I am having a problem with mulesoft SFTP outbound. I am keep on getting Auth fail from Mulesoft to connect to SFTP server. My password has special characters. I tried to change them to URL encode, but couldn't get through. My password is like $$xyz123. I am also trying to use the private key file with the passphrase, which also has the special characters. Can anyone please help to resolve this.
Here is my sftp outbound endpoint:
<sftp:outbound-endpoint exchange-pattern="one-way" host="111.11.111.111" port="22" path="/cygdrive/d/SFTPROOT/dev/" user="user" password="%24%24xyz123" responseTimeout="10000" doc:name="SFTP" outputPattern="#[sessionVars.originalFileName]"/>
Many thanks
Related
We have set our Kafka Connect to be able to read credentials from a file, instead of giving them directly in connector config. This is how a login part of connector config looks like:
"connection.user": "${file:/kafka/pass.properties:username}",
"connection.password":
"${file:/kafka/pass.properties:password}",
We also added these 2 lines to "connect-distributed.properties" file:
config.providers=file
config.providers.file.class=org.apache.kafka.common.config.provider.FileConfigProvider
Mind that it works perfectly for JDBC connectors, so there is no problem with the pass.properties file. But for other connectors, such as couchbase, rabbitmq, s3 etc. it causes problems. All these connectors work fine when we give credentials directly but when we try to make Connect to read them from a file it gives some errors. What could be the reason? I don't see any JDBC specific configuration here.
EDIT:
An error about couchbase in connect.log:
[2021-12-02 11:50:19,580] ERROR [com.couchbase.io][SaslAuthenticationFailedEvent][20ms] Authentication Failure - Potential causes: invalid credentials or if LDAP is enabled ensure PLAIN SASL mechanism is exclusively used on the PasswordAuthenticator (insecure) or TLS is used (recommended) {"circuitBreaker":"DISABLED","coreId":"0xbf785c7500000001","remote":"10.30.142.109:11210","status":"UNKNOWN","type":"KV","xerror":{"ref":"ae3ce600-7097-4077-9231-8ced290cd399"}} (com.couchbase.io:533)
[2021-12-02 11:50:19,580] WARN [com.couchbase.endpoint][EndpointConnectionFailedEvent][23ms] Connect attempt 9 failed because of AuthenticationFailureException: Authentication Failure - Potential causes: invalid credentials or if LDAP is enabled ensure PLAIN SASL mechanism is exclusively used on the PasswordAuthenticator (insecure) or TLS is used (recommended) {"circuitBreaker":"DISABLED","coreId":"0xbf785c7500000001","remote":"10.30.142.109:11210","type":"KV"} (com.couchbase.endpoint:523)
com.couchbase.client.core.error.AuthenticationFailureException: Authentication Failure - Potential causes: invalid credentials or if LDAP is enabled ensure PLAIN SASL mechanism is exclusively used on the PasswordAuthenticator (insecure) or TLS is used (recommended) {"circuitBreaker":"DISABLED","coreId":"0xbf785c7500000001","remote":"10.30.142.109:11210","status":"UNKNOWN","type":"KV","xerror":{"ref":"ae3ce600-7097-4077-9231-8ced290cd399"}}
at com.couchbase.client.core.io.netty.kv.SaslAuthenticationHandler.failConnect(SaslAuthenticationHandler.java:488)
at com.couchbase.client.core.io.netty.kv.SaslAuthenticationHandler.maybeFailConnect(SaslAuthenticationHandler.java:293)
at com.couchbase.client.core.io.netty.kv.SaslAuthenticationHandler.channelRead(SaslAuthenticationHandler.java:250)
at com.couchbase.client.core.io.netty.kv.MemcacheProtocolVerificationHandler.channelRead(MemcacheProtocolVerificationHandler.java:84)
at java.lang.Thread.run(Thread.java:748)
It says something about authentication but works fine when credentials are given directly. If the masking is not working correctly, how does it work for JDBC connectors?
Looks like the problem was quote marks in pass.properties file. The interesting thing is, even if credentials are typed with or without quote marks, JDBC connectors work well. Maybe the reason is it is the first line in the file but just a small possibility.
So, do NOT use quote marks in your password files, even if some of the connectors work this way.
I signed into manager.paypal.com with the same credentials, but can't seem to successfully connect with curl. (https://developer.paypal.com/docs/classic/payflow/gs_payflow/).
curl -s https://pilot-payflowpro.paypal.com -d 'ACCT=5105105105105100&
AMT=1.00&EXPDATE=1216&TENDER=C&TRXTYPE=S&
PARTNER=PayPal&
PWD=***********&
USER=********&
VENDOR=*********'
However I get back an error.
RESULT=1&RESPMSG=User authentication failed
The only issue I can think of is that the password includes encoded characters (an exclamation point) but I'm using Ruby to parameterize the curl shell command so it should be encoded properly.
Yeah , sometimes its related to the special character in the password . You can try to change your password to the new one with only characters and numbers and retry again .
And one more thing you can check in your manager account under "Account Administration" that you have not specified any IP address for "Allowed IP Addresses (For API Transaction Processing)" . If you have specified any IP address there make sure your server IP initiating the API call is listed there .
How to I change the monitoring-agent.config to go out via proxy with authentication?
The change log states...
Monitoring Agent 2.3.1.89-1
Released 2014-07-08
Added support for HTTP proxy configuration in the agent configuration file.
But I can't see how to do this.
Following wdberkeley's link I can add this value to the monitoring-agent.config file.
httpProxy=http://"pxproxy01":3128
But this gives..
Failure getting conf. Op: Get Err: Proxy Authentication Required
Is there anyway to set the authentication user/password ?
Edit file:
C:\MMSData\Monitoring\monitoring-agent.config
Add line...
httpProxy=http://<insert_server_address>:<insert_port>
e.g.
httpProxy=http://PROXY01.server.com:3128
Then get the proxy control team, who ever they be, to exclude the following from requiring authentication.
https://mms.mongodb.com 80
https://mms.mongodb.com 443
This has worked for me. I now have the MMS Agent on Windows sending stat's to the MMS service.
Thanks to #wdberkeley for starting me off on this route.
wdberkeley, the page you linked to does not exist & the classic page PDF & HTTP versions state 'HTTP_PROXY' not 'httpproxy' (on OSx section & tar.gz section), section '6.6 Monitoring Agent Configuration' does state the correct property name 'httpproxy'.
I'm trying to send an email using Ansible, but I can't understand how it works as I don't know how to provide user and password for such service (not specified in the documentation).
Both my machine and the email server are in the same network, but I need to be authenticated in order to send the email.
This is my yml file:
---
- name: Testing email
hosts: localhost
tasks:
- name: Send email
local_action: mail
host=mail.server.com
port=993
subject="Ansible test mail"
body="Testing email"
from=my#email
to="y#email
charset=utf8
And this is the related content of the hosts' file:
[localhost]
localhost ansible_connection=local
Any idea about how should I configure it? Thanks in advance.
Looking at the source code for the mail module ( https://github.com/ansible/ansible/blob/d1effecb2ef073e478c67a7ca39cf56708a66a48/library/notification/mail ) it doesn't look like it supports SMTP authentication.
It shouldn't be too hard to add support for it however. It would require adding the username and password parameters to the module, detecting if they've both been supplied, and if so, calling smtp.login() with those parameters.
In fact, it looks like there's two pull requests to do exactly that at the moment here
https://github.com/ansible/ansible/pull/7213
and here
https://github.com/ansible/ansible/pull/6667
So support will most likely be added in dev soon.
I'm setting up a solution to deploy, driven by a batch file so it's reproducible
- I've got a binding file that works but I've now added on my MSMQ adapters
- works on my local machine, but I've found I have to add a userid and password to get it to work on the actual server
- it's in the domain, my virtual dev machine is just workgroup
Is there someway to add the userid and password to the file ?
- seems unlikely as that'd have the password in clear text, but what's the solution
- I sort of think something w.r.t. SSO, but that is an area I've not been near
You can put the userid and password into any BizTalk binding that supports authentication, including MSMQ. For security, the password is not exported, you just get a mask.
The userName and password sections of the binding file are not exported unless they have been configured, so the simplest thing to do is configure a MSMQ send port with userName and password manually and export the bindings - this forces the elements containing userName and the masked password to be generated into the binding file.
What you are looking for in your binding file is the <TransportTypeData> element of your MSMQ send port. This contains all of your adapter config information as encoded data.
Within that element there is a userName and password section. The password will be masked out with asterisks. Put the password for the environment there and import the binding.
The part of the encoded data with username and password will look something like below:
<userName>YourUserName</userName&
amp;gt;<password>******</password>
For security reasons, when you export
bindings, BizTalk Server removes the
passwords for the bindings from the
file. After importing the bindings,
you must reconfigure passwords for
send ports and receive locations
before they will function. You
configure passwords in the Transport
Properties dialog box of the BizTalk
Server Administration console for the
send port or receive location. For
instructions, see How to Create a Send
Port. See also How to Create a Receive
Location.
From http://msdn.microsoft.com/en-us/library/aa558708.aspx
If you however open the biding file and scroll down to the line with the properties for the MSMQ Adapter you'll find the empty nodes. All you then have to do is to fill these out and the right values and they will be used the next time you import the binding file.
Of course you'll have to remember to redo this every time you export a new binding ...