Search Results

Search found 2054 results on 83 pages for 'ion auth'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 71/83 | < Previous Page | 67 68 69 70 71 72 73 74 75 76 77 78  | Next Page >

  • hasAndBelongsToMany only working one way

    - by Cameron
    In my application I have users that are able to be friends with other users. This is controlled with a users table and a friends_users table. The friends_users table has the following columns: id, user_id, friend_id, status And the model User looks like: public $hasAndBelongsToMany = array( 'Friend'=>array( 'className' => 'User', 'joinTable' => 'friends_users', 'foreignKey' => 'user_id', 'associationForeignKey' => 'friend_id' ) ); This seems to work fine when viewing the Users for a user who is in the user_id column, but doesn't work the other way around, i.e. in reverse... Any ideas why? Here is the method I use to list the friends for a user: $user = $this->User->find('first', array( 'conditions' => array('User.id' => $this->Auth->user('id')), 'contain'=>'Profile' )); $friends = $this->User->find('first', array( 'conditions'=>array( 'User.id'=>$user['User']['id'] ), 'contain'=>array( 'Profile', 'Friend'=>array( 'Profile', 'conditions'=>array( 'FriendsUser.status'=>1 ) ) ) ) ); $this->set('friends', $friends);

    Read the article

  • Are these saml request-response good enough?

    - by Ashwin
    I have set up a single sign on(SSO) for my services. All the services confirm the identity of the user using the IDPorvider(IDP). In my case I am also the IDP. In my saml request, I have included the following: 1. the level for which auth. is required. 2. the consumer url 3. the destination service url. 4. Issuer Then, encrypting this message with the SP's(service provider) private key and then with the IDP's Public key. Then I am sending this request. The IDP on receiving the request, first decrypts with his own private key and then with SP's public key. In the saml response: 1. destination url 2. Issuer 3. Status of the response Is this good enough? Please give your suggestions?

    Read the article

  • How to manage feeds with subclassed object in Django 1.2?

    - by Matteo
    Hi, I'm trying to generate a feed rss from a model like this one, selecting all the Entry objects: from django.db import models from django.contrib.sites.models import Site from django.contrib.auth.models import User from imagekit.models import ImageModel import datetime class Entry(ImageModel): date_pub = models.DateTimeField(default=datetime.datetime.now) author = models.ForeignKey(User) via = models.URLField(blank=True) comments_allowed = models.BooleanField(default=True) icon = models.ImageField(upload_to='icon/',blank=True) class IKOptions: spec_module = 'journal.icon_specs' cache_dir = 'icon/resized' image_field = 'icon' class Post(Entry): title = models.CharField(max_length=200) description = models.TextField() slug = models.SlugField(unique=True) def __unicode__(self): return self.title class Photo(Entry): alt = models.CharField(max_length=200) description = models.TextField(blank=True) original = models.ImageField(upload_to='photo/') class IKOptions: spec_module = 'journal.photo_specs' cache_dir = 'photo/resized' image_field = 'original' def __unicode__(self): return self.alt class Quote(Entry): blockquote = models.TextField() cite = models.TextField(blank=True) def __unicode__(self): return self.blockquote When I use the render_to_response in my views I simply call: def get_journal_entries(request): entries = Entry.objects.all().order_by('-date_pub') return render_to_response('journal/entries.html', {'entries':entries}) And then I use a conditional template to render the right snippets of html: {% extends "base.html" %} {% block main %} <hr> {% for entry in entries %} {% if entry.post %}[...]{% endif %}[...] But I cannot do the same with the Feed Framework in django 1.2... Any suggestion, please?

    Read the article

  • Frames with PHP

    - by user562123
    Hi guys Can I use HTML Frames with PHP? I presumed I can do this by.. <?php session_start(); require("auth.php"); require("do_html_header.php"); if($_SESSION['SESS_admin'] == 0) require("do_menu.php"); else require("do_menu3.php"); do_html_header(); print"<h1>Welcome ". $_SESSION['SESS_FIRST_NAME']."!</h1>"; do_menu(); ?> </body> <frameset rows="50%,50%"> <frame noresize="noresize" src="limits.php" /> <frame noresize="noresize" src="limits.php" /> </frameset> </html> I have put it everywhere but it seems not to show up.. Google just confused me. Thanks in Advance :D

    Read the article

  • Custom authentication module inheriting IHttpModule issue.

    - by Chandan Khatwani
    LoginPage.aspx:- protected void Button1_Click(object sender, EventArgs e) { Context.Items["Username"] = txtUserId.Text; Context.Items["Password"] = txtPassword.Text; // FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, Context.Items["Username"].ToString(), DateTime.Now, DateTime.Now.AddMinutes(10), true, "users", FormsAuthentication.FormsCookiePath); // Encrypt the cookie using the machine key for secure transport string hash = FormsAuthentication.Encrypt(ticket); HttpCookie cookie = new HttpCookie( FormsAuthentication.FormsCookieName, // Name of auth cookie hash); // Hashed ticket // Set the cookie's expiration time to the tickets expiration time if (ticket.IsPersistent) cookie.Expires = ticket.Expiration; Response.Cookies.Add(cookie); Response.Redirect("Default.aspx"); } Global.asax file:- void Application_AuthenticateRequest(object sender, EventArgs e) { if (HttpContext.Current.User != null) { if (HttpContext.Current.User.Identity.IsAuthenticated) { if (HttpContext.Current.User.Identity is FormsIdentity) { FormsIdentity id = (FormsIdentity)HttpContext.Current.User.Identity; FormsAuthenticationTicket ticket = id.Ticket; // Get the stored user-data, in this case, our roles string userData = ticket.UserData; string[] roles = userData.Split(','); HttpContext.Current.User = new System.Security.Principal.GenericPrincipal(id, roles); Response.Write(HttpContext.Current.User.Identity.Name); Response.Redirect("Default.aspx"); } } } } I get the following error after signing in This webpage has a redirect loop. The webpage at http://localhost:1067/Default.aspx has resulted in too many redirects. Clearing your cookies for this site or allowing third-party cookies may fix the problem. If not, it is possibly a server configuration issue and not a problem with your computer.

    Read the article

  • Method not found: 'Void Google.Apis.Util.Store.FileDataStore..ctor(System.String)'

    - by user3732193
    I've been stuck at this for days now. I copied the exact codes from google api samples to upload files to Google Drive. Here is the code UserCredential credential = GoogleWebAuthorizationBroker.AuthorizeAsync( new ClientSecrets { ClientId = ClientId, ClientSecret = ClientSecret, }, new[] { DriveService.Scope.Drive, DriveService.Scope.DriveFile }, "user", CancellationToken.None, new FileDataStore("MyStore")).Result; But it would throw an exception at runtime: Method not found: 'Void Google.Apis.Util.Store.FileDataStore..ctor(System.String)'. I already added the necessary Google Api dlls. Or if anyone could suggest a better code for uploading files to Google Drive in a website which implements Server-Side Authorization. Any help would be greatly appreciated. UPDATE: I changed my code to this var token = new TokenResponse { RefreshToken = "1/6hnki1x0xOMU4tr5YXNsLgutzbTcRK1M-QOTEuRVxL4" }; var credentials = new UserCredential(new GoogleAuthorizationCodeFlow(new GoogleAuthorizationCodeFlow.Initializer { ClientSecrets = new ClientSecrets { ClientId = ClientId, ClientSecret = ClientSecret }, Scopes = new[] { DriveService.Scope.Drive, DriveService.Scope.DriveFile } }), "user", token); But it also throws an exception: Method not found: 'Void Google.Apis.Auth.OAuth2.Flows.GoogleAuthorizationCodeFlow..ctor(Initializer). Is the problem with the dlls?

    Read the article

  • Always send certain values with an ajax request/post

    - by DZittersteyn
    I'm building a system that displays a list of user, and on selection of a user requests some form of password. These values are saved in a hidden field on the page, and need to be sent with every request as a form of authentication. (I'm aware of the MITM-vulnerability that lies herein, but it's a very low-key system, so security is not a large concern). Now I need to send these values with each and every request, to auth the currently 'logged in' user. I'd like to automate this, via ajaxSetup, however i'm running into some issues. My first try was: init_user_auth: function(){ $.ajaxSetup({ data: { 'user' : site_user.selected_user_id(), 'passcode': site_user.selected_user_pc(), 'barcode' : site_user.selected_user_bc() } }); }, However, as I should have known, this reads the values once, at the time of the call to ajaxSetup, and never rereads them. What I need is a way to actually call the functions every time an ajax-call is made. I'm currently trying to understand what is happening here: https://groups.google.com/forum/?fromgroups=#!topic/jquery-dev/OBcEfgvTJ9I, however through the flamewar and very low-level stuff going on there, I'm not exactly sure I get what is going on. Is this the way to proceed, or should I just face facts and manually add login-info to each ajax-call?

    Read the article

  • Get Username from a Cookie

    - by craphunter
    Hi, I use the backend solution from django. I just want to get a username from the cookie or the session_key to get to know the user. How I can do it? from django.contrib.auth.models import User from django.contrib.sessions.models import Session def start(request, template_name="registration/my_account.html"): user_id = request.session.get('session_key') if user_id: name = request.user.username return render_to_response(template_name, locals()) else: return render_to_response('account/noauth.html') Only else is coming up. What am I doing wrong? Am I right then that authenticated means he is logged in? -- Okay this I got! Firstly, if you have some clarification to a question, update the question, don't post an answer or (even worse) another question, as you have done. Secondly, if the user is logged out, by definition he doesn't have a username. I mean the advantage of Cookies is to identify a user again. I just want to place his name on the webpage. Even if he is logged out. Or isnt't it possible?

    Read the article

  • Apache's AuthDigestDomain and Rails Distributed Asset Hosts

    - by Jared
    I've got a server I'm in the process of setting up and I'm running into an Apache configuration problem that I can not get around. I've got Apache 2.2 and Passenger serving a Rails app with distributed asset hosting. This is the feature of Rails that lets you serve your static assets from assets0.example.com, assets1, assets2, and so on. The site needs to be passworded until launch. I've set up HTTP authentication on the site using Apache's mod_auth_digest. In my configuration I'm attempting to use the AuthDigestDomain directive to allow access to each of the asset URLs. The problem is, it doesn't seem to be working. I get the initial prompt for the password when I load the page, but then the first time it loads an asset from one of the asset URLs, I get prompted a 2nd, 3rd, or 4th time. In some browsers, I get prompted for every single resource on the page. I'm hoping that this is only a problem of how I'm specifying my directives and not a limitation of authorization in Apache itself. See the edited auth section below: <Location /> AuthType Digest AuthName "Restricted Site" AuthUserFile /etc/httpd/passwd/passwords AuthGroupFile /dev/null AuthDigestDomain / http://assets0.example.com/ http://assets1.example.com/ http://assets2.example.com/ http://assets3.example.com/ require valid-user order deny,allow allow from all </Location>

    Read the article

  • How do I ignore an "invalid" SSL certificate in Objective-C?

    - by ipwnstuff
    Currently I have: NSArray* array = [NSArray arrayWithObjects:@"auth.login",@"username",@"password", nil]; NSData* packed_array = [array messagePack]; NSURL* url = [NSURL URLWithString:@"https://192.168.1.149:3790/api/1.0"]; NSMutableURLRequest* request = [NSMutableURLRequest requestWithURL:url]; [request setHTTPMethod:@"POST"]; [request setValue:@"RPC Server" forHTTPHeaderField:@"Host"]; [request setValue:@"binary/message-pack" forHTTPHeaderField:@"Content-Type"]; [request setValue:[NSString stringWithFormat:@"%d",[packed_array length]] forHTTPHeaderField:@"Content-Length"]; [request setHTTPBody:packed_array]; NSURLResponse *response; NSError *error; responseData = [NSMutableData dataWithData:[NSURLConnection sendSynchronousRequest:request returningResponse:&response error:&error]]; NSLog(@"response data: %@",[responseData messagePackParse]); NSLog(@"error: %@",error); - (BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace { NSLog(@"called canAuthenticateAgainstProtectionSpace"); return [protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]; } - (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge { NSLog(@"called didReceiveAuthenticationChallenge"); [challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge]; } Which returns "Error Domain=NSURLErrorDomain Code=-1202 "The certificate for this server is invalid"…" How should I be implementing the answer from this question?

    Read the article

  • How to stream authenticated content with MediaPlayer on Android

    - by 102790073222983779908
    I've seen quite a few posts askign this question on SO but there doesn't seem to be a definitive answer (or at least an answer I like!) I've got content protected behind basic auth (username/password) -- I can download it fine using the various HTTP download clases but for the life of me I can't sort out how to tell media player to stream it (and provide the authentication). I saw one post that suggested it wasn't possible since the MediaPlayer is all native code and doesn't things like the Authenticator. There are plenty of examples of how to first download to a cached copy and then play that back but....That sort of sucks (and the files maybe 100's of MB's). I saw at least one proposal to download it in smalish chunks and then start & stop the playback (redirecting to the new file) but that sort of sucks also since there would (I presume) be a stutter (I haven't tried it though) The best idea I have at this point is to start downloading to a cache file and then when it's 'full enough' start up playback while I continue to fill the file.... I hope that this works (but again, haven't tried it). Am I missing something obvious? It's so painful to have all the various pieces almost working and I sort of convinced myself that there had to be a way to natively stream protected content (or have it take a already established & qualified InputStream) but it appears no joy. BTW I'm a Mac/iPhone guy and a newb at Android so I'm still fighting a bit of Java learning.... Excuse me if I'm missing somthing obvious. -john

    Read the article

  • PHP shell_exec() - Run directly, or perform a cron (bash/php) and include MySQL layer?

    - by Jimbo
    Sorry if the title is vague - I wasn't quite sure how to word it! What I'm Doing I'm running a Linux command to output data into a variable, parse the data, and output it as an array. Array values will be displayed on a page using PHP, and this PHP page output is requested via AJAX every 10 seconds so, in effect, the data will be retrieved and displayed/updated every 10 seconds. There could be as many as 10,000 characters being parsed on every request, although this is usually much lower. Alternative Idea I want to know if there is a better* alternative method of retrieving this data every 10 seconds, as multiple users (<10) will be having this command executed automatically for them. A cronjob running on the server could execute either bash or php (which is faster?) to grab the data and store it in a MySQL database. Then, any AJAX calls to the PHP output would return values in the MySQL database rather than making a direct call to execute server code every 10 seconds. Why? I know there are security concerns with running execs directly from PHP, and (I hope this isn't micro-optimisation) I'm worried about CPU usage on the server. The server is running a sempron processor. Yes, they do still exist. Having this only execute when the user is on the page (idea #1) means that the server isn't running code that doesn't need to be run. However, is this slow and insecure? Just in case the type of linux command may be of assistance in determining it's efficiency: shell_exec("transmission-remote $host:$port --auth $username:$password -l"); I'm hoping that there are differences in efficiency and level of security with the two methods I have outlined above, and that this isn't just micro-micro-optimisation. If there are alternative methods that are better*, I'd love to learn about these! :)

    Read the article

  • What's a good way to integrate FB and Twitter into my commenting system (PHP)

    - by Jason
    Hi Guys, There are so many options out there for integration. At the moment I have comments that are posted on my articles, where a user types in their name and the comment. This is then sent to a moderation queue and displayed when approved. I want to acheive this: Comment with facebook login (ie facebook account listed as the name w/ avatar) Comment with twitter login (ie twitter account name listed as the name w/ avatar) Push comment from my website to twitter and to facebook I could go down a few paths as far as I know: Integrate with XFBML, which I don't like because I find it annoying to setup and messy. Integrate facebook comments system, although this can't push to twitter, or allow me to moderate comments from my backend (as far as I can tell i'd have to login under the facebook login for the dev account to moderate the comment) Find a php class that does open auth and integrate with both face book and twitter at once find a pre-created php class Anyone have a solution that will bias: a. easy to integrate b. lightweight c. is free Thanks for your suggestions in advance.

    Read the article

  • form.has_errors tag not working

    - by John
    Hello, Im using Django 1.2.3. I have login functionality in my site using django.contrib.auth.views.login. The user is able to login after entering correct username and password. But, form.has_errors is not working i.e. if the login credentials entered are incorrect i dont see the error message. My login.html in templates/registration is as follows : <html> <head> <title>Login</title> </head> <body> <h1>User Login</h1> {% if form.has_errors %} <p>Your username and password didn't match. Please try again.</p> {% endif %} <form method="post" action="."> {% csrf_token %} <p><label for="id_username">Username:</label> {{ form.username }}</p> <p><label for="id_password">Password:</label> {{ form.password }}</p> <input type="hidden" name="next" value="/" /> <input type="submit" value="login" /> </form> </body> </html> Any way to fix this problem? Please Help Thank You.

    Read the article

  • Authentication system - Return information that have to change every time

    - by paulohr
    I have a application (made in Delphi) that contains a Authentication system (login & password). This system is in PHP, and the application get results from PHP using HTTP GET method. The system returns 'OK' if login and password are correct, and 'NO' if not correct. Like this... procedure Check; var x: string; begin x:=Get('www.mywebsite.com/auth.php?user=xxxxxx&pass=zzzzzz'); if x='OK' then UnlockFeatures else MessageBox(0,'You're not VIP','Error',0); end; Well, it works fine, but it is very easy to circumvent this system with sniffers, packet editor or proxy. So, I want to get some information (in PHP) that changes every time, and that could be possible get the same information by my application. What can I do? I don't need codes. Just tips, suggestions, please... Thanks...

    Read the article

  • Using pip to install modules in python failing

    - by James N
    I'm having trouble installing python modules using pip. Below is the output from the command window: Note that I installed pip immediately before trying to install GDAL module. I am on a w7 64bit machine running python 2.7 Microsoft Windows [Version 6.1.7601] Copyright (c) 2009 Microsoft Corporation. All rights reserved. C:\Users\jnunn\Desktop>python get-pip.py Downloading/unpacking pip Downloading pip-1.2.1.tar.gz (102Kb): 102Kb downloaded Running setup.py egg_info for package pip warning: no files found matching '*.html' under directory 'docs' warning: no previously-included files matching '*.txt' found under directory 'docs\_build' no previously-included directories found matching 'docs\_build\_sources' Installing collected packages: pip Running setup.py install for pip warning: no files found matching '*.html' under directory 'docs' warning: no previously-included files matching '*.txt' found under directory 'docs\_build' no previously-included directories found matching 'docs\_build\_sources' Installing pip-script.py script to C:\Python26\ArcGIS10.1\Scripts Installing pip.exe script to C:\Python26\ArcGIS10.1\Scripts Installing pip.exe.manifest script to C:\Python26\ArcGIS10.1\Scripts Installing pip-2.7-script.py script to C:\Python26\ArcGIS10.1\Scripts Installing pip-2.7.exe script to C:\Python26\ArcGIS10.1\Scripts Installing pip-2.7.exe.manifest script to C:\Python26\ArcGIS10.1\Scripts Successfully installed pip Cleaning up... C:\Users\jnunn\Desktop>pip install gdal Downloading/unpacking gdal Downloading GDAL-1.9.1.tar.gz (420kB): 420kB downloaded Running setup.py egg_info for package gdal Installing collected packages: gdal Running setup.py install for gdal building 'osgeo._gdal' extension c:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\BIN\cl.exe /c /nologo /Ox /MD /W3 /GS- /DNDEBUG -I../../port -I../../gcore -I../../alg -I../../ogr/ -I C:\Python26\ArcGIS10.1\include -IC:\Python26\ArcGIS10.1\PC -IC:\Python26\ArcGIS1 0.1\lib\site-packages\numpy\core\include /Tpextensions/gdal_wrap.cpp /Fobuild\te mp.win32-2.7\Release\extensions/gdal_wrap.obj gdal_wrap.cpp c:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\INCLUDE\xlocale(342) : warning C4530: C++ exception handler used, but unwind semantics are not enabled . Specify /EHsc extensions/gdal_wrap.cpp(2853) : fatal error C1083: Cannot open include file : 'cpl_port.h': No such file or directory error: command '"c:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\BIN\c l.exe"' failed with exit status 2 Complete output from command C:\Python26\ArcGIS10.1\python.exe -c "import se tuptools;__file__='c:\\users\\jnunn\\appdata\\local\\temp\\pip-build\\gdal\\setu p.py';exec(compile(open(__file__).read().replace('\r\n', '\n'), __file__, 'exec' ))" install --record c:\users\jnunn\appdata\local\temp\pip-f7tgze-record\install -record.txt --single-version-externally-managed: running install running build running build_py creating build creating build\lib.win32-2.7 copying gdal.py -> build\lib.win32-2.7 copying ogr.py -> build\lib.win32-2.7 copying osr.py -> build\lib.win32-2.7 copying gdalconst.py -> build\lib.win32-2.7 copying gdalnumeric.py -> build\lib.win32-2.7 creating build\lib.win32-2.7\osgeo copying osgeo\gdal.py -> build\lib.win32-2.7\osgeo copying osgeo\gdalconst.py -> build\lib.win32-2.7\osgeo copying osgeo\gdalnumeric.py -> build\lib.win32-2.7\osgeo copying osgeo\gdal_array.py -> build\lib.win32-2.7\osgeo copying osgeo\ogr.py -> build\lib.win32-2.7\osgeo copying osgeo\osr.py -> build\lib.win32-2.7\osgeo copying osgeo\__init__.py -> build\lib.win32-2.7\osgeo running build_ext building 'osgeo._gdal' extension creating build\temp.win32-2.7 creating build\temp.win32-2.7\Release creating build\temp.win32-2.7\Release\extensions c:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\BIN\cl.exe /c /nologo /Ox /MD /W3 /GS- /DNDEBUG -I../../port -I../../gcore -I../../alg -I../../ogr/ -IC:\P ython26\ArcGIS10.1\include -IC:\Python26\ArcGIS10.1\PC -IC:\Python26\ArcGIS10.1\ lib\site-packages\numpy\core\include /Tpextensions/gdal_wrap.cpp /Fobuild\temp.w in32-2.7\Release\extensions/gdal_wrap.obj gdal_wrap.cpp c:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\INCLUDE\xlocale(342) : war ning C4530: C++ exception handler used, but unwind semantics are not enabled. Sp ecify /EHsc extensions/gdal_wrap.cpp(2853) : fatal error C1083: Cannot open include file: 'c pl_port.h': No such file or directory error: command '"c:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\BIN\cl.ex e"' failed with exit status 2 ---------------------------------------- Command C:\Python26\ArcGIS10.1\python.exe -c "import setuptools;__file__='c:\\us ers\\jnunn\\appdata\\local\\temp\\pip-build\\gdal\\setup.py';exec(compile(open(_ _file__).read().replace('\r\n', '\n'), __file__, 'exec'))" install --record c:\u sers\jnunn\appdata\local\temp\pip-f7tgze-record\install-record.txt --single-vers ion-externally-managed failed with error code 1 in c:\users\jnunn\appdata\local\ temp\pip-build\gdal Storing complete log in C:\Users\jnunn\pip\pip.log C:\Users\jnunn\Desktop> I have tried to use easy_install before too, and it came back with a common error to this: c:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\INCLUDE\xlocale(342) : war ning C4530: C++ exception handler used, but unwind semantics are not enabled. Sp ecify /EHsc extensions/gdal_wrap.cpp(2853) : fatal error C1083: Cannot open include file: 'c pl_port.h': No such file or directory error: command '"c:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\BIN\cl.ex e"' failed with exit status 2 Plus the following additional pip.log: Exception information: Traceback (most recent call last): File "C:\Python26\ArcGIS10.1\lib\site-packages\pip\basecommand.py", line 107, in main status = self.run(options, args) File "C:\Python26\ArcGIS10.1\lib\site-packages\pip\commands\install.py", line 261, in run requirement_set.install(install_options, global_options) File "C:\Python26\ArcGIS10.1\lib\site-packages\pip\req.py", line 1166, in install requirement.install(install_options, global_options) File "C:\Python26\ArcGIS10.1\lib\site-packages\pip\req.py", line 589, in install cwd=self.source_dir, filter_stdout=self._filter_install, show_stdout=False) File "C:\Python26\ArcGIS10.1\lib\site-packages\pip\util.py", line 612, in call_subprocess % (command_desc, proc.returncode, cwd)) InstallationError: Command C:\Python26\ArcGIS10.1\python.exe -c "import setuptools;__file__='c:\\users\\jnunn\\appdata\\local\\temp\\pip-build\\gdal\\setup.py';exec(compile(open(__file__).read().replace('\r \n', '\n'), __file__, 'exec'))" install --record c:\users\jnunn\appdata\local\temp\pip-f7tgze-record\install-record.txt --single-version-externally-managed failed with error code 1 in c:\users\jnunn\appdata \local\temp\pip-build\gdal

    Read the article

  • pfsense peer-to-peer OpenVPN not connecting

    - by John P
    I'm trying to setup a peer-to-peer OpenVPN between two pfsense servers running 2.0.1-RELEASE, but the client keeps getting the connection dropped, with a status of "reconnecting; ping-restart" and nothing appears to be routing between them. Both these firewalls are also doing PPTP VPNs that are working correctly. FW01 ("server") ======================= LAN: 10.1.1.2/24 WAN: xx.xx.126.34/27 ServerMode: Peer to Peer (Shared Key) Protocol: UDP DeviceMode: tun Interface: WAN Port 1194 Tunnel: 10.0.8.1/30 Local Network: 10.1.1.0/24 Remote Network: 192.168.1.0/24 Firewall Rule in OpenVPN tab: UDP * * * * * none FW03 (client) LAN: 192.168.1.2/24 WAN: xx.xx.9.66/27 ServerMode: Peer to Peer (Shared Key) Protocol: UDP DeviceMode: tun Interface: WAN Server Host: xx.xx.126.34 Tunnel: -- also tried 10.1.8.0/24 Remote Network: 10.1.1.0/24 Client Logs: System Log Apr 6 18:00:08 kernel: ... Restarting packages. Apr 6 18:00:13 check_reload_status: Starting packages Apr 6 18:00:19 php: : Restarting/Starting all packages. Apr 6 18:00:56 kernel: ovpnc1: link state changed to DOWN Apr 6 18:00:56 check_reload_status: Reloading filter Apr 6 18:00:57 check_reload_status: Reloading filter Apr 6 18:00:57 kernel: ovpnc1: link state changed to UP Apr 6 18:00:57 check_reload_status: rc.newwanip starting ovpnc1 Apr 6 18:00:57 check_reload_status: Syncing firewall Apr 6 18:01:02 php: : rc.newwanip: Informational is starting ovpnc1. Apr 6 18:01:02 php: : rc.newwanip: on (IP address: ) (interface: ) (real interface: ovpnc1). Apr 6 18:01:02 php: : rc.newwanip: Failed to update IP, restarting... Apr 6 18:01:02 php: : send_event: sent interface reconfigure got ERROR: incomplete command. all reload reconfigure restart newip linkup sync Client OpenVPN log Apr 6 18:39:14 openvpn[12177]: Inactivity timeout (--ping-restart), restarting Apr 6 18:39:14 openvpn[12177]: SIGUSR1[soft,ping-restart] received, process restarting Apr 6 18:39:16 openvpn[12177]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Apr 6 18:39:16 openvpn[12177]: Re-using pre-shared static key Apr 6 18:39:16 openvpn[12177]: Preserving previous TUN/TAP instance: ovpnc1 Apr 6 18:39:16 openvpn[12177]: UDPv4 link local (bound): [AF_INET]64.94.9.66 Apr 6 18:39:16 openvpn[12177]: UDPv4 link remote: [AF_INET]64.74.126.34:1194 Server OpenVPN log Apr 6 14:40:36 openvpn[22117]: UDPv4 link remote: [undef] Apr 6 14:40:36 openvpn[22117]: UDPv4 link local (bound): [AF_INET]xx.xx.126.34:1194 Apr 6 14:40:36 openvpn[21006]: /usr/local/sbin/ovpn-linkup ovpns1 1500 1557 10.1.8.1 10.1.8.2 init Apr 6 14:40:36 openvpn[21006]: /sbin/ifconfig ovpns1 10.1.8.1 10.1.8.2 mtu 1500 netmask 255.255.255.255 up Apr 6 14:40:36 openvpn[21006]: do_ifconfig, tt-ipv6=0, tt-did_ifconfig_ipv6_setup=0 Apr 6 14:40:36 openvpn[21006]: TUN/TAP device /dev/tun1 opened Apr 6 14:40:36 openvpn[21006]: Control Channel Authentication: using '/var/etc/openvpn/server1.tls-auth' as a OpenVPN static key file Apr 6 14:40:36 openvpn[21006]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Apr 6 14:40:36 openvpn[21006]: OpenVPN 2.2.0 amd64-portbld-freebsd8.1 [SSL] [LZO2] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Aug 11 2011 Apr 6 14:40:36 openvpn[17171]: SIGTERM[hard,] received, process exiting Apr 6 14:40:36 openvpn[17171]: /usr/local/sbin/ovpn-linkdown ovpns1 1500 1557 10.1.8.1 10.1.8.2 init Apr 6 14:40:36 openvpn[17171]: ERROR: FreeBSD route delete command failed: external program exited with error status: 1 Apr 6 14:40:36 openvpn[17171]: event_wait : Interrupted system call (code=4) Apr 6 14:06:32 openvpn[17171]: Initialization Sequence Completed Apr 6 14:06:32 openvpn[17171]: UDPv4 link remote: [undef] Apr 6 14:06:32 openvpn[17171]: UDPv4 link local (bound): [AF_INET]xx.xx.126.34:1194

    Read the article

  • Update php 5.2.0 to 5.2.4 with aptitude

    - by Kiva
    Hi guy, I would like to update my php 5 in my server. At this moment, I use php 5.2.0 so I want to update it to php 5.2.4 (not php 5.3). I tried to do this: aptitude update aptitude upgrade 63 packets were updated but not php which is always in 5.0 How can I update my php please ? Here is the output of commands asked by David in another post: aptitude search php5 p libapache-mod-php5 - server-side, HTML-embedded scripting langu i A libapache2-mod-php5 - server-side, HTML-embedded scripting langu i php5 - server-side, HTML-embedded scripting langu p php5-apache2-mod-bt - PHP bindings for mod_bt p php5-auth-pam - A PHP5 extension for PAM authentication i php5-cgi - server-side, HTML-embedded scripting langu p php5-clamavlib - PHP ClamAV Lib - ClamAV Interface for PHP5 p php5-cli - command-line interpreter for the php5 scri i A php5-common - Common files for packages built from the p i php5-curl - CURL module for php5 p php5-dev - Files for PHP5 module development i A php5-gd - GD module for php5 p php5-idn - PHP api for the IDNA library p php5-imagick - ImageMagick module for php5 p php5-imap - IMAP module for php5 p php5-interbase - interbase/firebird module for php5 p php5-json - JSON serialiser for PHP5 p php5-ldap - LDAP module for php5 p php5-mapscript - module for php5-cgi to use mapserver p php5-maxdb - PHP extension to access MaxDB databases fo i A php5-mcrypt - MCrypt module for php5 p php5-memcache - memcache extension module for PHP5 p php5-mhash - MHASH module for php5 p php5-ming - Ming module for php5 i A php5-mysql - MySQL module for php5 p php5-odbc - ODBC module for php5 p php5-pgsql - PostgreSQL module for php5 p php5-ps - ps module for PHP 5 p php5-pspell - pspell module for php5 p php5-radius - PECL radius module for PHP 5 p php5-recode - recode module for php5 p php5-snmp - SNMP module for php5 p php5-sqlite - SQLite module for php5 p php5-sqlite3 - SQLite3 module for php5 p php5-sqlrelay - SQL Relay PHP API p php5-suhosin - advanced protection module for php5 p php5-sybase - Sybase / MS SQL Server module for php5 p php5-tidy - tidy module for php5 p php5-uuid - OSSP uuid module for php5 p php5-xapian - Xapian search engine interface for PHP5 p php5-xcache - Fast, stable PHP opcode cacher p php5-xmlrpc - XML-RPC module for php5 p php5-xsl - XSL module for php5 aptitude show php5 | grep Version Version : 5.2.0-8+etch13 aptitude show php5-cgi | grep Version Version : 5.2.0-8+etch13 php5 --version -bash: php5: command not found php-cgi --version PHP 5.2.0-8+etch13 (cgi-fcgi) (built: Oct 2 2008 08:21:17) Copyright (c) 1997-2006 The PHP Group Zend Engine v2.2.0, Copyright (c) 1998-2006 Zend Technologies

    Read the article

  • `svn checkout` on the SVN server causes the repo to break with a 301 error

    - by Phillip Oldham
    We have an nginx server which proxies to a standard set-up of Apache+SVN. The nginx set-up is a very simple proxy: server { server_name svn.ourdomain.tld; location / { proxy_pass http://localhost:8080; } } Apache is set-up as follows: <Location /> DAV svn SVNParentPath /var/svn AuthType Basic AuthName "Authentication Required" AuthUserFile /var/svn/.auth Require valid-user </Location> ...which allows us to access repositories using something like http://svn.ourdomain.tld/repo. We've been running this set-up now for about 2 years without issue. Recently we've found that we need to check out one of the repositories onto the server itself, however whenever we do so it seems to break the repo. From that point on, it will only respond with a 301 Moved Permanently error. We've tried: svn co file:///path/to/repo svn co svn://localhost/repo svn co svn://svn.ourdomain.tld/repo svn co svn+ssh://localhost/repo svn co svn+ssh://svn.ourdomain.tld/repo svn co http://localhost/repo svn co http://svn.ourdomain.tld/repo Also tried bypassing nginx, and get the same error: svn co http://localhost:8080/repo svn co http://svn.ourdomain.tld:8080/repo Checking out from a different machine works as expected until we attempt to check out on the server, after that it refuses with the same 301 error. What is more confusing is that this repository server also hosts our HudsonCI server, which can pulls and builds our projects hourly. This leads us to suspect that it's the svn client which is causing an error in communication. Its also very confusing that removing then re-creating the repo using svnadmin doesn't reset the error - the repo is still unavailable even though it's "new"! Restarting apache and subversion (svnserve) has no effect on this, or the original error. Version information: OS: 64-bit CentOS 4.2, 2.6.27 kernel svn client: 1.4.2 (same for both server and remote clients) svn server: 1.4.2 httpd: 2.2.3 UPDATE: This also happens with svn export when run on the repo server. Ran from any other box/client, there isn't a problem. Here's the workflow, to help clarify the error: [~repo-server~]# svnadmin create {repo}; chown -Rf www:www {repo} [remote-client]# svn checkout http://svn.ourdomain.tld/repo [remote-client]# svn add file; svn ci -m '' [~repo-server~]# cd /var/www; svn export file:///path/to/repo/trunk ourproject [remote-client]# svn update fails with 301 error I can also confirm that the hostname of the box doesn't have an effect here, which is very odd: whether or not svn.ourdomain.tld is added to /etc/hosts it still breaks - we thought it could be an issue with localhost routing, but that doesn't seem to be the case. Are we missing something in the documentation which states you can't checkout a repo when the server is on the same box? How can we stop the repos becoming corrupt when we checkout locally?

    Read the article

  • How to start networking on a wired interface before logon in Ubuntu Desktop Edition

    - by Burly
    Problem Ubuntu 9.10 Desktop Edition (and possibly previous versions as well, I haven't tested them) has no network connections after boot until at least 1 user logs in. This means any services that require networking (e.g. openssh-server) are not available until someone logs in locally either via gdm, kdm, or a TTY. Background Ubuntu 9.10 Desktop Edition uses the NetworkManager service to take commands from the nm-applet in Gnome (or it's equivalent in KDE). As I understand it, while NetworkManager is running at boot, it is not issued any commands to connect until you login for the first time because nm-applet isn't running until you login and your Gnome session starts (or similar for KDE). I'm not sure what prompts NetworkManager to connect to the network when you login via a TTY. There are several relevant variables involved in starting up the network connections including: Wired vs Wireless (and the resulting drivers, SSID, passwords, and priorities) Static vs DHCP Multiple interfaces Constraints Support Ubuntu 9.10 Karmic Koala (bonus points for additional supported versions) Support wired eth0 interface Receive an IP address via DHCP Receive DNS information via DHCP (obviously the DHCP server must provide this information) Enable networking at the proper time (e.g. some time after file systems are loaded but before network services like ssh start) Switching distros or versions (e.g. to Server Edition) is not an acceptable solution Switching to a Static IP configuration is not an acceptable solution Question How to start networking on a wired interface before logon in Ubuntu Desktop Edition? What I have tried Per this guide, adding the following entry into /etc/network/interfaces so that NetworkManager won't manage the eth0 interface: auth eth0 iface inet dhcp After reboot eth0 is down. Issuing ifconfig eth0 up brings the interface up but it receives no IP address. Issuing dhclient eth0 instead Does bring up the interface and it Does receive an IP address. Completely removing the NetworkManager package in addition to the settings above. I'm a bit confused with the whole UpStart/SysVinit mangling that's going in Ubuntu currently (I'm more familiar with the CentOS world). However, directly issuing sudo /etc/init.d/networking start Or sudo start networking does not bring up the eth0 interface at all, much less get an IP address. See-Also How to force NetworkManager to make a connection before login? References Ubuntu Desktop Edition Ubuntu Networking Configuration Using Command Line Automatic Network Configuration Via Command-Line Start network connection before login

    Read the article

  • BIND9 / DNS Zone / Dedicated Server / Unique Reverse DNS

    - by user2832131
    I locate a dedicated server in a datacenter with no DNS Zone setup. Datacenter panel have 1 textfield only you can fill one Reverse DNS only. According with datacenter instructions here... [instructions]: http://www.wiki.hetzner.de/index.php/DNS-Reverse-DNS/en#How_can_I_assign_several_names_to_my_IP_address.2C_if_different_domains_are_hosted_on_my_server.3F How_can_I_assign_several_names_to_my_IP_address ...I need to install BIND9 in order to configure other records like CNAME and MX. Ok, I've installed BIND9, created a Master Zone. And following this example, I put it in the Zone File: [example]: http://wiki.hetzner.de/index.php/DNS_Zonendatei/en example $ttl 86400 @ IN SOA ns1.first-ns.de. postmaster.robot.first-ns.de. ( 1383411730 14400 1800 604800 86400 ) @ IN NS ns1.first-ns.de. @ IN NS robotns2.second-ns.de. @ IN NS robotns3.second-ns.com. localhost IN A 127.0.0.1 @ IN A 144.86.786.651 www IN A 144.86.786.651 loopback IN CNAME localhost But when I point my domain to ns1.first-ns.de, DNS Register says "time out". Am I missing something? I created a Master zone. Should it be a Slave zone? named.conf: include "/etc/bind/named.conf.options"; include "/etc/bind/named.conf.local"; include "/etc/bind/named.conf.default-zones"; named.conf.options: options { directory "/var/cache/bind"; dnssec-validation auto; auth-nxdomain no; # conform to RFC1035 listen-on-v6 { any; }; }; named.conf.local: zone "mydomain.com" { type master; file "/var/lib/bind/mydomain.com.hosts"; allow-update {any;}; allow-transfer {any;}; allow-query {any;}; }; named.conf.default-zones: zone "." { type hint; file "/etc/bind/db.root"; }; zone "localhost" { type master; file "/etc/bind/db.local"; }; zone "127.in-addr.arpa" { type master; file "/etc/bind/db.127"; }; zone "0.in-addr.arpa" { type master; file "/etc/bind/db.0"; }; zone "255.in-addr.arpa" { type master; file "/etc/bind/db.255"; }; Problem is that I'm moving my site, and can't update the new NS server due to a 'timeout' message when filling new datacenter NS. I'm filling: MASTER: ns1.first-ns.de SLAVE1: robotns2.second-ns.de SLAVE2: robotns3.second-ns.com

    Read the article

  • connect() failed (111: Connection refused) while connecting to upstream

    - by Burning the Codeigniter
    I'm experiencing 502 gateway errors when accessing a PHP file in a directory (http://domain.com/dev/index.php), the logs simply says this: 2011/09/30 23:47:54 [error] 31160#0: *35 connect() failed (111: Connection refused) while connecting to upstream, client: xx.xx.xx.xx, server: domain.com, request: "GET /dev/ HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "domain.com" I've never experienced this before, how do I do a solution for this type of 502 gateway error? This is the nginx.conf: user www-data; worker_processes 4; pid /var/run/nginx.pid; events { worker_connections 768; # multi_accept on; } http { ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; gzip_disable "msie6"; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } #mail { # # See sample authentication script at: # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript # # # auth_http localhost/auth.php; # # pop3_capabilities "TOP" "USER"; # # imap_capabilities "IMAP4rev1" "UIDPLUS"; # # server { # listen localhost:110; # protocol pop3; # proxy on; # } # # server { # listen localhost:143; # protocol imap; # proxy on; # } #}

    Read the article

  • "Checksum failed" during Kerberos SSO

    - by Buddy Casino
    This is an error that occurs when a mod_auth_kerb protected webapp is being accessed, and I have no idea what the cause might be. Can anyone give hints as into which direction I should look? Thankful for any help! Search Subject for Kerberos V5 ACCEPT cred (HTTP/[email protected], sun.security.jgss.krb5.Krb5AcceptCredential) Found key for HTTP/[email protected](23) Entered Krb5Context.acceptSecContext with state=STATE_NEW >>> EType: sun.security.krb5.internal.crypto.ArcFourHmacEType Checksum failed ! 16:36:30,248 TP-Processor31 WARN [site.servlet.KerberosSessionSetupPrivilegedAction] Caught GSS Error GSSException: Failure unspecified at GSS-API level (Mechanism level: Checksum failed) at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Context.java:741) at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:323) at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:267) at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Context.java:741) at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:323) at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:267) at org.alfresco.web.site.servlet.KerberosSessionSetupPrivilegedAction.run(KerberosSessionSetupPrivilegedAction.java:95) at org.alfresco.web.site.servlet.KerberosSessionSetupPrivilegedAction.run(KerberosSessionSetupPrivilegedAction.java:44) at org.alfresco.web.site.servlet.KerberosSessionSetupPrivilegedAction.run(KerberosSessionSetupPrivilegedAction.java:44) at java.security.AccessController.doPrivileged(Native Method) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.Subject.doAs(Subject.java:337) at org.alfresco.web.site.servlet.SSOAuthenticationFilter.doKerberosLogon(SSOAuthenticationFilter.java:994) at org.alfresco.web.site.servlet.SSOAuthenticationFilter.doKerberosLogon(SSOAuthenticationFilter.java:994) at org.alfresco.web.site.servlet.SSOAuthenticationFilter.doFilter(SSOAuthenticationFilter.java:438) at org.alfresco.web.site.servlet.SSOAuthenticationFilter.doFilter(SSOAuthenticationFilter.java:438) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:555) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298) at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190) at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:291) at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:774) at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:703) at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:896) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:690) at java.lang.Thread.run(Thread.java:662) Caused by: KrbException: Checksum failed at sun.security.krb5.internal.crypto.ArcFourHmacEType.decrypt(ArcFourHmacEType.java:85) at sun.security.krb5.internal.crypto.ArcFourHmacEType.decrypt(ArcFourHmacEType.java:77) at sun.security.krb5.EncryptedData.decrypt(EncryptedData.java:168) at sun.security.krb5.KrbApReq.authenticate(KrbApReq.java:268) at sun.security.krb5.KrbApReq.<init>(KrbApReq.java:134) at sun.security.jgss.krb5.InitSecContextToken.<init>(InitSecContextToken.java:79) at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Context.java:724) ... 24 more Caused by: java.security.GeneralSecurityException: Checksum failed at sun.security.krb5.internal.crypto.dk.ArcFourCrypto.decrypt(ArcFourCrypto.java:388) at sun.security.krb5.internal.crypto.ArcFourHmac.decrypt(ArcFourHmac.java:74) at sun.security.krb5.internal.crypto.ArcFourHmacEType.decrypt(ArcFourHmacEType.java:83) ... 30 more

    Read the article

  • dovecot imap ssl certificate issues

    - by mulllhausen
    i have been trying to configure my dovecot imap server (version 1.0.10 - upgrading is not an option at this stage) with a new ssl certificate on ubuntu like so: $ grep ^ssl /etc/dovecot/dovecot.conf ssl_disable = no ssl_cert_file = /etc/ssl/certs/mydomain.com.crt.20120904 ssl_key_file = /etc/ssl/private/mydomain.com.key.20120904 $ /etc/init.t/dovecot stop $ sudo dovecot -p $ [i enter the ssl password here] it doesn't show any errors and when i run ps aux | grep dovecot i get root 21368 0.0 0.0 12452 688 ? Ss 15:19 0:00 dovecot -p root 21369 0.0 0.0 71772 2940 ? S 15:19 0:00 dovecot-auth dovecot 21370 0.0 0.0 14140 1904 ? S 15:19 0:00 pop3-login dovecot 21371 0.0 0.0 14140 1900 ? S 15:19 0:00 pop3-login dovecot 21372 0.0 0.0 14140 1904 ? S 15:19 0:00 pop3-login dovecot 21381 0.0 0.0 14280 2140 ? S 15:19 0:00 imap-login dovecot 21497 0.0 0.0 14280 2116 ? S 15:29 0:00 imap-login dovecot 21791 0.0 0.0 14148 1908 ? S 15:48 0:00 imap-login dovecot 21835 0.0 0.0 14148 1908 ? S 15:53 0:00 imap-login dovecot 21931 0.0 0.0 14148 1904 ? S 16:00 0:00 imap-login me 21953 0.0 0.0 5168 944 pts/0 S+ 16:02 0:00 grep --color=auto dovecot which looks like it is all running fine. so then i test to see if i can telnet to the dovecot server, and this works fine: $ telnet localhost 143 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. * OK Dovecot ready. but when i test whether dovecot has configured the ssl certificates properly, it appears to fail: $ sudo openssl s_client -connect localhost:143 -starttls imap CONNECTED(00000003) depth=0 /description=xxxxxxxxxxxxxxxxx/C=AU/ST=xxxxxxxx/L=xxxx/O=xxxxxx/CN=*.mydomain.com/[email protected] verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 /description=xxxxxxxxxxx/C=AU/ST=xxxxxx/L=xxxx/O=xxxx/CN=*.mydomain.com/[email protected] verify error:num=27:certificate not trusted verify return:1 depth=0 /description=xxxxxxxx/C=AU/ST=xxxxxxxxxx/L=xxxx/O=xxxxx/CN=*.mydomain.com/[email protected] verify error:num=21:unable to verify the first certificate verify return:1 --- Certificate chain 0 s:/description=xxxxxxxxxxxx/C=AU/ST=xxxxxxxxxx/L=xxxxxxxx/O=xxxxxxx/CN=*.mydomain.com/[email protected] i:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Class 2 Primary Intermediate Server CA --- Server certificate -----BEGIN CERTIFICATE----- xxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxx . . . xxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxx== -----END CERTIFICATE----- subject=/description=xxxxxxxxxx/C=AU/ST=xxxxxxxxx/L=xxxxxxx/O=xxxxxx/CN=*.mydomain.com/[email protected] issuer=/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Class 2 Primary Intermediate Server CA --- No client certificate CA names sent --- SSL handshake has read 2831 bytes and written 342 bytes --- New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA Server public key is 2048 bit Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : DHE-RSA-AES256-SHA Session-ID: xxxxxxxxxxxxxxxxxxxx Session-ID-ctx: Master-Key: xxxxxxxxxxxxxxxxxx Key-Arg : None Start Time: 1351661960 Timeout : 300 (sec) Verify return code: 21 (unable to verify the first certificate) --- . OK Capability completed. at least, i'm assuming this is a failure???

    Read the article

  • Mac OS X behind OpenLDAP and Samba

    - by Sam Hammamy
    I have been battling for a week now to get my Mac (Mountain Lion) to authenticate on my home network's OpenLDAP and Samba. From several sources, like the Ubuntu community docs, and other blogs, and after a hell of a lot of trial and error and piecing things together, I have created a samba.ldif that will pass the smbldap-populate when combined with apple.ldif and I have a fully functional OpenLDAP server and a Samba PDC that uses LDAP to authenticate the OS X Machine. The problem is that when I login, the home directory is not created or pulled from the server. I get the following in system.log Sep 21 06:09:15 Sams-MacBook-Pro.local SecurityAgent[265]: User info context values set for sam Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_authenticate(): Got user: sam Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_authenticate(): Got ruser: (null) Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_authenticate(): Got service: authorization Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in od_principal_for_user(): no authauth availale for user. Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in od_principal_for_user(): failed: 7 Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_authenticate(): Failed to determine Kerberos principal name. Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_authenticate(): Done cleanup3 Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_authenticate(): Kerberos 5 refuses you Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_authenticate(): pam_sm_authenticate: ntlm Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_acct_mgmt(): OpenDirectory - Membership cache TTL set to 1800. Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in od_record_check_pwpolicy(): retval: 0 Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_setcred(): Establishing credentials Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_setcred(): Got user: sam Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_setcred(): Context initialised Sep 21 06:09:15 Sams-MacBook-Pro.local authorizationhost[270]: in pam_sm_setcred(): pam_sm_setcred: ntlm user sam doesn't have auth authority All that's great and good and I authenticate. Then I get CFPreferences: user home directory for user kCFPreferencesCurrentUser at /Network/Servers/172.17.148.186/home/sam is unavailable. User domains will be volatile. Failed looking up user domain root; url='file://localhost/Network/Servers/172.17.148.186/home/sam/' path=/Network/Servers/172.17.148.186/home/sam/ err=-43 uid=9000 euid=9000 If you're wondering where /Network/Servers/IP/home/sam comes from, it's from a couple of blogs that said the OpenLDAP attribute apple-user-homeDirectory should have that value and the NFSHomeDirectory on the mac should point to apple-user-homeDirectory I also set the attr apple-user-homeurl to <home_dir><url>smb://172.17.148.186/sam/</url><path></path></home_dir> which I found on this forum. Any help is appreciated, because I'm banging my head against the wall at this point. By the way, I intend to create a blog on my vps just for this, and create an install script in python that people can download so no one has to go through what I've had to go through this week :) After some sleep I am going to try to login from a windows machine and report back here. Thanks Sam

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 67 68 69 70 71 72 73 74 75 76 77 78  | Next Page >