Is it possible to supply kerberos credentials to a dependency resolver in SBT and, if so, how?
Related
I work on API Platform as simple API and it's pretty easy to use !
Because I have other applications which use Keycloak as OpenID provider I need to integrate a Oauth2 provider or a Keycloak Provider ....
I see in configuration in docs there is a key "oauth" and we can specify clientId, secret and other values but I don't know where this conf is use. There isn't a 403 but still 200 with "enabled: true" on requests...
May be I could use this provider
https://github.com/stevenmaguire/oauth2-keycloak for Symfony but I don't understand where I can add it in API Platform.
I'm only a beginner on apiPlatform and in Symfony Too.
If Someone could help me... It would be awazing !
Thank You (modifié)
We have a fleet of deployed gateway devices that have a self-signed certificate that they use to make an HTTPS post to our Spring on Tomcat app. This certificate expired, and we cannot issue an update unless we can connect (Catch-22). We need to temporarily ignore the validity of the client SSL certificate in order to get operational again.
We have been trying to figure out where in the Spring XML to put the bean configuration (TrustManager class) to ignore SSL certificate validity.
We are desperate for help. This is not Spring Boot, but Spring MVC secured by spring security using old school XML configuration.
Would not requiring a client certificate help? If so, in <tomcat>/conf/server.xml look for <Connector clientAuth="want"...> and set it to false.
I am unable to confirm whether ASP.NET Boilerplate supports authentication using Active Directory's LDAP over SSL protocol. The documentation states that LDAP protocol is supported but there is no mention of remote authentication mechanism using LDAPS or similar procedures.
I assume ASP.NET Boilerplate uses System.DirectoryServices namespace and its components under the hood to process the LDAP authentication and if so, would it be better to try and alter the Boilerplate's code to support LDAPS by doing something similar to this or should I separate the LDAPS implementation into custom class and avoid using Boilerplate's LDAP at all?
To be specific, Abp Zero Ldap uses PrincipalContext from System.DirectoryServices.AccountManagement namespace
By default, it calls principalContext.ValidateCredentials() with ContextOptions.Negotiate to communicate with AD server
See https://github.com/aspnetboilerplate/aspnetboilerplate/blob/14e41c9ce2d902b2661fca63f4074943e9036c5b/src/Abp.Zero.Ldap/Ldap/Authentication/LdapAuthenticationSource.cs#L98
You can try override ValidateCredentials() and pass ContextOptiona.Negotiate | Context options.SecureSocketLayer to principalContext.ValidateCredentials()
See more https://learn.microsoft.com/en-us/dotnet/api/system.directoryservices.accountmanagement.contextoptions
Abp Zero Ldap module will still be recommended for you as it is well integrated with Abp Zero user login flow.
If you still want to use LdapConnection to validate with AD server, you can create your own ldap authentication source by extending from LdapAuthenticationSource<TTenant, TUser>
I was able to integrate LDAP SSO to drupal 7 also i am using mod_auth_sspi(mod_auth_sspi-1.0.4-2.2.2) for authentication mechanism.
But if I try to restart apache, it saying error message:
Error: Apache shutdown unexpectedly.
This may be due to a blocked port, missing dependencies
The httpd.conf file also contains:
# Virtual hosts
Include conf/extra/httpd-vhosts.conf
# Pass NTLM authentication to Apache
LoadModule sspi_auth_module modules/mod_auth_sspi.so
<IfModule !mod_auth_sspi.c>
LoadModule sspi_auth_module modules/mod_auth_sspi.so
</IfModule>
Are you using the Drupal LDAP module? This should support everything you need for authentication.
Note that LDAP isn't the same as SSO. For that you can use something like SimpleSAMLphp
You will probably have an error in you Apache configuration and/or apache is not able to reach LDAP.
But firstly note that SSO is not the same as LDAP - LDAP is an authorization and authentication method and approach and SSO (single-sign-on) is a centralization of these methods - e.g. user is able to browse different websites withou having to login and/or having to create additional accounts.
More information could be available in the apache error log. If not change your logging level to debug (or possibly syslog if apache error log is not configured).
I'm currently trying to transisiton a maven build to a Gradle build. The show stopper hurdle I've hit is that our internal artifacts are deployed to an internal repository that requires authentication to read.
And you know what authentication means... usernames and passwords. The problem is I don't want to require developers to store their password as plaintext on their hard drives. Maven supports password encryption but I'm not seeing how to make Gradle do it.
Is there some magic access to the Ivy CredentialStore that will support encrypted passwords? or will I have to wait for a new version?
The gradle-credentials plugin will let you encrypt the contents of a gradle.encrypted.properties file, which will then be available in the build as properties of the credentials object.
The gradle maven settings plugin will let you use Maven's system for encrypting/decrypting credentials.
We use Artifactory and Ivy's CredentialsStore works fine.
repositories {
org.apache.ivy.util.url.CredentialsStore.INSTANCE.addCredentials(REALM, HOST, USER, PASSWORD);
mavenRepo urls: [ "http://repo.mycompany.com/repo" ]
}
To have each developer use a different username create a gradle.properties file that contains
HOST=repo.mycompany.com
REALM=My Company Realm
USER=theusername
PASSWORD={DESede}xyz123abc
The {DESede} encrypted password prefix may be a Artifactory specific convention.