I have to evaluate XACML policies as a part of my research. I am looking for an IDE for xacml evaluation. Can anyone suggest one?
I have installed wso2 identity server but when I am uploading a policy its giving an error that the policy can't be uploaded.
I also downloaded UMU-Xacml-Editor. Can any one tell me how to use that editor for evaluation?
I have even downloaded several source forge engines, But I am not able to install them. can anyone kindly let me know the installation details
Can you even let me know if there are any open tools for evaluating xacml policies.
Thanks & Regards,
Pavani.
What is identity server version that you are using? In Identity Server (V 4.0.0), when you upload a policy, it would do schema validation. If your policy is not according to the schema, policy uploading would be failed.
However you can disable policy schema validation by setting following property to "false" in entitlement.properties file which can be found at /repository/conf/security
PDP.SchemaValidation.Enable=false
Also you can simply create policy with WSO2 Identity Server policy editor UI. I guess this blog post [1] may be useful. But it has been written for Version 3.2.3. May not be valid for 4.0.0. version
Sorry. I have not used UMU-Xacml-Editor.
[1] http://xacmlinfo.com/2012/05/02/xacml-policy-editor-in-wso2-identity-server/
Related
I would like to connect to MariaDB database via SSL in Quarkus application. However, I cannot find a way how to define the SSL-related information in Quarkus application.
How to provide the certificate which is needed in database connection in Quarkus application?
Is it even possible?
If not, I assume that many would be interested in that feature.
I searched information from https://quarkus.io/guides/datasource but did not find anything regarding this.
MariaDB reference: https://mariadb.com/kb/en/library/using-tls-ssl-with-mariadb-java-connector/
There's no reason for it to not work. Just include what you need in your JDBC url.
Be aware though that if you are using native images, you should read this guide that will guide you through configuring everything properly: https://quarkus.io/guides/native-and-ssl .
According to the docs:
you can package your project without deploying it to AWS
If this is the case, why would I get the below error?
AWS provider credentials not found.
If you specify a particular deployment bucket (instead of letting serverless create its own), then you may encounter this bug:
"serverless package" requires AWS access if deploymentBucket provider config is used #4040
For now, you can hack the deployed server less code and comment out the check, then wait for the bug to be fixed.
Hi I just installed graph plugin to my elasticsearch and kibana servers, but when I make a request in graph is asking for some authentication credentials, but I don't have it.
Any idea where I can configure this?
BTW: I dont have shield installed.
Regards,
Error
Kibana does not have security authentication.In Kibana configuration, you have authentication fields, to connect to elasticsearch, depending on how you have configured it.So, if you're prompted for credentials, it is from Elasticsearch, or in your Apache/Nginx/whatever configuration if you have. Kibana configuration file is in /opt/kibana/config folder if you have installed it with package; with custom installation, quite same tree, find "config" folder.In this file, check first how Kibana connects to elasticsearch, and comment those fields if you want.
Thanks I found that is a bug in graph, the error is for the license but graph ask for authentication.
So installing a trial license solve the problem.
Regards,
I am trying to configure Apache Brooklyn to use the LDAPSecurityProvider against a Windows Active Directory.
I am testing the connection with Apache Directory Studio and it works with the provided credentials.
Screenshot of Apache Directory Studio and the LDAP tree
But when I Configure Apache Brooklyn to use LDAP against the AD it does not work and creates no error logs.
My brooklyn property file is here:
brooklyn.webconsole.security.provider=org.apache.brooklyn.rest.security.provider.LdapSecurityProvider
brooklyn.webconsole.security.ldap.url=ldap://10.0.20.10:389/????X-BIND-USER=uid=StackAdmin%2cou=users,X-BIND-PASSWORD=Password123,X-COUNT-LIMIT=1000
brooklyn.webconsole.security.ldap.realm=example.com
The LDAP support is documented at http://brooklyn.apache.org/v/latest/ops/brooklyn_properties.html#ldap - your example configuration looks good (very similar to that).
However, the docs say it will then construct something like:
LDAP://cn=John Smith,ou=Users,dc=example,dc=com
(With the "ou" value being configurable).
Looking at your screenshot, it seems you'd need something like that below (though it isn't expanded to see a full user example):
LDAP://cn=John Smith,cn=Users,dc=example,dc=com
Unfortunately that isn't currently supported in Brooklyn.
The workaround would be store your users under "ou" intead.
The LDAP integration code is pretty simple (and low on logging):
https://github.com/apache/incubator-brooklyn/blob/master/brooklyn-server/rest/rest-server/src/main/java/org/apache/brooklyn/rest/security/provider/LdapSecurityProvider.java
It would be reasonably easy to update the Java to support your use-case.
Do you want to either have a go at creating a pull request for that (https://github.com/apache/incubator-brooklyn/), or opening a jira issue at https://issues.apache.org/jira/browse/BROOKLYN to describe the requirements and someone can take a look?
I had the same problem and solved it by creating my own LdapSecurityProvider for ActiveDirectory. Create a new Class which extends the org.apache.brooklyn.rest.security.provider.LdapSecurityProvider and override the getUserDN Method.
Brooklyn uses the com.sun.jndi.ldap.LdapCtxFactory so you can find a detailed documentation under http://docs.oracle.com/javase/7/docs/technotes/guides/jndi/jndi-ldap.html
I have followed the imageresizer's troubleshooting for when images do not appear as they are listed here:
Potential causes:
You are using the .jpg.ashx syntax, and you did not register the HttpModule properly in both places of your Web.config file.
You are using the .jpg.ashx syntax, but you're not using a query string. You should drop the '.ashx' unless you actually want to process the file.
You are using ASP.NET MVC, but do not have the MvcRoutingShim plugin installed.
You have Precompilation enabled, and are using an image provider. This is caused by a long-standing bug in the .NET framework.
However, everything works perfectly in my local development environment. I have the MvcRoutingShim plugin installed and all the correct web.config references. On the live site, all images referenced by either just a querystring OR the RemoteReaderPlugin.Current.CreateSignedUrl procedure are not found.
All images are resulting in a 404 error.
Any ideas?
The answer: DiskCache(ConfigurationError): Not working: Your NTFS Security permissions are preventing the application from writing to the disk cache
Please give user read and write access to directory "C:\inetpub\wwwroot{site}\imagecache" to correct the problem. You can access NTFS security settings by right-clicking the aformentioned folder and choosing Properties, then Security.