We Keep Coding

can NOT modified authenticators.xml to enable SSO

I got one err: Error 405 -Method Not Allowed,
so, I want to enable SSO for IS,
then I modified <IS_HOME>/repository/conf/security/authenticators.xml.
but, after I restarted IS server, authenticators.xml be recovered to original value.
Finally, Error 405 still be showed.
Can you tell me how to enable SSO for IS?
Thanks much!
henry

If you have built the source code of the master branch, then it is 5.12.0-alpha10-SNAPSHOT If you download the zip here https://github.com/wso2/product-is/releases/tag/v5.11.0 it's IS-5.11.0
IS 5.9.0 onwards all configuration changes of XML files are maintained via a central location (deployment.toml). Therefore, in order to make your change navigate to <IS-HOME>/repository/conf/deployment.toml and add the following config. Then restart the server and check the relevant XML file. It should be changed.
[admin_console.authenticator.saml_sso_authenticator]
enable=true
Find more info about deployment.toml configuration model : https://www.youtube.com/watch?v=BRWvtcV1T94

GET query missing with apollo-server-lambda in CloudFront Behaviors

I used the apollo-server-lambda package to create my lambda function with the serverless framework, as we can see, everything went well.
https://28d1lielb9.execute-api.us-east-1.amazonaws.com/prod
Now I working to place graphql in the same subdomain as my application in CloudFront and I am getting the error GET query missing.
https://forms.ciro-maciel.me/g/p/
I did several tests with the path, but I was not successful.
When did we receive the message GET query missing?
How can I correctly configure my environment?
Thank you

try to understand the codes and note that a playground presentation is conditioned by the code:
const acceptHeader = event.headers ['Accept'] || event.headers ['accept'];
with a log of the CloudFront call make sure the Accept header was not passed to a source.
then in Behaviors, obtain a configuration to be able to pass this header, as you can see below.
CloudFront - Behaviors - Accept
Configured and working!

Thanks to Ciro Cesar Maciel.
I had to add the header as following:
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Edit the origin and add the header:

How do I ensure 'Automatically follow redirects' setting is always disabled?

I'm truing to verify that 301 redirects are configured correctly in my webapp. When I send a request I want to receive 301 response with new expected location header.
It appeared that instead of 301 I receive 200 because of the Postman setting 'Automatically follow redirects' which is enabled OOTB. Disabling the setting fixes my tests.
I'm just wondering how to store this configuration somewhere in the collection? I do not want any other dev (or CI?) to know that there is some setting in the Postman tool that needs to be changed. What if I work on two collections simultaneously where one requires the setting to be disabled and the other one is not?

If you're using Newman, in your CI system, there is a setting for this that you can pass as an argument from the command line. --ignore-redirects.
https://github.com/postmanlabs/newman#newman-options
There are changes coming in to bring this down to the request level in the UI to make it more visible. Currently, there is not a programmatic way to do this in the Collection.
You could include this requirement in the Collection or Request Description, so others would know this needed to be disabled. Likewise, if this was a feature that you enabled without telling these external folks, how would they know that?
If it's something that you would like to see included in the app, you could create a feature request for it on the GH issue tracker repo, it's the only sure-fire way to tell the Postman Team, that this would be a cool feature to include.
https://github.com/postmanlabs/postman-app-support/issues

Invalid format when attempting to create AWS Signature V4 to sign API Gateway URL POST request

I am using the code found here to base my signing class on:
https://gist.github.com/yvanin/0bdf68c1139ad698519e
From this I have been able to build an Authorisation header, but when this is passed along with my POST request, it fails with the error
The format of value 'Redacted' is invalid.
When I compare my authorisation header composure to an example found on the internet, it looks pretty much spot on (although i don't use Content-Type header as the request has no payload). Can anyone assist with where I might be going wrong?
Internet example is the top one below, mine is underneath. I have changed the relevant access key and signature data to obfuscate real values (EDIT: and obviously I'm trying to reach the API Gateway service, not IAM, so that's why I have execute-api in the header, have also tried apigateway and neither have any effect...)
// AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20150830/us-east-1/iam/aws4_request, SignedHeaders=content-type;host;x-amz-date, Signature=5d672d79c15b13162d9279b0855cfba6789a8edb4c82c400e06b5924a6f2b5d7
// AWS4-HMAC-SHA256 Credential=AAAAI7T5JMMLSKVKA6EQ/20180302/ap-southeast-2/execute-api/aws4_request, SignedHeaders=host;x-amz-date, Signature=856bc41f18582836b56a02d9563c8f4f621fce7338ae2ec3afabe254a1543667
EDIT: Solved! So, when I first used the Sig V4 code at the github link, there was an extension function ParseQueryString that wouldn't resolve. It was because I was missing a reference to System.Net.Http.Formatting. Attempts to locate this library and add it failed, so I wrote my own extension method to do what I believed that function was doing.
Clearly my version of ParseQueryString was not right, because I finally solved the issue of the missing reference by locating a very specific version of the assembly to add via NuGet (any other versions produce the following error:
Unable to find a version of 'Microsoft.AspNet.WebApi.Client' that is compatible with 'System.Net.Http.Formatting
The specific version I required was:
PM> Install-Package System.Net.Http.Formatting -Version 4.0.20505
Once that was installed, and the ParseQueryString extension method I wrote was replaced with the standard one, viola! I now have a response from my API Gateway using IAM authorisation. It's a beautiful day :)

Rails 4.2: Internal Server Error with Maximum file multiparts in content reached

Just upgraded to Rails 4.2 and I get Internal Server Error on localhost and in production when trying to edit a model with multiple has_many objects. This is the message I see on the rails s console
!! Unexpected error while processing request: Too many open files - Maximum file multiparts in content reached
The request does not even get to the controller i.e., I DO NOT see the usual following lines in rails s console
Started GET "/feeds/3/edit" for 127.0.0.1 at 2015-01-04 20:07:19 -0800
Processing by FeedsController#edit as HTML
......
......
Any clues?? Using Ruby 2.1.5 upgraded to 2.2 with no luck.

It looks like the multipart limit was added in the Rails 4.2 version of Rack (https://github.com/rack/rack/commit/b0b5fb9467e6ed777d3eaf35afc81d758e308aab). The default is 128, which may be too little for your purposes, it was for mine. Setting the value to 0 in an initializer removes the limit and fixes the problem:
Rack::Utils.multipart_part_limit = 0
I would suggest tailoring the value until it fits your needs so your server doesn't run out of file handles. My app uses a massive form and setting it to 512 seemed to work for me.

You can also pass a Environment variable to the app, as you can see here(https://github.com/rack/rack/blob/8d21788798b521b97beb10047ebf593ddc0aaed2/lib/rack/utils.rb#L75).
RACK_MULTIPART_PART_LIMIT=0 rails server

It looks like there is a bug in Rack 1.6 where all HTML input elements get counted as an open file in a multipart form. As others point out, you can change the limit to 0 to disable the feature, or bump the limit.
https://github.com/rack/rack/pull/814