Search Results

Search found 2054 results on 83 pages for 'ion auth'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 3/83 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • How can I debug PEAR auth?

    - by croceldon
    I have a directory on my site that I've implemented PEAR's Auth to run my authentication. It is working great. However, I've tried to make a copy of my site (it's going to be translated to a different language), and on this new site, the Auth process doesn't seem to be working correctly. I can login properly, but every time I try to go to a different page in the same directory, and use Auth to authorize, it forces me to login again. Here's my logic: $auth_options = array( 'dsn' => mysql://user:password@server/db', 'table' => 'users', 'usernamecol' => 'username', 'passwordcol' => 'password', 'db_fields' => '*' ); $auth = new Auth("DB", $auth_options, "login_function"); $auth->setFailedLoginCallback('bad_login'); $auth->start(); if (!$auth->checkAuth()) { die('cannot succeed in checkAuth') exit; } else { include("nocache.php"); } This is part of a file that's included in every php page I that I desire to require authentication. I can login properly once, but whenever I then try to go to a different page that requires authentication, it makes me login again (and I see the 'cannot succeed' die message at the bottom of the page). Again, this solution works fine on my original site, I copied all the files, and only changed the db server/password - it still doesn't work. And I'm using the same webhost for both. What am I doing wrong here? Or how can I debug this further?

    Read the article

  • Apache, Tomcat 5 and problem with HTTP basic auth

    - by Juha Syrjälä
    I have setup a Tomcat with a webapp that uses http basic auth in some of its URLs. There is a Apache server in front of the Tomcat. I have setup Apache as a proxy like this (all traffic should go directly to tomcat): /etc/httpd/conf.d/proxy_ajp.conf: LoadModule proxy_ajp_module modules/mod_proxy_ajp.so ProxyPass / ajp://localhost:8009/ ProxyPassReverse / ajp://localhost:8009/ There is a webapp installed to root of Tomcat (ROOT.war), so I should be able to use http://localhost/ to access my webapp. But it is not working with http basic auth. The problem is that everything works until I try to access URL that are protected by the HTTP basic auth. URLs without authentication work just fine. When accessing this url via apache I am getting an error message from Apache. If I access the same URL directly from tomcat, everything works just fine. I am getting this to Apache error log: [Wed Sep 01 21:34:01 2010] [error] proxy: dialog to [::1]:8009 (localhost) failed access log looks like this: ::1 - - [01/Sep/2010:21:34:01 +0300] "GET /protected_path/ HTTP/1.0" 503 360 "-" "w3m/0.5.2" I am using: Fedora release 13 (Goddard) httpd-2.2.16-1.fc13.x86_64 tomcat5-5.5.27-7.4.fc12.noarch The basic auth is implemented in the webapp (not in Apache or Tomcat). The webapp is actually implemented in Scala/Lift, but that shouldn't matter. The auth works if I access the tomcat directly. Error message that I am getting from Apache. It is curious that the title is Unauthorized and not Internal error: Unauthorized The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later. Apache/2.2.16 (Fedora) Server at my.server.name.com Port 80 It could be that Apache is seeing a some thing else than 200 OK response and thinks that it is an error when it actually should pass the received 401 Unauthorized response directly to browser. If this is the problem, how to fix it?

    Read the article

  • Ubuntu 13.10 gives "Package 'libapache2-mod-auth-mysql' has no installation candidate" error

    - by John Crawford
    I'm trying to install my LAMP environment on Ubuntu 13.10 using my script file that can be found here. That script worked for Ubuntu 12.04, Ubuntu 13.04 but when I try it on Ubuntu 13.10 it gives the following error: E: Package 'libapache2-mod-auth-mysql' has no installation candidate Any idea on how to fix this? Note, I do want this package to be installed. EDIT: I've found out now that the reason this could not be installed was because it needed the following two packages that were missing: libmysqlclient16 and apache2.2-common. Do I just need to install these packages or were they removed for a reason?

    Read the article

  • Why is my RAID /dev/md1 showing up as /dev/md126? Is mdadm.conf being ignored?

    - by mmorris
    I created a RAID with: sudo mdadm --create --verbose /dev/md1 --level=mirror --raid-devices=2 /dev/sdb1 /dev/sdc1 sudo mdadm --create --verbose /dev/md2 --level=mirror --raid-devices=2 /dev/sdb2 /dev/sdc2 sudo mdadm --detail --scan returns: ARRAY /dev/md1 metadata=1.2 name=ion:1 UUID=aa1f85b0:a2391657:cfd38029:772c560e ARRAY /dev/md2 metadata=1.2 name=ion:2 UUID=528e5385:e61eaa4c:1db2dba7:44b556fb Which I appended it to /etc/mdadm/mdadm.conf, see below: # mdadm.conf # # Please refer to mdadm.conf(5) for information about this file. # # by default (built-in), scan all partitions (/proc/partitions) and all # containers for MD superblocks. alternatively, specify devices to scan, using # wildcards if desired. #DEVICE partitions containers # auto-create devices with Debian standard permissions CREATE owner=root group=disk mode=0660 auto=yes # automatically tag new arrays as belonging to the local system HOMEHOST <system> # instruct the monitoring daemon where to send mail alerts MAILADDR root # definitions of existing MD arrays # This file was auto-generated on Mon, 29 Oct 2012 16:06:12 -0500 # by mkconf $Id$ ARRAY /dev/md1 metadata=1.2 name=ion:1 UUID=aa1f85b0:a2391657:cfd38029:772c560e ARRAY /dev/md2 metadata=1.2 name=ion:2 UUID=528e5385:e61eaa4c:1db2dba7:44b556fb cat /proc/mdstat returns: Personalities : [raid1] [linear] [multipath] [raid0] [raid6] [raid5] [raid4] [raid10] md2 : active raid1 sdb2[0] sdc2[1] 208629632 blocks super 1.2 [2/2] [UU] md1 : active raid1 sdb1[0] sdc1[1] 767868736 blocks super 1.2 [2/2] [UU] unused devices: <none> ls -la /dev | grep md returns: brw-rw---- 1 root disk 9, 1 Oct 30 11:06 md1 brw-rw---- 1 root disk 9, 2 Oct 30 11:06 md2 So I think all is good and I reboot. After the reboot, /dev/md1 is now /dev/md126 and /dev/md2 is now /dev/md127????? sudo mdadm --detail --scan returns: ARRAY /dev/md/ion:1 metadata=1.2 name=ion:1 UUID=aa1f85b0:a2391657:cfd38029:772c560e ARRAY /dev/md/ion:2 metadata=1.2 name=ion:2 UUID=528e5385:e61eaa4c:1db2dba7:44b556fb cat /proc/mdstat returns: Personalities : [raid1] [linear] [multipath] [raid0] [raid6] [raid5] [raid4] [raid10] md126 : active raid1 sdc2[1] sdb2[0] 208629632 blocks super 1.2 [2/2] [UU] md127 : active (auto-read-only) raid1 sdb1[0] sdc1[1] 767868736 blocks super 1.2 [2/2] [UU] unused devices: <none> ls -la /dev | grep md returns: drwxr-xr-x 2 root root 80 Oct 30 11:18 md brw-rw---- 1 root disk 9, 126 Oct 30 11:18 md126 brw-rw---- 1 root disk 9, 127 Oct 30 11:18 md127 All is not lost, I: sudo mdadm --stop /dev/md126 sudo mdadm --stop /dev/md127 sudo mdadm --assemble --verbose /dev/md1 /dev/sdb1 /dev/sdc1 sudo mdadm --assemble --verbose /dev/md2 /dev/sdb2 /dev/sdc2 and verify everything: sudo mdadm --detail --scan returns: ARRAY /dev/md1 metadata=1.2 name=ion:1 UUID=aa1f85b0:a2391657:cfd38029:772c560e ARRAY /dev/md2 metadata=1.2 name=ion:2 UUID=528e5385:e61eaa4c:1db2dba7:44b556fb cat /proc/mdstat returns: Personalities : [raid1] [linear] [multipath] [raid0] [raid6] [raid5] [raid4] [raid10] md2 : active raid1 sdb2[0] sdc2[1] 208629632 blocks super 1.2 [2/2] [UU] md1 : active raid1 sdb1[0] sdc1[1] 767868736 blocks super 1.2 [2/2] [UU] unused devices: <none> ls -la /dev | grep md returns: brw-rw---- 1 root disk 9, 1 Oct 30 11:26 md1 brw-rw---- 1 root disk 9, 2 Oct 30 11:26 md2 So once again, I think all is good and I reboot. Again, after the reboot, /dev/md1 is /dev/md126 and /dev/md2 is /dev/md127????? sudo mdadm --detail --scan returns: ARRAY /dev/md/ion:1 metadata=1.2 name=ion:1 UUID=aa1f85b0:a2391657:cfd38029:772c560e ARRAY /dev/md/ion:2 metadata=1.2 name=ion:2 UUID=528e5385:e61eaa4c:1db2dba7:44b556fb cat /proc/mdstat returns: Personalities : [raid1] [linear] [multipath] [raid0] [raid6] [raid5] [raid4] [raid10] md126 : active raid1 sdc2[1] sdb2[0] 208629632 blocks super 1.2 [2/2] [UU] md127 : active (auto-read-only) raid1 sdb1[0] sdc1[1] 767868736 blocks super 1.2 [2/2] [UU] unused devices: <none> ls -la /dev | grep md returns: drwxr-xr-x 2 root root 80 Oct 30 11:42 md brw-rw---- 1 root disk 9, 126 Oct 30 11:42 md126 brw-rw---- 1 root disk 9, 127 Oct 30 11:42 md127 What am I missing here?

    Read the article

  • Postfix connection lost after AUTH

    - by user84104
    Looking at the logs on my mailservers, I have noticed messages like the following: Nov 29 12:09:38 mta postfix/smtpd[8362]: connect from unknown[183.13.165.14] Nov 29 12:09:39 mta postfix/smtpd[8362]: lost connection after AUTH from unknown[183.13.165.14] Nov 29 12:09:39 mta postfix/smtpd[8362]: disconnect from unknown[183.13.165.14] Nov 29 12:09:39 mta postfix/smtpd[8409]: connect from unknown[183.13.165.14] Nov 29 12:09:40 mta postfix/smtpd[8409]: lost connection after AUTH from unknown[183.13.165.14] Nov 29 12:09:40 mta postfix/smtpd[8409]: disconnect from unknown[183.13.165.14] There are no SASL failures in these cases. There are SASL failures are logged at other times, but never with lost connection after AUTH. What is happening here, and should I do any about it? These are not MXs, and already have smtpd_client_connection_rate_limit set. Possibly related: The systems require either SMTPS or STARTTLS before AUTH is announced.

    Read the article

  • Apache: Stealth 404 the admin area until authenticated via basic auth, then allow access

    - by Kzqai
    Given a administrative area with urls like this: wp-admin/ wp-admin/whatever wp-admin/another-page wp-adminsecretlogin/ A standard basic-auth coverage would provide a username and password prompt on all three urls, and return a 403 on all failed auth attempts. This is a pretty obvious signal that something exists there, and thus is an invitation to script/brute force access. I would like to instead, require basic auth everywhere, but when not authenticated, not prompt for username and password, and instead return a 404 not found error for all urls except a wp-adminsecretlogin/ url. At that individual-to-the-site url, basic auth could go through, and unlock the rest of the administrative functionality (though the standard application login would still be necessary). How would I do that via apache .htaccess or .conf directives?

    Read the article

  • Auth succeeded No requires line available

    - by user286223
    Upgrading to Ubuntu 14.04 (and Apache2 2.4) server I can't use MySQL as htaccess; Before upgrading I was using MySQL as htaccess in the virtual host - worked nicely: <Directory /var/www/html/tilmelding/login> AuthBasicAuthoritative Off AuthUserFile /dev/null # begin auth_mysql configuration AuthMySQL On AuthMySQL_Host localhost AuthMySQL_User ********** AuthMySQL_Password ********* AuthMySQL_DB ********** AuthMySQL_Password_Table user_info AuthMySQL_Username_Field user_name AuthMySQL_Password_Field user_passwd AuthMySQL_Empty_Passwords Off AuthMySQL_Encryption_Types PHP_MD5 AuthMySQL_Authoritative AuthType Basic AuthName "auth_mysql test" Require valid-user After upgrade it didn’t work. In the logfile I got: [:debug] [pid 31333] mod_auth_mysql.c(1578): Constructing password collection query with passfield=[user_passwd], table=[user_info], userfield=[helgoland], where_clause=[] [:debug] [pid 31333] mod_auth_mysql.c(1410): sec->dbh in /var/www/html/tilmelding/login/ is [:debug] [pid 31333] mod_auth_mysql.c(1417): Ordinary query [:debug] [pid 31333] mod_auth_mysql.c(1434): Running query: [SELECT user_passwd FROM user_info WHERE user_name='helgoland'] [:debug] [pid 31333] mod_auth_mysql.c(1522): Checking with PHP_MD5 [:debug] [pid 31333] mod_auth_mysql.c(1524): Auth succeeded [:error] [pid 31333] No requires line available I am able to do the query from CLI and get an MD5 back. What have I missed ?

    Read the article

  • Are random packets normal?

    - by TheLQ
    About a month ago on one of my servers I started receiving random packets from IPs all over the world. So I did the smart thing and stopped putting off installing an IDS. This IDS is a ClearOS Gateway which comes with Snort and SnortSam. I enabled it, checked There is a total of 4 ports open, two of which forward to the server I'm talking about. These ports are 3724 and 8085, so they aren't going to be easily detected in a port scan. However checking some logs of this server I found that the attack is resuming. I found this ... Accepting connection from '75.166.155.122' [Auth] got unknown packet from '75.166.155.122' Accepting connection from '98.164.154.93' [Auth] got unknown packet from '98.164.154.93' Ping MySQL to keep connection alive Accepting connection from '70.241.195.129' [Auth] got unknown packet from '70.241.195.129' Accepting connection from '67.182.229.169' [Auth] got unknown packet from '67.182.229.169' Accepting connection from '69.137.140.38' [Auth] got unknown packet from '69.137.140.38' Accepting connection from '76.31.72.55' [Auth] got unknown packet from '76.31.72.55' Accepting connection from '97.88.139.39' [Auth] got unknown packet from '97.88.139.39' Accepting connection from '173.35.62.112' [Auth] got unknown packet from '173.35.62.112' Accepting connection from '187.15.10.73' [Auth] got unknown packet from '187.15.10.73' Accepting connection from '66.66.94.124' [Auth] got unknown packet from '66.66.94.124' Accepting connection from '75.159.219.124' [Auth] got unknown packet from '75.159.219.124' Accepting connection from '99.102.100.82' [Auth] got unknown packet from '99.102.100.82' Accepting connection from '24.128.240.45' [Auth] got unknown packet from '24.128.240.45' Accepting connection from '99.231.7.39' [Auth] got unknown packet from '99.231.7.39' Accepting connection from '206.255.79.56' [Auth] got unknown packet from '206.255.79.56' Accepting connection from '68.97.106.235' [Auth] got unknown packet from '68.97.106.235' Accepting connection from '69.134.67.251' [Auth] got unknown packet from '69.134.67.251' Accepting connection from '63.228.138.186' [Auth] got unknown packet from '63.228.138.186' Accepting connection from '184.39.146.193' [Auth] got unknown packet from '184.39.146.193' Accepting connection from '69.171.161.102' [Auth] got unknown packet from '69.171.161.102' Accepting connection from '76.0.47.228' [Auth] got unknown packet from '76.0.47.228' Ping MySQL to keep connection alive Accepting connection from '126.112.201.14' [Auth] got unknown packet from '126.112.201.14' Ping MySQL to keep connection alive Now that scares me. Why isn't Snort detecting this? How were they able to find this specific port? More importantly, what normally would these packets contain? Is this something I should be worried about? How can I stop this?

    Read the article

  • Insufficient permissions when calling flickr.auth.oauth.checkToken

    - by Designer 17
    This is a follow up on another question I had asked on stackoverflow a day or so ago. I'm working on trying to call flickr.people.getPhotos... but no matter what I do I keep getting this... jsonFlickrApi({"stat":"fail", "code":99, "message":"Insufficient permissions. Method requires read privileges; none granted."}); but if you were to look at my "Apps You're Using" page (on flickr) you'd see this. So, even though I've authorized the max permissions... flickr says I don't have any granted!? I even used flickr.auth.oauth.checkToken to double check that my access token was right, this was the value returned; jsonFlickrApi({"oauth":{"token":{"_content":"my-access-token"}, "perms":{"_content":"delete"}, "user":{"nsid":"my-user-nsid", "username":"designerseventeen", "fullname":"Designer Seventeen"}}, "stat":"ok"}) Here's how I'm attempting to call flickr.people.getPhotos... <?php // Attempt to call flickr.people.getPhotos $method = "flickr.people.getPhotos"; $format = 'json'; $nsid = 'my-user-nsid'; $sig_string = "{$api_secret}api_key{$api_key}format{$format}method{$method}user_id{$nsid}"; $api_sig = md5( $sig_string ); $flickr_call = "http://api.flickr.com/services/rest/?"; $url = "method=" . $method; $url .= "&api_key=" . $api_key; $url .= "&user_id=" . $nsid; $url .= "&format=" . $format; $url .= "&api_sig=" . $api_sig; $url = $flickr_call . $url; $results = file_get_contents( $url ); $rsp_arr = explode( '&',$results ); print "<pre>"; print_r($rsp_arr); print "</pre>"; I am officially stumped... and in need of help. Thanks!

    Read the article

  • auth component issue

    - by madphp
    Im trying to get my admin routing working with the auth component. I want the following routing to work. Router::connect('/admin', array('controller' => 'pages', 'action' => 'index', 'admin' => true)); but when i type in /admin it redirects to /admin/users/login and display this error. Create UsersController::admin_login() in file: cms.local/controllers/users_controller.php here is my app_controller code. class AppController extends Controller { var $components = array('DebugKit.Toolbar','Auth','Session'); function beforeFilter(){ //Set up Auth Component $this->Auth->loginAction = array('controller' => 'users', 'action' => 'login'); $this->Auth->loginRedirect = array('controller' => 'pages', 'action' => 'admin_index'); $this->Auth->allow('display'); } } users_controller <?php class UsersController extends AppController { var $name = 'Users'; function login(){ } function admin_logout(){ $this->Session->destroy(); $this->redirect($this->Auth->logout()); } } ?> If you require more information let me know. Thanks

    Read the article

  • Auth-Type :- Reject in RADIUS users file matches inner tunnel request but sends Access-Accept

    - by mgorven
    I have WPA2 802.11x EAP authentication setup using FreeRADIUS 2.1.8 on Ubuntu 10.04.4 talking to OpenLDAP, and can successfully authenticate using PEAP/MSCHAPv2, TTLS/MSCHAPv2 and TTLS/PAP (both via the AP and using eapol_test). I am now trying to restrict access to specific SSIDs based on the LDAP groups which the user belongs to. I have configured group membership checking in /etc/freeradius/modules/ldap like so: groupname_attribute = cn groupmembership_filter = "(|(&(objectClass=posixGroup)(memberUid=%{User-Name}))(&(objectClass=posixGroup)(uniquemember=%{User-Name})))" and I have configured extraction of the SSID from Called-Station-Id into Called-Station-SSID based on the Mac Auth wiki page. In /etc/freeradius/eap.conf I have enabled copying attributes from the outer tunnel into the inner tunnel, and usage of the inner tunnel response in the outer tunnel (for both PEAP and TTLS). I had the same behaviour before changing these options however. copy_request_to_tunnel = yes use_tunneled_reply = yes I'm running eapol_test like this to test the setup: eapol_test -c peap-mschapv2.conf -a 172.16.0.16 -s testing123 -N 30:s:01-23-45-67-89-01:Example-EAP with the following peap-mschapv2.conf file: network={ ssid="Example-EAP" key_mgmt=WPA-EAP eap=PEAP identity="mgorven" anonymous_identity="anonymous" password="foobar" phase2="autheap=MSCHAPV2" } With the following in /etc/freeradius/users: DEFAULT Ldap-Group == "employees" and running freeradius-Xx, I can see that the LDAP group retrieval works, and that the SSID is extracted. Debug: [ldap] performing search in dc=example,dc=com, with filter (&(cn=employees)(|(&(objectClass=posixGroup)(memberUid=mgorven))(&(objectClass=posixGroup)(uniquemember=mgorven)))) Debug: rlm_ldap::ldap_groupcmp: User found in group employees ... Info: expand: %{7} -> Example-EAP Next I try to only allow access to users in the employees group (regardless of SSID), so I put the following in /etc/freeradius/users: DEFAULT Ldap-Group == "employees" DEFAULT Auth-Type := Reject But this immediately rejects the Access-Request in the outer tunnel because the anonymous user is not in the employees group. So I modify it to only match inner tunnel requests like so: DEFAULT Ldap-Group == "employees" DEFAULT FreeRADIUS-Proxied-To == "127.0.0.1" Auth-Type := Reject, Reply-Message = "User does not belong to any groups which may access this SSID." Now users which are in the employees group are authenticated, but so are users which are not in the employees group. I see the reject entry being matched, and the Reply-Message is set, but the client receives an Access-Accept. Debug: rlm_ldap::ldap_groupcmp: Group employees not found or user is not a member. Info: [files] users: Matched entry DEFAULT at line 209 Info: ++[files] returns ok ... Auth: Login OK: [mgorven] (from client test port 0 cli 02-00-00-00-00-01 via TLS tunnel) Info: WARNING: Empty section. Using default return values. ... Info: [peap] Got tunneled reply code 2 Auth-Type := Reject Reply-Message = "User does not belong to any groups which may access this SSID." ... Info: [peap] Got tunneled reply RADIUS code 2 Auth-Type := Reject Reply-Message = "User does not belong to any groups which may access this SSID." ... Info: [peap] Tunneled authentication was successful. Info: [peap] SUCCESS Info: [peap] Saving tunneled attributes for later ... Sending Access-Accept of id 11 to 172.16.2.44 port 60746 Reply-Message = "User does not belong to any groups which may access this SSID." User-Name = "mgorven" and eapol_test reports: RADIUS message: code=2 (Access-Accept) identifier=11 length=233 Attribute 18 (Reply-Message) length=64 Value: 'User does not belong to any groups which may access this SSID.' Attribute 1 (User-Name) length=9 Value: 'mgorven' ... SUCCESS Why isn't the request being rejected, and is this the right way to implement this?

    Read the article

  • How to grant su access to wheel without asking for password on FreeBSD?

    - by cstamas
    I would like to grant users of the wheel group (other sysadmins) su access without being asked for password. I know how to do it with pam in linux, but the question now is for FreeBSD. I am not familiar with the syntax for FreeBSD's PAM subsystem. What shall I enter in /etc/pam.d/su instead of the default: auth sufficient pam_rootok.so no_warn auth sufficient pam_self.so no_warn auth requisite pam_group.so no_warn group=wheel root_only fail_safe ruser auth include system # account account include system # session session required pam_permit.so

    Read the article

  • How to use cURL to FTPS upload to SecureTransport (hint: SITE AUTH and client certificates)

    - by Seamus Abshere
    I'm trying to connect to SecureTransport 4.5.1 via FTPS using curl compiled with gnutls. You need to use --ftp-alternative-to-user "SITE AUTH" per http://curl.haxx.se/mail/lib-2006-07/0068.html Do you see anything wrong with my client certificates? I try with # mycert.crt -----BEGIN CERTIFICATE----- ... -----END CERTIFICATE----- # mykey.pem -----BEGIN RSA PRIVATE KEY----- ... -----END RSA PRIVATE KEY----- And it says "530 No client certificate presented": myuser@myserver ~ $ curl -v --ftp-ssl --cert mycert.crt --key mykey.pem --ftp-alternative-to-user "SITE AUTH" -T helloworld.txt ftp://ftp.example.com:9876/upload/ * About to connect() to ftp.example.com port 9876 (#0) * Trying 1.2.3.4... connected * Connected to ftp.example.com (1.2.3.4) port 9876 (#0) < 220 msn1 FTP server (SecureTransport 4.5.1) ready. > AUTH SSL < 334 SSLv23/TLSv1 * found 142 certificates in /etc/ssl/certs/ca-certificates.crt > USER anonymous < 331 Password required for anonymous. > PASS [email protected] < 530 Login incorrect. > SITE AUTH < 530 No client certificate presented. * Access denied: 530 * Closing connection #0 curl: (67) Access denied: 530 I also tried with a pk8 version... # openssl pkcs8 -in mykey.pem -topk8 -nocrypt > mykey.pk8 -----BEGIN CERTIFICATE----- ... -----END CERTIFICATE----- ...but got exactly the same result. What's the trick to sending a client certificate to SecureTransport?

    Read the article

  • Why is squid breaking kerberos/NTLM auth?

    - by DonEstefan
    I'm using squid 2.6.22 (Centos 5 Default) as a proxy. Squid seems to break the authentication process for web pages when they require NTLM or Kerberos Auth. I tested with sharepoint 2007 and tried all 3 authentication methods (NTLM, Kerberos, Basic). Accessing the site without squid works in all cases. When I access the same page with squid, then only basic-auth works. Using IE or Firefox desn't make any difference. Squid itself can be used by anybody (no auth_param configured). Its a bit tricky to find solutions online, since most of the topics whirl around auth_param for authenticating users to squid rather than authenticating users to a webpage behind squid. Could anyone help? Edit: Sorry, but my first test was totally screwed up. I tested against the wrong webservers (Memo to myself: always check assumptions before testing). Now I realized that the problem scenario is completely different. Kerberos work for IE Kerberos works for Firefox (after changing "network.negotiate-auth.trusted-uris" in about:config) NTLM works for IE NTLM does NOT work in Firefox (even after changing "network.automatic-ntlm-auth.trusted-uris" in about:config) By the way: The feature that provides NTLM-passthrough in squid is called "connection pinning" and the HTTP header "Proxy-support: Session-based-authentication""

    Read the article

  • With Apache/mod_wsgi how can I redirect to ssl and require Auth?

    - by justin
    I have a Media Temple DV server hosting dev.example.com with django mounted at /. There is a legacy directory in my httpdocs I need to continue to serve at /legacy. But for this directory I need to redirect anyone coming over http over to https, then prompt for http basic auth. In the virtual host conf, I'm pointing the root to a django application: WSGIScriptAlias / /var/django-projects/myproject/apache/django.wsgi <Directory /var/django-projects/myproject/apache> Order allow,deny Allow from all </Directory> Then I alias the legacy directory. Alias /legacy/ /var/www/vhosts/example.com/subdomains/dev/httpdocs/legacy/ <Directory /var/www/vhosts/example.com/subdomains/dev/httpdocs> Order deny,allow Allow from all RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://dev.example.com/$1 [R,L] </Directory> This works. It isn't served by django, and the url redirects to https. However, it serves httpdocs/legacy instead of httpsdocs/legacy (where I have an .htaccess that prompts for auth.) Any idea of how I can manage this?

    Read the article

  • what service to restart for /var/log/auth.log to start

    - by Bond
    Here is a situation since the log files on my server had grown to several Gigabytes I took a backup of directory /var/log and then manually when to each subdirectory of /var/log and the files which were big in size I did cat > /var/log/file_which_is_big press 2 times enter key (basically over wrote those files with a blank space) and then Ctrl+C So basically I over wrote those files to be blank. Now when I open /var/log/auth.log I don't see any entry (which is expected also since I over wrote) but when I exit the SSH session and login again then also I do not see any entry in auth.log is there any way other than rebooting the machine to make sure I keep getting the entries in /var/log/auth.log I am not sure which service writes in this file. This is a Ubuntu 10.04 server.

    Read the article

  • Django auth without "auth_*" tables

    - by Travis Jensen
    We would like to use our own tables for user management instead of the Django "auth" tables. We already have database tables that include all of the relevant information our application needs but it isn't in the Django format. We would prefer not to have the information duplicated in two tables. We would like to utilize the auth package, though, as there is some very nice functionality that we don't want to replicate. I realize we could build our own auth backend, but that doesn't, as far as I can tell, remove the need for two sets of tables in this case. Am I correct in assuming that we cannot do this? I have found no docs that discuss how to modify the underlying model that the auth package is using. The backend simply pre-populates the user object that would eventually be saved in the auth tables. Thanks!

    Read the article

  • Auth failed running command from shell script

    - by CSchulz
    I try to run following command from shell script: svn checkout http://url/ --username user --password password --non-interactive --no-auth-cache . It fails always with following error: svn: OPTIONS of 'http://url/': authorization failed: Could not authenticate to server: rejected Basic challenge (http://url) Here the call out of my script: $(svn $command $url $auth --non-interactive --no-auth-cache .) Running the same command from the terminal works fine. What is the difference between running from shell script and terminal? EDIT: Here some version information: OS: Porteus 1.0 based on Slackware 13.3 Subversion: subversion-1.6.16-i486-1

    Read the article

  • Enable Claims based Auth on a SP2010 website, after it has been provisioned

    Ad:: SharePoint 2007 Training in .NET 3.5 technologies (more information). This feed URL has been discontinued. Please update your reader's URL to : http://feeds.feedburner.com/winsmarts Read full article .... ...Did you know that DotNetSlackers also publishes .net articles written by top known .net Authors? We already have over 80 articles in several categories including Silverlight. Take a look: here.

    Read the article

  • Online Accounts auth over and over again without success

    - by Mike Pretzlaw
    I just added my Google account to the "Online Accounts" in Gnome. Before my last restart the account couldn't be added for unknown reason. I authorized Gnome access to my Google Account, the window closed and nothing happened. Now I authorized Ubuntu access to my Google Account which worked well: But I can not open the Gnome Online Accounts even when I delete every online account: It's icon show up that it is loading in the dash but then suddenly disappears without any message. How to debug that? What can I do?

    Read the article

  • HTTP Basic Auth Protected Services using Web Service Data Control

    - by vishal.s.jain(at)oracle.com
    With Oracle JDeveloper 11g (11.1.1.4.0) one can now create Web Service Data Control for services which are protected with HTTP Basic Authentication.So when you provide such a service to the Data Control Wizard, a dialog pops up prompting you to entry the authentication details:After you give the details, you can proceed with the creation of Data Control.Once the Data Control is created, you can use the WSDC Tester to quickly test the service.In this case, since the service is protected, we need to first edit the connection to provide username details:Enter the authentication details against username and password. Once done, select DataControl.dcx and using the context menu, select 'Run'. This will bring up the Tester.On the Tester, select the Service Node and using context menu pick 'Operations'. This will bring up the methods which you can test:Now you can pick a method, provide the input parameters and hit execute to see the results.

    Read the article

  • Cannot exclude a path from basic auth when using a front controller script

    - by Adam Monsen
    I have a small PHP/Apache2 web application wherein I'd like to do two seemingly incompatible operations: Route all requests through a single PHP script (a "front controller", if you will) Secure everything except API calls with HTTP basic authentication I can satisfy either requirement just fine in isolation, it's when I try to do both at once that I am blocked. For no good reason I'm trying to accomplish these requirements solely with Apache configuration. Here are the requirements stated as an example. A GET request for this URL: http://basic/api/listcars?max=10 should be sent through front.php without requiring basic auth. front.php will get /api/listcars?max=10 and do whatever it needs to with that. Here's what I think should work. In my /etc/hosts I added 127.0.0.1 basic and I am using this Apache config: <Location /> AuthType Basic AuthName "Home Secure" AuthUserFile /etc/apache2/passwords require valid-user </Location> <VirtualHost *:80> ServerName basic DocumentRoot /var/www/basic <Directory /var/www/basic> <IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{SCRIPT_FILENAME} !-f RewriteCond %{SCRIPT_FILENAME} !-d RewriteRule ^(.*)$ /front.php/$1 [QSA,L] </IfModule> </Directory> <Location /api> Order deny,allow Allow from all Satisfy any </Location> </VirtualHost> But I still always get a HTTP 401: Authorization Required response. I can make it work by changing <Location /api> into <Location ~ /api> but this allows more than I want to past basic auth. I also tried changing the <Directory /var/www/basic> section into <Location />, but this doesn't work either (and it results in some strange values for PATH_TRANSLATED being passed to the script). I searched around and found many examples of selective exclusion of basic auth, but none that also incorporated a front controller. I could certainly do something like handle basic auth in the front controller, but if I can have Apache do that instead I'll be able to keep all authentication logic out of my PHP code. A friend suggested splitting this into two vhosts, which I know also works. This used to be two separate vhosts, actually. I'm using Apache 2.2.22 / PHP 5.3.10 on Ubuntu 12.04.

    Read the article

  • error in auth.log but can login; LDAP/PAM

    - by Peter
    I have a server running OpenLDAP. When I start a ssh-session I can log in without problems, but an error appears in the logs. This only happens when I log in with a LDAP account (so not with a system account such as root). Any help to eliminate these errors would be much appreciated. The relevant piece from /var/log/auth.log sshd[6235]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=example.com user=peter sshd[6235]: Accepted password for peter from 192.168.1.2 port 2441 ssh2 sshd[6235]: pam_unix(sshd:session): session opened for user peter by (uid=0) pam common-session session [default=1] pam_permit.so session required pam_unix.so session optional pam_ldap.so session required pam_mkhomedir.so skel=/etc/skel umask=0022 session required pam_limits.so session required pam_unix.so session optional pam_ldap.so pam common-auth auth [success=1 default=ignore] pam_ldap.so auth required pam_unix.so nullok_secure use_first_pass auth required pam_permit.so session required pam_mkhomedir.so skel=/etc/skel umask=0022 silent auth sufficient pam_unix.so nullok_secure use_first_pass auth requisite pam_succeed_if.so uid >= 1000 quiet auth sufficient pam_ldap.so use_first_pass auth required pam_deny.so pam common-account account [success=2 new_authtok_reqd=done default=ignore] pam_ldap.so account [success=1 default=ignore] pam_unix.so account required pam_unix.so account sufficient pam_succeed_if.so uid < 1000 quiet account [default=bad success=ok user_unknown=ignore] pam_ldap.so account required pam_permit.so account sufficient pam_ldap.so account sufficient pam_unix.so

    Read the article

  • How to prevent blocking http auth popups on firefox restart with many tabs open

    - by Glen S. Dalton
    I am using the latest firefox with tab mix plus and tabgoups manager. I have maybe 50 or 100 tabs oben in different tab groups. When I shutdown firefox and start it again all tabs and tab groups are perfectly rebuilt. But I have also many pages open that are behind a standard http auth, and these pages all request their usernames and passwords. So during startup firefox pops up all these pages' http auth windows. And they block everything else in firefox, they are like modal windows. (I am involved in website development and the beta versions are behind apache http auth.) I have to click many times the OK button in the popups, before I can do anything. All the usernames and passwords are already filled in. (And the firefox taskbar entry blinks and the firefox window heading also blinks, and focus switches back and foth, which also annoys me. And sometimes the popups do not react to my clicks, because firefox is maybe just switching focus somewhere else. This is the worst.) I want a plugin or some way to skip those popups. There are some plugins I tried some time ago, but they did not do what I need, because they require a mouse click for each login, which is no improvement over the situation like it already is. This is not about password storage (because firefox already stores them). But of course, if some password storing plugin could heal this it would be great.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >