sharepoint enterprise – How do I get Workflow Manager to automatically authenticate against my custom web service the same way it does against the built in SP REST API?

Related to this question.

Also, full disclosure – I have only developed a very few custom web services, and have very little experience with .NET outside of SharePoint, so I am very unfamiliar with web.config settings, bindings, all that kind of stuff. I know what they are, I just don’t know how to interpret and use them very well. So the answer to this may be very simple and I just don’t see it.

I have deployed my own custom web service MyCustomService.svc to the SharePoint ISAPI folder, which exposes it at the URL

https://sharepoint-server/sites/my-site/_vti_bin/MyCustomService.svc

I try to call that web service using the stock SP 2013 Microsoft.Activities.Messaging.HttpSend activity from within a custom declarative 2013 workflow.

My calls always result in a 401 UNAUTHORIZED response. Examining the response headers, I can see that one of the headers is

"WWW-Authenticate":("NTLM")

which tells me that IIS is challenging the caller (Workflow Manager) to authenticate in order to access the service. A subsequent call that includes the authentication information never happens, and the request ultimately fails.

Now, I know that the built in SP REST API exposed at /sharepoint-site/_api/...etc... is actually mapped to /_vti_bin/client.svc. And I know that if I make a call to that endpoint from a workflow using the HttpSend activity, the call will work and I will get a response from the web service.

If I look at the IIS logs from such a call, I see:

2021-02-26 18:15:35 1.2.3.4 GET /sites/my-site/_api/web/lists(guid'xx-xx-xx-xxxx')/items(8) - 443 - 1.2.3.4 - - 401 0 0 6
2021-02-26 18:15:35 1.2.3.4 GET /_vti_bin/client.svc/web/lists(guid'xx-xx-xx-xxxx')/items(8) - 443 0#.w|domainmyaccount 1.2.3.4 - - 200 0 0 35

What’s interesting to me about that is that the first call does not include user information and in fact is responded to by a 401 UNAUTHORIZED response. (I can only assume that that response also includes the WWW-Authenticate: (NTLM) header.)

But then Workflow Manager apparently understands that response, and then immediately sends another request that includes the authentication information for the user that initiated the workflow. (The user account shown in the IIS logs corresponds to a real user, the user that initiated the workflow, not the service account that Workflow Manager is running as.) And then, with the correct authentication information included, the request succeeds (200).

So… why doesn’t Workflow Manager handle the initial 401 response from my custom service the same way, and immediately try to send another request that includes the authentication information of the user who initiated the workflow?

Is there something I need to include in the configuration of my custom web service to tell Workflow Manager that it’s OK and possible to respond to an initial 401 with another call that includes authentication info?

I’ve looked through the web.config in the ISAPI folder, and I don’t see anything specifically calling out the client.svc endpoint or the mapped /_api/ endpoint.

I do however see a bunch of stuff called WorkflowSolutionsServiceBehavior that reference these other bindings called StreamBindingXX. Do I need to configure my web service to use either one of those WorkflowSolutionServiceBehaviors, or to use one of the StreamBindingXX bindings? If so, how do I do that?

I am not doing any SPWebConfigModification on feature activation, although I am aware of what that is and am comfortable doing so if that’s what is required. I just don’t know what modifications I need to make in order to get things working.

I am happy to post my custom web service code if that helps.

(Also, just want to add that my custom service works fine when tested with Postman or called from JS in a browser – between looking at Fiddler data and the IIS logs I can see that the initial request is responded to with a 401, but then apparently the browser handles that and then sends the authentication information (since I am not prompted for login information). The problem I am trying to solve here is that the initial 401 is not handled when the call is coming from Workflow Manager.)

linux – Why does this systemd service not run at the right time (loading encryption keys from a network drive which are required for lxc containers)?

In Debian with systemd, I use zfs and lxc. My zfs datasets are encrypted and their keys can be loaded from a network host via my /etc/zfs/zfs-load-key.sh script. My LXC containers are started by lxc.service.

Loading the keys requires the network up and running (otherwise I get the error “no route to host”) but lxc.service requires the keys to be loaded.

Sounds trivial, but isn’t. I created this file /etc/systemd/system/zfs-load-keyfile@.service:

(Unit)
Description=Load %I encryption keys from network host
DefaultDependencies=no
Before=zfs-mount.service lxc.service
After=zfs-import.target network-online.target
Requires=zfs-import.target
Wants=network-online.target

(Service)
Type=oneshot
RemainAfterExit=yes
ExecStart=/etc/zfs/zfs-load-key.sh %I

(Install)
WantedBy=zfs-mount.service lxc.service

and enabled them via:

systemctl enable zfs-load-keyfile@tank-dataset1.service
systemctl enable zfs-load-keyfile@tank-dataset2.service

For for some reason, my LXC containers do not start because the keys were not yet loaded, ALTHOUGH I have Before=... lxc.service!

Why does this service not run at the right time, i.e. after the network is up and before lxc?

How to fix it?

linux – Why does this systemd service not run at the right time?

In Debian with systemd, I use zfs and lxc. My zfs datasets are encrypted and their keys can be loaded from a network host via my /etc/zfs/zfs-load-key.sh script. My LXC containers are started by lxc.service.

Loading the keys requires the network up and running (otherwise I get the error “no route to host”) but lxc.service requires the keys to be loaded.

Sounds trivial, but isn’t. I created this file /etc/systemd/system/zfs-load-keyfile@.service:

(Unit)
Description=Load %I encryption keys from network host
DefaultDependencies=no
Before=zfs-mount.service lxc.service
After=zfs-import.target network-online.target
Requires=zfs-import.target
Wants=network-online.target

(Service)
Type=oneshot
RemainAfterExit=yes
ExecStart=/etc/zfs/zfs-load-key.sh %I

(Install)
WantedBy=zfs-mount.service lxc.service

and enabled them via:

systemctl enable zfs-load-keyfile@tank-dataset1.service
systemctl enable zfs-load-keyfile@tank-dataset2.service

For for some reason, my LXC containers do not start because the keys were not yet loaded, ALTHOUGH I have Before=... lxc.service!

Why does this service not run at the right time, i.e. after the network is up and before lxc?

How to fix it?

design patterns – Need help with OO thinking to build bidding service

I have a legacy service written in a procedural style which I am rewriting. I
want to improve the maintainability first and foremost; the code gets tweaked
often as the business rules change over time. Hence, I want to decouple a lot of
things, encapsulate as much of the logic in their own objects as possible, and
make it much easier to test.

I’m looking for help in finding some top-level object-oriented patterns to help
model this service so as to achieve the above goals.

Current Service Description

The service basically matches up items and bidders. It does this dozens of times
per minute. As a result, the availability of both items and bidders is rapidly
changing during the process.

Constraints

  • There may be 1 to N of match-making processes running simultaneously (N
    currently less than 50, but we want to grow the business).

  • Each match-making “run” must complete in less than 1 second.

  • There could be tens of thousands of potential items to select from (not all
    will qualify at any given point, usually much closer to a thousand for
    example).

  • There may be up to hundreds of bidders.

  • Once an item has been “won” it is removed from further consideration until it
    is restocked at some future point.

  • Bidders have various limitations on how many items they can bid upon, so there
    is some significant logic required to properly qualify bidders on each item.

Procedural Outline

As a result of the above constraints, the current procedural code looks
something like this outline:

  1. Grab and reserve a 100 potential items out of the database.

  2. Loop through the list of 100 items looking for cached items. (Items with matching bidders were cached after full evaluation as seen below.)

    a. If cached item found, send to bidder, release entire working set
    back to database. DONE. (Future improvement, evaluate items still in
    reserved list to build future cache.)

    b. If no cached item found, continue.

  3. Loop through list of items, fully evaluating item and bidders:

    a. Is item still available? If no, next item. (go to 3)

    b. Else, get list of pre-qualified bidders.

  4. Are there pre-qualified bidders?

    a. No. Loop through “related items” linked to initial item, and look for
    pre-qualified bidders for each of them. Fall through when complete.

    b. Yes. Loop through list of pre-qualified bidders.

  5. Does pre-qualified bidder have current contract info?

    a. No. Remove from bidder list.

    b. Yes, next bidder.

At this point we have an item and a list (potentially zero in length)
of bidders
who can receive the item. There are few final checks to make to fully qualify
the bidder.

Remember that we are still within the large loop which started at (2) above
looping through the reserved, working set of 100 potential items.

  1. If there are bidders remaining in the pre-qualified bidders list,
    send the item to those bidders for their final approval.

    a. Continue through rest of item list, and cache any further successful
    matches with bidders.

    b. If any remaining final checks fail, send that status in place of the
    actual item.

  2. When all items in item list have been examined, release the database
    reservation.

Thoughts

What has made this difficult to think about and encapsulate for me is the
multiple places where behavior can change significantly in the middle of looping
through the working set. The original code had statements to break out of
multiple levels of loops within loops. It’s been modified a bit to use a pair of
flags indicating state, but it’s still pretty convoluted.

Because it has to be fast, and the time before data becomes out of date is
short, figuring out how to encapsulate and decouple this has been hard for me to think about.

Socks5 Proxy Service Cheap Socks5


SOCKS Proxy List by Tisocks.net
If you Need Socks5 , Please visit service and add fund via PM , BTC WMZ . Thanks all!!
Add fund : https://tisocks.net/addfund
Check socks5 Online here : https://checksocks5.com
LIVE | 20.52.147.137:9170 | 0.55 | SOCKS5 | Unknown | Unknown | cust-147.keff.org | Sweden | Checked at https://tisocks.net
LIVE | 59.78.27.184:10808 | 1.01 | SOCKS5 | Tokyo | 102-0082 | 103.141.182.128 | Japan | Checked at https://tisocks.net
LIVE | 20.52.147.137:9190 | 0.53 | SOCKS5 | Unknown | Unknown | vps-649f530c.vps.ovh.us | United States | Checked at https://tisocks.net
LIVE | 20.52.37.89:9150 | 0.46 | SOCKS5 | Vienna | 1210 | tor-exit-anonymizer.appliedprivacy.net | Austria | Checked at https://tisocks.net
LIVE | 20.52.37.89:9180 | 0.45 | SOCKS5 | Unknown | Unknown | 185.220.101.144 | Germany | Checked at https://tisocks.net
LIVE | 20.52.37.89:16379 | 0.49 | SOCKS5 | Washington | 98104 | 23.129.64.212 | United States | Checked at https://tisocks.net
LIVE | 20.52.37.89:9190 | 0.46 | SOCKS5 | Unknown | Unknown | vps-45f6a8e0.vps.ovh.us | United States | Checked at https://tisocks.net
LIVE | 212.8.244.112:8055 | 0.47 | SOCKS5 | Arizona | 85001 | tor-exit-01.for-privacy.net | United States | Checked at https://tisocks.net
LIVE | 212.8.244.112:8058 | 0.47 | SOCKS5 | Unknown | Unknown | 185-220-102-243.torservers.net | Germany | Checked at https://tisocks.net
LIVE | 212.8.244.112:8057 | 0.61 | SOCKS5 | Unknown | Unknown | 91-192-103.17.as51395.net | Switzerland | Checked at https://tisocks.net
LIVE | 212.8.244.112:8053 | 0.67 | SOCKS5 | Unknown | Unknown | 185.220.101.22 | Germany | Checked at https://tisocks.net
LIVE | 217.12.201.190:9210 | 0.55 | SOCKS5 | Quebec | H3A | ns552097.ip-142-44-139.net | Canada | Checked at https://tisocks.net
LIVE | 217.12.201.190:9190 | 0.76 | SOCKS5 | New York | 11232 | 162.247.74.204 | United States | Checked at https://tisocks.net
LIVE | 37.200.66.166:9052 | 0.58 | SOCKS5 | Bucuresti | 052198 | freki.enn.lu | Romania | Checked at https://tisocks.net
LIVE | 37.200.66.166:9057 | 0.62 | SOCKS5 | Unknown | Unknown | 185.220.101.144 | Germany | Checked at https://tisocks.net


tisocks
Reviewed by tisocks on
.
[Tisocks.net] – Socks5 Proxy Service Cheap Socks5
SOCKS Proxy List by Tisocks.net
If you Need Socks5 , Please visit service and add fund via PM , BTC WMZ . Thanks all!!
Add fund : https://tisocks.net/addfund
Check socks5 Online here : https://checksocks5.com
LIVE | 20.52.147.137:9170 | 0.55 | SOCKS5 | Unknown | Unknown | cust-147.keff.org | Sweden | Checked at https://tisocks.net
LIVE | 59.78.27.184:10808 | 1.01 | SOCKS5 | Tokyo | 102-0082 | 103.141.182.128 | Japan | Checked at https://tisocks.net
LIVE | 20.52.147.137:9190 | 0.53 |

Rating: 5



.

[Shopsocks5.com] Service Socks5 Cheap – Check Socks5 22h30

Live | 130.193.56.117:9054 | Russia | Unknown | 00 | Unknown | Checked at Shopsocks5.com
Live | 69.163.161.110:11800 | United States | Brea | CA | 92821 | Checked at Shopsocks5.com
Live | 184.178.172.13:15311 | United States | Unknown | 00 | Unknown | Checked at Shopsocks5.com
Live | 217.144.173.78:19950 | Russia | Krasnoyarsk | KYA | 660000 | Checked at Shopsocks5.com
Live | 20.52.130.140:9190 | Germany | Frankfurt am Main | HE | 60313 | Checked at Shopsocks5.com
Live | 20.52.37.89:9170 | Germany | Frankfurt am Main | HE | 60313 | Checked at Shopsocks5.com
Live | 20.52.37.89:9190 | Germany | Frankfurt am Main | HE | 60313 | Checked at Shopsocks5.com
Live | 188.166.242.150:60927 | Singapore | Unknown | 00 | 62 | Checked at Shopsocks5.com
Live | 45.79.207.110:9200 | United States | Atlanta | GA | 30301 | Checked at Shopsocks5.com
Live | 98.162.25.7:31653 | United States | Unknown | 00 | Unknown | Checked at Shopsocks5.com
Live | 217.12.201.190:9190 | Netherlands | Dronten | FL | 8254 | Checked at Shopsocks5.com
Live | 173.254.222.170:1085 | United States | Los Angeles | CA | 90014 | Checked at Shopsocks5.com
Live | 192.248.190.123:8001 | France | Unknown | 00 | Unknown | Checked at Shopsocks5.com
Live | 20.52.37.89:9150 | Germany | Frankfurt am Main | HE | 60313 | Checked at Shopsocks5.com
Live | 184.178.172.25:15291 | United States | Unknown | 00 | Unknown | Checked at Shopsocks5.com
Live | 173.254.222.170:1090 | United States | Los Angeles | CA | 90014 | Checked at Shopsocks5.com
Live | 97.74.6.64:46426 | United States | Unknown | 00 | Unknown | Checked at Shopsocks5.com


shopsocks5
Reviewed by shopsocks5 on
.
(Shopsocks5.com) Service Socks5 Cheap – Check Socks5 22h30
Service Socks5 Cheap
Payment Instantly Perfectmoney, Bitcoin, Wmtransfer, BTC-E ( Please click Buy Socks )
Check Socks5 Online

Rating: 5



.(tagsToTranslate)22h30(t)Cheap(t)Check(t)Service(t)Shopsocks5(t)Socks5(t)http://shopsocks5.com(t)live(t)checked(t)shopsocks5.com(t)unknown(t)united(t)states(t)germany(t)frankfurt(t)main(t)60313(t)socks5(t)service(t)(shopsocks5.com)(t)russia(t)cheap(t)check(t)los(t)angeles(t)90014(t)45.79.207.1109200(t)173.254.222.1701090(t)184.178.172.2515291(t)20.52.37.899190(t)188.166.242.15060927(t)singapore(t)20.52.37.899150(t)217.12.201.1909190(t)atlanta(t)netherlands(t)192.248.190.1238001(t)30301(t)173.254.222.1701085(t)8254(t)dronten(t)98.162.25.731653(t)france(t)217.144.173.7819950(t)20.52.37.899170(t)buy(t)payment(t)instantly(t)perfectmoney(t)bitcoin

concurrency – How to gain unique access to a file in a internal network or cloud service

I don’t know where to start and I apologize if this is not a good question.

I want to keep a file updated and this file is accessible by multiple users.
This file can be on a folder of an internal network or a dropbox folder and similar.

When this file is on my local machine and two instances try to access the file, the first gain access (open and lock for everything), and when the second instance tries to open the file the OS raises an error.

This is the behavior that I want to obtain.

Two questions:

  1. Is it possible to force Dropbox to do the same and avoids all the
    conflict copies?
  2. If I have an internal network with mapped
    folders (win), is this behavior guaranteed? If not, which variables
    are in play?

boot – How do I enable a service in recovery mode using systemd

I have this custom service and I need it to run in recovery mode as well as the multi-user mode of ubuntu.

I’ve added a .service file for this in the /etc/systemd/system/ folder with the following content hoping WantedBy=multi-user.target rescue.target emergency.target friendly-recovery.target will solve my problem but it didn’t.
Do I need to configure anything else to enable this service in the recovery mode by default?

Description=service name
StartLimitIntervalSec=0
[Service]
Type=forking
User=root
Restart=always
RestartSec=1
ExecStart=/usr/bin/executable

[Install]
WantedBy=multi-user.target rescue.target emergency.target friendly-recovery.target

[Shopsocks5.com] Service Socks5 Cheap – Check Socks5 12h50

Live | 217.12.201.190:9190 | Netherlands | Dronten | FL | 8254 | Checked at Shopsocks5.com
Live | 184.178.172.25:15291 | United States | Unknown | 00 | Unknown | Checked at Shopsocks5.com
Live | 45.79.207.110:9200 | United States | Atlanta | GA | 30301 | Checked at Shopsocks5.com
Live | 20.52.130.140:9190 | Germany | Frankfurt am Main | HE | 60313 | Checked at Shopsocks5.com
Live | 20.52.37.89:9170 | Germany | Frankfurt am Main | HE | 60313 | Checked at Shopsocks5.com
Live | 20.52.130.140:9240 | Germany | Frankfurt am Main | HE | 60313 | Checked at Shopsocks5.com
Live | 167.71.236.109:9052 | India | Bengaluru | KA | 560100 | Checked at Shopsocks5.com
Live | 188.166.104.152:4975 | Netherlands | Amsterdam | NH | 1098 | Checked at Shopsocks5.com
Live | 98.162.25.7:31653 | United States | Unknown | 00 | Unknown | Checked at Shopsocks5.com
Live | 20.52.130.140:9230 | Germany | Frankfurt am Main | HE | 60313 | Checked at Shopsocks5.com
Live | 20.52.147.137:9150 | Germany | Frankfurt am Main | HE | 60313 | Checked at Shopsocks5.com
Live | 87.236.215.248:9051 | Lithuania | Vilnius | VL | 01213 | Checked at Shopsocks5.com


shopsocks5
Reviewed by shopsocks5 on
.
(Shopsocks5.com) Service Socks5 Cheap – Check Socks5 12h50
Service Socks5 Cheap
Payment Instantly Perfectmoney, Bitcoin, Wmtransfer, BTC-E ( Please click Buy Socks )
Check Socks5 Online

Rating: 5



.(tagsToTranslate)12h50(t)Cheap(t)Check(t)Service(t)Shopsocks5(t)Socks5(t)http://shopsocks5.com(t)live(t)checked(t)shopsocks5.com(t)60313(t)main(t)frankfurt(t)germany(t)socks5(t)unknown(t)states(t)united(t)netherlands(t)service(t)(shopsocks5.com)(t)check(t)cheap(t)http://shopsocks5.com/check(t)20.52.37.899170(t)20.52.130.1409240(t)167.71.236.1099052(t)india(t)bengaluru(t)560100(t)188.166.104.1524975(t)amsterdam(t)1098(t)98.162.25.731653(t)20.52.130.1409230(t)20.52.147.1379150(t)87.236.215.2489051(t)lithuania(t)vilnius(t)online(t)184.178.172.2515291(t)217.12.201.1909190(t)socks(t)dronten(t)8254(t)buy(t)click(t)btc-e(t)payment(t)wmtransfer