I have Installed Gitlab EE with Apache2 and Shibboleth. Configuration is working fine and I get all data I need for authentification I think. I set debug to false in gitlab.rb but I always get the folwing message with the sso callback. Am I missing something? Where do I have to set debug to false?
!!!!! This message is generated by omniauth-shibboleth. To remove it set :debug to false. !!!!!
HTTP_ACCEPT: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
HTTP_ACCEPT_ENCODING: gzip, deflate
HTTP_ACCEPT_LANGUAGE: de-DE,de;q=0.9,en-US;q=0.8,en;q=0.7,it;q=0.6,fr;q=0.5
HTTP_AFFILIATION: ....
...
This is part of my gitlab Config:
gitlab_rails['omniauth_providers'] = [
{
"name" => 'shibboleth',
"args" => {
"debug" => "false",
"shib_session_id_field" => "HTTP_SHIB_SESSION_ID",
"shib_application_id_field" => "HTTP_SHIB_APPLICATION_ID",
"uid_field" => 'HTTP_UID',
"name_field" => 'HTTP_DISPLAYNAME',
"info_fields" => { "email" => 'HTTP_EMAIL'}
}
}
]
Related
Laravel 9.19
Livewire 2.10
Filament 2.0
masbug/flysystem-google-drive-ext 2.2
I am trying to using google drive as a filesystems storage .. every thing works fine so i can store files and open it .. except that the filament can not fetch the stored file and the console log gives me an error
filesystems.php
'google' => [
'driver' => 'google',
'clientId' => "xxxxxxxxxxxx.apps.googleusercontent.com",
'clientSecret' => "xxxxxxxxxxxxxxxxxxxxx",
'refreshToken' => "xxxxxxxxxxxxxxxxxxxxxx",
'folderId' => env('GOOGLE_DRIVE_FOLDER_ID', null),
],
config/cors.php
<?php
return [
'paths' => ['api/*'], //try ['api/*', 'oauth/*'] , [] and ['*'] Nothing work
'allowed_methods' => ['*'],
'allowed_origins' => ['*'],
'allowed_origins_patterns' => [], //try ['*'] Not working
'allowed_headers' => ['*'],
'exposed_headers' => [],
'max_age' => 0,
'supports_credentials' => false, //try true Not working
];
ComplaintResource.php
public static function form(Form $form): Form
{
return $form
->schema([
Section::make('')
->schema([
//.........
FileUpload::make('reply_pdf')
->disk('google')
->acceptedFileTypes(['application/pdf']),
//.......
])->columns(3)
]);
}
the filament input keeps showing loading indicator
console.log
I am trying to make a middleware to solve this .. but nothing happen
Middleware/Cors.php
public function handle(Request $request, Closure $next)
{
$response = $next($request);
$response->headers->set('Access-Control-Allow-Origin', '*');
$response->headers->set('Access-Control-Allow-Methods', 'POST, GET, OPTIONS, PUT, DELETE');
$response->headers->set('Access-Control-Allow-Headers', 'Content-Type, Accept, Authorization, X-Requested-With, Application');
return $response;
}
I tried to add the next code to .htaccess file .. but it didn't work also
.htaccess
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
</IfModule>
I am run php artisan config:clear and php artisan cache:clear .. not working
The only thing that worked after install CORS Unblock extension to Chrome browser and enable Access-Control-Allow-Origin from it!
I am using Guzzle 6 Http Client to scrape web pages and analyze them from SEO perspective, however interesting thing is, that Guzzle does not follow redirects at all, when being used in production, but code is exatly the same. Here is the snippet I am using to request page and track redirects.
$onRedirect = function (RequestInterface $request, ResponseInterface $response, UriInterface $uri): void {
$this->totalRedirects++;
};
$response = $this->httpClient->request('GET', $url, [
'allow_redirects' => [
'max' => self::MAX_REDIRECTS,
'referer' => true,
'track_redirects' => true,
'on_redirect' => $onRedirect
],
'headers' => [
'User-Agent' => self::USER_AGENT
],
'http_errors' => true
]);
$redirectUrls = $response->getHeader('X-Guzzle-Redirect-History');
$redirectStatuses = $response->getHeader('X-Guzzle-Redirect-Status-History');
foreach ($redirectUrls as $key => $redirectUrl) {
$this->responses[] = new HttpResponse($redirectUrl, $redirectStatuses[$key]);
}
//Save last successful response
$this->responses[] = new HttpResponse($url, $response->getStatusCode());
My redirect middleware is not triggered at all, using this in production and it returns only "307", while in docker I get "307" and "200". This have been tested using samaritans page - (https://www.samaritans.org/)
Both Production and docker are using PHP 7.2 and Guzzle 6
Redmine does not use StartTLS by default. When I configure my LDAP server to require TLS, redmine fails to authenticate users.
With openldap you might see "Confidentially required" error message in redmine logs.
Make sure LDAPS is NOT enabled. ldaps:// is a different encryption scheme than StartTLS. With StartTLS unecrypted connection is promoted to encrypted over same port.
When using redmine 3.2.4 find a file with name redmine/app/models/auth_source_ldap.rb
search for "encryption", find:
options = { :host => self.host,
:port => self.port,
:encryption => (self.tls ? :simple_tls : nil)
}
When LDAPS is unchecked, we want to use StartTLS:
:encryption => (self.tls ? :simple_tls : :start_tls)
Save and restart your web server. Redmine should now use encrypted connection.
I know this is old but I just had a similar problem but with Redmine 4.1.2.
I had to make a similiar change to get StartTLS to work without LDAPS:
in redmine/app/models/auth_source_ldap.rb
Search for this block of code
if tls
options[:encryption] = {
:method => :simple_tls,
# Always provide non-empty tls_options, to make sure, that all
# OpenSSL::SSL::SSLContext::DEFAULT_PARAMS as well as the default cert
# store are used.
:tls_options => { :verify_mode => verify_peer? ? OpenSSL::SSL::VERIFY_PEER : OpenSSL::SSL::VERIFY_NONE }
}
and update it with the an else clause as:
if tls
options[:encryption] = {
:method => :simple_tls,
# Always provide non-empty tls_options, to make sure, that all
# OpenSSL::SSL::SSLContext::DEFAULT_PARAMS as well as the default cert
# store are used.
:tls_options => { :verify_mode => verify_peer? ? OpenSSL::SSL::VERIFY_PEER : OpenSSL::SSL::VERIFY_NONE }
}
else
options[:encryption] = {
:method => :start_tls,
:tls_options => { :verify_mode => OpenSSL::SSL::VERIFY_NONE}
}
end
Hi I have installed logstash plugin for Icinga 2. I have setup the API by issuing icinga2 api setup and then restarted the Icinga 2 service.
I am using Icinga 2 API username and password available in /etc/icinga2/conf.d/api-users.conf and try to push few logs to Icinga 2 from Logstash and getting the following issue
[2017-10-04T07:14:14,565][ERROR][logstash.outputs.icinga ] Request failed {:host=>"xxxxxxxxxx", :port=>5665, :path=>"/v1/actions/process-check-result?service=%25%7Bhostname%7D%21dummy", :body=>"{\"plugin_output\":\"83.149.9.216 - - [04/Jan/2015:05:13:42 +0000] \\\"GET /presentations/logstash-monitorama-2013/images/Test-search.png HTTP/1.1\\\" 200 203023 \\\"http://semicomplete.com/presentations/logstash-monitorama-2013/\\\" \\\"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.77 Safari/537.36\\\"\"}", :error=>#<OpenSSL::SSL::SSLError: certificate verify failed>}
Here is my configuration file
input {
file {
path => "/home/logstashtest/*"
start_position => beginning
ignore_older => 0
}
}
filter {
if ([message] !~ "83.149.9.216") {
drop { }
}
grok {
match => { "message" => "%{COMBINEDAPACHELOG}"}
}
}
output {
icinga {
host => "*****" //Remote Icinga Host
user => "*****" //Icinga 2 Api User
password => "*****" //Icinga 2 Api Password
action => "process-check-result"
action_config => {
plugin_output => "%{message}"
}
icinga_host => "%{hostname}"
icinga_service => "dummy"
}
}
Do I need to pass the path for SSL certificate in the request available in pki/ca.crt. Is there a way to disable SSL validation in Logstash? Please help me on what is causing the issue
Icinga output for Logstash plugin by default uses SSL to connect to Icinga API. I have disabled by setting ssl_verify => false in the plugin
I've reinstall my system and now when something wrong in zf2 i cant see the error on the page only in nginx error log, the display_errors On and display_startup_errors On, in php.ini, maybe something with my php-fpm settings?
And in the simple php file not in zf2 i have see the errors!
You need enable the following options in your config
'view_manager' => array(
'display_not_found_reason' => true,
'display_exceptions' => true,
)
Remember turn off this in a production environment
ini_set('display_errors', true); in my index.php now show me the errors
Zend framework 2 will merge configs from all loaded modules, so you need to ensure that you already set 'display_exceptions' (if that key exists) to true in all modules's config file.
'view_manager' => array(
'display_not_found_reason' => true,
'display_exceptions' => true,
)
You can see which modules are loaded in your application.config.php file
You can combine the above with an environment check:
Add this to your public/index.php at the top:
$env = getenv('APP_ENV') ?: 'production';
if($env == "development") {
error_reporting(E_ALL | E_STRICT);
ini_set('display_errors', true);
}
And this one to your public/.htaccess:
SetEnv "APP_ENV" "development"
Add this to your public/index.php
error_reporting(E_ALL | E_STRICT);
In my case Zend errors and NGinX - php5 fpm, work like this:
Only I put in public/index.php (#AlloVince)
error_reporting(E_ALL | E_STRICT);
ini_set('display_errors', 1);
Without If(){...}
But If only to put above code, display error, will give this:
Parse error: syntax error, unexpected '}', expecting ',' or ';' in /usr/local/nginx/html/ZendSkeletonApplication/module/Album/src/Album/Controller/AlbumController.php on line 12
Another thing! Set up this code: (#To Nong)
'display_not_found_reason' => true,
'display_exceptions' => true,
in module.config.php like this:
'view_manager' => array(
'template_path_stack' => array(
'album' => __DIR__ . '/../view',
'display_not_found_reason' => true,
'display_exceptions' => true,
),
),
I get all errors of an error log on screen:
Fatal error: Uncaught exception 'Zend\View\Exception\InvalidArgumentException' with message 'Invalid path provided; must be a string, received boolean' in /usr/local/nginx/html/ZendSkeletonApplication/vendor/zendframework/zendframework/library/Zend/View/Resolver/TemplatePathStack.php:201 Stack trace: #0 /usr/local/nginx/html/ZendSkeletonApplication/vendor/zendframework/zendframework/library/Zend/View/Resolver/TemplatePathStack.php(149): Zend\View\Resolver\TemplatePathStack->addPath(true) #1 /usr/local/nginx/html/ZendSkeletonApplication/vendor/zendframework/zendframework/library/Zend/Mvc/Service/ViewTemplatePathStackFactory.php(38): Zend\View\Resolver\TemplatePathStack->addPaths(Array) #2 [internal function]: Zend\Mvc\Service\ViewTemplatePathStackFactory->createService(Object(Zend\ServiceManager\ServiceManager), 'viewtemplatepat...', 'ViewTemplatePat...') #3 /usr/local/nginx/html/ZendSkeletonApplication/vendor/zendframework/zendframework/library/Zend/ServiceManager/ServiceManager.php(939): call_user_func(Array, Object(Zend in /usr/local/nginx/html/ZendSkeletonApplication/vendor/zendframework/zendframework/library/Zend/ServiceManager/ServiceManager.php on line 946
I didn't touch config file as php-fpm in system (Ubuntu 14.04).