Search Results

Search found 3366 results on 135 pages for 'openvpn auth ldap'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 45/135 | < Previous Page | 41 42 43 44 45 46 47 48 49 50 51 52  | Next Page >

  • Apache Bad Request "Size of a request header field exceeds server limit" with Kerberos SSO

    - by Aurelin
    I'm setting up an SSO for Active Directory users through a website that runs on an Apache (Apache2 on SLES 11.1), and when testing with Firefox it all works fine. But when I try to open the website in Internet Explorer 8 (Windows 7), all I get is "Bad Request Your browser sent a request that this server could not understand. Size of a request header field exceeds server limit. Authorization: Negotiate [ultra long string]" My vhost.cfg looks like this: <VirtualHost hostname:443> LimitRequestFieldSize 32760 LimitRequestLine 32760 LogLevel debug <Directory "/data/pwtool/sec-data/adbauth"> AuthName "Please login with your AD-credentials (Windows Account)" AuthType Kerberos KrbMethodNegotiate on KrbAuthRealms REALM.TLD KrbServiceName HTTP/hostname Krb5Keytab /data/pwtool/conf/http_hostname.krb5.keytab KrbMethodK5Passwd on KrbLocalUserMapping on Order allow,deny Allow from all </Directory> <Directory "/data/pwtool/sec-data/adbauth"> Require valid-user </Directory> SSLEngine on SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SSLCertificateFile /etc/apache2/ssl.crt/hostname-server.crt SSLCertificateKeyFile /etc/apache2/ssl.key/hostname-server.key </VirtualHost> I also made sure that the cookies are deleted and tried several smaller values for LimitRequestFieldSize and LimitRequestLine. Another thing that seems weird to me is that even with LogLevel debug I won't get any logs about this. The log's last line is ssl_engine_kernel.c(1879): OpenSSL: Write: SSL negotiation finished successfully Does anyone have an idea about that?

    Read the article

  • Linking Linux MIT Kerberos with a Windows 2003 Active Directory

    - by Beerdude26
    Greetings, I was wondering how one might link a Linux MIT Kerberos with a Windows 2003 Active Directory to achieve the following: A user, [email protected], attempts to log in at an Apache website, which runs on the same server as the Linux MIT Kerberos. The Apache module first asks the local Linux MIT Kerberos if he knows a user by that name or realm. The MIT Kerberos finds out it isn't responsible for that realm, and forwards the request to the Windows 2003 Active Directory. The Windows 2003 Active Directory replies positively and gives this information to the Linux MIT Kerberos, which in turn tells this to the Apache module, which grants the user access to its files. Here is an image of the situation: http://img179.imageshack.us/img179/5092/linux2k3.png (I'm not allowed to embed images just yet.) The documentation I have read concerning this issue often differ from this problem: Some discuss linking up a MIT Kerberos with an Active Directory to gain access to resources on the Active Directory server; While another uses the link to authenticate Windows users to the MIT Kerberos through the Windows 2003 Active Directory. (My problem is the other way around.) So what my question boils down to, is this: Is it possible to have a Linux MIT Kerberos server pass through requests for a Active Directory realm, and then have it receive the reply and give it to the requesting service? (Although it's not a problem if the requesting service and the Windows 2003 Active Directory communicate directly.) Suggestions and constructive criticism are greatly appreciated. :)

    Read the article

  • How is the "change password at next logon" requirement supposed to work with RDP using Network Level Authentication?

    - by NReilingh
    We have a Windows server (2008 R2) with the "Remote Desktop Services" feature installed and no Active Directory domain. Remote desktop is set up to "Allow connections only from computers running Remote Desktop with Network Level Authentication (more secure)". This means that before the remote screen is displayed, the connection is authenticated in a "Windows Security: Enter your credentials" window. The only two role services installed on this server is the RD Session Host and Licensing. When the "User must change password at next logon" checkbox is selected in the properties for a local user on this server, the following displays on a client computer after attempting to connect using the credentials that were last valid: On some other servers using RDP for admin access (but without the Remote Desktop Services role installed), the behavior is different -- the session begins and the user is given a change password prompt on the remote screen. What do I need to do to replicate this behavior on the Remote Desktop Services server?

    Read the article

  • Cisco WebVPN RDP Plugin and NLA

    - by bab
    I'm having trouble finding anything in Cisco's docs or with Google searches, so I'm hoping someone out in ServerFault land might know. We've recently enabled NLA domain-wide to protect against some of the recent RDP vulnerabilities. However, we can no longer use the Cisco WebVPN on our ASA to connect to these boxes (Connection Failure). I assume this is because the RDP2 plugin (as of Apr 27 2012) doesn't support NLA? Is there another version of the plugin that does? Thanks!

    Read the article

  • Nginx Server with Ruby on Rails application SMTP Authentication Error

    - by Spoons
    I'm developing a Rails app which when I run it locally, it's able to send emails through a gmail account via smtp. When I moved it to my sever (running Nginx), it comes up with the following error for example when I try to create a new user. Net::SMTPAuthenticationError in UsersController#create 535-5.7.1 Username and Password not accepted. The nginx.conf file remains the same from when I set it up.

    Read the article

  • Apache directive for authenticated users?

    - by Alex Leach
    Using Apache 2.2, I would like to use mod_rewrite to redirect un-authenticated users to use https, if they are on http.. Is there a directive or condition one can test for whether a user is (not) authenticated? For example, I could have set up the restricted /foo location on my server:- <Location "/foo/"> Order deny,allow # Deny everyone, until authenticated... Deny from all # Authentication mechanism AuthType Basic AuthName "Members only" # AuthBasicProvider ... # ... Other authentication stuff here. # Users must be valid. Require valid-user # Logged-in users authorised to view child URLs: Satisfy any # If not SSL, respond with HTTP-redirect RewriteCond ${HTTPS} off RewriteRule /foo/?(.*)$ https://${SERVER_NAME}/foo/$2 [R=301,L] # SSL enforcement. SSLOptions FakeBasicAuth StrictRequire SSLRequireSSL SSLRequire %{SSL_CIPHER_USEKEYSIZE} >= 128 </Location> The problem here is that every file, in every subfolder, will be encrypted. This is quite unnecessary, but I see no reason to disallow it. What I would like is the RewriteRule to only be triggered during authentication. If a user is already authorised to view a folder, then I don't want the RewriteRule to be triggered. Is this possible? EDIT: I am not using any front-end HTML here. This is only using Apache's built-in directory browsing interface and its in-built authentication mechanisms. My <Directory> config is: <Directory ~ "/foo/"> Order allow,deny Allow from all AllowOverride None Options +Indexes +FollowSymLinks +Includes +MultiViews IndexOptions +FancyIndexing IndexOptions +XHTML IndexOptions NameWidth=* IndexOptions +TrackModified IndexOptions +SuppressHTMLPreamble IndexOptions +FoldersFirst IndexOptions +IgnoreCase IndexOptions Type=text/html </Directory>

    Read the article

  • Remote Desktop Network Level Authentication Not Supported

    - by Iszi
    I'm running Windows XP Professional SP3 x86, trying to connect to a system with Windows 7 Ultimate SP1 x64. Recently, I updated the Remote Desktop Connection software on the XP system in hopes of using Network Level Authentication (NLA) for my connections to the Windows 7 box. After the update, I connected to the Windows 7 box over RDP and enabled NLA believing that the updated client should support it. After disconnecting and attempting to reconnect, I'm presented with the following error: The remote computer requires Network Level Authentication, which your computer does not support. For assistance, contact your system administrator or technical support. So, I checked the About page in Remote Desktop Connection to make sure the update had applied. This is what I see. Remote Desktop Connection Shell Version 6.1.7600 Control Version 6.1.7600 © 2007 Microsoft Corporation. All rights reserved. Network Level Authentication not supported. Remote Desktop Protocol 7.0 supported. I thought NLA was supposed to be a part of RDP 7.0 clients. Is there a component I'm missing somewhere?

    Read the article

  • Apache mod_proxy with SSL not redirecting

    - by simonszu
    I have a custom server running behind an apache reverse proxy. Since the custom server can only handle HTTP traffic, i am trying to use apache for wrapping proper SSL around it, and for some kind of HTTP authentication. So i enabled mod_proxy and mod_ssl and modified sites-available/default-ssl. The config is as following: <Location /server> order deny,allow allow from all AuthType Basic AuthName "Please log in" AuthUserFile /etc/apache2/htpasswd Require valid-user ProxyPass http://192.168.1.102:8181/server ProxyPassReverse http://192.168.1.102:8181/server </Location> The custom server is accessible from the internal network via the location specified in the ProxyPass directive. However, when the proxy is accessed from the outside, it presents the login prompt, and after successfully authenticated, i get a blank page with the words The resource can be found at http://192.168.1.102:8181/server. When i type the external URL again in an already authenticated browser instance, i am properly redirected to the server frontend. The access.log is full of entrys stating that my browser does successful GET requests, and the proxy is happily serving the /server ressource. However, the ressource isn't containing the server's frontend, but this blank page with these words on it.

    Read the article

  • apache authentication

    - by veilig
    I'm trying to set up a local webserver on my network. I want to be able to be able to access the webserver from any machine inside my network w/out authenticating. and two extra domains need access to it w/out authenticating. Everyone else I would like to authenticate in. so far, I can get to it from inside my network. and the two extra domains can access my webserver, but everyone else is just hanging. They don't get an authentication or anything. can anyone tell me what I'm doing wrong here? This is part of my apache's site-available file so far: <Directory /path/to/server/> Options Indexes FollowSymLinks -Multiviews Order Deny,Allow Deny from All Allow from 192.168 Allow from localhost Allow from domain1 Allow from domain2 AuthType Basic AuthName "my authentication" AuthUserFile /path/to/file Require valid-user Satisfy Any AllowOverride All <Files .htaccess> Order Allow,Deny Allow from All </Files> </Directory>

    Read the article

  • Cannot connect puppet agent to puppet master

    - by u123
    I have installed puppet 3.3.1 on a debian 7 machine (test-puppet-master) and the puppet agent on another debian 7 machine (test-puppet-agent/192.11.80.246) acting as a client. I start the master with: puppet master --verbose --no-daemonize And I start the agent with: puppet agent --server=test-puppet-master --no-daemonize --verbose Notice: Did not receive certificate which gives the following output on the master: Notice: Starting Puppet master version 3.3.1 Error: Could not resolve 192.11.80.246: no name for 192.11.80.246 Info: Inserting default '~ ^/catalog/([^/]+)$' (auth true) ACL Info: Inserting default '~ ^/node/([^/]+)$' (auth true) ACL Info: Inserting default '/file' (auth ) ACL Info: Inserting default '/certificate_revocation_list/ca' (auth true) ACL Info: Inserting default '~ ^/report/([^/]+)$' (auth true) ACL Info: Inserting default '/certificate/ca' (auth any) ACL Info: Inserting default '/certificate/' (auth any) ACL Info: Inserting default '/certificate_request' (auth any) ACL Info: Inserting default '/status' (auth true) ACL Info: Not Found: Could not find certificate test-puppet-agent Error: Could not resolve 192.11.80.246: no name for 192.11.80.246 Info: Not Found: Could not find certificate test-puppet-agent Error: Could not resolve 192.11.80.246: no name for 192.11.80.246 Info: Not Found: Could not find certificate test-puppet-agent Any ideas why the agent cannot connect?

    Read the article

  • What does 'http: getaddrinfo*.gaih_getanswer: got type "46"' mean

    - by koffie
    Today I got an e-mail from logcheck informing me that the following system event occurred. http: getaddrinfo*.gaih_getanswer: got type "46" Indeed, the above message occurs 4 times in /var/log/aut.log it occured twice yesterday around 6:46 am. And this morning it also occured twice around the same time. I wonder what this message means and if this message is something to worry about or if should just tell logcheck to ignore it. If it is something to worry about, then any pointers on how to fix the problem are appreciated.

    Read the article

  • smtp sasl authentication failure

    - by cromestant
    hello, I have configured and fixed almost all the problems with my postfix +courier + mysql setup for virtual mailboxes. I can now receive mail and send it from webmail (squirrel). BUT, what I can't do is authenticate from outside client. Since my isp blocks port 25 I setup postfix to work on 1025 for smtp and setup verbose loging. Here is the verbose log of a failed authentication process LOG Authentication for imap and pop3 seem to be working but this one is not. Here is the postconf -n output. Also through mysql I can verify that it is trying to validate through the system, running a query that returns the encrypted password stored in the database. I can't seem to find the error for this. thank you in advance

    Read the article

  • 530 5.7.1 Client was not authenticated Exchange 2010 for some computers within mask

    - by user1636309
    We have a classic problem with Client not Authenticated but with a specific twist: We have an Exchange 2010 cluster, let's say EX01 and EX02, the connection is always to smtp.acme.com, then it is switched through load balancer. We have an application server, call it APP01 There are clients connected to the APP01. There is a need for anonymous mail relay from both clients and APP01. The Anonymous Users setting of the Exchange is DISABLED, but the specific computers - APP01 and clients by the mask, let's say, 192.168.2.* - are enabled. For internal relay, a "Send Connector" is created, and then the above IP addresses are added for the connector to allow computers, servers, or any other device such as a copy machine to use the exchange server to relay email to recipients. The problem is that the relay works for APP01 and some clients, but not others (we get "Client not Authenticated") - all inside the same network and the same mask. This is basically what we do to test it outside of our application: http://smtp25.blogspot.sk/2009/04/530-571-client-was-not-authenticated.html So, I am looking for ideas: What can be the reason for such a strange behaviour? Where I can see the trace of what's going on at the Exchange side?

    Read the article

  • apache using mod_auth_kerb always asks for the password twice

    - by DrStalker
    (Debian Squeeze) I'm trying to set apache up to use Kerberos authentication to allow AD users to log in. It is working, but prompts the user twice for a username and password, with the first time being ignored (no matter what is put it in.) Only the second prompt includes the AuthName string from the config (i.e.: the first windows is a generic username/password one, the second includes the title "Kerberos Login") I'm not worried about integrated windows authentication working at this stage, I just want users to be able to login with their AD account so we don't need to set up a second repository of user accounts. How do I fix this to eliminate that first useless prompt? The directives in the apache2.conf file: <Directory /var/www/kerberos> AuthType Kerberos AuthName "Kerberos Login" KrbMethodNegotiate On KrbMethodK5Passwd On KrbAuthRealms ONEVUE.COM.AU.LOCAL Krb5KeyTab /etc/krb5.keytab KrbServiceName HTTP/[email protected] require valid-user </Directory> krb5.conf: [libdefaults] default_realm = ONEVUE.COM.AU.LOCAL [realms] ONEVUE.COM.AU.LOCAL = { kdc = SYD01PWDC01.ONEVUE.COM.AU.LOCAL master_kdc = SYD01PWDC01.ONEVUE.COM.AU.LOCAL admin_server = SYD01PWDC01.ONEVUE.COM.AU.LOCAL default_domain = ONEVUE.COM.AU.LOCAL } [login] krb4_convert = true krb4_get_tickets = false The access log when accessing the secured directory (note the two seperate 401's) 192.168.10.115 - - [24/Aug/2012:15:52:01 +1000] "GET /kerberos/ HTTP/1.1" 401 710 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.83 Safari/537.1" 192.168.10.115 - - [24/Aug/2012:15:52:06 +1000] "GET /kerberos/ HTTP/1.1" 401 680 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.83 Safari/537.1" 192.168.10.115 - [email protected] [24/Aug/2012:15:52:10 +1000] "GET /kerberos/ HTTP/1.1" 200 375 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.83 Safari/537.1" And one line in error.log [Fri Aug 24 15:52:06 2012] [error] [client 192.168.0.115] gss_accept_sec_context(2) failed: An unsupported mechanism was requested (, Unknown error)

    Read the article

  • what is the location of the log file for bugzilla on windows

    - by mohang
    We are using Bugzlla on windows. We set up the SMTP server configuration in the admin parameters. But Bugzilla is unable to send emails. It always reports "Could not authenticate user". How to know the details of the error? Everything we configured are working fine when used in another system. Can you please point out the location of the log file Any points to troubleshoot the issue is greatly appreciated.

    Read the article

  • How to keep group-writeable shares on Samba with OSX clients?

    - by Oliver Salzburg
    I have a FreeNAS server on a network with OSX and Windows clients. When the OSX clients interact with SMB/CIFS shares on the server, they are causing permission problems for all other clients. Update: I can no longer verify any answers because we abandoned the project, but feel free to post any help for future visitors. The details of this behavior seem to also be dependent on the version of OSX the client is running. For this question, let's assume a client running 10.8.2. When I mount the CIFS share on an OSX client and create a new directory on it, the directory will be created with drwxr-x-rx permissions. This is undesirable because it will not allow anyone but me to write to the directory. There are other users in my group which should have write permissions as well. This behavior happens even though the following settings are present in smb.conf on the server: [global] create mask= 0666 directory mask= 0777 [share] force directory mode= 0775 force create mode= 0660 I was under the impression that these settings should make sure that directories are at least created with rwxrwxr-x permissions. But, I guess, that doesn't stop the client from changing the permissions after creating the directory. When I create a folder on the same share from a Windows client, the new folder will have the desired access permissions (rwxrwxrwx), so I'm currently assuming that the problem lies with the OSX client. I guess this wouldn't be such an issue if you could easily change the permissions of the directories you've created, but you can't. When opening the directory info in Finder, I get the old "You have custom access" notice with no ability to make any changes. I'm assuming that this is caused because we're using Windows ACLs on the share, but that's just a wild guess. Changing the write permissions for the group through the terminal works fine, but this is unpractical for the deployment and unreasonable to expect from anyone to do. This is the complete smb.conf: [global] encrypt passwords = yes dns proxy = no strict locking = no read raw = yes write raw = yes oplocks = yes max xmit = 65535 deadtime = 15 display charset = LOCALE max log size = 10 syslog only = yes syslog = 1 load printers = no printing = bsd printcap name = /dev/null disable spoolss = yes smb passwd file = /var/etc/private/smbpasswd private dir = /var/etc/private getwd cache = yes guest account = nobody map to guest = Bad Password obey pam restrictions = Yes # NOTE: read smb.conf. directory name cache size = 0 max protocol = SMB2 netbios name = freenas workgroup = COMPANY server string = FreeNAS Server store dos attributes = yes hostname lookups = yes security = user passdb backend = ldapsam:ldap://ldap.company.local ldap admin dn = cn=admin,dc=company,dc=local ldap suffix = dc=company,dc=local ldap user suffix = ou=Users ldap group suffix = ou=Groups ldap machine suffix = ou=Computers ldap ssl = off ldap replication sleep = 1000 ldap passwd sync = yes #ldap debug level = 1 #ldap debug threshold = 1 ldapsam:trusted = yes idmap uid = 10000-39999 idmap gid = 10000-39999 create mask = 0666 directory mask = 0777 client ntlmv2 auth = yes dos charset = CP437 unix charset = UTF-8 log level = 1 [share] path = /mnt/zfs0 printable = no veto files = /.snap/.windows/.zfs/ writeable = yes browseable = yes inherit owner = no inherit permissions = no vfs objects = zfsacl guest ok = no inherit acls = Yes map archive = No map readonly = no nfs4:mode = special nfs4:acedup = merge nfs4:chown = yes hide dot files force directory mode = 0775 force create mode = 0660

    Read the article

  • How to place additional access-restrictions on a subdirectory in Apache?

    - by Mikhail T.
    We have a list of "internal" IP-addresses and only allow access to the server (Location /) from that list: <Location /> Require ip x.x.x.x Require ip y.y.y.y </Location> I need to further restrict access to a sub-directory (Location /foo) to authenticated users (Require valid-user). Whatever I do, I never get prompted for login to access /foo -- Apache simply grants me access, because my IP-address is on the list (for Location /). I cycled through all three different values of AuthMerging (off, and, or) to no avail... Must be something really stupid :-/ Using httpd-2.4.6. Thank you!

    Read the article

  • Use a preferred username but authenticate against Kerberos principal

    - by Jason R. Coombs
    What I desire to do should be pretty simple. I have an Ubuntu 10.04 box. It's currently configured to authenticate users against a kerberos realm (EXAMPLE.ORG). There is only one realm in the krb5.conf file and it is the default realm. [libdefaults] default_realm = EXAMPLE.ORG PAM is configured to use the pam_krb5 module, so if a user account is created on the local machine, and that username matches the [email protected] credential, that user may log in by supplying his kerberos password. What I would like to do instead is create a local user account with a different username, but have it always authenticate against the canonical name in the kerberos server. For example, the kerberos principal is [email protected]. I would like to create the local account preferred.name and somehow configure kerberos that when someone attempts to log in as preferred.name, it uses the principal [email protected]. I have tried using the auth_to_local_names in krb5.conf, but this doesn't seem to do the trick. [realms] EXAMPLE.ORG = { auth_to_local_names = { full.name = preferred.name } I have tried adding [email protected] to ~preferred.name/.k5login. In all cases, when I attempt to log in as preferred.name@host and enter the password for full.name, I get Access denied. I even tried using auth_to_local in krb5.conf, but I couldn't get the syntax right. Is it possible to have a (distinct) local username that for all purposes behaves exactly like a matching username does? If so, how is this done?

    Read the article

  • Does nginx auth_basic work over HTTPS?

    - by monde_
    I've been trying to setup a password protected directory in a SSL website as follows: /etc/nginx/sites-available/default server { listen 443: ssl on; ssl_certificate /usr/certs/server.crt; ssl_certificate_key /usr/certs/server.key; server_name server1.example.com; root /var/www/example.com/htdocs/; index index.html; location /secure/ { auth_basic "Restricted"; auth_basic_user_file /var/www/example.com/.htpasswd; } } The problem is when I try to access the URL https://server1.example.com/secure/, I get a "404: Not Found" error page. My error.log shows the following error: 011/11/26 03:09:06 [error] 10913#0: *1 no user/password was provided for basic authentication, client: 192.168.0.24, server: server1.example.com, request: "GET /secure/ HTTP/1.1", host: "server1.example.com" However, I was able to setup password protected directories for a normal HTTP virtual host without any problems. Is it a problem with the config or something else?

    Read the article

  • Authentication through mod_auth_kerb should provide website with no user if no TGT provided

    - by loomi
    Users are authenticated by mod_auth_kerb which works great. Therefore I need to set Require valid-user If there is no valid user Apache fails with an 401 Authorization Required. I would like Apache to deliver the website anyway but not providing a remote_user to the underlying script. This is related to How to tell mod_auth_kerb to do its job despite no "require valid-user". But with the important difference that on a whole subdirectory on every url a kerberos negotation should be initiated, and if it fails it should deliver the content anyway.

    Read the article

  • Encrypted home breaks on login

    - by berkes
    My home is encrypted, which breaks the login. Gnome and other services try to find all sorts of .files, write to them, read from them and so on. E.g. .ICEauthority. They are not found (yet) because at that moment the home is still encrypted. I do not have automatic login set, since that has known issues with encrypted home in Ubuntu. When I go trough the following steps, there is no problem: boot up the system. [ctr][alt][F1], login. run ecryptfs-mount-private [ctr][alt][F7], done. Can now login. I may have some setting wrong, but have no idea where. I suspect ecryptfs-mount-private should be ran earlier in bootstrap, but do not know how to make it so. Some issues that may cause trouble: I have a fingerprint reader, it works for login and PAM. I have three keyrings in seahorse, containing passwords from old machines (backups). Not just one. Suggestion was that the PAM settings are wrong, so here are the relevant parts from /etc/pam.d/common-auth. # here are the per-package modules (the "Primary" block) auth [success=3 default=ignore] pam_fprintd.so auth [success=2 default=ignore] pam_unix.so nullok_secure try_first_pass auth [success=1 default=ignore] pam_winbind.so krb5_auth krb5_ccache_type=FILE cached_login try_first_pass # here's the fallback if no module succeeds auth requisite pam_deny.so # prime the stack with a positive return value if there isn't one already; # this avoids us returning an error just because nothing sets a success code # since the modules above will each just jump around auth required pam_permit.so # and here are more per-package modules (the "Additional" block) auth optional pam_ecryptfs.so unwrap # end of pam-auth-update config I am not sure about how this configuration works, but ut seems that maybe the*optional* in auth optional pam_ecryptfs.so unwrap is causing the ecryptfs to be ignored?

    Read the article

  • Putting a django login form on every page

    - by asciitaxi
    I'd like the login form (AuthenticationForm from django.contrib.auth) to appear on every page in my site if the user is not logged in. When the user logs in, they will be redirected to the same page. If there is an error, the error will be shown on the same page with the form. I suppose you'd need a context processor to provide the form to every template. But, then you'd also need every view to handle the posted form? Does this mean you need to create some middleware? I'm a bit lost. Is there an accepted way of doing this?

    Read the article

  • Kohana v3 ACL A2 with database support

    - by Asif
    Hi, I am using Kohana V 3.0.3. I was looking for ACL library and found from http://dev.kohanaphp.com/projects A2 Kohana's ACL module. Apparently it's found that, it manages Roles,Resources and Rules using config file and authenticate object basis. I want it to be dynamic, like Resources and Rules should be loaded from database dynamically if valid user logs in. Auth part is done now looking for ACL part. Is it possible to use same A2 module with database or need to rewrite own logic?

    Read the article

  • Zend_Auth multiple credentials?

    - by azz0r
    Login Form: $authAdapter = Zend_Registry::get('authAdapter'); $authAdapter ->setIdentity($formData['email']) ->setCredential($password) ->setCredential(1); Bootstrap: protected function _initAuth(){ $this->bootstrap('db'); $this->bootstrap('session'); $db = $this->getPluginResource('db')->getDbAdapter(); $auth = Zend_Auth::getInstance(); $authAdapter = new Zend_Auth_Adapter_DbTable($db, 'User', 'email', 'password', 'enabled'); Zend_Registry::set('authAdapter', $authAdapter); return $authAdapter; } Obviously since adding 'enabled' its stopped working, if I remove: ->setCredential(1); and 'enabled' from there: ($db, 'User', 'email', 'password', 'enabled'); it works just fine... I would like to only enable users who have an enabled account to login though.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 41 42 43 44 45 46 47 48 49 50 51 52  | Next Page >