Search Results

Search found 54190 results on 2168 pages for 'http authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 24/2168 | < Previous Page | 20 21 22 23 24 25 26 27 28 29 30 31  | Next Page >

  • Tunneling HTTP traffic from a particular host/port

    - by knoopx
    Hello, I'm trying to figure out how to access from my development machine (Devel) to a third party web service (www.domain.com) which I am not allowed to directly contact using my office IP address. Here's a basic diagram (i'm not allowed to post images...): http://yuml.me/diagram/scruffy/class/%5BDevel%5D-%5BA%5D,%20%5BA%5D-%5BB%5D,%20%5BB%5D-%5Bwww.domain.com%5D The only machine allowed to access that service is B (production server) but I do neither can directly access it from my development machine (Devel). So in order to access the web service I have to ssh into A, and then from A to B to access www.domain.com Is there any way of tunneling traffic from B to A and then back to my development machine so I can directly access www.domain.com without having to ssh into every box? Devel: My development machine. A, B: Linux servers. I own root access on both. B: Production server www.domain.com: Third party HTTP API production server uses.

    Read the article

  • No HTTP Response from Tomcat 7 EC2 instance

    - by David Kaczynski
    I am new to EC2 (and Tomcat, for that matter), and I am trying to deploy a vanilla Tomcat 7 server to an Ubuntu 12.04.1 EC2 instance and access the default test site over HTTP. My EC2 instance is running, and the Security Group includes port 80: My /etc/tomcat7/server.xml config has been edited to listen for HTTP requests on port 80: 0 I have restarted my Tomcat 7 server via sudo service tomcat7 restart. However, according to sudo netstat -lnp, Tomcat is not listed as listening over port 80: I am unable to get any response from going to the ...amazonaws.com public DNS in a web browser. What am I missing?

    Read the article

  • Lightweight tool for viewing raw HTTP messages?

    - by rewbs
    Hi, I'm investigating differences in behaviour between a couple of Web servers. I need to see raw response data from the servers (i.e. before the response is de-chunked if it has "Transfer-Encoding:chunked" and before it is decompressed if it has "Content-Encoding:gzip"). I can find plenty of simple HTTP client that nearly do what I need (e.g. Poster, RESTClient), but they tend to decode the response one step too far. Network analysers like Wireshark give me what I need but are a bit heavyweight. Telnet is my best bet so far, but is a bit too simplistic (actions like capturing data or entering requests are a bit laborious). Can anyone recommend a good, lightweight tool for sending / viewing the raw data that constitute HTTP messages? Edit: I should add that I'm on Windows. Also, the tool would need to work both with remote and local servers.

    Read the article

  • HTTP redirects showing ip address

    - by DrKarl
    I have a domain name on 1&1 and a VPS on Linode. I noticed that my site was enclosed in a frameset which I didn't create. I checked nginx and jetty in the VPS but none of them created the frameset. Then I checked the domain control panel in 1&1 and saw that the redirection could be a frame redirect or an http redirect. I changed to http redirect and the frameset was gone, everything was fine except for the fact that in the url bar of the browser it changed to the ip address of the server instead of my domain url. How can I avoid the frameset and still have the proper url displayed instead of an IP?

    Read the article

  • "Unknown user name or bad password" when I launch ADUC

    - by Chris
    When I open up Active Directory Users and Computers from my workstation, I receive an error: Naming information cannot be located because: Logon failure: unknown user name or bad password. Contact your system administrator to verify that your domain is properly configured and is currently online. If I log in to my workstation as somebody else, it works. If I log into a different workstation using my account, it works. All the workstations in question are running Windows Vista (32 and 64 bit) or Windows Server 2008. The domain controller in question is running Windows Small Business Server 2008. Everything else (that I tried) in the Remote Server Administration Tools runs just fine. Any thoughts? Edit: I just tried reinstalling RSAT. No such luck.

    Read the article

  • Download from http server all directories,files and subdirectories and so on

    - by Jack
    I want to download from remote http server all files directories,files and so on. I found some solutions to ftp server,but doesn't work to http. Until now no luck with wget -r or -m. It download all direcotories in the root and the respective index.html. Not all files and sub-directory under such it(note the sub-directory may have another directory and so on) not sure on tags fix for me if needs. Note: I'm not a native english speaker,sorry for bad english.

    Read the article

  • Returning "200 OK" in Apache on HTTP OPTIONS requests

    - by i..
    I'm attempting to implement cross-domain HTTP access control without touching any code. I've got my Apache(2) server returning the correct Access Control headers with this block: Header set Access-Control-Allow-Origin "*" Header set Access-Control-Allow-Methods "POST, GET, OPTIONS" I now need to prevent Apache from executing my code when the browser sends a HTTP OPTIONS request (it's stored in the REQUEST_METHOD environment variable), returning 200 OK. How can I configure Apache to respond "200 OK" when the request method is OPTIONS? I've tried this mod_rewrite block, but the Access Control headers are lost. RewriteEngine On RewriteCond %{REQUEST_METHOD} OPTIONS RewriteRule ^(.*)$ $1 [R=200,L]

    Read the article

  • HTTP Live Streaming Broadcast

    - by user761389
    I'm designing an app for streaming video from a device (e.g. iPhone) via a server to one or more devices and have been researching Apples HTTP Live Streaming protocol. One thing that isn't clear is whether it is possible to stream live video (with audio) to the server and then have it streamed simultaneously in real time to the client devices. From reading the documentation and technical notes from Apple it seems like the index file needs to be created before the segmented video files can be served to a client. Is this right? If so maybe HTTP Live Streaming isn't suitable in this case, what other technologies or software should I consider? Thanks

    Read the article

  • Authentication using cookie key with asynchronous callback

    - by greg
    I need to write authentication function with asynchronous callback from remote Auth API. Simple authentication with login is working well, but authorization with cookie key, does not work. It should checks if in cookies present key "lp_login", fetch API url like async and execute on_response function. The code almost works, but I see two problems. First, in on_response function I need to setup secure cookie for authorized user on every page. In code user_id returns correct ID, but line: self.set_secure_cookie("user", user_id) does't work. Why it can be? And second problem. During async fetch API url, user's page has loaded before on_response setup cookie with key "user" and the page will has an unauthorized section with link to login or sign on. It will be confusing for users. To solve it, I can stop loading page for user who trying to load first page of site. Is it possible to do and how? Maybe the problem has more correct way to solve it? class BaseHandler(tornado.web.RequestHandler): @tornado.web.asynchronous def get_current_user(self): user_id = self.get_secure_cookie("user") user_cookie = self.get_cookie("lp_login") if user_id: self.set_secure_cookie("user", user_id) return Author.objects.get(id=int(user_id)) elif user_cookie: url = urlparse("http://%s" % self.request.host) domain = url.netloc.split(":")[0] try: username, hashed_password = urllib.unquote(user_cookie).rsplit(',',1) except ValueError: # check against malicious clients return None else: url = "http://%s%s%s/%s/" % (domain, "/api/user/username/", username, hashed_password) http = tornado.httpclient.AsyncHTTPClient() http.fetch(url, callback=self.async_callback(self.on_response)) else: return None def on_response(self, response): answer = tornado.escape.json_decode(response.body) username = answer['username'] if answer["has_valid_credentials"]: author = Author.objects.get(email=answer["email"]) user_id = str(author.id) print user_id # It returns needed id self.set_secure_cookie("user", user_id) # but session can's setup

    Read the article

  • Unofficial Prep guide for TS: Microsoft Lync Server 2010, Configuring (70-664)

    - by Enrique Lima
    Managing Users and Client Access (20 percent)   Objective Materials Configure user accounts http://technet.microsoft.com/en-us/library/gg182543.aspx Deploy and maintain clients http://technet.microsoft.com/en-us/library/gg412773.aspx Configure conferencing policies http://technet.microsoft.com/en-us/library/gg182561.aspx Configure IM policies http://technet.microsoft.com/en-us/library/gg182558.aspx Deploy and maintain Lync Server 2010 devices http://technet.microsoft.com/en-us/library/gg412773.aspx Resolve client access issues http://technet.microsoft.com/en-us/library/gg398307.aspx   Configuring a Lync Server 2010 Topology (21 percent)   Objective Materials Prepare to deploy a topology http://technet.microsoft.com/en-us/library/gg398630.aspx Configure Lync Server 2010 by using Topology Builder http://technet.microsoft.com/en-us/library/gg398420.aspx Configure role-based access control in Lync Server 2010 http://technet.microsoft.com/en-us/library/gg412794.aspx http://technet.microsoft.com/en-us/library/gg425917.aspx Configure a location information server http://technet.microsoft.com/en-us/library/gg398390.aspx Configure server pools for load balancing http://technet.microsoft.com/en-us/library/gg398827.aspx   Configuring Enterprise Voice (19 percent)   Objective Materials Configure voice policies http://technet.microsoft.com/en-us/library/gg398450.aspx Configure dial plans http://technet.microsoft.com/en-us/library/gg398922.aspx Manage routing http://technet.microsoft.com/en-us/library/gg425890.aspx http://technet.microsoft.com/en-us/library/gg182596.aspx Configure Microsoft Exchange Unified Messaging integration http://technet.microsoft.com/en-us/library/gg398768.aspx Configure dial-in conferencing http://technet.microsoft.com/en-us/library/gg398600.aspx Configure call admission control http://technet.microsoft.com/en-us/library/gg520942.aspx Configure Response Group Services (RGS) http://technet.microsoft.com/en-us/library/gg398584.aspx Configure Call Park and Unassigned Number http://technet.microsoft.com/en-us/library/gg399014.aspx http://technet.microsoft.com/en-us/library/gg425944.aspx Manage a Mediation Server pool and PSTN Gateway http://technet.microsoft.com/en-us/library/gg412780.aspx   Configuring Lync Server 2010 for External Access (19 percent)   Objective Materials Configure Edge Services http://technet.microsoft.com/en-us/library/gg398918.aspx Configure a firewall http://technet.microsoft.com/en-us/library/gg425882.aspx Configure a reverse proxy http://technet.microsoft.com/en-us/library/gg425779.aspx   Monitoring and Maintaining Lync Server 2010 (21 percent)   Objective Materials Back up and restore Lync Server 2010 http://technet.microsoft.com/en-us/library/gg412771.aspx Configure monitoring and archiving http://technet.microsoft.com/en-us/library/gg398199.aspx http://technet.microsoft.com/en-us/library/gg398507.aspx http://technet.microsoft.com/en-us/library/gg520950.aspx http://technet.microsoft.com/en-us/library/gg520990.aspx Implement troubleshooting tools http://technet.microsoft.com/en-us/library/gg425800.aspx Use PowerShell to test Lync Server 2010 http://technet.microsoft.com/en-us/library/gg398474.aspx

    Read the article

  • What are some best practices for cookie based web authentication?

    - by rdasxy
    I'm working on a small side project using CGI and Python (scalability is not an issue and it needs to be a VERY simple system. I was thinking of implementing authentication using cookies, and was wondering if there were any established best practices. When the user successfully authenticates, I want to use cookies to figure out who is logged on. What, according to the best practices, should be stored in such a cookie?

    Read the article

  • org.apache.http.conn.HttpHostConnectException:Connection to http://172.20.38.143 refused

    - by Passion
    I have developed client server Application .I am accessing mysql with php running on my machine and client running on my cell which is connected to machine.WI-FI is also switched ON. Internet Permission are also added in Manifest file but then also the i encounter error 172.20.38.143 is IP OF MY MACHINE 06-01 13:20:10.391: W/System.err(11157): org.apache.http.conn.HttpHostConnectException: Connection to http://172.20.38.143 refused 06-01 13:20:10.401: W/System.err(11157): at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:183) 06-01 13:20:10.401: W/System.err(11157): at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:164) 06-01 13:20:10.401: W/System.err(11157): at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:119) 06-01 13:20:10.401: W/System.err(11157): at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:360) 06-01 13:20:10.401: W/System.err(11157): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:674) 06-01 13:20:10.401: W/System.err(11157): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:511) 06-01 13:20:10.401: W/System.err(11157): at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:489) 06-01 13:20:10.401: W/System.err(11157): at nineandroid.net.example.library.JSONParser.getJSONFromUrl(JSONParser.java:42) 06-01 13:20:10.401: W/System.err(11157): at nineandroid.net.example.library.UserFunctions.registerUser(UserFunctions.java:59) 06-01 13:20:10.401: W/System.err(11157): at nineandroid.net.example.RegisterActivity$1.onClick(RegisterActivity.java:52) 06-01 13:20:10.411: W/System.err(11157): at android.view.View.performClick(View.java:3567) 06-01 13:20:10.411: W/System.err(11157): at android.view.View$PerformClick.run(View.java:14224) 06-01 13:20:10.411: W/System.err(11157): at android.os.Handler.handleCallback(Handler.java:605) 06-01 13:20:10.411: W/System.err(11157): at android.os.Handler.dispatchMessage(Handler.java:92) 06-01 13:20:10.411: W/System.err(11157): at android.os.Looper.loop(Looper.java:137) 06-01 13:20:10.411: W/System.err(11157): at android.app.ActivityThread.main(ActivityThread.java:4517) 06-01 13:20:10.411: W/System.err(11157): at java.lang.reflect.Method.invokeNative(Native Method) 06-01 13:20:10.411: W/System.err(11157): at java.lang.reflect.Method.invoke(Method.java:511) 06-01 13:20:10.411: W/System.err(11157): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:993) 06-01 13:20:10.421: W/System.err(11157): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:760) 06-01 13:20:10.421: W/System.err(11157): at dalvik.system.NativeStart.main(Native Method) 06-01 13:20:10.421: W/System.err(11157): Caused by: java.net.ConnectException: failed to connect to /172.20.38.143 (port 80): connect failed: ENETUNREACH (Network is unreachable) 06-01 13:20:10.431: W/System.err(11157): at libcore.io.IoBridge.connect(IoBridge.java:114) 06-01 13:20:10.431: W/System.err(11157): at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:192) 06-01 13:20:10.431: W/System.err(11157): at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:459) 06-01 13:20:10.431: W/System.err(11157): at java.net.Socket.connect(Socket.java:848) 06-01 13:20:10.431: W/System.err(11157): at org.apache.http.conn.scheme.PlainSocketFactory.connectSocket(PlainSocketFactory.java:119) 06-01 13:20:10.431: W/System.err(11157): at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:144) 06-01 13:20:10.431: W/System.err(11157): ... 20 more 06-01 13:20:10.431: W/System.err(11157): Caused by: libcore.io.ErrnoException: connect failed: ENETUNREACH (Network is unreachable) 06-01 13:20:10.441: W/System.err(11157): at libcore.io.Posix.connect(Native Method) 06-01 13:20:10.441: W/System.err(11157): at libcore.io.BlockGuardOs.connect(BlockGuardOs.java:85) 06-01 13:20:10.441: W/System.err(11157): at libcore.io.IoBridge.connectErrno(IoBridge.java:127) 06-01 13:20:10.441: W/System.err(11157): at libcore.io.IoBridge.connect(IoBridge.java:112) 06-01 13:20:10.441: W/System.err(11157): ... 25 more 06-01 13:20:10.441: E/Buffer Error(11157): Error converting result java.lang.NullPointerException 06-01 13:20:10.451: E/JSON Parser(11157): Error parsing data org.json.JSONException: End of input at character 0 of 06-01 13:20:10.451: D/AndroidRuntime(11157): Shutting down VM 06-01 13:20:10.451: W/dalvikvm(11157): threadid=1: thread exiting with uncaught exception (group=0x40c0aa68) 06-01 13:20:10.451: E/AndroidRuntime(11157): FATAL EXCEPTION: main 06-01 13:20:10.451: E/AndroidRuntime(11157): java.lang.NullPointerException 06-01 13:20:10.451: E/AndroidRuntime(11157): at nineandroid.net.example.RegisterActivity$1.onClick(RegisterActivity.java:56) 06-01 13:20:10.451: E/AndroidRuntime(11157): at android.view.View.performClick(View.java:3567) 06-01 13:20:10.451: E/AndroidRuntime(11157): at android.view.View$PerformClick.run(View.java:14224) 06-01 13:20:10.451: E/AndroidRuntime(11157): at android.os.Handler.handleCallback(Handler.java:605) 06-01 13:20:10.451: E/AndroidRuntime(11157): at android.os.Handler.dispatchMessage(Handler.java:92) 06-01 13:20:10.451: E/AndroidRuntime(11157): at android.os.Looper.loop(Looper.java:137) 06-01 13:20:10.451: E/AndroidRuntime(11157): at android.app.ActivityThread.main(ActivityThread.java:4517) 06-01 13:20:10.451: E/AndroidRuntime(11157): at java.lang.reflect.Method.invokeNative(Native Method) 06-01 13:20:10.451: E/AndroidRuntime(11157): at java.lang.reflect.Method.invoke(Method.java:511) 06-01 13:20:10.451: E/AndroidRuntime(11157): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:993) 06-01 13:20:10.451: E/AndroidRuntime(11157): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:760) 06-01 13:20:10.451: E/AndroidRuntime(11157): at dalvik.system.NativeStart.main(Native Method) UserFunctions.java to call jsonParser public class UserFunctions { private JSONParser jsonParser; private static String loginURL = "http://172.20.38.143/ah_login_api/"; private static String registerURL = "http://172.20.38.143/ah_login_api/"; private static String login_tag = "login"; private static String register_tag = "register"; // constructor public UserFunctions(){ jsonParser = new JSONParser(); } /** * function make Login Request * @param email * @param password * */ public JSONObject loginUser(String email, String password){ // Building Parameters List<NameValuePair> params = new ArrayList<NameValuePair>(); params.add(new BasicNameValuePair("tag", login_tag)); params.add(new BasicNameValuePair("email", email)); params.add(new BasicNameValuePair("password", password)); JSONObject json = jsonParser.getJSONFromUrl(loginURL, params); // return json // Log.e("JSON", json.toString()); return json; } /** * function make Login Request * @param name * @param email * @param password * */ public JSONObject registerUser(String name, String email, String password){ // Building Parameters List<NameValuePair> params = new ArrayList<NameValuePair>(); params.add(new BasicNameValuePair("tag", register_tag)); params.add(new BasicNameValuePair("name", name)); params.add(new BasicNameValuePair("email", email)); params.add(new BasicNameValuePair("password", password)); // getting JSON Object JSONObject json = jsonParser.getJSONFromUrl(registerURL, params); // return json return json; } /** * Function get Login status * */ public boolean isUserLoggedIn(Context context){ DatabaseHandler db = new DatabaseHandler(context); int count = db.getRowCount(); if(count > 0){ // user logged in return true; } return false; } /** * Function to logout user * Reset Database * */ public boolean logoutUser(Context context){ DatabaseHandler db = new DatabaseHandler(context); db.resetTables(); return true; } } jsonParser.java public class JSONParser { static InputStream is = null; static JSONObject jObj = null; static String json = ""; // constructor public JSONParser() { } public JSONObject getJSONFromUrl(String url, List<NameValuePair> params) { // Making HTTP request try { // defaultHttpClient DefaultHttpClient httpClient = new DefaultHttpClient(); HttpPost httpPost = new HttpPost(url); httpPost.setEntity(new UrlEncodedFormEntity(params)); HttpResponse httpResponse = httpClient.execute(httpPost); HttpEntity httpEntity = httpResponse.getEntity(); is = httpEntity.getContent(); } catch (UnsupportedEncodingException e) { e.printStackTrace(); } catch (ClientProtocolException e) { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); } try { BufferedReader reader = new BufferedReader(new InputStreamReader( is, "iso-8859-1"), 8); StringBuilder sb = new StringBuilder(); String line = null; while ((line = reader.readLine()) != null) { sb.append(line + "\n"); } is.close(); json = sb.toString(); Log.e("JSON", json); } catch (Exception e) { Log.e("Buffer Error", "Error converting result " + e.toString()); } // try parse the string to a JSON object try { jObj = new JSONObject(json); } catch (JSONException e) { Log.e("JSON Parser", "Error parsing data " + e.toString()); } // return JSON String return jObj; } } RegisterActivity.java public class RegisterActivity extends Activity { Button btnRegister; Button btnLinkToLogin; EditText inputFullName; EditText inputEmail; EditText inputPassword; TextView registerErrorMsg; // JSON Response node names private static String KEY_SUCCESS = "success"; private static String KEY_UID = "uid"; private static String KEY_NAME = "name"; private static String KEY_EMAIL = "email"; private static String KEY_CREATED_AT = "created_at"; @Override public void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.register); // Importing all assets like buttons, text fields inputFullName = (EditText) findViewById(R.id.registerName); inputEmail = (EditText) findViewById(R.id.registerEmail); inputPassword = (EditText) findViewById(R.id.registerPassword); btnRegister = (Button) findViewById(R.id.btnRegister); btnLinkToLogin = (Button) findViewById(R.id.btnLinkToLoginScreen); registerErrorMsg = (TextView) findViewById(R.id.register_error); // Register Button Click event btnRegister.setOnClickListener(new View.OnClickListener() { public void onClick(View view) { String name = inputFullName.getText().toString(); String email = inputEmail.getText().toString(); String password = inputPassword.getText().toString(); UserFunctions userFunction = new UserFunctions(); JSONObject json = userFunction.registerUser(name, email, password); // check for login response try { if (json.getString(KEY_SUCCESS) != null) { registerErrorMsg.setText(""); String res = json.getString(KEY_SUCCESS); if(Integer.parseInt(res) == 1){ // user successfully registred // Store user details in SQLite Database DatabaseHandler db = new DatabaseHandler(getApplicationContext()); JSONObject json_user = json.getJSONObject("user"); // Clear all previous data in database userFunction.logoutUser(getApplicationContext()); db.addUser(json_user.getString(KEY_NAME), json_user.getString(KEY_EMAIL), json.getString(KEY_UID), json_user.getString(KEY_CREATED_AT)); // Launch Dashboard Screen Intent dashboard = new Intent(getApplicationContext(), DashboardActivity.class); // Close all views before launching Dashboard dashboard.addFlags(Intent.FLAG_ACTIVITY_CLEAR_TOP); startActivity(dashboard); // Close Registration Screen finish(); }else{ // Error in registration registerErrorMsg.setText("Error occured in registration"); } } } catch (JSONException e) { e.printStackTrace(); } } }); // Link to Login Screen btnLinkToLogin.setOnClickListener(new View.OnClickListener() { public void onClick(View view) { Intent i = new Intent(getApplicationContext(), LoginActivity.class); startActivity(i); // Close Registration View finish(); } }); } }

    Read the article

  • IIS 401.3 - Unauthorized on only 1 server out of 3 set up for network load balancing

    - by Tony
    Over the weekend our Server Admin set up two virtual Windows 2008 machines with IIS installed and set them up under NLB. I came in and changed the application pool the website was running under to our domain account that has proper access to the database and the file share hosting our .NET web application Sitefinity, and changed it to .NET 4 Integrated. NLB and everything was running fine on both servers. He brought up the third server for our cluster on Tuesday and I performed the same actions.. The only difference was that I was given admin rights for the third server so I could set it up remotely instead of going to his office. He has full control over the share and NTFS perms on \\hostname\Sitefinity and I believe I only had read access. I pointed the web site to the same \\hostname\Sitefinity\sitename share that the others were on and the authentication/authorization test settings passed. I hit the site from http://localhost (like I did successfully from the other two before trying the cluster's IP address) and I received a HTTP Error 401.3 - Unauthorized. I've verified many times that the application pool is running under the same service account. I tried hitting just a simple test.htm.. works fine on both of the first two servers but I get the same 401.3 on the third. I copied my dev project to the local inetpub directory and re-pointed the website and that ran perfectly. I turned on Failed Request Tracing and it acts like it's still running the local IUSR account I guess (instead of my domain account)? Here is an excerpt of the File Cache Access Start and the error from the trace: FileName \\hostname\sitefinity\sitename\test.htm UserName IUSR DomainName NT AUTHORITY ---------- Successful false FileFromCache false FileAddedToCache false FileDirmoned true LastModCheckErrorIgnored true ErrorCode 2147942405 LastModifiedTime ErrorCode Access is denied. (0x80070005) ---------- ModuleName IIS Web Core Notification 2 HttpStatus 401 HttpReason Unauthorized HttpSubStatus 3 ErrorCode 2147942405 ConfigExceptionInfo Notification AUTHENTICATE_REQUEST ErrorCode Access is denied. (0x80070005) ---------- My personal AD account was then granted read/write perms to the share so I created a new application pool and set the site under it in case there was an issue with the application pool but no success. I created another under my own account and it still failed. It just seems like maybe it's not trying to access the files under the account my application pools are running under although that's the only way I've done things before. I set the Physicial Path Credentials in Advanced Settings on the site to the service account and it threw a 500 error of some sort so I assume that's not the answer (and I don't have to do it on the other servers). It's like somehow I'm trying to force impersonation on the IUSR account or something?

    Read the article

  • Android, sending XML via HTTP POST (SOAP)

    - by Intosia
    Hi, I would like to invoke a webservice via Android. I need to POST some XML to a URL via HTTP. I found this snipped for sending a POST, but i dont know how to include/add the XML data itself. public void postData() { // Create a new HttpClient and Post Header HttpClient httpclient = new DefaultHttpClient(); HttpPost httppost = new HttpPost("http://10.10.4.35:53011/"); try { // Add your data List<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>(2); nameValuePairs.add(new BasicNameValuePair("Content-Type", "application/soap+xml")); httppost.setEntity(new UrlEncodedFormEntity(nameValuePairs)); // Where/how to add the XML data? // Execute HTTP Post Request HttpResponse response = httpclient.execute(httppost); } catch (ClientProtocolException e) { // TODO Auto-generated catch block } catch (IOException e) { // TODO Auto-generated catch block } } This is the complete POST message that i need to imitate: POST /a8103e90-f1e3-11dd-bfdb-8b1fcff1a110 HTTP/1.1 Host: 10.10.4.35:53011 Content-Type: application/soap+xml Content-Length: 602 <?xml version='1.0' encoding='UTF-8' ?> <s12:Envelope xmlns:s12="http://www.w3.org/2003/05/soap-envelope" xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"> <s12:Header> <wsa:MessageID>urn:uuid:fc061d40-3d63-11df-bfba-62764ccc0e48</wsa:MessageID> <wsa:Action>http://schemas.xmlsoap.org/ws/2004/09/transfer/Get</wsa:Action> <wsa:To>urn:uuid:a8103e90-f1e3-11dd-bfdb-8b1fcff1a110</wsa:To> <wsa:ReplyTo> <wsa:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</wsa:Address> </wsa:ReplyTo> </s12:Header> <s12:Body /> </s12:Envelope>

    Read the article

  • PYTHON: ntlm authentication

    - by Svetlana
    Hello!! I'm trying to implement NTLM authentication on IIS (Windows Server 2003) from Windows 7 with python. LAN Manager Authentication Level: Send NTLM response only. Client machine and server are in the same domain. Domain controller (AD) is on another server (also running Windows Server 2003). I recieve 401.1 - Unauthorized: Access is denied due to invalid credentials. Could you please help me find out what is wrong with this code and/or show me the other possible directions to solve this problem (using NTLM or Kerberos)? [python] import sys, httplib, base64, string import urllib2 import win32api import sspi import pywintypes import socket class WindoewNtlmMessageGenerator: def __init__(self,user=None): import win32api,sspi if not user: user = win32api.GetUserName() self.sspi_client = sspi.ClientAuth("NTLM",user) def create_auth_req(self): import pywintypes output_buffer = None error_msg = None try: error_msg, output_buffer = self.sspi_client.authorize(None) except pywintypes.error: return None auth_req = output_buffer[0].Buffer auth_req = base64.encodestring(auth_req) auth_req = string.replace(auth_req,'\012','') return auth_req def create_challenge_response(self,challenge): import pywintypes output_buffer = None input_buffer = challenge error_msg = None try: error_msg, output_buffer = self.sspi_client.authorize(input_buffer) except pywintypes.error: return None response_msg = output_buffer[0].Buffer response_msg = base64.encodestring(response_msg) response_msg = string.replace(response_msg,'\012','') return response_msg fname='request.xml' request = file(fname).read() ip_host = '10.0.3.112' ntlm_gen = WindoewNtlmMessageGenerator() auth_req_msg = ntlm_gen.create_auth_req() auth_req_msg_dec = base64.decodestring(auth_req_msg) auth_req_msg = string.replace(auth_req_msg,'\012','') webservice = httplib.HTTPConnection(ip_host) webservice.putrequest("POST", "/idc/idcplg") webservice.putheader("Content-length", "%d" % len(request)) webservice.putheader('Authorization', 'NTLM'+' '+auth_req_msg) webservice.endheaders() resp = webservice.getresponse() resp.read() challenge = resp.msg.get('WWW-Authenticate') challenge_dec = base64.decodestring(challenge.split()[1]) msg3 = ntlm_gen.create_challenge_response(challenge_dec) webservice = httplib.HTTP(ip_host) webservice.putrequest("POST", "/idc/idcplg?IdcService=LOGIN&Auth=Intranet") webservice.putheader("Host", SHOD) webservice.putheader("Content-length", "%d" % len(request)) webservice.putheader('Authorization', 'NTLM'+' '+msg3) webservice.putheader("Content-type", "text/xml; charset=\"UTF-8\"") webservice.putheader("SOAPAction", "\"\"") webservice.endheaders() webservice.send(request) statuscode, statusmessage, header = webservice.getreply() res = webservice.getfile().read() res_file = file('result.txt','wb') res_file.write(res) res_file.close() [/python] sspi.py is available here: http://www.koders.com/python/fidF3B0061A07CD13BA35FF263E3E45252CFABFAA3B.aspx?s=timer Thanks!

    Read the article

  • HTTP Basic Authentication with HTTPService Objects in Adobe Flex/AIR

    - by Bob Somers
    I'm trying to request a HTTP resource that requires basic authorization headers from within an Adobe AIR application. I've tried manually adding the headers to the request, as well as using the setRemoteCredentials() method to set them, to no avail. Here's the code: <mx:Script> <![CDATA[ import mx.rpc.events.ResultEvent; import mx.rpc.events.FaultEvent; private function authAndSend(service:HTTPService):void { service.setRemoteCredentials('someusername', 'somepassword'); service.send(); } private function resultHandler(event:ResultEvent):void { apiResult.text = event.result.toString(); } private function resultFailed(event:FaultEvent):void { apiResult.text = event.fault.toString(); } ]]> </mx:Script> <mx:HTTPService id="apiService" url="https://mywebservice.com/someFileThatRequiresBasicAuth.xml" resultFormat="text" result="resultHandler(event)" fault="resultFailed(event)" /> <mx:Button id="apiButton" label="Test API Command" click="authAndSend(apiService)" /> <mx:TextArea id="apiResult" /> However, a standard basic auth dialog box still pops up prompting the user for their username and password. I have a feeling I'm not doing this the right way, but all the info I could find (Flex docs, blogs, Google, etc.) either hasn't worked or was too vague to help. Any black magic, oh Flex gurus? Thanks. EDIT: Changing setRemoteCredentials() to setCredentials() yields the following ActionScript error: [MessagingError message='Authentication not supported on DirectHTTPChannel (no proxy).'] EDIT: Problem solved, after some attention from Adobe. See the posts below for a full explanation. This code will work for HTTP Authentication headers of arbitrary length. import mx.utils.Base64Encoder; private function authAndSend(service:HTTPService):void { var encoder:Base64Encoder = new Base64Encoder(); encoder.insertNewLines = false; // see below for why you need to do this encoder.encode("someusername:somepassword"); service.headers = {Authorization:"Basic " + encoder.toString()}; service.send(); }

    Read the article

  • Django users and authentication from external source

    - by Boldewyn
    I have a Django app that gets it's data completely from an external source (queried via HTTP). That is, I don't have the option for a local database. Session data is stored in the cache (on my development server I use a SQLite database, so that is no error source). I'm using bleeding edge Django 1.1svn. Enter the problem: I want to use Django's own authentication system for the users. It seems quite simple to write my own Authentication Backend, but always just under the condition that you have a local database where to save the users. Without database my main problem is persistence. I tried it with the following (assume that datasource.get() is a function that returns some kind of dict): class ModelBackend (object): """Login backend.""" def authenticate (self, username=None, password=None): """Check, if a given user/password combination is valid""" data = datasource.get ('login', username, password) if data and data['ok']: return MyUser (username=username) else: raise TypeError return None def get_user (self, username): """get data about a specific user""" try: data = datasource.get ('userdata', username) if data and data['ok']: return data.user except: pass return None class MyUser (User): """Django user who isn't saved in DB""" def save (self): return None But the intentionally missing save() method on MyUser seems to break the session storage of a login. How should MyUser look like without a local database?

    Read the article

  • cakephp: Custom Authentication Object authenticate not called

    - by Kristoffer Darj
    The method authenticate in a Custom Authentication Object is never called. Is this a glicth or am I missing something? I don't get anything in the log, I'm just redirected to users/login (or the one I specified) CakeVersion: 2.4.1 <?php //My custom Auth Class //Path: app/Controller/Component/Auth/HashAuthenticate.php App::uses('BaseAuthenticate', 'Controller/Component/Auth'); class HashAuthenticate extends BaseAuthenticate { public function authenticate(CakeRequest $request, CakeResponse $response) { //Seems to not be called CakeLog::write('authenticate'); debug($this); die('gaah'); } } If I add the method getUser() (or unauthenticated() ), those gets called however so at least I know that cake finds the class and so on. It just skips the authenticate-method. The AppController looks like this class AppController extends Controller { public $helpers = array('Html', 'Form', 'Session'); public $components = array('Auth' => array( 'authenticate' => array('Hash'), 'authorize' => array('Controller'), ) ); } I found a similar question here: CakePHP 2.x custom "Authentication adapter &quot;LdapAuthorize&quot; was not found but there the issue was typos.

    Read the article

  • Overriding windows authentication for a .NET application

    - by JoshReedSchramm
    I have a .NET application where the homepage (default.aspx) should be accessible by anyone. There is also a reporting page (reporting.aspx) that I want to secure via windows authentication and only allow access to a particular set of AD groups. Right now the way my web.config is setup it is securing the reporting page but on the home page it prompts the user for login credentials. If they hit esc they can continue to the page though so it isnt actually securing it. I need to prevent it from prompting the user. How do i need to setup my config. Here is what i have now - <system.web> <authentication mode="Windows" /> <identity impersonate="true" /> <authorization> <allow roles="BUILTIN\Administrators, DomainName\Manager" /> <deny users="?" /> </authorization> ...MORE STUFF... </system.web> <location path="default.aspx"> <system.web> <identity impersonate="false" /> <authorization> <allow users="*"/> </authorization> </system.web> </location>

    Read the article

  • SECURITY Flaws in this design for User authentication.

    - by Shao
    SECURITY Flaws in this design for User authentication. From: http://wiki.pylonshq.com/display/pylonscookbook/Simple+Homegrown+Authentication Note: a. Project follows the MVC pattern. b. Only a user with a valid username and password is allowed submit something. Design: a. Have a base controller from which all controllers are derived from. b. Before any of the actions in the derived controllers are called the system calls a before action in the base controller. c. In each controller user hardcodes the actions that need to be verified in an array. d. The before action first looks in the array that has the actions that are protected and sees if a user is logged in or not by peaking into the session. If a user is present then user is allowed to submit otherwise user is redirected to login page. What do you think?

    Read the article

  • ASP.NET Authentication Cookie timout and IIS 7 setting

    - by David Laplante
    Hello, I have an ASP.NET website for which i've set the authetication timeout to 60 days so that my users don't have to log in each time they come back if they checked the "remember me" option. Basic ASP.NET login mechanism... It's working fine on my developpement server as well as on the visual studio built-in web server. I can close the browser, wait around 30-40 minutes and browse back to the site and be automatically logged in. However, I've not moved the site to a hosting provider and it seems that whatever I do to my Web.config file, the cookie expires after around 30 minutes (hard to tell the exact amount of time). I have asked the provider's help support and they basically told me: "Web.config file is to configure your website. Please do not change it if you don't know what you are doing" Frustrating answer indeed... To be sure, I checked everywhere on the net for exceptions, fine prints, in the basic asp.net authentication but found none. I have access to IIS remote management for my site (IIS 7) but don't really know where to look. Can there be something in the IIS setting that is overriding my web.config authentication setting? What should I do... Thanks for you help!

    Read the article

  • Authentication Error when accessing Sharepoint list via web service

    - by Joe
    I wrote a windows service a few months ago that would ping a Sharepoint list using _vti_bin/lists.asmx function GetListItemChanges. It was working fine until a few weeks ago when my company upgraded our Sharepoint instance to SP1. Now whenever my service attempts to access Sharepoint I receive an 401.1 authentication error: Error: You are not authorized to view this page You do not have permission to view this directory or page using the credentials that you supplied. Please try the following: Contact the Web site administrator if you believe you should be able to view this directory or page. HTTP Error 401.1 - Unauthorized: Access is denied due to invalid credentials. Internet Information Services (IIS) I have checked and my privileges on the site have not changed. here is the code In which I call the list: Lists listsService = new Lists(); listsService.Credentials = new NetworkCredential("UserName", "Password", "domain"); Result = listsService.GetListItemChanges("List name", null, dTime.ToString(), null); It has also been brought to my attention that basic authentication may have been disabled on our farm. I don't believe I'm using that but I may be mistaken.

    Read the article

  • Forms Authentication & Virtual Directory

    - by benclaytonfranklin
    Hi, We're having trouble getting Forms Authentication to work with a virtual directory in IIS. We have a main site, and then a microsite setup within a virtual directory. This mircosite has its own admin system within an "Admin" folder, which has authentication on it but currently it is not kicking in and the admin section is browsable by anyone. The web.config with the admin folder has the following: <?xml version="1.0"?> <configuration> <appSettings/> <connectionStrings/> <system.web> <authorization> <deny users="?"/> </authorization> <customErrors mode="RemoteOnly" defaultRedirect="~/Admin/Error.aspx"/> </system.web> </configuration> Could anyone give me any clues as to why this might not be working? Cheers!

    Read the article

  • Implement user authentication against remote DB with a Web Service

    - by Juan González
    I'm just starting reasearch about the best way to implement user authentication within my soon-to-be app. This is what I have so far: A desktop (Windows) application on a remote server. That application is accessed locally with a browser (it has a web console and MS SQL Server to store everything). The application is used with local credendials stored in the DB. This is what I'd like to accompllish: Provide access to some information on that SQL Server DB from my app. That access of course must be granted once a user has id himself with valid credentials. This is what I know so far: How to create my PHP web service and query info from a DB using JSON. How to work with AFNetworking libraries to retrieve information. How to display that info on the app. What I don't know is which could be the best method to implement user authentication from iOS. Should I send username and password? Should I send some hash? Is there a way to secure the handshake? I'd for sure appreciate any advise, tip, or recommendation you have from previous experience. I don't want to just implement it but instead I want to do it as good as possible.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 20 21 22 23 24 25 26 27 28 29 30 31  | Next Page >