basic authentication - Page 202

sermyadmin 2.01

- by lepricon123

I am able to install sermyadmin 2.0.1 and got everything working. Only user registration is not working. When I register a user the entry goe sin DB etc find but the email is not send to the user. We are using our own smtp server with no authentication. And I am sure there is nothing wrong with the smtp server. I can see that it has received a request from sermyadmin but in the logs Is ee that the FROM adddress is missing. So it is throwing 553 5.1.8 Domain of sender address does not exist. The domain does exist. Here is my resources.xml with all the valid entries. Since I don;t need the smtp authentication which the server is not using, i removed that. <beans xmlns="www.springframework.org/schema/beans" xmlns:xsi="www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation=" www.springframework.org/schema/beans www.springframework.org/schema/beans/spr...ns-2.0.xsd"> <bean id="mailSender" class="org.springframework.mail.javamail.JavaMailSenderImpl"> <property name="host" value="10.100.22.365" /> </bean> <bean id="mailMessage" class="org.springframework.mail.SimpleMailMessage"> <property name="from" value="[email protected]" /> </bean> </beans>

Read the article

using wget against protected site with NTLM

- by Joey V.

Trying to mirror a local intranet site and have found previous questions using 'wget'. It works great with sites that are anonymous, but I have not been able to use it against a site that is expecting username\password (IIS with Integrated Windows Authentication). Here is what I pass in: wget -c --http-user='domain\user' --http-password=pwd http://local/site -dv Here is the debug output (note I replaced some with dummy values obviously): Setting --verbose (verbose) to 1 DEBUG output created by Wget 1.11.4 on Windows-MSVC. --2009-07-14 09:39:04-- http://local/site Host `local' has not issued a general basic challenge. Resolving local... seconds 0.00, x.x.x.x Caching local = x.x.x.x Connecting to local|x.x.x.x|:80... seconds 0.00, connected. Created socket 1896. Releasing 0x003e32b0 (new refcount 1). ---request begin--- GET /site/ HTTP/1.0 User-Agent: Wget/1.11.4 Accept: */* Host: local Connection: Keep-Alive ---request end--- HTTP request sent, awaiting response... ---response begin--- HTTP/1.1 401 Access Denied Server: Microsoft-IIS/5.1 Date: Tue, 14 Jul 2009 13:39:04 GMT WWW-Authenticate: Negotiate WWW-Authenticate: NTLM Content-Length: 4431 Content-Type: text/html ---response end--- 401 Access Denied Closed fd 1896 Unknown authentication scheme. Authorization failed.

Read the article

Amazon EC2 RSA key stopped authenticating - Permission denied (publickey)

- by shedd

Authenticating to our Ubuntu EC2 instance worked fine until a little while ago. All of a sudden, the key is being rejected. When we create a new instance with the keypair, we're able to connect to the instance perfectly, so it appears to be an issue with the existing instance. Port 22 is open. Any suggestions on what to look at from a configuration standpoint so we can fix this? Any thoughts on how we can get into the box? Here is the SSH debug output. Is there anything obviously amiss? Thanks so much! $ ssh -v -i ~/zzz.pem ubuntu@###.###.###.### OpenSSH_5.2p1, OpenSSL 0.9.8l 5 Nov 2009 debug1: Reading configuration data /etc/ssh_config debug1: Connecting to ###.###.###.### [###.###.###.###] port 22. debug1: Connection established. debug1: identity file zzz.pem type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1p1 Debian-6ubuntu2 debug1: match: OpenSSH_5.1p1 Debian-6ubuntu2 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.2 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host '###.###.###.###' is known and matches the RSA host key. debug1: Found key in /zzz/.ssh/known_hosts:18 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey debug1: Next authentication method: publickey debug1: Offering public key: /zzz/.ssh/id_rsa debug1: Authentications that can continue: publickey debug1: Offering public key: zzz.txt debug1: Authentications that can continue: publickey debug1: Trying private key: zzz.pem debug1: read PEM private key done: type RSA debug1: Authentications that can continue: publickey debug1: No more authentication methods to try. Permission denied (publickey).

Read the article

Authlogic with nested attributes and polymorphic associations

- by ferparra

Hi all! I'm having trouble with the following code: User < AR acts_as_authentic belongs_to :owner, :polymorphic => true end Worker < AR has_one :user, :as => :owner accepts_nested_attributes_for :user end Employer < AR has_one :user, :as => :owner accepts_nested_attributes_for :user end I'd like to create registration forms based on user types, and to include authentication fields such as username and password. I currently do this: UserRegistrationController < AC #i.e. a new Employer def new @employer = Employer.new @employer.build_user end ... end I then include User fields with fields_for. All views render fine, but here's the catch: I cannot build a User, it tells me :password is a wrong method, so I guess the authentication logic was bypassed. What should I do? Am I doing it wrong altogether? Should I drop polymorphic associations in favor of Single Table Inheritance? Whatever I do, I have to make sure it plays nicely with Authlogic.

Read the article

php: how to return an HTTP 500 code on any error, no matter what

- by Jake

Hi guys. I'm writing an authentication script in PHP, to be called as an API, that needs to return 200 only in the case that it approves the request, and 403 (Forbidden) or 500 otherwise. The problem I'm running into is that php returns 200 in the case of error conditions, outputting the error as html instead. How can I make absolutely sure that php will return an HTTP 500 code unless I explicitly return the HTTP 200 or HTTP 403 myself? In other words, I want to turn any and all warning or error conditions into 500s, no exceptions, so that the default case is rejecting the authentication request, and the exception is approving it with a 200 code. I've fiddled with set_error_handler() and error_reporting(), but so far no luck. For example, if the code outputs something before I send the HTTP response code, PHP naturally reports that you can't modify header information after outputting anything. However, this is reported by PHP as a 200 response code with html explaining the problem. I need even this kind of thing to be turned into a 500 code. Is this possible in PHP? Or do I need to do this at a higher level like using mod_rewrite somehow? If that's the case, any idea how I'd set that up? Thanks for any help. Jake

Read the article

Heroku Rails Internal Server Error

- by Ryan Max

Hello. I got a 500 Internal Sever error when I try to deploy my rails app on heroku. It works fine on my local machine, so i'm not sure what's wrong here. Seems to be something with the "sessions" on the home controller. Here is my log: ==> production.log <== # Logfile created on Sun May 09 17:35:59 -0700 2010 Processing HomeController#index (for 76.169.212.8 at 2010-05-09 17:36:00) [GET] ActiveRecord::StatementInvalid (PGError: ERROR: relation "sessions" does not ex ist : SELECT a.attname, format_type(a.atttypid, a.atttypmod), d.adsrc, a .attnotnull FROM pg_attribute a LEFT JOIN pg_attrdef d ON a.attrelid = d.adrelid AND a.attnum = d.adnum WHERE a.attrelid = '"sessions"'::regclass AND a.attnum > 0 AND NOT a.attisdropped ORDER BY a.attnum ): lib/authenticated_system.rb:106:in `login_from_session' lib/authenticated_system.rb:12:in `current_user' lib/authenticated_system.rb:6:in `logged_in?' lib/authenticated_system.rb:35:in `authorized?' lib/authenticated_system.rb:53:in `login_required' /home/heroku_rack/lib/static_assets.rb:9:in `call' /home/heroku_rack/lib/last_access.rb:25:in `call' /home/heroku_rack/lib/date_header.rb:14:in `call' thin (1.2.7) lib/thin/connection.rb:76:in `pre_process' thin (1.2.7) lib/thin/connection.rb:74:in `catch' thin (1.2.7) lib/thin/connection.rb:74:in `pre_process' thin (1.2.7) lib/thin/connection.rb:57:in `process' thin (1.2.7) lib/thin/connection.rb:42:in `receive_data' eventmachine (0.12.10) lib/eventmachine.rb:256:in `run_machine' eventmachine (0.12.10) lib/eventmachine.rb:256:in `run' thin (1.2.7) lib/thin/backends/base.rb:57:in `start' thin (1.2.7) lib/thin/server.rb:156:in `start' thin (1.2.7) lib/thin/controllers/controller.rb:80:in `start' thin (1.2.7) lib/thin/runner.rb:177:in `send' thin (1.2.7) lib/thin/runner.rb:177:in `run_command' thin (1.2.7) lib/thin/runner.rb:143:in `run!' thin (1.2.7) bin/thin:6 /usr/local/bin/thin:20:in `load' /usr/local/bin/thin:20 Rendering /disk1/home/slugs/155328_f2d3c00_845e/mnt/public/500.html (500 Interna l Server Error) And here is my home_controller.rb class HomeController < ApplicationController before_filter :login_required def index @user = current_user @user.profile ||= Profile.new @profile = @user.profile end end Does it have something the way my routes are set up? Or is it my authentication? (I am using restful authentication with Bort)

Read the article

ASP.NET MVC 2 router matches correct area route but generates URL to the first registered area inste

- by Sandor Drieënhuizen

I'm working on a S#arpArchitecture 1.5 project, which uses ASP.NET MVC 2. I've been trying to get areas to work properly but I ran into a problem: The ASP.NET MVC 2 routing engine matches the correct route to my area but then it generates an URL that belongs to the first registered area instead. Here's my request URL: /Framework/Authentication/LogOn?ReturnUrl=%2fDefault.aspx I'm using the Route Tester from Phil Haack and it shows: Matched Route: Framework/{controller}/{action}/{id} Generated URL: /Data/Authentication/LogOn?ReturnUrl=%2FDefault.aspx using the route "Data/{controller}/{action}/{id}" That's clearly wrong, the URL should point to the Framework area, not the Data area. This is how I register my routes, nothing special there IMO. private static void RegisterRoutes(RouteCollection routes) { routes.IgnoreRoute("{resource}.axd/{*pathInfo}"); AreaRegistration.RegisterAllAreas(); routes.MapRoute( "default", "{controller}/{action}/{id}", new { controller = "Home", action = "Index", id = UrlParameter.Optional }); } The area registration classes all look like this. Again, nothing special. public class FrameworkAreaRegistration : AreaRegistration { public override string AreaName { get { return "Framework"; } } public override void RegisterArea(AreaRegistrationContext context) { context.MapRoute( "Framework_default", "Framework/{controller}/{action}/{id}", new { controller = "Home", action = "Index", id = UrlParameter.Optional }); } }

Read the article

Can the same ssh key be used to access two different users on the same server?

- by Nick

I have an new ubuntu (hardy 8.04) server, it has two users, User1 and User2. User1 is listed in sudoers. I appended my public ssh key to authorized_keys in /home/user1/.ssh/authorized_keys, changed the permissions on user1/.ssh/ to 700 and user1/.ssh/authorized_keys to 600 and both file and folder are owned my User1. Then added I User1 to sshd_config (AllowUsers User1). This works and I can login into User1 debug1: Offering public key: /Users/nick/.ssh/id_rsa debug1: Server accepts key: pkalg ssh-rsa blen 277 debug1: Authentication succeeded (publickey). debug1: channel 0: new [client-session] debug1: Entering interactive session. Last login: Mon Mar 15 09:51:01 2010 from 86.141.61.197 I then copied the authorized_keys file to /home/user2/.shh/ and changed the permissions and ownership and added User2 to AllowUsers in sshd_config (AllowUsers User1 User2). Now when I try to login to User2 it will not authenticate the same public key. debug1: Offering public key: /Users/nick/.ssh/id_rsa debug1: Authentications that can continue: publickey debug1: Trying private key: /Users/nick/.ssh/identity debug1: Trying private key: /Users/nick/.ssh/id_dsa debug1: No more authentication methods to try. Permission denied (publickey). Am I missing something fundamental about the way ssh works? Thanks in advance, Nick

Read the article

IIS7 ASP.NET Session drops in seconds

- by shxo

For testing I have 1 isolated page - no masters, controls, …. My sessions are lost after about 30 seconds. I’ve tried setting timeout on the page itself, in web.config, both, and neither. Tried forms authentication with timeout and windows authentication. Recycle the AppPool after changes. I can response.write from the Session_Start , but I never get any response.writes from the Session_End. Some things I’ve tried: <sessionState mode="InProc" stateConnectionString="tcpip=127.0.0.1:42424" sqlConnectionString="data source=127.0.0.1;" cookieless="false" timeout="20" /> <sessionState mode="InProc" cookieless="false" timeout="20"/> <sessionState mode="InProc" timeout="20"/> <sessionState timeout="20"/> No luck. My runtime is set to: <httpRuntime useFullyQualifiedRedirectUrl="true" maxRequestLength="204800" requestLengthDiskThreshold="204800" executionTimeout="600" /> I don’t know what this would be relevant, but I can’t think of anything else to post! Thanks!

Read the article

Silverlight, WCF service, integrated security AND ssl/https not possible?

- by Flores

I have this setup that works perfectly when using http. A silverlight 3 client .net 4 WCF service hosted in IIS with basicHttpBinding and using integrated security on the site When setting https to required on the website the setup stops working. Using the wcftestclient on the uri I get the message: The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Negotiate,NTLM'. The remote server returned an error: (401) Unauthorized. Maybe this makes sense because the wcftestclient does not pass credentials? in the web.config the security mode for the service binding is set is set to 'Transport'. The silverlight client is created like this: BasicHttpBinding basicHttpBinding = new BasicHttpBinding(); basicHttpBinding.Security.Mode = BasicHttpSecurityMode.Transport; var serviceClient = new ImportServiceClient(basicHttpBinding, serviceAddress); The service address is ofcourse starting with https:// And the silverlight client reports this error: The provided URI scheme 'https' is invalid; expected 'http'. Parameter name: via Remember, swithing it back to http (and setting security mode to 'TransportCredentialOnly' makes everything working again. Is the setup I want even supported? If so, how should it be configured?

Read the article

ASP.NET MVC and WCF

- by Michael Stum

I'm working my way into MVC at the moment, but on my "To learn at some point" list, I also have WCF. I just wonder if WCF is something that should/could be used in an MVC Application or not? The Background is that I want a Desktop Application (.NET 3.5, WPF) interact with my MVC Web Site, and I wonder what the best way to transfer data between the two is. Should I just use special Views/have the controllers return JSON or XML (using the ContentResult)? And maybe even more important, for the other way round, could I just call special controllers? Not sure how Authorization would work in such a context. I can either use Windows Authentication or (if the Site is running forms authentication) have the user store his/her credentials in the application, but I would then essentially create a HTTP Client in my Application. So while MVC = Application seems really easy, Application = MVC does seem to be somewhat tricky and a possible use for WCF? I'm not trying to brute-force WCF in this, but I just wonder if there is indeed a good use case for WCF in an MVC application.

Read the article

SQL Server 2008 Express Edition Connection Problem

- by waqasahmed

I have VS 2008 Professional Edition. After the installation (which included SQL Server 2008), I decided to install SQL Server 2008 Express Edition with Advanced Tools (so I could get SQL Server Management Studio on it). So I uninstalled the SQL Express that came with VS 2008, and installed the standalone SQL Server Express 2008 version with advanced tools. However, When I try to logon onto SQL Server Management Studio using: .\SQLEXPRESS as Server name and Windows Authentication as the authentication, I get the following message: TITLE: Connect to Server ------------------------------ Cannot connect to .\SQLEXPRESS. ------------------------------ ADDITIONAL INFORMATION: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: SQL Network Interfaces, error: 26 - Error Locating Server/Instance Specified) (Microsoft SQL Server, Error: -1) For help, click: http//go.microsoft.com/fwlink?ProdName=Microsoft+SQL+Server&EvtSrc=MSSQLServer&EvtID=-1&LinkId=20476 ------------------------------ BUTTONS: OK ------------------------------ Any suggestions on how to get it to work? I have tried disabling Windows Firewall as well and still no luck. I am using WIndows Vista and SQL Server 2008 Express SP1 Patch has also been applied recently.

Read the article

Implementing Struts 2 Interceptors using Struts 1

- by Andriy Zakharchuk

Hello all, I have a legacy application written with Struts 1. The only feature I was asked to add is to protect some actions. Currently any user can do whatever he/she wants. The idea is to allows all user see the data, but block modification operation, i.e. to modify data a user should log in. I know Struts2 has interceptors, so I could attach them to required actions and forward users to log in page when needed. But how can I do similar thing in Struts 1 application? My first idea was to create my own abstract Action class: public class AuthenticatedAction { public ActionForward execute( ActionMapping mapping, ActionForm form, HttpServletRequest theRequest, HttpServletResponse theResponse) { if (!logged) { // forward to log in form } else { doExecute(mapping, form, request, response); } } public abstract ActionForward doExecute( ActionMapping mapping, ActionForm form, HttpServletRequest theRequest, HttpServletResponse theResponse); } Then change all actions that require authentication from extends Action to extends AuthenticatedAction then add login form, login action (which performs authentications and puts this status into the session) and change JSP header tile to display authentication block, e.g., "You are (not logged in)/", Login/Logout. As I guess this should solve the problem. If this doesn't solve the problem, please explain me why. Is there any better (more elegant like interceptors are) way to do this? Thank you in advance.

Read the article

How to make NAnt send an email using a real account

- by Turro

First of all, I have already seen this post: nant mail issues but the only answer is not satisfactory (i.e.: doesn't work for me). I am using NAnt to get latest version of source, upgrade version of the libraries and application, build the application, build the setups... all the usual things, I bet. I would like NAnt to send an email to some people confirming the conclusion of the build process; I've already checked the official (pretty ugly, IMHO) documentation for the task, but the example, once copied and customized, doesn't work. This are the NAnt target and task I'm using: <target name="sendMail" > <mail from="[email protected]" tolist="[email protected];[email protected]" subject="Subject of email" mailhost="smtp.gmail.com" message="Your new release is ready!"> </mail> </target> The error message I get is: 530 5.7.0 Must issue a STARTTLS command first. It looks like that the task was designed for use by an account whose provider doesn't need authentication; but what can I do if I must use an external smtp server which requires authentication (telling my boss I need an smtp server in house is not an option)? Can anybody help/teach me? Thanks in advance...

Read the article

Devise not allowing active resource to access the services

- by Saurabh Pandit

In my application there are two folders one for a rails application and another for a ruby application. In the ruby folder I have created a ruby file in which I have written code to access some model which is present in the rails application using active resource. Sample code is shown below : active_resource_example.rb require 'rubygems' require 'active_resource' class Website < ActiveResource::Base self.site = "http://localhost:3000/admin/" self.user = "user" self.password = "password" end websites = Website.find(:all) puts websites.inspect In my rails application I have used ActiveAdmin gem which uses devise for authentication. On rails Server I get the following result : Started GET "/admin/websites.json" for 192.168.1.37 at 2011-11-12 14:41:06 +0530 Processing by Admin::WebsitesController#index as JSON Completed in 43ms And on my terminal where I executed active_resource_example.rb, I got following error : user@user:~/Desktop$ ruby active_resource_example.rb /home/user/.rvm/gems/ruby-1.9.2-p180/gems/activeresource-3.1.1/lib/active_resource/connection.rb:132:in `handle_response': Failed. Response code = 401. Response message = Unauthorized . (ActiveResource::UnauthorizedAccess) from /home/user/.rvm/gems/ruby-1.9.2-p180/gems/activeresource-3.1.1/lib/active_resource/connection.rb:115:in `request' from /home/user/.rvm/gems/ruby-1.9.2-p180/gems/activeresource-3.1.1/lib/active_resource/connection.rb:80:in `block in get' from /home/user/.rvm/gems/ruby-1.9.2-p180/gems/activeresource-3.1.1/lib/active_resource/connection.rb:218:in `with_auth' from /home/user/.rvm/gems/ruby-1.9.2-p180/gems/activeresource-3.1.1/lib/active_resource/connection.rb:80:in `get' from /home/user/.rvm/gems/ruby-1.9.2-p180/gems/activeresource-3.1.1/lib/active_resource/base.rb:894:in `find_every' from /home/user/.rvm/gems/ruby-1.9.2-p180/gems/activeresource-3.1.1/lib/active_resource/base.rb:806:in `find' from active_resource_example.rb:12:in `<main>' user@user:~/Desktop$ I tried this with another application in which Devise authentication is not used with the same configuration I used in active_resource_example.rb, there I got the result. Desperately need some solution to this issue.

Read the article

Uploading to TwitVid using x_verify_credentials_authorization

- by deepa

Hi, I am developing an iPhone application that uploads videos to TwitVid using the library TwitVid-iPhone-OAuth3. I have selected this library since Twitter is shifting to OAuth mechanism of authentication. 1) Does this new library allows to upload without user-name and password parameters? 2) I am using the following steps for uploading videos (assumed that new library allows to upload without user-name and password parameters). But, I am getting the error 'Incorrect Signature'. I am not able to identify the mistake that I am doing here. Could you please help me out to solve this problem. Authenticate the app using OAuth (MGTwitterEngine etc) which redirects the user to the web-page asking for log-in and app authentication. If the user authenticates the app, access token will obtained as final step. Upload the video to TwitVid using the following code snippet: OAuth *authorizer = [[OAuth alloc] initWithConsumerKey: @"my_consumer_key" andConsumerSecret: @"my_consumer_secret"]; authorizer.oauth_token = //The key-part of the access token obtained in step 2 authorizer.oauth_token_secret = //The secret-part of the access token obtained in step 2 authorizer.oauth_token_authorized = YES; //Since authenticated in steps 1 and 2 NSString *authHeader = [authorizer oAuthHeaderForMethod: @"POST" andUrl: @"https://api.twitter.com/1/account/verify_credentials.xml" andParams: nil]; twitVid = [[TwitVid alloc] init]; [mTwitVid setDelegate: self]; [mTwitVid authenticateWithXVerifyCredentialsAuthorization: authHeader xAuthServiceProvider: nil]; Thanks and Regards, Deepa

Read the article

Zend: How to authenticate using OpenId on local server.

- by NAVEED

I am using zend framework. Now I want to authenticate users with other already registered accounts using RPX. I am following the 3 steps as described at RPX site: 1- Get the Widget 2- Receive Tokens 3- Choose Providers I created a controller(person) and action(signin) to show widget and my own signin form. When following action (http://test.dev/#person/personsignin) is called then my own login form and widget is shown successfully. # is used in above URL for AJAX indication. public function personsigninAction() { $this->view->jsonEncoded = true; // Person Signin Form $PersonSigninForm = new Form_PersonSignin(); $this->view->PersonSigninForm = $PersonSigninForm; $this->view->PersonSigninForm->setAction( $this->view->url() ); $request = $this->getRequest(); if ( $request->isPost() ) { } } There are two problems while login using openid widget: When I am authenticated from outside(for example: Yahoo) then I am redirected to http://test.dev, therefor indexAction in called in indexController and home page is shown. I want to redirect to http://test.dev/#person/personsignin after authentication and want to set session in isPost() condition of personsigninAction() (described above). For now I consider indexAction to be called when outside authentication is done. Now I posted the code from http://gist.github.com/291396 in indexAction to follow step 3 mentioned above. But it is giving me following error: An error occured: Invalid parameter: apiKey Am I using the right way to use this. This is my very first attempt to this stuff. Can someone tell me the exact steps using my above actions? Thanks.

Read the article

LinkedIn API returning extra/incorrect login prompt

- by Paul Osetinsky

I have a Rails application running the omniauth-linkedin gem and linkedin gem (essentialy an API wrapper). When a user logs in, they receive a primary login prompt that displays to them the correct scopes (FULL PROFILE and EMAIL ADDRESS), as below: However, after they log in, they get another login prompt that should not come up, and that ignores the initial scope request. It tells them that LinkedIN is only requesting their PROFILE OVERVIEW, which is incorrect: The problem must lie in my auth_controller, and I think it has do to with the url that is created in one of the authentication stages (definitely right after the user enters their LinkedIn authentication credentials). Here is my auth_controller: require 'linkedin' class AuthController < ApplicationController def auth client = LinkedIn::Client.new(ENV['LINKEDIN_KEY'], ENV['LINKEDIN_SECRET']) request_token = client.request_token(:oauth_callback => "http://#{request.host_with_port}/callback") session[:rtoken] = request_token.token session[:rsecret] = request_token.secret redirect_to client.request_token.authorize_url end def callback client = LinkedIn::Client.new(ENV['LINKEDIN_KEY'], ENV['LINKEDIN_SECRET']) if session[:atoken].nil? pin = params[:oauth_verifier] atoken, asecret = client.authorize_from_request(session[:rtoken], session[:rsecret], pin) session[:atoken] = atoken session[:asecret] = asecret @user = current_user @user.uid = client.profile(:fields => ["id"]).id flash.now[:success] = 'Signed in with LinkedIn.' else client.authorize_from_access(session[:atoken], session[:asecret]) @user.uid = client.profile(:fields => ["id"]).id flash.now[:success] = 'Signed in with LinkedIn.' end @user = current_user @user.save redirect_to current_user end end Just in case, here is my omniauth.rb file that states the scopes I am requesting for my application: Rails.application.config.middleware.use OmniAuth::Builder do provider :linkedin, ENV['LINKEDIN_KEY'], ENV['LINKEDIN_SECRET'], :scope => 'r_fullprofile r_emailaddress', :fields => ['id', 'email-address', 'first-name', 'last-name', 'headline', 'industry', 'picture-url', 'public-profile-url', 'location', 'positions', 'educations'] end Can't figure out how to get rid of that second unnecessary and misleading prompt from LinkedIn and would appreciate any guidance! Thank you.

Read the article

Connecting to a network drive programmatically and caching credentials

- by Chris Doggett

I'm finally set up to be able to work from home via VPN (using Shrew as a client), and I only have one annoyance. We use some batch files to upload config files to a network drive. Works fine from work, and from my team lead's laptop, but both of those machines are on the domain. My home system is not, and won't be, so when I run the batch file, I get a ton of "invalid drive" errors because I'm not a domain user. The solution I've found so far is to make a batch file with the following: explorer \\MACHINE1 explorer \\MACHINE2 explorer \\MACHINE3 Then manually login to each machine using my domain credentials as they pop up. Unfortunately, there are around 10 machines I may need to use, and it's a pain to keep entering the password if I missed one that a batch file requires. I'm looking into using the answer to this question to make a little C# app that'll take the login info once and login programmatically. Will the authentication be shared automatically with Explorer, or is there anything special I need to do? If it does work, how long are the credentials cached? Is there an app that does something like this automatically? Unfortunately, domain authentication via the VPN isn't an option, according to our admin. EDIT: If there's a way to pass login info to Explorer via the command line, that would be even easier using Ruby and highline.

Read the article

Creating cookieless application on development machine with asp.net

- by zaladane

I tried posting this on ServerFault with no luck so i am trying here. I am thinking about setting up a new domain to host static content on my website and have it cookieless just like Stackoverflow with their static domain. So before going ahead and buying the domain and setting it up I wanted to test it on my developement machine first under localhost (I have to mention that i am planning on having IIS running on my new domain for the static files). I therefore created a new application under IIS and disabled session state and forms authentication. When my main application needs resources like css, images and js , I use the path to the "static" application where they are hosted. The problem is that when I look at the request and the response for the requested files, they still have the session_id cookie defined as well as the asp.net authentication cookie. Is it at all possible to accomplish what i am trying to do on a development machine or do i have to just go ahead and purchase the new domain which hopefully with make things right? I tried to read about cookieless domain but can't figure out what i might be missing.

Read the article

How do I create Twitter style URLs for my app - Using existing application or app redesign - Ruby on

- by bgadoci

I have developed a blog application of sorts that I am trying to allow other users to take advantage of (for free and mostly for family). I wondering if the authentication I have set up will allow for such a thing. Here is the scenario. Currently the application allows for users to sign up for an account and when they do so they can create blog posts and organize those posts via tags. The application displays no data publicly (another words, you have to login to see anything). To gain access you have to create an account and even after you do, you cannot see anyone else's information as the applications filters using the current_user method and displays in the /posts/index.html.erb page. This would be great if a user only wanted to blog and share it with themselves, not really what I am looking for. My question has two parts (hopefully I won't make anyone mad by not putting these into two questions) Is it possible for a particular users data to live at www.myapplication.com/user without moving everything to the /user/show.html.erb file? Is it possible to make some of that information (living at the URL) public but still require login for create and destroy actions. Essentially, exactly like twitter. I am just curious if I can get from where I am (using the current_user methods across controllers to display in /posts/index.html.erb) to where I want to be. My fear is that I have to redesign the app such that the user data lives in the /user/show.html.erb page. Thoughts? UPDATE: I am using Clearance for authentication by Thoughtbot. I wonder if there is something I can set in the vendored gem path to represent the /posts/index.html.erb code as the /user/id code and replace id with the user name.

Read the article

SecurityNegotiationException in WCF Service Hosted on IIS

- by Ram

Hi, I have hosted a WCF service on IIS. The configuration file is as follows <?xml version="1.0"?>  <configuration> <configSections> <sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> <sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> <section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication"/> <sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> <section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="Everywhere" /> <section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> <section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> <section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> </sectionGroup> </sectionGroup> </sectionGroup> </configSections> <appSettings/> <connectionStrings/> <system.web>  <compilation debug="false"> <assemblies> <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> </assemblies> </compilation>  <authentication mode="Windows" />  <pages> <controls> <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> </controls> </pages> <httpHandlers> <remove verb="*" path="*.asmx"/> <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> <add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> <add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false"/> </httpHandlers> <httpModules> <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> </httpModules> </system.web> <system.codedom> <compilers> <compiler language="c#;cs;csharp" extension=".cs" warningLevel="4" type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> <providerOption name="CompilerVersion" value="v3.5"/> <providerOption name="WarnAsError" value="false"/> </compiler> </compilers> </system.codedom> <system.web.extensions> <scripting> <webServices>    </webServices>  </scripting> </system.web.extensions>  <system.webServer> <validation validateIntegratedModeConfiguration="false"/> <modules> <add name="ScriptModule" preCondition="integratedMode" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> </modules> <handlers> <remove name="WebServiceHandlerFactory-Integrated"/> <add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> <add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> </handlers> </system.webServer> <system.serviceModel> <services> <service name="IISTest2.Service1" behaviorConfiguration="IISTest2.Service1Behavior">  <endpoint address="" binding="wsHttpBinding" contract="IISTest2.IService1">  <identity> <dns value="localhost"/> </identity> </endpoint> <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/> </service> </services> <behaviors> <serviceBehaviors> <behavior name="IISTest2.Service1Behavior">  <serviceMetadata httpGetEnabled="true"/>  <serviceDebug includeExceptionDetailInFaults="false"/> </behavior> </serviceBehaviors> </behaviors> </system.serviceModel> </configuration> The client configuration file is as follows <?xml version="1.0" encoding="utf-8" ?> <configuration> <system.serviceModel> <bindings> <wsHttpBinding> <binding name="WSHttpBinding_IService1" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false"> <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" /> <reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false" /> <security mode="Message"> <transport clientCredentialType="Windows" proxyCredentialType="None" realm="" /> <message clientCredentialType="Windows" negotiateServiceCredential="true" algorithmSuite="Default" establishSecurityContext="true" /> </security> </binding> </wsHttpBinding> </bindings> <client> <endpoint address="http://yyy.zzz.xxx.net/IISTest2/Service1.svc" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IService1" contract="ServTest.IService1" name="WSHttpBinding_IService1"> <identity> <dns value="localhost" /> </identity> </endpoint> </client> </system.serviceModel> </configuration> When I tried to access the service from client application, I got SecurityNegotiationException and details are Secure channel cannot be opened because security negotiation with the remote endpoint has failed. This may be due to absent or incorrectly specified EndpointIdentity in the EndpointAddress used to create the channel. Please verify the EndpointIdentity specified or implied by the EndpointAddress correctly identifies the remote endpoint. If I host the service on ASP .NET Dev server, it work well but if I host on IIS above mentioned error occurs. Thanks, Ram

Read the article

Erlang, SSH and authorized_keys

- by Roberto Aloi

Playing with the ssh and public_key application in Erlang, I've discovered a nice feature. I was trying to connect to my running Erlang SSH daemon by using a rsa key, but the authentication was failing and I was prompted for a password. After some debugging and tracing (and a couple of coffees), I've realized that, for some weird reason, a non valid key for my user was there. The authorized_keys file contained two keys. The wrong one was at some point in the file, while the correct one was appended at the end of the file. Now, the Erlang SSH application, when diffing the provided key with the ones contained in the authorized_keys, it was finding the first entry (completely ignoring the second on - the correct one). Then, it was switching to different authentication mechanism (at first it was trying dsa instead of rsa and then it was prompting for a password). The question is: Is this behavior intended or should the SSH server check for multiple entries for the same user in the *authorized_keys* file? Is this a generic SSH behaviour or it's just specific to the Erlang implementation?

Read the article

Having trouble coming up with a good architecture for a client/server application

- by rmw1985

I am writing a remote backup service meant to support 1000+ users. It is going to use librsync to store reverse diffs (like rdiff-backup) and make data transfer efficient. My trouble is that I do not know the "best" way to implement the client/server model. I have thought of doing it like rsync/rdiff-backup do it by having the client open an SSH connection and running a server executable and communicating across pipes. Another alternative would be to write a server which would handle authentication and communicate with the client via SSL. The reason I have thought of this is that there is "state" information like how many backup jobs are setup, etc. that must be maintained. Another alternative that I have thought about is running a "web service" using Pylons or Django to handle the authentication, but I do not know how to bridge that the the "storage" side. Since I am using librsync, I cannot use "dumb" storage. Is there a way to pipe data through Pylons or Django to a server side handler that would do the rsync calculation? This seems to me like maybe a dumb question but I am sort of lost. Any tips or suggestions from more experienced developers would be extremely helpful.

Read the article

can load data(google app enngine) from http://localhost:8100/remote_api ..

- by zjm1126

i can download data from gae (http://zjm1126.appspot.com/remote_api), this is code: appcfg.py download_data --application=zjm1126 --url=http://zjm1126.appspot.com/remote_api --filename=a.csv and it successful : D:\zjm_demo\app>appcfg.py download_data --application=zjm1126 --url=http://zjm1 126.appspot.com/remote_api --filename=a.csv Downloading data records. [INFO ] Logging to bulkloader-log-20100618.162421 [INFO ] Throttling transfers: [INFO ] Bandwidth: 250000 bytes/second [INFO ] HTTP connections: 8/second [INFO ] Entities inserted/fetched/modified: 20/second [INFO ] Batch Size: 10 [INFO ] Opening database: bulkloader-progress-20100618.162421.sql3 [INFO ] Opening database: bulkloader-results-20100618.162421.sql3 [INFO ] Connecting to zjm1126.appspot.com/remote_api Please enter login credentials for zjm1126.appspot.com Email: [email protected] Password for [email protected]: [INFO ] Downloading kinds: [u'LogText', u'Greeting', u'Forum', u'Thread'] .... [INFO ] Have 0 entities, 0 previously transferred [INFO ] 0 entities (8804 bytes) transferred in 11.3 seconds so i want to know can load data from 127.0.0.1 , this is my code : appcfg.py download_data --application=zjm1126 --url=http://localhost:8100/remote_api --filename=a.csv and the error is : D:\zjm_demo\app>appcfg.py download_data --application=zjm1126 --url=http://loca lhost:8100/remote_api --filename=a.csv Downloading data records. [INFO ] Logging to bulkloader-log-20100618.162325 [INFO ] Throttling transfers: [INFO ] Bandwidth: 250000 bytes/second [INFO ] HTTP connections: 8/second [INFO ] Entities inserted/fetched/modified: 20/second [INFO ] Batch Size: 10 [INFO ] Opening database: bulkloader-progress-20100618.162325.sql3 [INFO ] Opening database: bulkloader-results-20100618.162325.sql3 Please enter login credentials for localhost Email: [email protected] Password for [email protected]: [INFO ] Connecting to localhost:8100/remote_api [ERROR ] Exception during authentication Traceback (most recent call last): File "d:\Program Files\Google\google_appengine\google\appengine\tools\bulkload er.py", line 3169, in Run self.request_manager.Authenticate() File "d:\Program Files\Google\google_appengine\google\appengine\tools\bulkload er.py", line 1178, in Authenticate remote_api_stub.MaybeInvokeAuthentication() File "d:\Program Files\Google\google_appengine\google\appengine\ext\remote_api \remote_api_stub.py", line 542, in MaybeInvokeAuthentication datastore_stub._server.Send(datastore_stub._path, payload=None) File "d:\Program Files\Google\google_appengine\google\appengine\tools\appengin e_rpc.py", line 346, in Send f = self.opener.open(req) File "D:\Python25\lib\urllib2.py", line 387, in open response = meth(req, response) File "D:\Python25\lib\urllib2.py", line 498, in http_response 'http', request, response, code, msg, hdrs) File "D:\Python25\lib\urllib2.py", line 425, in error return self._call_chain(*args) File "D:\Python25\lib\urllib2.py", line 360, in _call_chain result = func(*args) File "D:\Python25\lib\urllib2.py", line 506, in http_error_default raise HTTPError(req.get_full_url(), code, msg, hdrs, fp) HTTPError: HTTP Error 404: Not Found [INFO ] Authentication Failed so what should i do , thanks

Search Results

Search found 15558 results on 623 pages for 'basic authentication'.

Page 202/623 | < Previous Page | 198 199 200 201 202 203 204 205 206 207 208 209 | Next Page >

- by lepricon123

- by Joey V.

- by shedd

- by ferparra

- by Jake

- by Ryan Max

- by Sandor Drieënhuizen

- by Nick

- by shxo

- by Flores

- by Michael Stum

- by waqasahmed

- by Andriy Zakharchuk

- by Turro

- by Saurabh Pandit

- by deepa

- by NAVEED

- by Paul Osetinsky

- by Chris Doggett

- by zaladane

- by bgadoci

- by Ram

- by Roberto Aloi

- by rmw1985

- by zjm1126

< Previous Page | 198 199 200 201 202 203 204 205 206 207 208 209 | Next Page >