OpenAM is as much powerful as complicated sometimes. In this case I spent a lot of time understanding how to set simple settings because of that I decide to take note about that in this blog entry.
First of all don’t forget to set the environment variables and go to ssoadm path:
anonymous (id=anonymous,ou=user,dc=openam) demo (id=demo,ou=user,dc=openam) serviceusername (id=serviceusername,ou=user,dc=openam) amAdmin (id=amAdmin,ou=user,dc=openam) Search of Identities of type User in realm, / succeeded.
But as you can see it doesn’t work and I don’t know how to solve it.
Taking a look to GUI get to identities list with: Access Control > / (Top Level Realm) > Privileges
In this webpage you have a list of role identities, in my case I have only this: “All Authenticated Users”. Inside this identity I can set different privileges:
REST calls for Policy Evaluation (EntitlementRestAccess)
Read and write access to all log files (LogAdmin)
REST calls for searching entitlements (PrivilegeRestReadAccess)
Read access to all log files (LogRead)
Read and write access to all federation metadata configurations (FederationAdmin)
Read and write access only for policy properties (PolicyAdmin)
Read and write access to all configured Agents (AgentAdmin)
Read and write access to all realm and policy properties (RealmAdmin)
REST calls for managing entitlements (PrivilegeRestAccess)
Write access to all log files (LogWrite)
If we want to remove a privilege:
root@vm:/opt/openam/ssoadmin/openam/bin# ./ssoadm remove-privileges -u amAdmin -f /tmp/oam.pwd -e / -g EntitlementRestAccess -i "All Authenticated Users" -t rolePrivileges were removed from identity, All Authenticated Users of type, role in realm, /.
or adding a privilege:
root@vm:/opt/openam/ssoadmin/openam/bin# ./ssoadm add-privileges -u amAdmin -f /tmp/oam.pwd -e / -g EntitlementRestAccess -i "All Authenticated Users" -t role
Using sslsnoop you can dump SSH keys used in a session and decode ciphered traffic. Supported algorithms are: aes128-ctr, aes192-ctr, aes256-ctr, blowfish-cbc, cast128-cbc.
Basic sslsnoop information:
$ sudo sslsnoop # try ssh, sshd and ssh-agent... for various things $ sudo sslsnoop-openssh live `pgrep ssh` # dumps SSH decrypted traffic in outputs/ $ sudo sslsnoop-openssh offline --help # dumps SSH decrypted traffic in outputs/ from a pcap file $ sudo sslsnoop-openssl `pgrep ssh-agent` # dumps RSA and DSA keys
Reading time: < 1 minute
Clicking the next link you can get my github repository with the firmware of my home heaters. The code is very simple but useful as we tested last winter at home.
I know all the public documentation is not enough to duplicate my heating project. I’m so sorry but I have a lot of pending home projects to do because I have a lot of under construction things. If you need some help to understand what I have or how to do something feel free to ask.
Several months ago I bought a video graphics adapter for USB 2.0 port. It’s compatible with Linux, Mac and Windows but for a while I’ve only used it with Windows where it works as a extended screen for my HDMI main display. It works very good with 1920×1080 pixels resolution and it can play videos fast enough using a standalone video player or HTML5 video streaming from the internet.
The chipset used by this product is DISPLAYLINK DL-165 with DVI, HDMI and VGA adapters. It is powered by USB port with 5V DC and 450mA about 2,25W of consumption; but after installing the display driver I lost 2GB of RAM, which in my case it isn’t a problem but sometimes it could be a handicap.
USB 2.0 VGA
If you are interested in this product I bought it in DealExtreme webpage, the product page is here and costs 34,28€ with free shipping.
I bought this product a few weeks ago and finally I can enjoy it at home. With this product you have a firewall, gateway, switch and wireless box with:
25x Gigabit Ethernet ports
1x Fiber channel
3G, 4G or any optional USB modem
With RouterOS inside you can manage: gateway, firewall, VPN and ad-hoc switching and routing configurations
1000mW high power 2.4GHz 11n wireless AP
CRS125-24G-1S-2HnD-IN
The official product page is here where you can find brochure in PDF and other useful information.
If you are looking for a powerful product for your SOHO network this is the solution as I like to say ‘this is one of the best communications servers’. It will be very difficult to find some feature or functionality that you can not get from this product. The product is robust and stable with the flexibility of RouterOS.
Ahir al vespre vaig fer una conferència a la FIB (Facultat d’Informàtica de Barcelona) dins de la UPC (Universitat Politècnica de Catalunya). En aquesta xerra vaig estar explicant què és i en que es diferència Arduino i Raspberry PI. A més de presentar tot un conjunt de solucions alternatives i experiències en el tema.
I have two full-HD displays as a desktop and I want to record the second one of them while I record mic too. The output format of the record has to be MKV with h264 as video codec and AAC as audio codec.
After some tests with VLC and FFMPEG finally I get the solution with this command:
when I finish recording the clip I have to convert the audio channel because if I try to convert the audio format while I’m recording the audio channel I have delays or sync problems with video channel.
Some times schemas and snippets don’t need large descriptions. If you think this is not enough in this case tell me and I’m going to add explanations.
Using a python library called kombu as an abstraction to talk with AMQP broker we are going to develop different message routes setting each type of Exchange. As a backend I used RabbitMQ with default configuration.
Kombu implements SimpleQueue and SimpleBuffer as simple solution for queues with exchange of type ‘direct’, with the same exchange name, routing key and queue name.
Pusher:
from kombu import BrokerConnectionconnection = BrokerConnection("amqp://guest:guest@localhost:5672//")queue = connection.SimpleQueue("logs")payload = { "severity":"info", "message":"this is just a log", "ts":"2013/09/30T15:10:23" }queue.put(payload, serializer='pickle')queue.close()
