I have been trying to log in Cosmos-GUI to start developing my FIWARE application, but after I log in with my FILAB user/password I get "Error:Invalid IdM User"
I saw a similar question, and they said that it was caused by a migration of the server and that now it is solved, but I still have the problem (Invalid Idm User when trying to Connect to Cosmos Gui).
Fixed by private email. Nevertheless, putting here the identifed problem for future reference to other potential users: if the FIWARE LAB password contains non alphanumeric characters then the Cosmos portal fails on creating the account. Currently reasearching why.
Related
I got MySql Server on Azure and is configured with Azure Directory Admin.
Example
MySql Servername: mysqlserver and
MySql AD Admin Account: admin#organistionname.com.au (this organisation domain account)
Can see above account from MySql Server under User Accounts.
I stood-up Azure Web App for phpMyadmin and configured to pointed to above MySql db.
When an logging into phpMyAdmin with above Active Directory Admin Account is getting validated against AD, but getting error
mysqli::real_connect(): (HY000/9013): An error occurred while validating the access token. Please acquire a new token and retry.
I need to get a Ad token which need to passed to MySql server.
How to achieve this in Azure Web App?
This documentation should help you: https://learn.microsoft.com/en-gb/azure/mysql/howto-configure-sign-in-azure-ad-authentication#connecting-to-azure-database-for-mysql-using-azure-ad.
You need to acquire an access token in your code for your user against the resource: https://ossrdbms-aad.database.windows.net or against the scope (if using v2): https://ossrdbms-aad.database.windows.net/.default.
Acquiring access tokens with AAD is a whole another topic and the exact way depends on your app.
This answer might help for that: https://stackoverflow.com/a/33512913/1658906
I have the same set up (except phpmyadmin running in a container in AKS).
I believe phpmyadmin can't connect to mysql with azure ad enabled (at least with an AD user/group) because the token (password) is required to be sent in cleartext, and phpmyadmin hashes it before sending it.
I think that's why I get the An error occurred while validating the access token. Please acquire a new token and retry. error.
That's also why in the docs, they set the --enable-cleartext-plugin flag on their example mysql cli commands.
Also in the docs, they state that it's only tested with myqsl cli and mysqladmin.
I'm currently planning on ditching phpmyadmin for azure bastion and a VM running mysqlworkbench for this reason.
I am integrating wirecloud and fiware-idm. Installed both through docker successfully. However, after installing fiware-idm, i am not able to login from admin. username - admin#test.com password - 1234.
Everytime it redirect it to "ip:3000/auth/login". Do I have to make any other configuration in wirecloud or fiware-idm?
Also, even after entering wrong credential, it redirects me to /auth/login and does not display any error message.
My wirecloud, fiware-idm and mysql database are in different containers. Is this can be the issue?
IdM should be deployed on production to be used by WireCloud. That is, you should configure the IDM service using public domains names, using https, and so on... Seems you are creating a local installation, so you should deploy some workarounds. Well, some of those requirements are not enforced by WireCloud, so it should be enough by ensure you use a domain name for accessing the IdM.
You can simulate having the idm server configured using public domains by adding the proper value to /etc/hosts (See this link if you are running windows), the correct value depends on how did you configured the IdM service. So, the idea is to ensure the domain used for accessing the idm resolves to the correct ip address both in the WireCloud container and from your local computer. We can provide you more detailed steps if you provide us more details about how are you launching the different containers.
I am trying to setup database secrets through Hashicorp vault for MySQL Database. I've followed the instructions provided in the documents (https://www.vaultproject.io/docs/secrets/databases/index.html) for the configuration of database and role.
However when I try to generate the credential I am facing an error - 403 Permission Denied.
The logs on the server do not show any errors as well.
I am running the server on the Dev mode as I am trying to implement a prototype.
Is there some specific permissions that I need to setup and have missed?
Appreciate any help or feedback.
Thanks,
Aravind
I realised that the problem was due to a mismatch on the config of the database and the roles.
The role I was trying to get the credential for was not in the allowed roles for the database.
Thanks,
Aravind
I have configured SCIM inbound provisioning in pingfederate 7.2.0 using Active Directory as an user store. But when I hit the URL exposed by ping to search for an user I get the following error on the browser-
{ "totalResults":0,"itemsPerPage":0,"startIndex":0,
"errors":[{"description":"User and/or certificate not found","code":"401"}]
}
In the logs it says
11:34:29,251 DEBUG [Authenticator] AuthnInfo: ID='null' cert:false
basic:false from CERT:'null' BASIC:'null' 11:34:29,251 ERROR [UsersIdResource]
Unable to find a connection associated with the username/password and/or
certificate passed in with the request.
11:34:29,252 DEBUG [TrackingIdSupport] [cross-reference-message]
entityid:null subject:ranajoy
Can someone please help me with this?
I was having this exact same issue. I set up my Provisioning connection correctly, and it worked in other environments, and everything looked good. But then I got this error. If I changed the Basic Auth to a bad password, the error message at least changed to "Bad Password for <user>".
I took another look at my connection and realized I never actually activated the connection:
I create a Flex application that works with a browser using a database with the MySQL server that I can create, modify and delete data from a database.
The problem I encounter now is that I want to see my program with Adobe AIR (virtual machine). At the display that does not pose a problem. The problem is that air can not reach the database server is located in the MySQ. the error message displayed is as follows:
"Error : client.Error.MessageSend - Channel.connect.failed error NetConnection.Call.Failled : HTTP: Status 404:url:'http://xxx.swf/xxx/messagebroker/amf' - Send failed"
Thank you kindly explain to me why I obtain this error? and why do I get to work with the browser but not with AIR? and do work well with AIR application "Client - Server"?
I await your answers or comments with pleasure
It would be best to have some service on the server-side to serve as a facade to database operations. Thus:
you will work with a limited interface from your flex client
you won't need to store DB credentials on the client (this is security flaw - anyone can connect to your database and drop anything)
you won't need special firewall permissions (or mysql port configurations) for your clients - most servers don't allow external parties to connect to port 3306
You can use BlazeDS for that, or you can create your own solution, if the case is simple enough (I actually didn't like the way BlazeDS handles stuff when I had to make this choice a while ago)
The exception you are getting is actually in the AMF broker messaging rather than any of the other technologies. Check whether the URL shown in the message really returns 404.
If you are getting a 404 error then your BlazeDS servlet is not running. Make sure you didn't get any errors when you started Tomcat.