Search Results

Search found 62215 results on 2489 pages for 'http basic authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 18/2489 | < Previous Page | 14 15 16 17 18 19 20 21 22 23 24 25  | Next Page >

  • IIS Digest repeatedly asking for authentication

    - by David Budiac
    I have a development copy of an ASP.NET intranet site checked out and running on my local machine. We're using digest authentication to allow users to log in using their active directory accounts. On my development copy only, Digest sometimes will repeatedly prompt for login information usually ~9 times per page request. After repeatedly logging in (or it also works to cancel out of 8 out of the 9 prompts), I can use the site as normal. I cannot pinpoint what is triggering the issue. Sometimes this problem triggers upon the next page request, sometimes after I edited/saved/refreshed a page, and sometimes it doesn't happen at all. Each prompt triggers several logon (Event ID 4624 & 4672) security events in the Events Viewer. Shortly after each burst of logon events, I'll see a burst of logoff events (Event ID A co-worker who has a nearly an identical setup (Windows 7, IIS 7) is not experiencing the issue. Our production copy (that is running on a different server) also does not experience the issue. We've tried to compare our settings in IIS, not really finding any differences. I'm using chrome but I've experienced the issue in other browsers.

    Read the article

  • Joining Samba to Active Directory with local user authentication

    - by Ansel Pol
    I apologise that this is somewhat incoherent, but hopefully someone will be able to make enough sense of this to understand what I'm trying to achieve and provide pointers. I have a machine with two network interfaces connected to two different networks (one of which it's providing several other services for, such as DNS), running two separate instances of Samba, one bound to each interface. One of the instances is just a workgroup-style setup using share-level authentication, which is all working fine. The problem is that I'm looking to join the other instance to an MS Active Directory domain (provided by MS Windows Small Business Server 2003) to enable a subset of the domain users to access the shares from Windows machines on the other network. The users who need access from the domain environment have accounts (whose names are all-lowercase versions of their domain usernames) on the machine running Samba, but I'm not sure about how to map the UIDs and everything I've read concerns authenticating accounts on that machine against either AD or another LDAP server. To clarify: I only want the credentials for AD users accessing the non-workgroup Samba instance to be authenticated against AD, not the accounts on the machine running Samba. I hope this is sufficiently clear. EDIT: In addition to being able to access the Samba shares from AD, I do also need to be able to access a share on the domain from the machine running Samba but would still like everything non-Samba-related to authenticate locally.

    Read the article

  • How to cache authentication in Linux using PAM/Kerberos authentication (for CVS)?

    - by Calonthar
    We have several Linux servers that authenticate Linux user passwords on our Windows Active Directory Server using PAM and Kerberos 5. The Linux distro we use is CentOS 6. On one system, we have several Version Control Systems like CVS and Subversion, both of which authenticate users throug PAM, such that users can use their normal Unix resp. Windows AD accounts. Since we started using Kerberos for password authentication, we experienced that CVS on a client machine is often much slower in establishing a connection. CVS authenticates the user on every request (eg. cvs diff, log, update...). Is is possible to cache the credentials that kerberos uses, sucht that is does not need to ask the Windows AD server every time a user executes a cvs action? Our PAM config /etc/pam.d/system-auth looks like the following: auth required pam_env.so auth sufficient pam_unix.so nullok try_first_pass auth requisite pam_succeed_if.so uid >= 500 quiet auth sufficient pam_krb5.so use_first_pass auth required pam_deny.so account required pam_unix.so broken_shadow account sufficient pam_succeed_if.so uid < 500 quiet account [default=bad success=ok user_unknown=ignore] pam_krb5.so account required pam_permit.so password requisite pam_cracklib.so try_first_pass retry=3 password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok password sufficient pam_krb5.so use_authtok password required pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so session optional pam_krb5.so

    Read the article

  • IIS / Virtual Directory authentication.

    - by Chris L
    I have an IIS(v6)/Windows 2003/.Net 3.5(app code, libraries etc.) server hosting a website at www.mywebsite.com mapped to E:\Inetpub\wwwroot\mywebsite, we also have a virtual directory (VirtDir) mapped out to E:\Inetpub\wwwroot\mywebsite\files (although in theory this could be in a different directory or a separate machine) where we store a customer's files(a bunch of .pdf & .xls). Currently to access a file you can enter into the url something like: www.mywebsite.com/VirtDir/Customer/myFile.pdf and get access to the file. The problem is the user doesn't have to log into www.mywebsite.com to get access to the file, we would prefer them to log in first. We would like the user to login via the mywebsite and if valid, let them download files from the virtual directory. The www.mywebsite.com and VirtDir are separate sites on the same farm. Allow Anon Access, and Integrated Windows Authentication both enabled. I'm more of a developer and less of a Sys Admin, but hopefully I'm in the right spot, any help would be appreciated.

    Read the article

  • Losing Windows Authentication intermittently

    - by Mark Robinson
    I'm running a website on IIS6 / Server 2003 which uses Integrated Windows Authentication on a local intranet. I can browse to the site but get intermittent "Object null" errors when calling the following C# code which is called on every request: .... GetUserIdFromPrincipal(User) .... public static string GetUserIdFromPrincipal(IPrincipal principal) { return principal.Identity is WindowsIdentity ? (principal.Identity as WindowsIdentity).User.Value : principal.Identity.Name; } (Apologies for the code sample but was torn between SF and SO but think this is more to do with server config). So as the error is intermittent clearly Windows Auth is working on some level but after navigating around the site for several clicks I get the null reference error meaning IPrincipal is null (I thought this should never be null in ASP.NET). The error only happens on this newly built VM. The code is fine on other machines. Does IIS request the Windows Auth details on each request? What would cause such an intermittent problem? Any help or suggestions would be much appreciated.

    Read the article

  • How I can use the HTTP headers to indicate in the Response that possibility?

    - by Cris Hong Kong CRISHK
    Finally I accomplished to cache dynamic images, css, and javascript files using HTTP headers BUT I have a problem now: I have specific dynamic images that are equal but has different URL's. For example: http://example.com/image/src/the-same-image.jpg http://example.com/image/custom/src/the-same-image2.jpg 1 and 2 has the same file content but different URL. This is a problem now because the navigator assumes that the file are different and need to be cached (due to the URL), when the real cached file is only one. I have the possibility to know if the file at the URL's are the same. How I can use the headers to indicate in the Response that possibility, and the navigator will cache only one file?

    Read the article

  • MySQL based authentication with crypt()ed password fails in Apache 2.2

    - by Fester Bestertester
    I'm trying to set up a simple CalDAV/CardDAV server with a Radicale backend and an Apache 2.2 frontend. So far, it's all nice and simple, but I can't get the MySQL based authentication to work. I'd like to authenticate users against an existing MySQL database, and I need the REMOTE_USER variable to be set (pretty much like in the configuration examples for Radicale). I've tried mod_auth_mysql, which authenticated the users nicely, but failed to set the REMOTE_USER variable. The newer alternative seems to be mod_authn_dbd, which doesn't seem to like the crypted passwords in the MySQL database. According to the documentation, crypted passwords should work, so maybe I'm just missing a simple parameter. The configuration looks like this: DBDriver mysql DBDParams "sock=/var/run/mysqld/mysqld.sock dbname=myAuthDB user=myAuthUser pass=myAuthPW <Directory /> AllowOverride None Order allow,deny allow from all AuthName 'CalDav' AuthType Basic AuthBasicProvider dbd require valid-user AuthDBDUserPWQuery "SELECT crypt FROM myAuthTable WHERE id=%s" </Directory> I've tested the query, it works fine. And as mentioned before, mod_auth_mysql worked nicely against the same database, but didn't set the required variables. Am I just missing some configuration parameter? Or is mod_authn_dbd just not the right tool to achieve what I want?

    Read the article

  • Hudson authentication via wget is return http error 302

    - by Rafael
    Hello, I'm trying to make a script to authenticate in hudson using wget and store the authentication cookie. The contents of the script is this: wget \ --no-check-certificate \ --save-cookies /home/hudson/hudson-authentication-cookie \ --output-document "-" \ 'https://myhudsonserver:8443/hudson/j_acegi_security_check?j_username=my_username&j_password=my_password&remember_me=true' Unfortunately, when I run this script, I get: --2011-02-03 13:39:29-- https://myhudsonserver:8443/hudson/j_acegi_security_check? j_username=my_username&j_password=my_password&remember_me=true Resolving myhudsonserver... 127.0.0.1 Connecting to myhudsonserver|127.0.0.1|:8443... connected. WARNING: cannot verify myhudsonserver's certificate, issued by `/C=Unknown/ST=Unknown/L=Unknown/O=Unknown/OU=Unknown/CN=myhudsonserver': Self-signed certificate encountered. HTTP request sent, awaiting response... 302 Moved Temporarily Location: https://myhudson:8443/hudson/;jsessionid=087BD0B52C7A711E0AD7B8BD4B47585F [following] --2011-02-03 13:39:29-- https://myhudsonserver:8443/hudson/;jsessionid=087BD0B52C7A711E0AD7B8BD4B47585F Reusing existing connection to myhudsonserver:8443. HTTP request sent, awaiting response... 404 Not Found 2011-02-03 13:39:29 ERROR 404: Not Found. There's no error log in any of hudson's tomcat log files. Does anyone has any idea about what might be happening? Thanks.

    Read the article

  • Hudson authentication via wget is return http error 302

    - by Rafael
    I'm trying to make a script to authenticate in hudson using wget and store the authentication cookie. The contents of the script is this: wget \ --no-check-certificate \ --save-cookies /home/hudson/hudson-authentication-cookie \ --output-document "-" \ 'https://myhudsonserver:8443/hudson/j_acegi_security_check?j_username=my_username&j_password=my_password&remember_me=true' Unfortunately, when I run this script, I get: --2011-02-03 13:39:29-- https://myhudsonserver:8443/hudson/j_acegi_security_check? j_username=my_username&j_password=my_password&remember_me=true Resolving myhudsonserver... 127.0.0.1 Connecting to myhudsonserver|127.0.0.1|:8443... connected. WARNING: cannot verify myhudsonserver's certificate, issued by `/C=Unknown/ST=Unknown/L=Unknown/O=Unknown/OU=Unknown/CN=myhudsonserver': Self-signed certificate encountered. HTTP request sent, awaiting response... 302 Moved Temporarily Location: https://myhudson:8443/hudson/;jsessionid=087BD0B52C7A711E0AD7B8BD4B47585F [following] --2011-02-03 13:39:29-- https://myhudsonserver:8443/hudson/;jsessionid=087BD0B52C7A711E0AD7B8BD4B47585F Reusing existing connection to myhudsonserver:8443. HTTP request sent, awaiting response... 404 Not Found 2011-02-03 13:39:29 ERROR 404: Not Found. There's no error log in any of hudson's tomcat log files. Does anyone has any idea about what might be happening? Thanks.

    Read the article

  • http server implentation, the page does not show properly

    - by none
    well, as i am doing a small project of coding an http server. the code is at http://code.google.com/p/reactor/ the current puzzle is when asked to parse a page with java script and css. As an http server it just sends a page (copied from another website) and it parsed inproperly. when a simple html page is been parse , by my firefox, it shows ok, however when parsing a more complex page(css+javascript) the page is all wired like this : ???? ????? if(getCookie('pais999')==null){varisToplayerDouble="True";isToplayerDouble=(isToplayerDouble=="True")?true:falsevarToplayerCookieName='pais999';varTopLayerCookieExpiredDays=1;varToplayerLink='http://xads.zedo.com/ads2/c?a=239671;g=0;c=455000000;i=0;x=7168;n=455;s=0;k=http://www.pais.co.il/Pais/Games/Lotto/';varToplayerImpression='http://l4.zedo.com/log/p.gif?a=239671;c=455000000;x=7168;n=455;e=i;i=0;s=0;z='+Math.random();varToplayerBigPath='pais/January2007/98one_toplayer.swf';varToplayerSmallPath='pais/January2007/98one_reminder.swf';varToplayerBigWidth=1005;varToplayerBigHeight=500;varToplayerSmallWidth=100;varToplayerSmallHeight=100;varToplayerBigLeft=(0==0)?resWidth/2-ToplayerBigWidth/2:resWidth/2-ToplayerBigWidth/2+0varToplayerBigTop=0;varToplayerSmallLeft=resWidth-ToplayerSmallWidth-0;varToplayerSmallTop=0;varSecondsToChangeBigToSmall=15;}elseif(getCookie('NF999')==null){varisToplayerDouble="True";isToplayerDouble=(isToplayerDouble=="True")?true:falsevarToplayerCookieName='NF999';varTopLayerCookieExpiredDays=1;varToplayerLink='http://xads.zedo.com/ads2/c?a=238663;g=0;c=455000000;i=0;x=7168;n=455;s=0;k=http://www.new-pharm.co.il/SkiGame/?ToolID=OLJD8O';varToplayerImpression='http://l4.zedo.com/log/p.gif?a=238663;c=455000000;x=7168;n=455;e=i;i=0;s=0;z='+Math.random();varToplayerBigPath='NewFarm/Ski/995ONE_TopLayer_550x360.swf';varToplayerSmallPath='NewFarm/Ski/995ONE_Reminder_100x100.swf';varToplayerBigWidth=550;varToplayerBigHeight=360;varToplayerSmallWidth=100;varToplayerSmallHeight=100;varToplayerBigLeft=(0==0)?resWidth/2-ToplayerBigWidth/2:resWidth/2-ToplayerBigWidth/2+0varToplayerBigTop=0;varToplayerSmallLeft=resWidth-ToplayerSmallWidth-0;varToplayerSmallTop=0;varSecondsToChangeBigToSmall=15;}elseif(1==0){}$("divToplayerBig").style.width=ToplayerBigWidth;$("divToplayerBig").style.height=ToplayerBigHeight;$("divToplayerBig").style.left=resWidth/2-ToplayerBigWidth/2;$("divToplayerSmall").style.width=ToplayerSmallWidth;$("divToplayerSmall").style.height=ToplayerSmallHeight;$("divToplayerSmall").style.right=ToplayerSmallWidthvartopOff=0;if(ToplayerBigTop0)topOff=resHeight-ToplayerBigHeight+ToplayerBigTop;varisMain=false;#divToplayerBig{position:absolute;right:20px;bottom:1px;}bodydiv#divToplayerBig{position:fixed;}#divToplayerSmall{position:absolute;right:20px;bottom:10px;}bodydiv#divToplayerSmall{position:fixed;}????|??????LIVE|???????????|ONE???????|ONETV |????'??|BigONE|?????????| CrazyONE | where the source code of the html is : ONE:???:??????????????????????????? ????  ????? if(getCookie('pais999')==null){varisToplayerDouble="True";isToplayerDouble=(isToplayerDouble=="True")?true:falsevarToplayerCookieName='pais999';varTopLayerCookieExpiredDays=1;varToplayerLink='http://xads.zedo.com/ads2/c?a=239671;g=0;c=455000000;i=0;x=7168;n=455;s=0;k=http://www.pais.co.il/Pais/Games/Lotto/';varToplayerImpression='http://l4.zedo.com/log/p.gif?a=239671;c=455000000;x=7168;n=455;e=i;i=0;s=0;z='+Math.random();varToplayerBigPath='pais/January2007/98one_toplayer.swf';varToplayerSmallPath='pais/January2007/98one_reminder.swf';varToplayerBigWidth=1005;varToplayerBigHeight=500;varToplayerSmallWidth=100;varToplayerSmallHeight=100;varToplayerBigLeft=(0==0)?resWidth/2-ToplayerBigWidth/2:resWidth/2-ToplayerBigWidth/2+0varToplayerBigTop=0;varToplayerSmallLeft=resWidth-ToplayerSmallWidth-0;varToplayerSmallTop=0;varSecondsToChangeBigToSmall=15;}elseif(getCookie('NF999')==null){varisToplayerDouble="True";isToplayerDouble=(isToplayerDouble=="True")?true:falsevarToplayerCookieName='NF999';varTopLayerCookieExpiredDays=1;varToplayerLink='http://xads.zedo.com/ads2/c?a=238663;g=0;c=455000000;i=0;x=7168;n=455;s=0;k=http://www.new-pharm.co.il/SkiGame/?ToolID=OLJD8O';varToplayerImpression='http://l4.zedo.com/log/p.gif?a=238663;c=455000000;x=7168;n=455;e=i;i=0;s=0;z='+Math.random();varToplayerBigPath='NewFarm/Ski/995ONE_TopLayer_550x360.swf';varToplayerSmallPath='NewFarm/Ski/995ONE_Reminder_100x100.swf';varToplayerBigWidth=550;varToplayerBigHeight=360;varToplayerSmallWidth=100;varToplayerSmallHeight=100;varToplayerBigLeft=(0==0)?resWidth/2-ToplayerBigWidth/2:resWidth/2-ToplayerBigWidth/2+0varToplayerBigTop=0;varToplayerSmallLeft=resWidth-ToplayerSmallWidth-0;varToplayerSmallTop=0;varSecondsToChangeBigToSmall=15;}elseif(1==0){}$("divToplayerBig").style.width=ToplayerBigWidth;$("divToplayerBig").style.height=ToplayerBigHeight;$("divToplayerBig").style.left=resWidth/2-ToplayerBigWidth/2;$("divToplayerSmall").style.width=ToplayerSmallWidth;$("divToplayerSmall").style.height=ToplayerSmallHeight;$("divToplayerSmall").style.right=ToplayerSmallWidthvartopOff=0;if(ToplayerBigTop0)topOff=resHeight-ToplayerBigHeight+ToplayerBigTop;varisMain=false;#divToplayerBig{position:absolute;right:20px;bottom:1px;}bodydiv#divToplayerBig{position:fixed;}div#divToplayerBig{right:auto;bottom:auto;left:expression((-20-divToplayerBig.offsetWidth+(document.documentElement.clientWidth?document.documentElement.clientWidth:document.body.clientWidth)+(ignoreMe2=document.documentElement.scrollLeft?document.documentElement.scrollLeft:document.body.scrollLeft))+'px');top:expression((0-divToplayerBig.offsetHeight-topOff+(document.documentElement.clientHeight?document.documentElement.clientHeight:document.body.clientHeight)+(ignoreMe=document.documentElement.scrollTop?document.documentElement.scrollTop:document.body.scrollTop))+'px');}#divToplayerSmall{position:absolute;right:20px;bottom:10px;}bodydiv#divToplayerSmall{position:fixed;}div#divToplayerSmall{right:auto;bottom:auto;left:expression((-20-divToplayerSmall.offsetWidth+(document.documentElement.clientWidth?document.documentElement.clientWidth:document.body.clientWidth)+(ignoreMe2=document.documentElement.scrollLeft?document.documentElement.scrollLeft:document.body.scrollLeft))+'px');top:expression((0-divToplayerSmall.offsetHeight+(document.documentElement.clientHeight?document.documentElement.clientHeight:document.body.clientHeight)+(ignoreMe=document.documentElement.scrollTop?document.documentElement.scrollTop:document.body.scrollTop))+'px');}varisTopTrans=(ToplayerBigPath.indexOf("transparent")-1)?false:true;varisRemTrans=(ToplayerSmallPath.indexOf("transparent")-1)?false:true;vartop1session=3;vartop2session=5;InitToplayer(isTopTrans,isRemTrans);window.onload=StartToplayer;????|??????LIVE|???????????|ONE???????|ONETV |????'??|BigONE|?????????|  CrazyONE |????????????????????????????????????????????????????????19/01/07  19:30?????????????????????-?????:?????????????????????????19/01/07  18:43??????????????:??????????????????????19/01/07  17:41???:??????????????????????????????????19/01/07  16:49?????:??????"?????????????/?????1:2,??????"??????19/01/07  16:45????????????????????????????,?????2.5???????????????19/01/07  16:37???????:???"?????????????????-19:30?????????????19/01/07  14:32?????"?????????-18:30?????????"????????,????'??????19/01/07  14:45????????????????????????????????"?:??????????????19/01/07  14:37??????????:??????????????????????????????0:019/01/07  13:46varswfPeleSmall=newSWFObject("http://images.one.co.il/images/PeleEmulator/emulator_pelephone_01a.swf","peleSmall",160,470,"6","#FFFFFF");swfPeleSmall.addParam("quality","high");swfPeleSmall.addParam("wmode","transparent");swfPeleSmall.write("divPeleSmall");varswfPeleBig=newSWFObject("http://images.one.co.il/images/PeleEmulator/emulator_pelephone_02d.swf","peleBig",400,470,"6","#FFFFFF");swfPeleBig.addParam("quality","high");swfPeleBig.addParam("wmode","transparent");swfPeleBig.write("divWithBig");???:???????????????????????????????????????-ONE????????????????????????????????????????????.????????,???????????1:2,?????????????:"???????????"DisplayFlash("W_S_round_border_pic.swf","156","201","1","style=position:absolute");?????????????????????????(??????)?????????                          19/01/20077:26???????????????(????)????????????????????????????6:3,5:7?-5:7???????????????????????,???????23?????.?????,????????????????????????????????,???????????????????????????????????????????,????????????????????.??????????????????????????,??????????????????????????.????????????????????????????-1:1?????????.?????????????????????????????'?????????????????????????????.?????????????.???????????????????????????????(16???????),???????????????????????????????????????3???????,???????????????????????.????????- (only part of of the page presentation in firefox and page source html) why is it happening? what is midding in the http response? StringBuffer tResponse = new StringBuffer(); tResponse.append("HTTP/1.1 200 OK\n"); tResponse.append("Date: "+new Date().toString() +'\n'); tResponse.append("server: http-reactor/0.1-dev\n"); tResponse.append("last-Modified:"+ d.toString() +'\n'); tResponse.append("Content-Type: text/html; charset=windows-1255\n"); tResponse.append("Accept-Language: he; q=1.0, en; q=0.5:); tResponse.append("Content-Length: "+tFileContent.length()+'\n'); tResponse.append('\n'); tResponse.append(tFileContent); public StringBuffer FetchData(String FileName) throws FileNotFoundException{ StringBuffer tFileContent = new StringBuffer(); if (FileName.contains("../")) throw new SecurityException(); if (FileName.equals("/")) FileName = "\\index.html"; FileName.replace('/', '\\'); File f = new File(_root + FileName); Scanner scanner = new Scanner(f); while(scanner.hasNext()) tFileContent.append(scanner.next()); return generateResponse(tFileContent,f.lastModified()); } private StringBuffer generateResponse(StringBuffer tFileContent, long l) { StringBuffer tResponse = new StringBuffer(); Date d = new Date(l); tResponse.append("HTTP/1.1 200 OK\n"); tResponse.append("Date: "+new Date().toString() +'\n'); tResponse.append("server: http-reactor/0.1-dev\n"); tResponse.append("last-Modified:"+ d.toString() +'\n'); tResponse.append("Content-Type: text/html; charset=windows-1255\n"); tResponse.append("Accept-Language: he; q=1.0, en; q=0.5:); tResponse.append("Content-Length: "+tFileContent.length()+'\n'); tResponse.append('\n'); tResponse.append(tFileContent); return tResponse; }

    Read the article

  • Performing user authentication in a CodeIgniter controller constructor?

    - by msanford
    In "The Clean Code Talks -- Unit Testing" (http://youtu.be/wEhu57pih5w), Miško Hevery mentions that "as little work as possible should be done in constructors [to make classes more easily testable]'. It got me thinking about the way I have implemented my user authentication mechanism. Having delved into MVC development through CodeIgniter, I designed my first web application to perform user authentication for protected resources in controllers' constructors in cases where every public function in that controller requires the user to be authenticated. For controllers with public methods having mixed authentication requirements, I would naturally move the authentication from the constructor to each method requiring authentication (though I don't currently have a need for this). I made this choice primarily to keep the controller tight, and to ensure that all resources in the controller are always covered. As for code longevity and maintainability: given the application structure, I can't foresee a situation in which one of the affected controllers would need a public method that didn't require user authentication, but I can see this as a potential drawback in general with this implementation (i.e., requiring future refactoring). Is this a good idea?

    Read the article

  • Is HTTP 404 appropriate for out of range page number on paged content?

    - by WooYek
    I have a site that is mainly showing a paged list of content (articles, data element's, etc.), and I'm wondering about returning HTTP 404 when user navigates outside of the available list range. Some sites just display "No results/Page number out of range" and some return additionally return HTTP 404 status. What's your take on that, and why? UPDATE It's not and api response. This question is in regard to user viewed pages that among other things show a list/table in the main area.

    Read the article

  • HTTP 401 Challenge and HTTP 302 Login/Redirect won't work together in IIS7

    - by RandomBen
    I am developing a website using .NET 3.5 that allow users to visit the site and create logins using the standard Microsoft login controls. However, users do not need to login to do general things like view products. Now I need to setup the site so some of our Traveling Sales people are able to access it but not allow anyone else to access it. The easiest way I know how to do this is to turn on Windows Authentication for the Site in IIS7. When I do that I get all sorts of errors due to also having Forms Authentication turned on. If I turn Forms Auth then I get a different kind of error. Does anyone know how to make Forms Auth and Windows Auth play nice on a single site in IIS7 or some other way to create a required login without having me kill Forms Auth?

    Read the article

  • Samba with remote LDAP authentication doesn`t see users properly

    - by LucasBr
    I'm trying to setup a samba server authenticated by a remote LDAP server, and I'm having some problems that I can't figure how to solve. I was able to make an getent passwd at samba server and I could see all users at ldapserver, but when I tried to access \\SAMBASERVER at my windows box I had this at the /var/log/samba/log.mywindowsbox: <...snip...> [2012/10/19 13:05:22.449684, 2] smbd/sesssetup.c:1413(setup_new_vc_session) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2012/10/19 13:05:22.449692, 3] smbd/sesssetup.c:1212(reply_sesssetup_and_X_spnego) Doing spnego session setup [2012/10/19 13:05:22.449701, 3] smbd/sesssetup.c:1254(reply_sesssetup_and_X_spnego) NativeOS=[] NativeLanMan=[] PrimaryDomain=[] [2012/10/19 13:05:22.449717, 3] libsmb/ntlmssp.c:747(ntlmssp_server_auth) Got user=[lucas] domain=[BUSINESS] workstation=[MYWINDOWSBOX] len1=24 len2=24 [2012/10/19 13:05:22.449747, 3] auth/auth.c:216(check_ntlm_password) check_ntlm_password: Checking password for unmapped user [BUSINESS]\[lucas]@[MYWINDOWSBOX] with the new password interface [2012/10/19 13:05:22.449759, 3] auth/auth.c:219(check_ntlm_password) check_ntlm_password: mapped user is: [SAMBASERVER]\[lucas]@[MYWINDOWSBOX] [2012/10/19 13:05:22.449773, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2012/10/19 13:05:22.449783, 3] smbd/uid.c:429(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2012/10/19 13:05:22.449791, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2012/10/19 13:05:22.449922, 2] lib/smbldap.c:950(smbldap_open_connection) smbldap_open_connection: connection opened [2012/10/19 13:05:23.001517, 3] lib/smbldap.c:1166(smbldap_connect_system) ldap_connect_system: successful connection to the LDAP server [2012/10/19 13:05:23.007713, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2012/10/19 13:05:23.007733, 3] auth/auth_sam.c:399(check_sam_security) check_sam_security: Couldn't find user 'lucas' in passdb. [2012/10/19 13:05:23.007743, 2] auth/auth.c:314(check_ntlm_password) check_ntlm_password: Authentication for user [lucas] -> [lucas] FAILED with error NT_STATUS_NO_SUCH_USER [2012/10/19 13:05:23.007760, 3] smbd/error.c:80(error_packet_set) error packet at smbd/sesssetup.c(111) cmd=115 (SMBsesssetupX) NT_STATUS_LOGON_FAILURE [2012/10/19 13:05:23.010469, 3] smbd/process.c:1489(process_smb) Transaction 3 of length 142 (0 toread) <...snip...> /etc/samba/smb.conf file follows: [global] dos charset = 850 unix charset = LOCALE workgroup = BUSINESS netbios name = SAMBASERVER bind interfaces only = true interfaces = lo eth0 eth1 smb ports = 139 hosts deny = All hosts allow = 192.168.78. 192.168.255. 127.0.0.1 10.149.122. 192.168.0. name resolve order = wins bcast hosts log level = 3 syslog = 0 log file = /var/log/samba/log.%m max log size = 100000 domain logons = No wins support = Yes wins proxy = No client ntlmv2 auth = Yes lanman auth = Yes ntlm auth = Yes dns proxy = Yes time server = Yes security = user encrypt passwords = Yes obey pam restrictions = Yes ldap password sync = Yes unix password sync = Yes passdb backend = ldapsam:"ldap://192.168.78.206" ldap ssl = off ldap admin dn = uid=root,ou=Users,dc=business,dc=intranet ldap suffix = ldap group suffix = ou=Groups ldap user suffix = ou=Users ldap machine suffix = ou=Computers ldap idmap suffix = ou=Idmap ldap delete dn = Yes add user script = /usr/sbin/smbldap-useradd -m "%u" delete user script = /usr/sbin/smbldap-userdel "%u" add group script = /usr/sbin/smbldap-groupadd -p "%g" delete group script = /usr/sbin/smbldap-groupdel "%g" add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" add machine script = /usr/sbin/smbldap-useradd -W -t5 "%u" idmap backend = ldap:"ldap://192.168.78.206" idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 load printers = No printcap name = /dev/null map acl inherit = Yes map untrusted to domain = Yes enable privileges = Yes veto files = /lost+found/ /publicftp/ So, \\SAMBASERVER says he couldn't find my user, but I can see it by getent passwd . What I can do in order to SAMBASERVER see and authenticate my user? Thanks in advance!

    Read the article

  • Real time embeddable http server library required

    - by Howard May
    Having looked at several available http server libraries I have not yet found what I am looking for and am sure I can't be the first to have this set of requirements. I need a library which presents an API which is 'pipelined'. Pipelining is used to describe an HTTP feature where multiple HTTP requests can be sent across a TCP link at a time without waiting for a response. I want a similar feature on the library API where my application can receive all of those request without having to send a response (I will respond but want the ability to process multiple requests at a time to reduce the impact of internal latency). So the web server library will need to support the following flow 1) HTTP Client transmits http request 1 2) HTTP Client transmits http request 2 ... 3) Web Server Library receives request 1 and passes it to My Web Server App 4) My Web Server App receives request 1 and dispatches it to My System 5) Web Server receives request 2 and passes it to My Web Server App 6) My Web Server App receives request 2 and dispatches it to My System 7) My Web Server App receives response to request 1 from My System and passes it to Web Server 8) Web Server transmits HTTP response 1 to HTTP Client 9) My Web Server App receives response to request 2 from My System and passes it to Web Server 10) Web Server transmits HTTP response 2 to HTTP Client Hopefully this illustrates my requirement. There are two key points to recognise. Responses to the Web Server Library are asynchronous and there may be several HTTP requests passed to My Web Server App with responses outstanding. Additional requirements are Embeddable into an existing 'C' application Small footprint; I don't need all the functionality available in Apache etc. Efficient; will need to support thousands of requests a second Allows asynchronous responses to requests; their is a small latency to responses and given the required request throughput a synchronous architecture is not going to work for me. Support persistent TCP connections Support use with Server-Push Comet connections Open Source / GPL support for HTTPS Portable across linux, windows; preferably more. I will be very grateful for any recommendation Best Regards

    Read the article

  • Use of WebDAV to access OWA (exchange 2003) mails with Basic authentication and SSL

    - by Mayuresh
    I have got a working C# code for accessing OWA mails using WebDAV against a FBA enabled exchange 2003 (http://support.microsoft.com/kb/891748/en-us/) But my client's OWA (exchange 2003) has Basic authentication and SSL (i-e when I try to access the web mail link through browser I get a grey login box instead of a web page I can log into the mail box once I enter the correct details) But my same fails with a 401 error against this mailbox. I got the simple request working for the Basic authentication using – String usernamePassword = strUserName + ":" + strPassword; WebReq.Headers.Add("Authorization", "Basic " + Convert.ToBase64String(new ASCIIEncoding().GetBytes(usernamePassword))); But the subsequent WebDAV SEARCH request fails with 404 (resource not found) error. Can we use WebDAV against an exchange 2k3 with SSL and Basic authentication?

    Read the article

  • How do I stack Plack authentication handlers?

    - by Schwern
    I would like to have my Plack app try several different means of authorizing the user. Specifically, check if the user is already authorized via a session cookie, then check for Digest authentication and then fall back to Basic. I figured I could just enable a bunch of Auth handlers in the order I wanted them to be checked (Session, Digest, Basic). Unfortunately, the way that Plack::Middleware::Auth::Digest and Plack::Middleware::Auth::Basic are written they both return 401 if digest or basic auth doesn't exist, respectively. How is this normally dealt with in Plack?

    Read the article

  • Visual Basic and C++

    - by Hamdy Elgammal
    Hello there, I was reading a little into Visual Basic and it seemed a rather simple way to implement some GUI...So I was looking for a way to interface my C++ code to a Visual Basic snippet of code. For example, receive input from a Visual Basic app and send it over to C++ code to continue the logic of the program based on the input of that event.

    Read the article

  • Intermittently, IIS7 requests get stuck in WindowsAuthenticationModule

    - by rbeier
    Hi, We're running an IIS7 server hosting several dozen websites. Several of these websites are all part of the same legacy app we've developed. These sites all run the same code and run in the same app pool. Roughly once a month over the past few months, we've found that all requests for this app pool start hanging indefinitely. When this happens, we receive an alert and we recycle the app pool. After that, the sites start working again. This only ever affects this one app pool - never any others on the same server. A couple times, before recycling the pool, I've looked at the currently-executing requests in the worker process. They all show up as executing inside the WindowsAuthenticationModule. Which is strange, because the vast majority of the application does not require authentication. There is a small admin section which uses Windows auth... but all the other requests should be anonymous. Does anyone have any idea as to what might be causing this? There are several unusual things about the way these sites are set up. As I mentioned, they all run the same code - multiple sites point at the same physical directory. The only difference is the host header bindings. I'm not sure why there isn't just one site with all the host headers, but that's how it works. In several of these sites, the same physical directory is mapped at two levels - as the root of the site and again as an application within the site. So if a user goes to http://oursite.com/index.aspx, that maps to c:\files\oursite\index.aspx. If a user goes to http://oursite.com/foo/index.aspx, that also maps to c:\files\oursite\index.aspx. I think there is code which looks at the request URL and handles the two requests differently. This is strange because the same web.config ends up being interpreted as a site config file, and also as an application config file within the site. I don't know if this might be related to the authentication problem. If we can't find the cause, we're thinking of a few workarounds we could try: Move the admin section into a separate site, and give the client a new admin URL. Run that separate site in its own app pool. Then in the web.config shared by all the other sites, remove the WindowsAuthenticationModule. That way there should be no possibility of a hang within the WindowsAuthenticationModule. Try running all these sites in the classic pipeline instead of the integrated pipeline. They were working fine on our old IIS6 server... (If we get desperate) Set up a watchdog script which monitors the sites and auto-recycles the app pool when it detects that requests are getting stuck. What do you think? Thanks for your help, Richard

    Read the article

  • Can I set a default domain for a Windows Authenticated website in IIS7?

    - by Michael Haren
    I have an intranet site using Windows Authentication. When users are prompted for credentials, they enter: User: domain\username Pass: SomePassword It'd be nice if they could leave off the domain\ part which would be filled in with a default domain. I'm willing to give up the ability to login with a server/machine account (non-domain) because we don't use that anyway. This seems to be possible with BasicAuth but I can't seem to find a reference for how to do it with WindowsAuth.

    Read the article

  • Is it possible to integrate Computer Associates SiteMinder with SQLServer?

    - by Scott Weinstein
    We have a MS SQL BI stack which the standards group wants us to move to "WebSSO" which is based on Computer Associates SiteMinder/netegrity product. I figure integrating the web component won't be too hard, but we have users which connect to the Database directly - currently using Windows Authentication. Is is possible to itegrate Computer Associates SiteMinder with SQL Server? With SSAS? If so, how much effort is involved?

    Read the article

  • Intermittently, IIS7 requests get stuck in WindowsAuthenticationModule

    - by Richard Beier
    We're running an IIS7 server hosting several dozen websites. Several of these websites are all part of the same legacy app we've developed. These sites all run the same code and run in the same app pool. Roughly once a month over the past few months, we've found that all requests for this app pool start hanging indefinitely. When this happens, we receive an alert and we recycle the app pool. After that, the sites start working again. This only ever affects this one app pool - never any others on the same server. A couple times, before recycling the pool, I've looked at the currently-executing requests in the worker process. They all show up as executing inside the WindowsAuthenticationModule. Which is strange, because the vast majority of the application does not require authentication. There is a small admin section which uses Windows auth... but all the other requests should be anonymous. Does anyone have any idea as to what might be causing this? There are several unusual things about the way these sites are set up. As I mentioned, they all run the same code - multiple sites point at the same physical directory. The only difference is the host header bindings. I'm not sure why there isn't just one site with all the host headers, but that's how it works. In several of these sites, the same physical directory is mapped at two levels - as the root of the site and again as an application within the site. So if a user goes to http://oursite.com/index.aspx, that maps to c:\files\oursite\index.aspx. If a user goes to http://oursite.com/foo/index.aspx, that also maps to c:\files\oursite\index.aspx. I think there is code which looks at the request URL and handles the two requests differently. This is strange because the same web.config ends up being interpreted as a site config file, and also as an application config file within the site. I don't know if this might be related to the authentication problem. If we can't find the cause, we're thinking of a few workarounds we could try: Move the admin section into a separate site, and give the client a new admin URL. Run that separate site in its own app pool. Then in the web.config shared by all the other sites, remove the WindowsAuthenticationModule. That way there should be no possibility of a hang within the WindowsAuthenticationModule. Try running all these sites in the classic pipeline instead of the integrated pipeline. They were working fine on our old IIS6 server... (If we get desperate) Set up a watchdog script which monitors the sites and auto-recycles the app pool when it detects that requests are getting stuck. What do you think? Thanks for your help, Richard

    Read the article

  • Problems with cross forest authentication in SQL Reporting

    - by chunkyb2002
    We're currently running an SQL 2008 R2 Cluster with Reporting Services running, all for use with System Center Operations Manager 2007 R2 (RU3). Our users are on a different domains to the SCOM and SQL servers (we have two domains as we are in the process of a domain migration) We have no problems at all with users accessing reports via the SCOM Console or the Web interface if they are on the new domain which runs at 2008 R2 functional level. However users on the old domain (which runs at a 2003 functional level) cannot access reports on SCOM or via the web interface (http://sqlserver/reports) The error we get is: An error occurred when invoking the authorization extension. (rsAuthorizationExtensionError) For more information about this error navigate to the report server on the local server machine, or enable remote errors Taking the errors advise we logged on to the SQL server as a user on the old domain (which works fine!) and then try to authenticate with the reporting via the web interface which produces this most useful of errors: An error occurred when invoking the authorization extension. (rsAuthorizationExtensionError) The creator of this fault did not specify a Reason. Things we've tried: Recreating the trust between domains Ensuring the SQL Reporting service account was a member of Windows Authorization Access Group on the 2003 domain Added users on the 2003 domain explicitly to the Reporting Users group on the SQL Server Has anyone come across this issue before perhaps in a different scenario? If so how was it resolved? Thanks in advance for any help.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 14 15 16 17 18 19 20 21 22 23 24 25  | Next Page >