Search Results

Search found 54190 results on 2168 pages for 'http authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 5/2168 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • What HTTP redirect status should I use to link offsite?

    - by Matthew Scharley
    While randomly browsing my website via Google, I noticed that it was showing up remote redirects as local files. Now this can be both good and bad, but I'm wondering how can I fix this so it doesn't happen? I'm currently using PHP and header('Location: ... which sends a 302 redirect. Looking over the list of HTTP status codes, I'd take a guess that I should be using 303 redirects to redirect offsite. Is anyone able to help me here, and either confirm/deny this, or tell me what I should be doing instead? Obviously, due to me not being able to tell Google to reindex my site on command, there's issues with being able to test this myself...

    Read the article

  • ASP.Net: HTTP 400 Bad Request error when trying to process http://localhost:5957/http://yahoo.com

    - by mat3
    I'm trying to create something similar to the diggbar : http://digg.com/http://cnn.com I'm using Visual Studio 2010 and Asp Development server. However, I can't get the ASP dev server to handle the request because it contains "http:" in the path. I've tried to create an HTTPModule to rewrite the URL in the BeginRequest , but the event handler doesn't get called when the url is http://localhost:5957/http://yahoo.com. The event handler does get called if the url is http://localhost:5957/http/yahoo.com To summarize http://localhost:5957/http/yahoo.com works http://localhost:5957/http//yahoo.com does not work http://localhost:5957/http://yahoo.com does not work http://localhost:5957/http:/yahoo.com does not work Any ideas?

    Read the article

  • Log in using Java where server's authentication could be sso or web applcation container's basic

    - by Ed
    Hi, I have a situation where ideally I want to be able to log-in to a secure area using a Java application. I would like to make an HTTP request and check the response to see if I need to do some kind of authenication before I can actually get the response expected, instead of effectively some login page. The complication is that the server that responds will not always be the same - the user of the Java app specifies the URL - and the server may be using some kind of single sign on authentication or the web container's. I don't know the field names for the username and password fields or the action of the form, is there a simple way to obtain this kind of information from the URL? I see the URLConnection object has methods getPermission() which has a method getActions() but are not suitable, anything that might be? I guess example things I am looking to determine: Does the response require authentication? If so; what type / which servlet? e.g. j_security_check, josso single sign on, ... And then some way of authenticating the client And finally managing the state of the authenticated user for other requests Do I need to know the attributes of the login form before attemping to login? And then, is the onoly way of verifying permission to the requested resource to manually manage the cookies? Thanks in advance.

    Read the article

  • Sending basic authentication information via form

    - by VolatileStorm
    I am working on a site that currently uses a basic authentication dialog box login system, that is the type of dialog that you get if you go here: http://www.dur.ac.uk/vm.boatclub/password/index.php I did not set this system up and am not in a position to easily/quickly work around it, but it DOES work. The issue however is that the dialog box is not very helpful in telling you what login information you have to use (that is which username and password combination), and so I would like to replace it with a form. I had been thinking that this wasn't possible but I wanted to ask in order to find out. Is it possible to set up an HTML form that sends the data to the server such that it accepts it in the same way that it would using this dialog box? Alternatively is it possible to set up a PHP script that would take normal form data and process it somehow passing it to the server such that it logs in? Edit: After being told that this is basic authentication I went around and have managed to find a way that works and keeps the user persistently logged in. However, this does not work in internet explorer. The solution was simply to redirect the user to: http://username:[email protected]/vm.boatclub/password/index.php But Internet Explorer removed it due to phishing uses about 3 years ago. Is there a way to use javascript to get the browser to access the site in this way? Or will I have to simply change my UI?

    Read the article

  • Amazon S3 Tips: Quickly Add/Modify HTTP Headers To All Files Recursively

    - by Gopinath
    Amazon S3 is an dead cheap cloud storage service that offers unlimited storage in pay as you use model. Recently we moved all the images and other static files(scripts & css) of Tech Dreams to Amazon S3 to reduce load on VPS server. Amazon S3 is cheap, but monthly bill will shoot up if images/static files of the blog are not cached properly (more details). By adding caching HTTP Headers Cache-Control or Expires to all the files hosted on Amazon S3 we reduced the monthly bills and also load time of blog pages. Lets see how to add custom headers to files stored on Amazon S3 service. Updating HTTP Headers of one file at a time The web interface of Amazon S3 Management console allows adding custom HTTP headers to one file at a time  through “Properties”  window (to access properties, right on a file and select Properties menu). So if you have to add headers to 100s of files then this is not the way to go! Updating HTTP Headers of multiple files of a folder recursively To update HTTP headers of multiple files in a folder recursively, we can use CloudBerry Explorer freeware or Bucket Explorer trail ware applications. CloudBerry is my favourite as it’s a freeware and also it’s has excellent interface to access Amazon S3 from desktops. Adding HTTP Headers with CloudBerry application is straight forward – right click on the required folders and choose the option “Set HTTP Headers”. Download CloudBerry Explorer This article titled,Amazon S3 Tips: Quickly Add/Modify HTTP Headers To All Files Recursively, was originally published at Tech Dreams. Grab our rss feed or fan us on Facebook to get updates from us.

    Read the article

  • Preserving case in HTTP headers with Ruby's Net:HTTP

    - by emh
    Although the HTTP spec says that headers are case insensitive; Paypal, with their new adaptive payments API require their headers to be case-sensitive. Using the paypal adaptive payments extension for ActiveMerchant (http://github.com/lamp/paypal_adaptive_gateway) it seems that although the headers are set in all caps, they are sent in mixed case. Here is the code that sends the HTTP request: headers = { "X-PAYPAL-REQUEST-DATA-FORMAT" => "XML", "X-PAYPAL-RESPONSE-DATA-FORMAT" => "JSON", "X-PAYPAL-SECURITY-USERID" => @config[:login], "X-PAYPAL-SECURITY-PASSWORD" => @config[:password], "X-PAYPAL-SECURITY-SIGNATURE" => @config[:signature], "X-PAYPAL-APPLICATION-ID" => @config[:appid] } build_url action request = Net::HTTP::Post.new(@url.path) request.body = @xml headers.each_pair { |k,v| request[k] = v } request.content_type = 'text/xml' proxy = Net::HTTP::Proxy("127.0.0.1", "60723") server = proxy.new(@url.host, 443) server.use_ssl = true server.start { |http| http.request(request) }.body (i added the proxy line so i could see what was going on with Charles - http://www.charlesproxy.com/) When I look at the request headers in charles, this is what i see: X-Paypal-Application-Id ... X-Paypal-Security-Password... X-Paypal-Security-Signature ... X-Paypal-Security-Userid ... X-Paypal-Request-Data-Format XML X-Paypal-Response-Data-Format JSON Accept */* Content-Type text/xml Content-Length 522 Host svcs.sandbox.paypal.com I verified that it is not Charles doing the case conversion by running a similar request using curl. In that test the case was preserved.

    Read the article

  • Securing ASP.Net Pages - Forms Authentication - C# and .Net 4

    - by SAMIR BHOGAYTA
    ASP.Net has a built-in feature named Forms Authentication that allows a developer to easily secure certain areas of a web site. In this post I'm going to build a simple authentication sample using C# and ASP.Net 4.0 (still in beta as of the posting date). Security settings with ASP.Net is configured from within the web.config file. This is a standard ASCII file, with an XML format, that is located in the root of your web application. Here is a sample web.config file: configuration system.web authenticationmode="Forms" formsname="TestAuthCookie"loginUrl="login.aspx"timeout="30" credentialspasswordFormat="Clear" username="user1"password="pass1"/ username="user2"password="pass2"/ authorization denyusers="?"/ compilationtargetFramework="4.0"/ pagescontrolRenderingCompatibilityVersion="3.5"clientIDMode="AutoID"/ Here is the complete source of the sample login.aspx page: div Username: asp:TextBox ID="txtUsername" runat="server":TextBox Password: asp:TextBox ID="txtPassword" runat="server":TextBox asp:Button ID="Button1" runat="server" onclick="Button1_Click" Text="Login" / asp:Label ID="lblStatus" runat="server" Text="Please login":Label /div And here is the complete source of the login.aspx.cs file: using System; using System.Web.UI.WebControls; using System.Web.Security; public partial class Default3 : System.Web.UI.Page { protected void Button1_Click(object sender, EventArgs e) { if (FormsAuthentication.Authenticate(txtUsername.Text, txtPassword.Text)) { lblStatus.Text = ("Welcome " + txtUsername.Text); FormsAuthentication.RedirectFromLoginPage(txtUsername.Text, true); } else { lblStatus.Text = "Invalid login!"; } } }

    Read the article

  • Is this a secure solution for RESTful authentication?

    - by Chad Johnson
    I need to quickly implement a RESTful authentication system for my JavaScript application to use. I think I understand how it should work, but I just want to double check. Here's what I'm thinking -- what do you guys think? Database schema users id : integer first_name : varchar(50) last_name : varchar(50) password : varchar(32) (MD5 hashed) etc. user_authentications id : integer user_id : integer auth_token : varchar(32) (AES encrypted, with keys outside database) access_token : varchar(32) (AES encrypted, with keys outside database) active : boolean Steps The following happens over SSL. I'm using Sinatra for the API. JavaScript requests authentication via POST to /users/auth/token. The /users/auth/token API method generates an auth_token hash, creates a record in user_authentications, and returns auth_token. JavaScript hashes the user's password and then salts it with auth_token -- SHA(access_token + MD5(password)) POST the user's username and hashed+salted password to /users/auth/authenticate. The /users/auth/authenticate API method will verify that SHA(AES.decrypt(access_token) + user.password) == what was received via POST. The /users/auth/authenticate will generate, AES encrypt, store, and return an access token if verification is successful; otherwise, it will return 401 Unauthorized. For any future requests against the API, JavaScript will include access_token, and the API will find the user account based on that.

    Read the article

  • Squid 3 and Internet Explorer 11 with authentication

    - by StBlade
    Need some help. My college has up until now been running Squid 3 on Ubuntu 12.02 and now 14.04 successfully. That was till recently. Our WSUS server is dishing out updates to all our workstations of which Internet Explorer 11 is one of them. Now all of a sudden users do not need to authenticate via the squid proxy to be able to use the internet. This makes it rather difficult as I also use SARG to generate usage logs for all users each day. All our workstations also have Chrome on them, and Chrome authenticates fine via the Squid proxy. Doing a couple of Googles, I ran into and article, where someone made mention that Microsoft has deprecated digest and basic authentication from IE 11. Reason was given that Office 2013 was giving problems as it was not giving the popup screen for authentication when Office tries to download templates from the internet. I have run into this problem, but by setting those sites to not authenticate via squid fixed the problem. Has anyone else run into something similiar? Would changing to NTLM or Kereberos be a solution?

    Read the article

  • Authentication system brainstorm

    - by gansbrest
    Hi. We got multiple small websites (microsites) and one main high traffic one with big users base. Right now the requirement is to build authentication system which should allow users to loign with the same identity across the network. All website are running on different domains, powered by Drupal 6 CMS and have separate databases (so sharing tables with prefix is not an option + it creates a huge mess in the db). Here is the set of core requirements I came up with: Users should be able to login with the same credentials to all sites within the network User’s data sharing between Main site (storage) and all micro sites within the network Data synchronization across the network when user changes the data (update email or password for example) The login/registration process should be seamless and consistent Register on any of the sites across the network and use that identity to login later on. In the future there might be a need to add openid authentication options. Basically we are looking at something similar stackexchange does, but not sure if they have central users base on not. I was thinking about custom solution which will include 2 parts (modules), one will be stored on the Main site for users data storing and responding to requests from clients. Second part (module) will be placed on each microsite, which is going to send requests to the Master. Some kind of client - server setup. One of the complications I see right away is #3. Data Synhcronization across the network. I just don't want to reinvent the wheel and maybe some work is already done in this direction. Looking forward to your ideas on how to approach this project. EDIT: We use MySQL database

    Read the article

  • Password not working for sudo ("Authentication failure")

    - by Souta
    Before I mention anything further, DO NOT give me a response saying that terminal won't show password input. I'm AWARE of that. I'm typing my user password in (not a capslock issue), and for some reason it still says 'Authentication Failure'. Is there some other password (one I'm not aware of) I'm supposed to be using other than my user password? I've had this ubuntu before, on another hard drive and I didn't have this problem. (And it was the same ubuntu, ubuntu 12.04 LTS) ai@AiNekoYokai:~$ groups ai adm cdrom sudo dip plugdev lpadmin sambashare ai@AiNekoYokai:~$ lsb_release -rd Description: Ubuntu 12.04 LTS Release: 12.04 ai@AiNekoYokai:~$ pkexec cat /etc/sudoers # # This file MUST be edited with the 'visudo' command as root. # # Please consider adding local content in /etc/sudoers.d/ instead of # directly modifying this file. # # See the man page for details on how to write a sudoers file. # Defaults env_reset Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" # Host alias specification # User alias specification # Cmnd alias specification # User privilege specification root ALL=(ALL:ALL) ALL # Members of the admin group may gain root privileges %admin ALL=(ALL) ALL # Allow members of group sudo to execute any command %sudo ALL=(ALL:ALL) ALL # See sudoers(5) for more information on "#include" directives: #includedir /etc/sudoers.d I can log in with my password, but it's not accepted as valid for authentication <-- That is pretty much my issue. (Although, I haven't gone into recovery mode.) I've ran: ai@AiNekoYokai:~$ ls /etc/sudoers.d README And also reinstalled sudo with: pkexec apt-get update pkexec apt-get --purge --reinstall install sudo pkexec usermod -a -G admin $USER <- Says admin does not exist su $USER <- worked for me, however, my password still does not do much (in sense of not working for other things) I changed my password with pkexec passwd $USER. I was able to change it no problem. gksudo xclock was something I was able to get into, no problem. (Clock showed) ai@AiNekoYokai:~$ gksudo xclock

    Read the article

  • Spring security ldap authentication with different ldap for authorities

    - by wuntee
    I am trying to set up an ldap authentication context where the authorities is a separate ldap instance (with the same principal name). I am having trouble setting up the authentication part, the logs dont show any search results for the following context. Can anyone see what I am doing wrong? <beans:bean id="ldapAuthProvider" class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider"> <beans:constructor-arg> <beans:bean class="org.springframework.security.ldap.authentication.BindAuthenticator"> <beans:constructor-arg ref="adContextSource" /> <beans:property name="userSearch"> <beans:bean class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch"> <beans:constructor-arg index="0" value=""/> <beans:constructor-arg index="1" value="(samaccountname={0})"/> <beans:constructor-arg index="2" ref="adContextSource" /> <beans:property name="searchSubtree" value="true" /> <beans:property name="returningAttributes"> <beans:list> <beans:value>DN</beans:value> </beans:list> </beans:property> </beans:bean> </beans:property> </beans:bean> </beans:constructor-arg> <beans:constructor-arg> <beans:bean class="org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator"> <beans:constructor-arg ref="cadaContextSource" /> <beans:constructor-arg value="ou=groups" /> <beans:property name="groupRoleAttribute" value="cn" /> </beans:bean> </beans:constructor-arg> </beans:bean> The logs simply show this when trying to authenticate: [DEBUG,UsernamePasswordAuthenticationFilter] Request is to process authentication [DEBUG,ProviderManager] Authentication attempt using org.springframework.security.ldap.authentication.LdapAuthenticationProvider [DEBUG,LdapAuthenticationProvider] Processing authentication request for user: wuntee [DEBUG,FilterBasedLdapUserSearch] Searching for user 'wuntee', with user search [ searchFilter: '(samaccountname={0})', searchBase: '', scope: subtree, searchTimeLimit: 0, derefLinkFlag: false ] [DEBUG,AbstractContextSource] Got Ldap context on server 'ldap://adapps.cable.comcast.com:3268/dc=comcast,dc=com/dc=comcast,dc=com' [DEBUG,XmlWebApplicationContext] Publishing event in Root WebApplicationContext: org.springframework.security.authentication.event.AuthenticationFailureServiceExceptionEvent[source=org.springframework.security.authentication.UsernamePasswordAuthenticationToken@b777617d: Principal: wuntee; Password: [PROTECTED]; Authenticated: false; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@12afc: RemoteIpAddress: 127.0.0.1; SessionId: 191F70ED4E8351F8638868C34C6A076A; Not granted any authorities] [DEBUG,DefaultListableBeanFactory] Returning cached instance of singleton bean 'org.springframework.security.core.session.SessionRegistryImpl#0' [DEBUG,UsernamePasswordAuthenticationFilter] Authentication request failed: org.springframework.security.authentication.AuthenticationServiceException: Failed to parse DN; nested exception is org.springframework.ldap.core.TokenMgrError: Lexical error at line 1, column 21. Encountered: "=" (61), after : "" [DEBUG,UsernamePasswordAuthenticationFilter] Updated SecurityContextHolder to contain null Authentication [DEBUG,UsernamePasswordAuthenticationFilter] Delegating to authentication failure handlerorg.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler@28651c

    Read the article

  • Basic HTTP Authentication using Obj C and Xcode.

    - by Kristiaan
    Hi Everyone, I am hoping someone can help me with a question i have relating to Basic HTTP Authentication in an Xcode 2.3 application. Basically i have a PHP page that is on our server and when called with certain parameters returns data relating to the servers condition etc. i have managed to get a small Xcode application working where by it reads the data from the page and populates an NSTextView with the data. however to make sure this information stays safe i have setup basic HTTP Authentication on the page, but i cannot work out how to provide the username and password in XCode. here is my code to retrieve the page. NSURL *url = [NSURL URLWithString:@"http://www.google.com"]; NSString *content = [NSString stringWIthContentsOfUrl:url]; [myTextView setString:content]; i am still at a very basic beginner level regarding xcode and obj c, so nice simple examples of how i go about this would really be appreciated. Thanks Kris

    Read the article

  • WCF client using basic HTTP authentication

    - by AZ
    I'm trying to connect to a service that uses basic HTTP authentication. I've configured my binding like this <bindings> <basicHttpBinding> <binding name ="binding"> <security mode="TransportCredentialOnly"> <transport clientCredentialType="Basic"/> </security> </binding> </basicHttpBinding> </bindings> and i'm setting the credentials like this: client.ClientCredentials.UserName.UserName = Settings.UserName; client.ClientCredentials.UserName.Password = Settings.Password; Sill when i make a request i get a "The HTTP request is unauthorized with client authentication scheme 'Basic'" fault back. What am i doing wrong? (i don't have control over the service so all solutions must relate to the client configuration)

    Read the article

  • HTTP 2.0 : Microsoft propose « HTTP Speed+Mobility » pour augmenter la vitesse du Web

    HTTP 2.0 : Microsoft propose « HTTP Speed+Mobility » pour augmenter la vitesse du Web Microsoft veut augmenter la vitesse du Web et propose à L'IETF, Internet Engineering Task Force, l'organisme chargé de la standardisation de l'internet, des éléments pour le protocole HTTP 2.0. Après Google avec son projet SPDY ayant pour objectif de doubler la vitesse du Web en apportant des ajustements au protocole HTTP par une couche supérieure, c'est au tour de la firme de Redmond de montrer son intérêt pour l'avenir du Web. Dans un billet de blog publié récemment, la firme présente sa proposition ?HTTP Speed+Mobility? qui sera soumise au groupe de travail HTTPbis.

    Read the article

  • OpenId ASP MVC Authentication with long expiry

    - by Khash
    Stackoverflow uses OpenId as many other websites. However, I rarely need to provide my OpenId to Stackoverflow while with other OpenId enabled websites, I have to do it once a day or week. This suggests to me that the expiry of the session is with the website and not the OpenId provider. Looking at the DotNetOpenId code in ASP MVC, I can see that after a successful authentication by the OpenId provider FormsAuthentication.SetAuthCookie is called with the identifier and a boolean parameter to determine if the cookie should be persisted. How can I force this cookie to expire, say in 2020 instead of whatever the default value is.

    Read the article

  • How should an API use http basic authentication

    - by user1626384
    When an API requires that a client authenticates to it, i've seen two different scenarios used and I am wondering which case I should use for my situation. Example 1. An API is offered by a company to allow third parties to authenticate with a token and secret using HTTP Basic. Example 2. An API accepts a username and password via HTTP Basic to authenticate an end user. Generally they get a token back for future requests. My Setup: I will have an JSON API that I use as my backend for a mobile and web app. It seems like good practice for both the mobile and web app to send along a token and secret so only these two apps can access the API blocking any other third party. But the mobile and web app allow users to login and submit posts, view their data, etc. So I would want them to login via HTTP Basic as well on each request. Do I somehow use a combination of both these methods or only send the end user credentials (username and token) on each request? If I only send the end user credentials, do I store them in a cookie on the client?

    Read the article

  • Can the authentication box appear earlier after startup?

    - by John
    I'd expected the authentication "Enter your password" box to appear and need to be answered before any applications would run after startup - rather like Windows demands a password first - but it seems to be quite an unrushed process. CAN it be persuaded to get going more briskly ? (I'm usually about to respond to a new email before it interrupts me after starting Linux from scratch :) (I'm quite new to Linux: I'm on Ubuntu 12.04 LTS)

    Read the article

  • Ubuntu One Client 3.02 for windows - Authentication Failure signing in with existing account

    - by steigerj
    I have logged into ubuntu one using a browser successfully. But using the very same login email address and password in the windows client 3.02 gets me an 'authentication failed' message. I am 100% sure I used the same email address and password. My password does not contain any non-ascii characters. Someone suggested to use an older version of the client. Where could i possibly download a complete installer?

    Read the article

  • Silverlight RIA Services - how to do Windows Authentication?

    - by Gustavo Cavalcanti
    I am building my first Silverlight 3 + RI Services application and need some help. It will be deployed in an controlled corporate intranet, 100% windows clients. I have started from the Silverlight Business Application template. These are my requirements: Upon launch the application needs to recognize the currently logged-in user. The application needs to have access to other properties of the user in AD, such as email, full name, and group membership. Group membership is used to grand certain features in the application. A "login as a different user" link is to be always available - Some machines are available throughout the enterprise, logged-in as a certain generic user (verified by the absence of certain membership groups). In this case one can enter credentials and log in (impersonate) to the application as a user different from the one already logged-into the machine. This user is to be used in service calls I have modified the following in the default Business Application template: App.xaml: appsvc:WindowsAuthentication instead of the default FormsAuthentication Web.config: authentication mode="Windows" With these modifications I resolve requirement #1 (get the currently logged-in user). But when I examine RiaContext.Current.User, I don't have access to other properties from AD, such as group memberships. How can I achieve my other requirements? Thanks for your help.

    Read the article

  • Accessing a web service and a HTTP interface using certificate authentication

    - by ADC
    It is the first time I have to use certificate authentication. A commercial partner expose two services, a XML Web Service and a HTTP service. I have to access both of them with .NET clients. What I have tried 0. Setting up the environment I have installed the SSLCACertificates (on root and two intermediate) and the client certificate in my local machine (win 7 professional) using certmgr.exe. 1. For the web service I have the client certificate (der). The service will be consumed via a .NET proxy. Here's the code: OrderWSService proxy = new OrderWSService(); string CertFile = "ClientCert_DER.cer"; proxy.ClientCertificates.Add(new System.Security.Cryptography.X509Certificates.X509Certificate(CertFile)); orderTrackingTO ot = new orderTrackingTO() { order_id = "80", tracking_id = "82", status = stateOrderType.IN_PREPARATION }; resultResponseTO res = proxy.insertOrderTracking(ot); Exception reported at last statement: The request failed with an empty response. 2. For the HTTP interface it is a HTTPS interface I have to call through POST method. The HTTPS request will be send from a .NET client using HTTPWebRequest. Here's the code: string PostData = "MyPostData"; //setting the request HttpWebRequest req; req = (HttpWebRequest)HttpWebRequest.Create(url); req.UserAgent = "MyUserAgent"; req.Method = "POST"; req.ContentType = "application/x-www-form-urlencoded"; req.ClientCertificates.Add(new System.Security.Cryptography.X509Certificates.X509Certificate(CertFile, "MyPassword")); //setting the request content byte[] byteArray = Encoding.UTF8.GetBytes(PostData); Stream dataStream = req.GetRequestStream(); dataStream.Write(byteArray, 0, byteArray.Length); dataStream.Close(); //obtaining the response WebResponse res = req.GetResponse(); r = new StreamReader(res.GetResponseStream()); Exception reported at last statement: The request was aborted: Could not create SSL/TLS secure channel. 3. Last try: using the browser In Chrome, after installing the certificates, if I try to access both urls I get a 107 error: Error 107 (net::ERR_SSL_PROTOCOL_ERROR) I am stuck.

    Read the article

  • Lots of http HEAD requests originating from porn sites

    - by Don Corley
    My access log on my web server has a ton of http HEAD requests coming from porn sites. What are HEAD requests and are they doing something bad with my site? Here is an excerpt from my log: (valid request) 96.251.177.249 - - [02/Jan/2011:23:42:25 -0800] "POST /ajax HTTP/1.1" 200 0 "http://www.mywebsite.com/abc.html" "Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/534.7 (KHTML, like Gecko) Chrome/7.0.517.44 Safari/534.7" 80.153.114.208 - - [02/Jan/2011:23:43:11 -0800] "HEAD / HTTP/1.0" 302 185 "http://www.somepornsite.com" "Mozilla/5.0 (X11; U; Linux i686; it-IT; rv:1.9.0.2) Gecko/2008092313 Ubuntu/9.25 (jaunty) Firefox/3.8" 80.153.114.208 - - [02/Jan/2011:23:43:11 -0800] "HEAD /tourappxsl HTTP/1.0" 200 16871 "http://www.somepornsite.com" "Mozilla/5.0 (X11; U; Linux i686; it-IT; rv:1.9.0.2) Gecko/2008092313 Ubuntu/9.25 (jaunty) Firefox/3.8" I changed only the web addresses in this log. Thanks for any ideas, Don

    Read the article

  • Mod Rewrite - directing HTTP/HTTPS traffic to the appropriate virtual hosts

    - by kce
    I have an Apache2 web server (v. 2.2.16) running on Debian hosting three virtual hosts. The first two hosts are HTTP only (server1 and server2). The last host is HTTPS only (server3). My virtual host configuration files can be found at pastebin. I would like to use mod rewrite to get the following behavior: Any request for http://server3 is re-directed to https://server3 Any request for either https://server1 or https://server2 is re-directed to http://server1 or http://server2 as appropriate. Currently, requesting http://server3 gives you a 403 because indexing is disabled for that host and a request for https://server1 or https://server2 will resolve as https://server3 (as its the only virtual host running SSL). This behavior is not desirable. So far I have added a rewrite rule to the central configuration file (myServerWideConfs.conf), with unfortunately no effect. I was under the impression that this rule (or something similar) should rewrite all https:// requests for server1 and server2 to the proper http:// request. RewriteEngine On RewriteCond %{HTTP_HOST} !^server3 [NC] RewriteRule (.*) http://%{HTTP_HOST} My question is two-fold: What mod rewrite rules should I use to accomplish this? And where should they go? Debian's packaging of Apache has a pretty granular (i.e., fractured) configuration file layout; should my rewrite rules go in /etc/apache2/apache2.conf, /etc/apache2/conf.d/myServerWideConfs.conf, or the individual virtual host files? Is mod rewrite the right tool to accomplish this or am I missing something in my greater apache configuration?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >