Search Results

Search found 1208 results on 49 pages for 'proxied authorization'.

Page 24/49 | < Previous Page | 20 21 22 23 24 25 26 27 28 29 30 31  | Next Page >

• Why is my WCF Rest Service on IIS7 Authenticating TWICE!?!?

  - by TheAggie

  Ok, if someone could shed some light on this for me, I would greatly appreciate it. So here we go. I had a rest service running fine the other day but after I accidentally overwrote the web.config all hell broke loose. I've spent the past day and a half trying to sort things out but I can't seem to figure out what is missing or misplaced. So, I've designed this service around WCF Rest Contrib (http://wcfrestcontrib.codeplex.com)'s authentication process. Now, I can get this working fine on my localhost w/ the current web.config (minus the endpoint entry) but once I upload it to discountasp and select "basic authorization" in the ISS7 Manager, it appears that I'm getting authenticated twice! Once using my discount asp.net user/pass and then the next time using the application user/pass. Unfortunately I only provide one set of credentials and don't want to hard code my discountasp account info into the app. Like I said before, this worked fine a few days ago. Anyway. here is my web.config as it is now: <?xml version="1.0"?> <configuration> <connectionStrings> <add name="SQL2008_ConnectionString" connectionString="Data Source=sql2k8xx.discountasp.net;Initial Catalog=SQL2008_xx;Persist Security Info=True;User ID=SQL2008_xx_user;Password=myPass" providerName="System.Data.SqlClient" /> </connectionStrings> <system.web> <httpRuntime maxRequestLength="204800" executionTimeout="3600"/> <compilation debug="true"> <assemblies> <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> </assemblies> </compilation> <httpModules> <add name="ServiceAnonymityModule" type="WcfRestContrib.Web.ServiceAnonymityModule, WcfRestContrib"/> </httpModules> </system.web> <system.codedom> <compilers> <compiler language="c#;cs;csharp" extension=".cs" warningLevel="4" type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> <providerOption name="CompilerVersion" value="v3.5"/> <providerOption name="WarnAsError" value="false"/> </compiler> </compilers> </system.codedom> <system.webServer> <validation validateIntegratedModeConfiguration="false"/> <modules> <remove name="ServiceAnonymityModule"/> <add name="ServiceAnonymityModule" type="WcfRestContrib.Web.ServiceAnonymityModule, WcfRestContrib"/> </modules> <handlers> <remove name="WebServiceHandlerFactory-Integrated"/> </handlers> </system.webServer> <system.diagnostics> <trace autoflush="true" /> </system.diagnostics> <system.serviceModel> <serviceHostingEnvironment aspNetCompatibilityEnabled="false"> <baseAddressPrefixFilters> <add prefix="http://www.mydomain.com/myServiceBaseAddress"/> </baseAddressPrefixFilters> </serviceHostingEnvironment> <extensions> <behaviorExtensions> <add name="webAuthentication" type="WcfRestContrib.ServiceModel.Configuration.WebAuthentication.ConfigurationBehaviorElement, WcfRestContrib, Version=1.0.5.0, Culture=neutral, PublicKeyToken=89183999a8dc93b5"/> <add name="errorHandler" type="WcfRestContrib.ServiceModel.Configuration.ErrorHandler.BehaviorElement, WcfRestContrib, Version=1.0.5.0, Culture=neutral, PublicKeyToken=89183999a8dc93b5"/> <add name="webFormatter" type="WcfRestContrib.ServiceModel.Configuration.WebDispatchFormatter.ConfigurationBehaviorElement, WcfRestContrib, Version=1.0.5.0, Culture=neutral, PublicKeyToken=89183999a8dc93b5"/> <add name="webErrorHandler" type="WcfRestContrib.ServiceModel.Configuration.WebErrorHandler.ConfigurationBehaviorElement, WcfRestContrib, Version=1.0.5.0, Culture=neutral, PublicKeyToken=89183999a8dc93b5"/> </behaviorExtensions> </extensions> <bindings> <customBinding> <binding name="HttpStreamedRest"> <httpTransport maxReceivedMessageSize="209715200" manualAddressing="true" /> </binding> <binding name="HttpsStreamedRest"> <httpsTransport maxReceivedMessageSize="209715200" manualAddressing="true" /> </binding> </customBinding> </bindings> <behaviors> <serviceBehaviors> <behavior name="Rest"> <webAuthentication requireSecureTransport="false" authenticationHandlerType="WcfRestContrib.ServiceModel.Dispatcher.WebBasicAuthenticationHandler, WcfRestContrib" usernamePasswordValidatorType="MyLibrary.Runtime.SecurityValidator, MyLibrary" source="MyRESTServiceRealm"/> <webFormatter> <formatters defaultMimeType="application/xml"> <formatter mimeTypes="application/xml,text/xml" type="WcfRestContrib.ServiceModel.Dispatcher.Formatters.PoxDataContract, WcfRestContrib"/> <formatter mimeTypes="application/json" type="WcfRestContrib.ServiceModel.Dispatcher.Formatters.DataContractJson, WcfRestContrib"/> <formatter mimeTypes="application/x-www-form-urlencoded" type="WcfRestContrib.ServiceModel.Dispatcher.Formatters.FormUrlEncoded, WcfRestContrib"/> </formatters> </webFormatter> <errorHandler errorHandlerType="WcfRestContrib.ServiceModel.Web.WebErrorHandler, WcfRestContrib"/> <webErrorHandler returnRawException="true" logHandlerType="MyLibrary.Runtime.LogHandler, MyLibrary" unhandledErrorMessage="An error has occured processing your request. Please contact technical support for further assistance."/> </behavior> </serviceBehaviors> </behaviors> </system.serviceModel> </configuration> So, whenever I upload this and change the ISS setting to Basic Authentication, it looks like it is trying to use the default handler for authentication as if I try to enter my web app user/pass, I get an error screen which has the following detailed information about the moduel/handler Detailed Error Information Module: IIS Web Core Notification: AuthenticateRequest Handler: svc-ISAPI-2.0 Error Code: 0x80070005 Requested URL: http://www.mydomain.com:80/MyService.../MyService.svc Physical Path: E:\web\xxxxxx\htdocs\MyServiceBaseAddress\MyService.svc Logon Method: Not yet determined Logon User: Not yet determined Now for the fun stuff... i tried providing my discountasp.net account username/password for kicks and sure enough it responded properly for any [OperationContract] which doesn't have [OperationAuthentication] defined (which is only one or two of the operations I have). I thought this was strange, so I looked at fiddler and saw something interesting. Whenever I try request a procedure with [OperationAuthentication] defined and provide my discountasp.net username/pass I get two different "WWW-Authenticate" headers back in Fiddler: WWW-Authenticate: Basic realm="MyRESTServiceRealm" WWW-Authenticate: Basic realm="www.mydomain.com" On the other hand, if I try to access the same procedures with only my application's user/pass, I only get the site's header: WWW-Authenticate: Basic realm="www.mydomain.com" My hypothesis is that for some reason I'm having to pass through the default "Basic Authorization" layer set by IIS before I can get to the application's "Custom Basic Authorization" layer. After verifying this by created an identical user/pass for my service that I use for my discountasp.net account, I was able to successfully pass both layers of authentication without any issues... so I think I can conclude that this is indeed the issue. Now how do I disable the default one? Do I need to do this in the IIS Manager, or in the web.config? Anyway, I have absolutely no idea how this is possible or what I need to do to resolve the issue, but I know that something is seriously out of whack. Any suggestions would be greatly appreciated! Thanks.

  Read the article

• PHP Curl and Curl

  - by mithunmo

  Hi , I am able to send a get request using PHP Curl . But the same thing when i try from command line in Linux (/usr/bin/curl ) I am unable to do so. Please find below my PHP curl that is working $url = "http://172.20.22.26"; $headers = array("Host: 172.20.22.26", "User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1", "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language: en-us,en;q=0.5", "Accept-Encoding: gzip,deflate", "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7", "Keep-Alive: 300", "Connection: keep-alive", "Authorization: Basic bWl0aHVuOm1pdGh1bg==" ); $ch = curl_init(); curl_setopt($ch,CURLOPT_URL,'http://172.20.22.26'); curl_setopt($ch,CURLOPT_RETURNTRANSFER,1); // RETURN THE CONTENTS OF THE CALL curl_setopt($ch,CURLOPT_CONNECTTIMEOUT,5); curl_setopt($ch,CURLOPT_AUTOREFERER,TRUE); curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); $store = curl_exec($ch); ?> But the similar thing when I try to give in command line ( not using php ) it does not work . I get an error "curl: (18) transfer closed with outstanding read data remaining" and the GET request is not complete Please find below the command I am using curl -u mithun:mithun -H "Host: 172.20.22.29,Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8,Accept-Language:en-us,en;q=0.5,Accept-Encoding:gzip,deflate,Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7,Keep-Alive: 300,connection: keep-alive,Authorization: Basic bWl0aHVuOm1pdGh1bg==" http://172.20.22.29 The output i get curl: (18) transfer closed with outstanding read data remaining <frameset frameborder="0" framespacing="0" border="0" cols="220,*"><frameset frameborder="0" framespacing="0" border="0" rows="68,89%"><frame src="top.htm" name="top" scrolling=no noresize target=top marginwidth=2 marginheight=2><frame src="View.htm" name="left" target=left marginheight=1 scrolling=auto noresize marginwidth=5></frameset><frameset frameborder="0" framespacing="0" border="0" rows="68,*"><frame src="top2.htm" name="top2" target=top2 scrolling=no><frame src="sys_status.htm" name="right" target="_self"></frameset></frameset>[qateam@bras-1-cwmp08 usr]$

  Read the article

• Why is ASP.NET MVC Authorize attribute throwing a null reference exception?

  - by robertz

  I had a working asp.net mvc application running on my local IIS 7 web server, but now I'm getting errors whenever I request a page that requires authorization. I'm using standard forms authentication with asp.net membership. Here's the error: Stack Trace: [NullReferenceException: Object reference not set to an instance of an object.] System.Web.Mvc.AuthorizeAttribute.AuthorizeCore(HttpContextBase httpContext) +31 System.Web.Mvc.AuthorizeAttribute.OnAuthorization(AuthorizationContext filterContext) +38 System.Web.Mvc.ControllerActionInvoker.InvokeAuthorizationFilters(ControllerContext controllerContext, IList`1 filters, ActionDescriptor actionDescriptor) +103 System.Web.Mvc.ControllerActionInvoker.InvokeAction(ControllerContext controllerContext, String actionName) +345...

  Read the article

• RuntimeBinderException with dynamic in C# 4.0

  - by Terence Lewis

  I have an interface: public abstract class Authorizer<T> where T : RequiresAuthorization { public AuthorizationStatus Authorize(T record) { // Perform authorization specific stuff // and then hand off to an abstract method to handle T-specific stuff // that should happen when authorization is successful } } Then, I have a bunch of different classes which all implement RequiresAuthorization, and correspondingly, an Authorizer<T> for each of them (each business object in my domain requires different logic to execute once the record has been authorized). I'm also using a UnityContainer, in which I register various Authorizer<T>'s. I then have some code as follows to find the right record out of the database and authorize it: void Authorize(RequiresAuthorization item) { var dbItem = ChildContainer.Resolve<IAuthorizationRepository>() .RetrieveRequiresAuthorizationById(item.Id); var authorizerType = type.GetType(String.Format("Foo.Authorizer`1[[{0}]], Foo", dbItem.GetType().AssemblyQualifiedName)); dynamic authorizer = ChildContainer.Resolve(type) as dynamic; authorizer.Authorize(dbItem); } Basically, I'm using the Id on the object to retrieve it out of the database. In the background NHibernate takes care of figuring out what type of RequiresAuthorization it is. I then want to find the right Authorizer for it (I don't know at compile time what implementation of Authorizer<T> I need, so I've got a little bit of reflection to get the fully qualified type). To accomplish this, I use the non-generic overload of UnityContainer's Resolve method to look up the correct authorizer from configuration. Finally, I want to call Authorize on the authorizer, passing through the object I've gotten back from NHibernate. Now, for the problem: In Beta2 of VS2010 the above code works perfectly. On RC and RTM, as soon as I make the Authorize() call, I get a RuntimeBinderException saying "The best overloaded method match for 'Foo.Authorizer<Bar>.Authorize(Bar)' has some invalid arguments". When I inspect the authorizer in the debugger, it's the correct type. When I call GetType().GetMethods() on it, I can see the Authorize method which takes a Bar. If I do GetType() on dbItem it is a Bar. Because this worked in Beta2 and not in RC, I assumed it was a regression (it seems like it should work) and I delayed sorting it out until after I'd had a chance to test it on the RTM version of C# 4.0. Now I've done that and the problem still persists. Does anybody have any suggestions to make this work? Thanks Terence

  Read the article

• Do Facebook Oauth 2.0 Access Tokens Expire?

  - by Jared Brown

  I am playing around with the Oauth 2.0 authorization in Facebook and was wondering if the access tokens Facebook passes out ever expire. If so, is there a way to request a long-life access token?

  Read the article

• Handling Errors from HttpWebRequest.GetResponse

  - by Jason

  Hey experts - I'm having a ridiculous time trying to get an SMS API working (ZeepMobile, if you're interested) with .NET... I've been around .NET for a few years, but with all this social networking and API stuff, I need to get into the HttpWebRequest a bit. I'm new at it, but not completely new; I was able to hook up my site to Twitter without too much fuss (ie, I was able to modify someone's code to work for me). Anyways, the way their API works is to send an SMS message, you send them a POST and they respond back to you. I can send it just fine, but every time I do, rather than echo back something helpful to figure out what the error is, I get the Yellow Error Page Of Death (YEPOD) saying something to the effect of "The remote server returned an error: (400) Bad Request." This occurs on my line: '...creation of httpwebrequest here...' Dim myWebResponse As WebResponse myWebResponse = request.GetResponse() '<--- error line Is there any way to simply receive the error from the server rather than have the webserver throw an exception and give me the YEPOD? Or better yet, can anyone post a working example of their Zeep code? :) Thanks! EDIT: Here's my whole code block: Public Shared Function SendTextMessage(ByVal username As String, _ ByVal txt As String) As String Dim content As String = "user_id=" + _ username + "&body=" + Current.Server.UrlEncode(txt) Dim httpDate As String = DateTime.Now.ToString("r") Dim canonicalString As String = API_KEY & httpDate & content Dim encoding As New System.Text.UTF8Encoding Dim hmacSha As New HMACSHA1(encoding.GetBytes(SECRET_ACCESS_KEY)) Dim hash() As Byte = hmacSha.ComputeHash(encoding.GetBytes(canonicalString)) Dim b64 As String = Convert.ToBase64String(hash) 'connect with zeep' Dim request As HttpWebRequest = CType(WebRequest.Create(_ "https://api.zeepmobile.com/messaging/2008-07-14/send_message"), HttpWebRequest) request.Method = "POST" request.ServicePoint.Expect100Continue = False ' set the authorization levels' request.Headers.Add("Authorization", "Zeep " & API_KEY & ":" & b64) request.ContentType = "application/x-www-form-urlencoded" request.ContentLength = content.Length ' set up and write to stream' Dim reqStream As New StreamWriter(request.GetRequestStream()) reqStream.Write(content) reqStream.Close() Dim msg As String = "" msg = reqStream.ToString Dim myWebResponse As WebResponse Dim myResponseStream As Stream Dim myStreamReader As StreamReader myWebResponse = request.GetResponse() myResponseStream = myWebResponse.GetResponseStream() myStreamReader = New StreamReader(myResponseStream) msg = myStreamReader.ReadToEnd() myStreamReader.Close() myResponseStream.Close() ' Close the WebResponse' myWebResponse.Close() Return msg End Function

  Read the article

• Yahoo OAuth implementation has no way to work offline

  - by Khash

  I need to download my Delicious bookmarks to a non-web application without constant user interaction. I'm using Delicious's V2 API (using oAuth) but the problem is it seems their access tokens expire after one hour. I don't have any issues with redirecting the user to Yahoo for a one time authorization, but what is described here (http://developer.yahoo.com/oauth/guide/oauth-refreshaccesstoken.html) means I would have to refresh my access tokens all the time before they expire when the user is away. Is this really the way they've done their oAuth implementation?

  Read the article

• Access Delicious API via Yahoo ID without redirect to Yahoo authorizing page

  - by jack

  To be more specific: My delicious account is a Yahoo ID so access via OAuth is required. It's for my use only to add/remove bookmarks. I have the password. It's a command line python program, not web-based. My question is: Is it possible to access my delicious account without being redirected to a Yahoo OAuth authorization page? Any examples are appreciated.

  Read the article

• Problem with Twitter basic authentication using AJAX

  - by jelford

  I'm developing a javascript App that needs, as part of its functionality, for users to be able to update their Twitter status. The App is designed to work on mobiles, and as such I don't really want to be sending users all the way over to the Twitter site to sign in; they should just be able to pass their credentials to the app, and I'll handle all the signin. So I'm trying to use the Basic Auth with the restful API. My code looks like: function postTweet(input){ $.ajax( { type: "POST", url: "http://twitter.com/statuses/update.json", data: {status: input}, dataType: "json", error: function() { alert("Some error occured"); }, success: function() { alert("Success!"); }, beforeSend: function(request) { request.setRequestHeader("Authorization", "Basic BASE64OFMYCREDENTIALS");} } ) ; } So, as far as I'm aware, this should perform the authentication from the XMLHttpRequest header, and then post the status. However, whenever I call this code, I get a "401 Unauthorized" error from Twitter. Below are the request & response headers from firebug: Request: OPTIONS /statuses/update.json HTTP/1.1 Host: twitter.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.2) Gecko/20100115 Firefox/3.6 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-gb,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Origin: null Access-Control-Request-Method: POST Access-Control-Request-Headers: authorization Response: HTTP/1.1 401 Unauthorized Date: Sat, 13 Mar 2010 11:08:58 GMT Server: hi Status: 401 Unauthorized WWW-Authenticate: Basic realm="Twitter API" X-Runtime: 0.00204 Content-Type: application/json; charset=utf-8 Cache-Control: no-cache, max-age=300 Set-Cookie: guest_id=1268478538488; path=/ _twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCPlyNlcnAToHaWQiJWUyN2YzYjc3OTk2NGQ3%250ANzJkYTA4MjYzOWJmYTQyYmUyIgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--d687808459872da0aa6a89cab35fd347300b4d07; domain=.twitter.com; path=/ Expires: Sat, 13 Mar 2010 11:13:58 GMT Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 88 Connection: close Any help with this would be much appreciated, Thanks, jelford ps. I should mention I'm using JQuery, incase it's not clear.

  Read the article

• Forms Authentication logs out very quickly , locally works fine !!!

  - by user319075

  Hello to all, There's a problem that i am facing with my hosting company, I use a project that uses FormsAuthentication and the problem is that though it successfully logs in, it logs out VERY QUICKLY, and i don't know what could be the cause of that, so in my web.config file i added those lines: <authentication mode="Forms" > <forms name="Nadim" loginUrl="Login.aspx" defaultUrl="Default.aspx" protection="All" path="/" requireSSL="false"/> </authentication> <authorization> <deny users ="?" /> </authorization> <sessionState mode="StateServer" stateConnectionString="tcpip=localhost:42424" cookieless="false" timeout="1440"> </sessionState> and this is the code i use in my custom login page : protected void PasswordCustomValidator_ServerValidate(object source, ServerValidateEventArgs args) { try { UsersSqlDataSource.SelectParameters.Clear(); UsersSqlDataSource.SelectCommand = "Select * From Admins Where AdminID='" + IDTextBox.Text + "' and Password='" + PassTextBox.Text + "'"; UsersSqlDataSource.SelectCommandType = SqlDataSourceCommandType.Text; UsersSqlDataSource.DataSourceMode = SqlDataSourceMode.DataReader; reader = (SqlDataReader)UsersSqlDataSource.Select(DataSourceSelectArguments.Empty); if (reader.HasRows) { reader.Read(); if (RememberCheckBox.Checked == true) Page.Response.Cookies["Admin"].Expires = DateTime.Now.AddDays(5); args.IsValid = true; string userData = "ApplicationSpecific data for this user."; FormsAuthenticationTicket ticket1 = new FormsAuthenticationTicket(1, IDTextBox.Text, System.DateTime.Now, System.DateTime.Now.AddMinutes(30), true, userData, FormsAuthentication.FormsCookiePath); string encTicket = FormsAuthentication.Encrypt(ticket1); Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket)); Response.Redirect(FormsAuthentication.GetRedirectUrl(IDTextBox.Text, RememberCheckBox.Checked)); //FormsAuthentication.RedirectFromLoginPage(IDTextBox.Text, RememberCheckBox.Checked); } else args.IsValid = false; } catch (SqlException ex) { ErrorLabel.Text = ex.Message; } catch (InvalidOperationException) { args.IsValid = false; } catch (Exception ex) { ErrorLabel.Text = ex.Message; } Also you will find that line of code: FormsAuthentication.RedirectFromLoginPage(IDTextBox.Text, RememberCheckBox.Checked); is commented because i thought there might be something wrong with the ticket when i log in , so i created it manually , every thing i know i tried but nothing worked, so does anyone have any idea what is the problem ? Thanks in advance, Baher.

  Read the article

• JBOSS 7.1 started hanging after 6 months of deployment

  - by PVR

  My application is been live from 6 months. The application is host on jboss 7.1 server. From last few days I am finding numerous problem of hanging of jboss server. Though I restart the jboss server again, it does not invoke. I need to restart the server machine itself. Can anyone please let me know what could be the cause of these problems and the workable resolutions or any suggestion ? Kindly dont degrade the question as I am facing a lot problems due to this hanging issue. Also for the information, the application is based on Java, GWT, Hibernate 3. Please find the standalone.xml file in case if it helps. <extensions> <extension module="org.jboss.as.clustering.infinispan"/> <extension module="org.jboss.as.configadmin"/> <extension module="org.jboss.as.connector"/> <extension module="org.jboss.as.deployment-scanner"/> <extension module="org.jboss.as.ee"/> <extension module="org.jboss.as.ejb3"/> <extension module="org.jboss.as.jaxrs"/> <extension module="org.jboss.as.jdr"/> <extension module="org.jboss.as.jmx"/> <extension module="org.jboss.as.jpa"/> <extension module="org.jboss.as.logging"/> <extension module="org.jboss.as.mail"/> <extension module="org.jboss.as.naming"/> <extension module="org.jboss.as.osgi"/> <extension module="org.jboss.as.pojo"/> <extension module="org.jboss.as.remoting"/> <extension module="org.jboss.as.sar"/> <extension module="org.jboss.as.security"/> <extension module="org.jboss.as.threads"/> <extension module="org.jboss.as.transactions"/> <extension module="org.jboss.as.web"/> <extension module="org.jboss.as.webservices"/> <extension module="org.jboss.as.weld"/> </extensions> <system-properties> <property name="org.apache.coyote.http11.Http11Protocol.COMPRESSION" value="on"/> <property name="org.apache.coyote.http11.Http11Protocol.COMPRESSION_MIME_TYPES" value="text/javascript,text/css,text/html,text/xml,text/json"/> </system-properties> <management> <security-realms> <security-realm name="ManagementRealm"> <authentication> <properties path="mgmt-users.properties" relative-to="jboss.server.config.dir"/> </authentication> </security-realm> <security-realm name="ApplicationRealm"> <authentication> <properties path="application-users.properties" relative-to="jboss.server.config.dir"/> </authentication> </security-realm> </security-realms> <management-interfaces> <native-interface security-realm="ManagementRealm"> <socket-binding native="management-native"/> </native-interface> <http-interface security-realm="ManagementRealm"> <socket-binding http="management-http"/> </http-interface> </management-interfaces> </management> <profile> <subsystem xmlns="urn:jboss:domain:logging:1.1"> <console-handler name="CONSOLE"> <level name="INFO"/> <formatter> <pattern-formatter pattern="%d{HH:mm:ss,SSS} %-5p [%c] (%t) %s%E%n"/> </formatter> </console-handler> <periodic-rotating-file-handler name="FILE"> <formatter> <pattern-formatter pattern="%d{HH:mm:ss,SSS} %-5p [%c] (%t) %s%E%n"/> </formatter> <file relative-to="jboss.server.log.dir" path="server.log"/> <suffix value=".yyyy-MM-dd"/> <append value="true"/> </periodic-rotating-file-handler> <logger category="com.arjuna"> <level name="WARN"/> </logger> <logger category="org.apache.tomcat.util.modeler"> <level name="WARN"/> </logger> <logger category="sun.rmi"> <level name="WARN"/> </logger> <logger category="jacorb"> <level name="WARN"/> </logger> <logger category="jacorb.config"> <level name="ERROR"/> </logger> <root-logger> <level name="INFO"/> <handlers> <handler name="CONSOLE"/> <handler name="FILE"/> </handlers> </root-logger> </subsystem> <subsystem xmlns="urn:jboss:domain:configadmin:1.0"/> <subsystem xmlns="urn:jboss:domain:datasources:1.0"> <datasources> <datasource jndi-name="java:jboss/datasources/ExampleDS" pool-name="ExampleDS" enabled="true" use-java-context="true"> <connection-url>jdbc:h2:mem:test;DB_CLOSE_DELAY=-1</connection-url> <driver>h2</driver> <security> <user-name>sa</user-name> <password>sa</password> </security> </datasource> <drivers> <driver name="h2" module="com.h2database.h2"> <xa-datasource-class>org.h2.jdbcx.JdbcDataSource</xa-datasource-class> </driver> </drivers> </datasources> </subsystem> <subsystem xmlns="urn:jboss:domain:deployment-scanner:1.1"> <deployment-scanner path="deployments" relative-to="jboss.server.base.dir" scan-interval="5000"/> </subsystem> <subsystem xmlns="urn:jboss:domain:ee:1.0"/> <subsystem xmlns="urn:jboss:domain:ejb3:1.2"> <session-bean> <stateless> <bean-instance-pool-ref pool-name="slsb-strict-max-pool"/> </stateless> <stateful default-access-timeout="5000" cache-ref="simple"/> <singleton default-access-timeout="5000"/> </session-bean> <pools> <bean-instance-pools> <strict-max-pool name="slsb-strict-max-pool" max-pool-size="20" instance-acquisition-timeout="5" instance-acquisition-timeout-unit="MINUTES"/> <strict-max-pool name="mdb-strict-max-pool" max-pool-size="20" instance-acquisition-timeout="5" instance-acquisition-timeout-unit="MINUTES"/> </bean-instance-pools> </pools> <caches> <cache name="simple" aliases="NoPassivationCache"/> <cache name="passivating" passivation-store-ref="file" aliases="SimpleStatefulCache"/> </caches> <passivation-stores> <file-passivation-store name="file"/> </passivation-stores> <async thread-pool-name="default"/> <timer-service thread-pool-name="default"> <data-store path="timer-service-data" relative-to="jboss.server.data.dir"/> </timer-service> <remote connector-ref="remoting-connector" thread-pool-name="default"/> <thread-pools> <thread-pool name="default"> <max-threads count="10"/> <keepalive-time time="100" unit="milliseconds"/> </thread-pool> </thread-pools> </subsystem> <subsystem xmlns="urn:jboss:domain:infinispan:1.2" default-cache-container="hibernate"> <cache-container name="hibernate" default-cache="local-query"> <local-cache name="entity"> <transaction mode="NON_XA"/> <eviction strategy="LRU" max-entries="10000"/> <expiration max-idle="100000"/> </local-cache> <local-cache name="local-query"> <transaction mode="NONE"/> <eviction strategy="LRU" max-entries="10000"/> <expiration max-idle="100000"/> </local-cache> <local-cache name="timestamps"> <transaction mode="NONE"/> <eviction strategy="NONE"/> </local-cache> </cache-container> </subsystem> <subsystem xmlns="urn:jboss:domain:jaxrs:1.0"/> <subsystem xmlns="urn:jboss:domain:jca:1.1"> <archive-validation enabled="true" fail-on-error="true" fail-on-warn="false"/> <bean-validation enabled="true"/> <default-workmanager> <short-running-threads> <core-threads count="50"/> <queue-length count="50"/> <max-threads count="50"/> <keepalive-time time="10" unit="seconds"/> </short-running-threads> <long-running-threads> <core-threads count="50"/> <queue-length count="50"/> <max-threads count="50"/> <keepalive-time time="100" unit="seconds"/> </long-running-threads> </default-workmanager> <cached-connection-manager/> </subsystem> <subsystem xmlns="urn:jboss:domain:jdr:1.0"/> <subsystem xmlns="urn:jboss:domain:jmx:1.1"> <show-model value="true"/> <remoting-connector/> </subsystem> <subsystem xmlns="urn:jboss:domain:jpa:1.0"> <jpa default-datasource=""/> </subsystem> <subsystem xmlns="urn:jboss:domain:mail:1.0"> <mail-session jndi-name="java:jboss/mail/Default"> <smtp-server outbound-socket-binding-ref="mail-smtp"/> </mail-session> </subsystem> <subsystem xmlns="urn:jboss:domain:naming:1.1"/> <subsystem xmlns="urn:jboss:domain:osgi:1.2" activation="lazy"> <properties> <property name="org.osgi.framework.startlevel.beginning"> 1 </property> </properties> <capabilities> <capability name="javax.servlet.api:v25"/> <capability name="javax.transaction.api"/> <capability name="org.apache.felix.log" startlevel="1"/> <capability name="org.jboss.osgi.logging" startlevel="1"/> <capability name="org.apache.felix.configadmin" startlevel="1"/> <capability name="org.jboss.as.osgi.configadmin" startlevel="1"/> </capabilities> </subsystem> <subsystem xmlns="urn:jboss:domain:pojo:1.0"/> <subsystem xmlns="urn:jboss:domain:remoting:1.1"> <connector name="remoting-connector" socket-binding="remoting" security-realm="ApplicationRealm"/> </subsystem> <subsystem xmlns="urn:jboss:domain:resource-adapters:1.0"/> <subsystem xmlns="urn:jboss:domain:sar:1.0"/> <subsystem xmlns="urn:jboss:domain:security:1.1"> <security-domains> <security-domain name="other" cache-type="default"> <authentication> <login-module code="Remoting" flag="optional"> <module-option name="password-stacking" value="useFirstPass"/> </login-module> <login-module code="RealmUsersRoles" flag="required"> <module-option name="usersProperties" value="${jboss.server.config.dir}/application-users.properties"/> <module-option name="rolesProperties" value="${jboss.server.config.dir}/application-roles.properties"/> <module-option name="realm" value="ApplicationRealm"/> <module-option name="password-stacking" value="useFirstPass"/> </login-module> </authentication> </security-domain> <security-domain name="jboss-web-policy" cache-type="default"> <authorization> <policy-module code="Delegating" flag="required"/> </authorization> </security-domain> <security-domain name="jboss-ejb-policy" cache-type="default"> <authorization> <policy-module code="Delegating" flag="required"/> </authorization> </security-domain> </security-domains> </subsystem> <subsystem xmlns="urn:jboss:domain:threads:1.1"/> <subsystem xmlns="urn:jboss:domain:transactions:1.1"> <core-environment> <process-id> <uuid/> </process-id> </core-environment> <recovery-environment socket-binding="txn-recovery-environment" status-socket-binding="txn-status-manager"/> <coordinator-environment default-timeout="300"/> </subsystem> <subsystem xmlns="urn:jboss:domain:web:1.1" default-virtual-server="default-host" native="false"> <connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/> <virtual-server name="default-host" enable-welcome-root="false"> <alias name="localhost"/> <alias name="nextenders.com"/> </virtual-server> </subsystem> <subsystem xmlns="urn:jboss:domain:webservices:1.1"> <modify-wsdl-address>true</modify-wsdl-address> <wsdl-host>${jboss.bind.address:127.0.0.1}</wsdl-host> <endpoint-config name="Standard-Endpoint-Config"/> <endpoint-config name="Recording-Endpoint-Config"> <pre-handler-chain name="recording-handlers" protocol-bindings="##SOAP11_HTTP ##SOAP11_HTTP_MTOM ##SOAP12_HTTP ##SOAP12_HTTP_MTOM"> <handler name="RecordingHandler" class="org.jboss.ws.common.invocation.RecordingServerHandler"/> </pre-handler-chain> </endpoint-config> </subsystem> <subsystem xmlns="urn:jboss:domain:weld:1.0"/> </profile> <interfaces> <interface name="management"> <inet-address value="${jboss.bind.address.management:127.0.0.1}"/> </interface> <interface name="public"> <inet-address value="${jboss.bind.address:127.0.0.1}"/> </interface> <interface name="unsecure"> <inet-address value="${jboss.bind.address.unsecure:127.0.0.1}"/> </interface> </interfaces> <socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}"> <socket-binding name="management-native" interface="management" port="${jboss.management.native.port:9999}"/> <socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/> <socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9443}"/> <socket-binding name="ajp" port="8009"/> <socket-binding name="http" port="80"/> <socket-binding name="https" port="443"/> <socket-binding name="osgi-http" interface="management" port="8090"/> <socket-binding name="remoting" port="4447"/> <socket-binding name="txn-recovery-environment" port="4712"/> <socket-binding name="txn-status-manager" port="4713"/> <outbound-socket-binding name="mail-smtp"> <remote-destination host="localhost" port="25"/> </outbound-socket-binding> </socket-binding-group>

  Read the article

• Asp.net MVC and MOSS 2010 integration

  - by Robert Koritnik

  Just a sidenote: I'm not sure whether I should post this to serverfault as well, because some MOSS admin may have some info for me as well? A bit of explanation first (without Asp.net MVC) Is it possible to integrate the two? Is it possible to write an application that would share at least credential information with MOSS? I have to write a MOSS application that has to do with these technologies: MOSS 2010 Personal client certificates authentication (most probably on USB keys) Active Directory Federation Services Separate SQL DB that would serve application specific data (separate as not being part of MOSS DB) How should it work? Users should authenticate using personal certificates into MOSS 2010 There would be a certain part of MOSS that would be related to my custom application This application should only authorize certain users via AD FS - I guess these users should have a certain security claim attached to them This application should manage users (that have access to this app) with additional (app specific) security claims related to this application (as additional application level authorization rights for individual application parts) This application should use custom SQL 2008 DB heavily with its own data This application should have the possibility to integrate with external systems as well (Exchange for instance to inject calendar entries, ERP systems etc) This application should be able to export its data (from its DB) to files. I don't know if it's possible, but it would be nice if the app could add these files to MOSS and attach authorization info to them so only users with sufficient rights would be able to view/open these files. Why Asp.net MVC then? I'm very well versed in Asp.net MVC (also with the latest version) and I haven't done anything on Sharepoint since version 2003 (which doesn't do me no good or prepare me for the latest version in any way shape or form). This project will most probably be a death march project so I would rather write my application as a UI rich Asp.net MVC application and somehow integrate it into MOSS. But not only via a link, because I would like to at least share credentials, so users wouldn't need to re-login when accessing my app. Using Asp.net MVC I would at least have the possibility to finish on time or be less death marching. Is this at all possible? Questions Is it possible to integrate Asp.net MVC into MOSS as described above? If integration is not possible, would it be possible to create a completely MOSS based application that would work as described? Which parts of MOSS 2010 should I use to accomplish what I need?

  Read the article

• Relative connection string to AzMan XML store when using security application block

  - by David Hall

  Is it possible to specify a relative connection string for an AzMan XML store? My current connection string is connectionString="msxml://c:/azman.xml" but I really need to make that relative so other developers and automated builds can get the latest authorization store. MS documentation seems to suggest that connectionString="msxml://azman.xml" should work but that throws a The request is not supported error. EDIT: I realised that the fact I'm using AzMan through the Enterprise Library Security Application Block was important to the question.

  Read the article

• HTTP request, strange socket behavoir

  - by hoodoos

  I expirience strange behavior when doing HTTP requests through sockets, here the request: POST https://test.com:443/service/XMLSelect HTTP/1.1 Content-Length: 10926 Host: test.com User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 1.0.3705) Authorization: Basic XXX SOAPAction: http://test.com/SubmitXml Later on there goes body of my request with given content length. After that I recive something like: HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Content-Type: text/xml;charset=utf-8 Transfer-Encoding: chunked Date: Tue, 30 Mar 2010 06:13:52 GMT So everything seem to be fine here. I read all contents from network stream and successfuly recieve response. But my socket which I'm doing polling on switches it's modes like that: write ( i write headers and request here ) read ( after headers sent i begin to recieve response ) write ( STRANGE BEHAVIOUR HERE. WHY? here i send nothing really ) read ( here it switches to read back again ) last two steps can repeat several times. So I want to ask what leads for socket's mode change? And in this case it's not a big problem, but when I use gzip compression in my request ( no idea how it's related ) and ask server to send gzipped response to me like this: POST https://test.com:443/service/XMLSelect HTTP/1.1 Content-Length: 1076 Accept-Encoding: gzip Content-Encoding: gzip Host: test.com User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 1.0.3705) Authorization: Basic XXX SOAPAction: http://test.com/SubmitXml I recieve response like that: HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Content-Encoding: gzip Content-Type: text/xml;charset=utf-8 Transfer-Encoding: chunked Date: Tue, 30 Mar 2010 07:26:33 GMT 2000 ? I recieve a chunk size and GZIP header, it's all okay. And here's what is happening with my poor little socket meanwhile: write ( i write headers and request here ) read ( after headers sent i begin to recieve response ) write ( STRANGE BEHAVIOUR HERE. And it finally sits here forever waiting for me to send something! But if i refer to HTTP I don't have to send anything more! ) What can it be related to? What it wants me to send? Is it remote web server's problem or do I miss something? PS All actual service references and login/passwords replaced with fake ones :)

  Read the article

• Cant clone Bitbucket repo via https

  - by Shushpan4ik

  Cant clone Bitbucket repo via https on Debian. I always get error: abort: authorization failed Mercurial Distributed SCM (version 1.4.1), Python 2.5.2 Thru ssh and http(w/o pass) work fine

  Read the article

• 407 Proxy Authentication Required

  - by Neo

  getting following exception while making call using XMLHttp object asynchronously in mozila firefox. can anybody help me to resolve this issue? 407 Proxy Authentication Required The ISA Server requires authorization to fulfil the request. Access to the Web Proxy filter is denied.

  Read the article

• Open Source Alternative to ASP.NET membership

  - by Tony Lenzi

  I'm currently supporting a Python web app with increasingly complicated user/role/permission management requirements. Currently, we are rolling our own user, groups, permissions, etc. code and supporting database. I'd like to find something like ASP.NET membership that can help manage user authentication and authorization, rather than risk security issues in continuing to create an increasingly complicated custom solution. Are there any similar projects out there worth taking a look at?

  Read the article

• WCF RIA Services: overriding DomainService.AuthorizeChangeSet - who cares?

  - by Marc Wittke

  I am overriding the AuthorizeChangeSet method and return false. The change set is not applied to the data context as expected, but how is the client notiied about this authorization error? The returned SubmitOperation has no error, and I cannot find any information elsewhere inside. (Still using the Nov 2009 beta with VS2008 and net3.5)

  Read the article

• Using Facebook Connect auth.RevokeAuthorization in ASP.NET

  - by Focus

  I'm confused as to how revoking authorization works in the ASP.NET Toolkit. I've tried issuing the following: ConnectSession connect = new ConnectSession(FacebookHelper.ApiKey(), FacebookHelper.SecretKey()); Auth x = new Auth(fbSession); x.RevokeAuthorization(); But I get an object reference error during the RevokeAuthorization call. Here's the call definition. Any idea what I'm doing wrong?

  Read the article

• Facebook Logout causes logout from my application

  - by pallab

  I have created simple javascript widget where login happens using Facebook Single Sign On. It logins the person whenever he is logged in to facebook (after authorization for the first time). However, it also logs out the user when Facebook logout happens. I want the person to not get logged out when the person logs out of Facebook? Suggest me what is the way around.

  Read the article

• Get calling user ID in PHP setuid script

  - by Bart van Heukelom

  I have a PHP script on Linux in which the sticky bit is set, so it gets executed as the file owner. How can I get the user id of the calling process, for authorization purposes? Context: I have two applications on a server, and want one to request some info from the other. For this reason the other offers a script with setuid, but I want to make sure it can only be called by the one.

  Read the article

• Possible to run OData on a shared host in mixed auth mode?

  - by Malachi

  My host has been pretty good about helping to tweak things to get my various .NET peices working, but they are unwilling to change the IIS authorization settings. Presently my OData service whines about that. Have I got any options?

  Read the article

• Good P2P Flash video conferencing package

  - by Justin Alexander

  Looking for a flash p2p (RTMFP) packaged solution, that includes the following features Time limited sessions: at confrence start, there is a set time limit, when this expires the session ends. Session extension: Sessions can be extended, but require authorization from the server via some sort of REST or Ajaxy response. Generally customizable theme Any suggestions?

  Read the article

• Provisioning api using java

  - by user268515

  Hi i tried to retrieve all users from the domain using provisioning api & 2-legged OAuth in java program but it returns unknown authorization header........... when i started to search about it i got the scope as https://apps-apis.google.com/a/feeds/user/#readonly. i dont what what #readonly refers please explain it .... Regards Sharun

  Read the article

• How to do dependency injection python-way?

  - by Konstantin

  I've been reading a lot about python-way lately so my question is How to do dependency injection python-way? I am talking about usual scenarios when, for example, service A needs access to UserService for authorization checks.

  Read the article

< Previous Page | 20 21 22 23 24 25 26 27 28 29 30 31  | Next Page >