I'm trying to migrate work items from Jira to Azure boards using the Solidify tool. I'm using Jira on-premises version 8.8.1. I have tried the username (with and without domain) but still getting an unauthorized-401 error.
command:
jira-export -u xxxxxx -p xxxxxx --url https://jira url/ --config config-scrum.json --force
Error:
[E][13.07.18] Unexpected migration error.
[System.AggregateException] System.AggregateException: One or more errors occurred. ---> System.Security.Authentication.AuthenticationException: Response Content: <html>
<head>
<title>Unauthorized (401)</title>
I had the same kind of issue, and I made it work by:
Replacing the username by the email address of the account I want to use, and;
Replacing the password by an access token generated on Jira.
See API tokens.
Related
I am using maxmind GeoLite2 binary database for geolocation services and I want to update this periodically.
It works fine on updating through geoipupdate program installed via brew.
However Maxmind provides a docker image to update db periodically.
When I try to run docker command below,
docker run --env-file IdeaProjects/ip-geolocation-service/src/main/resources/application.properties -v /Users/me/GeoIp maxmindinc/geoipupdate
With the environment file refers to application.properties,
GEOIPUPDATE_ACCOUNT_ID=12345
GEOIPUPDATE_LICENSE_KEY=aaaaaaaaaa
GEOIPUPDATE_EDITION_IDS=GeoIP2-Country
I gets the following error:
# STATE: Creating configuration file at /etc/GeoIP.conf
# STATE: Running geoipupdate
error retrieving updates: error while getting database for GeoIP2-Country: unexpected HTTP status code: received HTTP status code: 403: Invalid product ID or subscription expired for GeoIP2-Country
Since my credentials is working on manual trigger, I wonder why it has not working on docker run? Any idea for spotting problem or anyone has faced with it?
You write that you want to use the free GeoLite2 database but the ID you use looks like the commercial/paid one. Try the following instead:
GEOIPUPDATE_EDITION_IDS=GeoLite2-Country
Source: https://github.com/maxmind/geoipupdate/blob/main/doc/docker.md
I have installed influxdb. But in the server every user can login when ther type inlux.
Why is it like that? Is not it a security problem. And how can I solve it?
I want to login with spesific admin user and its admin password.
The "why"
Different databases have used reasonings with minor differences over the years, but basically, it goes like this:
In its most simple install, <insert DBMS here> should just run - for integration tests, simple evaluation purposes etc. We could generate a root/admin/superhoncho user password, but more often than not, this is not going to be changed, and that is a Bad Thing™.
And since nobody sane would run a database in production without authentication and authorisation enabled, providing easy access in the default installation is not a problem anyway, is it?
I tend to agree with this reasoning, though I am off the opinion that in the case the DBMS has authentication and authorisation disabled per default, it should bind to localhost by default, too. You make your DBMS accessible to the outside world, and be it only your company's network? You surely have thought about the implications!
The "how"
Authentication
I am going to use docker to illustrate it and it is quite obvious what you have to do in a non-docker environment.
First, we pull the influxdb docker image and create a default config file in one go:
$ docker run --rm influxdb influxd config > influxdb.conf
Unable to find image 'influxdb:latest' locally
latest: Pulling from library/influxdb
...
Digest: sha256:0aa7fea5336b5e5cc1c80e16062865821ec772e06519c138947ef5ebd9b34907
Status: Downloaded newer image for influxdb:latest
Merging with configuration at: /etc/influxdb/influxdb.conf
Now we change the authentication parameter in the [http] section of our influxdb.conf to true:
...
[http]
auth-enabled = true
...
Next, we start our InfluxDB using this modified config file:
$ docker run -d --name influxdb -p 8086:8086 \
-v $PWD/influxdb.conf:/etc/influxdb/influxdb.conf:ro \
influxdb -config /etc/influxdb/influxdb.conf
1987f962c331d2404a2564bb752d971553b13181dbbbb1e38cf50d345b3191c4
(The hash sum you get will be different.)
Now, we connect to our influxdb and create the admin user
$ docker exec -it influxdb influx
Connected to http://localhost:8086 version 1.7.8
InfluxDB shell version: 1.7.8
> create user admin with password 'secret' with all privileges;
From this point on, credentials are needed for pretty much everything
> show users
ERR: unable to parse authentication credentials
Warning: It is possible this error is due to not setting a database.
Please set a database with the command "use <database>".
> auth
username: admin
password:
> show users
user admin
---- -----
admin true
Authorization
Simple mnemonic: "Users are granted permissions per database." So, in order to grant something to a user, that user must first exist:
> create user berkancetin with password 'supersecret';
> create database foobar
> grant read on foobar to berkancetin
> show users
user admin
---- -----
admin true
berkancetin false
> show grants for "berkancetin"
database privilege
-------- ---------
foobar READ
Further reading (!!!)
Ignore at your own risk. You. Have. Been. Warned.
InfluxDB authentication
InfluxDB docs on Authorization
This may seem like a bit of a rudimentary issue, but I cannot seem to push from Sourcetree (windows) to a bitbucket repo for which my user is the owner.
To clarify I can log in to the repo using my browser just fine but when I push to it from Sourcetree and I enter the same details into the prompt box it fails to authenticate. I have tried using the username and email, I've even changed the password of the account but still no joy.
I also created an app password and tried using that as the password with combinations of the username and email, but no joy.
the error I am getting is:
git -c diff.mnemonicprefix=false -c core.quotepath=false
--no-optional-locks -c credential.helper= -c credential.helper="C:/Users//AppData/Local/ATLASS~1/SOURCE~1/GIT_EX~1/GIT-CR~1.EXE"
push -v --tags origin master:master fatal: HttpRequestException
encountered. An error occurred while sending the request.
remote: Invalid username or password. If your organization manages
your account or you've enabled two-step verification, create an app
password to log in: https://confluence.atlassian.com/x/9DJmMQ fatal:
Authentication failed for
'https://#bitbucket.org//.git/'
Pushing to https://#bitbucket.org//.git Completed
with errors, see above.
Any advice would be greatly appreciated
Try to add a new SSH key via Sourcetree, seems like Sourcetree is not picking up your username and password when you are using HTTP/S authentication, it can be because:
You have not added your account info in git global
You have not properly assigned credentials
Using SSH is a far preferred way:
https://confluence.atlassian.com/bitbucket/set-up-an-ssh-key-728138079.html#SetupanSSHkey-ssh3
I deleted:
C:\Users\USERNAME\AppData\Local\Atlassian\SourceTree\passwd
C:\Users\USERNAME\AppData\Local\Atlassian\SourceTree\accounts.json
Inspired by this article: https://community.atlassian.com/t5/Sourcetree-questions/Getting-quot-fatal-Authentication-failed-for-quot-error/qaq-p/624663
It worked. When I restarted SourceTree it acted like it was the first time it was opened (downloaded some tools, asked me for my credentials). Once it finished, my project tabs were there, and I was able to pull/push.
Perform below steps:
Reset your password : https://id.atlassian.com/manage/change-password
Run below command from working copy
git remote set-url origin Your-repository-url-here
In order to get it worked I ended up going to Tools -> Options -> SSH Client configuration and changing it to OpenSSH. and set the path to the already generated ssh key file like C:\Users<user>.ssh\id_rsa.
I have used WSO2 Identity server 5.2.0 to implement oauth2 authorized flow. I have implemented it successfully. I got access token, but when I tried to fetch user information from WSO2 IS with following command:
curl -X GET -H "Authorization: Bearer 5e122a0e7276cd4f245e1be238002aa4" -H "Cache-Control: no-cache" -H "Postman-Token: 77faba9b-6a2e-d8ba-a3f6-25ff0da69979" "https://localhost:9443/oauth2/userinfo?schema=openid"
gives response:
{"sub":"admin#carbon.super"}
But I need email, first name, last name, role, mobile no etc.
have done configuration suggested in : https://docs.wso2.com/display/IS500/Configuring+OpenID+Connect+Authorization+Server
I followed: https://wso2.org/jira/browse/IDENTITY-4250
with https://github.com/wso2/carbon-identity/pull/1688/
but I don`t understand how to use that build solution after building https://github.com/wso2/carbon-identity project.
I have tried with WSO2 Identity server 5.1.0 also but got same response
Please give any suggetion. Thanks in advance.
IS 5.2.0 used WSO2 carbon oauth v5.1.3 features. So what you have to do is
Checkout the source for that component tag from here.
Apply the fix mentioned in the ticket on top of that tag.
Build the source with maven and get the oauth.war file.
Then replace the "repository/deployment/server/webapps/oauth.war" with the new one.
Remove the "repository/deployment/server/webapps/oauth2" directory.
Just for the safe side, back up the existing ones before you delete.
I've been looking at https://github.com/rfdickerson/watson-translation-demo which attempts to show how to do authentication using Facebook OAuth on iOS and with a NodeJS Backend.
The iOS code is straightforward :
let token: String = FBSDKAccessToken.currentAccessToken().tokenString
let fbAccess = FacebookAuthenticationStrategy(
tokenURL: "https://watsonsdkdemo.mybluemix.net/language-translation-service/api/v1/token",
fbToken: token)
translateService = LanguageTranslation(authStrategy: fbAccess)
The problem is that the server/app.js has
var creds = appEnv.getServiceCreds(/facebook-authentication/) || {}
and the manifest.yml has
- services:
- facebook-authentication
But when you cf push the scripts to your Bluemix account you get:
FAILED
Could not find service facebook-authentication to bind to xxxxxxx
The problem is nowhere does the author describe what the 'facebook-authentication" service is.
In the server deployment instructions they have
$ cf login
$ cf create-service speech_to_text standard speech-to-text-service
$ cf create-service text_to_speech standard text-to-speech-service
$ cf create-service language_translation standard language-translation-service
$ cf env
$ cd server
$ cf push
Nothing stating what the facebook-authentication service is.
I apologize that the instructions are incomplete. facebook-authentication is supposed to be a user-provided service. You can create it using the cf create-user-provided-service command:
cf create-user-provided-service facebook-authentication -p "APP_SECRET_GOES_HERE"
The idea is that when you register a Facebook application, they give you an App Secret. Since that secret should not be embedded in the source code, you can set it in the environment variables VCAP by creating a custom service that provides that information for you.
Note, I did not finish actually using the app secret to check the legitimacy of the credentials. Although this is a small security vulnerability for man-in-the-middle-attacks, the facebook token checking still works because in the Facebook App settings I made it so that using the App secret is not required. For now, just create the user service and set the value to anything you would like.
Hope this helps!