91 in ?? () from /etc/httpd/modules/libphp5.so No symbol table info available. #36 0x00002b0c60da228c in execute () from /etc/httpd/modules/libphp5.so No symbol table info available. #37 0x00002b0c60da2b91 in ?? () from /etc/httpd/modules/libphp5.so No symbol table info available. #38 0x00002b0c60da228c in execute () from /etc/httpd/modules/libphp5.so No symbol table info available. #39 0x00002b0c60d82943 in zend_execute_scripts () from /etc/httpd/modules/libphp5.so No symbol table info available. #40 0x00002b0c60d42898 in php_execute_script () from /etc/httpd/modules/libphp5.so No symbol table info available. #41 0x00002b0c60e0709d in ?? () from /etc/httpd/modules/libphp5.so No symbol table info available. #42 0x00002b0c555d3a0a in ap_run_handler () No symbol table info available. #43 0x00002b0c555d6e98 in ap_invoke_handler () No symbol table info available. #44 0x00002b0c555e174a in ap_internal_redirect () No symbol table info available. #45 0x00002b0c5e41cbf0 in ap_make_dirstr_parent () from /etc/httpd/modules/mod_rewrite.so No symbol table info available. #46 0x00002b0c555d3a0a in ap_run_handler () No symbol table info available. #47 0x00002b0c555d6e98 in ap_invoke_handler () No symbol table info available. #48 0x00002b0c555e18f8 in ap_process_request () No symbol table info available. #49 0x00002b0c555deb30 in ?? () No symbol table info available. #50 0x00002b0c555dac92 in ap_run_process_connection () No symbol table info available. #51 0x00002b0c555e57a9 in ?? () No symbol table info available. #52 0x00002b0c555e5a3a in ?? () No symbol table info available. #53 0x00002b0c555e629d in ap_mpm_run () No symbol table info available. #54 0x00002b0c555c0e48 in main () No symbol table info available.

Read the article
Setting up SharePoint without Active Directory

- by eJugnoo

In order to setup SharePoint without AD, you need to run following PowerShell command on Management Shell after installing SharePoint on your server, but before running Config Wizard: (we don’t want to run this SP farm in stand-alone mode!) 1. New-SPConfigurationDatabase SYNOPSIS Creates a new configuration database. SYNTAX New-SPConfigurationDatabase [-DatabaseName] <String> [-DatabaseServer] <String> [[-DirectoryDomain] <String>] [[-DirectoryOrganizationUnit] <String>] [[-AdministrationContentDatabaseName] <String>] [[-DatabaseCredentials] <PSCredential>] [-FarmCredentials] <PSCredential> [-Passphrase] <SecureString> [-AssignmentCollection <SPAssignmentCollection>] [<CommonParameters>] DESCRIPTION The New-SPConfigurationDatabase cmdlet creates a new configuration database on the specified database server. This is the central database for a new SharePoint farm. For permissions and the most current information about Windows PowerShell for SharePoint Products, see the online documentation (http://go.microsoft.com/fwlink/?LinkId=163185). RELATED LINKS Backup-SPConfigurationDatabase Disconnect-SPConfigurationDatabase Connect-SPConfigurationDatabase Remove-SPConfigurationDatabase REMARKS To see the examples, type: "get-help New-SPConfigurationDatabase -examples". For more information, type: "get-help New-SPConfigurationDatabase -detailed". For technical information, type: "get-help New-SPConfigurationDatabase -full". NOTE: Use –AdministrationContentDatabaseName switch to pass the name of Admin database you want instead of GUID-based name it automatically creates. Hence, one can pretty much easily control Admin, Config, and Content database names at the time of farm creation. If creating new farm, you can also delete and re-provision any service databases automatically created, from UI, to decide what database names you want. 2. Run SharePoint Configuration Wizard, and you’ll following as already added to farm. Select do not discconect from farm, and proceed… Select the port, and authentication (NTLM in my case). Click next, and wizard will complete the remaining steps of provisioning, including creation of Central Admin Web App on the desired port. Once successful, it will open the Central Admin site and ask you to run Farm Config Wizard. I chose to skip and do things manually, to remain in control of what is happening on the farm. Like creating web-app for site collections, creating the very first site collection, and any other service applications. I needed this to create a public-facing installation of SharePoint Foundation RTM on a server which didn’t have AD. Now I am going to setup FBA, and possibly Live ID Auth as well. I will be also setting up RBS, and multi-tenancy on this farm ,and would post any notes, and findings here… --Sharad

Read the article
Getting a 'base' Domain from a Domain

- by Rick Strahl

Here's a simple one: How do you reliably get the base domain from full domain name or URI? Specifically I've run into this scenario in a few recent applications when creating the Forms Auth Cookie in my ASP.NET applications where I explicitly need to force the domain name to the common base domain. So, www.west-wind.com, store.west-wind.com, west-wind.com, dev.west-wind.com all should return west-wind.com. Here's the code where I need to use this type of logic for issuing an AuthTicket explicitly:private void IssueAuthTicket(UserState userState, bool rememberMe) { FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, userState.UserId, DateTime.Now, DateTime.Now.AddDays(10), rememberMe, userState.ToString()); string ticketString = FormsAuthentication.Encrypt(ticket); HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, ticketString); cookie.HttpOnly = true; if (rememberMe) cookie.Expires = DateTime.Now.AddDays(10); // write out a domain cookie cookie.Domain = Request.Url.GetBaseDomain(); HttpContext.Response.Cookies.Add(cookie); } Now unfortunately there's no Uri.GetBaseDomain() method unfortunately, as I was surprised to find out. So I ended up creating one:public static class NetworkUtils { /// <summary> /// Retrieves a base domain name from a full domain name. /// For example: www.west-wind.com produces west-wind.com /// </summary> /// <param name="domainName">Dns Domain name as a string</param> /// <returns></returns> public static string GetBaseDomain(string domainName) { var tokens = domainName.Split('.'); // only split 3 segments like www.west-wind.com if (tokens == null || tokens.Length != 3) return domainName; var tok = new List<string>(tokens); var remove = tokens.Length - 2; tok.RemoveRange(0, remove); return tok[0] + "." + tok[1]; ; } /// <summary> /// Returns the base domain from a domain name /// Example: http://www.west-wind.com returns west-wind.com /// </summary> /// <param name="uri"></param> /// <returns></returns> public static string GetBaseDomain(this Uri uri) { if (uri.HostNameType == UriHostNameType.Dns) return GetBaseDomain(uri.DnsSafeHost); return uri.Host; } } I've had a need for this so frequently it warranted a couple of helpers. The second Uri helper is an Extension method to the Uri class, which is what's used the in the first code sample. This is the preferred way to call this since the URI class can differentiate between Dns names and IP Addresses. If you use the first string based version there's a little more guessing going on if a URL is an IP Address. There are a couple of small twists in dealing with 'domain names'. When passing a string only there's a possibility to not actually pass domain name, but end up passing an IP address, so the code explicitly checks for three domain segments (can there be more than 3?). IP4 Addresses have 4 and IP6 have none so they'll fall through. Then there are things like localhost or a NetBios machine name which also come back on URL strings, but also shouldn't be handled. Anyway, small thing but maybe somebody else will find this useful.© Rick Strahl, West Wind Technologies, 2005-2012Posted in ASP.NET Networking Tweet !function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0];if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src="//platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs"); (function() { var po = document.createElement('script'); po.type = 'text/javascript'; po.async = true; po.src = 'https://apis.google.com/js/plusone.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(po, s); })();

Read the article
Ubuntu 12.04 lightdm dumps to tty. Cannot start GUI interface when booting off harddrive, but can when booting off usb

- by user72681

When booting, lightdm dumps to tty. No GUI interface works- this is after a fresh install of Ubuntu 12.04 where the GUI interface works when running off the USB. I have an NVIDIA Corporation G98 [Quadro NVS 420] graphics card. After I call startx from the terminal it still doesn't work. I get the following in the Xorg.0.log: [ 327.718] (--) NVIDIA(0): Memory: 262144 kBytes [ 327.718] (--) NVIDIA(0): VideoBIOS: 62.98.6f.00.07 [ 327.718] (II) NVIDIA(0): Detected PCI Express Link width: 16X [ 327.718] (--) NVIDIA(0): Interlaced video modes are supported on this GPU [ 327.756] (--) NVIDIA(0): Connected display device(s) on Quadro NVS 420 at PCI:3:0:0 [ 327.756] (--) NVIDIA(0): none [ 327.756] (EE) NVIDIA(0): No display devices found for this X screen. [ 328.010] (II) UnloadModule: "nvidia" [ 328.010] (II) Unloading nvidia [ 328.010] (II) UnloadModule: "wfb" [ 328.010] (II) Unloading wfb [ 328.010] (II) UnloadModule: "fb" [ 328.010] (II) Unloading fb [ 328.011] (EE) Screen(s) found, but none have a usable configuration. [ 328.011] Fatal server error: [ 328.011] no screens found /var/log/lightdm/lightdm.log [+0.00s] DEBUG: Starting local X display [+0.00s] DEBUG: X server :0 will replace Plymouth [+0.02s] DEBUG: Using VT 7 [+0.02s] DEBUG: Activating VT 7 [+0.02s] DEBUG: Logging to /var/log/lightdm/x-0.log [+0.02s] DEBUG: Writing X server authority to /var/run/lightdm/root/:0 [+0.02s] DEBUG: Launching X Server [+0.02s] DEBUG: Launching process 1074: /usr/bin/X :0 -auth /var/run/lightdm/root/:0 -nolisten tcp vt7 -novtswitch -background none [+0.02s] DEBUG: Waiting for ready signal from X server :0 [+0.02s] DEBUG: Acquired bus name org.freedesktop.DisplayManager [+0.02s] DEBUG: Registering seat with bus path /org/freedesktop/DisplayManager/Seat0 [+1.38s] DEBUG: Process 1074 exited with return value 1 [+1.38s] DEBUG: X server stopped [+1.38s] DEBUG: Removing X server authority /var/run/lightdm/root/:0 [+1.38s] DEBUG: Releasing VT 7 [+1.38s] DEBUG: Stopping Plymouth, X server failed to start [+1.39s] DEBUG: Display server stopped [+1.39s] DEBUG: Stopping display [+1.39s] DEBUG: Display stopped [+1.39s] DEBUG: Stopping X local seat, failed to start a display [+1.39s] DEBUG: Stopping seat [+1.39s] DEBUG: Seat stopped [+1.39s] DEBUG: Required seat has stopped [+1.39s] DEBUG: Stopping display manager [+1.39s] DEBUG: Display manager stopped [+1.39s] DEBUG: Stopping daemon [+1.39s] DEBUG: Exiting with return value 1 /var/log/lightdm/x-0.log X Protocol Version 11, Revision 0 Build Operating System: Linux 2.6.24-31-server x86_64 Ubuntu Current Operating System: Linux oorn 3.2.0-23-generic #36-Ubuntu SMP Tue Apr 10 20:39:51 UTC 2012 x86_64 Kernel command line: BOOT_IMAGE=/boot/vmlinuz-3.2.0-23-generic root=UUID=b25ab072-077d-40f1-95a4-c7fd66acd2f0 ro reboot=pci quiet splash vt.handoff=7 Build Date: 07 May 2012 11:43:21PM xorg-server 2:1.11.4-0ubuntu10.2 (For technical support please see http://www.ubuntu.com/support) Current version of pixman: 0.24.4 Before reporting problems, check http://wiki.x.org to make sure that you have the latest version. Markers: (--) probed, (**) from config file, (==) default setting, (++) from command line, (!!) notice, (II) informational, (WW) warning, (EE) error, (NI) not implemented, (??) unknown. (==) Log file: "/var/log/Xorg.0.log", Time: Wed Jun 27 12:51:45 2012 (==) Using config file: "/etc/X11/xorg.conf" (==) Using system config directory "/usr/share/X11/xorg.conf.d" (EE) NVIDIA(0): No display devices found for this X screen. (EE) Screen(s) found, but none have a usable configuration. Fatal server error: no screens found Please consult the The X.Org Foundation support at http://wiki.x.org for help. Please also check the log file at "/var/log/Xorg.0.log" for additional information. ddxSigGiveUp: Closing log Server terminated with error (1). Closing log file.

Read the article
Free RAM disappears - Memory leak?

- by Izzy

On a fresh started system, free reports about 1.5G used RAM (8G RAM alltogether, Ubuntu 12.04 with lightdm and plasma desktop, one konsole window started). Having the apps running I use, it still consumes not more than 2G. However, having the system running for a couple of days, more and more of my free RAM disappears -- without showing up in the list of used apps: while smem --pie=name reports less than 20% used (and 80% being available), everything else says differently. free -m for example reports on about day 7: total used free shared buffers cached Mem: 7459 7013 446 0 178 997 -/+ buffers/cache: 5836 1623 Swap: 9536 296 9240 (so you can see, it's not the buffers or the cache). Today this finally ended with the system crashing completely: the windows manager being gone, apps "hanging in the air" (frameless) -- and a popup notifying me about "too many open files". Syslog reports: kernel: [856738.020829] VFS: file-max limit 752838 reached So I closed those applications I was able to close, and killed X using Ctrl-Alt-backspace. X tried to come up again after that with failsafeX, but was unable to do so as it could no longer detect its configuration. So I switched to a console using Ctrl-Alt-F2, captured all information I could think of (vmstat, free, smem, proc/meminfo, lsof, ps aux), and finally rebooted. X again came up with failsafeX; this time I told it to "recover from my backed-up configuration", then switched to a console and successfully used startx to bring up the graphical environment. I have no real clue to what is causing this issue -- though it must have to do either with X itself, or with some user processes running on X -- as after killing X, free -m output looked like this: total used free shared buffers cached Mem: 7459 2677 4781 0 62 419 -/+ buffers/cache: 2195 5263 Swap: 9536 59 9477 (~3.5GB being freed) -- to compare with the output after a fresh start: total used free shared buffers cached Mem: 7459 1483 5975 0 63 730 -/+ buffers/cache: 689 6769 Swap: 9536 0 9536 Two more helpful outputs are provided by memstat -u. Shortly before the crash: User Count Swap USS PSS RSS mail 1 0 200 207 616 whoopsie 1 764 740 817 2300 colord 1 3200 836 894 2156 root 62 70404 352996 382260 569920 izzy 80 177508 1465416 1519266 1851840 After having X killed: User Count Swap USS PSS RSS mail 1 0 184 188 356 izzy 1 1400 708 739 1080 whoopsie 1 848 668 826 1772 colord 1 3204 804 888 1728 root 62 54876 131708 149950 267860 And after a restart, back in X: User Count Swap USS PSS RSS mail 1 0 212 217 628 whoopsie 1 0 1536 1880 5096 colord 1 0 3740 4217 7936 root 54 0 148668 180911 345132 izzy 47 0 370928 437562 915056 Edit: Just added two graphs from my monitoring system. Interesting to see: everytime when there's a "jump" in memory consumption, CPU peaks as well. Just found this right now -- and it reminds me of another indicator pointing to X itself: Often when returning to my machine and unlocking the screen, I found something doing heavvy work on my CPU. Checking with top, it always turned out to be /usr/bin/X :0 -auth /var/run/lightdm/root/:0 -nolisten tcp vt7 -novtswitch -background none. So after this long explanation, finally my questions: What could be the possible causes? How can I better identify involved processes/applications? What steps could be taken to avoid this behaviour -- short from rebooting the machine all X days? I was running 8.04 (Hardy) for about 5 years on my old machine, never having experienced the like (always more than 100 days uptime, before rebooting for e.g. kernel updates). This now is a complete new machine with a fresh install of 8.04. In case it matters, some specs: AMD A4-3400 APU with Radeon(tm) HD Graphics, using the open-source ati/radeon driver (so no fglrx installed), 8GB RAM, WDC WD1002FAEX-0 hdd (1TB), Asus F1A75-V Evo mainboard. Ubuntu 12.04 64-bit with KDE4/Plasma. Apps usually open more or less permanently include Evolution, Firefox, konsole (with Midnight Commander running inside, about 4 tabs), and LibreOffice -- plus occasionally Calibre, Gimp and Moneyplex (banking software I'm already using for almost 20 years now, in a version which did fine on Hardy).

Read the article
Web Application Integration Steps in OAM 11gR2 (High Level)

- by Venkata Srikanth

Install OAM, Webtier (OHS) and WebGate as per the standard installation steps. Create a WebGate instance (i.e deploy WebGate) A WebGate instance must be created that will copy required bits of agent from WEBGATE_HOME to WebGate instance location that shares the same INSTANCE_HOME with OHS ./deployWebGateInstance.sh –w /Oracle/Middleware/Oracle_WT1/instances/instance1/config/ohs1 –oh /Oracle/Middleware/Oracle_OAMWebGate1 Note: Here –w flag indicates OHS instance folder and –oh indicates the WebGate Oracle home Configure WebGate In the webgate configuration the EditHttpdConf utility will copy OUI instantiated apache_webgate.template from WEBGATE_HOME to webgate instance location (renamed to webgate.conf), and update httpd.conf with one additional line to include webgate.conf. export LD_LIBRARY_PATH=$ LD_LIBRARY_PATH:/Oracle/Middleware/Oracle_WT1/lib Navigate to /Oracle/Middleware/Oracle_OAMWebGate1/webgate/ohs/tools/setup/InstallTools ./EditHttpdConf –w /Oracle/Middleware/Oracle_WT1/instances/instace1/config/OHS/ohs1 –oh /Oracle/Middleware/Oracle_OAMWebGate1 –o webgate.conf Register WebGate Use RREG tool to register the OAM 11G WebGate Navigate to /Oracle/Middleware/Oracle_IDM1/oam/server/rreg/input Edit OAM11Grequest.xml. Change the specific xml content to include the weblogic admin URL, agentBaseURL, host identifier etc.. Navigate to /Oracle/Middleware/Oracle_IDM1/oam/server/rreg/bin Set permissions to oamreg.sh à chmod 777 oamreg.sh Edit oamreg.sh and set OAM_REG_HOME=/Oracle/Middleware/Oracle_IDM1/oam/server/rreg ./oamreg.sh inband input/OAM11Grequest.xml Enter the WebLogic admin credentials when prompted. After performing the above steps, there will be two artifcats created under Oracle/Middleware/Oracle_IDM1/oam/server/rreg/output, namely ObAccessClient.xml (Stroing webgate config parameters) and cwallet.sso (storing the agent key). These files must be copied to WebGate instance config folder (/Oracle/Middleware/Oracle_WT1/instances/instance1/config/ohs1/webgate/config) Restart OHS Deploy the web application (myApp) in WebLogic application server Proxy Configuration in OHS The mod_wl_ohs module enables requests to be proxied from Oracle HTTP Server 11g to Oracle WebLogic Server. Navigate to /Oracle/Middleware/Oracle_WT1/instances/instance1/config/OHS/ohs1 Edit mod_wl_ohs.conf file to include the following: <IfModule weblogic_module> WebLogicHost <WEBLOGIC_HOST> WebLogicPort <WEBLOGIC_PORT> # Debug ON # WLLogFile /tmp/weblogic.log MatchExpression *.jsp </IfModule> <Location /myApp> SetHandler weblogic-handler # PathTrim /weblogic # ErrorPage http:/WEBLOGIC_HOME:WEBLOGIC_PORT/ </Location> Note: Here WEBLOGIC_HOST and WEBLOGIC_PORT are the WebLogic admin server host and port respectively Restart OHS. Now if we access the web application URL with OHS host and port (Ex: http://OHS_HOST:<OHS_PORT>/myApp) so that the requests will be proxied to WebLogic server. Create a new application domain Login to OAM Admin Console Navigate to Shared Componentsà Authentication Schemesà Create Authentication Scheme (Ex: LDAP Auth Scheme. Here the scheme is assoicated with LDAP Authentication Module) Navigate to Policy Configuration à Application Domain à Create Application Domain Enter the Application Domain Name and Click Apply. Navigate to Resources tab and add the resource urls (Web Application URLs that needs to be protected) Navigate to Authentication Policy tab à Create a new authentication ploicy by providing the Resource URLs (The sample Web Application URLs) and Authentication Scheme. Navigate to Authorization Policy tab à Create a new authorization policy à Enter authorization policy name and navigate to Resource Tab à Attach the Reource URL, Host Identifiers here. Navigate to Conditions tab à Add the conditions like whom to allow and whom to deny access. Navigate to Rules tab à Crate the Allow Rule and Deny Rule with the available conditions from the previous step so that the Authorization Policy may authorize the logins. Navigate to Resources tab and attach the Authentication and Authorization plocies created in the above steps. Test the Web Application Integration.

Read the article
PHP code works on Chrome, but not on Firefox or IE (send email via HTML form) [on hold]

- by Cachirro

My brother has this form: <form id="lista" action="lista2.php" method="post"> <input name="cf_name" type="text" size="50" hidden="yes" class="obscure"> <input name="cf_email" type="text" size="50" hidden="yes" class="obscure"> <textarea name="cf_message" cols="45" rows="10" hidden="yes" class="obscure"> </textarea> <input type="image" name="submit" value="Enviar Lista por Email" src="imagens/lista_email.png" width="40" height="40" onclick="this.form.elements['cf_message'].value = lista_mail;this.form.elements['cf_name'].value = prompt('Escreva o seu nome:', '');this.form.elements['cf_email'].value = prompt('Escreva o seu email:', '');"> <input name="submit2" type="submit" value="Enviar" hidden="yes" class="obscure"> </form> That calls this PHP file: <?php if ( isset($_POST['submit']) ) { // Dados de autenticacao SMTP $smtpinfo['host'] = 'localhost'; $smtpinfo['port'] = '25'; $smtpinfo['auth'] = true; $smtpinfo['username'] = 'xxx'; $smtpinfo['password'] = 'xxx'; // Dados recebidos do formulario $nome = $_POST['cf_name']; $email = $_POST['cf_email']; $mensagem = $_POST['cf_message']; // Inclusão de ficheiro PEAR. Certifique-se que o PEAR está activado no seu alojamento require_once "Mail.php"; // Corpo da mensagem $body = "Nome: ".$nome; $body.= "\n\n"; $body.= nl2br($mensagem); $headers = array ('From' => $email, 'To' => $smtpinfo["username"], 'Subject' => 'Encomenda Website'); $mail_object = Mail::factory('smtp', $smtpinfo); $mail = $mail_object->send($smtpinfo["username"], $headers, $body); if ( PEAR::isError($mail) ) { echo ("<p>" . $mail->getMessage() . "</p>"); } else { echo ('<b><font color="FFFF00">Mensagem enviada com sucesso.<br><br></b>Seu email: ' . $email . '<br><br></font>'); }} ?> This basically sends an email with some selected products, name and email. The problem is that it works perfectly on Chrome, but not on FF or IE. When the submit image is pressed, the URL changes to the PHP file, but it displays a blank page. After display errors activated: ini_set('display_errors',1); ini_set('display_startup_errors',1); error_reporting(-1) FF/IE display blank page and email isn't sent, Chrome sends the email and displays this: Strict Standards: Non-static method Mail::factory() should not be called statically in /var/www/vhosts/[site url]/httpdocs/lista2.php on line 33 Strict Standards: Non-static method PEAR::isError() should not be called statically, assuming $this from incompatible context in /usr/share/php/Mail/smtp.php , dont know if it helps So, what is causing the email to be sent on chrome and not on FF or IE? Thank you.

Read the article
The design of a generic data synchronizer, or, an [object] that does [actions] with the aid of [helpers]

- by acheong87

I'd like to create a generic data-source "synchronizer," where data-source "types" may include MySQL databases, Google Spreadsheets documents, CSV files, among others. I've been trying to figure out how to structure this in terms of classes and interfaces, keeping in mind (what I've read about) composition vs. inheritance and is-a vs. has-a, but each route I go down seems to violate some principle. For simplicity, assume that all data-sources have a header-row-plus-data-rows format. For example, assume that the first rows of Google Spreadsheets documents and CSV files will have column headers, a.k.a. "fields" (to parallel database fields). Also, eventually, I would like to implement this in PHP, but avoiding language-specific discussion would probably be more productive. Here's an overview of what I've tried. Part 1/4: ISyncable class CMySQL implements ISyncable GetFields() // sql query, pdo statement, whatever AddFields() RemFields() ... _dbh class CGoogleSpreadsheets implements ISyncable GetFields() // zend gdata api AddFields() RemFields() ... _spreadsheetKey _worksheetId class CCsvFile implements ISyncable GetFields() // read from buffer AddFields() RemFields() ... _buffer interface ISyncable GetFields() AddFields($field1, $field2, ...) RemFields($field1, $field2, ...) ... CanAddFields() // maybe the spreadsheet is locked for write, or CanRemFields() // maybe no permission to alter a database table ... AddRow() ModRow() RemRow() ... Open() Close() ... First Question: Does it make sense to use an interface, as above? Part 2/4: CSyncer Next, the thing that does the syncing. class CSyncer __construct(ISyncable $A, ISyncable $B) Push() // sync A to B Pull() // sync B to A Sync() // Push() and Pull() only differ in direction; factor. // Sync()'s job is to make sure that the fields on each side // match, to add fields where appropriate and possible, to // account for different column-orderings, etc., and of // course, to add and remove rows as necessary to sync. ... _A _B Second Question: Does it make sense to define such a class, or am I treading dangerously close to the "Kingdom of Nouns"? Part 3/4: CTranslator? ITranslator? Now, here's where I actually get lost, assuming the above is passable. Sometimes, two ISyncables speak different "dialects." For example, believe it or not, Google Spreadsheets (accessed through the Google Data API "list feed") returns column headers lower-cased and stripped of all spaces and symbols! That is, sys_TIMESTAMP is systimestamp, as far as my code can tell. (Yes, I am aware that the "cell feed" does not strip the name so; however cell-by-cell manipulation is too slow for what I'm doing.) One can imagine other hypothetical examples. Perhaps even the data itself can be in different "dialects." But let's take it as given for now, and not argue this if possible. Third Question: How would you implement "translation"? Note: Taking all this as an exercise, I'm more interested in the "idealized" design, rather than the practical one. (God knows that shipped sailed when I began this project.) Part 4/4: Further Thought Here's my train of thought to demonstrate I've thunk, albeit unfruitfully: First, I thought, primitively, "I'll just modify CMySQL::GetFields() to lower-case and strip field names so they're compatible with Google Spreadsheets." But of course, then my class should really be called, CMySQLForGoogleSpreadsheets, and that can't be right. So, the thing which translates must exist outside of an ISyncable implementor. And surely it can't be right to make each translation a method in CSyncer. If it exists outside of both ISyncable and CSyncer, then what is it? (Is it even an "it"?) Is it an abstract class, i.e. abstract CTranslator? Is it an interface, since a translator only does, not has, i.e. interface ITranslator? Does it even require instantiation? e.g. If it's an ITranslator, then should its translation methods be static? (I learned what "late static binding" meant, today.) And, dear God, whatever it is, how should a CSyncer use it? Does it "have" it? Is it, "it"? Who am I? ...am I, "I"? I've attempted to break up the question into sub-questions, but essentially my question is singular: How does one implement an object A that conceptually "links" (has) two objects b1 and b2 that share a common interface B, where certain pairs of b1 and b2 require a helper, e.g. a translator, to be handled by A? Something tells me that I've overcomplicated this design, or violated a principle much higher up. Thank you all very much for your time and any advice you can provide.

Read the article
ZFS Storage Appliance ? ldap ??????

- by user13138569

ZFS Storage Appliance ? Openldap ????????? ???ldap ?????????????? Solaris 11 ? Openldap ????????????? ??? slapd.conf ??ldif ?????????? user01 ??????? ?????? slapd.conf # # See slapd.conf(5) for details on configuration options. # This file should NOT be world readable. # include /etc/openldap/schema/core.schema include /etc/openldap/schema/cosine.schema include /etc/openldap/schema/nis.schema # Define global ACLs to disable default read access. # Do not enable referrals until AFTER you have a working directory # service AND an understanding of referrals. #referral ldap://root.openldap.org pidfile /var/openldap/run/slapd.pid argsfile /var/openldap/run/slapd.args # Load dynamic backend modules: modulepath /usr/lib/openldap moduleload back_bdb.la # moduleload back_hdb.la # moduleload back_ldap.la # Sample security restrictions # Require integrity protection (prevent hijacking) # Require 112-bit (3DES or better) encryption for updates # Require 63-bit encryption for simple bind # security ssf=1 update_ssf=112 simple_bind=64 # Sample access control policy: # Root DSE: allow anyone to read it # Subschema (sub)entry DSE: allow anyone to read it # Other DSEs: # Allow self write access # Allow authenticated users read access # Allow anonymous users to authenticate # Directives needed to implement policy: # access to dn.base="" by * read # access to dn.base="cn=Subschema" by * read # access to * # by self write # by users read # by anonymous auth # # if no access controls are present, the default policy # allows anyone and everyone to read anything but restricts # updates to rootdn. (e.g., "access to * by * read") # # rootdn can always read and write EVERYTHING! ####################################################################### # BDB database definitions ####################################################################### database bdb suffix "dc=oracle,dc=com" rootdn "cn=Manager,dc=oracle,dc=com" # Cleartext passwords, especially for the rootdn, should # be avoid. See slappasswd(8) and slapd.conf(5) for details. # Use of strong authentication encouraged. rootpw secret # The database directory MUST exist prior to running slapd AND # should only be accessible by the slapd and slap tools. # Mode 700 recommended. directory /var/openldap/openldap-data # Indices to maintain index objectClass eq ?????????ldif???? dn: dc=oracle,dc=com objectClass: dcObject objectClass: organization dc: oracle o: oracle dn: cn=Manager,dc=oracle,dc=com objectClass: organizationalRole cn: Manager dn: ou=People,dc=oracle,dc=com objectClass: organizationalUnit ou: People dn: ou=Group,dc=oracle,dc=com objectClass: organizationalUnit ou: Group dn: uid=user01,ou=People,dc=oracle,dc=com uid: user01 objectClass: top objectClass: account objectClass: posixAccount objectClass: shadowAccount cn: user01 uidNumber: 10001 gidNumber: 10000 homeDirectory: /home/user01 userPassword: secret loginShell: /bin/bash shadowLastChange: 10000 shadowMin: 0 shadowMax: 99999 shadowWarning: 14 shadowInactive: 99999 shadowExpire: -1 ldap?????????????ZFS Storage Appliance??????? Configuration SERVICES LDAP ??Base search DN ?ldap??????????? ???? ldap ????????? user01 ???????????????? ???????????? user ????????? Unknown or invalid user ?????????????????? ????????????????Solaris 11 ???????????? ????????????? ldap ????????getent ??????????????? # svcadm enable svc:/network/nis/domain:default # svcadm enable ldap/client # ldapclient manual -a authenticationMethod=none -a defaultSearchBase=dc=oracle,dc=com -a defaultServerList=192.168.56.201 System successfully configured # getent passwd user01 user01:x:10001:10000::/home/user01:/bin/bash ????????? user01 ?????????????? # mount -F nfs -o vers=3 192.168.56.101:/export/user01 /mnt # su user01 bash-4.1$ cd /mnt bash-4.1$ touch aaa bash-4.1$ ls -l total 1 -rw-r--r-- 1 user01 10000 0 May 31 04:32 aaa ?????? ldap ??????????????????????????!

Read the article
Exception Servlets have the same pattern, how to solve?

- by user3713766

This is my web xml: <?xml version="1.0" encoding="UTF-8"?> <web-app version="3.1" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"> <context-param> <param-name>primefaces.THEME</param-name> <param-value>cc</param-value> </context-param> <context-param> <param-name>javax.faces.PROJECT_STAGE</param-name> <param-value>Development</param-value> </context-param> <servlet> <servlet-name>Faces Servlet</servlet-name> <servlet-class>javax.faces.webapp.FacesServlet</servlet-class> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>Faces Servlet</servlet-name> <url-pattern>*.xhtml</url-pattern> </servlet-mapping> <session-config> <session-timeout> -1 </session-timeout> </session-config> <welcome-file-list> <welcome-file>index.xhtml</welcome-file> </welcome-file-list> </web-app> Below is my glassfish server output. So what causes that exception and what are my options? Any help would be appreciated. It seems like I posted most of code but, I've stated my problem quite clearly.So thanks in advance. Severe: Servlet [CoordinatorPortImpl] and Servlet [ParticipantPortImpl] have the same url pattern: [/WSAT11Service] Severe: Exception while deploying the app [ClickService] Severe: Exception during lifecycle processing java.lang.IllegalStateException: Servlet [CoordinatorPortImpl] and Servlet [ParticipantPortImpl] have the same url pattern: [/WSAT11Service]. Related annotation information: annotation [@javax.jws.WebService(wsdlLocation=/wsdls/wsat11/wstx-wsat-1.1-wsdl-200702.wsdl, name=, portName=ParticipantPort, endpointInterface=com.sun.xml.ws.tx.at.v11.types.ParticipantPortType, serviceName=WSAT11Service, targetNamespace=http://docs.oasis-open.org/ws-tx/wsat/2006/06)] on annotated element [class com.sun.xml.ws.tx.at.v11.endpoint.ParticipantPortImpl] of type [TYPE] at com.sun.enterprise.deployment.archivist.Archivist.readAnnotations(Archivist.java:518) at com.sun.enterprise.deployment.archivist.Archivist.readAnnotations(Archivist.java:446) at org.glassfish.web.deployment.archivist.WebArchivist.postAnnotationProcess(WebArchivist.java:338) at org.glassfish.web.deployment.archivist.WebArchivist.postAnnotationProcess(WebArchivist.java:91) at com.sun.enterprise.deployment.archivist.Archivist.readRestDeploymentDescriptors(Archivist.java:420) at com.sun.enterprise.deployment.archivist.Archivist.readDeploymentDescriptors(Archivist.java:396) at com.sun.enterprise.deployment.archivist.Archivist.open(Archivist.java:271) at com.sun.enterprise.deployment.archivist.Archivist.open(Archivist.java:280) at com.sun.enterprise.deployment.archivist.Archivist.open(Archivist.java:241) at com.sun.enterprise.deployment.archivist.ApplicationFactory.openArchive(ApplicationFactory.java:161) at org.glassfish.javaee.core.deployment.DolProvider.processDOL(DolProvider.java:198) at org.glassfish.javaee.core.deployment.DolProvider.load(DolProvider.java:222) at org.glassfish.javaee.core.deployment.DolProvider.load(DolProvider.java:96) at com.sun.enterprise.v3.server.ApplicationLifecycle.loadDeployer(ApplicationLifecycle.java:878) at com.sun.enterprise.v3.server.ApplicationLifecycle.setupContainerInfos(ApplicationLifecycle.java:818) at com.sun.enterprise.v3.server.ApplicationLifecycle.deploy(ApplicationLifecycle.java:374) at com.sun.enterprise.v3.server.ApplicationLifecycle.deploy(ApplicationLifecycle.java:219) at org.glassfish.deployment.admin.DeployCommand.execute(DeployCommand.java:491) at com.sun.enterprise.v3.admin.CommandRunnerImpl$2$1.run(CommandRunnerImpl.java:527) at com.sun.enterprise.v3.admin.CommandRunnerImpl$2$1.run(CommandRunnerImpl.java:523) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.Subject.doAs(Subject.java:360) at com.sun.enterprise.v3.admin.CommandRunnerImpl$2.execute(CommandRunnerImpl.java:522) at com.sun.enterprise.v3.admin.CommandRunnerImpl.doCommand(CommandRunnerImpl.java:546) at com.sun.enterprise.v3.admin.CommandRunnerImpl.doCommand(CommandRunnerImpl.java:1423) at com.sun.enterprise.v3.admin.CommandRunnerImpl.access$1500(CommandRunnerImpl.java:108) at com.sun.enterprise.v3.admin.CommandRunnerImpl$ExecutionContext.execute(CommandRunnerImpl.java:1762) at com.sun.enterprise.v3.admin.CommandRunnerImpl$ExecutionContext.execute(CommandRunnerImpl.java:1674) at com.sun.enterprise.v3.admin.AdminAdapter.doCommand(AdminAdapter.java:534) at com.sun.enterprise.v3.admin.AdminAdapter.onMissingResource(AdminAdapter.java:224) at org.glassfish.grizzly.http.server.StaticHttpHandler.service(StaticHttpHandler.java:297) at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:246) at org.glassfish.grizzly.http.server.HttpHandler.runService(HttpHandler.java:191) at org.glassfish.grizzly.http.server.HttpHandler.doHandle(HttpHandler.java:168) at org.glassfish.grizzly.http.server.HttpServerFilter.handleRead(HttpServerFilter.java:189) at org.glassfish.grizzly.filterchain.ExecutorResolver$9.execute(ExecutorResolver.java:119) at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeFilter(DefaultFilterChain.java:288) at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeChainPart(DefaultFilterChain.java:206) at org.glassfish.grizzly.filterchain.DefaultFilterChain.execute(DefaultFilterChain.java:136) at org.glassfish.grizzly.filterchain.DefaultFilterChain.process(DefaultFilterChain.java:114) at org.glassfish.grizzly.ProcessorExecutor.execute(ProcessorExecutor.java:77) at org.glassfish.grizzly.nio.transport.TCPNIOTransport.fireIOEvent(TCPNIOTransport.java:838) at org.glassfish.grizzly.strategies.AbstractIOStrategy.fireIOEvent(AbstractIOStrategy.java:113) at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.run0(WorkerThreadIOStrategy.java:115) at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.access$100(WorkerThreadIOStrategy.java:55) at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy$WorkerThreadRunnable.run(WorkerThreadIOStrategy.java:135) at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:564) at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.run(AbstractThreadPool.java:544) at java.lang.Thread.run(Thread.java:745) Caused by: Servlet [CoordinatorPortImpl] and Servlet [ParticipantPortImpl] have the same url pattern: [/WSAT11Service]. Related annotation information: annotation [@javax.jws.WebService(wsdlLocation=/wsdls/wsat11/wstx-wsat-1.1-wsdl-200702.wsdl, name=, portName=ParticipantPort, endpointInterface=com.sun.xml.ws.tx.at.v11.types.ParticipantPortType, serviceName=WSAT11Service, targetNamespace=http://docs.oasis-open.org/ws-tx/wsat/2006/06)] on annotated element [class com.sun.xml.ws.tx.at.v11.endpoint.ParticipantPortImpl] of type [TYPE] at org.glassfish.apf.impl.AnnotationProcessorImpl.process(AnnotationProcessorImpl.java:367) at org.glassfish.apf.impl.AnnotationProcessorImpl.process(AnnotationProcessorImpl.java:375) at org.glassfish.apf.impl.AnnotationProcessorImpl.processAnnotations(AnnotationProcessorImpl.java:289) at org.glassfish.apf.impl.AnnotationProcessorImpl.process(AnnotationProcessorImpl.java:195) at org.glassfish.apf.impl.AnnotationProcessorImpl.process(AnnotationProcessorImpl.java:134) at com.sun.enterprise.deployment.archivist.Archivist.processAnnotations(Archivist.java:626) at com.sun.enterprise.deployment.archivist.Archivist.readAnnotations(Archivist.java:462) ... 48 more Caused by: java.lang.IllegalArgumentException: Servlet [CoordinatorPortImpl] and Servlet [ParticipantPortImpl] have the same url pattern: [/WSAT11Service] at org.glassfish.web.deployment.descriptor.WebBundleDescriptorImpl.addWebComponentDescriptor(WebBundleDescriptorImpl.java:359) at org.glassfish.webservices.connector.annotation.handlers.WebServiceHandler.processAnnotation(WebServiceHandler.java:461) at com.sun.enterprise.deployment.annotation.factory.SJSASFactory$LazyAnnotationHandler.processAnnotation(SJSASFactory.java:148) at org.glassfish.apf.impl.AnnotationProcessorImpl.process(AnnotationProcessorImpl.java:344) ... 54 more Severe: Exception while deploying the app [ClickService] : Servlet [CoordinatorPortImpl] and Servlet [ParticipantPortImpl] have the same url pattern: [/WSAT11Service]. Related annotation information: annotation [@javax.jws.WebService(wsdlLocation=/wsdls/wsat11/wstx-wsat-1.1-wsdl-200702.wsdl, name=, portName=ParticipantPort, endpointInterface=com.sun.xml.ws.tx.at.v11.types.ParticipantPortType, serviceName=WSAT11Service, targetNamespace=http://docs.oasis-open.org/ws-tx/wsat/2006/06)] on annotated element [class com.sun.xml.ws.tx.at.v11.endpoint.ParticipantPortImpl] of type [TYPE] Servlet [CoordinatorPortImpl] and Servlet [ParticipantPortImpl] have the same url pattern: [/WSAT11Service]. Related annotation information: annotation [@javax.jws.WebService(wsdlLocation=/wsdls/wsat11/wstx-wsat-1.1-wsdl-200702.wsdl, name=, portName=ParticipantPort, endpointInterface=com.sun.xml.ws.tx.at.v11.types.ParticipantPortType, serviceName=WSAT11Service, targetNamespace=http://docs.oasis-open.org/ws-tx/wsat/2006/06)] on annotated element [class com.sun.xml.ws.tx.at.v11.endpoint.ParticipantPortImpl] of type [TYPE] at org.glassfish.apf.impl.AnnotationProcessorImpl.process(AnnotationProcessorImpl.java:367) at org.glassfish.apf.impl.AnnotationProcessorImpl.process(AnnotationProcessorImpl.java:375) at org.glassfish.apf.impl.AnnotationProcessorImpl.processAnnotations(AnnotationProcessorImpl.java:289) at org.glassfish.apf.impl.AnnotationProcessorImpl.process(AnnotationProcessorImpl.java:195) at org.glassfish.apf.impl.AnnotationProcessorImpl.process(AnnotationProcessorImpl.java:134) at com.sun.enterprise.deployment.archivist.Archivist.processAnnotations(Archivist.java:626) at com.sun.enterprise.deployment.archivist.Archivist.readAnnotations(Archivist.java:462) at com.sun.enterprise.deployment.archivist.Archivist.readAnnotations(Archivist.java:446) at org.glassfish.web.deployment.archivist.WebArchivist.postAnnotationProcess(WebArchivist.java:338) at org.glassfish.web.deployment.archivist.WebArchivist.postAnnotationProcess(WebArchivist.java:91) at com.sun.enterprise.deployment.archivist.Archivist.readRestDeploymentDescriptors(Archivist.java:420) at com.sun.enterprise.deployment.archivist.Archivist.readDeploymentDescriptors(Archivist.java:396) at com.sun.enterprise.deployment.archivist.Archivist.open(Archivist.java:271) at com.sun.enterprise.deployment.archivist.Archivist.open(Archivist.java:280) at com.sun.enterprise.deployment.archivist.Archivist.open(Archivist.java:241) at com.sun.enterprise.deployment.archivist.ApplicationFactory.openArchive(ApplicationFactory.java:161) at org.glassfish.javaee.core.deployment.DolProvider.processDOL(DolProvider.java:198) at org.glassfish.javaee.core.deployment.DolProvider.load(DolProvider.java:222) at org.glassfish.javaee.core.deployment.DolProvider.load(DolProvider.java:96) at com.sun.enterprise.v3.server.ApplicationLifecycle.loadDeployer(ApplicationLifecycle.java:878) at com.sun.enterprise.v3.server.ApplicationLifecycle.setupContainerInfos(ApplicationLifecycle.java:818) at com.sun.enterprise.v3.server.ApplicationLifecycle.deploy(ApplicationLifecycle.java:374) at com.sun.enterprise.v3.server.ApplicationLifecycle.deploy(ApplicationLifecycle.java:219) at org.glassfish.deployment.admin.DeployCommand.execute(DeployCommand.java:491) at com.sun.enterprise.v3.admin.CommandRunnerImpl$2$1.run(CommandRunnerImpl.java:527) at com.sun.enterprise.v3.admin.CommandRunnerImpl$2$1.run(CommandRunnerImpl.java:523) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.Subject.doAs(Subject.java:360) at com.sun.enterprise.v3.admin.CommandRunnerImpl$2.execute(CommandRunnerImpl.java:522) at com.sun.enterprise.v3.admin.CommandRunnerImpl.doCommand(CommandRunnerImpl.java:546) at com.sun.enterprise.v3.admin.CommandRunnerImpl.doCommand(CommandRunnerImpl.java:1423) at com.sun.enterprise.v3.admin.CommandRunnerImpl.access$1500(CommandRunnerImpl.java:108) at com.sun.enterprise.v3.admin.CommandRunnerImpl$ExecutionContext.execute(CommandRunnerImpl.java:1762) at com.sun.enterprise.v3.admin.CommandRunnerImpl$ExecutionContext.execute(CommandRunnerImpl.java:1674) at com.sun.enterprise.v3.admin.AdminAdapter.doCommand(AdminAdapter.java:534) at com.sun.enterprise.v3.admin.AdminAdapter.onMissingResource(AdminAdapter.java:224) at org.glassfish.grizzly.http.server.StaticHttpHandler.service(StaticHttpHandler.java:297) at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:246) at org.glassfish.grizzly.http.server.HttpHandler.runService(HttpHandler.java:191) at org.glassfish.grizzly.http.server.HttpHandler.doHandle(HttpHandler.java:168) at org.glassfish.grizzly.http.server.HttpServerFilter.handleRead(HttpServerFilter.java:189) at org.glassfish.grizzly.filterchain.ExecutorResolver$9.execute(ExecutorResolver.java:119) at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeFilter(DefaultFilterChain.java:288) at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeChainPart(DefaultFilterChain.java:206) at org.glassfish.grizzly.filterchain.DefaultFilterChain.execute(DefaultFilterChain.java:136) at org.glassfish.grizzly.filterchain.DefaultFilterChain.process(DefaultFilterChain.java:114) at org.glassfish.grizzly.ProcessorExecutor.execute(ProcessorExecutor.java:77) at org.glassfish.grizzly.nio.transport.TCPNIOTransport.fireIOEvent(TCPNIOTransport.java:838) at org.glassfish.grizzly.strategies.AbstractIOStrategy.fireIOEvent(AbstractIOStrategy.java:113) at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.run0(WorkerThreadIOStrategy.java:115) at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.access$100(WorkerThreadIOStrategy.java:55) at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy$WorkerThreadRunnable.run(WorkerThreadIOStrategy.java:135) at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:564) at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.run(AbstractThreadPool.java:544) at java.lang.Thread.run(Thread.java:745) Caused by: java.lang.IllegalArgumentException: Servlet [CoordinatorPortImpl] and Servlet [ParticipantPortImpl] have the same url pattern: [/WSAT11Service] at org.glassfish.web.deployment.descriptor.WebBundleDescriptorImpl.addWebComponentDescriptor(WebBundleDescriptorImpl.java:359) at org.glassfish.webservices.connector.annotation.handlers.WebServiceHandler.processAnnotation(WebServiceHandler.java:461) at com.sun.enterprise.deployment.annotation.factory.SJSASFactory$LazyAnnotationHandler.processAnnotation(SJSASFactory.java:148) at org.glassfish.apf.impl.AnnotationProcessorImpl.process(AnnotationProcessorImpl.java:344) ... 54 more

Read the article
ASP.NET MVC tries to load older version of Owin assembly

- by d_mcg

As a bit of context, I'm developing an ASP.NET MVC 5 application that uses OAuth-based authentication via Microsoft's OWIN implementation, for Facebook and Google only at this stage. Currently (as of v3.0.0, git-commit 4932c2f), the FacebookAuthenticationOptions and GoogleOAuth2AuthenticationOptions don't provide any property to force Facebook nor Google respectively to reauthenticate users (via appending the appropriate query string parameters) when signing in. Initially, I set out to override the following classes: FacebookAuthenticationOptions GoogleOAuth2AuthenticationOptions FacebookAuthenticationHandler (specifically AuthenticateCoreAsync()) GoogleOAuth2AuthenticationHandler (specifically AuthenticateCoreAsync()) yet discovered that the ~AuthenticationHandler classes are marked as internal. So I pulled a copy of the source for the Katana project (http://katanaproject.codeplex.com/) and modified the source accordingly. After compiling, I found that there are several dependencies that needed updating in order to use these updated assemblies (Microsoft.Owin.Security.Facebook and Microsoft.Owin.Security.Google) in the MVC project: Microsoft.Owin Microsoft.Owin.Security Microsoft.Owin.Security.Cookies Microsoft.Owin.Security.OAuth Microsoft.Owin.Host.SystemWeb This was done by replacing the existing project references to the 3.0.0 versions and updating those in web.config. Good news: the project compiles successfully. In debugging, I received an exception on startup: An exception of type 'System.IO.FileLoadException' occurred in [MVC web assembly].dll but was not handled in user code Additional information: Could not load file or assembly 'Microsoft.Owin.Security, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The located assembly's manifest definition does not match the assembly reference. (Exception from HRESULT: 0x80131040) The underlying exception indicated that Microsoft.AspNet.Identity.Owin was trying to load v2.1.0 of Microsoft.Owin.Security when calling app.UseExternalSignInCookie() from Startup.ConfigureAuth(IAppBuilder app) in Startup.Auth.cs. Unfortunately that assembly (and its other dependency, Microsoft.AspNet.Identity.Owin) aren't part of the Project Katana solution, and I can't find any accessible repository for these assemblies online. Are the Microsoft.AspNet.Identity assemblies open source, like the Katana project? Is there a way to fool those assemblies to use the referenced v3.0.0 assemblies instead of v2.1.0? The /bin folder contains the 3.0.0 versions of the Owin assemblies. I've upgraded the NuGet packages for Microsoft.AspNet.Identity.Owin, and this is still an issue. Any ideas on how to resolve this issue?

Read the article
IIS7 Mixed Mode Authentication

- by drachenstern

We're getting ready to start migrating some of our IIS6 sites to IIS7, and the application currently uses Forms Authentication. We have started getting some requests from various sites to use the Windows Authentication for the users. While this is easy enough to implement (and I've shown internally that there is no issue with the app, as expected) the question then is how to continue to keep Forms authentication for when Integrated Windows doesn't work. I've seen several walkthroughs on how to have it configured on IIS6, and I could do the same thing on IIS7, but then I have to turn on Classic Mode processing. Any solution should also be back portable to IIS6, if possible, to keep the build tree simple. So what are my options on this? Do I setup the app with Integrated Windows Authentication in IIS7, Forms Auth in the web.config, and redirect 401 errors to an "error page" allowing them to login using forms, then back to the regular app? The case when Forms is likely to be needed is going to be reserved for Contract workers, our support staff, and if someone needs to access it on their site from their Extranet. So primarily it's for our staff to login to check functionality and confirm bug reports. I suggested we just maintain that for our support staff to work, we need a Windows login that will always be live, and then we'll just enforce local responsibility on who can login to the site, but I'm told that we would do better to have Forms Authentication. Any thoughts? I can post some of the links of the articles I've already read through if that would help the forum better narrow my needs. Many thanks. tl;dr: How to do mixed mode authentication (forms, windows) in IIS7 without changing to classic pipeline and still be able to use the build in IIS6 if possible.

Read the article
PYTHON: ntlm authentication

- by Svetlana

Hello!! I'm trying to implement NTLM authentication on IIS (Windows Server 2003) from Windows 7 with python. LAN Manager Authentication Level: Send NTLM response only. Client machine and server are in the same domain. Domain controller (AD) is on another server (also running Windows Server 2003). I recieve 401.1 - Unauthorized: Access is denied due to invalid credentials. Could you please help me find out what is wrong with this code and/or show me the other possible directions to solve this problem (using NTLM or Kerberos)? [python] import sys, httplib, base64, string import urllib2 import win32api import sspi import pywintypes import socket class WindoewNtlmMessageGenerator: def __init__(self,user=None): import win32api,sspi if not user: user = win32api.GetUserName() self.sspi_client = sspi.ClientAuth("NTLM",user) def create_auth_req(self): import pywintypes output_buffer = None error_msg = None try: error_msg, output_buffer = self.sspi_client.authorize(None) except pywintypes.error: return None auth_req = output_buffer[0].Buffer auth_req = base64.encodestring(auth_req) auth_req = string.replace(auth_req,'\012','') return auth_req def create_challenge_response(self,challenge): import pywintypes output_buffer = None input_buffer = challenge error_msg = None try: error_msg, output_buffer = self.sspi_client.authorize(input_buffer) except pywintypes.error: return None response_msg = output_buffer[0].Buffer response_msg = base64.encodestring(response_msg) response_msg = string.replace(response_msg,'\012','') return response_msg fname='request.xml' request = file(fname).read() ip_host = '10.0.3.112' ntlm_gen = WindoewNtlmMessageGenerator() auth_req_msg = ntlm_gen.create_auth_req() auth_req_msg_dec = base64.decodestring(auth_req_msg) auth_req_msg = string.replace(auth_req_msg,'\012','') webservice = httplib.HTTPConnection(ip_host) webservice.putrequest("POST", "/idc/idcplg") webservice.putheader("Content-length", "%d" % len(request)) webservice.putheader('Authorization', 'NTLM'+' '+auth_req_msg) webservice.endheaders() resp = webservice.getresponse() resp.read() challenge = resp.msg.get('WWW-Authenticate') challenge_dec = base64.decodestring(challenge.split()[1]) msg3 = ntlm_gen.create_challenge_response(challenge_dec) webservice = httplib.HTTP(ip_host) webservice.putrequest("POST", "/idc/idcplg?IdcService=LOGIN&Auth=Intranet") webservice.putheader("Host", SHOD) webservice.putheader("Content-length", "%d" % len(request)) webservice.putheader('Authorization', 'NTLM'+' '+msg3) webservice.putheader("Content-type", "text/xml; charset=\"UTF-8\"") webservice.putheader("SOAPAction", "\"\"") webservice.endheaders() webservice.send(request) statuscode, statusmessage, header = webservice.getreply() res = webservice.getfile().read() res_file = file('result.txt','wb') res_file.write(res) res_file.close() [/python] sspi.py is available here: http://www.koders.com/python/fidF3B0061A07CD13BA35FF263E3E45252CFABFAA3B.aspx?s=timer Thanks!

Read the article
Silverlight 4 - MVC 2 ASP.NET Membership integration "single sign on"

- by Scrappydog

Scenario: I have an ASP.NET MVC 2 site using ASP.NET Forms Authentication. The site includes a Silverlight 4 application that needs to securely call internal web services. The web services also need to be publically exposed for third party authenticated access. Challenges: Securely accessing webservices from Silverlight using the current users identity without requiring the user to re-login in in the Silverlight application. Providing a secure way for third party applications to access the same webservices the same users credentials, ideally with out using ASP.NET Forms Authentication. Additional details and limitations: This application is hosted in Azure. We would rather NOT use RIA Services if at all possible. Solutions Under Consideration: I think that if the webservices are part of the same MVC site that hosts the Silverlight application then forms authentication should probably "just work" from Silverlight based on the users forms auth cookies. But this seems to rule out the possibility of hosting the webservices seperately (which is desirable in our scenario). For third-party access to the web services I'm guessing that seperate endpoints with a different authenication solution is probably the right answer, but I would rather only support one version of the services if possible... Questions: Can anybody point me towards any sample applications that implements something like this? How would you recommend implementing this solution?

Read the article
Django - The included urlconf doesn't have any patterns in it

- by unsorted

My website, which was working before, suddenly started breaking with the error "ImproperlyConfigured at / The included urlconf resume.urls doesn't have any patterns in it" The project base is called resume. In settings.py I have set ROOT_URLCONF = 'resume.urls' Here's my resume.urls, which sits in the project root directory. from django.conf.urls.defaults import * # Uncomment the next two lines to enable the admin: from django.contrib import admin admin.autodiscover() urlpatterns = patterns('', # Example: # (r'^resume/', include('resume.foo.urls')), # Uncomment the admin/doc line below and add 'django.contrib.admindocs' # to INSTALLED_APPS to enable admin documentation: (r'^admin/doc/', include('django.contrib.admindocs.urls')), # Uncomment the next line to enable the admin: (r'^admin/', include(admin.site.urls)), (r'^accounts/login/$', 'django.contrib.auth.views.login'), #(r'^employer/', include(students.urls)), (r'^ajax/', include('urls.ajax')), (r'^student/', include('students.urls')), (r'^club/(?P<object_id>\d+)/$', 'resume.students.views.club_detail'), (r'^company/(?P<object_id>\d+)/$', 'resume.students.views.company_detail'), (r'^program/(?P<object_id>\d+)/$', 'resume.students.views.program_detail'), (r'^course/(?P<object_id>\d+)/$', 'resume.students.views.course_detail'), (r'^career/(?P<object_id>\d+)/$', 'resume.students.views.career_detail'), (r'^site_media/(?P<path>.*)$', 'django.views.static.serve', {'document_root': 'C:/code/django/resume/media'}), ) Anyone know what's wrong? This is driving me crazy. Thanks,

Read the article
OAuth with Google Reader API using Objective C

- by Dylan

I'm using the gdata OAuth controllers to get an OAuth token and then signing my requests as instructed. [auth authorizeRequest:myNSURLMutableRequest] It works great for GET requests but POSTs are failing with 401 errors. I knew I wouldn't be able to remain blissfully ignorant of the OAuth magic. The Google Reader API requires parameters in the POST body. OAuth requires those parameters to be encoded in the signature like they were on the query string. It doesn't appear the gdata library does this. I tried hacking it in the same way it handles the query string but no luck. This is so difficult to debug as all I get is a 401 from the Google black box and I'm left to guess. I really want to use OAuth so I don't have to collect login credentials from my users but I'm about to scrap it and go with the simpler cookie based authentication that is more mature. It's possible I'm completely wrong about the reason it's failing. This is my best guess. Any suggestions for getting gdata to work or maybe an alternative iphone friendly OAuth library?

Read the article
How to disable authentication schemes for WCF Data Services

- by Schneider

When I deployed my WCF Data Services to production hosting I started to get the following error (or similar depending on which auth schemes are active): IIS specified authentication schemes 'Basic, Anonymous', but the binding only supports specification of exactly one authentication scheme. Valid authentication schemes are Digest, Negotiate, NTLM, Basic, or Anonymous. Change the IIS settings so that only a single authentication scheme is used. Apparently WCF Data Services (WCF in general?) cannot handle having more than once authentication scheme active. OK so I am aware that I can disable all-but-one authentication scheme on the web application via IIS control panel .... via a support request!! Is there a way to specify a single authentication scheme on a per-service level in the web.config? I thought this might be as straight forward as making a change to <system.serviceModel> but... it turns out that WCF Data Services do not configure themselves in the web config. If you look at the DataService<> class it does not implement a [ServiceContract] hence you cannot refer to it in the <service><endpoint>...which I presume would be needed for changing its configuration via XML. P.S. Our host is using II6, but both solutions for IIS6 & IIS7 appreciated.

Read the article
OAuthWebSecurity.VerifyAuthentication IsSuccessful returns false how do I to determine the reason?

- by Eonasdan

I'm using DotNetOpenAuth with a MVC 4 application. All the sudden Google auth is failing (MS is working). The stock code does this: [AllowAnonymous] public ActionResult ExternalLoginCallback(string returnUrl) { var result = OAuthWebSecurity.VerifyAuthentication(Url.Action("ExternalLoginCallback", new { ReturnUrl = returnUrl })); if (!result.IsSuccessful) { return RedirectToAction("ExternalLoginFailure"); } I know that result.IsSuccessful is false, but how do I get the reason? result.Error is null. I also looked at this page to use log4net. I do get a log on the local dev box but not when I deploy it to a remote server. log4net webconfig: <log4net> <appender name="RollingFileAppender" type="log4net.Appender.RollingFileAppender"> <file value="RelyingParty.log" /> <appendToFile value="true" /> <rollingStyle value="Size" /> <maxSizeRollBackups value="10" /> <maximumFileSize value="100KB" /> <staticLogFileName value="true" /> <layout type="log4net.Layout.PatternLayout"> <conversionPattern value="%date (GMT%date{%z}) [%thread] %-5level %logger - %message%newline" /> </layout> </appender>  <root> <level value="INFO" /> <appender-ref ref="RollingFileAppender" /> </root>  <logger name="DotNetOpenAuth"> <level value="ALL" /> </logger> </log4net> Edit I also tried log4net to a sql db but it still didn't log anything

Read the article
asp.net mvc, IIS 6 vs IIS7.5, and integrated windows authentication causing javascript errors?

- by chris

This is a very strange one. I have an asp.net MVC 1 app. Under IIS6, with no anon access - only integrated windows auth - every thing works fine. I have the following on most of my Foo pages: <% using (Html.BeginForm()) { %> Show All: <%= Html.CheckBox("showAll", new { onClick = "$(this).parent('form:first').submit();" })%> <% } %> Clicking on the checkbox causes a post, the page is reloaded, everything is good. When I look at the access logs, that's what I see, with one oddity - the js library is requested during the page first request, but not for any subsequent page requests. Log looks like: GET / 401 GET / 200 GET /Content/Site.css 304 GET /Scripts/jquery-1.3.2.min.js 401 GET /Scripts/jquery-ui-1.7.2.custom.min.js 401 GET /Scripts/jquery.tablesorter.min.js 401 GET /Scripts/jquery-1.3.2.min.js 304 GET /Scripts/jquery-ui-1.7.2.custom.min.js 304 GET /Scripts/jquery.tablesorter.min.js 304 GET /Content/Images/logo.jpg 401 GET /Content/Images/logo.jpg 304 GET /Foo 401 GET /Foo 200 POST /Foo/Delete 302 GET /Foo/List 200 POST /Foo/List 200 This corresponds to home page, click on "Foo", delete a record, click a checkbox (which causes the 2nd POST). Under IIS7.5, it sometimes fails - the click on the check box doesn't cause a postback, but there are no obvious reasons why. I've noticed under IIS7.5 that every single page request re-issues the requests for the js libraries - the first one a 401, followed by either a 200 (OK) or 304 (not modified), as opposed to the above log extract where that only happened during the 1st request. Is there any way to eliminate the 401 requests? Could a timing issue have something to do with the click being ignored? Would increasing the number of concurrent connections help? Any other ideas? I'm at a bit of a loss to explain this.

Read the article
Auto Login facebook user into application

- by user537562

So, Here is the scenario I am trying to fix. A returning user is logged into facebook but not logged into the application. In this case when the user tries to load the application, since the user cookie is not attained yet, it redirects the user to the login page. I googled around and found this solution, FB.Event.subscribe('auth.sessionChange', function(response) { if (response.session) { window.location.reload(); } } basically whats happening here is, we are registering to facebook for a login/logout event and when it receives a response, we reload the page. Now its loads the right page since we have the user cookie on our site domain after the first load. this works, but the problem is the double load. It takes a lot of time. How can I attain the user cookie on server side for returning user? so that I don't have to do the initial page reload. Also, I have looked at yelp, and somehow they are able to load the user information without doing double load, does any body know they are able to do it? Any help is greatly appreciated, Thanks!

Read the article
WCF/MSMQ Transport Security with Certificates

- by user104295

Hi there, my goal is to secure the communication between MSMQ Queue Managers – I don’t want unknown clients sending messages to my MSMQ server. I have spent many hours now trying to get Transport security working for the net.msmq binding in WCF, where MSMQ is in Workgroup mode and the client and server do not have Active Directory… so I’m using certificates. I have created a new X.509 certificate, called Kristan and put it into the “Trusted people” store on the server and into the My store of Current User of the client. The error I’m getting is: An error occurred while sending to the queue: Unrecognized error -1072824272 (0xc00e0030).Ensure that MSMQ is installed and running. If you are sending to a local queue, ensure the queue exists with the required access mode and authorization. Using smartsniff, I see that there’s no attempted connection with the remote MSMQ, however, it’s an error probably coming from the local queue manager. The stack trace is: at System.ServiceModel.Channels.MsmqOutputChannel.OnSend(Message message, TimeSpan timeout) at System.ServiceModel.Channels.OutputChannel.Send(Message message, TimeSpan timeout) at System.ServiceModel.Dispatcher.OutputChannelBinder.Send(Message message, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message) The code:- EndpointAddress endpointAddress = new EndpointAddress(new Uri(endPointAddress)); NetMsmqBinding clientBinding = new NetMsmqBinding(); clientBinding.Security.Mode = NetMsmqSecurityMode.Transport; clientBinding.Security.Transport.MsmqAuthenticationMode = MsmqAuthenticationMode.Certificate; clientBinding.Security.Transport.MsmqProtectionLevel = System.Net.Security.ProtectionLevel.Sign; clientBinding.ExactlyOnce = false; clientBinding.UseActiveDirectory = false; // start new var channelFactory = new ChannelFactory<IAsyncImportApi>(clientBinding, endpointAddress); channelFactory.Credentials.ClientCertificate.SetCertificate("CN=Kristan", StoreLocation.CurrentUser, StoreName.My); The queue is flagged as ‘Authenticated’ on the server. I have checked the effect of this and if I turn off all security in the client send, then I get ‘Signature is invalid’ – which is understandable and shows that it’s definitely looking for a sig. Are there are special ports that I need to check are open for cert-based msmq auth? thanks Kris

Read the article
Grails Mail port configuration

- by bsreekanth

Hello, I am trying to send mail through grails mail plugin. I configured according to the documentation, and also followed few blog posts (http://blog.lourish.com/2010/04/02/sending-asynchronous-html-email-in-grails-with-activemq-jms-and-gmail/). That post mention that the closure way of declaring the configuration overrides others, but not true. Anyway I tried both approach, but seems like the port is still use the smtp default one. I get the below exception. exception: org.springframework.mail.MailSendException: Mail server connection failed; nested exception is javax.mail.MessagingException: Could not connect to SMTP host: localhost, port: 25; nested exception is: java.net.ConnectException: Connection refused: connect Now, I wrote a small program directly using the java mail library, and I could send the mail with that. The configuration is shown below. tried additional config "mail.smtp.port":"465"", but no change.. used the parameters mentioned in the above blog post, result same grails { mail { host = "smtp.gmail.com" port = "465" username = "[email protected]" password = "mypwd" props = ["mail.smtp.auth":"true", // "mail.smtp.port":"465", "mail.smtp.socketFactory.port":"465", "mail.smtp.socketFactory.class":"javax.net.ssl.SSLSocketFactory", "mail.smtp.socketFactory.fallback":"false"] } } thanks in advance.. Update: It is not port or firewall config, as when I made a grails application from scratch, and tried with the same config, everything works. Also, asked in grails forum http://grails.1312388.n4.nabble.com/grails-mail-mailSender-does-not-have-config-values-td2237704.html#a2237704 . Hope get a lead to try.

Read the article
Detect the language & django locale-url

- by mamcx

I want to deploy a website in english & spanish and detect the user browser languaje & redirect to the correct locale site. My site is www.elmalabarista.com I install django-localeurl, but I discover that the languaje is not correctly detected. This are my middlewares: MIDDLEWARE_CLASSES = ( 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.locale.LocaleMiddleware', 'multilingual.middleware.DefaultLanguageMiddleware', 'middleware.feedburner.FeedburnerMiddleware', 'lib.threadlocals.ThreadLocalsMiddleware', 'middleware.url.UrlMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'maintenancemode.middleware.MaintenanceModeMiddleware', 'middleware.redirect.RedirectMiddleware', 'openidconsumer.middleware.OpenIDMiddleware', 'django.middleware.doc.XViewMiddleware', 'middleware.ajax_errors.AjaxMiddleware', 'pingback.middleware.PingbackMiddleware', 'localeurl.middleware.LocaleURLMiddleware', 'multilingual.flatpages.middleware.FlatpageFallbackMiddleware', 'django.middleware.common.CommonMiddleware', ) But ALWAYS the site get to US despite the fact my OS & Browser setup is spanish. LANGUAGES = ( ('en', ugettext('English')), ('es', ugettext('Spanish')), ) DEFAULT_LANGUAGE = 1 Then, I hack the middleware of locale-url and do this: def process_request(self, request): locale, path = self.split_locale_from_request(request) if request.META.has_key('HTTP_ACCEPT_LANGUAGE'): locale = utils.supported_language(request.META['HTTP_ACCEPT_LANGUAGE'].split(',')[0]) locale_path = utils.locale_path(path, locale) if locale_path != request.path_info: if request.META.get("QUERY_STRING", ""): locale_path = "%s?%s" % (locale_path, request.META['QUERY_STRING']) return HttpResponseRedirect(locale_path) request.path_info = path if not locale: locale = settings.LANGUAGE_CODE translation.activate(locale) request.LANGUAGE_CODE = translation.get_language() However, this detect fine the language but redirect the "en" urls to "es". So is impossible navigate in english. UPDATE: This is the final code (after the input from Carl Meyer) with a fix for the case of "/": def process_request(self, request): locale, path = self.split_locale_from_request(request) if (not locale) or (locale==''): if request.META.has_key('HTTP_ACCEPT_LANGUAGE'): locale = utils.supported_language(request.META['HTTP_ACCEPT_LANGUAGE'].split(',')[0]) else: locale = settings.LANGUAGE_CODE locale_path = utils.locale_path(path, locale) if locale_path != request.path_info: if request.META.get("QUERY_STRING", ""): locale_path = "%s?%s" % (locale_path, request.META['QUERY_STRING']) return HttpResponseRedirect(locale_path) request.path_info = path translation.activate(locale) request.LANGUAGE_CODE = translation.get_language()

Read the article

Search Results

Search found 3452 results on 139 pages for 'zend auth'.

Page 121/139 | < Previous Page | 117 118 119 120 121 122 123 124 125 126 127 128 | Next Page >

- by Quentin Swain

- by techsjs2012

- by Mikel

- by eJugnoo

- by Rick Strahl

- by user72681

- by Izzy

- by Venkata Srikanth

- by Cachirro

- by acheong87

- by user13138569

- by user3713766

- by d_mcg

- by drachenstern

- by Svetlana

- by Scrappydog

- by unsorted

- by Dylan

- by Schneider

- by Eonasdan

- by chris

- by user537562

- by user104295

- by bsreekanth

- by mamcx

< Previous Page | 117 118 119 120 121 122 123 124 125 126 127 128 | Next Page >