Search Results

Search found 17257 results on 691 pages for 'mixed mode authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 30/691 | < Previous Page | 26 27 28 29 30 31 32 33 34 35 36 37  | Next Page >

  • IIS 7 Authentication: Certain users can't authenticate, while almost all others can.

    - by user35335
    I'm using IIS 7 Digest authentication to control access to a certain directory containing files. Users access the files through a department website from inside our network and outside. I've set NTFS permissions on the directory to allow a certain AD group to view the files. When I click a link to one of those files on the website I get prompted for a username and password. With most users everything works fine, but with a few of them it prompts for a password 3 times and then get: 401 - Unauthorized: Access is denied due to invalid credentials. But other users that are in the group can get in without a problem. If I switch it over to Windows Authentication, then the trouble users can log in fine. That directory is also shared, and users that can't log in through the website are able to browse to the share and view files in it, so I know that the permissions are ok. Here's the portion of the IIS log where I tried to download the file (/assets/files/secure/WWGNL.pdf): 2010-02-19 19:47:20 xxx.xxx.xxx.xxx GET /assets/images/bullet.gif - 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 200 0 0 218 2010-02-19 19:47:20 xxx.xxx.xxx.xxx GET /assets/images/bgOFF.gif - 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 200 0 0 218 2010-02-19 19:47:21 xxx.xxx.xxx.xxx GET /assets/files/secure/WWGNL.pdf - 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 401 2 5 0 2010-02-19 19:47:36 xxx.xxx.xxx.xxx GET /assets/files/secure/WWGNL.pdf - 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 401 1 2148074252 0 2010-02-19 19:47:43 xxx.xxx.xxx.xxx GET /assets/files/secure/WWGNL.pdf - 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 401 1 2148074252 15 2010-02-19 19:47:46 xxx.xxx.xxx.xxx GET /manager/media/script/_session.gif 0.19665693119168282 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 200 0 0 203 2010-02-19 19:47:46 xxx.xxx.xxx.xxx POST /manager/index.php - 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 200 0 0 296 2010-02-19 19:47:56 xxx.xxx.xxx.xxx GET /assets/files/secure/WWGNL.pdf - 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 401 1 2148074252 15 2010-02-19 19:47:59 xxx.xxx.xxx.xxx GET /favicon.ico - 80 - 10.5.16.138 Mozilla/5.0+(Windows;+U;+Windows+NT+6.1;+en-US)+AppleWebKit/532.5+(KHTML,+like+Gecko)+Chrome/4.0.249.89+Safari/532.5 404 0 2 0 Here's the Failed Logon attempt in the Security Log: Log Name: Security Source: Microsoft-Windows-Security-Auditing Date: 2/19/2010 11:47:43 AM Event ID: 4625 Task Category: Logon Level: Information Keywords: Audit Failure User: N/A Computer: WEB4.net.domain.org Description: An account failed to log on. Subject: Security ID: NULL SID Account Name: - Account Domain: - Logon ID: 0x0 Logon Type: 3 Account For Which Logon Failed: Security ID: NULL SID Account Name: jim.lastname Account Domain: net.domain.org Failure Information: Failure Reason: Unknown user name or bad password. Status: 0xc000006d Sub Status: 0xc000006a Process Information: Caller Process ID: 0x0 Caller Process Name: - Network Information: Workstation Name: - Source Network Address: 10.5.16.138 Source Port: 50065 Detailed Authentication Information: Logon Process: WDIGEST Authentication Package: WDigest Transited Services: - Package Name (NTLM only): - Key Length: 0 This event is generated when a logon request fails. It is generated on the computer where access was attempted. The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe. The Logon Type field indicates the kind of logon that was requested. The most common types are 2 (interactive) and 3 (network). The Process Information fields indicate which account and process on the system requested the logon. The Network Information fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases. The authentication information fields provide detailed information about this specific logon request. - Transited services indicate which intermediate services have participated in this logon request. - Package name indicates which sub-protocol was used among the NTLM protocols. - Key length indicates the length of the generated session key. This will be 0 if no session key was requested. Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-a5ba-3e3b0328c30d}" /> <EventID>4625</EventID> <Version>0</Version> <Level>0</Level> <Task>12544</Task> <Opcode>0</Opcode> <Keywords>0x8010000000000000</Keywords> <TimeCreated SystemTime="2010-02-19T19:47:43.890Z" /> <EventRecordID>2276316</EventRecordID> <Correlation /> <Execution ProcessID="612" ThreadID="692" /> <Channel>Security</Channel> <Computer>WEB4.net.domain.org</Computer> <Security /> </System> <EventData> <Data Name="SubjectUserSid">S-1-0-0</Data> <Data Name="SubjectUserName">-</Data> <Data Name="SubjectDomainName">-</Data> <Data Name="SubjectLogonId">0x0</Data> <Data Name="TargetUserSid">S-1-0-0</Data> <Data Name="TargetUserName">jim.lastname</Data> <Data Name="TargetDomainName">net.domain.org</Data> <Data Name="Status">0xc000006d</Data> <Data Name="FailureReason">%%2313</Data> <Data Name="SubStatus">0xc000006a</Data> <Data Name="LogonType">3</Data> <Data Name="LogonProcessName">WDIGEST</Data> <Data Name="AuthenticationPackageName">WDigest</Data> <Data Name="WorkstationName">-</Data> <Data Name="TransmittedServices">-</Data> <Data Name="LmPackageName">-</Data> <Data Name="KeyLength">0</Data> <Data Name="ProcessId">0x0</Data> <Data Name="ProcessName">-</Data> <Data Name="IpAddress">10.5.16.138</Data> <Data Name="IpPort">50065</Data> </EventData> </Event>

    Read the article

  • WinInet Apps failing when Internet Explorer is set to Offline Mode

    - by Rick Strahl
    Ran into a nasty issue last week when all of a sudden many of my old applications that are using WinInet for HTTP access started failing. Specifically, the WinInet HttpSendRequest() call started failing with an error of 2, which when retrieving the error boils down to: WinInet Error 2: The system cannot find the file specified Now this error can pop up in many legitimate scenarios with WinInet such as when no Internet connection is available or the HTTP configuration (usually configured in Internet Explorer’s options) is misconfigured. The error typically means that the server in question cannot be found or more specifically an Internet connection can’t be established. In this case the problem started suddenly and was causing some of my own applications (old Visual FoxPro apps using my own wwHttp library) and all Adobe Air applications (which apparently uses WinInet for its basic HTTP stack) along with a few more oddball applications to fail instantly when trying to connect via HTTP. Most other applications – all of my installed browsers, email clients, various social network updaters all worked just fine. It seems it was only WinInet apps that were failing. Yet oddly Internet Explorer appeared to be working. So the problem seemed to be isolated to those ‘classic’ applications using WinInet. WinInet’s base configuration uses the Internet Explorer options dialog. To check this out I typically go to the Internet Explorer options and find the Connection tab, and check out the LAN Setup. Make sure there are no rogue proxy settings or configuration scripts that are invalid. Trying with Auto-configuration on and off also can often fix ‘real’ configuration errors. This time however this wasn’t a problem – nothing in the LAN configuration was set (all default). I also played with the Automatic detection of settings which also had no effect. I also tried to use Fiddler to see if that would tell me something. Fiddler has a few additional WinInet configuration options in its configuration. Running Fiddler and hitting an HTTP request using WinInet would never actually hit Fiddler – the failure would occur before WinInet ever fired up the HTTP connection to go through the Fiddler HTTP proxy. And the Culprit is: Internet Explorer’s Work Offline Option The culprit in this situation was Internet Explorer which at some point, unknown to me switched into Offline Mode and was then shut down: When this Offline mode is checked when IE is running *or* if IE gets shut down with this flag set, all applications using WinInet by default assume that it’s running in offline mode. Depending on your caching HTTP headers and whether the page was cached previously you may or may not get a response or an error. For an independent non-browser application this will be highly unpredictable and likely result in failures getting online – especially if the application forces requests to always reload by disabling HTTP caching (as I do on most of my dynamic HTTP clients). What makes this especially tricky is that even when IE is in offline mode in the browser, you can still browse around the Web *if* you have a connection. IE will try to load anything it has cached from the local cache, but as soon as you hit a URL that isn’t cached it will automatically try to access that URL and uncheck the Work Offline option. Conversely if you get knocked off the Internet and browse in IE 9, IE will automatically go into offline mode. I never explicitly set offline mode – it just automatically sets itself on and off depending on the connection. Problem is if you’re not using IE all the time (as I do – rarely and just for testing so usually a few commonly used URLs) and you left it in offline mode when you exit, offline mode stays set which results in the above head scratcher. Ack. This isn’t new behavior in IE 9 BTW – this behavior has always been there, but I think what’s different is that IE now automatically switches between online and offline modes without notifying you at all, so it’s hard to tell when you are offline. Fixing the Issue in your Code If you have an application that is using WinInet, there’s a WinInet option called INTERNET_OPTION_IGNORE_OFFLINE. I just checked this out in my own applications and Internet Explorer 9 and it works, but apparently it’s been broken for some older releases (I can’t confirm how far back though) – lots of posts seem to suggest the flag doesn’t work. However, in IE 9 at least it does seem to work if you call InternetSetOption before you call HttpOpenRequest with the Http Session handle. In FoxPro code I use: DECLARE INTEGER InternetSetOption ;    IN WININET.DLL ;    INTEGER HINTERNET,;    INTEGER dwFlags,;    INTEGER @dwValue,;    INTEGER cbSize lnOptionValue = 1   && BOOL TRUE pass by reference   *** Set needed SSL flags lnResult=InternetSetOption(this.hHttpSession,;    INTERNET_OPTION_IGNORE_OFFLINE ,;  && 77    @lnOptionValue ,4)   DECLARE INTEGER HttpOpenRequest ;    IN WININET.DLL ;    INTEGER hHTTPHandle,;    STRING lpzReqMethod,;    STRING lpzPage,;    STRING lpzVersion,;    STRING lpzReferer,;    STRING lpzAcceptTypes,;    INTEGER dwFlags,;    INTEGER dwContextw     hHTTPResult=HttpOpenRequest(THIS.hHttpsession,;    lcVerb,;    tcPage,;    NULL,NULL,NULL,;    INTERNET_FLAG_RELOAD + ;    IIF(THIS.lsecurelink,INTERNET_FLAG_SECURE,0) + ;    this.nHTTPServiceFlags,0) …  And this fixes the issue at least for IE 9… In my FoxPro wwHttp class I now call this by default to never get bitten by this again… This solves the problem permanently for my HTTP client. I never want to see offline operation in an HTTP client API – it’s just too unpredictable in handling errors and the last thing you want is getting unpredictably stale data. Problem solved but this behavior is – well ugly. But then that’s to be expected from an API that’s based on Internet Explorer, eh?© Rick Strahl, West Wind Technologies, 2005-2011Posted in HTTP  Windows  

    Read the article

  • How to Easily Put a Windows PC into Kiosk Mode With Assigned Access

    - by Chris Hoffman
    Windows 8.1′s Assigned Access feature allows you to easily lock a Windows PC to a single application, such as a web browser. This feature makes it easy for anyone to configure Windows 8.1 devices as point-of-sale or other kiosk systems. In the past, setting up a Windows PC in kiosk mode involved much more work, requiring the use of third-party software, group policy, or Linux distributions designed around kiosk mode. Assigned Access is available on Windows 8.1 RT, Windows 8.1 Professional, and Windows 8.1 Enterprise. The standard edition of Windows 8.1 doesn’t support Assigned Access. Create a User Account for Assigned Access Rather than turn your entire computer into a locked-down kiosk system, Assigned Access allows you to create a separate user account that can only launch a single app — such as a web browser. To set this up, you must be logged into Windows as a user with administrator permissions. First, open the PC settings app — swipe in from the right or press Windows Key + C to open the charms bar, tap Settings, and tap Change PC settings. In the PC settings app, select Accounts and select Other accounts. Use the Add an account button to create a new Windows account. Select  the “Sign in without a Microsoft account” option and select Local account to create a local user account. You could also create a Microsoft account, but you may not want to do this if you just want a locked-down account with only browser access. If you need to install apps from the Windows Store to use in Assigned Access mode, you’ll have to set up a Microsoft account instead of a local account. A local account will still allow you access to the preinstalled apps, such as Internet Explorer. You may want to create a user account with a blank password. This would make it simple for anyone to access kiosk mode, even if the system becomes locked or needs to be rebooted. The account will be created as a standard user account with limited permissions. Leave it as a standard user account — don’t make it an administrator account. Set Up Assigned Access Once you’ve created an account, you’ll first need to sign into it. If you don’t, you’ll see a “This account has no apps” message when trying to enable Assigned Access. Go back to the welcome screen, log in to the new account you created, and allow Windows to go through the first-time account setup process. If you want to use a non-default app in kiosk mode, install it while logged in as that user account. Once you’re done, log out of the other account, log back in as your administrator account, and go back to the Other accounts screen. Click the Set up an account for assigned access option to continue. Select the user account you created and select the app you want to limit the account to. For a web-based kiosk, this can be a web browser such as the Modern version of Internet Explorer. Businesses can also create their own Modern apps and set them to run in kiosk mode in this way. Note that Microsoft’s documentation says “web browsers are not good choices for assigned access” because they require more permissions than average Modern (or “Windows Store”) apps. However, if you want to provide a kiosk for web-browsing, using Assigned Access is a much better option than using Guest Mode and offering up a full Windows desktop. When you’re done, restart your PC and log in as the Assigned Access account. Windows will automatically open the app you chose and won’t allow a user to leave that app. Standard Windows 8 features like the charms bar, app switcher, and Start screen won’t appear. Pressing the Windows key once will do nothing. To sign out of Assigned Access mode, press the Windows key five times — quickly — while signed in. You’ll be sent back to the standard login screen. The account will actually still be logged in and the app will remain running — this method just “locks” the screen and allows another user to log in. Automatically Log Into Assigned Access Whenever your Windows device boots, you can log into the Assigned Access account and turn it into a kiosk system. While this isn’t ideal for all kiosk systems, you may want the device to automatically launch the specific app when it boots without requiring any login process. To do so, you’ll just need to have Windows automatically log into the Assigned Access account when it boots. This option is hidden and not available in the standard Control Panel. You’ll need to use the hidden netplwiz Control Panel tool to set up automatic login on boot. If you didn’t create a password for the user account, leave the Password field empty while configuring this. Security Considerations If you’re using this feature to turn a Windows 8.1 system into a kiosk and leaving it open to the public, remember to consider security. Anyone could come up to the system, press the Windows key five times, and try to log into your standard administrator user account. Ensure the administrator user account has a strong password so people won’t be able to get past the kiosk system’s limitations and tamper with the system. Even Windows 8′s detractors have to admit that it’s an ideal system for a touch-screen kiosk device, running either a browser or another specific application. Assigned Access finally makes this easy to set up on Windows systems in the real world — no IT experience, third-party software, or Linux distributions necessary.     

    Read the article

  • "The breakpoint will not currently be hit" error while debugging a mixed mode application (c# and unmanaged c++)

    - by user1678403
    While debugging a mixed mode application in VS2010, the breakpoint set on a line of code contained in an unmanaged c++ dll source file (called from a managed c# wrapper class) shows the infamous "The breakpoint will not currently be hit. No symbols have been loaded for this document" info message when hovering the mouse over the breakpoint on the line in question. The breakpoint itself is a red circle with a yellow info triangle instead of the usual solid red orb. Of course, the breakpoint isn't hit when the debugger is executed. Most answers I've found for this warning indicate the breakpoint hasn't been set properly, or that the expected dll is not being loaded, or that the associated pdb file is not located in the correct location, etc. etc. This is not the problem. The application does load and execute the referenced dll correctly. I've verified that the correct pdb file, with the same file date as its dll, is located in the executable's working directory along with the target dll itself. The debugger simply doesn't load the symbols for the dll, and the dll doesn't show in the Modules list. None of the solutions I've found online work for this problem. The dll doesn't show in the modules list available from 'Debug-Windows-Modules' menu selection... even though it is, in fact, loaded. Breakpoints set in the wrapper class work correctly. Deleting the bin and obj directories, cleaning and rebuilding the solution also doesn't help.

    Read the article

  • Increase Security by Enabling Two-Factor Authentication on Your Google Account

    - by Jason Fitzpatrick
    You can easily increase the security of your Google account by enabling two-factor authentication; flip it on today for a free security boost. It’s not a new feature but it’s a feature worth giving a second look. Watch the above video for a quick overview of Google’s two-factor authentication system. Essentially your mobile phone becomes the second authentication tool–you use your password + a code sent to your phone to log into your account. It’s a great way to easily increase the security of your Google account, it’s free, and you can set it so that you only have to validate your home computer once every 30 days. Google Two-Step Verification [via Google+] HTG Explains: When Do You Need to Update Your Drivers? How to Make the Kindle Fire Silk Browser *Actually* Fast! Amazon’s New Kindle Fire Tablet: the How-To Geek Review

    Read the article

  • How to connect to Windows Server 2008 Remote Desktop with Network Level Authentication Required

    - by Lobo
    I have an Ubuntu 11.10 and I want to connect via remote desktop to a Windows Server 2008 R2. In the properties of remote desktop connection to Windows Server 2008, is set to "safer". Specifically, the selected option is "Allow connections only from computers running Remote Desktop with Network Level Authentication." In my Ubuntu, I used Remmina to connect to Windows Server 2008. Remmina can not connect to a Windows Server 2008 with the option "Network Level Authentication" (shown in the previous paragraph). The error message I Remmina returns is as follows: "Disable the connection to the server RPD: IPWINDOWSSERVER2008" How or what program I can connect by remote desktop to a Windows Server 2008 you have selected the option "Network Level Authentication"? Thanks for the help, Greetings! PD: Excuse for my English.

    Read the article

  • Using both domain users and local users for Squid authentication?

    - by Massimo
    I'm working on a Squid proxy which needs to authenticate users against an Active Directory domain; this works fine, Samba was correctly set up and Squid authenticates users via ntlm_auth. Relevant lines in squid.conf: auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 5 auth_param ntlm keep_alive on acl Authenticated proxy_auth REQUIRED http_access allow Authenticated http_access deny all Now, I need a way to allow access to users which don't have a domain account. I know I could create an "internet user" account in the domain, but this would allow access, although limited, to domain resources (file shares, etc.); I need something that will allow only Internet access. The ideal solution would be using a local account on the proxy server, either a Linux account or a Squid one; I know Squid supports this, but I'm unable to have it use both domain authentication and Squid/local authentication if domain auth is unsuccesful. Can this be done? How?

    Read the article

  • org-mode schedule weekly event for a period.

    - by Hamza Yerlikaya
    I would like to use agenda to keep track of my classes, assuming i have a com 355 class every week from march to june, <2010-03-23 Tue 10:40-12:10 +1w> this works but it schedules it indefinitely if i use, <2010-03-23 Tue 10:40-12:10 +1w>-<2010-06-23> it gets scheduled for everyday from march to june, how can i schedule this once a week for a period of time?

    Read the article

  • Need Users to Re-authenticate with NTLM

    - by Trey Carroll
    I'm NTLM (authenication="windows" in the web.config) with an asp.net mvc 2.0 site. Right now once a user logs in it keeps them logged in for weeks at a time. The use of the application is being opened up to users who share computers that use logged in service accounts. I need the site to reprompt each user for their AD credentials each time in order to handle these users. (Activity on the site must be linked to a uniquely identified user.) Thanks for any help that you can provide. Trey Carroll

    Read the article

  • How do you prevent brute force attacks on RESTful data services

    - by Adrian Grigore
    Hi, I'm about to implement an RESTful API to our website (based on WCF data services, but that probably does not matter). All data offered via this API belongs to certain users of my server, so I need to make sure only those users have access to my resources. For this reason, all requests have to be performed with a login/password combination as part of the request. What's the recommended approach for preventing brute force attacks in this scenario? I was thinking of logging failed requests denied due to wrong credentials and ignoring requests originating from the same IP after a certain threshold of failed requests has been exceeded. Is this the standard approach, or am I a missing something important? Thanks, Adrian

    Read the article

  • HttpModule.Init - safely add HttpApplication.BeginRequest handler in IIS7 integrated mode

    - by Paul Smith
    My question is similar but not identical to: http://stackoverflow.com/questions/1123741/why-cant-my-host-softsyshosting-com-support-beginrequest-and-endrequest-event (I've also read the mvolo blog referenced therein) The goal is to successfully hook HttpApplication.BeginRequest in the IHttpModule.Init event (or anywhere internal to the module), using a normal HttpModule integrated via the system.webServer config, i.e. one that doesn't: invade Global.asax or override the HttpApplication (the module is intended to be self-contained & reusable, so e.g. I have a config like this): <system.webServer> <validation validateIntegratedModeConfiguration="false"/> <modules> <remove name="TheHttpModule" /> <add name="TheHttpModule" type="Company.HttpModules.TheHttpModule" preCondition="managedHandler" /> So far, any strategy I've tried to attach a listener to HttpApplication.BeginRequest results in one of two things, symptom 1 is that BeginRequest never fires, or symptom 2 is that the following exception gets thrown on all managed requests, and I cannot catch & handle it from user code: Stack Trace: [NullReferenceException: Object reference not set to an instance of an object.] System.Web.PipelineModuleStepContainer.GetEventCount(RequestNotification notification, Boolean isPostEvent) +30 System.Web.PipelineStepManager.ResumeSteps(Exception error) +1112 System.Web.HttpApplication.BeginProcessRequestNotification(HttpContext context, AsyncCallback cb) +113 System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context) +616 Commenting out app.BeginRequest += new EventHandler(this.OnBeginRequest) in Init stops the exception of course. Init does not reference the Context or Request objects at all. I have tried: Removed all references to HttpContext.Current anywhere in the project (still symptom 1) Tested removing all code from the body of my OnBeginRequest method, to ensure the problem wasn't internal to the method (= exception) Sniffing the stack trace and only calling app.BeginRequest+=... when if the stack isn't started by InitializeApplication (= BeginRequest not firing) Only calling app.BeginRequest+= on the second pass through Init (= BeginRequest not firing) Anyone know of a good approach? Is there some indirect strategy for hooking Application_Start within the module (seems unlikely)? Another event which a) one can hook from a module's constructor or Init method, and b) which is subsequently a safe place to attach BeginRequest event handlers? Thanks much

    Read the article

  • windows kernel mode IOCTL returns random results

    - by clyfe
    I use the following code to fetch PSTORAGE_HOTPLUG_INFO capabilities from disks via IOCTL in a minifilter driver, but the returning hotplugInfo structure has all the fields set to random nonzero values on subsequent executions. What am I doing wrong? RESULT: 00000014 0.00046322 IOCTL Volume Media Removable, 64 00000015 0.00046451 IOCTL Volume Media Hotplug 154 00000016 0.00046562 IOCTL Volume Device Hotplug 244 00000054 1020.44311523 IOCTL Volume Media Removable, 240 00000055 1020.44311523 IOCTL Volume Media Hotplug 102 00000056 1020.44311523 IOCTL Volume Device Hotplug 244 Sample code: //int SomeFunction(PFLT_VOLUME pFLTVolume) STORAGE_HOTPLUG_INFO storageHotplugInfo; KEVENT event; IO_STATUS_BLOCK ioStatus; PIRP pirp; PDEVICE_OBJECT deviceObject; PSTORAGE_HOTPLUG_INFO hotplugInfo; ASSERT(KeGetCurrentIrql() <= DISPATCH_LEVEL); status = FltGetDiskDeviceObject(pFLTVolume, &deviceObject); if(!NT_SUCCESS(status)){ DbgPrint("No Device for Volume\n"); return 0; } KeInitializeEvent(&event, NotificationEvent, FALSE); ASSERT(KeGetCurrentIrql() <= APC_LEVEL); pirp = IoBuildDeviceIoControlRequest( IOCTL_STORAGE_GET_HOTPLUG_INFO, deviceObject, NULL, 0, &storageHotplugInfo, sizeof(STORAGE_HOTPLUG_INFO), FALSE, &event, &ioStatus ); if(!pirp){ return 0; } ASSERT(KeGetCurrentIrql() <= DISPATCH_LEVEL); status = IoCallDriver(deviceObject, pirp); if (status == STATUS_PENDING) { status = KeWaitForSingleObject( &event, Executive, KernelMode, FALSE, NULL); } else { ioStatus.Status = status; } status = ioStatus.Status; hotplugInfo = (PSTORAGE_HOTPLUG_INFO) &pirp->AssociatedIrp.SystemBuffer; if(hotplugInfo->MediaRemovable){ DbgPrint("IOCTL Volume Media Removable, %d\n", hotplugInfo->MediaRemovable); } if(hotplugInfo->MediaHotplug){ DbgPrint("IOCTL Volume Media Hotplug %d\n", hotplugInfo->MediaHotplug); } if(hotplugInfo->DeviceHotplug){ DbgPrint("IOCTL Volume Device Hotplug %d\n", hotplugInfo->DeviceHotplug); } ObDereferenceObject(deviceObject);

    Read the article

  • IsAuthenticated is false! weird behaviour + review question

    - by Naor
    This is the login function (after I validate user name and password, I load user data into "user" variable and call Login function: public static void Login(IUser user) { HttpResponse Response = HttpContext.Current.Response; HttpRequest Request = HttpContext.Current.Request; FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, user.UserId.ToString(), DateTime.Now, DateTime.Now.AddHours(12), false, UserResolver.Serialize(user)); HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(ticket)); cookie.Path = FormsAuthentication.FormsCookiePath; Response.Cookies.Add(cookie); string redirectUrl = user.HomePage; Response.Redirect(redirectUrl, true); } UserResolver is the following class: public class UserResolver { public static IUser Current { get { IUser user = null; if (HttpContext.Current.User.Identity.IsAuthenticated) { FormsIdentity id = (FormsIdentity)HttpContext.Current.User.Identity; FormsAuthenticationTicket ticket = id.Ticket; user = Desrialize(ticket.UserData); } return user; } } public static string Serialize(IUser user) { StringBuilder data = new StringBuilder(); StringWriter w = new StringWriter(data); string type = user.GetType().ToString(); //w.Write(type.Length); w.WriteLine(user.GetType().ToString()); StringBuilder userData = new StringBuilder(); XmlSerializer serializer = new XmlSerializer(user.GetType()); serializer.Serialize(new StringWriter(userData), user); w.Write(userData.ToString()); w.Close(); return data.ToString(); } public static IUser Desrialize(string data) { StringReader r = new StringReader(data); string typeStr = r.ReadLine(); Type type=Type.GetType(typeStr); string userData = r.ReadToEnd(); XmlSerializer serializer = new XmlSerializer(type); return (IUser)serializer.Deserialize(new StringReader(userData)); } } And the global.asax implements the following: void Application_PostAuthenticateRequest(Object sender, EventArgs e) { IPrincipal p = HttpContext.Current.User; if (p.Identity.IsAuthenticated) { IUser user = UserResolver.Current; Role[] roles = user.GetUserRoles(); HttpContext.Current.User = Thread.CurrentPrincipal = new GenericPrincipal(p.Identity, Role.ToString(roles)); } } First question: Am I do it right? Second question - weird thing! The user variable I pass to Login has 4 members: UserName, Password, Name, Id. When UserResolver.Current executed, I got the user instance. I descided to change the user structure - I add an array of Warehouse object. Since that time, when UserResolver.Current executed (after Login), HttpContext.Current.User.Identity.IsAuthenticated was false and I couldn't get the user data. When I removed the Warehouse[] from user structure, it starts to be ok again and HttpContext.Current.User.Identity.IsAuthenticated become true after I Login. What is the reason to this weird behaviour?

    Read the article

  • Ruby ways to authenticate using headers?

    - by webdestroya
    I am designing an API system in Ruby-on-Rails, and I want to be able to log queries and authenticate users. However, I do not have a traditional login system, I want to use an APIkey and a signature that users can submit in the HTTP headers in the request. (Similar to how Amazon's services work) Instead of requesting /users/12345/photos/create I want to be able to request /photos/create and submit a header that says X-APIKey: 12345 and then validate the request with a signature. Are there any gems that can be adapted to do that? Or better yet, any gems that do this without adaptation? Or do you feel that it would be wiser to just have them send the API key in each request using the POST/GET vars?

    Read the article

  • IsAuthenticated is false!

    - by Naor
    This is how I login ('user' holds the data of the user): HttpResponse Response = HttpContext.Current.Response; HttpRequest Request = HttpContext.Current.Request; FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, user.UserId.ToString(), DateTime.Now, DateTime.Now.AddHours(12), false, UserResolver.Serialize(user)); HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(ticket)); cookie.Path = FormsAuthentication.FormsCookiePath; Response.Cookies.Add(cookie); string redirectUrl = user.HomePage; Response.Redirect(redirectUrl); After this login I get IsAuthenticated == false. Why?? It worked for me before an hour but I don't know what is wrong now.

    Read the article

  • Apache basic auth, mod_authn_dbd and password salt

    - by Cristian Vrabie
    Using Apache mod_auth_basic and mod_authn_dbd you can authenticate a user by looking up that user's password in the database. I see that working if the password is held in clear, but what if we use a random string as a salt (also stored in the database) then store the hash of the concatenation? mod_authn_dbd requires you to specify a query to select that password not to decide if the user is authenticated of not. So you cannot use that query to concatenate the user provided password with the salt then compare with the stored hash. AuthDBDUserRealmQuery "SELECT password FROM authn WHERE user = %s AND realm = %s" Is there a way to make this work?

    Read the article

  • Mixed declarations and code in open source projects?

    - by Eduardo
    Why is still C99 mixed declarations and code not used in open source C projects like the Linux kernel or GNOME? I really like mixed declarations and code since it makes the code more readable and prevents hard to see bugs by restricting the scope of the variables to the narrowest possible. This is recommended by Google for C++. For example, Linux requires at least GCC 3.2 and GCC 3.1 has support for C99 mixed declarations and code

    Read the article

  • Emacs auto-minor-mode based on extension

    - by vermiculus
    I found this question somewhat on the topic, but is there a way [in emacs] to set a minor mode (or a list thereof) based on extension? For example, it's pretty easy to find out that major modes can be manipulated like so (setq auto-mode-alist (cons '("\\.notes$" . text-mode) auto-mode-alist)) and what I'd ideally like to be able to do is (setq auto-minor-mode-alist (cons '("\\.notes$" . auto-fill-mode) auto-minor-mode-alist)) The accept answer of the linked question mentions hooks, specifically temp-buffer-setup-hook. To use this, you have to add a function to the hook like so (add-hook 'temp-buffer-setup-hook 'my-func-to-set-minor-mode) My question is two-fold: Is there an easier way to do this, similar to major modes? If not, how would one write the function for the hook? It needs to check the file path against a regular expression. If it matches, activate the desired mode (e.g. auto-fill-mode).

    Read the article

  • Using the Katana Authentication handlers with NancyFx

    - by cibrax
    Once you write an OWIN Middleware service, it can be reused everywhere as long as OWIN is supported. In my last post, I discussed how you could write an Authentication Handler in Katana for Hawk (HMAC Authentication). Good news is NancyFx can be run as an OWIN handler, so you can use many of existing middleware services, including the ones that are ship with Katana. Running NancyFx as a OWIN handler is pretty straightforward, and discussed in detail as part of the NancyFx documentation here. After run the steps described there and you have the application working, only a few more steps are required to register the additional middleware services. The example bellow shows how the Startup class is modified to include Hawk authentication. public class Startup { public void Configuration(IAppBuilder app) { app.UseHawkAuthentication(new HawkAuthenticationOptions { Credentials = (id) => { return new HawkCredential { Id = "dh37fgj492je", Key = "werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn", Algorithm = "hmacsha256", User = "steve" }; } }); app.UseNancy(); } } .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; } This code registers the Hawk Authentication Handler on top of the OWIN pipeline, so it will try to authenticate the calls before the request messages are passed over to NancyFx. The authentication handlers in Katana set the user principal in the OWIN environment using the key “server.User”. The following code shows how you can get that principal in a NancyFx module, public class HomeModule : NancyModule { public HomeModule() { Get["/"] = x => { var env = (IDictionary<string, object>)Context.Items[NancyOwinHost.RequestEnvironmentKey]; if (!env.ContainsKey("server.User") || env["server.User"] == null) { return HttpStatusCode.Unauthorized; } var identity = (ClaimsPrincipal)env["server.User"]; return "Hello " + identity.Identity.Name; }; } } .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; } Thanks to OWIN, you don’t know any details of how these cross cutting concerns can be implemented in every possible web application framework.

    Read the article

  • Safe mode boot with no change on screen but ongoing hard disk activity - why?

    - by omatai
    I have a machine with a dying hard drive - bad sectors are starting to multiply :-( The first sign (24 hours ago) was that it had an unmountable boot volume. At this time, I tried booting to safe mode with command prompt, which worked, after which I rebooted normally and ran a chkdsk. It has since been working as well as I could expect, but slowly getting less reliable. So I scheduled another chkdsk on both partitions (C: - boot, D: - data), having freed up a lot of space on both partitions to give Windows a little more scope for repairs (hopefully?). I then rebooted. On reboot, it protested about the unmountable boot volume again, so I booted to safe mode. I got the same list of drivers loaded as yesterday, and then no change to the screen for the past 2 hours. However, I see a flickering hard drive indicator light - not always on, but seldom ever off. What is happening? Is the chkdsk that runs in safe mode one which produces nothing on the screen and so chkdsk could be doing its thing... or is Windows still trying (but failing) to boot into Safe Mode?

    Read the article

  • Second Monitor stays black/in power save mode

    - by Rob
    I'm using two Monitors, a Belinea o.display 1 (Recognized as a Rogen Tech Distribution Inc 20" by Ubuntu, but working fine) on the DVI-Output (connected via DVI-to-VGA-adapter) as my primary Monitor and a Dell 19" (Recognized correctly) on the HDMI-output (via HDMI-to-DVI adapter) as secondary monitor. The graphics controller is a GeForce 9500 GS. I'm running a fully updated Ubuntu 13.04 with nouveau 1:1.0.7-0ubuntu1. The problem is that the second monitor (Dell) never seems to come out of standby during boot: the screen stays black and the status led on the monitor stays orange (it's green when it's on). It is correctly recognized an the size of the desktop is set accordingly, it just stays black. Changing any setting via xrandr/arandr/etc. does nothing. The on-screen-menu of the monitor reports it to be in power save mode. When using the proprietary NVIDIA-Drivers, the second monitor works just find. But these drivers cause a lot of other problems on my system, so i would really like to avoid them. On Ubuntu 12.10 i had found a workaround: When moving the relative position of the second monitor slightly down and the up again, it would turn on and function normally: xrandr --output DVI-I-1 --mode 1680x1050 --pos 1280x0 --rotate normal --output HDMI-1 --mode 1280x1024 --pos 0x88 --rotate normal sleep 2 xrandr --output DVI-I-1 --mode 1680x1050 --pos 1280x0 --rotate normal --output HDMI-1 --mode 1280x1024 --pos 0x0 --rotate normal This workaround stop working after the update to 13.04, and now i'm looking for a new solution. Has anyone experienced something similarity? xrandr output: Screen 0: minimum 320 x 200, current 2960 x 1050, maximum 8192 x 8192 DVI-I-1 connected 1680x1050+0+0 (normal left inverted right x axis y axis) 433mm x 270mm 1680x1050 60.0*+ 1280x1024 75.0 60.0 1280x960 60.0 1152x864 75.0 1024x768 75.1 72.0 70.1 60.0 832x624 74.6 800x600 72.2 75.0 60.3 56.2 640x480 72.8 75.0 66.7 60.0 720x400 70.1 HDMI-1 connected 1280x1024+1680+0 (normal left inverted right x axis y axis) 376mm x 301mm 1280x1024 60.0*+ 75.0 1152x864 75.0 1024x768 75.1 60.0 800x600 75.0 60.3 640x480 75.0 60.0 720x400 70.1 lshw -c video: *-display Beschreibung: VGA compatible controller Produkt: G96 [GeForce 9500 GS] Hersteller: NVIDIA Corporation Physische ID: 0 Bus-Informationen: pci@0000:01:00.0 Version: a1 Breite: 64 bits Takt: 33MHz Fähigkeiten: pm msi pciexpress vga_controller bus_master cap_list rom Konfiguration: driver=nouveau latency=0 Ressourcen: irq:16 memory:fa000000-faffffff memory:d0000000-dfffffff memory:f8000000-f9ffffff ioport:df00(Größe=128) memory:fb000000-fb07ffff Thanks for your help!

    Read the article

  • ATI Radeon HD7000 Series (Laptop) - Switch Mode Between ATI & Intel Integrated GPU. Stuck on Boot Screen On Intel GPU Selection Mode

    - by Monkey Drone
    Laptop Specs: HP Pavilion G6-2020SE GPUs 1) ATI HD7000 Series 2) Intel Integrated OS Installed: x) Ubuntu 12.04 (64 bit) i) ATI Graphics Card Drivers Installed From AMD website. Note: Graphics Card Drivers are Working Fine in 3D Mode. It runs a little Hot as it should since its a GPU. Observation) AMD Catalyst Control Centre Lets me Choose If I want to run the system in HIGH-END (ATI GPU) OR Intel Integrated (Better battery life) While I am on High End GPU Choice, Ubuntu works fine. Problem) But when I switch to Intel Mode in the AMD CCC and reboot the Machine. Ubuntu goes into 'Low Graphics Mode'. The problem is not that it goes into low graphics mode, it is completely expected since I am no longer using the ATI GPU but the integrated Intel GPU. Problem starts with the 'Selection' of the options. During that screen, I have no mouse on the screen (even tried plugging in an external USB mouse) & No Keyboard functionality. Thus I am left completely disabled to choose any option and load into Ubuntu. The Only thing I can do is switch to a terminal and enable ATI GPU through command-line and Ubuntu works Fine again. Is it a bug that there is no mouse/keyboard available to me during the startup of Ubuntu when its launched in Low-Graphics Mode? Any suggestions on how to pass through that? My palms are sweating as I write this down because the ATI GPU is really heating up my laptop. I dont want to boot into Windows or keep it around any longer than necessary. Please advise with help and directions. Sincerely, MonkeyD Edit1: The Answer by Celso has helped me switch to Intel, thus giving me sufficient battery power. Kudos to Celso. Now I can at least use my laptop for the time being without having it burn hair off my skin. I am still looking for answer to my original question of, 'why is lightdm not working properly when I switch to Intel GPU using ATI HD7000 series official drivers provided by AMD'.

    Read the article

  • Is there any *good* HTML-mode for emacs?

    - by Carson Myers
    I love emacs, and I want to do my web-programming work in it, but I can't find a way to get it to edit HTML properly. I mean it's seriously awful. It will do HTML fine, but not PHP, javascript, etc. I tried getting html-helper-mode... I downloaded it, put it in /usr/local/share/emacs/site-lisp, and added it to my .emacs file: (autoload 'html-helper-mode "html-helper-mode" "Yay HTML" t) (setq auto-mode-alist (cons '("\\.html$" . html-helper-mode) auto-mode-alist)) copied and pasted from some site (I don't know elisp). it just, doesn't highlight anything at all. I tried downloading a whole bunch of modes and using some other mode to string them together, to no avail. Emacs is so great in every other way--why can't it do the simple task of editing web pages? I mean, it's a pretty standard thing to do for editors these days. So, does anyone know how to do this?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 26 27 28 29 30 31 32 33 34 35 36 37  | Next Page >