Search Results

Search found 1414 results on 57 pages for 'signed'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 48/57 | < Previous Page | 44 45 46 47 48 49 50 51 52 53 54 55  | Next Page >

  • PHP mail may be filtered out by spam?

    - by Derek
    I am creating a small company, and would like to send out emails to my clients once they have signed up for my service to activate their accounts. I am currently using PHP's mail() function, however I am worried that my emails are being filtered out by spam filters. Is there a better way to go about this? $email = 'XZY Client Email address @ somedomain.com'; $emailSubject = "Welcome to XYZ Service!"; $to = $email; $subject .= "".$emailSubject.""; $headers .= "From: [email protected]\r\n" . "X-Mailer: php"; $headers .= "MIME-Version: 1.0\r\n"; $headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n"; $message = "<html><body>"; $message .= "Welcome to XYZ Service! \n Activate your account by clicking the following link: link..."; mail($to, $subject, $message, $headers); Is there a way to authenticate these emails so that my clients know that they are from my actual service? Thank you in advance!

    Read the article

  • XML digital signature interface

    - by yeekang
    I am trying to call a WebService and it requires me to prepare an XML digital signature interface. I came across this website and it shows how to sign an XML document. My problem now is that I do not create the XML document myself. My code is as follows: string myResult; GenericWS.ServicesService a = new GenericWS.ServicesService(); GenericWS.Service2 b = new GenericWS.Service2(); b.Something = "3"; X509Certificate cert = X509Certificate.CreateFromCertFile("C:\\somepath\\somecert.cer"); a.ClientCertificates.Add(cert); ServicePointManager.ServerCertificateValidationCallback = delegate (object s, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) { return true; }; myResult= a.WSRequest(b).WSReturnValue.ToString(); Label1.Text = myResult; Basically, the WSRequest() will generate the body of the SOAP message. However, in order to sign the SOAP message, I need to pass in the XML file that needs to be signed. I tried to serialize the object and cast it as XML and pass it into the signature interface but I do not have another method that I can invoke to call the webmethod. Is there any other solution?

    Read the article

  • Could not launch console app with xCode 4.4

    - by lp1756
    I have a project with two targets -- an iOS app and an OSX console app. The latter was created using Xcode File-New Target and selecting "Command Line Tool". This console app is used to prep a default database needed by the iOS app -- using CoreData. This has been working fine until I upgraded to Mountain Lion and xCode 4.4. Now when I try to run the command line tool I get a "Could Not Launch -- permission denied" error. I have tried playing around with signing certificates, to no avail. Interestingly if I create a new "hello, world" command line tool in a new project it works just fine -- and it is not signed at all. I checked the file and it has -rwxr-xr-x permission. In the debugger the app fails on startup even before it tries to access the moms. If I try to run this outside of the debugger at the command line, it ends with a kill 9 message. Any ideas would be greatly appreciated.

    Read the article

  • Is there a way to receive data as unsigned char over UDP on Qt?

    - by user269037
    I need to send floating point numbers using a UDP connection to a Qt application. Now in Qt the only function available is qint64 readDatagram ( char * data, qint64 maxSize, QHostAddress * address = 0, quint16 * port = 0 ) which accepts data in the form of signed character buffer. I can convert my float into a string and send it but it will obviously not be very efficient converting a 4 byte float into a much longer sized character buffer. I got hold of these 2 functions to convert a 4 byte float into an unsinged 32 bit integer to transfer over network which works fine for a simple C++ UDP program but for Qt I need to receive the data as unsigned char. Is it possible to avoid converting the floatinf point data into a string and then sending it? uint32_t htonf(float f) { uint32_t p; uint32_t sign; if (f < 0) { sign = 1; f = -f; } else { sign = 0; } p = ((((uint32_t)f)&0x7fff)<<16) | (sign<<31); // Whole part and sign. p |= (uint32_t)(((f - (int)f) * 65536.0f))&0xffff; // Fraction. return p; } float ntohf(uint32_t p) { float f = ((p>>16)&0x7fff); // Whole part. f += (p&0xffff) / 65536.0f; // Fraction. if (((p>>31)&0x1) == 0x1) { f = -f; } // Sign bit set. return f; }

    Read the article

  • What would be a better implementation of shared variable among subclass

    - by Churk
    So currently I have a spring unit testing application. And it requires me to get a session cookie from a foreign authentication source. Problem what that is, this authentication process is fairly expensive and time consuming, and I am trying to create a structure where I am authenticate once, by any subclass, and any subsequent subclass is created, it will reuse this session cookie without hitting the authentication process again. My problem right now is, the static cookie is null each time another subclass is created. And I been reading that using static as a global variable is a bad idea, but I couldn't think of another way to do this because of Spring framework setting things during run time and how I would set the cookie so that all other classes can use it. Another piece of information. The variable is being use, but is change able during run time. It is not a single user being signed in and used across the board. But more like a Sub1 would call login, and we have a cookie. Then multiple test will be using that login until SubX will come in and say, I am using different credential, so I need to login as something else. And repeats. Here is a outline of my code: public class Parent implements InitializingBean { protected static String BASE_URL; public static Cookie cookie; ... All default InitializingBean methods ... afterPropertiesSet() { cookie = // login process returns a cookie } } public class Sub1 extends Parent { @resource public String baseURL; @PostConstruct public void init() { // set parents with my baseURL; BASE_URL = baseURL; } public void doSomething() { // Do something with cookie, because it should have been set by parent class } } public class Sub2 extends Parent { @resource public String baseURL; @PostConstruct public void init() { // set parents with my baseURL; BASE_URL = baseURL; } public void doSomethingElse() { // Do something with cookie, because it should have been set by parent class } }

    Read the article

  • Array's index and argc signedness

    - by tusbar
    Hello, The C standard (5.1.2.2.1 Program startup) says: The function called at program startup is named main. [...] It shall be de?ned with a return type of int and with no parameters: int main(void) { /* ... */ } or with two parameters [...] : int main(int argc, char *argv[]) { /* ... */ } And later says: The value of argc shall be nonnegative. Why shouldn't argc be defined as an unsigned int, argc supposedly meaning 'argument count'? Should argc be used as an index for argv? So I started wondering if the C standard says something about the type of array's index. Is it signed? 6.5.2.1 Array subscripting: One of the expressions shall have type ‘‘pointer to object type’’, the other expression shall have integer type, and the result has type ‘‘type’’. It doesn't say anything about its signedness (or I didn't find it). It is pretty common to see codes using negatives array indexes (array[-1]) but isn't it undefined behavior? Should array's indexes be unsigned?

    Read the article

  • The sign of zero with float2

    - by JackOLantern
    Consider the following code performing operations on complex numbers with C/C++'s float: float real_part = log(3.f); float imag_part = 0.f; float real_part2 = (imag_part)*(imag_part)-(real_part*real_part); float imag_part2 = (imag_part)*(real_part)+(real_part*imag_part); The result will be real_part2= -1.20695 imag_part2= 0 angle= 3.14159 where angle is the phase of the complex number and, in this case, is pi. Now consider the following code: float real_part = log(3.f); float imag_part = 0.f; float real_part2 = (-imag_part)*(-imag_part)-(real_part)*(real_part); float imag_part2 = (-imag_part)*(real_part)+(real_part)*(-imag_part); The result will be real_part2= -1.20695 imag_part2= 0 angle= -3.14159 The imaginary part of the result is -0 which makes the phase of the result be -pi. Although still accomplishing with the principal argument of a complex number and with the signed property of floating point's 0, this changes is a problem when one is defining functions of complex numbers. For example, if one is defining sqrt of a complex number by the de Moivre formula, this will change the sign of the imaginary part of the result to a wrong value. How to deal with this effect?

    Read the article

  • why does django-registration use an "activation window" for activating accounts?

    - by bharal
    i'm using django-registration, which is a django lib that helps with users registering on a django-built website. All well and dandy, except that it insists i have an "activation email" associated with all new users. It defaults to a 7 day window, after which, if someone signed up (and we then sent an email to confirm their email address) but didn't click on the link in the sent email within the 7 days, then they cannot sign up. Instead, they need to do the whole process all over again. I'm sure this is a concept that exists generally in web design, because why would django-registration make its own arbitrary signup process up? Anyway, the question is why? What do i gain by having the peace of mind knowing that all the users of my site are the kind of go-getters that click on registration emails with 7 days of receiving them? Why should i sleep easier knowing that my database isn't filled with users who, for whatever reason, clicked through to sign up but didn't actually want to sign up? cheers!

    Read the article

  • Intercept creation of activities when the application is restored

    - by Johan Bilien
    Most of our activities access a user-specific model. All these activities inherit from a ModelActivity base class, which provides a getModel() call. When one of these activities detect that the user has signed out (through the AccountManager callback), it sticks to its existing model, but prepares to exit back to the root activity (which is not user-specific) by starting its intent with FLAG_ACTIVITY_CLEAR_TOP. If however the user deletes an account while the app is not running, we run into trouble when the activity is restored. Now the activity needs to handle there not being a model, which makes the code more complicated and bug-prone. Ideally we would intercept the application restore process before the activity is created. Then we would check whether we have an account and a model, and if not clear up the saved stack of activities, and restart from our root activity instead of the last saved activity. But as far as I can tell the first place where we can run code is in the onCreate callback of the activity. Is there a way to run some code when the application is restored from background-saving, but before the saved activity is created?

    Read the article

  • c++ simple conditional logging

    - by Sunny
    Disclaimer: I'm not a c++ developer, I can only do basic things. (I understand pointers, just my knowledge is so rusty, I haven't touch c/c++ for about 20 years :) ) The setup: I have an Outlook addin, written in C#/.Net 1.1. It uses a c++ shim to load. Usually, this works pretty well, and I use in my c# code nlog for logging purposes. But sometimes, the addin fails to load, i.t. it does not hit the managed code at all for me to be able to investigate the problem from the log files. So, I need to hook some basic logging into the c++ shim - just writing in a file. I need to make it as simple as possible for our users to enable. Actually I would prefer not to ship it by default. I was thinking about something, which will check if a specific dll is present (the logging dll), and if so, to use it. Otherwise, it will just not log anything. That way, when I have a user with such a problems, I can send him only the logging dll, the user will save it in the runtime directory, and I'll have the file. I guess this have to be done with some form a factory solution, which returns either a dummy logger, or if the dll is found, a real one. Another option would be to make some simple logger, and rebuild the shim with or w/o using it, based on directives. This is not the desirable approach, because the shim needs to be signed, and I have to instruct the user to make a backup copy of the "real" one, then restore when done, etc., instead of just saving and deleting a dll. I'd appreciate any good suggestion how to approach it, together with links or sample code how to go after this. Cheers

    Read the article

  • Defining Views Based On Selection

    - by Wayne
    Well the title isn't very descriptive but I'm not exactly sure how to explain but here goes! I have a web application (can use either MVC or standard web forms) which a user signs in to. If the user has signed up for more than one product they will have the option to switch between them. For the sakes of this example lets say User1 signs in and has access to Product1, Product2 and Product3. Now, each product will be very different and offer different functionally. What I want is the main view to be focused around the product they have selected and not redirected to a sub domain. What I don't want to have to do is get them to go to www.mysite.com/product1 or www.mysite.com/product2 but simply www.mysite.com regardless of the product they have selected and have the site render the views etc for that product. Wow does any of that make any sense? I was thinking mabe the use of sessions or something and URL rewriting? Are there any sample apps out there that make use of the same kind of functionallity that I could take a look at? Thanks for any help I appreciate it!

    Read the article

  • make java plugin use the browser certificates

    - by Shalom938
    We have a java applet that communicates with a spring application running on tomcat and using spring's http invoker. We want to secure the applet using ssl with client authentication, we have a jsp page for login, after successful login the applet loads. The jsp page is secured with ssl, when the applet loads the http invoker inside the applet is doing a second handshake apparently not related to the browser handshake, OK, I don't mind that, but I want the java plugin to use browser certificates and client certificates but its not, I have to load the client certificate to the java plugin also using the java ControlPanel, and if my server's certificate is self signed then I have to load the server certificate also to the java ControlPanel and to the nrowser. Another thing is when the applet starts loading the java plugin pops a dialog asking for the client keystore password, I would like to avoid that. So to conclude: I would like the java plugin to use the browser's trusted certificates and client certificates, and to avoid the keystore password dialog that pops up. I have googled for it for two days and can't find any clue of how to accomplish that. I will appreciate any help. I'm using jdk 1.6.0 u23 and firefox 3.6.13.

    Read the article

  • iPhone: How to run a Beta build, in addition to the App Store build?

    - by rondoagogo
    Hi, All! I have an app on the Store for which we’re readying an update. The other members of our team have the App Store version already loaded up (~purchased) on their respective iPhones -- and those contain User Data which each member needs to be able to keep. In the meantime, we need to test out a Beta version of the next version of the app. Presumably, we’d need to have the two versions (ad hoc, and app store) co-existing on each device, at least until everyone’s signed off on the beta, and it’s uploaded to the store (at which point, they'd delete the beta version). [Once it’s on the Store, of course, they can each update their main (i.e., Release) version of the app via the usual App Store 'update' mechanism -- and then delete the beta version from their devices. In that case, all their user data is still retained intact.] So assuming that’s the proper workflow ... How do I issue a Beta to the team, and have it not replace/overwrite the existing App Store version? I’ve tried customizing parameters in the beta’s “[appname]-Info.plist”, but haven’t found a setting yet that allows the two versions (beta and release) to co-exist on the same device. Any ideas? And is this this is the proper approach to them being able to keep their data? (And last, how might I do it with & without a script? I assume there's just one parameter that'd need to be changed.) I hope this all makes sense -- thank you in advance for your help!

    Read the article

  • Paypal Sandbox 2014 Non US test account Sign Up proper link

    - by Flood Gravemind
    Ok I had a Paypal Sandbox account a year ago. I am developing a new site for a client and when I try to Login it won't recognize my email address. I tried forgot my password forgot password still nothing. So I guessed that maybe due to inactivity for such a long time they may have deleted my account. So then I try to Sign Up for a new one. I entered my details 3 times now and spent 6 hours trying to figure out what is the proper link to do this. Then I went to another Sandbox link which required me to entered a US Zip code and its a dead end. I am not even sure which Paypal account I signed up for those three times. No email nothing at all. I am a Non US developer and the FAQ link for Non US developers just points to their REST API. Can someone please guide me to the proper Paypal Sandbox Setup for Non US developers including the proper sign up links please. And I know Stackoverflow does not like rants but from my experience dealing with Paypal, GTA 6 should make a satirical Paypal company in their next Game with Paypal Developer Rampage mode for the main protagonist who also happens to be a Developer. EDIT: REST API does not include UK :(

    Read the article

  • Integration test for H1 text failing when it should be passing (Rspec and Capybara)

    - by rebec
    Below you can see my test for what happens when a user tries to access the page to edit a profile photo that they don't own. I've used the same test on the NEW action, where it worked fine, but it surprised me by failing when I copied it down to the EDIT action tests. I've used save_and_open_page to test what Capybara's seeing (as you can see below); the resulting page definitely has an h1 with the specified text in it. No spelling errors, and case is all the same as in the test. I've tried using both have_css and have_selector. Both fail. I'm still learning Ruby, Rails, Rspec and especially Capybara (was using webrat previously and recently switched over), and wonder if I'm misconceiving of something that's making me expect this to pass when it doesn't. Any thoughts? Thanks! describe "EDIT" do let(:user) { FactoryGirl.create(:user) } let(:different_user) { FactoryGirl.create(:user) } let(:admin_user) { FactoryGirl.create(:user, role: "admin") } let(:profile_photo1) { FactoryGirl.create(:profile_photo, user: user) } subject { page } context "when signed in as any member" do before { login different_user visit edit_user_profile_photo_path(:id => profile_photo1, :user_id => profile_photo1.user_id) save_and_open_page } # It should deny access with an Unauthorised/Forbidden message. it { should have_css('h1', text: "Unauthorised/Forbidden.") } end

    Read the article

  • Calculating with a variable outside of its bounds in C

    - by aquanar
    If I make a calculation with a variable where an intermediate part of the calculation goes higher then the bounds of that variable type, is there any hazard that some platforms may not like? This is an example of what I'm asking: int a, b; a=30000; b=(a*32000)/32767; I have compiled this, and it does give the correct answer of 29297 (well, within truncating error, anyway). But the part that worries me is that 30,000*32,000 = 960,000,000, which is a 30-bit number, and thus cannot be stored in a 16-bit int. The end result is well within the bounds of an int, but I was expecting that whatever working part of memory would have the same size allocated as the largest source variables did, so an overflow error would occur. This is just a small example to show my problem, I am trying to avoid using floating points by making the fraction be a fraction of the max amount able to be stored in that variable (in this case, a signed integer, so 32767 on the positive side), because the embedded system I'm using I believe does not have an FPU. So how do most processors handle calculations out of the bounds of the source and destination variables?

    Read the article

  • what is the wrong with this spec and controller code?

    - by user1609468
    I'm trying to test an existing rails project with rspec. And I want to test a controller but getting an error which I can't solve :S Here is the my spec code ; require 'spec_helper' describe BriefNotesController do before(:all) do @customer=Factory(:customer) @project=Factory(:project_started, :owner => @customer) end context 'get :new' do it 'should redirect to login page for not signed in users' do get :new, :project_id => @project.id response.should redirect_to("/kullanici-girisi") end it 'should be success and render new brief note page for project owner' do sign_in @customer get :new, :project_id => @project.id response.should be_success end end end Here is the my controller code ; class BriefNotesController < ApplicationController before_filter :authenticate_user! before_filter :find_project def new @brief_note = @project.brief_notes.new end def create @brief_note = @project.brief_notes.build(params[:brief_note]) if @brief_note.save redirect_to brief_project_path(@project) else render :action => :new end end private def find_project @project = current_user.projects.find_by_cached_slug([params[:project_id]]) end end I think current_user.projects.find_by_cached_slug method don't work. So this is the error; Failures: 1) BriefNotesController get :new should be success and render new brief note page for project owner Failure/Error: get :new, :project_id => @project.id NoMethodError: undefined method `brief_notes' for nil:NilClass # ./app/controllers/brief_notes_controller.rb:6:in `new' # ./spec/controllers/brief_notes_controller_spec.rb:19:in `block (3 levels) in <top (required)>'

    Read the article

  • Failing to use Array.Copy() in my WPF App

    - by Steven Wilson
    I am a C++ developer and recently started working on WPF. Well I am using Array.Copy() in my app and looks like I am not able to completely get the desired result. I had done in my C++ app as follows: static const signed char version[40] = { 'A', 'U', 'D', 'I', 'E', 'N', 'C', 'E', // name 0 , 0 , 0 , 0 , 0 , 0 , 0 , 0 , // reserved, firmware size 0 , 0 , 0 , 0 , 0 , 0 , 0 , 0 , // board number 0 , 0 , 0 , 0 , 0 , 0 , 0 , 0 , // variant, version, serial 0 , 0 , 0 , 0 , 0 , 0 , 0 , 0 // date code, reserved }; unsigned char sendBuf[256] = {}; int memloc = 0; sendBuf[memloc++] = 0; sendBuf[memloc++] = 0; // fill in the audience header memcpy(sendBuf+memloc, version, 8); // the first 8 bytes memloc += 16; // the 8 copied, plus 8 reserved bytes I did the similar operation in my WPF (C#) app as follows: Byte[] sendBuf = new Byte[256]; char[] version = { 'A', 'U', 'D', 'I', 'E', 'N', 'C', 'E', // name '0', '0', '0', '0', '0', '0', '0', '0' , // reserved, firmware size '0', '0', '0', '0', '0', '0', '0', '0' , // board number '0', '0', '0', '0', '0', '0', '0', '0' , // variant, version, serial '0', '0', '0', '0', '0', '0', '0', '0' // date code, reserved }; // fill in the address to write to -- 0 sendBuf[memloc++] = 0; sendBuf[memloc++] = 0; // fill in the audience header Array.Copy(sendBuf + memloc, version, 8); // the first 8 bytes memloc += 16; But it throws me an error at Array.Copy(sendBuf + memloc, version, 8); as Operator '+' cannot be applied to operands of type 'byte[]' and 'int'. How can achieve this???? :) please help :)

    Read the article

  • Server.CreateObject Fails when calling .Net object from ASP on 64-bit windows in IIS 32-bit mode

    - by DrFredEdison
    I have a server running Windows 2003 64-bit, that runs IIS in 32-bit mode. I have a COM object that was registered using the following command: C:\WINDOWS\microsoft.net\Framework\v2.0.50727>regasm D:\Path\To\MyDll.dll /tlb:MyTLB.tlb /codebase When I create the object via ASP I get: Server object error 'ASP 0177 : 8000ffff' Server.CreateObject Failed /includes/a_URLFilter.asp, line 19 8000ffff When I create the object in a vbs script and use the 32-bit version of cscript (in \Windows\syswow64) it works fine. I've checked permissions on the DLL, and the IUSR has Read/Execute. Even if I add the IUSR to the Administrators group, I get the same error. This is the log from ProcessMonitor filtering for the path of my dll (annotated with my actions): [Stop IIS] 1:56:30.0891918 PM w3wp.exe 4088 CloseFile D:\Path\To\MyDll.dll SUCCESS [Start IIS] [Refresh ASP page that uses DLL] 1:56:42.7825154 PM w3wp.exe 2196 QueryOpen D:\Path\To\MyDll.dll SUCCESS CreationTime: 8/19/2009 1:11:17 PM, LastAccessTime: 8/19/2009 1:30:26 PM, LastWriteTime: 8/18/2009 12:09:33 PM, ChangeTime: 8/19/2009 1:22:02 PM, AllocationSize: 20,480, EndOfFile: 20,480, FileAttributes: A 1:56:42.7825972 PM w3wp.exe 2196 QueryOpen D:\Path\To\MyDll.dll SUCCESS CreationTime: 8/19/2009 1:11:17 PM, LastAccessTime: 8/19/2009 1:30:26 PM, LastWriteTime: 8/18/2009 12:09:33 PM, ChangeTime: 8/19/2009 1:22:02 PM, AllocationSize: 20,480, EndOfFile: 20,480, FileAttributes: A 1:56:42.7826961 PM w3wp.exe 2196 CreateFile D:\Path\To\MyDll.dll SUCCESS Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Delete, AllocationSize: n/a, Impersonating: SERVER2\IUSR_SERVER2, OpenResult: Opened 1:56:42.7827194 PM w3wp.exe 2196 CreateFileMapping D:\Path\To\MyDll.dll SUCCESS SyncType: SyncTypeCreateSection, PageProtection: 1:56:42.7827546 PM w3wp.exe 2196 CreateFileMapping D:\Path\To\MyDll.dll SUCCESS SyncType: SyncTypeOther 1:56:42.7829130 PM w3wp.exe 2196 Load Image D:\Path\To\MyDll.dll SUCCESS Image Base: 0x6350000, Image Size: 0x8000 1:56:42.7830590 PM w3wp.exe 2196 Load Image D:\Path\To\MyDll.dll SUCCESS Image Base: 0x6360000, Image Size: 0x8000 1:56:42.7838855 PM w3wp.exe 2196 CreateFile D:\Webspace\SecurityDll\bin SUCCESS Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, Impersonating: SERVER2\IUSR_SERVER2, OpenResult: Opened 1:56:42.7839081 PM w3wp.exe 2196 QueryDirectory D:\Path\To\MyDll.INI NO SUCH FILE Filter: SecurityDll.INI 1:56:42.7839281 PM w3wp.exe 2196 CloseFile D:\Webspace\SecurityDll\bin SUCCESS [Refresh ASP page that uses DLL] [Refresh ASP page that uses DLL] [Refresh ASP page that uses DLL] This dll works fine on other servers, running 32-bit windows. I can't think of anything else that would make this work. Any suggestions? UPDATE The .dll is not in the GAC, it is compiled as 32-bit, and is Strongly signed.

    Read the article

  • Setting up a transparent SSL proxy

    - by badunk
    I've got a linux box set up with 2 network cards to inspect traffic going through port 80. One card is used to go out to the internet, the other one is hooked up to a networking switch. The point is to be able to inspect all HTTP and HTTPS traffic on devices hooked up to that switch for debugging purposes. I've written the following rules for iptables: nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.2.1:1337 -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 1337 -A POSTROUTING -s 192.168.2.0/24 -o eth0 -j MASQUERADE On 192.168.2.1:1337, I've got a transparent http proxy using Charles (http://www.charlesproxy.com/) for recording. Everything's fine for port 80, but when I add similar rules for port 443 (SSL) pointing to port 1337, I get an error about invalid message through Charles. I've used SSL proxying on the same computer before with Charles (http://www.charlesproxy.com/documentation/proxying/ssl-proxying/), but have been unsuccessful with doing it transparently for some reason. Some resources I've googled say its not possible - I'm willing to accept that as an answer if someone can explain why. As a note, I have full access to the described set up including all the clients hooked up to the subnet - so I can accept self-signed certs by Charles. The solution doesn't have to be Charles-specific since in theory, any transparent proxy will do. Thanks! Edit: After playing with it a little, I was able to get it working for a specific host. When I modify my iptables to the following (and open 1338 in charles for reverse proxy): nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.2.1:1337 -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 1337 -A PREROUTING -i eth1 -p tcp -m tcp --dport 443 -j DNAT --to-destination 192.168.2.1:1338 -A PREROUTING -i eth1 -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 1338 -A POSTROUTING -s 192.168.2.0/24 -o eth0 -j MASQUERADE I am able to get a response, but with no destination host. In the reverse proxy, if I just specify that everything from 1338 goes to a specific host that I wanted to hit, it performs the hand shake properly and I can turn on SSL proxying to inspect the communication. The setup is less than ideal because I don't want to assume everything from 1338 goes to that host - any idea why the destination host is being stripped? Thanks again

    Read the article

  • Persuading openldap to work with SSL on Ubuntu with cn=config

    - by Roger
    I simply cannot get this (TLS connection to openldap) to work and would appreciate some assistance. I have a working openldap server on ubuntu 10.04 LTS, it is configured to use cn=config and most of the info I can find for TLS seems to use the older slapd.conf file :-( I've been largely following the instructions here https://help.ubuntu.com/10.04/serverguide/C/openldap-server.html plus stuff I've read here and elsewhere - which of course could be part of the problem as I don't totally understand all of this yet! I have created an ssl.ldif file as follows; dn:cn=config add: olcTLSCipherSuite olcTLSCipherSuite: TLSV1+RSA:!NULL add: olcTLSCRLCheck olcTLSCRLCheck: none add: olcTLSVerifyClient olcTLSVerifyClient: never add: olcTLSCACertificateFile olcTLSCACertificateFile: /etc/ssl/certs/ldap_cacert.pem add: olcTLSCertificateFile olcTLSCertificateFile: /etc/ssl/certs/my.domain.com_slapd_cert.pem add: olcTLSCertificateKeyFile olcTLSCertificateKeyFile: /etc/ssl/private/my.domain.com_slapd_key.pem and I import it using the following command line ldapmodify -x -D cn=admin,dc=mydomain,dc=com -W -f ssl.ldif I have edited /etc/default/slapd so that it has the following services line; SLAPD_SERVICES="ldap:/// ldapi:/// ldaps:///" And everytime I'm making a change, I'm restarting slapd with /etc/init.d/slapd restart The following command line to test out the non TLS connection works fine; ldapsearch -d 9 -D cn=admin,dc=mydomain,dc=com -w mypassword \ -b dc=mydomain,dc=com -H "ldap://mydomain.com" "cn=roger*" But when I switch to ldaps using this command line; ldapsearch -d 9 -D cn=admin,dc=mydomain,dc=com -w mypassword \ -b dc=mydomain,dc=com -H "ldaps://mydomain.com" "cn=roger*" This is what I get; ldap_url_parse_ext(ldaps://mydomain.com) ldap_create ldap_url_parse_ext(ldaps://mydomain.com:636/??base) ldap_sasl_bind ldap_send_initial_request ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_host: TCP mydomain.com:636 ldap_new_socket: 3 ldap_prepare_socket: 3 ldap_connect_to_host: Trying 127.0.0.1:636 ldap_pvt_connect: fd: 3 tm: -1 async: 0 TLS: can't connect: A TLS packet with unexpected length was received.. ldap_err2string ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1) Now if I check netstat -al I can see; tcp 0 0 *:www *:* LISTEN tcp 0 0 *:ssh *:* LISTEN tcp 0 0 *:https *:* LISTEN tcp 0 0 *:ldaps *:* LISTEN tcp 0 0 *:ldap *:* LISTEN I'm not sure if this is significant as well ... I suspect it is; openssl s_client -connect mydomain.com:636 -showcerts CONNECTED(00000003) 916:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188: I think I've made all my certificates etc OK and here are the results of some checks; If I do this; certtool -e --infile /etc/ssl/certs/ldap_cacert.pem I get Chain verification output: Verified. certtool -e --infile /etc/ssl/certs/mydomain.com_slapd_cert.pem Gives "certtool: the last certificate is not self signed" but it otherwise seems OK? Where have I gone wrong? Surely getting openldap to run securely on ubuntu should be easy and not require a degree in rocket science! Any ideas?

    Read the article

  • WinXP - Having trouble sharing internet with 3G USB modem via ICS

    - by Carlos Nunez
    all! I've been banging my head against a wall with this issue for a few days now and am hoping someone can help out. I recently signed up for T-Mobile's webConnect 3G/4G service to replace the faltering (and slow) DSL connection in my apartment. The goal was to put the SIM in one of my old phones and use its built-in WLAN tethering feature to share Internet out to rest of my computers. I quickly found out that webConnect-provisioned SIMs do not work with regular smartphones, so I was forced to either buy a 4G-compatible router or tether one of my old laptops to my wireless router and share out that way. I chose the latter, and it's sharpening my inner masochistic self by the day. Here's the setup: GSM USB modem (via hub), ICS host - 10/100 Mbps Ethernet NIC, ICS "guest" - WAN port of my SMC WGBR14N wireless router in bridged mode (i.e. wireless access point). Ideally, this would make my laptop the DHCP server and internet gateway with the WAP giving everyone wireless coverage. I can browse internet on the host laptop fine. However, when clients try to connect, they get a DHCP-assigned IP from the laptop and are able to use the Internet for a few minutes before completely dying. After that happens, they are able to re-associate with the WAP and get IP addresses, but are unable to use Internet or resolve IP addresses until the laptop and router are restarted. If they do get access, it's very, very slow. After running Wireshark on the host machine, it turns out that this is because every TCP connection keeps getting RST. DNS seems to work. I would normally think the firewall is the culprit here, but when it drops packets, it drops them completely. The fact that TCP connections are being ACK'ed by the destination rules that out. Of course, none of the event Log isn't saying anything about what's going on. I also tried disabling power management on the NIC, since that's caused problems in the past; that didn't help either. I finally disabled receive-side scaling as per a Microsoft KB (that applied to Windows Server 2003, SP2) to no avail. I'm thinking of trying it with a different NIC (will be tough; don't have a spare Ethernet NIC around for the laptop), but I'm getting the impression that this simply doesn't work. Can anyone please advise? I apologise for the length of this post; all contributions are much appreciated! -Carlos.

    Read the article

  • Mercurial browser on Windows 2003 takes several refreshes before displaying repositories

    - by Tim Murphy
    When attempt to browse my Mercurial repositories it usually takes several refreshes before the repository list is displayed. The configuration is as follows: Windows Server 2003 (Dedicated machine hosted by http://www.server4you.com/. Site has anonymous password protection with self-signed SSL. Mercurial 1.5.3 Python 2.6.5 Python for Windows 32 extensions 214 py2.6 isapi-wsgi 0.4.2 The repositories are being served via ISAPI using the standard hgwebdir_wspi.py file (copy to follow). Other problems with the repository server: Before doing a clone/push/etc I have to browse the repositories first otherwise hg on my local machine can not locate the site. I have one a repository with a large changeset that after a minute or so throw error "abort: error: An existing connection was forcibly closed by the remote host". Will be asking another question for this problem. What can I do to start tracking down this problem? hgwebdir_wsgi.py # Configuration file location hgweb_config = r'C:\Public\Mercurial\WebSite\hgweb.config' # Global settings for IIS path translation path_strip = 0 # Strip this many path elements off (when using url rewrite) path_prefix = 0 # This many path elements are prefixes (depends on the # virtual path of the IIS application). import sys # Adjust python path if this is not a system-wide install #sys.path.insert(0, r'c:\path\to\python\lib') # Enable tracing. Run 'python -m win32traceutil' to debug if hasattr(sys, 'isapidllhandle'): import win32traceutil # To serve pages in local charset instead of UTF-8, remove the two lines below import os os.environ['HGENCODING'] = 'UTF-8' import isapi_wsgi from mercurial import demandimport; demandimport.enable() from mercurial.hgweb.hgwebdir_mod import hgwebdir # Example tweak: Replace isapi_wsgi's handler to provide better error message # Other stuff could also be done here, like logging errors etc. class WsgiHandler(isapi_wsgi.IsapiWsgiHandler): error_status = '500 Internal Server Error' # less silly error message isapi_wsgi.IsapiWsgiHandler = WsgiHandler # Only create the hgwebdir instance once application = hgwebdir(hgweb_config) def handler(environ, start_response): # Translate IIS's weird URLs url = environ['SCRIPT_NAME'] + environ['PATH_INFO'] paths = url[1:].split('/')[path_strip:] script_name = '/' + '/'.join(paths[:path_prefix]) path_info = '/'.join(paths[path_prefix:]) if path_info: path_info = '/' + path_info environ['SCRIPT_NAME'] = script_name environ['PATH_INFO'] = path_info return application(environ, start_response) def __ExtensionFactory__(): return isapi_wsgi.ISAPISimpleHandler(handler) if __name__=='__main__': from isapi.install import * params = ISAPIParameters() HandleCommandLine(params) hgweb.config [paths] / = C:\Public\Mercurial\Repositories\* [web] allow_archive = bz2 gz zip ; Allows archive downloads. allow_push = ######## ; Users that are allowed to push.

    Read the article

  • Can't get virtual desktops to show up on RDWeb for Server 2012 R2

    - by Scott Chamberlain
    I built a test lab using the Windows Server 2012 R2 Preview. The initial test lab has the following configuration (I have replaced our name with "OurCompanyName" because I would like it if Google searches for our name did not cause people to come to this site, please do the same in any responses) Physical hardware running Windows Server 2012 R2 Preview full GUI, acting as Hyper-V host (joined to the test domain as testVwHost.testVw.OurCompanyName.com) with the following VM's running on it VM running 2012 R2 Core acting as domain controller for the forest testVw.OurCompanyName.com (testDC.testVw.OurCompanyName.com) VM running 2012 R2 Core with nothing running on it joined to the test domain as testIIS.testVw.OurCompanyName.com A clean install of Windows 7, all that was done to it was all windows updates where loaded and sysprep /generalize /oobe /shutdown /mode:vm was run on it A clean install of Windows 8, all that was done to it was all windows updates where loaded and sysprep /generalize /oobe /shutdown /mode:vm was run on it I then ran "Add Roles and Features" from testVwHost and chose the "Remote Desktop Services Installation", "Standard Deployment", "Virtual machine-based desktop deployment". I choose testIIS for the roles "RD Connection Broker" and "RD Web Access" and testVwHost as "RD Virtualization Host" The Install of the roles went fine, I then went to Remote Desktop Services in server manager and wet to setup Deployment Properties. I set the certificate for all 3 roles to our certificate signed by a CA for *.OurCompanyName.com. I then created a new Virtual Desktop Collection for Windows 7 and Windows 8 and both where created without issue. On the Windows 7 pool I added RemoteApp to launch WordPad, For windows 8 I did not add any RemoteApp programs. Everything now appears to be fine from a setup perspective however if I go to https://testIIS.testVw.OurCompanyName.com/RDWeb and log in as the use Administrator (or any orher user) I don't see the virtual desktops I created nor the RemoteApp publishing of WordPad. I tried adding a licensing server, using testDC as the server but that made no difference. What step did I miss in setting this up that is causing this not to show up on RDWeb? If any additional information is needed pleas let me know. I have tried every possible thing I can think of and I am just groping around in the dark now. The virtual machines running on testVwHost The configuration screen for RD Services The Windows 7 Pool The Windows 8 Pool This is logged in as testVw\Administrator

    Read the article

  • SSL certificate for Oracle Application Server 11g

    - by Easter Sunshine
    I was asked to get an SSL certificate for an "Oracle Application Server 11g" which has a soon-to-expire certificate. Brushing aside the fact that 10g seems to be the newest version, I got a certificate from InCommon, as I usually do without problem (except this is the first time I supplied Oracle Application Server 11g as the software type on the CSR form). On the email containing links to download the certificate, it mentioned: Certificate Details: SSL Type : InCommon SSL Server : OTHER I forwarded the email over to the person responsible for installing it and got a reply that the server type must be Oracle Application Server for the certificate to work (the CN is the same as before). They were unable to install this certificate (no details provided to me) and mentioned they had this issue previously with Thawte when they didn't supply Oracle Application Server as the server type. I don't see any significant difference between the currently installed certificate (working) and the new one I just got signed by InCommon (not working). $ openssl x509 -in sso-current.cer -text shows, with irrelevant information ommitted. Data: Version: 3 (0x2) Signature Algorithm: sha1WithRSAEncryption Issuer: C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA/[email protected] Validity Not Before: Oct 1 00:00:00 2009 GMT Not After : Nov 28 23:59:59 2012 GMT Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:FALSE X509v3 CRL Distribution Points: Full Name: URI:http://crl.thawte.com/ThawteServerPremiumCA.crl X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication Authority Information Access: OCSP - URI:http://ocsp.thawte.com Signature Algorithm: sha1WithRSAEncryption and $ openssl x509 -in sso-new.cer -text shows Data: Version: 3 (0x2) Signature Algorithm: sha1WithRSAEncryption Issuer: C=US, O=Internet2, OU=InCommon, CN=InCommon Server CA Validity Not Before: Nov 8 00:00:00 2012 GMT Not After : Nov 8 23:59:59 2014 GMT Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Authority Key Identifier: keyid:48:4F:5A:FA:2F:4A:9A:5E:E0:50:F3:6B:7B:55:A5:DE:F5:BE:34:5D X509v3 Subject Key Identifier: 18:8D:F6:F5:87:4D:C4:08:7B:2B:3F:02:A1:C7:AC:6D:A7:90:93:02 X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Certificate Policies: Policy: 1.3.6.1.4.1.5923.1.4.3.1.1 CPS: https://www.incommon.org/cert/repository/cps_ssl.pdf X509v3 CRL Distribution Points: Full Name: URI:http://crl.incommon.org/InCommonServerCA.crl Authority Information Access: CA Issuers - URI:http://cert.incommon.org/InCommonServerCA.crt OCSP - URI:http://ocsp.incommon.org Nothing jumps out at me as the reason one would not work so I don't have a specific request for the signer for what to do differently when re-signing.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 44 45 46 47 48 49 50 51 52 53 54 55  | Next Page >