Invalid MIT-MAGIC-COOKIE-1 key

Similar Messages

• Cannot open X application (Invalid MIT-MAGIC-COOKIE-1 key)

  Hi all.
  I'm using SGD EE4 on Fedora 3 and cannot start any X application
  through TTA (not even default xclock).
  The application launch dialog's Launch Details says:
  Xlib: connection to "localhost:10.0" refused by server
  Xlib: Invalid MIT-MAGIC-COOKIE-1 key
  Error: Can't open display: localhost:10.0
  Connection to <my-server> closed.
  And logs says...
  2005/04/10 11:53:09.390 (pid 16966) xpe/xpe #0
  Tarantella Secure Global Desktop Enterprise Edition(4.0) ERROR:
  AUDIT: Sun Apr 10 11:53:09 2005: 16966 ttaxpe:
  2005/04/10 11:53:09.390 (pid 16966) xpe/xpe #2
  Tarantella Secure Global Desktop Enterprise Edition(4.0) ERROR:
  client 1 rejected from IP 127.0.0.1 port 57737
  2005/04/10 11:53:09.390 (pid 16966) xpe/xpe #4
  Tarantella Secure Global Desktop Enterprise Edition(4.0) ERROR:
  Auth name: MIT-MAGIC-COOKIE-1
  I think this may be a permission problem trying to open
  display. X11Forwarding is already set to yes in ssh.
  Any ideas on what else should be customized on a default
  Fedora 3 installation?
  TIA
  Alan.

  Thanks Carmelo.
  That solved my problem.
  Mel O wrote:
  Alan,
  From the command line
  $ tarantella config edit --security-xsecurity 0
  or from the Array Manager
  http://www.tarantella.com/documentation/sgd/ee/4.0/help/en-us/base/standard/am_security.html
  -> xauth
  Regards,
  Carmelo
  Alan Weber wrote:
  Hi all.
  I'm using SGD EE4 on Fedora 3 and cannot start any X application
  through TTA (not even default xclock).
  The application launch dialog's Launch Details says:
  Xlib: connection to "localhost:10.0" refused by server
  Xlib: Invalid MIT-MAGIC-COOKIE-1 key
  Error: Can't open display: localhost:10.0
  Connection to <my-server> closed.
  And logs says...
  2005/04/10 11:53:09.390 (pid 16966) xpe/xpe #0
  Tarantella Secure Global Desktop Enterprise Edition(4.0) ERROR:
  AUDIT: Sun Apr 10 11:53:09 2005: 16966 ttaxpe:
  2005/04/10 11:53:09.390 (pid 16966) xpe/xpe #2
  Tarantella Secure Global Desktop Enterprise Edition(4.0) ERROR:
  client 1 rejected from IP 127.0.0.1 port 57737
  2005/04/10 11:53:09.390 (pid 16966) xpe/xpe #4
  Tarantella Secure Global Desktop Enterprise Edition(4.0) ERROR:
  Auth name: MIT-MAGIC-COOKIE-1
  I think this may be a permission problem trying to open
  display. X11Forwarding is already set to yes in ssh.
  Any ideas on what else should be customized on a default
  Fedora 3 installation?
  TIA
  Alan.

• Dtlogin fails after changing UID - invalid MIT-MAGIC-COOKIE

  The environment is a small stand-alone network of Suns running Solaris 5.10 with no central admin, no DNS. One of the users had login accounts on several machines and asked me to fix it up while he was away. So I consolidated his several home directories onto one machine, changed all the different UIDs on the various Suns to be the same UID, did a chown to match on all the files in his new consolidated home directory, then modified /etc/auto_home on all the machines to point to the new home.
  It all works with console or ssh logins and with dtlogin from the machine on which I didn't change the UID (also where his home now resides). But on the other machines where the UID was changed, trying to log into either CDE or JDS soon comes back to the login screen with an error in .dt/startlog: "invalid MIT-MAGIC-COOKIE-1 key", "Xlib: connection to :0.0 refused by server". I'm guessing the problem is because the user's current UID is different that what it was before on this machine.
  I tried deleting his ~/.*authority files, moving his ~/.dt directory out of the way, and even deleted and recreated the user on one of the remote machines with no joy. This user is going to be mighty unhappy with me when he gets back from vacation next week! Help.
  Edited by: SanDiegoDweller on Aug 12, 2010 7:18 PM -- added a bit more clarification

  Thanks to these suggestions I was able to determine that the X stuff was still referring to the user's old home directory on the local machine rather than his automounted home directory.
  All the local disks were called /export/home -- in an effort to deconfuse myself and make sure I knew which disk space was being used, I changed them to /export/home-A and /export/home-B on machines A and B (renamed the directory and changed /etc/vfstab). All normal logins work, but no X logins work. When logged in as the user, xauth says "error in locking authority file /export/home/user/.Xauthority" but there are no longer any /export/home directories! This is after I've deleted his .Xauthority file. Apparently, the X stuff is remembering somewhere an old path. How can I clean this up?
  Edited by: SanDiegoDweller on Aug 16, 2010 12:54 PM

• What is MIT-MAGIC-COOKIE error

  Hello all,
  I have a user that connects to a server "Server1" using username "User1" in order to run an application they must switch user "User2" and rlogin to a diffrent server "Server2" to run the X application.
  When they start the application they get invalid MIT-MAGIC-COOKIE. What is this error mean. Here are the steps they are doing
  User1 loggs on to Server1 using CDE.
  User1r starts an command tool.
  User1 does a su User2
  User2 does a rlogin to Server2
  User2 sets the DISPALY to Server1
  start the x application
  What is wrong here ?
  Thanks

  What is wrong here ?Aside from the fact that you're using rlogin? :P
  Aniway, you don't specify whether USER1 logs in to SERVER1 directly (is it a Sun workstation running CDE) or whether he/she does this through Exceed or something similar.
  If it's the first scenario the previous person to reply is most probably right.
  If it's the second scenario, setting $DISPLAY to SERVER1:0.0 (and adding SERVER2 to the xhost setting) will not work. You'll have to set your $DISPALY to $WORKSTATION:0.0 and verify that Exceed (or whatever you're using) is configured properly.

• How do I setup a MIT-Magic Cookie for multiple users?

  I need to be able to use TTauthority to allow mutliple users to have access to one main MIT-Magic Cookie random sequence. Currently, we have multiple cookies being created each time a user logs in. However, we cannot see each others processes. This is a huge drawback we are having with depending on Tooltalk. Any suggestions to setup ttauth to allow multiple users to share the same cookie?

  It might work if you don't leave mails on the server.
  In IMAP are the mails from the other accounts showing up at that accounts inbox on the server (webmail) If so you could as well redirect it on server level and not download and then upload.
  What happen if you want to un-delete a message?
  A solution would be send it to a local folder. That way it will be deleted on the mail server and you still have the opportunity to '''move''' it into one of the inboxes

• Invalid magic cookie

  I just installed arch and kde. Everything was fine until I noticed that after I run vim as root I get weird errors. More specifically the error is:
  Invalid MIT-MAGIC-COOKIE-1 keyInvalid MIT-MAGIC-COOKIE-1 keyInvalid MIT-MAGIC-COOKIE-1 key
  It's not preventing me from doing anything, but it's annoying nonetheless. Does anyone know how to fix this?

  The method posted by @onguarde is NOT recommened as Access  is  granted  to  everyone,  even  if they aren't on the list to open windows on your machine.
  As normal user, you should run:
  xhost local:root
  and then root will be able to open X programs. You can edit /root/.bashrc and add the following line:
  export XAUTHORITY=/home/username/.Xauthority
  Where "username" is the user account name that you use. After editing /root/.bashrc, you won't have to issue the command "xhost local:root" anymore after X starts.
  OR even simpler, make a symbolic link to the current - correct - cookie (not tested this but I think it might work):
  su -
  cd /root (if not already there)
  ln -sf /home/username/.Xauthority
  But as @parintachin said is better to run GUI programs with root privileges using ALT+F2 and kdesu(if using KDE) or gksu(if using GNOME) + name of the application.
  I know this thread is a little bit old, but I faced this problem today and wanted to help in some way or another.
  Last edited by Mahara (2010-04-05 12:00:29)

• SQL Data Sync - column type invalid for use as a key column

  Hello,
  our sync group is failing to do the sync. Here's a tracingID:
  For more information, provide tracing ID ‘e3e568b5-140a-4ae5-a4c8-c178c6bf805d’ to customer support.
  I must say, that the column in DB is not a PK or INDEX-ed, it was initially VARCHAR(MAX), after some reading I changed it to VARCHAR(200) and later to TEXT, but the result of syncing is still the same.
  Thank you,
  Bojan

  Hi Bojan,
  The error “column type invalid for use as a key column” could be due to the existence of unsupported data types or column properties when implementing the synchronization. I recommend you check your database according to this article:
  SQL Database Data Types supported by SQL Data Sync.
  Besides, before you design and implement a data synchronization plan, please check the following articles about system requirements for SQL Data Sync and so on.
  System Requirements for SQL Data Sync
  https://msdn.microsoft.com/en-us/library/azure/jj127278.aspx
  Known SQL Data Sync Limits
  https://msdn.microsoft.com/en-us/library/azure/jj590380.aspx
  SQL Data Sync Best Practices
  https://msdn.microsoft.com/en-us/library/azure/hh667328.aspx
  Thanks,
  Lydia Zhang
  Lydia Zhang
  TechNet Community Support

• ERROR ITMS-9000: "This bundle is invalid. The value for key CFBundleVersion...

  Hi
  I've tried to submit to the AppStore my new revision V27 (1.0.5) instead of V28 (1.0.2) for Ipad 1 compatibility but i get this error :
  ERROR ITMS-9000: "This bundle is invalid. The value for key CFBundleVersion [3.2.4.6.88575] in the Info.plist file must contain a higher version than that of the previously uploaded version [3.3.1.3.8
  How could i change the CFBundleVersion ????
  Thanks

  DPS gold support can help you. Please login to your DPS dashboard https://digitalpublishing.acrobat.com/SignIn.html and you'll find the contact information on the bottom of the page

• Invalid or missing cookies with firefox 24

  I have a user that cannot login from firefox 24. Gets Invalid or missing cookie(s) contact your administrator. Login works with IE 10. Anyone else have this problem? He is using Better Privacy and Adblock Plus but both allow Groupwise.
  bill riggs

  Hi
  You could try the following in your webacc.cfg file:
  'Security.UseClientIP.enable=false'
  Let us know how it goes.
  Cheers,

• Security.Cryptography - The specified path is invalid. while accessing the private key stored in LocalMachine store

  Hello,
  I have C# dll which is invoked through a C++ cgi executable which is deployed on apache 2.2. I am getting the following error when I am trying to access the private key of a certificate which is stored in the Localmachine store. It works fine while
  debugging in visual studio.
  It also works fine when I try to access the same certificate from the current user store through apache.
  I have tried running apache as "SYSTEM", even then I get the same error.
  I have followed the right process to import the certificate into the localmachine store through mmc. 
  Error Message:
  The specified path is invalid.
   caused by mscorlib
     at System.Security.Cryptography.Utils.CreateProvHandle(CspParameters parameters, Boolean randomKeyContainer)
     at System.Security.Cryptography.Utils.GetKeyPairHelper(CspAlgorithmType keyType, CspParameters parameters, Boolean randomKeyContainer, Int32 dwKeySize, SafeProvHandle& safeProvHandle, SafeKeyHandle& safeKeyHandle)
     at System.Security.Cryptography.RSACryptoServiceProvider.GetKeyPair()
     at System.Security.Cryptography.RSACryptoServiceProvider..ctor(Int32 dwKeySize, CspParameters parameters, Boolean useDefaultKeySize)
     at System.Security.Cryptography.X509Certificates.X509Certificate2.get_PrivateKey()
     at SamlImplLib.SamlImpl.GetSamlResponse(String sInParamXml, String sInAttrXml)
  The above error is not really helpful as it doesnt tell me which path is invalid as I am not passing any path in my code. I am just accessing the certificate through the X509Certificate2 store
  Thanks in advance

  Hi,
  This is probably because the worker process identity does not have read permission to the machine key store.
  And I agree with you. "The specified path is invalid" is a typical misleading message.
  You may need to clarify the difference between "SYSTEM- User" and "Current-user "through apache. Good Luck!
  Best regards,
  Kristin
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• HTTPURLConnection response with multiple Set-Cookie Header key

  I set up a connection to a server and it gives me a response. This response has two header keys but when I loop through like so many reference and how-to sites tell me I only get one and its the last value.
  This is some code that I'm using:
  for (int i=1; (headerName = conn.getHeaderFieldKey(i))!=null; i++) {
       System.out.println(headerName);
       if (headerName.equals("Set-Cookie")) {                 
                   cookie += conn.getHeaderField(i);   }           
       }Has anyone attempted this successfully? This code was copy and pasted from an example claimed to work but I used it myself and it doesn't work.
  This is the response message:
  HTTP/1.1 302 Moved Temporarily
  Date: Mon, 16 Feb 2009 03:47:47 GMT
  Server: Apache
  Set-Cookie: JSESSIONID=E7C54E0ECE8CCFD89EF91FF8A47E34BC; Path=/
  Location: http://<SITEURL>/redirecting.jsp
  Content-Length: 0
  P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE PSA"
  Keep-Alive: timeout=15, max=15
  Connection: Keep-Alive
  Content-Type: text/html;charset=ISO-8859-1
  Set-Cookie: BIGipServerI2O_pool_A=1815557130.20480.0000; path=/

  I just read in the Bug database that this is a JDK 1.4 bug, with no workaround proposed. I am using JDK 1.3.
  Does anyone out there know about a workaround or what other scheme I could use to do the same thing? (For me it's necessary to set at least the User-Agent and the Cookie headers).

• Invalid Session ID - cookie encode/decode

  Hello,
  I'm looking for the correct combination of cookie encode/decode parameters for my own setup.
  Machine am : AM Server 7.0 on WS6.1
  Machine amc : my own webapps using AM client SDK & protected by a Policy agent. 2.2 Everything within a WS6.1 container.
  After being redirected to AM, I obtain my iPlanetDirectoryPro cookie and my webapp can obtain a SSOToken using the SSOToken token = manager.createSSOToken(String) if obtain the String via Cookie accessor's method.
  No luck with SSOToken token = manager.createSSOToken(HttpServletRequest) which always gives a Invalid Session Id message. I know that this is an encoding problem but I tried many combinations & heard that these settings are not always well documented. I have at the moment :
  am server AMConfig.properties :
  com.iplanet.am.cookie.encode=false
  am client sdk AMConfig.properties :
  com.iplanet.am.cookie.encode=false
  policy agent AMAgent.properties :
  com.sun.identity.agents.config.sso.decode = false
  com.iplanet.am.cookie.encode = false
  Has somebody worked that out ?
  Thanks !
  nieuwenj

  Hi, am using this code:
  AMUtil.java
  import java.io.BufferedReader;
  import java.io.InputStreamReader;
  import java.io.IOException;
  import javax.security.auth.callback.Callback;
  import javax.security.auth.callback.ChoiceCallback;
  import javax.security.auth.callback.NameCallback;
  import javax.security.auth.callback.PasswordCallback;
  import javax.security.auth.callback.TextInputCallback;
  import javax.security.auth.callback.TextOutputCallback;
  import javax.security.auth.callback.UnsupportedCallbackException;
  import com.sun.identity.authentication.AuthContext;
  import com.sun.identity.authentication.spi.AuthLoginException;
  import com.iplanet.am.util.Debug;
  * @author hjimenez
  public class AMUtil {
      private String loginIndexName;
      private String orgName;
      private String user;
      private String password;
       * Creates a new instance of AMUtil
      public AMUtil(String loginIndexName, String orgName) {
          this.loginIndexName = loginIndexName;
          this.orgName = orgName;
      protected AuthContext getAuthContext()
      throws AuthLoginException, com.iplanet.sso.SSOException, Exception {
          AuthContext lc = new AuthContext(orgName);
          AuthContext.IndexType indexType = AuthContext.IndexType.MODULE_INSTANCE;
          lc.login(indexType, loginIndexName);
          debugMessage(loginIndexName + ": Se obtuvo login context");
          return lc;
      private void addLoginCallbackMessage(Callback[] callbacks)
      throws UnsupportedCallbackException {
          int i = 0;
          try {
              for (i = 0; i < callbacks.length; i++) {
                  if (callbacks[i] instanceof TextOutputCallback) {
                      handleTextOutputCallback((TextOutputCallback)callbacks);
  } else if (callbacks[i] instanceof NameCallback) {
  handleNameCallback((NameCallback)callbacks[i]);
  } else if (callbacks[i] instanceof PasswordCallback) {
  handlePasswordCallback((PasswordCallback)callbacks[i]);
  } else if (callbacks[i] instanceof TextInputCallback) {
  handleTextInputCallback((TextInputCallback)callbacks[i]);
  } else if (callbacks[i] instanceof ChoiceCallback) {
  handleChoiceCallback((ChoiceCallback)callbacks[i]);
  } catch (IOException e) {
  e.printStackTrace();
  throw new UnsupportedCallbackException(callbacks[i],e.getMessage());
  private void handleTextOutputCallback(TextOutputCallback toc) {
  debugMessage("Se ejecut� TextOutputCallback");
  // Mostrar mensaje de acuerdo al tipo especificado
  switch (toc.getMessageType()) {
  case TextOutputCallback.INFORMATION:
  debugMessage(toc.getMessage());
  break;
  case TextOutputCallback.ERROR:
  debugMessage("ERROR: " + toc.getMessage());
  break;
  case TextOutputCallback.WARNING:
  debugMessage("WARNING: " + toc.getMessage());
  break;
  default:
  debugMessage("Tipo de mensaje no soportaado: " +
  toc.getMessageType());
  private void handleNameCallback(NameCallback nc)
  throws IOException {
  // asignar usuario
  nc.setName(this.user);
  private void handleTextInputCallback(TextInputCallback tic)
  throws IOException {
  // poner un prompt para obtener datos
  System.out.print(tic.getPrompt());
  System.out.flush();
  tic.setText((new BufferedReader
  (new InputStreamReader(System.in))).readLine());
  private void handlePasswordCallback(PasswordCallback pc)
  throws IOException {
  // asignar password
  String passwd = this.password;
  pc.setPassword(passwd.toCharArray());
  private void handleChoiceCallback(ChoiceCallback cc)
  throws IOException {
  // ignorar el valor default dado
  System.out.print(cc.getPrompt());
  String[] strChoices = cc.getChoices();
  for (int j = 0; j < strChoices.length; j++) {
  System.out.print("choice[" + j + "] : " + strChoices[j]);
  System.out.flush();
  cc.setSelectedIndex(Integer.parseInt((new BufferedReader
  (new InputStreamReader(System.in))).readLine()));
  public boolean login(AuthContext lc)
  throws UnsupportedCallbackException {
  boolean succeed = false;
  Callback[] callbacks = null;
  // obtener informaci�n del m�dulo solicitada
  while (lc.hasMoreRequirements()) {
  callbacks = lc.getRequirements();
  if (callbacks != null) {
  addLoginCallbackMessage(callbacks);
  lc.submitRequirements(callbacks);
  if (lc.getStatus() == AuthContext.Status.SUCCESS) {
  System.out.println("Login exitoso.");
  succeed = true;
  } else if (lc.getStatus() == AuthContext.Status.FAILED) {
  System.out.println("Login fallo.");
  } else {
  System.out.println("Estatus desconocido: " + lc.getStatus());
  return succeed;
  public void logout(AuthContext lc)
  throws AuthLoginException {
  lc.logout();
  System.out.println("Log Out!!");
  static void debugMessage(String msg) {
  System.out.println(msg);
  public String getUser() {
  return user;
  public void setUser(String user) {
  this.user = user;
  public String getPassword() {
  return password;
  public void setPassword(String password) {
  this.password = password;
  and call it from:
  import com.iplanet.sso.SSOToken;
  import com.sun.identity.authentication.AuthContext;
  import com.sun.identity.authentication.spi.AuthLoginException;
  import javax.security.auth.callback.UnsupportedCallbackException;
  import com.iplanet.sso.SSOException;
  import java.net.InetAddress;
  * @author hjimenez
  public class TestLogin {
      /** Creates a new instance of TestLogin */
      public TestLogin() throws SSOException {
       * @param args the command line arguments
      public static void main(String[] args) {
          try {
              // arg0 = LDAP arg1 = tecnet
              AMUtil login = new AMUtil(args[0], args[1]);
              // arg2=usuario arg3=pass
              login.setUser(args[2]);
              login.setPassword(args[3]);
              AuthContext lc = login.getAuthContext();
              if (login.login(lc)) {
                  SSOToken token = lc.getSSOToken();
                  System.out.println("Token asignado: "+token.getTokenID().toString());
                  String host = token.getHostName();
                  java.security.Principal principal = token.getPrincipal();
                  String authType = token.getAuthType();
                  int level = token.getAuthLevel();
                  InetAddress ipAddress = token.getIPAddress();
                  long maxTime = token.getMaxSessionTime();
                  long idleTime = token.getIdleTime();
                  long maxIdleTime = token.getMaxIdleTime();
                  System.out.println("SSOToken host name: " + host);
                  System.out.println("SSOToken Principal name: " +
                          principal.getName());
                  System.out.println("Authentication type used: " + authType);
                  System.out.println("IPAddress of the host: " +
                          ipAddress.getHostAddress());   
                  login.logout(lc); 
          } catch (AuthLoginException e) {
              e.printStackTrace();
          } catch (UnsupportedCallbackException e) {
              e.printStackTrace();
          } catch (SSOException e) {
              e.printStackTrace();
          }  catch (Exception e) {
              e.printStackTrace();

• Suddenly can't open groupwise emails via groupwise app; invalid or missing cookies

  Using my ipad2 I Suddenly can't open groupwise emails via groupwise app; invalid or missing cookies

  Did you just upgrade to iOS v7?
  Are you using Ghost Pattern software to access GroupWise?
  If Yes, they have an update for iOS 7 at
  https://itunes.apple.com/us/app/gw-mail/id335575354?mt=8

• Invalid Windows 7 licence serial key

  I get this popup telling me that my windows 7 64 Home premium is not valid, that it is not real and that I have to get the real deal. Furthermore microsoft asks me to match this windows i use with theirs - leading to them wanting me to buy it.
  Again.
  The thing is, my Windows 7 is real, it came with the computer and I have not changed it, and has been working perfectly fine for over a year until a few weeks ago, when this notification showed.
  Now I am having all kind of trouble, most of them internetbased seeming the computer turns of my internetconnection all the time.
  What do I do?
  I am somewhat a noob and have not messed around with computers since XP.
  Best regards // Ican

  I'm not sure that this is what you have done but if not try it:
  Call Microsoft Using Manual Phone Activation
  1. Open Windows Activation - click the Start button, right click Computer, click Properties, then click the option to activate Windows now or change your key.
  2. Click Show me other ways to activate.
  3. Type your Windows 7 product key, and then click Next.
  4. Click Use the automated phone system.
  5. Click the location nearest you from the drop-down list, and then click Next.
  6. Call one of the available phone numbers listed.
  7. Do not select any options and wait for a person to pick up, then explain what happened.

• Mein Iphone 3GS IOS 6.3.1. stürzt regelmäßig ab. Mit folgenden Crash Reporter Key: e6b80adf3a1c4ccee285b41ebe471fc6c0a3980d Was bedeutet das?

  How do I get information on crash information on my Iphone? It's an Iphone 3GS with the IOS 6.3.1.
  Crash Reporter Key: e6b80adf3a1c4ccee285b41ebe471fc6c0a3980d