Search Results

Search found 2054 results on 83 pages for 'ion auth'.

Page 24/83 | < Previous Page | 20 21 22 23 24 25 26 27 28 29 30 31  | Next Page >

  • Ubuntu Server attack? how to solve?

    - by saky
    Hello, Something (Someone) is sending out UDP packets sent from our whole ip range. This seems to be multicast DNS. Our server host provided this (Our IP Address is masked with XX): Jun 3 11:02:13 webserver kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:30:48:94:46:c4:08:00 SRC=193.23X.21X.XX DST=224.0.0.251 LEN=73 TOS=0x00 PREC=0x00 TTL=255 ID=0 DF PROTO=UDP SPT=5353 DPT=5353 LEN=53 Jun 3 11:02:23 webserver kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:30:48:94:46:c4:08:00 SRC=193.23X.21X.XX DST=224.0.0.251 LEN=73 TOS=0x00 PREC=0x00 TTL=255 ID=0 DF PROTO=UDP SPT=5353 DPT=5353 LEN=53 Jun 3 11:02:32 webserver kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:30:48:94:46:c4:08:00 SRC=193.23X.21X.XX DST=224.0.0.251 LEN=73 TOS=0x00 PREC=0x00 TTL=255 ID=0 DF PROTO=UDP SPT=5353 DPT=5353 LEN=53 Jun 3 11:02:35 webserver kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=01:00:5e:00:00:fb:00:30:48:94:46:c4:08:00 SRC=193.23X.21X.XX DST=224.0.0.251 LEN=73 TOS=0x00 PREC=0x00 TTL=255 ID=0 DF PROTO=UDP SPT=5353 DPT=5353 LEN=53 I checked my /var/log/auth.log file and found out that someone from China (Using ip-locator) was trying to get in to the server using ssh. ... Jun 3 11:32:00 server2 sshd[28511]: Failed password for root from 202.100.108.25 port 39047 ssh2 Jun 3 11:32:08 server2 sshd[28514]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.100.108.25 user=root Jun 3 11:32:09 server2 sshd[28514]: Failed password for root from 202.100.108.25 port 39756 ssh2 Jun 3 11:32:16 server2 sshd[28516]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.100.108.25 user=root ... I have blocked that IP address using this command: sudo iptables -A INPUT -s 202.100.108.25 -j DROP However, I have no clue about the UDP multicasting, what is doing this? who is doing it? and how I can stop it? Anyone know?

    Read the article

  • How to get nginx to pass HTTP_AUTHORIZATION header to Apache

    - by codeinthehole
    Am using Nginx as a reverse proxy to an Apache server that uses HTTP Auth. For some reason, I can't get the HTTP_AUTHORIZATION header through to Apache, it seems to get filtered out by Nginx. Hence, no requests can authenticate. Note that the Basic auth is dynamic so I don't want to hard-code it in my nginx config. My nginx config is: server { listen 80; server_name example.co.uk ; access_log /var/log/nginx/access.cdk-dev.tangentlabs.co.uk.log; gzip on; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_read_timeout 120; location / { proxy_pass http://localhost:81/; } location ~* \.(jpg|png|gif|jpeg|js|css|mp3|wav|swf|mov|doc|xls|ppt|docx|pptx|xlsx|swf)$ { if (!-f $request_filename) { break; proxy_pass http://localhost:81; } root /var/www/example; } } Anyone know why this is happening? Update - turns out the problem was something I had overlooked in my original question: mod_wsgi. The site in question here is a Django site, and it turns out that Apache does get the auth variables passed through, however mod_wsgi filters them out. The resolution is to use: WSGIPassAuthorization On See http://www.arnebrodowski.de/blog/508-Django,-mod_wsgi-and-HTTP-Authentication.html for more details

    Read the article

  • arch openldap authentication failure

    - by nonus25
    I setup the openldap, all look fine but i cant setup authentication, #getent shadow | grep user user:*::::::: tuser:*::::::: tuser2:*::::::: #getent passwd | grep user git:!:999:999:git daemon user:/:/bin/bash user:x:10000:2000:Test User:/home/user/:/bin/zsh tuser:x:10000:2000:Test User:/home/user/:/bin/zsh tuser2:x:10002:2000:Test User:/home/tuser2/:/bin/zsh from root i can login as a one of these users #su - tuser2 su: warning: cannot change directory to /home/tuser2/: No such file or directory 10:24 tuser2@juliet:/root i cant login via ssh also passwd is not working #ldapwhoami -h 10.121.3.10 -D "uid=user,ou=People,dc=xcl,dc=ie" ldap_bind: Server is unwilling to perform (53) additional info: unauthenticated bind (DN with no password) disallowed 10:30 root@juliet:~ #ldapwhoami -h 10.121.3.10 -D "uid=user,ou=People,dc=xcl,dc=ie" -W Enter LDAP Password: ldap_bind: Invalid credentials (49) typed password by me is correct /etc/openldap/slapd.conf access to dn.base="" by * read access to dn.base="cn=Subschema" by * read access to * by self write by users read by anonymous read access to * by dn="uid=root,ou=Roles,dc=xcl,dc=ie" write by users read by anonymous auth access to attrs=userPassword,gecos,description,loginShell by self write access to attrs="userPassword" by dn="uid=root,ou=Roles,dc=xcl,dc=ie" write by anonymous auth by self write by * none access to * by dn="uid=root,ou=Roles,dc=xcl,dc=ie" write by dn="uid=achmiel,ou=People,dc=xcl,dc=ie" write by * search access to attrs=userPassword by self =w by anonymous auth access to * by self write by users read database hdb suffix "dc=xcl,dc=ie" rootdn "cn=root,dc=xcl,dc=ie" rootpw "{SSHA}AM14+..." there are some parts of that conf file /etc/openldap/ldap.conf looks : BASE dc=xcl,dc=ie URI ldap://192.168.10.156/ TLS_REQCERT allow TIMELIMIT 2 so my question is what i am missing that ldap not allow me login by using password ?

    Read the article

  • How can I prevent Apache from asking for credentials on non SSL site

    - by Scott
    I have a web server with several virtual hosts. Some of those hosts have an associated ssl site. I have a DirectoryMatch directive in my main config file which requires basic authentication to any directory with secured as part of the directory path. On sites that have an SSL site, I have a rewrite rule (located in the non ssl config for that site), that redirects to the SSL site, same uri. The problem is the http (80) site asks for credentials first, and then the https (443) site asks for credentials again. I would like to prevent the http site from asking and thus avoid the potential for someone entering credentials and having them sent in clear text. I know I could move the DirectoryMatch down to the specific site, and just put the auth statement in the SSL config, but that would introduce the possibility of forgetting to protect critical directories when creating new sites. Here are the pertinent declarations: httpd.conf (all sites): <DirectoryMatch "_secured_"> AuthType Basic AuthName "+ + + Restrcted Area on Server + + +" AuthUserFile /home/websvr/.auth/std.auth Require valid-user </DirectoryMatch> site.conf (specific to individual site) <DirectoryMatch "_secured_"> RewriteEngine On RewriteRule .*(_secured_.*) https://site.com/$1 </DirectoryMatch> Is there a way to leave DirectoryMatch in the main config file and prevent the request for authorization from the http site? Running Apache 2 on Ubuntu 10.04 server from the default package. I have AllowOverride set to none - I prefer to handle things in the config files instead of .htaccess.

    Read the article

  • OpenVPN Keeps Crashing

    - by Frank Thornton
    Oct 20 21:00:44 sb1 openvpn[2082]: <MY_IP>:28523 [vpntest] Peer Connection Initiated with [AF_INET]<MY_IP>:28523 Oct 20 21:00:44 sb1 openvpn[2082]: vpntest/<MY_IP>:28523 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled) Oct 20 21:00:44 sb1 openvpn[2082]: <MY_IP>:28522 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1576', remote='link-mtu 1376' Oct 20 21:00:44 sb1 openvpn[2082]: <MY_IP>:28522 WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1532', remote='tun-mtu 1332' Oct 20 21:00:45 sb1 openvpn[2082]: <MY_IP>:28522 [vpntest2] Peer Connection Initiated with [AF_INET]<MY_IP>:28522 Oct 20 21:00:45 sb1 openvpn[2082]: vpntest2/<MY_IP>:28522 MULTI_sva: pool returned IPv4=10.8.0.10, IPv6=(Not enabled) Oct 20 21:00:46 sb1 openvpn[2082]: vpntest/<MY_IP>:28523 send_push_reply(): safe_cap=940 Client File: client dev tun proto tcp remote <IP> 443 resolv-retry infinite nobind tun-mtu 1500 tun-mtu-extra 32 mssfix 1410 persist-key persist-tun auth-user-pass comp-lzo SERVER: port 443 #- port proto tcp #- protocol dev tun tun-mtu 1500 tun-mtu-extra 32 reneg-sec 0 #mtu-disc yes mssfix 1410 ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt cert /etc/openvpn/easy-rsa/2.0/keys/server.crt key /etc/openvpn/easy-rsa/2.0/keys/server.key dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem plugin /etc/openvpn/openvpn-auth-pam.so /etc/pam.d/login #plugin /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so /etc/pam.d/login #- Comment this line if you are using FreeRADIUS #plugin /etc/openvpn/radiusplugin.so /etc/openvpn/radiusplugin.cnf #- Uncomment this line if you are using FreeRADIUS client-to-client client-cert-not-required username-as-common-name server 10.8.0.0 255.255.255.0 push "redirect-gateway def1" push "dhcp-option DNS 8.8.8.8" push "dhcp-option DNS 8.8.4.4" keepalive 3 30 comp-lzo persist-key persist-tun What is causing the VPN to keep dropping the connection and then reconnecting?

    Read the article

  • [tcpdump] Proxy delegate refusing connexion ?

    - by simtris
    Hi guys, I'm a little disapointed ! My aim was to build a VERY simple smtp proxy under debian to handle mail from a port (51234) and forward it to the standard 25 port. I compile and install a "delegate" witch can handle easily that. It's working very well like that : delegated SERVER="smtp://anotherSmtpServer:25" -P51234 The strange thing is, it's working on my virtual test machine and on the dedicated server in local but I can't manage to use it trought internet. I test it like that. telnet [mySrv] 51234 Of course, no firewal, no deny host, no ined/xined, the service delegated is listening on the right port ... 2 clues : The port is answering trought internet with nmap as "51234/tcp open tcpwrapped" have a look at the tcpdump following : 22:50:54.864398 IP [myIp].1699 [mySrv].51234: S 2486749330:2486749330(0) win 65535 22:50:54.864449 IP [mySrv].51234 [myIp].1699: S 2486963525:2486963525(0) ack 2486749331 win 5840 22:50:54.948169 IP [myIp].1699 [mySrv].51234: . ack 1 win 64240 22:50:54.965134 IP [mySrv].43554 [myIp].auth: S 2485396968:2485396968(0) win 5840 22:50:55.243128 IP [myIp] [mySrv]: ICMP [myIp] tcp port auth unreachable, length 68 22:50:55.249646 IP [mySrv].51234 [myIp].1699: F 1:1(0) ack 1 win 46 22:50:55.309853 IP [myIp].1699 [mySrv].51234: . ack 2 win 64240 22:50:55.310126 IP [myIp].1699 [mySrv].51234: F 1:1(0) ack 2 win 64240 22:50:55.310137 IP [mySrv].51234 [myIp].1699: . ack 2 win 46 The part "auth" seems suspect to me but didn't ring a bell. I could certaily do with some help. Thx a lot !

    Read the article

  • Hotmail mail delivery issue (spam)

    - by chaochito
    Hello, I am running a Postfix server in a dedicated server in a Linux environment (centOS 5.3) for a social networking web application and are experiencing deliverability issues with Hotmail (I can send mails to Gmail, Yahoo, Aol in inbox). I only send legit mails for registered users (notifications). I have SPF, DK and DKIM setup. I pass the Sender ID test when mailing to [email protected] but we have "X-Auth-Result : None" only in Hotmail headers and no X-SID-Result:Pass. We have been enrolled in their program for more than 2 weeks and normally when you apply to their Sender ID program you are supposed to have X-SID-Result:Pass and X-Auth-Result:Pass. I contacted Hotmail about the issue and they told me that my domain looks like added to Sender ID in their system this is beyond their support and asked me to contact my ISP. As you can imagine, my ISP has no clue about that either. I don't really know what could be wrong... Mails are currently filtered as spam and we would like to be able to have them landing in inbox.

    Read the article

  • Openvpn - stuck on Connecting

    - by user224277
    I've got a problem with openvpn server... every time when I trying to connect to the VPN , I am getting a window with login and password box, so I typed my login and password (login = Common Name (user1) and password is from a challenge password from the client certificate. Logs : Jun 7 17:03:05 test ovpn-openvpn[5618]: Authenticate/Decrypt packet error: packet HMAC authentication failed Jun 7 17:03:05 test ovpn-openvpn[5618]: TLS Error: incoming packet authentication failed from [AF_INET]80.**.**.***:54179 Client.ovpn : client #dev tap dev tun #proto tcp proto udp remote [Server IP] 1194 resolv-retry infinite nobind persist-key persist-tun ca ca.crt cert user1.crt key user1.key <tls-auth> -----BEGIN OpenVPN Static key V1----- d1e0... -----END OpenVPN Static key V1----- </tls-auth> ns-cert-type server cipher AES-256-CBC comp-lzo yes verb 0 mute 20 My openvpn.conf : port 1194 #proto tcp proto udp #dev tap dev tun #dev-node MyTap ca /etc/openvpn/keys/ca.crt cert /etc/openvpn/keys/VPN.crt key /etc/openvpn/keys/VPN.key dh /etc/openvpn/keys/dh2048.pem server 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt #push „route 192.168.5.0 255.255.255.0? #push „route 192.168.10.0 255.255.255.0? keepalive 10 120 tls-auth /etc/openvpn/keys/ta.key 0 #cipher BF-CBC # Blowfish #cipher AES-128-CBC # AES #cipher DES-EDE3-CBC # Triple-DES comp-lzo #max-clients 100 #user nobody #group nogroup persist-key persist-tun status openvpn-status.log #log openvpn.log #log-append openvpn.log verb 3 sysctl : net.ipv4.ip_forward=1

    Read the article

  • /etc/hosts: What is loghost? (fresh install of Solaris 10 update 9)

    - by cjavapro
    # # Internet host table # ::1 localhost 127.0.0.1 localhost XX.XX.XX.XX myserver loghost What is the purpose of loghost? If it was not for having loghost in there, all the /etc/hosts files on all the servers in this particular network could be identical. Edit: I looked at /etc/syslog.conf #ident "@(#)syslog.conf 1.5 98/12/14 SMI" /* SunOS 5.0 */ # # Copyright (c) 1991-1998 by Sun Microsystems, Inc. # All rights reserved. # # syslog configuration file. # # This file is processed by m4 so be careful to quote (`') names # that match m4 reserved words. Also, within ifdef's, arguments # containing commas must be quoted. # *.err;kern.notice;auth.notice /dev/sysmsg *.err;kern.debug;daemon.notice;mail.crit /var/adm/messages *.alert;kern.err;daemon.err operator *.alert root *.emerg * # if a non-loghost machine chooses to have authentication messages # sent to the loghost machine, un-comment out the following line: #auth.notice ifdef(`LOGHOST', /var/log/authlog, @loghost) mail.debug ifdef(`LOGHOST', /var/log/syslog, @loghost) # # non-loghost machines will use the following lines to cause "user" # log messages to be logged locally. # ifdef(`LOGHOST', , user.err /dev/sysmsg user.err /var/adm/messages user.alert `root, operator' user.emerg * ) Very interesting. when shutting down,, alerts go to all users probably through *.emerg * Looking at ifdef, it seems that the first parameter checks to see if current machine is a loghost, second parameter is what to do if it is and third parameter is what to do if it is not. Edit: If you want to test a logging rule you can use svcadm restart system-log to restart the logging service and then logger -p notice "test" to send a test log message where notice can be replaced with any type such as user.err, auth.notice, etc.

    Read the article

  • Dovecot starting and running, but not listening on any port

    - by Dženis Macanovic
    Among others things I'm in charge of a Debian GNU/Linux (Wheezy) DomU for the mail services of the company i work for. Yesterday one HDD that was used for this particular server has died. After installing Debian again, Dovecot decided to no longer listen on any ports (checked with netstat -l). Other services (like Postfix and MySQL) work without problems. dovecot -n: # 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-3-amd64 x86_64 Debian wheezy/sid ext3 auth_mechanisms = plain login disable_plaintext_auth = no first_valid_uid = 150 last_valid_uid = 150 mail_gid = mail mail_location = maildir:/var/vmail/%d/%n mail_uid = vmail namespace inbox { inbox = yes location = prefix = } pass db { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-userdb { group = mail mode = 0666 user = vmail } } service imap-login { inet_listener imaps { port = 993 ssl = yes } } service pop3-login { inet_listener pop3s { port = 995 ssl = yes } } ssl_cert = </etc/ssl/private/mail.crt ssl_key = </etc/ssl/private/mail.key userdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } protocol imap { mail_max_userip_connections = 25 } UID 150 is vmail (I double checked file permissions). I didn't install Dovecot from source, but via apt from the official Debian US mirror. There are no messages concerning Dovecot in /var/log/syslog except for: Oct 21 06:36:29 server dovecot: master: Dovecot v2.1.7 starting up (core dumps disabled) Any ideas?

    Read the article

  • Automatically reconnect to VPN when it drops

    - by IAmAI
    I use OpenVPN to connect to a VPN service. I will often use it unattended and on occasion I have come back to find the service disconnected and GUI asking for login credentials. If the connection is disconnected by the service, and not me, I'd like it to attempt to reconnect automatically with no intervention from me, and ideally, if the reconnection attempt initially fails, keep attempting to do so at regular intervals until a connection is successfully. Is there anyway to configure OpenVPN to do this? If not, can someone suggest a way of doing it with scripting (I use Windows)? Failing that, can anyone suggest a VPN solution that does this? The VPN provider supports PPTP as well as OpenVPN. I have configured OpenVPN to read login credentials from a file. Below is my config script. I have censored any details specific to the VPN provider. client dev tun proto tcp remote ???.???.??? 0000 resolv-retry infinite nobind persist-key persist-tun ca ???.???.??? verb 3 mute-replay-warnings float reneg-sec 0 auth-user-pass auth.conf auth-nocache Thanks for your help.

    Read the article

  • Django & google openid authentication with socialauth

    - by Zayatzz
    Hello I am trying to use django-socialauth (http://github.com/uswaretech/Django-Socialauth) for authenticating users for my django project. This is firs time working with openid and i've had to figure out how exactly this open id works. I have more or less understood it, by now, but there are few things that elude me. The authentication process starts when the request is put together in in django-socialauth.openid_consumer.views.begin. I can see that the outgoing authentication request is more or less something like this: https://www.google.com/accounts/o8/ud?openid.assoc_handle=AOQobUckRThPUj3K1byG280Aze-dnfc9Iu6AEYaBwvHE11G0zy8kY8GZ& openid.ax.if_available=fname& openid.ax.mode=fetch_request& openid.ax.required=email& openid.ax.type.email=http://axschema.org/contact/email& openid.ax.type.fname=http://example.com/schema/fullname& openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select& openid.identity=http://specs.openid.net/auth/2.0/identifier_select& openid.mode=checkid_setup&openid.ns=http://specs.openid.net/auth/2.0& openid.ns.ax=http://openid.net/srv/ax/1.0& openid.ns.sreg=http://openid.net/extensions/sreg/1.1& openid.realm=http://localhost/& openid.return_to=http://localhost/social/gmail_login/complete/?janrain_nonce=2010-03-20T11%3A19%3A44ZPZCjNc&openid.sreg.optional=postcode,country,nickname,email This is lot like 2nd example here: http://code.google.com/apis/accounts/docs/OpenID.html#Samples The problem is, that the request, i get back, is nothing like the corresponding example from code.google.com (look at the 3rd example in example responses. Response dict i get is like this: { 'openid.op_endpoint': 'https://www.google.com/accounts/o8/ud', 'openid.sig': 'QWMa4x4ruMUvSCfLwKV6CZRuo0E=', 'openid.ext1.type.email': 'http://axschema.org/contact/email', 'openid.return_to': 'http://localhost/social/gmail_login/complete/?janrain_nonce=2010-03-20T17%3A54%3A06ZHV4cqh', 'janrain_nonce': '2010-03-20T17:54:06ZHV4cqh', 'openid.response_nonce': '2010-03-20T17:54:06ZdC5mMu9M_6O4pw', 'openid.claimed_id': 'https://www.google.com/accounts/o8/id?id=AItOghawkFz0aNzk91vaQWhD-DxRJo6sS09RwM3SE', 'openid.mode': 'id_res', 'openid.ns.ext1': 'http://openid.net/srv/ax/1.0', 'openid.signed': 'op_endpoint,claimed_id,identity,return_to,response_nonce,assoc_handle,ns.ext1,ext1.mode,ext1.type.email,ext1.value.email', 'openid.ext1.value.email': '[email protected]', 'openid.assoc_handle': 'AOQobUfssTJ2IxRlxrIvU4Xg8HHQKKTEuqwGxvwwuPR5rNvag0elGlYL', 'openid.ns': 'http://specs.openid.net/auth/2.0', 'openid.identity': 'https://www.google.com/accounts/o8/id?id=AItOawkghgfhf1FkvaQWhD-DxRJo6sS09RwMKjASE', 'openid.ext1.mode': 'fetch_response'} The socialauth itself has been built to accept my email address this way: elif request.openid and request.openid.ax: email = request.openid.ax.get('email') And obviously this fails. Why i am asking all this is, that perhaps i am doing something wrong and my outgoing request is wrong? Or am i doing all correctly and should change the socialaouth module to accept info in a new way and then commit the change? Alan

    Read the article

  • Django & google openid authentication (openid.ax) with socialauth

    - by Zayatzz
    Hello I am trying to use django-socialauth (http://github.com/uswaretech/Django-Socialauth) for authenticating users for my django project. This is firs time working with openid and i've had to figure out how exactly this open id works. I have more or less understood it, by now, but there are few things that elude me. The authentication process starts when the request is put together in in django-socialauth.openid_consumer.views.begin. I can see that the outgoing authentication request is more or less something like this: https://www.google.com/accounts/o8/ud?openid.assoc_handle=AOQobUckRThPUj3K1byG280Aze-dnfc9Iu6AEYaBwvHE11G0zy8kY8GZ& openid.ax.if_available=fname& openid.ax.mode=fetch_request& openid.ax.required=email& openid.ax.type.email=http://axschema.org/contact/email& openid.ax.type.fname=http://example.com/schema/fullname& openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select& openid.identity=http://specs.openid.net/auth/2.0/identifier_select& openid.mode=checkid_setup&openid.ns=http://specs.openid.net/auth/2.0& openid.ns.ax=http://openid.net/srv/ax/1.0& openid.ns.sreg=http://openid.net/extensions/sreg/1.1& openid.realm=http://localhost/& openid.return_to=http://localhost/social/gmail_login/complete/?janrain_nonce=2010-03-20T11%3A19%3A44ZPZCjNc&openid.sreg.optional=postcode,country,nickname,email This is lot like 2nd example here: http://code.google.com/apis/accounts/docs/OpenID.html#Samples The problem is, that the request, i get back, is nothing like the corresponding example from code.google.com (look at the 3rd example in example responses. Response dict i get is like this: { 'openid.op_endpoint': 'https://www.google.com/accounts/o8/ud', 'openid.sig': 'QWMa4x4ruMUvSCfLwKV6CZRuo0E=', 'openid.ext1.type.email': 'http://axschema.org/contact/email', 'openid.return_to': 'http://localhost/social/gmail_login/complete/?janrain_nonce=2010-03-20T17%3A54%3A06ZHV4cqh', 'janrain_nonce': '2010-03-20T17:54:06ZHV4cqh', 'openid.response_nonce': '2010-03-20T17:54:06ZdC5mMu9M_6O4pw', 'openid.claimed_id': 'https://www.google.com/accounts/o8/id?id=AItOghawkFz0aNzk91vaQWhD-DxRJo6sS09RwM3SE', 'openid.mode': 'id_res', 'openid.ns.ext1': 'http://openid.net/srv/ax/1.0', 'openid.signed': 'op_endpoint,claimed_id,identity,return_to,response_nonce,assoc_handle,ns.ext1,ext1.mode,ext1.type.email,ext1.value.email', 'openid.ext1.value.email': '[email protected]', 'openid.assoc_handle': 'AOQobUfssTJ2IxRlxrIvU4Xg8HHQKKTEuqwGxvwwuPR5rNvag0elGlYL', 'openid.ns': 'http://specs.openid.net/auth/2.0', 'openid.identity': 'https://www.google.com/accounts/o8/id?id=AItOawkghgfhf1FkvaQWhD-DxRJo6sS09RwMKjASE', 'openid.ext1.mode': 'fetch_response'} The socialauth itself has been built to accept my email address this way: elif request.openid and request.openid.ax: email = request.openid.ax.get('email') And obviously this fails. Why i am asking all this is, that perhaps i am doing something wrong and my outgoing request is wrong? Or am i doing all correctly and should change the socialaouth module to accept info in a new way and then commit the change? Alan

    Read the article

  • How can I conditionally only log something if it's a certain Class?

    - by BryanWheelock
    Something like this: if self.class == "User": logging.debug("%s non_pks were found" % (str(len(non_pks))) ) In [2]: user = User.objects.get(pk=1) In [3]: user.class Out[3]: In [4]: if user.class == 'django.contrib.auth.models.User': print "yes" ...: In [5]: user.class == 'django.contrib.auth.models.User' Out[5]: False In [6]: user.class == 'User' Out[6]: False In [7]: user.class == "" Out[7]: False

    Read the article

  • Google Hybrid OpenID+OAuth with dotnetopenauth

    - by Max Favilli
    I have spent probably more than 10 hours in the last two days trying to understand how to implement user login with Google Hybrid OpenID+OAuth (Federated Login) To trigger the authorization request I use: InMemoryOAuthTokenManager tm = new InMemoryOAuthTokenManager( ConfigurationManager.AppSettings["googleConsumerKey"], ConfigurationManager.AppSettings["googleConsumerSecret"]); using (OpenIdRelyingParty openid = new OpenIdRelyingParty()) { Realm realm = HttpContext.Current.Request.Url.Scheme + Uri.SchemeDelimiter + ConfigurationManager.AppSettings["googleConsumerKey"] + "/"; IAuthenticationRequest request = openid.CreateRequest(identifier, Realm.AutoDetect, new Uri(HttpContext.Current.Request.Url.Scheme + "://" + HttpContext.Current.Request.Url.Authority + "/OAuth/google")); var authorizationRequest = new AuthorizationRequest { Consumer = ConfigurationManager.AppSettings["googleConsumerKey"], Scope = "https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/plus.me", }; request.AddExtension(authorizationRequest); request.AddExtension(new ClaimsRequest { Email = DemandLevel.Request, Gender = DemandLevel.Require }); request.RedirectToProvider(); } To retrieve the accesstoken I use: using (OpenIdRelyingParty openid = new OpenIdRelyingParty()) { IAuthenticationResponse authResponse = openid.GetResponse(); if (authResponse != null) { switch (authResponse.Status) { case AuthenticationStatus.Authenticated: HttpContext.Current.Trace.Write("AuthenticationStatus", "Authenticated"); FetchResponse fr = authResponse.GetExtension<FetchResponse>(); InMemoryOAuthTokenManager tm = new InMemoryOAuthTokenManager(ConfigurationManager.AppSettings["googleConsumerKey"], ConfigurationManager.AppSettings["googleConsumerSecret"]); ServiceProviderDescription spd = new ServiceProviderDescription { spd.RequestTokenEndpoint = new DotNetOpenAuth.Messaging.MessageReceivingEndpoint("https://accounts.google.com/o/oauth2/token", HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.GetRequest); spd.AccessTokenEndpoint = new DotNetOpenAuth.Messaging.MessageReceivingEndpoint("https://accounts.google.com/o/oauth2/token", HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.GetRequest); spd.UserAuthorizationEndpoint = new DotNetOpenAuth.Messaging.MessageReceivingEndpoint("https://accounts.google.com/o/oauth2/auth?access_type=offline", HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.GetRequest); spd.TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() }; WebConsumer wc = new WebConsumer(spd, tm); AuthorizedTokenResponse accessToken = wc.ProcessUserAuthorization(); if (accessToken != null) { HttpContext.Current.Trace.Write("accessToken", accessToken.ToString()); } else { } break; case AuthenticationStatus.Canceled: HttpContext.Current.Trace.Write("AuthenticationStatus", "Canceled"); break; case AuthenticationStatus.Failed: HttpContext.Current.Trace.Write("AuthenticationStatus", "Failed"); break; default: break; } } } Unfortunatelly I get AuthenticationStatus.Authenticated but wc.ProcessUserAuthorization() is null. What am I doing wrong? Thanks a lot for any help.

    Read the article

  • sudo taking long time

    - by Sam
    On a Ubuntu 9 64bit Linux machine, sudo takes longer time to start. "sudo echo hi" takes 2-3 minutes. strace on sudo tells poll("/etc/pam.d/system-auth", POLLIN) timesout after 5 seconds and there are multiple calls(may be a loop) to same system call (which causes 2-3min delay). Any idea why sudo has to wait for /etc/pam.d/system-auth? Any tunable to make sudo to timeout faster? Thanks Samuel

    Read the article

  • authorizet.net local testing and ssl certificate

    - by Funky Dude
    hi i am integrating authorize.net AIM api into my shopping cart. i have a developer account from auth.net and i am working locally. when i do auth.net api call, i get SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed i assume it's because i dont have ssl on my local machine. how do i get over this so i can test on my local machine? thank you

    Read the article

  • cake php AppController and inheritance

    - by RSK
    hello folks........ In many tutorial of Acl component in cakephp i got instruction that add component either in AppController or in all the other controllers which inherits AppController....... but problem is var $components=array('Auth',Acl); when i use the above line in AppConroller i cant use the Auth or Acl component... but when i use the same code in all the child classes it works fine........ what will be the problem thanks in advance any help will be appreciated.

    Read the article

  • Any good OpenID php consumer libs?

    - by daniels
    I need a php lib that can auth using OpenID against sites offering this service, like Google, Yahoo, Wordpress, etc... Anyone used any lib that actuallly works? I've tryied a few but couldn't get any to auth against Google, Yahoo, or Wordpress.

    Read the article

  • Combine Related Resources With TastyPie

    - by Aaron Ng
    How can I combine multiple Resources in TastyPie? I have 3 models I'd like to combine: users, profiles and posts. Ideally I'd like profiles nested within user. I'm not sure where to go from here. class UserResource(ModelResource): class Meta: queryset = User.objects.all() resource_name = 'user' fields = ['username','id','date_joined'] #Improper Auth authorization = Authorization() class UserProfileResource(ModelResource): class Meta: queryset = UserProfile.objects.all() resource_name = 'profile' class UserPostResource(ModelResource): user = fields.ForeignKey(UserResource,'user', full=True) class Meta: queryset = UserPost.objects.all() resource_name = 'userpost' #Improper Auth authorization = Authorization()

    Read the article

  • Maven site deploy authentication error with scp

    - by Navi
    I get Auth fail error when running mvn -X site:deploy. org.apache.maven.wagon.authentication.AuthenticationException: Cannot connect. Reason: Auth fail It seems that the correct private key is used and I can scp files normally to the project site directory using scp on Ubuntu. What can be causing this?

    Read the article

  • Adding user role constraint redirects Browser to jsf.js script?

    - by simgineer
    My JSF form login was working with Constraint 1 however when I added Constraint 2 to my web.xml doing a submit on the form now takes me to a jsf javascript page. Can someone tell me what I am doing wrong? I would like only administrators to be able to access the /admin/* pages and only registered users to access the entire site included admin files. BTW after I see the java script page I can still navigate to the intended page in the browser, I just don't want the user to see the intermediate js page or need to know the target page URL. Constraint 1 <security-constraint> <display-name>Admin</display-name> <web-resource-collection> <url-pattern>/admin/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>ADMIN</role-name> </auth-constraint> </security-constraint> Constraint 2 <security-constraint> <display-name>Users</display-name> <web-resource-collection> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>USER</role-name> </auth-constraint> </security-constraint> Here is the undesired url I am being redirected to: javax.faces.resource/jsf.js.xhtml?ln=javax.faces&stage=Development Here is the start of the jsf.js.xhtml... /** @project JSF JavaScript Library @version 2.0 @description This is the standard implementation of the JSF JavaScript Library. */ /** * Register with OpenAjax */ if (typeof OpenAjax !== "undefined" && typeof OpenAjax.hub.registerLibrary !== "undefined") { OpenAjax.hub.registerLibrary("jsf", "www.sun.com", "2.0", null); } // Detect if this is already loaded, and if loaded, if it's a higher version if (!((jsf && jsf.specversion && jsf.specversion >= 20000 ) && (jsf.implversion && jsf.implversion >= 3))) { ... Notes I'm using Firefox 10.0.4, Glassfish 3.1 w JSF2.0 lib, j_security_check, and my login realm setup is similar to this

    Read the article

  • Freeradius problem

    - by IceAgeBosna
    Hello my Dear friends! Firstly sorry to my English I am not an expert:) I am using freeradius 2.1.7 and MySQL instaled on Ubuntu server 9.04. Now, the perl script called: "auth.pl" is verifying usersnames, passwords, and updating information. The problem is that on a certain number of connections simply "NAS" - Mikrotik until the next reboot users can not connect. If you need i cann show you auth.pl script

    Read the article

  • Authenticate User manually

    - by Sergey
    I am trying to authenticate the user after I got credentials using oAuth (with Twitter if that makes a difference). As far as I could understand it, I can directly put the Authentication object into SecurityContextHolder. Here is how I do it: Authentication auth = new TwitterOAuthAuthentication(member, userDetailsService.loadUserByUsername(member.getUsername()).getAuthorities()); SecurityContextHolder.getContext().setAuthentication(auth); This for some reason does absolutely nothing. What am I missing and what should I do to accomplish what need?

    Read the article

  • Php framework for fast developing

    - by nucleartux
    Please advise a php framework for fast developing and for don't digress to write often using code(auth, db/orm,etc..). Requrements: Active community Easy to use simple many to many and many to one relations auth. mechanism RoR like Please sorry for english.

    Read the article

< Previous Page | 20 21 22 23 24 25 26 27 28 29 30 31  | Next Page >