RTMP over HTTP problem
Hi all; i am new on steaming & flash server; when we try to use RTMP over HTTP the outside client gets the internal IP address of the FMS server instead of the NAT one or public IP address, how can we solve this. Thank for the help in advance.
Thanks
Unfortunately a lot of this depends on your NAT. It's not entirely clear where your NAT is, and where the server lies relative to it. Typically we're talking about clients that can poke a hole out of the NAT, and thus they would typically appear to have an IP that maps back to the NAT as needed. If it's the reverse and the FMS server is on one side of a proxy and can be reached - in that case the proxy could report its IP via the forwarded-for field for the conector on the other side. So, I guess the answer depends a lot on config and proxy settings.
Similar Messages
-
Mangled file downloads over http problem in 10g
I have a web app running in an OC4J stand alone 10.1.3.3 and am having a problem with downloading files over http. Its a struts2 app whose file downloading impl is easy to use and standard code for writing to an http servlet response output stream.
Using the firefox plugin for Live Headers I can see that the headers are correctly added to the servlet response and I do get the file I want. However the file has been mangled with binary output around the text. This is the case for txt, word, or any other file.
This problem does not occur in Jetty or Tomcat. I've also ruled out file corruption while going in/out of the database since I can upload a file when running oc4j, turn off oc4j, start up my app in Jetty and retrieve the same file just fine.
The mime types are all accounted for and the problem exists regardless if I use a specific content type or just application/download. My browsers (firefox and ie) also recognize all files from the content disposition value "attachment; filename=myfilename.ext". Its just the file content that some how has been wrecked on the way out of the container.
Has anyone experienced this? I only found one or two unanswered posts elsewhere.
How can this be mitigated?
Thanks in advance.
AndrewFigured it out when I realized it was in fact the data coming from the database that was corrupt. There were some older posts on the hibernate website that pointed to a single property that needs to go in the hibernate.properties file: hibernate.jdbc.use_streams_for_binary=true. Without it, Oracle returns the Blob locator consistently 86 bytes in length and therefore bad binary.
-
Sending audio data over http problem
Hi Guys,
We are trying to create a little servlet in Tomcat, which is capable to send audio files over http to an embedded media player. The definition of the player looks like:
<OBJECT ID="Mp" CLASSID="CLSID:6BF52A52-394A-11d3-B153-00C04F79FAA6" TYPE="application/x-oleobject" WIDTH="0" HEIGHT="0">
<PARAM name="uiMode" value="none">
<PARAM NAME="ShowControls" VALUE="0">
<PARAM NAME="AutoStart" VALUE="1">
<PARAM NAME="ShowPositionControls" VALUE="0">
<PARAM NAME="ShowStatusBar" VALUE="0">
<PARAM NAME="ShowDisplay" VALUE="0">
</OBJECT>
<script language="javascript">document.Mp.URL = "here comes the url of the servlet with item ID";</script>
The servlet reads the audio file and writes its content to the response with the following http header settings:
getResponse().setContentType("audio/x-wav");
getResponse().setHeader("Content-Transfer-Encoding", "binary");
getResponse().setHeader("Pragma", "Public");
getResponse().setHeader("Cache-Control", "must-revalidate, post-check=0, pre-check=0");
getResponse().setHeader("Content-Disposition", "inline; filename=Media.wav");
getResponse().setHeader("Content-Length", new Integer(MediaBytes.length).toString());
getResponse().setHeader("Accept-Ranges", "bytes");
So, everything works fine for wav files in Internet Explorer, but we are facing problems with Firefox, where it does not work. The embedded Media Player says that "Windows Media Player cannot play the file. One or more codecs required to play the file could not be found."
But if we set the url to directly to the file on the server, everything works fine.
We have analyzed the HTTP traffic in both situation, but we cannot understand how Internet Explorer/Firefox and Media Player works together:
- how does Media Player know that the audio file is playable?
- if the url points directly to the file, the HTTP headers does not contain any kind of information about the file type, only the extension is available; Media Player checks the file extenion in the url?
- if the url points to the servlet, why Media Player in Firefox cannot determine the file type and throws error?
Any help is greately appreciated!
Thanks!
GaborIf you haven't already, I would try breaking down the problem. First confirm you're getting serial data then confirm that netcat can send some data. Like this:
xxd < /dev/tty.usbmodemfa121 | less
nc -u 10.0.1.3 7000 <<< 'hello over there' -
MapViewer 11g over https problem - how to solve ?!?
Hi,
anyone able to access mapviewer 11 g deployed on standalone OC4J 10.1.3.4 over Https ?
Namelly, the following link works:
https://localhost/mapviewer/
_but, going on the 'Demos' tab, and clicking on the 'maps and faces' link ( https://localhost/mapviewer/faces/fsmc/oraclemaps.jspx ) - produces the following javascript error:
[Exception... "Access to restricted URI denied" code: "1012" nsresult: "0x805303f4 (NS_ERROR_DOM_BAD_URI)" location: "https://localhost/mapviewer/fsmc/jslib/oraclemaps.js Line: 6497"]Anyone able to access mapviewer (deployed on any server) over https ?MapViewer works over HTTPS with some minor configuration changes. First, you may need to tell MapViewer to return generated map image URLS in the form of "https://...", which is done in the config file mapViewerConfig.xml through the <save_images_at> element.
From the error message it does seem to indicate maybe the JavaScript API (oraclemaps.js) is being loaded from "http://" while the web page itself is accessed via "https://" and browser thinks they are two different domains. Maybe you can change how the JS library is loaded in your page and see if that fixes the issue? -
Design Choices and is LiveCycle needed? best practices for using RTMP/AMF over HTTP/XML communicatio
Hi,
I am new to flex/RIA. I am exploring different design choices especially in client server communication. On client side we will be using Flash based RIA (using Actions scripts).
There will be some simple forms (like for login, registration, payments etc) and some simple reports including with several graphs and charts. Each chart might have 1000 to 1500 data points etc. There are not video or audio content as such. On server side we have Servlets, java API and some EJBs to provide the business logic and real time prices/content (price update is usually every 10 seconds) /data. Some of the content will be static as well.
I have following questions in my mind. Is it worth it to use RTMP/AMF channels for the followings?
1. For simple forms processing (Mapping Actions scripts classes to Java classes). Like to display/retrieve/update data for/from registration forms.
a. If yes, why? Am I going to be stuck with LCDS? Is it worth it? What could be the cons for heavy usage/traffic scenarios
b. If not what are the alternates? Should I create the web services? Or only servlets are sufficient (ie. Only HTTP+Java based server side with no LCDS+RTMP+AMF)? All forms need to communicate on secure channel.
2. For pushing the real time prices/content which we may need to update every 15 seconds on user interface using graphs and charts. Can I do it with some standard J2EE/JMS way with RIA (Flex) on front-end? i.e. Flash application will keep pulling data from some topic. Data can be updated after few secs or few minutes which cant be predicted.
3. Are there any scalability issues for using RTMP? What happens if concurrent users increase 10 times within a year?
4. What are the real advantages of using RTMP/AMF instead of simple HTTP/HTTPS probably using xml based objects
5. Do I need to use LCDS if I am using AMF only on client side? Basically I mean if I am sending an object in form of xml from a servlet. Can some technology in Flash (probably AMF) in client side map it an Action script object?
6. What are the primary advantages of using LCDS in a system? Is there any alternate solutions? Can I use some standard solutions for data push technologies?
I would like that my server side implementation can be used by multiple types of clients e.g. RIA browser based, mobile based, third party software (any technology) etc.
I appreciate if you can kindly refer me to some reading materials which can help me deciding the above. If this is not the right place to post this message then please do refer me to the place where I can post such questions.
Thanks and Kind regards,
JalalHi Jalal,
Let me see if I can help with some of your questions
1. Yes, you can use LCDS for simple forms processing. Any time you want to
move data between the Flex client and the server, LCDS (or its free Open
source cousin BlazeDS) is going to help. I would expect you would use the
mx:RemoteObject MXML tag to invoke server side code, passing it the form
data input by the application user.
2. If you need to push near real-time data, LCDS gives you the RTMP channel
which can scale quite nicely. You can then use the mx:Consumer MXML tag to
subscribe the clients to the messages, which can come from almost anywhere,
include JMS topics or queues.
3. RTMP (included in LCDS) is the best option for scaling to tens of
thousands of users and the LCDS servers can be clustered to proved better
scaling.
4. The AMF3 protocol used over the RTMP channels performs much faster than
simple XML over HTTP. See this blog posting for some tests:
http://www.jamesward.org/census/.
5. If you are sending a Flex application XML, then I would recommend using
the E4X API to work with the XML. This is a pretty nice and powerful way to
work with XML. If you want Actionscript objects (and probably better
performance), then using AMF serialization to Actionscript objects is the
way to go.
6. Primary advantages? There are many, but mainly you can avoid thinking
about the plumbing and concentrate on solving your application and business
logic problems.
Hope this helps you a little
Tom Jordahl
Adobe -
Problem in accessing webservice over https with auth cert enabled...Urgent
Hi All,
I am stuck in accessing webservices using ssl and auth certificate.
I am using jdk 6 and it is not any issue with the problem I am facing...
This is what I do...
I have a webservice deployed which is accessible over https.
On server, I run..
- to generate keystoye
keytool -genkey -alias tomcat-sv -dname "CN=<Server Machine Id>, OU=X, O=Y, L=Z, S=XY, C=YZ" -keyalg RSA -keypass changeit -storepass changeit -keystore server.keystore
generate server certificate
keytool -export -alias tomcat-sv -storepass changeit -file server.cer -keystore server.keystore
On client, i run..
To generate client keystore-
keytool -genkey -alias tomcat-cl -dname "CN=<Client Machine Id>, OU=X, O=Y, L=Z, S=XY, C=YZ" -keyalg RSA -keypass changeit -storepass changeit -keystore client.keystore
To generate client certificate -
keytool -export -alias tomcat-cl -storepass changeit -file client.cer -keystore client.keystore
Thne I import server's certificate into client keystore and Client's certificate to server's keystore by
import server's cer to client keystore -
keytool -import -v -trustcacerts -alias tomcat -file "C:\java\jdk1.6.0_10\bin\server.cer" -keystore client.keystore -keypass changeit -storepass changeit
inport client's cer to server keystore -
keytool -import -v -trustcacerts -alias tomcat -file "C:\jdk1.6.0_06\bin\client.cer" -keystore server.keystore -keypass changeit -storepass changeit
when i try to call webservices through a java client (which is called by a python script), I get error as
*"Exception while waiting for close java.net.SocketException: Software caused connection abort: recv failed"*
*"faultString: java.net.SocketException: Software caused connection abort: recv failed"*
complete log is as following
C:\apache-tomcat-6.0.10\webapps\webservice>tradereport.py
Jun 23, 2008 3:05:59 PM currenex.share.log.CxLogger log
INFO: details=before SSL change
Jun 23, 2008 3:05:59 PM currenex.share.log.CxLogger log
INFO: details=after SSL change
log4j:WARN No appenders could be found for logger (org.apache.axis.i18n.ProjectResourceBundle).
log4j:WARN Please initialize the log4j system properly.
trigger seeding of SecureRandom
done seeding SecureRandom
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1214213509 bytes = { 50, 7, 252, 244, 34, 192, 54, 190, 160, 197, 162, 65, 78, 3, 120, 182, 179, 199
, 160, 208, 223, 247, 41, 216, 188, 138, 228, 70 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_1
28_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_
DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA
_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WI
TH_DES40_CBC_SHA]
Compression Methods: { 0 }
main, WRITE: TLSv1 Handshake, length = 73
main, WRITE: SSLv2 client hello message, length = 98
main, READ: TLSv1 Handshake, length = 7873
*** ServerHello, TLSv1
RandomCookie: GMT: 1214213504 bytes = { 98, 89, 26, 148, 19, 15, 45, 155, 163, 196, 220, 193, 150, 127, 19, 44, 130, 16
5, 78, 243, 155, 34, 214, 123, 198, 89, 102, 15 }
Session ID: {72, 95, 110, 128, 129, 101, 2, 252, 120, 147, 235, 106, 51, 210, 236, 197, 28, 197, 154, 236, 116, 85, 185
, 177, 153, 9, 235, 160, 228, 124, 191, 206}
Cipher Suite: SSL_RSA_WITH_RC4_128_MD5
Compression Method: 0
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
** SSL_RSA_WITH_RC4_128_MD5
*** Certificate chain
chain [0] = [
Version: V3
Subject: CN=Anuj-Shukla, OU=X, O=Y, L=Z, ST=XY, C=YZ
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 1155910927093088021038703558200517321935975136532818479526927502986487608253029863427194046282623217778572406
007584457425344367852682875007488075549568987019062497769571000978532532156228707400592262495876461712276454493567147822
56749486566093981751121311864618619780132448329770352303648687445023336431685957
public exponent: 65537
Validity: [From: Mon Jun 23 14:17:18 GMT+05:30 2008,
To: Sun Sep 21 14:17:18 GMT+05:30 2008]
Issuer: CN=Anuj-Shukla, OU=X, O=Y, L=Z, ST=XY, C=YZ
SerialNumber: [ 485f6316]
Algorithm: [SHA1withRSA]
Signature:
0000: 48 05 F9 A9 89 C6 87 83 C4 02 C4 44 F4 7C A0 54 H..........D...T
0010: F6 9A 57 69 F0 DB 37 79 FD 8F 90 E9 8F 3E C2 DB ..Wi..7y.....>..
0020: 9F D7 CC 15 28 0A 73 80 0A DC D0 7F EC 1C EE BD ....(.s.........
0030: 23 EF E7 28 79 F3 7F C7 CC 7D A6 C6 F7 59 9A 17 #..(y........Y..
0040: 73 ED 8B FF 6A 76 7F F7 4F 97 48 DF 23 A6 4C 42 s...jv..O.H.#.LB
0050: B2 B4 5C 00 D0 77 88 12 F4 97 4E 66 7C EE F0 66 ..\..w....Nf...f
0060: E6 95 8C B1 58 BF C5 E8 B5 64 A3 D5 5E EA 07 02 ....X....d..^...
0070: FE 3D 63 7F F4 0B DC 86 66 B7 4B 4F 0C 1C 69 0F .=c.....f.KO..i.
*** CertificateRequest
Cert Types: RSA, DSS
Cert Authorities:
<CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE>
<[email protected], CN=Thawte Personal Freemail CA, OU=Certification Services Division, O=Thawte
Consulting, L=Cape Town, ST=Western Cape, C=ZA>
<[email protected], CN=Thawte Server CA, OU=Certification Services Division, O=Thawte Consulting cc,
L=Cape Town, ST=Western Cape, C=ZA>
<CN=AddTrust Qualified CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE>
<CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US>
<CN=GTE CyberTrust Global Root, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US>
<CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE>
<CN=Entrust.net Client Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/GCCA_CPS incorp. by
ref. (limits liab.), O=Entrust.net>
<OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
<CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US>
<CN=Baltimore CyberTrust Code Signing Root, OU=CyberTrust, O=Baltimore, C=IE>
<CN=TC TrustCenter Class 4 CA II, OU=TC TrustCenter Class 4 CA, O=TC TrustCenter GmbH, C=DE>
<OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 2 Public Primary Certificat
ion Authority - G2, O="VeriSign, Inc.", C=US>
<OU=Class 2 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
<CN=Entrust.net Secure Server Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS incorp. b
y ref. (limits liab.), O=Entrust.net, C=US>
<CN=TC TrustCenter Universal CA I, OU=TC TrustCenter Universal CA, O=TC TrustCenter GmbH, C=DE>
<[email protected], CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consu
lting cc, L=Cape Town, ST=Western Cape, C=ZA>
<CN=Entrust.net Client Certification Authority, OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/Client_CA_Info/CPS i
ncorp. by ref. limits liab., O=Entrust.net, C=US>
<CN=VeriSign Class 3 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only"
, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US>
<[email protected], CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCe
rt, Inc.", L=ValiCert Validation Network>
<CN=AddTrust Class 1 CA Root, OU=AddTrust TTP Network, O=AddTrust AB, C=SE>
<CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US>
<CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE>
<OU=Equifax Secure Certificate Authority, O=Equifax, C=US>
<OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US>
<CN=Equifax Secure eBusiness CA-1, O=Equifax Secure Inc., C=US>
<CN=VeriSign Class 2 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only"
, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US>
<CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB>
<OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 1 Public Primary Certificat
ion Authority - G2, O="VeriSign, Inc.", C=US>
<CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US>
<OU=VeriSign Trust Network, OU="(c) 1998 VeriSign, Inc. - For authorized use only", OU=Class 3 Public Primary Certificat
ion Authority - G2, O="VeriSign, Inc.", C=US>
<OU=Equifax Secure eBusiness CA-2, O=Equifax Secure, C=US>
<CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R2>
<CN=Anuj-Shukla, OU=X, O=Y, L=Z, ST=XY, C=YZ>
<CN=Entrust.net Secure Server Certification Authority, OU=(c) 2000 Entrust.net Limited, OU=www.entrust.net/SSL_CPS incor
p. by ref. (limits liab.), O=Entrust.net>
<OU=Secure Server Certification Authority, O="RSA Data Security, Inc.", C=US>
<[email protected], CN=Thawte Personal Premium CA, OU=Certification Services Division, O=Thawte C
onsulting, L=Cape Town, ST=Western Cape, C=ZA>
<[email protected], CN=Thawte Personal Basic CA, OU=Certification Services Division, O=Thawte Consu
lting, L=Cape Town, ST=Western Cape, C=ZA>
<CN=Client, OU=X, O=Y, L=Z, ST=XY, C=YZ>
<CN=GeoTrust Global CA, O=GeoTrust Inc., C=US>
<OU=Class 1 Public Primary Certification Authority, O="VeriSign, Inc.", C=US>
<CN=Sonera Class1 CA, O=Sonera, C=FI>
<OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US>
<CN=UTN-USERFirst-Hardware, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US>
<CN=UTN-USERFirst-Client Authentication and Email, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake Cit
y, ST=UT, C=US>
<CN=VeriSign Class 1 Public Primary Certification Authority - G3, OU="(c) 1999 VeriSign, Inc. - For authorized use only"
, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US>
<CN=America Online Root Certification Authority 1, O=America Online Inc., C=US>
<CN=Entrust.net Certification Authority (2048), OU=(c) 1999 Entrust.net Limited, OU=www.entrust.net/CPS_2048 incorp. by
ref. (limits liab.), O=Entrust.net>
<CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US>
<CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US>
<CN=UTN - DATACorp SGC, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, ST=UT, C=US>
<CN=Sonera Class2 CA, O=Sonera, C=FI>
<CN=TC TrustCenter Class 2 CA II, OU=TC TrustCenter Class 2 CA, O=TC TrustCenter GmbH, C=DE>
*** ServerHelloDone
*** Certificate chain
*** ClientKeyExchange, RSA PreMasterSecret, TLSv1
main, WRITE: TLSv1 Handshake, length = 141
SESSION KEYGEN:
PreMaster Secret:
0000: 03 01 E5 87 BC 2A E8 70 60 BA DE FA BB 42 2D 1E .....*.p`....B-.
0010: 3D 21 DB 52 A7 6C FC 55 9F 77 3A 97 B5 33 F7 33 =!.R.l.U.w:..3.3
0020: 2A FD 65 5A 78 CE 1F F4 63 29 15 D1 48 4C 46 7A *.eZx...c)..HLFz
CONNECTION KEYGEN:
Client Nonce:
0000: 48 5F 6E 85 32 07 FC F4 22 C0 36 BE A0 C5 A2 41 H_n.2...".6....A
0010: 4E 03 78 B6 B3 C7 A0 D0 DF F7 29 D8 BC 8A E4 46 N.x.......)....F
Server Nonce:
0000: 48 5F 6E 80 62 59 1A 94 13 0F 2D 9B A3 C4 DC C1 H_n.bY....-.....
0010: 96 7F 13 2C 82 A5 4E F3 9B 22 D6 7B C6 59 66 0F ...,..N.."...Yf.
Master Secret:
0000: 98 D5 9E C0 97 14 DB 9F 0E 3B 15 6B 1E F8 06 2C .........;.k...,
0010: 27 99 A4 69 B8 E4 16 03 BD 89 B9 D0 CB C5 C9 DF '..i............
0020: AE 4B 16 56 56 B2 02 F8 E0 71 1D D8 04 05 11 BF .K.VV....q......
Client MAC write Secret:
0000: 6F B7 22 74 D6 1E 44 16 C5 CB CE CE 8E 0F 46 E1 o."t..D.......F.
Server MAC write Secret:
0000: F8 DA 34 1A 53 55 E0 6D 50 25 3E 7F E5 69 91 51 ..4.SU.mP%>..i.Q
Client write key:
0000: F7 05 6E 10 62 0C AE 4A BC 96 E2 25 BA BC 46 BD ..n.b..J...%..F.
Server write key:
0000: E2 7D 11 FF 4A F3 C5 4F 94 9D 5C 57 71 5A 16 D1 ....J..O..\WqZ..
... no IV used for this cipher
main, WRITE: TLSv1 Change Cipher Spec, length = 1
*** Finished
verify_data: { 216, 54, 180, 236, 72, 70, 181, 20, 31, 128, 165, 12 }
main, WRITE: TLSv1 Handshake, length = 32
main, waiting for close_notify or alert: state 1
main, Exception while waiting for close java.net.SocketException: Software caused connection abort: recv failed
main, handling exception: java.net.SocketException: Software caused connection abort: recv failed
Jun 23, 2008 3:06:06 PM currenex.share.log.CxLogger log
INFO: details=Exception occured while calling Login service in callLoginWebService
AxisFault
faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
faultSubcode:
faultString: java.net.SocketException: Software caused connection abort: recv failed
faultActor:
faultNode:
faultDetail:
{http://xml.apache.org/axis/}stackTrace:java.net.SocketException: Software caused connection abort: recv failed
at java.net.SocketInputStream.socketRead0(Native Method)
at java.net.SocketInputStream.read(Unknown Source)
at com.sun.net.ssl.internal.ssl.InputRecord.readFully(Unknown Source)
at com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.waitForClose(Unknown Source)
at com.sun.net.ssl.internal.ssl.HandshakeOutStream.flush(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.sendChangeCipherSpec(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.sendChangeCipherAndFinish(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:186)
at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191)
at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
at org.apache.axis.client.Call.invoke(Call.java:2767)
at org.apache.axis.client.Call.invoke(Call.java:2443)
at org.apache.axis.client.Call.invoke(Call.java:2366)
at org.apache.axis.client.Call.invoke(Call.java:1812)
at currenex.webservice.share.definitions.AuthenticationBindingStub.login(AuthenticationBindingStub.java:362)
at currenex.webservice.clients.util.WebserviceTestUtil.callLoginLogoutWebService(WebserviceTestUtil.java:132)
at currenex.webservice.clients.util.TradeCreateTester.createWebLogin(TradeCreateTester.java:64)
{http://xml.apache.org/axis/}hostname:anuj
java.net.SocketException: Software caused connection abort: recv failed
at org.apache.axis.AxisFault.makeFault(AxisFault.java:101)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:154)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
at org.apache.axis.client.Call.invoke(Call.java:2767)
at org.apache.axis.client.Call.invoke(Call.java:2443)
at org.apache.axis.client.Call.invoke(Call.java:2366)
at org.apache.axis.client.Call.invoke(Call.java:1812)
at currenex.webservice.share.definitions.AuthenticationBindingStub.login(AuthenticationBindingStub.java:362)
at currenex.webservice.clients.util.WebserviceTestUtil.callLoginLogoutWebService(WebserviceTestUtil.java:132)
at currenex.webservice.clients.util.TradeCreateTester.createWebLogin(TradeCreateTester.java:64)
Caused by: java.net.SocketException: Software caused connection abort: recv failed
at java.net.SocketInputStream.socketRead0(Native Method)
at java.net.SocketInputStream.read(Unknown Source)
at com.sun.net.ssl.internal.ssl.InputRecord.readFully(Unknown Source)
at com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.waitForClose(Unknown Source)
at com.sun.net.ssl.internal.ssl.HandshakeOutStream.flush(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.sendChangeCipherSpec(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.sendChangeCipherAndFinish(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:186)
at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191)
at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
... 12 more
Jun 23, 2008 3:06:06 PM currenex.share.log.CxLogger log
INFO: details=Login response is null, login was not successful
Login was unsuccessful
*In apache's server.xml, My webservice is deployed as*
<Connector className="org.apache.catalina.connector.http.HttpConnector"
port="8443" minProcessors="5" maxProcessors="75" enableLookups="true"
acceptCount="10" debug="0"
protocol="HTTP/1.1" SSLEnabled="true" secure="true"
maxThreads="150" scheme="https"
keystoreFile="lib/server.keystore"
keystorePass="changeit" clientAuth="true"
>
<Factory className="org.apache.catalina.net.SSLServerSocketFactory"
protocol="TLS"/>
</Connector>
Please note clientAuth="true" parameter,
when I set it to false, My test runs smoothly and no exception/issue is reported
Not to forget, my javaclient has following lines too..
//System.setProperty("javax.net.ssl.keyStore", "C:\\java\\jdk1.6.0_10\\jre\\lib\\security\\cacerts");
//System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
//System.setProperty("javax.net.ssl.trustStore", "C:\\java\\jdk1.6.0_10\\jre\\lib\\security\\cacerts");
//System.setProperty("java.protocol.handler.pkgs" , "com.sun.net.ssl.internal.www.protocol");
System.setProperty("javax.net.ssl.trustStore","C:\\java\\jdk1.6.0_10\\bin\\client.keystore");
System.setProperty("javax.net.ssl.trustStorePassword","changeit");
//System.setProperty("com.sun.net.ssl.rsaPreMasterSecretFix" , "true");
//System.setProperty("javax.net.ssl.keyStore", "C:\\java\\jdk1.6.0_10\\bin\\server.keystore");
//System.setProperty("javax.net.ssl.keyStorePassword","changeit");
System.setProperty("javax.net.debug", "ssl");
s_log.info("after SSL change");
I tried all possible combinbations of these properties but nothing worked...
Please let me know if I am missing any required step.. here
Ask me if you want to know more details about my problem.
This is very urgent and critical.. Many thanks in advance.Hi ejp,
thanks for your reply. I did read your post in other thread that you pointed.
I had searched quite a lot on this issue and had idea that it might be due to firewall settings..
but sadly, I don't know the solution. Well, you have seen the entire code that I wrote and exception too, Could you suggest me a way out? or any specific firewall setting or a workaround?
Please let me know if you need any other info from my side regarding the code.
Thanks a Ton!
Anuj -
FMS 3.5 and steraming over http
Hi, I've install FMS 3.5 development with Apache server
option, on my Windows XP . I want to stream a live video over http
( so I be able to open it from a web browser). I'm using FMLE to
encode a live video and and I'm sending it to the default folder
"rtmp://myFMSserver/live" with the default name "livestream".
From the instructions, I've understand that to be able to
view a live movie over http I've to change the LIVE_DIR
in <FMS_Installation_Dir>/conf/fms file and tell it to
point to <FMS_Installation_Dir>\webroot\live_recorded folder.
I downloaded the beginner_live_fms3.zip example files and
copy live.html live.swf and live.fla to \webroot\live_recorded
folder and in parallel I started to stream my "livestream" movie
from the FMSE. Here is my problem:
when I using my browser from the FMS server itself and use
the followings
http://localhost/live_recorded/live.html
I'm able to see the live stream, but when I'm using a remote
computer with the followings
http://myFMSipAaddress/live_recorded/live.html
I just get a blank white screen.
I'm doing it in my own network so there is problem of
firewall block problem. Any help we be appreciated.
Thanks
AlonHi,
I have FMS 3.5 and WAMP running no problem.
It might be a good idea to remove and reinstall FMS 3.5 and
allow the Apache to be installed.
It isnt a core version of Apache and it does not have any
effect on my Webserver also running Apache, where FMS 3.5 is
installed also.
It seems to be a self contained package to run on the vob
folder in the webroot directory of FMS 3.5 only
I'm using it to test applications before deploying to the
webserver.
I think its main application is to display the sample pages
which generates the code automatically to copy and paste the new
Videoplayer for your own movies.
I hope this helps. -
ENVIRONMENT
-1 Exchange 2013 SP1 CU7 server with all roles that is also a hybrid server with Office 365 tenant, mailboxes are all on premise only LYNC online is being utilized right now.
-Exchange 2013 public folders
-Mix of Outlook 2013 SP1 and Outlook 2010 SP3 clients all fully update to day as of Feb 2015
Outlook anywhere is working perfectly across all clients both internally and externally using autodiscover. Both Outlook 2013 and 2010 clients can open the program and create a profile automatically via autodiscover and no additional logon prompts
are seen.
We set the internal and external mapi virtual directory URLs to a valid URL that also matches the Exchange 2013 SSL certificate. We set the security to ntlm, negotiate on the mapi virtual directory. We reset IIS and enabled mapi over http in
the org config. We run in to problems here.
Outlook 2010 clients appear to be working fine. We can create a new profile and open and close Outlook without any logon prompts and verify that MAPIHTTP and Negotiate are used to connect to Exchange.
Outlook 2013 clients are having problems. As soon as we try to create a profile it says your administrator has made a change that requires you to restart outlook and then a windows logon prompt appears. If we authenticate Outlook will open and connect.
This logon prompt should not occur. We can confirm that it is connecting via MAPI HTTP and Negotiate.
If we set the mapi virtual directory to NTLM only then a logon prompt also appears during every open of Outlook 2013. We can confirm that it is trying to connect with MAPIHTTP via NTLM in the outlook connection test screen.
I do not understand this behavior by Outlook 2013 which was supposed to be designed with MAPI HTTP in mind. I would think the same issues would occur with Outlook 2010 but they do not. I am not sure how to resolve this and I am looking for help.I have the same problem. Exchange and Outlook are both up to date. After creating a new profile Outlook prompts for username/password. A lot of users also get this prompt while
working - the profiles have been "migrated" from Exchange server 2010. <o:p></o:p>
Niko, as i can see in your screenshot you do not have Mapi over HTTP enabled. Why? You can change settings in the security tab – if you have Mapi over
HTTP enabled all options are grayed out (please correct me if I
am wrong):
This is a very annoying thing – does anybody else have the same problem?
Any suggestions on this?
Marc -
[solved] Owncloud over SSL: http works, but over https only apache
Hello,
I try to setup owncloud with SSL.
Accessing over http works, but over https, I reach the default apache page instead of the owncloud page.
(I set up SSL according to https://wiki.archlinux.org/index.php/LAMP#SSL )
How could I make the owncloud site available over https?
relevant files:
owncloud.conf:
<IfModule mod_alias.c>
Alias /owncloud /usr/share/webapps/owncloud/
</IfModule>
<Directory /usr/share/webapps/owncloud/>
Options FollowSymlinks
Require all granted
php_admin_value open_basedir "/srv/http/:/home/:/tmp/:/usr/share/pear/:/usr/share/webapps/owncloud/:/etc/webapps/owncloud/:/mt/daten/owncloud/"
</Directory>
<VirtualHost *:80>
ServerAdmin [email protected]
DocumentRoot /usr/share/webapps/owncloud
ServerName http://example.com/owncloud
</VirtualHost>
I tried to change 80 to 443, but then, systemctl restart httpd didn't work. (apache failed)
httpd.conf:
# This is the main Apache HTTP server configuration file. It contains the
# configuration directives that give the server its instructions.
# See <URL:http://httpd.apache.org/docs/2.4/> for detailed information.
# In particular, see
# <URL:http://httpd.apache.org/docs/2.4/mod/directives.html>
# for a discussion of each configuration directive.
# Do NOT simply read the instructions in here without understanding
# what they do. They're here only as hints or reminders. If you are unsure
# consult the online docs. You have been warned.
# Configuration and logfile names: If the filenames you specify for many
# of the server's control files begin with "/" (or "drive:/" for Win32), the
# server will use that explicit path. If the filenames do *not* begin
# with "/", the value of ServerRoot is prepended -- so "logs/access_log"
# with ServerRoot set to "/usr/local/apache2" will be interpreted by the
# server as "/usr/local/apache2/logs/access_log", whereas "/logs/access_log"
# will be interpreted as '/logs/access_log'.
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
# Do not add a slash at the end of the directory path. If you point
# ServerRoot at a non-local disk, be sure to specify a local disk on the
# Mutex directive, if file-based mutexes are used. If you wish to share the
# same ServerRoot for multiple httpd daemons, you will need to change at
# least PidFile.
ServerRoot "/etc/httpd"
# Mutex: Allows you to set the mutex mechanism and mutex file directory
# for individual mutexes, or change the global defaults
# Uncomment and change the directory if mutexes are file-based and the default
# mutex file directory is not on a local disk or is not appropriate for some
# other reason.
# Mutex default:/run/httpd
# Listen: Allows you to bind Apache to specific IP addresses and/or
# ports, instead of the default. See also the <VirtualHost>
# directive.
# Change this to Listen on specific IP addresses as shown below to
# prevent Apache from glomming onto all bound IP addresses.
#Listen 12.34.56.78:80
Listen 80
<IfModule mod_ssl.c>
Listen 443
</IfModule>
# Dynamic Shared Object (DSO) Support
# To be able to use the functionality of a module which was built as a DSO you
# have to place corresponding `LoadModule' lines at this location so the
# directives contained in it are actually available _before_ they are used.
# Statically compiled modules (those listed by `httpd -l') do not need
# to be loaded here.
# Example:
# LoadModule foo_module modules/mod_foo.so
LoadModule authn_file_module modules/mod_authn_file.so
#LoadModule authn_dbm_module modules/mod_authn_dbm.so
#LoadModule authn_anon_module modules/mod_authn_anon.so
#LoadModule authn_dbd_module modules/mod_authn_dbd.so
#LoadModule authn_socache_module modules/mod_authn_socache.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_user_module modules/mod_authz_user.so
#LoadModule authz_dbm_module modules/mod_authz_dbm.so
#LoadModule authz_owner_module modules/mod_authz_owner.so
#LoadModule authz_dbd_module modules/mod_authz_dbd.so
LoadModule authz_core_module modules/mod_authz_core.so
#LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule auth_basic_module modules/mod_auth_basic.so
#LoadModule auth_form_module modules/mod_auth_form.so
#LoadModule auth_digest_module modules/mod_auth_digest.so
#LoadModule allowmethods_module modules/mod_allowmethods.so
#LoadModule file_cache_module modules/mod_file_cache.so
#LoadModule cache_module modules/mod_cache.so
#LoadModule cache_disk_module modules/mod_cache_disk.so
#LoadModule cache_socache_module modules/mod_cache_socache.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
#LoadModule socache_dbm_module modules/mod_socache_dbm.so
#LoadModule socache_memcache_module modules/mod_socache_memcache.so
#LoadModule watchdog_module modules/mod_watchdog.so
#LoadModule macro_module modules/mod_macro.so
#LoadModule dbd_module modules/mod_dbd.so
#LoadModule dumpio_module modules/mod_dumpio.so
#LoadModule echo_module modules/mod_echo.so
#LoadModule buffer_module modules/mod_buffer.so
#LoadModule data_module modules/mod_data.so
#LoadModule ratelimit_module modules/mod_ratelimit.so
LoadModule reqtimeout_module modules/mod_reqtimeout.so
#LoadModule ext_filter_module modules/mod_ext_filter.so
#LoadModule request_module modules/mod_request.so
LoadModule include_module modules/mod_include.so
LoadModule filter_module modules/mod_filter.so
#LoadModule reflector_module modules/mod_reflector.so
#LoadModule substitute_module modules/mod_substitute.so
#LoadModule sed_module modules/mod_sed.so
#LoadModule charset_lite_module modules/mod_charset_lite.so
#LoadModule deflate_module modules/mod_deflate.so
#LoadModule xml2enc_module modules/mod_xml2enc.so
#LoadModule proxy_html_module modules/mod_proxy_html.so
LoadModule mime_module modules/mod_mime.so
#LoadModule ldap_module modules/mod_ldap.so
LoadModule log_config_module modules/mod_log_config.so
#LoadModule log_debug_module modules/mod_log_debug.so
#LoadModule log_forensic_module modules/mod_log_forensic.so
#LoadModule logio_module modules/mod_logio.so
#LoadModule lua_module modules/mod_lua.so
LoadModule env_module modules/mod_env.so
#LoadModule mime_magic_module modules/mod_mime_magic.so
#LoadModule cern_meta_module modules/mod_cern_meta.so
#LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
#LoadModule ident_module modules/mod_ident.so
#LoadModule usertrack_module modules/mod_usertrack.so
#LoadModule unique_id_module modules/mod_unique_id.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule version_module modules/mod_version.so
#LoadModule remoteip_module modules/mod_remoteip.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
#LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so
LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_express_module modules/mod_proxy_express.so
#LoadModule session_module modules/mod_session.so
#LoadModule session_cookie_module modules/mod_session_cookie.so
#LoadModule session_crypto_module modules/mod_session_crypto.so
#LoadModule session_dbd_module modules/mod_session_dbd.so
LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
#LoadModule slotmem_plain_module modules/mod_slotmem_plain.so
LoadModule ssl_module modules/mod_ssl.so
#LoadModule dialup_module modules/mod_dialup.so
LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so
LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so
LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so
#LoadModule mpm_event_module modules/mod_mpm_event.so
LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
LoadModule unixd_module modules/mod_unixd.so
#LoadModule heartbeat_module modules/mod_heartbeat.so
#LoadModule heartmonitor_module modules/mod_heartmonitor.so
#LoadModule dav_module modules/mod_dav.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
#LoadModule asis_module modules/mod_asis.so
#LoadModule info_module modules/mod_info.so
#LoadModule suexec_module modules/mod_suexec.so
#LoadModule cgid_module modules/mod_cgid.so
#LoadModule cgi_module modules/mod_cgi.so
#LoadModule dav_fs_module modules/mod_dav_fs.so
#LoadModule dav_lock_module modules/mod_dav_lock.so
#LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
#LoadModule imagemap_module modules/mod_imagemap.so
#LoadModule actions_module modules/mod_actions.so
#LoadModule speling_module modules/mod_speling.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
#LoadModule rewrite_module modules/mod_rewrite.so
#own additions:
LoadModule php5_module modules/libphp5.so
<IfModule unixd_module>
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.
# User/Group: The name (or #number) of the user/group to run httpd as.
# It is usually good practice to create a dedicated user and group for
# running httpd, as with most system services.
User http
Group http
</IfModule>
# 'Main' server configuration
# The directives in this section set up the values used by the 'main'
# server, which responds to any requests that aren't handled by a
# <VirtualHost> definition. These values also provide defaults for
# any <VirtualHost> containers you may define later in the file.
# All of these directives may appear inside <VirtualHost> containers,
# in which case these default settings will be overridden for the
# virtual host being defined.
# ServerAdmin: Your address, where problems with the server should be
# e-mailed. This address appears on some server-generated pages, such
# as error documents. e.g. [email protected]
ServerAdmin [email protected]
# ServerName gives the name and port that the server uses to identify itself.
# This can often be determined automatically, but we recommend you specify
# it explicitly to prevent problems during startup.
# If your host doesn't have a registered DNS name, enter its IP address here.
#ServerName www.example.com:80
# Deny access to the entirety of your server's filesystem. You must
# explicitly permit access to web content directories in other
# <Directory> blocks below.
<Directory />
Options FollowSymLinks
AllowOverride none
Require all denied
</Directory>
# Note that from this point forward you must specifically allow
# particular features to be enabled - so if something's not working as
# you might expect, make sure that you have specifically enabled it
# below.
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
DocumentRoot "/srv/http"
<Directory "/srv/http">
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.4/mod/core.html#options
# for more information.
Options Indexes FollowSymLinks
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# AllowOverride FileInfo AuthConfig Limit
AllowOverride None
# Controls who can get stuff from this server.
Require all granted
</Directory>
# DirectoryIndex: sets the file that Apache will serve if a directory
# is requested.
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
<Files ".ht*">
Require all denied
</Files>
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
ErrorLog "/var/log/httpd/error_log"
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
<IfModule log_config_module>
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
# You need to enable mod_logio.c to use %I and %O
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
# The location and format of the access logfile (Common Logfile Format).
# If you do not define any access logfiles within a <VirtualHost>
# container, they will be logged here. Contrariwise, if you *do*
# define per-<VirtualHost> access logfiles, transactions will be
# logged therein and *not* in this file.
CustomLog "/var/log/httpd/access_log" common
# If you prefer a logfile with access, agent, and referer information
# (Combined Logfile Format) you can use the following directive.
#CustomLog "/var/log/httpd/access_log" combined
</IfModule>
<IfModule alias_module>
# Redirect: Allows you to tell clients about documents that used to
# exist in your server's namespace, but do not anymore. The client
# will make a new request for the document at its new location.
# Example:
# Redirect permanent /foo http://www.example.com/bar
# Alias: Maps web paths into filesystem paths and is used to
# access content that does not live under the DocumentRoot.
# Example:
# Alias /webpath /full/filesystem/path
# If you include a trailing / on /webpath then the server will
# require it to be present in the URL. You will also likely
# need to provide a <Directory> section to allow access to
# the filesystem path.
# ScriptAlias: This controls which directories contain server scripts.
# ScriptAliases are essentially the same as Aliases, except that
# documents in the target directory are treated as applications and
# run by the server when requested rather than as documents sent to the
# client. The same rules about trailing "/" apply to ScriptAlias
# directives as to Alias.
ScriptAlias /cgi-bin/ "/srv/http/cgi-bin/"
</IfModule>
<IfModule cgid_module>
# ScriptSock: On threaded servers, designate the path to the UNIX
# socket used to communicate with the CGI daemon of mod_cgid.
#Scriptsock cgisock
</IfModule>
# "/srv/http/cgi-bin" should be changed to whatever your ScriptAliased
# CGI directory exists, if you have that configured.
<Directory "/srv/http/cgi-bin">
AllowOverride None
Options None
Require all granted
</Directory>
<IfModule mime_module>
# TypesConfig points to the file containing the list of mappings from
# filename extension to MIME-type.
TypesConfig conf/mime.types
# AddType allows you to add to or override the MIME configuration
# file specified in TypesConfig for specific file types.
#AddType application/x-gzip .tgz
# AddEncoding allows you to have certain browsers uncompress
# information on the fly. Note: Not all browsers support this.
#AddEncoding x-compress .Z
#AddEncoding x-gzip .gz .tgz
# If the AddEncoding directives above are commented-out, then you
# probably should define those extensions to indicate media types:
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
# AddHandler allows you to map certain file extensions to "handlers":
# actions unrelated to filetype. These can be either built into the server
# or added with the Action directive (see below)
# To use CGI scripts outside of ScriptAliased directories:
# (You will also need to add "ExecCGI" to the "Options" directive.)
#AddHandler cgi-script .cgi
# For type maps (negotiated resources):
#AddHandler type-map var
# Filters allow you to process content before it is sent to the client.
# To parse .shtml files for server-side includes (SSI):
# (You will also need to add "Includes" to the "Options" directive.)
#AddType text/html .shtml
#AddOutputFilter INCLUDES .shtml
</IfModule>
# The mod_mime_magic module allows the server to use various hints from the
# contents of the file itself to determine its type. The MIMEMagicFile
# directive tells the module where the hint definitions are located.
#MIMEMagicFile conf/magic
# Customizable error responses come in three flavors:
# 1) plain text 2) local redirects 3) external redirects
# Some examples:
#ErrorDocument 500 "The server made a boo boo."
#ErrorDocument 404 /missing.html
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
#ErrorDocument 402 http://www.example.com/subscription_info.html
# MaxRanges: Maximum number of Ranges in a request before
# returning the entire resource, or one of the special
# values 'default', 'none' or 'unlimited'.
# Default setting is to accept 200 Ranges.
#MaxRanges unlimited
# EnableMMAP and EnableSendfile: On systems that support it,
# memory-mapping or the sendfile syscall may be used to deliver
# files. This usually improves server performance, but must
# be turned off when serving from networked-mounted
# filesystems or if support for these functions is otherwise
# broken on your system.
# Defaults: EnableMMAP On, EnableSendfile Off
#EnableMMAP off
#EnableSendfile on
# Supplemental configuration
# The configuration files in the conf/extra/ directory can be
# included to add extra features or to modify the default configuration of
# the server, or you may simply copy their contents here and change as
# necessary.
# Server-pool management (MPM specific)
Include conf/extra/httpd-mpm.conf
# Multi-language error messages
Include conf/extra/httpd-multilang-errordoc.conf
# Fancy directory listings
Include conf/extra/httpd-autoindex.conf
# Language settings
Include conf/extra/httpd-languages.conf
# User home directories
Include conf/extra/httpd-userdir.conf
# Real-time info on requests and configuration
#Include conf/extra/httpd-info.conf
# Virtual hosts
#Include conf/extra/httpd-vhosts.conf
# Local access to the Apache HTTP Server Manual
#Include conf/extra/httpd-manual.conf
# Distributed authoring and versioning (WebDAV)
#Include conf/extra/httpd-dav.conf
# Various default settings
Include conf/extra/httpd-default.conf
# Include owncloud
Include /etc/httpd/conf/extra/owncloud.conf
Include conf/extra/php5_module.conf
# Configure mod_proxy_html to understand HTML4/XHTML1
<IfModule proxy_html_module>
Include conf/extra/proxy-html.conf
</IfModule>
# Secure (SSL/TLS) connections
Include conf/extra/httpd-ssl.conf
# Note: The following must must be present to support
# starting without SSL on platforms with no /dev/random equivalent
# but a statically compiled-in mod_ssl.
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>
# uncomment out the below to deal with user agents that deliberately
# violate open standards by misusing DNT (DNT *must* be a specific
# end-user choice)
#<IfModule setenvif_module>
#BrowserMatch "MSIE 10.0;" bad_DNT
#</IfModule>
#<IfModule headers_module>
#RequestHeader unset DNT env=bad_DNT
#</IfModule>
thanks!
Last edited by Carl Karl (2014-05-06 07:40:53)OK, solved.
What I made wrong:
https://localhost leads to the apache page
https://localhost/owncloud leads to the owncloud page.
(Just as an information if there are other apache noobs like me...) -
Http tunneling (t3 over http) doesn't work!! (examples too)
Hi,
I'm trying to get http tunneling (t3 connection over http protocol) to work. I
ran some examples included with Weblogic that try establishing that connection
(PingTest, HelloApplet, SimpleT3Client), as well as my own test program, and they
all give an error similar to this :
Couldn't get a reference to server. Exception :
javax.naming.CommunicationException. Root exception is java.net.ConnectException:
No server found at HTTP://<IP>:<port>
at weblogic.rjvm.RJVMFinder.findOrCreate(RJVMFinder.java:161) at weblogic.rjvm.ServerURL.findOrCreateRJVM(ServerURL.java:200)
at weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java,
Compiled Code) at weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:148)
at weblogic.jndi.WLInitialContextFactory.getInitialContext(WLInitialContextFactory.java:123)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:671) at
javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:242) at javax.naming.InitialContext.init(InitialContext.java:218)
at javax.naming.InitialContext.<init>(InitialContext.java:194)
(I replaced the actual Ip and port with <IP> and <port>).
Now, the server is started and working at that ip and port - it services web http
requests correctly, etc. Regular T3 connection (not over http) also works with
it.
Does anyone know the reason for this problem and/or how to fix it?
Thanks, Leonid PortnoyIt appears that one has to use the "Java Plugin" for this mode to work. The
question is does the version of plugin need to be "in sync" with the JVM
version on the server. ?.
/rk
"Adomas Svirskas" <[email protected]> wrote in message
news:[email protected]...
>
It seems that the solution is to have these two lines in the
properties file:
weblogic.httpd.enable=true
weblogic.httpd.tunnelingenabled=true
Now it works.
Thanks,
Adomas
"Adomas Svirskas" <[email protected]> wrote:
Hi Leonid,
Have you found a solution for this? I have these problems too.
Thanks,
Adomas
"Leonid Portnoy" <[email protected]> wrote:
Hi,
I'm trying to get http tunneling (t3 connection over http protocol)to
work. I
ran some examples included with Weblogic that try establishing thatconnection
(PingTest, HelloApplet, SimpleT3Client), as well as my own test program,
and they
all give an error similar to this :
Couldn't get a reference to server. Exception :
javax.naming.CommunicationException. Root exception is
java.net.ConnectException:
No server found at HTTP://<IP>:<port>
at weblogic.rjvm.RJVMFinder.findOrCreate(RJVMFinder.java:161) atweblogic.rjvm.ServerURL.findOrCreateRJVM(ServerURL.java:200)
atweblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialCon
textFactoryDelegate.java,
Compiled Code) atweblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialCon
textFactoryDelegate.java:148)
atweblogic.jndi.WLInitialContextFactory.getInitialContext(WLInitialContextFact
ory.java:123)
atjavax.naming.spi.NamingManager.getInitialContext(NamingManager.java:671)
at
javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:242)
at javax.naming.InitialContext.init(InitialContext.java:218)
at javax.naming.InitialContext.<init>(InitialContext.java:194)
(I replaced the actual Ip and port with <IP> and <port>).
Now, the server is started and working at that ip and port - it services
web http
requests correctly, etc. Regular T3 connection (not over http) alsoworks
with
it.
Does anyone know the reason for this problem and/or how to fix it?
Thanks, Leonid Portnoy -
Hi,
we have problem opening FTP sites that require authentication.
When I try to open a ftp site, example ftp://site.com, I get this message in the browser :
Authentication is required by the FTP server ( ftpserver.com ). A valid user ID and password must be entered when prompted.
In some cases, the FTP server may limit the number of anonymous connections. If you usually connect to this server as an anonymous user, please try again later.
But I didn't receive authentication prompt at all
I think we didn't have issues with the previous versions...Are you using IE by chance? If yes, try accessing the FTP server using a different browser. IE has a known issue that such that it doesn't prompt end users to enter FTP server credentials when the user goes through any proxy (not just the WSA). We just decided to add this to the WSA release notes as a "known issue" with the different workarounds listed. You'll see it in the next version of the 7.5 release notes when that comes out someday. Here's what the bug write-up will say:
Defect ID 5463
Users cannot access FTP servers that require server authentication using FTP over HTTP with Internet Explorer. This is a known issue with Internet Explorer when communicating with web proxies. This is due to Internet Explorer never prompting users to enter the server authentication credentials.
Workaround: To access FTP servers that require server authentication, use one of the following workarounds:
Use a different browser, such as FireFox or Chrome, to access the FTP server.
Use an FTP client that uses native FTP to access the FTP server.
If users must use Internet Explorer, they can prepend the username and password into the URL. For example: ftp://USERNAME:[email protected]@ftp.example.com
54636 -
Windows Integrated Security with SSRS, Sharepoint 2013 and SSAS over http
I have the following setup and problem:
Sharepoint 2013 with SSRS in Sharepoint integrated mode
SSAS 2012 SP1 with http access (IIS + msmdpump) enabled on the same box as SSAS
Every component I have tried works fine with this (PerformancePoint, .bism connections, SSIS packages etc.), connecting over http using Kerberos and windows integrated authentication.
SSRS (.rsds) connections in Sharepoint fail a connection test when using the same http connection string + Windows integrated authentication which works for everything else. The error is: "Unsupported data format: -> Microsoft.ReportingServices.DataExtensions.AdomdTestConnectionException:
Unsupported data format:"
SQL server profiler shows that the windows username is reaching the SSAS server is all cases.
Kerberos delegation is set up for SSAS and is working.
Switching the .rsds connection to saved credentials (same user as I tried with Windows integrated auth) works fine and SQL server profile logs look the same as the Windows integrated case.
So, everything seems to work with Kerberos + http apart from SSRS ... any idea welcome. I did read that SSPI is not supported for http connections but then again, there are sites which give examples of exactly such connection strings. I can't find any
mention of this case or exact problem anywhere ...For information, this was fixed by applying the .NET 4.5.1 patch as advised by MS support. Now http connections from integrated mode SSRS work ok.
-
ACNS 5.5 / Troubleshooting bad quality VIDEO (MMS-over-http)
Hello community,
For an unexplanable reason I have to deal with an ACNS problem which is not my domain at all ! ACNS 5.5.15 is on a WAE-512-K9 working with CDM.
Please can someone advice me on how to start the basic troubleshooting steps on the following issue :
============================
- Users in Sydney are complaining of bad quality when they watch a video from an Intranet server in Frankfurt.
Video flow has bad quality (buffering ..) and/or stops before the end of the video.
- Users browsers are configured to use the WAE as local proxy on ports 3129 (.pac file). Requested Video on the intranet is in the Windows Media format and flows are MMS-over-http.
- No multicast distribution is used, neither content pre-positioning.
============================
We did a wireshark trace on the user PC watching a video which ends up unexpectidely with error code 500 => We follow the TCP stream, Time/Sequence graph is linear until ACNS sent [PSH,ACK] tcp flags to the user PC. Then PC answers with [FIN, ACK] etc...and the stream ends.
I have checked the show-tech (i have attached some commands from the sh tech) especially TCP statistics but I do not if the values are normal or not.
I am thinkink to open a TAC case but before contacting Cisco I prefer to try some basic tests if they can help.
Any recommendation on how to start a troubleshoot or any advice would be gretly appreciated.
Thanks.
KarimHi Defcom,
Thanks for the quick reply. I have tried changing and resetting the bandwidth limits at both ends last week at both ends but no joy!
I am going to try the solution on the Gerry's link above later but have to wait for my brother to be free as he has an airport as well(had a baby yesterday (hence why we are setting this up)).
Dave -
What are the limitations of using RMI over http with EJB?
We have a requirement for an intranet application where the majority of the clients
(Swing clients) will be able to connect directly using either T3 or IIOP. However,
there are a number of clients that will need to traverse a firewall.
We could use SOAP, but I dont want to lose the value that RMI gives us (clustering,
security, statefullness support etc). I am thinking of using RMI over http - which
Weblogic supports.
I have been trying to find some documentation on the topic - but havent succeded
so far. What I would like to understand is: What limitations I would have using
RMI over http. Do I lose anything (apart from performance) using http?
Regards,
NickYou will have to enable tunneling on the server side and I have not heard of any
complaints of using it.
Shiva.
Nick Minutello wrote:
In fact, we are not using applets - and its not an internet application. We are
using Java Webstart and Swing on our intranet (the problem of the size of the
weblogic.jar is a pain - but well known)
The question for me is; Apart from performance, are there any limitations to using
RMI over http?
Can we also use JMS over http?
-Nick
Shiva Paranandi <[email protected]> wrote:
"Old wine new bottle".
The biggest problem with the approach of Applets like
stuff connecting to weblogic is the size of the classes that need to
be supplied to the
users. The applets/swing would need a lot of weblogic classes which you
need to
supply as jar file. This file can be in the order of MBs depending on
the
weblogic version. we had a similar kind of problem and migrated the applets
to use
servlets instead of directly invoking ejbs or jms topics etc. Having
the applets
connect
to servlets you would still benefit from the features of clustering etc.
and added to
that
you would reduce the number of remote calls.
Shiva.
Nick Minutello wrote:
We have a requirement for an intranet application where the majorityof the clients
(Swing clients) will be able to connect directly using either T3 orIIOP. However,
there are a number of clients that will need to traverse a firewall.
We could use SOAP, but I dont want to lose the value that RMI givesus (clustering,
security, statefullness support etc). I am thinking of using RMI overhttp - which
Weblogic supports.
I have been trying to find some documentation on the topic - but haventsucceded
so far. What I would like to understand is: What limitations I wouldhave using
RMI over http. Do I lose anything (apart from performance) using http?
Regards,
Nick -
IronPort C670 AsyncOS Upgrade over http proxy
Good day.
I try to upgrade my IronPort C670 AsyncOS over http proxy.
Proxy is working fine when i try to get featured keys for example. But whe when i try to ugprade AsyncOS i get "Error — Error fetching manifest: Failed to connect to manifest server" message.
Proxy server is work and ironport have network acess to it. Even for telnet to 80 port.
Squid proxy log:
1373973019.051 57 {{IP_ADDRESS}} TCP_IMS_HIT/304 368 GET http://downloads.ironport.com/vtl/vof_history_year.tgz - NONE/- application/x-gzip
1373973079.194 117 {{IP_ADDRESS}} TCP_IMS_HIT/304 368 GET http://downloads.ironport.com/vtl/vof_history_year.tgz - NONE/- application/x-gzip
1373973119.168 497 {{IP_ADDRESS}} TCP_MISS/200 715 GET http://downloads.ironport.com/asyncos/fkey? - DIRECT/217.212.252.179 text/plain
What can be the problem?Hi,
Please take a look to this:
http://tools.cisco.com/squish/c93bE
HTH
Luis Silva
"If you need PDI (Planning, Design, Implement) assistance feel free to reach"
http://www.cisco.com/web/partners/tools/pdihd.html
Maybe you are looking for
-
Websites are dislayed in the middle of the screen. Half the website is gone on the right side. on the left side it is white. Only when i startup in safetymode the websites are displayed in the center of the screen
-
8350- Is there a way to disable answer key when phone is in lock mode
Solved! Go to Solution.
-
Checking for an element in a string from another string
Hi Guru's, I have 2 comma seperated strings. Say like this. a VARCHAR2(100) := '1,2,3,4,5,6,7,8,9,10'; b VARCHAR2(100) := '2,6,9'; My requirement is like I want to check the string a, whether it has any of the element in b. I am trying to use the reg
-
Received email but it has no content
So, I checked my email today, got some new mail in on a couple of different accounts. I click on the email and there is no content. Nothing. I check the other account, same thing, but it is only in a few recent emails. I check the mail via webmail an
-
I have seen this on other posts but have yet to read a answer that works on this issue. With my dock hiding I can not use the mouse to view the items on the dock while its hiding. I can restart the machine and it will work for a while but then goes b