I found following option in standalone.xml of our jboss 7 installation:
<module-option name="baseFilter" value="(&(objectClass=User)(sAMAccountName={0}))"/>
The & instead & looks odd to me, but the login process of our service seems to work so far. Do you use & or & in your configurations? Is it a general "masking" that is necessary for special characters that could be shell expanded or so?
Thanks for any thoughts on this.
Chris
It's standard character escaping in XML. The ampersand character in XML files is used as prefix for XML character entities.
If you use JBoss CLI then use the ampersands without escaping.
/subsystem=security/security-domain=testLdapExample3/authentication=classic/login-module=LdapExtended:add( \
code=LdapExtended, \
flag=required, \
module-options=[ \
("java.naming.factory.initial"=>"com.sun.jndi.ldap.LdapCtxFactory"), \
("java.naming.provider.url"=>"ldap://ldaphost.jboss.org"), \
("java.naming.security.authentication"=>"simple"), \
("bindDN"=>"cn=Root,dc=jboss,dc=org"), \
("bindCredential"=>"secret1"), \
("baseCtxDN"=>"ou=People,o=example3,dc=jboss,dc=org"), \
("baseFilter"=>"(&(objectClass=User)(sAMAccountName={0}))"), \
("rolesCtxDN"=>"ou=Roles,o=example3,dc=jboss,dc=org"), \
("roleFilter"=>"(member={1})"), \
("roleAttributeID"=>"cn") \
])
Related
I want to submit my neural network model to google cloud via the following command as in the tutorial:
gcloud ai-platform jobs submit training ${JOB_NAME} \
--region=us-central1 \
--master-image-uri=gcr.io/cloud-ml-public/training/pytorch-gpu.1-10 \
--scale-tier=CUSTOM \
--master-machine-type=n1-standard-8 \
--master-accelerator=type=nvidia-tesla-p100,count=1 \
--job-dir=${JOB_DIR} \
--package-path=./trainer \
--module-name=trainer.task \
-- \
--train-files=gs://cloud-samples-data/ai-platform/chicago_taxi/training/small/taxi_trips_train.csv \
--eval-files=gs://cloud-samples-data/ai-platform/chicago_taxi/training/small/taxi_trips_eval.csv \
--num-epochs=10 \
--batch-size=100 \
--learning-rate=0.001
I was working with powershell and I have a problem with the master-accelerator argument which should be a dictionnary. I don't know how to pass such to gcloud. I have tried #{count=1; type=...}, but received a Bad syntax for dict arg: [#] error.
How can I pass a list of parameters in PowerShell such that the gcloud submit command accepts it?
I thank you in advance for your help.
EDIT
I have tried to use delimiters as ^^^^:^^^^, along this, but this still does not work (Invalid delimeter).
I want to mirror a site using wget:
wget --mirror \
--convert-links \
--adjust-extension \
--page-requisites \
--no-parent \
--wait=2 \
--progress=bar \
--show-progress \
--output-file=$LOG_FILE \
--directory-prefix=$DIR_PATH \
$URL
Now, it has been working well but I have come accross a website where the main page from which I want to start is under https://www.website.org/unique_path/here.html but it contains references to files or links that are like: https://www2.website.org/unique_path/there.pdf. However, --no-parent prevents the download of the content under www2... URL. Is there a way to circumvent this? (Or some option that would explicitly work as --no-parent by specifying some wildcard expression that it is ok to go and download here and there?
Is there a way to circumvent this?
You are apparently looking for Spanning Hosts options, you must provide -H option and then you might deliver comma-separated list of acceptable domains via -D, using your example
wget <your current options here> -H -D www.website.org,www2.website.org <your URL here>
I'm trying to set oidc credentials and got stuck, because the client-secret contains a comma:
kubectl config set-credentials user#cluster \
--auth-provider=oidc \
--auth-provider-arg='idp-issuer-url=https://host' \
--auth-provider-arg='client-id=xxx' \
--auth-provider-arg='client-secret=AAAA,BBBB'
This results in the following error:
error: Error: invalid auth-provider-arg format: BBBB
Is there a way to escape the char?
Mentioning the special characters in a single quote is an exact work around for escaping special characters but in this case as comma is present it's considered as extra-scope (Scopes to request to the provider (comma separated)).
Currently kubectl does not accept multiple scopes, so you need to edit the kubeconfig as following:
$ kubectl config set-credentials keycloak --auth-provider-arg extra-scopes=SCOPES
sed -i ' ' -e s/SCOPES/email,profile/ $KUBECONFIG
kubectl config set-credentials user#cluster \
--auth-provider=oidc \
--auth-provider-arg='idp-issuer-url=https://host' \
--auth-provider-arg='client-id=xxx' \
--auth-provider-arg='"client-secret=AAAA,BBBB"'
I have microservice ecosystem and all users interacting with it need to authenticate to a keycloak installation and receive a jwt token.
All is fine, I enabled audience support using this snippet:
/opt/jboss/keycloak/bin/kcadm.sh \
create clients/d3170ee6-7778-413b-8f41-31479bdb2166/protocol-mappers/models -r your-realm \
-s name=audience-mapping \
-s protocol=openid-connect \
-s protocolMapper=oidc-audience-mapper \
-s config.\"included.client.audience\"="your-audience" \
-s config.\"access.token.claim\"="true" \
-s config.\"id.token.claim\"="false"
as described here: Add protocol-mapper to keycloak using kcadm.sh
Which is fine, it works. My problem is, how do I enable multiple values for audience? I mean, I would like to allow the same user to use 2 different services with the same token - each of them should have a different audience.
And the token should look like:
{
"aud": [
"audience-1",
"audience-2"
]
}
Where audience-1 is the audience expected by the first service and audience-2 is the one expected by the 2nd service.
Is it even possible to do that via command line?
I think I may have found the answer. Or at least it worked for me:
kcadm.sh create clients/CLIENT_ID/protocol-mappers/models -r REALM_NAME \
-s name=audience-mapping \
-s prodocol=openid-connect \
-s protocolMapper=oidc-audience-mapper \
-s config.\"included.client.audience\"="audience" \
-s config.\"access.token.claim\"=\"true\" \
-s config.\"id.token.claim\"=\"false\"
I have a problem installing Magento 2. I set the web configuration and i click on the next button, but it is not going on the next step. I tried to set the admin url.
Yo can try install it via comand line.
bin/magento setup:install --backend-frontname="adminlogin" \
--key="YOUR MAGENTO2 REPO KEY" \
--db-host="localhost" \
--db-name="DB_NAME" \
--db-user="MYSQL USERNAME" \
--db-password="PASSWORD FOR MYSQL USER" \
--language="en_US" \
--currency="USD" \
--timezone="America/New_York" \
--use-rewrites=1 \
--use-secure=0 \
--base-url="http://YOUR.DOMAIN" \
--base-url-secure="https://YOUR.DOMAIN"" \
--admin-user=adminuser \
--admin-password=admin123# \
--admin-email=admin#newmagento.com \
--admin-firstname=admin \
--admin-lastname=user \
--cleanup-database
Try it and let me see errorlog, if it doesn't worked for you.
Maybe you have troubles with server or permissions configs.