Search Results

Search found 17257 results on 691 pages for 'mixed mode authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 4/691 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • Accessing a web service and a HTTP interface using certificate authentication

    - by ADC
    It is the first time I have to use certificate authentication. A commercial partner expose two services, a XML Web Service and a HTTP service. I have to access both of them with .NET clients. What I have tried 0. Setting up the environment I have installed the SSLCACertificates (on root and two intermediate) and the client certificate in my local machine (win 7 professional) using certmgr.exe. 1. For the web service I have the client certificate (der). The service will be consumed via a .NET proxy. Here's the code: OrderWSService proxy = new OrderWSService(); string CertFile = "ClientCert_DER.cer"; proxy.ClientCertificates.Add(new System.Security.Cryptography.X509Certificates.X509Certificate(CertFile)); orderTrackingTO ot = new orderTrackingTO() { order_id = "80", tracking_id = "82", status = stateOrderType.IN_PREPARATION }; resultResponseTO res = proxy.insertOrderTracking(ot); Exception reported at last statement: The request failed with an empty response. 2. For the HTTP interface it is a HTTPS interface I have to call through POST method. The HTTPS request will be send from a .NET client using HTTPWebRequest. Here's the code: string PostData = "MyPostData"; //setting the request HttpWebRequest req; req = (HttpWebRequest)HttpWebRequest.Create(url); req.UserAgent = "MyUserAgent"; req.Method = "POST"; req.ContentType = "application/x-www-form-urlencoded"; req.ClientCertificates.Add(new System.Security.Cryptography.X509Certificates.X509Certificate(CertFile, "MyPassword")); //setting the request content byte[] byteArray = Encoding.UTF8.GetBytes(PostData); Stream dataStream = req.GetRequestStream(); dataStream.Write(byteArray, 0, byteArray.Length); dataStream.Close(); //obtaining the response WebResponse res = req.GetResponse(); r = new StreamReader(res.GetResponseStream()); Exception reported at last statement: The request was aborted: Could not create SSL/TLS secure channel. 3. Last try: using the browser In Chrome, after installing the certificates, if I try to access both urls I get a 107 error: Error 107 (net::ERR_SSL_PROTOCOL_ERROR) I am stuck.

    Read the article

  • How do you handle authentication across domains?

    - by William Ratcliff
    I'm trying to save users of our services from having to have multiple accounts/passwords. I'm in a large organization and there's one group that handles part of user authentication for users who are from outside the facility (primarily for administrative functions). They store a secure cookie to establish a session and communicate only via HTTPS via the browser. Sessions expire either through: 1) explicit logout of the user 2) Inactivity 3) Browser closes My team is trying to write a web application to help users analyze data that they've taken (or are currently taking) while at our facility. We need to determine if a user is 1) authenticated 2) Some identifier for that user so we can store state for them (what analysis they are working on, etc.) So, the problem is how do you authenticate across domains (the authentication server for the other application lives in a border region between public and private--we will live in the public region). We have come up with some scenarios and I'd like advice about what is best practice, or if there is one we haven't considered. Let's start with the case where the user is authenticated with the authentication server. 1) The authentication server leaves a public cookie in the browser with their primary key for a user. If this is deemed sensitive, they encrypt it on their server and we have the key to decrypt it on our server. When the user visits our site, we check for this public cookie. We extract the user_id and use a public api for the authentication server to request if the user is logged in. If they are, they send us a response with: response={ userid :we can then map this to our own user ids. If necessary, we can request additional information such as email-address/display name once (to notify them if long running jobs are done, or to share results with other people, like with google_docs). account_is_active:Make sure that the account is still valid session_is_active: Is their session still active? If we query this for a valid user, this will have a side effect that we will reset the last_time_session_activated value and thus prolong their session with the authentication server last_time_session_activated: let us know how much time they have left ip_address_session_started_from:make sure the person at our site is coming from the same ip as they started the session at } Given this response, we either accept them as authenticated and move on with our app, or redirect them to the login page for the authentication server (question: if we give an encrypted portion of the response (signed by us) with the page to redirect them to, do we open any gaping security holes in the authentication server)? The flaw that we've found with this is that if the user visits evilsite.com and they look at the session cookie and send a query to the public api of the authentication server, they can keep the session alive and if our original user leaves the machine without logging out, then the next user will be able to access their session (this was possible before, but having the session alive eternally makes this worse). 2) The authentication server redirects all requests made to our domain to us and we send responses back through them to the user. Essentially, they act as a proxy. The advantage of this is that we can handshake with the authentication server, so it's safe to be trusted with the email address/name of the user and they don't have to reenter it So, if the user tries to go to: authentication_site/mysite_page1 they are redirected to mysite. Which would you choose, or is there a better way? The goal is to minimize the "Yet Another Password/Yet another username" problem... Thanks!!!!

    Read the article

  • Spring MVC 3.1 How to access HttpSession in Custom Authentication Provider (which implements AuthenticationProvider)

    - by user1506231
    My application calls a web service during the Authentication process (as shown in code below). How can I save some information in HttpSession during this process? This information like customer-account-number will be used in various other places in the application after the user is logged in. Is it possible to pass HttpSession parameter to the MyServiceManager's static login method? public class MyAuthenticationManager implements AuthenticationProvider { @Override public boolean supports(Class<? extends Object> authentication) { return authentication.equals(UsernamePasswordAuthenticationToken.class); } @Override public Authentication authenticate(Authentication authentication) { //MyServiceManager.login - makes a call to web service if(MyServiceManager.login(authentication.getName(), authentication.getCredentials().toString(), XXX_HTTP_SESSION_XXX)) { List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority> (); authorities.add(new GrantedAuthorityImpl("ROLE_USER")); authorities.add(new GrantedAuthorityImpl("ROLE_SUPERVISOR")); return new UsernamePasswordAuthenticationToken(authentication.getName(), authentication.getCredentials(),authorities); } else { return null; } } }

    Read the article

  • Dual boot Ubuntu and Windows 7, I Can only boot ubuntu through recovery mode

    - by Alec
    I want to become a new user of Ubuntu, however this problem is preventing me. I have/had Window 7 professional on my computer. I recently looked into getting linux. I discovered dual-booting and decided to give it a try. First I created a bootable flash drive with ubuntu 12.10 64 bit. I then followed the instructions on: https://help.ubuntu.com/community/WindowsDualBoot after I finished going through the setup, my computer rebooted. After the reboot I was able to select Ubuntu, advanced options for Ubuntu, 2 memory tests, and windows 7 (loader). So I chose Windows ( honestly i was more concerned that i still had everything on windows at this point). I then rebooted again and selected Ubuntu. When i selected Ubuntu, the background screen of Grub (the crimson/burgandy color) stayed for a few seconds then the screen went black: video here http://www.youtube.com/watch?v=6kKcG4sT7Lg&feature=plcp I tried again with the same results. so i redid the ubuntu install differently using http://www.liberiangeek.net/2012/10/dual-booting-windows-7-and-ubuntu-12-10-quantal-quetzal/. After rebooting the same thing happened. After that i was stumped, so i figured it could hurt to experiment. after all i backed up my windows 7 stuff, and i have the software disk. I tried booting in recovery mode under "advanced options for Ubuntu" and sure enough, after selecting continue to normal reboot it worked. So i updated and everything but when i rebooted it still wouldn't boot under Ubuntu. It would always boot after recovery mode. So i try installing 12.10 32 bit Ubuntu. the same problem keeps happening. I can still get to Ubuntu through recovery mode. so i went online and tried using the terminal (in ubuntu that i booted through recovery mode) when i was using it i discovered that "Error in sitecustomize; set PYTHONVERBOSE for traceback: EOFError: EOF read where not expected" kept showing up. also i noticed a notification in the top right corner that looked like a do not enter sign. it said "an error occured, please run package manager from the right-click menu or apt-get in a terminal to see what is wrong. the error message was: 'ror in sitecustomize;set PYTHONVERBOSE for traceback: EOFError: EOF read where not expected traceback (most recent called last): File "/usr/bin/lsb_release EOFError: EOF read where not expected 39;0' this usually means that your installed packages have unmet dependencies" Naturally i assumed this was what was causing my boot problems. I downloaded synaptic and updated everything and the error went away. but my boot problem was still a problem. so i go online find some things that have worked for others, like this Try to do this (in your terminal: sudo nano /etc/default/grub Look for: GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" Change it too : GRUB_CMDLINE_LINUX_DEFAULT="quiet" And update Grub: sudo update-grub This should fix stuff.) I did this and i still have the problem. sorry for the excessive explanation, please help.

    Read the article

  • NFS mount share from Linux AD authentication to Linux with NIS authentication

    - by user137862
    I have two machines: Linux with AD authentication and running NFS server Linux with NIS authentication Problem: When I try to mount any share from first machine (AD authentication) to second (NIS authentication) I always get somehing like this drwxrws---+ 13 16777260 16777222 4096 Sep 21 09:42 software In fact I can't access to this folder because on NIS machine I don't have the user with such UID/GID Question: May somebody know how resolve this problem?

    Read the article

  • su: Authentication failure

    - by user166999
    I have downloaded the Eset Nod32 Antivirus from its website, and I got a eset_nod32av_64bit_en.linux file. I have right-clicked on it, Properties - Permissions, and checked the Allow executing file as program option. Then I was able to run the program. The Installer starts and it asks for my root password. I enter it correctly, but then I get the following error message: "su: Authentication failure". What can I do with this to install the Nod32? Thanks!

    Read the article

  • Sequence for authentication on a decoupled client?

    - by A T
    Using a sequence diagram and example code could you explain to me how authentication works when the client is completely separated from the server? I.e.: you haven't generated any of the client using a server-side template engine, rather you are communicating using REST (SOAP xor HTTP) xor RPC (XML xor JSON) with javascript on the client-side. Specifically I would like to know the sequence of: Authenticating using basic auth (user+pass) with "my" server Authenticating using OAuth2, e.g.: with Facebook, with facebook's server then whatever extra steps are needed for "my" server And how it could be implemented. (feel free to use psuedo-code [like below] or [preferably] prototyped simply using BackboneJS, AngularJS, EmberJS, BatmanJS, AgilityJS, SammyJS xor ActiveJS. if cookie.status in [Expired, Tampered, Wrong IP, Invalid, Not Found]: try auth(user,pass): if user is in my db: try authenticate(user,pass) if successful: login user # give session-cookie here? else: present user with "auth failed" msg else if user not in db: redirect to "edit-profile" page PS: I have written an example (editable) auth sequence diagram; based on facebooks' documentation.

    Read the article

  • At Symbol not working for apt get proxy authentication Ubuntu 11.10

    - by Shivhari
    I Have tried two things in three places to see if it works please do help me out. Two methords: 1) replacing @ with %40 2) replacing @ with \@ Three places: 1) export with the .bashrc file 2) editing /etc/apt/apt.conf and setting acquires there 3) using gconf editor and setting the values in /system/http_proxy and setting authentication name and password and checking the use_authentication checkbox. still there is no success and i still get 407 error when trying wget or apt-get update. please do help me, been stuck with this for three hours now. also, i read somewhere that creating a file in /etc/apt/apt.conf.d and then creating a 01proxy file with acquire might work. I tried that also, but it doesnt work. Please help.

    Read the article

  • Password Authentication Problems

    - by Bobby Hathorn
    I am new to Ubuntu, am extremely delighted with the performance and speed, as compared to Windows 7-However, I messed up, I think...when I booted my USB disc, I set a password, as directed, and when Ubuntu booted up I tried to reset my password via User Accounts to "None". Now, the Password Authentication window prevents me from downloading software, (Audacity and my Ubuntu updates. Also, I've tried to boot into GRUB and the Recovery Console, as directed; however, the PC bypasses GRUB and boots into Ubuntu instead. Also, when attempting to use the terminal as directed to change the password, I'm given a password prompt there also. If the problem is on my end, could you email/reset my password? My PC is an emachines EL1358G. I am otherwise happy with Ubuntu!

    Read the article

  • SQL Server 2005 Express: upgrading to SP3 in mixed-mode installations

    - by Jeroen Pluimers
    I'm having trouble upgrading SQL Server 2005 Express SP1 to SP3. The SP1 install uses mixed mode authentication (so there is an sa password). This is the message I get: TITLE: Microsoft SQL Server Setup ------------------------------ None of the selected features can be installed or upgraded. Setup cannot proceed since no effective change is being made to the machine. To continue, click Back and then select features to install. To exit SQL Server Setup, click Cancel. For help, click: http://go.microsoft.com/fwlink?LinkID=20476&ProdName=Microsoft+SQL+Server&ProdVer=9.00.4035.00&EvtSrc=setup.rll&EvtID=SQLSetup90&EvtType=28108 ------------------------------ BUTTONS: OK ------------------------------ The link then tells me To continue you must provide a strong sa password. I tried some searching, and found something about BPAClient.dll, but this batch-file does not fix it: mkdir "%ProgramFiles%\Microsoft SQL Server\90\Setup Bootstrap\BPA\BPAClient" copy "%ProgramFiles%\Microsoft SQL Server\90\Setup Bootstrap\BPA\bin\BPAClient.dll" "%ProgramFiles%\Microsoft SQL Server\90\Setup Bootstrap\BPA\BPAClient\" So I think the clue is the strong in the link above. Am I on the right track? Where do I find more information on the strongness of an sa password? --jeroen (who will adjust the question when he has dug further)

    Read the article

  • Can't Enter Password in Recovery Mode

    - by Mike Lentini
    When I go into recovery mode to get to the command line, I enter "telinit 3" to drop out of root. This works on my desktop, but on my laptop it asks for my username and password, then I hit enter and the first letter of my password appears and it doesn't log me in. It then proceeds to ask me for my username and password again, and the issue continues. Am I doing something wrong? Is this a known issue with a solution? EDIT: Worked around this by going into /etc/default/grub and setting it to boot in text mode. Still would like a solution for this though.

    Read the article

  • GUI Application Resolution from Text Mode OS

    - by brettw
    I'm trying to turn a computer into a Linux thin client via Ubuntu. I have a Dell OptiPlex 755 loaded with Ubuntu 14.04 installed and fully patched. I've configured the OS to run in text mode and automatically launch the VMWare Horizon's client, which works. The issue is that when the Horizon client launches, its resolution is only 1/4 of the screen. I've played with the resolution settings in grub which appears to modify the text environment but not the application environment for Horizon's. Can someone point me in the right direction on how to increase the resolution for a GUI application launch from text mode so it's full screen. Thanks!

    Read the article

  • An adequate message authentication code for REST

    - by Andras Zoltan
    My REST service currently uses SCRAM authentication to issue tokens for callers and users. We have the ability to revoke caller privileges and ban IPs, as well as impose quotas to any type of request. One thing that I haven't implemented, however, is MAC for requests. As I've thought about it more, for some requests I think this is needed, because otherwise tokens can be stolen and before we identify this and deactivate the associated caller account, some damage could be done to our user accounts. In many systems the MAC is generated from the body or query string of the request, however this is difficult to implement as I'm using the ASP.Net Web API and don't want to read the body twice. Equally importantly I want to keep it simple for callers to access the service. So what I'm thinking is to have a MAC calculated on: the url, possibly minus query string the verb the request ip (potentially is a barrier on some mobile devices though) utc date and time when the client issues the request. For the last one I would have the client send that string in a request header, of course - and I can use it to decide whether the request is 'fresh' enough. My thinking is that whilst this doesn't prevent message body tampering it does prevent using a model request to use as a template for different requests later on by a malicious third party. I believe only the most aggressive man in the middle attack would be able to subvert this, and I don't think our services offer any information or ability that is valuable enough to warrant that. The services will use SSL as well, for sensitive stuff. And if I do this, then I'll be using HMAC-SHA-256 and issuing private keys for HMAC appropriately. Does this sound enough? Have I missed anything? I don't think I'm a beginner when it comes to security, but when working on it I always. am shrouded in doubt, so I appreciate having this community to call upon!

    Read the article

  • How to implement a no-login authentication system

    - by mrwooster
    I am looking to build a very loose authentication system that can track a user and link submitted data/comments to a specific user. The submissions are essentially anonymous, but a user may want to edit his submission/comment at a later date. I want the experience to be as smooth as possible so do not want to ask users to sign up for an account and then login each time. There is no point as their submissions are not in their name and to another user browsing the site, there is no way of linking a submission to a specific user (think anonymous comments on a blog post or pastie). However, the user should have the ability to edit (at least in the short term) the content they have posted. The way I imagine doing this would be to place a unique identifier in a cookie on the users machine. This would enable me to link a submission to a user, and while that cookie remained on the users machine, I would allow them to edit their content. Of course, if the cookie is lost, or the user accesses the site from a different browser, then they would not be able to edit their content, but this is not really an issue, they can always resubmit a new piece of content. Is there a better way of doing this? How can I implement this so that the user can edit their data for the longest possible amount of time.

    Read the article

  • Authentication from url in Restlet

    - by DutrowLLC
    I've been using Restlets "ChallengeResponse" mechanism to authenticate users so far. ChallengeResponse challengeResponse = getRequest().getChallengeResponse(); if( challengeResponse == null ){ throw new RuntimeException("not authenticated"); } String login = challengeResponse.getIdentifier(); String password = new String(challengeResponse.getSecret()); From my understanding, "ChallengeResponse" requires that the username and password are put into headers. However a client needs to put the credentials into the url like so: https://username:[email protected]/my_secure_document When I looked at what was actually sent, it looks like the password is being hashed. What is the proper way to authenticate in this fashion using Restlet?

    Read the article

  • Primary IDE Channel: Ultra DMA Mode 5 >> PIO Mode

    - by Wesley
    Hi, my netbook was having huge audio lag and just abnormally slow processing. After doing some searching on the internet, I found out that I needed to uninstall/reinstall the Primary IDE Channel found under the IDE controller section in the Device Manager. I would then set the Transfer Mode to DMA if available and everything would be great. For a period of time, I would see that "Ultra DMA Mode 5" was the current transfer mode, but every so often, it'd revert back to "PIO Mode", which is when it's really laggy. What can I do to prevent the Primary IDE Channel to revert from Ultra DMA Mode to PIO Mode? Also, my netbook has BSODed a few times when it is in PIO Mode, without any real explanation. I have a Samsung N120. Specs are as follows: http://www.samsung.com/ca/consumer/office/mobile-computing/netbook/NP-N120-KA01CA/index.idx?pagetype=prd_detail&tab=spec&fullspec=F. Only difference is that I have upgraded to 2.0 GB of DDR2 RAM. EDIT: For all who are looking for an answer to this problem, click the link in Kythos's answer and look at number 6 (Re-enable DMA using the Registry Editor). This always works for me now. If on reboot, you seem to only have a black screen after XP is loading, just wait... it is still loading and will show signs of life after 2-3 minutes.

    Read the article

  • Wireless Network Found, can't connect, repeated requests for authentication

    - by Herm Holland
    After trawling through the internet, on forums, support websites, and through dozens upon dozens of answered questions on this site, I've not found a solution to what seems like a fairly regular problem... I cannot connect to a wireless network, and am continually asked for the network password. I have tried countless suggested solutions on the different locations I've already referred to. None of them have worked. Details of my experience are as follows: I have just recently installed Ubuntu 12.04.1 (32-bit). Ubuntu installed on my system seemingly fine, and I even formatted my hard drive during the process. It's as if it were a new desktop computer. During the installation I was asked to connect to a Wireless Network. I have a USB Wireless Card connected which I have used to connect desktop PC's, laptops, and a Wii to the internet from approximately the same area of the house (thus the same distance from the Wireless Router). I chose my network, entered the correct password for it (I double checked; it's definitely the right password) and proceeded with the installation. Several times before the installation was complete, I was asked to authenticate the connection, and this seemed to do nothing each time. On the repeated screens the password was already entered in the appropriate box. When Ubuntu booted up the first thing I was faced with (other than something about Language settings, or something) was another request for authentication. Again, the password was already there, so I clicked connect. It did not connect. Instead, I was once again faced with repeated requests every few minutes. I went onto my laptop, which is connected to this network, checked the details of the network, and entered them manually into my Ubuntu PC (including the IPv4 and IPv6 information) but this didn't work either, so I set it back to finding the settings automatically. Note, also, that the "Connect automatically" and "Available to all users" boxes are checked, and have been unchecked & rechecked countless times. I have also tried having my User account connect automatically, and to need a password entered at the welcome screen. Whilst I've been writing this, it has gone through a spat of connecting successfully to the network for less than a minute, before coming offline again, only to repeat the process. But it has now returned to prompting me for a password every couple of minutes. This computer has already run on the Fedora OS, and had no trouble connecting to, and maintaining a connection. I also have a laptop running Windows 7 less than a metre away from this desktop PC, which is connected and has no trouble maintaining a connection at 50%-100% strength (fluctuating). Therefore: - I know it's not the wireless card - I know it's not the PC itself - I know it's not the access point - I know it's not the location of my PC or wireless card - It is solely because of Ubuntu Everything else has worked fine, but the moment Ubuntu was introduced into the equation, it has gone completely wrong. Honestly; I prefer Ubuntu as an OS to Fedora, but if I can't solve the problem it'll be straight back to Fedora that I'll have to go. Can anyone help me at all?

    Read the article

  • ASP.NET MVC and mixed mode authentication

    - by Alan T
    Hi All I have a scenario whereby I require users to be able to authenticate against an ASP.NET MVC web application using either Windows authentication or Forms authentication. If the user is on the internal network they will use Windows authentication and if they are connecting externally they will use Forms authentication. I’ve seen quite a few people asking the question how do I configure an ASP.NET MVC web application for this, but I haven’t found a complete explanation. Please can someone provide a detailed explanation, with code examples, on how this would be done? Thanks. Alan T

    Read the article

  • Acer makes monitor go to power safe mode unless in safe mode

    - by Babyfriend
    I have an acer aspire x3200 Monitor says no input signal (go to power safe mode) I was only able to use computer in safe mode The computer was on (power safe mode) for two weeks. The monitor is ok with another desktop I tried with a different monitor, same message (monitor goes to power safe mode) Why is this happening and if it's my video card probLem will I be able to replace the video card and solve it? It's currently using GeForce 8200 The NVIDIA® GeForce® 8200 motherboard GPU provides DirectX® 10 and HD movies to everyone. System is Windows Vista™ Thanks

    Read the article

  • Kernel-mode Authentication: 401 errors when accessing site from remote machines

    - by CJM
    I have several Classic ASP sites that use Integrated Windows Authentication and Kerberos delegation. They work OK on the live servers (recently moved to a Server 2008/IIS7 servers), but do not work fully on my development PC or my development server. The IIS on both machines were configured through an IIS web deployment tool package which was exported from an old machine; the deployment didn't work perfectly, and I had to tinker a bit to get the sites working. When accessing the apps locally on either machine, they work fine; when accessing from another machine, the user is prompted by a username/password dialog, and regardless of what you enter, ultimately it results in a 401 (Unauthorised) error. I've tried comparing the configuration of these machines against similar live servers (that all work fine), and they seem generally comparable (given that none of the live servers are yet on IIS7.5 (Windows 7/Server 2008 R2). These applications run in a common application pool which uses a special domain user as it's identity - this user has similar permissions on the live and development machines. On IIS6 platforms, to enable kerberos delegation, I needed to set up some SPNs for this user, and they are still in place (even though I don't believe they are needed any longer for IIS7+ due to kernel-mode authentication), Furthermore, this account is enabled for Kerberos delegation in Active Directory, as is each machine I am dealing with. I'm considering the possibility that the deployment might have made changes/failed to make changes to the IIS configuration thus causing this problem. Perhaps a complete rebuild (minus another web deployment attempt) would solve the problem, but I'd rather fix (thus understand) the current problem. Any ideas so far? I've just had another attempt at fixing this issue, and I've made some progress, but I don't have a complete fix...yet. I've discovered that if I access the sites via IP address (than via NetBIOS name), I get the same dialog, except that it accepts my credentials and thus the application works - not quite a fix, but a useful step. More interestingly, I discovered that if I disable Kernel-mode authentication (in IIS Manager Website Authentication Advanced Settings), the applications work perfectly. My foggy understanding is that this is effectively working in the pre-IIS7 way. A reasonable short-term solution, but consider the following explicit advice from IIS on this issue: By default, IIS enables kernel-mode authentication, which may improve authentication performance and prevent authentication problems with application pools configured to use a custom identity. As a best practice, do not disable this setting if Kerberos authentication is used in your environment and the application pool is configured to use a custom identity. Clearly, this is not the way my applications should be working. So what is the issue?

    Read the article

  • Spring Security Configuration Leads to Perpetual Authentication Request

    - by Sammy
    Hello, I have configured my web application with the following config file: <beans xmlns="http://www.springframework.org/schema/beans" xmlns:security="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd"> <security:global-method-security secured-annotations="enabled" pre-post-annotations="enabled" /> <!-- Filter chain; this is referred to from the web.xml file. Each filter is defined and configured as a bean later on. --> <!-- Note: anonumousProcessingFilter removed. --> <bean id="filterChainProxy" class="org.springframework.security.web.FilterChainProxy"> <security:filter-chain-map path-type="ant"> <security:filter-chain pattern="/**" filters="securityContextPersistenceFilter, basicAuthenticationFilter, exceptionTranslationFilter, filterSecurityInterceptor" /> </security:filter-chain-map> </bean> <!-- This filter is responsible for session management, or rather the lack thereof. --> <bean id="securityContextPersistenceFilter" class="org.springframework.security.web.context.SecurityContextPersistenceFilter"> <property name="securityContextRepository"> <bean class="org.springframework.security.web.context.HttpSessionSecurityContextRepository"> <property name="allowSessionCreation" value="false" /> </bean> </property> </bean> <!-- Basic authentication filter. --> <bean id="basicAuthenticationFilter" class="org.springframework.security.web.authentication.www.BasicAuthenticationFilter"> <property name="authenticationManager" ref="authenticationManager" /> <property name="authenticationEntryPoint" ref="authenticationEntryPoint" /> </bean> <!-- Basic authentication entry point. --> <bean id="authenticationEntryPoint" class="org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint"> <property name="realmName" value="Ayudo Web Service" /> </bean> <!-- An anonymous authentication filter, which is chained after the normal authentication mechanisms and automatically adds an AnonymousAuthenticationToken to the SecurityContextHolder if there is no existing Authentication held there. --> <!-- <bean id="anonymousProcessingFilter" class="org.springframework.security.web.authentication.AnonymousProcessingFilter"> <property name="key" value="ayudo" /> <property name="userAttribute" value="anonymousUser, ROLE_ANONYMOUS" /> </bean> --> <!-- Authentication manager that chains our main authentication provider and anonymous authentication provider. --> <bean id="authenticationManager" class="org.springframework.security.authentication.ProviderManager"> <property name="providers"> <list> <ref local="daoAuthenticationProvider" /> <ref local="inMemoryAuthenticationProvider" /> <!-- <ref local="anonymousAuthenticationProvider" /> --> </list> </property> </bean> <!-- Main authentication provider; in this case, memory implementation. --> <bean id="inMemoryAuthenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider"> <property name="userDetailsService" ref="propertiesUserDetails" /> </bean> <security:user-service id="propertiesUserDetails" properties="classpath:operators.properties" /> <!-- Main authentication provider. --> <bean id="daoAuthenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider"> <property name="userDetailsService" ref="userDetailsService" /> </bean> <!-- An anonymous authentication provider which is chained into the ProviderManager so that AnonymousAuthenticationTokens are accepted. --> <!-- <bean id="anonymousAuthenticationProvider" class="org.springframework.security.authentication.AnonymousAuthenticationProvider"> <property name="key" value="ayudo" /> </bean> --> <bean id="userDetailsService" class="org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl"> <property name="dataSource" ref="dataSource" /> </bean> <bean id="exceptionTranslationFilter" class="org.springframework.security.web.access.ExceptionTranslationFilter"> <property name="authenticationEntryPoint" ref="authenticationEntryPoint" /> <property name="accessDeniedHandler"> <bean class="org.springframework.security.web.access.AccessDeniedHandlerImpl" /> </property> </bean> <bean id="filterSecurityInterceptor" class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor"> <property name="securityMetadataSource"> <security:filter-security-metadata-source use-expressions="true"> <security:intercept-url pattern="/*.html" access="permitAll" /> <security:intercept-url pattern="/version" access="permitAll" /> <security:intercept-url pattern="/users/activate" access="permitAll" /> <security:intercept-url pattern="/**" access="isAuthenticated()" /> </security:filter-security-metadata-source> </property> <property name="authenticationManager" ref="authenticationManager" /> <property name="accessDecisionManager" ref="accessDecisionManager" /> </bean> <bean id="accessDecisionManager" class="org.springframework.security.access.vote.AffirmativeBased"> <property name="decisionVoters"> <list> <bean class="org.springframework.security.access.vote.RoleVoter" /> <bean class="org.springframework.security.web.access.expression.WebExpressionVoter" /> </list> </property> </bean> As soon as I run my application on tomcat, I get a request for username/password basic authentication dialog. Even when I try to access: localhost:8080/myapp/version, which is explicitly set to permitAll, I get the authentication request dialog. Help! Thank, Sammy

    Read the article

  • How to configure basic authentication in Apache httpd virtual hosts?

    - by Jader Dias
    I'm trying to configure mercurial access using Apache http. It requires authentication. My /etc/apache2/sites-enabled/mercurial looks like this: NameVirtualHost *:8080 <VirtualHost *:8080> UseCanonicalName Off ServerAdmin webmaster@localhost AddHandler cgi-script .cgi ScriptAliasMatch ^(.*) /usr/lib/cgi-bin/hgwebdir.cgi/$1 </VirtualHost> Every tutorial I read on the internet tells me to insert these lines: AuthType Basic AuthUserFile /usr/local/etc/httpd/users But when I do it I get the following error: # /etc/init.d/apache2 reload Syntax error on line 8 of /etc/apache2/sites-enabled/mercurial: AuthType not allowed here My distro is a customized Ubuntu called Turnkey Linux Redmine

    Read the article

  • Highlighting correctly in an emacs major mode

    - by Paul Nathan
    Hi, I am developing an emacs major mode for a language (aka mydsl). However, using the techniques on xahlee's site doesn't seem to be working for some reason (possibly older emacs dialect..) The key issues I am fighting with are (1) highlighting comments is not working and (2), the use of regexp-opt lines is not working. I've reviewed the GNU manual and looked over cc-mode and elisp mode... those are significantly more complicated than I need. ;;;Standard # to newline comment ;;;Eventually should also have %% to %% multiline block comments (defun mydsl-comment-dwim (arg) "comment or uncomment" (interactive "*P") (require 'newcomment) (let ((deactivate-mark nil) (comment-start "#") (comment-end "") comment-dwim arg))) (defvar mydsl-events '("reservedword1" "reservedword2")) (defvar mydsl-keywords '("other-keyword" "another-keyword")) ;;Highlight various elements (setq mydsl-hilite '( ; stuff between " ("\"\\.\\*\\?" . font-lock-string-face) ; : , ; { } => @ $ = are all special elements (":\\|,\\|;\\|{\\|}\\|=>\\|@\\|$\\|=" . font-lock-keyword-face) ( ,(regexp-opt mydsl-keywords 'words) . font-lock-builtin-face) ( ,(regexp-opt mydsl-events 'words) . font-lock-constant-face) )) (defvar mydsl-tab-width nil "Width of a tab for MYDSL mode") (define-derived-mode mydsl-mode fundamental-mode "MYDSL mode is a major mode for editing MYDSL files" ;Recommended by manual (kill-all-local-variables) (setq mode-name "MYDSL script") (setq font-lock-defaults '((mydsl-hilite))) (if (null mydsl-tab-width) (setq tab-width mydsl-tab-width) (setq tab-width default-tab-width) ) ;Comment definitions (define-key mydsl-mode-map [remap comment-dwim] 'mydsl-comment-dwim) (modify-syntax-entry ?# "< b" mydsl-mode-syntax-table) (modify-syntax-entry ?\n "> b" mydsl-mode-syntax-table) ;;A gnu-correct program will have some sort of hook call here. ) (provide 'mydsl-mode)

    Read the article

  • Manual hunk editing in git interactive mode

    - by kRON
    In manual hunk edit mode, the docs say this: # To remove '-' lines, make them ' ' lines (context). # To remove '+' lines, delete them. # Lines starting with # will be removed. What I don't understand is how to remove '-' lines. Say if I had had this bit of code: Alfa Bejta And I've edited it in my working tree to: Alpha Beta The diff is: - Alfa - Bejta + Alpha + Beta How do I edit the hunk to only commit the modifications to the first line? I've tried these: - Alfa Bejta + Alpha - Alfa + Alpha Bejta to no avail.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >