Search Results

Search found 54190 results on 2168 pages for 'http authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 55/2168 | < Previous Page | 51 52 53 54 55 56 57 58 59 60 61 62  | Next Page >

  • Why does a Non-existant page returns 302 status when using a custom 404 page in asp.net

    - by webdevbytes
    I have setup custom 404 page custom404.aspx that returns a 404 Not Found error correctly, however the non-existant page that was initially requested returns a 302 Found status. So when I test thispagedoesnotexist.aspx, it returns a 302 Found then the custom404.aspx loads and returns a 404 Not Found status. I want to make sure that search spiders/bots understand that the requested page does not exist and should not show up in any search results. Is this the case? Cheers

    Read the article

  • nginx multiple domain virtual host configuration

    - by Poe
    I'm setting up nginx with multiple domain or wildcard support for convenience sake, rather than setting up 50+ different sites-available/* files. Hopefully this is enough to show you what I'm trying to do. Some are static sites, some are dynamic with usually wordpress installed. If an index.php exists, everything works as expected. If a file is requested that does not exist (missing.html), a 500 error is given due to the rewrite. The logged error is: *112 rewrite or internal redirection cycle while processing "/index.php/index.php/index.php/index.php/index.php/index.php/index.php/index.php/index.php/index.php/index.php/missing.html" The basic nginx configuration I'm currently using is: ` listen 80 default; server _; ... location / { root /var/www/$host; if (-f $request_filename) { expires max; break; } # problem, what if index.php does not exist? if (!-e $request_filename) { rewrite ^/(.*)$ /index.php/$1 last; } } ... ` If an index.php does not exist, and the file also does not exist, I would like it to error 404. Currently, nginx does not support multiple condition if's or nested if so I need a workaround.

    Read the article

  • Why would certain browsers request all pages on my ASP.Net Web site twice?

    - by Deane
    Firefox is issuing duplicate requests to my ASP.Net web site. It will request a page, get the response, then immediately issue the same request again (well, almost the same -- see below). This happens on every page of this particular Web site (but not any others). IE does not do this, but Chrome also does this. I have confirmed that there is no Location header in the response, and no Javascript or meta tag in the page which would cause the page to be re-requested (if any of these were true, IE would be re-requesting pages as well). I have confirmed this behavior on multiple Firefox installs on multiple machines. Versions vary, but all are 3.x. The only difference between the two requests is the Accepts header. For the first request, it looks like this: Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 For the second request, it looks like this: Accept: */* The Content-Type response header in all cases is: Content-Type: text/html; charset=utf-8 Something else odd -- even though Firefox requests the page twice, it uses the first response and discards the second. I put a counter on a page that increments with every request. I can watch the responses come back (via the Charles proxy). Firefox will get a "1" the first time, and a "2" the second time. Yet it will display the "1," for some reason. Chrome exhibits this exact same behavior. I suspect it's a protocol-level issue, given the difference in Accepts header, but I've never seen this before.

    Read the article

  • Proper status codes for JSON responses to Ajax calls?

    - by anonymous coward
    My project is returning JSON to Ajax calls from the browser. I'm wondering what the proper status code is for sending back with responses to invalid (but successfully handled) data submissions. For example, jQuery has the following two particular callbacks when making Ajax requests: success: Fired when a 200/2xx status code is delivered along with the response. error: Fired when 4xx, 5xx, etc, status codes come back with the response. If a user attempts to create a new "Person" object, I send back a JSON representation of the newly created object upon success, thus giving javascript access to the necessary unique ID's for the new object, etc. This, of course, is sent with a 200 status code. If a user submits malformed or invalid data (say, an invalid/incomplete "name" field), I would like to send back the validation error messages via JSON. (I don't see why this would be a bad thing). My question is: in doing so, should I send a 200 status code, because I successfully handled their invalid data? Therefore, I'd be using the jQuery success callback, but simply check for errors... Or, should I use a 4xx status code, perhaps 'Bad Request', because the data they sent me is invalid? (and thus, use the error callback to do the necessary client-side notifications).

    Read the article

  • Can CFHEADER values be read by other code?

    - by Aidan Whitehall
    The code <cfheader name="Test" value="1"> <cfheader name="Test" value="2"> results in the header "Test: 2" being sent to the browser (as seen using HttpFox). Is there a way for the second line of code to determine if a header with the same name has already been written using CFHEADER? Thanks!

    Read the article

  • A little guidance setting up FTP server authentication on Windows Server 2008 R2 standard?

    - by Ropstah
    I have a (clean) server running Windows Server 2008 R2 standard. I would just like to use it for serving a website and a FTP server through IIS. IIS is installed and serves my website propery. I have now added a FTP site but when I try to logon using my user/pass i get the following error: 530 User cannot login From this article (http://support.microsoft.com/kb/200475) I understand that these four causes can be pointed out: The Allow only anonymous connections security setting has been turned on in the Microsoft Management Console (MMC). Not the case The username does not have the Log on locally permission in User Manager. The user is in the Users group, however I'm not able to logon through RDP. I tried configuring this by following this article through GPMC however this only works when I'm logged in as a domain user on a domain controller which I'm not: I'm logged in as administrator The username does not have the Access this computer from the network permission in User Manager. Not sure what this implies...? The Domain Name was not specified together with the username (in the form of DOMAIN\username). Tried adding the server name: server\username, not working... I am an absolute server noob and I'd just like to be able to connect through FTP... Any guidance is highly appreciated!

    Read the article

  • cannot modify header information puzzler

    - by outofmyleague_lucy
    hi im out of my league i have written what has now become identical code for two sites hosted on different servers. the first worked perfectly and i have therefore used it to compare the second to.from a login for i am directing to a loginaction.php when i include the db_connect.php ie <?php session_start(); include 'db_connect.php'; $user=$_POST['formUser'] $password=$_POST['formPassword']etc ? i am returning cannot modify header information header info already sent, but when i include the content of the db_connect ie <?php session_start(); $connect = mysql_connect("localhost", "user", "pass"); mysql_select_db(db_name, $connection); $user=$_POST['formUser'] $password=$_POST['formPassword']etc ? it works. any ideas? edit - requested error message Warning: Cannot modify header information - headers already sent by (output started at /home/avenncou/public_html/include/db_connect.php:4) in /home/avenncou/public_html/include/loginaction.php on line 14 at line 14 the is a header("Location: {$_SERVER["HTTP_REFERER"]}"); edit - requested db_connect.php <?php $connection = mysql_connect("localhost", "user", "pass");// or die ("Unable to connect!"); mysql_select_db("db", $connection);// or die ("Unable to select database!"); ?> that is all of it (dies commented out in case thats where the error was)!!!

    Read the article

  • Support clicking a link, but sending a POST (vs GET) to the server, without Ajax?

    - by xyld
    I'm thinking this isn't exactly possible, but maybe I'm wrong. I'm simply torn between those who believe that only POST requests should modify data on the server and people that relax the rule and allow GET requests to modify data. Take this situation. Say you have a table, each row is a row in the database. I'd like to allow them to delete the row via a fancy "X" icon as the very last <td></td> element in the row. AFAIK, the only way to send a POST to the server is via a form. But do I really stuff an entire form into the last <td></td> element just to do a POST? Or should I cheat and use an <a href=...></a> tag that sends a GET request? You may be thinking "Do both! Send a POST AND use the <a ...></a> tag! Use fancy javascript + xhr!" And I'll say, oh? And how will that degrade in a zero javascript environment? Maybe we've reached a point when it doesn't make sense to worry about gracefully degrading? I'm not sure. You tell me? I'm new to web development, but I understand most of the concepts involved.

    Read the article

  • Asking browsers to cache as aggressively as possible

    - by balpha
    This is about a web app that serves images. Since the same request will always return the same image, I want the accessing browsers to cache the images as aggressively as possible. I pretty much want to tell the browser Here's your image. Go ahead and keep it; it's really not going to change for the next couple of days. No need to come back. Really. I promise. I do, so far, set Cache-Control: public, max-age=86400 Last-Modified: (some time ago) Expires: (two days from now) and of course return a 304 not modified if the request has the appropriate If-Modified-Since header. Is there anything else I can do (or anything I should do differently) to get my message across to the browsers? The app is hosted on the Google App Engine, in case that matters.

    Read the article

  • php HTTP_REFERER header, how to turn off or leave blank

    - by eco_bach
    Hi I'm using the following simple PHP proxy script but am getting a sporadic message at the destination site. I'm thinking that perhaps it may have something to do with the HTTP_REFERER header, although I'm not explicitly defining it. Can anyone tell me how to explicitly turn off or leave the HTTP_REFERER header blank? Thanks in advance! $url = $_GET['path']; readfile($path);

    Read the article

  • Cannot login to SQL Server 2008 R2 with Windows authentication

    - by Ian Boyd
    When i try to connect to SQL Server (2008 R2) using Windows authentication: i cannot: Checking the Windows Application event log, i find the error: Login failed for user 'AVATOPIA\ian'. Reason: Token-based server access validation failed with an infrastructure error. Check for previous errors. [CLIENT: ] Log Name: Application Source: MSSQLSERVER Event ID: 18456 Level: Information User: AVATOPIA\ian OpCode: Task Category: Logon i can login to the computer itself using Windows authentication. i can log into SQL Server using the local Windows Administrator account. We can connect to 8 other SQL Servers on the domain using Windows Authentication. Just this one, whitch is the only one that is 2008 R2 is failing. So i assume it's a bug with *2008 R2. Note: i cannot logon locally, or remotely, using Windows authentication. i can login locally and remotely using SQL Server Authentication. Update Note: It's not limited to SQL Server Management Studio, standalone applications that connect using Windows authentication: fail: Note: It's not a client problem, as we can connect fine to other (non-SQL Server 2008 R2 machines): i'm sure there's a technote or knowledge base article describing why SQL Server 2008 R2 is broken by default, but i can't find it. Update 2 Matt figure out the change that Microsoft made so that SQL Server 2008 R2 is broken by default: Administrators are no longer administrators All that remains is to figure out how to make Administrators administrators. One of these days i'm going to start a list of changes around Microsoft's "broken by default" initiative. Steps to reproduce the problem How do i add a group to the sysadmin fixed server role? Here's the steps i try, that don't work: Click Add: Click Object Types: Ensure that you have no ability to add groups: and click OK. Under Enter the object names to select, enter Administrators: Click Check Names, and ensure that you are not allowed to add groups: and click Cancel. Click Browse..., and ensure that you have no ability to add groups: You should now still not have added any group to the sysadmin role. Additional information SQL Server Management Studio is being run as an administrator: SQL Server is set to use Windows Authentication: tried while logged into SQL with both sa and the only other sysadmin domain account (screenshot can be supplied for those who don't believe)

    Read the article

  • Forms authentication failed between web server and sql server

    - by Matt Bear
    I've actually found the solution, but I'm trying to understand why it failed, and why my solution fixed the problem. We have an application that uses forms authentication between a web server and sql server, web server runs server 2008, sql server runs 2008 r2, and sql server 2008. In august the sql server was patched with .net 3.5.1, the web server was untouched, and the forms authentication continued to work. 1 week ago we virtualized the web server onto our vSphere server because of failing hardware. Afterwards the form authentication failed with event code 4005, detail code 50201, The ticket supplied was invalid (on the sql server). In fact the sql server started generating Schannel errors and began blue screening 3-4 times a day. At this point I touched the sql server for the first time(ever), the errors were non specific, any reference to them I could find had to do with either zone alarm(which we don't run), or memory errors. So I applied service pack 1, which stopped the blue screening, but did not fix the forms authentication. At this point we had a work around, so we put it on the back burner while we completed another project, and I was able to get back on it last night. First thing was to adjust some code in the webconfig file on the sql server, nothing, next was regenerate and change out the machine key, still no change. Update the DNS servers, no change. Finally I went through and installed all windows updates, two reboots, (over RDP installed a network card driver which failed, and did not have my server room key, that was fun). After that, forms authentication was working again. And the sql server stopped generating as many errors, I've gotten two schannel errors since then. In short, forms authentication began failing when the web server was cloned onto a virtual machine, which caused the sql server to blue sceen? and forms authentication to fail. And could only be fixed by applying patches to the sql server?(I'm wishing I had patched the servers one at a time so I could know for sure which patch on which server fixed it). My question is why did it fail, and why did patching fix it? I hate fixing something without fully understanding the why and how.

    Read the article

  • Postfix + SASLAUTHD + MySQL authentication problems

    - by Or W
    I've been trying to sort this out for the past 6 hours or so, this is the error message I'm facing (Running CentOS x64): /var/log/maillog: Jun 22 20:42:49 ptroa postfix/smtpd[10130]: warning: SASL authentication failure: Password verification failed Jun 22 20:42:49 ptroa postfix/smtpd[10130]: warning: bzq-79-177-192-133.red.bezeqint.net[79.177.192.133]: SASL PLAIN authentication failed: authentication failure Jun 22 20:42:49 ptroa postfix/smtpd[10130]: warning: bzq-79-177-192-133.red.bezeqint.net[79.177.192.133]: SASL LOGIN authentication failed: authentication failure /var/log/messages: Jun 22 20:15:38 ptroa saslauthd[9401]: do_auth : auth failure: [user=myuser] [service=smtp] [realm=domain.com] [mech=pam] [reason=PAM auth error] I have dovecot installed as well and I'm able to receive emails via the MySQL authentication. The problem is when I'm trying to use SMTP to send out emails. Some config files: /etc/postfix/main.cf: # See /usr/share/postfix/main.cf.dist for a commented, more complete version # Debian specific: Specifying a file name will cause the first # line of that file to be used as the name. The Debian default # is /etc/mailname. myorigin = /etc/mailname smtpd_banner = Server Message biff = no # appending .domain is the MUA's job. append_dot_mydomain = no # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h readme_directory = /usr/share/doc/postfix # TLS parameters smtpd_tls_cert_file = /etc/postfix/smtpd.cert smtpd_tls_key_file = /etc/postfix/smtpd.key smtpd_use_tls = yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for # information on enabling SSL in the smtp client. myhostname = domain.com alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = relayhost = mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all html_directory = /usr/share/doc/postfix/html message_size_limit = 30720000 virtual_alias_domains = virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf virtual_mailbox_base = /home/vmail virtual_uid_maps = static:5000 virtual_gid_maps = static:5000 smtpd_sasl_auth_enable = yes broken_sasl_auth_clients = yes smtpd_sasl_authenticated_header = yes smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination virtual_create_maildirsize = yes virtual_maildir_extended = yes proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_cano$ virtual_transport = dovecot dovecot_destination_recipient_limit = 1 /etc/default/saslauthd: START=yes DESC="SASL Authentication Daemon" NAME="saslauthd" MECHANISMS="pam" MECH_OPTIONS="" THREADS=5 OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r" /etc/pam.d/smtp: #%PAM-1.0 #auth include password-auth #account include password-auth auth required pam_mysql.so user=mail_admin passwd=password host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1 verbose=1 account sufficient pam_mysql.so user=mail_admin passwd=password host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1 verbose=1

    Read the article

  • Problems set-up Single Sign-On using Kerberos authentication

    - by user1124133
    I need for Ruby on Rail application set authentication via Active Directory using Kerberos authentication. Some technical information: I are using Apache installed mod_auth_kerb In httpd.conf I added LoadModule auth_kerb_module modules/mod_auth_kerb.so In /etc/krb5.conf I added following configuration [logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log [libdefaults] default_realm = EU.ORG.COM dns_lookup_realm = false dns_lookup_kdc = false ticket_lifetime = 24h forwardable = yes [realms] EU.ORG.COM = { kdc = eudc05.eu.org.com:88 admin_server = eudc05.eu.org.com:749 default_domain = eu.org.com } [domain_realm] .eu.org.com = EU.ORG.COM eu.org.com = EU.ORG.COM [appdefaults] pam = { debug = true ticket_lifetime = 36000 renew_lifetime = 36000 forwardable = true krb4_convert = false } When I test kinit validuser and enter password then authentication is successful. klist returns: Ticket cache: FILE:/tmp/krb5cc_600 Default principal: [email protected] Valid starting Expires Service principal 02/08/13 13:46:40 02/08/13 23:46:47 krbtgt/[email protected] renew until 02/09/13 13:46:40 Kerberos 4 ticket cache: /tmp/tkt600 klist: You have no tickets cached In application Apache configuration I added IfModule mod_auth_kerb.c> Location /winlogin> AuthType Kerberos AuthName "Kerberos Loginsss" KrbMethodNegotiate off KrbAuthoritative on KrbVerifyKDC off KrbAuthRealms EU.ORG.COM Krb5Keytab /home/crmdata/httpd/apache.keytab KrbSaveCredentials off Require valid-user </Location> </IfModule> I restarted apache Now some tests: When I try to access application from Win7, I got pop-up message box, with text: Warning: This server is requesting that your username and password be sent in an insecure manner (basic authentification without a secure connection) When I enter valid credentials then my application opens successfully, and all works fine. Questions: Is ok that for user pop-ups such windows? If I use NTLM authentication then there no such pop-up. I checked IE Internet Options and there 'Enable Integrated Windows Authentication' is checked. Why IE try to send username and password to application apache? If I correct to understand then Windows self must make authentication via Active Directory using Kerberos protocol. When I try to access application from Win7 and I enter incorrect credentials to pop-up message box Application say Authentication failed (this is OK) In apache error log I see: [error] [client 192.168.56.1] krb5_get_init_creds_password() failed: Client not found in Kerberos database But now I cannot get possibility to enter valid credentials, only when I restart IE I can get again pop-up box. What could be incorrect or missing in my Kerberos setup? I read in some blog post that probably something is needed to be done in Active Directory side. What exactly?

    Read the article

  • MySQL 5.5 brings in new ways to authenticate users

    - by Georgi Kodinov
    Ever wanted to use your server's OS for authenticating MySQL users ? Or the corporate LDAP repository ? Unfortunately options like the above are plentiful nowadays. And providing hard-coded support for protocol X or service Y is not the best possible idea. MySQL 5.5 has taken the step into the right direction by providing an infrastructure allowing one to make the server understand different authentication protocols by creating a set of simple plugins (one for the client and one for the server). So now you can easily extend MySQL to search for and authenticate users in your favorite user directory. In fact the API supplied is so versatile that we took the possibility to re-design the current "native" authentication mechanism into a built-in always-on plugin ! OK, let me give you an example: Imagine we have a bunch of users defined in your OS, e.g. we have a user joro with his respective password. And we have a MySQL instance running on the same computer. It would not be unexpected to need to let joro access and/or modify MySQL data. The first step is to define him as a MySQL user. And there's a problem right there : MySQL's CREATE USER joro@localhost IDENTIFIED BY 'joros_password' statement needs a password. And this is a password in no way related to the password that joro have set up in the OS. What's worse : if joro changes his OS password this will in no way be reflected in MySQL. So he'll need to change his MySQL password in a separate step. Not very convenient, specially when you have a lot of users. This is a laborious setup for joro's DBA as well : he'll have to disable his access in both MySQL and the OS should he decides that joro's out of the "nice" list. Now mysql 5.5 to the rescue: Imagine that the smart DBA has created a MySQL server plugin that will check if the name of the user logging in is a valid and enabled OS name and if the password supplied to the mysql client matches the OS and has called this plugin 'auth_os'. Now all that's left to do is to define joro as a MySQL user that will be authenticated externally. This is done by the following command : CREATE USER 'joro'@'localhost' IDENTIFIED WITH 'auth_os'; Now joro can login to MySQL using his current OS password. Note : joro is still a valid MySQL user, so you can grant privileges to him just like you would for all other users. What's better: you can have users that authenticate using different mechanisms in the same server. So you can e.g. safely experiment with external authentication for selected users while keeping your current user base operational. What happens under the hood when joro logs in ? The server will find out by the user definition that it needs to use a non-default authentication and will ask the client to "switch" to using the appropriate client-side plugin (if of course the client is not already using it). If the client can't do this (e.g. because it's an old client or doesn't have the necessary plugin available) the server will reject the login. Otherwise the server will let the server-side plugin decide (while possibly talking to the client side plugin and the OS user directory) if this is a valid login or not. If it is the login process will continue as usual, while if it's not the login will get rejected. There's a lot more that MySQL 5.5 can do for you than just the simple case above. Stay tuned for more advanced use cases like mapping groups of external users to a single MySQL user (so you won't have to have 1-to-1 mapping between your external user directory and your mysql user repository) or ways to control the process as a DBA. Or you can simply skip ahead and read the relevant topics from MySQL's excellent online documentation. Or take a look at the example plugins in plugin/auth. Or take a look at the test suite in mysql-test/t/plugin_auth.test. Changelog entry: http://dev.mysql.com/doc/refman/5.5/en/news-5-5-7.html Primary new sections: Pluggable authentication Proxy users Client plugin C API functions Revised sections: New PROXY privilege New proxies_priv grant table Passwords might be external New external_user and proxy_user system variables New --default-auth and --plugin-dir mysql options New MYSQL_DEFAULT_AUTH and MYSQL_PLUGIN_DIR options for mysql_options() CREATE USER has IDENTIFIED WITH clause to specify auth plugin GRANT has PROXY privilege, IDENTIFIED WITH clause to specify auth plugin The data structure for writing client plugins

    Read the article

  • x.gif in Apache logs

    - by T. Stone
    I manage a Django site where we host the media on a subdomain. There shouldn't be any requests for media to the main domain. However I keep seeing these requests for "x.gif" showing up in the access logs on the domain that's handled by WSGI (not the media domain). Can anyone explain what this is? X.X.X.X - - [08/Mar/2010:10:04:00 -1000] "GET / HTTP/1.1" 200 3724 X.X.X.X - - [08/Mar/2010:10:04:10 -1000] "GET /x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:04:10 -1000] "GET /x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:04:10 -1000] "GET /x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:04:10 -1000] "GET /x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:04:51 -1000] "GET /x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:04:52 -1000] "GET /x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:04:52 -1000] "GET /x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:04:52 -1000] "GET /x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:04:56 -1000] "GET /contact/ HTTP/1.1" 200 7196 X.X.X.X - - [08/Mar/2010:10:04:58 -1000] "GET /contact/x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:04:58 -1000] "GET /contact/x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:05:00 -1000] "GET /contact/x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:05:00 -1000] "GET /contact/x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:05:00 -1000] "GET /contact/x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:05:00 -1000] "GET /contact/x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:05:01 -1000] "GET /contact/x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:05:01 -1000] "GET /contact/x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:05:01 -1000] "GET /contact/x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:05:01 -1000] "GET /contact/x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:05:02 -1000] "GET /contact/x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:05:02 -1000] "GET /contact/x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:05:02 -1000] "GET /contact/x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:05:02 -1000] "GET /contact/x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:05:03 -1000] "GET /contact/x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:05:03 -1000] "GET /contact/x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:05:03 -1000] "GET /contact/x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:05:04 -1000] "GET /contact/x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:05:04 -1000] "GET /contact/x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:05:04 -1000] "GET /contact/x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:05:04 -1000] "GET /contact/x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:05:05 -1000] "GET /contact/x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:05:05 -1000] "GET /contact/x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:05:05 -1000] "GET /contact/x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:05:05 -1000] "GET /contact/x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:05:06 -1000] "GET /contact/x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:05:06 -1000] "GET /contact/x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:05:06 -1000] "GET /contact/x.gif HTTP/1.1" 404 2653 X.X.X.X - - [08/Mar/2010:10:05:06 -1000] "GET /contact/x.gif HTTP/1.1" 404 2653

    Read the article

  • What are the steps to setup git-http-backend w/ Apache on Windows?

    - by Jordan
    I would like setup a Git server using the "Smart-HTTP" approach. However, I'm having difficulties getting it to work in Windows, and I'm new to Apache. My httpd.conf, in part: SetEnv GIT_PROJECT_ROOT "d:/repositories" SetEnv GIT_HTTP_EXPORT_ALL ScriptAlias /git/ "C:/Program Files/Git/libexec/git-core/git-http-backend.exe" <VirtualHost 172.16.0.5:80> <LocationMatch "^/git/.*/git-receive-pack$"> AuthType Basic AuthName "Git Access" Require group committers </LocationMatch> </VirtualHost> Could someone provide the steps to setup a Git server using git-http-backend on Windows?

    Read the article

  • COPSSH RSA only authentication connection problem

    - by Siriss
    Hello all- I am trying to setup an RSA Authentication only SSH/SFTP server. The SSH will be used primarily for RDC. Everything works just fine if I use password authentication. I am using Putty Key Generator to create he keys and I have pasted the key into authorized_keys file and restarted the OpenSSH server. I am using FileZilla to test the SFTP connection as that is the most important. For my tests I have created the keys without password correction. It will not work with a standard SSH connection either. It says "Server refused our key". I have recreated the key twice double checking with a guide on google, and I am pretty sure I did it correctly. I load the key file into FileZilla under settings/SFTP and try to connect and I get the following error: Disconnected: No supported authentication methods available. I have been playing with the different settings all night and I cannot figure it out. Here is my sshd_config file: # $OpenBSD: sshd_config,v 1.80 2008/07/02 02:24:18 djm Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin # The strategy used for options in the default sshd_config shipped with # OpenSSH is to specify options with their default value where # possible, but leave them commented. Uncommented options change a # default value. #Port 22 #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress :: # Disable legacy (protocol version 1) support in the server for new # installations. In future the default will change to require explicit # activation of protocol 1 Protocol 2 # HostKey for protocol version 1 #HostKey /etc/ssh/ssh_host_key # HostKeys for protocol version 2 #HostKey /etc/ssh/ssh_host_rsa_key #HostKey /etc/ssh/ssh_host_dsa_key # Lifetime and size of ephemeral version 1 server key #KeyRegenerationInterval 1h #ServerKeyBits 1024 # Logging # obsoletes QuietMode and FascistLogging #SyslogFacility AUTH #LogLevel INFO # Authentication: #LoginGraceTime 2m PermitRootLogin no #StrictModes yes #MaxAuthTries 6 #MaxSessions 10 RSAAuthentication yes PubkeyAuthentication yes AuthorizedKeysFile .ssh/authorized_keys # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts RhostsRSAAuthentication no # similar for protocol version 2 #HostbasedAuthentication no # Change to yes if you don't trust ~/.ssh/known_hosts for # RhostsRSAAuthentication and HostbasedAuthentication #IgnoreUserKnownHosts no # Don't read the user's ~/.rhosts and ~/.shosts files #IgnoreRhosts yes # To disable tunneled clear text passwords, change to no here! PasswordAuthentication no PermitEmptyPasswords no # Change to no to disable s/key passwords #ChallengeResponseAuthentication yes # Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes #KerberosGetAFSToken no # GSSAPI options #GSSAPIAuthentication no #GSSAPICleanupCredentials yes # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication and # PasswordAuthentication. Depending on your PAM configuration, # PAM authentication via ChallengeResponseAuthentication may bypass # the setting of "PermitRootLogin without-password". # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication # and ChallengeResponseAuthentication to 'no'. UsePAM no #AllowAgentForwarding yes #AllowTcpForwarding yes #GatewayPorts no #X11Forwarding no #X11DisplayOffset 10 #X11UseLocalhost yes #PrintMotd yes #PrintLastLog yes #TCPKeepAlive yes UseLogin no #UsePrivilegeSeparation yes #PermitUserEnvironment no #Compression delayed #ClientAliveInterval 0 #ClientAliveCountMax 3 #UseDNS yes #PidFile /var/run/sshd.pid #MaxStartups 10 #PermitTunnel no #ChrootDirectory none # no default banner path #Banner none # override default of no subsystems Subsystem sftp /bin/sftp-server # Example of overriding settings on a per-user basis #Match User anoncvs # X11Forwarding no # AllowTcpForwarding no # ForceCommand cvs server Thank you so much for your help!

    Read the article

  • How do http proxies determine https traffic with a single port?

    - by badunk
    If a proxy receives the tcp packet, then the destination ip address and port are that of the proxy. In that case, I imagine the only way a proxy can still resolve the intended destination is either through routing the source ip address/port or through the host field in the http header. Is this correct? In both Fiddler and Charles http proxies, I noticed that the tool accepts both http and https connections through a single port that you can specify. What do these tools do to tell the difference between the two types of connections?

    Read the article

  • How to write custom (odd) authentication plugins for Wordpress, Joomla and MediaWiki?

    - by Bart van Heukelom
    On our network (a group of related websites - not a LAN) we have a common authentication system which works like this: On a network site ("consumer") the user clicks on a login link This redirects the user to a login page on our auth system ("RAS"). Upon successful login the user is directed back to the consumer site. Extra data is passed in the query string. This extra data does not include any information about the user yet. The consumer site's backend contacts RAS, with this extra data, to get the information about the logged in user (id, name, email, preferences, etc.). So as you can see, the consumer site knows nothing about the authentication method. It doesn't know if it's by username/password, fingerprint, smartcard, or winning a game of poker. This is the main problem I'm encountering when trying to find out how I could write custom authentication plugins for these packages, acting as consumer sites: Wordpress Joomla MediaWiki For example Joomla offers a pretty simple auth plugin system, but it depends on a username/password entered on the Joomla site. Any hints on where to start?

    Read the article

  • Token based Authentication for WCF HTTP/REST Services: Authorization

    - by Your DisplayName here!
    In the previous post I showed how token based authentication can be implemented for WCF HTTP based services. Authentication is the process of finding out who the user is – this includes anonymous users. Then it is up to the service to decide under which circumstances the client has access to the service as a whole or individual operations. This is called authorization. By default – my framework does not allow anonymous users and will deny access right in the service authorization manager. You can however turn anonymous access on – that means technically, that instead of denying access, an anonymous principal is placed on Thread.CurrentPrincipal. You can flip that switch in the configuration class that you can pass into the service host/factory. var configuration = new WebTokenWebServiceHostConfiguration {     AllowAnonymousAccess = true }; But this is not enough, in addition you also need to decorate the individual operations to allow anonymous access as well, e.g.: [AllowAnonymousAccess] public string GetInfo() {     ... } Inside these operations you might have an authenticated or an anonymous principal on Thread.CurrentPrincipal, and it is up to your code to decide what to do. Side note: Being a security guy, I like this opt-in approach to anonymous access much better that all those opt-out approaches out there (like the Authorize attribute – or this.). Claims-based Authorization Since there is a ClaimsPrincipal available, you can use the standard WIF claims authorization manager infrastructure – either declaratively via ClaimsPrincipalPermission or programmatically (see also here). [ClaimsPrincipalPermission(SecurityAction.Demand,     Resource = "Claims",     Operation = "View")] public ViewClaims GetClientIdentity() {     return new ServiceLogic().GetClaims(); }   In addition you can also turn off per-request authorization (see here for background) via the config and just use the “domain specific” instrumentation. While the code is not 100% done – you can download the current solution here. HTH (Wanna learn more about federation, WIF, claims, tokens etc.? Click here.)

    Read the article

  • Seeking htaccess help: Converting multiple subdomains (both http and https) to www.domain.com using .htaccess

    - by Joshua Dorkin
    I've been trying to get an answer to this question on other forums (the folks at SuperUser thought this was the place I needed to post) and via my connections, but I haven't gotten very far. Hopefully you guys can help me find an answer: I've got a dozen old subdomains that have been indexed by Google. These have been indexed as both http AND https. I've managed to redirect all the subdomains properly, provided they are not https, but can't get any of the https subdomains to property redirect. Here's the code I'm using: RewriteCond %{HTTP_HOST} ^subdomain1.mysite.com$ [NC] RewriteRule ^(.*)$ http://www.mysite.com/$1 [R=301,L] RewriteCond %{HTTP_HOST} ^subdomain2.mysite.com$ [NC] RewriteRule ^(.*)$ http://www.mysite.com/$1 [R=301,L] RewriteCond %{HTTP_HOST} ^subdomain3.mysite.com$ [NC] RewriteRule ^(.*)$ http://www.mysite.com/$1 [R=301,L] This works great until someone goes to: https://subdomain2.mysite.com$ which is not redirected back to http://www.mysite.com$ How can I get this to work? Additionally, I'm guessing there is an easier way to make it happen than setting up a dozen pairs of Rewrite conditions/rewrite rule? Is there any way to do this in just a few lines, including one where I list all the subdomains? I'd actually also like to redirect everything on https://www.mysite.com$ to http://www.mysite.com$ except for 3 folders These are mysite.com/secure, mysite.com/store, mysite.com/user -- is there any good way to add this to the htaccess file? Any suggestions would be great! Thank you in advance for any help.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 51 52 53 54 55 56 57 58 59 60 61 62  | Next Page >