Search Results

Search found 6525 results on 261 pages for 'restful authentication'.

Page 180/261 | < Previous Page | 176 177 178 179 180 181 182 183 184 185 186 187 | Next Page >

IIS NLB Web Farm to front Single Tomcat Instance

- by Brent Pabst

I've got a single Tomcat 6 server that hosts a JSP app. We just spun up a new IIS 7.5 web farm to host our other internal apps. Currently the machine that hosts Tomcat is also running IIS 7 with the ISAPI filter loaded to provide front-end handling for the JSP app. I'd like to move the IIS portion to the web farm to consolidate our IIS presence and let the Tomcat server just serve and run Java and Tomcat. Has anyone done this, is it even possible while ensuring session state is properly maintained? I had it up and running using the IIS Tomcat Connector http://tomcatiis.riaforge.org/ but after a while the communication between the boxes slowed and pages would not load. In addition it seemed like some of our authentication tickets were timing out. Thanks for any ideas or reference material!

Read the article
Easiest RPC client method in PHP

- by T.K.

I've been asked to help a friend's company to bring up a web application. I have very limited time and I reluctantly accepted the request, at one condition. As most of the logic goes on in the back-end, I suggested that I would finish the complete back-end only, allowing a front-end developer to simply interface with my backend. I plan to do the back-end in Java EE or Python (with Pylons). It does not really matter at this point. I plan to have my back-end completely ready and unit-tested, so that my input will hardly be needed after my work is done. I know they have a PHP programmer, but as far as I could tell he is a real rookie. I want him to basically interface with my backend's services in the easiest possible way, with no way of him "stuffing" it up. It's basically a CRUD-only application. I could implement the backend as accessible through a webservice such as XML-RPC or SOAP. Even a RESTful API could be possible. However, my main objective is to make something that complete "noob" PHP programmer can easily interface with without getting confused. Preferably I do not even want to talk to him because I generally have an extremely busy schedule, and doing "support calls" is not something I am willing to do. Which approach should I choose? I would welcome any suggestions and inputs!

Read the article
How do I use HttpWebRequest GET method w/ ContentType="application/json"

- by Stephen Patten

Hello, This one is real simple, run this Silverlight4 example with the ContentType property commented out and you'll get back a response from from my service in xml. Now uncomment the property and run it and you'll get an ProtocolViolationException, what should happen is the service returns JSON formatted data. HttpWebRequest wreq = (HttpWebRequest)WebRequestCreator.ClientHttp.Create(new Uri("http://stephenpattenconsulting.com/Services/GetFoodDescriptionsLookup(2100)")); //wreq.ContentType = "application/json"; wreq.BeginGetResponse((cb) => { HttpWebRequest rq = cb.AsyncState as HttpWebRequest; HttpWebResponse resp = rq.EndGetResponse(cb) as HttpWebResponse; // Exception StreamReader rdr = new StreamReader(resp.GetResponseStream()); string result = rdr.ReadToEnd(); rdr.Close(); }, wreq); EDIT: While perusing SO, I noticed similar posts, like this one Why am I getting ProtocolViolationException when trying to use HttpWebRequest? and this one How do I use HttpWebRequest with GET method EDIT: The WCF 4 end point is 'adapted' from this link http://geekswithblogs.net/michelotti/archive/2010/08/21/restful-wcf-services-with-no-svc-file-and-no-config.aspx. I can use Fiddler's request builder to to construct the proper requests and changing the content type does yield the correct results.

Read the article
How to make AD highly available for applications that use it as an LDAP service

- by Beaming Mel-Bin

Our situation We currently have many web applications that use LDAP for authentication. For this, we point the web application to one of our AD domain controllers using the LDAPS port (636). When we have to update the Domain Controller, this has caused us issues because one more web application could depend on any DC. What we want We would like to point our web applications to a cluster "virtual" IP. This cluster will consist of at least two servers (so that each cluster server could be rotated out and updated). The cluster servers would then proxy LDAPS connections to the DCs and be able to figure out which one is available. Questions For anyone that has had experience with this: What software did you use for the cluster? Any caveats? Or perhaps a completely different architecture to accomplish something similar?

Read the article
New Session Failed

- by PhilPursglove

We've started to see instances on our Intranet server where for any page the server just responds with the error page 'HTTP/1.1 New Session Failed'. It seems we can fix it by running IISRESET but this feels like we're only treating the symptom. The server is a virtualised server running IIS6 on Windows Server 2003 with 0.5Gb of RAM. Our Intranet is written in ASP, but we also have ASP.NET 2.0 applications running on the web site. The site is set up for Anonymous and Integrated Authentication. What causes IIS to get into this error state? Could the server be saturated with requests i.e. we need to scale out and move some applications onto another server? I've seen KB210842 but I'm not sure it applies as that is applicable to IIS 4

Read the article
Why would a FaceBook application "work" on a profile, but not a page?

- by edt

I made a FaceBook application that works fine on profiles, but I can't figure out how to get it to show on a FaceBook page. For example, after I visit the application canvas URL, allow the application, then edit application settings and "add" to box and tab view... I cannot click the "plus" symbol to the left of the tabs in order to add a tab for the application. It does not appear in the list of available applications. Meanwhile, the application is working/showing up on profiles with no issues. I DID check the "Installable to Pages" checkbox on the application (authentication tab) settings. What could cause this? Here is the application canvas URL: http://apps.facebook.com/russian_girls/

Read the article
How do I protect large file downloads through PHP and/or Apache?

- by Eric

We have some large files (1-8GB) that are not publicly accessible. Currently we're serving them up through a PHP script that buffers the files in 1MB chunks and writes it to the output. It's incredibly CPU intensive and slows the server down when only a few downloads are active. We want to move the file transfer work to Apache or a more efficient method. We are using cookie authentication. FTP downloads are out unless there's some way to authenticate FTP sessions through the existing PHP session cookie. Ideally we'd like something where we can use PHP to hide the link to the file while it passes off the file transfer work to Apache, which is no doubt far more efficient at HTTP file transfers than PHP. We want to be able to resume downloads as well. Any help is appreciated.

Read the article
X11 for apache user

- by fuenfundachtzig

We are using inkscape to convert SVG images uploaded to our server via a web form. For this inkscape offers a batch mode via the -z option, but this batch mode has a flaw: When inkscape is run by the apache user, it breaks saying $ inkscape -z -W drawing.svg X11 connection rejected because of wrong authentication. The application 'inkscape' lost its connection to the display localhost:11.0; most likely the X server was shut down or you killed/destroyed the application. If you do the same as a normal user you also get errors: Xlib: connection to "localhost:11.0" refused by server Xlib: PuTTY X11 proxy: MIT-MAGIC-COOKIE-1 data did not match (inkscape:24050): Gdk-CRITICAL **: gdk_display_list_devices: assertion `GDK_IS_DISPLAY (display)' failed 301.27942 But at least inkscape gives the correct answer (here the number stating the width of the image). Does somebody know how to make this also work for the apache user? Does it make sense to authorize apache to use X (if so how)? In any case it doesn't feel like the right solution...

Read the article
Sharepoint database connection issue after upgrade to SQL Server 2008 R2

- by Neil Hoff

I took a backup of all our Sharepoint WSS 3.0 databases and restored them to a new Windows 2008 R2 server. The new SQL server has the same name and IP address as the old one. The only difference between the two is the new one has SQL 2008 R2 and the old one has SQL 2005. When I navigate to the sharepoint url I get this error: Cannot connect to the configuration database. I checked the logs at this location: "%commonprogramfiles%/Microsoft Shared/web server extensions/12/Logs" and found this error: System.Data.SqlClient.SqlException: Login failed. The login is from an untrusted domain and cannot be used with Windows authentication. Any ideas?

Read the article
Lookup Active Directory entry by implicit UPN

- by Michael-O

In our company exists a forest-wide UPN suffix company.com and almost all user accounts have the explicit UPN set to [email protected]. This value is also set in the Active Directory userPrincipalName attribute. Now we have an application where users perform authentication through Kerberos. So we are given the Kerberos principal, i.e. implicit UPN. We'd like to look up that user and retrieve several LDAP attributes. Since iUPN and userPrincipalName do not match anymore, the lookup is not possible. Is there any "official" way to retrieve a mapping from the Active Direcory? My workaround is to perform a LDAP bind against the realm component and search for the sAMAccountName attribute which matches the user id component of the iUPN. Searching for the mere sAMAccountName in the forest is not possible because the value is unique in the domain only.

Read the article
subversion problem on mac os x

- by Mohsin Jimmy

This exists in my httpd.conf file: <Location /svn> DAV svn SVNParentPath /Users/iirp/Sites/svn Allow from all #AuthType Basic #AuthName "Subversion repository" #AuthUserFile /Users/iirp/Sites/svn-auth-file #Require valid-user </Location> This is working file When I change this to: <Location /svn> DAV svn SVNParentPath /Users/iirp/Sites/svn #Allow from all AuthType Basic AuthName "Subversion repository" AuthUserFile /Users/iirp/Sites/svn-auth-file Require valid-user </Location> and when I access my repository through URL, it gives me the authentication screen but after that screen my svn repository is not showing up correctly. to see message that it gives to me is: Internal Server Error The server encountered an internal error or misconfiguration and was unable to complete your request. Please contact the server administrator, [email protected] and inform them of the time the error occurred, and anything you might have done that may have caused the error. More information about this error may be available in the server error log.

Read the article
PostgreSQL under Mac OSX Lion. Wrong userpass?

- by Matt

I'm completely helpless, maybe you guys can help me out. I installed PostgreSQL under my new MacOSX Lion. When I try to connect to my localhost with pgAdminIII.app it says: Error connecting to the database: FATAL password authentication failed for user postgres I just have no idea what to do? Non of my passwords work. Neither my adminpass nor "postgres" nor anyhting else. I tried to install it again via the console where I found this helpful link: http://www.peerassembly.com/2011/08/...resql-on-lion/ However the problem is, that when I try to run createuser -a -d _postgres the same password problem appears again. I just can't seem to find a solution to this. Always wrong password. Btw. I have a new User called "PostgreSQL" on my machine after I installed postgres. Any ideas? I'm so stuck and I really need to make this work.

Read the article
RODC password replication and A/D sites and subnets

- by Gregory Thomson

I work at a school district with about 30 school sites. Windows 2008 A/D setup - all central at the district office. In A/D, all is under one site, and no subnets defined. One A/D forest and only one domain under that. We're now looking to start putting RODCs at the schools to put the authentication and DNS out there closer to them. I haven't worked with A/D sites and subnets, and only a little with RODC password replication. But just got an invite to a meeting to talk about this tomorrow... If we start breaking down the A/D pieces into sites/subnets, can we also use that as a way to help apply an RODC password replication policy in a way that matches so that only each school sites' users passwords are replicated/cached on their RODC?

Read the article
IIS cannot access itself

- by dave

We are on a corporate network that uses ISA and I am having issues trying to not have requests go through ISA. I have IIS7 on my local Windows 7 machine that has websites and a service layer. The websites access the service layer using a xxxx.servicelayer.local address that is set up in my HOSTS file to point to 127.0.0.1. I have Windows Firewall client which I have disabled. I have tried both adding this address into IE so that it does not go through ISA and also disabled this section altogether. When the website (which is actually IIS making the request to itself) tries to access the service layer I receive an ISA error that proxy authentication has failed. Considering that everything I can see to configure is set to not go through the proxy, ISA, I cannot see how this is actually going through the proxy and giving this error. Is there something within Windows 7 that forces the proxy setting, some sort of caching or similar?

Read the article
How to close the logon process named NtLmSsp ?

- by Aristos

I have a windows 2003 server and time to time I am getting many login failures like this one. Logon Failure: Reason: Unknown user name or bad password User Name: administrator Domain: xx.xx.xx.xx Logon Type: 3 Logon Process: NtLmSsp Authentication Package: NTLM Workstation Name: XLHOST Caller User Name: - Caller Domain: - Caller Logon ID: - Caller Process ID: - Transited Services: - Source Network Address: 173.45.70.100 <- hacker Source Port: 4722 AND Logon attempt by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 Logon account: user Source Workstation: XLHOST Error Code: 0xC0000064 The question is, how can I close this process of login ?, what I have left open and some one can try to login ? Some notes: I login to the server using tunneling, nothing is open except dns, email, and web ports, not even ftp, and all default ports are change and hidden. I also monitor port scan and capture any one that try to find the hidden ports. Probably it is something open... Thank you in advanced.

Read the article
Migrating LDAP user and password to SAMBA4 AD

- by Rudy Dajoh

As title suggests. We are migrating from OpenLDAP as user authentication to Samba 4 AD Domain. But I can't find any information on how to transfer passwords and users to Samba 4 AD. How to migrate all LDAP user base at ou=People,dc=company,dc=com to samba 4 AD domain? I don't need to assistance transferring everything, I only need to transfer user accounts. I've finished migrating them all but user/passwords. Can it be done? If so, how?

Read the article
Security Audit Failures in Event Viewer Windows Server 2008R2

- by Jacob

When I am looking at the security tab of my event viewer on a Windows Server 2008 R2, I am showing a ton of Audit Failures with Event ID 4776. The computer attempted to validate the credentials for an account. Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 Logon Account: randy Source Workstation: HPDB1 Error Code: 0xc0000064 I verified the account "randy" exist in my Active Directory. From my understanding, there has not been any recent password changes. Is there any way to get detailed information on this error? I am wondering what program is requesting this information. Also, is there any way to clear this error up? I was thinking about resetting the password and changing it back to the original.

Read the article
disable RADIUS for Cisco 2500 wireless controller

- by Tim Vaughan

I have a Cisco 2500 wireless controller and four lightweight access points. I want to use the controller to manage a wireless network secured by WPA only, without using RADIUS or anything else. We'll handle the authentication using a captive portal behind the access points. However, it seems like the controller's default security policy requires a RADIUS server and I can't find out how to switch the policy off. The documentation assumes I'm in an environment which needs heavy-duty security and the use case is actually a small charity/business with much less stringent security requirements. How do I disable the complicated security policy and instead run a simple one that just uses WPA?

Read the article
Accessing Windows 7 Printer from Ubuntu Linux via LPR/LPD or Samba

- by nitbuntu

Hi, I'm having difficulty printing from my Linux (Ubuntu 10.04) based PC to a printer connected to a Windows 7 machine. I was trying to connect using Samba (version 3.5.6) but this always brings up an authentication screen which never accepts any password I use. So I read somewhere that an alternative is to access the Windows printer via LPR/LPD. I added an LPR/LPD printer in Windows 7, but even within Windows 7, I am not able to print as the print que monitor shows as 'printer busy'. The printer in question is an Epson Stylus DX7400 and works fine when using the standard USB ports....but doesn't when I use with the LPR/LPD ports. I even opened up the TCP/IP port 515 in my McAfee firewall without any success. Any help with this would be highly appreciated. Additionally, does anyone have any idea how I can get Samba working for me?

Read the article
Configuring Redhat / CentOS 5 SSH to authenticate to IPA server with public keys

- by Kyle Flavin

I'm trying to configure some Red Hat/CentOS servers to use an ipa-server on CentOS 6 for SSH authentication with public keys. I'm storing the public keys on the IPA server, which works great on Centos6 using "AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys" in /etc/ssh/sshd_config. However, on RH 5.10, neither the "AuthorizedKeysCommand" directive or the "/usr/bin/sss_ssh_authorizedkeys" command exist to pull the public key from the directory. Is there a different way to make this work? Googling this mostly returns instructions for setting it up on 6.

Read the article
Domain model: should things like Logging, Audit, Persistence be in it

- by hom.tanks

I'm having a hard time convincing our architect that a Domain model should only have the essential elements of the business domain on it. Things like the fact that a class is persistable, that it needs logging and auditing and that it has a RESTful URI should not drive the domain model. They can be added later on, by using interfaces. Ours is a healthcare information management system. At the very coarse level, its a system where users login and access their healthcare information. They can share this information with others and be custodian for others' information (think Roles). But because of a few sound bytes that caught on early like "Everything should be a REST resource" the model now has a top level class called Resource that every other class extends from. I'm trying to make him see that the domain model should have well defined concepts like User Account, HealthDocument, UserRole etc which are distinct entities of the business , with specific associations between them. Clubbing everything under Resource class lets our model be inflexible besides being potentially incorrect. But he wants me to show him why its a bad idea to do it his way. I don't know how to articulate that properly but all my OO instincts tell me that its just not right. Any thoughts?

Read the article
AirPlay over unicast DNS-SD. Anyone got it working?

- by Moduspwnens

We set up AirPrint using unicast DNS-SD on our campus about a year ago and it turned out to be a big success, so we're looking at trying to get AirPlay working so our faculty and students can wirelessly show content on our classroom projectors. There are still a couple of other things preventing an ideal implementation (username and password authentication, for starters), but I've been trying to set up a working demo nonetheless. Getting AirPrint working was basically just a matter of advertising the same records over a DNS-SD domain instead of the multicast (.local) one, but doing the same thing for AirPlay doesn't seem to cut it. The devices don't recognize the DNS-SD AirPlay servers as available. I've uploaded a screenshot of my DNS-SD configuration with the original (from AirServer, which works normally for multicast) here. I realize this is still a fairly new feature and documentation is lacking, but has anyone been able to get AirPlay working via DNS-SD? If it simply only works over multicast, I can accept that, but its potential is so appealing for us that I thought it'd be worth asking if anyone else has figured it out.

Read the article
Solaris 10 opencsw git package issue with bitbucket git hosting

- by zephyrus00jp

Has anyone tried using `git' from opencsw package in order to work with bitbucket source hosting service (under solaris10)? I tried to use git as the bitbucket documentation explains, and - under Debian GNU/Linux, it worked flawlessly as described, but - under Solaris 10, I got Authentication Failed message. I even tried to run truss to see anything is suspicious but could not find any smoking gun under solaris why it failed. ldd git-binary didnd't show anything suspicious either (except for the libcrypt library which could be a suspicious to think about export restrictions. Have they shipped incompatible version? BUT since the password is typed into https: connection, I suspect it is only a matter of web-level cryptography and should be universal these days.) I am now tempted to compile git suite under solaris 10, but I did find people who seem to be using git with bitbucket under solaris 10 and am wondering what could be wrong.

Read the article
How to authenticate users in nested groups in Apache LDAP?

- by mark

I've working LDAP authentication with the following setup AuthName "whatever" AuthType Basic AuthBasicProvider ldap AuthLDAPUrl "ldap://server/OU=SBSUsers,OU=Users,OU=MyBusiness,DC=company,DC=local?sAMAccountName?sub?(objectClass=*)" Require ldap-group CN=MySpecificGroup,OU=Security Groups,OU=MyBusiness,DC=company,DC=local This works, however I've to put all users I want to authenticate into MySpecificGroup. But on LDAP server I've configured that MySpecificGroup also contains the group MyOtherGroup with another list of users. But those users in MyOtherGroup are not authenticated, I've to manually add them all to MySpecificGroup and basically can't use the nested grouping. I'm using Windows SBS 2003. Is there a way to configure Apache LDAP to do this? Or is there a problem with possible infinite recursion and thus not allowed?

Read the article
What's the difference between sudo su - postgres and sudo -u postgres?

- by Craig Ringer

PostgreSQL users peer authentication on unix sockets by default, where the unix user must be the same as the PostgreSQL user. So people frequently use su or sudo to become the postgres superuser. I often see people using constructs like: sudo su - postgres rather than sudo -u postgres -i and I'm wondering why. Similarly, I've seen: sudo su - postgres -c psql instead of sudo -u postgres psql Without the leading sudo the su versions would make some sense if you were on an old platform without sudo. But why on a less than prehisoric UNIX or Linux would you use sudo su ?

Read the article

< Previous Page | 176 177 178 179 180 181 182 183 184 185 186 187 | Next Page >