Search Results

Search found 54190 results on 2168 pages for 'http authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 59/2168 | < Previous Page | 55 56 57 58 59 60 61 62 63 64 65 66  | Next Page >

  • rhn_register through HTTP Proxy with Authentication

    - by kjloh
    Is there any limitation to the proxy authentication support of rhn_register? The proxy of the network I'm on sends the follow 407: HTTP/1.1 407 Proxy Authentication Required ( The ISA Server requires authorization to fulfill the request. Access to the Web Proxy filter is denied. ) Via: 1.1 VANESSA Proxy-Authenticate: Negotiate Proxy-Authenticate: Kerberos Proxy-Authenticate: NTLM It seems that rhn_register is not able to any of the authentication schemes above. Any advise?

    Read the article

  • Httpd and LDAP Authentication not working for sub-pages

    - by DavisTasar
    I just recently installed a Nagios implementation, and I'm trying to get LDAP authentication working for httpd on Red Hat. (nagios.conf for Apache config below, sanitized of course) ScriptAlias /nagios/cgi-bin "/usr/local/nagios/sbin" <Directory "/usr/local/nagios/sbin"> #SSLRequireSSL Options ExecCGI AllowOverride none AuthType Basic AuthName "LDAP Authentication" AuthLDAPURL "ldap://my.domain.controller:389/OU=Users,DC=my,DC=domain,DC=controller?sAMAccountName?sub?(objectClass=user)" NONE AuthzLDAPAuthoritative off AuthLDAPBindDN "CN=NagiosAdmin,DC=my,DC=domain,DC=controller" AuthLDAPBindPassword "myPassword" require valid-user </Directory> Alias /nagios "/usr/local/nagios/share" <Directory /usr/local/nagios/share> #SSLRequireSSL Options None AllowOverride none AuthBasicProvider ldap AuthType Basic AuthName "LDAP Authentication" AuthzLDAPAuthoritative off AuthLDAPURL "ldap://my.domain.controller:389/OU=Users,DC=my,DC=domain,DC=controller?sAMAccountName?sub?(objectClass=user)" NONE AuthLDAPBindDN "CN=NagiosAdmin,DC=my,DC=domain,DC=controller" AuthLDAPBindPassword "myPassword" require valid-user </Directory> Now, the initial authentication works, so when you first hit the page you can log in just fine. However, when you go anywhere else, it prompts you for authentication, fails (asking for a re-prompt), and gives this error message: [Mon Oct 21 14:46:23 2013] [error] [client 172.28.9.30] access to /nagios/cgi-bin/statusmap.cgi failed, reason: verification of user id '<myuseraccount>' not configured, referer: http://<nagiosserver>/nagios/side.php I'm almost certain its a simple flag or option, but I just can't find it, and I don't have a lot of experience working with Apache. Any assistance or help would be greatly appreciated.

    Read the article

  • How do I get Ubuntu One on Win7 to authenticate my login?

    - by Fred jones
    I just got a new computer running Windows 7 home premium, I used to have Ubuntu One working great on my Ubuntu desktop, but now, running win7, I know my login email address and password is correct, but it still says 'Authentication failed'. Googling the problem, looks like it may be because a device was removed from my list of devices, but the only device listed is my previous Ubuntu workstation, and nothing has been removed. I also checked the windows firewall and Ubuntu One is allowed on all interfaces on incoming and outgoing, and still authentication fails. Web login to my Ubuntu One account works fine.

    Read the article

  • How do I capture and playback http web requests against multiple web servers?

    - by KevM
    My overall goal is to not interrupt a production system while capturing HTTP Posts to a web application so that I can reverse engineer the telemetry coming from a closed application. I have control over the transmitter of the HTTP Posts but not the receiving web application. It seems like I need a request "forking" proxy. Sort of a reverse proxy that pushes the request to 2 endpoints, a master and slave, only relaying the response from the master endpoint back to the requester. I am not a server geek so something like this may exist but I don't know the term of art for what I am looking for. Another possibility could be a simple logging proxy. Capture a log of the web requests. Rewrite the log to target my "slave" web application. Playback the log with curl or something. Thank you for your assistance.

    Read the article

  • Serving WordPress menu links in only HTTPS or HTTP depending on how it's accessed

    - by Gelatin
    I have a WordPress site which uses WordPress HTTPS to enable SSL when users access it via that protocol. However, currently the menu links point back to the HTTP version. I want users to be linked to HTTPS pages while accessing the site over HTTPS, but not when accessing it over HTTP. Is this possible? Note: I have tried changing the menu options to use // and / for the links, but in both cases they are just rendered as HTTP links.

    Read the article

  • Unable to sync custom authentication with RIA services in SL3 + RIA implementation

    - by Nair
    I am developing SL3 + RIA services with custom authentication. I followed the example in http://code.msdn.microsoft.com/RiaServices/Release/ProjectReleases.aspx?ReleaseId=2661 to implement custom authentication. Based on the implementation, you first do login request from client to service. This request is async process. Noe the client GUI will start to bind data to SL controls using RIA services, which requires the authentication to be successful (by adding [RequireAuthentication] attribute). The trouble is, since you requested login from the main process, while it is doing authentication, the page control takes over and starts to bind data using RIA services. But the problem is authentication is not completed yet thus which ever the first service method data binding hits will fail with 'Access denied'. Bottom line is GUI is will not wait for authentication to be completed to start the data binding. My question is how do you handle this situation? Thanks,

    Read the article

  • Opinions on Dual-Salt authentication for low sensitivity user accounts?

    - by Heleon
    EDIT - Might be useful for someone in the future... Looking around the bcrypt class in php a little more, I think I understand what's going on, and why bcrypt is secure. In essence, I create a random blowfish salt, which contains the number of crypt rounds to perform during the encryption step, which is then hashed using the crypt() function in php. There is no need for me to store the salt I used in the database, because it's not directly needed to decrypt, and the only way to gain a password match to an email address (without knowing the salt values or number of rounds) would be to brute force plain text passwords against the hash stored in the database using the crypt() function to verify, which, if you've got a strong password, would just be more effort than it's worth for the user information i'm storing... I am currently working on a web project requiring user accounts. The application is CodeIgniter on the server side, so I am using Ion Auth as the authentication library. I have written an authentication system before, where I used 2 salts to secure the passwords. One was a server-wide salt which sat as an environment variable in the .htaccess file, and the other was a randomly generated salt which was created at user signup. This was the method I used in that authentication system for hashing the password: $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; //create a random string to be used as the random salt for the password hash $size = strlen($chars); for($i = 0; $i < 22; $i++) { $str .= $chars[rand(0, $size - 1)]; } //create the random salt to be used for the crypt $r_blowfish_salt = "$2a$12$" . $str . "$"; //grab the website salt $salt = getenv('WEBSITE_SALT'); //combine the website salt, and the password $password_to_hash = $pwd . $salt; //crypt the password string using blowfish $password = crypt($password_to_hash, $r_blowfish_salt); I have no idea whether this has holes in it or not, but regardless, I moved over to Ion Auth for a more complete set of functions to use with CI. I noticed that Ion only uses a single salt as part of its hashing mechanism (although does recommend that encryption_key is set in order to secure the database session.) The information that will be stored in my database is things like name, email address, location by country, some notes (which will be recommended that they do not contain sensitive information), and a link to a Facebook, Twitter or Flickr account. Based on this, i'm not convinced it's necessary for me to have an SSL connection on the secure pages of my site. My question is, is there a particular reason why only 1 salt is being used as part as the Ion Auth library? Is it implied that I write my own additional salting in front of the functionality it provides, or am I missing something? Furthermore, is it even worth using 2 salts, or once an attacker has the random salt and the hashed password, are all bets off anyway? (I assume not, but worth checking if i'm worrying about nothing...)

    Read the article

  • RESTful issue with data access when using HTTP DELETE method ...

    - by Wilhelm Murdoch
    I'm having an issue accessing raw request information from PHP when accessing a script using the HTTP DELETE directive. I'm using a JS front end which is accessing a script using Ajax. This script is actually part of a RESTful API which I am developing. The endpoint in this example is: http://api.site.com/session This endpoint is used to generate an authentication token which can be used for subsequent API requests. Using the GET method on this URL along with a modified version of HTTP Basic Authentication will provide an access token for the client. This token must then be included in all other interactions with the service until it expires. Once a token is generated, it is passed back to the client in a format specified by an 'Accept' header which the client sends the service; in this case 'application/json'. Upon success it responds with an HTTP 200 Ok status code. Upon failure, it throws an exception using the HTTP 401 Authorization Required code. Now, when you want to delete a session, or 'log out', you hit the same URL, but with the HTTP DELETE directive. To verify access to this endpoint, the client must prove they were previously authenticated by providing the token they want to terminate. If they are 'logged in', the token and session are terminated and the service should respond with the HTTP 204 No Content status code, otherwise, they are greeted with the 401 exception again. Now, the problem I'm having is with removing sessions. With the DELETE directive, using Ajax, I can't seem to access any parameters I've set once the request hits the service. In this case, I'm looking for the parameter entitled 'token'. I look at the raw request headers using Firebug and I notice the 'Content-Length' header changes with the size of the token being sent. This is telling me that this data is indeed being sent to the server. The question is, using PHP, how the hell to I access parameter information? It's not a POST or GET request, so I can't access it as you normally would in PHP. The parameters are within the content portion of the request. I've tried looking in $_SERVER, but that shows me limited amount of headers. I tried 'apache_request_headers()', which gives me more detailed information, but still, only for headers. I even tried 'file_get_contents('php://stdin');' and I get nothing. How can I access the content portion of a raw HTTP request? Sorry for the lengthy post, but I figured too much information is better than too little. :)

    Read the article

  • wget hangs in http request sent awaiting response in some sites

    - by gkr
    Using Ubuntu 12.04. wget hangs in http request sent, awaiting response... in some sites. Browser's are not opening sites that are failed in wget. But in WinXP everything works. This works gkr@gkr-desktop:~/Documents/curl$ wget google.com --2012-06-12 21:29:37-- http://google.com/ Resolving google.com (google.com)... 74.125.236.174, 74.125.236.160, 74.125.236.161, ... Connecting to google.com (google.com)|74.125.236.174|:80... connected. HTTP request sent, awaiting response... 301 Moved Permanently Location: http://www.google.com/ [following] --2012-06-12 21:29:38-- http://www.google.com/ Resolving www.google.com (www.google.com)... 74.125.236.179, 74.125.236.180, 74.125.236.176, ... Connecting to www.google.com (www.google.com)|74.125.236.179|:80... connected. HTTP request sent, awaiting response... 302 Found Location: http://www.google.co.in/ [following] --2012-06-12 21:29:38-- http://www.google.co.in/ Resolving www.google.co.in (www.google.co.in)... 74.125.236.184, 74.125.236.191, 74.125.236.183, ... Connecting to www.google.co.in (www.google.co.in)|74.125.236.184|:80... connected. HTTP request sent, awaiting response... 200 OK Length: unspecified [text/html] Saving to: `index.html.3' [ ] 13,383 --.-K/s in 0.04s 2012-06-12 21:29:39 (308 KB/s) - `index.html.3' saved [13383] gkr@gkr-desktop:~/Documents/curl$ This site just stops/hangs in awaiting response. gkr@gkr-desktop:~/Documents/curl$ wget grooveshark.com --2012-06-12 21:27:29-- http://grooveshark.com/ Resolving grooveshark.com (grooveshark.com)... 8.20.213.76 Connecting to grooveshark.com (grooveshark.com)|8.20.213.76|:80... connected. HTTP request sent, awaiting response... ^C gkr@gkr-desktop:~/Documents/curl$ Thanks

    Read the article

  • HTTP Basic authentication using Authlogic or authenticate_or_request_with_http_basic for API call?

    - by Gaius Parx
    I have a Rails 2.3.x app that implements the act_as_authentic in User model and a UserSession model as per Authlogic Github example. I am implementing an API to allow access from iPhone. Will be using HTTP Basic authentication via https (will not implement single access token). Each API call requires a username/password for the access. I am able to access the API by calling http://username:password@localhost:3000/books.xml for example. Authlogic will not persist if using the single access token. But I am using HTTP Basic which I think Authlogic will create session for the API calls, which is not used for my API methods. So for each API call I made, new session object is created. Thus appear to me that this would load up the server resource pretty quickly. Sounds like a bad idea. The alternative is to use the Rails authenticate_or_request_with_http_basic for API controllers. Example adding a before_filter: def require_http_auth_user authenticate_or_request_with_http_basic do |username, password| if @current_user = User.find_by_email(username) @current_user.valid_password?(password) else false end end end This will bypass the Authlogic UserSession and just use the User model. But this will involve using separate authentication codes in the app. Anyone has any comments and can share their experience? Thanks

    Read the article

  • Windows "forms" authentication - <deny users="?"> redirecting to foreign page!

    - by Erik5388
    Like the title states - I have a web.config file that looks like, <?xml version="1.0" encoding="UTF-8"?> <configuration> <system.web> <compilation debug="true" targetFramework="4.0" /> <authentication mode="Forms"> <forms name="login" protection="All" timeout="30" loginUrl="login" defaultUrl="~/"> <credentials passwordFormat="Clear"> <user name="admin" password="password" /> </credentials> </forms> </authentication> <authorization> <deny users="?" /> </authorization> </system.web> </configuration> I want to do exactly what it says it should do... I want to deny all users who try to enter the site. It works however, it redirects to a "Account/Login?ReturnUrl=%2flogin" url I have never heard of... Is there a place I can change this?

    Read the article

  • Token based Authentication for WCF HTTP/REST Services: The Client

    - by Your DisplayName here!
    If you wondered how a client would have to look like to work with the authentication framework, it is pretty straightfoward: Request a token Put that token on the authorization header (along with a registered scheme) and make the service call e.g.: var oauth2 = new OAuth2Client(_oauth2Address); var swt = oauth2.RequestAccessToken( "username", "password", _baseAddress.AbsoluteUri);   var client = new HttpClient { BaseAddress = _baseAddress }; client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", swt); var response = client.Get("identity"); response.EnsureSuccessStatusCode(); HTH

    Read the article

  • Authentication issue with CUPS 5.3.1 on SMB Printer

    - by Julius
    I am trying to print to a samba printer via CUPS. I have configured the printer allright, but there seems to be a problem with authentication. The error message I get is Session setup failed: NT_STATUS_LOGON_FAILURE The GUI also tells me: Idle - Tree connect failed (NT_STATUS_ACCESS_DENIED) It used to work with previous versions of CUPS (1.4.3 and 1.4.6) under Ubuntu 11.04 I am doing this on a clean install of Ubuntu 12.04, CUPS version 1.5.3. I have tried changing some rights relating to apparmor, with no success as described here: http://www.compdigitec.com/labs/2010/01/16/fixing-usrlibcupsbackendsmb-failed-error-in-ubuntu/ I have been working with Ubuntu for years - but this is the kind of problem I need help with.

    Read the article

  • cannot use sudo on ubuntu server passwordless authentication?

    - by Lucas Crijns
    Hello I'm new at the forum and I want to introduce myself: I'm Lucas Crijns and I'm a very happy user of ubuntu server. I was reading about passwordless authentication with ssh. So I made a key and published it to ubuntu server, it worked well and I could login with my private key. But then I locked the account to prevent hacking from my password. After I ran "passwd -l lucas", I was not longer able by my next login to use sudo. Because it was asking for a password and I locked it. I was thinking that sudo would also be without a password. My question is now: is it possible to use sudo? And how can I enable it without a valid password for sudo? Thank you for your help!

    Read the article

  • Unwanted authentication request window at login after upgrade to Ubuntu 13.10

    - by UBod
    I recently upgraded to Ubuntu 13.10 (64bit) on my Dell Laptop. Since then, at each login, a dialog window entitled "Authentication request ... Please enter the password for account "[email protected]"." appears (I would rather post a screenshot if I could, but I am not entitled to do that because I do not have the necessary 10 reputation credits). I neither have any idea why my password (I checked it a hundred times) does not work ("Password was incorrect") nor why this dialog is displayed at all. As said, I never saw it before 13.10. I looked around in different forums and it seems (please correct me if I am wrong) that it stems from evolution server. I also deleted ~/.config/evolution/ entirely - without any effect. Further note that I am not using evolution at all and I would rather like to get rid of it completely, but I do not dare to remove evolution-server. Any ideas? Thanks in advance, Ulrich

    Read the article

  • Forcing Nautilus to use Kerberos (Active Directory) authentication

    - by user14146
    Is there a way to get Nautilus or any other file manager that runs on Ubuntu 11.04 to use Kerberos for authentication? I'm using Likewise Open to join machines to the domain, and I can't type in passwords for every user on every computer that needs to mount a network share. I've been able to get Kerberos working with the command line smbclient, but oddly Kerberos does not seem to be Nautilus-integrated. I also checked the SSH config file, and it looks like you can enable GSSAPIAuthentication, but it only works for Kerberos v2, not the current version, which I think is v5.

    Read the article

  • Web api authentication techniques

    - by Steve
    We have a asp.net MVC web service framework for serving out xml/json for peoples Get requests but are struggling to figure out the best way (fast, easy, trivial for users coding with javascript or OO languages) to authenticate users. It's not that our data is sensitive or anything, we just want users to register so we can have their email address to notify them of changes and track usage. In our previous attempt we had the username in the URI and would just make sure that username existed and increment db tables with usage. This was super basic but we'd notice people using demo as a username etc so we need it to be a little more sophisticated. What authentication techniques are available? What do the major players use/do.

    Read the article

  • Configure Oracle Identity Manager AD/LDAP Authentication

    - by Arda Eralp
    Requirements (on AD side) LDAP connection user with the necessary rights in AD to do subtree searches on your users and groups container, respectively in the scope we configure below For LDAP in OIM to work, you need an AD Group called "oimusers", in which all users who shall be able to login to OIM need to be member. The group need to be named exactly "oimusers". Step 1: Login Weblogic Administration Console  Step 2: Create New Provider Authentication Provider Name: ADAuthenticationProvider Type: ActiveDirectoryAuthenticator Control Flag: SUFFICIENT   User scope configuration User Base DN: Container where your users are found Rest of the parameters stay default   Group scope configuration Group Base DN: Container where your groups are found Your "oimusers" group must be found in this container or in the subtree Rest of the parameters stay default  Step 3: Restart Admin Server Step 4: Check oimusers group Step 5: Re order providers Step 6: Restart Admin Server

    Read the article

  • Empathy authentication error to XMPP server

    - by Shauna
    I recently installed Ubuntu 12.04 on a new machine and have been working on setting it up, but I've run into an interesting problem. I have a custom XMPP server for work (I don't control it, but we're using an in-house install). I can connect to it just fine via Pidgin, but due to some UI issues I'm having with Pidgin (and what appears to be better overall integration between Empathy and Ubuntu/Unity), I'd like to use Empathy instead. However, Empathy won't connect to my XMPP server, and I keep getting an authentication error and repeatedly prompted for my password. This happens even when importing the working account information from Pidgin (so I know things like the password are correct). Is there a way I can get Empathy working with my XMPP server?

    Read the article

  • Security for LDAP authentication for Collabnet

    - by Robert May
    In a previous post, I wrote about how to get LDAP authentication working in Collabnet. By default, all LDAP users are put into the Users role on the server.  For most purposes, this is just fine, and I don’t have a way to change this.  The documentation gives hints that you can add them to other roles, but for now, I don’t have the need. However, adding permissions to different repositories is a different question. To add them, go to the repositories list, select Access Rules and then you can enter in their username, as it sits in Active Directory to the lists for the repositories or for the predefined groups that you have created.  To my knowledge, you cannot use the Active Directory groups in collabnet, which is a big problem.  Needing to micromanage users really limits the usefulness of the LDAP integration. Technorati Tags: subversion,collabnet

    Read the article

  • Address Book Authentication

    - by Gus E
    I just upgraded to Ubuntu 14.04.1 and run Gnome Shell. I am consistently getting a pop up window prompting me for my Gmail address book authentication. The window pops up the moment I type something into gnome shell after hitting the super key. I'm assuming that Ubuntu wants to search my address book for people to include in the search. I have opened up the settings and deleted my account from the online accounts section and rebooted, nothing seems to stop the popup. Where is it getting my email address from? Most importantly, how to I stop this super annoying popup from appearing?

    Read the article

  • 407 Proxy Authentication Required

    - by user38507
    When I try to install a software using Ubuntu Software center I get: Failed to download repository information Check Your Internet connection When I try to do a apt get-install something, I get: 407 Proxy Authentication Required I use a proxy server that requires a user-name and a password. I have set my systems proxy manually, by plugging in the required numbers in the Networks proxy and applied it system wide. I guess the problem now is plugging in my user-name and password. When I use INTERNET via Mozilla, it specifically asks me for my user-name and password.

    Read the article

  • Authentication error when trying to upgrade from 11.10 to 12.04

    - by mahmuodmasri
    I wrote : ~$ do-release-upgrade and the system says: Checking for a new ubuntu release Get:1 Upgrade tool signature [198 B] Get:2 Upgrade tool [1551 kB] Fetched 1551 kB in 6s (167 kB/s) extracting 'precise.tar.gz' authenticate 'precise.tar.gz' against 'precise.tar.gz.gpg' exception from gpg: GnuPG exited non-zero, with code 2 Debug information: gpg: Signature made Thu 11 Oct 2012 07:47:10 AM EET using DSA key ID 437D05B5 gpg: can't open `/etc/apt/trusted.gpg' gpg: keydb_search failed: file open error gpg: Can't check signature: public key not found Authentication failed Authenticating the upgrade failed. There may be a problem with the network or with the server. Please help me!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 55 56 57 58 59 60 61 62 63 64 65 66  | Next Page >