Search Results

Search found 15558 results on 623 pages for 'basic authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 142/623 | < Previous Page | 138 139 140 141 142 143 144 145 146 147 148 149  | Next Page >

  • Certain SFTP user cannot connect

    - by trobrock
    I have my Ubuntu Server set up so users with the group of sftponly can connect with sftp, but have a shell of /bin/false, and they connect to their home directories. This is working fine with three of the user accounts I have. But I added a new user account today the same way that I added the others and it will not successfully connect. sftp -vvv user@hostname debug1: Next authentication method: password user@hostname's password: debug3: packet_send2: adding 48 (len 73 padlen 7 extra_pad 64) debug2: we sent a password packet, wait for reply debug1: Authentication succeeded (password). debug2: fd 5 setting O_NONBLOCK debug3: fd 6 is O_NONBLOCK debug1: channel 0: new [client-session] debug3: ssh_session2_open: channel_new: 0 debug2: channel 0: send open debug1: Requesting [email protected] debug1: Entering interactive session. debug1: channel 0: free: client-session, nchannels 1 debug3: channel 0: status: The following connections are open: #0 client-session (t3 r-1 i0/0 o0/0 fd 5/6 cfd -1) debug3: channel 0: close_fds r 5 w 6 e 7 c -1 debug1: fd 0 clearing O_NONBLOCK debug3: fd 1 is not O_NONBLOCK Connection to hostname closed by remote host. Transferred: sent 2176, received 1848 bytes, in 0.0 seconds Bytes per second: sent 127453.3, received 108241.6 debug1: Exit status -1 Connection closed For a successful user: sftp -vvv good_user@hostname debug1: Next authentication method: password good_user@hostname's password: debug3: packet_send2: adding 48 (len 63 padlen 17 extra_pad 64) debug2: we sent a password packet, wait for reply debug1: Authentication succeeded (password). debug2: fd 5 setting O_NONBLOCK debug3: fd 6 is O_NONBLOCK debug1: channel 0: new [client-session] debug3: ssh_session2_open: channel_new: 0 debug2: channel 0: send open debug1: Requesting [email protected] debug1: Entering interactive session. debug2: callback start debug2: client_session2_setup: id 0 debug1: Sending subsystem: sftp debug2: channel 0: request subsystem confirm 1 debug2: fd 3 setting TCP_NODELAY debug2: callback done debug2: channel 0: open confirm rwindow 0 rmax 32768 debug2: channel 0: rcvd adjust 2097152 debug2: channel_input_status_confirm: type 99 id 0 debug2: subsystem request accepted on channel 0 debug2: Remote version: 3 debug2: Server supports extension "[email protected]" revision 1 debug2: Server supports extension "[email protected]" revision 2 debug2: Server supports extension "[email protected]" revision 2 debug3: Sent message fd 3 T:16 I:1 debug3: SSH_FXP_REALPATH . -> / sftp> I cannot figure out why one user will work and the other wont, I have restart the ssh service after adding the user. I have even removed the user and added them again to be sure I am adding it correctly.

    Read the article

  • Is There any way to change Active Directory Users Database Source?

    - by Mehrdad Amini
    I need Active Directory Use My Own Custom Database (or shell or ...) for Authentication Users. Is there any extention or something like this to change User Passwords Database of active directory? I need this Because My Accounts Are In simple Database And I don't Want to Sync them periodically In Fact I can Not Change all My Applications to authenticate from Active Directory!Just I need Active Directory to Use My Database For Authentication.

    Read the article

  • Damn Small Linux - Setting system-wide proxy

    - by ryanfernandes
    I've just installed DSL on virtualbox. The network works fine. However, to connect to the internet, I need to use a proxy with authentication. I can do this in the brower, but I need to allow other command line utilities to access the internet too. Is there a way that I can set a system-wide proxy with authentication information (username/password) on DSL?

    Read the article

  • Passwordless ssh failed when login using username

    - by Aczire
    I was trying to setup Hadoop and was stumbled on passwordless ssh to localhost. I am getting a password prompt when trying to connect using ssh username@hostname format. But there is no problem connecting to the machine like ssh localhost or ssh hostname.com. Tried ssh-copy-id user@hostname but it did not work. Using CentOS 6.3 as normal user, I neither have root access or am a sudoer so editing any files like sshd_config is not possible (not even cat the sshd_config file contents). I hope the user login is possible since I can do login without password to localhost, right? Please advise, Here is the ssh debug output. [[email protected] ~]$ ssh -v [email protected] OpenSSH_5.3p1, OpenSSL 1.0.0-fips 29 Mar 2010 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to hostname.com [::1] port 22. debug1: Connection established. debug1: identity file /home/user/.ssh/identity type -1 debug1: identity file /home/user/.ssh/id_rsa type -1 debug1: identity file /home/user/.ssh/id_dsa type 2 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3 debug1: match: OpenSSH_5.3 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.3 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host 'hostname.com' is known and matches the RSA host key. debug1: Found key in /home/user/.ssh/known_hosts:1 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password debug1: Next authentication method: gssapi-keyex debug1: No valid Key exchange context debug1: Next authentication method: gssapi-with-mic debug1: Unspecified GSS failure. Minor code may provide more information Credentials cache file '/tmp/krb5cc_500' not found debug1: Unspecified GSS failure. Minor code may provide more information Credentials cache file '/tmp/krb5cc_500' not found debug1: Unspecified GSS failure. Minor code may provide more information debug1: Unspecified GSS failure. Minor code may provide more information debug1: Next authentication method: publickey debug1: Offering public key: /home/user/.ssh/id_dsa debug1: Server accepts key: pkalg ssh-dss blen 434 Agent admitted failure to sign using the key. debug1: Trying private key: /home/user/.ssh/identity debug1: Trying private key: /home/user/.ssh/id_rsa debug1: Next authentication method: password [email protected]'s password:

    Read the article

  • How to setup terminal service gateway in my RDP client

    - by Stan
    I am using "RD Tabs" to bypass the terminal service gateway to RDP to the remote host. Usually I use browser and go to https://webvpn.company.com:777 with my account. Now in RD Tabs advanced settings, it's asking server name and authentication method. How should I fill this information? I tried below: server: webvpn.company.com:777 authentication: Attempt TLS But it's not working, what could be wrong? Thanks.

    Read the article

  • ssh refuses to authenticate keys

    - by MixturaDementiae
    So I am setting up a connection between my machine [fedora 17] and a virtual machine running in Virtual Box in which is running CentOS 5. I have installed openssh from the repositories on CentOS, and I have configured everything as it follows: Protocol 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key SyslogFacility AUTHPRIV PermitRootLogin yes RSAAuthentication yes PubkeyAuthentication yes AuthorizedKeysFile /home/pigreco/.ssh/authorized_keys PasswordAuthentication no ChallengeResponseAuthentication yes GSSAPIAuthentication yes GSSAPICleanupCredentials yes UsePAM yes AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE AcceptEnv XMODIFIERS X11Forwarding yes Subsystem sftp /usr/libexec/openssh/sftp-server this is the configuration file sshd_config on the server i.e. on the CentOS. Moreover I have created a public/private key pair as usual on the .ssh/ folder in my home directory in my OS, i.e. Fedora, and then I've copied with scp the id_rsa.pub to the server and then I have appended its content to the file .ssh/authorized_keys on the server machine. The error that I get is the following: OpenSSH_5.9p1, OpenSSL 1.0.0j-fips 10 May 2012 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 50: Applying options for * debug1: Connecting to 192.168.100.13 [192.168.100.13] port 22. debug1: Connection established. debug1: identity file /home/mayhem/.ssh/identity type -1 debug1: identity file /home/mayhem/.ssh/identity-cert type -1 debug1: identity file /home/mayhem/.ssh/id_rsa type 1 debug1: identity file /home/mayhem/.ssh/id_rsa-cert type -1 debug1: identity file /home/mayhem/.ssh/id_dsa type -1 debug1: identity file /home/mayhem/.ssh/id_dsa-cert type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3 debug1: match: OpenSSH_5.3 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.9 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Server host key: RSA 16:e5:72:d1:37:94:1b:5e:3d:3a:e5:da:6f:df:0c:08 debug1: Host '192.168.100.13' is known and matches the RSA host key. debug1: Found key in /home/mayhem/.ssh/known_hosts:1 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,keyboard-interactive debug1: Next authentication method: gssapi-keyex debug1: No valid Key exchange context debug1: Next authentication method: gssapi-with-mic debug1: Unspecified GSS failure. Minor code may provide more information Cannot determine realm for numeric host address debug1: Unspecified GSS failure. Minor code may provide more information Cannot determine realm for numeric host address debug1: Unspecified GSS failure. Minor code may provide more information debug1: Unspecified GSS failure. Minor code may provide more information Cannot determine realm for numeric host address debug1: Next authentication method: publickey debug1: Offering RSA public key: /home/mayhem/.ssh/id_rsa debug1: Server accepts key: pkalg ssh-rsa blen 279 Agent admitted failure to sign using the key. debug1: Trying private key: /home/mayhem/.ssh/identity debug1: Trying private key: /home/mayhem/.ssh/id_dsa debug1: Next authentication method: keyboard-interactive Do you have some good suggestion of what I can do? thank you

    Read the article

  • SSL certificate for Oracle Application Server 11g

    - by Easter Sunshine
    I was asked to get an SSL certificate for an "Oracle Application Server 11g" which has a soon-to-expire certificate. Brushing aside the fact that 10g seems to be the newest version, I got a certificate from InCommon, as I usually do without problem (except this is the first time I supplied Oracle Application Server 11g as the software type on the CSR form). On the email containing links to download the certificate, it mentioned: Certificate Details: SSL Type : InCommon SSL Server : OTHER I forwarded the email over to the person responsible for installing it and got a reply that the server type must be Oracle Application Server for the certificate to work (the CN is the same as before). They were unable to install this certificate (no details provided to me) and mentioned they had this issue previously with Thawte when they didn't supply Oracle Application Server as the server type. I don't see any significant difference between the currently installed certificate (working) and the new one I just got signed by InCommon (not working). $ openssl x509 -in sso-current.cer -text shows, with irrelevant information ommitted. Data: Version: 3 (0x2) Signature Algorithm: sha1WithRSAEncryption Issuer: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA/[email protected] Validity Not Before: Oct 1 00:00:00 2009 GMT Not After : Nov 28 23:59:59 2012 GMT Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:FALSE X509v3 CRL Distribution Points: Full Name: URI:http://crl.thawte.com/ThawteServerPremiumCA.crl X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication Authority Information Access: OCSP - URI:http://ocsp.thawte.com Signature Algorithm: sha1WithRSAEncryption and $ openssl x509 -in sso-new.cer -text shows Data: Version: 3 (0x2) Signature Algorithm: sha1WithRSAEncryption Issuer: C=US, O=Internet2, OU=InCommon, CN=InCommon Server CA Validity Not Before: Nov 8 00:00:00 2012 GMT Not After : Nov 8 23:59:59 2014 GMT Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Authority Key Identifier: keyid:48:4F:5A:FA:2F:4A:9A:5E:E0:50:F3:6B:7B:55:A5:DE:F5:BE:34:5D X509v3 Subject Key Identifier: 18:8D:F6:F5:87:4D:C4:08:7B:2B:3F:02:A1:C7:AC:6D:A7:90:93:02 X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Certificate Policies: Policy: 1.3.6.1.4.1.5923.1.4.3.1.1 CPS: https://www.incommon.org/cert/repository/cps_ssl.pdf X509v3 CRL Distribution Points: Full Name: URI:http://crl.incommon.org/InCommonServerCA.crl Authority Information Access: CA Issuers - URI:http://cert.incommon.org/InCommonServerCA.crt OCSP - URI:http://ocsp.incommon.org Nothing jumps out at me as the reason one would not work so I don't have a specific request for the signer for what to do differently when re-signing.

    Read the article

  • installing a linux iso from within a university network

    - by pepperdreamteam
    In order to install gentoo, I need to connect to a university wireless internet network. It requires a username and password login/authentication. I'm wondering if anyone has any advice in terms of how to configure the internet connection. The Gentoo installation documentation recommends the use of net-setup, pppoe, pptp, dhcp and iwconfig. I can't figure out how to configure this connection, as the only way I understand is to select the network from a list and enter in authentication data from within a browser.

    Read the article

  • how to find out which servers are accessing Oracle Internet Directory ?

    - by mad sammy
    Hi, We have a OID which is maintaining data about various users. This OID is being accessed by many weblogic servers. Weblogic servers are getting authenticated using this LDAP, but when a particular server authentication fails it causes authentication process failure for all servers, so we want to track that specific server which is causing this error. Is there any facility to know which servers are using the OID or i would like to know that does OID maintains any LOGs of its usage for security purpose.. Thanks.

    Read the article

  • Spiceworks SQL Monitor cant authenticate

    - by user11457
    I have SpiceWorks 4.7, installed and added the sql monitor extension to monitor our SQL servers. It does identify our sql servers correctly, but when I put the login information in it can't authenticate, with the following error message. Authentication failed. Check the login and password, and ensure that the server is configured for remote connections. I get the same result trying to use windows authentication. WE do use an alternate port# could this be the problem?

    Read the article

  • Routing and Remote Access Service won't start after full disk

    - by NKCSS
    The HDD of the server was out of disk space, and after a reboot, RRAS won't start anymore on my 2008 R2 server. Error Details: Log Name: System Source: RemoteAccess Date: 2/5/2012 9:39:52 PM Event ID: 20153 Task Category: None Level: Error Keywords: Classic User: N/A Computer: Windows14111.<snip> Description: The currently configured accounting provider failed to load and initialize successfully. The connection was prevented because of a policy configured on your RAS/VPN server. Specifically, the authentication method used by the server to verify your username and password may not match the authentication method configured in your connection profile. Please contact the Administrator of the RAS server and notify them of this error. Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="RemoteAccess" /> <EventID Qualifiers="0">20153</EventID> <Level>2</Level> <Task>0</Task> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2012-02-05T20:39:52.000Z" /> <EventRecordID>12148869</EventRecordID> <Channel>System</Channel> <Computer>Windows14111.<snip></Computer> <Security /> </System> <EventData> <Data>The connection was prevented because of a policy configured on your RAS/VPN server. Specifically, the authentication method used by the server to verify your username and password may not match the authentication method configured in your connection profile. Please contact the Administrator of the RAS server and notify them of this error.</Data> <Binary>2C030000</Binary> </EventData> </Event> I think it has something to do with a corrupt config file, but I am unsure of what to do. I Removed the RRAS role, rebooted, and re-added, but it keeps failing with the same error. Thanks in advance. [UPDATE] If i set the accounting provider from 'Windows' to '' the service starts but VPN won't work. Any ideas how this can be repaired?

    Read the article

  • SSH: Port Forwarding, Firewalls, & Plesk

    - by Kian Mayne
    I edited my SSH configuration to accept connections on Port 213, as it was one of the few ports that my work firewall allows through. I then restarted sshd and everything was going well. I tested the ssh server locally, and checked the sshd service was listening on port 213; however, I still cannot get it to work outside of localhost. PuTTY gives a connection refused message, and some of the sites that allow check of ports I tried said the port was closed. To me, this is either firewall or port forwarding. But I've already added inbound and outbound exceptions for it. Is this a problem with my server host, or is there something I've missed? My full SSH config file, as requested: # $OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 reyk Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. # This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin # The strategy used for options in the default sshd_config shipped with # OpenSSH is to specify options with their default value where # possible, but leave them commented. Uncommented options change a # default value. Port 22 Port 213 #Protocol 2,1 Protocol 2 #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress :: # HostKey for protocol version 1 #HostKey /etc/ssh/ssh_host_key # HostKeys for protocol version 2 #HostKey /etc/ssh/ssh_host_rsa_key #HostKey /etc/ssh/ssh_host_dsa_key # Lifetime and size of ephemeral version 1 server key #KeyRegenerationInterval 1h #ServerKeyBits 768 # Logging # obsoletes QuietMode and FascistLogging #SyslogFacility AUTH SyslogFacility AUTHPRIV #LogLevel INFO # Authentication: #LoginGraceTime 2m #PermitRootLogin yes #StrictModes yes #MaxAuthTries 6 #RSAAuthentication yes #PubkeyAuthentication yes #AuthorizedKeysFile .ssh/authorized_keys # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts #RhostsRSAAuthentication no # similar for protocol version 2 #HostbasedAuthentication no # Change to yes if you don't trust ~/.ssh/known_hosts for # RhostsRSAAuthentication and HostbasedAuthentication #IgnoreUserKnownHosts no # Don't read the user's ~/.rhosts and ~/.shosts files #IgnoreRhosts yes # To disable tunneled clear text passwords, change to no here! #PasswordAuthentication yes #PermitEmptyPasswords no PasswordAuthentication yes # Change to no to disable s/key passwords #ChallengeResponseAuthentication yes ChallengeResponseAuthentication no # Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes #KerberosGetAFSToken no # GSSAPI options #GSSAPIAuthentication no GSSAPIAuthentication yes #GSSAPICleanupCredentials yes GSSAPICleanupCredentials yes # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication mechanism. # Depending on your PAM configuration, this may bypass the setting of # PasswordAuthentication, PermitEmptyPasswords, and # "PermitRootLogin without-password". If you just want the PAM account and # session checks to run without PAM authentication, then enable this but set # ChallengeResponseAuthentication=no #UsePAM no UsePAM yes # Accept locale-related environment variables AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT AcceptEnv LC_IDENTIFICATION LC_ALL #AllowTcpForwarding yes #GatewayPorts no #X11Forwarding no X11Forwarding yes #X11DisplayOffset 10 #X11UseLocalhost yes #PrintMotd yes #PrintLastLog yes #TCPKeepAlive yes #UseLogin no #UsePrivilegeSeparation yes #PermitUserEnvironment no #Compression delayed #ClientAliveInterval 0 #ClientAliveCountMax 3 #ShowPatchLevel no #UseDNS yes #PidFile /var/run/sshd.pid #MaxStartups 10 #PermitTunnel no #ChrootDirectory none # no default banner path #Banner /some/path # override default of no subsystems Subsystem sftp /usr/libexec/openssh/sftp-server

    Read the article

  • wso2 products and alfresco integration

    - by Ivo
    I've found this tutorial about installing Alfresco on WSO2 Appserver. http://sanjeewamalalgoda.blogspot.com/2011/09/how-to-install-alfresco-on-wso2.html Does this mean I can delegate authentication to the wso2 security configuration also? I wouldn't want to have to manage security in both places separately. If I were to deploy Alfresco in wso2 I would want to use the wso2 Identity Server for authentication. I was thinking about Alfresco running in wso2 Appserver using identity server for authentication and ESB for the Alfresco services. Is this approach suitable for other apps as well? Is that possible?

    Read the article

  • OpenLDAP and user role based accedss controll (RBAC)

    - by Jason
    Hello, my company uses an openldap server which stores corporate user information ((username,passwd and some other information like email are stored in ldap).. Till now they only use it for authentication but now we'd like to use for authentication also, this means that we'll create roles (as ldap attributes in a new schema) and assign those roles in the users. My actual question is if there is a best-practice to follow for using openldap for authentication on many applications (most written in php). I understand how to make roles and assign them to users for just one application, but what about the others (each application of course has its own roles). Should I just create an ou=appName,ou=roles,dc=mycompany for each application, put the roles as attributes there and just add each role as an attribute of the user object ? is there any other recommendations ? thanks

    Read the article

  • Spring security custom principal bean

    - by wuntee
    I have a web application that is set up to use the default ldap server/authentication manager/authentication provider/user service. I have another DAO that already does majority of the work that those do (besides the authenticating a user) using Spring-LDAP. My problem is that I want the principal to be of my own custom bean class. What is the simplest way to do this? Initially I was thinking to create a custom authentication provider, but since the default one does exactly what I want, there doesnt seem to be a need. I am thinking I just need to override whatever object actually returns the Principal bean. Is this possible, and able to be injected into the security ldap authenticator context?

    Read the article

  • PageMethods security

    - by TenaciousImpy
    Hi, I'm trying to 'AJAX-ify' my site in order to improve the UI experience. In terms of performance, I'm also trying to get rid of the UpdatePanel. I've come across a great article over at Encosia showing a way of posting using PageMethods. My question is, how secure are page methods in a production environment? Being public, can anyone create a JSON script to POST directly to the server, or are there cross-domain checks taking place? My PageMethods would also write the data into the database (after filtering). I'm using Forms Authentication in my pages and, on page load, it redirects unauthenticated users to the login page. Would the Page Methods on this page also need to check authentication if the user POSTs directly to the method, or is that authentication inherited for the entire page? (Essentially, does the entire page cycle occur even if a user has managed to post only to the PageMethod)? Thanks

    Read the article

  • WCF MessageContract Help - MessageBodyMember with hyphenated name

    - by Hcabnettek
    Hi All, I need a bit of WCF help. This project uses message contracts. The transport seems to work ok. I have this code for a response type. namespace tpoke.Contracts { [MessageContract(IsWrapped = true)] public class AuthenticationResponseMC { [MessageBodyMember(Name = "authentication-token")] public Guid AuthenticationToken; } } Now when I run the operation that returns this, I try to deserialize using the XmlSerializer. The is not what I'm needing. I need it to be <authentication-token xmlns="http://tpoke.wcf.com">e13xxxx-xxxx-xxxx-xxxxxx</authentication-token> How can I make this work correctly? Do I need to add the namespace to MessageBodyMember? Why is the hyphen being stripped out? Any tips or advice is certainly appreciated. Thanks, ~ck in San Diego

    Read the article

  • SQL Server 2008, Kerberos and SPN

    - by andrew007
    Hi, I installed SQL Server 2008 on a Win XP SP2 workstation in a AD domain and configured to run with the "Network Service" account. In my error log I have the following message (Event ID:26037): The SQL Server Network Interface library could not register the Service Principal Name (SPN) for the SQL Server service. **Error: 0xd, state: 13**. Failure to register an SPN may cause integrated authentication to fall back to NTLM instead of Kerberos. This is an informational message. Further action is only required if Kerberos authentication is required by authentication policies. The strange thing is that I have another SQL Server 2008 installation in a Win 2003 server configured in the same way and there I do not have this message. My questions are: Does anybody know if there are limitations with Kerberos on Windows XP and SQL Server? Why the SPN is not automatically registered on Win XP when I use the "Network Service" but it works on Windows 2003 server? THANKS!

    Read the article

  • Setting up sendgrid for rails..returning Authorization error

    - by Trip
    The emails now send from my local, but do not send from my box. I am returned this error. Anyone know what this might be? Net::SMTPAuthenticationError (535 5.7.8 Error: authentication failed: authentication failure ): My environments/production.rb ActionMailer::Base.delivery_method = :smtp ActionMailer::Base.smtp_settings = { :address => "smtp.sendgrid.net", :port => '25', :domain => "mydomain.com", :authentication => :plain, :user_name => "[email protected]", :password => "password1234" } /etc/ssmtp/ssmtp.conf : root=postmaster mailhub=smtp.sendgrid.net [email protected] AuthPass=password1234 AuthMethod=LOGIN rewriteDomain=mydomain.com FromLineOverride=YES UseSTARTTLS=NO

    Read the article

  • Authkit - deferring action for HTTP '401' response to client application

    - by jon
    Form, Redirect and Forward all send an unauthenticated user to a Form on a login page specified within an Authkit middleware application. I'd like to allow a client application to request a service via XHR and then present a custom 'client side' form if a HTTP status code of 401 is returned, which would then post to Authkit for authentication until valid authentication/authorization occured. Specifically, 1) a jquery $.get request might request a resource. 2) if an Authkit cookie check confirmed previous authorization the content would be returned. 3) if not I would like Authkit to simply return the '401 response' (and not redirect to another page, or return a form template) where a client side exception handler would notify the user and present an authentication form. Can Authkit work like this?

    Read the article

  • Why does Spring Security's BindAuthenticator require read permissions for users?

    - by Thomas
    Hi all, I'm currently implementing/configuring the LDAP authentication of a Java web application using Spring Security 3.0. I'm using Microsoft AD LDS as LDAP server and chose the Spring's BindAuthenticator. I found out that the authentication only works if the authenticated user is a member of the partition's Readers role. The BindAuthenticator tries to read the user's attributes after the authentication, which seems reasonable in scenarios where authorities are retrieved from the directory service. Being new to LDAP and AD, is this an acceptable practise when the application is integrated in an existing AD structure? Can fine-tune an give the user dns only read permissions for their own attributes rather than adding them to the Reader group? Thanks Thomas

    Read the article

  • Concepts a web application developer should know?

    - by iama
    I think it is imperative for web application developers to know the answers surrounding the following general questions on web development irrespective of the programming language/framework used. What authentication mechanisms HTTP offer & what are their pros and cons? Why should one go for FORMS authentication? How to secure authentication or for that matter any transactions via HTTP? How to maintain state in HTTP? What are the downsides to maintaining state via cookie & what happens when browsers disable them? Security issues like cross site scripting, session hijacking etc. What other questions a web developer should have answers for similar to the ones above that are programming language/web framework agnostic?

    Read the article

  • RESTFul, statelesness and sessions

    - by Per Arneng
    RESTFul service has a rule that it should be stateless. By beeing that it does not allow a session to be created and maintained by sending a session key between the client and the server and then holding a session state on the server. If i look at the definition in wikipedia of stateless server http://en.wikipedia.org/wiki/Stateless_server "A stateless server is a server that treats each request as an independent transaction that is unrelated to any previous request" It states that it should be unrelated to any previous request. In practice this means that any type of authentication will be comparing the credentials of a user to a state on the server that was created by a previous operation. So a service called login is related to and dependent on the state that has been created by previous requests (ex: create_user and/or change_password). In my view you are breaking statelessnes by doing authentication. My point is that people are complaining about having sessions in RESTFul is breaking statelesness but doing authentication is also breaking the same rule. What do you think?

    Read the article

  • ASP.NET Page Unauthorization for common pages

    - by Mahesh
    Hi I am developing a web application which has form based authentication. All pages needs to be authenticated except AboutUs and ContactUs pages. I configured everything correct except AboutUs and ContactUs pages. Since I am denying all users in authorization section, application is redirecting even if the customer browse AboutUs and ContactUs pages. Configuration Rules <authentication mode= "Forms"> <forms name=".ASPXAUTH" loginUrl="Login.aspx" timeout="20" protection="All" slidingExpiration="true" /> </authentication> <authorization> <deny users="?" /> </authorization> Could you please let me know how can I tell asp.net to remove these pages for authorization?? Thanks, Mahesh

    Read the article

  • How to use ASP.NET Authorization Yet Permit Access to .css Files?

    - by Chaitanya
    <authentication mode="Forms"> <forms loginUrl="Login.aspx"/> </authentication> <authorization> <deny users="?"/> </authorization> I am using forms authentication, and when i place the arguments cited above, the css formatting I have done for the whole document is not being implemented, it's vanishing. what should i be doing so that the CSS remains intact.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 138 139 140 141 142 143 144 145 146 147 148 149  | Next Page >