Search Results

Search found 5864 results on 235 pages for 'transparent proxy'.

Page 72/235 | < Previous Page | 68 69 70 71 72 73 74 75 76 77 78 79  | Next Page >

  • Entity Framework: a proxy collection for displaying a subset of data

    - by Jefim
    Imagine I have an entity called Product and a repository for it: public class Product { public int Id { get; set; } public bool IsHidden { get; set; } } public class ProductRepository { public ObservableCollection<Product> AllProducts { get; set; } public ObservableCollection<Product> HiddenProducts { get; set; } } All products contains every single Product in the database, while HiddenProducts must only contain those, whose IsHidden == true. I wrote the type as ObservableCollection<Product>, but it does not have to be that. The goal is to have HiddenProducts collection be like a proxy to AllProducts with filtering capabilities and for it to refresh every time when IsHidden attribute of a Product is changed. Is there a normal way to do this? Or maybe my logic is wrong and this could be done is a better way?

    Read the article

  • Root certificate authority works windows/linux but not mac osx - (malformed)

    - by AKwhat
    I have created a self-signed root certificate authority which if I install onto windows, linux, or even using the certificate store in firefox (windows/linux/macosx) will work perfectly with my terminating proxy. I have installed it into the system keychain and I have set the certificate to always trust. Within the chrome browser details it says "The certificate that Chrome received during this connection attempt is not formatted correctly, so Chrome cannot use it to protect your information. Error type: Malformed certificate" I used this code to create the certificate: openssl genrsa -des3 -passout pass:***** -out private/server.key 4096 openssl req -batch -passin pass:***** -new -x509 -nodes -sha1 -days 3600 -key private/server.key -out server.crt -config ../openssl.cnf If the issue is NOT that it is malformed (because it works everywhere else) then what else could it be? Am I installing it incorrectly? To be clear: Within the windows/linux OS, all browsers work perfectly. Within mac only firefox works if it uses its internal certificate store and not the keychain. It's the keychain method of importing a certificate that causes the issue. Thus, all browsers using the keychain will not work. Root CA Cert: -----BEGIN CERTIFICATE----- **some base64 stuff** -----END CERTIFICATE----- Intermediate CA Cert: Certificate: Data: Version: 3 (0x2) Serial Number: 1 (0x1) Signature Algorithm: sha1WithRSAEncryption Issuer: C=*****, ST=*******, L=******, O=*******, CN=******/emailAddress=****** Validity Not Before: May 21 13:57:32 2014 GMT Not After : Jun 20 13:57:32 2014 GMT Subject: C=*****, ST=********, O=*******, CN=*******/emailAddress=******* Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (4096 bit) Modulus (4096 bit): 00:e7:2d:75:38:23:02:8e:b9:8d:2f:33:4c:2a:11: 6d:d4:f8:29:ab:f3:fc:12:00:0f:bb:34:ec:35:ed: a5:38:10:1e:f3:54:c2:69:ae:3b:22:c0:0d:00:97: 08:da:b9:c9:32:c0:c6:b1:8b:22:7e:53:ea:69:e2: 6d:0f:bd:f5:96:b2:d0:0d:b2:db:07:ba:f1:ce:53: 8a:5e:e0:22:ce:3e:36:ed:51:63:21:e7:45:ad:f9: 4d:9b:8f:7f:33:4c:ed:fc:a6:ac:16:70:f5:96:36: 37:c8:65:47:d1:d3:12:70:3e:8d:2f:fb:9f:94:e0: c9:5f:d0:8c:30:e0:04:23:38:22:e5:d9:84:15:b8: 31:e7:a7:28:51:b8:7f:01:49:fb:88:e9:6c:93:0e: 63:eb:66:2b:b4:a0:f0:31:33:8b:b4:04:84:1f:9e: d5:ed:23:cc:bf:9b:8e:be:9a:5c:03:d6:4f:1a:6f: 2d:8f:47:60:6c:89:c5:f0:06:df:ac:cb:26:f8:1a: 48:52:5e:51:a0:47:6a:30:e8:bc:88:8b:fd:bb:6b: c9:03:db:c2:46:86:c0:c5:a5:45:5b:a9:a3:61:35: 37:e9:fc:a1:7b:ae:71:3a:5c:9c:52:84:dd:b2:86: b3:2e:2e:7a:5b:e1:40:34:4a:46:f0:f8:43:26:58: 30:87:f9:c6:c9:bc:b4:73:8b:fc:08:13:33:cc:d0: b7:8a:31:e9:38:a3:a9:cc:01:e2:d4:c2:a5:c1:55: 52:72:52:2b:06:a3:36:30:0c:5c:29:1a:dd:14:93: 2b:9d:bf:ac:c1:2d:cd:3f:89:1f:bc:ad:a4:f2:bd: 81:77:a9:f4:f0:b9:50:9e:fb:f5:da:ee:4e:b7:66: e5:ab:d1:00:74:29:6f:01:28:32:ea:7d:3f:b3:d7: 97:f2:60:63:41:0f:30:6a:aa:74:f4:63:4f:26:7b: 71:ed:57:f1:d4:99:72:61:f4:69:ad:31:82:76:67: 21:e1:32:2f:e8:46:d3:28:61:b1:10:df:4c:02:e5: d3:cc:22:30:a4:bb:81:10:dc:7d:49:94:b2:02:2d: 96:7f:e5:61:fa:6b:bd:22:21:55:97:82:18:4e:b5: a0:67:2b:57:93:1c:ef:e5:d2:fb:52:79:95:13:11: 20:06:8c:fb:e7:0b:fd:96:08:eb:17:e6:5b:b5:a0: 8d:dd:22:63:99:af:ad:ce:8c:76:14:9a:31:55:d7: 95:ea:ff:10:6f:7c:9c:21:00:5e:be:df:b0:87:75: 5d:a6:87:ca:18:94:e7:6a:15:fe:27:dd:28:5e:c0: ad:d2:91:d3:2d:8e:c3:c0:9f:fb:ff:c0:36:7e:e2: d7:bc:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Alternative Name: DNS:localhost, DNS:dropbox.com, DNS:*.dropbox.com, DNS:filedropper.com, DNS:*.filedropper.com X509v3 Subject Key Identifier: F3:E5:38:5B:3C:AF:1C:73:C1:4C:7D:8B:C8:A1:03:82:65:0D:FF:45 X509v3 Authority Key Identifier: keyid:2B:37:39:7B:9F:45:14:FE:F8:BC:CA:E0:6E:B4:5F:D6:1A:2B:D7:B0 DirName:/C=****/ST=******/L=*******/O=*******/CN=******/emailAddress=******* serial:EE:8C:A3:B4:40:90:B0:62 X509v3 Basic Constraints: CA:TRUE Signature Algorithm: sha1WithRSAEncryption 46:2a:2c:e0:66:e3:fa:c6:80:b6:81:e7:db:c3:29:ab:e7:1c: f0:d9:a0:b7:a9:57:8c:81:3e:30:8f:7d:ef:f7:ed:3c:5f:1e: a5:f6:ae:09:ab:5e:63:b4:f6:d6:b6:ac:1c:a0:ec:10:19:ce: dd:5a:62:06:b4:88:5a:57:26:81:8e:38:b9:0f:26:cd:d9:36: 83:52:ec:df:f4:63:ce:a1:ba:d4:1c:ec:b6:66:ed:f0:32:0e: 25:87:79:fa:95:ee:0f:a0:c6:2d:8f:e9:fb:11:de:cf:26:fa: 59:fa:bd:0b:74:76:a6:5d:41:0d:cd:35:4e:ca:80:58:2a:a8: 5d:e4:d8:cf:ef:92:8d:52:f9:f2:bf:65:50:da:a8:10:1b:5e: 50:a7:7e:57:7b:94:7f:5c:74:2e:80:ae:1e:24:5f:0b:7b:7e: 19:b6:b5:bd:9d:46:5a:e8:47:43:aa:51:b3:4b:3f:12:df:7f: ef:65:21:85:c2:f6:83:84:d0:8d:8b:d9:6d:a8:f9:11:d4:65: 7d:8f:28:22:3c:34:bb:99:4e:14:89:45:a4:62:ed:52:b1:64: 9a:fd:08:cd:ff:ca:9e:3b:51:81:33:e6:37:aa:cb:76:01:90: d1:39:6f:6a:8b:2d:f5:07:f8:f4:2a:ce:01:37:ba:4b:7f:d4: 62:d7:d6:66:b8:78:ad:0b:23:b6:2e:b0:9a:fc:0f:8c:4c:29: 86:a0:bc:33:71:e5:7f:aa:3e:0e:ca:02:e1:f6:88:f0:ff:a2: 04:5a:f5:d7:fe:7d:49:0a:d2:63:9c:24:ed:02:c7:4d:63:e6: 0c:e1:04:cd:a4:bf:a8:31:d3:10:db:b4:71:48:f7:1a:1b:d9: eb:a7:2e:26:00:38:bd:a8:96:b4:83:09:c9:3d:79:90:e1:61: 2c:fc:a0:2c:6b:7d:46:a8:d7:17:7f:ae:60:79:c1:b6:5c:f9: 3c:84:64:7b:7f:db:e9:f1:55:04:6e:b5:d3:5e:d3:e3:13:29: 3f:0b:03:f2:d7:a8:30:02:e1:12:f4:ae:61:6f:f5:4b:e9:ed: 1d:33:af:cd:9b:43:42:35:1a:d4:f6:b9:fb:bf:c9:8d:6c:30: 25:33:43:49:32:43:a5:a8:d8:82:ef:b0:a6:bd:8b:fb:b6:ed: 72:fd:9a:8f:00:3b:97:a3:35:a4:ad:26:2f:a9:7d:74:08:82: 26:71:40:f9:9b:01:14:2e:82:fb:2f:c0:11:51:00:51:07:f9: e1:f6:1f:13:6e:03:ee:d7:85:c2:64:ce:54:3f:15:d4:d7:92: 5f:87:aa:1e:b4:df:51:77:12:04:d2:a5:59:b3:26:87:79:ce: ee:be:60:4e:87:20:5c:7f -----BEGIN CERTIFICATE----- **some base64 stuff** -----END CERTIFICATE-----

    Read the article

  • How to improve Varnish performance?

    - by Darkseal
    We're experiencing a strange problem with our current Varnish configuration. 4x Web Servers (IIS 6.5 on Windows 2003 Server, each installed on a Intel(R) Xeon(R) CPU E5450 @ 3.00GHz Quad Core, 4GB RAM) 3x Varnish Servers (varnish-3.0.3 revision 9e6a70f on Ubuntu 12.04.2 LTS - 64 bit/precise, Kernel Linux 3.2.0-29-generic, each installed on a Intel(R) Xeon(R) CPU E5450 @ 3.00GHz Quad Core, 4GB RAM) The Varnish Servers performance are awfully bad in general, to the point that if we shut down one of them the other two are unable to fullfill all the requests and start to skip beats resulting in pending requests, timeouts, 404, etc. What can we do to improve our Varnish performance? Considering that we're getting less than 5k request per seconds during our max peak, we should be able to serve our pages even with a single one of them without any problem. We use a standard, vanilla CFG, as shown by this varnishadm param.show output: acceptor_sleep_decay 0.900000 [] acceptor_sleep_incr 0.001000 [s] acceptor_sleep_max 0.050000 [s] auto_restart on [bool] ban_dups on [bool] ban_lurker_sleep 0.010000 [s] between_bytes_timeout 60.000000 [s] cc_command "exec gcc -std=gnu99 -g -O2 -pthread -fpic -shared - Wl,-x -o %o %s" cli_buffer 8192 [bytes] cli_timeout 20 [seconds] clock_skew 10 [s] connect_timeout 0.700000 [s] critbit_cooloff 180.000000 [s] default_grace 10.000000 [seconds] default_keep 0.000000 [seconds] default_ttl 120.000000 [seconds] diag_bitmap 0x0 [bitmap] esi_syntax 0 [bitmap] expiry_sleep 1.000000 [seconds] fetch_chunksize 128 [kilobytes] fetch_maxchunksize 262144 [kilobytes] first_byte_timeout 60.000000 [s] group varnish (113) gzip_level 6 [] gzip_memlevel 8 [] gzip_stack_buffer 32768 [Bytes] gzip_tmp_space 0 [] gzip_window 15 [] http_gzip_support off [bool] http_max_hdr 64 [header lines] http_range_support on [bool] http_req_hdr_len 8192 [bytes] http_req_size 32768 [bytes] http_resp_hdr_len 8192 [bytes] http_resp_size 32768 [bytes] idle_send_timeout 60 [seconds] listen_address :80 listen_depth 1024 [connections] log_hashstring on [bool] log_local_address off [bool] lru_interval 2 [seconds] max_esi_depth 5 [levels] max_restarts 4 [restarts] nuke_limit 50 [allocations] pcre_match_limit 10000 [] pcre_match_limit_recursion 10000 [] ping_interval 3 [seconds] pipe_timeout 60 [seconds] prefer_ipv6 off [bool] queue_max 100 [%] rush_exponent 3 [requests per request] saintmode_threshold 10 [objects] send_timeout 600 [seconds] sess_timeout 5 [seconds] sess_workspace 16384 [bytes] session_linger 50 [ms] session_max 100000 [sessions] shm_reclen 255 [bytes] shm_workspace 8192 [bytes] shortlived 10.000000 [s] syslog_cli_traffic on [bool] thread_pool_add_delay 2 [milliseconds] thread_pool_add_threshold 2 [requests] thread_pool_fail_delay 200 [milliseconds] thread_pool_max 2000 [threads] thread_pool_min 5 [threads] thread_pool_purge_delay 1000 [milliseconds] thread_pool_stack unlimited [bytes] thread_pool_timeout 300 [seconds] thread_pool_workspace 65536 [bytes] thread_pools 2 [pools] thread_stats_rate 10 [requests] user varnish (106) vcc_err_unref on [bool] vcl_dir /etc/varnish vcl_trace off [bool] vmod_dir /usr/lib/varnish/vmods waiter default (epoll, poll) This is our default.vcl file: LINK sub vcl_recv { # BASIC recv COMMANDS: # # lookup -> search the item in the cache # pass -> always serve a fresh item (no-caching) # pipe -> like pass but ensures a direct-connection with the backend (no-cache AND no-proxy) # Allow the backend to serve up stale content if it is responding slow. # This defines when Varnish should use a stale object if it has one in the cache. set req.grace = 30s; if (client.ip == "127.0.0.1") { # request from NGINX - do not alter X-Forwarded-For set req.http.HTTPS = "on"; } else { # Add an X-Forwarded-For to keep track of original request unset req.http.HTTPS; unset req.http.X-Forwarded-For; set req.http.X-Forwarded-For = client.ip; } set req.backend = www_director; # Strip all cookies to force an anonymous request when the back-end servers are down. if (!req.backend.healthy) { unset req.http.Cookie; } ## HHTP Accept-Encoding if (req.http.Accept-Encoding) { if (req.http.Accept-Encoding ~ "gzip") { set req.http.Accept-Encoding = "gzip"; } else if (req.http.Accept-Encoding ~ "deflate") { set req.http.Accept-Encoding = "deflate"; } else { unset req.http.Accept-Encoding; } } if (req.request != "GET" && req.request != "HEAD" && req.request != "PUT" && req.request != "POST" && req.request != "TRACE" && req.request != "OPTIONS" && req.request != "DELETE") { /* non-RFC2616 or CONNECT */ return (pipe); } if (req.request != "GET" && req.request != "HEAD") { /* only deal with GET and HEAD by default */ return (pass); } if (req.http.Authorization) { return (pass); } if (req.http.HTTPS ~ "on") { return (pass); } ###################################################### # COOKIE HANDLING ###################################################### # METHOD 1: do not remove cookies, but pass the page if they contain TB_NC if (!(req.url ~ "(?i)\.(png|gif|ipeg|jpg|ico|swf|css|js)(\?[a-z0-9]+)?$")) { if (req.http.Cookie && req.http.Cookie ~ "TB_NC") { return (pass); } } return (lookup); } # Code determining what to do when serving items from the IIS Server sub vcl_fetch { unset beresp.http.Server; set beresp.http.Server = "Server-1"; # Allow items to be stale if needed. This is the maximum time Varnish should keep an object. set beresp.grace = 1h; if (req.url ~ "(?i)\.(png|gif|ipeg|jpg|ico|swf|css|js)(\?[a-z0-9]+)?$") { unset beresp.http.set-cookie; } # Default Varnish VCL logic if (!beresp.cacheable || beresp.ttl <= 0s || beresp.http.Set-Cookie || beresp.http.Vary == "*") { set beresp.ttl = 120 s; return(hit_for_pass); } # Not Cacheable if it has specific TB_NC no-caching cookie if (req.http.Cookie && req.http.Cookie ~ "TB_NC") { set beresp.http.X-Cacheable = "NO:Got Cookie"; set beresp.ttl = 120 s; return(hit_for_pass); } # Not Cacheable if it has Cache-Control private else if (beresp.http.Cache-Control ~ "private") { set beresp.http.X-Cacheable = "NO:Cache-Control=private"; set beresp.ttl = 120 s; return(hit_for_pass); } # Not Cacheable if it has Cache-Control no-cache or Pragma no-cache else if (beresp.http.Cache-Control ~ "no-cache" || beresp.http.Pragma ~ "no-cache") { set beresp.http.X-Cacheable = "NO:Cache-Control=no-cache (or pragma no-cache)"; set beresp.ttl = 120 s; return(hit_for_pass); } # If we reach to this point, the object is cacheable. # Cacheable but with not enough ttl: we need to extend the lifetime of the object artificially # NOTE: Varnish default TTL is set in /etc/sysconfig/varnish # and can be checked using the following command: # varnishadm param.show default_ttl else if (beresp.ttl < 1s) { set beresp.ttl = 5s; set beresp.grace = 5s; set beresp.http.X-Cacheable = "YES:FORCED"; } # Cacheable and with valid TTL. else { set beresp.http.X-Cacheable = "YES"; } # DEBUG INFO (Cookies) # set beresp.http.X-Cookie-Debug = "Request cookie: " + req.http.Cookie; return(deliver); } sub vcl_error { set obj.http.Content-Type = "text/html; charset=utf-8"; if (obj.status == 404) { synthetic {" <!-- Markup for the 404 page goes here --> "}; } else if (obj.status == 500) { synthetic {" <!-- Markup for the 500 page goes here --> "}; } else if (obj.status == 503) { if (req.restarts < 4) { return(restart); } else { synthetic {" <!-- Markup for the 503 page goes here --> "}; } } else { synthetic {" <!-- Markup for a generic error page goes here --> "}; } } sub vcl_deliver { if (obj.hits > 0) { set resp.http.X-Cache = "HIT"; } else { set resp.http.X-Cache = "MISS"; } } Thanks in advance,

    Read the article

  • I tried everyhing, I just can't put my uiview behind my status bar ....

    - by gotye
    Hey guys, I have been trying every tips you already gave to other mates that where having the same issue but I just can't manage to do it ... My app isn't even special, it is a basic app with a tab bar and nav bar ... I currently got something like this in the controller I push (that i want to be fullscreen) : - (void)viewDidLoad { [super viewDidLoad]; self.view.autoresizingMask = 0; self.view.superview.autoresizingMask = 0; [[UIApplication sharedApplication] setStatusBarStyle: UIStatusBarStyleBlackTranslucent]; //[[UIApplication sharedApplication] setStatusBarHidden:YES animated:YES]; [self.navigationController.navigationBar setBarStyle:UIBarStyleBlackTranslucent]; CGRect test = CGRectMake(0.0,0.0,320,44); //[self.navigationController.navigationBar setFrame:test]; //[self setWantsFullScreenLayout:YES]; [self.view.superview setBounds:CGRectMake(0,-20.0,320,480)]; //[self.view setBounds:[[UIScreen mainScreen] bounds]]; [self.view setBounds:CGRectMake(0,-20.0,320,480)]; //CGRect rect4 = CGRectMake(0.0,0.0,320.0,500.0); //[self.view setFrame:rect4]; [self.view setBackgroundColor:[UIColor redColor]]; } As you can see I tried a lot of stuff :D but my red background isn't going under my status bar ... I am using the iphone simulator (in case it has to do with it ..) Thank you for any help ;) Gotye.

    Read the article

  • Des chercheurs de Google revoient les fondements de SSL, pour rendre le processus de certification plus transparent et plus sûr

    Des chercheurs de Google revoient en profondeur les fondements de SSL Pour rendre le processus de certification plus transparent et plus sûr Des chercheurs de Google veulent remanier en profondeur les fondations des infrastructures de certifications SSL. En proposant une meilleure transparence, ils espèrent rendre le processus plus sûr et éviter de réitérer la déroute DigoNotar. Ben Laurie et Adam Langley proposent de combler une lacune fondamentale. Celle qui permet à plus de 600 autorités de délivrer ...

    Read the article

  • Obtaining the correct Client IP address when a Physical Load Balancer and a Web Server Configured With Proxy Plug-in Are Between The Client And Weblogic

    - by adejuanc
    Some Load Balancers like Big-IP have build in interoperability with Weblogic Cluster, this means they know how Weblogic understand a header named 'WL-Proxy-Client-IP' to identify the original client ip.The problem comes when you have a Web Server configured with weblogic plug-in between the Load Balancer and the back-end weblogic servers - WL-Proxy-Client-IP this is not designed to go to Web server proxy plug-in. The plug-in will not use a WL-Proxy-Client-IP header that came in from the previous hop (which is this case is the Physical Load Balancer but could be anything), in order to prevent IP spoofing, therefore the plug-in won't pass on what Load Balancer has set for it.So unfortunately under this Architecture the header will be useless. To get the client IP from Weblogic you need to configure extended log format and create a custom field that gets the appropriate header containing the IP of the client.On WLS versions prior to 10.3.3 use these instructions:You can also create user-defined fields for inclusion in an HTTP access log file that uses the extended log format. To create a custom field you identify the field in the ELF log file using the Fields directive and then you create a matching Java class that generates the desired output. You can create a separate Java class for each field, or the Java class can output multiple fields. For a sample of the Java source for such a class, seeJava Class for Creating a Custom ELF Field to import weblogic.servlet.logging.CustomELFLogger;import weblogic.servlet.logging.FormatStringBuffer;import weblogic.servlet.logging.HttpAccountingInfo;/* This example outputs the X-Forwarded-For field into a custom field called MyOriginalClientIPField */public class MyOriginalClientIPField implements CustomELFLogger{ public void logField(HttpAccountingInfo metrics,  FormatStringBuffer buff) {   buff.appendValueOrDash(metrics.getHeader("X-Forwarded-For");  }}In this case we are using 'X-Forwarded-For' but it could be changed for the header that contains the data you need to use.Compile the class, jar it, and prepend it to the classpath.In order to compile and package the class: 1. Navigate to <WLS_HOME>/user_projects/domains/<SOME_DOMAIN>/bin2. Set up an environment by executing: $ . ./setDomainEnv.sh This will include weblogic.jar into classpath, in order to use any of the libraries included under package weblogic.*3. Compile the class by copying the content of the code above and naming the file as:MyOriginalClientIPField.java4. Run javac to compile the class.$javac MyOriginalClientIPField.java5. Package the compiled class into a jar file by executing:$jar cvf0 MyOriginalClientIPField.jar MyOriginalClientIPField.classExpected output is:added manifestadding: MyOriginalClientIPField.class(in = 711) (out= 711)(stored 0%)6. This will produce a file called:MyOriginalClientIPField.jar This way you will be able to get the real client IP when the request is passing through a Load Balancer and a Web server before reaching WLS. Since 10.3.3 it is possible to configure a specific header that WLS will check when getRemoteAddr is called. That can be set on the WebServer Mbean. In this case, set that to be X-Forwarded-For header coming from Load Balancer as well.

    Read the article

  • Poco SocketReactors for a Proxy Server

    - by Genesis
    Can anyone give me some idea of the best way to implement a non-blocking proxy server using a Poco Socket Reactor? Currently I have a blocking implementation where if a readable notification arrives from the client I am writing what is read directly to the server, and if a readable notification arrives from the server I am writing what is read directly to the client. To achieve this I keep the thread that initiated the server connection alive but I would prefer to switch to non-blocking and have any threads which are used to initiate a connection removed once the server and client sockets are registered with the reactor and the SOCKS5 handshake is over. With a SocketReactor one can register event handlers for a single socket but the trouble is I would need to store whatever is read from that socket in a global buffer until the corresponding server socket is ready to be written to as from my testing I dont seem to be able to just write directly to the server when client data arrives. I am thinking of using a struct that contains the client socket, server socket, client buffer and server buffer and whenever a writable notification comes along for either the client or server, finding the corresponding buffer and writing this. Any thoughts?

    Read the article

  • DotNetOpenAuth OpenID on ISA 2006 Reverse Proxy problem

    - by userb00
    I am trying to host my site that uses DotNetOpenAuth (OpenID) behind ISA 2006 (reverse proxy), and after it authenticated with a provider (such as Google), and it returns with a URL with %253A in the URL. However, ISA HTTP filter rejects the request. What I need to do is, on ISA web publishing rule, right click config HTTP policy properties uncheck "Verify Normalization" and it worked. Is this a problem on ISA 2006 generally? Are other firewalls having similar problems? Or, is it an OpenID or DotNetOpenAuth issue? Is it safe to disable Normalization checking on ISA? According to MSDN, quote "Web servers receive requests that are URL encoded. This means that certain characters may be replaced with a percent sign (%) followed by a particular number. For example, %20 corresponds to a space, so a request for http://myserver/My%20Dir/My%20File.htm is the same as a request for http://myserver/My Dir/My File.htm. Normalization is the process of decoding URL-encoded requests. Because the % can be URL encoded, an attacker can submit a carefully crafted request to a server that is basically double-encoded. If this occurs, Internet Information Services (IIS) may accept a request that it would otherwise reject as not valid. When you select Verify Normalization, the HTTP filter normalizes the URL two times. If the URL after the first normalization is different from the URL after the second normalization, the filter rejects the request. This prevents attacks that rely on double-encoded requests. Note that while we recommend that you use the Verify Normalization function, it may also block legitimate requests that contain a %."

    Read the article

  • Proxy is created, and interceptor is in the __interceptors array, but the interceptor is never calle

    - by drewbu
    This is the first time I've used interceptors with the fluent registration and I'm missing something. With the following registration, I can resolve an IProcessingStep, and it's a proxy class and the interceptor is in the __interceptors array, but for some reason, the interceptor is not called. Any ideas what I'm missing? Thanks, Drew AllTypes.Of<IProcessingStep>() .FromAssembly(Assembly.GetExecutingAssembly()) .ConfigureFor<IProcessingStep>(c => c .Unless(Component.ServiceAlreadyRegistered) .LifeStyle.PerThread .Interceptors(InterceptorReference.ForType<StepLoggingInterceptor>()).First ), Component.For<StepMonitorInterceptor>(), Component.For<StepLoggingInterceptor>(), Component.For<StoreInThreadInterceptor>() public abstract class BaseStepInterceptor : IInterceptor { public void Intercept(IInvocation invocation) { IProcessingStep processingStep = (IProcessingStep)invocation.InvocationTarget; Command cmd = (Command)invocation.Arguments[0]; OnIntercept(invocation, processingStep, cmd); } protected abstract void OnIntercept(IInvocation invocation, IProcessingStep processingStep, Command cmd); } public class StepLoggingInterceptor : BaseStepInterceptor { private readonly ILogger _logger; public StepLoggingInterceptor(ILogger logger) { _logger = logger; } protected override void OnIntercept(IInvocation invocation, IProcessingStep processingStep, Command cmd) { _logger.TraceFormat("<{0}> for cmd:<{1}> - begin", processingStep.StepType, cmd.Id); bool exceptionThrown = false; try { invocation.Proceed(); } catch { exceptionThrown = true; throw; } finally { _logger.TraceFormat("<{0}> for cmd:<{1}> - end <{2}> times:<{3}>", processingStep.StepType, cmd.Id, !exceptionThrown && processingStep.CompletedSuccessfully ? "succeeded" : "failed", cmd.CurrentMetric==null ? "{null}" : cmd.CurrentMetric.ToString()); } } }

    Read the article

  • how to read http response soap headers from web service response in proxy class

    - by Fabricio
    I'm having some problems with one webservice that i'm working with. I generated a proxy class with wsdl.exe that comes with .net framework. But that webservice return a header that isnt not mapped by the wsdl. I must map the header sop because it contains some properties that i have to read and work with. how can i read the soap's header collection? Ex.: <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Header xmlns="http://xml.amadeus.com/ws/2009/01/WBS_Session-2.0.xsd"> <Session> <SessionId>545784545</SessionId> <SequenceNumber>1</SequenceNumber> <SecurityToken>asd7a87sda89sd45as4d5a4</SecurityToken> </Session> </soap:Header> <soap:Body> <TAM_Altea_Seguranca_AutenticarRS xmlns="http://xml.amadeus.com/2009/04/TAM/TAM_Altea_Seguranca_AutenticarRS_2.0"> <statusDoProcesso> <codigoDoStatus>P</codigoDoStatus> </statusDoProcesso> </TAM_Altea_Seguranca_AutenticarRS> </soap:Body> </soap:Envelope> I need to read the SOAP:HEADER - Session.

    Read the article

  • How to Connect to a web service (SSL enabled and proxy interface)

    - by blgnklc
    There is a web service running on tomcat on a server. It is built on Java Servlet. It is listening others to call itself on a SSL enabled http port. so its web service adreess looks like: https://172.29.12.12/axis/services/XYZClient?wsdl On the other hand I want to connect the web service above from a windows application which is built on .NET frame work. Finally, when I want to connect the web service from my computer; I get some specific erros; Firstly I get; Proxy authentication error; then I added some new line to my code; Dim cr As System.Net.NetworkCredential = New System.Net.NetworkCredential("xname", "xsurname", "xdomainname") Dim myProxy As New WebProxy("http://mar.xxxyyy.com", True) myProxy.Credentials = cr Secondly, after this modifications It says that bad request. I did not get over this error. Moreover I did try to connect the web server on the same computer. I copied my executable program to the computer where the web service runs. The error was like; The underlying connection was closed: Could not establish trust relationship for SSL/TLS secure channel PS: When I try to connect to web service by using Internet Explorer; I see firstly some warnings about accepting an unknown certificate and I click take me to web service an I get there clearly. I want to know what are the basic elements to connect a web service, could you please tell me the requirements that I have to use on my windows project. regards bk

    Read the article

  • ColdFusion Session issue - multiple users behind one proxy IP -- cftoken and cfid seems to be shared

    - by smoothoperator
    Hi Everyone, I have an application that uses coldfusion's session management (instead of the J2EE) session management. We have one client, who has recently switched their company's traffic to us to come viaa proxy server in their network. So, to our Coldfusion server, it appears that all traffic is coming from this one IP Address, for all of the accounts of this one company.. Of the session variables, Part 1 is kept in a cflock, and Part 2 is kept in editable session variables. I may be misundestanding, but we have done it this way as we modify some values as needed throughout the application's usage. We are now running into an issue of this client having their session variables mixed up (?). We have one case where we set a timestamp.. and when it comes time to look it up, it's empty. From the looks of it this is happening because of another user on the same token. My initial thoughts are to look into modifying our existing session management to somehow generate a unique cftoken/cfid, or to start using jsession_ID, if this solves the problem at all. I have done some basic research on this issue and couldn't find anything similar, so I thought I'd ask here. Thanks!

    Read the article

  • Duplicate C# web service proxy classes generated for Java types

    - by Sergey
    My question is about integration between a Java web service and a C# .NET client. Service: CXF 2.2.3 with Aegis databinding Client: C#, .NET 3.5 SP1 For some reason Visual Studio generates two C# proxy enums for each Java enum. The generated C# classes do not compile. For example, this Java enum: public enum SqlDialect { GENERIC, SYBASE, SQL_SERVER, ORACLE; } Produces this WSDL: <xsd:simpleType name="SqlDialect"> <xsd:restriction base="xsd:string"> <xsd:enumeration value="GENERIC" /> <xsd:enumeration value="SYBASE" /> <xsd:enumeration value="SQL_SERVER" /> <xsd:enumeration value="ORACLE" /> </xsd:restriction> </xsd:simpleType> For this WSDL Visual Studio generates two partial C# classes (generated comments removed): [System.CodeDom.Compiler.GeneratedCodeAttribute("System.Runtime.Serialization", "3.0.0.0")] [System.Runtime.Serialization.DataContractAttribute(Name="SqlDialect", Namespace="http://somenamespace")] public enum SqlDialect : int { [System.Runtime.Serialization.EnumMemberAttribute()] GENERIC = 0, [System.Runtime.Serialization.EnumMemberAttribute()] SYBASE = 1, [System.Runtime.Serialization.EnumMemberAttribute()] SQL_SERVER = 2, [System.Runtime.Serialization.EnumMemberAttribute()] ORACLE = 3, } [System.CodeDom.Compiler.GeneratedCodeAttribute("System.Xml", "2.0.50727.3082")] [System.SerializableAttribute()] [System.Xml.Serialization.XmlTypeAttribute(Namespace="http://somenamespace")] public enum SqlDialect { GENERIC, SYBASE, SQL_SERVER, ORACLE, } The resulting C# code does not compile: The namespace 'somenamespace' already contains a definition for 'SqlDialect' I will appreciate any ideas...

    Read the article

  • How to parse a raw HTTP response?

    - by Ed
    If I have a raw HTTP response as a string: HTTP/1.1 200 OK Date: Tue, 11 May 2010 07:28:30 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Server: gws X-XSS-Protection: 1; mode=block Connection: close <!doctype html><html>...</html> Is there an easy way I can parse it into an HttpListenerResponse object? Or at least some kind .NET object so I don't have to work with raw responses. What I'm doing currently is extracting the header key/value pairs and setting them on the HttpListenerResponse. But some headers can't be set, and then I have to cut out the body of the response and write it to the OutputStream. But the body could be gzipped, or it could be an image, which I can't get to work yet. And some responses contain random characters everywhere, which looks like an encoding problem. It's a lot of trouble. I'm getting a raw response because I'm using SOCKS to send an HTTP request. The program I'm working on is basically an HTTP proxy that can route requests through a SOCKS proxy, like Privoxy does.

    Read the article

  • Reusing service proxies

    - by Hadi Eskandari
    I have a set of webservices that I connect to using Silverlight Client. I use proxies generated by "Add service reference" or SLSVCUTIL.exe tool to connect to this service. So far, I have only used one single service. Now I want to use another service on the same server. The problem is that, first service generated set of proxy classes for me, and second service will reuse the same set of classes (plus extra services/classes), e.g. CustomerService.SaveCustomer(Customer customer); OrderService.CheckCustomerLevel(Customer customer); The problem is when I add reference to the second service, I can not reuse the same namespace for the second one (VS error), and when I use a different namespace, the generated classes, although are essentially the same, reside in different namespace, hence different and I end up with two Customer classes in two different namespaces. Anyway around this? I just neeed to have two set of services, reusing the Customer class. I have already tried "reuse types in assembly / all assemblies" check mark when generating proxy classes, but it seems to have no effect. any help is greatly appreciated.

    Read the article

  • Why does Http Web Request and IWebProxy work at wierd times

    - by Mike Webb
    Another question about Web proxy. Here is my code: IWebProxy Proxya = System.Net.WebRequest.GetSystemWebProxy(); Proxya.Credentials = CredentialCache.DefaultNetworkCredentials; HttpWebRequest rqst = (HttpWebRequest)WebRequest.Create(targetServer); rqst.Proxy = Proxya; rqst.Timeout = 5000; try { rqst.GetResponse(); } catch(WebException wex) { connectErrMsg = wex.Message; proxyworks = false; } This code fails the first time it is called. After that on successive calls it works sometimes, but not others. It also never hits the catch block. Now the weird part. If I add a MessageBox.Show(msg) call in the first section of code before the GetResponse() call this all will work every time. Here is an example: try { // ========Here is where I make the call and get the response======== System.Windows.Forms.MessageBox.Show("Getting Response"); // ========This makes the whole thing work every time======== rqst.GetResponse(); } catch(WebException wex) { connectErrMsg = wex.Message; proxyworks = false; } I'm baffled about why it is behaving this way. I don't know if the timeout is not working (it's in milliseconds, not seconds, so should timeout after 5 seconds, right?...) or what is going on. The most confusing this is that the message box call makes it all work. So any help and suggestions on what is happening is appreciated. These are the kind of bugs that drive me absolutely out of my mind.

    Read the article

  • Forwarding HTTP Request with Direct Server Return

    - by Daniel Crabtree
    I have servers spread across several data centers, each storing different files. I want users to be able to access the files on all servers through a single domain and have the individual servers return the files directly to the users. The following shows a simple example: 1) The user's browser requests http://www.example.com/files/file1.zip 2) Request goes to server A, based on the DNS A record for example.com. 3) Server A analyzes the request and works out that /files/file1.zip is stored on server B. 4) Server A forwards the request to server B. 5) Server B returns file1.zip directly to the user without going through server A. Note: steps 4 and 5 must be transparent to the user and cannot involve sending a redirect to the user as that would violate the requirement of a single domain. From my research, what I want to achieve is called "Direct Server Return" and it is a common setup for load balancing. It is also sometimes called a half reverse proxy. For step 4, it sounds like I need to do MAC Address Translation and then pass the request back onto the network and for servers outside the network of server A tunneling will be required. For step 5, I simply need to configure server B, as per the real servers in a load balancing setup. Namely, server B should have server A's IP address on the loopback interface and it should not answer any ARP requests for that IP address. My problem is how to actually achieve step 4? I have found plenty of hardware and software that can do this for simple load balancing at layer 4, but these solutions fall short and cannot handle the kind of custom routing I require. It seems like I will need to roll my own solution. Ideally, I would like to do the routing / forwarding at the web server level, i.e. in PHP or C# / ASP.net. However, I am open to doing it at a lower level such as Apache or IIS, or at an even lower level, i.e. a custom proxy service in front of everything.

    Read the article

  • Squid proxy not serving modified html content

    - by Matthew
    I'm trying to use squid to modify the page content of web page requests. I followed the upside-down-ternet tutorial which showed instructions for how to flip images on pages. I need to change the actual html of the page. I've been trying to do the same thing as in the tutorial, but instead of editing the image I'm trying to edit the html page. Below is a php script I'm using to try to do it. All jpg images get flipped, but the content on the page does not get edited. The edited index.html files written contain the edited content, but the pages the users receive don't contain the edited content. #!/usr/bin/php <?php $temp = array(); while ( $input = fgets(STDIN) ) { $micro_time = microtime(); // Split the output (space delimited) from squid into an array. $temp = split(' ', $input); //Flip jpg images, this works correctly if (preg_match("/.*\.jpg/i", $temp[0])) { system("/usr/bin/wget -q -O /var/www/cache/$micro_time.jpg ". $temp[0]); system("/usr/bin/mogrify -flip /var/www/cache/$micro_time.jpg"); echo "http://127.0.0.1/cache/$micro_time.jpg\n"; } //Don't edit files that are obviously not html. $temp[0] contains url of file to get elseif (preg_match("/(jpg|png|gif|css|js|\(|\))/i", $temp[0], $matches)) { echo $input; } //Otherwise, could be html (e.g. `wget http://www.google.com` downloads index.html) else{ $time = time() . microtime(); //For unique directory names $time = preg_replace("/ /", "", $time); //Simplify things by removing the spaces mkdir("/var/www/cache/". $time); //Create unique folder system("/usr/bin/wget -q --directory-prefix=\"/var/www/cache/$time/\" ". $temp[0]); $filename = system("ls /var/www/cache/$time/"); //Get filename of downloaded file //File is html, edit the content (this does not work) if(preg_match("/.*\.html/", $filename)){ //Get the html file contents $contentfh = fopen("/var/www/cache/$time/". $filename, 'r'); $content = fread($contentfh, filesize("/var/www/cache/$time/". $filename)); fclose($contentfh); //Edit the html file contents $content = preg_replace("/<\/body>/i", "<!-- content served by proxy --></body>", $content); //Write the edited file $contentfh = fopen("/var/www/cache/$time/". $filename, 'w'); fwrite($contentfh, $content); fclose($contentfh); //Return the edited page echo "http://127.0.0.1/cache/$time/$filename\n"; } //Otherwise file is not html, don't edit else{ echo $input; } } } ?>

    Read the article

  • Webservice proxy class generation

    - by kaivalya
    I include the below xsd file: <?xml version="1.0" encoding="utf-8"?> <xs:schema xmlns="http://www.xxxx.com/schemas/2005/06/messages" attributeFormDefault="unqualified" elementFormDefault="qualified" targetNamespace="http://www.xxxx.com/schemas/2005/06/messages" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:include schemaLocation="xxxxCommonTypes.xsd" /> <xs:element name="HotelDetailRQ"> <xs:annotation> <xs:documentation>Request data to obtain detailed information for the specified hotel product.</xs:documentation> </xs:annotation> <xs:complexType> <xs:complexContent mixed="false"> <xs:extension base="CoreRequest"> <xs:sequence> <xs:element name="HotelCode"> <xs:annotation> <xs:documentation>Hotel code to obtain detailed inormation.</xs:documentation> </xs:annotation> <xs:simpleType> <xs:restriction base="xs:string"> <xs:minLength value="1" /> <xs:maxLength value="10" /> </xs:restriction> </xs:simpleType> </xs:element> </xs:sequence> </xs:extension> </xs:complexContent> </xs:complexType> </xs:element> </xs:schema> to a wsdl file via; <xsd:schema xmlns="http://www.w3.org/2001/XMLSchema" targetNamespace="http://axis.frontend.hydra.xxxx.com"> <xsd:import schemaLocation="C:\Users\xxxx\HotelDetailRQ.xsd" namespace="http://www.xxxx.com/schemas/2005/06/messages" /> </xsd:schema> The problem is when I add the wsdl file to visual studio as a web reference, it does not generate the HotelDetailRQ proxy class in reference.cs file. So I am unable to use a generated HotelDetailRQ class. I am not experienced in using xsd files or wsdl files. Can you point me to where I might be making mistake here?

    Read the article

  • How to draw semi-transparent text on a graphics object?

    - by awe
    I want to draw a text with 32 bit transparency on a graphics object. When I try, I only get black color in the result. If I try to draw a line with the same semitransparent color, it works perfectly. I have this code: lBitmap As New Bitmap(32, 32, PixelFormat.Format32bppArgb) lGraphic As Graphics = Graphics.FromImage(lBitmap) lGraphic.SmoothingMode = SmoothingMode.HighQuality lGraphic.InterpolationMode = InterpolationMode.HighQualityBicubic lGraphic.Clear(Color.Transparent) Dim lTestTransparencyColor As Color = Color.FromArgb(100, 140, 0, 230) lGraphic.DrawLine(New Pen(lTestTransparencyColor), 0, 0, 32, 32) lBrush As New SolidBrush(lTestTransparencyColor) lGraphic.DrawString("A", New Font("Arial", 12), lBrush, 0, 0) Dim lImage As Image = lBitmap lImage.Save("D:\Test.png", Imaging.ImageFormat.Png) The line is drawn with the transparency applied correctly, but the text is black with no transparency. I was thinking it may be that SolidBrush does not support transparency, but I found a predefined brush named Transparent (Brushes.Transparent) that was a SolidBrush when I looked at it in debug. I tried to use Brushes.Transparent as the brush when drawing the text, and it was successfully not showing at all. That means I get full transparency to work, but not partial transparency.

    Read the article

  • How to solve/hack fading semi-transparent PNG bug in IE8?

    - by Soul_Master
    As you know, IE6 has bug that can't display semi-transparent PNG file without using non-standard style like filter. In IE7, this problem is fixed. But It still has some bug about PNG file. It can't correctly display fading semi-transparent PNG file. You can clearly see it when you use show/hide function in jQuery with semi-transparent PNG file. The background of image is displayed with non-transparent black color. Do you have any idea for solve this question by using jQuery. Update Let's see my testing As you see, IE8 always incorrectly displays PNG-24 image. Moreover, IE8 still correctly display PNG-8 image when I fade(jQuery.fadeOut function) it only. But It incorrectly display PNG-8 image when I fade & resize(jQuery.hide function) at the same time. PS. You can download my testing source code from here. Thanks,

    Read the article

  • System.Drawing - bad text rendering using DrawString on top of transparent pixels.

    - by mackenir
    When rendering text into a bitmap, I find that text looks very bad when rendered on top of an area with non-opaque alpha. The problem is progressively worse as the underlying pixels become more transparent. If I had to guess I'd say that when underlying pixels are transparent, the text renderer draws any anti-aliased 'gray' pixels as solid black. Here are some screenshots: Text drawn on top of transparent pixels: Text drawn on top of semi-transparent pixels: Text drawn on opaque pixels: Here is the code used to render the text: g.SmoothingMode = SmoothingMode.HighQuality; g.DrawString("Press the spacebar", Font, Brushes.Black, textLeft, textTop);

    Read the article

  • How to make inline png <img> transparent using css?

    - by metal-gear-solid
    How to make inline png transparent inside div? using css <div id="report'> <p> some text </p> <img src=transparent.png" /> </p> </div> this is image for example . Other than ball i want to make transparent other white area. Which is looking grey in IE6 I want to do in css like this div#report img {.....} is it possible? Edit: I don't want to make whole image transparent.

    Read the article

  • How do I create a text image with a transparent value for the text with image magick

    - by kareed
    I am using the following command to create an image of text with a shadow. What I would like to do is to create the text with a transparent opacity. system('convert -background transparent ' . '-fill rgb(127, 127, 127) ' . '-pointsize 30 ' . 'label:"This is a test" ' . '-background transparent -flatten -trim +repage ' . $fileName); how would I go about modifying this to accomplish getting transparent text?

    Read the article

< Previous Page | 68 69 70 71 72 73 74 75 76 77 78 79  | Next Page >