Search Results

Search found 3544 results on 142 pages for 'auth token'.

Page 9/142 | < Previous Page | 5 6 7 8 9 10 11 12 13 14 15 16  | Next Page >

• Ubuntu 12.04 - Pound Reverse Proxy and Adobe Flex/Flash Auth

  - by James

  First time posting, I have a completely fresh install of ubuntu 12.04 Client as a reverse proxy gateway to our internal network. Our setup is we have one external ip but three domains we would like to point to various webservers on our internal network. It's not so much a load balancing issue or cacheing etc. Merely routing some Client browsers to a port 80 webpage (to adhere to some stricter corporate policies regarding placing port numbers after domain names). I have gone with pound and everything seems to be working fine. Static pages load etc. Everything is good with the exception of a Flash/Flex based WebClient for a Digital Asset Management program. The actual static page loads fine, it is just at the moment of entering credentials, be they correct or incorrect, and hitting login, there is no response whatsoever. Either a rejection or confirmation etc. So the request back to the internal server can't be getting through. I have googled extensively and there might be a solution in a crossdomain.xml file? Documentation isn't very clear. And we are not the authors of the DAM app, and have no control over the code on the Flash/Flex side. Questions: Is there a particular config file/solution for pound that allows Flash/Flex auth information to be forwarded? Is there another reverse proxy program (nginx?)that allows this type of config? Am I looking at this the entire wrong way, should Flash/Flex fundamentally not be allowed to have this access?

  Read the article

• can't figure out why apache LDAP auth fails

  - by SethG

  Suddenly, yesterday, one of my apache servers became unable to connect to my LDAP (AD) server. I have two sites running on that server, both of which use LDAP to auth against my AD server when a user logs in to either site. It had been working fine two days ago. For reasons unknown, as of yesterday, it stopped working. The error log only says this: auth_ldap authenticate: user foo authentication failed; URI /FrontPage [LDAP: ldap_simple_bind_s() failed][Can't contact LDAP server], referer: http://mysite.com/ I thought perhaps my self-signed SSL cert had expired, so I created a new one for mysite.com, but not for the server hostname itself, and the problem persisted. I enabled debug-level logging. It shows the full SSL transaction with the LDAP server, and it appears to complete without errors until the very end when I get the "Can't contact LDAP server" message. I can run ldapsearch from the commandline on this server, and I can login to it, which also uses LDAP, so I know that the server can connect to and query the LDAP/AD server. It is only apache that cannot connect. Googling for an answer has turned up nothing, so I'm asking here. Can anybody provide insight to this problem? Here's the LDAP section from the apache config: <Directory "/web/wiki/"> Order allow,deny Allow from all AuthType Basic AuthName "Login" AuthBasicProvider ldap AuthzLDAPAuthoritative off #AuthBasicAuthoritative off AuthLDAPUrl ldaps://domain.server.ip/dc=full,dc=context,dc=server,dc=name?sAMAccountName?sub AuthLDAPBindDN cn=ldapbinduser,cn=Users,dc=full,dc=context,dc=server,dc=name AuthLDAPBindPassword password require valid-user </Directory>

  Read the article

• EngineX ignores Auth Basic?

  - by Miko

  I have configured nginx to password protect a directory using auth_basic. The password prompt comes up and the login works fine. However... if I refuse to type in my credentials, and instead hit escape multiple times in a row, the page will eventually load w/o CSS and images. In other words, continuously telling the login prompt to go away will at some point allow the page to load anyway. Is this an issue with nginx, or my configuration? Here is my virtual host: 31 server { 32 server_name sub.domain.com; 33 root /www/sub.domain.com/; 34 35 location / { 36 index index.php index.html; 37 root /www/sub.domain.com; 38 auth_basic "Restricted"; 39 auth_basic_user_file /www/auth/sub.domain.com; 40 error_page 404 = /www/404.php; 41 } 42 43 location ~ \.php$ { 44 include /usr/local/nginx/conf/fastcgi_params; 45 } 46 } My server runs CentOS + nginx + php-fpm + xcache + mysql

  Read the article

• posting nutch data into a BASIC auth secured Solr instance

  - by mlathe

  Hi. I've secured a solr instance using BASIC auth, kind of how it is shown here: http://blog.comtaste.com/2009/02/securing_your_solr_server_on_t.html Now i'm trying to update my batch processes to push data into the authenticated instance. The ones using "curl" are easy, but i also have a Nutch crawl that uses the "solrindex" command to push data into Solr. When i do that i get this error: 2010-02-22 12:09:28,226 INFO auth.AuthChallengeProcessor - basic authentication scheme selected 2010-02-22 12:09:28,229 INFO httpclient.HttpMethodDirector - No credentials available for BASIC 'Tomcat Manager Application'@ninja:5500 2010-02-22 12:09:28,236 WARN mapred.LocalJobRunner - job_local_0001 org.apache.solr.common.SolrException: Unauthorized Unauthorized request: http://ninja:5500/solr/foo/update?wt=javabin&version=2.2 at org.apache.solr.client.solrj.impl.CommonsHttpSolrServer.request(CommonsHttpSolrServer.java:343) at org.apache.solr.client.solrj.impl.CommonsHttpSolrServer.request(CommonsHttpSolrServer.java:183) at org.apache.solr.client.solrj.request.UpdateRequest.process(UpdateRequest.java:217) at org.apache.solr.client.solrj.SolrServer.add(SolrServer.java:48) at org.apache.nutch.indexer.solr.SolrWriter.close(SolrWriter.java:69) at org.apache.nutch.indexer.IndexerOutputFormat$1.close(IndexerOutputFormat.java:48) at org.apache.hadoop.mapred.ReduceTask.run(ReduceTask.java:447) at org.apache.hadoop.mapred.LocalJobRunner$Job.run(LocalJobRunner.java:170) 2010-02-22 12:09:29,134 FATAL solr.SolrIndexer - SolrIndexer: java.io.IOException: Job failed! at org.apache.hadoop.mapred.JobClient.runJob(JobClient.java:1232) at org.apache.nutch.indexer.solr.SolrIndexer.indexSolr(SolrIndexer.java:73) at org.apache.nutch.indexer.solr.SolrIndexer.run(SolrIndexer.java:95) at org.apache.hadoop.util.ToolRunner.run(ToolRunner.java:65) at org.apache.nutch.indexer.solr.SolrIndexer.main(SolrIndexer.java:104) Apparently nutch uses SolrJ to push the content, and after going through the solrj code, it's clear that it uses commons-httpclient without providing a way to set the credentials. Here are my question(s) Is this possible to do? ie push from nutch into a BASIC auth secured Solr instance? Is it possible to tell commons-httpclient about a credential without explicitly doing an _httpclient.getState().setCredentials(...)? Anyother ideas? One idea i had was to use an IPfiltering Valve for just the "update" Solr webservices. That would mean you could only make an update call from certain nodes. Thanks

  Read the article

• Updating Workflow Task without Correlation Token

  - by Khurram Aziz

  I have inhertied a sequential sharepoint workflow which deals with multiple tasks for different people; multi step approval based on certain condition..For each approval new task is created and monitored...For some reason; we have decided to use single task for the whole workflow and the single task will get assigned to required person at different stages...this will help us reduce the cluter in the task list For refactoring it; I am trying to create "CreateOrUpdateTaskAndWaitForCompletition" activity...so that I can use this component multiple times as per given workflow. Create/Wait branch of my activity works fine; as I have the correlation token within the activity. But when I try two instances of this activity; task is created in first activity and it needs to be updated in second instance where I dont have the correlation token. In the second instance; (Update/Wait branch) I have tried updating the task through code activity but its not working and I am getting "This task is currently locked by a running workflow and cannot be edited" exception! Can I use UpdateTask activity without correlation token? Can I programmatically update the workflow task? Can I programmatically unlock the workflow task?

  Read the article

• Google Reader API with Objective-C - Problem getting token

  - by JustinXXVII

  I am able to successfully get the SID (SessionID) for my Google Reader account. In order to obtain the feed and do other operations inside Google Reader, you have to obtain an authorization token. I'm having trouble doing this. Can someone shed some light? //Create a cookie to append to the GET request NSDictionary *cookieDictionary = [NSDictionary dictionaryWithObjectsAndKeys:@"SID",@"NSHTTPCookieName",self.sessionID,@"NSHTTPCookieValue",@".google.com",@"NSHTTPCookieDomain",@"/",@"NSHTTPCookiePath",@"NSHTTPCookieExpires",@"160000000000",nil]; NSHTTPCookie *authCookie = [NSHTTPCookie cookieWithProperties:cookieDictionary]; //The URL to obtain the Token from NSURL *tokenURL = [NSURL URLWithString:@"http://www.google.com/reader/api/0/token"]; NSMutableURLRequest *tokenRequest = [NSMutableURLRequest requestWithURL:tokenURL]; //Not sure if this is right: add cookie to array, extract the headers from the cookie inside the array...? [tokenRequest setAllHTTPHeaderFields:[NSHTTPCookie requestHeaderFieldsWithCookies:[NSArray arrayWithObjects:authCookie,nil]]]; //This gives me an Error 403 Forbidden in the didReceiveResponse of the delegate [NSURLConnection connectionWithRequest:tokenRequest delegate:self]; I get a 403 Forbidden error as the response from Google. I'm probably not doing it right. I set the dictionary values according to the documentation for NSHTTPCookie.

  Read the article

• Omniauth/Devise/Facebook: Auth route is not recognized

  - by M. Cypher

  I've been working on this problem for 7 hours now, and I still have no idea. Maybe one of you can help me. I'm simply trying to integrate the OAuth feature of Devise 1.2rc, which uses Omniauth, into my Rails application. I've been using this tutorial by Devise: https://github.com/plataformatec/devise/wiki/OmniAuth%3A-Overview I have done everything they tell you to... Yes, I have added the following line to my devise.rb: config.omniauth :facebook, "APP ID", "APP SECRET" I have added :omniauthable to my user model, as well as the class function as described in the tutorial I have implemented the omniauth_callbacks controller, as well as the callback function, and I have specified the omniauth_callbacks controller in my routes.rb When I run "rake middleware" it does list the Omniauth middleware: use OmniAuth::Strategies::Facebook I have installed Devise directly from the Git repo, master branch, so it's up-to-date I have installed Omniauth 1.2.0.beta5, which is the latest version. In my Gemfile it says: gem 'oa-oauth', '0.2.0.beta5', :require = 'omniauth/oauth' I have restarted the server, obviously However, when I try to request this URL: http://localhost:3000/auth/facebook it simply says ActionController::RoutingError (No route matches "/auth/facebook"): /user/auth/facebook doesn't work either. Since I unfortunately don't have the time to take apart the entire Omniauth and Devise gems and understand every line of code in them, maybe one of you could tell me what the problem might be.

  Read the article

• Problems with GData Request Token

  - by Dan Delgado

  We have successfully used GData libraries to access a user's Google Docs. But we encountered problems when many users log in to our site and authorize our web app at the same time or successively. Here's what happens: First user successful logs in, authorizes our web app via OAuth and is able to add rubric (or google spreadsheet). Second user, immediately after first user adds a rubric, successfully logs in then webapp fails on authorize (Token not given. I tried to log it.) Third user fails on login. Fourth user was able to log in, authorize via OAuth, and create rubrics successfully. Fifth user was able to log in but like the second user, gets an invalid token on authorize (Token not given.) And the list goes on. Results were unpredicatable. Below is an excerpt of the stack trace we get when the fail scenario happens: Nested in org.springframework.web.util.NestedServletException: Request processing failed; nested exception is java.lang.NullPointerException: java.lang.NullPointerException at com.google.gdata.client.authn.oauth.OAuthUtil.normalizeParameters(OAuthUtil.java:158) at com.google.gdata.client.authn.oauth.OAuthUtil.getSignatureBaseString(OAuthUtil.java:81) at com.google.gdata.client.authn.oauth.OAuthHelper.addCommonRequestParameters(OAuthHelper.java:649) at com.google.gdata.client.authn.oauth.OAuthHelper.getOAuthUrl(OAuthHelper.java:592) at com.google.gdata.client.authn.oauth.OAuthHelper.getUnauthorizedRequestToken(OAuthHelper.java:276) at com.projectrix.controller.OAuthController.authorize(OAuthController.java:59) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Method.java:40) Help!

  Read the article

• How to record different authentication types (username / password vs token based) in audit log

  - by RM

  I have two types of users for my system, normal human users with a username / password, and delegation authorized accounts through OAuth (i.e. using a token identifier). The information that is stored for each is quite different, and are managed by different subsytems. They do however interact with the same tables / data within the system, so I need to maintain the audit trail regardless of whether human user, or token-based user modified the data. My solution at the moment is to have a table called something like AuditableIdentity, and then have the two types inheriting off that table (either in the single table, or as two seperate tables with 1 to 1 PK with AuditableIdentity. All operations would use the common AuditableIdentity PK for CreatedBy, ModifiedBy etc columns. There isn't any FK constraint on the audit columns, so any text can go in there, but I want an easy way to easily determine whether it was a human or system that made the change, and joining to the one AuditableIdentity table seems like a clean way to do that? Is there a best practice for this scenario? Is this an appropriate way of approaching the problem - or would you not bother with the common table and just rely on joins (to the two seperate un-related user / token tables) later to determine which user type matches which audit records?

  Read the article

• WCF service consuming passively issued SAML token

  - by Neillyboy

  What is the best way to pass an existing SAML token from a website already authenticated via a passive STS? We have built an Identity Provider which is issuing passive claims to the website for authentication. We have this working. Now we would like to add some WCF services into the mix - calling them from the context of the already authenticated web application. Ideally we would just like to pass the SAML token on without doing anything to it (i.e. adding new claims / re-signing). All of the examples I have seen require the ActAs sts implementation - but is this really necessary? This seems a bit bloated for what we want to achieve. I would have thought a simple implementation passing the bootstrap token into the channel - using the CreateChannelActingAs or CreateChannelWithIssuedToken mechanism (and setting ChannelFactory.Credentials.SupportInteractive = false) to call the WCF service with the correct binding (what would that be?) would have been enough. We are using the Fabrikam example code as reference, but as I say, think the ActAs functionality here is overkill for what we are trying to achieve.

  Read the article

• django-social-auth for Facebook is redirecting home and not logging in

  - by Scott Rogowski

  I have had django-social-auth working for Google for quite some time now but am having problems with Facebook. I am at the point where clicking on the /login/facebook/ link will take me to the Facebook authorization page. I then click "go to app" and it redirects me to my home page but does not log in or create a user but does put some strange "#=" onto the back of my URL. Reading up on that, here https://developers.facebook.com/blog/post/552/, and here https://github.com/omab/django-social-auth/issues/199, it seems that would be happening if the redirect uri was not defined. However, on my facebook app settings, I have the following (replacing my site with example.com): + App Namespace: "example" + Site URL: "http://example.com/complete/facebook/" + Site Domain: "example.com" + Sandbox Mode: "On" + Post-Authorize Redirect URL: "http://apps.facebook.com/example/" + Deauthorize URL: "http://www.example.com/" + Post-Authorize URL: "http://example.com/complete/facebook/" The request that django-social-auth is sending to facebook is (replacing my info again): "https://www.facebook.com/dialog/oauth?scope=email&state=*&redirect_uri=http%3A%2F%2Fexample.com%2Fcomplete%2Ffacebook%2F%3Fredirect_state%3D***&client_id=*" The /complete/facebook/ is what is in the documentation and google works as /complete/google/ What am I missing here?

  Read the article

• Getting auth token for dropbox account from accountmanager in android

  - by user1490880

  I am trying to get auth token for a dropbox account configured in device from account manager. I am using accountManager.getAuthToken(account, "DROPBOX",null,Hello.this, new GetAuthTokenCallback(), null);//account" is dropbox account I am seeing a Allow/Deny page. I click on Allow, but the callback is not getting invoked at all and i dont get the auth token. I got the authtoken for a google account with this(with a different authtokentype). What i am missing. I am not sure about the authTokenType parameter for dropbox. Also are there any other parameter specific for dropbox like the bundle parameter that i am missing. Is this way possible for dropbox? Check below for the function parameters public AccountManagerFuture<Bundle> getAuthToken (Account account, String authTokenType, Bundle options, Activity activity, AccountManagerCallback<Bundle> callback, Handler handler) Link: http://developer.android.com/reference/android/accounts/AccountManager.html UPDATE I assume since we are able to create a dropbox account in android Accounts and Sync(Settings), there must be a dropbox authenticator that has all the functions in AbstractAccountAuthenticator implemented including getAuthToken(). So dropbox should support giving auth token i think. Also dropbox uses oauth1, whereas account manager uses outh 2.0. So is this an issue.Can anyone comment on this?

  Read the article

• Kohana Auth Library Deployment

  - by Steve

  My Kohana app runs perfectly on my local machine. When I deployed my app to a server (and adjust the config files appropriately), I can no longer log into the app. I've traced through the app login routine on both my local version and the server version and they both agree with each other all the way through until you get to the auth.php controller logged_in() routine where suddenly, at line 140 - the is_object($this-user) test - the $user object no longer exists!?!?!? The login() function call that calls the logged_in() function successfully passes the following test, which causes a redirect to the logged_in() function. if(Auth::instance()->login($user, $post['password'])) Yes, the password and hash, etc all work perfectly. Here is the offending code: public function logged_in() { if ( ! is_object($this->user)) { // No user is currently logged in url::redirect('auth/login'); } etc... } As the code is the same between my local installation and the server, I reckon it must be some server setting that is messing with me. FYI: All the rest of the code works because I have a temporary backdoor available that allows me to use the application (view pages of tables, etc) without being logged in. Any ideas?

  Read the article

• Facebook Android SDK. Error validating access token

  - by Mj1992

  I am trying to access user information from facebook sdk.But I keep getting this error. {"error":{"message":"Error validating access token: The session has been invalidated because the user has changed the password.","type":"OAuthException","code":190,"error_subcode":460}} Here is the call which returns me the error in the response parameter of the oncomplete function. mAsyncRunner.request("me", new RequestListener() { @Override public void onComplete(String response, Object state) { Log.d("Profile", response); String json = response; //<-- error in response try { JSONObject profile = new JSONObject(json); MainActivity.this.userid = profile.getString("id"); new GetUserProfilePic().execute(); runOnUiThread(new Runnable() { @Override public void run() { Toast.makeText(getApplicationContext(), "Name: " + MainActivity.this.userid, Toast.LENGTH_LONG).show(); } }); } catch (JSONException e) { e.printStackTrace(); Log.e("jsonexception",e.getMessage()); facebook.extendAccessTokenIfNeeded(MainActivity.this, null); GetUserInfo(); } } @Override public void onIOException(IOException e, Object state) { } @Override public void onFileNotFoundException(FileNotFoundException e, Object state) { } @Override public void onMalformedURLException(MalformedURLException e, Object state) { } @Override public void onFacebookError(FacebookError e, Object state) { } }); Sometimes I get the correct response also.I think this is due to the access token expiration if I am right. So can you guys tell me how to extend the access token although I've used this facebook.extendAccessTokenIfNeeded(this, null); in the onResume method of the activity. How to solve this?

  Read the article

• Why wont my while loop take new input (c++)

  - by Van

  I've written a program to get a string input from a user and parse it into tokens and move a robot according to the input. My problem is trying to issue more than one command. The code looks like: void Navigator::manualDrive() { const int bufSize = 42; char uinput[bufSize]; char delim[] = " "; char *token; while(true) { Navigator::parseInstruction(uinput); } } /* parseInstruction(char *c) -- parses cstring instructions received * and moves robot accordingly */ void Navigator::parseInstruction(char * c) { const int bufSize = 42; char uinput[bufSize]; char delim[] = " "; char *token; cout << "Enter your directions below: \n"; cin.ignore(); cin.getline (uinput, bufSize); token=strtok(uinput, delim); if(strcmp("forward", token) == 0) { int inches; token = strtok(NULL, delim); inches = atoi (token); Navigator::travel(inches); } if(strcmp("back",token) == 0) { int inches; token = strtok(NULL, delim); inches = atoi (token); double value = fabs(0.0735 * fabs(inches) - 0.0550); myRobot.backward(1/*speed*/, value/*time*/); } if(strcmp("turn",token) == 0) { int degrees; token = strtok(NULL, delim); if(strcmp("left",token) == 0) { token = strtok(uinput, delim); degrees = atoi (token); double value = fabs(0.0041 * degrees - 0.0523); myRobot.turnLeft(1/*speed*/, value/*time*/); } } if(strcmp("turn",token) == 0) { int degrees; token = strtok(NULL, delim); if(strcmp("right",token) == 0) { token = strtok(uinput, delim); degrees = atoi (token); double value = fabs(0.0041 * degrees - 0.0523); myRobot.turnRight(1/*speed*/, value/*time*/); } } if(strcmp("stop",token) == 0) { myRobot.motors(0,0); } } In the function manualDrive I have a while loop calling the function parseInstruction infinitely. The program outputs "Enter your directions below: " When I give the program instructions it executes them, and then it outputs "enter your directions below: " again and when I input my directions again it does not execute them and outputs "Enter your directions below: " instead. I'm sure this is a very simple fix I'm just very new to c++. So if you could please help me out and tell me why the program only takes the first set of directions. thanks

  Read the article

• Why wont my while loop wont take new input (c++)

  - by Van

  I've written a program to get a string input from a user and parse it into tokens and move a robot according to the input. My problem is trying to issue more than one command. The code looks like: void Navigator::manualDrive() { const int bufSize = 42; char uinput[bufSize]; char delim[] = " "; char *token; while(true) { Navigator::parseInstruction(uinput); } } /* parseInstruction(char *c) -- parses cstring instructions received * and moves robot accordingly */ void Navigator::parseInstruction(char * c) { const int bufSize = 42; char uinput[bufSize]; char delim[] = " "; char *token; cout << "Enter your directions below: \n"; cin.ignore(); cin.getline (uinput, bufSize); token=strtok(uinput, delim); if(strcmp("forward", token) == 0) { int inches; token = strtok(NULL, delim); inches = atoi (token); Navigator::travel(inches); } if(strcmp("back",token) == 0) { int inches; token = strtok(NULL, delim); inches = atoi (token); double value = fabs(0.0735 * fabs(inches) - 0.0550); myRobot.backward(1/*speed*/, value/*time*/); } if(strcmp("turn",token) == 0) { int degrees; token = strtok(NULL, delim); if(strcmp("left",token) == 0) { token = strtok(uinput, delim); degrees = atoi (token); double value = fabs(0.0041 * degrees - 0.0523); myRobot.turnLeft(1/*speed*/, value/*time*/); } } if(strcmp("turn",token) == 0) { int degrees; token = strtok(NULL, delim); if(strcmp("right",token) == 0) { token = strtok(uinput, delim); degrees = atoi (token); double value = fabs(0.0041 * degrees - 0.0523); myRobot.turnRight(1/*speed*/, value/*time*/); } } if(strcmp("stop",token) == 0) { myRobot.motors(0,0); } } In the function manualDrive I have a while loop calling the function parseInstruction infinitely. The program outputs "Enter your directions below: " When I give the program instructions it executes them, and then it outputs "enter your directions below: " again and when I input my directions again it does not execute them and outputs "Enter your directions below: " instead. I'm sure this is a very simple fix I'm just very new to c++. So if you could please help me out and tell me why the program only takes the first set of directions. thanks

  Read the article

• Parsing Data in XML and Storing to DB in Python

  - by Rakesh

  Hi Guys i have problem parsing an xml file and entering the data to sqlite, the format is like i need to enter the chracters before the token like 111,AAA,BBB etc <DOCUMENT> <PAGE width="544.252" height="634.961" number="1" id="p1"> <MEDIABOX x1="0" y1="0" x2="544.252" y2="634.961"/> <BLOCK id="p1_b1"> <TEXT width="37.7" height="74.124" id="p1_t1" x="51.1" y="20.8652"> <TOKEN sid="p1_s11" id="p1_w1" font-name="Verdanae" bold="yes" italic="no">111</TOKEN> </TEXT> </BLOCK> <BLOCK id="p1_b3"> <TEXT width="151.267" height="10.725" id="p1_t6" x="24.099" y="572.096"> <TOKEN sid="p1_s35" id="p1_w22" font-name="Verdanae" bold="yes" italic="yes">AAA</TOKEN> <TOKEN sid="p1_s36" id="p1_w23" font-name="verdanae" bold="yes" italic="no">BBB</TOKEN> <TOKEN sid="p1_s37" id="p1_w24" font-name="verdanae" bold="yes" italic="no">CCC</TOKEN> </TEXT> </BLOCK> <BLOCK id="p1_b4"> <TEXT width="82.72" height="26" id="p1_t7" x="55.426" y="138.026"> <TOKEN sid="p1_s42" id="p1_w29" font-name="verdanae" bold="yes" italic="no">DDD</TOKEN> <TOKEN sid="p1_s43" id="p1_w30" font-name="verdanae" bold="yes" italic="no">EEE</TOKEN> </TEXT> <TEXT width="101.74" height="26" id="p1_t8" x="55.406" y="162.026"> <TOKEN sid="p1_s45" id="p1_w31" font-name="verdanae" bold="yes" italic="no">FFF</TOKEN> </TEXT> <TEXT width="152.96" height="26" id="p1_t9" x="55.406" y="186.026"> <TOKEN sid="p1_s47" id="p1_w32" font-name="verdanae" bold="yes" italic="no">GGG</TOKEN> <TOKEN sid="p1_s48" id="p1_w33" font-name="verdanae" bold="yes" italic="no">HHH</TOKEN> </TEXT> </BLOCK> </PAGE> </DOCUMENT> in .net it is done with 3 foreach loops 1. for "DOCUMENT/PAGE/BLOCK" 2."TEXT" 3. "TOKEN" and then it is entered into the DB i dont get how to do it in python and i am trying it with lxml module

  Read the article

• Converting AES encryption token code in C# to php

  - by joey

  Hello, I have the following .Net code which takes two inputs. 1) A 128 bit base 64 encoded key and 2) the userid. It outputs the AES encrypted token. I need the php equivalent of the same code, but dont know which corresponding php classes are to be used for RNGCryptoServiceProvider,RijndaelManaged,ICryptoTransform,MemoryStream and CryptoStream. Im stuck so any help regarding this would be really appreciated. using System; using System.Text; using System.IO; using System.Security.Cryptography; class AESToken { [STAThread] static int Main(string[] args) { if (args.Length != 2) { Console.WriteLine("Usage: AESToken key userId\n"); Console.WriteLine("key Specifies 128-bit AES key base64 encoded supplied by MediaNet to the partner"); Console.WriteLine("userId specifies the unique id"); return -1; } string key = args[0]; string userId = args[1]; StringBuilder sb = new StringBuilder(); // This example code uses the magic string “CAMB2B”. The implementer // must use the appropriate magic string for the web services API. sb.Append("CAMB2B"); sb.Append(args[1]); // userId sb.Append('|'); // pipe char sb.Append(System.DateTime.UtcNow.ToString("yyyy-MM-dd HH:mm:ssUTC")); //timestamp Byte[] payload = Encoding.ASCII.GetBytes(sb.ToString()); byte[] salt = new Byte[16]; // 16 bytes of random salt RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider(); rng.GetBytes(salt); // the plaintext is 16 bytes of salt followed by the payload. byte[] plaintext = new byte[salt.Length + payload.Length]; salt.CopyTo(plaintext, 0); payload.CopyTo(plaintext, salt.Length); // the AES cryptor: 128-bit key, 128-bit block size, CBC mode RijndaelManaged cryptor = new RijndaelManaged(); cryptor.KeySize = 128; cryptor.BlockSize = 128; cryptor.Mode = CipherMode.CBC; cryptor.GenerateIV(); cryptor.Key = Convert.FromBase64String(args[0]); // the key byte[] iv = cryptor.IV; // the IV. // do the encryption ICryptoTransform encryptor = cryptor.CreateEncryptor(cryptor.Key, iv); MemoryStream ms = new MemoryStream(); CryptoStream cs = new CryptoStream(ms, encryptor, CryptoStreamMode.Write); cs.Write(plaintext, 0, plaintext.Length); cs.FlushFinalBlock(); byte[] ciphertext = ms.ToArray(); ms.Close(); cs.Close(); // build the token byte[] tokenBytes = new byte[iv.Length + ciphertext.Length]; iv.CopyTo(tokenBytes, 0); ciphertext.CopyTo(tokenBytes, iv.Length); string token = Convert.ToBase64String(tokenBytes); Console.WriteLine(token); return 0; } } Please help. Thank You.

  Read the article

• CUPS basic auth error through web interface

  - by Inaimathi

  I'm trying to configure CUPS to allow remote administration through the web interface. There's enough documentation out there that I can figure out what to change in my cupsd.conf (changing Listen localhost:631 to Port 631, and adding Allow @LOCAL to the /, /admin and /admin/conf sections). I'm now at the point where I can see the CUPS interface from another machine on the same network. The trouble is, when I try to Add Printer, I'm asked for a username and password, but my response is rejected even when I know I've gotten it right (I assume it's asking for the username and password of someone in the lpadmin group on the server machine; I've sshed in with credentials its rejecting, and the user I'm using has been added to the lpadmin group). If I disable auth outright, by changing DefaultAuthType Basic to DefaultAuthType None, I get an "Unauthorized" error instead of a password request when I try to Add Printer. What am I doing wrong? Is there a way of letting users from the local network to administer the print server through the CUPS web interface? EDIT: By request, my complete cupsd.conf (spoiler: minimally edited default config file that comes with the edition of CUPS from the Debian wheezy repos): LogLevel warn MaxLogSize 0 SystemGroup lpadmin Port 631 # Listen localhost:631 Listen /var/run/cups/cups.sock Browsing On BrowseOrder allow,deny BrowseAllow all BrowseLocalProtocols CUPS dnssd # DefaultAuthType Basic DefaultAuthType None WebInterface Yes <Location /> Order allow,deny Allow @LOCAL </Location> <Location /admin> Order allow,deny Allow @LOCAL </Location> <Location /admin/conf> AuthType Default Require user @SYSTEM Order allow,deny Allow @LOCAL </Location> # Set the default printer/job policies... <Policy default> # Job/subscription privacy... JobPrivateAccess default JobPrivateValues default SubscriptionPrivateAccess default SubscriptionPrivateValues default # Job-related operations must be done by the owner or an administrator... <Limit Create-Job Print-Job Print-URI Validate-Job> Order deny,allow </Limit> <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document> Require user @OWNER @SYSTEM Order deny,allow </Limit> # All administration operations require an administrator to authenticate... <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default CUPS-Get-Devices> AuthType Default Require user @SYSTEM Order deny,allow </Limit> # All printer operations require a printer operator to authenticate... <Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs> AuthType Default Require user @SYSTEM Order deny,allow </Limit> # Only the owner or an administrator can cancel or authenticate a job... <Limit Cancel-Job CUPS-Authenticate-Job> Require user @OWNER @SYSTEM Order deny,allow </Limit> <Limit All> Order deny,allow </Limit> </Policy> # Set the authenticated printer/job policies... <Policy authenticated> # Job/subscription privacy... JobPrivateAccess default JobPrivateValues default SubscriptionPrivateAccess default SubscriptionPrivateValues default # Job-related operations must be done by the owner or an administrator... <Limit Create-Job Print-Job Print-URI Validate-Job> AuthType Default Order deny,allow </Limit> <Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document> AuthType Default Require user @OWNER @SYSTEM Order deny,allow </Limit> # All administration operations require an administrator to authenticate... <Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default> AuthType Default Require user @SYSTEM Order deny,allow </Limit> # All printer operations require a printer operator to authenticate... <Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs> AuthType Default Require user @SYSTEM Order deny,allow </Limit> # Only the owner or an administrator can cancel or authenticate a job... <Limit Cancel-Job CUPS-Authenticate-Job> AuthType Default Require user @OWNER @SYSTEM Order deny,allow </Limit> <Limit All> Order deny,allow </Limit> </Policy>

  Read the article

• Performance of tokenizing CSS in PHP

  - by Boldewyn

  This is a noob question from someone who hasn't written a parser/lexer ever before. I'm writing a tokenizer/parser for CSS in PHP (please don't repeat with 'OMG, why in PHP?'). The syntax is written down by the W3C neatly here (CSS2.1) and here (CSS3, draft). It's a list of 21 possible tokens, that all (but two) cannot be represented as static strings. My current approach is to loop through an array containing the 21 patterns over and over again, do an if (preg_match()) and reduce the source string match by match. In principle this works really good. However, for a 1000 lines CSS string this takes something between 2 and 8 seconds, which is too much for my project. Now I'm banging my head how other parsers tokenize and parse CSS in fractions of seconds. OK, C is always faster than PHP, but nonetheless, are there any obvious D'Oh! s that I fell into? I made some optimizations, like checking for '@', '#' or '"' as the first char of the remaining string and applying only the relevant regexp then, but this hadn't brought any great performance boosts. My code (snippet) so far: $TOKENS = array( 'IDENT' => '...regexp...', 'ATKEYWORD' => '@...regexp...', 'String' => '"...regexp..."|\'...regexp...\'', //... ); $string = '...CSS source string...'; $stream = array(); // we reduce $string token by token while ($string != '') { $string = ltrim($string, " \t\r\n\f"); // unconsumed whitespace at the // start is insignificant but doing a trim reduces exec time by 25% $matches = array(); // loop through all possible tokens foreach ($TOKENS as $t => $p) { // The '&' is used as delimiter, because it isn't used anywhere in // the token regexps if (preg_match('&^'.$p.'&Su', $string, $matches)) { $stream[] = array($t, $matches[0]); $string = substr($string, strlen($matches[0])); // Yay! We found one that matches! continue 2; } } // if we come here, we have a syntax error and handle it somehow } // result: an array $stream consisting of arrays with // 0 => type of token // 1 => token content

  Read the article

• Invalid or expired security context token in WCF web service

  - by Damian

  All, I have a WCF web service (let's called service "B") hosted under IIS using a service account (VM, Windows 2003 SP2). The service exposes an endpoint that use WSHttpBinding with the default values except for maxReceivedMessageSize, maxBufferPoolSize, maxBufferSize and some of the time outs that have been increased. The web service has been load tested using Visual Studio Load Test framework with around 800 concurrent users and successfully passed all tests with no exceptions being thrown. The proxy in the unit test has been created from configuration. There is a sharepoint application that use the Office Sharepoint Server Search service to call web services "A" and "B". The application will get data from service "A" to create a request that will be sent to service "B". The response coming from service "B" is indexed for search. The proxy is created programmatically using the ChannelFactory. When service "A" takes less than 10 minutes, the calls to service "B" are successfull. But when service "A" takes more time (~20 minutes) the calls to service "B" throw the following exception: Exception Message: An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail Inner Exception Message: The message could not be processed. This is most likely because the action 'namespace/OperationName' is incorrect or because the message contains an invalid or expired security context token or because there is a mismatch between bindings. The security context token would be invalid if the service aborted the channel due to inactivity. To prevent the service from aborting idle sessions prematurely increase the Receive timeout on the service endpoint's binding. The binding settings are the same, the time in both client server and web service server are synchronize with the Windows Time service, same time zone. When i look at the server where web service "B" is hosted i can see the following security errors being logged: Source: Security Category: Logon/Logoff Event ID: 537 User NT AUTHORITY\SYSTEM Logon Failure: Reason: An error occurred during logon Logon Type: 3 Logon Process: Kerberos Authentication Package: Kerberos Status code: 0xC000006D Substatus code: 0xC0000133 After reading some of the blogs online, the Status code means STATUS_LOGON_FAILURE and the substatus code means STATUS_TIME_DIFFERENCE_AT_DC. but i already checked both server and client clocks and they are syncronized. I also noticed that the security token seems to be cached somewhere in the client server because they have another process that calls the web service "B" using the same service account and successfully gets data the first time is called. Then they start the proccess to update the office sharepoint server search service indexes and it fails. Then if they called the first proccess again it will fail too. Has anyone experienced this type of problems or have any ideas? Regards, --Damian

  Read the article

• WstxParsingException: "Expected a text token, got START_ELEMENT"

  - by lasombra

  I have a stub generated by WSDL2Java. I send a request and the answer that comes back (used tcptrace) looks fine. However, an AxisFault is thrown: org.apache.axis2.AxisFault: com.ctc.wstx.exc.WstxParsingException: Expected a text token, got START_ELEMENT. at [row,col {unknown-source}]: [4,1313] at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430) at org.tempuri.MyStub.fromOM(MyStub.java:1726) at org.tempuri.MyStub.acceptResults(MyStub.java:612) The corresponding code in MyStub.java looks like: 607: org.apache.axis2.context.MessageContext _returnMessageContext = _operationClient 608: .getMessageContext(org.apache.axis2.wsdl.WSDLConstants.MESSAGE_LABEL_IN_VALUE); 609: org.apache.axiom.soap.SOAPEnvelope _returnEnv = _returnMessageContext 610: .getEnvelope(); 611: 612: java.lang.Object object = fromOM(_returnEnv.getBody() 613: .getFirstElement(), 614: org.tempuri.AcceptQcResultsResponse.class, 615: getEnvelopeNamespaces(_returnEnv)); How do I find out which token is meant by the error? I have [row,col {unknown-source}]: [4,1313] but I don't know how to use that information.

  Read the article

• Unable to get the Current User's Token information

  - by Ram

  Hi, I have been trying to get the currently logged-in user's token information using the following code : [DllImport("wtsapi32.dll", CharSet = CharSet.Auto, SetLastError = true)] static extern bool WTSQueryUserToken(int sessionId, out IntPtr tokenHandle); [DllImport("kernel32.dll", CharSet = CharSet.Auto, SetLastError = true)] static extern uint WTSGetActiveConsoleSessionId(); static void Main(string[] args) { try { int sessionID = (int)WTSGetActiveConsoleSessionId(); if (sessionID != -1) { System.IntPtr currentToken = IntPtr.Zero; bool bRet = WTSQueryUserToken(sessionID, out currentToken); Console.WriteLine("bRet : " + bRet.ToString()); } } catch (Exception) { } } The problem is that, bRet is always false and currentToken is always 0. I am getting the sessionid as 1. Could someone tell me what's going wrong here? I want to use this token information to pass it to the CreateProcessAsUser function from a windows service. Thanks, Ram

  Read the article

• WindowsIdentity Token in Legacy ASP

  - by Max Schmeling

  I've created a .Net library at work that is used by all of our developers. The security part of it uses Microsoft AzMan for the security backend. In order to create a security (AzMan) ClientContext I have to pass it a token value (as a uint). This is all fine an dandy until I needed to make a COM wrapper for our common library so some of our legacy pages could take advantage of it without being rewritten for now. I cannot figure out how to get the token value to pass to AzMan from legacy ASP. The COM wrapper is setup to run as a COM Server and runs as a specific user that we use here for all COM objects, therefor the common library can't just pull the identity using .Net. Any ideas?

  Read the article

• IE and Content-disposition inline vs. extension-token

  - by pinkgothic

  Preamble So IE does Mime-Type sniffing. That part's old news. Suggestions of how to combat it tend to be along the lines of 'supply a content-type IE trusts' (i.e. anything that isn't text/plain or application/octet-stream) or 'add extraneous data at the start of the file that is definitely of the type you're serving'. Now, I'm working on an application that has to allow message attachments (like in e-mails), and we want to close up XSS vectors. IE's mime sniffing is one of those vectors - a text/plain file with html content will trigger as html. Recoding isn't an option at this point, changing the attachments the user has provided can only happen if there is absolutely no doubt about the maliciousness of the file - and someone might want to send HTML as text. Now, Microsoft's MSDN article implies the situation might be easier to fix than advertised: If Internet Explorer knows the Content-Type specified and there is no Content-Disposition data, Internet Explorer performs a "MIME sniff," [...] Great! Except I don't have IE nor current means to reliably install it (I realise this is a fairly sad state for a webdeveloper to be in, I hope to fix this soon) and this is grey theory that I can't quite seem to get confirmed one way or the other. Local sources say that line is hogwash - IE will mime sniff anything that is Content-Disposition: inline / <default> and not specific enough for its tastes in -Type. But what about x-* ('extension-token' in the RFC)? Trying to google for how browsers handle Content-Disposition: <extension-token> hasn't yielded anything (though I may just be doing it wrong, my understanding of Google is seriously slipping lately). I found one question that looked promising, but turned out to be a misunderstanding on side of the thread author, meaning that the train of thought was never actually addressed there. Question(s) Does IE really Mime sniff if you expressly pass Content-Disposition: inline? If so: Does anyone here know how browsers handle Content-Disposition: <extension-token>? If they do this in a way that is for my purposes benign, by presuming it to be synonymous with the default (effectively 'inline', though I hear it's not defined anywhere?), is it specific enough for IE not to Mime sniff? Or am I actually shooting myself in the foot by thinking of pursuing this avenue?

  Read the article

< Previous Page | 5 6 7 8 9 10 11 12 13 14 15 16  | Next Page >