Develop Reference

How to detect source of Artifactory login attempts?

I'm using Artifactory for everything: Docker images, NuGet packages, PyPi cache, you name it. I don't have to pull things very often, but inevitably when I do, my account is locked. I can request for it to be unlocked, and it will be, but then I turn around and it's locked again in no time.
Is there a way to determine where the logon attempts are coming from that are locking my account? I've changed API Key and everything else...it just keeps happening. I've verified that my local machine has been fully updated with the new key, too.

As you mentioned you rotated the Keys, I suspect some automation job/script/cron is trying to hit the Artifactory with wrong credentials.
Nevertheless, as a first point of check, validate artifactory-request.log files for any entries that could be coming from your API key
Example: 2021-10-19T01:13:52.523Z|3b65f083f8d51f74|**127.0.0.1**|**token:XXXXXX**|GET|/api/system/configuration/platform/baseUrl|200|-1|0|16|JFrog Event/7.12.4 (revision: 5060ba45bc, build date: 2020-12-26T18:54:28Z)
If the request is coming from an user the request would look like this:
2021-10-19T01:14:31.440Z|1de7b95f92082ff|**10.10.16.322**|**sssso2**|GET|/api/auth/screen/globalState|200|2|0|345|Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36
(note the IP and user above)
In addition to that you can grab the service id (1de7b95f92082ff is service id in the above example) and grep access-request.log file to get more information

Simple HTML DOM Issue

When using Simple HTML DOM library I have faced a problem with some websites. When I tried to load the following url http://www.t-mobile.com/shop/phones/cell-phone-detail.aspx?cell-phone=HTC-One-S-Gradient-Blue&tab=reviews#BVRRWidgetID
My PHP code is:
<?php
include "simple_html_dom.php";
$html=new simple_html_dom();
$url="http://www.t-mobile.com/shop/phones/cell-phone-detail.aspx?cell-phone=HTC-One-S- Gradient-Blue&tab=reviews#BVRRWidgetID";
$html->load_file($url);
echo $html;
?>
The php script gives no error but it shows the following content every time.
Unsupported Browser
It appears that you are viewing this page with an unsupported Web browser. This Web site works best with one of these supported browsers:
Microsoft Internet Explorer 5.5 or higher
Netscape Navigator 7.0 or higher
Mozilla Firefox 1.0 or higher
If you continue to view our site with your current browser, certain pages may not display correctly and certain features may not work properly for you.
What is the problem? Does Simple HTML DOM have a limitation? Is there any other way to solve this problem?

Some websites are not allowed to scrap its content directly.
you can use curl fetch html content and then use load() of dom object.
i hope it work for you.

Just setup your USERAGENT in simple_html_dom request:
# Creating useragent array
$useragent = array("http" => "User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1.6) Gecko/20091201 Firefox/3.5.6");
# Creating a line from array
$useragent = stream_context_create($useragent);
# Starting Simple_HTML_Dom with our useragent
$html = file_get_html($urlCategory, $useragent)
So, our request will be from the newer browser than yours.

set the useragent
$context = stream();
stream($context, array('user_agent' => 'Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1.6) Gecko/20091201 Firefox/3.5.6\r\n'));
file_get_html('http://www.t-mobile.com/shop/phones/cell-phone-detail.aspx?cell-phone=HTC-One-S- Gradient-Blue&tab=reviews#BVRRWidgetID', 0, $context);

Sys.WebForms.PageRequestManagerParserErrorException occurs only for two dealers (Internet explorer)

Here is the scenario:
We have multiple clients,dealers and staff in our application. this problem occurs only at dealer's area. and it works fine on some of the dealer's machine. but two of our dealers are facing this problem. these dealers are very big banks inside UK. When we tried our dealer's login on our machines everything worked fine. this is just happening to two specific dealers. what could be the reason for this? and how to avoid this? i have searched alot on internet but nothing worked for me. kindly give a solid reason and explanation. problem occurs only at IE.
when they click on a specific button , they see this exception. on that button we just open an aspx page in iframe. details of the error are given below.
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; InfoPath.2; .NET4.0C; .NET4.0E)
Timestamp: Thu, 17 Nov 2011 14:19:14 UTC
Message: Sys.WebForms.PageRequestManagerParserErrorException: The message received from the server could not be parsed. Common causes for this error are when the response is modified by calls to Response.Write(), response filters, HttpModules, or server trace is enabled.
Details: Error parsing near 'uamFuX1R5cGU9amF2YV9zY3JpcHQmRmluamFuX0x'.
Line: 5
Char: 62099
Code: 0
URI: http://xyz.com/ScriptResource.axd?d=_FIiVFNdF1PHkbuLKG5hopSmLy4o3JvRIyD6vVyYwvpDZR7-f336pr-a6hLEOPIccb7DRK78POXYTQfl9EZSx4SxizvUioc19B1P43shEyWowLvhIGL3AeK1wy_YyeW1GriC7BqWtcuIU_bsb1M41M4Otm81&t=ffffffffe783cd7f&sfgdata=+sfgRmluamFuX1R5cGU9amF2YV9zY3JpcHQmRmluamFuX0xhbmc9dGV4dC9qYXZhc2NyaXB0+a

I was looking around on the net and found a similar question asked on StackOverflow - ASP.NET Ajax Error: Sys.WebForms.PageRequestManagerParserErrorException
There seem to be a number of things that could be causing this error, and this article might be a good helper to point you in the right direction. The article lists things to avoid when you are getting this error:
Calls to Response.Write():
Place an or similar control on your page and set its Text property. The added benefit is that your pages will be valid HTML. When using Response.Write() you typically end up with pages that contain invalid markup.
Response filters:
The fix might just be to not use the filter. They're not used very often anyway. If possible, filter things at the control level and not at the response level.
HttpModules:
Same as response filters.
Server trace is enabled:
Use some other form of tracing, such as writing to a log file, the Windows event log, or a custom mechanism.
Calls to Server.Transfer():

Change in User-Agent header triggering forms authentication

I've got an app built using ASP.NET MVC 3.0. It uses asp.net's built in forms authentication, without session state, and cookies on the browser to identify the user making requests.
Now, when I'm testing the app using IE9, the typical HTML request sends this user-agent in the header, and everything works fine.
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
However, we have one page in the app that has an ActiveX container that hosts Microsoft Word in the browser. The purpose of this ActiveX container is to allow you to make modifications to the word document, click on a button to POST that word document with your changes to our server so it can be saved.
There is a method in the ActiveX control--Office Viewer Component from www.ocxt.com--called HttpPost() that POSTs the contents of the viewed document to the server.
When you call HttpPost(), it sends all the same cookies properly, but uses a different User-Agent string.
User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 4.0)
The UserAgent using MSIE 5.5 string appears to cause ASP.NET or MVC to not send the request to the appropriate controller, but instead sends a redirect response to the Login page even though the cookie is correct for the session. I did a test with Fiddler, and tried using MSIE 6.0, 7.0, 8.0 and those seem to work fine, so specifically, 5.5 causes part of the server stack to redirect to login page.
This page used to work fine, so I'm not sure if something has changed in recent versions of ASP.NET/MVC, or is it because I've moved up to IE9.0, but basically, I'd like to know if it is possible to tell ASP.NET to not take the User-Agent into account when determining if a session has been authenticated already or not.
Thanks.

IIRC there was a change in ASP.NET 4.0 where Forms Authentication uses the user agent to detect whether it supports cookies and if it is not a recognized or unsupported user agent it simply doesn't use the authentication cookie. You will need to change the User Agent of the HTTP request.

How to disable this default behavior for the webserver to check cookie support on the user agent in the web.config and force cookies for all browsers...
<system.web>
<authentication mode="Forms">
<forms cookieless="UseCookies" />
</authentication>
</system.web>
What's annoying about this default setting is that some valid User-Agent headers on new browsers will cause cookies to be ignored.
this User-Agent's form auth cookie is NOT ignored...
Mozilla/5.0 (iPad; CPU OS 5_1_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9B206 Safari/7534.48.3
this User-Agent's form auth cookie IS ignored...
Mozilla/5.0 (iPhone; CPU iPhone OS 6_0_1 like Mac OS X; en-us) AppleWebKit/536.26 (KHTML, like Gecko) CriOS/23.0.1271.91 Mobile/10A523 Safari/8536.25
But adding the cookieless="UseCookies" attribute will tell ASP.NET to use the cookies from anything.

Using a query string in an excel hyperlink to an ASP.Net Web Application

I want to pass some data between an existing excel application and an existing ASP.Net VB Webforms application.
I thought a hyperlink with some query string variables would be the most straightforward means of doing this. However, it seems that the hyperlink does not retain the session of the logged in user.
Testing this with the same URL on a webpage does work. So it seems Excel is starting a new session. Any ideas on how to make Excel hyperlinks behave the same way a browser hyperlink does?

I am having this same problem, and using Fiddler I can see that when following the link in Excel, cookies are not being sent to the server - causing session problems.
My work around is as follows; create a redirect page that does not require a valid session, that just redirects to the page that requires a valid session. As the redirect page is in the browser - the page that is redirected to gets the session cookies as expected.
Code (redirect.htm);
<html>
<body>
Please wait, loading your page...
<script type="text/javascript">
<!--
function getQuerystring(key) {
key = key.replace(/[\[]/,"\\\[").replace(/ [\]]/,"\\\]");
var regex = new RegExp("[\\?&]"+key+"=([^&#]*)");
var query = regex.exec(window.location.href);
return query[1];
}
window.location = "http://site-page/" + getQuerystring('page'); //-->
</script>
</body>
</html>
Accessing the page from access using http://site-page/redirect.htm?page=this-sub-page - works for me now.

I've just stumbled across this problem while using Firefox as my default browser. If I set IE as my default the issue goes away. This may not help in your case but it is a workaround.
I have also found out what causes the issue. Excel is requesting the page itself using IE7 before it passes the url to the default browser.
This is a snippet from our server log:
"GET /ar/vehicle.php?rv_id=9046 HTTP/1.1" 302 - "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1 ...
"GET / HTTP/1.1" 302 - "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1 ...
"GET /?q=node/57 HTTP/1.1" 200 6231 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1 ...
"GET /?q=node/57 HTTP/1.1" 200 8318 "-" "Mozilla/5.0 (Windows NT 5.1; rv:2.0) Gecko/20100101 Firefox/4.0 ...
The first three lines are Excel sending the request and processing the redirect. The final line is what gets passed to the default browser.
Gabriel

Clicking a link in Excel typically opens a new browser, and thus, a new session. There's nothing you can really do within Excel or the hyperlink to mitigate this - it's the way browser sessions work.
If you can't just re-initialize the user's session state when they access this url (I assume they may be asked to log in, etc.) then maybe you could consider using cookies to retain the user's identity?

old post but I had same problem
here's how I fixed it.
I made the hyperlink point to a php script which checked the browsers user agent and if it contained the term 'ms-office' did nothing and otherwise redirected it to the real page!
here is what I've got:
if (strpos($_SERVER['HTTP_USER_AGENT'],'ms-office') === false) {
header("Location: ".$_GET['url']);
}
simply send excel to e.g. redirect.php?url=http://google.com