Search Results

Search found 414 results on 17 pages for '401'.

Page 7/17 | < Previous Page | 3 4 5 6 7 8 9 10 11 12 13 14  | Next Page >

  • .htaccess template, suggestions needed

    - by purpler
    # Defaults AddDefaultCharset UTF-8 DefaultLanguage en-US FileETag None Header unset ETag ServerSignature Off SetEnv TZ Europe/Belgrade # Rewrites Options +FollowSymLinks RewriteEngine On RewriteBase / # Redirect to WWW RewriteCond %{HTTP_HOST} ^serpentineseo.com RewriteRule (.*) http://www.serpentineseo.com/$1 [R=301,L] # Redirect index to root RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /.*index\.html\ HTTP/ RewriteRule ^(.*)index\.html$ /$1 [R=301,L] # Cache media files: ExpiresActive On ExpiresDefault A0 # Month <filesMatch "\.(gif|jpg|jpeg|png|ico|swf|js)$"> Header set Cache-Control "max-age=2592000, public" </filesMatch> # Week <FilesMatch "\.(css|pdf)$"> Header set Cache-Control "max-age=604800" </FilesMatch> # 10 Min <FilesMatch "\.(html|htm|txt)$"> Header set Cache-Control "max-age=600" </FilesMatch> # Do not cache <FilesMatch "\.(pl|php|cgi|spl|scgi|fcgi)$"> Header unset Cache-Control </FilesMatch> # Compress output <IfModule mod_deflate.c> <FilesMatch "\.(html|js|css)$"> SetOutputFilter DEFLATE </FilesMatch> </IfModule> # Error Documents ErrorDocument 206 /error/206.html ErrorDocument 401 /error/401.html ErrorDocument 403 /error/403.html ErrorDocument 404 /error/404.html ErrorDocument 500 /error/500.html # Prevent hotlinking RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http://(www\.)?serpentineseo.com/.*$ [NC] RewriteRule \.(gif|jpg|png)$ http://www.serpentineseo.com/images/angryman.png [R,L] # Prevent offline browsers RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR] RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:[email protected] [OR] RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR] RewriteCond %{HTTP_USER_AGENT} ^Custo [OR] RewriteCond %{HTTP_USER_AGENT} ^DISCo [OR] RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [OR] RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR] RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR] RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR] RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR] RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [OR] RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR] RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR] RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR] RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR] RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [OR] RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR] RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR] RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR] RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR] RewriteCond %{HTTP_USER_AGENT} ^HMView [OR] RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [OR] RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [OR] RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR] RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [OR] RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR] RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [OR] RewriteCond %{HTTP_USER_AGENT} ^larbin [OR] RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR] RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [OR] RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [OR] RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [OR] RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR] RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR] RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR] RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR] RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [OR] RewriteCond %{HTTP_USER_AGENT} ^NetZIP [OR] RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR] RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [OR] RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [OR] RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR] RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [OR] RewriteCond %{HTTP_USER_AGENT} ^pavuk [OR] RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR] RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR] RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR] RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR] RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR] RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR] RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR] RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR] RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR] RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [OR] RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR] RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [OR] RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [OR] RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR] RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR] RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR] RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [OR] RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [OR] RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR] RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR] RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [OR] RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [OR] RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR] RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR] RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR] RewriteCond %{HTTP_USER_AGENT} ^Wget [OR] RewriteCond %{HTTP_USER_AGENT} ^Widow [OR] RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [OR] RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR] RewriteCond %{HTTP_USER_AGENT} ^Zeus RewriteRule ^.*$ http://www.google.com [R,L] # Protect against DOS attacks by limiting file upload size LimitRequestBody 10240000 # Deny access to sensitive files <FilesMatch "\.(htaccess|psd|log)$"> Order Allow,Deny Deny from all </FilesMatch>

    Read the article

  • .htaccess template, suggestions needed

    - by purpler
    DefaultLanguage en-US FileETag None Header unset ETag ServerSignature Off SetEnv TZ Europe/Belgrade # Rewrites Options +FollowSymLinks RewriteEngine On RewriteBase / # Redirect to WWW RewriteCond %{HTTP_HOST} ^serpentineseo.com RewriteRule (.*) http://www.serpentineseo.com/$1 [R=301,L] # Redirect index to root RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /.*index\.html\ HTTP/ RewriteRule ^(.*)index\.html$ /$1 [R=301,L] # Cache media files: ExpiresActive On ExpiresDefault A0 # Month <filesMatch "\.(gif|jpg|jpeg|png|ico|swf|js)$"> Header set Cache-Control "max-age=2592000, public" </filesMatch> # Week <FilesMatch "\.(css|pdf)$"> Header set Cache-Control "max-age=604800" </FilesMatch> # 10 Min <FilesMatch "\.(html|htm|txt)$"> Header set Cache-Control "max-age=600" </FilesMatch> # Do not cache <FilesMatch "\.(pl|php|cgi|spl|scgi|fcgi)$"> Header unset Cache-Control </FilesMatch> # Compress output <IfModule mod_deflate.c> <FilesMatch "\.(html|js|css)$"> SetOutputFilter DEFLATE </FilesMatch> </IfModule> # Error Documents ErrorDocument 206 /error/206.html ErrorDocument 401 /error/401.html ErrorDocument 403 /error/403.html ErrorDocument 404 /error/404.html ErrorDocument 500 /error/500.html # Prevent hotlinking RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http://(www\.)?serpentineseo.com/.*$ [NC] RewriteRule \.(gif|jpg|png)$ http://www.serpentineseo.com/images/angryman.png [R,L] # Prevent offline browsers RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR] RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:[email protected] [OR] RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR] RewriteCond %{HTTP_USER_AGENT} ^Custo [OR] RewriteCond %{HTTP_USER_AGENT} ^DISCo [OR] RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [OR] RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR] RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR] RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR] RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR] RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [OR] RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR] RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR] RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR] RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR] RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [OR] RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR] RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR] RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR] RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR] RewriteCond %{HTTP_USER_AGENT} ^HMView [OR] RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [OR] RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [OR] RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR] RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [OR] RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR] RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [OR] RewriteCond %{HTTP_USER_AGENT} ^larbin [OR] RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR] RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [OR] RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [OR] RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [OR] RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR] RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR] RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR] RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR] RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [OR] RewriteCond %{HTTP_USER_AGENT} ^NetZIP [OR] RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR] RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [OR] RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [OR] RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR] RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [OR] RewriteCond %{HTTP_USER_AGENT} ^pavuk [OR] RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR] RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR] RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR] RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR] RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR] RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR] RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR] RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR] RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR] RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [OR] RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR] RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [OR] RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [OR] RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR] RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR] RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR] RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [OR] RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [OR] RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR] RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR] RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [OR] RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [OR] RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR] RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR] RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR] RewriteCond %{HTTP_USER_AGENT} ^Wget [OR] RewriteCond %{HTTP_USER_AGENT} ^Widow [OR] RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [OR] RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR] RewriteCond %{HTTP_USER_AGENT} ^Zeus RewriteRule ^.*$ http://www.google.com [R,L] # Protect against DOS attacks by limiting file upload size LimitRequestBody 10240000 # Deny access to sensitive files <FilesMatch "\.(htaccess|psd|log)$"> Order Allow,Deny Deny from all </FilesMatch>

    Read the article

  • Windows Server 2008 R2, IIS 7.5, Windows Authentication

    - by nick
    Ive a 7.5 IIS installed on my server with windows authentication enabled cause i need it for NTLM / SSO on intranet pages. when windows authentication is activated, iis cant authenticate himself on his own webserver.. thats the error i got in the iis log: 2011-11-24 08:47:10 10.50.2.91 POST /ldap.php - 80 - 10.50.2.91 SWIFT_LoginShare 401 2 5 0 so.. how can i make sure, using windows authentication, that iis authenticates himself? thx for your help

    Read the article

  • Creating a fallback error page for nginx when root directory does not exist

    - by Ruirize
    I have set up an any-domain config on my nginx server - to reduce the amount of work needed when I open a new site/domain. This config allows me to simply create a folder in /usr/share/nginx/sites/ with the name of the domain/subdomain and then it just works.™ server { # Catch all domains starting with only "www." and boot them to non "www." domain. listen 80; server_name ~^www\.(.*)$; return 301 $scheme://$1$request_uri; } server { # Catch all domains that do not start with "www." listen 80; server_name ~^(?!www\.).+; client_max_body_size 20M; # Send all requests to the appropriate host root /usr/share/nginx/sites/$host; index index.html index.htm index.php; location / { try_files $uri $uri/ =404; } recursive_error_pages on; error_page 400 /errorpages/error.php?e=400&u=$uri&h=$host&s=$scheme; error_page 401 /errorpages/error.php?e=401&u=$uri&h=$host&s=$scheme; error_page 403 /errorpages/error.php?e=403&u=$uri&h=$host&s=$scheme; error_page 404 /errorpages/error.php?e=404&u=$uri&h=$host&s=$scheme; error_page 418 /errorpages/error.php?e=418&u=$uri&h=$host&s=$scheme; error_page 500 /errorpages/error.php?e=500&u=$uri&h=$host&s=$scheme; error_page 501 /errorpages/error.php?e=501&u=$uri&h=$host&s=$scheme; error_page 503 /errorpages/error.php?e=503&u=$uri&h=$host&s=$scheme; error_page 504 /errorpages/error.php?e=504&u=$uri&h=$host&s=$scheme; location ~ \.(php|html) { include /etc/nginx/fastcgi_params; fastcgi_pass 127.0.0.1:9000; fastcgi_intercept_errors on; } } However there is one issue that I'd like to resolve, and that is when a domain that doesn't have a folder in the sites directory, nginx throws an internal 500 error page because it cannot redirect to /errorpages/error.php as it doesn't exist. How can I create a fallback error page that will catch these failed requests?

    Read the article

  • Apache - Only allow certain domains access to a Restful service

    - by user18910
    For certain Restful URIs I want to block certain domains from executing the requests. How can i do this with Apache? Is it possible For example: www.nottrusted.com calls my Restful Api Apache identifies the request is coming from a non-authorized site Apache blocks the caller and returns a 401 Is this possible? Is it easy for someone one spoof the domain? If a request comes from server side code of nottrusted.com will Apache catch the request? Thanks

    Read the article

  • Symfony/Doctrine/SfGuardPlugin: Redirect to requested page (route), and not referrer

    - by Prasad
    I want to be able to take the user to the requested page after login, but this does not happen with sfGuard. ** My Register action requires SignIn ;) ** On the listing page [http://cim/frontend_dev.php/] - user clicks the 'Register' link [@register = register/index] - user is taken to 'Signin' page provided by sfGuard - after sign-in, user is taken back to the Listing page (instead of Register) This is quite annoying! But logical, because the referrer is the listing page. How can I change logic to make @register the referrer? Pl help. thanks public function executeSignin($request) { $user = $this->getUser(); $this->logMessage('Signin>>> form - isAuth() '.$user->isAuthenticated(), 'info'); if ($user->isAuthenticated()) { $this->getUser()->setAttribute('tenant', $this->getUser()->getGuardUser()->sfuser->Tenant->getID()); return $this->redirect($user->getReferer($request->getReferer())); } $class = sfConfig::get('app_sf_guard_plugin_signin_form', 'sfGuardFormSignin'); $this->form = new $class(); $referer = $user->getReferer($request->getReferer()); $this->logMessage('Signin>>> referer: '.$referer, 'info'); $this->logMessage('Signin>>> referer: '.$request->getReferer(), 'info'); if ($request->isMethod('post')) { $this->form->bind($request->getParameter('signin')); if ($this->form->isValid()) { $values = $this->form->getValues(); $this->getUser()->signin($values['user'], array_key_exists('remember', $values) ? $values['remember'] : false); $this->getUser()->setAttribute('tenant', $this->getUser()->getGuardUser()->sfuser->Tenant->getID()); $this->logMessage('Signin>>> sfUrl | @homepage: '.sfConfig::get('app_sf_guard_plugin_success_signin_url','@homepage'), 'info'); return $this->redirect("" != $referer ? $referer : sfConfig::get('app_sf_guard_plugin_success_signin_url','@homepage')); } } else { if ($request->isXmlHttpRequest()) { $this->getResponse()->setHeaderOnly(true); $this->getResponse()->setStatusCode(401); return sfView::NONE; } // if we have been forwarded, then the referer is the current URL // if not, this is the referer of the current request $user->setReferer($this->getContext()->getActionStack()->getSize() > 1 ? $request->getUri() : $request->getReferer()); $this->logMessage('Signin>>> oldy: '.$request->getUri(), 'info'); $this->logMessage('Signin>>> oldy: '.$request->getReferer(), 'info'); $module = sfConfig::get('sf_login_module'); if ($this->getModuleName() != $module) { return $this->redirect($module.'/'.sfConfig::get('sf_login_action')); } $this->getResponse()->setStatusCode(401); } } Trace: May 27 10:10:14 symfony [info] {sfPatternRouting} Connect sfRoute "sf_guard_signin" (/login) May 27 10:10:14 symfony [info] {sfPatternRouting} Connect sfRoute "sf_guard_signout" (/logout) May 27 10:10:14 symfony [info] {sfPatternRouting} Connect sfRoute "sf_guard_password" (/request_password) May 27 10:10:14 symfony [info] {sfPatternRouting} Match route "register" (/register) for /register with parameters array ( 'module' => 'register', 'action' => 'index',) May 27 10:10:14 symfony [info] {sfFilterChain} Executing filter "sfGuardRememberMeFilter" May 27 10:10:14 symfony [info] {sfFilterChain} Executing filter "sfRenderingFilter" May 27 10:10:14 symfony [info] {sfFilterChain} Executing filter "sfExecutionFilter" May 27 10:10:14 symfony [info] {registerActions} Call "registerActions->executeIndex()" May 27 10:10:14 symfony [info] {sfFrontWebController} Redirect to "http://cim/frontend_dev.php/login" May 27 10:10:14 symfony [info] {sfWebResponse} Send status "HTTP/1.1 302 Found" May 27 10:10:14 symfony [info] {sfWebResponse} Send header "Location: http://cim/frontend_dev.php/login" May 27 10:10:14 symfony [info] {sfWebResponse} Send header "Content-Type: text/html; charset=utf-8" May 27 10:10:14 symfony [info] {sfWebDebugLogger} Configuration 13.39 ms (9) May 27 10:10:14 symfony [info] {sfWebDebugLogger} Factories 50.02 ms (1) May 27 10:10:14 symfony [info] {sfWebDebugLogger} Action "register/index" 1.94 ms (1) May 27 10:10:14 symfony [info] {sfWebResponse} Send content (104 o) May 27 10:10:16 symfony [info] {sfPatternRouting} Connect sfRoute "sf_guard_signin" (/login) May 27 10:10:16 symfony [info] {sfPatternRouting} Connect sfRoute "sf_guard_signout" (/logout) May 27 10:10:16 symfony [info] {sfPatternRouting} Connect sfRoute "sf_guard_password" (/request_password) May 27 10:10:16 symfony [info] {sfPatternRouting} Match route "sf_guard_signin" (/login) for /login with parameters array ( 'module' => 'sfGuardAuth', 'action' => 'signin',) May 27 10:10:16 symfony [info] {sfFilterChain} Executing filter "sfGuardRememberMeFilter" May 27 10:10:16 symfony [info] {sfFilterChain} Executing filter "sfRenderingFilter" May 27 10:10:16 symfony [info] {sfFilterChain} Executing filter "sfExecutionFilter" May 27 10:10:16 symfony [info] {sfGuardAuthActions} Call "sfGuardAuthActions->executeSignin()" May 27 10:10:16 symfony [info] {sfGuardAuthActions} Signin>>> form - isAuth() May 27 10:10:16 symfony [info] {sfGuardAuthActions} Signin>>> referer: http://cim/frontend_dev.php/ May 27 10:10:16 symfony [info] {sfGuardAuthActions} Signin>>> referer: http://cim/frontend_dev.php/ May 27 10:10:16 symfony [info] {sfGuardAuthActions} Signin>>> oldy: http://cim/frontend_dev.php/login May 27 10:10:16 symfony [info] {sfGuardAuthActions} Signin>>> oldy: http://cim/frontend_dev.php/ May 27 10:10:16 symfony [info] {sfPHPView} Render "D:/projects/cim/plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/templates/signinSuccess.php" May 27 10:10:16 symfony [info] {sfPHPView} Decorate content with "D:\projects\cim\apps\frontend\templates/layout.php" May 27 10:10:16 symfony [info] {sfPHPView} Render "D:\projects\cim\apps\frontend\templates/layout.php" May 27 10:10:16 symfony [info] {main} Get slot "title" May 27 10:10:16 symfony [info] {sfWebResponse} Send status "HTTP/1.1 401 Unauthorized" May 27 10:10:16 symfony [info] {sfWebResponse} Send header "Content-Type: text/html; charset=utf-8" May 27 10:10:16 symfony [info] {sfWebDebugLogger} Configuration 16.06 ms (10) May 27 10:10:16 symfony [info] {sfWebDebugLogger} Factories 50.00 ms (1) May 27 10:10:16 symfony [info] {sfWebDebugLogger} Action "sfGuardAuth/signin" 14.53 ms (1) May 27 10:10:16 symfony [info] {sfWebDebugLogger} View "Success" for "sfGuardAuth/signin" 34.44 ms (1) May 27 10:10:16 symfony [info] {sfWebResponse} Send content (38057 o)

    Read the article

  • Welcome to www.badapi.net, a REST API with badly-behaved endpoints

    - by Elton Stoneman
    Originally posted on: http://geekswithblogs.net/EltonStoneman/archive/2014/08/14/welcome-to-www.badapi.net-a-rest-api-with-badly-behaved-endpoints.aspxI've had a need in a few projects for a REST API that doesn't behave well - takes a long time to respond, or never responds, returns unexpected status codes etc.That can be very useful for testing that clients cope gracefully with unexpected responses.Till now I've always coded a stub API in the project and run it locally, but I've put a few 'misbehaved' endpoints together and published them at www.badapi.net, and the source is on GitHub here: sixeyed/badapi.net.You can browse to the home page and see the available endpoints. I'll be adding more as I think of them, and I may give the styling of the help pages a bit more thought...As of today's release, the misbehaving endpoints available to you are:GET longrunning?between={between}&and={and} - Waits for a (short) random period before returningGET verylongrunning?between={between}&and={and} -Waits for a (long) random period before returningGET internalservererror    - Returns 500: Internal Server ErrorGET badrequest - Returns 400: BadRequestGET notfound - Returns 404: Not FoundGET unauthorized - Returns 401: UnauthorizedGET forbidden - Returns 403: ForbiddenGET conflict -Returns 409: ConflictGET status/{code}?reason={reason} - Returns the provided status code Go bad.

    Read the article

  • At Collaborate 10 Next Week

    - by shay.shmeltzer
    I'm going to be at the Collaborate 10 conference next week doing a couple of sessions and hanging out in the JDeveloper booth at the demoground. My sessions are on Monday morning back to back: Developing Cutting Edge Web UI for Enterprise Applications - The Easy Way Monday, April 19 10:45 am - 11:45 am 401 The Fusion Development Experience Monday, April 19 12:00 pm - 12:30 pm 404 The first session will also be available for those watching the conference over the Web. If you want to see how Fusion applications are being built, and how you can use the same approach to do custom development for your applications, or create rich UIs for your applications then these would be good sessions to see. I'll also be doing shifts in the demo ground in a JDeveloper/ADF booth - so if you have any questions, complaints, or suggestions - or if you just want to understand what is this thing good for - come on over and we'll talk.

    Read the article

  • Mixing Forms and Token Authentication in a single ASP.NET Application (the Details)

    - by Your DisplayName here!
    The scenario described in my last post works because of the design around HTTP modules in ASP.NET. Authentication related modules (like Forms authentication and WIF WS-Fed/Sessions) typically subscribe to three events in the pipeline – AuthenticateRequest/PostAuthenticateRequest for pre-processing and EndRequest for post-processing (like making redirects to a login page). In the pre-processing stage it is the modules’ job to determine the identity of the client based on incoming HTTP details (like a header, cookie, form post) and set HttpContext.User and Thread.CurrentPrincipal. The actual page (in the ExecuteHandler event) “sees” the identity that the last module has set. So in our case there are three modules in effect: FormsAuthenticationModule (AuthenticateRequest, EndRequest) WSFederationAuthenticationModule (AuthenticateRequest, PostAuthenticateRequest, EndRequest) SessionAuthenticationModule (AuthenticateRequest, PostAuthenticateRequest) So let’s have a look at the different scenario we have when mixing Forms auth and WS-Federation. Anoymous request to unprotected resource This is the easiest case. Since there is no WIF session cookie or a FormsAuth cookie, these modules do nothing. The WSFed module creates an anonymous ClaimsPrincipal and calls the registered ClaimsAuthenticationManager (if any) to transform it. The result (by default an anonymous ClaimsPrincipal) gets set. Anonymous request to FormsAuth protected resource This is the scenario where an anonymous user tries to access a FormsAuth protected resource for the first time. The principal is anonymous and before the page gets rendered, the Authorize attribute kicks in. The attribute determines that the user needs authentication and therefor sets a 401 status code and ends the request. Now execution jumps to the EndRequest event, where the FormsAuth module takes over. The module then converts the 401 to a redirect (302) to the forms login page. If authentication is successful, the login page sets the FormsAuth cookie.   FormsAuth authenticated request to a FormsAuth protected resource Now a FormsAuth cookie is present, which gets validated by the FormsAuth module. This cookie gets turned into a GenericPrincipal/FormsIdentity combination. The WS-Fed module turns the principal into a ClaimsPrincipal and calls the registered ClaimsAuthenticationManager. The outcome of that gets set on the context. Anonymous request to STS protected resource This time the anonymous user tries to access an STS protected resource (a controller decorated with the RequireTokenAuthentication attribute). The attribute determines that the user needs STS authentication by checking the authentication type on the current principal. If this is not Federation, the redirect to the STS will be made. After successful authentication at the STS, the STS posts the token back to the application (using WS-Federation syntax). Postback from STS authentication After the postback, the WS-Fed module finds the token response and validates the contained token. If successful, the token gets transformed by the ClaimsAuthenticationManager, and the outcome is a) stored in a session cookie, and b) set on the context. STS authenticated request to an STS protected resource This time the WIF Session authentication module kicks in because it can find the previously issued session cookie. The module re-hydrates the ClaimsPrincipal from the cookie and sets it.     FormsAuth and STS authenticated request to a protected resource This is kind of an odd case – e.g. the user first authenticated using Forms and after that using the STS. This time the FormsAuth module does its work, and then afterwards the session module stomps over the context with the session principal. In other words, the STS identity wins.   What about roles? A common way to set roles in ASP.NET is to use the role manager feature. There is a corresponding HTTP module for that (RoleManagerModule) that handles PostAuthenticateRequest. Does this collide with the above combinations? No it doesn’t! When the WS-Fed module turns existing principals into a ClaimsPrincipal (like it did with the FormsIdentity), it also checks for RolePrincipal (which is the principal type created by role manager), and turns the roles in role claims. Nice! But as you can see in the last scenario above, this might result in unnecessary work, so I would rather recommend consolidating all role work (and other claims transformations) into the ClaimsAuthenticationManager. In there you can check for the authentication type of the incoming principal and act accordingly. HTH

    Read the article

  • How to keep google rank and index for a page that changed its url? [closed]

    - by ProSoft
    Possible Duplicate: How to tell Google that I have changed my website URLs? Recently, I changed URL of my web page. Of course, I do it by URL rewriting. And now, I want to keep the rank of this page in Google and Bing. For example: Main address of the page: http://mywebsite.com/page1.php Virtual address by URL rewriting: http://mywebsite.com/page And new address is: http://mywebsite.com/newTitlePage Now, when I open this page by search in Google, I face to 401 error (not found). How should I do it?

    Read the article

  • Compile Liferay under os x 10.6

    - by wezzy
    Hi i'm trying to build Liferay from source, i've downloaded liferay-portal-src-5.2.3.zip but when i go in and press "ant start" i got 3 errors: SampleSQLBuilder.java:139: cannot find symbol _counter = new SimpleCounter(counterOffset); EditServerAction.java:401: cannot find symbol Log4JUtil.setLevel(loggerName, priority); EditUserPortraitAction.java:102: cannot find symbol PortletRequestUtil.testMultipartWithCommonsFileUpload I've tried switching compiler using build.properties but nothing seems to work. Can you help me ?

    Read the article

  • get information from cleartrip.com using api key in java

    - by zahir hussain
    i want to get information about hotels, flight and train from http://cleartrip.com. i have registered there and get api key... i put all information in program for getting hotel details... but i get 401 error... i use this link for getting api key and all information http://www.cleartrip.com/api/index.shtml#getting_started thanks and advance

    Read the article

  • How do you fix an SVN 409 Conflict Error

    - by NerdStarGamer
    I used to use SVN 1.4 on OS X Leopard and everything was fine. A couple of weeks ago I installed a fresh copy of OS X 10.6. The version of SVN that comes with Snow Leopard is 1.6.5. I went ahead and built my own copy with 1.6.6. I'm using the built in apache server and just hosting repositories locally. Everything appeared to work fine until I actually tried to commit something. Everytime I try to commit a change, I get the following message: Transmitting file data .svn: Commit failed (details follow): svn: MERGE of '/svn/svn2': 409 Conflict (http://localhost) This happens with my old repositories, so I created a couple of new ones. Same deal. I also tried using the 1.6.5 version that comes with the system...same. Finally, I tried upgrading to the latest stable SVN (1.6.9) and still got the same problem. The Apache error logs the following for each failed commit: [Mon Mar 29 19:53:10 2010] [error] [client ::1] Could not MERGE resource "/svn/svn2/!svn/act/d399326f-c20f-424f-bb68-3bb40503b5b1" into "/svn/svn2". [409, #0] [Mon Mar 29 19:53:10 2010] [error] [client ::1] An error occurred while committing the transaction. [409, #2] [Mon Mar 29 19:53:10 2010] [error] [client ::1] Can't open directory '/usr/local/svn/svn2/db/transactions/5-6.txn/\xeb\xa9\x0f\x1f': No such file or directory [409, #2] [Mon Mar 29 19:53:11 2010] [error] [client ::1] Could not DELETE /svn/svn2/!svn/act/d399326f-c20f-424f-bb68-3bb40503b5b1. [500, #0] [Mon Mar 29 19:53:11 2010] [error] [client ::1] could not open transaction. [500, #2] [Mon Mar 29 19:53:11 2010] [error] [client ::1] Can't open file '/usr/local/svn/svn2/db/transactions/5-6.txn/props': No such file or directory [500, #2] And from the access log: ::1 - - [30/Mar/2010:13:02:20 -0400] "OPTIONS /svn/svn2 HTTP/1.1" 401 401 ::1 - user [30/Mar/2010:13:02:20 -0400] "OPTIONS /svn/svn2 HTTP/1.1" 200 188 ::1 - user [30/Mar/2010:13:02:20 -0400] "PROPFIND /svn/svn2 HTTP/1.1" 207 647 ::1 - user [30/Mar/2010:13:02:20 -0400] "PROPFIND /svn/svn2 HTTP/1.1" 207 647 ::1 - user [30/Mar/2010:13:02:20 -0400] "PROPFIND /svn/svn2/!svn/vcc/default HTTP/1.1" 207 398 ::1 - user [30/Mar/2010:13:02:20 -0400] "PROPFIND /svn/svn2/!svn/bln/6 HTTP/1.1" 207 449 ::1 - user [30/Mar/2010:13:02:20 -0400] "REPORT /svn/svn2/!svn/vcc/default HTTP/1.1" 200 1172 Curiously, the commit does actually commit the changes, but the working copy doesn't see that and everything gets screwy. I've tried to Google every variation I can think of for this problem, but the search results are pretty much useless. I'm not using TortoiseSVN or anything special and commits fail on a new repository, so I know it's not a problem with my old repos. Any help would be greatly appreciated.

    Read the article

  • JSON array deserialization is crashing the Dalvik VM

    - by Sam
    I have some code grabbing a JSON array from my server and initially storing it as a string. This all works fine until I try and deserialize it using google's gson fromJson method. LogCat spits out the error: 04-08 17:46:35.163: ERROR/dalvikvm(401): Can't shrink stack: curFrame is in reserved area (0x41049000 0x410491c4) My code that causes the error is: String[] results = gson.fromJson(returnString, String[].class); Can anyone shed some light on what I am doing wrong? Cheers, Sam

    Read the article

  • Twitter Oauth GMT / BST problem

    - by Andrei Serdeliuc
    I keep getting 401 when trying to login via Oauth with Twitter. I'm using twitter_oauth-0.3.3 with oauth-0.3.6 in rails It used to work perfectly some time ago, so after some digging, I realised it might have something to do with my timezone. In the headers of the Twitter response, one of them is: date: - Sun, 11 Apr 2010 16:53:34 GMT Even though the time is actually 17:53:34 BST I'm assuming the request is signed using BST time, and so it fails. Anyone had this problem / found a fix for it?

    Read the article

  • Can python mechanize handle HTTP auth?

    - by Shekhar
    Mechanize (Python) is failing with 401 for me to open http digest URLs. I googled and tried debugging but no success. My code looks like this. import mechanize project = "test" baseurl = "http://trac.somewhere.net" loginurl = "%s/%s/login" % (baseurl, project) b = mechanize.Browser() b.add_password(baseurl, "user", "secret", "some Realm") b.open(loginurl)

    Read the article

  • How to login to youtube from php?

    - by dan
    Hi, I want to use the youtube api to get the users new subscription videos with this api call: http://gdata.youtube.com/feeds/api/users/default/newsubscriptionvideos Without logging in I get this response: User authentication required. Error 401 How can I login to youtube from php?

    Read the article

  • Distinction between IO error and refusing to authenticate using HTTPService (ActionScript 3.0)

    - by Jonas
    I'm using HTTPService (tried with URLLoader but result is the same) to load XML file. Furthermore, XML file is secured with basic HTTP authentication. There are two kind of events I want to separate: IO Error User refuses to authenticate (pressing cancel on credential request dialog) The problem is that these two kind of events looks exactly the same (401 Status code is not presented). Is there any way to find out whether IO error occurred or authentication failed?

    Read the article

  • How to use msdeploy and target a specific site?

    - by Chris Marisic
    When using msdeploy and the msdeploy.axd handler any attempts to deploy to my remote server is met with a 401 not authorized error and the server logs IISWMSVC_AUTHORIZATION_SERVER_NOT_ALLOWED Only Windows Administrators are allowed to connect using a server connection. Other users should use the 'Connect To Site or Application' task to be able to connect. Process:WMSvc What is the correct way to target the axd for the site level?

    Read the article

  • RESTful issue with data access when using HTTP DELETE method ...

    - by Wilhelm Murdoch
    I'm having an issue accessing raw request information from PHP when accessing a script using the HTTP DELETE directive. I'm using a JS front end which is accessing a script using Ajax. This script is actually part of a RESTful API which I am developing. The endpoint in this example is: http://api.site.com/session This endpoint is used to generate an authentication token which can be used for subsequent API requests. Using the GET method on this URL along with a modified version of HTTP Basic Authentication will provide an access token for the client. This token must then be included in all other interactions with the service until it expires. Once a token is generated, it is passed back to the client in a format specified by an 'Accept' header which the client sends the service; in this case 'application/json'. Upon success it responds with an HTTP 200 Ok status code. Upon failure, it throws an exception using the HTTP 401 Authorization Required code. Now, when you want to delete a session, or 'log out', you hit the same URL, but with the HTTP DELETE directive. To verify access to this endpoint, the client must prove they were previously authenticated by providing the token they want to terminate. If they are 'logged in', the token and session are terminated and the service should respond with the HTTP 204 No Content status code, otherwise, they are greeted with the 401 exception again. Now, the problem I'm having is with removing sessions. With the DELETE directive, using Ajax, I can't seem to access any parameters I've set once the request hits the service. In this case, I'm looking for the parameter entitled 'token'. I look at the raw request headers using Firebug and I notice the 'Content-Length' header changes with the size of the token being sent. This is telling me that this data is indeed being sent to the server. The question is, using PHP, how the hell to I access parameter information? It's not a POST or GET request, so I can't access it as you normally would in PHP. The parameters are within the content portion of the request. I've tried looking in $_SERVER, but that shows me limited amount of headers. I tried 'apache_request_headers()', which gives me more detailed information, but still, only for headers. I even tried 'file_get_contents('php://stdin');' and I get nothing. How can I access the content portion of a raw HTTP request? Sorry for the lengthy post, but I figured too much information is better than too little. :)

    Read the article

  • send credentials with url, possible?

    - by Dejan.S
    Hi. I got a web service that I protect with basic authentication and use ssl. to make it easy for the clients that are gone use this web service I want to skip the 401 and send the credentials with the url (I would like so the customer can access the web service with url from their code / web app), question is this possible? I know about headers but a lot of the clients gone use this do not got the proper developing team to do code. thanks

    Read the article

  • MVC app not working on server but is fine on development machine

    - by GB
    Hello, I am able to run my application just fine on my dev machine but as soon as I publish it to the web server some functionality is lost. Any type of .ajax POST does not work usually with a 401 unauthorized error. The server is Windows 2008 with IIS7. I also installed Visual Studio 2008 with MVC2 on the server and ran the application directly on the server and the same .ajax POST does not work but the error changed to 500 unknown. Thanks for the help.

    Read the article

< Previous Page | 3 4 5 6 7 8 9 10 11 12 13 14  | Next Page >