Search Results

Search found 33677 results on 1348 pages for 'access levels'.

Page 40/1348 | < Previous Page | 36 37 38 39 40 41 42 43 44 45 46 47  | Next Page >

  • How to properly deny Railo directory access through Apache

    - by Sn3akyP3t3
    I've been battle tested on this and failed to achieve my goal which is to deny all access to all directories except the Public directory and only allow access to all all other directories with specific IP addresses. To get Railo+Apache+Tomcat installed I pretty much followed this script: https://github.com/talltroym/Railo-Ubuntu-Installer-Script then verified settings with this tutorial: http://blog.nictunney.com/2012/03/railo-tomcat-and-apache-on-amazon-ec2.html From the installation script these mods are enabled: sudo a2enmod ssl sudo a2enmod proxy sudo a2enmod proxy_http sudo a2enmod rewrite sudo a2ensite default-ssl Outside of the script I copied the sites-available to sites-enabled then reloaded Apache. I have a directory created for Railo cmfl located at /var/www/Railo/ Navigating the browser to http ://Server_IP_Address/Railo forces ssl and relocates to https ://Server_IP_Address/Railo which shows off index.cfm. Not providing index.cfm and omitting https indicates that the DirectoryIndex directive and RewriteCond of Apache appears to be working for the sites-enabled VirtualHost. The problem I'm encountering is that I cannot seem to deny access to all directories except Public. My directory structure is rather simple and looks like this: Railo error Public NotPublic Sandbox These are my sites-enabled configurations: <VirtualHost *:80> ServerAdmin webmaster@localhost DocumentRoot /var/www #Default Deny All to prevent walking backwards in file system Alias /Railo/ "/var/www/Railo/" <Directory ~ ".*/Railo/(?!Public).*"> Order Deny,Allow Deny from All </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog ${APACHE_LOG_DIR}/access.log combined Alias /doc/ "/usr/share/doc/" <Directory "/usr/share/doc/"> Options Indexes MultiViews FollowSymLinks AllowOverride None Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 </Directory> DirectoryIndex index.cfm index.cfml default.cfm default.cfml index.htm index.html index.cfc RewriteEngine on RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R] </VirtualHost> and <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerAdmin webmaster@localhost DocumentRoot /var/www Alias /Railo/ "/var/www/Railo/" <Directory ~ "/var/www/Railo/(?!Public).*"> Order Deny,Allow Deny from All </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined Alias /doc/ "/usr/share/doc/" <Directory "/usr/share/doc/"> Options Indexes MultiViews FollowSymLinks AllowOverride None Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 </Directory> # SSL Engine Switch: # Enable/Disable SSL for this virtual host. SSLEngine on # A self-signed (snakeoil) certificate can be created by installing # the ssl-cert package. See # /usr/share/doc/apache2.2-common/README.Debian.gz for more info. # If both key and certificate are stored in the same file, only the # SSLCertificateFile directive is needed. SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key # Server Certificate Chain: # Point SSLCertificateChainFile at a file containing the # concatenation of PEM encoded CA certificates which form the # certificate chain for the server certificate. Alternatively # the referenced file can be the same as SSLCertificateFile # when the CA certificates are directly appended to the server # certificate for convinience. #SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt # Certificate Authority (CA): # Set the CA certificate verification path where to find CA # certificates for client authentication or alternatively one # huge file containing all of them (file must be PEM encoded) # Note: Inside SSLCACertificatePath you need hash symlinks # to point to the certificate files. Use the provided # Makefile to update the hash symlinks after changes. #SSLCACertificatePath /etc/ssl/certs/ #SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt # Certificate Revocation Lists (CRL): # Set the CA revocation path where to find CA CRLs for client # authentication or alternatively one huge file containing all # of them (file must be PEM encoded) # Note: Inside SSLCARevocationPath you need hash symlinks # to point to the certificate files. Use the provided # Makefile to update the hash symlinks after changes. #SSLCARevocationPath /etc/apache2/ssl.crl/ #SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl # Client Authentication (Type): # Client certificate verification type and depth. Types are # none, optional, require and optional_no_ca. Depth is a # number which specifies how deeply to verify the certificate # issuer chain before deciding the certificate is not valid. #SSLVerifyClient require #SSLVerifyDepth 10 # Access Control: # With SSLRequire you can do per-directory access control based # on arbitrary complex boolean expressions containing server # variable checks and other lookup directives. The syntax is a # mixture between C and Perl. See the mod_ssl documentation # for more details. #<Location /> #SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \ # and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \ # and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \ # and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \ # and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \ # or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/ #</Location> # SSL Engine Options: # Set various options for the SSL engine. # o FakeBasicAuth: # Translate the client X.509 into a Basic Authorisation. This means that # the standard Auth/DBMAuth methods can be used for access control. The # user name is the `one line' version of the client's X.509 certificate. # Note that no password is obtained from the user. Every entry in the user # file needs this password: `xxj31ZMTZzkVA'. # o ExportCertData: # This exports two additional environment variables: SSL_CLIENT_CERT and # SSL_SERVER_CERT. These contain the PEM-encoded certificates of the # server (always existing) and the client (only existing when client # authentication is used). This can be used to import the certificates # into CGI scripts. # o StdEnvVars: # This exports the standard SSL/TLS related `SSL_*' environment variables. # Per default this exportation is switched off for performance reasons, # because the extraction step is an expensive operation and is usually # useless for serving static content. So one usually enables the # exportation for CGI and SSI requests only. # o StrictRequire: # This denies access when "SSLRequireSSL" or "SSLRequire" applied even # under a "Satisfy any" situation, i.e. when it applies access is denied # and no other module can change it. # o OptRenegotiate: # This enables optimized SSL connection renegotiation handling when SSL # directives are used in per-directory context. #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> # SSL Protocol Adjustments: # The safe and default but still SSL/TLS standard compliant shutdown # approach is that mod_ssl sends the close notify alert but doesn't wait for # the close notify alert from client. When you need a different shutdown # approach you can use one of the following variables: # o ssl-unclean-shutdown: # This forces an unclean shutdown when the connection is closed, i.e. no # SSL close notify alert is send or allowed to received. This violates # the SSL/TLS standard but is needed for some brain-dead browsers. Use # this when you receive I/O errors because of the standard approach where # mod_ssl sends the close notify alert. # o ssl-accurate-shutdown: # This forces an accurate shutdown when the connection is closed, i.e. a # SSL close notify alert is send and mod_ssl waits for the close notify # alert of the client. This is 100% SSL/TLS standard compliant, but in # practice often causes hanging connections with brain-dead browsers. Use # this only for browsers where you know that their SSL implementation # works correctly. # Notice: Most problems of broken clients are also related to the HTTP # keep-alive facility, so you usually additionally want to disable # keep-alive for those clients, too. Use variable "nokeepalive" for this. # Similarly, one has to force some clients to use HTTP/1.0 to workaround # their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and # "force-response-1.0" for this. BrowserMatch "MSIE [2-6]" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 # MSIE 7 and newer should be able to use keepalive BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown DirectoryIndex index.cfm index.cfml default.cfm default.cfml index.htm index.html #Proxy .cfm and cfc requests to Railo ProxyPassMatch ^/(.+.cf[cm])(/.*)?$ http://127.0.0.1:8888/$1 ProxyPassReverse / http://127.0.0.1:8888/ #Deny access to admin except for local clients <Location /railo-context/admin/> Order deny,allow Deny from all # Allow from <Omitted> # Allow from <Omitted> Allow from 127.0.0.1 </Location> </VirtualHost> </IfModule> The apache2.conf includes the following: # Include the virtual host configurations: Include sites-enabled/ <IfModule !mod_jk.c> LoadModule jk_module /usr/lib/apache2/modules/mod_jk.so </IfModule> <IfModule mod_jk.c> JkMount /*.cfm ajp13 JkMount /*.cfc ajp13 JkMount /*.do ajp13 JkMount /*.jsp ajp13 JkMount /*.cfchart ajp13 JkMount /*.cfm/* ajp13 JkMount /*.cfml/* ajp13 # Flex Gateway Mappings # JkMount /flex2gateway/* ajp13 # JkMount /flashservices/gateway/* ajp13 # JkMount /messagebroker/* ajp13 JkMountCopy all JkLogFile /var/log/apache2/mod_jk.log </IfModule> I believe I understand most of this except the jk_module inclusion which I've noticed has an error that shows up in the logs that I can't sort out: [warn] No JkShmFile defined in httpd.conf. Using default /etc/apache2/logs/jk-runtime-status I've checked my Regular expression against the paths of the directories with RegexBuddy just to be sure that I wasn't correct. The problem doesn't appear to be Regex related although I may have something incorrect in the Directory directive. The Location directive seems to be working correctly for blocking out Railo admin site access.

    Read the article

  • Intermittent 403 errors when using allow to limit access to url with both explicit IP and SetEnvIf

    - by rbieber
    We are running Apache 2.2.22 on a Solaris 10 environment. We have a specific URL that we want to limit access to by IP. We recently implemented a CDN and now have the added complexity that the IP's that a request are shown to be coming from are actually the CDN servers and not the ultimate end user. In the case that we need to back the CDN out, we want to handle the case where either the CDN is forwarding the request, or the ultimate client is sending the request directly. The CDN sends the end user IP address in an HTTP header (for this scenario that header is called "User-IP"). Here is the configuration that we have put in place: SetEnvIf User-IP (\d+\.\d+\.\d+\.\d+) REAL_USER_IP=$1 SetEnvIf REAL_USER_IP "(10\.1\.2\.3|192\.168\..+)" access_allowed=1 <Location /uri/> Order deny,allow Allow from 10.1.2.3 192.168. allow from env=access_allowed Deny from all </Location> This seems to work fine for a time, however at some point the web server starts serving 403 errors to the end user - so for some reason it is restricting access. The odd thing is that a bounce of the web server seems to resolve the issue, but only for a time - then the behavior comes back. It might be worthwhile to note as well that this URL is delegated to a JBoss server via mod_jk. The denial of access is, however; confirmed to be at the Apache layer and the issue only seems to happen after the server has been running for some time.

    Read the article

  • How do Oracle Forms compare to Microsoft Access as a "front-end"?

    - by webworm
    I recently started a project where I was set to build an ADP based application in Access 2003. The font end GUI was going to be in Access while all the data resided in MS SQL Server. I say "was", because the powers that be have decided that Oracle Forms might be a better choice than Access and SQL Server. The place where I am doing this work is an Oracle shop where they use Oracle 10g. They also use Oracle Forms quite a bit internally. As for me I am always up for learning anything new. I have always been a rather "eclectic" developer (I work with .NET WinForms, ASP.NET, Java, C#, Python, and Access) so I would not mind moving to Oracle Forms as long as it could do the same things as MS Access (hopefully even more as VBA is rather limited). So my question is this. How does Oracle Forms (10g) compare to MS Access for developing a GUI application? Access uses VBA for it's language, what does Oracle Forms use? I know the Forms app is a Java applet. Does that means you can write Oracle Forms using Java?

    Read the article

  • Nesting Levels in Custom Section Handlers in .NET Configuration Files

    - by Water Cooler v2
    I know I can have 1 parent element and 1 child element in my own custom app.config section like so: <sectionGroup> <section> <element /> </section> </sectionGroup> My question is, can I have one or more levels of nesting more than this? Like so: <biggestSectionGroup> <biggerSectionGroup> <sectionGroup> <section> <element /> </section> </sectionGroup> </biggerSectionGroup> </biggestSectionGroup>

    Read the article

  • Multiple levels of 'collection.defaultdict' in Python

    - by Morlock
    Thanks to some great folks on SO, I discovered the possibilities offered by collections.defaultdict, notably in readability and speed. I have put them to use with success. Now I would like to implement three levels of dictionaries, the two top ones being defaultdict and the lowest one being int. I don't find the appropriate way to do this. Here is my attempt: from collections import defaultdict d = defaultdict(defaultdict) a = [("key1", {"a1":22, "a2":33}), ("key2", {"a1":32, "a2":55}), ("key3", {"a1":43, "a2":44})] for i in a: d[i[0]] = i[1] Now this works, but the following, which is the desired behavior, doesn't: d["key4"]["a1"] + 1 I suspect that I should have declared somewhere that the second level defaultdict is of type int, but I didn't find where or how to do so. The reason I am using defaultdict in the first place is to avoid having to initialize the dictionary for each new key. Any more elegant suggestion? Thanks pythoneers!

    Read the article

  • different levels in code igniter?

    - by ajsie
    im all new to framework. so the structure of code igniter looks like: system system/application the system folder is code igniter's base folder right? so if they in the future releases a new version i just put application in the new system folder and its upgraded right? does this mean that i shouldn't put new files and so on in the system folder? cause some code could be used for other applications and i want to put them under the current application im developing, not inside the application folder. i want my application's classes to extend my base system's classes which in turn extend code igniter's base system class. so there are 3 levels. so how could i accomplish this? where to put the system level between CI and my application?

    Read the article

  • XSLT: moving a grouping html elements into section levels

    - by Jeff
    Hello there, I'm trying to write an XSLT that organizes an HTML file into different section levels depending on the header level. Here is my input: <html> <head> <title></title> </head> <body> <h1>HEADER 1 CONTENT</h1> <p>Level 1 para</p> <p>Level 1 para</p> <p>Level 1 para</p> <p>Level 1 para</p> <h2>Header 2 CONTENT</h2> <p>Level 2 para</p> <p>Level 2 para</p> <p>Level 2 para</p> <p>Level 2 para</p> </body> </html> I'm working with a fairly simple structure at the moment so this pattern will be constant for the time-being. I need an output like this... <document> <section level="1"> <header1>Header 1 CONTENT</header1> <p>Level 1 para</p> <p>Level 1 para</p> <p>Level 1 para</p> <p>Level 1 para</p> <section level="2"> <header2>Header 2 CONTENT</header2> <p>Level 2 para</p> <p>Level 2 para</p> <p>Level 2 para</p> <p>Level 2 para</p> </section> </section> </document> I had been working with this example: Stackoverflow Answer However, I cannot get it to do exactly what I need. I'm using Saxon 9 to run the xslt within Oxygen for dev. I'll be using a cmd/bat file in production. Still Saxon 9. I'd like to handle up to 4 nested section levels if possible. Any help is much appreciated! I need to append onto this as I've encountered another stipulation. I probably should have thought of this before. I'm encountering the following code sample <html> <head> <title></title> </head> <body> <p>Level 1 para</p> <p>Level 1 para</p> <p>Level 1 para</p> <p>Level 1 para</p> <h1>Header 2 CONTENT</h1> <p>Level 2 para</p> <p>Level 2 para</p> <p>Level 2 para</p> <p>Level 2 para</p> </body> </html> As you can see, the <p> is a child of <body> while in my first snippet, <p> was always a child of a header level. My desired result is the same as above except that when I encounter <p> as a child of <body>, it should be wrapped in <section level="1">. <document> <section level="1"> <p>Level 1 para</p> <p>Level 1 para</p> <p>Level 1 para</p> <p>Level 1 para</p> </section> <section level="1"> <header1>Header 2 CONTENT</header1> <p>Level 2 para</p> <p>Level 2 para</p> <p>Level 2 para</p> <p>Level 2 para</p> </section> </document>

    Read the article

  • Multiple levels of 'collection.defaultdict' in Python

    - by Morlock
    Thanks to some great folks on SO, I discovered the possibilities offered by collections.defaultdict, notably in readability and speed. I have put them to use with success. Now I would like to implement three levels of dictionaries, the two top ones being defaultdict and the lowest one being int. I don't find the appropriate way to do this. Here is my attempt: from collections import defaultdict d = defaultdict(defaultdict) a = [("key1", {"a1":22, "a2":33}), ("key2", {"a1":32, "a2":55}), ("key3", {"a1":43, "a2":44})] for i in a: d[i[0]] = i[1] Now this works, but the following, which is the desired behavior, doesn't: d["key4"]["a1"] + 1 I suspect that I should have declared somewhere that the second level defaultdict is of type int, but I didn't find where or how to do so. The reason I am using defaultdict in the first place is to avoid having to initialize the dictionary for each new key. Any more elegant suggestion? Thanks pythoneers!

    Read the article

  • Praw (Redditt API) How to retrieve replies to a comment past 10 levels deep

    - by jpreed00
    Ok, so I've written some code that, for all intents and purposes, should work: def checkComments(comments): for comment in comments: print comment.body checkComments(comment.replies) def processSub(sub): sub.replace_more_comments(limit=None, threshold=0) checkComments(sub.comments) #login and subreddit init stuff here subs = mysubreddit.get_hot(limit=50) for sub in subs: processSub(sub) However, given a submission that has 50 nested replies like so: root comment -> 1st reply -> 2nd reply -> 3rd reply ... -> 50th reply The above code only prints: root comment 1st reply 2nd reply 3rd reply 4th reply 5th reply 6th reply 7th reply 8th reply 9th reply Any idea how I can get the remaining 41 levels of replies? Or is this a praw limitation?

    Read the article

  • What is a way to access .accdb files for reading and writing?

    - by JPJedi
    I have an Microsoft Access Database (.accdb) that stores information needed in an application. Is there a way to distribute my application with the access database without having the user have access installed or get the user to go and download and install the office runtime? The windows form application that uses the access database is developed in VB.net in Visual Studio 2008.

    Read the article

  • What is New in ASP.NET 4.0 Code Access Security

    - by HosamKamel
    ASP.NET Code Access Security (CAS) is a feature that helps protect server applications on hosting multiple Web sites, ASP.NET lets you assign a configurable trust level that corresponds to a predefined set of permissions. ASP.NET has predefined ASP.NET Trust Levels and Policy Files that you can assign to applications, you also can assign custom trust level and policy files. Most web hosting companies run ASP.NET applications in Medium Trust to prevent that one website affect or harm another site etc. As .NET Framework's Code Access Security model has evolved, ASP.NET 4.0 Code Access Security also has introduced several changes and improvements.   A Full post addresses the new changes in ASP.NET 4.0 is published at Asp.Net QA Team Here http://weblogs.asp.net/asptest/archive/2010/04/23/what-is-new-in-asp-net-4-0-code-access-security.aspx

    Read the article

  • T-SQL Equivalents for Microsoft Access VBA Functions

    If you need to migrate your Access application to SQL Server, don't count on The SQL Server Upsize Wizard in Microsoft Access to automatically convert your VBA functions. If you want to push the complex query processing done by your Access queries to the back end, you'll have to rewrite them in T-SQL.

    Read the article

  • How to Access a Windows Desktop From Your Tablet or Phone

    - by Chris Hoffman
    iPads and Android tablets can’t run Windows apps locally, but they can access a Windows desktops remotely — even with a physical keyboard. In a pinch, the same tricks can be used to access a Windows desktop from a smartphone. Microsoft recently launched their own official Remote Desktop app for iOS and Android devices. Microsoft’s official apps are primarily useful for businesses — if you’re a typical home user, you’ll want to use a different remote desktop solution. Microsoft’s Remote Desktop App Microsoft now offers official Remote Desktop apps for iPad and iPhone as well as Android tablets and smartphones. The apps use Microsoft’s RDP protocol to connect to remote Windows systems. They’re essentially just new clients for the Remote Desktop feature that has been included in Windows for more than a decade. There are big problems with these apps if you’re an average home user. Microsoft’s Remote Desktop server is not available on standard or Home versions of Windows, only Professional and Enterprise editions. If you do have the appropriate edition of Windows, you’ll have to set up port-forwarding and a dynamic DNS service if you want to access your Windows desktop from outside your local network. You could also set up a VPN — either way you’ll need to do some footwork. This app is a gift to businesses who are already using Remote Desktop and enthusiasts who have the more expensive versions of Windows and don’t mind the configuration process. To set this up, follow our guide to setting up Remote Desktop for Internet access and connect using the Remote Desktop app instead of traditional Remote Desktop clients. TeamViewer If you have the standard edition of Windows or you just don’t want to mess around with port-forwarding and dynamic DNS configuration, you’ll want to skip Remote Desktop and use something else. We like TeamViewer for this. Just as it’s a great way to remotely troubleshoot your relatives’ computers, it’s also a great way to remotely access your own computer. It doesn’t have the same limitations Microsoft’s Remote Desktop system has — it’s completely free for personal use, runs on any edition of Windows, and is easy to set up. There’s no messing around with port-forwarding or dynamic DNS configuration. To get started, just download and run the TeamViewer program on your computer. You can get started with it immediately, but you’ll want to set up unattended access to connect remotely without using the codes displayed on your screen. To connect, just install the TeamViewer mobile app and log in with the details the TeamViewer window displays. TeamViewer also offers software that runs on Mac and Linux, so you can remote-control other types of computers from your tablet. Other Options Microsoft’s Remote Desktop app and TeamViewer aren’t the only options, of course. There are a variety of different apps and services built for this. Splashtop is another fairly popular remote desktop solution that some people report as being faster. Unfortunately, it’s not entirely free — the iPad and iPhone app costs $20 at regular price. To use it over the Internet, you’ll have to purchase an additional “Anywhere Access Pack.” If you’re frustrated with TeamViewer’s speed and you don’t mind spending money, you may want to try Splashtop instead. As always, you could use any VNC server along with a VNC client app. VNC is the do-it-yourself solution — it’s an open protocol. Unlike Microsoft’s RDP protocol, you can install a VNC server of your own, configure it how you like, and use any mobile VNC client app. This is more flexible because you can install a VNC server on any edition of Windows or even non-Windows operating systems, but it otherwise has all the same issues — you have to worry about port-forwarding, setting up dynamic DNS, and securing your VNC server. Keep an eye on Chrome Remote Desktop. Chrome already offers a built-in remote desktop feature that allows you to remotely control your PC from another Windows, Mac, Linux, or Chrome OS device. Google is rumored to be building an Android app for Chrome Remote Desktop, which would allow you to easily access a computer running Chrome from Android tablets. Google’s solution is much more user-friendly for average people than Microsoft’s Remote Desktop solution, which is clearly geared towards businesses. Chrome Remote Desktop just requires signing in with a Google account. Remote desktop solutions like Microsoft’s Remote Desktop app and TeamViewer are also available for Windows tablets. On Windows RT devices like the Surface RT and Surface 2, they allow you to use the full Windows desktop that’s unavailable on your tablet.     

    Read the article

  • Anonymous Access and Sharepoint Web Services

    - by Stacy Vicknair
    A month or so ago I was working on a feature for a project that required a level of anonymity on the Sharepoint site in order to function. At the same time I was also working on another feature that required access to the Sharepoint search.asmx web service. I found out, the hard way, that the Sharepoint Web Services do not operate in an expected way while the IIS site is under anonymous access. Even though these web services expect requests with certain permissions (in theory) they never attempt to request those credentials when the web service is contacted. As a result the services return a 401 Unauthorized response. The fix for my situation was to restrict anonymous access to the area that needed it (in this case the control in question had support for being used in an ASP.NET app that I could throw in a virtual directory). After that I removed anonymous access from IIS for the site itself and the QueryService requests were working once more. Here’s a related article with a bit more depth about a similar experience: http://chrisdomino.com/Blog/Post/401-Reasons-Why-SharePoint-Web-Services-Don-t-Work-Anonymously?Length=4 Technorati Tags: Sharepoint,QueryService,WSS,IIS,Anonymous Access

    Read the article

  • Google I/O 2012 - OAuth 2.0 for Identity and Data Access

    Google I/O 2012 - OAuth 2.0 for Identity and Data Access Ryan Boyd Users like to keep their data in one place on the web where it's easily accessible. Whether it's YouTube videos, Google Drive files, Google contacts or one of many other types of data, users need a way to securely grant applications access to their data. OAuth is the key web standard for delegated data access and OAuth 2.0 is the next-generation version with additional security features. This session will cover the latest advances in how OAuth can be used for data access, but will also dive into how you can lower the barrier to entry for your application by allowing users to login using their Google accounts. You will learn, through an example written in Python, how to use OAuth 2.0 to incorporate user identity into your web application. Best practices for desktop applications, mobile applications and server-to-server use cases will also be discussed. From: GoogleDevelopers Views: 11 1 ratings Time: 58:56 More in Science & Technology

    Read the article

  • Couple folders went 'access denied' in Windows. Why and how to fix?

    - by Nathaniel
    So, after a failed Windows 7 install, I put XP back on, and had a adrenaline shot when I got an access denied on a couple of my backed up folders. I already tried the instructions here at Microsoft KB, but it didn't fix it. I did add myself with full permissions on the main section of the Security tab, though, and that gave me access into the folder (I could do it in XP Home because of the Windows NT SP4 Security Configuration Manager). However, it appears some subfolders are still inaccessible. Two questions, then. Why exactly did this happen and how do I fix it?

    Read the article

  • OpenVPN - No internet access when VPN connected

    - by user10669
    I have an OpenVPN config that I use on my Windows XP box and on my Ubuntu machine. When I use it with my Windows machine, I can connect to the VPN and access sites on the VPN, and the internet as normal. When I use it on my Ubuntu box, when connected to the VPN, I can only access internal sites - No internet access at all. I'm sure there is a way to configure OpenVPN on Ubuntu to allow internet connections, but I can't figure out how.

    Read the article

  • Google Analytics and direct access

    - by user1592845
    Does Google analytics regards remote access resources as direct access? For example: Suppose: mysite.com and anothersite.com mysite.com has an image found at http://mysite.com/img/vip.jpg anothersite.com at some page of it like http://anothersite.com/photos.html included vip.jpg in its source in image tag: <img src="http://mysite.com/img/vip.jpg" /> So does Analytics regard loading this image when a visitor vists http://anothersite.com/photos.html to be a direct access for mysite.com?

    Read the article

  • In windows 7, how do I disable "Ease of Access" pop ups on the logon screen as I am typing my passwo

    - by Silfheed
    Heyas So the question is pretty much in the title. Things to note: 'Use On-Screen Keyboard' is un-checked I have disabled Ease of Access by replacing utilman.exe But my problem now is that when I'm typing my password, It'll stop all together on the 'u' or the 'p' character and I have to click on the ease of access button then move focus back to the password to continue. Yes, one obvious solution is to not use a password that has 'u' or 'p' in it (which I've done), but that's obviously not a completely satisfying answer. Thanks! I feel a tumbleweed badge...

    Read the article

  • Turn on anonymous access in SharePoint2010 Site collection

    - by ybbest
    In this post, I would like to show you how to turn on anonymous access in SharePoint2010 Site collection using SharePoint Web UI. If you would like to achieve the same thing using PowerShell you can check this blog post here. 1. You need to go to Central AdminàManage Web Applications 2. Click Authentication provider 3. Click Default and Enable anonymous access 4. Go to your site collection and click on Site actions then click Site Permissions 5. Click on Anonymous Access 6. Select the Entire Web site and click OK. 7 Navigate to your site collection and boom you are all set for the anonymous access for your SharePoint site collection.

    Read the article

  • Organising data access for dependency injection

    - by IanAWP
    In our company we have a relatively long history of database backed applications, but have only just begun experimenting with dependency injection. I am looking for advice about how to convert our existing data access pattern into one more suited for dependency injection. Some specific questions: Do you create one access object per table (Given that a table represents an entity collection)? One interface per table? All of these would need the low level Data Access object to be injected, right? What about if there are dozens of tables, wouldn't that make the composition root into a nightmare? Would you instead have a single interface that defines things like GetCustomer(), GetOrder(), etc? If I took the example of EntityFramework, then I would have one Container that exposes an object for each table, but that container doesn't conform to any interface itself, so doesn't seem like it's compatible with DI. What we do now, in case it helps: The way we normally manage data access is through a generic data layer which exposes CRUD/Transaction capabilities and has provider specific subclasses which handle the creation of IDbConnection, IDbCommand, etc. Actual table access uses Table classes that perform the CRUD operations associated with a particular table and accept/return domain objects that the rest of the system deals with. These table classes expose only static methods, and utilise a static DataAccess singleton instantiated from a config file.

    Read the article

  • Can't access any functions after chown command.

    - by explorex
    I am not being to access any functions in my desktop and I don't have an OS besides Ubuntu and I am new to Ubuntu. I think I rebooted my computer thinking that Google Chrome crashed. I opened Google Chrome but it showed opening message but never opened so I restarted my computer. and when my system was loading (I was playing with keyboard dont know what I typed) and when by Ubuntu loaded, I was unable to access anything some of characteristics are listed below: I cannot hear any sound I cannot access wired ethernet connection on the right corner where I usually enable to access internet and I have no internet. There is no local apache server either. when ever I try to start apacer I get setuid must be root or something. When I type sudo then I get message setuid must be root. I cannot access orther external storage devices like pendrive and portable hard drive and cannot mount my other drives with FAT32 filesystem. When I try to start my apache webserver with out typing sudo then I get message cannnot open socket or something like it. I remember also doing command chown -R www-data / earlier and got error message I cannot shutdown my computer, it only logs off

    Read the article

  • Access a mounted Windows share from the command line

    - by Bryan
    Hello All, I use the "Connect to Server..." option under the "Places" menu to connect to a Windows share in my work environment. When I do so, I can access the Windows share via Nautilus, but I can't figure out how to access the share from the command line without using smbclient. For example, the share isn't mounted under /mnt or /media. Is it possible to access the mounted Windows share from the command line without using smbclient?

    Read the article

< Previous Page | 36 37 38 39 40 41 42 43 44 45 46 47  | Next Page >