I'm working on jee app. At home I'm using proxy to access company DB and LDAP servers. At work my config works fine but when i want to develop at home wildfly don't have access to proxied resources.
I can connect to DB using pgAdmin at home(the same situation is with LDAP), so i this is clearly widfly limitation.
Do you know what could be a problem? I have no idea why using DB client i have access but widfly got exception(i'm using the same url).
Unexpected HTTP response: 500
Request {
"address" => [
("subsystem" => "datasources"),
("data-source" => "mmDS")
],
"operation" => "test-connection-in-pool" }
Response
Internal Server Error {
"outcome" => "failed",
"failure-description" => "JBAS010440: failed to invoke operation: JBAS010447: Connection is not valid",
"rolled-back" => true }
Related
PHP 7.3
pdo_sqlserver_73_nts (installed)
sqlserver_73_nts (installed)
I'm trying to connect a new install of TYPO3 (v9.5.7) to an instance of SQL Server 2016 running on the same box.
I'm able to establish a connection to the database, using the example from php.net: https://www.php.net/manual/en/function.sqlsrv-connect.php so I'm confident the server is accessible.
A similar question has been asked for v8 here Install TYPO3 8.7.7 with SQL Server on IIS and it's recommend that you ammend the DB settings in LocalConfiguration when the installer is at stage 2 and essentially "trick" the installer to connect to SQL Server.
I've done that and for some reason it won't connect,
'DB' => [
'Connections' => [
'Default' => [
'charset' => 'utf-8',
'dbname' => 'typo3_db',
'driver' => 'sqlsrv',
'host' => 'localhost',
'password' => 'password',
'port' => 1433,
'user' => 'username',
],
],
],
Is there anything wrong with this connection string? I can't seem to find any other working example.
Thanks as always,
i had the same problem.
Try to set the full name of your mssql server:
'host' => 'COMPUTERNAME/DBNAME',
For the last few days I’ve struggled getting AM6(Forgerock Access Management) to work with the same config as AM5. I’m trying to validate a session, after an user performed the OpenID Connect Authorization Code Flow.
My setup:
I’ve deployed an AM instance
Configured OpenID Connect from the Common tasks.
Added an OAuth2 client, from Applications -> OAuth 2.0. Setup all configs: redirect uris, scopes lifetimes etc and set “Token Endpoint Authentication Method” to client_secret_post
(OPTIONAL) Added implied consent to OAuth 2.0 Client, and then set Services -> Oauth2 Provider -> Consent -> Allow clients to skip consent = true
My token usage:
After redirecting the user to the login screen(and receiving the code), I make a POST to the token endpoint (/oauth2/access_token) with form_params
(
[client_id] => my_client
[client_secret] => my_client_pass
[code] => a5867a21-4d5a-4285-ba07-dcbe46d53bc6
[redirect_uri] => http://localhost:3000/auth/callback
[grant_type] => authorization_code
)
The redirect_uri endpoint receives access_token and id_token
(
[access_token] => e78569fb-e162-4e4f-ab5e-79ebeaf2ba94
[scope] => openid offline_access profile email
[id_token] => eyJ0eXAiOiJKV1QiLCJraWQiOiJiL.......
[token_type] => Bearer
[expires_in] => 35999
)
(HERE’S THE PROBLEM) I then check to see if the user’s session, with the given id_token, is still valid (he has logged out or not)
I make a POST to the sessions endpoint(/json/sessions) with
(
'headers' => [
'Accept-API-Version' => 'resource=1.2'
],
'query' => [
'_action' => 'validate',
'tokenId' => eyJ0eXAiOiJKV1QiLCJraWQiOiJiL082T.......
],
)
When tried against AM5 I get
{"valid":true,"uid":"my-user-here","realm":"/"}
When tried against AM6.0.0.4 I always get:
{"valid":false}
Am I missing something which prevents the generated openid id_token to be available in the sessions endpoint?
If anyone stumbles across the same issue, I've found that I missed an important setting that was added in AM6: Authorized OIDC SSO Clients.
This forces your session id to be the same as your id_token from OpenID Connect.
Another solution would be to look into using the /oauth2/connect/checkSession endpoint for validating the token
I configured my Wildfly (in domain mode) to send e-mails using Mail Session and Remote Socket Bindings.
After fill with the SMTP server, port 587, username, password and etc, I receive an error when the Wildfly try to send the e-mail:
Client was not authenticated to send anonymous mail during MAIL FROM
My credentials to authenticate in the SMTP server are correct.
I already try to flag the Enable SSL? for true in the Web Console, but I can't even connect in the server when I enable SSL.
I thinking the problem is that I need to enable TLS and not SSL. In the old Jboss I can do this using property, like this:
<property name="mail.smtp.tls" value="true"></property>
<property name="mail.smtp.starttls.enable" value="true"></property>
But I can't see this possibility in Wildfly and I'm trying to not edit any XML.
So, how can I set the TLS for true in Wildfly?
Well, I find the right command to apply in the domain controller. The big problem here is that the Web Console doesn't show the Use TLS? option...
After enter in the domain server, with the Jboss Client, you can set the TLS for true:
/profile=full-ha/subsystem=mail/mail-session=MyMailSession/server=smtp:write-attribute(name=tls, value=true)
You can see the change with this command:
/profile=full-ha/subsystem=mail/mail-session=MyMailSession/server=smtp:read-resource()
{
"outcome" => "success",
"result" => {
"outbound-socket-binding-ref" => "mail-smtp",
"password" => "PASSWORD",
"ssl" => false,
"tls" => true,
"username" => "domain.com"
}
}
OpenAM as single sign-on in Redmine is working for me, but I can't sign out from Redmine. This is the error I get:
HTTP Status 400 - Error processing LogoutRequest. Single Logout Response Service location not found.
The config file is:
Redmine::OmniAuthSAML::Base.configure do |config|
config.saml = {
:assertion_consumer_service_url => "http://xxxxx/redmine/auth/saml/callback", # The redmine application hostname
:issuer => "Redmine", # The issuer name
:idp_sso_target_url => "http://xxxxxx:8080/openam/SSORedirect/metaAlias/idp1", # SSO login endpoint
:idp_cert_fingerprint => "DE:xxxx", # SSO ssl certificate fingerprint
:name_identifier_format => "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent",
:signout_url => "http://oxxxx:8080/openam/IDPSloPOST/metaAlias/idp1",
:idp_slo_target_url => "http://xxxxxx:8080/openam/IDPSloRedirect/metaAlias/idp1",
:name_identifier_value => "mail", # Which redmine field is used as name_identifier_value for SAML logout
:attribute_mapping => {
# How will we map attributes from SSO to redmine attributes
:login => 'extra.raw_info.username',
:firstname => 'extra.raw_info.first_name',
:lastname => 'extra.raw_info.last_name',
:mail => 'extra.raw_info.email'
}
Please help me fix it.
Your ruby app protected by omniauth is not defining any Single Logout Service URL so if there is any SLO flow, the IdP doesn't know where to send the LogoutRequest / LogoutResponse.
ruby-saml defines it as 'assertion_consumer_logout_service_url' or 'single_logout_service_url', and here is how the ruby-saml toolkit process a SLO
Sadly omniauth does not support yet this feature, but there is a PR that you can apply.
I want to use perl with Module LWP to get the XML info from Restful Webservice.
Here is the Code:
my $ua = LWP::UserAgent->new;
$ua->proxy(['http','https'],'http://proxy:3128');
$ua->default_header('Accept-Charset'=>'utf-8');
$ua->default_header('Accept'=>'application/*********; version=1');
my $url= 'https://user:password#mailbox.********.net/mailboxes/?emailaddress=name#domain.net';
print Dumper($ua->get($url));
It works always good for all the email address like .eu, .org or .net, except for the email address ends with .com. (For example: name#domail.com)
The error message is:
The following error was encountered while trying to retrieve the URL:
https://user#mailbox.******.net/mailboxes/?
Access Denied.
Access control configuration prevents your request from being allowed at this time.
Please contact your service provider if you feel this is incorrect.
Your cache administrator is *****#**.**
The corresponded Response HEAD:
'_headers' => bless( {
'connection' => 'close',
'client-response-num' => 1,
'date' => 'Wed, 19 Nov 2014 15:53:45 GMT',
'x-squid-error' => 'ERR_ACCESS_DENIED 0',
'client-peer' => '****:3128',
'content-length' => '3502',
'client-date' => 'Wed, 19 Nov 2014 15:53:45 GMT',
'content-type' => 'text/html',
'mime-version' => '1.0',
'title' => 'ERROR: The requested URL could not be retrieved',
'server' => 'squid/3.1.12',
'x-cache' => 'MISS from proxy',
'x-cache-lookup' => 'NONE from proxy:3128'
}, 'HTTP::Headers' ),
I have tested with SoapUI and curl, they didn't meet this problem. That means .com works also with SoapUI and cuil. Only in perl with LWP, it gets problem.
Anyway when I added a dummy parameter like
https://**/mailboxes/?emailaddress=name#domain.com&foo=bar at the end of the link, it works.
I have no idea, if it's a bug in LWP or maybe some incompatible issue between LWP and Proxy Setting.
Access Denied.
Access control configuration prevents your request from being allowed at this time.
Please contact your service provider if you feel this is incorrect.
...
'x-squid-error' => 'ERR_ACCESS_DENIED 0',
There is an ACL in the proxy you use which denies your request.
If you have access to the proxy configuration check there, otherwise contact you cache administrator with your problem.