I am just learning all this stuff (CCNet), and have a simple working
ccnet.config, that successfully executes through the localhost/ccnet
service. I am trying to get security set up so that users in other
locations can use cctray. I added this to the ccnet.config file
(copied and modified from one of the security examples (internalSecurity)....
<cruisecontrol>
<internalSecurity>
<users>
<!-- Authenticated users -->
<passwordUser name="account1" display="me (Installer)"
password="%account1"/>
</users>
<permissions>
<!-- Roles -->
<rolePermission name="Releasers" forceBuild="Allow"
defaultRight="Allow" viewProject="Allow">
<users>
<userName name="account1"/>
</users>
</rolePermission>
</permissions>
</internalSecurity>
<project name="test project">
Now, when I click on the 'force' button on http://localhost/ccnet/ViewFarmReport.aspx,
I get the following exception message..."Request processing has failed
on the remote server. Permission to execute ViewProject has been
denied. I am not sure what is happening here. I am logged onto the
server as 'account1', and, I have added viewProject="Allow" to the
rollPermission name="Releasers".
look at the docs here for security setup :
http://www.cruisecontrolnet.org/projects/ccnet/wiki/Security_scenarios
CCNet config looks right. You might try restarting the CCNET executable in order for it to pick up the config changes. Depends on how CCNET is set up in your case usually it needs a restart at the CCNET service on Windows.
Related
I am using Linux Web Apps for Azure together with a SQL Azure Database.
I can save my SQL Azure Database password (for argument's sake, let us say it is pass123) in META-INF/context.xml and this works successfully
<Context>
<Resource name="jdbc/myDB" type="javax.sql.DataSource" auth="Container"
factory="org.apache.tomcat.jdbc.pool.DataSourceFactory"
driverClassName="com.microsoft.sqlserver.jdbc.SQLServerDriver" initialSize="30"
maxActive="100" validationQuery="SELECT 1"
validationQueryTimeout="1000"
testOnBorrow="true"
url="jdbc:sqlserver://exampleserver.database.windows.net:1433;database=exampledb;encrypt=true;hostNameInCertificate=westeurope1-a.control.database.windows.net;
loginTimeout=10;user=myuser;
password=pass123"
/>
</Context>
I however would like the password to be encrypted and not stored in plaintext in the context.xml file. So I did the following - based on https://learn.microsoft.com/en-us/azure/app-service/containers/configure-language-java#data-sources:
I added two Web App/Configuration/Application Settings
CATALINA_OPTS and THEDBPASSWORD
I set CATALINA_OPTS to be "$CATALINA_OPTS -Ddbpassword={THEDBPASSWORD}"
I set THEDBPASSWORD to be the password of the user
I then changed my context.xml to be password={dbpassword} instead of password=pass123
I then however get the following error in the log (and the application fails to start)
Error: Could not find or load main class "$CATALINA_OPTS -Ddbpassword=pass123" -Ddbpassword=pass123
Any ideas?
I solved it by doing the following:
I had forgotten the $ in context.xml
So context.xml needed to be password=${dbpassword}
I also changed the CATALINA_OPTS to be -Ddbpassword=pass123
I dispensed with the THEDBPASSWORD variable
I am sure this is not the only way or the best way of doing this, but at least it works.
I was partly inspired by Tomcat 8 - context.xml use Environment Variable in Datasource
This seems like a relatively simple question, but I didn't see it clearly indicated in the documentation I examined. Assuming a typical Elmah usage on a Windows Server 2012/IIS 7 webserver installation, if the Elmah web.config settings are pointed to an Elmah.config file, will altering that file trigger under the running application cause IIS to restart?
While the answer provided by Josh would normally be true, it is not in the case of ELMAH. ELMAH instantiates a new error log implementation every time it is needed, reading the configuration from either web.config or the configSource provided.
You can do a simple test to prove this. If you configure ELMAH to use an external config file for the errorLog element like this:
<elmah>
<errorLog configSource="elmah.config"/>
</elmah>
and your elmah.config looks like this:
<?xml version="1.0" encoding="utf-8"?>
<errorLog type="Elmah.XmlFileErrorLog, Elmah" logPath="~/App_Data" />
When you start the project and force an error, a new XML file is written to the App_Data folder. Change the logPath like this (without restarting the application):
<?xml version="1.0" encoding="utf-8"?>
<errorLog type="Elmah.XmlFileErrorLog, Elmah" logPath="~/App_Data2" />
(I changed to App_Data2).
Force a new error and you will now see ELMAH create the App_Data2 folder on the file system.
No: Straight from MSDN:
Saving a Web.config file restarts the application. You can alternatively use the configSource attribute of individual section elements to point to a secondary configuration file that does not cause an application restart when it is changed. For more information, see configSource in General Attributes Inherited by Section Elements.
MSDN
has anyone successfully added IIS script maps to their Wix installation. I have been using this:
<CustomAction Id="AddHandlers_Cmd" Property="AddHandlers" Value=""[SystemFolder]inetsrv\appcmd" set config -section:system.webServer/handlers /+"[\[]name='GSOAP',path='*.dll', verb='*',modules='IsapiModule',scriptProcessor='[BIN]mod_gsoap.dll',resourceType='File', requireAccess='Execute'[\]]"" Execute="immediate"/>
<CustomAction Id="AddHandlers" BinaryKey="WixCA" DllEntry="CAQuietExec" Execute="deferred" Return="check" Impersonate="no"/>
However I get the 404 errors from my web application and when I add the script map manually after installing the application it works perfectly. I would appreciate if anyone could share how they done this.
It sounds like you need to add handler mapping to your web application. If that's the case, then you don't need a custom action to accomplish this.
Take a look at WebApplicationExtension element.
We are writing a separate Custom action in C# and Schedule it in after install Finalize to add handlers.
Try this, you can do anything with your own custom action.
I haven't worked with GSOAP handler, but used ASP.NET ISAPI extention. I suppose basically it has the same level of integration. I will post the code for ASP.NET and I hope you won't have problem with changing it to GSOAP. I have a huge risk of changing something incorrectly and make the examples unusable for you, so I let you do it better.
Here is my code to register extention itself if it isn't
<Component Id="Iis6ConfigExtentions" Guid="{GuidHash({ProductId}-1822E4F3-5850-47D5-9281-D1E0E20C77D4)}" KeyPath="yes" Permanent="yes">
<Condition><![CDATA[Installed OR (IISMAJORVERSION AND (IISMAJORVERSION = "#6"))]]></Condition>
<iis:WebServiceExtension Id="ExtensionASP4" Group="ASP.NET v4.0.30319" Allow="yes" File="[FRAMEWORKROOT]v4.0.30319\aspnet_isapi.dll" Description="ASP.NET v4.0.30319"/>
</Component>
and for adding those to the concrete site you need to use WebApplicationExtention, as #Yan already mentioned:
<iis:WebApplication Id="IIS6WebApp" Name="[SITE_APP_NAME]" WebAppPool="AppPool" >
<iis:WebApplicationExtension Verbs="GET,HEAD,POST" CheckPath="no" Script="yes" Executable="[FRAMEWORKROOT]v4.0.30319\aspnet_isapi.dll" />
</iis:WebApplication>
The CheckPath="no" is required on IIS 6 because we use ASP.NET MVC which doesn't map urls to files on disk. You might need it too since service address probably doesn't map to physical file.
UPDATE:
Looks like it is really not possible to do it directly in WIX (at least in 3.5 version). You are going in right direction - custom action using appcmd. But the provided custom actions aren't complete or what you need: the first one just sets property value to the command you need to execute and the second one calls some Dll custom action which wasn't provided.
What I'd try to execute is:
<CustomAction Id="AddGsoapHandler" Directory="TARGETDIR" Impersonate="no" Execute="deferred" Return="check" ExeCommand="[SystemFolder]inetsrv\appcmd.exe set config -section:system.webServer/handlers /+"[\[]name='GSOAP',path='*.dll', verb='*',modules='IsapiModule',scriptProcessor='[BIN]mod_gsoap.dll',resourceType='File', requireAccess='Execute'[\]]" /commit:apphost" />
Please pay attention to the path attribute of your handler configuration. It will limit handler usage to only URL's which ends with ".dll" - I just copied it from your code but not sure if you've done it intentionally or just copied from example at Microsoft site. That might have led to 401 error even if handler is registered successfully.
Also I added the /commit:apphost argument. Not sure if you really need this, but I use it to explicitly specify that I need to configure my application's config.
UPDATE 2:
If you need to set configuration to only single application, you should specify application object as argument of appcmd instead of the 'config' which means global configuration. Please try this:
<CustomAction Id="AddGsoapHandler" Directory="TARGETDIR" Impersonate="no" Execute="deferred" Return="check" ExeCommand="[SystemFolder]inetsrv\appcmd.exe set app "MySite/app1" -section:system.webServer/handlers /+"[\[]name='GSOAP',path='*.dll', verb='*',modules='IsapiModule',scriptProcessor='[BIN]mod_gsoap.dll',resourceType='File', requireAccess='Execute'[\]]" /commit:apphost" />
For more details you can read this tutorial.
I have the following in the tomcat-users.xml:
<tomcat-users>
<role rolename="admin"/>
<role rolename="manager"/>
<user username="aname" password="apassword" roles="admin,manager"/>
</tomcat-users>
If I go to http://localhost:8080/manager/html, I'm asked about username and password (as far as I understand, about these from the tomcat-users.xml), but when I enter them, I get:
403 Access Denied
You are not authorized to view this page.
If you have already configured the Manager application to allow access and you have used your browsers back button...
What could be a reason of such a behavior? Thanks in advance.
To use the web administration gui you have to add the gui role.
In [Tomcat installation path]/conf/tomcat-users.xml you can define role and affect them to user. For example :
<tomcat-users>
<role rolename="admin"/>
<role rolename="admin-gui"/>
<role rolename="manager"/>
<role rolename="manager-gui"/>
<user username="name" password="pwd" roles="admin,admin-gui,manager,manager-gui"/>
</tomcat-users>
Note :
You may not have any default username and password defined here so it's always good to take the time to do this configuration or you'll encounter issue when using Tomcat integrated in IDE like NetBeans. Indeed it will require these credentials in order to use it properly.
I have a Sharepoint site and today when I try to login to the site it gives me the following error
Server Error in '/' Application.
Runtime Error Description:
An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine.
Details:
To enable the details of this specific error message to be viewable on remote machines, please create a tag within a "web.config" configuration file located in the root directory of the current web application. This tag should then have its "mode" attribute set to "Off".
<!-- Web.Config Configuration File -->
<configuration>
<system.web>
<customErrors mode="Off"/>
</system.web>
</configuration>
Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's configuration tag to point to a custom error page URL.
<!-- Web.Config Configuration File -->
<configuration>
<system.web>
<customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm"/>
</system.web>
</configuration>
I've got to change this file:
You may also need edit the web.config in the layouts folder of the SharePoint root:
C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\TEMPLATE\LAYOUTS\web.config
And set
<customErrors mode="Off" />
Change the following in web.config and you will be able to see the detailed error.
<customErrors mode="Off"/>
and
CallStack="true"
Make sure you do this in all the WFEs. You will see detailed error. Once you have the detail error, post it here and we will be able to helop you more.
Set the custom error mode to remote only in your web.config file and try browsing the site again. This time you will get the detailed error with the stack trace. You can proceed from there.
Restart your server then try... Because in my case during I install visual studio on my server system, i can't access my site and i got same error what you posted in above, after restarted my server its works fine. that's why i am saying like that...
What i thought is, actually that time the IIS was disturbed by some other installation program.