I'm trying to install Kolab 16 on CentOS 7 but i have troubles to authenticate the user via IMAP. The maillog says:
May 30 14:35:11 mxname IMAPD-CUST/imaps[17908]: inittls: Loading hard-coded DH parameters
May 30 14:35:11 mxname IMAPD-CUST/imaps[17908]: starttls: TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits reused) no authentication
Authentication with roundcubemail works like a charm. The relevant section from imapd.conf is (file permissions should be okay):
tls_server_cert: /etc/ssl/certs/fqdn.crt
tls_server_key: /etc/ssl/certs/fqdn.key
tls_server_ca_file: /etc/ssl/certs/fqdn.pem
tls_ciphers: EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!P
SK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
I have no idea how to further investigate this issue. I found out that there is now an IMAP proxy (guam) in front of imapd (haven't seen that on my old setup), maybe this is the trouble maker? The maillog is not very useful for me atm. Any suggestions which service could make troubles here?
Related
I'm running gatling.io to load test my server, but I would like to be able to view the calls so I can debug portions of the script. I know I can have it write all the logs to the console, but viewing through fiddler is nicer.
I searched for a few hours until I found a solution. This is by far the easiest. Just modify your gatling.io's scala script's http configuration object to use fiddler's proxy.
Just like this:
val httpConf = http
.proxy(
Proxy("127.0.0.1", 8888)
.httpsPort(8888)
)
I have succesfully used neo4jphp library with graphenedb with this simple steps as per documentation (considering that graphenedb does not require https)
require('vendor/autoload.php'); // or your custom autoloader
// Connecting to a different port or host
$client = new Everyman\Neo4j\Client(url, port);
// Connecting using HTTP and Basic Auth
$client->getTransport()
->setAuth('username', 'password');
// Test connection to server
print_r($client->getServerInfo());
However, when trying to connect to a graphstory instance (of course they both work fine if I call the rest api from browser, the neo4j console works fine etc.) which requires https as follows
require('vendor/autoload.php'); // or your custom autoloader
// Connecting to a different port or host
$client = new Everyman\Neo4j\Client(url, port);
// Connecting using HTTPS and Basic Auth
$client->getTransport()
->useHttps()
->setAuth('username', 'password');
// Test connection to server
print_r($client->getServerInfo());
I get the following error. They should be identical, I can't get why.
Fatal error: Uncaught exception 'Everyman\Neo4j\Exception' with message 'Can't open connection to https://neo-54f500bf2cc7e-364459c455.do-stories.graphstory.com:7473/db/data/' in /Applications/XAMPP/xamppfiles/htdocs/graphene/vendor/everyman/neo4jphp/lib/Everyman/Neo4j/Transport/Curl.php:91
Stack trace:
#0 /Applications/XAMPP/xamppfiles/htdocs/graphene/vendor/everyman/neo4jphp/lib/Everyman/Neo4j/Transport.php(95): Everyman\Neo4j\Transport\Curl->makeRequest('GET', '/', NULL)
#1 /Applications/XAMPP/xamppfiles/htdocs/graphene/vendor/everyman/neo4jphp/lib/Everyman/Neo4j/Command.php(64): Everyman\Neo4j\Transport->get('/', NULL)
#2 /Applications/XAMPP/xamppfiles/htdocs/graphene/vendor/everyman/neo4jphp/lib/Everyman/Neo4j/Client.php(828): Everyman\Neo4j\Command->execute()
#3 /Applications/XAMPP/xamppfiles/htdocs/graphene/vendor/everyman/neo4jphp/lib/Everyman/Neo4j/Client.php(464): Everyman\Neo4j\Client->runCommand(Object(Everyman\Neo4j\Command\GetServerInfo))
#4 /Applications/XAMPP/xamppfiles/htdocs/graphene/story.php(20): Every in /Applications/XAMPP/xamppfiles/htdocs/graphene/vendor/everyman/neo4jphp/lib/Everyman/Neo4j/Transport/Curl.php on line 91
It seems to me that neo4jphp is not configuring the TLS part in the cURL request.
I fixed it by downloading the certificate bundle from http://curl.haxx.se/docs/caextract.html (ca_bundle.crt) and adding the following line to Everyman\Neo4j\Transport\Curl.php, function makeRequest:
$options[CURLOPT_CAINFO] = "your/path/to/ca-bundle.crt";
I've created an issue on GitHub for this: https://github.com/jadell/neo4jphp/issues/171
I'm the CTO/Lead Dev at Graph Story. Sorry to hear you're having troubles. I've actually just taken a look at your instance and things seem OK from the server side.
Without additional info it's hard to say if there's an issue with your sample connection code. Considering that you've used that same library to connect to GrapheneDB in the past, I think the chances an error in the sample code is low.
Based on the current state of your instance and on the exception thrown by Neo4jPHP, my guess is that port 7473 may be blocked on your network. You can confirm that with local tech support or by switching to a network where you know port 7473 is open and trying to connect again.
I'm trying to upload to my server (on Heroku) a file stored in a password protected FTP.
The problem is that this FTP also dont contain my production IP address on his whitelist (and i cant add it..) so i should use a proxy to connect my rails app this FTP.
I tried this code :
proxy_uri = URI(ENV['QUOTAGUARDSTATIC_URL'] || 'http://login:password#myproxy.com:9293')
Net::HTTP::Proxy(proxy_uri.host, proxy_uri.port,"login","password").start('ftp://login:password#ftp.website.com') do |http|
http.get('/path/to/myfile.gz').body
end
But my http.get returns me lookup ftp: no such host.
I also got this code for FTP download, but i dont know how to make it works with a proxy :
ftp = Net::FTP.new('ftp.myftp.com', 'login', 'password')
ftp.chdir('path/to')
ftp.getbinaryfile('myfile.gz', 'public/myfile.gz', 1024)
ftp.close
Thanks in advance.
I realise that you asked this question over 6 months ago, but I recently had a similar issue and found that this (unanswered) question is the top Google result, so I thought I would share my findings.
mudasobwa's comment below your original post has a link to the net/ftp documentation which explains how to use a SOCKS proxy...
Although you don't mention a specific requirement for a HTTP proxy in your original post, it seems obvious to me that is what you were trying to use. As I'm sure you're aware, this makes the SOCKS documentation totally irrelevant.
The following code has been tested on ruby-1.8.7-p357 using an HTTP proxy that does not require authentication:
file = File.open('myfile.gz', 'w')
http = Net::HTTP.start('myproxy.com', '9293')
resp, data = http.get('ftp://login:password#ftp.website.com')
file.write(data) if resp.code == "200"
file.close unless file.nil?
Source
This should give you a good starting point to figure the rest out for yourself.
To get you going, I would guess that you could use user:pass#myproxy.com for basic auth, or perhaps sending a Proxy-Authorization header in your GET request.
I installed the latest WS02 API Manager, 1.6.0. I followed the directions and just did the plain install, nothing special. When I create an API, publish it, subscribe to it, create an Access Token, and try to access it, I am seeing the following error (I replaced the access key, but it is displaying):
[2014-02-03 13:25:47,850] ERROR - APIAuthenticationHandler API authentication failure
org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException: Access failure for API: /weather, version: 1 with key: access_key
It seems that the API and access key are not getting connected. Is there something else that I have to do to make that happen? I am not using a separate database for the Key Manager, just whatever comes with the install which is a memory DB I assume. I have tried this from Advanced Rest Client in Chrome. I'm guessing something's just not configured correctly, but I don't see any errors in the start-up. I just see a few warnings along these lines:
[2014-02-03 13:25:01,262] WARN - DefaultSchemaGenerator We don't support method overloading. Ignoring [validateAudience Restriction]
Here is the full stack trace for the error:
[2014-02-03 13:25:47,850] ERROR - APIAuthenticationHandler API authentication failure
org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException: Access failure for API: /weather, version: 1 with key: access_key
at org.wso2.carbon.apimgt.gateway.handlers.security.oauth.OAuthAuthenticator.authenticate(OAuthAuthenticator.jav
a:139)
at org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler.handleRequest(APIAuthenticationHand
ler.java:92)
at org.apache.synapse.rest.API.process(API.java:285)
at org.apache.synapse.rest.RESTRequestHandler.dispatchToAPI(RESTRequestHandler.java:76)
at org.apache.synapse.rest.RESTRequestHandler.process(RESTRequestHandler.java:63)
at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.injectMessage(Axis2SynapseEnvironment.java:220)
at org.apache.synapse.core.axis2.SynapseMessageReceiver.receive(SynapseMessageReceiver.java:83)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at org.apache.synapse.transport.passthru.ServerWorker.processNonEntityEnclosingRESTHandler(ServerWorker.java:336
)
at org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:168)
at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918)
at java.lang.Thread.run(Thread.java:662)
Until few days ago everything worked fine. But after some changes on FitBit new user can not get OAuth handshake anymore. The problem is when I receive temporary tokens and make call to finish handshake and receive credentials.
So in first step I get:
TOKEN: 1a227cfde686220183763946a98173bc and VERIFIER: p2g5ims7o4ffscev603rbif05g
and in second step I use theme to make call to https://api.fitbit.com/oauth/access_token ...
Signature Base String is:
POST&https%3A%2F%2Fapi.fitbit.com%2Foauth%2Faccess_token&oauth_consumer_key%3D7c5e888aa3dd4d17a26d82a7f541b278%26oauth_token%3D1a227cfde686220183763946a98173bc%26oauth_nonce%3D5hw45lgu%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1391094796%26oauth_verifier%3Dp2g5ims7o4ffscev603rbif05g%26oauth_version%3D1.0
And by that I receive header (with signature calculated using the same function as in first step)
Authorizing with HEADER: OAuth oauth_consumer_key="7c5e888aa3dd4d17a26d82a7f541b278",oauth_token="1a227cfde686220183763946a98173bc",oauth_nonce="5hw45lgu",oauth_signature="X4udgn9A7Q2xI%2FN38QELl%2BIDVqM%3D",oauth_signature_method="HMAC-SHA1",oauth_timestamp="1391094796",oauth_verifier="p2g5ims7o4ffscev603rbif05g",oauth_version="1.0"
That should work but I get 401 error saying:
{"errors":[{"errorType":"oauth","fieldName":"oauth_access_token","message":"Invalid signature or token 'JNGSIMomid/oghtWGrz7crC6KhM=' or token '6c45d0ce39195e848da14cad0a4f9719'"}],"success":false}
I have been working od that for 7 hours now ... and as far as I can see everything is OK ... Error is saying about field name oauth_access_token ... This fields doesn't even exist. I tried anyway and recived error saying that security is not OK ...
Any Idea?
I had the same problem. After doing some research I noticed that the API has changed and the lib I was using was out dated.
To fix that, I updated my lib and did some code changes.
Here is the link of a .Net implementation after the change:
https://github.com/aarondcoleman/Fitbit.NET/wiki/Breaking-Change-on-1-24-2014-as-a-result-of-OAuth-update-in-Fitbit-API
Regards,
Fredy