Search Results

Search found 4073 results on 163 pages for 'hosts deny'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 143/163 | < Previous Page | 139 140 141 142 143 144 145 146 147 148 149 150  | Next Page >

  • How do I implement page authorizaton in ASP.NET using a SQL store instead of web.config?

    - by drachenstern
    For instance, the way we're doing it now is like thus: (in the web.config) <location path="somePath"> <system.web> <authorization> <allow roles="approvedRoles"/> <deny users="*"/> </authorization> </system.web> </location> And what I would like to do instead is to store this information in SQL somewhere so that we can manipulate the information more easily. But we want to keep the same functionality that having the information in web.config provides, just like we can use a SqlRoleProvider instead of hardcoding roles in the app. So in other words, if a user currently tries to goto "somePath" and they're not a member of "approvedRoles" then they get redirected back to default.aspx, and if they are a member of "approvedRoles" then they get the page. I want to do the same thing, but without using web.config as the authorization mechanism. So what I'm NOT asking is how do I go about defining roles, or how do I handle logging in to the database, but specifically how do I store the above information in SQL instead of web.config. Actually, I'll take "anywhere but web.config" for now. Any ideas? Is this possible using a "Provider" class? I'm just looking for pointers on what to inherit and maybe some technet documentation. In this regard my googlefoo is lacking since I don't really know where to point. Am I really only looking for AzMan? Is this location-authorization-via-SQL already defined in the default aspnetdb somewhere and I'm missing it? For that matter, has this question already been asked on SO and I've missed it? What would you google?

    Read the article

  • cgi.FieldStorage always empty - never returns POSTed form Data

    - by Dan Carlson
    This problem is probably embarrassingly simple. I'm trying to give python a spin. I thought a good way to start doing that would be to create a simple cgi script to process some form data and do some magic. My python script is executed properly by apache using mod_python, and will print out whatever I want it to print out. My only problem is that cgi.FieldStorage() is always empty. I've tried using both POST and GET. Each trial I fill out both form fields. <form action="pythonScript.py" method="POST" name="ARGH"> <input name="TaskName" type="text" /> <input name="TaskNumber" type="text" /> <input type="submit" /> </form> If I change the form to point to a perl script it reports the form data properly. The python page always gives me the same result: number of keys: 0 #!/usr/bin/python import cgi def index(req): pageContent = """<html><head><title>A page from""" pageContent += """Python</title></head><body>""" form = cgi.FieldStorage() keys = form.keys() keys.sort() pageContent += "<br />number of keys: "+str(len(keys)) for key in keys: pageContent += fieldStorage[ key ].value pageContent += """</body></html>""" return pageContent I'm using Python 2.5.2 and Apache/2.2.3. This is what's in my apache conf file (and my script is in /var/www/python): <Directory /var/www/python/> Options FollowSymLinks +ExecCGI Order allow,deny allow from all AddHandler mod_python .py PythonHandler mod_python.publisher </Directory>

    Read the article

  • HTTP POST prarameters order / REST urls

    - by pq
    Let's say that I'm uploading a large file via a POST HTTP request. Let's also say that I have another parameter (other than the file) that names the resource which the file is updating. The resource cannot be not part of the URL the way you can do it with REST (e.g. foo.com/bar/123). Let's say this is due to a combination of technical and political reasons. The server needs to ignore the file if the resource name is invalid or, say, the IP address and/or the logged in user are not authorized to update the resource. Looks like, if this POST came from an HTML form that contains the resource name first and file field second, for most (all?) browsers, this order is preserved in the POST request. But it would be naive to fully rely on that, no? In other words the order of HTTP parameters is insignificant and a client is free to construct the POST in any order. Isn't that true? Which means that, at least in theory, the server may end up storing the whole large file before it can deny the request. It seems to me that this is a clear case where RESTful urls have an advantage, since you don't have to look at the POST content to perform certain authorization/error checking on the request. Do you agree? What are your thoughts, experiences?

    Read the article

  • ASP.NET SQLMembership Provider not logging in

    - by cfdev9
    My web app uses the sql memebership provider. Running it locally all is well, deploying to a dev server it works fine too in firefox, but in IE8 something unexpected is happening. Once a user logs in they're supposed to be redirected to home.aspx. What's happening when I attempt to login is it appears to accept the login credentials but then doesn't redirect to home.aspx. Instead it just redirects me to the login page as though I had attempted to access home.aspx directly without being logged in. The url parameter ReturnUrl is appended, Login.aspx?ReturnUrl=%2fhome.aspx Why is this only happening with IE8? My local PC is IIS7 but the server is IIS6. Using the same web.config Full code behind public partial class Login : System.Web.UI.Page { protected void Page_Load(object sender, EventArgs e) { if (!IsPostBack) { Session.Abandon(); FormsAuthentication.SignOut(); } } protected void btnSubmit_Click(object sender, EventArgs e) { if (Membership.ValidateUser(tbUsername.Text, tbPassword.Text)) { if (Request.QueryString["ReturnUrl"] != null) { FormsAuthentication.RedirectFromLoginPage(tbUsername.Text, false); } else { FormsAuthentication.SetAuthCookie(tbUsername.Text, false); Response.Redirect("~/Home.aspx"); } } } } Full web.config <?xml version="1.0"?> <configuration> <configSections> <sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> <sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> <section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> <sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> <section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="Everywhere"/> <section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> <section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> <section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> </sectionGroup> </sectionGroup> </sectionGroup> </configSections> <appSettings/> <connectionStrings> <add name="ASPNET_DB" connectionString="..."/> </connectionStrings> <system.web> <membership defaultProvider="SqlMembershipProvider"> <providers> <add name="SqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="ASPNET_DB" enablePasswordRetrieval="true" enablePasswordReset="true" requiresQuestionAndAnswer="false" applicationName="/" requiresUniqueEmail="false" passwordFormat="Clear" maxInvalidPasswordAttempts="5" passwordAttemptWindow="10" passwordStrengthRegularExpression="" minRequiredPasswordLength="1" minRequiredNonalphanumericCharacters="0"/> </providers> </membership> <roleManager enabled="true" defaultProvider="SqlRoleManager"> <providers> <add name="SqlRoleManager" type="System.Web.Security.SqlRoleProvider" connectionStringName="ASPNET_DB" applicationName="/"/> </providers> </roleManager> <authentication mode="Forms"> <forms name="CHOUSE.ASPXAUTH" loginUrl="login.aspx" protection="All" path="/"/> </authentication> <authorization> <allow roles="AccountManager"/> <allow roles="Client"/> <deny users="*"/> </authorization> <compilation debug="true"> <assemblies> <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> <add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> <add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> </assemblies> </compilation> <pages> <controls> <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> <add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> </controls> </pages> <httpHandlers> <remove verb="*" path="*.asmx"/> <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> <add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> <add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/> </httpHandlers> <httpModules> <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> </httpModules> </system.web> <location path="Admin"> <system.web> <authorization> <allow roles="AccountManager"/> <deny users="*"/> </authorization> </system.web> </location> <system.codedom> <compilers> <compiler language="c#;cs;csharp" extension=".cs" warningLevel="4" type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> <providerOption name="CompilerVersion" value="v3.5"/> <providerOption name="WarnAsError" value="false"/> </compiler> </compilers> </system.codedom> <system.webServer> <validation validateIntegratedModeConfiguration="false"/> <modules> <remove name="ScriptModule"/> <add name="ScriptModule" preCondition="managedHandler" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> </modules> <handlers> <remove name="WebServiceHandlerFactory-Integrated"/> <remove name="ScriptHandlerFactory"/> <remove name="ScriptHandlerFactoryAppServices"/> <remove name="ScriptResource"/> <add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> <add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> </handlers> </system.webServer> <runtime> <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1"> <dependentAssembly> <assemblyIdentity name="System.Web.Extensions" publicKeyToken="31bf3856ad364e35"/> <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> </dependentAssembly> <dependentAssembly> <assemblyIdentity name="System.Web.Extensions.Design" publicKeyToken="31bf3856ad364e35"/> <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0"/> </dependentAssembly> </assemblyBinding> </runtime>

    Read the article

  • How is unautenticated site navigation handled in ASP.NET?

    - by Code Sherpa
    Hi. I am wondering how to do the following... I have a registration system. When the user successfully registers, he is then led down a series of data gathering pages (for his profile) and then, finally, ends on his profile's home page where he can start to use the site. All this happens without ever logging into the system so, he is unauthenticated and unconfirmed. My question is, how does this happen? How can I allow my user to be unauthenticated (and unconfirmed, but this I understand) and use all aspects of the Web site? The way I have things set up right now, my code should be doing this: case CreateProfileStatus.Success: //FormsAuthentication.SetAuthCookie(userName, false); Response.Redirect("NextPage.aspx", false); break; but, I am being redirected to the login page after registration which is not the result I want. This is what the relevant nodes in my web.config look like: <authentication mode="Forms"> <forms name=".AuthCookie" loginUrl="default.aspx" protection="All"/> </authentication> <authorization> <deny users="?"/> <allow roles="Administrators" /> </authorization> <anonymousIdentification enabled="true" cookieName=".ASPXANONYMOUS" cookieTimeout="100000" cookiePath="/" cookieRequireSSL="false" cookieSlidingExpiration="true" cookieProtection="Encryption" cookieless="UseCookies" domain="" /> When the user logs out after the registration and initial interaction with the site he will be required to log in upon return. At this point he must be authenticated but does not need to be confirmed for a period of time. Eventually, he will be reminded. So, how is this done? Thanks in advance.

    Read the article

  • DVCS with a Windows central repository

    - by Mikko Rantanen
    We are currently using VSS for version control. Quite few of our developers are interested in a distributed model (And want to get rid of VSS). Our network is full of Windows machines and while our IT department has experience maintaining Linux machines they would prefer not to. What DVCS systems can host their central repository on Windows while providing.. Push access to the repository. Basic authentication. Mostly just a way to allow or deny access to the whole repository. No need for fine grained access. Server process so users don't need write right to the repository reducing the risk of accidentally messing with it. On the client side a GUI such as Tortoise would be more or less a requirement (Sorry, Windows shell sucks. :|). Ease of installation would be a huge plus as our IT department is already quite low on resources. And using windows credentials for authentication would be an advantage but not a requirement as long as the client is able to store the credentials. I have had a (really) quick look at Git, Mercurial and Bazaar. Git seemed to use ssh or simple WebDAV for repository access, requiring write permission for the users. Mercurial had a built in http server, but this seemed to be only for pull purposes. Update: Mercurial supports push as well. Bazaar Seemed to use sftp for repository access, again requiring a write permission for the users. Are there windows server processes for any DVCS systems and has anyone managed to set one up in a Windows land? And apologies if this is a duplicate question. I couldn't find one. Update Got Mercurial working for push purposes! Detailed list what was required can be found as an answer below.

    Read the article

  • .NET 4.0 Forms Authentication change?

    - by James Koch
    I'm seeing some new behavior in Forms Authentication after upgrading to .NET 4.0. This occurs only on IIS 6, not on 7. Background - In web.config, we configure Forms Authentication, and then use <authorization tags to globally deny anonymous/unauthenticated users access. Then we explicitly allow access to a login.aspx page using a <location tag. Generally, this works fine, as it did when we were on .NET 2.0 (3.5). The issue only occurs when we visit the root path of the site, ie "http://myserver/". Our default document is configured in IIS to be login.aspx. Under .NET 4.0, upon visiting that URL, we're redirected to "http://myserver/login.aspx?ReturnUrl=/". If you log in from here, you're logged in and returned back at the log in page (yuck). Just wanted to post this here to see if anyone else is experiencing this. It's not listed on any "breaking changes" documentation I've been able to find. Either I'm missing something, or the UrlAuthorization module has changed and is no longer "smart" about IIS default documents.

    Read the article

  • Mixing RewriteRule and ProxyPass in Apache

    - by Taylor L
    I was working on debugging an issue today related to mixing mod_proxy and mod_rewrite together and I ended up having to use balancer://mycluster in the RewriteRule in order to stop receiving a 404 error from Apache. I have two questions: 1) Is there any other way to get the rewritten URL to go through the balancer without adding balancer://mycluster into the RewriteRule? 2) Is there a way to define all the parameters I defined in ProxyPass (stickysession=JSESSIONID|jsessionid scolonpathdelim=On lbmethod=bytraffic nofailover=Off) in either the <Proxy> or RewriteRule? I'm concerned the requests that match the new RewriteRule won't load balance in the same fashion as those that go through ProxyPass (like /app1/something.do)? Below are the relevant sections of the httpd.conf. I am using Apache 2.2. <Proxy balancer://mycluster> Order deny,allow Allow from all BalancerMember ajp://my.domain.com:8009 route=node1 BalancerMember ajp://my.domain.com:8009 route=node2 </Proxy> ProxyPass /app1 balancer://mycluster/app1 stickysession=JSESSIONID|jsessionid scolonpathdelim=On lbmethod=bytraffic nofailover=Off ProxyPassReverse /app1 ajp://my.domain.com:8009/app1 ... RewriteRule ^/static/cms/image/(.*)\.(.*) balancer://mycluster/app1/$1.$2 [P,L]

    Read the article

  • Forms Authentication & Virtual Directory

    - by benclaytonfranklin
    Hi, We're having trouble getting Forms Authentication to work with a virtual directory in IIS. We have a main site, and then a microsite setup within a virtual directory. This mircosite has its own admin system within an "Admin" folder, which has authentication on it but currently it is not kicking in and the admin section is browsable by anyone. The web.config with the admin folder has the following: <?xml version="1.0"?> <configuration> <appSettings/> <connectionStrings/> <system.web> <authorization> <deny users="?"/> </authorization> <customErrors mode="RemoteOnly" defaultRedirect="~/Admin/Error.aspx"/> </system.web> </configuration> Could anyone give me any clues as to why this might not be working? Cheers!

    Read the article

  • Limiting ssh user account only to access his home directory!

    - by EBAGHAKI
    By reading some tutorials online I used these commands: Make a local group: net localgroup CopsshUsers /ADD Deny access to this group at top level: cacls c:\ /c /e /t /d CopsshUsers Open access to the copSSH installation directory: cacls copssh-inst-dir /c /e /t /r CopsshUsers Add Copssh user to the group above: net localgroup CopsshUsers mysshuser /add simply put these commands will try to create a usergroup that has no permission on your computer and it only have access to the copSSH Installation directory. This is not true, since you cannot change the permission on your windows directory, the third command won't remove access to windows folder (it says access denied on his log). Somehow I achieved that by taking ownership of Windows folder and then i execute the third command so CopsshUsers has no permissions on windows folder from now on. Now i tried to SSH to the server and it simply can't login! this is kind of funny because with permission on windows directory you can login and without it you can't!! So if you CAN SSH to the server somehow you know that you have access to the windows directory! (Is this really true??) Simple task: Limiting ssh user account only to access his home directory on WINDOWS and nothing else! Guys please help!

    Read the article

  • VB.net httpwebrequest For loop hangs every 10 or so iterations

    - by user574632
    Hello, I am trying to loop through an array and perform an httpwebrequest in each iteration. The code seems to work, however it pauses for a while (eg alot longer than the set timeout. Tried setting that to 100 to check and it still pauses) after every 10 or so iterations, then carries on working. Here is what i have so far: For i As Integer = 0 To numberOfProxies - 1 Try 'create request to a proxyJudge php page using proxy Dim request As HttpWebRequest = HttpWebRequest.Create("http://www.pr0.net/deny/azenv.php") request.Proxy = New Net.WebProxy(proxies(i)) 'select the current proxie from the proxies array request.Timeout = 10000 'set timeout Dim response As HttpWebResponse = request.GetResponse() Dim sr As StreamReader = New StreamReader(response.GetResponseStream()) Dim pageSourceCode As String = sr.ReadToEnd() 'check the downloaded source for certain phrases, each identifies a type of proxy 'HTTP_X_FORWARDED_FOR identifies a transparent proxy If pageSourceCode.Contains("HTTP_X_FORWARDED_FOR") Then 'delegate method for cross thread safe UpdateListbox(ListBox3, proxies(i)) ElseIf pageSourceCode.Contains("HTTP_VIA") Then UpdateListbox(ListBox2, proxies(i)) Else UpdateListbox(ListBox1, proxies(i)) End If Catch ex As Exception 'MessageBox.Show(ex.ToString) used in testing UpdateListbox(ListBox4, proxies(i)) End Try completedProxyCheck += 1 lblTotalProxiesChecked.CustomInvoke(Sub(l) l.Text = completedProxyCheck) Next I have searched all over this site and via google, and most responses to this type of question say the response must be closed. I have tried a using block, eg: Using response As HttpWebResponse = request.GetResponse() Using sr As StreamReader = New StreamReader(response.GetResponseStream()) Dim pageSourceCode As String = sr.ReadToEnd() 'check the downloaded source for certain phrases, each identifies a type of proxy 'HTTP_X_FORWARDED_FOR identifies a transparent proxy If pageSourceCode.Contains("HTTP_X_FORWARDED_FOR") Then 'delegate method for cross thread safe UpdateListbox(ListBox3, proxies(i)) ElseIf pageSourceCode.Contains("HTTP_VIA") Then UpdateListbox(ListBox2, proxies(i)) Else UpdateListbox(ListBox1, proxies(i)) End If End Using End Using And it makes no difference (though i may have implemented it wrong) As you can tell im very new to VB or any OOP so its probably a simple problem but i cant work it out. Any suggestions or just tips on how to diagnose these types of problems would be really appreciated.

    Read the article

  • How to implement an interface class using the non-virtual interface idiom in C++?

    - by andreas buykx
    Hi all, In C++ an interface can be implemented by a class with all its methods pure virtual. Such a class could be part of a library to describe what methods an object should implement to be able to work with other classes in the library: class Lib::IFoo { public: virtual void method() = 0; }; : class Lib::Bar { public: void stuff( Lib::IFoo & ); }; Now I want to to use class Lib::Bar, so I have to implement the IFoo interface. For my purposes I need a whole of related classes so I would like to work with a base class that guarantees common behavior using the NVI idiom: class FooBase : public IFoo // implement interface IFoo { public: void method(); // calls methodImpl; private: virtual void methodImpl(); }; The non-virtual interface (NVI) idiom ought to deny derived classes the possibility of overriding the common behavior implemented in FooBase::method(), but since IFoo made it virtual it seems that all derived classes have the opportunity to override the FooBase::method(). If I want to use the NVI idiom, what are my options other than the pImpl idiom already suggested (thanks space-c0wb0y).

    Read the article

  • Apache proxy to Lighttpd: changing $_SERVER['HTTP_HOST'] in php

    - by watain
    I have a WordPress blog running on lighttpd-1.4.19, listening on at www00:81. On the same host, apache-2.2.11 listens on port 80, which creates a proxy connection from http://blog.mydomain.org:80 to http://blog.mydomain.org:81. The Apache virtualhost looks as follows: <VirtualHost *:80> ServerName blog.mydomain.org ProxyRequests Off <Proxy *> Order deny,allow Allow from all </Proxy> ProxyPass / http://blog.mydomain.org:81/ ProxyPassReverse / http://blog.mydomain.org:81/ </VirtualHost> Using debug.log-request-handling = "enable" I get the following log entry when I browse http://blog.mydomain.org:80 (notice the Host headers): 2010-05-10 08:47:14: (request.c.294) fd: 6 request-len: 853 GET / HTTP/1.1 Host: blog.mydomain.org:81 [...] 2010-05-10 08:47:15: (request.c.294) fd: 8 request-len: 754 GET /wp-content/uploads/2010/01/image.gif?w=280 HTTP/1.1 Host: www00:81 My problem: as far as I know, the PHP environment variable $_SERVER['HTTP_HOST'] is set to that Host header variable. Unfortunately, WordPress uses that variable in their system to create URLs to pictures on the blog. These URLs won't be accessible behind a firewall of course. How can I force the host header to be blog.mydomain.org instead of blog.mydomain.org:81, respectively www00:81? I already added set server.name = "blog.mydomain.org" to my lighttpd.conf, but this didn't work. Any suggestions are appreciated, thank you.

    Read the article

  • Getting auth token for dropbox account from accountmanager in android

    - by user1490880
    I am trying to get auth token for a dropbox account configured in device from account manager. I am using accountManager.getAuthToken(account, "DROPBOX",null,Hello.this, new GetAuthTokenCallback(), null);//account" is dropbox account I am seeing a Allow/Deny page. I click on Allow, but the callback is not getting invoked at all and i dont get the auth token. I got the authtoken for a google account with this(with a different authtokentype). What i am missing. I am not sure about the authTokenType parameter for dropbox. Also are there any other parameter specific for dropbox like the bundle parameter that i am missing. Is this way possible for dropbox? Check below for the function parameters public AccountManagerFuture<Bundle> getAuthToken (Account account, String authTokenType, Bundle options, Activity activity, AccountManagerCallback<Bundle> callback, Handler handler) Link: http://developer.android.com/reference/android/accounts/AccountManager.html UPDATE I assume since we are able to create a dropbox account in android Accounts and Sync(Settings), there must be a dropbox authenticator that has all the functions in AbstractAccountAuthenticator implemented including getAuthToken(). So dropbox should support giving auth token i think. Also dropbox uses oauth1, whereas account manager uses outh 2.0. So is this an issue.Can anyone comment on this?

    Read the article

  • Why am I getting a permission denied error on my public folder?

    - by Robin Fisher
    Hi all, This one has got me stumped. I'm deploying a Rails 3 app to Slicehost running Apache 2 and Passenger. My server is running Ruby 1.9.1 using RVM. I am receiving a permission denied error on the "public" folder in my app. My Virtual Host is setup as follows: <VirtualHost *:80> ServerName sharerplane.com ServerAlias www.sharerplane.com ServerAlias *.sharerplane.com DocumentRoot /home/robinjfisher/public_html/sharerplane.com/current/public/ <Directory "/home/robinjfisher/public_html/sharerplane.com/public/"> AllowOverride all Options -MultiViews Order allow,deny Allow from all </Directory> PassengerDefaultUser robinjfisher </VirtualHost> I've tried the following things: trailing slash on public; no trailing slash on public; PassengerUserSwitching on and off; PassengerDefaultUser set and not set; with and without the block. The public folder is owned by robinjfisher:www-data and Passenger is running as robinjfisher so I can't see why there are permission issues. Does anybody have any thoughts? Thanks Robin PS. Have disabled the site for the time being to avoid indexing so what is there currently is not the site in question.

    Read the article

  • apache web server configuration problem

    - by mohit
    i want to have apache server to serve only /var/www/ directory now it serves all my files on system from directory "/" i tried to edit httpd.conf placed in /etc/apache2 and placed the folllowing content in it(intially it was empty) <Directory /> Options None AllowOverride None </Directory> DocumentRoot "/var/www" <Directory "/var/www"> Options Indexes FollowSymLinks AllowOverride None Order allow,deny Allow from all </Directory> then saved it,restarted apache server put the location /var/www in the web browser address bar,still it shows the higher level directories too then i edited the file Default,Default-ssl in the sites-available folder repeated the same process still apache serves all files on my system 2.when i try to use the following command gedit httpd.conf I get the error gedit:2696): EggSMClient-WARNING **: Failed to connect to the session manager: None of the authentication protocols specified are supported GConf Error: Failed to contact configuration server; some possible causes are that you need to enable TCP/IP networking for ORBit, or you have stale NFS locks due to a system crash. See http://projects.gnome.org/gconf/ for information. (Details - 1: Failed to get connection to session: Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken.)

    Read the article

  • GetAccessControl error with NTAccount

    - by Adam Witko
    private bool HasRights(FileSystemRights fileSystemRights_, string fileName_, bool isFile_) { bool hasRights = false; WindowsIdentity WinIdentity = System.Security.Principal.WindowsIdentity.GetCurrent(); WindowsPrincipal WinPrincipal = new WindowsPrincipal(WinIdentity); AuthorizationRuleCollection arc = null; if (isFile_) { FileInfo fi = new FileInfo(@fileName_); arc = fi.GetAccessControl().GetAccessRules(true, true, typeof(NTAccount)); } else { DirectoryInfo di = new DirectoryInfo(@fileName_); arc = di.GetAccessControl().GetAccessRules(true, true, typeof(NTAccount)); } foreach (FileSystemAccessRule rule in arc) { if (WinPrincipal.IsInRole(rule.IdentityReference.Value)) { if (((int)rule.FileSystemRights & (int)fileSystemRights_) > 0) { if (rule.AccessControlType == AccessControlType.Allow) hasRights = true; else if (rule.AccessControlType == AccessControlType.Deny) { hasRights = false; break; } } } } return hasRights; } The above code block is causing me problems. When the WinPrincipal.IsInRole(rule.IdentityReference.Value) is executed the following exception occurs: "The trust relationship between the primary domain and the trusted domain failed.". I'm very new to using identities, principles and such so I don't know what's the problem. I'm assuming it's with the use of NTAccount? Thanks

    Read the article

  • how to allow unamed user in svn authz file?

    - by dtrosset
    I have a subversion server running with apache. It authenticates users using LDAP in apache configuration and uses SVN authorizations to limit user access to certain repositories. This works perfectly. Apache DAV svn SVNParentPath /srv/svn SVNListParentPath Off SVNPathAuthz Off AuthType Basic AuthName "Subversion Repository" AuthBasicProvider ldap AuthLDAPBindDN # private stuff AuthLDAPBindPassword # private stuff AuthLDAPURL # private stuff Require valid-user AuthzSVNAccessFile /etc/apache2/dav_svn.authz Subversion [groups] soft = me, and, all, other, developpers Adding anonymous access from one machine Now, I have a service I want to setup (rietveld, for code reviews) that needs to have an anonymous access to the repository. As this is a web service, accesses are always done from the same server. Thus I added apache configuration to allow all accesses from this machine. This did not work until I add an additional line in the authorization file to allow read access to user -. Apache <Limit GET PROPFIND OPTIONS REPORT> Order allow,deny Allow from # private IP address Satisfy Any </Limit> Subversion [Software:/] @soft = rw - = r # <-- This is the added line For instance, before I add this, all users were authenticated, and thus had a name. Now, some accesses are done without a user name! I found this - user name in the apache log files. But does this line equals to * = r that I absolutely do not want to enable, or does it only allows the anonymous unnamed user (that is allowed access only from the rietveld server)?

    Read the article

  • Apache console accesses network drives, service does not?

    - by danspants
    I have an apache 2.2 server running Django. We have a network drive T: which we need constant access to within our Django app. When running Apache as a service, we cannot access this drive, as far as any django code is concerned the drive does not exist. If I add... <Directory "t:/"> Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory> to the httpd.conf file the service no longer runs, but I can start apache as a console and it works fine, Django can find the network drive and all is well. Why is there a difference between the console and the service? Should there be a difference? I have the service using my own log on so in theory it should have the same access as I do. I'm keen to keep it running as a service as it's far less obtrusive when I'm working on the server (unless there's a way to hide the console?). Any help would be most appreciated.

    Read the article

  • Driver denied access to PCI card

    - by Corin
    We wrote a Windows device driver to access our custom PCI card. The driver uses CreateFile to get a handle to the card. We recently had trouble at one installation were the card appeared to stop working. We tried replacing the card (the replacement appeared not work either). The computer vendor replaced the motherboard and both cards still failed to work. We put the cards in a different computer and both worked fine. We now have the computer at our office for examination. The Windows Device Manager lists our card in Other Devices as usual and says it's working fine. However, our driver initialization fails when it attempts to connect to the card. We created a test version of our driver with some extra debugging and determined that CreateFile is failing. It returns INVALID_HANDLE_VALUE as it is supposed to on failure. GetLastError indicates the error is Access is Denied. Since we're logged into the system as a local administrator, what can deny access to the device?

    Read the article

  • Giving writing permissions for IIS user at Windows 2003 Server

    - by Steve
    I am running a website over Windows 2003 Server and IIS6 and I am having problems to write or delete files in some temporary folder obtaining this kind of warmings: Warning: unlink(C:\Inetpub\wwwroot\cakephp\app\tmp\cache\persistent\myapp_cake_core_cake_): Permission denied in C:\Inetpub\wwwroot\cakephp\lib\Cake\Cache\Engine\FileEngine.php on line 254 I went to the tmp directory and at the properties I gave the IIS User the following permissions: Read & Execute List folder Contents Read And it still showing the same warnings. When I am on the properties window, if I click on Advanced the IIS username appears twice. One with Allow type and read & execute permissions and the other with Deny type and Special permissions. My question is: Should I give this user not only the Read & Execute permissions but also this ones?: Create Attributes Create Files/ Write Data Create Folders/ Append Data Delete Subfolders and Files Delete They are available to select if I Click on the edit button over the username. Wouldn't I be opening a security hole if I do this? Otherwise, how can I do to read and delete the files my website uses? Thanks.

    Read the article

  • mvc jquery passing form values after user presses "Accept" button

    - by gdubs
    So I have a form and a submit button that posts the form to an action. But I wanted to show a popup where the user can deny or accept an agreement. Here's my jquery $(document).ready((function () { var dialog = $('#confirmation-dialog').dialog({ autoOpen: false, width: 500, height: 600, resizable: false, modal: true, buttons: { "Accept": function () { $(this).dialog('close'); $.ajax({ type: 'POST', data: {__RequestVerificationToken: $("input[name=__RequestVerificationToken]").val()} }); }, "Cancel": function () { $(this).dialog('close'); } } }); $('#registration-submit').click(function (e) { var action = $(this.form); console.log(action); var form = $('form'); dialog.dialog("open"); return false; }); })); My problem with this is that it would post, but it would only send my AntiforgeryToken, and not the values of the form. But when it goes through the TryupdateModel it would go through for some reason but will not Save (cuz of the missing data that wasn't passed on the formcollection).

    Read the article

  • iPhone Custom CA certificate for an application which uses NSURLConnection?

    - by jr
    I have an application which is communicating with many different sites and each site has its own SSL certificate signed by our own internal CA. Doing this prevents us the need from purchasing SSL certificates for each site (hundreds or thousands) and is more secure then using a wildcard certificate with a shared key on each of those sites. So, basically using a CA certificate is the only way. Right now, I have a mobileprovision file which will install the CA certificate as a profile on the phone. When our iPhone application launches if it gets an SSL Certificate error it redirects to a this mobile provision file via Safari and the user will be prompted to install the CA. The problem is that I am concerned that the Apple AppStore might deny my app for doing this (Just some feedback from other developers at this point), and I wanted to research other ways to accomplish this. Basically what I need to accomplish is allow an SSL connection which will verify against a custom CA certificate which will be embedded in my application. This will make the CA certificate active for only the calls I make. I am using the standard NSURLConnection methods in order to communicate with the service. Is this possible? Can someone show me how to load the CA (what form PEM?) and add it to the list of trusted CA certificates for my application? If that is not possible what other options do I have? Just trusting all certificates isn't really any option, we want to prevent man in the middle attacks and only trust our CA issued certificates. Thanks!

    Read the article

  • Forms authentication: how do you store username password in web.config?

    - by Nick G
    I'm used to using Forms Authentication with a database, but I'm writing a little internal utility and the app doesn't have a database so I want to store the username and password in web.config. However for some reason, forms authentication is still trying to access SQL Server and I can't see how to stop it doing this and pick up the credentials from web.config. What am I doing wrong? I just get the error "Failed to generate a user instance of SQL Server due to a failure in impersonating the client. The connection will be closed." Here are the relevant sections of my web.config: <configuration> <system.web> <authentication mode="Forms"> <forms loginUrl="~/Login.aspx" timeout="60" name=".LoginCookie" path="/" > <credentials passwordFormat="Clear"> <user name="user1" password="[pass]" /> <user name="user2" password="[pass]" /> </credentials> </forms> </authentication> <authorization> <deny users="?" /> </authorization> </system.web> </configuration>

    Read the article

  • do functions in sql server have different permissions rules?

    - by jcollum
    Here's the situation. I'm writing an automated test that walks the list of dependencies for a proc and determines if an acct has rights for all of the dependent objects. My code looks like this: exec sp_depends 'the_proc_name' -- run this query on the results of sp_depends: select case when exists ( select * from sys.database_permissions dp where grantee_principal_id=USER_ID('TheAccount') and major_id=object_id('dbo.theDependentObject') and minor_id=0 and state_desc = 'GRANT') then 'true' else 'false' end; It all seems to be working fine, but there's a hiccup when it encounters a function. I have one case where TheAccount doesn't have rights to a function (the query above returns false). However the proc that calls the function in question runs fine when running under TheAccount. So there's either something wrong with my test code or functions have special permission behavior in SQL-Server that I'm not aware of. Should I change the code to only search for 'DENY' instead of 'GRANT'? Do functions that are called in procs inherit the permissions of the calling proc except when the execute rights are explicitly denied? Does my code suck?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 139 140 141 142 143 144 145 146 147 148 149 150  | Next Page >