Search Results

Search found 10169 results on 407 pages for 'port'.

Page 278/407 | < Previous Page | 274 275 276 277 278 279 280 281 282 283 284 285  | Next Page >

• Is there a way to edit an existing nautilus (file manager) bookmark?

  - by C.W.Holeman II

  Is there a way to edit an existing nautilus (fie manager) bookmark? Invoke from Linux command line: $ nautilus Activate connection editor: File>Connect To Server...> Complete entries in the pop up: Service Type: [WebDAV (HTTP)] Server: [localhost] Port: [8001] Folder [webdav] Username: [test] [x] Add bookmark Bookmark name: [/dav] <Connect> Then in the left column of the main window the new connection and bookmark exist: Places ------------------- ausername Desktop File System Network WebDAV on localhost Trash -------------------- /dav Right click on "/dav" pop up menu: Open Open in New Tab Open in New Window ------------------ Remove Rename... There is no option for editing.

  Read the article

• How I can view and block specific applications temporarily from accessing Internet?

  - by Curious Apprentice

  I don't want to block any application permanently from accessing internet. I just want to block some specific applications for a particular time period to gain speed in running some other. I know about one such great tool - that is "Comodo firewall". It can smoothly block and accurately display apps accessing internet. The only problem of installing this is, Windows recommends only one firewall apps and as Im running Windows 7 x64 Ultimate there will be complications if I install this one. I need a tool which can accurately display which apps are accessing internet (through which port) and how much data they are receiving or sending. I also need some arrangement within the app so that I can easily temporarily block that app from accessing internet.

  Read the article

• ssh tunnel through an intermediate host

  - by user1190650

  I have configured an SSH tunnel to forward my web traffic from hostA to hostC using this command on hostA: ssh -D 2222 user@hostC after configuring my browser to use a proxy on port 2222. This works great. However, I now want to forward the same traffic through an intermediate SSH connection on hostB in order to get to hostC. I tried this on hostA: ssh user@hostB -L 2222:hostB:22 but I get "channel x: open failed" errors. Does anyone know the correct way of doing this?

  Read the article

• mod_security: How to allow ssh/http access for admin?

  - by mattesque

  I am going to be installing mod_security on my AWS EC2 Linux instance tonight and need a little help/reassurance. The only thing I am truly worried about right now is making sure my (admin) access to the instance and webserver is maintained w/o compromising security. I use ssh (port 22) and http (80) to access this and I've read horror stories from other EC2 users claiming they were locked out of their sites once they put up a firewall. So my question boils down to: What settings should I put in the mod_security conf file to make sure I can get in on those ports? IP at home is not static. (Hence the issue) Thanks so, so, so much.

  Read the article

• VLAN Configuration Conflict, Who Wins?

  - by Kevin

  I'm new to VLANs, so take that into consideration... Lets say that I had a server set up to create a virtual interface that is set to be tagged as VLAN 3. For example, the following Debian config: iface eth0.1 inet static address 192.168.1.1 netmask 255.255.255.0 Now on my switch, lets say that I have the port that the aforementioned server connects to, set to VLAN 4... Who wins? What are the packets tagged as, as viewed by the rest of the network?

  Read the article

• Server spec for a small business [duplicate]

  - by I'll-Be-Back

  This question already has an answer here: Can you help me with my capacity planning? 2 answers I will need to buy a decent server for Windows Server 2012 and Linux for Web server (Internal use only - Intranet). I will install ESXi with 2 or 3 VM's. There will be about 80-100 Agents at work, they will login (domain controller) on client PC in the morning (between 9:40am to 10:05am). They can only use IE browser and everything else will be locked. They will not have any storage space, no email, etc. Is this spec decent enough? 2u Supermicro 825 chassis, X9SCL-F x1 Intel E3-1290v2 16Gb DDR3 x2 Intel 520 Series 240Gb x2 2Tb Seagate Barracuda, LSi 4 port SAS raid controller

  Read the article

• redirecting arbitrary tcp/udp in kvm

  - by jbfink

  I've got a server with KVM on it, and multiple guest VMs. I'd like a way to redirect traffic from the host server to the VMs. Like, say, forward all traffic on port 2222 on the host to 22 on a guest VM for ssh. This would have to be done either through virt-manager or libvirt XML config files -- I've found multiple references to doing it through qemu (like http://forums.fedoraforum.org/showthread.php?t=237969) but absolutely nothing that I can see related to either libvirt or virt-manager. Do you know how I can do this?

  Read the article

• Remote Linux system via Windows 7

  - by kaila

  I have a dual boot with Windows 7 and Fedora. Though I can long into both without any problems, I am trying to log in to the linux account via the Windows account. Is that possible? Or, is it possible to access my university's linux server via telnet from home? I did so and got an error, with cold not connect to port 23 message. Also, since most of my mail accounts are on Windows, the passwords to which I have forgotten, I would prefer working on a ;remote' connection.

  Read the article

• How do I simplify my URLs with Apache (or DNS)?

  - by user45015

  I'm running Apache 2.2 with WHM / cPanel. Let me know what other info you need to answer this question. I want to set up some kind of forwarding/redirect so that the following occurs: _http://appname.mydomain.com/ (ignore the underscore, couldn't post actual links) actually sends you to _http://mydomain.com:8072/appname/ This can be overt (your browser address bar changes) or not, it doesn't really matter (although if I get to pick I would prefer the address bar NOT change). My initial thought was to use a CNAME, but I've since learned you can't include a port in your cname. Now I'm thinking I have to do something with my Apache VHOST? I am very much a novice at apache / web server internal workings, but I know my way around a command line well enough.

  Read the article

• USB Mouse disconnects ONLY on bootcamp (win7,works fine on OSX) [duplicate]

  - by gourounakis

  This question already has an answer here: Why is my USB mouse disconnecting and reconnecting randomly and often? 7 answers I have a mid 2010 iMac with a Logitech G500 mouse which works fine on OS X. I game on Windows 7 in bootcamp, and for a month now I have been getting random mouse disconnects while gaming. Sometimes none, sometimes 2-3 per minute. The mouse lights go off and I get the disconnect sound from Windows 7 then it connects again after a second or two. I tried changing the port I connect the mouse to, but still the same thing. The only devices on USB are Apple keyboard with Apple extension cord, the mouse, and a Creative SoundBlaster Tactic 3D Alpha USB Gaming Headset. Any ideas?

  Read the article

• Run SSH trough a proxy

  - by Row Minds

  I have a question. How can i run SSH trough a proxy or a SSH Tunneling Protocol? For example i have a computer(Ubuntu) with ip eg. 123.123.123.123 and i want to connect to my server trough a proxy eg. 111.111.111.111 so i can see in lastlog that the last authentication was made from 123.123.123.123 . I need this because i cannot access a certain server at work only with an specified range IP. What i tried so far was http://daniel.haxx.se/docs/sshproxy.html where i used ssh -D 1 [email protected] -p 443 where i had 127.0.0.1 forwarded to a SSH Tunneling Protocol http://www.nixtutor.com/linux/installing-and-configuring-an-ssh-server/ (i configurated listening on port 443 but no result, still no connection (denied) ...) This question may sound simple, but i can't figure it out, can you please help me? Thanks.

  Read the article

• Route SOAP request through external server

  - by sanbornm

  I need to integrate with a SOAP Web Service that requires that the requests come from a whitelisted IP address. As I often do development from all over the place it is quite annoying to ask for a new whitelisted IP each time. I have a remote server that is whitelisted. How can I route my SOAP request (I can change the endpoint in the WSDL) to my remote machine and have that forwarded to the Web Service? My remote server is used for other things so it needs to only forward a specific port, not all traffic. Oh, and the Web Service expects SSL.

  Read the article

• Forward external traffic to 127.0.0.1

  - by user2939415

  I have an HTTP server running on 127.0.0.1:8000. How can I use iptables or something to route external traffic to it? I want to be able to access my.ip.addr:8000 from my browser. iptables -A PREROUTING -i eth0 -p tcp --dport 8000 -j REDIRECT --to-ports 8000 does not help EDIT: To test whether or not this works I am using the following node.js script: // Load the http module to create an http server. var http = require('http'); // Configure our HTTP server to respond with Hello World to all requests. var server = http.createServer(function (request, response) { response.writeHead(200, {"Content-Type": "text/plain"}); response.end("Hello World\n"); }); // Listen on port 8000, IP defaults to 127.0.0.1 server.listen(8000, "127.0.0.1"); // Put a friendly message on the terminal console.log("Server running at http://127.0.0.1:8000/");

  Read the article

• I missed allowing ".NET Runtime Optimization Service" while installing a game — could there be any problems?

  - by MDLss

  I'm using ESET Smart Security 4 on Windows 7. I selected Interactive Mode so it asks me when something needs to connect to my PC. So when I was installing a game named League of Legends, I was away from my computer. When I came back, I saw that the download was finished but ESET was asking whether to allow .NET Runtime Optimization Service to connect my computer using port 80 TCP. So I selected Allow but It was too late because the download was already finished. I can play the game, but could it be bugged or broken or something?

  Read the article

• What are the minimal iptables rules to surf the internet?

  - by alexx0186

  I am trying to set minimal rules to my Linux iptables rules file to just be able to surf the internet. Here what I did: * filter -A OUTPUT -p tcp --dport 80 -j ACCEPT -A OUTPUT -p tcp --dport 443 -j ACCEPT -A OUTPUT -p udp --dport 53 -j ACCEPT COMMIT With just those rules, I can't surf the web. I noticed that when I put -A INPUT -j ACCEPT, it works but I don't understand why. So what Input/output port do I need to surf the internet? Thanks a lot. Regards EDIT: It still doesn't work and my rules as as follows: # generated by iptables-save filter :INPUT DROP [10:648] :FORWARD DROP [0:0] :OUTPUT ACCEPT [10:648] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPTED COMMIT

  Read the article

• Are there any open-source simple network monitoring applications? [duplicate]

  - by scottm

  This question already has an answer here: What tool do you use to monitor your servers? 73 answers I am debugging a problem with one of our systems. Every Sunday, it stops communicating with another server. If we reboot both servers, communication works again. I was wondering if there are any small footprint apps that monitor TCP port availability and network connectivity, possibly logging any downtime. I'd also like it to be open source if possible, but if there is another solution that is proprietary, I'd like to hear about it also.

  Read the article

• Add/Remove script for local printer

  - by GxFlint

  I have a Windows XP machine that runs two applications and both print on a thermal printer connected by a serial port. For one application, the "Generic / Text Only" printer must be present, for the other to work I need to remove it. I've found a few .vbs scripts, but they are for network printer. How do I make them work with my local printer? Is there a better solution? The user would have to run the script every time he needs to switch from an application to another.

  Read the article

• Slow data transfer using SSH

  - by Floste

  The server is an ubuntu server 11.04 with sshd. SSH works fine for console programs. But data transfer is slow, which is very annoying when transferring large files. I tried two different client programs and changed the port, but the speed is always the same. I know the server can transfer data a lot faster over SSL, which afaik uses AES. I configured my SSH client to use AES, too, but no effect. Why is using SSH multiple times slower than SSL and is there a way to improve transfer speed of SSH?

  Read the article

• Android chess development design [on hold]

  - by Plejo

  I want to develop human vs human android chess game and I have bunch of new questions. I would like to have screen where online players are shown(nickname, rating) and when player challenge antoher player and he accpet it game begins. These are my questions: When player install application, does he have to create account/login or does every instance of installed application have some kind of ID so I can recognize it on server side? I want to have also ratings of players saved in my DB so login procedure will probably be necessary. When player connects to server server updates online players list. When he challenge another player and he accept server exchange ip`s(and ports? which port to use?) between players. Then they connect to each other and game begins. What is best practice for connection between server-android and android-android? Probably sockets, right? Is there any library for handling lost connection etc.? Which server do you recommend?

  Read the article

• SSH Public Key - No supported authentication methods available (server sent public key)

  - by F21

  I have a 12.10 server setup in a virtual machine with its network set to bridged (essentially will be seen as a computer connected to my switch). I installed opensshd via apt-get and was able to connect to the server using putty with my username and password. I then set about trying to get it to use public/private key authentication. I did the following: Generated the keys using PuttyGen. Moved the public key to /etc/ssh/myusername/authorized_keys (I am using encrypted home directories). Set up sshd_config like so: PubkeyAuthentication yes AuthorizedKeysFile /etc/ssh/%u/authorized_keys StrictModes no PasswordAuthentication no UsePAM yes When I connect using putty or WinSCP, I get an error saying No supported authentication methods available (server sent public key). If I run sshd in debug mode, I see: PAM: initializing for "username" PAM: setting PAM_RHOST to "192.168.1.7" PAM: setting PAM_TTY to "ssh" userauth-request for user username service ssh-connection method publickey [preauth] attempt 1 failures 0 [preauth] test whether pkalg/pkblob are acceptable [preauth[ Checking blacklist file /usr/share/ssh/blacklist.RSA-1023 Checking blacklist file /etc/ssh/blacklist.RSA-1023 temporarily_use_uid: 1000/1000 (e=0/0) trying public key file /etc/ssh/username/authorized_keys fd4 clearing O_NONBLOCK restore_uid: 0/0 Failed publickey for username from 192.168.1.7 port 14343 ssh2 Received disconnect from 192.168.1.7: 14: No supported authentication methods available [preauth] do_cleanup [preauth] monitor_read_log: child log fd closed do_cleanup PAM: cleanup Why is this happening and how can I fix this?

  Read the article

• How do I install a driver for an Atheros AR9285?

  - by Fernando

  How to install the driver for Atheros AR9285 in Ubuntu 11.10. Still no package for 11.10 according to this https://help.ubuntu.com/community/WifiDocs/Device/Atheros/AR9285 Here is the output of the commands marc@fer-VPCYA1V9E:~$ sudo lshw -class network *-network DISABLED description: Wireless interface product: AR9285 Wireless Network Adapter (PCI-Express) vendor: Atheros Communications Inc. physical id: 0 bus info: pci@0000:02:00.0 logical name: wlan0 version: 01 serial: 4c:0f:6e:d6:65:cc width: 64 bits clock: 33MHz capabilities: pm msi pciexpress bus_master cap_list ethernet physical wireless configuration: broadcast=yes driver=ath9k driverversion=3.0.0-12-generic firmware=N/A latency=0 link=no multicast=yes wireless=IEEE 802.11bgn resources: irq:16 memory:d3400000-d340ffff *-network description: Ethernet interface product: AR8131 Gigabit Ethernet vendor: Atheros Communications physical id: 0 bus info: pci@0000:03:00.0 logical name: eth0 version: c0 serial: 54:42:49:a2:1f:bc capacity: 1Gbit/s width: 64 bits clock: 33MHz capabilities: pm msi pciexpress vpd bus_master cap_list ethernet physical tp 10bt 10bt-fd 100bt 100bt-fd 1000bt-fd autonegotiation configuration: autonegotiation=on broadcast=yes driver=atl1c driverversion=1.0.1.0-NAPI firmware=N/A latency=0 link=no multicast=yes port=twisted pair resources: irq:43 memory:d2400000-d243ffff ioport:1000(size=128) And the second command marc@fer-VPCYA1V9E:~$ rfkill list 0: sony-wifi: Wireless LAN Soft blocked: no Hard blocked: no 1: sony-bluetooth: Bluetooth Soft blocked: no Hard blocked: no 2: phy0: Wireless LAN Soft blocked: no Hard blocked: no 3: hci0: Bluetooth Soft blocked: no Hard blocked: no 4: acer-wireless: Wireless LAN Soft blocked: yes Hard blocked: no Is there a way to make it work?

  Read the article

• SQL SERVER – Resolving SQL Server Connection Errors – SQL in Sixty Seconds #030 – Video

  - by pinaldave

  One of the most famous errors related to SQL Server is about connecting to SQL Server itself. Here is how it goes, most of the time developers have worked with SQL Server and knows pretty much every error which they face during development language. However, hardly they install fresh SQL Server. As the installation of the SQL Server is a rare occasion unless you are DBA who is responsible for such an instance – the error faced during installations are pretty rare as well. I have earlier written an article about this which describes how to resolve the errors which are related to SQL Server connection. Even though the step by step directions are pretty simple there are many first time IT Professional who are not able to figure out how to resolve this error. I have quickly built a video which is covering most of the solutions related to resolving the connection error. In the Fix SQL Server Connection Error article following workarounds are described: SQL Server Services TCP/IP Settings Firewall Settings Enable Remote Connection Browser Services Firewall exception of sqlbrowser.exe Recreating Alias Related Tips in SQL in Sixty Seconds: SQL SERVER – FIX : ERROR : (provider: Named Pipes Provider, error: 40 – Could not open a connection to SQL Server) (Microsoft SQL Server, Error: ) SQL SERVER – Could not connect to TCP error code 10061: No connection could be made because the target machine actively refused it SQL SERVER – Connecting to Server Using Windows Authentication by SQLCMD SQL SERVER – Fix : Error: 15372 Failed to generate a ser instance od SQL Server due to a failure in starting the process for the user instance. The connection will be closed SQL SERVER – Dedicated Access Control for SQL Server Express Edition – An error occurred while obtaining the dedicated administrator connection (DAC) port. SQL SERVER – Fix : Error: 4064 – Cannot open user default database. Login failed. Login failed for user What would you like to see in the next SQL in Sixty Seconds video? Reference: Pinal Dave (http://blog.sqlauthority.com) Filed under: Database, Pinal Dave, PostADay, SQL, SQL Authority, SQL in Sixty Seconds, SQL Query, SQL Scripts, SQL Server, SQL Server Management Studio, SQL Tips and Tricks, T SQL, Technology, Video Tagged: Excel

  Read the article

• One More Solar Eclipse Hitting The Earth

  - by Suganya

  After the partial Solar eclipse that occurred on 01 July 2011, there is one another partial solar eclipse hitting the earth on 25 November 2011. This is the fourth and the final solar eclipse that is going to happen during this year. This eclipse is highly visible from the southern hemisphere, which means it can be witnessed from Southern South Africa, Antarctica , Tasmania and Many regions of New Zealand. The eclipse touches a greatest magnitude of 0.905 at 06:20:17 am Universal Time. This eclipse is the 53rd eclipse and belongs to Saros123 series. The details about the time and place from where this eclipse can be addressed are given below. All time mentioned here are local time of that location. S.No Place Eclipse Start Time Eclipse End Time Maximum Eclipse 1 Cape Town, South Africa 6:28:07 7:18:08 6:52:42 2 Port Elizabeth, SOUTH AFRICA 6:38:16 7:07:49 6:52:56 3 Christchurch, NEW ZEALAND 19:07:01 19:42 19:42 4 Wellington, NEW ZEALAND 19:10:22 19:26 19:26 5 Dunedin, NEW ZEALAND 19:03:13 19:58 19:40:40 This is the largest partial eclipse that is going to hit the earth this year and while at the maximum eclipse time, the lunar shadow will pass 330 kilometers above the earth’s surface near the coast of Antarctica. Source : NASA CC Image Credit : Joerg Weingrill This article titled,One More Solar Eclipse Hitting The Earth, was originally published at Tech Dreams. Grab our rss feed or fan us on Facebook to get updates from us.

  Read the article

• Wireless doesn't work on a Lenovo V570

  - by Stephen

  I've had Ubuntu installed on my HD for about 3 months but ever since I ran into this wireless issue I kinda lost my lust of Ubuntu. I have zero experience getting around with/ using the console command. I have a Lenovo V570. I got the driver update for the broadcom networking card via the Additional Drivers application but that did nothing. I love the look and feel of using Ubuntu but I have no technological experience for the matter. Any help would be awesome. When I scan for wireless connections while in Ubuntu, my computer picks up nothing, while on Win7 it will pick up the handful of wireless networks around my area. My wired connection is fine, but the use of not having wireless on a laptop is rather contradictory to it as a feature. Cheers! Also, I just installed 11.10, if that helps any. Yes, I used the search before I posted this, but again I have ZERO understanding of the command stuff and need a meat and potatoes answer(s). stephen@ubuntu:~$ sudo lshw -class network [sudo] password for stephen: *-network UNCLAIMED description: Network controller product: BCM4313 802.11b/g/n Wireless LAN Controller vendor: Broadcom Corporation physical id: 0 bus info: pci@0000:03:00.0 version: 01 width: 64 bits clock: 33MHz capabilities: pm msi pciexpress bus_master cap_list configuration: latency=0 resources: memory:f1900000-f1903fff *-network description: Ethernet interface product: RTL8111/8168B PCI Express Gigabit Ethernet controller vendor: Realtek Semiconductor Co., Ltd. physical id: 0 bus info: pci@0000:04:00.0 logical name: eth0 version: 06 serial: f0:de:f1:63:98:14 size: 100Mbit/s capacity: 1Gbit/s width: 64 bits clock: 33MHz capabilities: pm msi pciexpress msix vpd bus_master cap_list ethernet physical tp mii 10bt 10bt-fd 100bt 100bt-fd 1000bt 1000bt-fd autonegotiation configuration: autonegotiation=on broadcast=yes driver=r8169 driverversion=2.3LK-NAPI duplex=full firmware=rtl_nic/rtl8168e-2.fw ip=192.168.1.78 latency=0 link=yes multicast=yes port=MII speed=100Mbit/s resources: irq:41 ioport:2000(size=256) memory:f1804000-f1804fff memory:f1800000-f1803fff stephen@ubuntu:~$ rfkill list all 0: ideapad_wlan: Wireless LAN Soft blocked: yes Hard blocked: no 1: acer-wireless: Wireless LAN Soft blocked: yes Hard blocked: no

  Read the article

• How to deal with transport level security policy with OSB

  - by Jian Liang

  Recently, we received a use case for Oracle Service Bus (OSB) 11gPS4 to consume a Web Service which is secured by HTTP transport level security policy. The WSDL of the remote web service looks like following where the part marked in red shows the security policy: <?xml version='1.0' encoding='UTF-8'?> <definitions xmlns:wssutil="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:tns="https://httpsbasicauth" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://schemas.xmlsoap.org/wsdl/" targetNamespace="https://httpsbasicauth" name="HttpsBasicAuthService"> <wsp:UsingPolicy wssutil:Required="true"/> <wsp:Policy wssutil:Id="WSHttpBinding_IPartyServicePortType_policy"> <wsp:ExactlyOne> <wsp:All> <ns1:TransportBinding xmlns:ns1="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> <wsp:Policy> <ns1:TransportToken> <wsp:Policy> <ns1:HttpsToken RequireClientCertificate="false"/> </wsp:Policy> </ns1:TransportToken> <ns1:AlgorithmSuite> <wsp:Policy> <ns1:Basic256/> </wsp:Policy> </ns1:AlgorithmSuite> <ns1:Layout> <wsp:Policy> <ns1:Strict/> </wsp:Policy> </ns1:Layout> </wsp:Policy> </ns1:TransportBinding> <ns2:UsingAddressing xmlns:ns2="http://www.w3.org/2006/05/addressing/wsdl"/> </wsp:All> </wsp:ExactlyOne> </wsp:Policy> <types> <xsd:schema> <xsd:import namespace="https://proxyhttpsbasicauth" schemaLocation="http://localhost:7001/WS/HttpsBasicAuthService?xsd=1"/> </xsd:schema> <xsd:schema> <xsd:import namespace="https://httpsbasicauth" schemaLocation="http://localhost:7001/WS/HttpsBasicAuthService?xsd=2"/> </xsd:schema> </types> <message name="echoString"> <part name="parameters" element="tns:echoString"/> </message> <message name="echoStringResponse"> <part name="parameters" element="tns:echoStringResponse"/> </message> <portType name="HttpsBasicAuth"> <operation name="echoString"> <input message="tns:echoString"/> <output message="tns:echoStringResponse"/> </operation> </portType> <binding name="HttpsBasicAuthSoapPortBinding" type="tns:HttpsBasicAuth"> <wsp:PolicyReference URI="#WSHttpBinding_IPartyServicePortType_policy"/> <soap:binding transport="http://schemas.xmlsoap.org/soap/http" style="document"/> <operation name="echoString"> <soap:operation soapAction=""/> <input> <soap:body use="literal"/> </input> <output> <soap:body use="literal"/> </output> </operation> </binding> <service name="HttpsBasicAuthService"> <port name="HttpsBasicAuthSoapPort" binding="tns:HttpsBasicAuthSoapPortBinding"> <soap:address location="https://localhost:7002/WS/HttpsBasicAuthService"/> </port> </service> </definitions> The security assertion in the WSDL (marked in red) indicates that this is the HTTP transport level security policy which requires one way SSL with default authentication (aka. basic authenticate with username/password). Normally, there are two ways to handle web service security policy with OSB 11g: Use WebLogic 9.x policy Use OWSM Since OSB doesn’t support WebLogic 9.x WSSP transport level assertion (except for WS transport), when we tried to create the business service based on the imported WSDL, OSB complained with the following message: [OSB Kernel:398133]The service is based on WSDL with Web Services Security Policies that are not natively supported by Oracle Service Bus. Please select OWSM Policies - From OWSM Policy Store option and attach equivalent OWSM security policy. For the Business Service, either you can add the necessary client policies manually by clicking Add button or you can let Oracle Service Bus automatically pick and add compatible client policies by clicking Add Compatible button. Unfortunately, when tried with OWSM, we couldn’t find http_token_policy from OWSM since OSB PS4 doesn’t support OWSM http_token_policy. It seems that we ran into an unsupported situation that no appropriate policy can be used from both WebLogic and OWSM. As this security policy requires one way SSL with basic authentication at the transport level, a possible workaround is to meet the remote service's requirement at transport level without using web service policy. We can simply use OSB to establish SSL connection and provide username/password for authentication at the transport level to the remote web service. In this case, the business service within OSB will be transparent to the web service policy. However, we still need to deal with OSB console’s complaint related to unsupported security policy because the failure of WSDL validation prohibits OSB console to move forward. With the help from OSB Product Management team, we finally came up with the following solutions: Solution 1: OSB PS5 The good news is that the http_token_policy is made available in OSB PS5. With OSB PS5, you can simply add OWSM oracle/wss_http_token_over_ssl_client_policy to the business service. The simplest solution is to upgrade to OSB PS5 where the OWSM solution is provided out of the box. But if you are not in a position where upgrading is an immediate option, you might want to consider other two workaround solutions described below. Solution 2: Modifying WSDL This solution addresses OSB console’s complaint by removing the security policy from the imported WSDL within OSB. Without the security policy, OSB console allows the business service to be created based on modified WSDL.  Please bear in mind, modifying WSDL is done only for the OSB side via OSB console, no change is required on the remote Web Service. The main steps of this solution: Connect to OSB console import the remote WSDL into OSB remove security assertion (the red marked part) from the imported WSDL create a service account. In our sample, we simply take the user weblogic create the business service and check "Basic" for Authentication and select the created service account make sure that OSB consumes the web service via https. This solution requires modifying WSDL. It is suitable for any OSB version (10g or OSB 11g version) prior to PS5 without OWSM. However, modifying WSDL by hand is troublesome as it requires the user to remember that the original WSDL was edited.  It forces you to make the same edit each time you want to re-import the service WSDL when changes occur at the service level. This also prevents you from using UDDI to import WSDL.  Solution 3: Using original WSDL This solution keeps the WSDL intact and ignores the embedded policy by using OWSM. By design, OWSM doesn’t like WSDL with embedded security assertion. Since OWSM doesn’t provide the feature to explicitly ignore the embedded policy from a remote WSDL, in this solution, we use OWSM in a tricky way to ignore the embedded policy. Connect to OSB console import the remote WSDL into OSB create a service account create the business service in which check "Basic" for Authentication and select the created service account as the imported WSDL is intact, the OSB Kernel:398133 error is expected ignore this error message for the moment and navigate to the Policies Page of business service Select “From OWSM Policy Store” and click “Add” button, the list of policies will pop-up Here is the tricky part: select an arbitrary policy, and click “Cancel” Update and save By clicking “Cancel’ button, we didn’t add any OWSM policy to business service, but the embedded policy is ignored. Yes, this is tricky. According to Oracle OSB Product Manager, the future release of OWSM will add a button “None” which allows to ignore the embedded policy explicitly. This solution keeps the imported WSDL intact which is the big advantage over the solution 2. It is suitable for OSB 11g (version prior to PS5) domain with OWSM configured. This blog addressed the unsupported transport level web service security policy with OSB PS4. To summarize, if you are using OSB PS5 or in a position to upgrade to PS5, the recommendation is to use OWSM OOTB transport level security policy directly. With the release prior to 11g PS5, you can consider the solution 2 or 3 depending on if OWSM is configured.

  Read the article

< Previous Page | 274 275 276 277 278 279 280 281 282 283 284 285  | Next Page >