Search Results

Search found 6525 results on 261 pages for 'restful authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 124/261 | < Previous Page | 120 121 122 123 124 125 126 127 128 129 130 131  | Next Page >

  • How should I handle a redirect to an identity provider during a web api data request

    - by Erds
    Scenario I have a single-page web app consisting purely of html, css, and javascript. After initial load and during use, it updates various views with data from one or more RESTful apis via ajax calls. The api calls return data in a json format. Each web api may be hosted on independent domains. Question During the ajax callout, if my authorization token is not deemed valid by the web api, the web api will redirect me (302) to the identity provider for that particular api. Since this is an ajax callout for data and not necessarily for display, i need to find a way to display the identity provider's authentication page. It seems that I should trap that redirect, and open up another view to display the identity provider's login page. Once the oauth series of redirects is complete, i need to grab the token and retrigger my ajax data call with the token attached. Is this a valid approach, and if so are there any examples showing the ajax handling of the redirects?

    Read the article

  • Google I/O 2012 - Crunching Big Data with BigQuery

    Google I/O 2012 - Crunching Big Data with BigQuery Jordan Tigani, Ryan Boyd Google BigQuery is a data analysis tool born from Google internal technologies. It enables developers to analyze terabyte data sets in seconds using a RESTful API. This session will dive into best practices for getting fast answers to business questions. We'll provide insight into how we process queries under the hood and how to construct SQL queries for complex analysis. For all I/O 2012 sessions, go to developers.google.com From: GoogleDevelopers Views: 1 0 ratings Time: 01:03:04 More in Science & Technology

    Read the article

  • Should an object know its own ID?

    - by xenoterracide
    obj.id seems fairly common and also seems to fall within the range of something an object could know about itself. I find myself asking why should my object know its own id? It doesn't seem to have a reason to have it? One of the main reason for it existing is retrieve it, and so my repositories need to know it, and thus use it for database interaction. I also once encountered a problem where I wanted to serialize an object to JSON for a RESTful API where the id did not seem to fit in the payload, but only the URI and including it in the object made that more difficult. Should an object know it's own id? why or why not?

    Read the article

  • Is ROA a specific form of doing SOA?

    - by JohnDoDo
    I have read somewhere that ROA (Resource Oriented Architecture) is SOA (Service Oriented Architecture) with specific constraints added. SOA is the abstract concept of combining discrete pieces of software and ROA is an implementation of SOA with all of the constraints of RESTful services applied to it: SOA = the concept ROA = the concept + specific implementation details I also had my share of posts saying that ROA is different than SOA, then simply fallback to statements like "ROA is REST" and "SOA is SOAP" and presenting the same more or less pertinent comparisons and differences between SOAP and REST. So just to clear up my confusion: Is ROA a specific form of doing SOA?

    Read the article

  • Coming Soon - JavaOne Latin America 2012!

    - by reza_rahman
    Save the date for JavaOne Latin America 2012 -- 4-6 December! The conference will be held again at the Transamerica Expo Center in São Paulo, Brazil. The content is shaping up nicely. Here is a preview of some of it: Designing Java EE Applications in the Age of CDI HTML5 WebSocket and Java JAX-RS 2.0: New and Noteworthy in the RESTful Web Services API What’s New in Java Message Service 2.0 Why Should I Switch to Java SE 7 Hope to see you there! More details and registration here.

    Read the article

  • Generating Wrappers for REST APIs

    - by Kyle
    Would it be feasible to generate wrappers for REST APIs? An earlier question asked about machine readable descriptions of RESTful services addressed how we could write (and then read) API specifications in a standardized way which would lend itself well to generated wrappers. Could a first pass parser generate a decent wrapper that human intervention could fix up? Perhaps the first pass wouldn't be consistent, but would remove a lot of the grunt work and make it easy to flesh out the rest of the API and types. What would need to be considered? What's stopping people from doing this? Has it already been done and my google fu is weak for the day?

    Read the article

  • Java EE 7 support in NetBeans 7.3.1

    - by arungupta
    NetBeans IDE provide tools, templates, and samples for building Java EE 7 applications. NetBeans 7.3.1 specifically added support for the features mentioned below: Support for creating Java EE 7 projects using Maven and Ant Develop, Deploy, and Debug using GlassFish 4 Bundled Java EE 7 javadocs CDI is enabled by default for new Java EE 7 projects (CDI 1.1) Create database scripts from Entity Classes (JPA 2.1) Java Persistence Query Language (JPQL) testing tool (JPA 2.1) RESTful Java client creation using JAX-RS 2.0 Client APIs (JAX-RS 2.0) New templates for JAX-RS 2 Filter and Interceptor (JAX-RS 2.0) New templates for WebSocket endpoints (WebSocket 1.0) JMS messages are sent using JMS 2 simplified API (JMS 2.0) Pass-through attributes are supported during Facelet page editing (JSF 2.2) Resource Library Contracts(JSF 2.2) @FlowScoped beans from editor and wizards (JSF 2.2) Support for EL 3.0 syntax in editor (EL 3.0) JSON APIs can be used with code completion (JSON 1.0) A comprehensive list of features added in this release is available in NetBeans 7.3.1 New and Noteworthy. Watch the screencast below to get a quick overview of the features and capabilities: Download Netbeans 7.3.1 and start playing with Java EE 7!

    Read the article

  • Choosing a new programming language to learn [on hold]

    - by Xelom
    I'm a Microsoft Stack(ASP.NET, C#) developer. Mainly, I develop server side software, windows services, restful apis etc. My client side interaction is really really low. So aside from C# I want to learn a new language. Time is precious and I want to give my focus to a language which have a future. My language list is: Scala (Powerful usage in Twitter) Go (Getting popular and channels are pretty awesome) Erlang (Stable server side programs. Used at Whatsapp) You can give advice for the above or you can give me a better option. My only exception is Objective-C. I don't want to get in that one. Thanks

    Read the article

  • JSR updates - First Merged EC Ballots

    - by Heather VanCura
    As the second part of the JCP.Next effort, JCP 2.9 launched 2 weeks ago on 13 November, and the first JCP EC ballots with the Merged EC have concluded.   JSR 339, JAX-RS 2.0: The Java API for RESTful Web Services, passed EC Public Review Ballot and was approved by the EC -- 22 yes votes, 2 abstain, 2 did not vote -- view results. JSR 349, Bean Validation 1.1, passed EC Public Review Ballot and was approved by the EC --17 yes votes, 2 abstain, 5 did not vote --  view results.

    Read the article

  • Is ROA a specific form of SOA?

    - by JohnDoDo
    I have read somewhere that ROA (Resource Oriented Architecture) is SOA (Service Oriented Architecture) with specific constraints added. SOA is the abstract term and that ROA is an implementation of SOA with all of the constraints of RESTful services (SOA = concept, ROA = concept + implementation details). I also had my share of posts saying that ROA is REST and that SOA is SOAP and going into the same more or less pertinent comparisons between the two (SOAP and REST that is) etc etc. So just to clear up my confusion: Is ROA a specific form of doing SOA?

    Read the article

  • What advantages are conferred by using server-side page rendering?

    - by user1303881
    I am developing a web app and I have currently written the entire website in html/js/css and on the backend I have servlets that host some RESTFUL services. All the presentation logic is done through getting json objects and modifying the view through javascript. The application is essentially a search engine, but it will have user accounts with different roles. I've been researching some frameworks such as Play and Spring. I'm fairly new to web development, so I was wondering what advantages using server side page rendering would provide? Is it: Speed? Easier development and workflow? Access to existing libraries? More? All of the above?

    Read the article

  • What Technology to use to Interact with Codeigniter "Backend" [on hold]

    - by symlynk
    I am building an application that looks like this: Codeingiter App/MySQL DB <--> API (this is the "contract" between the two entities) <--> Web Frontend I want the web frontend to be able to interact with the MySQL DB by requesting JSON objects in a RESTful way. But I don't want the Web Frontend to expose the workings of the Codeigniter App (i.e. let the Web Frontend clients see the domain of the codeigniter app, including its controllers/functions). The Codeigniter App is for business clients, and needs to be "hidden" from the Web Frontend users. I want to use PHP or Javascript, and am considering node js's Express, Angular, and SLIM PHP. Any thoughts as to what technology would suit this purpose best? Thanks

    Read the article

  • JSR Updates and EC Nominations open

    - by heathervc
    JSR 310, Date and Time API, has published an Early Draft Review 2.  This review closes 14 October. JSR 353, Java API for JSON Processing, has published an Early Draft Review.  This review closes 7 October. JSR 356, Java API for WebSocket, has published an Early Draft Review. This review closes 27 October. JSR 339,  JAX-RS 2.0: The Java API for RESTful Web Services, has published a Public Review. This review closes 12 November. The EC Nominations are now open until 11 October.  Any JCP Member may nominate themselves for the 2 open seats in the 2012 EC Elections.  Note that both seats will be for a 1 year term only, since all EC Members will stand for Election in 2013.  The merged EC will take effect in November 2012.

    Read the article

  • Difference between Claims vs OAuth

    - by Venki
    What is the difference between Claims based authentication vs What is provided by OAuth. I am looking for conceptual difference and not technical difference. When do I choose Claims over OAuth and vice versa. Claims based authentication is proposed by Microsoft and build on top of WS-Security. But OAuth is more a open source protocol that is being proposed to allow fetching resources from different portals based on a security token. Claims also has this concept of token (SAML encoded or X509 certificates). I am trying to understand when do I choose Claims over OAuth and vice versa. Thanks

    Read the article

  • Connect Orbeon Xform to External Exist DB

    - by user302254
    I am attempting to connect a new Orbeon XForm to an existing exist db. My code should submit an xml doc to be stored in that database. <xf:submission id="save-to-file" method="get" action="http://server:8081/exist/rest//test/test/inventory_sample.xml" replace="instance" instance="data-instance" includenamespaceprefixes="ai"/> When attempting to submit my xml file, my log reveals an authentication error: Apr 6, 2010 2:06:08 PM org.apache.commons.httpclient.auth.AuthChallengeProcessor selectAuthScheme INFO: basic authentication scheme selected Apr 6, 2010 2:06:08 PM org.apache.commons.httpclient.HttpMethodDirector processW WWAuthChallenge INFO: No credentials available for BASIC 'exist'@kruddler.mitre.org:8081 How do I authenticate this connection ?

    Read the article

  • SQL 2008 R2 login/network issue

    - by martinjd
    I have a Windows Server 2008 R2 new clean install , not a VM, that I have added to a Windows Server 2003 based domain using my account which has domain admin rights. The domain functional level is 2003. I performed a clean install of SQL Server 2008 R2 using my account which has domain admin rights. The installation completed without any errors. I logged into SSMS locally and attempted to add another domain account by clicking Search, Advanced and finding the user in the domain. When I return to the "Dialog - New" window and click OK I receive the following error: Create failed for Login 'Domain\User'. (Microsoft.SqlServer.Smo) An exception occurred while executing a Transact-SQL statement or batch. (Microsoft.SqlServer.ConnectionInfo) Windows NT user or group 'Domain\User' not found. Check the name again. (Microsoft SQL Server, Error: 15401) I have verified that the firewall is off, tried adding a different domain user, tried using SA to add a user, installed the hotfix for KB 976494 and verified that the Local Security Policy for Domain Member: Digitally encrypt or sign secure channel Domain Member: Digitally encrypt secure channel Domain Member: Digitally sign secure channel are disabled none of which have made a difference. I can RDP to a Server 2003 server running SQL 2008 and add the same domain user without issue. Also if I try to connect with SSMS to the sql server from another system on the domain using my account I get the following error: Login failed. The login is from an untrusted domain and cannot be used with Windows authentication. (Microsoft SQL Server, Error: 18452) and on the database server I see the following in the security event log: An account failed to log on. Subject: Security ID: NULL SID Account Name: - Account Domain: - Logon ID: 0x0 Logon Type: 3 Account For Which Logon Failed: Security ID: NULL SID Account Name: myUserName Account Domain: MYDOMAIN Failure Information: Failure Reason: An Error occured during Logon. Status: 0xc000018d Sub Status: 0x0 Process Information: Caller Process ID: 0x0 Caller Process Name: - Network Information: Workstation Name: MYWKS Source Network Address: - Source Port: - Detailed Authentication Information: Logon Process: NtLmSsp Authentication Package: NTLM Transited Services: - Package Name (NTLM only): - Key Length: 0 I am sure that the "NULL SID" has some significant meaning but have no idea at this point what the issue could be.

    Read the article

  • Using James Server in Eclipse With JavaMail

    - by Jack Sparrow
    Would anyone be able to tell me how I can go about using James server as my server with Java in Eclipse? I'm trying to test the two classes posted below but i get the following error: Exception in thread "main" javax.mail.AuthenticationFailedException: Authentication failed. public class JamesConfigTest { public static void main(String[] args) throws Exception { // CREATE CLIENT INSTANCES MailClient redClient = new MailClient("red", "localhost"); MailClient greenClient = new MailClient("green", "localhost"); MailClient blueClient = new MailClient("blue", "localhost"); // CLEAR EVERYBODY'S INBOX redClient.checkInbox(MailClient.CLEAR_MESSAGES); greenClient.checkInbox(MailClient.CLEAR_MESSAGES); blueClient.checkInbox(MailClient.CLEAR_MESSAGES); Thread.sleep(500); // Let the server catch up // SEND A COUPLE OF MESSAGES TO BLUE (FROM RED AND GREEN) redClient.sendMessage( "blue@localhost", "Testing blue from red", "This is a test message"); greenClient.sendMessage( "blue@localhost", "Testing blue from green", "This is a test message"); Thread.sleep(500); // Let the server catch up // LIST MESSAGES FOR BLUE (EXPECT MESSAGES FROM RED AND GREEN) blueClient.checkInbox(MailClient.SHOW_AND_CLEAR); } } import java.io.*; import java.util.*; import javax.mail.*; import javax.mail.internet.*; public class MailClient extends Authenticator { public static final int SHOW_MESSAGES = 1; public static final int CLEAR_MESSAGES = 2; public static final int SHOW_AND_CLEAR = SHOW_MESSAGES + CLEAR_MESSAGES; protected String from; protected Session session; protected PasswordAuthentication authentication; public MailClient(String user, String host) { this(user, host, false); } public MailClient(String user, String host, boolean debug) { from = user + '@' + host; authentication = new PasswordAuthentication(user, user); Properties props = new Properties(); props.put("mail.user", user); props.put("mail.host", host); props.put("mail.debug", debug ? "true" : "false"); props.put("mail.store.protocol", "pop3"); props.put("mail.transport.protocol", "smtp"); session = Session.getInstance(props, this); } public PasswordAuthentication getPasswordAuthentication() { return authentication; } public void sendMessage( String to, String subject, String content) throws MessagingException { System.out.println("SENDING message from " + from + " to " + to); System.out.println(); MimeMessage msg = new MimeMessage(session); msg.addRecipients(Message.RecipientType.TO, to); msg.setSubject(subject); msg.setText(content); Transport.send(msg); } public void checkInbox(int mode) throws MessagingException, IOException { if (mode == 0) return; boolean show = (mode & SHOW_MESSAGES) > 0; boolean clear = (mode & CLEAR_MESSAGES) > 0; String action = (show ? "Show" : "") + (show && clear ? " and " : "") + (clear ? "Clear" : ""); System.out.println(action + " INBOX for " + from); Store store = session.getStore(); store.connect(); Folder root = store.getDefaultFolder(); Folder inbox = root.getFolder("inbox"); inbox.open(Folder.READ_WRITE); Message[] msgs = inbox.getMessages(); if (msgs.length == 0 && show) { System.out.println("No messages in inbox"); } for (int i = 0; i < msgs.length; i++) { MimeMessage msg = (MimeMessage)msgs[i]; if (show) { System.out.println(" From: " + msg.getFrom()[0]); System.out.println(" Subject: " + msg.getSubject()); System.out.println(" Content: " + msg.getContent()); } if (clear) { msg.setFlag(Flags.Flag.DELETED, true); } } inbox.close(true); store.close(); System.out.println(); } }

    Read the article

  • Facebook and dotnetopenauth issue

    - by Adiel
    Hi We established an OpenID provider at BioSignID.com base on DotNetOpenAuth. (the authentication is base on signaturs with silverlight client...) As we tried to login to facebook we encounter a problem with IE (6,7,8). In FF and Chrome the loggin process was fine. On the server logs I can see the FB reqeust but the user somehow is NOT authenticated. In fiddler I can see that the authentication cookie not sent. I've tried to transfer the server.aspx calls to https but then I cannot make the connection between my FB account and my BioSignId account. Any ideas? Thanks

    Read the article

  • Single Sign On for a Web App

    - by Jeremy Goodell
    I have been trying to understand how this problem is solved for over a month now. I really need to come up with a general approach that works -- I'm basically the only resource who can do it. I have a theory, but I'm just not sure it's the easiest (or correct) approach and I haven't been able to find any information to support my ideas. Here's the scenario: 1) You have a complex web application that offers secure content on a subscription basis. 2) Users are required to log in to your application with user name and password. 3) You sell to large corporations, which already have a corporate authentication technology (for example, Active Directory). 4) You would like to integrate with the corporate authentication mechanism to allow their users to log onto your Web App without having to enter their user name and password. Now, any solution you come up with will have to provide a mechanism for: adding new users removing users changing user information allowing users to log in Ideally, all these would happen "automagically" when the corporate customer made the corresponding changes to their own authentication. Now, I have a theory that the way to do this (at least for Active Directory) would be for me to write a client-side app that integrates with the customer's Active Directory to track the targeted changes, and then communicate those changes to my Web App. I think that if this communication were done via Web Services offered by my web app, then it would maintain an unhackable level of security, which would obviously be a requirement for these corporate customers. I've found some information about a Microsoft product called Active Directory Federation Service (ADFS) which may or may not be the right approach for me. It seems to be a bit bulky and have some requirements that might not work for all customers. For other existing ID scenarios (like Athens and Shibboleth), I don't think a client application is necessary. It's probably just a matter of tying into the existing ID services. I would appreciate any advice anyone has on anything I've mentioned here. In particular, if you can tell me if my theory is correct about providing a client-side app that communicates with server-side Web Services, or if I'm totally going in the wrong direction. Also, if you could point me at any web sites or articles that explain how to do this, I'd really appreciate it. My research has not turned up much so far. Finally, if you could let me know of any Web applications that currently offer this service (particularly as tied to a corporate Active Directory), I would be very grateful. I am wondering if other B2B Web app's like salesforce.com, or hoovers.com offer a similar service for their corporate customers. I hate being in the dark and would greatly appreciate any light you can shed ... Jeremy

    Read the article

  • ERR_INCOMPLETE_CHUNKED_ENCODING apache 2.4

    - by Bujanca Mihai
    I upgraded my Ubuntu server to 14.04 and Apache 2.4.7. Now my images don't load and console yields net::ERR_INCOMPLETE_CHUNKED_ENCODING. Also, I can sometimes see some of the images load for a little while (1 sec max) and then they disappear. .htaccess RewriteEngine On # Serve the favicon file from img folder RewriteCond %{REQUEST_URI} ^/favicon.ico$ RewriteRule ^(.*)$ /img/$1 [NC,L] # Redirect HTTP traffic to WWW subdomain RewriteCond %{HTTPS} off [NC] RewriteCond %{HTTP_HOST} !^www\. [NC] RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L] # Redirect HTTPS traffic to WWW subdomain RewriteCond %{HTTPS} on [NC] RewriteCond %{HTTP_HOST} !^www\. [NC] RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L] # Auto Versioning rules RewriteCond %{REQUEST_FILENAME} !-s RewriteRule ^(.*)\.[\d]+\.(css|js)$ $1.$2 [L] # Default Zend rewrite rules RewriteCond %{REQUEST_FILENAME} -s [OR] RewriteCond %{REQUEST_FILENAME} -l [OR] RewriteCond %{REQUEST_FILENAME} -d RewriteRule ^.*$ - [NC,L] RewriteRule ^.*$ index.php [NC,L] VHost <VirtualHost *:80> ServerAdmin admin@localhost ServerName localhost DocumentRoot /home/mihai/ARTD/www/public/website # Omit this in production environment SetEnv APPLICATION_ENV local <Directory /home/mihai/ARTD/www/public/website > Options Indexes FollowSymLinks MultiViews AllowOverride All #Order deny,allow #Allow from all Require all granted </Directory> <IfModule mod_php5.c> php_value memory_limit 128M php_value upload_max_filesize 20M php_value post_max_size 20M </IfModule> ErrorLog /var/log/apache2/ARTD-error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog /var/log/apache2/ARTD-access.log combined </VirtualHost> <IfModule mod_ssl.c> <VirtualHost *:443> ServerAdmin admin@localhost ServerName localhost DocumentRoot /home/mihai/ARTD/www/public/website # Omit this in production environment SetEnv APPLICATION_ENV local <Directory /home/mihai/ARTD/www/public/website > Options Indexes FollowSymLinks MultiViews AllowOverride All #Order deny,allow #Allow from all Require all granted </Directory> <IfModule mod_php5.c> php_value memory_limit 128M php_value upload_max_filesize 20M php_value post_max_size 20M </IfModule> ErrorLog /var/log/apache2/ARTD-ssl-error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog /var/log/apache2/ARTD.log combined # SSL Engine Switch: # Enable/Disable SSL for this virtual host. SSLEngine on # A self-signed (snakeoil) certificate can be created by installing # the ssl-cert package. See # /usr/share/doc/apache2.2-common/README.Debian.gz for more info. # If both key and certificate are stored in the same file, only the # SSLCertificateFile directive is needed. SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key # Server Certificate Chain: # Point SSLCertificateChainFile at a file containing the # concatenation of PEM encoded CA certificates which form the # certificate chain for the server certificate. Alternatively # the referenced file can be the same as SSLCertificateFile # when the CA certificates are directly appended to the server # certificate for convinience. #SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt # Certificate Authority (CA): # Set the CA certificate verification path where to find CA # certificates for client authentication or alternatively one # huge file containing all of them (file must be PEM encoded) # Note: Inside SSLCACertificatePath you need hash symlinks # to point to the certificate files. Use the provided # Makefile to update the hash symlinks after changes. #SSLCACertificatePath /etc/ssl/certs/ #SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt # Certificate Revocation Lists (CRL): # Set the CA revocation path where to find CA CRLs for client # authentication or alternatively one huge file containing all # of them (file must be PEM encoded) # Note: Inside SSLCARevocationPath you need hash symlinks # to point to the certificate files. Use the provided # Makefile to update the hash symlinks after changes. #SSLCARevocationPath /etc/apache2/ssl.crl/ #SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl # Client Authentication (Type): # Client certificate verification type and depth. Types are # none, optional, require and optional_no_ca. Depth is a # number which specifies how deeply to verify the certificate # issuer chain before deciding the certificate is not valid. #SSLVerifyClient require #SSLVerifyDepth 10 # Access Control: # With SSLRequire you can do per-directory access control based # on arbitrary complex boolean expressions containing server # variable checks and other lookup directives. The syntax is a # mixture between C and Perl. See the mod_ssl documentation # for more details. #<Location /> #SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \ # and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \ # and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \ # and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \ # and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \ # or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/ #</Location> # SSL Engine Options: # Set various options for the SSL engine. # o FakeBasicAuth: # Translate the client X.509 into a Basic Authorisation. This means that # the standard Auth/DBMAuth methods can be used for access control. The # user name is the `one line' version of the client's X.509 certificate. # Note that no password is obtained from the user. Every entry in the user # file needs this password: `xxj31ZMTZzkVA'. # o ExportCertData: # This exports two additional environment variables: SSL_CLIENT_CERT and # SSL_SERVER_CERT. These contain the PEM-encoded certificates of the # server (always existing) and the client (only existing when client # authentication is used). This can be used to import the certificates # into CGI scripts. # o StdEnvVars: # This exports the standard SSL/TLS related `SSL_*' environment variables. # Per default this exportation is switched off for performance reasons, # because the extraction step is an expensive operation and is usually # useless for serving static content. So one usually enables the # exportation for CGI and SSI requests only. # o StrictRequire: # This denies access when "SSLRequireSSL" or "SSLRequire" applied even # under a "Satisfy any" situation, i.e. when it applies access is denied # and no other module can change it. # o OptRenegotiate: # This enables optimized SSL connection renegotiation handling when SSL # directives are used in per-directory context. #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire #<FilesMatch "\.(cgi|shtml|phtml|php)$"> # SSLOptions +StdEnvVars #</FilesMatch> # SSL Protocol Adjustments: # The safe and default but still SSL/TLS standard compliant shutdown # approach is that mod_ssl sends the close notify alert but doesn't wait for # the close notify alert from client. When you need a different shutdown # approach you can use one of the following variables: # o ssl-unclean-shutdown: # This forces an unclean shutdown when the connection is closed, i.e. no # SSL close notify alert is send or allowed to received. This violates # the SSL/TLS standard but is needed for some brain-dead browsers. Use # this when you receive I/O errors because of the standard approach where # mod_ssl sends the close notify alert. # o ssl-accurate-shutdown: # This forces an accurate shutdown when the connection is closed, i.e. a # SSL close notify alert is send and mod_ssl waits for the close notify # alert of the client. This is 100% SSL/TLS standard compliant, but in # practice often causes hanging connections with brain-dead browsers. Use # this only for browsers where you know that their SSL implementation # works correctly. # Notice: Most problems of broken clients are also related to the HTTP # keep-alive facility, so you usually additionally want to disable # keep-alive for those clients, too. Use variable "nokeepalive" for this. # Similarly, one has to force some clients to use HTTP/1.0 to workaround # their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and # "force-response-1.0" for this. #BrowserMatch ".*MSIE.*" \ # nokeepalive ssl-unclean-shutdown \ # downgrade-1.0 force-response-1.0 </VirtualHost> </IfModule> logs Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.3 OpenSSL/1.0.1f (internal dummy connection) 127.0.0.1 - - [25/Aug/2014:13:09:53 +0300] "GET /img/header/top-nav-separator.png HTTP/1.1" 200 462 "https://localhost/art" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.132 Safari/537.36"

    Read the article

  • openvpn: after changing to server mode, client does not create TUN device

    - by lurscher
    i had a previously working configuration with the config files used in a previous question However, i've changed this now to the following configuration using server mode, everything on the logs seem fine, however the client doesn't create any tun interface, so i don't have anything to connect to, presumably, i need to add or push some route commands, but i don't have any idea at this point what i need to do. I am posting all my relevant configuration files server.conf: dev tun server 10.8.117.0 255.255.255.0 ifconfig-pool-persist ipp.txt tls-server dh /home/lurscher/keys/dh1024.pem ca /home/lurscher/keys/ca.crt cert /home/lurscher/keys/vpnCh8TestServer.crt key /home/lurscher/keys/vpnCh8TestServer.key status openvpn-status.log log openvpn.log comp-lzo verb 3 and client.conf: dev tun remote my.server.com tls-client ca /home/chuckq/keys/ca.crt cert /home/chuckq/keys/vpnCh8TestClient.crt key /home/chuckq/keys/vpnCh8TestClient.key ns-cert-type server ; port 1194 ; user nobody ; group nogroup status openvpn-status.log log openvpn.log comp-lzo verb 3 the server ifconfig shows a tun device: tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:10.8.117.1 P-t-P:10.8.117.2 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) However the client ifconfig does not show any tun interface! $ ifconfig tun0 tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 POINTOPOINT NOARP MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) the client log says: Tue May 17 23:27:09 2011 OpenVPN 2.1.0 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Jul 12 2010 Tue May 17 23:27:09 2011 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port. Tue May 17 23:27:09 2011 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Tue May 17 23:27:09 2011 /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted> Tue May 17 23:27:09 2011 LZO compression initialized Tue May 17 23:27:09 2011 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ] Tue May 17 23:27:09 2011 TUN/TAP device tun0 opened Tue May 17 23:27:09 2011 TUN/TAP TX queue length set to 100 Tue May 17 23:27:09 2011 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ] Tue May 17 23:27:09 2011 Local Options hash (VER=V4): '41690919' Tue May 17 23:27:09 2011 Expected Remote Options hash (VER=V4): '530fdded' Tue May 17 23:27:09 2011 Socket Buffers: R=[114688->131072] S=[114688->131072] Tue May 17 23:27:09 2011 UDPv4 link local (bound): [undef] Tue May 17 23:27:09 2011 UDPv4 link remote: [AF_INET]192.168.0.101:1194 Tue May 17 23:27:09 2011 TLS: Initial packet from [AF_INET]192.168.0.101:1194, sid=8e8bdc33 f4275407 Tue May 17 23:27:09 2011 VERIFY OK: depth=1, /C=CA/ST=Out/L=There/O=Ubuntu/OU=Home/CN=Ubuntu_CA/name=lurscher/[email protected] Tue May 17 23:27:09 2011 VERIFY OK: nsCertType=SERVER Tue May 17 23:27:09 2011 VERIFY OK: depth=0, /C=CA/ST=Out/L=There/O=Ubuntu/OU=Home/CN=vpnCh8TestServer/name=lurscher/[email protected] Tue May 17 23:27:09 2011 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Tue May 17 23:27:09 2011 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Tue May 17 23:27:09 2011 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Tue May 17 23:27:09 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Tue May 17 23:27:09 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Tue May 17 23:27:09 2011 [vpnCh8TestServer] Peer Connection Initiated with [AF_INET]192.168.0.101:1194 Tue May 17 23:27:10 2011 Initialization Sequence Completed the client status log: OpenVPN STATISTICS Updated,Tue May 17 23:30:09 2011 TUN/TAP read bytes,0 TUN/TAP write bytes,0 TCP/UDP read bytes,5604 TCP/UDP write bytes,4244 Auth read bytes,0 pre-compress bytes,0 post-compress bytes,0 pre-decompress bytes,0 post-decompress bytes,0 END and the server log says: Tue May 17 23:18:25 2011 OpenVPN 2.1.0 x86_64-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Jul 12 2010 Tue May 17 23:18:25 2011 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port. Tue May 17 23:18:25 2011 WARNING: --keepalive option is missing from server config Tue May 17 23:18:25 2011 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet. Tue May 17 23:18:25 2011 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Tue May 17 23:18:25 2011 Diffie-Hellman initialized with 1024 bit key Tue May 17 23:18:25 2011 /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted> Tue May 17 23:18:25 2011 TLS-Auth MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ] Tue May 17 23:18:25 2011 ROUTE default_gateway=192.168.0.1 Tue May 17 23:18:25 2011 TUN/TAP device tun0 opened Tue May 17 23:18:25 2011 TUN/TAP TX queue length set to 100 Tue May 17 23:18:25 2011 /sbin/ifconfig tun0 10.8.117.1 pointopoint 10.8.117.2 mtu 1500 Tue May 17 23:18:25 2011 /sbin/route add -net 10.8.117.0 netmask 255.255.255.0 gw 10.8.117.2 Tue May 17 23:18:25 2011 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ] Tue May 17 23:18:25 2011 Socket Buffers: R=[126976->131072] S=[126976->131072] Tue May 17 23:18:25 2011 UDPv4 link local (bound): [undef] Tue May 17 23:18:25 2011 UDPv4 link remote: [undef] Tue May 17 23:18:25 2011 MULTI: multi_init called, r=256 v=256 Tue May 17 23:18:25 2011 IFCONFIG POOL: base=10.8.117.4 size=62 Tue May 17 23:18:25 2011 IFCONFIG POOL LIST Tue May 17 23:18:25 2011 vpnCh8TestClient,10.8.117.4 Tue May 17 23:18:25 2011 Initialization Sequence Completed Tue May 17 23:27:22 2011 MULTI: multi_create_instance called Tue May 17 23:27:22 2011 192.168.0.104:1194 Re-using SSL/TLS context Tue May 17 23:27:22 2011 192.168.0.104:1194 LZO compression initialized Tue May 17 23:27:22 2011 192.168.0.104:1194 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ] Tue May 17 23:27:22 2011 192.168.0.104:1194 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ] Tue May 17 23:27:22 2011 192.168.0.104:1194 Local Options hash (VER=V4): '530fdded' Tue May 17 23:27:22 2011 192.168.0.104:1194 Expected Remote Options hash (VER=V4): '41690919' Tue May 17 23:27:22 2011 192.168.0.104:1194 TLS: Initial packet from [AF_INET]192.168.0.104:1194, sid=8972b565 79323f68 Tue May 17 23:27:22 2011 192.168.0.104:1194 VERIFY OK: depth=1, /C=CA/ST=Out/L=There/O=Ubuntu/OU=Home/CN=Ubuntu_CA/name=lurscher/[email protected] Tue May 17 23:27:22 2011 192.168.0.104:1194 VERIFY OK: depth=0, /C=CA/ST=Out/L=There/O=Ubuntu/OU=Home/CN=Ubuntu_CA/name=lurscher/[email protected] Tue May 17 23:27:22 2011 192.168.0.104:1194 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Tue May 17 23:27:22 2011 192.168.0.104:1194 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Tue May 17 23:27:22 2011 192.168.0.104:1194 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Tue May 17 23:27:22 2011 192.168.0.104:1194 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Tue May 17 23:27:22 2011 192.168.0.104:1194 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Tue May 17 23:27:22 2011 192.168.0.104:1194 [vpnCh8TestClient] Peer Connection Initiated with [AF_INET]192.168.0.104:1194 Tue May 17 23:27:22 2011 vpnCh8TestClient/192.168.0.104:1194 MULTI: Learn: 10.8.117.6 -> vpnCh8TestClient/192.168.0.104:1194 Tue May 17 23:27:22 2011 vpnCh8TestClient/192.168.0.104:1194 MULTI: primary virtual IP for vpnCh8TestClient/192.168.0.104:1194: 10.8.117.6 finally, the server status log: OpenVPN CLIENT LIST Updated,Tue May 17 23:36:25 2011 Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since vpnCh8TestClient,192.168.0.104:1194,4244,5604,Tue May 17 23:27:22 2011 ROUTING TABLE Virtual Address,Common Name,Real Address,Last Ref 10.8.117.6,vpnCh8TestClient,192.168.0.104:1194,Tue May 17 23:27:22 2011 GLOBAL STATS Max bcast/mcast queue length,0 END

    Read the article

  • Silverlight 4 - authentiation / authorization against custom wcf service

    - by Calanus
    I have a wcf service in front of an AzMan store that passes roles and operations to clients using the following interface: [OperationContract] bool AuthenticateUser(string password, string appName); [OperationContract] string[] GetRoles(string storelocation, string appName); [OperationContract] string[] GetOperations(string storeLocation, string appName, string selectedRole); Clients connect to this service using windows authentication (but users must send their password through to reaffirm their identity). Ultimately the service delivers an array of operations that each client can perform based on their selected role. I've opened a new Silverlight Business Application and tried to understand how authentication/authorization works in this template, as well as scoured the web to find examples to how to hook my webservice to the login box already created in the template, but I am completely at a loss as how to do this! Can anyone offer any advice?

    Read the article

  • Data refresh and drill down problem with SSAS cube and excel services

    - by chaitanya
    I have a SSAS cube which I am using in an excel document, prepare a report which has drill-down etc and i am publishing it to a sharepoint site. It gets published alright but when I try to drill down it throws an error "Data Refresh failed" etc.The data source and the sharpoint site are on the same machine(running windows server 2008) and we have windows authentication running. From what I have been able to find on the internet there is a problem with passing the windows authentication credentials to the database etc.But I have not been able to find the exact way to sort out these problem. What is the solution for this????

    Read the article

  • HTTP Error 500.19 - Internal Server Error for silverlight application

    - by KentZhou
    Use VS2010 silverlight business application template to createa defaut solution. Change authentication to Windows in Web.config and the code in app.xaml.cs to use windows authentication. Nothing else changed. Then run this app from vs2010 built-in web server, it is fine, I can see the login user info from windws(from a AD domain account) display on the top-right of the screen, like DomainName\userName. Then deploy this web app to IIS on windows 7(same computer) and access this app again, I got following error: HTTP Error 500.19 - Internal Server Error The requested page cannot be accessed because the related configuration data for the page is invalid. Detailed Error InformationModule IIS Web Core Notification Unknown Handler Not yet determined Error Code 0x80070005 Config Error Cannot read configuration file due to insufficient permissions Config File \\?\C:\Users\myname\Documents\Visual Studio 2010\Projects\BusinessApplication4\BusinessApplication4.Web\web.config Requested URL http://localhost:77/BusinessApplication4TestPage.html Physical Path Logon Method Not yet determined Logon User Not yet determined Config Source -1: 0: how to resolve this problem?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 120 121 122 123 124 125 126 127 128 129 130 131  | Next Page >