Security

Enhancing Flask SSO with Role-Based Access Control (RBAC) Enhancing Flask SSO with Role-Based Access Control (RBAC) To enhance your Single Sign-On (SSO) application with Role-Based Access Control (RBAC), you need to implement a mechanism to assign roles to users and control access to different routes or resources based on those roles. Here's how you can do it step by step: 1. Extend the Database Schema You'll need to add a role column to the users table so that each user can be assigned a role, such as "admin," "user," or any other custom role. def init_db(): try: with sqlite3.connect('sso_service.db') as conn: c = conn.cursor() c.execute('''CREATE TABLE IF NOT EXISTS tokens (token TEXT PRIMARY KEY, username TEXT, token_type TEXT, expiration DATETIME)''') c.execute('''CREATE TABLE IF NOT EXISTS totp_secrets (username TEXT

 

Poll-monitor/SSH remote access to WSL (Windows Subsystem for Linux) Windows 2022 server and enable wsl.exe automatically during Windows 2022 server restart/reboot from remote Ubuntu 22.04 LTS Shell Script Copy Code #!/bin/bash # Log file location LOG_FILE="/var/log/ping_monitor.log" SERVICE_NAME="ping_monitor.service" # Function to log messages with timestamps log_message() { echo "$(date +"%Y-%m-%d %H:%M:%S") - $1" >> $LOG_FILE } # IP address to ping IP_ADDRESS="A.B.C.D" # Number of timeouts and replies to check TIMEOUT_COUNT=2 # Adjust this as needed REPLY_COUNT=4 # Initialize counters timeout_counter=0 reply_counter=0 # Infinite loop to monitor the ping status while true; do # Ping the IP address once ping -c 1 $IP_ADDRESS > /dev/null 2>&1 # Check the exit status of the ping command if [ $? -ne 0 ]; then # Increment the timeout counter if the pi

Automatic trigger enabling of Openresty during WSL (Windows Subsystem of Linux) startup in Windows 2022 Server Step 1: Login as Sudo user in WSL and Install the below package first Copy Code sudo apt install expect Step 2: Create the shell script as below Copy Code nano start_openresty_expect.sh #!/usr/bin/expect -f set timeout 10 spawn sudo service openresty start expect "password for jegan:" send "jegan@123\r" expect eof Step 3: Provide executable permission to the shell script start_openresty_expect.sh Copy Code chmod +x start_openresty_expect.sh Step 4: Go to bashrc file Copy Code nano ~/.bashrc Step 5: Add the below at the end of the bashrc file, then save and exit Copy Code ~/start_openresty_expect.sh Step 6: Update bashrc Copy Code source ~/.bashrc Whenever the WSL restarts/reboots/starts Openresty will be automat

Enabling NAT to expose public services of WSL (Windows Subsystem for Linux) in Windows 2022 Server using Powershell as Administrator Step 1 : Check the existing NAT Table Copy Code netsh interface portproxy show all Step 2 : Expose port 80 public services of WSL Copy Code netsh interface portproxy add v4tov4 listenaddress=LOCAL_SERVER_PUBLIC_IP_ADDRESS listenport=80 connectaddress=LOCAL_SERVER_PRIVATE_IP_ADDRESS_WSL connectport=80 Step 3 : Expose port 443 public services of WSL Copy Code netsh interface portproxy add v4tov4 listenaddress=LOCAL_SERVER_PUBLIC_IP_ADDRESS listenport=443 connectaddress=LOCAL_SERVER_PRIVATE_IP_ADDRESS_WSL connectport=443 Step 4 : Check the NAT Table again to confirm that the changes are applied Copy Code netsh interface portproxy show all Enabling NAT to expose public services of WSL (Windows Subsystem for Linux) in Windows 2022 Server using Powershell as Ad

Enable OpenSSH Server Using PowerShell in Windows 2022 Server Run Powershell as Administrator Execute the commands mentioned in the below steps Step 1 Copy Code Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0 Step 2 Copy Code Start-Service sshd Step 3 Copy Code Set-Service -Name sshd -StartupType 'Automatic' Step 4 Copy Code New-NetFirewallRule -Name sshd -DisplayName 'OpenSSH Server (sshd)' -Enabled True -Direction Inbound -Protocol TCP -Action Allow -LocalPort 22 Step 5 Copy Code Get-Service -Name sshd Enabling OpenSSH Server Using PowerShell in Windows 2022 Server is complete !!!

Install and Enable Certbot letsencrypt SSL/TLS Certificate in NGINX Ubuntu 22.04 LTS Step 1: Update the Package List Copy Code sudo apt update Step 2: Install Certbot Copy Code sudo add-apt-repository universe Then, install Certbot using apt: Copy Code sudo apt install certbot Step 3: Install the Plugin for NGINX Copy Code sudo apt install python3-certbot-nginx Step 4: Get the certificate for the preferred domain Copy Code sudo certbot certonly --standalone -d your_domain

Install and Enable WSL on Windows 2022 Server 1) Execute All the below commands in PowerShell as Administrator Copy Code dism.exe /online /enable-feature /featurename:Microsoft-Hyper-V /all /norestart dism.exe /online /enable-feature /featurename:Microsoft-Hyper-V-Management-Clients /all /norestart dism.exe /online /enable-feature /featurename:Microsoft-Hyper-V-Management-PowerShell /all /norestart dism.exe /online /enable-feature /featurename:VirtualMachinePlatform /all /norestart 2) Reboot the Server Copy Code shutdown /r /t 0 3) Once the server reboot is complete, execute the below command Copy Code wsl --install -d Ubuntu Note: It will ask to reboot the server Copy Code shutdown /r /t 0 4) After reboot, It will throw error, then execute the below command Copy Code wsl --update wsl --set-default-version 1 5) Again execute the below command Copy Code