I'm trying to use PingFederate server to connect multiple applications into one SSO network.
Server is installed with both IDP and SP roles.
Because IDP and SP are on the same server I'd like to use agent-to-agent mapping.
I'm using agentless kit.
After DropOff, I have to redirect to URL that includes PartnerSpId.
PartnerSpId is only configured in IDP-to-SP connection and not in agent-to-agent mapping.
Does this mean that agentless kit cannot work with agent-to-agent mapping?
PartnerSpId is only relevant when you are connecting to a partner (can be a loop-back connection, that's a different story), where you'd use the /idp/startSSO.ping endpoint (doc). For adapter-to-adapter mappings, which I assume you meant with agent-to-agent, you'll use a different endpoint, /pf/adapter2adapter.ping, which has its own query parameters (doc). You can still append the REF query parameter, and it will function the same way.
Don't take the examples/sample applications that literally, they're there to show functionality, and must be adapted per use case.
Related
My apps using bonjour service to conversation with each other via local network.
I am facing a problem on Xcode12 with OS14 device.
A device publish a service with server type name depends on self device IP address
(example: 192.168.33.20 -> _1921683320._tcp)
B device searching a service with service type depends on A device IP address
(example: _1921683320._tcp)
According to apple document..From OS14~
https://developer.apple.com/documentation/multipeerconnectivity
Important
Apps that use the local network must provide a usage string in their Info.plist with the key NSLocalNetworkUsageDescription. Apps that use Bonjour must also declare the services they browse, using the NSBonjourServices key.
because my service type name is named by local network ip, it is changeable base on local network setting, so I am thinking about to using wildcard to define the service type name.
example: _*._tcp
but seems wildcard is not available on this definition.(I tried it)
I am also thinking about changing the naming method on A device
(example: 192.168.33.20 -> _20._tcp)
and add _1.tcp ~ _255.tcp to info-plist
But if I changed the naming method, B device could not find A device until version up.
Any idea for this problem? Please help.
I'm currently working through the same issue - Bonjour service name is dynamically created based off the iPad name to form a local mesh network. The conclusion that I have came to is com.apple.developer.networking.multicast is required for this to function without completely overhauling how all that logic is done. (More info here)
You will have to request permission from apple by filling out a form here. Let me know if this works for you!
The thing I am finding is, you "might" not be able to use a wildcard, but you can put multiple entries in the plist:
Item 0 _multicastapp0-p._tcp
Item 1 _multicastapp1-p._tcp
Item 2 _multicastapp2-p._tcp
Item 3 _multicastapp3-p._tcp
etc
Item N _multicastappN-p._tcp
So for some reason if you are trying to have multiple "Groups" of 8 or have a device have it's own "collection" i.e. be a server and have 3 devices connect to that, you can.
I haven't "fully" tested but I am going to be doing this in my apps, I did test using multiple keys tho, but not fully, no errors...
I have read below doc, source code and issue:
https://github.com/grpc/grpc/blob/master/doc/health-checking.md
https://github.com/grpc/grpc-node/blob/master/packages/grpc-health-check/test/health_test.js
https://github.com/grpc/grpc/issues/10428
I provide an example and try to explain:
// Import package
let health = require('grpc-health-check');
// Define service status map. Key is the service name, value is the corresponding status.
// By convention, the empty string "" key represents that status of the entire server.
const statusMap = {
"ServiceFoo": proto.grpc.health.v1.HealthCheckResponse.ServingStatus.SERVING,
"ServiceBar": proto.grpc.health.v1.HealthCheckResponse.ServingStatus.NOT_SERVING,
"": proto.grpc.health.v1.HealthCheckResponse.ServingStatus.NOT_SERVING,
};
// Construct the service implementation
let healthImpl = new health.Implementation(statusMap);
// Add the service and implementation to your pre-existing gRPC-node server
server.addService(health.service, healthImpl);
I am not clear about the following points:
Does the service name in statusMap need to be the same as the service name in the protocol buffers file? Or the service name can be arbitrarily specified. If so, how does the service name map to the service defined in the protocol buffers?
From the health checking protocol:
The server should register all the services manually and set the individual status
Why do we need to register manually? If the service code can be generated, why doesn't grpc help us automatically register the service name in statusMap? (Imagine setting the status of 100 services one by one)
The service status is hard code and cannot be changed at application runtime. If my service is unavailable at runtime for some reason such as misconfiguration, downstream service is not available, but the status of the service is always serving(because it's hard code), if so, what is the meaning of the health check?
For RESTful API, we can provide a /health-check or /ping API to check that the entire server is running normally.
Regarding the service names, the first linked document says this:
The suggested format of service name is package_names.ServiceName, such as grpc.health.v1.Health.
This does correspond to the package names and service name defined in the Protobuf definition.
The services need to be registered "manually" because the status is determined at the application level, which the grpc library does not know about, and a registered service name is only meaningful along with the corresponding status. In addition, the naming format mentioned above is just a convention; the health check service user is not constrained to it, and the actual services on the server are not constrained to use the standard /package_names.ServiceName/MethodName method naming scheme either.
Regarding the third point, the service status should not be hardcoded, and can be changed at runtime. The HealthImplementation class used in the code in the question has a setStatus method that can be used to update the status.
Also, as mentioned in a comment in the code in the question,
By convention, the empty string "" key represents that status of the entire server.
That can be used as the equivalent of the /health-check or /ping REST APIs.
I'm having trouble adding a connection in the Kusto.Explorer desktop app 1.0.3.949. I can login via Web UI but in the desktop app it gives me this error:
This normally represents a permanent error, and retrying is unlikely to help.
Please provide the following information when contacting the Kusto team # https://aka.ms/kustosupport :
DataSource='https://m1explorer.westus.kusto.windows.net/v1/rest/mgmt',
DatabaseName='NetDefaultDB',
ClientRequestId='KD2RunCommand;5723fa83-9dd5-48fe-a1ee-5d4ddb7f9cd9',
ActivityId='74b41f5e-be7c-46be-88f5-dae1a6d35c30,
Timestamp='2020-08-02T18:48:13.6846740Z'.
In other applications such as the Kuskus VSCode extension or even the Web UI, the problem seems to be that it uses the "common" tenant/authority id as a default. Is there a way to specify the tenant id when adding the connection? It says you can import an .xml file but I'm not sure where or how this can be generated.
Thanks,
Steven
Please try approach described at:
https://learn.microsoft.com/en-us/azure/data-explorer/kusto/tools/kusto-explorer#control-the-user-identity-connecting-to-kustoexplorer
The default security model for new connections is AAD-Federated
security. Authentication is done through the Azure Active Directory
using the default AAD user experience.
If you need finer control over the authentication parameters, you can
expand the "Advanced: Connection Strings" edit box and provide a valid
Kusto connection string value.
For example, users with a presence in multiple AAD tenants sometimes
need to use a particular "projection" of their identities to a
specific AAD tenant. Do this by providing a connection string, such as
the one below (replace words IN CAPITALS with specific values):
Data Source=https://CLUSTER_NAME.kusto.windows.net;Initial Catalog=DATABASE_NAME;AAD Federated Security=True;Authority Id=AAD_TENANT_OF_CLUSTER;User=USER_DOMAIN
I need to quiesce all the multi protocol gateway components in a particular domain ( not default ) in datapower appliance. I could see quiesce option only in each multi protocol gateway level. is there an option in domain level to quiesce all MPGW?
No, you can quiesce a whole domain or object by object.
The only other option is to create a SOMA or REST script to quiesce each object (=MPGW) by name.
As said either you can quiesce an application domain or a particular object. If you are familiar with Java and Soma templates, you can keep the list of MPGW name in a property file and iterate through and execute the Soma command for each MPGW.
Let me know if this helps.
The ESB Toolkit 2.1 has the ALL.Exceptions send port using the old SQL adapter.
But the BizTalk Health Monitor reports ...
Non WCF SQL adapter used in some Send Ports
Prefer to use the WCF one which is more performant !
Is there any way to update to the WCF.SQL adapter?
Yes this is possible. It will however include some custom development.
You will need to create a map between the FaultMessage schema (in Microsoft.Practices.ESB.ExceptionHandling.Schemas.Reporting.dll) and the usp_insert_Fault schema (created using the Consume Adapter Service in Visual Studio, from the usp_insert_Fault SP in the EsbExceptionDb database), as the old SQL Adapter uses a different schema layout to execute a stored procedure.
Required Steps:
Change the Transport Type of the ALL.Exceptions port to WCF-SQL
Set the Address: mssql://SQLServer:1433/SQLInstance/EsbExceptionDb?
Set the Action: TypedProcedure/dbo/usp_insert_Fault
Change the ESBFaultProcessor Send Pipeline to use your custom map in the ESB Transform Component
EDIT: Note: The solution described here does not include the Message and its Context like the map with the SQL Adapter does. To accomplish this, you should make use of Composite Operation to insert into multiple tables in one transaction.