Local host give errors 403
I have a local host set up using XAMPP. Until recently this worked fine. Now, when I try to access files using http://local host, I get error 403 Forbidden.
== URL of affected sites ==
http://
iam using xp professional
and firefox 3.6.
i have instled iis
iam gettin problem in getting localhost
iamgetting error
"firefo cannot estblish a connection to the localhost "
Similar Messages
-
Local host & DC error during NW04s trial installation
Hi everybody!
I am trying to install SAPNW2004sJavaSP9_Trial with setup.bat as well as the sapinst.exe file of SAP_NetWeaver_2004s_SR_1_Installation_Master_DVD__ID__NW05SR1_IM1. I tried it both with Domain user (with all the local administrator rights assigned like 'Act as part of OS' and 'Replace a process level token') as well as the local 'Administrator' account. The installation always stops when I select Next after selecting JCE policy file with the following Warnings and Errors log:
WARNING 2008-03-12 09:40:46
The install parameter INSTPARA_DB is already defined (existing value IND, new value ADA ).
WARNING 2008-03-12 09:44:01
Error 5 (Access is denied.
) in execution of a 'RegOpenKeyEx' function, line (69), with parameter (SYSTEM\CurrentControlSet\Services\McAfeeFramework).
WARNING 2008-03-12 09:44:01
The subkey 'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\McAfeeFramework' does not exist on the 'localhost' host.
ERROR 2008-03-12 09:44:01
MOS-01185 The subkey 'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\McAfeeFramework' does not exist on the 'localhost' host.
ERROR 2008-03-12 09:44:01
FCO-00011 The step collect with step key |NW_Java_OneHost|ind|ind|ind|ind|0|0|NW_Onehost_System|ind|ind|ind|ind|1|0|NW_GetSidNoProfiles|ind|ind|ind|ind|1|0|collect was executed with status ERROR .
Does anybody have any clue with this issue?
Suitable points await for corrective answer.
Regards,
AQI resolved the issue myself. Actually it was McAfee virus scan whose services were not being disabled properly which was in conflict...
-
Cloning of database to same host give error, unable to re-create online log
clone the database to same host
oracle version: 9.2.0.5
os HP
target db: tardb
catlog catlog
auxiliary: auxbr
After running this script, I am getting error unable to re-create online log.
RMAN-00571: ===========================================================
RMAN-00569: =============== ERROR MESSAGE STACK FOLLOWS ===============
RMAN-00571: ===========================================================
RMAN-03002: failure of Duplicate Db command at 06/08/2009 23:17:38
RMAN-03015: error occurred in stored script Memory Script
RMAN-06136: ORACLE error from auxiliary database: ORA-00344: unable to re-create online log '/db/app/oracle/product/9.2.0.5/dbs/ /db
/redolog.001/catalog1/catalog1_log1.rdo'
ORA-27040: skgfrcre: create error, unable to create file
HP-UX Error: 2: No such file or directory
I tried to shutdown, and mount, recover with backup contorlfile until cancel. and open with reset logs ,
I am not able to make the copy of the database on same host.
Help is appreciated.
complete error log
oracle@dimondz{auxbr}/db/app/oracle/dba/sql> sqlplus '/as sysdba'
SQL*Plus: Release 9.2.0.5.0 - Production on Mon Jun 8 23:11:23 2009
Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved.
Connected to an idle instance.
SQL> startup nomount pfile='/db/app/oracle/admin/catlog/pfile/initauxbr.ora';
ORACLE instance started.
Total System Global Area 219115512 bytes
Fixed Size 737272 bytes
Variable Size 83886080 bytes
Database Buffers 134217728 bytes
Redo Buffers 274432 bytes
SQL> create spfile from pfile='/db/app/oracle/admin/catlog/pfile/initauxbr.ora';
File created.
SQL> exit
Disconnected from Oracle9i Enterprise Edition Release 9.2.0.5.0 - 64bit Production
With the Partitioning option
JServer Release 9.2.0.5.0 - Production
oracle@dimondz{auxbr}/db/app/oracle/dba/sql>
oracle@dimondz{auxbr}/db/app/oracle/dba/sql> rman
Recovery Manager: Release 9.2.0.5.0 - 64bit Production
Copyright (c) 1995, 2002, Oracle Corporation. All rights reserved.
RMAN> connect catalog rman/rman@catlog
connected to recovery catalog database
RMAN> connect target sys/dimondz@tardb
connected to target database: tardb (DBID=3063303886)
RMAN> connect auxiliary sys/dimondz@auxbr
connected to auxiliary database: auxbr (not mounted)
RMAN>
RMAN> RUN
2> {
3> SET NEWNAME FOR DATAFILE 1 TO '/db/catalog1.001/oradata/system01.dbf';
4>
5> SET NEWNAME FOR DATAFILE 2 TO '/db/catalog1.001/oradata/undotbs01.dbf';
6>
SET NEWNAME FOR DATAFILE 3 TO '/db/catalog1.001/oradata/ptest01.dbf';
7> 8>
9> SET NEWNAME FOR DATAFILE 4 TO '/db/catalog1.001/oradata/users_01.dbf';
10>
11> SET NEWNAME FOR DATAFILE 5 TO '/db/catalog1.001/oradata/drsys_01.dbf';
12>
13> SET NEWNAME FOR DATAFILE 6 TO '/db/catalog1.001/oradata/qms_dat_01.dbf';
14>
15> SET NEWNAME FOR DATAFILE 7 TO '/db/catalog1.001/oradata/ultradat_01.dbf';
16>
17> SET NEWNAME FOR DATAFILE 11 TO '/db/catalog1.001/oradata/xmltbs_01.dbf';
18>
19> DUPLICATE TARGET DATABASE TO auxbr
20>
21> pfile=/db/app/oracle/admin/catlog/pfile/initauxbr.ora
22> logfile
23> ' /db/redolog.001/catalog1/catalog1_log1.rdo' size 5m,
24> ' /db/redolog.003/catalog1/catalog1_log2.rdo' size 5m,
25> ' /db/redolog.002/catalog1/catalog1_log3.rdo' size 5m;
26> }
executing command: SET NEWNAME
executing command: SET NEWNAME
executing command: SET NEWNAME
executing command: SET NEWNAME
executing command: SET NEWNAME
executing command: SET NEWNAME
executing command: SET NEWNAME
executing command: SET NEWNAME
Starting Duplicate Db at 08-JUN-09
allocated channel: ORA_AUX_DISK_1
channel ORA_AUX_DISK_1: sid=11 devtype=DISK
printing stored script: Memory Script
set until scn 229907626;
set newname for datafile 1 to
"/db/catalog1.001/oradata/system01.dbf";
set newname for datafile 2 to
"/db/catalog1.001/oradata/undotbs01.dbf";
set newname for datafile 3 to
"/db/catalog1.001/oradata/ptest01.dbf";
set newname for datafile 4 to
"/db/catalog1.001/oradata/users_01.dbf";
set newname for datafile 5 to
"/db/catalog1.001/oradata/drsys_01.dbf";
set newname for datafile 6 to
"/db/catalog1.001/oradata/qms_dat_01.dbf";
set newname for datafile 7 to
"/db/catalog1.001/oradata/ultradat_01.dbf";
set newname for datafile 11 to
"/db/catalog1.001/oradata/xmltbs_01.dbf";
restore
check readonly
clone database
executing script: Memory Script
executing command: SET until clause
executing command: SET NEWNAME
executing command: SET NEWNAME
executing command: SET NEWNAME
executing command: SET NEWNAME
executing command: SET NEWNAME
executing command: SET NEWNAME
executing command: SET NEWNAME
executing command: SET NEWNAME
Starting restore at 08-JUN-09
using channel ORA_AUX_DISK_1
channel ORA_AUX_DISK_1: starting datafile backupset restore
channel ORA_AUX_DISK_1: specifying datafile(s) to restore from backup set
restoring datafile 00001 to /db/catalog1.001/oradata/system01.dbf
restoring datafile 00002 to /db/catalog1.001/oradata/undotbs01.dbf
restoring datafile 00003 to /db/catalog1.001/oradata/ptest01.dbf
restoring datafile 00004 to /db/catalog1.001/oradata/users_01.dbf
restoring datafile 00005 to /db/catalog1.001/oradata/drsys_01.dbf
restoring datafile 00006 to /db/catalog1.001/oradata/qms_dat_01.dbf
restoring datafile 00007 to /db/catalog1.001/oradata/ultradat_01.dbf
restoring datafile 00011 to /db/catalog1.001/oradata/xmltbs_01.dbf
channel ORA_AUX_DISK_1: restored backup piece 1
piece handle=/dump/DBA/RMAN/tardb_bkup/db_tardb_f_04kgt77h tag=WHOLE_DATABASE_tardb params=NULL
channel ORA_AUX_DISK_1: restore complete
Finished restore at 08-JUN-09
sql statement: CREATE CONTROLFILE REUSE SET DATABASE "auxbr" RESETLOGS ARCHIVELOG
MAXLOGFILES 5
MAXLOGMEMBERS 5
MAXDATAFILES 100
MAXINSTANCES 1
MAXLOGHISTORY 907
LOGFILE
GROUP 1 ' /db/redolog.001/catalog1/catalog1_log1.rdo' SIZE 5242880 ,
GROUP 2 ' /db/redolog.003/catalog1/catalog1_log2.rdo' SIZE 5242880 ,
GROUP 3 ' /db/redolog.002/catalog1/catalog1_log3.rdo' SIZE 5242880
DATAFILE
'/db/catalog1.001/oradata/system01.dbf'
CHARACTER SET UTF8
printing stored script: Memory Script
switch clone datafile all;
executing script: Memory Script
datafile 2 switched to datafile copy
input datafilecopy recid=1 stamp=689037446 filename=/db/catalog1.001/oradata/undotbs01.dbf
datafile 3 switched to datafile copy
input datafilecopy recid=2 stamp=689037446 filename=/db/catalog1.001/oradata/ptest01.dbf
datafile 4 switched to datafile copy
input datafilecopy recid=3 stamp=689037446 filename=/db/catalog1.001/oradata/users_01.dbf
datafile 5 switched to datafile copy
input datafilecopy recid=4 stamp=689037446 filename=/db/catalog1.001/oradata/drsys_01.dbf
datafile 6 switched to datafile copy
input datafilecopy recid=5 stamp=689037446 filename=/db/catalog1.001/oradata/qms_dat_01.dbf
datafile 7 switched to datafile copy
input datafilecopy recid=6 stamp=689037446 filename=/db/catalog1.001/oradata/ultradat_01.dbf
datafile 11 switched to datafile copy
input datafilecopy recid=7 stamp=689037446 filename=/db/catalog1.001/oradata/xmltbs_01.dbf
printing stored script: Memory Script
set until scn 229907626;
recover
clone database
delete archivelog
executing script: Memory Script
executing command: SET until clause
Starting recover at 08-JUN-09
using channel ORA_AUX_DISK_1
starting media recovery
channel ORA_AUX_DISK_1: starting archive log restore to default destination
channel ORA_AUX_DISK_1: restoring archive log
archive log thread=1 sequence=3
channel ORA_AUX_DISK_1: restoring archive log
archive log thread=1 sequence=4
channel ORA_AUX_DISK_1: restored backup piece 1
piece handle=/dump/DBA/RMAN/tardb_bkup/db_arch_tardb_f_06kgt7ih tag=ARCHIVE_LOG_tardb_BACKUP params=NULL
channel ORA_AUX_DISK_1: restore complete
archive log filename=/oradump/oradata/catlog/arch/catlog-1231663410_1_3.arc thread=1 sequence=3
channel clone_default: deleting archive log(s)
archive log filename=/oradump/oradata/catlog/arch/catlog-1231663410_1_3.arc recid=1 stamp=689037447
archive log filename=/oradump/oradata/catlog/arch/catlog-1231663410_1_4.arc thread=1 sequence=4
channel clone_default: deleting archive log(s)
archive log filename=/oradump/oradata/catlog/arch/catlog-1231663410_1_4.arc recid=2 stamp=689037447
media recovery complete
Finished recover at 08-JUN-09
printing stored script: Memory Script
shutdown clone;
startup clone nomount pfile= '/db/app/oracle/admin/catlog/pfile/initauxbr.ora';
executing script: Memory Script
database dismounted
Oracle instance shut down
connected to auxiliary database (not started)
Oracle instance started
Total System Global Area 219115512 bytes
Fixed Size 737272 bytes
Variable Size 83886080 bytes
Database Buffers 134217728 bytes
Redo Buffers 274432 bytes
sql statement: CREATE CONTROLFILE REUSE SET DATABASE "auxbr" RESETLOGS ARCHIVELOG
MAXLOGFILES 5
MAXLOGMEMBERS 5
MAXDATAFILES 100
MAXINSTANCES 1
MAXLOGHISTORY 907
LOGFILE
GROUP 1 ' /db/redolog.001/catalog1/catalog1_log1.rdo' SIZE 5242880 ,
GROUP 2 ' /db/redolog.003/catalog1/catalog1_log2.rdo' SIZE 5242880 ,
GROUP 3 ' /db/redolog.002/catalog1/catalog1_log3.rdo' SIZE 5242880
DATAFILE
'/db/catalog1.001/oradata/system01.dbf'
CHARACTER SET UTF8
printing stored script: Memory Script
catalog clone datafilecopy "/db/catalog1.001/oradata/undotbs01.dbf";
catalog clone datafilecopy "/db/catalog1.001/oradata/ptest01.dbf";
catalog clone datafilecopy "/db/catalog1.001/oradata/users_01.dbf";
catalog clone datafilecopy "/db/catalog1.001/oradata/drsys_01.dbf";
catalog clone datafilecopy "/db/catalog1.001/oradata/qms_dat_01.dbf";
catalog clone datafilecopy "/db/catalog1.001/oradata/ultradat_01.dbf";
catalog clone datafilecopy "/db/catalog1.001/oradata/xmltbs_01.dbf";
switch clone datafile all;
executing script: Memory Script
cataloged datafile copy
datafile copy filename=/db/catalog1.001/oradata/undotbs01.dbf recid=1 stamp=689037456
cataloged datafile copy
datafile copy filename=/db/catalog1.001/oradata/ptest01.dbf recid=2 stamp=689037456
cataloged datafile copy
datafile copy filename=/db/catalog1.001/oradata/users_01.dbf recid=3 stamp=689037456
cataloged datafile copy
datafile copy filename=/db/catalog1.001/oradata/drsys_01.dbf recid=4 stamp=689037457
cataloged datafile copy
datafile copy filename=/db/catalog1.001/oradata/qms_dat_01.dbf recid=5 stamp=689037457
cataloged datafile copy
datafile copy filename=/db/catalog1.001/oradata/ultradat_01.dbf recid=6 stamp=689037457
cataloged datafile copy
datafile copy filename=/db/catalog1.001/oradata/xmltbs_01.dbf recid=7 stamp=689037457
datafile 2 switched to datafile copy
input datafilecopy recid=1 stamp=689037456 filename=/db/catalog1.001/oradata/undotbs01.dbf
datafile 3 switched to datafile copy
input datafilecopy recid=2 stamp=689037456 filename=/db/catalog1.001/oradata/ptest01.dbf
datafile 4 switched to datafile copy
input datafilecopy recid=3 stamp=689037456 filename=/db/catalog1.001/oradata/users_01.dbf
datafile 5 switched to datafile copy
input datafilecopy recid=4 stamp=689037457 filename=/db/catalog1.001/oradata/drsys_01.dbf
datafile 6 switched to datafile copy
input datafilecopy recid=5 stamp=689037457 filename=/db/catalog1.001/oradata/qms_dat_01.dbf
datafile 7 switched to datafile copy
input datafilecopy recid=6 stamp=689037457 filename=/db/catalog1.001/oradata/ultradat_01.dbf
datafile 11 switched to datafile copy
input datafilecopy recid=7 stamp=689037457 filename=/db/catalog1.001/oradata/xmltbs_01.dbf
printing stored script: Memory Script
Alter clone database open resetlogs;
executing script: Memory Script
RMAN-00571: ===========================================================
RMAN-00569: =============== ERROR MESSAGE STACK FOLLOWS ===============
RMAN-00571: ===========================================================
RMAN-03002: failure of Duplicate Db command at 06/08/2009 23:17:38
RMAN-03015: error occurred in stored script Memory Script
RMAN-06136: ORACLE error from auxiliary database: ORA-00344: unable to re-create online log '/db/app/oracle/product/9.2.0.5/dbs/ /db
/redolog.001/catalog1/catalog1_log1.rdo'
ORA-27040: skgfrcre: create error, unable to create file
HP-UX Error: 2: No such file or directory
RMAN>
I tried to shutdown and open with resetlogs , it still error
oracle@dimondz{auxbr}/db/app/oracle/dba/sql> sqlplus '/as sysdba'
SQL*Plus: Release 9.2.0.5.0 - Production on Mon Jun 8 23:27:05 2009
Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved.
Connected to:
Oracle9i Enterprise Edition Release 9.2.0.5.0 - 64bit Production
With the Partitioning option
JServer Release 9.2.0.5.0 - Production
SQL> shutdown immediate;
ORA-01109: database not open
Database dismounted.
ORACLE instance shut down.
SQL> startup mount;
ORACLE instance started.
Total System Global Area 219115512 bytes
Fixed Size 737272 bytes
Variable Size 83886080 bytes
Database Buffers 134217728 bytes
Redo Buffers 274432 bytes
Database mounted.
SQL> recover database until cancel using backup controlfile;
ORA-00279: change 229907626 generated at 06/06/2009 11:58:09 needed for thread
1
ORA-00289: suggestion : /oradump/oradata/catlog/arch/catlog-1814470384_1_5.arc
ORA-00280: change 229907626 for thread 1 is in sequence #5
Specify log: {<RET>=suggested | filename | AUTO | CANCEL}
CANCEL
Media recovery cancelled.
SQL> alter database open resetlogs;
alter database open resetlogs
ERROR at line 1:
ORA-00344: unable to re-create online log '/db/app/oracle/product/9.2.0.5/dbs/
/db/redolog.001/catalog1/catalog1_log1.rdo'
ORA-27040: skgfrcre: create error, unable to create file
HP-UX Error: 2: No such file or directory
SQL>
Thanks, Your help and guide will appreciated very much.Hello,
The directory for the creation of the logfiles does not exist, from the error:
RMAN-06136: ORACLE error from auxiliary database: ORA-00344: unable to re-create online log '/db/app/oracle/product/9.2.0.5/dbs/ /db
/redolog.001/catalog1/catalog1_log1.rdo'
ORA-27040: skgfrcre: create error, unable to create file
HP-UX Error: 2: No such file or directoryI.e., there is no such directory as *'/db/app/oracle/product/9.2.0.5/dbs/ /db/redolog.001/catalog1/catalog1_log1.rdo'*
Your db_recovery_file_dest parameter may be set here, therefore change this:
'/db/redolog.001/catalog1/catalog1_log1.rdo' size 5m,
' /db/redolog.003/catalog1/catalog1_log2.rdo' size 5m,
' /db/redolog.002/catalog1/catalog1_log3.rdo' size 5m;To this:
'catalog1_log1.rdo' size 5m,
'catalog1_log2.rdo' size 5m,
'catalog1_log3.rdo' size 5m;And try again. -
Hi everyone
I am trying to invoke a servlet from a jsp file,running in Jrun3.1.My jsp files are working fine but when the jsp forwards control to servlet,It gives error:403 forbidden.
I'm using
<jsp:forward page="web-inf/servlets/Demoservlet"/>
Can anyone help me with this.Hi everyone
I am trying to invoke a servlet from a jsp
file,running in Jrun3.1.My jsp files are working fine
but when the jsp forwards control to servlet,It gives
error:403 forbidden.
I'm using
<jsp:forward
<jsp:forward
ward page="web-inf/servlets/Demoservlet"/>
Can anyone help me with this.
I may wrong but you don't need to specify web-inf in the servlet path... so <jsp:forward page="/servlets/DemoServlet"/> should work. Have you check the log file for any information ?
Sylvain Gibier -
How to resolve error 403 response error code
Hi to All
Openstream to a webpage like google.com works fine, but openstream wid a search string like following gives error 403.
http://www.google.co.in/search?hl=en&q=forums&btnG=Search&meta=
Can anyone help with working around this??
Thanksthats problem with the openstream
corrected code is here
URL urlObject = new URL("http://www.whitepages.com/10001/search/ReversePhone?phone=5056629477");
//URL urlObject = new URL("http://www.google.com/search?q=$looknum&hl=en&pb=r&sa=X&oi=rwp&ct=title");
URLConnection con = urlObject.openConnection();
con.setRequestProperty( "User-Agent", "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0; H010818)" );
System.out.println( "length: "+con.getContentLength() );
System.out.println( "content: "+con.getContent() );
System.out.println( "type"+con.getContentType() );
File file = new File("outfilename.txt");
InputStream st = con.getInputStream();
int c;
while( (c=st.read()) != -1 ) {
System.out.print( (char)c );
//System.out.println("urlObject.getContent :"+urlObject.getContent());
//System.out.println("urlObject.getFile :"+urlObject.getFile());
catch (java.net.MalformedURLException exception){
exception.printStackTrace();
That can be usefull for some other one as me -
UPK - Player gives HTTP Error 403 error
I have created a animation using UPK. A player.exe was generated. It was playing fine on my local drive but when I post it to shared interface it gives me this error -
Contact localhost:3282 home
HTTP Error 403 - Forbidden
Internet Explorer
Have anyone of you encountered this? Please help.
ThanksJay,
You should use this URL:
https://ipaddress/certsrv/mscep
If you try to get the cert from an http address, you will get an error. You should be using https. Also, the mscep.dll should not be part of the URL.
You can test this connectivity from any browser by putting that URL in the sddress bar. You should see a page similar to this:
Please Rate Helpful posts and mark this question as answered if, in fact, this does answer your question. Otherwise, feel free to post follow-up questions.
Charles Moreton -
Error on invoking a webservice by giving ip address instead of local host
Hi,
I created a web service through jdeveloper and tried accessing the webservice generated WSDl file by giving ip address of my machine , but it throws me an error stating IE cannot display the web page . The same web service is running fine when giving local host on the Web service URL .
Looking frwd fr sme help
Thanks in advance
RagavenHi,
your WebLogic server is not setup to listen for the IP address. You can change this in the WLS console for the server configuration. Note that when you install WLS and don't define any hostname then it will listen to all addresses (which also is the default for the integrated WLS)
Frank -
Event ID 1012 - There was an error while attempting to read the local hosts file
When I start my Computer after it has been turned off overnight (switched off at the Power supply) I get a Blue screen and have to reboot the PC. in the Event log it has this error: Event ID 1012 - DNS client events - There was an error while attempting
to read the local hosts file.
Once the PC has booted evrything is O.K. I can restart the PC with no problems, it only seems to happen if the PC has been switched off for a while.
I am connected to the net via an Netgear dg834v4 Modem/Router
Windows 7 Ultimate
Intel Q8200 CPU
2 x 360 Gb HDD
ATI 4680 !Gb Video Card
Digital HDA X-Mystique 7.1 Sound Card
Aver media 777 TV Tuner card.
Thank you
jeepers01
After further Investigation it seems that this error is Not responsible for my Blue screening......I started my PC after leaving it off all night, and it started normally, but i still have this error in the Event Log - System.....I have searched the Technet
forums (and there is a lot of ID 1012 errors) but non relating to my problem....If anyone knows what is causing this error and how to fix it, i'd be Grateful....although it does not seem to affect the PC in any way that i can see.
thanks
jeepers01Since Windows system uses separated user mode and kernel mode memory space, stop errors are always caused by kernel portion components, such as a third-party device drivers, backup software or anti-virus services (buggy services).
The system goes to a BSOD because there is some exceptions happened in the kernel (either the device driver errors or the service errors), and Windows implements this mechanism: When it detects some errors occur in the kernel, it will kill the box in case
some more severe damage happens. Then we get a blue screen or the system reboots (it depends on what the system settings are).
To troubleshoot this kind of kernel crash issue, we need to debug the crashed system dump. Unfortunately, debugging is beyond what we can do in the forum. A suggestion would be to contact Microsoft Customer Service and Support (CSS) via telephone so that
a dedicated Support Professional can assist with your request. Please be advised that contacting phone support will be a charged call.
To obtain the phone numbers for specific technology request please take a look at the web site listed below:
Microsoft - Help and Support
If you are outside the US please see
Microsoft Worldwide Home for regional support phone numbers.
Meantime we can try some available steps as a general troubleshoot.
1. Please remove the antivirus and run the system with a period. If the issue does not occur, mainly focus on antivirus settings and compatibility.
2. Disable Automatic Restart and see detail information on the blue screen.
1).Click Start, in the Start Search box enter sysdm.cpl.
2).Click the tab Advanced. Under Startup and Recovery, click the Settings button.
3). Uncheck “Automatically restart”.
4). On the drop-down menu “Write debugging information”, choose “Small memory dump”.
5). Click OK.
When Blue Screen displays, you may find some useful information.
Arthur Xie - MSFT -
recently purchased a 2nd handed iphone 4s(that's all i afford) but when trying to create icloud account it give me "com.apple.appleaccount error 403" message. I am asking for support and advice.
Did you already check this post?
Re: I am facing problem in signing in iCloud on my iPhone. when I enter my Apple ID, I got the message which is: "The Operation could't be completed. (com.apple.appleaccount error 403.)" Kindly solve my problem. I want to sign iCloud from my iPhone.worri -
firefox 7.0 - Can not upload the file from local machine to server...gives "error 404 : file not found"
you have not understood my point
how does this code will run on servlet when I want to upload a file from client's
machine to server machine
what I am doing is I am giving an option to the user that he/she can browse the file and then select any file and finally it's action is post in the jsp form for which I have sent the code
All the computers are connected in LAN
So how to upload a file from client's machine to server's machine
Plz give me a solution -
I just downloaded the free version of doodle jump, and I wanted to get the upgrade on my IPod Touch. But there is a local host error problem. How do I fix this?
- Reset the iOS device. Nothing will be lost
Reset iOS device: Hold down the On/Off button and the Home button at the same time for at
least ten seconds, until the Apple logo appears.
- Power off and then back on your router
.- Reset network settings: Settings>General>Reset>Reset Network Settings
- Try when connect to another network -
Apache server + mod_python - Error 403
Hi.
I'm totally new in Apache server. As topic says, I have problems with permissions to my server directory. Here's my httpd.conf file:
# This is the main Apache HTTP server configuration file. It contains the
# configuration directives that give the server its instructions.
# See <URL:http://httpd.apache.org/docs/2.4/> for detailed information.
# In particular, see
# <URL:http://httpd.apache.org/docs/2.4/mod/directives.html>
# for a discussion of each configuration directive.
# Do NOT simply read the instructions in here without understanding
# what they do. They're here only as hints or reminders. If you are unsure
# consult the online docs. You have been warned.
# Configuration and logfile names: If the filenames you specify for many
# of the server's control files begin with "/" (or "drive:/" for Win32), the
# server will use that explicit path. If the filenames do *not* begin
# with "/", the value of ServerRoot is prepended -- so "logs/access_log"
# with ServerRoot set to "/usr/local/apache2" will be interpreted by the
# server as "/usr/local/apache2/logs/access_log", whereas "/logs/access_log"
# will be interpreted as '/logs/access_log'.
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
# Do not add a slash at the end of the directory path. If you point
# ServerRoot at a non-local disk, be sure to specify a local disk on the
# Mutex directive, if file-based mutexes are used. If you wish to share the
# same ServerRoot for multiple httpd daemons, you will need to change at
# least PidFile.
ServerRoot "/etc/httpd/"
# Mutex: Allows you to set the mutex mechanism and mutex file directory
# for individual mutexes, or change the global defaults
# Uncomment and change the directory if mutexes are file-based and the default
# mutex file directory is not on a local disk or is not appropriate for some
# other reason.
# Mutex default:/run/httpd
# Listen: Allows you to bind Apache to specific IP addresses and/or
# ports, instead of the default. See also the <VirtualHost>
# directive.
# Change this to Listen on specific IP addresses as shown below to
# prevent Apache from glomming onto all bound IP addresses.
#Listen 12.34.56.78:80
Listen 80
# Dynamic Shared Object (DSO) Support
# To be able to use the functionality of a module which was built as a DSO you
# have to place corresponding `LoadModule' lines at this location so the
# directives contained in it are actually available _before_ they are used.
# Statically compiled modules (those listed by `httpd -l') do not need
# to be loaded here.
# Example:
# LoadModule foo_module modules/mod_foo.so
LoadModule authn_file_module modules/mod_authn_file.so
#LoadModule authn_dbm_module modules/mod_authn_dbm.so
#LoadModule authn_anon_module modules/mod_authn_anon.so
#LoadModule authn_dbd_module modules/mod_authn_dbd.so
#LoadModule authn_socache_module modules/mod_authn_socache.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_user_module modules/mod_authz_user.so
#LoadModule authz_dbm_module modules/mod_authz_dbm.so
#LoadModule authz_owner_module modules/mod_authz_owner.so
#LoadModule authz_dbd_module modules/mod_authz_dbd.so
LoadModule authz_core_module modules/mod_authz_core.so
#LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule auth_basic_module modules/mod_auth_basic.so
#LoadModule auth_form_module modules/mod_auth_form.so
#LoadModule auth_digest_module modules/mod_auth_digest.so
#LoadModule allowmethods_module modules/mod_allowmethods.so
#LoadModule file_cache_module modules/mod_file_cache.so
#LoadModule cache_module modules/mod_cache.so
#LoadModule cache_disk_module modules/mod_cache_disk.so
#LoadModule cache_socache_module modules/mod_cache_socache.so
#LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
#LoadModule socache_dbm_module modules/mod_socache_dbm.so
#LoadModule socache_memcache_module modules/mod_socache_memcache.so
#LoadModule watchdog_module modules/mod_watchdog.so
#LoadModule macro_module modules/mod_macro.so
#LoadModule dbd_module modules/mod_dbd.so
#LoadModule dumpio_module modules/mod_dumpio.so
#LoadModule echo_module modules/mod_echo.so
#LoadModule buffer_module modules/mod_buffer.so
#LoadModule data_module modules/mod_data.so
#LoadModule ratelimit_module modules/mod_ratelimit.so
LoadModule reqtimeout_module modules/mod_reqtimeout.so
#LoadModule ext_filter_module modules/mod_ext_filter.so
#LoadModule request_module modules/mod_request.so
LoadModule include_module modules/mod_include.so
LoadModule filter_module modules/mod_filter.so
#LoadModule reflector_module modules/mod_reflector.so
#LoadModule substitute_module modules/mod_substitute.so
#LoadModule sed_module modules/mod_sed.so
#LoadModule charset_lite_module modules/mod_charset_lite.so
#LoadModule deflate_module modules/mod_deflate.so
#LoadModule xml2enc_module modules/mod_xml2enc.so
#LoadModule proxy_html_module modules/mod_proxy_html.so
LoadModule mime_module modules/mod_mime.so
#LoadModule ldap_module modules/mod_ldap.so
LoadModule log_config_module modules/mod_log_config.so
#LoadModule log_debug_module modules/mod_log_debug.so
#LoadModule log_forensic_module modules/mod_log_forensic.so
#LoadModule logio_module modules/mod_logio.so
#LoadModule lua_module modules/mod_lua.so
LoadModule env_module modules/mod_env.so
#LoadModule mime_magic_module modules/mod_mime_magic.so
#LoadModule cern_meta_module modules/mod_cern_meta.so
#LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
#LoadModule ident_module modules/mod_ident.so
#LoadModule usertrack_module modules/mod_usertrack.so
#LoadModule unique_id_module modules/mod_unique_id.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule version_module modules/mod_version.so
#LoadModule remoteip_module modules/mod_remoteip.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
#LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so
LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_express_module modules/mod_proxy_express.so
#LoadModule session_module modules/mod_session.so
#LoadModule session_cookie_module modules/mod_session_cookie.so
#LoadModule session_dbd_module modules/mod_session_dbd.so
LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
#LoadModule slotmem_plain_module modules/mod_slotmem_plain.so
#LoadModule ssl_module modules/mod_ssl.so
#LoadModule dialup_module modules/mod_dialup.so
LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so
LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so
LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so
LoadModule mpm_event_module modules/mod_mpm_event.so
LoadModule unixd_module modules/mod_unixd.so
#LoadModule heartbeat_module modules/mod_heartbeat.so
#LoadModule heartmonitor_module modules/mod_heartmonitor.so
#LoadModule dav_module modules/mod_dav.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
#LoadModule asis_module modules/mod_asis.so
#LoadModule info_module modules/mod_info.so
#LoadModule suexec_module modules/mod_suexec.so
#LoadModule cgid_module modules/mod_cgid.so
#LoadModule cgi_module modules/mod_cgi.so
#LoadModule dav_fs_module modules/mod_dav_fs.so
#LoadModule dav_lock_module modules/mod_dav_lock.so
#LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
#LoadModule imagemap_module modules/mod_imagemap.so
#LoadModule actions_module modules/mod_actions.so
#LoadModule speling_module modules/mod_speling.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
#LoadModule rewrite_module modules/mod_rewrite.so
LoadModule python_module modules/mod_python.so
<IfModule unixd_module>
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.
# User/Group: The name (or #number) of the user/group to run httpd as.
# It is usually good practice to create a dedicated user and group for
# running httpd, as with most system services.
User http
Group http
</IfModule>
# 'Main' server configuration
# The directives in this section set up the values used by the 'main'
# server, which responds to any requests that aren't handled by a
# <VirtualHost> definition. These values also provide defaults for
# any <VirtualHost> containers you may define later in the file.
# All of these directives may appear inside <VirtualHost> containers,
# in which case these default settings will be overridden for the
# virtual host being defined.
# ServerAdmin: Your address, where problems with the server should be
# e-mailed. This address appears on some server-generated pages, such
# as error documents. e.g. [email protected]
ServerAdmin [email protected]
# ServerName gives the name and port that the server uses to identify itself.
# This can often be determined automatically, but we recommend you specify
# it explicitly to prevent problems during startup.
# If your host doesn't have a registered DNS name, enter its IP address here.
#ServerName www.example.com:80
# Deny access to the entirety of your server's filesystem. You must
# explicitly permit access to web content directories in other
# <Directory> blocks below.
<Directory />
AllowOverride none
Require all denied
</Directory>
# Note that from this point forward you must specifically allow
# particular features to be enabled - so if something's not working as
# you might expect, make sure that you have specifically enabled it
# below.
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
DocumentRoot "/srv/http"
<Directory "/srv/http">
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.4/mod/core.html#options
# for more information.
Options Indexes FollowSymLinks
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# AllowOverride FileInfo AuthConfig Limit
AllowOverride None
# Controls who can get stuff from this server.
Require all granted
</Directory>
# DirectoryIndex: sets the file that Apache will serve if a directory
# is requested.
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
<Files ".ht*">
Require all denied
</Files>
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
ErrorLog "/var/log/httpd/error_log"
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
<IfModule log_config_module>
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
# You need to enable mod_logio.c to use %I and %O
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
# The location and format of the access logfile (Common Logfile Format).
# If you do not define any access logfiles within a <VirtualHost>
# container, they will be logged here. Contrariwise, if you *do*
# define per-<VirtualHost> access logfiles, transactions will be
# logged therein and *not* in this file.
CustomLog "/var/log/httpd/access_log" common
# If you prefer a logfile with access, agent, and referer information
# (Combined Logfile Format) you can use the following directive.
#CustomLog "/var/log/httpd/access_log" combined
</IfModule>
<IfModule alias_module>
# Redirect: Allows you to tell clients about documents that used to
# exist in your server's namespace, but do not anymore. The client
# will make a new request for the document at its new location.
# Example:
# Redirect permanent /foo http://www.example.com/bar
# Alias: Maps web paths into filesystem paths and is used to
# access content that does not live under the DocumentRoot.
# Example:
# Alias /webpath /full/filesystem/path
# If you include a trailing / on /webpath then the server will
# require it to be present in the URL. You will also likely
# need to provide a <Directory> section to allow access to
# the filesystem path.
# ScriptAlias: This controls which directories contain server scripts.
# ScriptAliases are essentially the same as Aliases, except that
# documents in the target directory are treated as applications and
# run by the server when requested rather than as documents sent to the
# client. The same rules about trailing "/" apply to ScriptAlias
# directives as to Alias.
ScriptAlias /cgi-bin/ "/srv/http/cgi-bin/"
</IfModule>
<IfModule cgid_module>
# ScriptSock: On threaded servers, designate the path to the UNIX
# socket used to communicate with the CGI daemon of mod_cgid.
#Scriptsock cgisock
</IfModule>
# "/srv/http/cgi-bin" should be changed to whatever your ScriptAliased
# CGI directory exists, if you have that configured.
<Directory "/srv/http/cgi-bin">
AllowOverride None
Options None
Require all granted
</Directory>
<IfModule mime_module>
# TypesConfig points to the file containing the list of mappings from
# filename extension to MIME-type.
TypesConfig conf/mime.types
# AddType allows you to add to or override the MIME configuration
# file specified in TypesConfig for specific file types.
#AddType application/x-gzip .tgz
# AddEncoding allows you to have certain browsers uncompress
# information on the fly. Note: Not all browsers support this.
#AddEncoding x-compress .Z
#AddEncoding x-gzip .gz .tgz
# If the AddEncoding directives above are commented-out, then you
# probably should define those extensions to indicate media types:
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
# AddHandler allows you to map certain file extensions to "handlers":
# actions unrelated to filetype. These can be either built into the server
# or added with the Action directive (see below)
# To use CGI scripts outside of ScriptAliased directories:
# (You will also need to add "ExecCGI" to the "Options" directive.)
#AddHandler cgi-script .cgi
# For type maps (negotiated resources):
#AddHandler type-map var
# Filters allow you to process content before it is sent to the client.
# To parse .shtml files for server-side includes (SSI):
# (You will also need to add "Includes" to the "Options" directive.)
#AddType text/html .shtml
#AddOutputFilter INCLUDES .shtml
</IfModule>
# The mod_mime_magic module allows the server to use various hints from the
# contents of the file itself to determine its type. The MIMEMagicFile
# directive tells the module where the hint definitions are located.
#MIMEMagicFile conf/magic
# Customizable error responses come in three flavors:
# 1) plain text 2) local redirects 3) external redirects
# Some examples:
#ErrorDocument 500 "The server made a boo boo."
#ErrorDocument 404 /missing.html
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
#ErrorDocument 402 http://www.example.com/subscription_info.html
# MaxRanges: Maximum number of Ranges in a request before
# returning the entire resource, or one of the special
# values 'default', 'none' or 'unlimited'.
# Default setting is to accept 200 Ranges.
#MaxRanges unlimited
# EnableMMAP and EnableSendfile: On systems that support it,
# memory-mapping or the sendfile syscall may be used to deliver
# files. This usually improves server performance, but must
# be turned off when serving from networked-mounted
# filesystems or if support for these functions is otherwise
# broken on your system.
# Defaults: EnableMMAP On, EnableSendfile Off
#EnableMMAP off
#EnableSendfile on
# Supplemental configuration
# The configuration files in the conf/extra/ directory can be
# included to add extra features or to modify the default configuration of
# the server, or you may simply copy their contents here and change as
# necessary.
# Server-pool management (MPM specific)
Include conf/extra/httpd-mpm.conf
# Multi-language error messages
Include conf/extra/httpd-multilang-errordoc.conf
# Fancy directory listings
Include conf/extra/httpd-autoindex.conf
# Language settings
Include conf/extra/httpd-languages.conf
# User home directories
Include conf/extra/httpd-userdir.conf
# Real-time info on requests and configuration
#Include conf/extra/httpd-info.conf
# Virtual hosts
#Include conf/extra/httpd-vhosts.conf
# Local access to the Apache HTTP Server Manual
#Include conf/extra/httpd-manual.conf
# Distributed authoring and versioning (WebDAV)
#Include conf/extra/httpd-dav.conf
# Various default settings
Include conf/extra/httpd-default.conf
# Configure mod_proxy_html to understand HTML4/XHTML1
<IfModule proxy_html_module>
Include conf/extra/proxy-html.conf
</IfModule>
# Secure (SSL/TLS) connections
#Include conf/extra/httpd-ssl.conf
# Note: The following must must be present to support
# starting without SSL on platforms with no /dev/random equivalent
# but a statically compiled-in mod_ssl.
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>
# uncomment out the below to deal with user agents that deliberately
# violate open standards by misusing DNT (DNT *must* be a specific
# end-user choice)
#<IfModule setenvif_module>
#BrowserMatch "MSIE 10.0;" bad_DNT
#</IfModule>
#<IfModule headers_module>
#RequestHeader unset DNT env=bad_DNT
#</IfModule>
<Directory /home/developer/www/>
AddHandler mod_python .py
PythonHandler mptest
PythonDebug On
</Directory>
httpd-userdir.conf file:
# Settings for user home directories
# Required module: mod_authz_core, mod_authz_host, mod_userdir
# UserDir: The name of the directory that is appended onto a user's home
# directory if a ~user request is received. Note that you must also set
# the default access control for these directories, as in the example below.
UserDir public_html
# Control access to UserDir directories. The following is an example
# for a site where these directories are restricted to read-only.
<Directory "/home/developer/www/">
AllowOverride FileInfo AuthConfig Limit Indexes
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
Require method GET POST OPTIONS
</Directory>
and path permissions
drwxr-xr-x 4 root root 4096 03-16 12:24 home
drwx-----x 11 developer users 4096 03-18 21:03 developer
drwxr-xr-x 2 http http 4096 03-18 21:50 www
-rwxrwxrwx 1 http http 137 03-18 21:08 mptest.py
Do you have any suggestions? Thanks in advanceThanks for reply
I've added read access to developer directory:
drwxr--r-x 11 developer users 4096 03-18 21:03 developer
Nothing changed.
error_log
[Tue Mar 18 22:42:47.462658 2014] [authz_core:error] [pid 2150:tid 2941197120] [client 192.168.1.100:56103] AH01630: client denied by server configuration: /home/developer/public_html
No idea how "public_html" get there?!
access_log
192.168.1.100 - - [18/Mar/2014:22:38:34 +0100] "GET /~developer HTTP/1.1" 403 1081
192.168.1.100 - - [18/Mar/2014:22:38:45 +0100] "GET /~developer/www HTTP/1.1" 403 1081
192.168.1.100 - - [18/Mar/2014:22:42:47 +0100] "GET /~developer/www HTTP/1.1" 403 1081
192.168.1.100 - - [18/Mar/2014:22:42:47 +0100] "GET /favicon.ico HTTP/1.1" 404 1099
192.168.1.100 - - [18/Mar/2014:22:42:47 +0100] "GET /favicon.ico HTTP/1.1" 404 1099
EDIT
Ok, I've found the solution for that. In file httpd-userdir.conf UserDir was "public_html" instead of "www".
Now I'm getting error 500
error_log
[Tue Mar 18 22:48:36.841443 2014] [mpm_event:notice] [pid 2803:tid 3074947456] AH00489: Apache/2.4.7 (Unix) mod_python/3.5.0- Python/3.3.5 configured -- resuming normal operations
[Tue Mar 18 22:48:36.841528 2014] [core:notice] [pid 2803:tid 3074947456] AH00094: Command line: '/usr/bin/httpd'
[Tue Mar 18 22:48:45.873329 2014] [:error] [pid 2805:tid 3033516864] make_obcallback: could not import mod_python.apache.\n
[Tue Mar 18 22:48:45.874559 2014] [:error] [pid 2805:tid 3033516864] make_obcallback: Python path being used "['/usr/lib/python33.zip', '/usr/lib/python3.3', '/usr/lib/python3.3/plat-linux', '/usr/lib/python3.3/lib-dynload', '/usr/lib/python3.3/site-packages']".
[Tue Mar 18 22:48:45.874589 2014] [:error] [pid 2805:tid 3033516864] get_interpreter: no interpreter callback found.
[Tue Mar 18 22:48:45.874612 2014] [:error] [pid 2805:tid 3033516864] [client 192.168.1.100:56122] python_handler: Can't get/create interpreter., referer: http://192.168.1.108/~developer/
Last edited by maci3k (2014-03-18 22:37:32) -
Error 403 returned from WebSphere running Policy Agent
Hi,
I'm getting an error 403 (forbidden) in my browser when I try to access a URL that I have protected using a Policy that I have setup in SAM.
My configuration is as follows:
Sun Access Manager 6 2005Q1 on Solaris
WebSphere AppServer 5.1.1.5 on Win 2000
WebSphere 5.0 Policy Agent 2.1 on Win 2000
At the moment, all I'm trying to do is protect a URL which is contained in a simple WAR file which I have deployed on WAS.
As per the J2EE Policy Agents guide, I have installed the Agent Filter by adding the following into web.xml
<web-app>
<display-name>...</display-name>
<description>...</description>
<filter>
<filter-name>Agent</filter-name>
<display-name>Agent</display-name>
<description>SunTM ONE Identity Server Policy Agent</description>
<filter-class>com.sun.identity.agents.websphere.AmWAS50AgentFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>Agent</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>
I've switched on Global Security in WAS and successfully logged back into the WebSphere Console using amldapuser. This confirms that the Agent Realm is working correctly.
In SAM I set up a Policy with a Rule that specified the URL I want to protect. I added a Subject to this Rule of type LDAP User. The user I chose was amadmin (for the moment).
I also configued an Agent with agentRootURL=http://<WAS fully qualified domain name>:9080/
When I try to access the URL of the servlet in the WAR, I am redirected to the SAM's login page
http://<SAM fully qualified domain name>/amserver/UI/Login?goto=http%3A%2F%2F<WAS fully qualified domain name>%3A9080%2FRoamingApp%2FRoaming
However, when I enter the amadmin/ <password> error 403 is returned to the browser.
I've checked the logs on SAM
From amAuthentication.access
"2005-07-28 11:58:15" "Login Success" LDAP dc=acme,dc=com INFO uid=amAdm
in,ou=People,dc=acme,dc=com <WAS IP address> "cn=dsameuser,ou=DSAME Users,dc=acme,
dc=com" <WAS IP address>
From amSSO.access
"2005-07-28 11:58:15" "SESSION CREATE" amSSO.access dc=acme,dc=com I
NFO uid=amAdmin,ou=People,dc=acme,dc=com <WAS IP address> "cn=dsameuser,ou=
DSAME Users,dc=acme,dc=com" <WAS IP address>
From agent.log (Policy Agent on Win 2000)
[Thursday, July 28, 2005 11:58:15 AM BST] [null]
Access to http://<WAS fully qualified domain name>:9080/RoamingApp/Roaming denied for user UNKNOWN
Perhaps I dont have the Policy in SAM configured correctly..... if anyone has come across this kind of problem before, I would greatly appreciate any help they can give me.
Thanks,
JustinThanks for getting back to me Jerry.
I had a look at the role-to-principal mappings you suggested. To do this I added a security constraint to my web.xml file.
Then I reconfigured WebSphere so that the Active User Registry = LDAP instead of Custom. This allowed me to assign the LDAP group (in SAM) to the role (in web.xml). WAR file installed fine with these new bindings and I restarted WAS.
Unfortunately, I'm still getting Error 403 in the browser!
Any ideas as to what I might be doing wrong? Any help you can give me would be much appreciated.
This is the amFilter log file from the Policy Agent...
07/29/2005 05:48:44:980 PM IST: Thread[Servlet.Engine.Transports : 2,5,main]
AmFilter: incoming request =>
HttpServletRequest: class => com.ibm.ws.webcontainer.srt.SRTServletRequest@1af52898
Character Encoding : null
Content Lenght : -1
Content Type : null
Locale : en_IE
Accept Locales:
en_IE
Protocol : HTTP/1.1
Remote Address : 172.20.13.96
Remote Host : 172.20.13.96
Scheme : http
Server Name : dubwrk1589.ie.pri.o2.com
Server Port : 9080
Is Secure : false
Auth Type : null
Context Path : /RoamingApp
Cookies:
amFilterParam: AQIC5wM2LY4Sfcx0xX1Z1+1tK4SfLh/aCFlbIGuRNEPcAVc=
amFilterRDParam: AQIC5wM2LY4Sfcwb7v6Sof6MpnvtyR8nae7hiKN7Y11QjCagyWAs9LzbAeB9Q4TP8VjruhK+oYForXxw/qq6TqbMAN1PlT1YOQI3Vy92iAaJ2N9x2bSRaUU7NlwZg8oTti+JOLdiRMTzwO17jIoWwCIx/0CtoQXpkX/meuAoFwf1feyAEp2NvK7AIbE82f/p8o4LxQbhK2NQNec=
WASReqURL: http://dubwrk1589.ie.pri.o2.com:9080/RoamingApp/Roaming
JSESSIONID: 0000HRZTVpt84dvtjaLaKWBnwzu:-1
Headers:
accept:
image/gif
image/x-xbitmap
image/jpeg
image/pjpeg
application/msword
application/vnd.ms-excel
application/vnd.ms-powerpoint
application/x-shockwave-flash
referer:
http://sam.digifone.com/amserver/UI/Login?goto=http%3A%2F%2Fdubwrk1589.ie.pri.o2.com%3A9080%2FRoamingApp%2Flogin.jsp
accept-language:
en-ie
cookie:
amFilterParam=AQIC5wM2LY4Sfcx0xX1Z1+1tK4SfLh/aCFlbIGuRNEPcAVc=; amFilterRDParam=AQIC5wM2LY4Sfcwb7v6Sof6MpnvtyR8nae7hiKN7Y11QjCagyWAs9LzbAeB9Q4TP8VjruhK+oYForXxw/qq6TqbMAN1PlT1YOQI3Vy92iAaJ2N9x2bSRaUU7NlwZg8oTti+JOLdiRMTzwO17jIoWwCIx/0CtoQXpkX/meuAoFwf1feyAEp2NvK7AIbE82f/p8o4LxQbhK2NQNec=; WASReqURL=http://dubwrk1589.ie.pri.o2.com:9080/RoamingApp/Roaming; JSESSIONID=0000HRZTVpt84dvtjaLaKWBnwzu:-1
accept-encoding:
gzip
deflate
user-agent:
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322)
host:
dubwrk1589.ie.pri.o2.com:9080
connection:
Keep-Alive
cache-control:
no-cache
Method : GET
Path Info : null
Path Trans : null
Query String : null
Remote User : null
Requested Session ID : 0000HRZTVpt84dvtjaLaKWBnwzu:-1
Request URI : /RoamingApp/login.jsp
Servlet Path : /login.jsp
Session : true
User Principal : null
Attributes:
com.ibm.servlet.engine.webapp.dispatch_type: forward
07/29/2005 05:48:44:980 PM IST: Thread[Servlet.Engine.Transports : 2,5,main]
FQDNHandler: Incoming Server Name: [dubwrk1589.ie.pri.o2.com] Result: null
07/29/2005 05:48:44:980 PM IST: Thread[Servlet.Engine.Transports : 2,5,main]
PatternRule{*/j_security_check}.matchString(/RoamingApp/login.jsp) => false
07/29/2005 05:48:44:980 PM IST: Thread[Servlet.Engine.Transports : 2,5,main]
NotEnforcedListManager.isNotEnforced(/RoamingApp/login.jsp) => false
07/29/2005 05:48:44:980 PM IST: Thread[Servlet.Engine.Transports : 2,5,main]
AmFilter: Login attempt number: 10
07/29/2005 05:48:44:980 PM IST: Thread[Servlet.Engine.Transports : 2,5,main]
AmFilter: SSO Validation failed for null
07/29/2005 05:48:44:980 PM IST: Thread[Servlet.Engine.Transports : 2,5,main]
AmFilter: Reseting Cookies in Response
07/29/2005 05:48:44:980 PM IST: Thread[Servlet.Engine.Transports : 2,5,main]
WARNING: AmFilter: Login attempt number 10 failed for request URI: /RoamingApp/login.jsp
07/29/2005 05:48:44:980 PM IST: Thread[Servlet.Engine.Transports : 2,5,main]
URLFailoverHelper: Checking if http://sam.digifone.com:80/amserver/UI/Login is available
07/29/2005 05:48:44:980 PM IST: Thread[Servlet.Engine.Transports : 2,5,main]
URLFailoverHelper: URL http://sam.digifone.com:80/amserver/UI/Login is available
07/29/2005 05:48:44:980 PM IST: Thread[Servlet.Engine.Transports : 2,5,main]
URLFailoverHelper: getAvailableURL() => http://sam.digifone.com:80/amserver/UI/Login
07/29/2005 05:48:44:980 PM IST: Thread[Servlet.Engine.Transports : 2,5,main]
AmFilter: redirectURL is: http://sam.digifone.com:80/amserver/UI/Login?goto=http%3A%2F%2Fdubwrk1589.ie.pri.o2.com%3A9080%2FRoamingApp%2Flogin.jsp
07/29/2005 05:48:44:980 PM IST: Thread[Servlet.Engine.Transports : 2,5,main]
WARNING: AmFilter: redirect attempt limit reached for http://sam.digifone.com:80/amserver/UI/Login?goto=http%3A%2F%2Fdubwrk1589.ie.pri.o2.com%3A9080%2FRoamingApp%2Flogin.jsp, access will be denied
07/29/2005 05:48:44:980 PM IST: Thread[Servlet.Engine.Transports : 2,5,main]
AmFilter: Using 403 forbidden to block access
07/29/2005 05:48:44:980 PM IST: Thread[Servlet.Engine.Transports : 2,5,main]
getResource: id = 20004
07/29/2005 05:48:44:980 PM IST: Thread[Servlet.Engine.Transports : 2,5,main]
AmFilter: result =>
FilterResult:
Status : FORBIDDEN
RedirectURL : null
RequestHelper:
null
Data:
null
07/29/2005 05:48:44:980 PM IST: Thread[Servlet.Engine.Transports : 2,5,main]
getResource: id = 20008 -
[SOLVED] Apache Access forbidden Error 403 localhost
Hello,
I believe this should be some thing very stupid, but I can't find it... so here I am.
I have just installed apache (# pacman -S apache)
Configured httpd.comf, and created 2 virtual hosts with extra/httpd-vhosts.conf
When I believed every thing was ok, I have started Apache as root (# apachectl start)
Started ok, no errors (also tried start it as user with sudo, and /etc/init.d/httpd start)
So when I go to http://localhos (or the virtual host) I allways get Access forbidden Error 403
I have set 777 permissions to /srv/http and the virtual host (/home/username/local-web/site1.dev)
I have tried every thing , changed dir owners to "http:http" ...
At the Apache error log I get:
"[Thu Oct 29 02:39:48 2009] [error] [client 127.0.0.1] (13)Permission denied: access to / denied"
There is a very simple plain index.html file at /srv/http and the virtual host, all file/dir permissions very permisive... so that can't be the problem.
Am I missing some thing? Do I need to manually create the "http" user and/or add it to some group?
Last edited by iopo (2009-10-29 22:06:59)Ok, here's the code:
# This is the main Apache HTTP server configuration file. It contains the
# configuration directives that give the server its instructions.
# See <URL:http://httpd.apache.org/docs/2.2> for detailed information.
# In particular, see
# <URL:http://httpd.apache.org/docs/2.2/mod/directives.html>
# for a discussion of each configuration directive.
# Do NOT simply read the instructions in here without understanding
# what they do. They're here only as hints or reminders. If you are unsure
# consult the online docs. You have been warned.
# Configuration and logfile names: If the filenames you specify for many
# of the server's control files begin with "/" (or "drive:/" for Win32), the
# server will use that explicit path. If the filenames do *not* begin
# with "/", the value of ServerRoot is prepended -- so "/var/log/httpd/foo_log"
# with ServerRoot set to "/etc/httpd" will be interpreted by the
# server as "/etc/httpd//var/log/httpd/foo_log".
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
# Do not add a slash at the end of the directory path. If you point
# ServerRoot at a non-local disk, be sure to point the LockFile directive
# at a local disk. If you wish to share the same ServerRoot for multiple
# httpd daemons, you will need to change at least LockFile and PidFile.
ServerRoot "/etc/httpd"
# Listen: Allows you to bind Apache to specific IP addresses and/or
# ports, instead of the default. See also the <VirtualHost>
# directive.
# Change this to Listen on specific IP addresses as shown below to
# prevent Apache from glomming onto all bound IP addresses.
#Listen 12.34.56.78:80
Listen 80
# Dynamic Shared Object (DSO) Support
# To be able to use the functionality of a module which was built as a DSO you
# have to place corresponding `LoadModule' lines at this location so the
# directives contained in it are actually available _before_ they are used.
# Statically compiled modules (those listed by `httpd -l') do not need
# to be loaded here.
# Example:
# LoadModule foo_module modules/mod_foo.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authn_dbm_module modules/mod_authn_dbm.so
LoadModule authn_anon_module modules/mod_authn_anon.so
LoadModule authn_dbd_module modules/mod_authn_dbd.so
LoadModule authn_default_module modules/mod_authn_default.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_dbm_module modules/mod_authz_dbm.so
LoadModule authz_owner_module modules/mod_authz_owner.so
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule authz_default_module modules/mod_authz_default.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule file_cache_module modules/mod_file_cache.so
LoadModule cache_module modules/mod_cache.so
LoadModule disk_cache_module modules/mod_disk_cache.so
LoadModule mem_cache_module modules/mod_mem_cache.so
LoadModule dbd_module modules/mod_dbd.so
LoadModule dumpio_module modules/mod_dumpio.so
LoadModule ext_filter_module modules/mod_ext_filter.so
LoadModule include_module modules/mod_include.so
LoadModule filter_module modules/mod_filter.so
LoadModule substitute_module modules/mod_substitute.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule ldap_module modules/mod_ldap.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule log_forensic_module modules/mod_log_forensic.so
LoadModule logio_module modules/mod_logio.so
LoadModule env_module modules/mod_env.so
LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule cern_meta_module modules/mod_cern_meta.so
LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
LoadModule ident_module modules/mod_ident.so
LoadModule usertrack_module modules/mod_usertrack.so
# LoadModule unique_id_module modules/mod_unique_id.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule version_module modules/mod_version.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule mime_module modules/mod_mime.so
LoadModule dav_module modules/mod_dav.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule asis_module modules/mod_asis.so
LoadModule info_module modules/mod_info.so
LoadModule suexec_module modules/mod_suexec.so
LoadModule cgi_module modules/mod_cgi.so
LoadModule cgid_module modules/mod_cgid.so
LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule imagemap_module modules/mod_imagemap.so
LoadModule actions_module modules/mod_actions.so
LoadModule speling_module modules/mod_speling.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
<IfModule !mpm_netware_module>
<IfModule !mpm_winnt_module>
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.
# User/Group: The name (or #number) of the user/group to run httpd as.
# It is usually good practice to create a dedicated user and group for
# running httpd, as with most system services.
User http
Group http
</IfModule>
</IfModule>
# 'Main' server configuration
# The directives in this section set up the values used by the 'main'
# server, which responds to any requests that aren't handled by a
# <VirtualHost> definition. These values also provide defaults for
# any <VirtualHost> containers you may define later in the file.
# All of these directives may appear inside <VirtualHost> containers,
# in which case these default settings will be overridden for the
# virtual host being defined.
# ServerAdmin: Your address, where problems with the server should be
# e-mailed. This address appears on some server-generated pages, such
# as error documents. e.g. [email protected]
ServerAdmin [email protected]
# ServerName gives the name and port that the server uses to identify itself.
# This can often be determined automatically, but we recommend you specify
# it explicitly to prevent problems during startup.
# If your host doesn't have a registered DNS name, enter its IP address here.
#ServerName www.example.com:80
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
DocumentRoot "/srv/http"
# Each directory to which Apache has access can be configured with respect
# to which services and features are allowed and/or disabled in that
# directory (and its subdirectories).
# First, we configure the "default" to be a very restrictive set of
# features.
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
</Directory>
# Note that from this point forward you must specifically allow
# particular features to be enabled - so if something's not working as
# you might expect, make sure that you have specifically enabled it
# below.
# This should be changed to whatever you set DocumentRoot to.
<Directory "/srv/http">
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.2/mod/core.html#options
# for more information.
# Options Indexes FollowSymLinks
Options Indexes All
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
AllowOverride None
# Controls who can get stuff from this server.
Order allow,deny
Allow from all
</Directory>
<Directory "/home/gral/web-sit/local">
Options +Indexes FollowSymLinks +ExecCGI
AllowOverride AuthConfig FileInfo
Order allow,deny
Allow from all
</Directory>
# this was just a test
# DirectoryIndex: sets the file that Apache will serve if a directory
# is requested.
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
<FilesMatch "^\.ht">
Order allow,deny
Deny from all
Satisfy All
</FilesMatch>
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
ErrorLog "/var/log/httpd/error_log"
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
<IfModule log_config_module>
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
# You need to enable mod_logio.c to use %I and %O
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
# The location and format of the access logfile (Common Logfile Format).
# If you do not define any access logfiles within a <VirtualHost>
# container, they will be logged here. Contrariwise, if you *do*
# define per-<VirtualHost> access logfiles, transactions will be
# logged therein and *not* in this file.
CustomLog "/var/log/httpd/access_log" common
# If you prefer a logfile with access, agent, and referer information
# (Combined Logfile Format) you can use the following directive.
#CustomLog "/var/log/httpd/access_log" combined
</IfModule>
<IfModule alias_module>
# Redirect: Allows you to tell clients about documents that used to
# exist in your server's namespace, but do not anymore. The client
# will make a new request for the document at its new location.
# Example:
# Redirect permanent /foo http://www.example.com/bar
# Alias: Maps web paths into filesystem paths and is used to
# access content that does not live under the DocumentRoot.
# Example:
# Alias /webpath /full/filesystem/path
# If you include a trailing / on /webpath then the server will
# require it to be present in the URL. You will also likely
# need to provide a <Directory> section to allow access to
# the filesystem path.
# ScriptAlias: This controls which directories contain server scripts.
# ScriptAliases are essentially the same as Aliases, except that
# documents in the target directory are treated as applications and
# run by the server when requested rather than as documents sent to the
# client. The same rules about trailing "/" apply to ScriptAlias
# directives as to Alias.
ScriptAlias /cgi-bin/ "/srv/http/cgi-bin/"
</IfModule>
<IfModule cgid_module>
# ScriptSock: On threaded servers, designate the path to the UNIX
# socket used to communicate with the CGI daemon of mod_cgid.
#Scriptsock /var/run/httpd/cgisock
</IfModule>
# "/srv/http/cgi-bin" should be changed to whatever your ScriptAliased
# CGI directory exists, if you have that configured.
<Directory "/srv/http/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
# DefaultType: the default MIME type the server will use for a document
# if it cannot otherwise determine one, such as from filename extensions.
# If your server contains mostly text or HTML documents, "text/plain" is
# a good value. If most of your content is binary, such as applications
# or images, you may want to use "application/octet-stream" instead to
# keep browsers from trying to display binary files as though they are
# text.
DefaultType text/plain
<IfModule mime_module>
# TypesConfig points to the file containing the list of mappings from
# filename extension to MIME-type.
TypesConfig conf/mime.types
# AddType allows you to add to or override the MIME configuration
# file specified in TypesConfig for specific file types.
#AddType application/x-gzip .tgz
# AddEncoding allows you to have certain browsers uncompress
# information on the fly. Note: Not all browsers support this.
#AddEncoding x-compress .Z
#AddEncoding x-gzip .gz .tgz
# If the AddEncoding directives above are commented-out, then you
# probably should define those extensions to indicate media types:
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
# AddHandler allows you to map certain file extensions to "handlers":
# actions unrelated to filetype. These can be either built into the server
# or added with the Action directive (see below)
# To use CGI scripts outside of ScriptAliased directories:
# (You will also need to add "ExecCGI" to the "Options" directive.)
#AddHandler cgi-script .cgi
# For type maps (negotiated resources):
#AddHandler type-map var
# Filters allow you to process content before it is sent to the client.
# To parse .shtml files for server-side includes (SSI):
# (You will also need to add "Includes" to the "Options" directive.)
#AddType text/html .shtml
#AddOutputFilter INCLUDES .shtml
</IfModule>
# The mod_mime_magic module allows the server to use various hints from the
# contents of the file itself to determine its type. The MIMEMagicFile
# directive tells the module where the hint definitions are located.
#MIMEMagicFile conf/magic
# Customizable error responses come in three flavors:
# 1) plain text 2) local redirects 3) external redirects
# Some examples:
#ErrorDocument 500 "The server made a boo boo."
#ErrorDocument 404 /missing.html
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
#ErrorDocument 402 http://www.example.com/subscription_info.html
# EnableMMAP and EnableSendfile: On systems that support it,
# memory-mapping or the sendfile syscall is used to deliver
# files. This usually improves server performance, but must
# be turned off when serving from networked-mounted
# filesystems or if support for these functions is otherwise
# broken on your system.
#EnableMMAP off
#EnableSendfile off
# Supplemental configuration
# The configuration files in the conf/extra/ directory can be
# included to add extra features or to modify the default configuration of
# the server, or you may simply copy their contents here and change as
# necessary.
# Server-pool management (MPM specific)
#Include conf/extra/httpd-mpm.conf
# Multi-language error messages
Include conf/extra/httpd-multilang-errordoc.conf
# Fancy directory listings
Include conf/extra/httpd-autoindex.conf
# Language settings
Include conf/extra/httpd-languages.conf
# User home directories
Include conf/extra/httpd-userdir.conf
# Real-time info on requests and configuration
#Include conf/extra/httpd-info.conf
# Virtual hosts
Include conf/extra/httpd-vhosts.conf
# Local access to the Apache HTTP Server Manual
#Include conf/extra/httpd-manual.conf
# Distributed authoring and versioning (WebDAV)
#Include conf/extra/httpd-dav.conf
# Various default settings
Include conf/extra/httpd-default.conf
# Secure (SSL/TLS) connections
#Include conf/extra/httpd-ssl.conf
# Note: The following must must be present to support
# starting without SSL on platforms with no /dev/random equivalent
# but a statically compiled-in mod_ssl.
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule> -
HTTP Error 403.16 - Forbidden, Your client certificate is either not trusted or is invalid.
Dear Experts,
I have tried mutual authentication with sample website as per below link:
http://itq.nl/testing-with-client-certificate-authentication-in-a-development-environment-on-iis-8-5/#comment-19427
1. Created a Root certificate, client and server certificate based on this root certificate by using Makecert command as per below link:
2. Import these certificates in Trusted Root Certification authority of both the stores (Local and Current user)
3. Created a sample website with HTML page
4.Hosted this website in IIS with HTTPS binding and selected the above server certifcate
5. Enabled "Require SSL" and selected "Require" under SSL settings of website
6. Exported the client certificate in base64 format --> Edited in notepad --> made the key into single line
7. Placed the above key under Configuration editor --> system.webServer/security/authentication/iisClientCertificateMappingAuthentication --> one to one mapping with user credentials.
8. I tried to access the website
But, I ended with below error :(
HTTP Error 403.16 - Forbidden
Your client certificate is either not trusted or is invalid.
Detailed Error Information:
Module IIS Web Core
Notification BeginRequest
Handler ExtensionlessUrlHandler-Integrated-4.0
Error Code 0x800b0109
Requested URL https://localhost:443/
Physical Path E:\SampleRoot
Logon Method Not yet determined
Logon User Not yet determined
Could you please let me know what I missed here.
Note:
I am using windows8, IIS8.0.
Thanks in advance.
Regards,
M. Prasad Reddy.Hi Prasad,
As per this case, I have been shared the corresponding details below
1.First of all,make sure that you import the certificate whether it belongs to Trusted RootCertification or not .
If that is the case ,Goto Microsoft Management Console (MMC), open the Certificates snap-in.
For instance, the certificate store that WCF is configured to retrieve X.509 certificates from, select the Trusted RootCertification Authoritiesfolder. Under the Trusted Root Certification Authorities folder, right-click the Certificatesfolder,
point to All Tasks, and then click Import.
2.you configured the server certificate as well, But check the client certificate whether have root certificate or not by following command?
makecert -pe -n "CN=SSLClientAuthClient"
-eku 1.3.6.1.5.5.7.3.2 -is root -ir localmachine -in WebSSLTestRoot
-ss my -sr currentuser -len 2048
3. Also check the Service Certificate whether its configured on the WCF Service side
4.Make sure that you followed all the steps are done correctly from your given referred link below
http://itq.nl/testing-with-client-certificate-authentication-in-a-development-environment-on-iis-8-5/#comment-19427
5.Besides, please try to set the require SSL as ignore to see if you can access the website.
If the above details cannot able to resolve this issue, please post your config file here.
Maybe you are looking for
-
I cannot get my HP 6600 to print in color from my new macbook pro.
Does anyone know how to help me get my Macbook Pro to print to my HP Officejet 6600 in color? I am new to MAC computers and am sure it's just a setting I need to change. I know it is not a printer problem as it prints color from the same webpage fr
-
When i connect my i phone to my computer, to download the photos I find about 20 folders. The folders have no dates on them and I find it difficult to search for the photos that I want. There used to be only 1 folder previously. I only noticed this p
-
Audio Problem connecting external apple speaker to iMac
When I connect my Apple HIFI External Speaker to the audio out at the back of my iMac with the apple RCA optical cable, I can no longer control volume with the apple keyboard. I can only control the volume with the apple remote. 1. Any suggestions to
-
Sales Order ATP Check in SAP B1
Is there a way to disable the ATP Check upon saving of a Sales Order using the DI API or any other built-in configuration settings?
-
i updated my ipad 1 to 5.0 however for the last month i havn't been successful in updating my iphone 4 with the 4.3 op system to 5.0 once it downloads the update it says something like system timed out - unable to update please try again.... check ne