Search Results

Search found 9658 results on 387 pages for 'authentication provider'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 333/387 | < Previous Page | 329 330 331 332 333 334 335 336 337 338 339 340  | Next Page >

  • how does hash element make a secure login on zend framework?

    - by ulduz114
    hello all i saw a example for login form same blow code class Form_Login extends Zend_Form { //put your code here public function init($timeout=360){ $this->addElement('hash', 'token', array( 'timeout' => $timeout )); $this->setName('Login'); $username = $this->createElement ( 'text', 'username' ); $username->setLabel('user name:') ->setRequired(); $this->addElement($username); $password=$this->createElement('password','password'); $password->setLabel('password:'); $password->setRequired(); $this->addElement($password); $login=$this->createElement('submit','login'); $login->setLabel('Login'); $this->addElement($login); $this->setMethod('post'); $this->setAction(Zend_Controller_Front::getInstance()->getBaseUrl().'/authentication/login'); } } and in submitAction a part code same below if (!$form->isValid($request->getPost())) { if (count($form->getErrors('token')) > 0) { return $this->_forward('csrf-forbidden', 'error'); } $this->view->form = $form; return $this->render('login'); } now , my question, whats the reason for use of hash element? how this hash element make secure login? anybody may help explain these? thanks

    Read the article

  • Asp.net Login Status Question: It Aint Working

    - by contactmatt
    I'm starting to use Role Management in my website, and I'm current following along on the tutorial from http://www.asp.net/Learn/Security/tutorial-02-vb.aspx . I'm having a problem with the asp:LoginStatus control. It is not telling me that I am currently logged in after a successful login. This can't be true because after successfully logging in, my LoggedInTemplate is shown. The username and passwords are simply stored in a array. Heres the Login.aspx page code. Protected Sub btnLogin_Click(ByVal sender As Object, ByVal e As System.EventArgs) _ Handles btnLogin.Click ' Three valid username/password pairs: Scott/password, Jisun/password, and Sam/password. Dim users() As String = {"Scott", "Jisun", "Sam"} Dim passwords() As String = {"password", "password", "password"} For i As Integer = 0 To users.Length - 1 Dim validUsername As Boolean = (String.Compare(txtUserName.Text, users(i), True) = 0) Dim validPassword As Boolean = (String.Compare(txtPassword.Text, passwords(i), False) = 0) If validUsername AndAlso validPassword Then FormsAuthentication.RedirectFromLoginPage(txtUserName.Text, chkRemember.Checked) End If Next ' If we reach here, the user's credentials were invalid lblInvalid.Visible = True End Sub Here is the content place holder on the master page specifically designed to hold Login Information. On successfull login, the page is redirected to '/Default.aspx', and the LoggedIn Template below is shown...but the status says Log In. <asp:ContentPlaceHolder Id="LoginContent" runat="server"> <asp:LoginView ID="LoginView1" runat="server"> <LoggedInTemplate> Welcome back, <asp:LoginName ID="LoginName1" runat="server" />. </LoggedInTemplate> <AnonymousTemplate> Hello, stranger. </AnonymousTemplate> </asp:LoginView> <br /> <asp:LoginStatus ID="LoginStatus1" runat="server" LogoutAction="Redirect" LogoutPageUrl="~/Logout.aspx" /> </asp:ContentPlaceHolder> Forms authentication is enabled. I'm not sure what to do about this :o.

    Read the article

  • Am I under risk of CSRF attacks in a POST form that doesn't require the user to be logged in?

    - by Monika Sulik
    I'm probably being a total noob here, but I'm still uncertain about what a CSRF (Cross-Site Request Forgery) attack is exactly. So lets look at three situations... 1) I have a POST form that I use to edit data on my site. I want this data to be edited only by users that are logged in. 2) I have a site, which can be used by both users who are logged in as well as guests. Parts of the site are for logged in users only, but there are also POST forms that can be used by all users - anonymous and not (for example a standard contact form). Should the contact form be safeguarded against CSRF attacks? 3) I have a site which doesn't have an authentication system at all (well, perhaps that's unrealistic, so lets say it has an admin site which is separate from the rest of it and the admin part is properly safeguarded). The main part of the site is only used by anonymous users. Do the POST forms on it need to be safeguarded? In the case of 1) the answer is clearly yes. But in the case of 2 and 3 I don't know (and is the difference between 2 and 3 even significant?).

    Read the article

  • MVC 2 Data annotations problem

    - by Louzzzzzz
    Hi. Going mad now. I have a MVC solution that i've upgraded from MVC 1 to 2. It all works fine.... except the Validation! Here's some code: In the controller: using System; using System.Collections.Generic; using System.Globalization; using System.Linq; using System.Security.Principal; using System.Web; using System.Web.Mvc; using System.Web.Security; using System.Web.UI; using MF.Services.Authentication; using System.ComponentModel; using System.ComponentModel.DataAnnotations; namespace MF.Controllers { //basic viewmodel public class LogOnViewData { [Required] public string UserName { get; set; } [Required] public string Password { get; set; } } [HandleError] public class AccountController : Controller { [HttpPost] public ActionResult LogOn(LogOnViewData lvd, string returnUrl) { if (ModelState.IsValid) { //do stuff - IsValid is always true } } } } The ModelState is always valid. The model is being populated correctly however. Therefore, if I leave both username and password blank, and post the form the model state is still valid. Argh! Extra info: using structure map for IoD. Previously, before upgrading to MVC 2 was using the MS data annotation library so had this in my global.asax.cs: ModelBinders.Binders.DefaultBinder = new Microsoft.Web.Mvc.DataAnnotations.DataAnnotationsModelBinder(); Have removed that now. I'm sure i'm doing something really basic and wrong. If someone could point it out that would be marvellous. Cheers

    Read the article

  • Using Windows Integrated Auth & Anonymous during redirect on IIS7

    - by James Black
    I have an application we bought that I need to integrate, and it uses jakarta connection to get to the application from IIS. So, the basic operation is: user goes to the url Gets redirected to the application SSO is enabled, so redirected back to IIS for fetching of domain credentials Back to application If username is blank show login page, else let user in. This is a simplification of all the steps, but the basic idea is here. My difficulty is that I need both Windows Integrated Auth and anonymous on, as some users won't have credentials, and need to be prompted for a username/password. I have looked at: http://stackoverflow.com/questions/2068546/iis-windows-authentication-before-anonymous already, but the user doesn't get to click on a link to decide. The application goes back to IIS looking for login.aspx and from there I want to either get their domain credentials or pass back to the application empty strings to signify that there are no credentials. It seems this isn't going to be possible though as if anonymous is on it doesn't make the 401 request so the credentials aren't passed. If I can't get this to work with just using an ASP page, could it be done using an ISAPI filter, or a module?

    Read the article

  • Unable to connect to UNC share with WindowsIdentity.Impersonate, but works fine using LogonUser

    - by Rob
    Hopefully I'm not missing something obvious here, but I have a class that needs to create some directories on a UNC share and then move files to the new directory. When we connect using LogonUser things work fine with no errors, but when we try and use the user indicated by Integrated Windows authentication we run into problems. Here's some working and non-working code to give you an idea what is going on. The following works and logs the requested information: [DllImport("advapi32.dll", SetLastError = true)] private static extern bool LogonUser(string lpszUsername, string lpszDomain, string lpszPassword, int dwLogonType, int dwLogonProvider, out IntPtr phToken); [DllImport("kernel32.dll", CharSet = CharSet.Auto)] private static extern bool CloseHandle(IntPtr handle); IntPtr token; WindowsIdentity wi; if (LogonUser("user", "network", "password", 8, // LOGON32_LOGON_NETWORK_CLEARTEXT 0, // LOGON32_PROVIDER_DEFAULT out token)) { wi = new WindowsIdentity(token); WindowsImpersonationContext wic = wi.Impersonate(); Logging.LogMessage(System.Security.Principal.WindowsIdentity.GetCurrent().Name); Logging.LogMessage(path); DirectoryInfo info = new DirectoryInfo(path); Logging.LogMessage(info.Exists.ToString()); Logging.LogMessage(info.Name); Logging.LogMessage("LastAccessTime:" + info.LastAccessTime.ToString()); Logging.LogMessage("LastWriteTime:" + info.LastWriteTime.ToString()); wic.Undo(); CloseHandle(token); } The following fails and gives an error message indicating the network name is not available, but the correct user name is indicated by GetCurrent().Name: WindowsIdentity identity = (WindowsIdentity)HttpContext.Current.User.Identity; using (identity.Impersonate()) { Logging.LogMessage(System.Security.Principal.WindowsIdentity.GetCurrent().Name); Logging.LogMessage(path); DirectoryInfo info = new DirectoryInfo(path); Logging.LogMessage(info.Exists.ToString()); Logging.LogMessage(info.Name); Logging.LogMessage("LastAccessTime:" + info.LastAccessTime.ToString()); Logging.LogMessage("LastWriteTime:" + info.LastWriteTime.ToString()); }

    Read the article

  • SSL with private key on an HSM

    - by Jason
    I have a client-server architecture in my application that uses SSL. Currently, the private key is stored in CAPI's key store location. For security reasons, I'd like to store the key in a safer place, ideally a hardware signing module (HSM) that is built for this purpose. Unfortunately, with the private key stored on such a device, I can't figure out how to use it in my application. On the server, I am simply using the SslStream class and the AuthenticateAsServer(...) call. This method takes an X509Certificate object that has its private key loaded, but since the private key is stored in a secure (e.g. non exportable) location on the HSM, I don't know how to do this. On the client, I am using an HttpWebRequest object and then using the ClientCertificates property to add my client authentication certificate, but I have the same problem here: how do I get the private key? I know there are some HSMs that act as SSL accelerators but I don't really need an accelerator. Also, these products tend to have special integration with web servers such as IIS and Apache which I'm not using. Any ideas? The only thing I can think of would be to write my own SSL library that would allow me to hand off the signing portion of the transaction to the HSM, but this seems like a huge amount of work.

    Read the article

  • How to change identifier quote character in SSIS for connection to ODBC DSN

    - by William Rose
    I'm trying to create an SSIS 2008 Data Source View that reads from an Ingres database via the ODBC driver for Ingres. I've downloaded the Ingres 10 Community Edition to get the ODBC driver, installed it, set up the data access server and a DSN on the server running SSIS. If I connect to the SQL Server 2008 Database Engine on the server running SSIS, I can retrieve data from Ingres over the ODBC DSN by running the following command: SELECT * FROM OPENROWSET( 'MSDASQL' , 'DSN=IngresODBC;UID=testuser;PWD=testpass' , 'SELECT * FROM iitables') So I am quite sure that the ODBC setup is correct. If I try the same query with SQL Server style bracketed identifier quotes, I get an error, as Ingres doesn't support this syntax. SELECT * FROM OPENROWSET( 'MSDASQL' , 'DSN=IngresODBC;UID=testuser;PWD=testpass' , 'SELECT * FROM [iitables]') The error is "[Ingres][Ingres 10.0 ODBC Driver][Ingres 10.0]line 1, Unexpected character '['.". What I am finding is that I get the same error when I try to add tables from Ingres to an SSIS Data Source View. The initial step of selecting the ODBC Provider works fine, and I am shown a list of tables / views to add. I then select any table, and try to add it to the view, and get "ERROR [5000A] [Ingres][Ingres 10.0 ODBC Driver][Ingres 10.0]line 3, Unexpected character '['.". Following Ed Harper's suggestion of creating a named query also seems to be stymied. If I put into my named query the following text: SELECT * FROM "iitables" I still get an error: "ERROR [5000A] [Ingres][Ingres 10.0 ODBC Driver][Ingres 10.0]line 2, Unexpected character '['". According to the error, the query text passed by SSIS to ODBC was: SELECT [iitables].* FROM ( SELECT * FROM "iitables" ) AS [iitables] It seems that SSIS assumes that bracket quote characters are acceptable, when they aren't. How can I persuade it not to use them? Double quotes are acceptable.

    Read the article

  • Check for modification failure in content Integration using VisualSVN Server and Cruisecontrol.net

    - by harun123
    I am using CruiseControl.net for continous integration. I've created a repository for my project using VisualSvn server (uses Windows Authentication). Both the servers are hosted in the same system (Os-Microsoft Windows Server 2003 sp2). When i force build the project using CruiseControl.net "Failed task(s): Svn: CheckForModifications" is shown as the message. When i checked the build report, it says as follows: BUILD EXCEPTION Error Message: ThoughtWorks.CruiseControl.Core.CruiseControlException: Source control operation failed: svn: OPTIONS of 'https://sp-ci.sbsnetwork.local:8443/svn/IntranetPortal/Source': **Server certificate verification failed: issuer is not trusted** (https://sp-ci.sbsnetwork.local:8443). Process command: C:\Program Files\VisualSVN Server\bin\svn.exe log **sameUrlAbove** -r "{2010-04-29T08:35:26Z}:{2010-04-29T09:04:02Z}" --verbose --xml --username ccnetadmin --password cruise --non-interactive --no-auth-cache at ThoughtWorks.CruiseControl.Core.Sourcecontrol.ProcessSourceControl.Execute(ProcessInfo processInfo) at ThoughtWorks.CruiseControl.Core.Sourcecontrol.Svn.GetModifications (IIntegrationResult from, IIntegrationResult to) at ThoughtWorks.CruiseControl.Core.Sourcecontrol.QuietPeriod.GetModifications(ISourceControl sourceControl, IIntegrationResult lastBuild, IIntegrationResult thisBuild) at ThoughtWorks.CruiseControl.Core.IntegrationRunner.GetModifications(IIntegrationResult from, IIntegrationResult to) at ThoughtWorks.CruiseControl.Core.IntegrationRunner.Integrate(IntegrationRequest request) My SourceControl node in the ccnet.config is as shown below: <sourcecontrol type="svn"> <executable>C:\Program Files\VisualSVN Server\bin\svn.exe</executable> <trunkUrl> check out url </trunkUrl> <workingDirectory> C:\ProjectWorkingDirectories\IntranetPortal\Source </workingDirectory> <username> ccnetadmin </username> <password> cruise </password> </sourcecontrol> Can any one suggest how to avoid this error?

    Read the article

  • ASP Classic, SQL 2008, XML Output, and DSN vs DSN-Less Produces Chinese Letters

    - by RoLYroLLs
    I've been having a problem for the past month and can't seem to figure out what is wrong. Here's the setup and a little background. Background: I have a web-host who was running my website on Windows Server 2003 and SQL Server 2000. One of my webpages returned a result set from a stored procedure from the SQL server as xml. Below is the code: Stored Procedure: select top 10 1 as tag , null as parent , column1 as [item!1!column1!element] , column2 as [item!1!column2!element] from table1 for XML EXPLICIT ASP Page: index.asp Call OpenConn Set cmd = Server.CreateObject("ADODB.Command") With cmd .ActiveConnection = dbc .CommandText = "name of proc" .CommandType = adCmdStoredProc .Parameters.Append .CreateParameter("@RetVal", adInteger, adParamReturnValue, 4) .Parameters.Append .CreateParameter("@Level", adInteger, adParamInput, 4, Level) End With Set rsItems = Server.CreateObject("ADODB.Recordset") With rsItems .CursorLocation = adUseClient .CursorType = adOpenStatic .LockType = adLockBatchOptimistic Set .Source = cmd .Open Set .ActiveConnection = Nothing End With If NOT rsItems.BOF AND NOT rsItems.EOF Then OutputXMLQueryResults rsItems,"items" End If Set rsItems = Nothing Set cmd = Nothing Call CloseConn Sub OpenConn() strConn = "Provider=SQLOLEDB;Data Source=[hidden];User Id=[hidden];Password=[hidden];Initial Catalog=[hidden];" Set dbc = Server.CreateObject("ADODB.Connection") dbc.open strConn End Sub Sub CloseConn() If IsObject(dbc) Then If dbc.State = adStateOpen Then dbc.Close End If Set dbc = Nothing End If End Sub Sub OutputXMLQueryResults(RS,RootElementName) Response.Clear Response.ContentType = "text/xml" Response.Codepage = 65001 Response.Charset = "utf-8" Response.Write "" Response.Write "" While Not RS.EOF Response.Write RS(0).Value RS.MoveNext WEnd Response.Write "" Response.End End Sub Present: All was working great, until my host upgraded to Windows Server 2008 and SQL Server 2008. All of the sudden I was getting results like this: From Browser: From View Source: However, I found that if I use a DSN connection strConn = "DSN=[my DSN Name];User Id=[hidden];Password=[hidden];Initial Catalog=[hidden];" it works perfectly fine! My current host is not going to support DSN any longer, but that's out of scope for this issue. Someone told me to use an ADO.Stream object instead of a Recordset object, but I'm unsure how to implement that. Question: Has anyone run into this and found a way to fix it? What about that ADO.Stream object, can someone help me with a sample that would fit my code?

    Read the article

  • Learning AES: the KeyBytes

    - by Tom Brito
    I got the following example from here: import java.security.Security; import javax.crypto.Cipher; import javax.crypto.spec.SecretKeySpec; public class MainClass { public static void main(String[] args) throws Exception { Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); byte[] input = "www.java2s.com".getBytes(); byte[] keyBytes = new byte[] { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17 }; SecretKeySpec key = new SecretKeySpec(keyBytes, "AES"); Cipher cipher = Cipher.getInstance("AES/ECB/PKCS7Padding", "BC"); System.out.println(new String(input)); // encryption pass cipher.init(Cipher.ENCRYPT_MODE, key); byte[] cipherText = new byte[cipher.getOutputSize(input.length)]; int ctLength = cipher.update(input, 0, input.length, cipherText, 0); ctLength += cipher.doFinal(cipherText, ctLength); System.out.println(new String(cipherText)); System.out.println(ctLength); // decryption pass cipher.init(Cipher.DECRYPT_MODE, key); byte[] plainText = new byte[cipher.getOutputSize(ctLength)]; int ptLength = cipher.update(cipherText, 0, ctLength, plainText, 0); ptLength += cipher.doFinal(plainText, ptLength); System.out.println(new String(plainText)); System.out.println(ptLength); } } I imagine that the byte[] keyBytes should be random generated, so I gone to test the max size before do it. When adding one more byte 0x18 to the array, the exception raised: InvalidKeyException: Key length not 128/192/256 bits. But the original 18 bytes (from 0 to 17) are not multiple of nither 128, 192 or 256. I would like to understand the math here.. can anyone explain me? Thanks!

    Read the article

  • Insert date to database

    - by simon
    I'm trying to insert the current date to the database and i allways get the massage(when i pres the button on the form to save to my access database), that the data type is incorect in the conditional expression. the code: string conString = "Provider=Microsoft.Jet.OLEDB.4.0;" + "Data Source=C:\Users\Simon\Desktop\save.mdb"; OleDbConnection empConnection = new OleDbConnection(conString); string insertStatement = "INSERT INTO obroki_save " + "([ID_uporabnika],[datum],[ID_zivila],[skupaj_kalorij]) " + "VALUES (@ID_uporabnika,@datum,@ID_zivila,@skupaj_kalorij)"; OleDbCommand insertCommand = new OleDbCommand(insertStatement, empConnection); insertCommand.Parameters.Add("@ID_uporabnika", OleDbType.Char).Value = users.iDTextBox.Text; insertCommand.Parameters.Add("@datum", OleDbType.Char).Value = DateTime.Now; insertCommand.Parameters.Add("@ID_zivila", OleDbType.Char).Value = iDTextBox.Text; insertCommand.Parameters.Add("@skupaj_kalorij", OleDbType.Char).Value = textBox1.Text; empConnection.Open(); try { int count = insertCommand.ExecuteNonQuery(); } catch (OleDbException ex) { MessageBox.Show(ex.Message); } finally { empConnection.Close(); textBox1.Clear(); textBox2.Clear(); textBox3.Clear(); textBox4.Clear(); textBox5.Clear(); } i tried to change the oleDbType.char to oleDbType.Dbdate and others but it doesnt work. I can save other stuff with that code but im stuck here when i wan't to save the date. Please help !

    Read the article

  • Ruby send mail with smtp

    - by songdogtech
    I'm trying to send simple email via Ruby (no rails) on OS X, with XCode (which installs Ruby.) But I'm running into a problem with my smtp server which requires the email client to check mail before sending as a form of authentication. So with the script below I get an error: 500 Unrecognized command (Net::SMTPAuthenticationError). How can I get Ruby to authenticate with the smtp server in a "POP" fashion before I can send mail? Not download mail; I only want to send, but I have to check mail before I send. POP3 is not available at the smtp server. And I want to not have to install any other Ruby pieces and stay with using net/smtp, if at all possible. require 'net/smtp' message = <<MESSAGE_END From: A Test Sender <[email protected]> To: A Test User <[email protected]> Subject: e-mail test This is a test e-mail message. MESSAGE_END Net::SMTP.start('mail.domain.com', 25, 'localhost', '[email protected]', 'password', :plain)

    Read the article

  • how to read image uri in to byte conversion in android image upload in sdcard

    - by satyamurthy
    public void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.main); Button b1 = (Button) findViewById(R.id.Button01); b1.setOnClickListener(new View.OnClickListener() { public void onClick(View v) { // TODO Auto-generated method stub startActivityForResult(new Intent(Intent.ACTION_PICK,android.provider.MediaStore.Images.Media.INTERNAL_CONTENT_URI), 1); } }); } public void onActivityResult(int requestCode,int resultCode,Intent data) { super.onActivityResult(requestCode, resultCode, data); if (resultCode == Activity.RESULT_OK) { Uri selectedImage = data.getData(); Cursor cur = PhotoImage.this.managedQuery(selectedImage, null, null, null, null); if(cur.moveToFirst()) { File Img = new File(selectedImage+inFileType); try { FileInputStream fis = new FileInputStream(Img); Bitmap bi = BitmapFactory.decodeStream(fis); ByteArrayOutputStream baos = new ByteArrayOutputStream(); bi.compress(Bitmap.CompressFormat.JPEG, 100, baos); byte[] data1 = baos.toByteArray(); for (int i = 0; i < data1.length; i++) { System.out.print(""+data1[i]); } } catch (FileNotFoundException e) { // TODO Auto-generated catch block e.printStackTrace(); } } } } } this code not i am implementing file not found error please help some suggition

    Read the article

  • How do you create a non-Thread-based Guice custom Scope?

    - by Russ
    It seems that all Guice's out-of-the-box Scope implementations are inherently Thread-based (or ignore Threads entirely): Scopes.SINGLETON and Scopes.NO_SCOPE ignore Threads and are the edge cases: global scope and no scope. ServletScopes.REQUEST and ServletScopes.SESSION ultimately depend on retrieving scoped objects from a ThreadLocal<Context>. The retrieved Context holds a reference to the HttpServletRequest that holds a reference to the scoped objects stored as named attributes (where name is derived from com.google.inject.Key). Class SimpleScope from the custom scope Guice wiki also provides a per-Thread implementation using a ThreadLocal<Map<Key<?>, Object>> member variable. With that preamble, my question is this: how does one go about creating a non-Thread-based Scope? It seems that something that I can use to look up a Map<Key<?>, Object> is missing, as the only things passed in to Scope.scope() are a Key<T> and a Provider<T>. Thanks in advance for your time.

    Read the article

  • Raw FTP SSL with C#

    - by Chuck
    Hi, I'm trying to understand how SSL works. In my wish to make a small FTP client which supports SSL I've run into some problems: TcpClient FtpConnection = new TcpClient(FtpServer, FtpPort); NetworkStream FtpStream = FtpConnection.GetStream(); StreamReader FtpReader = new StreamReader(FtpStream); FtpWriter = new StreamWriter(IrcStream); send_cmd("AUTH SSL"); send_cmd is just a FtpWriter.WriteLine(text); FtpWriter.Flush(); function. My "problem" is this: First I need to make a (non-ssl) connection to the FTP, then tell it to do a ssl connection (AUTH SSL), and I would guess I then need to make a new connection - something like: TcpClient client = new TcpClient(FtpServer, FtpPort); SslStream sslStream = new SslStream(client.GetStream(), false, new RemoteCertificateValidationCallback(ValidateServerCertificate), null); try { sslStream.AuthenticateAsClient("foobar"); } catch (AuthenticationException e) { MessageBox.Show("Authentication failed - closing the connection."); client.Close(); return; } Taken from msdn. I keep dying on handshake failed due to unexpected packet format (which I've tried googling, but all say it's because the author has connected to a wrong port), which I take as: The connection is not ssl until AUTH SSL is send to it. So my question is, how would i go about making this a "hybrid" connection so I can make an SSL connection to the server? Any help is greatly appreciated!

    Read the article

  • IIS6 configuration for WCF/Silverlight

    - by Grayson Mitchell
    I am trying the simple senario of running a WCF service to return Active directory information on a user. (http://rouslan.com/2009/03/20-steps-to-get-together-windows-authentication-silverlight-and-wcf-service/) using Silverlight 4 & .net 4 However, I am being driven insane by trying to set this up in IIS. Currently I have my solution working in VS, but when I try to run the service in ISS a debug window tries to open... (and I can't get rid of it, is is complaining about the WCF call). <basicHttpBinding> <binding name="winAuthBasicHttpBinding"> <security mode="TransportCredentialOnly"> <transport clientCredentialType="Ntlm"/> </security> </binding> </basicHttpBinding> The Insanity: I have got the IIS to successfully call a WCF service (but can't reproduce), I have created 5 projects to try and get this working, but in my 5th I can't even browse the site (says it can't download silverlight application, but mime type are setup). My next step is to install Server2008 on a test machine and try IIS7... as all the various walkthrough's I have found just dont seem to work in IIS6.

    Read the article

  • Ideal Multi-Developer Lamp Stack?

    - by devians
    I would like to build an 'ideal' lamp development stack. Dual Server (Virtualised, ESX) Apache / PHP on one, Databases (MySQL, PgSQL, etc) on the other. User (Developer) Manageable mini environments, or instance. Each developer instance shares the top level config (available modules and default config etc) A developer should have control over their apache and php version for each project. A developer might be able to change minor settings, ie magicquotes on for legacy code. Each project would determine its database provider in its code The idea is that it is one administrate-able server that I can control, and provide globally configured things like APC, Memcached, XDebug etc. Then by moving into subsets for each project, i can allow my users to quickly control their environments for various projects. Essentially I'm proposing the typical system of a developer running their own stack on their own machine, but centralised. In this way I'd hope to avoid problems like Cross OS code problems, database inconsistencies, slightly different installs producing bugs etc. I'm happy to manage this in custom builds from source, but if at all possible it would be great to have a large portion of it managed with some sort of package management. We typically use CentOS, so yum? Has anyone ever built anything like this before? Is there something turnkey that is similar to what I have described? Are there any useful guides I should be reading in order to build something like this?

    Read the article

  • Prerequisites for Account management via an IPhone App?

    - by Icky
    Hello. I have been reading a couple of threads for this topic on this site. I want to create an App, which communicates with a server and has the following features: the User can create/manage an account on the server the App communicates with the server via a secure connection the User is updated about important news through messages From what I understood so far, I need to take care of the following: establish a secure connection with the server send account information(user data, password) to the server and authenticate the client side management and encryption of account data/information is handled by the server, so the App only sends data, the server stores/encrypts (no need for me to take care of anything) So far, I think, I have covered the most important features. I have read, that NSURLConnection can be used, to send the authentication data. But how is further communication ensured? And how is the encryption managed? Are there any useful tutorials on this, because this is the first time I delve into this topic, and any guidance is greatly appreciated! Also, if I have missed anything important (e.g. with managing accounts) please tell me.

    Read the article

  • How does Subsonic handle connections?

    - by Quintin Par
    In Nhibernate you start a session by creating it during a BeginRequest and close at EndRequest public class Global: System.Web.HttpApplication { public static ISessionFactory SessionFactory = CreateSessionFactory(); protected static ISessionFactory CreateSessionFactory() { return new Configuration() .Configure(Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "hibernate.cfg.xml")) .BuildSessionFactory(); } public static ISession CurrentSession { get{ return (ISession)HttpContext.Current.Items["current.session"]; } set { HttpContext.Current.Items["current.session"] = value; } } protected void Global() { BeginRequest += delegate { CurrentSession = SessionFactory.OpenSession(); }; EndRequest += delegate { if(CurrentSession != null) CurrentSession.Dispose(); }; } } What’s the equivalent in Subsonic? The way I understand, Nhibernate will close all the connections at endrequest. Reason: While trouble shooting some legacy code in a Subsonic project I get a lot of MySQL timeouts,suggesting that the code is not closing the connections MySql.Data.MySqlClient.MySqlException: error connecting: Timeout expired. The timeout period elapsed prior to obtaining a connection from the pool. This may have occurred because all pooled connections were in use and max pool size was reached. Generated: Tue, 11 Aug 2009 05:26:05 GMT System.Web.HttpUnhandledException: Exception of type 'System.Web.HttpUnhandledException' was thrown. --- MySql.Data.MySqlClient.MySqlException: error connecting: Timeout expired. The timeout period elapsed prior to obtaining a connection from the pool. This may have occurred because all pooled connections were in use and max pool size was reached. at MySql.Data.MySqlClient.MySqlPool.GetConnection() at MySql.Data.MySqlClient.MySqlConnection.Open() at SubSonic.MySqlDataProvider.CreateConnection(String newConnectionString) at SubSonic.MySqlDataProvider.CreateConnection() at SubSonic.AutomaticConnectionScope..ctor(DataProvider provider) at SubSonic.MySqlDataProvider.GetReader(QueryCommand qry) at SubSonic.DataService.GetReader(QueryCommand cmd) at SubSonic.ReadOnlyRecord`1.LoadByParam(String columnName, Object paramValue) My connection string is as follows <connectionStrings> <add name="xx" connectionString="Data Source=xx.net; Port=3306; Database=db; UID=dbuid; PWD=xx;Pooling=true;Max Pool Size=12;Min Pool Size=2;Connection Lifetime=60" /> </connectionStrings>

    Read the article

  • VMWare steals IP addresses [closed]

    - by Ishan Amin
    I'm having a peculiar problem, that I think I have narrowed down to VMware. For the past one year, every once in a while we lose internet connection and not all users (about 10 users) go down at the same time, its usually one-by-one. First someone will call me and say "Internet is down" and then we would go reset the router and modem and switch and it would be working again for a while, then go down again without any pattern or replicatable sequence. We'd go repeat the steps again to get everyone in the office running again. We called our Internet Service Provider and they constantly say, We see your modem and we see your router and from thier end everything is OK. we replaced our router and switch and modem, twice! Last friday, it dawned upon me, that everytime we turn on a VMware machine, this sequence of taking everyone down starts, which also explains the message that my users get for "IP Conflict Found" So we do alot of VMware testing and lo and behold, it takes my Internet down. My Yahoo and Gtalk would continue working but www is down when the VMware machines are started. I do use bridged networking to all the VMware machines, but I dont know what else to set it at. now, sorry for this long rambling but anyone have any clue on how to stop this? thanks IA

    Read the article

  • perl issuing os command with defined variables

    - by Vinnie Biros
    I am adding functionality into my scripts so that they can use kerberos authentication to run automatically and use secure protocols when executing. I have my functionality working for shell scripts that do exactly what i want, however i am having issues porting it to perl to work within my perl scripts as i am new to perl. Here is my working shell code and trying to get the same functionality in perl: #!/bin/sh ticketFileName=`basename $0-$$` #set filename variable to name of script plus the PID krb5CacheLocation=/tmp/$ticketFileName #set ticket cache location to /tmp + script name /usr/share/centrifydc/kerberos/bin/kinit -c $krb5CacheLocation -kt /root/.ssh/someaccount.keytab someaccount #get TGT and specifiy ticket cache location on kinit export KRB5CCNAME=$krb5CacheLocation #set the KRB5CCNAME variable to tell ssh where to look What i have attempted in perl: #!/usr/bin/perl my $ticketFileName = `basename $0-$$`; my $krb5CacheLocation = '/tmp/'.$ticketFileName; `export KRB5CCNAME=$krb5CacheLocation`; `/usr/share/centrifydc/kerberos/bin/kinit -c $krb5CacheLocation -kt /root/.ssh/unixmap0000.keytab unixmap0000`; Seems it is not liking the passed variable that i am referencing in the OS command. Anyone have any ideas or suggestions?

    Read the article

  • WCF Certificates without Certificate Store

    - by Kane
    My team is developing a number of WPF plug-ins for a 3rd party thick client application. The WPF plug-ins use WCF to consume web services published by a number of TIBCO services. The thick client application maintains a separate central data store and uses a proprietary API to access the data store. The thick client and WPF plug-ins are due to be deployed onto 10,000 workstations. Our customer wants to keep the certificate used by the thick client in the central data store so that they don't need to worry about re-issuing the certificate (current re-issue cycle takes about 3 months) and also have the opportunity to authorise the use of the certificate. The proposed architecture offers a form of shared secret / authentication between the central data store and the TIBCO services. Whilst I don’t necessarily agree with the proposed architecture our team is not able to change it and must work with what’s been provided. Basically our client wants us to build into our WPF plug-ins a mechanism which retrieves the certificate from the central data store (which will be allowed or denied based on roles in that data store) into memory then use the certificate for creating the SSL connection to the TIBCO services. No use of the local machine's certificate store is allowed and the in memory version is to be discarded at the end of each session. So the question is does anyone know if it is possible to pass an in-memory certificate to a WCF (.NET 3.5) service for SSL transport level encryption? Note: I had asked a similar question (here) but have since deleted it and re-asked it with more information.

    Read the article

  • Processing a log to fix a malformed IP address ?.?.?.x

    - by skymook
    I would like to replace the first character 'x' with the number '7' on every line of a log file using a shell script. Example of the log file: 216.129.119.x [01/Mar/2010:00:25:20 +0100] "GET /etc/.... 74.131.77.x [01/Mar/2010:00:25:37 +0100] "GET /etc/.... 222.168.17.x [01/Mar/2010:00:27:10 +0100] "GET /etc/.... My humble beginnings... #!/bin/bash echo Starting script... cd /Users/me/logs/ gzip -d /Users/me/logs/access.log.gz echo Files unzipped... echo I'm totally lost here to process the log file and save it back to hd... exit 0 Why is the log file IP malformed like this? My web provider (1and1) has decide not to store IP address, so they have replaced the last number with the character 'x'. They told me it was a new requirement by 'law'. I personally think that is bs, but that would take us off topic. I want to process these log files with AWstats, so I need an IP address that is not malformed. I want to replace the x with a 7, like so: 216.129.119.7 [01/Mar/2010:00:25:20 +0100] "GET /etc/.... 74.131.77.7 [01/Mar/2010:00:25:37 +0100] "GET /etc/.... 222.168.17.7 [01/Mar/2010:00:27:10 +0100] "GET /etc/.... Not perfect I know, but least I can process the files, and I can still gain a lot of useful information like country, number of visitors, etc. The log files are 200MB each, so I thought that a shell script is the way to go because I can do that rapidly on my Macbook Pro locally. Unfortunately, I know very little about shell scripting, and my javascript skills are not going to cut it this time. I appreciate your help.

    Read the article

  • Access SSAS cube from across domains without direct database connection

    - by SuperKing
    Hello, I'm working with SQL Server Analysis Services for the first time and have the dilemma of working on a project in which users must be able to access SSAS Cubes (via a custom web dashboard) that live across different servers and domains, but without having access to the other server's SSAS database connection strings. So Organization A and Organization B will have their own cubes on their own servers, but Organization A users must be able to view Organization B's cubes, and Organization B users must be able to view Organization A's cubes, but neither organization should have access to the connection string. I've read about allowing HTTP access to the SSAS server and cube from the link below, but that requires setting up users for authentication or allowing anonymous access to one organization's server for users of another organization, and I'm not sure this would be acceptable for this situation, or if this is the preferred way to do this. Is performance acceptable here? http://technet.microsoft.com/en-us/library/cc917711.aspx I also wonder if perhaps it makes sense to run a nightly/weekly process that accesses the other organization's SSAS database via a web service or something, and pull that data into a database on the organization's server, and then rebuild the cube. Then that cube would be queried without having to go and connect to the other organization server when viewing the cube. Has anyone else attempted to accomplish something similar? Is HTTP access the standard way to go for this? Or any other possible options? Thanks, and please let me know if you need more info, still unclear on how some of this works.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 329 330 331 332 333 334 335 336 337 338 339 340  | Next Page >