Questions tagged [authorization]
156 questions
0
votes
0 answers
Authorize users on a reverse proxy and redirect them to two different addresses if they have/do not have permission?
I need to create a "maintenance mode" reverse proxy that can be easily toggled between "open" (allow all connections) to "maintenance" (only allow connections from AD users in a specific security group).
Maintenance mode should be easily toggled…
0
votes
0 answers
Configure auth with MySQL in Apache 2.22
I've got a raspberry pi 1 which serves web pages using apache 2.22. I've done some research and I found a way to secure "pages" using a database (mysql in this case).
I've found this little guide to make it work (also checked the official…
russellhoff
- 129
- 10
0
votes
0 answers
IIS7 Digest authentication credentials forgotten between pages
I'm able to authenticate using AD credentials and the requested page loads fine, but IIS is re-requesting authentication for every page change or page refresh.
If this is normal behavior for this type of authentication, what would be a better way…
pierce.jason
- 193
- 1
- 8
0
votes
1 answer
LDAP RBAC model
does anybody can tell me about best practice to model RBAC on LDAP ? I'm very confused, not sure if I should think about LDAP groups as role, or just user in some custom OU.
Any real-life examples with tasks-operations\roles\user scheme (one user,…
typo
0
votes
1 answer
What software do you use for storing application authorizations?
We are a medium sized company with a Windows 2003 network, using Active Directory for our users (about 100) and computers (about 50).
We also have a small number of applications that need their own authorization.
Now we need to regularly produce a…
jao
- 391
- 2
- 12
- 28
0
votes
3 answers
Is there a way to allow an apache2 logged in user to access a specific directory dynamically?
This is surprisingly a very difficult problem to solve.
I want to allow my Linux users to login to Apache2 and have access to their own directory(ies) only. I've managed to get Linux users to authenticate to Apache2 using PAM and that works…
CaesarS
- 111
- 1
0
votes
0 answers
Microsoft AD DS group membership verification when authorizing user
Can somebody point out to documentation or explain how verification works in AD DS when it is necessary to authorize user to perform some actions. As far as I remember user's SID or token should contain groups' SIDs added into it, but what I want to…
Mikhail
- 1,287
- 3
- 18
- 35
0
votes
1 answer
how to translate an Active Directory group into a NIS netgroup?
The goal is to be able to add
+ : @DL-MyCompany-MyTeam : ALL
to /etc/security/access.conf and have it work as expected. This is my sssd.conf:
[domain/default]
cache_credentials = True
[sssd]
config_file_version = 2
services = nss, pam
domains =…
rone
- 13
- 2
- 6
0
votes
1 answer
nginx location match issue auth_basic
I have this configuration :
location / {
root /etc/nginx/euchet;
}
location /app/ {
proxy_pass http://172.16.184.2:8080;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
…
Nikolay Yakubitskiy
- 11
- 2
0
votes
1 answer
How to restrict access to a child SVN directory only?
I'm trying to configure permissions for an SVN repository accessed through Apache 2. What I want is to let anyone access the root directory, while restricting to authenticated users a child directory.…
Arseni Mourzenko
- 2,165
- 5
- 23
- 41
0
votes
0 answers
Enable root password on remote server
I'm playing around with ssh-with-rsa-key authorization instead of password authorization and because I'm not really clever I've locked password authorization for root(passwd -l root) on remote server.
Also I've deleted my rsa key from local computer…
micgeronimo
- 101
- 2
0
votes
1 answer
Linux TACACS+ authorization
I'd like to know to to authorize (only allow a set of commands) users on Linux console (bash). I'm so far able to authenticate ssh users over TACACS+ but authorization is not working.
This is my tac_plus.conf file, really simplified for…
Ignacio Verona
- 141
- 5
0
votes
0 answers
Multiple CAS servers with Microsoft Exchange and selective authorization
I have a Microsoft Exchange 2010 organization within one Microsoft Windows domain and I have users accessing it through OWA.
For simplicity lets say I currently have one CAS server (CAS 1) which is accessible only through a VPN connection. Lets call…
John Wilcox
- 73
- 6
0
votes
1 answer
Windows 2008 server not authorizing vpn traffic
We are struggling to setup windows 2008 server vpn.
We have managed to establish a connection to the server from the client pc but cant browse to any url on the same server.
We keep getting an error on the client that authorization failed.
The…
0
votes
2 answers
Protect access to static files with Apache & Session
/assets
- file1.mp3
- file2.mp3
...
- fileX.mp3
(millions of files)
So what I want to prevent is to access the content directly if the user is not logged in
like
http://domain.com/assets/file1.mp3
Ideally the URL to the asset file will be…
DmitrySemenov
- 755
- 2
- 14
- 27