Search Results

Search found 5866 results on 235 pages for 'authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 59/235 | < Previous Page | 55 56 57 58 59 60 61 62 63 64 65 66  | Next Page >

  • Internet Explorer keeps asking for NTLM credentials in Intranet zone

    - by Tomalak
    Long text, sorry for that. I'm trying to be as specific as possible. I'm on Windows 7 and I experience a very frustrating Internet Explorer 8 behavior. I'm in a company LAN with some intranet servers and a proxy for connecting with the outside world. On sites that are clearly recognized as being "Local Intranet" (as indicated in the IE status bar) I keep getting "Windows Security" dialog boxes that ask me to log in. These pages are served off an IIS6 with "Integrated Windows Security" enabled, NTFS permits Everyone:Read on the files themselves. If I enter my Windows credentials, the page loads fine. However, the dialog boxes will be popping up the next time, regardless if I ticked "Remember my credentials" or not. (Credentials are stored in the "Credential Manager" but that does not make any difference as to how often these login boxes appear.) If I click "Cancel", one of two things can happen: Either the page loads with certain resources missing (images, styleheets, etc), or it does not load at all and I get HTTP 401.2 (Unauthorized: Logon Failed Due to Server Configuration). This depends on whether the logon box was triggered by the page itself, or a referenced resource. The behavior appears to be completely erratic, sometimes the pages load smoothly, sometimes one resource triggers a logon message, sometimes it does not. Even simply re-loading the page can result in changed behavior. I'm using WPAD as my proxy detection mechanism. All Intranet hosts do bypass the proxy in the PAC file. I've checked every IE setting I can think of, entered host patterns, individual host names, IP ranges in every thinkable configuration to the "Local Intranet" zone, ticked "Include all sites that bypass the proxy server", you name it. It boils down to "sometimes it just does not work", and slowly I'm losing my mind. ;-) I'm aware that this is related to IE not automatically passing my NTLM credentials to the webserver but asking me instead. Usually this should only happen for NTLM-secured sites that are not recognized as being in the "Intranet" zone. As explained, this is not the case here. Especially since half of a page can load perfectly and without interruption and some page's resources (coming from the same server!) trigger the login message. I've looked at http://support.microsoft.com/kb/303650, which gives the impression of describing the problem, but nothing there seems to work. And frankly, I'm not certain if "manually editing the registry" is the right solution for this kind of problem. I'm not the only person in the world with an IE/intranet/IIS configuration, after all. I'm at a loss, can somebody give me a hint?

    Read the article

  • SSH error 114 when connect with FinalBuilder 7

    - by mamcx
    I'm testing FB 7 and try to connect to my Mac OS X Snow Leopard machine. I can connect with paramiko (python SSH library) but not FB7. The only thing I get is: SSH error encoutered: 114 I try stopping & restarting the share session on Mac OS X. update: I enable server debug and get this log: debug1: sshd version OpenSSH_5.2p1 debug1: read PEM private key done: type RSA debug1: private host key: #0 type 1 RSA debug1: read PEM private key done: type DSA debug1: private host key: #1 type 2 DSA debug1: rexec_argv[0]='/usr/sbin/sshd' debug1: rexec_argv[1]='-Dd' debug1: Bind to port 22 on ::. Server listening on :: port 22. debug1: Bind to port 22 on 0.0.0.0. Server listening on 0.0.0.0 port 22. debug1: fd 5 clearing O_NONBLOCK debug1: Server will not fork when running in debugging mode. debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8 debug1: inetd sockets after dupping: 3, 3 Connection from 10.3.7.135 port 49457 debug1: Client protocol version 2.0; client software version SecureBlackbox.8 debug1: no match: SecureBlackbox.8 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.2 debug1: privsep_preauth: successfully loaded Seatbelt profile for unprivileged child debug1: permanently_set_uid: 75/75 debug1: list_hostkey_types: ssh-rsa,ssh-dss debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: client->server aes128-ctr [email protected] none debug1: kex: server->client aes128-ctr [email protected] none debug1: expecting SSH2_MSG_KEXDH_INIT debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: KEX done debug1: userauth-request for user mamcx service ssh-connection method none debug1: attempt 0 failures 0 debug1: PAM: initializing for "mamcx" Connection closed by 10.3.7.135 debug1: do_cleanup debug1: PAM: setting PAM_RHOST to "10.3.7.135" debug1: do_cleanup debug1: PAM: cleanup debug1: audit_event: unhandled event 12

    Read the article

  • Cisco ASA 5510 ASDM: Setting up multiple public static ip addresses on a single interface and route

    - by ssjaken
    HI, i have a cisco ASA 5510 using ASDM version 6.3 We have a webserver that is been written very specifically and i was given super direct "DO NOT DEVIATE" directions. This server has to get traffic from 3 different PUBLIC ip's that we own. (our isp gave use a block of 12 static addresses) on 4 different ports. there are the directions i was given externalIP1:22 - 172.17.5.50:22 - SSH externalIP1:443 - 172.17.5.50:23040 - SIT externalIP2:443 - 172.17.5.50:33040 - STAGE externalIP3:443 - 172.17.5.50:43040 - PROD My first question is, using ASDM (my contract employer demands i use ASDM over CLI) how do i get three public addresses to work on one interface. We are authenticating on PPPoE. I know create a virtual interface with the static address but when i do i cannot ping the address from another offsite machine. secondly, where would i put the traffic redirect in. would i go ahead and create ACL's or just make NAT routes. Thanks.

    Read the article

  • ISA Server 2006 SP1 :: Allow unauthenticated users (non domain users) access to external (internet)

    - by Klaptrap
    Now that we have applied an internal to external rule blocking all users access to the internet, other than those users in a whitelist, we have the obvious issue of non authenticated users, not on our domain, i.e.; domain-less guests not being able to access the internet. Other than configuring each machine to use our alternative gateway - which would require a member of IT to be onsite everytime a guest arrives - can this be done through ISA adn AD?

    Read the article

  • Logging in user in Windows 2008 server using LogonUser fails on LogonType LOGON32_LOGON_SERVICE

    - by Ofiris
    I am using LogonUser function to logon an account to Windows 2008 R2 server on a domain with clusterring. When using LOGON32_LOGON_INTERACTIVE as LogonType, I successfully login. When using LOGON32_LOGON_SERVICE as LogonType, Login fails, EventViewer says: An account failed to log on. Logon Type: 5 Account For Which Logon Failed: Security ID: NULL SID Account Name: thename Account Domain: thedomain Logon ID: 0x1009371c Logon Type: 5 Failure Information: Failure Reason: The user has not been granted the requested logon type at this machine. Status: 0xc000015b Sub Status: 0x0 Was not sure if its for superuser or stackoverflow (calling LogonUser from C# code), but I guess its some Windows server issue*. EventID = 4625 Edit: Found that - 0xc000015b The user has not been granted the requested logon type (aka logon right) at this machine Edit: Should be serverfault question...

    Read the article

  • AD LDS (ADAM) user not authenticate

    - by Hongwei
    I am trying to add a user to AD LDS (formerly known as ADAM). I added the user, set the password, and set the following properties: accountsExpires=(Never) msDS-UserAccountDisabled=FALSE msDS-UserDontExpirePassword=TRUE userPrincipalName=JUser I also added the user to Readers group. However, when I used ADSI Edit to bind to the directory with this user's credential, I got an error indicating invalid username or password. What else do I have to do for the user to authenticate? Thanks.

    Read the article

  • mercurial hgwebdir error with basicauth in apache2

    - by Dio
    Hello, I'm having kind of a strange error that I'm trying to track down. I was trying to setup mercurial on my home server this weekend. I seem to have it running up to the point where I'm trying to get repositories published correctly. I'm running Ubuntu 10.04 LTS Mercurial Distributed SCM (version 1.4.3) I followed the hgwebdir guide: http://mercurial.selenic.com/wiki/HgWebDirStepByStep and everything seems to work great, I can pull and push my local repositories. Then I tried to add basic auth changing ScriptAliasMatch ^/hg(.*) /var/hg/hgwebdir.cgi$1 <Directory "/var/hg"> Options ExecCGI FollowSymLinks AllowOverride None </Directory> to ScriptAliasMatch ^/hg(.*) /var/hg/hgwebdir.cgi$1 <Directory "/var/hg"> Options ExecCGI FollowSymLinks AllowOverride None AuthType Basic AuthName hgwebdir AuthUserFile /usr/local/etc/httpd/users Require valid-user </Directory> This works exactly as I'd expect it to when I navigate to the directory via my web browser, but when I hg push get a long section repeating of File "/usr/lib/python2.6/urllib2.py", line 369, in _call_chain result = func(*args) File "/usr/lib/python2.6/urllib2.py", line 855, in http_error_401 url, req, headers) File "/usr/lib/python2.6/urllib2.py", line 833, in http_error_auth_reqed return self.retry_http_basic_auth(host, req, realm) File "/usr/lib/python2.6/urllib2.py", line 843, in retry_http_basic_auth return self.parent.open(req, timeout=req.timeout) followed by File "/usr/lib/pymodules/python2.6/mercurial/keepalive.py", line 249, in do_open self._start_transaction(h, req) File "/usr/lib/pymodules/python2.6/mercurial/url.py", line 419, in _start_transaction return keepalive.HTTPHandler._start_transaction(self, h, req) File "/usr/lib/pymodules/python2.6/mercurial/keepalive.py", line 342, in _start_transaction h.endheaders() File "/usr/lib/python2.6/httplib.py", line 904, in endheaders self._send_output() File "/usr/lib/python2.6/httplib.py", line 776, in _send_output self.send(msg) File "/usr/lib/pymodules/python2.6/mercurial/url.py", line 247, in _sendfile connection.send(self, data) File "/usr/lib/pymodules/python2.6/mercurial/keepalive.py", line 519, in safesend self.connect() File "/usr/lib/pymodules/python2.6/mercurial/url.py", line 273, in connect keepalive.HTTPConnection.connect(self) RuntimeError: maximum recursion depth exceeded while calling a Python object I'm a bit at a loss on this one. I'm really not sure why adding the authorization seems to work fine via my web browser but throw these errors from hg. Any help would be greatly appreciated.

    Read the article

  • ISA Server 2006 SP1 :: Allow unauthenticated users (non domain users) access to external (internet)

    - by Klaptrap
    Now that we have applied an internal to external rule blocking all users access to the internet, other than those users in a whitelist, we have the obvious issue of non authenticated users, not on our domain, i.e.; domain-less guests not being able to access the internet. Other than configuring each machine to use our alternative gateway - which would require a member of IT to be onsite everytime a guest arrives - can this be done through ISA adn AD?

    Read the article

  • Is there a way to add AD LDS users to an AD Domain Group or allow them domain security rights?

    - by Tom
    I have a web application in which our outside customers need access to run transactions (stored procs on Sql Server) on our domain. We have looked into LDS to keep these users separate from our domain. The problem we are having is allowing the LDS users the AD security rights to access these stored procs. For administration purposes we would like to use an AD group for each transaction (stored proc) which has access to execute. Is there a way to add LDS users to this AD group or allow them the security rights to do this? We have setup LDS and can authenicate an AD user thru to runs these transactions. LDS is running on Server 08 R2. AD is also Server 08 R2. Thanks.

    Read the article

  • Problem with shared ssh keys

    - by warren
    Following the process I've used in other environments (http://www.trilug.org/pipermail/trilug/Week-of-Mon-20080602/054712.html), I've tried setting-up shared keys between my Mac and my CentOS 4 webserver. I've seen the same problem with my older Ubuntu 7.10 workstation trying to connect via keys to the same webserver. I have tried both dsa and rsa keytypes (sshkeygen -t <type>). The sshd_config file on my webserver seems to be allowing key-based logins: RSAAuthentication yes PubkeyAuthentication yes AuthorizedKeysFile .ssh/authorized_keys And my .ssh/authorized_keys has my dsa and rsa keys added. Where should I be looking for what to change next to make key-based logins "Just Work™"? Is it related to the line #UseDNS yes and sshd is trying to do a reverse-lookup on my IP, but cannot because it's NAT'd?

    Read the article

  • Windows Service and Group Policy unable to access network share on Win2008 Domain

    - by Terence Johnson
    I have one computer on my domain that has suddenly stopped receiving software updates via group policy. Domain logins still work, and group policy on the machine is still being updated, so it knows that there are new packages to install and where to look for them, but every time it tries to install a package, it throws a 1622 error (location not found). Logged in users can reach the same network shares, and every other computer on network is installing the packages. Further investigation found that other services running as "System" on the problematic computer are also unable to authenticate to network shares. How do I diagnose/fix this computer's account in Active Directory? The computer account exists, and is a member of "Domain Computers" - or is there something else I should be looking at?

    Read the article

  • Active Directory, Linux, and User Private Groups

    - by larsks
    We're in the process of moving from NIS on our Linux systems to binding everything to Active Directory. The NIS environment follows the common standard used by many Linux distributions that a user's primary group is a group of the same name as the user (and of which the user is typically the only member). I have been informed that in the Active Directory environment, you may not have a group name with the same name as a user (specifically, that no two AD security objects may have the same name). This would seem to complicate the process of moving our group definitions into AD. It looks like we could maintain the NIS group information in AD using only POSIX attributes (e.g., not an actual AD security object), but that seems like a suboptimal fix (because we do really want to have the same view of group membership in both the Unix and AD worlds). Have you moved a large legacy NIS environment into Active Directory? How did you handle this situation?

    Read the article

  • IIS reverse proxy to windows authenticated internal site

    - by keithwarren7
    I have an internal windows authenticated website that I need to expose anonymously to external users. extern: http://foo.com/ (public) intern: http://privatefoo/ (requires windows auth) I want people hitting foo.com to see no security prompt, just get access to privatefoo - I know this is possible in a simple reverse proxy setup but does anyone know how to make the proxy provide windows credentials?

    Read the article

  • List of mail servers using DKIM, SPF and SenderID

    - by Ashish
    Hi, I am setting up Postfix mail server. What I want to know is that, what the popular mail server's like yahoo, gmail, AOL, Microsoft Outlook server etc. use for sender identification of e-mails. e.g: Which one use SPF or DKIM or SenderId etc. Any listing enumerating about these properties would be highly useful. Thanks in advance Ashish

    Read the article

  • Invalidating unused ssh keys

    - by JH
    I am using one ssh account for all my Subversion users. They send me their public keys and I put them in .ssh/authorized_key of the svn account, then they can check out the code from Subversion using ssh tunnel. So far everything works fine. The problem though is that I want to invalidate keys that have not been used for some time (say one month). Does anyone know a way to make sshd log the public key when a user signs in? Thanks.

    Read the article

  • Basic Auth on DirectoryIndex Only

    - by Brad
    I am trying to configure basic auth for my index file, and only my index file. I have configured it like so: <Files index.htm> Order allow,deny Allow from all AuthType Basic AuthName "Some Auth" AuthUserFile "C:/path/to/my/.htpasswd" Require valid-user </Files> When I visit the page, 401 Authorization Required is returned as expected, but the browser doesn't prompt for the username/password. Some further inspection has revealed that Apache is not sending the WWW-Authenticate header. GET http://myhost/ HTTP/1.1 Host: myhost Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.100 Safari/534.30 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 HTTP/1.1 401 Authorization Required Date: Tue, 21 Jun 2011 21:36:48 GMT Server: Apache/2.2.16 (Win32) Content-Length: 401 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>401 Authorization Required</title> </head><body> <h1>Authorization Required</h1> <p>This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.</p> </body></html> Why is Apache doing this? How can I configure it to send that header appropriately? It is worth noting that this exact same set of directives work fine if I set them for a whole directory. It is only when I configure them to a directory index that they do not work. This is how I know my .htpasswd and such are fine. I am using Apache 2.2 on Windows. On another note, I found this listed as a bug in Apache 1.3. This leads me to believe that this is actually a configuration problem on my end.

    Read the article

  • backup and restoration of a freeipa infrastructure

    - by Sirex
    I'm finding the documentation on ipa server backup and restoration sadly lacking, and being so centrally critical it's not something i'm really happy about shooting in the dark with - could some kind soul more knowledable in the matter please attempt to provide an idiot-proof guide to backing up and restoring of IPA server(s) ? Particularly the main server (the cert signing one). ...We're looking towards rolling out ipa in a two server setup (1 master, 1 replica). I'm using dns srv records to handle failover, hence a loss of the replica isn't a big deal as i could make a new one and force a resync to happen - it's losing the master that bothered me. The thing that i'm really struggling with is locating a step-by-step procedure for backing up and restoring the master server. I'm aware that whole-VM snapshot is the recommended way of doing IPA server backup, but that isn't an option at this time for us. I'm also aware that freeipa 3.2.0 includes some sort of backup command build in, but that isn't in the ipa version of centos, and i don't expect it will be for some time yet. I've been trying many different methods, but none of them seem to restore cleanly, amongst others, i've tried; a command similar to db2ldif.pl -D "cn=directory manager" -w - -n userroot -a /root/userroot.ldif the script from here to produce three ldif files -- one for the domain ({domain}-userroot), and two for the ipa server (ipa-ipaca and ipa-userroot): Most of the restores i've tried have been similar to the form of: ldif2db.pl -D "cn=directory manager" -w - -n userroot -i userroot.ldif which seems to work and reports no errors, but totally borks the ipa install on the machine and i can no longer login with either the admin password on the backed up server, or the one i set it to on installation before attempting the ldif2db command (i'm installing ipa-server and running ipa-server-install, then attempting the restore). I'm not overly bothered about losing the CA, having to rejoin the domain, losing replication etc etc (although it'd be awesome if that could be avoided) but in the instance of the main server dropping i'd really like to avoid having to re-enter all the user/group information. I guess in the instance of losing the main server i could promote the other one and replicate in the other direction, but i've not tried that, either. Has anyone done that ? tl;dr: Can someone provide an idiots guide to backing up and restoring an IPA server (preferably on CentOS 6) in a clear enough way that'd make me feel confident it'll actually work when the dreaded time comes ? Crayons are optional, but appreciated ;-) I can't be the only person struggling with this, seeing how widely used IPA is, surely ?

    Read the article

  • LDAP over SSL/TLS working for everything but login on Ubuntu

    - by Oliver Nelson
    I have gotten OpenLDAP with SSL working on a test box with a signed certificate. I can use an LDAP tool on a Windows box to view the LDAP over SSL (port 636). But when I run dpkg-reconfigure ldap-auth-config to setup my local login to use ldaps, my login under a username in the directory doesn't work. If I change the config to use just plain ldap (port 389) it works just fine (I can login under a username in the directory). When its setup for ldaps I get Auth.log shows: Sep 5 13:48:27 boromir sshd[13453]: pam_ldap: ldap_simple_bind Can't contact LDAP server Sep 5 13:48:27 boromir sshd[13453]: pam_ldap: reconnecting to LDAP server... Sep 5 13:48:27 boromir sshd[13453]: pam_ldap: ldap_simple_bind Can't contact LDAP server I will provide whatever are needed. I'm not sure what else to include. Thanx for any insights... OLIVER

    Read the article

  • How to create a Linux user without a password but being able to set it?

    - by Leonid Shevtsov
    I have a username and an SSH key for a (hypothetical) guy and I need to give him admin access to a Linux (Ubuntu) server. I want him to be able to log in via SSH and then set his password by himself over a secure connection, instead of passing the password around. I know how to make the password expire and force him to reset it on first login. But this doesn't work unless he has some password already, which I then have to tell him. I thought about making the password blank - SSH wouldn't allow login, but then anyone can su into the user. My question is, is there some best practice to creating accounts in such a way? Or setting a default password is unavoidable?

    Read the article

  • Using GitOAuthPlugin for Jenkins - not working as expected

    - by Blundell
    I need some clarity and maybe a fix. I'm using this plugin to authorise who views our Jenkins ci server: https://wiki.jenkins-ci.org/display/JENKINS/Github+OAuth+Plugin As I understand it anyone who is auth'd to view one of our github project's can also login to our Jenkins box. This works I thought it would also allow the person logging in to only view the Project that they have GitHub permission on. For instance. Three projects on GitHub (A,B,C). Three builds on Jenkins. User 1 has Git access to all 3 projects (A B C). User 2 has Git access to only 1 project (A). When logging into Jenkins: User 1 can see all 3 projects ( this works ) User 2 can only see project A The problem is User 2 can also see all 3 projects when they should only see 1! Have I got this correct, and if so is this a bug? I have the settings set in Jenkins configuration Github Authorization Settings. Here we have some admin users. One organization. And none out of the 4 checkboxes ticked. (User 2, is not an admin, is not part of the org). The plugin is open sourced here: https://github.com/mocleiri/github-oauth-plugin I was trying to get Jenkins to print me the Logs from the plugin but I also failed at viewing these (to see if there was an issue). I followed these instructions: https://wiki.jenkins-ci.org/display/JENKINS/Logging It's the same concept as outlined below but using GitHub rather than manually selecting users: https://wiki.jenkins-ci.org/display/JENKINS/2012/01/03/Allow+access+to+specific+projects+for+Users%28Assigning+security+for+projects+in+Jenkins%29 Have I got this right or wrong? Is it possible to auth a Jenkins user to only see one project?

    Read the article

  • Directory listing through FTPS (TLS) is not working

    - by Aron Rotteveel
    We recently switched our server to require TLS for every connection. This is working flawlessly so far, but one of our clients is having problems. Some facts: Server uses Pure-FTPD Server has a passive port range configured Server has no firewall limitations regarding the FTP Client uses WS FTP Client is behind a router Client connects to the same IP as every other, using PASSIVE mode All other clients have no trouble connecting Because of the TLS requirement, connecting using ACTIVE mode is almost not possible, but PASSIVE is working fine for everyone except this specific client. It seems that he is able to connect, but once a LIST command is performed, things go wrong. Log: Finding Host <clienthost> ... Connecting to <serverip:21> Connected to <serverip:21> in 0.020000 seconds, Waiting for Server Response Initializing SSL Session ... 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- 220-You are user number 5 of 50 allowed. 220-Local time is now 22:14. Server port: 21. 220-This is a private system - No anonymous login 220-IPv6 connections are also welcome on this server. 220 You will be disconnected after 15 minutes of inactivity. AUTH TLS 234 AUTH TLS OK. SSL session NOT set for reuse SSL Session Started. Host type (1): Automatic Detect USER <user> 331 User <user> OK. Password required PASS (hidden) 230-User <user> has group access to: <user> 230 OK. Current restricted directory is / SYST 215 UNIX Type: L8 Host type (2): Unix (Standard) PBSZ 0 200 PBSZ=0 PROT P 200 Data protection level set to "private" PWD 257 "/" is your current location CWD /public_html 250 OK. Current directory is /public_html PWD257 "/public_html" is your current location TYPE A 200 TYPE is now ASCII PASV 227 Entering Passive Mode (<serverip>,132,100) connecting data channel to <serverip>:132,100(33892) Substituting connection address <serverip> for private address <serverip> from PASV Using external address <customer ext. ip> instead of local address <customer int. ip> for PORT command PORT 82,161,56,225,195,181 200 PORT command successful LIST Error reading response from server. It appears that the connection is dead. Attempting reconnect... Any help is appreciated.

    Read the article

  • Ubuntu 12.04 - Pound Reverse Proxy and Adobe Flex/Flash Auth

    - by James
    First time posting, I have a completely fresh install of ubuntu 12.04 Client as a reverse proxy gateway to our internal network. Our setup is we have one external ip but three domains we would like to point to various webservers on our internal network. It's not so much a load balancing issue or cacheing etc. Merely routing some Client browsers to a port 80 webpage (to adhere to some stricter corporate policies regarding placing port numbers after domain names). I have gone with pound and everything seems to be working fine. Static pages load etc. Everything is good with the exception of a Flash/Flex based WebClient for a Digital Asset Management program. The actual static page loads fine, it is just at the moment of entering credentials, be they correct or incorrect, and hitting login, there is no response whatsoever. Either a rejection or confirmation etc. So the request back to the internal server can't be getting through. I have googled extensively and there might be a solution in a crossdomain.xml file? Documentation isn't very clear. And we are not the authors of the DAM app, and have no control over the code on the Flash/Flex side. Questions: Is there a particular config file/solution for pound that allows Flash/Flex auth information to be forwarded? Is there another reverse proxy program (nginx?)that allows this type of config? Am I looking at this the entire wrong way, should Flash/Flex fundamentally not be allowed to have this access?

    Read the article

  • Lock down Wiki access to password only but remain open to a subnet via .htaccess

    - by Treffynnon
    Basically we have a Wiki that has some sensitive information stored in it - not the best I know but my predecessor set it up. I want to be able to request password access from any one who is not on the local network subnet. Those on the local subnet should be able to proceed without entering a password. The following .htaccess does not seem to work any more as it is letting non-local access without requiring the password: AuthName "Our Wiki" AuthType Basic AuthUserFile /path/to/passwd/file AuthGroupFile /dev/null Require valid-user Allow from 192.168 Satisfy Any order deny,allow And I cannot work out why. The WikkaWiki it is supposed to be protecting was recently upgraded, which clobbered the .htaccess file so I restored the above from memory/googling. Maybe I am missing an important directive? The full .htaccess is as follows: AuthName "Our Wiki" AuthType Basic AuthUserFile /path/to/passwd/file AuthGroupFile /dev/null Require valid-user Allow from 192.168 Satisfy Any SetEnvIfNoCase Referer ".*($LIST_OF_ADULT_WORDS).*" BadReferrer order deny,allow deny from env=BadReferrer <IfModule mod_rewrite.c> # turn on rewrite engine RewriteEngine on RewriteBase / # if request is a directory, make sure it ends with a slash RewriteCond %{REQUEST_FILENAME} -d RewriteRule ^(.*/[^/]+)$ $1/ # if not rewritten before, AND requested file is wikka.php # turn request into a query for a default (unspecified) page RewriteCond %{QUERY_STRING} !wakka= RewriteCond %{REQUEST_FILENAME} wikka.php RewriteRule ^(.*)$ wikka.php?wakka= [QSA,L] # if not rewritten before, AND requested file is a page name # turn request into a query for that page name for wikka.php RewriteCond %{QUERY_STRING} !wakka= RewriteRule ^(.*)$ wikka.php?wakka=$1 [QSA,L] </IfModule>

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 55 56 57 58 59 60 61 62 63 64 65 66  | Next Page >