Search Results

Search found 90170 results on 3607 pages for 'user presence'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 199/3607 | < Previous Page | 195 196 197 198 199 200 201 202 203 204 205 206  | Next Page >

  • Passwordless ssh failed when login using username

    - by Aczire
    I was trying to setup Hadoop and was stumbled on passwordless ssh to localhost. I am getting a password prompt when trying to connect using ssh username@hostname format. But there is no problem connecting to the machine like ssh localhost or ssh hostname.com. Tried ssh-copy-id user@hostname but it did not work. Using CentOS 6.3 as normal user, I neither have root access or am a sudoer so editing any files like sshd_config is not possible (not even cat the sshd_config file contents). I hope the user login is possible since I can do login without password to localhost, right? Please advise, Here is the ssh debug output. [[email protected] ~]$ ssh -v [email protected] OpenSSH_5.3p1, OpenSSL 1.0.0-fips 29 Mar 2010 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to hostname.com [::1] port 22. debug1: Connection established. debug1: identity file /home/user/.ssh/identity type -1 debug1: identity file /home/user/.ssh/id_rsa type -1 debug1: identity file /home/user/.ssh/id_dsa type 2 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3 debug1: match: OpenSSH_5.3 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.3 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host 'hostname.com' is known and matches the RSA host key. debug1: Found key in /home/user/.ssh/known_hosts:1 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password debug1: Next authentication method: gssapi-keyex debug1: No valid Key exchange context debug1: Next authentication method: gssapi-with-mic debug1: Unspecified GSS failure. Minor code may provide more information Credentials cache file '/tmp/krb5cc_500' not found debug1: Unspecified GSS failure. Minor code may provide more information Credentials cache file '/tmp/krb5cc_500' not found debug1: Unspecified GSS failure. Minor code may provide more information debug1: Unspecified GSS failure. Minor code may provide more information debug1: Next authentication method: publickey debug1: Offering public key: /home/user/.ssh/id_dsa debug1: Server accepts key: pkalg ssh-dss blen 434 Agent admitted failure to sign using the key. debug1: Trying private key: /home/user/.ssh/identity debug1: Trying private key: /home/user/.ssh/id_rsa debug1: Next authentication method: password [email protected]'s password:

    Read the article

  • How can I automatically require a password when connecting to a WD MyBookLive?

    - by user-123
    I have created a user which has specific privileges to access the shares on our WD MyBookLive Network drive (ie it requires a password to connect), however after connecting once Windows seems to remember the password (or at least for the rest of the session). How can I make it so it is necessary to require a password every time the user connects to the drive or makes some change on Windows? I am particularly thinking of Cryptolocker and other variants of "ransomeware" which will try and connect to the drive and encrypt it.

    Read the article

  • Should one have a separate user account for work use? [closed]

    - by Tyler Wayne
    This question examines the practice of using a separate OS-level user account to divide work use from personal use (specifically, in a creative profession and on a personal computer). I recently left my in-the-flesh job to go to school, but I'm carrying on with the work remotely. I do all of my work on my laptop, and I currently have a separate user account called "Work" where I do exactly that. However, I'm now starting to question that practice. Because my hobby is the same as my job, I want to save notes of the things I learn while working. Because ideas come at any moment, I often want to throw something into my personal task manager's inbox and look at it again later. That task manager is well-suited to handle both the work and personal aspects of my life. Only my personal account has admin rights, but work sometimes requires me to install programs. My employer has no preference regarding my choice, so that is a non-issue. My work is essentially freelance web development, so advice given with that in mind will be much appreciated. Back up all opinion with some personal experience, please. Ideally, give a list of pros and cons and then name reasons for your position.

    Read the article

  • How can Standard User change file associations in Windows 2000?

    - by Gary M. Mugford
    One of my clients is still running Win2K server with a host of Win2K workstations. And no net admin, due to the downturn of the economy over the years. I'm sort of helping out. Out of my depth, but I am a loyal foot soldier. A problem I encounter rather too often is a user double-clicks on a file in Explorer and then either gets no action, or the wrong program to run. It's a case of a missing or out-of-date file association. The current cure is to temporarily upgrade the user from Standard to Power, do the FA switch and then change back. As Winnie would whine, 'Oh, bother!' At any rate, I thought I'd ask here. Is there a method/program to run without the rigamarole FROM the Standard Users account on the workstation to edit/add a file association? I assume the program route would involve RunAs. I 'believe' most of the workstations run the RunAs service, but I could be wrong. I understand that's required, if there is to be a solution. Any help accepted with thanks. GM NOTE: Seems wassociate from http://www.xs4all.nl/~wstudios/Associate/index.html can resolve the issue.

    Read the article

  • How can Standard User change file associations in Windows 2000?

    - by Gary M. Mugford
    One of my clients is still running Win2K server with a host of Win2K workstations. And no net admin, due to the downturn of the economy over the years. I'm sort of helping out. Out of my depth, but I am a loyal foot soldier. A problem I encounter rather too often is a user double-clicks on a file in Explorer and then either gets no action, or the wrong program to run. It's a case of a missing or out-of-date file association. The current cure is to temporarily upgrade the user from Standard to Power, do the FA switch and then change back. As Winnie would whine, 'Oh, bother!' At any rate, I thought I'd ask here. Is there a method/program to run without the rigamarole FROM the Standard Users account on the workstation to edit/add a file association? I assume the program route would involve RunAs. I 'believe' most of the workstations run the RunAs service, but I could be wrong. I understand that's required, if there is to be a solution. Any help accepted with thanks. GM NOTE: Seems wassociate from http://www.xs4all.nl/~wstudios/Associate/index.html can resolve the issue.

    Read the article

  • Limiting ssh user account only to access his home directory!

    - by EBAGHAKI
    By reading some tutorials online I used these commands: Make a local group: net localgroup CopsshUsers /ADD Deny access to this group at top level: cacls c:\ /c /e /t /d CopsshUsers Open access to the copSSH installation directory: cacls copssh-inst-dir /c /e /t /r CopsshUsers Add Copssh user to the group above: net localgroup CopsshUsers mysshuser /add simply put these commands will try to create a usergroup that has no permission on your computer and it only have access to the copSSH Installation directory. This is not true, since you cannot change the permission on your windows directory, the third command won't remove access to windows folder (it says access denied on his log). Somehow I achieved that by taking ownership of Windows folder and then i execute the third command so CopsshUsers has no permissions on windows folder from now on. Now i tried to SSH to the server and it simply can't login! this is kind of funny because with permission on windows directory you can login and without it you can't!! So if you CAN SSH to the server somehow you know that you have access to the windows directory! (Is this really true??) Simple task: Limiting ssh user account only to access his home directory on WINDOWS and nothing else! Guys please help!

    Read the article

  • How to change mount to grant user write permissions?

    - by nals
    I am on TomatoUSB, and using the feature to have a NAS. The only way I can write to the Samba share is if I force root: [global] interfaces = 127.0.0.1, 192.168.1.1/24 bind interfaces only = no workgroup = WORKGROUP netbios name = TOMATO security = share wins support = yes name resolve order = wins lmhosts hosts bcast guest account = nobody [Public] path = /mnt/sda2 read only = no public = yes only guest = yes guest ok = yes browseable = yes comment = Network share force user = root writeable = yes I dont really like the idea having to use root to allow write access to my share. I have a samba account created already named nobody to allow access to the share. However every time I try to write I get access denied error. fstab: /dev/sda2 /mnt/sda2 vfat defaults 0 0 Further more every time I try to chmod 777 /tmp/mnt/sda2 the permissions are not changed, and no error is produced. They stay 755. drwxr-xr-x 2 root root 4096 Jun 4 01:49 sda2 Basically; how can I give the user nobody write permissions to my mount? dev name: /dev/sda2 dev mount: /tmp/mnt/sda2

    Read the article

  • Accessing or Resetting Permissions of a Mounted Registry Hive of a Different User / From a Different System

    - by Synetech
    I’m currently stuck using my backup system until I can replace my dead motherboard. In the meantime, I have put my hard-drive in this system so that I can access my files and keep working on the backup system. Fortunately, I don’t have a permission issues with the files (the partitions are FAT32). The issue I’m having is with the registry. I need to import some of my settings from the hives of my (old? normal?) installation of Windows into the one I’m currently using. Settings from the system hives (SYSTEM, SOFTWARE, etc.) are fine, but the user hive is giving me trouble. I’ve copied the NTUSER.DAT file from my other drive and mounted it with the reg command. Most of the keys (eg Software) are fine and I can access them without problem, but some of them (particularly the Identities key where Outlook Express settings are stored) complains that it cannot be opened. If I open the permissions dialog, I get an error about being unable to view the current permssions. If I then ignore it and try to take ownership of the key and it’s subkeys, I get an access-denied error. If I then add permissions for my user account on this system, I get an error, however I am then able to see the subkeys and values of the key. If I then try to access the subkeys, I get the same original errors. If I repeat the process for each subkey, I can see their values and subkeys, and so on, but of course this gets to be incredibly annoying and time-consuming (especially since the Identities key has a lot of subkeys). Is there an easier/temporary/more correct way to dump a key so that I can import it into my backup system?

    Read the article

  • Fed Authentication Methods in OIF / IdP

    - by Damien Carru
    This article is a continuation of my previous entry where I explained how OIF/IdP leverages OAM to authenticate users at runtime: OIF/IdP internally forwards the user to OAM and indicates which Authentication Scheme should be used to challenge the user if needed OAM determine if the user should be challenged (user already authenticated, session timed out or not, session authentication level equal or higher than the level of the authentication scheme specified by OIF/IdP…) After identifying the user, OAM internally forwards the user back to OIF/IdP OIF/IdP can resume its operation In this article, I will discuss how OIF/IdP can be configured to map Federation Authentication Methods to OAM Authentication Schemes: When processing an Authn Request, where the SP requests a specific Federation Authentication Method with which the user should be challenged When sending an Assertion, where OIF/IdP sets the Federation Authentication Method in the Assertion Enjoy the reading! Overview The various Federation protocols support mechanisms allowing the partners to exchange information on: How the user should be challenged, when the SP/RP makes a request How the user was challenged, when the IdP/OP issues an SSO response When a remote SP partner redirects the user to OIF/IdP for Federation SSO, the message might contain data requesting how the user should be challenged by the IdP: this is treated as the Requested Federation Authentication Method. OIF/IdP will need to map that Requested Federation Authentication Method to a local Authentication Scheme, and then invoke OAM for user authentication/challenge with the mapped Authentication Scheme. OAM would authenticate the user if necessary with the scheme specified by OIF/IdP. Similarly, when an IdP issues an SSO response, most of the time it will need to include an identifier representing how the user was challenged: this is treated as the Federation Authentication Method. When OIF/IdP issues an Assertion, it will evaluate the Authentication Scheme with which OAM identified the user: If the Authentication Scheme can be mapped to a Federation Authentication Method, then OIF/IdP will use the result of that mapping in the outgoing SSO response: AuthenticationStatement in the SAML Assertion OpenID Response, if PAPE is enabled If the Authentication Scheme cannot be mapped, then OIF/IdP will set the Federation Authentication Method as the Authentication Scheme name in the outgoing SSO response: AuthenticationStatement in the SAML Assertion OpenID Response, if PAPE is enabled Mappings In OIF/IdP, the mapping between Federation Authentication Methods and Authentication Schemes has the following rules: One Federation Authentication Method can be mapped to several Authentication Schemes In a Federation Authentication Method <-> Authentication Schemes mapping, a single Authentication Scheme is marked as the default scheme that will be used to authenticate a user, if the SP/RP partner requests the user to be authenticated via a specific Federation Authentication Method An Authentication Scheme can be mapped to a single Federation Authentication Method Let’s examine the following example and the various use cases, based on the SAML 2.0 protocol: Mappings defined as: urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport mapped to LDAPScheme, marked as the default scheme used for authentication BasicScheme urn:oasis:names:tc:SAML:2.0:ac:classes:X509 mapped to X509Scheme, marked as the default scheme used for authentication Use cases: SP sends an AuthnRequest specifying urn:oasis:names:tc:SAML:2.0:ac:classes:X509 as the RequestedAuthnContext: OIF/IdP will authenticate the use with X509Scheme since it is the default scheme mapped for that method. SP sends an AuthnRequest specifying urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport as the RequestedAuthnContext: OIF/IdP will authenticate the use with LDAPScheme since it is the default scheme mapped for that method, not the BasicScheme SP did not request any specific methods, and user was authenticated with BasisScheme: OIF/IdP will issue an Assertion with urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport as the FederationAuthenticationMethod SP did not request any specific methods, and user was authenticated with LDAPScheme: OIF/IdP will issue an Assertion with urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport as the FederationAuthenticationMethod SP did not request any specific methods, and user was authenticated with BasisSessionlessScheme: OIF/IdP will issue an Assertion with BasisSessionlessScheme as the FederationAuthenticationMethod, since that scheme could not be mapped to any Federation Authentication Method (in this case, the administrator would need to correct that and create a mapping) Configuration Mapping Federation Authentication Methods to OAM Authentication Schemes is protocol dependent, since the methods are defined in the various protocols (SAML 2.0, SAML 1.1, OpenID 2.0). As such, the WLST commands to set those mappings will involve: Either the SP Partner Profile and affect all Partners referencing that profile, which do not override the Federation Authentication Method to OAM Authentication Scheme mappings Or the SP Partner entry, which will only affect the SP Partner It is important to note that if an SP Partner is configured to define one or more Federation Authentication Method to OAM Authentication Scheme mappings, then all the mappings defined in the SP Partner Profile will be ignored. Authentication Schemes As discussed in the previous article, during Federation SSO, OIF/IdP will internally forward the user to OAM for authentication/verification and specify which Authentication Scheme to use. OAM will determine if a user needs to be challenged: If the user is not authenticated yet If the user is authenticated but the session timed out If the user is authenticated, but the authentication scheme level of the original authentication is lower than the level of the authentication scheme requested by OIF/IdP So even though an SP requests a specific Federation Authentication Method to be used to challenge the user, if that method is mapped to an Authentication Scheme and that at runtime OAM deems that the user does not need to be challenged with that scheme (because the user is already authenticated, session did not time out, and the session authn level is equal or higher than the one for the specified Authentication Scheme), the flow won’t result in a challenge operation. Protocols SAML 2.0 The SAML 2.0 specifications define the following Federation Authentication Methods for SAML 2.0 flows: urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocol urn:oasis:names:tc:SAML:2.0:ac:classes:Telephony urn:oasis:names:tc:SAML:2.0:ac:classes:MobileOneFactorUnregistered urn:oasis:names:tc:SAML:2.0:ac:classes:PersonalTelephony urn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession urn:oasis:names:tc:SAML:2.0:ac:classes:MobileOneFactorContract urn:oasis:names:tc:SAML:2.0:ac:classes:Smartcard urn:oasis:names:tc:SAML:2.0:ac:classes:Password urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword urn:oasis:names:tc:SAML:2.0:ac:classes:X509 urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient urn:oasis:names:tc:SAML:2.0:ac:classes:PGP urn:oasis:names:tc:SAML:2.0:ac:classes:SPKI urn:oasis:names:tc:SAML:2.0:ac:classes:XMLDSig urn:oasis:names:tc:SAML:2.0:ac:classes:SoftwarePKI urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport urn:oasis:names:tc:SAML:2.0:ac:classes:SecureRemotePassword urn:oasis:names:tc:SAML:2.0:ac:classes:NomadTelephony urn:oasis:names:tc:SAML:2.0:ac:classes:AuthenticatedTelephony urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorUnregistered urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract urn:oasis:names:tc:SAML:2.0:ac:classes:SmartcardPKI urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken Out of the box, OIF/IdP has the following mappings for the SAML 2.0 protocol: Only urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport is defined This Federation Authentication Method is mapped to: LDAPScheme, marked as the default scheme used for authentication FAAuthScheme BasicScheme BasicFAScheme This mapping is defined in the saml20-sp-partner-profile SP Partner Profile which is the default OOTB SP Partner Profile for SAML 2.0 An example of an AuthnRequest message sent by an SP to an IdP with the SP requesting a specific Federation Authentication Method to be used to challenge the user would be: <samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://idp.com/oamfed/idp/samlv20" ID="id-8bWn-A9o4aoMl3Nhx1DuPOOjawc-" IssueInstant="2014-03-21T20:51:11Z" Version="2.0">  <saml:Issuer ...>https://acme.com/sp</saml:Issuer>  <samlp:NameIDPolicy AllowCreate="false" Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"/>  <samlp:RequestedAuthnContext Comparison="minimum">    <saml:AuthnContextClassRef xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">      urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport </saml:AuthnContextClassRef>  </samlp:RequestedAuthnContext></samlp:AuthnRequest> An example of an Assertion issued by an IdP would be: <samlp:Response ...>    <saml:Issuer ...>https://idp.com/oam/fed</saml:Issuer>    <samlp:Status>        <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>    </samlp:Status>    <saml:Assertion ...>        <saml:Issuer ...>https://idp.com/oam/fed</saml:Issuer>        <dsig:Signature>            ...        </dsig:Signature>        <saml:Subject>            <saml:NameID ...>[email protected]</saml:NameID>            <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">                <saml:SubjectConfirmationData .../>            </saml:SubjectConfirmation>        </saml:Subject>        <saml:Conditions ...>            <saml:AudienceRestriction>                <saml:Audience>https://acme.com/sp</saml:Audience>            </saml:AudienceRestriction>        </saml:Conditions>        <saml:AuthnStatement AuthnInstant="2014-03-21T20:53:55Z" SessionIndex="id-6i-Dm0yB-HekG6cejktwcKIFMzYE8Yrmqwfd0azz" SessionNotOnOrAfter="2014-03-21T21:53:55Z">            <saml:AuthnContext>                <saml:AuthnContextClassRef>                    urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport                </saml:AuthnContextClassRef>            </saml:AuthnContext>        </saml:AuthnStatement>    </saml:Assertion></samlp:Response> An administrator would be able to specify a mapping between a SAML 2.0 Federation Authentication Method and one or more OAM Authentication Schemes SAML 1.1 The SAML 1.1 specifications define the following Federation Authentication Methods for SAML 1.1 flows: urn:oasis:names:tc:SAML:1.0:am:unspecified urn:oasis:names:tc:SAML:1.0:am:HardwareToken urn:oasis:names:tc:SAML:1.0:am:password urn:oasis:names:tc:SAML:1.0:am:X509-PKI urn:ietf:rfc:2246 urn:oasis:names:tc:SAML:1.0:am:PGP urn:oasis:names:tc:SAML:1.0:am:SPKI urn:ietf:rfc:3075 urn:oasis:names:tc:SAML:1.0:am:XKMS urn:ietf:rfc:1510 urn:ietf:rfc:2945 Out of the box, OIF/IdP has the following mappings for the SAML 1.1 protocol: Only urn:oasis:names:tc:SAML:1.0:am:password is defined This Federation Authentication Method is mapped to: LDAPScheme, marked as the default scheme used for authentication FAAuthScheme BasicScheme BasicFAScheme This mapping is defined in the saml11-sp-partner-profile SP Partner Profile which is the default OOTB SP Partner Profile for SAML 1.1 An example of an Assertion issued by an IdP would be: <samlp:Response ...>    <samlp:Status>        <samlp:StatusCode Value="samlp:Success"/>    </samlp:Status>    <saml:Assertion Issuer="https://idp.com/oam/fed" ...>        <saml:Conditions ...>            <saml:AudienceRestriction>                <saml:Audience>https://acme.com/sp/ssov11</saml:Audience>            </saml:AudienceRestriction>        </saml:Conditions>        <saml:AuthnStatement AuthenticationInstant="2014-03-21T20:53:55Z" AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password">            <saml:Subject>                <saml:NameID ...>[email protected]</saml:NameID>                <saml:SubjectConfirmation>                   <saml:ConfirmationMethod>                       urn:oasis:names:tc:SAML:1.0:cm:bearer                   </saml:ConfirmationMethod>                </saml:SubjectConfirmation>            </saml:Subject>        </saml:AuthnStatement>        <dsig:Signature>            ...        </dsig:Signature>    </saml:Assertion></samlp:Response> Note: SAML 1.1 does not define an AuthnRequest message. An administrator would be able to specify a mapping between a SAML 1.1 Federation Authentication Method and one or more OAM Authentication Schemes OpenID 2.0 The OpenID 2.0 PAPE specifications define the following Federation Authentication Methods for OpenID 2.0 flows: http://schemas.openid.net/pape/policies/2007/06/phishing-resistant http://schemas.openid.net/pape/policies/2007/06/multi-factor http://schemas.openid.net/pape/policies/2007/06/multi-factor-physical Out of the box, OIF/IdP does not define any mappings for the OpenID 2.0 Federation Authentication Methods. For OpenID 2.0, the configuration will involve mapping a list of OpenID 2.0 policies to a list of Authentication Schemes. An example of an OpenID 2.0 Request message sent by an SP/RP to an IdP/OP would be: https://idp.com/openid?openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=checkid_setup&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.assoc_handle=id-6a5S6zhAKaRwQNUnjTKROREdAGSjWodG1el4xyz3&openid.return_to=https%3A%2F%2Facme.com%2Fopenid%3Frefid%3Did-9PKVXZmRxAeDYcgLqPm36ClzOMA-&openid.realm=https%3A%2F%2Facme.com%2Fopenid&openid.ns.ax=http%3A%2F%2Fopenid.net%2Fsrv%2Fax%2F1.0&openid.ax.mode=fetch_request&openid.ax.type.attr0=http%3A%2F%2Faxschema.org%2Fcontact%2Femail&openid.ax.if_available=attr0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=0 An example of an Open ID 2.0 SSO Response issued by an IdP/OP would be: https://acme.com/openid?refid=id-9PKVXZmRxAeDYcgLqPm36ClzOMA-&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=id_res&openid.op_endpoint=https%3A%2F%2Fidp.com%2Fopenid&openid.claimed_id=https%3A%2F%2Fidp.com%2Fopenid%3Fid%3Did-38iCmmlAVEXPsFjnFVKArfn5RIiF75D5doorhEgqqPM%3D&openid.identity=https%3A%2F%2Fidp.com%2Fopenid%3Fid%3Did-38iCmmlAVEXPsFjnFVKArfn5RIiF75D5doorhEgqqPM%3D&openid.return_to=https%3A%2F%2Facme.com%2Fopenid%3Frefid%3Did-9PKVXZmRxAeDYcgLqPm36ClzOMA-&openid.response_nonce=2014-03-24T19%3A20%3A06Zid-YPa2kTNNFftZkgBb460jxJGblk2g--iNwPpDI7M1&openid.assoc_handle=id-6a5S6zhAKaRwQNUnjTKROREdAGSjWodG1el4xyz3&openid.ns.ax=http%3A%2F%2Fopenid.net%2Fsrv%2Fax%2F1.0&openid.ax.mode=fetch_response&openid.ax.type.attr0=http%3A%2F%2Fsession%2Fcount&openid.ax.value.attr0=1&openid.ax.type.attr1=http%3A%2F%2Fopenid.net%2Fschema%2FnamePerson%2Ffriendly&openid.ax.value.attr1=My+name+is+Bobby+Smith&openid.ax.type.attr2=http%3A%2F%2Fschemas.openid.net%2Fax%2Fapi%2Fuser_id&openid.ax.value.attr2=bob&openid.ax.type.attr3=http%3A%2F%2Faxschema.org%2Fcontact%2Femail&openid.ax.value.attr3=bob%40oracle.com&openid.ax.type.attr4=http%3A%2F%2Fsession%2Fipaddress&openid.ax.value.attr4=10.145.120.253&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.auth_time=2014-03-24T19%3A20%3A05Z&openid.pape.auth_policies=http%3A%2F%2Fschemas.openid.net%2Fpape%2Fpolicies%2F2007%2F06%2Fphishing-resistant&openid.signed=op_endpoint%2Cclaimed_id%2Cidentity%2Creturn_to%2Cresponse_nonce%2Cassoc_handle%2Cns.ax%2Cax.mode%2Cax.type.attr0%2Cax.value.attr0%2Cax.type.attr1%2Cax.value.attr1%2Cax.type.attr2%2Cax.value.attr2%2Cax.type.attr3%2Cax.value.attr3%2Cax.type.attr4%2Cax.value.attr4%2Cns.pape%2Cpape.auth_time%2Cpape.auth_policies&openid.sig=mYMgbGYSs22l8e%2FDom9NRPw15u8%3D In the next article, I will provide examples on how to configure OIF/IdP for the various protocols, to map OAM Authentication Schemes to Federation Authentication Methods.Cheers,Damien Carru

    Read the article

  • What's a good scheme for multi-user database synchronization?

    - by Mason Wheeler
    I'm working on a system to allow multiple users to collaborate on an online project. Everything is fairly straightforward, except for keeping the users in sync. Each user has their own local copy of the project database, which allows them to make changes and test things out, and then send the updates to the central server. But this runs into the classic synchronization question: how do you keep two users from editing the same thing and stomping each other's work? I've got an idea that should work, but I wonder if there's a simpler way to do it. Here's the basic concept: All project data is stored in a relational database. Each row in the database has an owner. If the current user is not the owner, he can read but not write that row. (This is enforced client-side.) The user can send a request to the server to take ownership of a row, which will be granted if the server's copy says that the current owner is NULL, or to release ownership when they're done with it. It is not possible to release ownership without committing changes to the server. It is not possible to commit changes to the server without having first downloaded all outstanding changes to the server. When any changes are made to rows you own, a trigger marks that row as Dirty. When you commit changes, the database is scanned for all Dirty rows in all tables, and the data is serialized into an update file, which is posted to the server, and all rows are marked Clean. The server applies the updates on its end, and keeps the file around. When other users download changes, the server sends them the update files that they haven't already received. So, essentially this is a reinvention of version control on a relational database. (Sort of.) As long as taking ownership and applying updates to the server are guaranteed atomic changes, and the server verifies that some smart-aleck user didn't edit their local database so they could send an update for a row they don't have ownership of, it should be guaranteed to be correct, and with no need to worry about merges and merge conflicts. (I think.) Can anyone think of any problems with this scheme, or ways to do it better? (And no, "build [insert VCS here] into your project" is not what I'm looking for. I've thought of that already. VCSs work well with text, and not so well with other file formats, such as relational databases.)

    Read the article

  • zk selecting combobox item programatically

    - by Abdul Khaliq
    Hi, I cannot set the value of combobox programatically can some one tell me what missing in the code public class Profile extends Window implements AfterCompose { @Override public void afterCompose() { Session session = Sessions.getCurrent(false); ApplicationContext ctx = WebApplicationContextUtils.getRequiredWebApplicationContext( (ServletContext) getDesktop().getWebApp().getNativeContext()); UsersDao usersDao = (UsersDao) ctx.getBean("daoUsers"); User user = (User) session.getAttribute("user"); user = usersDao.getUser(user.getUsername(),user.getPassword()); Textbox username_t = (Textbox) this.getFellow("username"); Textbox password_t = (Textbox) this.getFellow("password"); Textbox conpassword_t = (Textbox) this.getFellow("con_password"); Textbox firstname_t = (Textbox) this.getFellow("firstName"); Textbox lastname_t = (Textbox) this.getFellow("lastName"); Textbox email_t = (Textbox) this.getFellow("email"); Combobox hintQuestion_t = (Combobox) this.getFellow("hintQuestion"); Textbox hintAnswer_t = (Textbox) this.getFellow("hintAnswer"); Combobox locale_t = (Combobox) this.getFellow("locale"); Combobox authority_t = (Combobox) this.getFellow("authority"); username_t.setText(user.getUsername()); firstname_t.setText(user.getUserDetails().getFirstName()); lastname_t.setText(user.getUserDetails().getLastName()); email_t.setText(user.getUserDetails().getEmail()); Comboitem selectedItem = getSelectedIndexComboboxItem(hintQuestion_t, user.getHintQuestion()); hintQuestion_t.setSelectedItem(selectedItem); hintAnswer_t.setText(user.getHintAnswer()); selectedItem = getSelectedIndexComboboxItem(locale_t, user.getUserDetails().getLocale()); locale_t.setSelectedItem(selectedItem); selectedItem = getSelectedIndexComboboxItem(authority_t, ((Authority)user.getAuthorities().toArray()[0]).getRole()); authority_t.setSelectedItem(selectedItem); } private Comboitem getSelectedIndexComboboxItem(Combobox combobox, String value) { List<Comboitem> items = combobox.getItems(); Comboitem item = items.get(0); for (int i = 0; i < items.size(); i++) { Comboitem comboitem = items.get(i); String label = (String)comboitem.getLabel(); String cval = (String)comboitem.getValue(); if ((label!=null && label.equalsIgnoreCase(value)) || (cval != null && cval.equalsIgnoreCase(value))) { item = comboitem; break; } } return item; } } // zk file <window id="profile" use="com.jf.web.zk.ui.Profile"> <tabbox id="tabbox" width="40%" > <tabs> <tab label="Account Information"/> <tab label="Personal Information"/> <tab label="Contact Details"/> </tabs> <tabpanels> <tabpanel> <grid> <rows> <row> <label value="${i18nUtils.message('user.username')}"/> <hbox> <textbox id="username" />*,a-zA-Z,0-9 </hbox> </row> <row> <label value="${i18nUtils.message('user.password')}"/> <hbox> <textbox id="password" type="password"/>* </hbox> </row> <row> <label value="${i18nUtils.message('registration.user.password.confirm')}"/> <hbox> <textbox id="con_password" type="password"/>* </hbox> </row> <row> <label value="${i18nUtils.message('user.details.first.name')}"/> <hbox> <textbox id="firstName" type="text"/>* </hbox> </row> <row> <label value="${i18nUtils.message('user.details.last.name')}"/> <hbox> <textbox id="lastName" type="text"/>* </hbox> </row> <row> <label value="${i18nUtils.message('user.details.email')}"/> <hbox> <textbox id="email" type="text"/>* </hbox> </row> <row> <label value="${i18nUtils.message('user.hint.question')}"/> <hbox> <combobox id="hintQuestion" onCreate='self.setSelectedIndex(1);'> <comboitem label="${i18nUtils.message('user.hint.question.possible.value1')}" /> <comboitem label="${i18nUtils.message('user.hint.question.possible.value2')}" /> <comboitem label="${i18nUtils.message('user.hint.question.possible.value3')}" /> <comboitem label="${i18nUtils.message('user.hint.question.possible.value4')}" /> <comboitem label="${i18nUtils.message('user.hint.question.possible.value5')}" /> </combobox>* </hbox> </row> <row> <label value="${i18nUtils.message('user.hint.answer')}"/> <hbox> <textbox id="hintAnswer" type="text"/>* </hbox> </row> <row> <label value="${i18nUtils.message('user.details.locale')}"/> <hbox> <combobox id="locale" onCreate='self.setSelectedIndex(1);self.setReadonly(true);'> <comboitem label="${i18nUtils.message('user.details.locale.en')}" value="en_US"/> <comboitem label="${i18nUtils.message('user.details.locale.bg')}" value="bg_BG"/> </combobox>* </hbox> </row> <row> <label value="${i18nUtils.message('authority.account.type')}"/> <hbox> <combobox id="authority" onCreate='self.setSelectedIndex(0);self.setReadonly(true);'> <comboitem label="${i18nUtils.message('authority.job.seeker')}" value="Job Seeker"/> <comboitem label="${i18nUtils.message('authority.employer')}" value="Employer"/> <comboitem label="${i18nUtils.message('authority.hra')}" value="Human Resource Agency"/> <comboitem label="${i18nUtils.message('authority.advertiser')}" value="Advertiser"/> </combobox>* </hbox> </row> </rows> </grid> </tabpanel> </tabpanels> </tabbox> <grid width="40%"> <rows> <row> <button label="${i18nUtils.message('bttn.save')}" onClick="save()"/> <button label="${i18nUtils.message('bttn.cancel')}" onClick="cancel()"/> </row> </rows> </grid> </window> </zk> The "getSelectedIndexComboboxItem()" does return the correct selected item but there seems no effect on the UI. Like for example the locale is set to default Bulgarian language and I need to set it to English. Abdul Khaliq

    Read the article

  • Post SQL 2008 R2 Launch Thurs 15th London - UK SQL Server User Group is having a Social Event @ the

    - by tonyrogerson
    The UK SQL Server User Group is organising a Social event for SQL and SQL Server professionals, the event will be held after the SQL Server 2008 R2 launch event and is a short walk from that venue. See site for more information: http://sqlserverfaq.com/events/222/Social-for-SQL-and-SQL-Server-professionals-SQL-quiz-meet-your-peers-ask-the-group-Q-A.aspx We are putting some light bites on, if you are coming then do let us know through the site. Neil Hambly who is the London UK SQL Server User Group...(read more)

    Read the article

  • BPM ADF Task forms. Checking whether the current user is in a BPM Swimlane

    - by Christopher Karl Chan
    So this blog will focus on BPM Swimlane roles and users from a ADF context.So we have an ADF Task Details Form and we are in the process of making it richer and dynamic in functionality. A common requirement could be to dynamically show different areas based on the user logged into the workspace. Perhaps even we want to know even what swim-lane role the user belongs to.It is is a little bit harder to achieve then one thinks unless you know the trick. [Read More]

    Read the article

  • PHP may be executing as a "privileged" group and user, which could be a serious security vulnerability

    - by Martin
    I ran some security tests on a Ubuntu 12.04 Server, and I've got these warnings : PHP may be executing as a "privileged" group, which could be a serious security vulnerability. PHP may be executing as a "privileged" user, which could be a serious security vulnerability. In /etc/apache2/envvars, I have this: export APACHE_RUN_USER=www-data export APACHE_RUN_GROUP=www-data And all files in /var/www are having these user/group: www-data:www-data Am I setting this correctly? What should I do to fix this problem?

    Read the article

  • why some websites changes their short and user friendly URL to long URL?

    - by diEcho
    Hello All, i wonder why some website changes their short and user friendly url to long url like cricinfo.com ---- espncricinfo.com indiafm.com --- bollywoodhungama.com and many others i have seen i just want to know that what is the exact need of doing that?? is there economical reason or what??i think user dont like to write long website name still i also type indiafm.com and browser automatically redirect the URL. (sorry if tags are wrong) Thanks,

    Read the article

  • What are the advantages and disadvantages of having a subdomain for each user account?

    - by Sathish Manohar
    I notice two types of design used in web applications, some with a particular subdomain for users contents, and some with same URL structure for all the accounts. Ex: unique.domain.com and another_unique.domain.com for subdomains for sites like blogspot, wordpress, basecamp etc. while in the other approach domain.com/action1 and domain.com/action2 the content is shown according to the user logged in, but the URL is same for every user. What are main differences between both of these kind of design?

    Read the article

  • zk selecting combobox item programatically

    - by Abdul Khaliq
    I cannot set the value of combobox programatically can some one tell me what missing in the code public class Profile extends Window implements AfterCompose { @Override public void afterCompose() { Session session = Sessions.getCurrent(false); ApplicationContext ctx = WebApplicationContextUtils.getRequiredWebApplicationContext( (ServletContext) getDesktop().getWebApp().getNativeContext()); UsersDao usersDao = (UsersDao) ctx.getBean("daoUsers"); User user = (User) session.getAttribute("user"); user = usersDao.getUser(user.getUsername(),user.getPassword()); Textbox username_t = (Textbox) this.getFellow("username"); Textbox password_t = (Textbox) this.getFellow("password"); Textbox conpassword_t = (Textbox) this.getFellow("con_password"); Textbox firstname_t = (Textbox) this.getFellow("firstName"); Textbox lastname_t = (Textbox) this.getFellow("lastName"); Textbox email_t = (Textbox) this.getFellow("email"); Combobox hintQuestion_t = (Combobox) this.getFellow("hintQuestion"); Textbox hintAnswer_t = (Textbox) this.getFellow("hintAnswer"); Combobox locale_t = (Combobox) this.getFellow("locale"); Combobox authority_t = (Combobox) this.getFellow("authority"); username_t.setText(user.getUsername()); firstname_t.setText(user.getUserDetails().getFirstName()); lastname_t.setText(user.getUserDetails().getLastName()); email_t.setText(user.getUserDetails().getEmail()); Comboitem selectedItem = getSelectedIndexComboboxItem(hintQuestion_t, user.getHintQuestion()); hintQuestion_t.setSelectedItem(selectedItem); hintAnswer_t.setText(user.getHintAnswer()); selectedItem = getSelectedIndexComboboxItem(locale_t, user.getUserDetails().getLocale()); locale_t.setSelectedItem(selectedItem); selectedItem = getSelectedIndexComboboxItem(authority_t, ((Authority)user.getAuthorities().toArray()[0]).getRole()); authority_t.setSelectedItem(selectedItem); } private Comboitem getSelectedIndexComboboxItem(Combobox combobox, String value) { List<Comboitem> items = combobox.getItems(); Comboitem item = items.get(0); for (int i = 0; i < items.size(); i++) { Comboitem comboitem = items.get(i); String label = (String)comboitem.getLabel(); String cval = (String)comboitem.getValue(); if ((label!=null && label.equalsIgnoreCase(value)) || (cval != null && cval.equalsIgnoreCase(value))) { item = comboitem; break; } } return item; } } // zk file <window id="profile" use="com.jf.web.zk.ui.Profile"> <tabbox id="tabbox" width="40%" > <tabs> <tab label="Account Information"/> <tab label="Personal Information"/> <tab label="Contact Details"/> </tabs> <tabpanels> <tabpanel> <grid> <rows> <row> <label value="${i18nUtils.message('user.username')}"/> <hbox> <textbox id="username" />*,a-zA-Z,0-9 </hbox> </row> <row> <label value="${i18nUtils.message('user.password')}"/> <hbox> <textbox id="password" type="password"/>* </hbox> </row> <row> <label value="${i18nUtils.message('registration.user.password.confirm')}"/> <hbox> <textbox id="con_password" type="password"/>* </hbox> </row> <row> <label value="${i18nUtils.message('user.details.first.name')}"/> <hbox> <textbox id="firstName" type="text"/>* </hbox> </row> <row> <label value="${i18nUtils.message('user.details.last.name')}"/> <hbox> <textbox id="lastName" type="text"/>* </hbox> </row> <row> <label value="${i18nUtils.message('user.details.email')}"/> <hbox> <textbox id="email" type="text"/>* </hbox> </row> <row> <label value="${i18nUtils.message('user.hint.question')}"/> <hbox> <combobox id="hintQuestion" onCreate='self.setSelectedIndex(1);'> <comboitem label="${i18nUtils.message('user.hint.question.possible.value1')}" /> <comboitem label="${i18nUtils.message('user.hint.question.possible.value2')}" /> <comboitem label="${i18nUtils.message('user.hint.question.possible.value3')}" /> <comboitem label="${i18nUtils.message('user.hint.question.possible.value4')}" /> <comboitem label="${i18nUtils.message('user.hint.question.possible.value5')}" /> </combobox>* </hbox> </row> <row> <label value="${i18nUtils.message('user.hint.answer')}"/> <hbox> <textbox id="hintAnswer" type="text"/>* </hbox> </row> <row> <label value="${i18nUtils.message('user.details.locale')}"/> <hbox> <combobox id="locale" onCreate='self.setSelectedIndex(1);self.setReadonly(true);'> <comboitem label="${i18nUtils.message('user.details.locale.en')}" value="en_US"/> <comboitem label="${i18nUtils.message('user.details.locale.bg')}" value="bg_BG"/> </combobox>* </hbox> </row> <row> <label value="${i18nUtils.message('authority.account.type')}"/> <hbox> <combobox id="authority" onCreate='self.setSelectedIndex(0);self.setReadonly(true);'> <comboitem label="${i18nUtils.message('authority.job.seeker')}" value="Job Seeker"/> <comboitem label="${i18nUtils.message('authority.employer')}" value="Employer"/> <comboitem label="${i18nUtils.message('authority.hra')}" value="Human Resource Agency"/> <comboitem label="${i18nUtils.message('authority.advertiser')}" value="Advertiser"/> </combobox>* </hbox> </row> </rows> </grid> </tabpanel> </tabpanels> </tabbox> <grid width="40%"> <rows> <row> <button label="${i18nUtils.message('bttn.save')}" onClick="save()"/> <button label="${i18nUtils.message('bttn.cancel')}" onClick="cancel()"/> </row> </rows> </grid> </window> </zk> The "getSelectedIndexComboboxItem()" does return the correct selected item but there seems no effect on the UI. Like for example the locale is set to default Bulgarian language and I need to set it to English. Abdul Khaliq

    Read the article

  • How to create a user with root privileges in bash?

    - by George Edison
    I have run the following commands: sudo groupadd -r testgroup sudo useradd -g testgroup -M -r testuser Notice the -r option, which according to the man page: -r     Create a system account. Assuming I have a user account with root privileges, I then run: sudo -u testuser cat /dev/input/mouse0 However, I get: cat: /dev/input/mouse0: Permission denied Running the same command as root provides the expected output (garbled output from the mouse driver). How can I create a user with root privileges?

    Read the article

  • How to detect collisions between sprite and a user generated shape of some sort?

    - by Huwell
    How to detect a collision between a sprite and a user generated shape of some sort. For example. There are some objects on the screen. The user takes their finger and draws an circle shape around a object (The selection rule is painting circle around the sprite, but the painting shapes may be various). I need to detect which object selected, which just like: (demo images) http://i52.tinypic.com/28h0t1g.png

    Read the article

  • When defining Product Backlog items, is it s a bad idea to describe what will be part of the user experience?

    - by DDiVita
    First, I am using the TFS 2010 SCRUM template. I am wondering if this is a bad idea... I started defining a PBI for User Interface Elements. Basically, this will hold all the tasks that developers will be assigned when developing UI elements for a web application. Since this has to do with user interaction and usability I was thinking it may be OK, however my struggle is that it also can be considered functionality and may not fit as a PBI.

    Read the article

  • How to mount a drive for other user than root?

    - by Ondra Žižka
    I've attached a SSD disk though USB. Then: sudo su - mkdir /mnt/hx chown ondra /mnt/hx mount /dev/sdb1 /mnt/hx # It's FAT32 now, but was the same with EXT4 The last command changes dir owner to root. Whenever I create a file in the root dir, I need to be root and root is the owner. Can I set different user as owner of the mounted dir? Or, simply said, ensure that user XY can freely read/write on the drive.

    Read the article

  • Is there an more user friendly alternative to afraid.org for DNS subdomains?

    - by rogerdpack
    I would like "people out there" to be able to host subdomains to my domain easily. I'm aware that you can do this using afraid.org (free) and it works well, however for "people out there" to use afraid.org is a hard thing because of its cryptic interface (not very user friendly). Any alternatives out there you can recommend, that would allow unlimited subdomains on my domain for whoever wants them, but more user friendly?

    Read the article

  • JumpStart your implementation with Oracle User Productivity Kit pre-built content!

    Project teams are faced with tight deadlines for enterprise application implementations or upgrades. Learn how organizations can reduce their time to deployment by using pre-built content for Oracle User Productivity Kit. When organizations use this content for baseline system transaction flows early in a project, they can then simply modify and update the content as the application evolves to create user acceptance test scripts, transaction recordings, job aids, classroom training, online training, and support materials post-go-live. The value of pre-built content dramatically reduces time to deployment and overall implementation costs.

    Read the article

  • What methods of requirements elicitation are suitable when I do not have direct access to the user base?

    - by metadice
    I am working on an application to create invoices. There are some features that are required based on the type of the application and are common to all invoice applications. However, we still need to determine what unique needs the user base might have. We do not have direct access to the users to obtain requirements or user stories. What techniques are most suitable for eliciting high-quality requirements from users when direct or frequent access is not possible?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 195 196 197 198 199 200 201 202 203 204 205 206  | Next Page >