We are creating libtorrent session like this:
ses_settings = lt.session_settings()
ses_settings.ignore_limits_on_local_network = False
ses_settings.announce_to_all_trackers = True
ses_settings.ssl_listen = 0
ses = lt.session()
ses.listen_on(LISTEN_ON_RANGE_START, LISTEN_ON_RANGE_END)
ses.set_settings(ses_settings)
ses.set_download_rate_limit(download_rate)
ses.set_upload_rate_limit(upload_rate)
Similar to ssl_listen, we want to disable DHT, LSD, UPnP, NAT-PMP in the libtorrent session. Is there any way to do it ?
Also in the libtorrent manual page its mentioned as:
Configuration options can be updated after the session is started by calling apply_settings(). Some settings are best set before starting the session though, like listen_interfaces, to avoid race conditions. If you start the session with the default settings and then immediately change them, there will still be a window where the default settings apply.
Changing the settings may trigger listen sockets to close and re-open and NAT-PMP, UPnP updates to be sent. For this reason, it's typically a good idea to batch settings updates into a single call.
How to do the batch setting updates in a single call ?
Basically we want to change these default setting fields: enable_lsd, enable_dht, enable_upnp, enable_natpmp and then create a session object with these settings.
the session_settings type and set_settings() function on session are deprecated (and have been for quite a while). The reference documentation online (https://libtorrent.org) is for the most recent stable release, so you won't find them documented there.
Instead, use settings_pack and apply_settings() on the session. Or even better, pass in your settings pack to the session constructor.
In the C++ interface, settings_pack is a class with a fairly simple interface, but in the python binding it's just a plain dictionary.
To set up a settings pack in python, you do this:
sett = {'enable_lsd': False,
'enable_dht': False,
'enable_upnp': False,
'enable_natpmp': False,
'listen_interfaces': '0.0.0.0:%s' % LISTEN_ON_RANGE_START,
'download_rate_limit': download_rate,
'upload_rate_limit': upload_rate,
'announce_to_all_tracker': True}
ses = lt.session(sett)
# ...
You'll find all the available settings in the reference documentation.
Related
I would like to create a simple struts action within Liferay, which would be a publicly accessible path to get some data. This is all perfectly fine, and I am able to create as many of those as I need. However, the data comes with several extra http headers that are not needed, and more importantly, with a cookie and a session.
What I would like to do is to simply get the client to obtain its data and go, no sessions are required. Is that a way to achieve this? I know we can disable sessions for the entire system, but I would like to be punctual.
The code is pretty standard:
#Component( immediate = true, property = {
"path=" + AuthPublicPath.ASSET_BRIDGE_URL, "service.ranking:Integer=" + Integer.MAX_VALUE
}, service = StrutsAction.class )
I was using Properties.Settings.Default to store persistent data between sessions. For example, I was using Properties.Settings.Default.mute to store a boolean of whether or not to mute sounds.
I went online and it recommends to use Windows.Storage.ApplicationData.Current.LocalSettings.Values. So I try setting Windows.Storage.ApplicationData.Current.LocalSettings.Values["mute"] and using that, but that actually crashes the debugger, so I can't even debug whatever the issue is.
You have to set some data in Windows.Storage.ApplicationData.Current.LocalSettings.Values["mute"] before use it, for example:
Windows.Storage.ApplicationData.Current.LocalSettings.Values["mute"] = true;
(or false or an other value ) the you can get it like this
var t = Windows.Storage.ApplicationData.Current.LocalSettings.Values["mute"];
G'day all,
I've been having trouble upgrading to a more recent version of the ember-simple-auth module.
In particular I seem to have two challenges:
1) the application no longer transitions to the desired route after authenticating. the configuration looks like this:
ENV['ember-simple-auth'] = {
crossOriginWhiteList: ['http://10.10.1.7:3000'],
routeAfterAuthentication: 'profile',
//store: 'simple-auth-session-store:local-storage',
//authorizer: 'simple-auth-authorizer:token',
};
but it never gets to "profile".
2) I can't get the authenticated session to stick after a reload. I had been trying to use the local-store which I believed would do the trick, but it's not. Has something changed in the implementation?
The documentation seems to indicate that the configuration strings are right, but the transition and session store don't seem to be working.
Has anyone had a similar problem?
Thanks,
Andrew
you could try adding "routeIfAlreadyAuthenticated" to ENV['ember-simple-auth'] - or you could transition manually in index route "afterModel" hook, if session is already authenticated
have you configured a session store? https://github.com/simplabs/ember-simple-auth#session-stores - the way it's configured changed in 1.0, now you can add the desired session store to app/session-stores/application.js - maybe this solves #1 too.
OK. As the comments call out, there were two problems here:
1) I had written a customer authorizer for the old version of simple-auth which didn't work with the new version, and
2) I had a typo in the adapter code, where DataAdapterMixin was DAtaAdapterMixin.
Removing (1) and fixing (2) fixed the problem.
How do I expire the administrator session after a period of inactivity in SilverStripe 3.1.x? Is there a config option for this?
I searched and found the following code snippet, which, when placed in the Page_Controller class, works for frontend users, but totally ineffective in the administration area.
public function init() {
parent::init();
self::logoutInactiveUser();
}
public static function logoutInactiveUser() {
$inactivityLimit = 1; // in Minutes - deliberately set to 1 minute for testing purposes
$inactivityLimit = $inactivityLimit * 60; // Converted to seconds
$sessionStart = Session::get('session_start_time');
if (isset($sessionStart)){
$elapsed_time = time() - Session::get('session_start_time');
if ($elapsed_time >= $inactivityLimit) {
$member = Member::currentUser();
if($member) $member->logOut();
Session::clear_all();
$this->redirect(Director::baseURL() . 'Security/login');
}
}
Session::set('session_start_time', time());
}
After over 1 minute of inactivity, the admin user is still logged in and the session has not timed out.
For people like myself still searching for a solution to this, there's a much simpler alternative. As it turns out, the only good solution at the moment is indeed to disable LeftAndMain.session_keepalive_ping and simon_w's solution will not work precisely because of this ping. Also, disabling this ping should not cause data loss (at least not for SilverStripe 3.3+) because the user will be presented with an overlay when they attempt to submit their work. After validating their credentials, their data will be submitted to the server as usual.
Also, for anyone who (like myself) was looking for a solution on how to override the CMS ping via LeftAndMain.session_keepalive_ping using _config.yml keep reading.
Simple Fix: In your mysite/_config.php, simply add:
// Disable back-end AJAX calls to /Security/ping
Config::inst()->update('LeftAndMain', 'session_keepalive_ping', false);
This will prevent the CMS from refreshing the session which will naturally expire on it's own behind the scenes (and will not be submitted on the next request). That way, the setting you may already have in _config.yml dictating the session timeout will actually be respected and allowing you to log out a user who's been inactive in the CMS. Again, data should not be lost for the reasons mentioned in the first paragraph.
You can optionally manually override the session timeout value in mysite/_config/config.yml to help ensure it actually expires at some explicit time (e.g. 30min below):
# Set session timeout to 30min.
Session:
timeout: 1800
You may ask: Why is this necessary?
Because, while the bug (or functionality?) preventing you from overriding the LeftAndMain.session_keepalive_ping setting to false was supposedly fixed in framework PR #3272 it was actually reverted soon thereafter in PR #3275
I hope this helps anyone else confused by this situation like I was!
This works, but would love to hear from the core devs as to whether or not this is best practice.
In mysite/code I created a file called MyLeftAndMainExtension.php with the following code:
<?php
class MyLeftAndMainExtension extends Extension {
public function onAfterInit() {
self::logoutInactiveUser();
}
public static function logoutInactiveUser() {
$inactivityLimit = 1; // in Minutes - deliberately set to 1 minute for testing
$inactivityLimit = $inactivityLimit * 60; // Converted to seconds
$sessionStart = Session::get('session_start_time');
if (isset($sessionStart)){
$elapsed_time = time() - Session::get('session_start_time');
if ($elapsed_time >= $inactivityLimit) {
$member = Member::currentUser();
if($member) $member->logOut();
Session::clear_all();
Controller::curr()->redirect(Director::baseURL() . 'Security/login');
}
}
Session::set('session_start_time', time());
}
}
Then I added the following line to mysite/_config.php
LeftAndMain::add_extension('MyLeftAndMainExtension');
That seemed to do the trick. If you prefer to do it through yml, you can add this to mysite/_config/config.yml :
LeftAndMain:
extensions:
- MyLeftAndMainExtension
The Session.timeout config option is available for setting an inactivity timeout for sessions. However, setting it to anything greater than 5 minutes isn't going to work in the CMS out of the box.
Having a timeout in the CMS isn't productive, and your content managers will end up ruing the timeout. This is because it is possible (and fairly common) to be active in the CMS, while appearing inactive from the server's perspective (say, you're writing a lengthy article). As such, the CMS is designed to send a ping back to the server every 5 minutes to ensure users are logged in. While you can stop this behaviour by setting the LeftAndMain.session_keepalive_ping config option to false, I strongly recommended against doing so.
Is there some way to disable user auto-registration in ckan?
I'd like to have a ckan site that would be strictly read-only for visitors
with a back-end exclusive for contributors.
I went through the docs, but I couldn't find any option like that.
any advice on how to configure and secure ckan for such a purpose would be welcome
The easiest solution is to write an extension that implements the IAuthFunctions interface and override the user_create auth function.
Here is the basic extension:
def no_registering(context, data_dict):
return {'success': False, 'msg': toolkit._('''You cannot register for this
site.''')}
class NoSelfRegistration(plugins.SingletonPlugin):
plugins.implements(plugins.IAuthFunctions, inherit=True)
def get_auth_functions(self):
return {
'user_create': no_registering
}
UPDATE: We are currently implementing a config option to do this (pull request at https://github.com/okfn/ckan/pull/399).
For hub.HealthData.gov, we created this patch
https://github.com/HHS/ckan/commit/0102d4d7cee9151fc5fcfe31c56c485436eddda4
which makes a new config option ckan.auth. create_user which we set to false.
It has been in pull request purgatory since then:
https://github.com/okfn/ckan/pull/399
This is now a standard feature of CKAN (at least since version 2.3.2, perhaps earlier). You can use the ckan.auth.create_user_via_api and ckan.auth.create_user_via_web configuration options.
By default, ckan.auth.create_user_via_api is false but ckan.auth.create_user_via_web is true.