What is the proper way to either delete, disable or at least change the default password of the 'isis-module-security-admin' by means of code or configuration?
The module defines the SeedSecurityModuleService that runs the SeedUsersAndRolesFixtureScript that in turn sets up the account isis-module-security-admin account.
Currently this isn't configurable, but you could raise a PR against SeedSecurityModuleService where the IsisModuleSecurityAdminUser fixture script could use an #Inject ConfigurationService to read the value of the name to use from a config property, eg "isisaddons.module.security.adminUserName"
HTH
Dan
Related
i have defined a dev.properties file for the mule flow.where i am passing the username and password required to run the flow.This password gets updated everymonth.So everymonth i have to deploy the code to the server after changing the password.Is there a way , where we can keep the properties file outside the code in mule server path.and change it when required in order to avoid redeployment.
One more idea is to completely discard any usage of a file to pickup the username and password.
Instead try using a credentials providing service, like a http requestor which is collecting the username and password from an independent API(child API/providing service).
Store it in a cache object-store of your parent API (the calling API). Keep using those values, unless the flow using them fails or if the client needs to expire them after a month. Later simply refresh them.
You can trigger your credentials providing service using a scheduler with a Cron expression having Monthly Triggers.
No, because even if the properties file is outside the application, properties are loaded on application deployment. So you would need to restart the application anyway to pick up the new values.
Instead you can create a custom module that read the properties from somewhere (a file, some service, etc), assign the value to a variable, and use the variable instead at execution time. Note that some configurations may only be set at deployment time, so variables will not be evaluated as such.
If the credentials are not exposing your application security or data, then you can move them to another config file(place it Outside mule app path). Generate a RAML file which will read & reload the credentials after application deploy/start-up, and store them in cache with timeToLive around 12 hours.
The next time when you have to change Username/Password, change in the file directly and cache will refresh it automatically after expiry time.
Actually not because all the properties secure properties needs to be there at runtime and is it is not there your application will get failed,
There is one way but it’s not best one, instead of editing code you can directly edit secure property I.e username and password in your case directly in cloudhub runtime manager properties tab.
After editing just apply changes then api will restart automatically and will deploy successfully
What's the best practice when you have dependencies that you want to be able to configure when creating a PowerShell module in C#?
My specific scenario is that the PowerShell module I am creating via C# code will use a WCF service. Hence, the service's URL must be something that the clients can configure.
Is there a standard approach on this? Or will this be something that must be custom implemented?
A somewhat standard way to do this is to allow a value to be provided as a parameter or default to reading special variable via PSCmdlet's GetVariableValue. This is what the built-in Send-MailMessage cmdlet does. It reads the variable PSEmailServer if no server is provided.
I might not be understanding your question. So I'll posit a few scenarios:
You PS module will always use the same WCF endpoint. In that case you could hardcode the URL in the module
You have a limited number of endpoints to choose from, and there's some algorithm or best practice to associate an endpoint with a particular user, such as the closest geographically, based on the dept or division the user is in, etc.
It's completely up to the end user's preference to choose a URL.
For case #2, I suggest you implement the algorithm/best practice and save the result someplace - as part of the module install.
For case #3, using an environment variable seems reasonable, or a registry setting, or a file in one of the user's profile directories. Probably more important than where you persist the data though, is the interface you give users to change the setting. For example if you used an environment variable, it would be less friendly to tell the user to go to Control Panel, System, Advanced, Environment, User variable, New..., than to provide a simple PS function to change the URL. In fact I'd say providing a cmdlet/function to perform configuration is the closest to a "standard" I can think of.
How can I define a variable that is accessible over several #include levels? E.g. I have some DIM declared in a VBScript and I want to access this by name inside an included VBScript so it is accessible for one user/one session which must be equal to session("UserID") if I have disabled sessions at all and also do not use cookies.
If you want to keep the variable state through multiple page requests and can't use cookies nor session state, an option i see is carrying it in the query string of each request url.
Or maybe you can also look at html5 local storage. Despite some people depreciating w3schools, i always find it a good starting point.
Well, it's been a very long time since I've last worked with ASP3 and VBScript, but if memory serves, the #Include directive is actually not a part of the ASP, it's an instruction to the IIS to add the file that is included into your ASP page.
Therefor any function or variable declared in an included file should be considered for all intents and purposes as if it was written directly into your ASP page.
As you should know, VBScript can't use a variable unless it's declared in a previous code row, therefor it's only a matter of where in your ASP page you are using the #Include directive.
This is why you should use the #Include directive as soon as possible in the ASP page that uses them.
Cookies, sessions (cookie-sessions), local storage values, are the most common types to track a visitor. Another unrealiable option is to store the values in a DB table and then use a mix of IP address and other browser sniffing variables to indicate a user (this is a bad idea).
Your best bet is to use standard cookies and keep ASP-SESSIONS off. Then you would have to build your own session management, which is usually done in a Database.
As for getting those session values into ASP and playing with them on the server side, you just do a request.cookies("session-coookie-name") and then look up the session in your DB. If you want this to go across all pages of your site put it in an include file and make sure that include file is included in all of your asp scripts.
When coding Classic asp, I usually start with a boiler plate which has a few includes (include-page-start.asp, include-head-asp, include-menu.asp, include-page-end.asp). Having an approach like this allows you to quickly add functionality without having to edit every page later. Remember includes can also include other includes :) (part of the reason asp classic both sucks and rocks!)
Sessions also use cookies to track visitor.
But ASP-SessionID Cookie does not have an expire time so if you close your browser, your cookie with ASP-SessionID will delete and your session will be terminated.
i think you try to build a load balance on an ASP site which is most complicated thing with session variables.
You have to use something different to track visitors. Cookies are an option but you have to create your own session management and still have to use a cookie to remember it.
i found a new component to do this. it work like a charm for load balance and keep your own session management with multi accesible mechanism.
http://www.aspstate.com/Developer/Documentation/html/R_Project_Documentation.htm
We're using OpenAM to manage sessions on our application.
The problem is everytime we're trying to pass a parameters with the GET method, the ressource is blocked (error 403 - forbidden). If no parameter is set, everything is wirking.
EX:
http://mysite.com/logo.jpg ----> Works.
http://mysite.com/logo.jpg?foo=bar ----> ERROR !
For images or css, it's normal to do not have parameters, but all links with using the GET method aren't working.
How could we solve our problem? Actually, disabling this policy would be a good solution.
We've looked for section 7.4.2 in the OpenAM's documentation (http://openam.forgerock.org/doc/admin-guide/OpenAM-Admin-Guide.html) but nothing is working.
Any clue ?
Thanks for your time.
So all you need to do is create 2 policies one to cover
.mysite.com/ (i could not post the http://)
.mysite.com/?*
Since the policy engine actually looks are arguments and can restrict access based on args or not.
Creating a second policy to allow args, will solve your problems.
You have to create the appropriate policies to accept parameters in your url.
In your OpenAm console :
- go to the Access Control Tab
- click on the realm you want to modify
- click on the Agents Tab
- click agent name you want to modify
- go to the Application Tab
In the Not Enforced URL Processing section
- look for the NotEnforced URLs parameter
- Enter the new policies in New Value
- click Add and then save.
You can use * or -*- depending on what you want :
* include all subdivision (Ex : mysite.com/* would permit mysite.com/Foo/Bar)
-*- exclude subdivision (Ex : mysite.com/-*- would permit
mysite.com/page1.aspx but
not mysite.com/Foo/page1.aspx)
So you can use for your parameters something like mysite.com?-*- or
more specifically mysite.com?myparam=-*-
And be aware : despite the fact that it is indicated "Hot Swap : yes", it doesn't mean that your changes are effective immediately.
I am looking for a method of storing Application Messages, such as
"You have logged in successfully"
"An error has occurred, please call the helpdesk on x100"
"You do not have the authority to reset all system passwords" etc
So that "when" the users decide they don't like the wording of messages I don't have to change the source code, recompile then redeploy - instead I just change the message store.
I really like the way that I can easily access strings in the web.config using keys and values.
ConfigurationManager.AppSettings("LOGINSUCCESS");
However as I could have a large number of application messages I didn't want to use the web.config directly. I was going to add a 2nd web config file and use that but of course you can only have one per virtual directory.
Does anyone have any suggestions on how to do this without writing much custom code?
In your Web.config, under appSettings, change it to:
<appSettings file="StringKeys.config">
Then, create your StringKeys.config file and have all your keys in it.
You can still use the AppSettings area in the main web.config for any real application related keys.
Put the strings in an xml file and use a filewatcher to check for updates to the file
Put the strings in a database, cache them and set a reasonable expiration policy
You can use ResourceManager class. See "ResourceManager and ASP.NET" article at http://msdn.microsoft.com/en-us/library/aa309419(VS.71).aspx