Can't create SSO service in Bluemix Console - single-sign-on

I am not able to create an SSO service. Earlier I was seeing errors similar to those mentioned in this post. Now it seems to be creating the service, but where I usually see the selections to use SAML, Facebook, etc, I just see a blank, white space.
I don't see anything in the status page indicating that there is a known problem.

I am aware of a temporary problem for SSO service yesterday morning (UTC) also reported in the status page. Today the service seems to be up and running and no issues have been reported yet. From the time you asked the question in this forum, I think you might have seen some tailing problems while the service was coming back alive.
If you still should see this behavior today I suggest you to inform Bluemix Support as described in the post you linked in your question.

Related

Unable to open Google Cloud DNS page

I am unable to access Google Cloud DNS page.
All it shows is:
"DNS API is being enabled. This may take a minute or more."
Then it reloads and repeats showing the same message.
The API is already enabled, and the records I created works. No problem with DNS.
I need to modify records, but I can't because of this problem.
I tried opening the page in different computers and different browsers without addons, same result.
If there is a better place to ask, please do tell.
Thank you.
You should be able to access the page regardless of what computer / browser you're using.
If you cannot it's either a temporary outage which you can check here or a bug.
The only thing to do here is to contact paid support for more immediate help and if the time is something you can afford report this at Google's IssueTracker and get help for free - however it may take a few days. It is possible that only you are affected. Please describe the issue in as much detail as possible - this will expidete the process.

paypal-apps.com is not working?

Maybe someone knows what the cause of the error? I am trying to come and continue the activation of your NVP / SOAP API Apps, but the server responds with an error. Someone knows what's going on?enter image description here
UPDATE: It looks like over the weekend the app services went back online, so all should be fixed now. Let me know if you encounter any issues with it, and definitely very sorry for any issues this downtime caused you.
At the moment there are some issues at paypal-apps.com, which is affecting the site and ability to create new applications. The teams are working on the servers that are affected and will hopefully have more information soon. I'll update as soon as I have more details though.

Publicly available static files on Google Storage not loading if user's browser in incognito mode

We keep static files (images, javascript, and css) for our websites stored in a Google Storage bucket with different folders for different types of resources. Each file is accessed via its name coupled with a custom subdomain mapped via a CNAME record to the appropriate Google Storage bucket.
This approached has worked fine. Today, however, when attempting to access our main website in Chrome's incognito (private browsing) mode, all pages on the site wouldn't load. After some detective work, we've determined that the problem is with the files stored at Google Storage, which are not loading.
Unfortunately, this doesn't seem to be a problem specific to Google Chrome. It occurs in the private browsing modes in Firefox and Internet Explorer as well (at least on the Windows 8.1 Professional platform we're using for testing).
The problem appears to occur only if we use the CNAME-based approach for accessing a file. For example, if this method is used in a private browser window to access one of our image files on Google Storage,
Image of a crowd on Google Storage - direct access to Google Storage
the file can be viewed without a problem. If, on the other hand, the file is viewed in a private browsing window using the CNAME approach, like this
Image of a crowd on Google Storage - access via CNAME
the image will not load.
What's worse, for reasons we don't completely understand, once this problem occurs in a private browsing window, it will continue to interfere with the proper viewing of the website in regular (non-private browsing) browser windows in the case of some browsers.
Has anyone encountered this problem and, if so, found a solution for it?
Thanks in advance for any tips or suggestions.
UPDATE (2015-05-26)
This problem is still under investigation. It may be ISP-specific, although our ISP (Verizon) believes it is a problem on Google's end. An attempt to resolve the problem yesterday by tweaking some DNS settings seemed to solve the problem, but that was only temporary. We began to experience the problem again today. I will update this posting further as more information becomes available.
ADDITIONAL UPDATE (2016-08-25)
(Note: I originally wrote this update on 2015-05-26, but failed to post it, and discovered it today. I'm adding it to complete the description of the issue.)
This issue has been resolved. I cannot say for certain what the source of the problem was, but I can give further information on what exactly the nature of the problem was and what may have solved it.
As I mentioned in the comments below, this appears to have been an issue that was relatively isolated. Further investigation revealed that the problem was occurring only with access to the particular subdomain through Verizon Internet service (land-based or mobile) in the U.S. I do not know if the problem was a regional problem within the Verizon system, or throughout the entire Verizon system. But I do know it affected both landline and mobile access using Verizon.
The problem also evolved. What started as a problem accessing files at the subdomain in a browser's incognito mode became a problem regardless of what browsing mode was used. That said, it was only a problem if the attempt to load files from the subdomain was used with a browser. The files could be retrieved with no problem with, for example, wget. Also, pinging the subdomain also worked fine over the Verizon network.
As the problem became more acute, I decided to do a thorough check of the DNS settings related to the subdomain. Here is where I discovered what may have been causing the problem. There was a slight discrepancy between the DNS settings at the domain registrar and the (separate) DNS service that we use.
The discrepancy didn't lead to conflicting reports as to how the subdomain should be resolved (which is probably why this problem hadn't occurred in the past). But, if I recall correctly, it led to the DNS service providing the CNAME record for the subdomain, without the registrar's DNS information fully confirming that the DNS service had the right to provide that information.
This discrepancy was corrected. Within an hour or two, the problem resolved itself -- anyone viewing the file using the two links above should be successful with both links.
I cannot say for certain, however, whether the change to the DNS settings we made to resolve the discrepancy, or some updating at Verizon, was responsible for the problem being resolved. I will say, however, that I never reported the issue to Verizon. (I didn't get that far.)
Although the DNS discrepancy had existed for more than a year or two, and had not created any problems that we were aware of, I personally think it is what caused the problem.

mqsvc.exe pegs cpu at full usage when deploying nservicebus to production

When I deployed my site that uses nservice to a new production box, it was unusably slow...
After some debugging I discovered that mqsvc.exe was taking up 50% of the CPU usage and the other 50% was being taken up by w3wp.exe
I found this post here:
http://geekswithblogs.net/michaelstephenson/archive/2010/05/07/139717.aspx
which recommended the following:
Make sure you set the windows service for NserviceBus Generic Host to the right credentials
Make sure you have the queue set with the right permissions
Make sure you turn on the right logging configuration in NServiceBus
So I figured the issue was something related to permissions, but even after trying to set the permissions correctly (I thought) I still wasn't able to resolve the issue.
If you allow NServiceBus to create its own queues, then it will create them with the correct permissions it needs.
The problem comes in when you set up a web application, and then the queues are created, and then the identity the application runs under changes. Then you get exactly this problem. NServiceBus tries to check the queue for a message, it does not have access to do so, so it immediately retries over and over, and you spike the processor.
The fix: Delete the queue. Restart the web application. NServiceBus takes over.
Edit: As noted in the comments, NServiceBus 3.x doesn't invoke the installers by default, which means queues are not automatically created in production unless you ask it to. See the documentation page on Installers for more detail.
For a web application (or any other situation where you're not using NServiceBus.Host) you can invoke the installers as part of the fluent config. There is a full example in the NServiceBus download, but here is a link to the relevant file on GitHub.
The issue did end up being that the website needed to be granted explicit permissions to the queues.
I found a number of resources online telling me this, but I still had to spend a good amount of time monkeying around with exactly WHICH account needed access... turned out that since my application pools were set to run as ApplicationPoolIdentity, I need to grant the account permissions by adding the following account to the nservicebus queue:
IIS AppPool\{APP POOL NAME}
I granted full access rights, though I'm sure you could refine that a bit if you needed to.
Hopefully, this will help anyone who runs into the same issues.
(This is my first attempt at the "Answer your own question" mechanism so please let me know if I am doing something wrong..)

Filemaker Web Publishing & Data Integrity

I was recently asked to try to solve a data integrity problem with a Filemaker database app that has been published to the Web.
This app collects job applicant data, through a series of views. There have been reports from a handful of users that during their experience using the app, they would see another applicant's data, while traversing through the application. It seems like these users all exceeded the session timeout threshold and then were revealed somebody else's data in the form.
I am looking at the JSESSIONID cookie that is being generated since that is the only link that I see between a browser session and the app. The JSESSIONID cookie is set to expire in the past and is of type "session"
The JSESSIONID values also seem incredibly similar; here are two JSESSIONIDS that I received when testing the app:
02442D0AA37DEF0512674E8C
02442D09A38288D712674E8E
Has anyone experienced a similar issue with Filemaker apps published to the web?
Is there anyplace else that I need to look besides at the way the JSESSIONID and Filemaker 11 relate? In other words, are there other known security vulnerabilities with the Filemaker Web Publishing engine that anyone is aware of?
With appreciation,
Slinky66
the JSESSIONID is set by Apache Tomcat. This software is bundled with FileMaker's Web Publishing Engine, but the session ID generation is not connected in any way with FileMaker.
I received notice from a Filemaker technical support member that there is a known, documented bug in Filemaker that is the cause of this issue. See these threads for more detailed information:
http://forums.filemaker.com/posts/0d29aeaea1
http://forums.filemaker.com/posts/ad61a7e781