Non standard stream urls... am I missing something?

Similar Messages

• Protecting Apache URLs ending in '/' with non-standard DirectoryIndex

  I'm using Apache agent 2.2 for Acces Manager 7. My Apache version is 1.3.33. I have a DirectoryIndex line in my httpd.conf like so:
  DirectoryIndex index.cgi index.html
  So when I request the URL <http://server.edu/subdir/> I should get <http://server.edu/subdir/index.cgi>.
  My problem is when URLs like this are protected by Access Manager. I have an inverted notenforced_list, which contains http://server.edu/subdir*. So only stuff in subdir should be controlled by AM. I want all 3 of these URLs to give the same results:
  http://server.edu/subdir
  http://server.edu/subdir/
  http://server.edu/subdir/index.cgi
  The first and third URLs work as expected; the second one (with a trailing '/') doesn't work. If I change my notenforced_list to read http://server.edu/subdir/*, then only the third (complete) URL works.
  By looking at the agent logs in debug mode, it appears that AM is first looking at policy for http://server.edu/. That test passes, since that URL is part of the (inverted) notenforced_list.
  Then the agent goes on to check the /subdir URL -- but it tacks on index.html:
  2006-04-20 14:06:58.144 Debug 10883:252998 PolicyAgent: get_request_url(): Returning request URL http://server.edu/subdir/index.html.
  Then it goes on to say that it will enforce policy on this URL, which is correct, but it's referring to index.html, not index.cgi. I'm never prompted for authentication, I just get a browser error that says the page cannot be displayed. If I ask explicitly for http://server.edu/subdir/index.cgi, everything works as expected -- I'm redirected to the AM server and prompted to authenticate, then redirected back to the URL I originally requested.
  Am I missing something here? Has anyone else tried to protect URLs ending in '/' with a non-standard name?

  Here is the log extract. You can see pretty clearly that it just tacks on 'index.html' to the end of the original URL, when it gets to the 2nd phase of the policy evaluation (after checking for root-level policy). Thanks for taking a look!
  2006-04-20 14:06:58.141MaxDebug 10883:252998 PolicyAgent: get_request_url(): Host: server.edu
  2006-04-20 14:06:58.142MaxDebug 10883:252998 PolicyAgent: get_request_url(): Port is 443.
  2006-04-20 14:06:58.142 Debug 10883:252998 PolicyAgent: get_request_url(): Returning request URL https://server.edu:443/subdir/.
  2006-04-20 14:06:58.142 Warning 10883:252998 PolicyAgent: get_method_num(): Apache request method number did not match method string. Setting method number to match method string GET.
  2006-04-20 14:06:58.142 Debug 10883:252998 PolicyAgent: am_web_is_access_allowed(): url 'https://server.edu:443/subdir/' path_info '/'.
  2006-04-20 14:06:58.142MaxDebug 10883:252998 PolicyAgent: am_web_is_access_allowed(): processing url https://server.edu:443/.
  2006-04-20 14:06:58.142MaxDebug 10883:252998 PolicyAgent: FqdnHandler::isValidFqdnResource() Resource => https://server.edu:443/, is valid => true
  2006-04-20 14:06:58.142 Debug 10883:252998 PolicyAgent: am_web_is_access_allowed(): client_ip xxx.xxx.xxx.xxx not found in client ip not enforced list
  2006-04-20 14:06:58.142MaxDebug 10883:252998 AM_POLICY_SERVICE: am_policy_compare_urls(): compare usePatterns=true returned 3
  2006-04-20 14:06:58.142MaxDebug 10883:252998 AM_POLICY_SERVICE: am_policy_compare_urls(): compare usePatterns=true returned 3
  2006-04-20 14:06:58.143MaxDebug 10883:252998 AM_POLICY_SERVICE: am_policy_compare_urls(): compare usePatterns=true returned 3
  2006-04-20 14:06:58.143MaxDebug 10883:252998 AM_POLICY_SERVICE: am_policy_compare_urls(): compare usePatterns=true returned 3
  2006-04-20 14:06:58.143MaxDebug 10883:252998 AM_POLICY_SERVICE: am_policy_compare_urls(): compare usePatterns=true returned 3
  2006-04-20 14:06:58.143 Debug 10883:252998 PolicyAgent: in_not_enforced_list: not enforced list is reversed, only matches will be enforced.
  2006-04-20 14:06:58.143 Debug 10883:252998 PolicyAgent: in_not_enforced_list: allowing access to https://server.edu:443/
  2006-04-20 14:06:58.143 Debug 10883:252998 PolicyAgent: am_web_get_parameter_value(): Param Name = iPlanetDirectoryPro, & Param Value = NULL, status not found
  2006-04-20 14:06:58.143 Debug 10883:252998 PolicyAgent: am_web_is_access_allowed(): remote user set to unauthenticated user (null)
  2006-04-20 14:06:58.143 Info 10883:252998 PolicyAgent: am_web_is_access_allowed()(https://server.edu:443/, GET) returning status: success.
  2006-04-20 14:06:58.143 Info 10883:252998 PolicyAgent: process_request(): Access check for URL https://server.edu:443/subdir/ returned success.
  2006-04-20 14:06:58.143 Debug 10883:252998 PolicyAgent: set_user(): user set to
  2006-04-20 14:06:58.143 Debug 10883:252998 PolicyAgent: am_web_is_logout_url(https://server.edu:443/subdir/): normalized URL https://server.edu:443/subdir/.
  2006-04-20 14:06:58.143 Debug 10883:252998 PolicyAgent: set_user_attributes(): set user attributes option set to none.
  2006-04-20 14:06:58.144 Debug 10883:252998 PolicyAgent: process_access_success(): returned AM_WEB_RESULT_OK.
  2006-04-20 14:06:58.144 Debug 10883:252998 PolicyAgent: process_request(): returning web result AM_WEB_RESULT_OK, data []
  2006-04-20 14:06:58.144 Debug 10883:252998 PolicyAgent: am_web_process_request(): Rendering web result AM_WEB_RESULT_OK
  2006-04-20 14:06:58.144 Debug 10883:252998 PolicyAgent: am_web_process_request(): render result function returned AM_SUCCESS.
  2006-04-20 14:06:58.144MaxDebug 10883:252998 PolicyAgent: get_request_url(): Host: server.edu
  2006-04-20 14:06:58.144MaxDebug 10883:252998 PolicyAgent: get_request_url(): Port is 443.
  2006-04-20 14:06:58.144 Debug 10883:252998 PolicyAgent: get_request_url(): Returning request URL https://server.edu:443/subdir/index.html.
  2006-04-20 14:06:58.144 Warning 10883:252998 PolicyAgent: get_method_num(): Apache request method number did not match method string. Setting method number to match method string GET.
  2006-04-20 14:06:58.144 Debug 10883:252998 PolicyAgent: am_web_is_access_allowed(): url 'https://server.edu:443/subdir/index.html' path_info ''.
  2006-04-20 14:06:58.145MaxDebug 10883:252998 PolicyAgent: am_web_is_access_allowed(): processing url https://server.edu:443/subdir/index.html.
  2006-04-20 14:06:58.145MaxDebug 10883:252998 PolicyAgent: FqdnHandler::isValidFqdnResource() Resource => https://server.edu:443/subdir/index.html, is valid => true
  2006-04-20 14:06:58.145 Debug 10883:252998 PolicyAgent: am_web_is_access_allowed(): client_ip xxx.xxx.xxx.xxx not found in client ip not enforced list
  2006-04-20 14:06:58.145MaxDebug 10883:252998 AM_POLICY_SERVICE: am_policy_compare_urls(): compare usePatterns=true returned 3
  2006-04-20 14:06:58.145MaxDebug 10883:252998 AM_POLICY_SERVICE: am_policy_compare_urls(): compare usePatterns=true returned 3
  2006-04-20 14:06:58.145MaxDebug 10883:252998 AM_POLICY_SERVICE: am_policy_compare_urls(): compare usePatterns=true returned 4
  2006-04-20 14:06:58.145 Debug 10883:252998 PolicyAgent: in_not_enforced_list(https://server.edu:443/subdir/index.html): matched 'https://server.edu:443/subdir/*' entry in not-enforced list
  2006-04-20 14:06:58.145 Debug 10883:252998 PolicyAgent: in_not_enforced_list: not enforced list is reversed, only matches will be enforced.
  2006-04-20 14:06:58.145 Debug 10883:252998 PolicyAgent: in_not_enforced_list: enforcing access control for https://server.edu:443/subdir/index.html
  2006-04-20 14:06:58.146 Debug 10883:252998 PolicyAgent: am_web_get_parameter_value(): Param Name = iPlanetDirectoryPro, & Param Value = NULL, status not found
  2006-04-20 14:06:58.146 Debug 10883:252998 PolicyAgent: am_web_is_access_allowed()(https://server.edu:443/subdir/index.html,GET): no sso token, setting status to invalid session.
  2006-04-20 14:06:58.146 Debug 10883:252998 PolicyAgent: am_web_is_access_allowed(): Successfully logged to remote server for GET action by user unknown user to resource https://server.edu:443/subdir/index.html.
  2006-04-20 14:06:58.146 Info 10883:252998 PolicyAgent: am_web_is_access_allowed()(https://server.edu:443/subdir/index.html, GET) returning status: invalid session.
  2006-04-20 14:06:58.146 Info 10883:252998 PolicyAgent: process_request(): Access check for URL https://server.edu:443/subdir/index.html returned invalid session.
  2006-04-20 14:06:58.146MaxDebug 10883:252998 PolicyAgent: am_web_get_url_to_redirect(): goto URL is https://server.edu:443/subdir/index.html
  2006-04-20 14:06:58.146MaxDebug 10883:252998 PolicyAgent: find_active_login_server(): Trying server: https://access-manager-server.edu:443/amserver/UI/Login
  2006-04-20 14:06:58.149 Debug 10883:252998 PolicyAgent: process_access_redirect(): get redirect url returned AM_SUCCESS, redirect url [https://access-manager-server.edu:443/amserver/UI/Login?goto=https%3A%2F%2Fserver.edu%3A443%2Fsubdir%2Findex.html].
  2006-04-20 14:06:58.149 Debug 10883:252998 PolicyAgent: process_access_redirect(): returning web result AM_WEB_RESULT_REDIRECT.
  2006-04-20 14:06:58.149 Debug 10883:252998 PolicyAgent: process_request(): returning web result AM_WEB_RESULT_REDIRECT, data [https://access-manager-server.edu:443/amserver/UI/Login?goto=https%3A%2F%2Fserver.edu%3A443%2Fsubdir%2Findex.html]
  2006-04-20 14:06:58.149 Debug 10883:252998 PolicyAgent: am_web_process_request(): Rendering web result AM_WEB_RESULT_REDIRECT
  2006-04-20 14:06:58.150 Debug 10883:252998 PolicyAgent: am_web_process_request(): render result function returned AM_SUCCESS.

• How to upload non iWork files to iCloud...am I missing something?

  I am wondering how to upload non iWork files to iCloud..such as pdf's, Xls, etc....etc any type of file really the way I could with iDisk.
  Am I missing something simple?
  Thnaks,
  Derek

  Thanks for your reply. Just curious if this method is standard setup the way Apple recommends to use iCloud in this situation or if it is a work around to accomplish what I am after?
  Thanks again!
  d.

• Http probe on non-standard tcp port 8021

  I've configured http probe on standard port 80 with no issue. I'm now trying http probe on non-standard tcp port 8021, confirmed with packet capture to confirm that the CSM is indeed probing, status code 403 is returned but the reals are showing "probe failed". Am I missing something? Thank you in advance.
  CSM v2.3(3)2
  probe 8021 http
  request method head
  interval 2
  retries 2
  failed 4
  port 8021
  serverfarm TEST
  nat server
  no nat client
  real 10.1.2.101
  inservice
  real 10.1.2.102
  inservice
  probe 8021
  vserver TEST
  virtual 10.1.2.100 tcp 8021
  serverfarm TEST
  replicate csrp connection
  persistent rebalance
  inservice
  VIP and real status:
  vserver type prot virtual vlan state conns
  Q_MAS_8021 SLB TCP 10.1.2.100/32:8021 ALL OUTOFSERVICE 0
  real server farm weight state conns/hits
  10.1.2.101 TEST 8 PROBE_FAILED 0
  10.1.2.102 TEST 8 PROBE_FAILED 0

  you need to specify what HTTP response code you expect.
  The command is :
  gdufour-cat6k-2(config-slb-probe-http)#expect status ?
  <0-999> expected status - minimum value in a range
  The default is to expect only 200.
  This is why your 403 is not accepted.
  Gilles.

• How to register non-wsdl based URL in OEG

  How do we register a non-wsdl based URL endpoint in OEG? We had no problem registering a simple WSDL based endpoint on an OEG server. However we cannot find documentation on how to secure/register a RESTful or JSON – URL based service (SOAP, XML over HTTP type service).
  Does this functionality exist? Or are there best practices on what to do with OEG for these types of services?
  Our use case looks like:
  Akamai - - > OEG - -> OSB (WSDL, RESTful, JSON type web services) - -> .Net service (WSDL, RESTful, JSON type web services)

  In case of REST and other non-WSDL type services, there is no SOAP/WSDL based web service like registration process, you'd use OEG as the proxy. You can receive REST based requests at OEG, retrieve parameters (there are convenience filters available for retrieval of attribute values and other types of REST related functions in OEG, as part of the Policy library, "Extract REST Request Attribute", "Validate REST filter", "Create REST Request" etc. - search for REST at the top using Policy Studio, drag it on to canvas and click help for docs on these filters) and do the routing to actual REST end point services. You have the option to receive and use the SOAP message as a basis of generation of the REST url.
  REST to SOAP - http://www.soatothecloud.com/2008/11/how-to-convert-from-rest-to-soap.html
  SOAP to REST - http://markoneill.sys-con.com/node/1989916
  On use with JSON: you can convert XML to JSON on the outbound side to serve mobile clients etc. using script based(standard XSLT) conversions at the gateway. Conversions to Java using google gson library is also an option.
  To register a REST service, simply map the path (e.g. "/MyRESTService") to the policy you're using to process the REST request.
  Let's say you want to simply route a REST request through OEG (e.g. - to OSB). You would create a policy (right-click on "Policies" and add it). Drag in a "Static Router" filter and place in it the hostname and port of the host you want to route to (e.g. - to OSB). Then right-click on it and choose "Set as start" so that it is the first thing which is processed for this REST request. Then drag in a "Connection" filter, and chain it (using a green arrow) after the Static Router filter. The "Connection" filter actually makes the connection to the backend host.
  Now, map the path (using "Add Relative Path") to the service so that if a REST request to "/MyRESTService" or "/MyRESTService/something" comes into OEG, it is routed on to the backend host.
  Deploy your policy (using F6 or the "deploy" button on the Policy Studio toolbar). Then send in your REST request.
  There is actually already a simple REST service setup on OEG, called "healthcheck". If you point a browser to http://<OEG_IP_ADDRESS:8080/healthcheck" then this is run.
  If the backend REST service returns JSON, the response JSON will simply be sent back through OEG.

• Standard and Non-standard exports and queries issue

  Hi,
  We have created a few STANDARD books with standard exports in them. The standard exports use standard queries.
  The ISSUE is that in the Verifications/Filters tab, where we have put in a lot of queries - ONLY the STANDARD queries show up. We would like to have all the queries show up. I am the adminsitrator and still only the standard ones show up.
  I am worried that if I "Save As" the export as a non-standard export, it does not allow me to uncheck the standard tick column and save it but I have to manually change the name of the export. Can we change this in anyway?
  Is there a system preference where I can allow all the queries to show up in the verifications/filter tab at least for the admnistrators if not for all? Thanks
  - Ad

  Thanks for your input but DRM does seem to be behaving what you said or may be I am still missing something here.
  I created a standard query.
  I have a standard export.
  Now, in the verification/filter tab of my Standard export, I am able to see my standard queries.
  But,
  I am unable to see the Non-Standard Queries.
  HOWEVER,
  If I have a Non-Standard export --> I am able to ALL the queries. This makes it a lot more flexible in doing things.
  My question is the WHY are my standard exports not able to reach the non-standard queries. What I wanted to do a twist in my export for analysis purposes for a particular use. If non-standard exports have access to Standard and Non-Standard queries --> it just makes more sense to always use a non-standard export and create non-standard queries.

• DMS 5.4 Lab (Demo) Non-Standard Install

  OBJECTIVE:
  Install 5.4 on lab equipment available.
  CURRENT STATUS:
  I have the software for v.5.4 (iso images, with demo licenses, below are exact versions),
  DMM-5.3.0.244.iso
  DMS-UPG-LATEST-5.4.0.736.iso
  IDEAL & UNLIKELY SOLUTION:
  Install ESXi and then create a VM, then install to the VM, or use something like this.
  POTENTIAL COMPROMISE:
  I have been advised to try and "Trick" the installer program, and install directly to the bare metal.
  QUESTIONS:
  Can anyone here advise me on what to try first, best options, and last ditch effort?
  Could I potentially get this to install on bare-metal, non-standard extra hardware (I've got 2 boxes sitting around, both are PRIME-NCS-APL-K9)
  Any additional advise or reference URL/Docs you might offer?
  REFERENCE URLs:
  DMS Install Guides (including 5.4):http://www.cisco.com/en/US/products/ps6681/prod_installation_guides_list.html
  PID VID PRIME-NCS-APL-K9 V01http://www.cisco.com/en/US/docs/wireless/ncs/appliance/install/guide/primencs_qsg.pdf
  HARDWARE REQUIREMENTS for DMM 5.4 VM:
  http://www.cisco.com/en/US/docs/video/digital_media_systems/5_x/5_4/dmm/vm/dmm54x_vm.html#wp44238

  Thank you Marco.
  I'm a bit curious though if anyone has gotten the OVA converted/imported to Hyper-V or Xen?  (wouldn't that be lucky?).  As it is, I've got the OVA DMM VM, and a demo license of ESXi and working on getting this up and running now in lab now, to see if it still works with InformaCast alerts.

• Kvirc from SVN {NON-Standard-Install-Method} and Overcoming 2 Problems

  Hello, everyone.  Firefishe here.
  There are certain programs I like to compile from source code, outside of the normal arch hierarchy of PKGBUILD's.  One such program is the Internet Relay Chat client, "KVIRC".
  I've been using kvirc for years, and I like to keep it as up-to-date as possible, just like Arch!
  This is why I like to use the svn version, so I can update it quickly and uniformly.  I like--as a user--to contribute back to the project.  (I had one of my bug reports translated into an instant commit by the main project author, himself, once.  That made me feel quite good, so it really does help to do a few things like this now and again.
  Okay, on to the main topic.
  I'm writing this to alleviate a nagging problem that had been plaguing me for months in 2013.  Qt5 just wasn't compiling kvirc very well back then.  The fact is, the echoing strains of "qt5 is broken in kvirc" from the #kvirc channel on Freenode, resounded soundly throughout that entire year.  Qt5 was still a bit buggy, and not all the libraries (32bit or 64bit) were quite finished.
  Move forward to (now) July, 2014!  I have now compiled kvirc successfully on my 64bit (with 32bit multilib installation) laptop, and kvirc is purring away with a current svn build of kvirc.
  However, I ran into some issues, which I would like to share with you, below:
  I usually go about compiling kvirc from svn like this: (I usually start from my /home/userNameHere directory.)
  {arch@homedir}$ svn co https://svn.kvirc.de/svn/trunk/kvirc
  {arch@homedir}$ cd kvirc
  {arch@homedir}$ mkdir release
  {arch@homedir}$ cd release
  {arch@homedir}$ ccmake ..
  [At this point, the 'ccmake ..' command invokes cmake-gui, an ncurses-like graphical user interface, with a list of menu items pertaining to various libraries and flags that can be set.  cmake-gui makes selecting these flags and libraries quite easy, and also gives a clear indication of what directories may not have been found (which will be discussed a bit later.) ]
  Press the 'C' Letter Key -- (This runs the Configure Routine.  I sometimes do this twice, just to be sure it configured properly. I've had it miss a few times for unknown reasons.)
  Press the 'G' Letter Key -- This 'Generates' Cmake files.
  After the 'G' command, the system takes you back to the command prompt.
  {arch@homedir}$ make ***WAIT A WHILE, COULD TAKE A BIT LONGER ON SLOWER SYSTEMS!***
  {arch@homedir}$ sudo make install  (Or 'su -' to root, then do 'make install'; your preference.  I prefer using sudo.)
  {arch@homedir}$ sudo ldconfig  (Or 'ldconfig' if still at root prompt #)
  {arch@homedir}$ kvirc (or 'kvirc &' if you don't want the terminal window to hold onto the process.)
  Kvirc should run at this point, but I ran into a couple of problems.  Once during the ccmake configuration (which prevented ccmake from configuring), and at the end, which prevented kvirc from running.)
  The first had to do with two (2) packages that were not installed.  The were, as follows:
  qt5-webkit
  qt5-multimedia
  I installed those files, then did the  'ccmake ..' portion.   That ran fine, as well as the 'make' and 'sudo make install' and 'sudo ldconfig' parts.
  What didn't work was when I tried to run kvirc.  I got the following error:
  {arch@homedirc}$ kvirc
  kvirc: error while loading shared libraries: libkvilib.so.4: cannot open shared object file: No such file or directory
  I remember, back when kvirc was wanting Qt4, and not Qt5, that if I didn't do the first 'sudo ldconfig' command before trying to run kvirc, it would give something similar.  However, since this compile run was wanting Qt5, and not qt4, I was puzzled.
  Well, it turned out to be something quite simple.  This is a non-standard process of software installation on a new(er) arch system.  The 'uname -r' command on my system yields the following:  3.15.4-1-ARCH .  It is no surprise, then, that at this late date, Qt5 is complete (or at least more complete) than back in 2013 when I had the original problems, and had to select the 'WANTS-QT4' section during the 'ccmake ..' command.
  **** Building kvirc this way places the kvirc binary in /usr/local/bin, and a certain 'libkvilib.so.4' library in /usr/local/lib ****.
  This is to be expected from a standard source compile on most gnu/linux systems; and this *is* a standard compile, even though we're using the 'ccmake ..' command to do the preliminary configuration and cmakefile generation.)
  The problem is, is that Arch is looking for libkvilib.so.4 in /usr/lib, and not /usr/local/lib.  So the following was, for me, the solution that got everything squared away:
  I made a symlink in /usr/lib to /usr/local/lib/libkvilib.so.4, like this:
  {arch@homedir}$ cd /usr/lib
  {arch@homedir}$ sudo ln -s /usr/local/lib/libkvilib.so.4 libkvilib.so.4
  After doing this, I did:
  {arch@homedir}$ kvirc (or kvirc &)
  And It Ran Beautifully! :-)
  I hope you've enjoyed this HOWTO.  I know most people may just want to use the 4.2.x version of kvirc, currently residing safely in the standard repositories.  However, if you're like me, and want a bit of bleeding edge, Qt5 goodness with kvirc, I might suggest doing the above!
  I can be reached at firefishe At gmail DOT com if anyone has any questions.
  Last edited by Firefishe (2014-07-11 09:23:20)

  Hi Dareen,
  Looking at the information shared and also the error message ( Update Failed,Updates could not be applied.Please contact your Administrator if you wish to apply updates on your machine. Updates have been suppressed by the Administrator.If the problems persist, contact customer support for further assistance" ),
  It suggests that the updates were to be managed by the Admin only. Lets try the following step and suggest if this was able to resolve the concern that you have or not.
  1) Navigate to C:\Program Files (x86)\Common Files\Adobe\AAMUpdaterInventory\1.0 and you will find a .dat file ( AdobeUpdaterAdminPrefs.dat).
  2) Please open the file in question and you will find a line item : <Suppressed>1</Suppressed> .
  3) Please change the Value from 1 to 0 and save the file back in the same location.
  post the above step, try the installation once again and share the end result please.
  Cheers,
  Kartikay Sharma

• Email non standard ports

  Most organizations now use non-standard email ports, and I cannot find a way to set this up on the iphone. Is that not an option or am I missing something?

  inco9nito,
  First, activesync is a Microsoft proprietary format for use with Exchange servers, and I think Hotmail as well. It would not help with the Yahoo issue you are experiencing.
  You will not get the sound until the iPhone has received indication from the mail server that the mail server has received it. This would be your outgoing server, and not the destination server. In your example it is smtp.att.yahoo.com:465.
  If it is not arriving at its destination, it is likely something to do with the server. I have often seen messages delayed or held up by mail servers that inadvertently identify the messages as spam. Apple does not have control over what the SMTP server does with the message once it has been handed off to the SMTP server.
  To use analogy. If your iPhone is your mailbox at the street, once the mailman picks up your outgoing message, and puts the flag down, nothing to do with that mailbox will affect whether or not that message gets lost. In this case your SMTP server is the mailman. If the mailbox was damaged, and the mailman couldn't get the letters out of it, then he would leave the flag up on it, and not acknowledge picking up the letters.
  Hope this helps,
  Nathan C.

• Using non-standard sshd port after 10.8 upgrade

  After spending hours tracking down this solution as a result of losing my ssh settings after the upgrade to Mountain Lion, I thought it might be useful to post the steps taken to restore the configuration I used with Snow Leopard.
  Changing the sshd default listening port
  Disclaimer: This tutorial is specific to Mountain Lion (OS X 10.8). I was able to accomplish this using Snow Leopard (OS X 10.6) in fewer steps, but upgrading required this more involved solution. 
  Steps:
  1.) You must first enable the root user account in order to change the relevant files. This can be done from the terminal, or by going to System Preferences --> Users & Groups. Once there, click on 'Login Options' at the bottom of the Current User list, and 'Join' where it says 'Network Account Server'.
  This will bring up a smaller window. Click on 'Open Directory Utility' at the bottom. You will be prompted for your admin password. Now go to the 'Edit' tab at the top of the screen and toggle down to 'Enable Root User'.  You will be prompted to enter your admin password twice.
  2.) Log out of your regular user account. At the log in screen you will now see an additional entry for 'other'. Click on that and log in with the username 'root' and your admin password. If are inexperienced as a root-level user, be careful as you can cause problems to your system can be difficult to undo.
  Once in your root account, the first step is to create a new 'service definition' in the etc/services file. Open the file with text editor of choice and scroll to the current entry for sshd listening port, which will look like this:
  ssh    22/udp    # SSH Remote Login Protocol
  ssh    22/tcp     # SSH Remote Login Protocol
  Overwrite the '22' with the port number you would like sshd to listen on:
  ssh    12345/udp   # SSH Remote Login Protocol
  ssh    12345/tcp    # SSH Remote Login Protocol
  *12345 being our hypothetical, non-standard port.
  It is important to note that the new port number will not take by simply adding a new uncommented line to the file (I tried), unless of course you comment the original ssh entries. Easiest way is just to overwrite what is there already. Save changes.
  3.) You now need to edit the ssh.plist file, which is located at /System/Library/LaunchDaemons/ssh.plist. A word to those familiar with Linux/BSD environments: changing the default port in the sshd_config file, which exists in OS X, does NOT change the listening port. Simply changing the default port, saving the config file, and restarting the server (the sensible way) won't work. The OS X sshd server (openssh) is configured to get launch instructions from the ssh.plist file, as opposed to sshd_config. If you are more interested in this aspect of OS X, read up on LaunchDaemons (e.g. launchd).
  Before altering the ssh.plist file, you should save a backup copy in case of mistakes, or if you need to revert back to it in the future. Name your backup file something like original.ssh.plist, etc.
  In the ssh.plist file, locate the SocksServiceName entry and change it from the default:
  <key>SockServiceName</key>
  <string>ssh</string>
  To the following:
  <key>SockServiceName</key>
  <string>$alternate port number</string>
  In our example from above this value would be 12345.
  4.) Save your changes, and exit ssh.plist. You now need to move the backup file you created (original.ssh.plist) out of the System/Library/LaunchDaemons path.
  The updated sshd port will not take until you have only one ssh.plist file in the LaunchDaemons directory - this has to do with how launchd is configured to load files which is outside the scope of the current discussion.  (*If you've found a way around this, please share.) 
  5.) Restart the sshd server. Easiest way to accomplish this is going to System Preferences --> Sharing and clicking off 'Remote Login', then clicking back on it. 
  6.) Test the configuration by logging into the machine running the sshd server from another host using:
  ssh username@ipaddress -p 12345
  There are a few good tutorials out there that capture some of these steps, but many are dated and/or incomplete. If you are running a standard setup of OS X 10.8, this should work for you.
  Of course, don't be fooled into thinking that changing the default listening port from the ubiquitously-probed 22 equates to actual security. At best, it will cut down on the number of dubious connection attempts and probing.

  Hi all, above helped me change the sshd port number, thank you very much.
  Just upgraded to OS X 10.9.3 on my macbook pro.
  My findings were:
  Step 1(become a root user or sudo)
  Step 2 (/etc/services)
  This may not be required unless you want ssh to work without the "-p XXXX" option to connect to other ssh hosts.  I favor such as "ssh -p 2222 user@hostname" just to be sure I know what I am doing and also to leave ssh known port as its default "22".
  Step 3 (/System/Library/LaunchDaemons/ssh.plist)
  This is required if you want to change the sshd port number, I changed both "ssh" to "2222" in this file.
  Step 4 (launchctl)
  Below is a must as I understood:
  launchctl unload /System/Library/LaunchDaemons/ssh.plist
  launchctl load /System/Library/LaunchDaemons/ssh.plist
  it should be already working with the new port number.
  You can "ssh -p 2222 user@localhost" in the console terminal and see if its working.
  Since I am no expert on MacOS X, and it is a macbook pro that I am using, I also rebooted the system and changes were reflected permanantly.
  Thank you guys!

• AV output and non-standard frame sizes

  I usually work in non-standard frame size for my FCP projects because my final output will be in a 2:35:1 ratio. I use a Blackmagic Ultrastudio Mini Monitor as an HDMI output to a client monitor. Up until a few months ago the AV output of FCPX would allow the Mini Monitor to accept a frame size of 1920x818 and letterbox the output to 16x9 on this consumer grade LCD. One day, this just stopped working... I've reached out to Blackmagic and they have no solution or reason why this happened, and are not willing to offer support since what I was achieving wasn't an "officially supported" feature. Now, the AV output will distort the image vertically to fill a 16x9 frame. At this point I am stuck having to use either a matte layer or a widescreen effect on individual clips to output correctly to my monitor which increases edit time having to re-render any edits underneath the matte and having to re-order the letterbox effect after apply color correction etc. It was also very easy to adjust the frame offset with this wide angle project size.
  Is anyone editing in 2:35:1 (or other cinema standard) projects and getting successful conversion on output? What are you using?
  Cheers,
  Matt

  Thanks Tom, you clarified it .......  or at least something clicked in my brain.
  I was trying to set "Custom" when I created the new project.
  I didn't know, or had forgotten, that in the "error" window I could select "Custom".
  All is now well and FCP X 10.1.1 is pretty clever after all!
  There is one weird thing I'd like to mention.
  When I clicked on "Custom" the 960 x 600  frame dimensions appeared but the  frame rate was listed as 23.98p as shown in the screenshot below.
  So what's wrong with that?
  Well the clip is 30p  and I naturally thought I was going to end up with a project with an incorrect frame rate.
  Now here's the funny thing  .........  when I selected the project and viewed it in the Inspector it was the correct 30p
  So why was I given that worrying piece of misinformation.

• Is it possible to load a non-standard image using some Java API?

  Hi,
  My "problem" is:
  1. I have an image called "mediterranean_sea.IMG" (non-standard image format)
  2. I need to process it (histogram, palette, etc).
  3. I'm wondering if it is possible to load this image an process it using some Java API.
  4. I've tried to do this using JAI but I think that this API only works with TIFF, PNG, JPEG, etc.
  Any idea?
  Thanks in advance,
  Roger

  [url http://forum.java.sun.com/thread.jsp?thread=468188&forum=31]Cross-post

• Am I missing something when trying to fix a podcast feed issue?

  Hi!
  I've been working on this problem for about a month and I feel like I might be missing something obvious at this point.  So, I post it here in the hopes that one of you might be able to offer a suggestion on how I can fix my dilemma. 
  About a month ago I launched a second podcast on my website (wordpress/blubrry) and set up the 301 redirect as was recommended.  After several weeks the podcast feed wasn't updating on the iTunes directory even though I could see that the 301 redirect was working.  So, a few days ago I decided to go back and just keep things the way they originally were and took out the redirect and disabled my category podcast feed.  On my feed it is back to it's original settings, but iTunes is still not updating the feed after several days.
  Here is information on my podcast:
  House Flipping HQ
  https://itunes.apple.com/us/podcast/house-flipping-hq-podcast/id730653890?mt=2
  The feed which was originally confirmed in the email from iTunes when our podcast launched last year was this:
  Dear podcast owner,
  Your podcast, located at http://houseflippinghq.com/feed/podcast/, has been approved. You should expect to see it on the iTunes Store within the next few hours. When it's available, you will be able to access it with the URL below.
  If you go to that feed you should see that it is working correctly.
  I have tried almost every day for the past month to figure out why this isn't working but to no avail.  Is there anything I might be missing or overlooking in my process?  If you have any thoughts they would be most welcome.
  Cheers!
  - Mark

  To check the feed in use: go to the iTunes Store in iTunes itself (not the web page that comes up first from the link - click 'View in iTunes') to the page for your podcast and click the 'Subscribe' button.
  Then go to the 'Podcasts' section to view your podcast: control-click (Mac) or right-click (Windows) on the title of your podcast (left column in 'My Podcasts' view or the main entry in List view) and choose 'Copy podcast URL'.
  If you have the 'itunes:new-feed-url' tag in place this will show the feed being redirected to but doesn't prove that the Store has yet updated which it will do the first time it checks the feed after the tag has been inserted.

• Embedded Windows Media PLayer With Non-Standard File Extension

  I have embedded a windows media player in a asp.net web page, using the usual
  <object> and <embed> tags. The video is served by an ashx (http handler). When I try to play the video, I usually (but not always) get an error message telling me that the file extension (ashx) does not match the file format.
  This happens in IE (8, 9, 10, 11) and also in Firefox (latest) with the WMP plugin.
  I know that the tags (with classid, etc) are correct because the media player displays and allows me to click the 'play' button.
  The ashx returns the correct mime type (video/x-ms-wmv) and a valid file name (somevideo.wmv) in the response headers. I have tried content-disposition attachment and inline.
  I have tried urls using 'http://', 'https://', and '//' (which I prefer)
  If I put the url (including the .ashx) of the video file in the browser address bar directly, the video downloads and plays in the standalone media player.
  If I modify the object tag to use a direct path to the video file (/somewhere/somevideo.wmv), it works - but I can't use this as a solution.
  The same ashx serves up video and audio in various other formats with out any fuss - it just seems that the embedded windows media player doesn't like it.
  This has been working for several years - I think this is some new behavior, though I can't identify what has changed, other than browser updates.
  Any ideas on what could be causing this? Am I missing something simple?

  Hi,
  Tools>Internet Options>Security tab, click "Reset all zones to default"
  Advanced tab of Internet Options>uncheck "Do not save encrypted files to disk"
  f12>Networking tab, click the Start button, navigate to your page and observer the response header and content.
  To determine if you page is being rendered in a x64 host (all IE versions and WaterFox, type
  navigator.platform in the IE Developer tools Console tab,
  Post questions about html, css and scripting for website development using MSIE browsers to the IE Web Development forum... WITH a link to your website.
  Rob^_^

• How to use non-standard port for vnc?

  Our Windows users who use RDC to connect to their desktops from off-site come in on a non-standard port number. Part of our security setup.
  I'd like to do the same with Mac users who use screen sharing and vnc to connect remotely.
  How can I specify another port number at both ends to accomplish this?
  I can find nothing in the Network Utility app, or in the KB.
  Surely there's a short sequence of Terminal commands that will do this?

  I haven't tried this so don't know whether it will work. But I think it will. Presuming the target machine is a Mac, see if editing its /etc/services file will do it. Find the two lines that start with "vnc-server" and change the port number there. Launch Terminal.app as an administratively privileged user, sudo pico /etc/services, ^w to search for vnc-server, make the changes, ^x to exit, y to save and overwrite. Also, you will need to have screen sharing enabled in the target machine's System Preferences' Sharing, and the authorized users defined there, too. Reboot. Now, on the remote client, assuming it is also a Mac, the user would type ⌘k in the Finder (or mouse to Finder > Go > Connect to Server), and enter something like vnc://123.45.67.89:55900 where you substitute the actual IP address or host name for where I have entered 123.45.67.89, and where you substitute the actual alternate port number where I have entered 55900. Of course, in the clients' Screen Sharing's Preferences, they should choose to encrypt the entire session, not just the login. Like I said, I haven't tried this because I just tunnel my vnc stuff through ssh, but I'm thinking that this should work.