I'm new in XMPP, recently I have installed and configure openfire admin control by defining IP (localhost), port (5222) and new database named: openfire in MySql.
But my usernames and their passwords are in another database, is there any steps to configure in openfire so that it can check the user authentication in my own created database instead of checking it's(openfire) own created usertable ofuser.
I'am Adding TAGS here,
<?xml version="1.0" encoding="UTF-8"?>
<!--
This file stores bootstrap properties needed by Openfire.
Property names must be in the format: "prop.name.is.blah=value"
That will be stored as:
<prop>
<name>
<is>
<blah>value</blah>
</is>
</name>
</prop>
Most properties are stored in the Openfire database. A
property viewer and editor is included in the admin console.
-->
<!-- root element, all properties must be under this element -->
<jive>
<adminConsole>
<!-- Disable either port by setting the value to -1 -->
<port>9099</port>
<securePort>9091</securePort>
</adminConsole>
<locale>en</locale>
<!-- Network settings. By default, Openfire will bind to all network interfaces.
Alternatively, you can specify a specific network interfaces that the server
will listen on. For example, 127.0.0.1. This setting is generally only useful
on multi-homed servers. -->
<!--
<network>
<interface></interface>
</network>
-->
<connectionProvider>
<className>org.jivesoftware.database.DefaultConnectionProvider</className>
</connectionProvider>
<database>
<defaultProvider>
<driver>com.mysql.jdbc.Driver</driver>
<serverURL>jdbc:mysql://localhost:3306/openfire?rewriteBatchedStatements=true</serverURL>
<username encrypted="true">87d776abae54f5b4c95c78b78420a6967a9429e9e6d7a5c0</username>
<password encrypted="true">7a1603cafdfe1383ea0e284360172ca8c94b37314dbd5390</password>
<testSQL>select 1</testSQL>
<testBeforeUse>false</testBeforeUse>
<testAfterUse>false</testAfterUse>
<minConnections>5</minConnections>
<maxConnections>25</maxConnections>
<connectionTimeout>1.0</connectionTimeout>
</defaultProvider>
</database>
<jdbcProvider>
<driver>com.mysql.jdbc.Driver</driver>
<connectionString>jdbc:mysql://localhost:3306/mydb?user=root;password=root</connectionString>
</jdbcProvider>
<provider>
<auth>
<className>org.jivesoftware.openfire.auth.JDBCAuthProvider</className>
</auth>
<user>
<className>org.jivesoftware.openfire.user.JDBCUserProvider</className>
</user>
</provider>
<jdbcAuthProvider>
<passwordSQL>SELECT upwd FROM users WHERE uname=? and usertype=2 and delflag=0</passwordSQL>
<passwordType>md5</passwordType>
</jdbcAuthProvider>
<jdbcUserProvider>
<loadUserSQL>SELECT CONCAT(ufname,ulname) AS name,uemail as email FROM users WHERE uname=? AND usertype=2 AND delflag=0</loadUserSQL>
<userCountSQL>SELECT COUNT(*) FROM users WHERE usertype=2 AND delflag=0 AND inactive=0</userCountSQL>
<allUsersSQL>SELECT uname FROM users WHERE usertype=2 AND delflag=0 AND inactive=0</allUsersSQL>
<searchSQL>SELECT uname FROM users WHERE usertype=2 AND delflag=0 AND inactive=0</searchSQL>
<usernameField>uname</usernameField>
<nameField>ufname</nameField>
<emailField>uemail</emailField>
</jdbcUserProvider>
<setup>true</setup>
</jive>
Here is a official openfire documentation for exact your case:
https://www.igniterealtime.org/builds/openfire/docs/latest/documentation/db-integration-guide.html
First, editing openfire.xml wont make any expected change with your openfire. even after you restart it.
You should edit that configuration from SERVER -> System Properties . OR you can directly modify database in ofproperty values.
but be carefull.. none of my JDBC authentication seems work if use my own user table. even if i set it to PLAIN password. and their MD5 looks different than standart md5 hashing method
Related
everyone
our policyserver is 12.8
and run on redhat
and our sampl sso is ok
and we access application via relaystate ,
and we want to access more applications
and we want to access : https://fed.test.com.cn/test,https://fed.test.com.cn/prd,
we want to judge when is test ,forward to one place ,and judge when is prd ,forward to another place
and our proxyrule is here :
<?xml version="1.0"?>
<?cocoon-process type="xslt"?>
<!DOCTYPE nete:proxyrules SYSTEM "file:////app/siteminder/agent/agentfed/secure-proxy/proxy-engine/conf/dtd/proxyrules.dtd">
<!-- Proxy Rules -->
<!-- replace www.example.com with your namespace -->
<nete:proxyrules xmlns:nete="https://fed.test.com.cn/" debug="yes">
<nete:cond criteria="beginswith" type="uri">
<!-- replace /dir1 with an appropriate URI -->
<nete:case value="/test">
<!-- replace http://server1.example.com with the appropriate destination server -->
<nete:forward>https://10.164.29.65$0</nete:forward>
</nete:case>
</nete:cond>
</nete:proxyrules>
but when we passed https://fed.test.com/affwebservices/public/saml2assertionconsumer,
we found not forward to destination server.
so ,where is wrong ,we did not found errors in logs
can anyone help us ?
we are in hurry
Proxy rules don't apply to /affwebservices, that's a different "app" on SPS itself.
I try to display Fusion Middleware Consol (WebLogic 12c) in my browse according to pattern:
http://hostname.domain:port/em
The port is 7001, the name of domain is domains but I can't find hostname in config.xml file. If hostname should be the hostname of the computer it doesn't work for me. Where I find the hostname?
EDIT:
Snippet from my config.xml:
<name>domains</name>
<domain-version>12.2.1.2.0</domain-version>
(...)
<server>
<name>myAdminServerName</name>
<ssl>
<name>myAdminServerName</name>
<listen-port>7002</listen-port>
</ssl>
<machine>wls_machine_1</machine>
<listen-address>127.0.0.1</listen-address>
</server>
If I run admin console in this addres: http://127.0.0.1:7001/console it works. But if I try run Fusion Middleware Consol in this URL: http://127.0.0.1.domains:7001/em or http://127.0.0.1.domains:7002/emit doesn't work.
Greetings.
By default, weblogic listens on every available address. But if you change the listening address setting, you would find it between the <listen-address></listen-address> tags
<server>
<name>myserver</name>
<listen-port-enabled>true</listen-port-enabled>
<listen-address>localhost</listen-address>
</server>
I have an existing WCF REST service running on an Azure Windows Server 2012 using IIS8. Let say 1x.2x.3x.4x:7777/InvService.svc/RESTquery is how my users currently use the service.
I am wanting to replace the IP address with a hostname, say www.testDomain.com so the user will can then use www.testDomain.com:7777/InvService.svc/RESTquery.
After obtaining the domain name from GoDaddy, assigning IP 1x.2x.3x.4x, and testing it (my default site on the server comes up, hence why I am using port 7777). When I try www.testDomain.com:7777/InvService.svc/RESTquery I get a "Connection Timed Out" error.
I believe I am needing to add or change something inside my Web.config file but cannot seem to find the right answer. Here is what my current unsuccessful Web.config file looks like.
<services>
<service name="WCFInventoryService.InvService">
<endpoint address="RESTquery" behaviorConfiguration="restPoxBehavior"
binding="webHttpBinding" contract="WCFInventoryService.IInvService" />
<identity>
<dns value="www.testDomain.com" />
</identity>
</endpoint>
<host>
<baseAddresses>
<add baseAddress="http://www.testDomain.com/"/>
</baseAddresses>
</host>
</service>
</services>
What am I doing wrong? or should try?
I solved my problem. The problem was how the domain was set up in GoDaddy. In the GoDaddy account, the domain was set up to forward to the IP address and not to point to. Once I removed the forwarding record and changed the A record to point to the IP address in the GoDaddy account, the WCF service was accessible by using www.testDomain.com:7777/InvService.svc/RESTquery
I try to run a local tomcat7 server from my Eclipse on port 443.
But when I try to start it I get the following error:
Port 443 required by Tomcat v7.0 Server at localhost is already in
use. The server may already be running in another process, or a system
process may be using the port. To start this server you will need to
stop the other process or change the port number(s).
I looked around and saw a few answers to similar questions but can't get it to work.
I tried running Eclise as ROOT
$ sudo open /Applications/Eclipse.app
I also made sure that nothing is running on port 443
$ lsof -i :443
This returns nothing
When I go to 127.0.0.1:443 (http and https), I get the following result:
This site can’t be reached
127.0.0.1 refused to connect.
my local tomcat (defined in Eclipse) server.xml:
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
--><!-- Note: A "Server" is not itself a "Container", so you may not
define subcomponents such as "Valves" at this level.
Documentation at /docs/config/server.html
--><Server port="8005" shutdown="SHUTDOWN">
<Listener className="org.apache.catalina.startup.VersionLoggerListener"/>
<!-- Security listener. Documentation at /docs/config/listeners.html
<Listener className="org.apache.catalina.security.SecurityListener" />
-->
<!--APR library loader. Documentation at /docs/apr.html -->
<Listener SSLEngine="on" className="org.apache.catalina.core.AprLifecycleListener"/>
<!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html -->
<Listener className="org.apache.catalina.core.JasperListener"/>
<!-- Prevent memory leaks due to use of particular java/javax APIs-->
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener"/>
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"/>
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener"/>
<!-- Global JNDI resources
Documentation at /docs/jndi-resources-howto.html
-->
<GlobalNamingResources>
<!-- Editable user database that can also be used by
UserDatabaseRealm to authenticate users
-->
<Resource auth="Container" description="User database that can be updated and saved" factory="org.apache.catalina.users.MemoryUserDatabaseFactory" name="UserDatabase" pathname="conf/tomcat-users.xml" type="org.apache.catalina.UserDatabase"/>
</GlobalNamingResources>
<!-- A "Service" is a collection of one or more "Connectors" that share
a single "Container" Note: A "Service" is not itself a "Container",
so you may not define subcomponents such as "Valves" at this level.
Documentation at /docs/config/service.html
-->
<Service name="Catalina">
<!--The connectors can use a shared executor, you can define one or more named thread pools-->
<!--
<Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
maxThreads="150" minSpareThreads="4"/>
-->
<!-- A "Connector" represents an endpoint by which requests are received
and responses are returned. Documentation at :
Java HTTP Connector: /docs/config/http.html (blocking & non-blocking)
Java AJP Connector: /docs/config/ajp.html
APR (HTTP/AJP) Connector: /docs/apr.html
Define a non-SSL HTTP/1.1 Connector on port 8080
-->
<Connector connectionTimeout="20000" port="8080" protocol="HTTP/1.1" redirectPort="443"/>
<!-- A "Connector" using the shared thread pool-->
<!--
<Connector executor="tomcatThreadPool"
port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="443" />
-->
<!-- Define a SSL HTTP/1.1 Connector on port 443
This connector uses the BIO implementation that requires the JSSE
style configuration. When using the APR/native implementation, the
OpenSSL style configuration is required as described in the APR/native
documentation -->
<Connector port="443"
protocol="org.apache.coyote.http11.Http11Protocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keyAlias="dev-tomcat-cert-es"
keystoreFile="<the correct path to the keystore file>"
keystorePass="<the correct password>"
/>
<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009" protocol="AJP/1.3" redirectPort="443"/>
<!-- An Engine represents the entry point (within Catalina) that processes
every request. The Engine implementation for Tomcat stand alone
analyzes the HTTP headers included with the request, and passes them
on to the appropriate Host (virtual host).
Documentation at /docs/config/engine.html -->
<!-- You should set jvmRoute to support load-balancing via AJP ie :
<Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1">
-->
<Engine defaultHost="localhost" name="Catalina">
<!--For clustering, please take a look at documentation at:
/docs/cluster-howto.html (simple how to)
/docs/config/cluster.html (reference documentation) -->
<!--
<Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
-->
<!-- Use the LockOutRealm to prevent attempts to guess user passwords
via a brute-force attack -->
<Realm className="org.apache.catalina.realm.LockOutRealm">
<!-- This Realm uses the UserDatabase configured in the global JNDI
resources under the key "UserDatabase". Any edits
that are performed against this UserDatabase are immediately
available for use by the Realm. -->
<Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/>
</Realm>
<Host appBase="webapps" autoDeploy="true" name="localhost" unpackWARs="true">
<!-- SingleSignOn valve, share authentication between web applications
Documentation at: /docs/config/valve.html -->
<!--
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
-->
<!-- Access log processes all example.
Documentation at: /docs/config/valve.html
Note: The pattern used is equivalent to using pattern="common" -->
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" pattern="%h %l %u %t "%r" %s %b" prefix="localhost_access_log." suffix=".txt"/>
<Context docBase="ct-server" path="/app" reloadable="true" source="org.eclipse.jst.jee.server:ct-server"/></Host>
</Engine>
</Service>
</Server>
I am wondering if MacOs is running something on this port that I can't see.
Or if there is some kind of loop in my configuration which tries to connect twice to the port.
I am using MacOs-Sierra
Any help would be appreciated.
Thanks.
Follow one single step:
1) Delete the server you have created.
a)then create new server ofcourse (i hv attached screenshots for steps)
[Delete your current server][1]
For Creating new server:
1)create new server and delete previously added Configure Environment Variable
Create new server (1)
[click on configure environment variables][3]
[remove the previously added variable and create new][4]
while adding new click next and look for your installed jre
This error shows up if you installed tomcat on MacOs-Sierra using brew.
#Michael-O is right - you need to be root.
One good way to get round that is to bind to 8443 instead of 443. Changing ports unleashes another error about the server not starting within the set timeout.
Either that or the "document does not exist error" will hit first.
The hurdles aren't few. The easiest option - install tomcat using a zip file.
Go to https://tomcat.apache.org/download-70.cgi, download a zip, unzip it and in Eclipse, create a new server and specify "tomcat installation directory" as the unzipped file.
The problem
I am trying to create an autodiscover script for the users of my website. Currently I am creating a working connection to my mail-server, however my mail server requires SMTP authentication. I am currently sending:
<AuthRequired>on</AuthRequired>
in the full XML file to enable SMTP authentication. This enables the checkmark in the details next to "My outgoing server (SMTP) requires authentication". The bullet list with the two options "use same settings as my incoming mail server" (prefered) or "Log on using" has no option selected.
What I've tried
I have tried adding the POP3 information and putting the following attribute in my SMTP part:
<UsePOPAuth>on</UsePOPAuth>
However that did not work. To create the XML file I have used the following URL: https://technet.microsoft.com/en-us/library/cc511507.aspx
My current XML document
<Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
<Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
<Account>
<AccountType>email</AccountType>
<Action>settings</Action>
<Protocol>
<Type>IMAP</Type>
<Server>mail.test.nl</Server>
<Port>143</Port>
<DomainRequired>on</DomainRequired>
<LoginName>me#test.nl</LoginName>
<SPA>off</SPA>
<SSL>off</SSL>
<AuthRequired>on</AuthRequired>
</Protocol>
<Protocol>
<Type>SMTP</Type>
<Server>mail.test.nl</Server>
<Port>587</Port>
<DomainRequired>on</DomainRequired>
<LoginName>me#test.nl</LoginName>
<SPA>off</SPA>
<SSL>off</SSL>
<AuthRequired>on</AuthRequired>
<SMTPLast>on</SMTPLast>
</Protocol>
</Account>
</Response>
</Autodiscover>
I found a very useful article on TechNet which basically explains why this is happening. From what i understood, specifying the SMTPLast property makes Outlook attempt to login to POP/IMAP before SMTP, without actually authenticating SMTP (some servers such as my school's only work this way).
I reproduced the same problem you had with that config but once i removed it, it worked like a charm.
I noticed there isn't a lot of useful documentation about Autodiscover, aka POX autodiscover so here's the xml template that worked for me:
<Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
<Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
<User>
<DisplayName>First Last</DisplayName>
</User>
<Account>
<AccountType>email</AccountType>
<Action>settings</Action>
<Protocol>
<Type>IMAP</Type>
<Server>mail.example.com</Server>
<Port>993</Port>
<AuthRequired>on</AuthRequired>
<LoginName>email#example.com</LoginName>
<SPA>off</SPA>
<SSL>on</SSL>
</Protocol>
<Protocol>
<Type>SMTP</Type>
<Server>mail.example.com</Server>
<Port>587</Port>
<AuthRequired>on</AuthRequired>
<LoginName>email#example.com</LoginName>
<SPA>off</SPA>
<Encryption>TLS</Encryption>
<UsePOPAuth>on</UsePOPAuth>
</Protocol>
</Account>
</Response>
</Autodiscover>