I tried with no success to create a custom role with : Repositories - create, read privilege
When I login as a user with this role i can see the little green "add" in the repository UI in Nexus.
When I try to click on it I get an error:
There is an error communicating with the server.type Rapport d'état
Nexus returned an error: ERROR 403: Interdit
How do I resolve this?
Have a look at "views/repositories - system feeds - authentication and authorization feed" in the UI, this will show you what is missing.
In this case, the problem is likely that you need to add the "repository templates (read)" privilege.
Related
I'm setup kibana local development by following up the wiki from
https://github.com/elastic/kibana/blob/7.1/CONTRIBUTING.md#setting-up-your-development-environment
yarn es snapshot
i'm able to run elastichsearch locally at http://localhost:9200/ with above cli.
yarn start
i'm able to start the server for kibana with above cli, and according to log, it promote me to open http://localhost:5601/ykl,
server log [15:57:39.991] [info][listening] Server running at http://localhost:5603/ykl
server log [15:57:40.150] [info][status][plugin:spaces#8.0.0] Status changed from yellow to green - Ready
after i logined with default user/password, it return back a error response.
{"statusCode":403,"error":"Forbidden","message":"Forbidden"}
I'm not able to access page
http://localhost:5601/ykl/app/kibana#/management,
it will redirect me to http://localhost:5601/ykl/#/management with error response just as above error json response.
My question is what's wrong with the default user account to access homepage? how to change kibana configuration to allow me to access homepage.
ps:
I'm able to open status page without any problem http://localhost:5601/ykl/status#?_g=()
I found answer myself.
just use another default user account which has permission, actually, i login with elastic and it works
https://www.elastic.co/guide/en/elastic-stack-overview/7.1/built-in-users.html
I deployed JDG on OpenShift Online with the following
- Image stream "jboss-datagrid71-openshift-rhel7.json" v1.2
- username 'admin' with role 'admin' and '___schema_manager'
- And given the permissions of READ, WRITE, EXEC, ADMIN, ALL for both the roles. Tried with just 'ALL' also.
- Refer images, Config-env-vars.png and Cache-env-vars.png within the Info.zip for the environment configurations done. (Available # https://drive.google.com/file/d/12EWF1AUB4d60mP_gmTkN4Qlh2pzzv6xi/view?usp=sharing)
While deploying client-side Java application (basically Hotrod with security enabled and with Protobuf based query feature), we are getting the following exception. Attached the logs from the DataGrid server and client application pods
Caused by: org.infinispan.client.hotrod.exceptions.HotRodClientException: java.lang.SecurityException: ISPN000287: Unauthorized access: subject 'Subject with principal(s): [SimpleUserPrincipal [name=admin], InetAddressPrincipal [address=10.131.14.124/10.131.14.124], admin#ApplicationRealm, admin#ApplicationRealm, ___schema_manager#ApplicationRealm, admin, ___schema_manager]' lacks 'WRITE' permission
FYI,
I use the following version of Infinispan from redhat repository
<version.org.infinispan>8.4.2.Final-redhat-1</version.org.infinispan>
In Java, while creating a Configuration Builder, I did in this way. Full code is available # https://github.com/techtantric/JDG-Remote-Hotrod-Secured
ConfigurationBuilder builder = new ConfigurationBuilder();
builder.addServer()
.host(host)
.port(hotrodPort).security().authentication().serverName("jdg-server").saslMechanism("DIGEST-MD5").callbackHandler(new LoginHandler("admin", "password".toCharArray(), "ApplicationRealm")).enable()
.marshaller(new ProtoStreamMarshaller()); // The Protobuf based marshaller is required for query capabilities
cacheManager = new RemoteCacheManager(builder.build());
Please help us resolving this issue. Thanks in advance.
You should not be touching the ___schema_manager role.
I'm following the (getting started with push locations guide) but am running into an error on step 6:
undefined:1 Uncaught (in promise) DOMException: Registration failed - permission denied
My manifest.json file is loading correctly based on the Network tab.
I have entered my correct project number into manifest.json. I have tried adding other settings not mentioned in the guide:
{
"name": "Push Notifications codelab",
"gcm_sender_id": "123456789",
"gcm_user_visible_only": true,
"permissions": [
"gcm"
]
}
I am running my server on localhost as per the guide.
If you're using Brave(the browser) and having the same issue, you have to enable Use Google Services for Push Messaging in the settings.
In order to enable it:
Brave settings > Privacy and Security > Use Google Services for Push Messaging
or use brave://settings/privacy shortcut.
My problem was actually in my settings for Chrome. Under Content Settings, Notifications was set to Do not allow any site to show notifications. Changing this setting to Ask when a site wants to show notifications resolved the issue for me.
DOMException occurs when an operation is impossible to perform, either for logical reasons, because data is lost, or because the implementation has become unstable. You got your error DOMException: Registration failed - permission denied maybe because the manifest was loaded from a different domain than the main page. Suggested from this thread, try to use <link rel="manifest" href="/manifest.json"> if your page is not located at the root of the website. You can also check on this related SO question.
I am trying to run the pushtest sample that ships with the iOS SDK. In the .m file I have replaced the org name, app name and notifier name( which I have named 'apple'). I have the provisioning set up for my iPad. When I run the code, I don't see any window asking me to allow push notifications. On clicking the push to this device, the terminal spits out this error:
2014-01-30 14:04:20.525 Push Test[2970:60b] displaying alert. title: Error, message: {"error":"unauthorized","timestamp":1391119457656,"duration":0,"exception":"org.apache.shiro.authz.UnauthorizedException","error_description":"Subject does not have permission [applications:post:ed031740-7e90-11e3-a906-25e89414fcd7:/notifications]"}
I believe this is because the app has not obtained push permission, however, the alert window asking for this was not presented in the first case. How can I fix this?
"error":"unauthorized"`
This is an indication that your request requires authentication and you're not authorized to access the endpoint.
Push notifications out of the box require authentication - either an access_token (recommended) or client_id/secret. Try including the access_token in your header (instructions here).
If you want to disable authentication, you can add the GUEST role to /notifications (instructions here).
You need to give permissions to your application role:
curl -X POST "https://api.usergrid.com///roles/ -d '{"name":"nameforrole","title":"titleforrole","permission" : "GET,PUT,POST,DELETE:/users/me/**"}'
This was working fine - cant seem to find out what changed either - but my vagrant up is now reporting this:
Any help appreciated as to why:
Error executing action create on resource 'directory[/var/log/nginx]'
================================================================================
Chef::Exceptions::UserIDNotFound
cannot determine user id for 'nginx', does the user exist on this system?
Obviously you don't create nginx user anywhere.
user 'nginx' do
system true
end