Search Results

Search found 1925 results on 77 pages for 'auth'.

Page 50/77 | < Previous Page | 46 47 48 49 50 51 52 53 54 55 56 57  | Next Page >

  • How to make a post request with REQUESTS package for Python?

    - by jorrebor
    I am trying to use the toggl api. I use Requests instead of Urllib2 for doing my GETs en POSTS. But i am stuck. payload = { "project":{ "name":"Another Project", "billable":False, "workspace":{ "Name":"jorrebor's workspace", "id":213272 }, "automatically_calculate_estimated_workhours":False } } url = "https://www.toggl.com/api/v6/projects.json" r = requests.post(url, data=json.dumps(payload), auth=HTTPBasicAuth('[email protected]', 'mypassword')) Authentication seems to be fine, but the payload format probably isn't. a curl command with the same parameters: curl -v -u heremytoken:api_token -H "Content-type: application/json" -d "{\"project\":{\"billable\":true,\"workspace\":{\"id\":213272},\"name\":\"Another project\",\"automatically_calculate_estimated_workhours\":false}}" -X POST https://www.toggl.com/api/v6/projects.json does work fine. What wrong with my payload? The response is get is: ["Name can't be blank","Workspace can't be blank"] which leads me to conclude that the authentication works but toggl cannot read my json object.

    Read the article

  • Flex: Result event multiple times

    - by Tom
    Hello everybody!! I am trying to learn Flex and now i have the next code: http://pastebin.com/rZwxF7w1 This code is for my login component. I want to get a special string for encrypting my password. This string is given by my authservice. But when i login i get a multiple times a alert with Done(line 69 in the pastebin code or line 4 in the code on the bottom of this question). But i want that it shows one single time. Does someone know what is wrong with this code? Tom protected function tryLogin():void { encryptStringResult.addEventListener('result', function(event:ResultEvent):void { var encryptString:String = event.result.toString(); Alert.show('Done'); }); encryptStringResult.token = auth.getEncryptString(); }

    Read the article

  • Django Per-site caching using memcached

    - by Paul
    Hi, So I'm using per-site caching on a project and I've observed the following, which is kind of confusing. When I load a flat page in my browser then change it through admin and then do a refresh (within the cache timeout) there is no change in the page--as expected. However when I stat a new session in a different browser and load the page (still within the timeout) the app is hit instead of the cache, with the Isn't the cache key generated from the URL? it seems that the session state is getting in there somewhere, which is causing a cache miss. Any ideas? thanks MIDDLEWARE_CLASSES = ( 'django.middleware.cache.UpdateCacheMiddleware', 'django.middleware.common.CommonMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.middleware.gzip.GZipMiddleware', 'django.middleware.http.ConditionalGetMiddleware', 'django.middleware.doc.XViewMiddleware', 'ittybitty.middleware.IttyBittyURLMiddleware', 'django.contrib.flatpages.middleware.FlatpageFallbackMiddleware', 'maintenancemode.middleware.MaintenanceModeMiddleware', 'djangodblog.middleware.DBLogMiddleware', 'SSL.middleware.SSLRedirect', #SSL middleware to handle SSL 'django.middleware.cache.FetchFromCacheMiddleware', )

    Read the article

  • bad request error 400 while using python requests.post function

    - by Toussah
    I'm trying to make a simple post request via the requests library of Python and I get a bad request error (400) while my url is supposedly correct since I can use it to perform a get. I'm very new in REST requests, I read many tutorials and documentation but I guess there are still things I don't get so my error could be basic. Maybe a lack of understanding on the type of url I'm supposed to send via POST. Here my code : import requests v_username = "username" v_password = "password" v_headers = {'content-type':'application/rdf+xml'} url = 'https://my.url' params = {'param': 'val_param'} payload = {'data': 'my_data'} r = requests.post(url, params = params, auth=(v_username, v_password), data=payload, headers=v_headers, verify=False) print r I used the example of the requests documentation.

    Read the article

  • Django ORM QuerySet intersection by a field

    - by Sri Raghavan
    These are the (pseudo) models I've got. Blog: name etc... Article: name blog creator etc User (as per django.contrib.auth) So my problem is this: I've got two users. I want to get all of the articles that the two users published on the same blog (no matter which blog). I can't simply filter the Article model by both users, because that would yield the set of Articles created by both users. Obviously not what I want. but can I filter somehow to get all of the articles where a field of the object matches between the two querysets?

    Read the article

  • Open Id XRDS Discovery

    - by Asciant
    I am working with Open Id, just playing around making a class to interact / auth Open Id's on my site (in PHP). I know there are a few other Libraries (like RPX), but I want to use my own (its good to keep help better understand the protocol and whether its right for me). The question I have relates to the Open Id discovery sequence. Basically I have reached the point where I am looking at using the XRDS doc to get the local identity (openid.identity) from the claimed identity (openid.claimed_id). My question is, do I have to make a cURL request to get the XRDS Location (X-XRDS-location) and then make another cURL request to get the actual XRDS doc?? It seems like with a DUMB request I only make one cURL request and get the Open Id Server, but have to make two to use the XRDS Smart method. Just doesn't seem right, can anyone else give me some info.

    Read the article

  • Django syncdb not making tables for my app

    - by Rosarch
    It used to work, and now it doesn't. python manage.py syncdb no longer makes tables for my app. From settings.py: INSTALLED_APPS = ( 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.sites', 'mysite.myapp', 'django.contrib.admin', ) What could I be doing wrong? The break appeared to coincide with editing this model in models.py, but that could be total coincidence. I commented out the lines I changed, and it still doesn't work. class MyUser(models.Model): user = models.ForeignKey(User, unique=True) takingReqSets = models.ManyToManyField(RequirementSet, blank=True) takingTerms = models.ManyToManyField(Term, blank=True) takingCourses = models.ManyToManyField(Course, through=TakingCourse, blank=True) school = models.ForeignKey(School) # minCreditsPerTerm = models.IntegerField(blank=True) # maxCreditsPerTerm = models.IntegerField(blank=True) # optimalCreditsPerTerm = models.IntegerField(blank=True) UPDATE: When I run python manage.py loadddata initial_data, it gives an error: DeserializationError: Invalid model identifier: myapp.SomeModel Loading this data had worked fine before. This error is thrown on the very first data object in the data file.

    Read the article

  • asp:Login control requests

    - by Dean
    Hi All, ran into an issue, we are using webforms with a site with this dir structure: root: / secure : /securepages/ we only want users who are logged in to access /securepages/. currently we are using the login control, 3.5, forms auth, all is working ok but know we have thrown assl cert into the mix and the issue is that the login control is requesting WebResource.axd?d=XukT0PE1PS-iOKw3RT8Z6g2&t=633834231612265882 from the non secure url e.g. ht tp://www.mysite.com/WebResource.axd?d=XukT0PE1PS-iOKw3RT8Z6g2&t=633834231612265882 . This causes the browser to prompt the user to download unsecure content. I am using some redirecting in the global.asax to handle redirection to https://xx xxxlogin.aspx if login.aspx it requested from http://. thanks

    Read the article

  • django objects.all() method issue

    - by xlione
    after I saved one item using MyModelClass.save() method of django in one view/page , at another view I use MyModelClass.objects.all() to list all items in MyModelClass but the newly added one always is missing at the new page. i am using django 1.1 i am using mysql middleware setting MIDDLEWARE_CLASSES = ( 'django.middleware.common.CommonMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.middleware.locale.LocaleMiddleware', ) my model: class Company(models.Model): name = models.CharField(max_length=500) description = models.CharField(max_length=500,null=True) addcompany view def addcompany(request): if request.POST: form = AddCompanyForm(request.POST) if form.is_valid(): companyname = form.cleaned_data['companyname'] c = Company(name=companyname,description='description') c.save() return HttpResponseRedirect('/admins/') else: form = AddCompanyForm() return render_to_response('user/addcompany.html',{'form':form},context_instance=RequestContext(request)) after this page in another view i called this form in another view class CompanyForm(forms.Form): companies=((0,' '),) for o in CcicCompany.objects.all(): x=o.id,o.name companies+=(x,) company = forms.ChoiceField(choices=companies,label='Company Name') to list all companies but the recently added one is missing. The transaction should be successful, since after i do a apache server reboot , i can see the newly added company name Thanks for any help...

    Read the article

  • Problems with contenttypes when loading a fixture in Django

    - by gerdemb
    I am having trouble loading Django fixtures into my MySQL database because of contenttypes conflicts. First I tried dumping the data from only my app like this: ./manage.py dumpdata escola > fixture.json but I kept getting missing foreign key problems, because my app "escola" uses tables from other applications. I kept adding additional apps until I got to this: ./manage.py dumpdata contenttypes auth escola > fixture.json Now the problem is the following constraint violation when I try to load the data as a test fixture: IntegrityError: (1062, "Duplicate entry 'escola-t23aluno' for key 2") It seems the problem is that Django is trying to dynamically recreate contenttypes with different primary key values that conflict with the primary key values from the fixture. This appears to be the same as bug documented here: http://code.djangoproject.com/ticket/7052 The problem is that the recommended workaround is to dump the contenttypes app which I'm already doing!? What gives? If it makes any difference I do have some custom model permissions as documented here: http://docs.djangoproject.com/en/dev/ref/models/options/#permissions

    Read the article

  • Facebook Javascript SDK: First time logging in

    - by Brandon
    I'm currently integrating Facebook with my website using the Javascript SDK. I've got the login portion working well. The only thing I'm trying to figure out is if there is a way to tell if it was the first time the user logged into my website using their Facebook credientials. I tried subscribing to auth.login, but that didn't seem to have any information about that. Is there a flag anywhere that lets me know this? Or another way to go about looking this up? I realize I could do some server side code, but I'd prefer to stay away from that if possible. Thanks in advance, Brandon

    Read the article

  • Integrate openid4java to GWT Project

    - by Slyker
    Hi, I created an GWT project in eclipse. Now I tried to implement openId with using the openid4java library. I imported the .jar files via properties--java build path: openid4java-0.9.5.jar lib/*.jar In addition I copied the .jar files into the war/WEB-INF/lib directory. The problem at hand comes up when I call the authenticate() method. Then I get a: HTTP ERROR 500 Problem accessing /openid/openid. Reason: access denied (java.lang.RuntimePermission modifyThreadGroup)Caused by:java.security.AccessControlException: access denied (java.lang.RuntimePermission modifyThreadGroup) at java.security.AccessControlContext.checkPermission(Unknown Source) at java.security.AccessController.checkPermission(Unknown Source) at java.lang.SecurityManager.checkPermission(Unknown Source) at com.google.appengine.tools.development.DevAppServerFactory$CustomSecurityManager.checkPermission(DevAppServerFactory.java:166) at com.google.appengine.tools.development.DevAppServerFactory$CustomSecurityManager.checkAccess(DevAppServerFactory.java:191) at java.lang.ThreadGroup.checkAccess(Unknown Source) at java.lang.Thread.init(Unknown Source) at java.lang.Thread.<init>(Unknown Source) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$ReferenceQueueThread.<init>(MultiThreadedHttpConnectionManager.java:1039) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.storeReferenceToConnection(MultiThreadedHttpConnectionManager.java:164) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.access$900(MultiThreadedHttpConnectionManager.java:64) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$ConnectionPool.createConnection(MultiThreadedHttpConnectionManager.java:750) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.doGetConnection(MultiThreadedHttpConnectionManager.java:469) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.getConnectionWithTimeout(MultiThreadedHttpConnectionManager.java:394) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:152) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:396) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:324) at org.openid4java.util.HttpCache.head(HttpCache.java:296) at org.openid4java.discovery.yadis.YadisResolver.retrieveXrdsLocation(YadisResolver.java:360) at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:229) at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:221) at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:179) at org.openid4java.discovery.Discovery.discover(Discovery.java:134) at org.openid4java.discovery.Discovery.discover(Discovery.java:114) at org.openid4java.consumer.ConsumerManager.discover(ConsumerManager.java:527) at auth.openid.server.OpenIDServlet.authenticate(OpenIDServlet.java:138) at auth.openid.server.OpenIDServlet.doGet(OpenIDServlet.java:101) at javax.servlet.http.HttpServlet.service(HttpServlet.java:693) at javax.servlet.http.HttpServlet.service(HttpServlet.java:806) at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1166) at com.google.appengine.api.blobstore.dev.ServeBlobFilter.doFilter(ServeBlobFilter.java:51) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157) at com.google.apphosting.utils.servlet.TransactionCleanupFilter.doFilter(TransactionCleanupFilter.java:43) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157) at com.google.appengine.tools.development.StaticFileFilter.doFilter(StaticFileFilter.java:122) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157) at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:388) at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216) at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182) at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765) at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:418) at com.google.apphosting.utils.jetty.DevAppEngineWebAppContext.handle(DevAppEngineWebAppContext.java:70) at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152) at com.google.appengine.tools.development.JettyContainerService$ApiProxyHandler.handle(JettyContainerService.java:349) at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152) at org.mortbay.jetty.Server.handle(Server.java:326) at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542) at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:923) at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:547) at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:212) at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404) at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:409) at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582) Here my servlet source: import com.google.gwt.user.client.rpc.RemoteService; import org.openid4java.OpenIDException; import org.openid4java.consumer.ConsumerException; import org.openid4java.consumer.ConsumerManager; import org.openid4java.consumer.VerificationResult; import org.openid4java.discovery.DiscoveryInformation; import org.openid4java.discovery.Identifier; import org.openid4java.message.AuthRequest; import org.openid4java.message.ParameterList; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.text.MessageFormat; import java.util.List; public final class OpenIDServlet extends HttpServlet implements RemoteService { private final ConsumerManager manager; public OpenIDServlet() { try { manager = new ConsumerManager(); } catch (ConsumerException e) { throw new RuntimeException("Error creating consumer manager", e); } } ... private void authenticate(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { final String loginString = request.getParameter(nameParameter); try { // perform discovery on the user-supplied identifier List discoveries = manager.discover(loginString); // attempt to associate with the OpenID provider // and retrieve one service endpoint for authentication DiscoveryInformation discovered = manager.associate(discoveries); // obtain a AuthRequest message to be sent to the OpenID provider AuthRequest authReq = manager.authenticate(discovered, "openid", null); // redirect to OpenID for authentication response.sendRedirect(authReq.getDestinationUrl(true)); } catch (OpenIDException e) { throw new ServletException("Login string probably caused an error. loginString = " + loginString, e); } } My question now is: What could be my fault? Did I make any mistakes in importing the openid4java library? (which?) All other methods in the servlet which do not use the openid4java implementation work fine. Thanks, Andreas

    Read the article

  • php proxy to local mercurial server

    - by naugtur
    I was wondering is it possible to create a php proxy to a server that listens onlu locally so that the php gateway is public and it directs everything to the server listening on localhost. This server would be mercurial's hg serve that listens only on 127.0.0.1 and php will do the authentication. Do You think it's possible to do? Anybody has an idea how to make a general proxy in php so that not only http get works, but also hg push? I know there are ways to host mercurial repo with auth, but it's on a plug computer and I don't have a lot of space for more apps etc.

    Read the article

  • How do I check out Eclipse projects from CVS using the command line

    - by Jeff James
    Hi. I'm trying to check out the Mylyn project from Eclipse. However, I can't use Eclipse to check out the projects and am having to do it via the command line. I'm behind a firewall so am basing my attempt on http://wiki.eclipse.org/CVS_Howto#CVS_and_firewalls. I'm not very familiar with CVS. When I run my CVS command, it fails to connect: cvs -td :pserver:[email protected]:443/cvsroot/tools checkout mylyn -> main: Session ID is w4PO5KiMwQmaD6uu -> main loop with CVSROOT=/cvsroot/tools -> safe_location( where=(null) ) -> open_connection_to_server (:pserver:[email protected]:443/cvsroot/tools) -> Connecting to proxy.eclipse.org(206.191.52.48):443. cvs [checkout aborted]: unrecognized auth response from proxy.eclipse.org: SSH-1.99-OpenSSH_4.2 Can anyone tell me what I'm doing wrong? Thanks

    Read the article

  • Goolge App Engine authorization with Google Apps Domain

    - by Ron
    I have successfully followed the examples to gain an AuthSub token to authorize my application to have access to the user's Google Calendar. I have added the domain parameter to the method gdata.auth.generate_auth_sub_url so that the application is authenticated against a Google Apps Domain user. The app is then installed in one of our test domains. This is working fine, however, each user in the domain has to go through the authorization process. In other Marketplace Apps that I have tried, this authorization is done once for the whole domain when the app is installed. How is this achieved?

    Read the article

  • Talking to an Authentication Server

    - by Kyle Terry
    I'm building my startup and I'm thinking ahead for shared use of services. So far I want to allow people who have a user account on one app to be able to use the same user account on another app. This means I will have to build an authentication server. I would like some opinions on how to allow an app to talk to the authentication server. Should I use curl? Should I use Python's http libs? All the code will be in Python. All it's going to do is ask the authentication server if the person is allowed to use that app and the auth server will return a JSON user object. All authorization (roles and resources) will be app independent, so this app will not have to handle that. Sorry if this seems a bit newbish; this is the first time I have separated authentication from the actual application.

    Read the article

  • Oracle Application Server 10.1.3.5 Security issue.

    - by Marius Bogdan IONESCU
    Hello! we are tying to port a J2EE app from OAS 9.0.4 (working perfectly) on OAS 10.1.3.5 the reson we do that is because we need the app compiled with java 1.5 and OAS 10.1.3.5 would be the single major version supporting that binaries which has oc4j/orion kernel. The issue is that the security constraints in matter of user/group/role are not read by the app server, and instead of asking for these sets of users, i have to use the oc4jadmin instead the selected users for auth. All xml files needed for describing these sets of rules are being checked with the OAS book, and it seems they are correctly filled in... anybody has an idea about this?

    Read the article

  • WCF REST based services authentication schemes

    - by FlySwat
    I have a simple authentication scheme for a set of semi-public REST API's we are building: /-----------------------\ | Client POST's ID/Pass | | to an Auth Service | \-----------------------/ [Client] ------------POST----------------------> [Service/Authenticate] | /-------------------------------\ | Service checks credentials | [Client] <---------Session Cookie------- | and generates a session token | | | in a cookie. | | \-------------------------------/ | [Client] -----------GET /w Cookie -------------> [Service/Something] | /----------------------------------\ | Client must pass session cookie | | with each API request | | or will get a 401. | \----------------------------------/ This works well, because the client never needs to do anything except receive a cookie, and then pass it along. For browser applications, this happens automatically by the browser, for non browser applications, it is pretty trivial to save the cookie and send it with each request. However, I have not figured out a good approach for doing the initial handshake from browser applications. For example, if this is all happening using a AJAX technique, what prevents the user from being able to access the ID/Pass the client is using to handshake with the service? It seem's like this is the only stumbling block to this approach and I'm stumped.

    Read the article

  • How do i use repoze.who?

    - by misterwebz
    I'm having some trouble understanding how repoze.who works. I've followed a tutorial i found by searching on google and here's what i already have: This is what i added in my middleware.py file from repoze.who.config import make_middleware_with_config as make_who_with_config app = make_who_with_config(app, global_conf, app_conf['who.config_file'], app_conf['who.log_file'], app_conf['who.log_level']) Here's the who.ini : http://pastebin.com/w5Tba2Fp Here's repoze_auth.py in /lib/auth/: from paste.httpexceptions import HTTPFound from iwant.model import User class UserModelPlugin(object): def authenticate(self, environ, identity): try: username = identity['login'] password = identity['password'] except KeyError: return None success = User.authenticate(username, password) return success def add_metadata(self, environ, identity): username = identity.get('repoze.who.userid') user = User.get(username) if user is not None: identity['user'] = user I've also checked the plugins in the repoze.who folder, but i failed to understand how it's supposed to be used. I'd appreciate it if someone would push me in the right direction.

    Read the article

  • How to receive userinfo with google adwords api libraries

    - by PatrickvKleef
    I'm using the Google Adwords API libraries and I would like to receive the userinfo of the logged in user. I added the userinfo scope as followed: googleAdwordsUser = new AdWordsUser(); string oauth_callback_url = HttpContext.Current.Request.Url.GetLeftPart(UriPartial.Path); googleAdwordsUser.OAuthProvider = new AdsOAuthNetProvider("https://adwords-sandbox.google.com/api/adwords/ https://www.googleapis.com/auth/userinfo.email", oauth_callback_url, Session.SessionID); When the callback url is called, I'm trying to get the users emailaddress, but it isn't working, the error 'The remote server returned an error: (401) Unauthorized.' is thrown. string url = @"https://www.googleapis.com/oauth2/v2/userinfo?access_token=" + token; HttpWebRequest objRequest = (HttpWebRequest)WebRequest.Create(url); objRequest.Method = "GET"; HttpWebResponse objResponse = (HttpWebResponse)objRequest.GetResponse(); string result = string.Empty; using (StreamReader sr = new StreamReader(objResponse.GetResponseStream())) { result = sr.ReadToEnd(); } Does somebody knows how to fix this? Thanks.

    Read the article

  • Returning a DOM element with Webdriver in Javascript

    - by ehmicky
    How do I return a DOM Element with Webdriver in Javascript? I am using the wd.js Javascript bindings: require("wd") .remote("promiseChain") .init() .get("http://www.google.com") .elementById("mngb") .then(function(element) { console.log(element); }); I am getting this weird object that is not a standard DOM Element (for example I cannot get the HTML code out of it): { value: '0', browser: { domain: null, _events: {}, _maxListeners: 10, configUrl: { protocol: 'http:', slashes: true, auth: null, host: '127.0.0.1:4444', port: '4444', hostname: '127.0.0.1', hash: null, search: '', query: {}, pathname: '/wd/hub', path: '/wd/hub', href: 'http://127.0.0.1:4444/wd/hub' }, sauceRestRoot: 'https://saucelabs.com/rest/v1', noAuthConfigUrl: { protocol: 'http:', slashes: true, host: '127.0.0.1:4444', port: '4444', hostname: '127.0.0.1', hash: null, search: null, query: null, pathname: '/wd/hub', path: '/wd/hub', href: 'http://127.0.0.1:4444/wd/hub' }, defaultCapabilities: { browserName: 'firefox', version: '', javascriptEnabled: true, platform: 'ANY' }, _httpConfig: { timeout: undefined, retries: 3, retryDelay: 15, baseUrl: undefined }, sampleElement: { value: 1, browser: [Circular] }, sessionID: '238c9837-3d82-4d90-9594-cefb4ba8e6b9' } }

    Read the article

  • Gmail rejects emails. Openspf.net fails the tests

    - by pablomedok
    I've got a problem with Gmail. It started after one of our trojan infected PCs sent spam for one day from our IP address. We've fixed the problem, but we got into 3 black lists. We've fixed that, too. But still every time we send an email to Gmail the message is rejected: So I've checked Google Bulk Sender's guide once again and found an error in our SPF record and fixed it. Google says everything should become fine after some time, but this doesn't happen. 3 weeks already passed but we still can't send emails to Gmail. Our MX setup is a bit complex, but not too much: We have a domain name delo-company.com, it has it's own mail @delo-company.com (this one is fine, but the problems are with sub-domain name corp.delo-company.com). Delo-company.com domain has several DNS records for the subdomain: corp A 82.209.198.147 corp MX 20 corp.delo-company.com corp.delo-company.com TXT "v=spf1 ip4:82.209.198.147 ~all" (I set ~all for testing purposes only, it was -all before that) These records are for our corporate Exchange 2003 server at 82.209.198.147. Its LAN name is s2.corp.delo-company.com so its HELO/EHLO greetings are also s2.corp.delo-company.com. To pass EHLO check we've also created some records in delo-company.com's DNS: s2.corp A 82.209.198.147 s2.corp.delo-company.com TXT "v=spf1 ip4:82.209.198.147 ~all" As I understand SPF verifications should be passed in this way: Out server s2 connects to MX of the recepient (Rcp.MX): EHLO s2.corp.delo-company.com Rcp.MX says Ok, and makes SPF check of HELO/EHLO. It does NSlookup for s2.corp.delo-company.com and gets the above DNS-records. TXT records says that s2.corp.delo-company.com should be only from IP 82.209.198.147. So it should be passed. Then our s2 server says RCPT FROM: Rcp.MX` server checks it, too. The values are the same so they should also be positive. Maybe there is also a rDNS check, but I'm not sure what is checked HELO or RCPT FROM. Our PTR record for 82.209.198.147 is: 147.198.209.82.in-addr.arpa. 86400 IN PTR s2.corp.delo-company.com. To me everything looks fine, but anyway all emails are rejected by Gmail. So, I've checked MXtoolbox.com - it says everything is fine, I passed http://www.kitterman.com/spf/validate.html Python check, I did 25port.com email test. It's fine, too: Return-Path: <[email protected]> Received: from s2.corp.delo-company.com (82.209.198.147) by verifier.port25.com id ha45na11u9cs for <[email protected]>; Fri, 2 Mar 2012 13:03:21 -0500 (envelope-from <[email protected]>) Authentication-Results: verifier.port25.com; spf=pass [email protected] Authentication-Results: verifier.port25.com; domainkeys=neutral (message not signed) [email protected] Authentication-Results: verifier.port25.com; dkim=neutral (message not signed) Authentication-Results: verifier.port25.com; sender-id=pass [email protected] Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01CCF89E.BE02A069" Subject: test Date: Fri, 2 Mar 2012 21:03:15 +0300 X-MimeOLE: Produced By Microsoft Exchange V6.5 Message-ID: <[email protected]> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: test Thread-Index: Acz4jS34oznvbyFQR4S5rXsNQFvTdg== From: =?koi8-r?B?89XQ0tXOwMsg8MHXxcw=?= <[email protected]> To: <[email protected]> I also checked with [email protected], but it FAILs all the time, no matter which SPF records I make: <s2.corp.delo-company.com #5.7.1 smtp;550 5.7.1 <[email protected]>: Recipient address rejected: SPF Tests: Mail-From Result="softfail": Mail From="[email protected]" HELO name="s2.corp.delo-company.com" HELO Result="softfail" Remote IP="82.209.198.147"> I've filled Gmail form twice, but nothing happens. We do not send spam, only emails for our clients. 2 or 3 times we did mass emails (like New Year Greetings and sales promos) from corp.delo-company.com addresses, but they where all complying to Gmail Bulk Sender's Guide (I mean SPF, Open Relays, Precedence: Bulk and Unsubscribe tags). So, this should be not a problem. Please, help me. What am I doing wrong? UPD: I also tried Unlocktheinbox.com test and the server also fails this test. Here is the result: http://bit.ly/wYr39h . Here is one more http://bit.ly/ypWLjr I also tried to send email from that server manually via telnet and everything is fine. Here is what I type: 220 mx.google.com ESMTP g15si4811326anb.170 HELO s2.corp.delo-company.com 250 mx.google.com at your service MAIL FROM: <[email protected]> 250 2.1.0 OK g15si4811326anb.170 RCPT TO: <[email protected]> 250 2.1.5 OK g15si4811326anb.170 DATA 354 Go ahead g15si4811326anb.170 From: [email protected] To: Pavel <[email protected]> Subject: Test 28 This is telnet test . 250 2.0.0 OK 1330795021 g15si4811326anb.170 QUIT 221 2.0.0 closing connection g15si4811326anb.170 And this is what I get: Delivered-To: [email protected] Received: by 10.227.132.73 with SMTP id a9csp96864wbt; Sat, 3 Mar 2012 09:17:02 -0800 (PST) Received: by 10.101.128.12 with SMTP id f12mr4837125ann.49.1330795021572; Sat, 03 Mar 2012 09:17:01 -0800 (PST) Return-Path: <[email protected]> Received: from s2.corp.delo-company.com (s2.corp.delo-company.com. [82.209.198.147]) by mx.google.com with SMTP id g15si4811326anb.170.2012.03.03.09.15.59; Sat, 03 Mar 2012 09:17:00 -0800 (PST) Received-SPF: pass (google.com: domain of [email protected] designates 82.209.198.147 as permitted sender) client-ip=82.209.198.147; Authentication-Results: mx.google.com; spf=pass (google.com: domain of [email protected] designates 82.209.198.147 as permitted sender) [email protected] Date: Sat, 03 Mar 2012 09:17:00 -0800 (PST) Message-Id: <[email protected]> From: [email protected] To: Pavel <[email protected]> Subject: Test 28 This is telnet test

    Read the article

  • Django, Redirecting staff from login to the admin site.

    - by Francisco Gomez
    So my site basically has 2 kinds of ways to login, one of them is for the common users, who get the regular screen that asks them for username and password, the other way its for staff. The staff login should redirect them to the admin site after logging in, but for some reason the redirect doesnt happen, it stays on the same login page. I use this condition on the login view. if user is not None and user.is_active and user.is_staff: auth.login(request,user) return HttpResponseRedirect("/admin/") The admin site its up and running in my url configuration and everything, but i dont know if this is the correct way to redirect to the admin site already on session. Thanks, any help would be appreciated.

    Read the article

  • Should I distinguish OpenIDs based on protocol prefix or not? http vs https

    - by Joannes Vermorel
    I have implemented a straightforward OpenID support for my ASP.NET app with DotNetOpenAuth. Yet I recently realized that the implementation was treating http://johndoe.example.com/ as a distinct user compared to https://johndoe.example.com. This lead to quite a few confused users. I am unsure what to do at this point. Is this a bug or a feature? Indeed, I can consider this behavior as a feature: if the user specifies the HTTPS, the user might not want the system to accept HTTP auth in the first place. On the other hand: if the user specifies HTTPS out of sheer cluelessness (the casual web visitor is clueless concerning the purpose of the "S" part), then rejecting it's authentication attempt is confusing. What is considered as the best practice?

    Read the article

  • Replay attacks for HTTPS requests

    - by MatthewMartin
    Let's say a security tester uses a proxy, say Fiddler, and records an HTTPS request using the administrator's credentials-- on replay of the entire request (including session and auth cookies) the security tester is able to succesfully (re)record transactions. The claim is that this is a sign of a CSRF vulnerability. What would a malicious user have to do to intercept the HTTPS request and replay it? It this a task for script kiddies, well funded military hacking teams or time-traveling-alien technology? Is it really so easy to record the SSL sessions of users and replay them before the tickets expire? No code in the application currently does anything interesting on HTTP GET, so AFAIK, tricking the admin into clicking a link or loading a image with a malicious URL isn't an issue.

    Read the article

< Previous Page | 46 47 48 49 50 51 52 53 54 55 56 57  | Next Page >