I know it is possible to create users with read-only rights to the monit page, but is it possible to create a publicly viewed status page with read-only permissions?
Afraid you can't:
If the Monit command line interface is being used, at least one
cleartext password is necessary (see bellow), otherwise the Monit
command line interface will not be able to connect to the Monit web
interface.
https://www.mmonit.com/monit/documentation/monit.html#Authentication
Regards
Related
I have installed the TeamCity server on my infrastructure. I was e.g. able to silently configure the external database and some other stuff through the TeamCity configuration files. Now, when I start TeamCity, I am facing the "TeamCity First Start" web page, where I can choose if I want to restore my system from a backup or if I want to proceed with a First Start.
I would like to automate that installation as much as possible. Is there a reliable way, e.g. through the TeamCity API, to trigger the action underlying the "Proceed" button of that web page, other than writing a bot that browses the web page and clicks the button? I found no such thing in the API documentation, but I might have missed something.
I think something like this could be called on the server host:
curl -X POST http://localhost:8111/mnt/do/goNewInstallation
but I don't know what data to post and how to get the necessary authentication to be allowed to run that command. Indeed, running the above command yields the following error:
The session is not authenticated. Access denied.
At that time, the super user authentication token has not yet been displayed to the server log file.
I'm currently working on a bot for some anarchy servers, and it's a lot more reliable for it to read the log than just plain chat. I need a way to access that, but I don't know how. Is there even a way to do this without admin access?
No there is actually no way to view this. Because it's a file located on the server you can only view it if you have (direct) file access to the server. The only way to get the latest.log file is to contact the server owner, but I think that no server owner of e.g Hypixel will give you this log file.
You can make a Minecraft plugin in Java that acts as an API server, you can then make it read the file and return it. Of course, you would want to protect it with some type of authorization. You can use an HTTP server, an example would be this, it allows commands to be executed but you could easily work off that.
As MCTzOCK mentioned you can't view it without asking for permission from the server owner.
I have a CentOS VM with an ready installed Pingaccess Server Testenvironment with access to the Pingaccess Admin UI.
Now I would need to set up an Agent-Authentification on the system but sadly have no experience configuring Pingaccess sofar. I also find it dificult to find documentation to complete my task.
I would appreciate any hints and pointers in right direction or information on how this kind of setup can be configured and what else I might need? Is it even possible to set it up in a local VM?
Here a slightly more detailed description of the scenario:
An application that itself is not able to use a corresponding protocol (Oauth, SAML2, ...) (e.g. a small PHP script or something similar) that cannot do anything other than output a user name that it reads from the HTTP headers.
Set up an Agent that extends the header attributes and e.g. something like Header-UserName. The application can then access the web server variables and use these values without having to worry about how the authentication works. The agent, on the other hand, can do the protocols and handle authentication via the server (here PingAccess).
Thanks a lot in advance.
I have a file (or set of files under a directory) published on my web server. Each of this resource needs to be access-protected based on the user's credentials and authority.
The authorization details are stored in a DB, so I need to make a call to the Java code in application server to determine the access.
Everytime the user hits this particular path in the webserver, I need to ensure s/he has access to the requested resource by, ensuring he is logged in and has the necessary priveleges to access this resource.
The webserver is apache - Can you please point me to the settings in apache that allows me to secure resource access using the above logic?
Thanks for the suggestions to correct the Tag and the Question!:
My Web Server is Apache HTTPD
Agree that this is not a Java Question: The only reason why I am bringing the Java perspective, is that I am most likely going to use some Java POJOs to go and check for user authorization for a particular directory that is stored in the DB - That is unless there is a trick in the apache httpd configuration that goes and checks the DB automatically - something similar to the one that is pointed out here...At the end of the it, I need to check if a particular user (authenticated previously by the Single Sign On Server (Sun access manager)) has access to a particular directory (user mapping to directory stored in the DB) and protect the resources under the directory accordingly.
Please let me know if that clarifies.
i am not sure why this is tagged with java - unless your db structure is VERY sepcific, you might able to get it done with apache authz and authn:
http://httpd.apache.org/docs/2.2/mod/mod_authn_dbd.html
or, for an ovierview:
http://httpd.apache.org/docs/2.2/howto/auth.html
Open VS as admin, I create a solution, add new Cloud Azure Project then pick WCF service web role and then run it, everything is fine, I could access default services through browser nicely, however, when add new blank class library as new DAL project to the solution and run it, I have 403 error says "You do not have permission to view this directory or page using the credentials that you supplied."
what is going wrong?
thanks
P.S (with or without adding EMDX with proper db access to class lib, it came out something)
I tried to answer here https://stackoverflow.com/a/9411719/182371:
As for the Access Denied error:
it could be just an IIS default setting to disable browsing. To resolve that, just navigate to that web site in IIS, find Directory
Browsing icon, and press Enable. You will at least see the files
inside that directory.
Also try not only 127.0.0.1:81, buta specific document inside that folder, like 127.0.0.1:81/Default.aspx
Take into account the fact that there's sometimes some mess with the ports. You see that in the error message it's port 82, but in your
browser it's port 81. So make sure you're using the right port. Or,
even better, in your service definition try to use some non-standard
port for this to avoid remapping.