How to set permissions on IIS6.0 virtual directory? - iis-6

How to set permissions on IIS6.0 virtual directory like write/read etc by C# code and script (By command line)?

If you mean NTFS permissions then take a look at the following code:
/*
* Set Modify permission on D:\MyWebSite and all children
*/
string path = #"D:\MyWebSite";
string userID = "BOB";
FileSystemRights rights = FileSystemRights.Modify;
InheritanceFlags inheritanceflags =
InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit;
DirectorySecurity acls = Directory.GetAccessControl(path);
FileSystemAccessRule acl =
new FileSystemAccessRule(
new NTAccount(userID),
rights,
inheritanceFlags,
PropagationFlags.None,
AccessControlType.Allow);
acls.AddAccessRule(acl);
Directory.SetAccessControl(path, acls);
For more info refer to:
DirectoryInfo.SetAccessControl Method (MSDN)
DirectorySecurity Class (MSDN)
FileSystemAccessRule Class (MSDN)
You could also use icacls.exe:
icacls.exe d:\MyWebSite /grant bob:(CI)(OI)M

Related

Send files from one remote server using JSch to another server using JSch

Please refer to an existing question regarding the same
Send files from one remote server using JSch to another server using JSch too
public boolean uploadFile() throws JSchException, SftpException {
ChannelSftp channelSftpA = createChannelSftp();
ChannelSftp channelSftpB = createChannelSftp();
channelSftpA.connect();
channelSftpB.connect();
localFilePath = "/data/upload/readme.txt";
remoteFilePath = "/bingo/pdf/";
channelSftpA.cd(localFilePath);
channelSftpA.put(localFilePath + "readme.txt", remoteFilePath + "readme.txt");
But it doesn't work. Should I put channelB.put into my first channelA.put?
Solution given for above Question is "for transferring file you should get file from server A, and that put on server B. By the way users under which you are going to download and upload files should have access to specified folders!"
private boolean transferFile() throws JSchException, SftpException {
ChannelSftp channelSftpA = createChannelSftp();
ChannelSftp channelSftpB = createChannelSftp();
channelSftpA.connect();
channelSftpB.connect();
String fileName = "readme.txt";
String remoteFilePathFrom = "/folderFrom/";
String remoteFilePathTo = "/folderTo/";
InputStream srcInputStream = channelSftpA.get(remoteFilePathFrom + fileName);
channelSftpB.put(srcInputStream, remoteFilePathTo + fileName);
System.out.println("Transfer has been completed");
channelSftpA.exit();
channelSftpB.exit();
return true;
}
But My query is
what if I want to directly transfer files from server1 to server2 without getting it on my local. This I can do using command "scp -rv /sourcefolder/text1 username#server2Hostname /destinationfolder/" but through Program it will work ONLY when public key is set up between server1 and server2 SO no Requirement to pass the password. But I need a solution when public key is Not set up and I have to use the Password, Am not able to figure out how to pass the password for server2 in this command OR if we can create parallel session/channel to server1 and server2 NOT Sure how can we do that. ANy Idea ?

How to find hot or cool files in blob container

Is there some way or script to search in your blob container which files are hot or cool to change the to archive?
I have thousands of folders and files and to make this work manually is a nightmare
If you want to change the blob tier(hot or cool) to archive tier, there is a built-in feature named lifecycle management.
You can just set a rule for your storage account(the rule can be applied for container level or account level or subfolder level as per your need), then the blob service can automatically change the tier(hot and cool) to archive.
Here is an example for container level:
1.Nav to azure portal -> your storage account -> lifecycle management, then click "Add a rule":
In the Details panel -> Specify a "rule name", select "Rule scope"(here, select "Limit blobs with filter" for container level), "Blob type" and "Blob subtype":
3.In the "Base blobs", specify the settings as below:
4.In "Filter set", just type your container name for Prefix match:
5.Click "Add" button to save the rule. Note that the rule will be executed after 24 hours.
You could change access tier with Powershell.
#Initialize the following with your resource group, storage account, container, and blob names
$rgName = ""
$accountName = ""
$containerName = ""
#Select the storage account and get the context
$storageAccount = Get-AzStorageAccount -ResourceGroupName $rgName -Name $accountName
$ctx = $storageAccount.Context
#list the blobs in a container
$blobs = Get-AzStorageBlob -Container $containerName -Context $ctx
foreach($blob in $blobs)
{
#if tier not equal "Archive"
if($blob.AccessTier -ne "Archive"){
#Change the blob’s access tier to archive
$blob.ICloudBlob.SetStandardBlobTier("Archive")
}
}
Another method uses the BlobBatch.SetBlobAccessTier Method SDK in .Net.
// Get a connection string to our Azure Storage account.
string connectionString = "<connection_string>";
string containerName = "sample-container";
// Get a reference to a container named "sample-container" and then create it
BlobServiceClient service = new BlobServiceClient(connectionString);
BlobContainerClient container = service.GetBlobContainerClient(containerName);
container.Create();
// Create three blobs named "foo", "bar", and "baz"
BlobClient foo = container.GetBlobClient("foo");
BlobClient bar = container.GetBlobClient("bar");
BlobClient baz = container.GetBlobClient("baz");
foo.Upload(new MemoryStream(Encoding.UTF8.GetBytes("Foo!")));
bar.Upload(new MemoryStream(Encoding.UTF8.GetBytes("Bar!")));
baz.Upload(new MemoryStream(Encoding.UTF8.GetBytes("Baz!")));
// Set the access tier for all three blobs at once
BlobBatchClient batch = service.GetBlobBatchClient();
batch.SetBlobsAccessTier(new Uri[] { foo.Uri, bar.Uri, baz.Uri }, AccessTier.Archive);

Apache Shiro - Subject Permissions and Target Allowances

Let's say we have multiple users and documents.
Users can have access to documents using permissions, such as: document:id:action (e.g. document:1:edit, document:2:read).
Now I also like to have the option to grant access to multiple users from my document-side, e.g. (user:*:read) -> all users should have read-access.
Am I missing something obvious in Apache Shiro or is this not possible?
SecurityUtils.getSubject().isPermitted(document:8:read) will only cover the direction user -> document.
How do I implement something like
SecurityUtils.getTarget().allows(user:7:write) ?
I can get all document-permissions as a List. How would I check against this list for a certain permission?
Essentially I'm looking for a helper-function on Shiro's side such that I can do:
allPermissions = ['user:6:write', 'user:*:read']
permissionToCheck = 'user:95:read'
isPermitted(allPermissions, permissionToCheck)
I propose an answer myself:
List<String> notebookPermissions = ...;
String permissionToCheck = "user:read:" + getUser().getId();
Permission resolvedPermissionToCheck = resolver.resolvePermission("user:read:" + getUser().getId())
List<Permission> permissions = notebookPermissions.stream().map(p ->
resolver.resolvePermission(p)).collect(Collectors.toList());
for (Permission perm : permissions) {
if (perm.implies(resolvedPermissionToCheck)) {
return true;
}
}
return false;
What do you think about this approach?

access Mbeans on weblogic

From the documentation of oracle :
Domain Runtime MBean Server : This MBean server also acts as a single
point of access for MBeans that reside on Managed Servers.
what i want to do is to use this fact to access all my custom mBeans scattered in several managed servers.
for example assume that i have two nodes server-1 server-2 .
how can i access all of the custom mBeans on both server-1 server-2 by connecting to the administrator node ?
i dont want to remotly access each node to return the result i want a single entry point
i managed to get the names of the servers and the states and other information by doing this
JMXConnector connector;
ObjectName service;
MBeanServerConnection connection;
String protocol = "t3";
Integer portInteger = Integer.valueOf(<admin server port>);
int port = portInteger.intValue();
String jndiroot = "/jndi/";
String mserver = "weblogic.management.mbeanservers.runtime";
JMXServiceURL serviceURL = new JMXServiceURL(protocol, "<serverName>", port,
jndiroot + mserver);
Hashtable h = new Hashtable();
h.put(Context.SECURITY_PRINCIPAL, "weblogic");
h.put(Context.SECURITY_CREDENTIALS, "weblogicpass");
h.put(JMXConnectorFactory.PROTOCOL_PROVIDER_PACKAGES,
"weblogic.management.remote");
h.put("jmx.remote.x.request.waiting.timeout", new Long(10000));
connector = JMXConnectorFactory.connect(serviceURL, h);
connection = connector.getMBeanServerConnection(); service = new ObjectName("com.bea:Name=DomainRuntimeService,Type=weblogic.management.mbeanservers.domainruntime.DomainRuntimeServiceMBean");
ObjectName[] ons = (ObjectName[]) connection.getAttribute(service, "ServerRuntimes");
int length = (int) ons.length;
for (int i = 0; i < length; i++) {
String name = (String) connection.getAttribute(ons[i],
"Name");
String state = (String) connection.getAttribute(ons[i],
"State");
String internalPort = (String) connection.getAttribute(ons[i],"ListenPort");
System.out.println("Server name: " + name + ". Server state: "
+ state);
but i need to access the custom Mbeans created on each server and not only the information
maybe my question wasnt clear but i found an answer and i will share it here now :
Question summary : i need to access custom mBeans exists in a managed server by connecting to the administration server from a client application.
Answer :
to do that you need to deploy your application to the administrator server (i tried remote but it didn't work )
you need to connect to the DomainRuntimeServiceMBean because it provide a common access point for navigating to all runtime and configuration MBeans in the domain .
when searching for the Object name add Location=
here is the code:
Hashtable props = new Hashtable();
props.put(Context.INITIAL_CONTEXT_FACTORY,
"weblogic.jndi.WLInitialContextFactory");
props.put(Context.SECURITY_PRINCIPAL, "<userName>");
props.put(Context.SECURITY_CREDENTIALS, "<password>");
Context ctx = new InitialContext(props);
MBeanServer server = (MBeanServer)ctx.lookup("java:comp/env/jmx/domainRuntime");
ObjectName on =new ObjectName("com.<companyName>:Name=<Name>,Type=<Type>,Location=<managed_server_name>");
boolean boolresult=(Boolean)server.invoke(on, "<method_Name>",
new Object[]{"<ARG1>","<ARG2>","<ARG3>"}
,new String[]{"java.lang.String","java.lang.String","java.lang.String"});
out.print(boolresult);

ClearCase : list the content of a directory (ls) using CAL

In ClearCase, you can list the content of a directory using "cleartool ls".
My question is how can I do the same thing using CAL (ClearCase Automation Layer). The reason I prefer the COM API is because I won't have to parse the output of "ls".
So far, I am able to get the VOB and the View successfully, but I didn't find any method for listing the content.
My code so far:
IClearCase cc = new ApplicationClass();
CCVOB vob = cc.get_VOB("\\VOB-name");
CCView view = cc.get_View("ViewTag");
Thank you for your help.
I wrote VonC's answer in C# for those interrested.
string[] files = Directory.GetFiles("View path here", "*.*", SearchOption.AllDirectories);
foreach (string file in files)
{
try
{
CCVersion ver = cc.get_Version(file);
Console.WriteLine(ver.Path);
}
catch(Exception) {/*the file is not versioned*/}
}
May be this is a good start:
Set CC = Wscript.CreateObject("ClearCase.Application")
Set DirVer = CC.Version(".")
Set FSO = CreateObject("Scripting.FileSystemObject")
Set Folder = FSO.GetFolder(DirVer.Path)
Wscript.Echo "Files under source control: "
For Each File in Folder.Files
On Error Resume Next
Set Ver = CC.Version(File.Name)
If Err.Number = 0 Then
Wscript.Echo Ver.ExtendedPath
End If
Next
The idea being to use ICCVersion methods to try accessing the version of a file. If it does not return an error, it is indeed a versioned file.
Now I know the file is versioned, how can I remove it (rmname).
Do not use RemoveVersion():
Removes irretrievably the version (equivalent to cleartool rmver)
WARNING! This is a potentially destructive operation. Because CAL does not prompt the user for input under any circumstances, there is no confirmation step when RemoveVersion is invoked. Invoking RemoveVersion is equivalent to running cleartool rmver with the -force option.
Instead use the RemoveName from the ICCElement interface.