while generating Evernote API key I had selected Basic Access permission. Now I would want to change it to Full Permission. How can I do that? Pls. help.
If your application is already in production, contact Evernote's developer support. If you're still sandboxed, then you can probably just autogenerate a new key with Full permissions and use that instead.
Related
Hi I am newbie to Wso2 identity server ,using server version 5.9. I can able to add new users and new roles.Is it possible to add custom permissions that are not in the default list.
There are a few possible ways for you to add custom permissions in the WSO2 identity server.
Method 01:
You can create a service provider and add application-specific permissions to the current registry permission tree. To see how you can do this please refer to [1].
Method 02:
You can add new permissions to the existing permission tree through the registry browse in the Management Console. To see how you can follow this approach please refer to [2].
Method 03:
You can also add custom permissions to the registry through a programmatical approach. To see how you can do this please refer to [3].
I am working on Webhook for SharePoint notification using the Get started with SharePoint webhooks. I have registered the application as a Web Application and tried to provide read and write items and lists in all site collections permission. I have checked both delegated and application permissions but i am not able to find these permission.
Delegate permission screenshot
Application permission screenshot
I have followed all the steps except step 1. Can someone tell me how to provide this permission?
Based on the link you provided, you are using Authorization Code flow as the grant type.
So you need to add Delegate permission rather than Application permission.
And what you need to add is AllSites.Manage under SharePoint (NOT Microsoft Graph).
I am hoping this will be a simple question. I am using IIS 7.5 / Visual Web Dev 2010 Express.
I know why this error appears :) it's a security/user issue. The problem is, I don't know what account/permissions this intranet is using that's causing the issue.
I use a simple authentication method that detects the user ID. If they're on that list, they are allowed to look at the page. This is done through:
[allow users] and [deny users]
(Brackets substituted for arrows.)
Authentication mode is set to Windows.
There is another intranet site that users can access- I have read and write permissions on that database that this web site uses. That intranet site works for me, but this gives me a security error.
I'm thinking that by using this authentication method, that it switches to a system profile which tries to access it and gets denied. Is there a generic system profile you guys know of that would cause such an error? Is that even a right assumption or is it a security setting that's related to my username?
Thanks in advance...
Well, maybe this could be helpful for someone in the future who is also facing the same problem. I am not sure where to find this, but apparently I had left out or there was not a tag called identity impersonate. By just having the authentication mode set to Windows, I thought it would take care of everything.
I am assuming that if you use Windows authentication, a system account will try and access the SQL database. Because that system account (whatever it may be, there is one defined somewhere but I forgot the name of it) does not have access, that permission error gets thrown.
What will make the web page use the user permission is with this tag:
[identity impersonate="true"/]
Substitute brackets with arrows.
I want that when a user sign up on my website, a FTP account will be created for him. So every user can access their folder using File Zilla.
I am assuming that you can create a new ftp user via the command line and use chroot to limit him to a particular directory. And one of the answers at https://superuser.com/questions/67765/sudo-with-password-in-one-command-line gives you a way to stop 'sudo' from asking you for the password on the command line. Then its purely a matter of building an interface, and invoking system() or exec() to run the commands.
It is really hard to tell from your question what exactly you want to do. This is a very complex subject that involves a lot of work you need to do in order to achieve this.
If you are using an asp.net custom membership provider you can create the folder there(for example).
Then you need to create a custom authentication provider for IIS which is not an easy task on it's own. Check out this and this blog posts from Robert McMurray. This module will use your user data in your database that you fill in with the custom membership provider.
Then finally you need to provide each user access to his/her own folder trough user isolation in FTP in IIS.
Does anyone know a web based editor for the web.config? I want to offer the possibility of changing and adding settings through a nice web interface.
Update: I am aware of the security issues but still i want to make it possible. The application is an internal app which is not available for outside. I configure authorization within web.config and want be able to administer the users who are able to access the app. Furthermore I have some app settings which i want to be updateable. E.g. mailserver, Connectionstring, etc..
I tend to agree with GregD on this point... Exposing the web.config is not a good idea at all. If you really want the user to be able to configure some settings, provide an interface for it, which allows the user to set the values as per requirement. Check out the built-in ASP.NET website administration tool if you need an example.
There is a good reason why the web.config is not readable from the internet. Don't do it.
Edited to add
What is it that you wish to accomplish by opening up the web.config? The web.config is where you store database connection strings, turn debug off/on, show error messages locally or remotely, etc., etc. Opening up your web.config to "editing" via a web interface, is really asking for someone to hack it, thus gaining full access to your application.
I agree you probably shouldn't do this.... but in going against the grain since we are all adults here...
It is possible to modify the web.config if your website is running in full trust mode. If you're hosted on GoDaddy for example then you are probably out of luck.
That being said you could leverage an admin page I wrote for BlogEngine which will allow you to edit any file you have granted the AppPool service permission to edit. You would probably want to remake this into a user control and then add it to a protected url address and/or folder.