Search Results

Search found 6525 results on 261 pages for 'restful authentication'.

Page 185/261 | < Previous Page | 181 182 183 184 185 186 187 188 189 190 191 192 | Next Page >

Dediced server for all network functions?

- by Alan

I want to set up a fictional network configuration for a school in my neighborhood. They have about 50 computers altogether, 2X20 in computer rooms for students and another 10 scattered around for various professors. They should all access the internet through a dedicated Linux router machine. What they would like is to have domain names for those three computer groups. Lab1, Lab2 and Professors. The computers in Lab2 and Lab1 should have static ip and should all be named by numbers. So there should be 1@Lab1, 2@Lab1.... etc. And the Professors network should have a DHCP, with authentication. Is it an ok solution to have all these functions on a single server? (The one which will be used as a router) Do I have to set a local DNS for domain naming? Do the host names for Lab computers have to be set on the clients, or can they be automatically assigned?

Read the article
How do i change the property of jaxrs endpoint to support "mtom"

- by rocwing

I created a RESTful web service, and i want to send binary files to this service without soap. There are some information on CXF website: link text But i can't find a way to get the CXF jaxrs endpoints,and set an "mtom-enabled" property. My Spring config is: <jaxrs:server id="fis" address="http://172.20.41.40:8080/fis"> <jaxrs:serviceBeans> <ref bean="FaultInfoResource" /> <ref bean="ExplorationResultResource" /> </jaxrs:serviceBeans> </jaxrs:server> <bean id="FaultInfoService" parent="baseService" class="com.dfe.demo.FaultInfoService"> </bean> <bean id="FaultInfoResource" class="com.dfe.demo.FaultInfoResource"> <property name="faultInfoService" ref="FaultInfoService"/> </bean> And i server class is: ClassPathXmlApplicationContext ctx = new ClassPathXmlApplicationContext(new String[]{"com/dfe/iss/config/applicationContext.xml","com/dfe/demo/yearlyplan/cxf-servlet.xml"}); JAXRSServerFactoryBean fib = (JAXRSServerFactoryBean)ctx.getBean("fis"); fib.create();

Read the article
how to make SFTP work on Windows

- by cyberkiwi

What is the correct way to set up sshwindows for SSH key authentication? Does the user need to be created in Windows first or can a login be inserted into passwd without a Windows equivalent? I've searched on Google and have tried the tutorials and quick start guides. So far, exactly 0 have worked. None pointed out that to work in Windows 2008 R2, you need to change the properties of cygrunsrv.exe to "Windows XP SP3" compability mode to even get past the service startup "error 1067". Although it is running, no amount of configuration allowed me to log on to the SFTP server, even though I tried (from another machine): same user account added using "mkpasswd" + windows password same user account added using "mkpasswd" + public ssh key (added to /home/theuser/.ssh) On Windows 2003 R2 (a different attempt), the service would crash every time it started up. Some links I went through http://pigtail.net/LRP/printsrv/cygwin-sshd.html http://forevergeeks.com/how-to-setup-a-secure-ftp-sftp-site-with-openssh-on-windows/ http://support.moonpoint.com/os/windows/server2003/openssh-service-not-starting.html

Read the article
IIS7 folder permissions

- by Eanna

I build a basic WCF service that I now want to host in IIS7 under Windows Server 2008 R2. I added the service as an application under the default web site but whenever i try to run the application I get the following error: HTTP Error 500.19 - Internal Server Error The requested page cannot be accessed because the related configuration data for the page is invalid. Config Error - Cannot read configuration file due to insufficient permissions The only way I can get this service working is if i choose to "connect as" the server Administrator when adding the service. the "application user (pass-through authentication)" option does not seem to work. Could anyone help me out, I've just started using IIS7 and have no idea what to do... Thanks

Read the article
Spam mail through SMTP and user spoofing

- by Josten Moore

I have noticed that it's possible to telnet into a mailserver that I own and send spoofed messages to other clients. This only works for the domain that the mail server is regarding; I cannot do it for other domains. For example; lets say that I own example.com. If I telnet example.com 25 I can successfully send a message to another user without authentication: HELO local MAIL FROM: [email protected] RCPT TO: [email protected] DATA SUBJECT: Whatever this is spam Spam spam spam . I consider this a big problem; how do I secure this?

Read the article
Extend university wifi network [migrated]

- by asfasdoiuh ouhouhouh

i live in a university campus and i can get wifi signal on the outside of my window but not in the house. The solution i use at the moment is a usb wifi dongle outside connected to my laptop but the lack of an internal antenna make the connection quite unreliable at times. So i was trying to find another solution to improve the reception of my network. One idea is to setup a router on the outside (in a place with stronger signal) and redirect the connection inside the house with an ethernet cable but the problem is that our Uni Wifi is managed by a capitve portal (BlueSocket with DNS redirection to login page) and the authentication has to happen on the mac address that connect to the net (so the client appliance in this case). If I use a router with Mac-Clone capability i will be able to be redirected trough the captive portal on my laptop computer and login from there or i need to setup my router to fill in the login page by itself? There are other hardware/software solutions i can use to get what i want? Thank you all

Read the article
Client-side certificates

- by walshms

My company purchased a wildcard certificate from a vendor. This certificate was successfully configured with Apache 2.2 to secure a subdomain. Everything on the SSL side works. Now I'm required to generate x509 client-side certificates to issue for this subdomain. I'm following along this page: (http://www.vanemery.com/Linux/Apache/apache-SSL.html), starting with "Creating Client Certificates for Authentication". I've generated the p12 files and successfully imported them into Firefox. When I browse to the site now, I get an error in FireFox that says "The connection to the server was reset while the page was loading." I think my problem is coming from not signing the client-side correctly. When I sign the client-side certificate, I'm using the PEM file (RapidSSL_CA_bundle.pem) from RapidSSL (who we bought the certificate from) for the -CA argument. For the -CAkey argument, I'm using the private key of the server. Is this correct?

Read the article
Apache Request IP Based Security

- by connec

I run an Apache server on my home system that I've made available over the internet as I'm not always at my home system. Naturally I don't want all my home server files public, so until now I've simply had: Order allow, deny Deny from all Allow from 127.0.0.1 in my core configuration and just Allow from all in the htaccess of any directories I wanted publicly viewable. However I've decided a better system would be to centralise all the access control and just require authentication (HTTP basic) for requests not to 127.0.0.1/localhost. Is this achievable with Apache/modules? If so how would I go about it? Cheers.

Read the article
WLC 4400. Get IP

- by Edward Connelly

I have three SSID. one is a guest network and I'm having problems with lease times. Its set for web authentication so it passes IPs out even if someone doesn't try and authenticate. Is there a way to get that IP back and not hand another to that mac for a period of time? Poor planning and we didn't allocate enough address space, and we are sandwitched. We could go with another address, but we would have to reconfig lots. since its guest its vlan'd with no access to anthing but the firewalls. would have to change ACLs and routes and interfaces. if it isn't possible we will just have to go that route, just thought there might be an easier solution. session timeout is enabled with 1 hr lease time is set to 4 hrs. no helper DHCP and internal DHCP is set with the space split across three WLCs (60 waps split across those as well).

Read the article
Apache mod_setenvif Server_Addr

- by user18330

I have an Apache server in a DMZ, reachaable on the LAN from 192.168.1.1, public 123.456.789.123. I'm trying to get it to require authentication if the inbound hits are coming from the public side. This doesn't seem to work: SetEnvIf SERVER_ADDR 123.456.789.123 local_nic=1 <Location /junk> Order Deny,Allow AuthName "Access required" AuthType Basic AuthUserFile /etc/httpd/conf/htpasswd Require valid-user </Location> What am I doing wrong? Sorry, HTML tags were wiping out my Apache directives.

Read the article
Multiple connections to the same Wireless Network in Windows 7

- by Jamek

Hello, my university just limited bandwidth to 512 kbps (that's 64 kB/s!) for each connection. I was thinking to make multiple connection to the same wireless network (called "internet"), is this possible under Windows 7? I know it's possible to connect to more than one WLAN through the "hostednetwork" concept in netsh: netsh wlan set hostednetwork mode=allow ssid=xxxxx netsh wlan start hostednetwork However this method doesn't seem to work, I don't know if it's due to the authentication method (through certificates while hostednetwork seems to support just a "passphrase") or because I'm already connected to that network with the same MAC. Can you think to some tool able to do this?

Read the article
iPad revocable vpn access

- by carpat

I'm a programmer at my organization, but somehow got drafted into looking into some server stuff so forgive me of my ignorance: They want to give our sales people secure access to our internal sites using their iPads. This must be secure (obviously) but also revocable from the company's side (if someone quits they can no longer access our network). I see from http://support.apple.com/kb/HT1288 that the iPad supports "RSA SecurID", "CRYPTOCard", and "Kerberos" authentication methods. Will one of these do what we need? Are there any major differences between them?

Read the article
Samba domain trust errors on a specific interface

- by John K

We have a windows domain that also has RHEL member servers in it. All the servers have a primary network connection to the LAN, but some servers also have private dedicated links to one of our RHEL servers, which serves as a head to our SAN storage. This particular server is running Samba 3.5.15, and is running in domain authentication mode. Users can access shares on this server without a problem over the LAN connection from our Windows servers, but if a user tries to access the shares over a private link (i.e. a 192.168.1.2 address to the RHEL server) users get an error "The trust relationship between this workstation and the primary domain failed."

Read the article
Mac OS X desktop background gets reset to "Andromeda Galaxy.jpg" when users log out

- by smokris

I'm running Mac OS 10.6 server, and have a set of 10.6 and 10.7 workstations connected to it for authentication and MCX. Users have network profiles (home folder stored on server, via AFP). When users are logged in, they can change their desktop background. So far so good. However, the next time they log in, their desktop background has been reset to "Andromeda Galaxy.jpg". Though MCX is enabled and used to control other settings, MCX is disabled for the Desktop. What is keeping the users' desktop background from being preserved? How can I fix it?

Read the article
Truecrypt system partion partially encryted but then drive corrupted and won't boot - decrypting so I can access files to backup?

- by Dr.Seuss

So I was attempting to encrypt my (Windows 7) system drive with Truecrypt and it stopped at around 15% and said that there was a segment error and that it could not proceed until it was fixed. So, I restarted the computer and ran HDD Regenerator which subsequently fixed the bad sectors on the drive, but now my system cannot boot. So, I run a number of recovery disks to no avail (Windows repair is unable to fix) and the drive won't mount on a linux version run from a CD because the drive is encrypted. So I tried mounting the drive using Truecrypt under the Linux distribution on the disk and selected "Mount partition using system encryption without pre-boot authentication" so I can decrypt, but I get an error message about it only being possible once the entire system is encrypted. How do I get out of this mess? I need to be able to back up the data that's on that partially encrypted drive so I can reinstall my operating system.

Read the article
Strange RDP / Remote Desktop problem

- by John Landheer

I'll try to be as specific as I can be: Server is running SBS 2008 R2 (with all updates) Server is connected to the internet Server has 2 NIC's, one is disabled Server is running RDP Service (accessible directly from the internet, I know, not as secure as it should be) Computers A and B are on the same local net. Computers A and B are both Windows 7. Users X and Y are both admins on the server Computer A can connect as user X to the server with mstsc Computer A can connect as user Y to the server with mstsc Computer B can connect as user X to the server with mstsc computer B CANNOT connect as user Y to the server with mstsc! The last point is the problem, I get an authentication error. This used to work flawlessly for the last year. The server and desktops have been rebooted. I find it very strange....

Read the article
"Countersigning" a CA with openssl

- by Tom O'Connor

I'm pretty used to creating the PKI used for x509 authentication for whatever reason, SSL Client Verification being the main reason for doing it. I've just started to dabble with OpenVPN (Which I suppose is doing the same things as Apache would do with the Certificate Authority (CA) certificate) We've got a whole bunch of subdomains, and applicances which currently all present their own self-signed certificates. We're tired of having to accept exceptions in Chrome, and we think it must look pretty rough for our clients having our address bar come up red. For that, I'm comfortable to buy a SSL Wildcard CN=*.mycompany.com. That's no problem. What I don't seem to be able to find out is: Can we have our Internal CA root signed as a child of our wildcard certificate, so that installing that cert into guest devices/browsers/whatever doesn't present anything about an untrusted root? Also, on a bit of a side point, why does the addition of a wildcard double the cost of certificate purchase?

Read the article
Active Directory password update not recognized on OS X 10.7.3?

- by eaj

We have a few Macs in our office which are bound to our Active Directory (Server 2k8R2) domain for login authentication and access to file shares. For the most part this has worked without trouble. I recently changed my AD password (from the Windows box that is my main desktop machine), and my iMac still wants my old password for logins—even after a reboot. It correctly prompts for the new password when I attempt to connect to Windows smb file shares. The last time I changed my password, the iMac was running Snow Leopard and picked up the password change as expected. I'm a little bit of an OS X n00b, so I apologize if this should be obvious. My searching has turned up numerous issues people have had with Lion and Active Directory, but not this particular problem. Possibly related, we do have mobile accounts enabled for AD in the Directory Utility options. I assume this causes credentials to be cached locally, but it's not clear to me how to get them to update.

Read the article
Stop ssh client from offering all the public keys it can find?

- by Rory McCann

Like most sysadmins I use openssh all the time. I have about a dozen ssh keys, I like to have a different ssh key for each host. However this causes a problem when I am connecting to a host for the first time, and all I have is a password. I want to just connect to the host using a password, no ssh key in this case. However the ssh client will offer all the public keys in my ~/.ssh/ (I know this from looking at the output of ssh -v). Since I have so many, I will get disconnected for too many authentication failures. Is there some way to tell my ssh client to not offer all the ssh keys?

Read the article
Why does this login fail for user 'Servername\Guest'?

- by Metassebia

I install SQL Server 2005 EXPRESS edition on one computer, Computer Name = 'MyServe' and Database name='MyDB',take it as database server. it is configured as both Database and Windows Authentication Mode. with username=sa and password=adminaa. I have application in C#.Net my connection string is ConnectionString = "Data Source=MyServe\SQLEXPRESS;Initial Catalog=MyDB;Integrated Security=True;User ID=sa;Password=adminaa"; when I run the application on the computer called MyServe, the database server, it works well, while when I install the application on different computer, when it tries to connect the database it gives an error called "login failed for user 'MyServe\Guest" what is wrong with configuration in the database server or other mistakes. please help me. thankyou in advance. Metasebia

Read the article
How secure is using "Normal password" for SMTP with connection type = STARTTLS?

- by harshath.jr

I'm using an email client for the first time - for the most part I've always used gmail via the web interface. Now I'm setting up thunderbird to connect to an email server of my own (on my own server, own domain name, etc). The server machine (and the email server on it) was preconfigured for me. Now i figured out away by which I'm able to send and receive email, but I noticed that in the outgoing and incoming servers section, the connection type was STARTTLS (and not SSL/TLS), and the Authentication Type was "Normal Password". Does this mean that the password will be sent across in plain text? I'm very paranoid about security - its the only way that it works for me. Can someone please post links that explain how SMTP (my outbound server) and IMAP (my inbound server) servers work, and what connection type means what? Thanks! PS: If this question does not belong here, please redirect me.

Read the article
Should frontend and backend be handled by different controllers?

- by DR

In my previous learning projects I always used a single controller, but now I wonder if that is good practice or even always possible. In all RESTful Rails tutorials the controllers have a show, an edit and an index view. If an authorized user is logged on, the edit view becomes available and the index view shows additional data manipulation controls, like a delete button or a link to the edit view. Now I have a Rails application which falls exactly into this pattern, but the index view is not reusable: The normal user sees a flashy index page with lots of pictures, complex layout, no Javascript requirement, ... The Admin user index has a completly different minimalistic design, jQuery table and lots of additional data, ... Now I'm not sure how to handle this case. I can think of the following: Single controller, single view: The view is split into two large blocks/partials using an if statement. Single controller, two views: index and index_admin. Two different controllers: BookController and BookAdminController None of these solutions seems perfect, but for now I'm inclined to use the 3rd option. What's the preferred way to do this?

Read the article
What's the use of writing tests matching configuration-like code line by line?

- by Pascal Van Hecke

Hi, I have been wondering about the usefulness of writing tests that match code one-by-one. Just an example: in Rails, you can define 7 restful routes in one line in routes.rb using: resources :products BDD/TDD proscribes you test first and then write code. In order to test the full effect of this line, devs come up with macros e.g. for shoulda: http://kconrails.com/2010/01/27/route-testing-with-shoulda-in-ruby-on-rails/ class RoutingTest < ActionController::TestCase # simple should_map_resources :products end I'm not trying to pick on the guy that wrote the macros, this is just an example of a pattern that I see all over Rails. I'm just wondering what the use of it is... in the end you're just duplicating code and the only thing you test is that Rails works. You could as well write a tool that transforms your test macros into actual code... When I ask around, people answer me that: "the tests should document your code, so yes it makes sense to write them, even if it's just one line corresponding to one line" What are your thoughts?

Read the article
Site Action Button Missing

- by David

I have a Moss 2007 site collection which was running smoothly. However, after moving to Forms Authentication connected to Active Directory neither my Farm Administrator account nor the 2 Site collection administrators can get past the site homepage. There is no Site Action buttons availabe. When I log into CA witht he Farm Administrator account the Site Action button exists there so I suspect its something to do with the permissions to the site application. I have tried to connect directly to the settings URL http://mysite/_layouts/settings.aspx etc but get the ususal error Error: Access Denied Current User You are currently signed in as: xxxx (Farm Administrator Account) Sign in as a different user Request access I get the same error when logging in with the site collection admin accounts. Ive also checked to make sure that the sites are not locked out.

Read the article
Different configurations for ssh client depending on ip address or hostname

- by John Smith Optional

I have this in my ~/.ssh/config directory: Host 12.34.56.78 IdentityFile ~/.ssh/my_identity_file When I ssh to 12.34.56.78, everything works fine. I'm asked for the passphrase for "my_identity_file" and I can connect to the server. However, sometimes I'd also like to ssh to another server. But whatever the server, if I do: ssh [email protected] I'm also asked for the passphrase for "my_identity_file" (even though the server has a different ip address). This is very annoying because I don't have the public key for this file set up on all my servers. I'd like to connect to this other server (an old shared hosting account) with a password, and now I cant. How do I manage to use the key authentication only with one server, and keep using password by default for servers that aren't listed in my ~/.ssh/config ? Thanks for your help.

Read the article

< Previous Page | 181 182 183 184 185 186 187 188 189 190 191 192 | Next Page >