Search Results

Search found 7914 results on 317 pages for 'valid xhtml'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 143/317 | < Previous Page | 139 140 141 142 143 144 145 146 147 148 149 150  | Next Page >

  • Which Browsers don't support ids for in page navigation (fragid)?

    - by dshaw
    In HTML5, name is no longer a valid attribute of the anchor tag (<a name="yadayada">). It has been mentioned that older browsers do not recognize the the new recommended approach (<a id="yadaya"> or any id for that matter). What are the browsers which don't recognize ids for in page navigation (fragids)? Are we talking about Netscape-era browsers or the usual suspect, Internet Explorer 6?

    Read the article

  • folder deleting not working

    - by user1150440
    If System.IO.Directory.Exists(HttpContext.Current.Server.MapPath(Server.MapPath("images/TravelogueGallery/" & getMaxID()))) Then System.IO.Directory.Delete(HttpContext.Current.Server.MapPath("images/TravelogueGallery/" & getMaxID()), True) End If I am using the above code snippet to delete a directory but i get this error "'G:\Projects\Latest\LTCIndia 05-04-12 1415\images\TravelogueGallery\19' is not a valid virtual path. " Whats wrong with the code?

    Read the article

  • Simple DB2 Query for connection validation

    - by Eric Tuttleman
    I'm looking for a simple DB2 query that can be used to test if a database connection in pool is still valid. It needs to be a generic query that would execute regardless of which databases exist. For other database servers, I've used something like 'SELECT 1' or 'SELECT version();' What would be an equivalent for DB2? Thanks!

    Read the article

  • Adding C++ DLL's to a C# project

    - by WebDevHobo
    I'm trying to use the lame_enc.dll file from LAME in a C# project, but adding the thing seems impossible. I keep getting an error that says that a reference could not be added and to please check if the is accessible, a valid assembly or COM component. I have no C++ experience, though I would like to use the functionality. Right now I'm using Process from the .NET framework to call lame.exe and do stuff, but I'd like to know if there's another way.

    Read the article

  • Whats wrong with this while loop?

    - by David
    boolean r = false ; int s = 0 ; while (r == false) ; { s = getInt() ; if (!(s>=0 && s<=2)) System.out.println ("try again not a valid response") ; else r = true ; } The text never displays itself even when a 3 or a 123 is entered and the loop never terminates. Whats wrong here?

    Read the article

  • Interrupt ?13 (ah=48) - not working

    - by GLeBaTi
    I want fetch the parameters of my hard disk. Using the technique described here. This is code showing normal parameters of floppy disk: mov dl,00h mov ah,08h int 13h This is code, showing not valid parameters of hard disk (may be, my hard disk space is big (LBA)): mov dl,80h mov ah,08h int 13h And I've written this code: mov dl,80h mov ah,48h int 13h The code is giving cf = 1(error). How do I fix it?

    Read the article

  • Can I use accepts_nested_attributes_for with checkboxes in a _form to select potential 'links' from a list

    - by Ryan
    In Rails 3: I have the following models: class System has_many :input_modes # name of the table with the join in it has_many :imodes, :through => :input_modes, :source => 'mode', :class_name => "Mode" has_many :output_modes has_many :omodes, :through => :output_modes, :source => 'mode', :class_name => 'Mode' end class InputMode # OutputMode is identical belongs_to :mode belongs_to :system end class Mode ... fields, i.e. name ... end That works nicely and I can assign lists of Modes to imodes and omodes as intended. What I'd like to do is use accepts_nested_attributes_for or some other such magic in the System model and build a view with a set of checkboxes. The set of valid Modes for a given System is defined elsewhere. I'm using checkboxes in the _form view to select which of the valid modes is actually set in imodes and omodes . I don't want to create new Modes from this view, just select from a list of pre-defined Modes. Below is what I'm currently using in my _form view. It generates a list of checkboxes, one for each allowed Mode for the System being edited. If the checkbox is ticked then that Mode is to be included in the imodes list. <% @allowed_modes.each do |mode| %> <li> <%= check_box_tag :imode_ids, mode.id, @system.imodes.include?(modifier), :name => 'imode_ids[]' %> <%= mode.name %> </li> <% end %> Which passes this into the controller in params: { ..., "imode_ids"=>["2", "14"], ... } In the controller#create I extract and assign the Modes that had their corresponding checkboxes ticked and add them to imodes with the following code: @system = System.new(params[:system]) # Note the the empty list that makes sure we clear the # list if none of the checkboxes are ticked if params.has_key?(:imode_ids) imodes = Mode.find(params[:imode_ids]) else imodes = [] end @system.imodes = imodes Once again that all works nicely but I'll have to copy that cludgey code into the other methods in the controller and I'd much prefer to use something more magical if possible. I feel like I've passed off the path of nice clean rails code and into the forest of "hacking around" rails; it works but I don't like it. What should I have done?

    Read the article

  • safely reading directory contents

    - by Jack
    Is it safe to read directory entries via readdir() or scandir() while files are being created/deleted in this directory? Should I prefer one over the other? When I say "safe" I mean entries returned by these functions are valid and can be operated without crushing the program. Thanks.

    Read the article

  • Is objective C 2.0 a proper superset of C?

    - by RankWeis
    I've heard that objective-C is a proper superset of C, but is objective-C 2.0? The reason I ask is that either it isn't, or I misunderstand the phrase 'proper superset', because this code is valid C syntax: import int main () { char *nil = "hello"; printf("%s\n",nil); } But does not compile in Objective-C 2.0. Obviously, this is an easily fixable problem, but I'm writing a paper, and feel that this is something that should be pointed out.

    Read the article

  • How to validate if all check boxes are ticked in jQuery?

    - by Jude
    I am a beginner in jQuery and I was wondering how to validate the form before submission specifically for check boxes. I am creating a simple check list form where my user would tick a check box if he finished that step. What I am planning to do is that, the script would prevent the form submission if there is an "unticked" checkbox and highlight it with a color. Here's my code : <!doctype html> <html> <head> <meta charset="utf-8"> <title>checkbox</title> <style> .error { background-color:#F00; } .valid { background-color:#0F0; } </style> <script type="application/javascript" src="http://code.jquery.com/jquery-1.8.2.min.js"> </script> <script type="application/javascript"> function validateAll() { $(".tick").change(function(){ if ($('.tick:checked').length == $('.tick').length) { $('#container').removeClass(); $('#container').addClass('error'); } else { $('#container').removeClass(); $('#container').addClass('valid'); } }); } </script> </head> <body> <div id="container"><input class="tick" id="option1" type="checkbox"></div> <div id="container"><input class="tick" id="option1" type="checkbox"></div> <input id="button" type="button" onClick="validateAll();" value="check"> </body> </html> So what I am trying to do here is when the user clicks the button, the script will highlight all the unchecked check box with red and highlight all checked with green. However, my script is not functioning. What is wrong with my script? Any suggestions on a more efficient way to do this?

    Read the article

  • how to validate

    - by kumar
    I have this Calender Control I am using..user can select any date from the calender.. I need to validate the dates like Saturday and Sundays and 1/1 and 1/25.. if they select these days I need to show them Popup message not valid date? can anybody help me out.. thanks

    Read the article

  • C++: Return NULL instead of struct

    - by Rosarch
    I have a struct Foo. In pseudocode: def FindFoo: foo = results of search foundFoo = true if a valid foo has been found return foo if foundFoo else someErrorCode How can I accomplish this in C++? Edited to remove numerous inaccuracies.

    Read the article

  • How do you handle authentication across domains?

    - by William Ratcliff
    I'm trying to save users of our services from having to have multiple accounts/passwords. I'm in a large organization and there's one group that handles part of user authentication for users who are from outside the facility (primarily for administrative functions). They store a secure cookie to establish a session and communicate only via HTTPS via the browser. Sessions expire either through: 1) explicit logout of the user 2) Inactivity 3) Browser closes My team is trying to write a web application to help users analyze data that they've taken (or are currently taking) while at our facility. We need to determine if a user is 1) authenticated 2) Some identifier for that user so we can store state for them (what analysis they are working on, etc.) So, the problem is how do you authenticate across domains (the authentication server for the other application lives in a border region between public and private--we will live in the public region). We have come up with some scenarios and I'd like advice about what is best practice, or if there is one we haven't considered. Let's start with the case where the user is authenticated with the authentication server. 1) The authentication server leaves a public cookie in the browser with their primary key for a user. If this is deemed sensitive, they encrypt it on their server and we have the key to decrypt it on our server. When the user visits our site, we check for this public cookie. We extract the user_id and use a public api for the authentication server to request if the user is logged in. If they are, they send us a response with: response={ userid :we can then map this to our own user ids. If necessary, we can request additional information such as email-address/display name once (to notify them if long running jobs are done, or to share results with other people, like with google_docs). account_is_active:Make sure that the account is still valid session_is_active: Is their session still active? If we query this for a valid user, this will have a side effect that we will reset the last_time_session_activated value and thus prolong their session with the authentication server last_time_session_activated: let us know how much time they have left ip_address_session_started_from:make sure the person at our site is coming from the same ip as they started the session at } Given this response, we either accept them as authenticated and move on with our app, or redirect them to the login page for the authentication server (question: if we give an encrypted portion of the response (signed by us) with the page to redirect them to, do we open any gaping security holes in the authentication server)? The flaw that we've found with this is that if the user visits evilsite.com and they look at the session cookie and send a query to the public api of the authentication server, they can keep the session alive and if our original user leaves the machine without logging out, then the next user will be able to access their session (this was possible before, but having the session alive eternally makes this worse). 2) The authentication server redirects all requests made to our domain to us and we send responses back through them to the user. Essentially, they act as a proxy. The advantage of this is that we can handshake with the authentication server, so it's safe to be trusted with the email address/name of the user and they don't have to reenter it So, if the user tries to go to: authentication_site/mysite_page1 they are redirected to mysite. Which would you choose, or is there a better way? The goal is to minimize the "Yet Another Password/Yet another username" problem... Thanks!!!!

    Read the article

  • set proxy in apache for XMPP chat

    - by Hunt
    I want to setup a proxy settings in Apache to use Facebook XMPP Chat So far I have setup ejabber server and I am able to access xmpp service using http://mydomain.com:5280/xmpp-http-bind I am able to create Jabber Account too. Now as I want to integrate Facebook XMPP chat , I want my server to sit in between client and chat.facebook.com because I want to implement Facebook chat and custom chat too. So I have read this article and come to know that I need to serve BOSH Service as a proxy in apache to access Facebook Chat service. So I don't know how to set up a proxy in a apache httpd.conf as I have tried following <Proxy *> Order deny,allow Allow from all </Proxy> ProxyPass /xmpp-httpbind http://www.mydomain.com:5280/xmpp-http-bind ProxyPassReverse /xmpp-httpbind http://www.mydomain.com:5280/xmpp-http-bind But whenever I request http://www.mydomain.com:5280/xmpp-http-bind from strophe.js I am getting following response from server <body type='terminate' condition='internal-server-error' xmlns='http://jabber.org/protocol/httpbind'> BOSH module not started </body> and server log says following E(<0.567.0:ejabberd_http_bind:1239) : You are trying to use BOSH (HTTP Bind) in host "chat.facebook.com", but the module mod_http_bind is not started in that host. Configure your BOSH client to connect to the correct host, or add your desired host to the configuration, or check your 'modules' section in your ejabberd configuration file. here is my existing settings of ejabberd.cfg , but still no luck {5280, ejabberd_http, [ {access,all}, {request_handlers, [ {["pub", "archive"], mod_http_fileserver}, {["xmpp-http-bind"], mod_http_bind} ]}, captcha, http_bind, http_poll, register, web_admin ]} ]}. in a module section {mod_http_bind, [{max_inactivity, 120}]}, and whenever i fire http://www.mydomain.com:5280/xmpp-http-bind url independently am getting following message ejabberd mod_http_bind An implementation of XMPP over BOSH (XEP-0206) This web page is only informative. To use HTTP-Bind you need a Jabber/XMPP client that supports it. I have added chat.facebook.com in a list of host in ejabber.cfg as follows {hosts, ["localhost","mydomain.com","chat.facebook.com"]} and now i am getting following response <body xmlns='http://jabber.org/protocol/httpbind' sid='710da2568460512eeb546545a65980c2704d9a27' wait='300' requests='2' inactivity='120' maxpause='120' polling='2' ver='1.8' from='chat.facebook.com' secure='true' authid='1917430584' xmlns:xmpp='urn:xmpp:xbosh' xmlns:stream='http://etherx.jabber.org/streams' xmpp:version='1.0'> <stream:features xmlns:stream='http://etherx.jabber.org/streams'> <mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'> <mechanism>DIGEST-MD5</mechanism> <mechanism>PLAIN</mechanism> </mechanisms> <c xmlns='http://jabber.org/protocol/caps' hash='sha-1' node='http://www.process-one.net/en/ejabberd/' ver='yy7di5kE0syuCXOQTXNBTclpNTo='/> <register xmlns='http://jabber.org/features/iq-register'/> </stream:features> </body> if i use valid BOSH service created my jack moffit http://bosh.metajack.im:5280/xmpp-httpbind then i am getting following valid XML from facebook , but from my server i am not getting this <body xmlns='http://jabber.org/protocol/httpbind' inactivity='60' secure='true' authid='B8732AA1' content='text/xml; charset=utf-8' window='3' polling='15' sid='928073b02da55d34eb3c3464b4a40a37' requests='2' wait='300'> <stream:features xmlns:stream='http://etherx.jabber.org/streams' xmlns='jabber:client'> <mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'> <mechanism>X-FACEBOOK-PLATFORM</mechanism> <mechanism>DIGEST-MD5</mechanism> </mechanisms> </stream:features> </body> Can anyone please help me to resolve the issue

    Read the article

  • Troubleshooting unwanted NTP Traffic

    - by Jaxaeon
    A domain controller running Windows Server 2012 is sending NTP and NETBIOS traffic to an address that has never been configured as a time provider. The server logs give no indication that any NTP traffic is failing. The only place I see any evidence of this traffic is in pfSense system logs: (Blocked) Jun 9 08:48:50 DOMAIN 10.0.1.100:123 192.128.127.254:123 UDP (Blocked) Jun 9 08:48:53 DOMAIN 10.0.1.100:137 192.128.127.254:137 UDP As far as I can tell the NTP service is working normally otherwise: DC2.domain.com[10.0.1.101:123]: ICMP: 0ms delay NTP: -0.0131705s offset from DC1.domain.com RefID: DC1.domain.com [10.0.1.100] Stratum: 3 DC1.domain.com *** PDC ***[10.0.1.100:123]: ICMP: 0ms delay NTP: +0.0000000s offset from DC1.domain.com RefID: clock1.albyny.inoc.net [64.246.132.14] Stratum: 2 The time provider NtpClient is currently receiving valid time data from 1.pool.ntp.org,0×1 (ntp.m|0x0|0.0.0.0:123->204.2.134.163:123). The time provider NtpClient is currently receiving valid time data from 0.pool.ntp.org,0×1 (ntp.m|0x0|0.0.0.0:123->64.246.132.14:123). The time service is now synchronizing the system time with the time source 0.pool.ntp.org,0×1 (ntp.m|0x0|0.0.0.0:123->64.246.132.14:123). I've been inside and out of the NTP configuration and cannot find any reason for this traffic. Reverse DNS points the destination address to nothing.attdns.com. pinging nothing.attdns.com from the domain controller in question leads to a response from loopback (127.0.0.2) which makes my head hurt. Any ideas? EDIT1: It should probably be noted that after a dns flush, nslookup 192.128.127.254 returns nothing.attdns.com. 192.128.127.254 is not present in domain.com DNS records. The attdns.com domain is not present in cached lookups. 127.in-addr.arpa is clean of any funkyness. EDIT2: The loopback ping response from nothing.attdns.com is possibly unrelated. Machines on other networks are also displaying this behavior. EDIT3: As mentioned in the comments, I tracked the problem network adapter back to my pfSense VM hosted in esxi 5.5 (I know shame on me for virtualizing a firewall). pfSense was configured to use DC1.domain.com as its primary time provider, but upon changing it back to pool.ntp.org the problem persists. pfSense logs give no indication of NTP misconfiguration. Everywhere I can think to look this VM is identified as 10.0.1.253, so I still have no idea why it’s sending NTP requests as 192.128… Since this firewall was a temporary solution to a problem that no longer exists so I am going to decommission it. EDIT4: The queries were coming from another machine sharing the same virtual adapter as the firewall. The machine has two local adapters: one for LAN, and the other for attached hardware that uses an Ethernet connection. That hardware sits in the the mystery subnet, and the machine is broadcasting NTP requests over both adapters.

    Read the article

  • Raid 1 array won't assemble after power outage. How do I fix this ext4 mirror?

    - by Forkrul Assail
    Two ext4 drives on Raid 1 with mdadm won't reassemble after the power went out for an extended period (UPS drained). After turning the machine back on, mdadm said that the array was degraded, after which it took about 2 days for a full resync, which completed without problems. On trying to remount the array I get: mount: you must specify the filesystem type cat /etc/fstab lines relevant to setup: /dev/md127 /media/mediapool ext4 defaults 0 0 dmesg | tail (on trying to mount) says: [ 1050.818782] EXT3-fs (md127): error: can't find ext3 filesystem on dev md127. [ 1050.849214] EXT4-fs (md127): VFS: Can't find ext4 filesystem [ 1050.944781] FAT-fs (md127): invalid media value (0x00) [ 1050.944782] FAT-fs (md127): Can't find a valid FAT filesystem [ 1058.272787] EXT2-fs (md127): error: can't find an ext2 filesystem on dev md127. cat /proc/mdstat says: Personalities : [raid1] [linear] [multipath] [raid0] [raid6] [raid5] [raid4] [raid10] md127 : active (auto-read-only) raid1 sdj[2] sdi[0] 2930135360 blocks super 1.2 [2/2] [UU] unused devices: <none> fsck /dev/md127 says: fsck from util-linux 2.20.1 e2fsck 1.42 (29-Nov-2011) fsck.ext2: Superblock invalid, trying backup blocks... fsck.ext2: Bad magic number in super-block while trying to open /dev/md127 The superblock could not be read or does not describe a correct ext2 filesystem. If the device is valid and it really contains an ext2 filesystem (and not swap or ufs or something else), then the superblock is corrupt, and you might try running e2fsck with an alternate superblock: e2fsck -b 8193 <device> mdadm -E /dev/sdi gives me: /dev/sdi: Magic : a92b4efc Version : 1.2 Feature Map : 0x0 Array UUID : 37ac1824:eb8a21f6:bd5afd6d:96da6394 Name : sojourn:33 Creation Time : Sat Nov 10 10:43:52 2012 Raid Level : raid1 Raid Devices : 2 Avail Dev Size : 5860271016 (2794.40 GiB 3000.46 GB) Array Size : 2930135360 (2794.39 GiB 3000.46 GB) Used Dev Size : 5860270720 (2794.39 GiB 3000.46 GB) Data Offset : 262144 sectors Super Offset : 8 sectors State : clean Device UUID : 3e6e9a4f:6c07ab3d:22d47fce:13cecfd0 Update Time : Tue Nov 13 20:34:18 2012 Checksum : f7d10db9 - correct Events : 27 Device Role : Active device 0 Array State : AA ('A' == active, '.' == missing) boot@boot ~ $ sudo mdadm -E /dev/sdj /dev/sdj: Magic : a92b4efc Version : 1.2 Feature Map : 0x0 Array UUID : 37ac1824:eb8a21f6:bd5afd6d:96da6394 Name : sojourn:33 Creation Time : Sat Nov 10 10:43:52 2012 Raid Level : raid1 Raid Devices : 2 Avail Dev Size : 5860271016 (2794.40 GiB 3000.46 GB) Array Size : 2930135360 (2794.39 GiB 3000.46 GB) Used Dev Size : 5860270720 (2794.39 GiB 3000.46 GB) Data Offset : 262144 sectors Super Offset : 8 sectors State : clean Device UUID : 7fb84af4:e9295f7b:ede61f27:bec0cb57 Update Time : Tue Nov 13 20:34:18 2012 Checksum : b9d17fef - correct Events : 27 Device Role : Active device 1 Array State : AA ('A' == active, '.' == missing) machine@user ~ dmesg | tail [ 61.785866] init: alsa-restore main process (2736) terminated with status 99 [ 68.433548] eth0: no IPv6 routers present [ 534.142511] EXT4-fs (sdi): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2838187772)! [ 534.142518] EXT4-fs (sdi): group descriptors corrupted! [ 546.418780] EXT2-fs (sdi): error: couldn't mount because of unsupported optional features (240) [ 549.654127] EXT3-fs (sdi): error: couldn't mount because of unsupported optional features (240) Since this is Raid 1 it was suggested that I try and mount or fsck the drives separately. After a long fsck on one drive, it ended with this as tail: Illegal double indirect block (2298566437) in inode 39717736. CLEARED. Illegal block #4231180 (2611866932) in inode 39717736. CLEARED. Error storing directory block information (inode=39717736, block=0, num=1092368): Memory allocation failed Recreate journal? yes Creating journal (32768 blocks): Done. *** journal has been re-created - filesystem is now ext3 again *** The drive however still doesn't want to mount: dmesg | tail [ 170.674659] md: export_rdev(sdc) [ 170.675152] md: export_rdev(sdc) [ 195.275288] md: export_rdev(sdc) [ 195.275876] md: export_rdev(sdc) [ 1338.540092] CE: hpet increased min_delta_ns to 30169 nsec [26125.734105] EXT4-fs (sdc): ext4_check_descriptors: Checksum for group 0 failed (43502!=37987) [26125.734115] EXT4-fs (sdc): group descriptors corrupted! [26182.325371] EXT3-fs (sdc): error: couldn't mount because of unsupported optional features (240) [27083.316519] EXT4-fs (sdc): ext4_check_descriptors: Checksum for group 0 failed (43502!=37987) [27083.316530] EXT4-fs (sdc): group descriptors corrupted! Please help me fix this. I never in my wildest nightmares thought a complete mirror would die this badly. Am I missing something? Suggestions on fixing this? Could someone explain why it would resync after the powerout, only to seemingly nuke the drive? Thanks for reading. Any help much appreciated. I've tried everything I can think of, including booting and filesystem checking with SystemRescue and Ubuntu liveboot discs.

    Read the article

  • Choice and setup of version control

    - by Peter M
    I am about to set up an new laptop and in the process transition to a new version control system as part of a general cleanup. Currently I use a centralized version control system (yes it is VSS, and yes I know all the pro's and con's of that system, but as a single user system it works well for me). I have very little requirements for a new system and I am free to choose among any of the current mainstream players, but cost constraints will push me towards oss. Some of my requirements are: Runs on a single machine (ie the laptop in question) under windows I am not sharing things with other developers or workers - this is more for my own historical benefits. I want to version source code, documentation and binary files I have a large hierarchy of projects that are unrelated (see below) I have files within the hierarchy that don't need to be controlled (but could be) Some projects use Visual Studio, so some integration there could be nice. There could be some sharing of files between jobs. I generally only need a small about of branching in code files The directory hierarchy that I have at the moment is somewhat like: Root | |--Customer #1 | | | |--Job #1 | | | | | |--Data files received from Customer for Job (not controlled) | | |--Documentation files (controlled) | | |--Project information files (not controlled - but could be) | | |--Software Project Files (controlled) | | |--Scratch dir for job (not controlled) | | | |--Job #2 | | (same structure as above) | |--Customer #2 | |.. | |--Cusmtomer #n |.. Currently I have about 22 customers with differing numbers of projects underneath them. At the moment I have a single VSS repository based at the root of the directory structure. If I kept with a centralized system (ie SVN) I believe that I should keep the same approach and continue with a single repository based from the root dir. Is this a valid approach? However if I move to a distributed tool then I am unsure of how I should handle the situation. My initial guess is that I should not have a repository based on the root of my entire directory structure - but that is a guess so I really don't know how valid it is. Should I pitch a distributed approach at the Root, Customer, Job or sub-Job directory level? Also what I am not clear on with distributed tools (and perhaps with SVN as well), is if I can branch parts of a repository. For example, I can see branching source code in software projects as being useful, but branching my documentation as not being useful. So if I pitch a repository at the Job level, can I just branch the Software Project Files? Or would all files in that Job be branched? Every time I look at distributed tools I get a nagging feeling that they are not suited to my style of setup. I am uncomfortable with idea of having to manually set up something like 50 to 80 separate repositories (if I pitch at the Job level, or 20+ if at the Customer level) within my directory hierarchy. This feeling also extends to having all those repositories scattered around as well - however I do have a backup strategy that I trust, so this latter feeling is pretty well unfounded. So what advice can you all give me? Thanks in advance!

    Read the article

  • ScriptAlias makes requests match too many Location blocks. What is going on?

    - by brain99
    We wish to restrict access on our development server to those users who have a valid SSL Client certificate. We are running Apache 2.2.16 on Debian 6. However, for some sections (mainly git-http, setup with gitolite on https://my.server/git/) we need an exception since many git clients don't support SSL client certificates. I have succeeded in requiring client cert authentication for the server, and in adding exceptions for some locations. However, it seems this does not work for git. The current setup is as follows: SSLCACertificateFile ssl-certs/client-ca-certs.crt <Location /> SSLVerifyClient require SSLVerifyDepth 2 </Location> # this works <Location /foo> SSLVerifyClient none </Location> # this does not <Location /git> SSLVerifyClient none </Location> I have also tried an alternative solution, with the same results: # require authentication everywhere except /git and /foo <LocationMatch "^/(?!git|foo)"> SSLVerifyClient require SSLVerifyDepth 2 </LocationMatch> In both these cases, a user without client certificate can perfectly access my.server/foo/, but not my.server/git/ (access is refused because no valid client certificate is given). If I disable SSL client certificate authentication completely, my.server/git/ works ok. The ScriptAlias problem Gitolite is setup using the ScriptAlias directive. I have found that the problem occurs with any similar ScriptAlias: # Gitolite ScriptAlias /git/ /path/to/gitolite-shell/ ScriptAlias /gitmob/ /path/to/gitolite-shell/ # My test ScriptAlias /test/ /path/to/test/script/ Note that /path/to/test/script is a file, not a directory, the same goes for /path/to/gitolite-shell/ My test script simply prints out the environment, super simple: #!/usr/bin/perl print "Content-type:text/plain\n\n"; print "TEST\n"; @keys = sort(keys %ENV); foreach (@keys) { print "$_ => $ENV{$_}\n"; } It seems that if I go to https://my.server/test/someLocation, that any SSLVerifyClient directives are being applied which are in Location blocks that match /test/someLocation or just /someLocation. If I have the following config: <LocationMatch "^/f"> SSLVerifyClient require SSLVerifyDepth 2 </LocationMatch> Then, the following URL requires a client certificate: https://my.server/test/foo. However, the following URL does not: https://my.server/test/somethingElse/foo Note that this only seems to apply for SSL configuration. The following has no effect whatsoever on https://my.server/test/foo: <LocationMatch "^/f"> Order allow,deny Deny from all </LocationMatch> However, it does block access to https://my.server/foo. This presents a major problem for cases where I have some project running at https://my.server/project (which has to require SSL client certificate authorization), and there is a git repository for that project at https://my.server/git/project which cannot require a SSL client certificate. Since the /git/project URL also gets matched agains /project Location blocks, such a configuration seems impossible given my current findings. Question: Why is this happening, and how do I solve my problem? In the end, I want to require SSL Client certificate authorization for the whole server except for /git and /someLocation, with as minimal configuration as possible (so I don't have to modify the configuration each time something new is deployed or a new git repository is added). Note: I rewrote my question (instead of just adding more updates at the bottom) to take into account my new findings and hopefully make this more clear.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 139 140 141 142 143 144 145 146 147 148 149 150  | Next Page >