Search Results

Search found 15558 results on 623 pages for 'basic authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 59/623 | < Previous Page | 55 56 57 58 59 60 61 62 63 64 65 66  | Next Page >

  • Tomcat SPNEGO authentication against Active Directory not working.

    - by Michael
    I'm trying to authenticate against AD using the http://spnego.sourceforge.net component with tomcat. I've created my SPN's "setspn.exe -A HTTP/servername SVCTomcat" & "setspn.exe -A HTTP/servername.fqdn.net SVCTomcat" I've created my krb5.conf & login.conf file and setup the filter in the web.xml ie. <filter-name>SpnegoHttpFilter</filter-name> <filter-class>net.sourceforge.spnego.SpnegoHttpFilter</filter-class> <param-name>spnego.allow.unsecure.basic</param-name> <param-value>false</param-value> <param-name>spnego.login.client.module</param-name> <param-value>spnego-client</param-value> <param-name>spnego.krb5.conf</param-name> <param-value>krb5.conf</param-value> <param-name>spnego.login.conf</param-name> <param-value>login.conf</param-value> <param-name>spnego.preauth.username</param-name> <param-value>SVCTomcat</param-value> <param-name>spnego.preauth.password</param-name> <param-value>Pasword</param-value> <param-name>spnego.login.server.module</param-name> <param-value>spnego-server</param-value> <param-name>spnego.prompt.ntlm</param-name> <param-value>false</param-value> <param-name>spnego.logger.level</param-name> <param-value>2</param-value> Note i've stripped extraneous tags from this, so it's not the actual XML. When i go to a page protected by this filter i get this in the catalina logfile. 25-Mar-2010 12:41:26 org.apache.catalina.startup.Catalina start INFO: Server startup in 4615 ms 25-Mar-2010 12:41:47 net.sourceforge.spnego.SpnegoHttpFilter doFilter FINE: principal=SYSTEM@TESTDOMAIN And in the hello_spnego.jsp example on the website it just reports the name of the user tomcat is running as (SYSTEM), not the user i'm connecting with. It seems the author stopped halfway through his debugging page, so i've no areas to look in other than to triple check my config. Any ideas?

    Read the article

  • setting up a basic mod_proxy virtual host

    - by SevenProxies
    I'm trying to set up a basic virtual host to proxy all requests to test.local to a WEBrick server I have running on 127.0.0.1:8080 while keeping all requests to localhost going to my static files in /var/www. I'm running Ubuntu 10.04. I have libapache2-mod-proxy-html installed and I have the module enabled with a2enmod proxy. I also have my virtual host enabled. However, whenever I go to test.local I always get a cryptic 500 server error and all my logs are telling me is: [Thu Mar 03 01:43:10 2011] [warn] proxy: No protocol handler was valid for the URL /. If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule. Here's my virtual host: <VirtualHost test.local:80> LoadModule proxy_module /usr/lib/apache2/modules/mod_proxy.so ServerAdmin webmaster@localhost ServerName test.local ProxyPreserveHost On # prevents this folder from being proxied ProxyPass /static ! DocumentRoot /var/www <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /var/www/> Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory> <Proxy *> Order allow,deny Allow from all </Proxy> ProxyPass / http://localhost:8080/ ProxyPassReverse / http://localhost:8080/ ErrorLog /var/log/apache2/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog /var/log/apache2/access.log combined and here's my settings for mod_proxy: <IfModule mod_proxy.c> #turning ProxyRequests on and allowing proxying from all may allow #spammers to use your proxy to send email. ProxyRequests Off <Proxy *> # default settings #AddDefaultCharset off #Order deny,allow #Deny from all ##Allow from .example.com AddDefaultCharset off Order allow,deny Allow from all </Proxy> # Enable/disable the handling of HTTP/1.1 "Via:" headers. # ("Full" adds the server version; "Block" removes all outgoing Via: headers) # Set to one of: Off | On | Full | Block ProxyVia On </IfModule> Does anybody know what I'm doing wrong? Thanks

    Read the article

  • mercurial hgwebdir error with basicauth in apache2

    - by Dio
    Hello, I'm having kind of a strange error that I'm trying to track down. I was trying to setup mercurial on my home server this weekend. I seem to have it running up to the point where I'm trying to get repositories published correctly. I'm running Ubuntu 10.04 LTS Mercurial Distributed SCM (version 1.4.3) I followed the hgwebdir guide: http://mercurial.selenic.com/wiki/HgWebDirStepByStep and everything seems to work great, I can pull and push my local repositories. Then I tried to add basic auth changing ScriptAliasMatch ^/hg(.*) /var/hg/hgwebdir.cgi$1 <Directory "/var/hg"> Options ExecCGI FollowSymLinks AllowOverride None </Directory> to ScriptAliasMatch ^/hg(.*) /var/hg/hgwebdir.cgi$1 <Directory "/var/hg"> Options ExecCGI FollowSymLinks AllowOverride None AuthType Basic AuthName hgwebdir AuthUserFile /usr/local/etc/httpd/users Require valid-user </Directory> This works exactly as I'd expect it to when I navigate to the directory via my web browser, but when I hg push get a long section repeating of File "/usr/lib/python2.6/urllib2.py", line 369, in _call_chain result = func(*args) File "/usr/lib/python2.6/urllib2.py", line 855, in http_error_401 url, req, headers) File "/usr/lib/python2.6/urllib2.py", line 833, in http_error_auth_reqed return self.retry_http_basic_auth(host, req, realm) File "/usr/lib/python2.6/urllib2.py", line 843, in retry_http_basic_auth return self.parent.open(req, timeout=req.timeout) followed by File "/usr/lib/pymodules/python2.6/mercurial/keepalive.py", line 249, in do_open self._start_transaction(h, req) File "/usr/lib/pymodules/python2.6/mercurial/url.py", line 419, in _start_transaction return keepalive.HTTPHandler._start_transaction(self, h, req) File "/usr/lib/pymodules/python2.6/mercurial/keepalive.py", line 342, in _start_transaction h.endheaders() File "/usr/lib/python2.6/httplib.py", line 904, in endheaders self._send_output() File "/usr/lib/python2.6/httplib.py", line 776, in _send_output self.send(msg) File "/usr/lib/pymodules/python2.6/mercurial/url.py", line 247, in _sendfile connection.send(self, data) File "/usr/lib/pymodules/python2.6/mercurial/keepalive.py", line 519, in safesend self.connect() File "/usr/lib/pymodules/python2.6/mercurial/url.py", line 273, in connect keepalive.HTTPConnection.connect(self) RuntimeError: maximum recursion depth exceeded while calling a Python object I'm a bit at a loss on this one. I'm really not sure why adding the authorization seems to work fine via my web browser but throw these errors from hg. Any help would be greatly appreciated.

    Read the article

  • Lock down Wiki access to password only but remain open to a subnet via .htaccess

    - by Treffynnon
    Basically we have a Wiki that has some sensitive information stored in it - not the best I know but my predecessor set it up. I want to be able to request password access from any one who is not on the local network subnet. Those on the local subnet should be able to proceed without entering a password. The following .htaccess does not seem to work any more as it is letting non-local access without requiring the password: AuthName "Our Wiki" AuthType Basic AuthUserFile /path/to/passwd/file AuthGroupFile /dev/null Require valid-user Allow from 192.168 Satisfy Any order deny,allow And I cannot work out why. The WikkaWiki it is supposed to be protecting was recently upgraded, which clobbered the .htaccess file so I restored the above from memory/googling. Maybe I am missing an important directive? The full .htaccess is as follows: AuthName "Our Wiki" AuthType Basic AuthUserFile /path/to/passwd/file AuthGroupFile /dev/null Require valid-user Allow from 192.168 Satisfy Any SetEnvIfNoCase Referer ".*($LIST_OF_ADULT_WORDS).*" BadReferrer order deny,allow deny from env=BadReferrer <IfModule mod_rewrite.c> # turn on rewrite engine RewriteEngine on RewriteBase / # if request is a directory, make sure it ends with a slash RewriteCond %{REQUEST_FILENAME} -d RewriteRule ^(.*/[^/]+)$ $1/ # if not rewritten before, AND requested file is wikka.php # turn request into a query for a default (unspecified) page RewriteCond %{QUERY_STRING} !wakka= RewriteCond %{REQUEST_FILENAME} wikka.php RewriteRule ^(.*)$ wikka.php?wakka= [QSA,L] # if not rewritten before, AND requested file is a page name # turn request into a query for that page name for wikka.php RewriteCond %{QUERY_STRING} !wakka= RewriteRule ^(.*)$ wikka.php?wakka=$1 [QSA,L] </IfModule>

    Read the article

  • Apache: redirect to https before AUTH for server-status

    - by Putnik
    I want to force https and basic auth for server-status output (mod_status). If I enable auth and user asks for http://site/server-status apache first asks for pass, then redirects to httpS, then asks for pass again. This question is similar to Apache - Redirect to https before AUTH and force https with apache before .htpasswd but I cannot get it work because we are speaking not about generic folder but Location structure. My config (shortly) is as follows: <Location /server-status> SSLRequireSSL <IfModule mod_rewrite.c> RewriteEngine on RewriteBase /server-status RewriteCond %{HTTPS} off RewriteCond %{SERVER_PORT} 80 RewriteRule ^ - [E=nossl] RewriteRule (.*) https://site/server-status} [R=301,L] </IfModule> SetHandler server-status Order deny,allow Deny from all Allow from localhost ip6-localhost Allow from 1.2.3.0/24 Allow from env=nossl AuthUserFile /etc/httpd/status-htpasswd AuthName "Password protected" AuthType Basic Require valid-user Satisfy any </Location> I assume Allow from env=nossl should allow everyone with RewriteCond %{HTTPS} off and server port 80, then force it to redirect but it does not work. Please note, I do not want force to SSL the whole site but /server-status only. If it matters the server has several sites. What am I doing wrong? Thank you.

    Read the article

  • How can I prevent Apache from asking for credentials on non SSL site

    - by Scott
    I have a web server with several virtual hosts. Some of those hosts have an associated ssl site. I have a DirectoryMatch directive in my main config file which requires basic authentication to any directory with secured as part of the directory path. On sites that have an SSL site, I have a rewrite rule (located in the non ssl config for that site), that redirects to the SSL site, same uri. The problem is the http (80) site asks for credentials first, and then the https (443) site asks for credentials again. I would like to prevent the http site from asking and thus avoid the potential for someone entering credentials and having them sent in clear text. I know I could move the DirectoryMatch down to the specific site, and just put the auth statement in the SSL config, but that would introduce the possibility of forgetting to protect critical directories when creating new sites. Here are the pertinent declarations: httpd.conf (all sites): <DirectoryMatch "_secured_"> AuthType Basic AuthName "+ + + Restrcted Area on Server + + +" AuthUserFile /home/websvr/.auth/std.auth Require valid-user </DirectoryMatch> site.conf (specific to individual site) <DirectoryMatch "_secured_"> RewriteEngine On RewriteRule .*(_secured_.*) https://site.com/$1 </DirectoryMatch> Is there a way to leave DirectoryMatch in the main config file and prevent the request for authorization from the http site? Running Apache 2 on Ubuntu 10.04 server from the default package. I have AllowOverride set to none - I prefer to handle things in the config files instead of .htaccess.

    Read the article

  • .htaccess issue on Apache Web Server in Ubuntu VM

    - by Neon Flash
    I just installed Apache Web Server on Ubuntu 11.04 in VMWare Workstation. I created a basic HTML page, named it index.html and placed it in /var/www directory (document root). I am able to access this web page from my Host OS (Windows 7), by pointing the browser to: http://192.168.2.2/index.html where, 192.168.2.2 is the IP Address of the Ubuntu VM. Next, to test various configurations of .htaccess files, I created a new directory in /var/www called, members. Inside this directory, I created and placed a .htaccess file with the following configuration: AuthUserFile /www/Neon/auth/.htpasswd AuthName "neon's home" AuthType Basic require valid-user IndexIgnore */* I created a directory path like /var/www/Neon/auth/ and then placed a .htpasswd file inside it. To place the username and hash inside the .htpasswd file: I created a username "neon" and calculated the DES hash of a password and placed it inside .htpasswd file in format: username:hash Now, when I try to access the web page: http://192.168.2.2/members/ It does not prompt me to enter the username and password with a popup box. Instead it just displays the index.html which is placed inside members directory. I would like to get this configuration working :)

    Read the article

  • Make a Perl-style regex interpreter behave like a basic or extended regex interpreter

    - by Barry Brown
    I am writing a tool to help students learn regular expressions. I will probably be writing it in Java. The idea is this: the student types in a regular expression and the tool shows which parts of a text will get matched by the regex. Simple enough. But I want to support several different regex "flavors" such as: Basic regular expressions (think: grep) Extended regular expressions (think: egrep) A subset of Perl regular expressions, including the character classes \w, \s, etc. Sed-style regular expressions Java has the java.util.Regex class, but it supports only Perl-style regular expressions, which is a superset of the basic and extended REs. What I think I need is a way to take any given regular expression and escape the meta-characters that aren't part of a given flavor. Then I could give it to the Regex object and it would behave as if it was written for the selected RE interpreter. For example, given the following regex: ^\w+[0-9]{5}-(\d{4})?$ As a basic regular expression, it would be interpreted as: ^\\w\+[0-9]\{5\}-\(\\d\{4\}\)\?$ As an extended regular expression, it would be: ^\\w+[0-9]{5}-(\\d{4})?$ And as a Perl-style regex, it would be the same as the original expression. Is there a "regular expression for regular expressions" than I could run through a regex search-and-replace to quote the non-meta characters? What else could I do? Are there alternative Java classes I could use?

    Read the article

  • Parsing basic math equations for children's educational software?

    - by Simucal
    Inspired by a recent TED talk, I want to write a small piece of educational software. The researcher created little miniature computers in the shape of blocks called "Siftables". [David Merril, inventor - with Siftables in the background.] There were many applications he used the blocks in but my favorite was when each block was a number or basic operation symbol. You could then re-arrange the blocks of numbers or operation symbols in a line, and it would display an answer on another siftable block. So, I've decided I wanted to implemented a software version of "Math Siftables" on a limited scale as my final project for a CS course I'm taking. What is the generally accepted way for parsing and interpreting a string of math expressions, and if they are valid, perform the operation? Is this a case where I should implement a full parser/lexer? I would imagine interpreting basic math expressions would be a semi-common problem in computer science so I'm looking for the right way to approach this. For example, if my Math Siftable blocks where arranged like: [1] [+] [2] This would be a valid sequence and I would perform the necessary operation to arrive at "3". However, if the child were to drag several operation blocks together such as: [2] [\] [\] [5] It would obviously be invalid. Ultimately, I want to be able to parse and interpret any number of chains of operations with the blocks that the user can drag together. Can anyone explain to me or point me to resources for parsing basic math expressions? I'd prefer as much of a language agnostic answer as possible.

    Read the article

  • Rails 2.x provide meaningful error message with http basic authentication

    - by randombits
    I'm using basic http authentication in my rails app via the following code: class ApplicationController < ActionController::Base helper :all # include all helpers, all the time before_filter :authenticate private def authenticate authenticate_or_request_with_http_basic do |username, password| if username.nil? || password.nil? render :inline => %(xml.instruct! :xml, :version => "1.0", :encoding => "UTF-8" xml.errors do xml.error('Could not authenticate you.') end), :type => :builder, :status => 401 end end end end The problem is, if you do a curl http://127.0.0.1:3000/foo/1.xml without providing the -u username:password flag, you get a dead beat response like this: HTTP/1.1 401 Unauthorized Cache-Control: no-cache WWW-Authenticate: Basic realm="Foo" X-Runtime: 1 Content-Type: text/html; charset=utf-8 Content-Length: 27 Server: WEBrick/1.3.1 (Ruby/1.9.1/2010-01-10) Date: Thu, 03 Jun 2010 03:09:18 GMT Connection: Keep-Alive HTTP Basic: Access denied. Is it possible at all to render the inline XML I have above in the event a username and password is not provided by the user?

    Read the article

  • CC.NET Dashboard Error: Could not load type 'System.Security.Authentication.ExtendedProtection.Chann

    - by Leslie
    Late last week I upgraded CC.NET locally and on the build server. The build server is still fine, but locally I am now getting the following error: Exception Details: Exortech.NetReflector.NetReflectorTypeLoadException: Unable to load types from assembly System.ServiceModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089: Failed to load 1 of the 3612 types defined in the assembly. Exceptions: - Unable to load type: System.Security.Authentication.ExtendedProtection.ChannelBinding Exception: System.TypeLoadException: Could not load type 'System.Security.Authentication.ExtendedProtection.ChannelBinding' from assembly 'System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'. I'm afraid this started after a batch of Windows updates this morning. I had another two updates that won't run, 979909 and 982168 (I had an update that wouldn't run last month). Anyone else having any issues? Thanks!

    Read the article

  • Problem during RIA authentication

    - by VexXtreme
    Hi I've built an authentication service in RIA that inherits from DomainService and IAuthenticate. The problem is following: When LoginOperation fails (loginOperation.LoginSuccess is false) due to wrong credentials, everything is ok and it is reported to the user. However, when login succeeds, I get throw a really weird exception: {System.ServiceModel.DomainServices.Client.DomainOperationException: Load operation failed for query 'Login'. Value cannot be null. Parameter name: validationErrors --- System.ArgumentNullException: Value cannot be null. Parameter name: validationErrors at System.ServiceModel.DomainServices.Client.QueryCompletedResult..ctor(IEnumerable1 entities, IEnumerable1 includedEntities, Int32 totalCount, IEnumerable`1 validationErrors) I don't really understand this. What is IEnumerable validationErrors, where does it appear and why does it have to be != null ? This started happening after I ported my authentication services from Nhibernate to Entity Framework. I've even tried googling this exception and apparently I'm the only one with this problem so far. Any help would be greatly appreciated.

    Read the article

  • Alternatives to native LDAP

    - by Matt
    We've implemented an LDAP to NIS solution and have begun transitioning some systems to native LDAP binding for authentication and automount maps. Unfortunately we have a very mixed environment with more than 20 *nix environments. The setup for each variant is of course unique and has required various workarounds to get full functionality. We're now at the point where we're willing to revisit the solution and possibly migrate toward something like Likewise (http://www.likewise.org), but would like to know what others are using to solve this problem.

    Read the article

  • Twitter Oauth Strategy with Warden + Devise Authentication Gems for Ruby

    - by Michael Waxman
    Devise, the authentication gem for Ruby based on Warden (another auth gem) does not support Twitter Oauth as an authentication strategy, BUT Warden does. There is a way to use the Warden Twitter Oauth strategy within Devise, but I cannot figure it out. I'm using the following block in the devise config file: config.warden do |manager| manager.oauth(:twitter) do |twitter| twitter.consumer_secret = <SECRET> twitter.consumer_key = <KEY> twitter.options :site => 'http://twitter.com' end manager.default_strategies.unshift :twitter_oauth end But I keep on getting all sorts of error messages. Does anyone know how to make this work? I'm assuming there is more to do here (configuring a new link/route to talk to Warden, maybe adding attributes to the Devise User model, etc.), but I can't figure out what they are. Please help.

    Read the article

  • IUSR vs. Application Pool credentials

    - by jlew
    I have a IIS7/ASP.NET application running with the following configuration: Anonymous authentication (IUSR). Application Pool running as a domain account If IUSR is denied the "logon locally", then it appears that ASPX pages will still render their HTML, but static content such as images will not be delivered. I'm wondering what the technical reason is for this? If IUSR is "broken", why will a request to an ASPX page be passed down the pipeline and executed, but IIS will refuse to serve an image in the same directory?

    Read the article

  • Thin, Sinatra, and intercepting static file request to do CAS authentication

    - by Kenny Peng
    I'm using the casrack-the-authenticator gem for CAS authentication. My server is running Thin on top of Sinatra. I've gotten the CAS authentication bit working, but I'm not sure how to tell Rack to intercept "/index.html" requests to confirm the CAS login, and if the user is not allowed to view the page, return a HTTP 403 response instead of serving the actual page. Does anyone have experience with this? Thanks. My app: class Foo < Sinatra::Base enable :sessions set :public, "public" use CasrackTheAuthenticator::Simple, :cas_server => "https://my.cas_server.com" use CasrackTheAuthenticator::RequireCAS end My rackup file: require 'foo' use Rack::CommonLogger use Rack::Lint run Foo

    Read the article

  • J2SE Proxy Authentication

    - by Alan
    We use 2 SIMILAR Microsoft ISA Proxy Server 2003 to connect to internet. Each Proxy has different Login style, as below : Server-1 : nt-domain\alan Server-2 : [email protected] Logon in IE, Firefox and my Phonecell via Wifi all are fine. But, a problem appears when we run a java application J2SE Ver 4, 5 and 6, where it needs internet authentication. Logon to Server-2 is OK, but FAIL for Server-2 (style : [email protected]). Note : Both proxy seen using Windows authentication, type : negotiate NTLM Appreceate if you can help or for any suggest. Thank you, Alan L

    Read the article

  • Can I see the SMTP session log when Mail.app connects to an SMPT server?

    - by Charles Stewart
    Problem: I've set up a mail server using SASL authentication, and have given Mail.app (on Mac Os 10.4) the login information it needs to connect. I wrote a test message for it to deliver to my server: the Activity window shows that it tries to deliver the message, but then it simply stops, with no indication of error, except that the test message is left in the Outbox. How can I find out what went wrong? Is there some log file I don't know about?

    Read the article

  • Rails web app authenticated with windows

    - by deostroll
    Is it possible for a rails web application to make use of the windows authentication features in its code. I am looking at being able to obtain the user's login name and domain in the application. But there is a catch. This particular web application runs off an apache web server hosted on a linux machine which is kind of networked to other windows machines. Is all of this possible?

    Read the article

  • Django openid authentication with google

    - by Zayatzz
    Hello I am looking into authenticating via google. I dont understand how it works:http://code.google.com/apis/accounts/docs/OpenID.html#Samples If i do that 2nd request by entering the data as one url with params into browser i get back XML file. Should i not get back sample response nr3? Can somebody explain this to me? The problem is, that im trying to sort through some third party app that uses google openid authentication and its not recieving authenticated users e-mail back, like in sample response 3. Alan PS i have read through similar questions and their responses and gone through pages like: http://stackoverflow.com/questions/353880/how-does-openid-authentication-works http://www.windley.com/archives/2006/04/how_does_openid.shtml http://tinisles.blogspot.com/2008/02/how-does-openid-work.html http://openid.net/pres/protocolflow-1.1.png etc..

    Read the article

  • How to authenticate WCF calls using forms authentication and secutity

    - by Fixer
    I'm planning a set up for a distributed application that spans serveral machines and will use WCF to send data in between. Machine A Front end website http://www.site.com Password protected site using Forms Authentication Machine B WCF Application Service http://service1.site.com/DoSomething.svc Machine C WCF Application Service http://service2.site.com/DoSomething.svc The WCF services on Machine B and Machine C should check that the request from Machine A has been authenticated. How can i check that the request is authenticated across the different machines? I only care that the request is authenticated and not concerned about securing the message body (because we are not sending any sensitive data across the wire), so SSL is not required. What authentication methods can i use for the above scenario?

    Read the article

  • Restlets with Google App Engine, Java Server Pages, (JSP's), and Shiro authentication

    - by DutrowLLC
    I'm having difficulty integrating Restlets into my project. I'm using google app engine (GAE) and I also have some java server pages (JSPs) set up. The JSP's never seem to work at the same time as the Restlets, should I only be using one or the other in GAE? I'm also using Shiro (formerly Ki, formerly JSecurity) and I have been unable to get Restlets to work with Shiro's filter for authentication. Are there any issues in particular that I should be aware of? What are other people using to secure restlet apps on GAE? Is Shiro overkill if I just need authentication and some role-based authorization? Thanks so much! Chris

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 55 56 57 58 59 60 61 62 63 64 65 66  | Next Page >