I have installed the basic jUDDI Server in my machine. I am able to Register the Service and able to read my Service info as a new user. I want to restrict the users who wants to look up my services. I want only my clients to access these information. I want to authenticate them so only my clients can view the business, service, tModel, Binding Template information. How can I achieve this? Can any body help me get through this?
Try turning on the setting the requires authentication for the inquiry API. You can find it in the juddiv3.xml config file for the server. Here's the xpath to get you there.
config/juddi/auth/Inquiry=true
Future readers, the documentation is located here for the current release (as of this time of this post)
https://juddi.apache.org/docs/3.3/juddi-guide/html/ch04.html#_administering_users_and_access_control
but the website https://juddi.apache.org/docs.html will get you to whatever is current. The docs (that website) is also available as part of the distribution and (i think) maven artifacts
Related
I'm working on Sitecore 7 and I have configured the Sitecore GeoIP module (Sitecore IP Geolocation Service Client 1.2 rev. 150602.zip) on our site.
Sitecore IP Geolocation Service is running on our site's App Center.
When I tried to use its functionality with the personalization, it seems not working.
I created the following condition for a component of a page using the presentation details --> personalize
But when I access the site from the give country, the item is still exists on the page (which need to be hidden).
I did test the GeoIp module using the TestIp.aspx page and it's tracking the ip data correctly.
Can someone please advice on this.
Thanks.
UPDATE
This actually works. There is a ip caching mechanism with the MaxMind service.
When the ip is cached the change that we made from sitecore client is not getting activated for certain time.
Is there are any config change that we can do to change or skip this caching mechanism ?
Thanks.
Sitecore's GeoIP/MaxMind module does not resolve GeoIP information in real time. It does this in batch background processes - for performance reasons, no doubt.
I can show you a way to change this, but I would not recommend you do this in practice on any real site as calls to the MaxMind service can take a while and will block your page load until they complete.
You need to add a processor to your httpRequest pipeline, early as possible, that forces a lookup for the client IP. It will then be cached for subsequent page loads.
Sitecore.Analytics.Lookups.LookupManager.GetInformationByIp(string ip)
Where the ip argument will be your request Host.
But as I said, I really would not recommend doing it like this, unless your site is very light weight.
My suggestion to you instead of this, will be to build something up around the GeoLite database that MaxMind provides, free of charge. You will then perform lookups in a local database (instead of a web service) - for an example of how this could be done, look here:
http://sitecoresnippets.blogspot.dk/2011/12/sitecore-geoip-country-resolving-jump.html#.Vhdui_l_NBc
The WSO2IS sample app instructions are less than accurate and there are some key details to the instructions are missing. Does anyone have a complete set of instructions that will actually produce a working example?
Also, it seems like localhost is coded everywhere, some guidance on how to add and update the service provider and identity provider that are on different hosts is important.
also, is the patch or service pack needed for this to run correctly? That info is not in the documentation or blogs I've been reading from WSO2
I've written a post on configuring the sample for a tenant scenario1. You should be able to configure using this. Change the hostname of SAML.IdPUrl in WEB-INF/classes/travelocity.property to that of IS. Change Assertion Consumer URL at SP registration and on WEB-INF/classes/travelocity.property to that of SP(travelocit app).
1 - how-to-configure-identity-server-sso
I came across an issue where a customer is able to open a SAP wsdl using net-beans as well as in .Net but not in soap UI.
When i checked the wsdl i found that service as well as binding tags are not defined or no such tags included. wsdl ends with port-type information.
In soap UI i got an error like no content in the file and when i try to open it in eclipse i am able to open it using web explorer window, but service as well binding information fields are empty. I could see ws-policy elements in customers wsdl.
How he might have produced a wsdl without binding and service information ?
What would be the reason he is telling it is working in .Net?
I am not sure about .Net tools.
Is there any web service client tool which can open the operations without endpoint /service information and send request/response ?..
please help
thank you for your time.
I only know a bit about the first question, can't help you with the other ones...
You can request two "flavors" of WSDL from a NW/ABAP system. This is related to the fact that the implementation (programming) of the service is usually performed on a different system and by different people than the configuration of the service.
After the service (or rather a service definition) has been implemented, you can get what's called a "design-time WSDL document". This document does not include the endpoint information - it cannot, because that would require technical information about the target system landscape and its configuration that is simply not available yet.
From the service definition, an administrator can create a configuration. This includes the binding information as well as stuff like base URL, security settings, transport layer settings and so on. With this configuration, you can generate a second WSDL document that contains the actual endpoint configuration.
Hello smart people on stackoverflow,
I would be very happy if someone could point me to the right libraries/frameworks to do what I want.
We have the following web architecture set up.
1. We have a tomcat server that offers REST services.
2. We have an apache2 server that serves up php pages to users.
a. Some of these php pages make REST calls to tomcat for data.
b. Other php pages contain javascript that makes REST calls that are routed through apache2 via mod_proxy to tomcat. e.g. All request to http://myapache.com/PASSTOTOMCAT/rest/getSecureData would go to tomcat.
Now, I'm asked to add authentication to everything, both the user pages as well as the REST calls. It would obviously be ideal for the user to sign-in once for access to both.
What library can I use for this? I don't think I can use any php-based solution (ie. one that involves adding a ) because the pass-through url's won't have a chance to add this code and check for authentication. I think I need to use something built into apache2 itself.
One minor requirement is that I would like the user credentials stored in a mysql database as opposed to a file.
Am I over-thinking this?
Thanks in advance
Well it's been 5 days, so I guess I'll answer my own question...
I ended up using the new mod_auth_form for authentication because it lets you use a nice stylized webpage to log users in.
I also used mod_dbd to access user credentials in mysql.
I couldn't find a nice tutorial on this so I struggled through the installation and setup a bit, but if anyone cares, I created a set of instructions on my blog in case anyone else tries to do the same thing.
Installation
Setup
We currently have an application that runs an embedded jetty 6.1.14 server to which we need to add authentication via Kerberos. I'm new to Kerberos, which makes the task about 100x harder that maybe it should be. I've scoured the internet and have found conflicting reports as to whether or not it is even possible but nothing much to provides guidance as to how to proceed.
I've managed to have the server basically be able to authenticate the users via kerberos but can't find away to have the client automatically send its kerberos ticket: I have to use the from auth-method, though there are hints that this may be using filters, which are very poorly documented.
My question - and I apologize for it being a bit vague, I've not been this exasperated in quite a long time - is to request some guidance for plugging in kerberos authentication without login forms in Jetty 6? Or am I just out of luck? Has anyone added this type of authentication to jetty 6?
If Jetty supports Servlet Filters (JSR-53), then this open source project http://spnego.sourceforge.net might be what you are looking for.
You have to prepare your domain environment first. Make sure that your server if part of your domain (joined it). Then you have to create an machine account and assign an SPN. If you have done that, create a keytab for that account. From now on a client will be able to search for the host in the domain and create a ticket for. Then comes Jetty into play.