Sentry allows to define alerts when issues reach certain thresholds. The alerts that are delivered per Mail look like
New alert from <project> in <environment>
<Issue>
Exception
<stacktrace>
<additional information e.g. contexts>
Tags
<tags>
Now the stacktrace may contain sensitive data (e.g. e-mail addresses) that I do not want to share via mail. How can I remove stacktrace and additional information from the alert mail?
Sentry calls it data scrubbing.
In your project's settings. Go to Security and Privacy, at the bottom of the page, you'll find Advanced Data Scrubbing. This is where you use can create rules that much your needs and will be removed/hashed/replaced/masked before the information gets to you. For more info : Advanced Data Scrubbing
Here's an example of a rule that removes the username of the user once an error occurs and the username of the user is part of the debugging file :
Related
I want to register a plug-in in Plugin Registration Tool when a user logs in to Dynamics CRM. For this I don't want to use Audit. I want to catch the login event directly.
If this is not possible, is there any log that is create in every login of the user.
As far as I know, No you cannot do so.
But CRM has provided few different ways where you can check which users are currently working/logged in.
Go to Settings--> System Settings--> Auditing and then you can enable audit user access.
Above will enable for all users and then you can see audit data as below.
Ref for 1st option https://blogs.msdn.microsoft.com/emeadcrmsupport/2015/07/09/dynamics-crm-audit-user-access-data/
Now another way you can do so it visit url https://admin.powerplatform.microsoft.com/
Here go under analytics and then common data service. You wil get most of the info
High level design of what I would do:
Make/identify a default dashboard for all users and keep a HTML web resource in there
Web resource can have a method to invoke Xrm.WebApi.online.execute for executing a Custom Action by passing parameter to include IP, Lat, Lon, Browser details. Read more
Register a plugin on Custom Action message to trigger and achieve what you want there
I am aware of adding/managing users from GUI in NiFi i.e. a admin user and add user and groups/policies etc.
This is maintained in users.xml file.
I wanted to know, can we manually add records in users.xml instead of GUI?
If yes, how is identifier tag of user derived by NiFi. For e.g. I see a tag:
How is above identifier generated?
The reason for above is, we can maintain the users.xml file in our code base and whenever new users need to be added in NiFi, team can update its details in this file and release and we re-start NIFi. We do not have to rely on GUI to add new users.
Is it possible?
EDIT:
To be more clear, currently we have ldap authentication in place using ldap-provider. So that part is fine. I am not lookng for ldap authentication to NiFi.
Now for actual roles/permissions for "authorized users" i.e. who can see the processors/components, create new processors, query data provenance etc admin go to NiFi UI and add users/groups/policies etc. These details are then updated in users.xml.
I am specifically looking to achieve this activity via automating or from backend.
As per the response from Bryan, I think the feasible solution is using Nifi REST API for that.
The users.xml and authorizations.xml really shouldn't be manually edited/maintained, they are internals of the file-based authorizer that are not meant to be a public API.
It would be better to maintain a script that looped through a list of users and used NiFi's REST API to see if the user existed, and if it didn't then created the user using the REST API.
Another option would be to load your users from a Directory Server. This is detailed in the admin guide [1]. This implementation is configured with an interval for retrieving new users from the Directory Server.
[1] https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#authorizers-setup
users.xml doesn't intended to updated by users. This can be overcomed if you use external authentication providers ex. ldap-authentication provider
For security reasons, I'd like to prevent my Parse client app (iOS) from being able to fetch the list of Parse users. Currently, anyone with the application id and client key (which are trivial to hack out of the app) can fetch the entire user list by running this request:
https://api.parse.com/1/classes/_User
To avoid User table being searched publicly, disable Find permission in your class security settings (CLPs). Make sure to checkout Advanced security tab to see all permissions instead of only Read/Write
I have a client that keeps getting the customer service reply to emails in his mail box when they should be going to the customer service email. I've searched everywhere for record of his email and it is nowhere. I am guessing now that because the customer service emails are of a different domain the replies are getting marked as spam and being sent to the server admin account instead. I have downloaded this extension: http://www.magentocommerce.com/magento-connect/ASchroder/extension/1865/aschroder.com-smtp-pro. Would a different domain email be SMTP? Advice appreciated.
We had this problem with a few of our recipients as well.
Mainly Comcast users and Century Link to name a few. What the problem is, is that you are sending from (for example) www-data#thisdomain (this will be the machines domain name ie. www-data#WebServer01) -- in the header, regardless of who is in the FROM field. Your actual domain in the FROM field is customer_service#yourstoredomain.com. You will need to do one of two things.
If you host the Magento install on your own operating system and you have control of it, you'll need to change the machines hostname to match that of your web domain name. ie yourwebsite.com.
If that isn't an option, then you will need to use a Magento plugin like the one you mentioned, and have it log in via SMTP to your email service provider (We use Office365) and send the email from a "real" email address that you have created.
The reason this fails is due to the SPF record on the providers (ie Comcast CenturyLink) not allowing emails from a domain that is other than that which is specified in the header. This is usually to prevent spam etc to their customers. So companies like these simply block or, in some cases, redirect that email back to the user at the originating FROM domain.
If at all possible, the easiest route is going to be to try to change the domain in the header of the email. Hopefully you manage your own operating system so you have control over this. IF not, try to see if your hosting provider will provide you access to a "jailed" area so that you can change said settings. The SMTP route is NO FUN ...
We've created a highly customized Joomla 1.5 based site and want our super administrator to be able to log into registered user accounts so we can provide better phone support and help them configure their accounts remotely.
This will obviously take some coding. Ideally we want a link from the admin side that will take us to the front end and automatically log us in as the registered user. We'll lock it down by IP address and also have some sort of password as well.
Where does the login get processed? It looks like /components/com_user/controller.php calls a function called $mainframe -> login(); Where does that function reside?
Our thought is to send a mock login form along with an additional super-user password field. Then we'll modify the login code to authorize the login if the password is present and the IP address is correct.
Any words of wisdom or caution with this approach?
There is actually a plugin that will do just this:
http://extensions.joomla.org/extensions/access-a-security/authentication/4806
You'll want to build an authentication plugin to handle this. You can enable as many authentication plugins as you like (the core plugin, OpenID, your own plugin, etc...). Joomla will run down the list of enabled plugins until one of them sets the status variable of the $response object to JAUTHENTICATE_STATUS_SUCCESS. The $response object gets passed in to your plugin's onAuthenticate method. Take a look at plugins/authentication/example.php for a clear example. You will probably end up cloning plugins/authentication/joomla.php and repurposing it for your needs.
I would publish your custom plugin after the core Joomla authentication plugin so that normal users will be able to log in faster.
Also, if you do want to go with a form as well, you will need to build a small component so that you can get the username and super-user password into the request.