Re: synergy

2020-04-20 Thread Holman Zsolt 
...it's OK now. I'm sorry.

Holman Zsolt  ezt írta (időpont: 2020. ápr. 20., H
18:39):

> Hi All,
>
> Synergy seems unavailable to me:
> http://netbeans-vm.apache.org/synergy
>
> Regards,
> Zsolt
>

Re: Synergy password reset

2020-03-28 Thread Mohamed Chebbi 

Thanks Geertjan. :)

Le 28/03/2020 à 10:07, Geertjan Wielenga a écrit :


I think you’ll hear from Jiri during the beginning of next week, he’ll 
send you your password.


Gj

On Sat, 28 Mar 2020 at 10:03, Mohamed Chebbi > wrote:


i already check there.

Le 28/03/2020 à 10:02, Geertjan Wielenga a écrit :
> Maybe in your spam folder?
>
> Gj
>
> On Sat, 28 Mar 2020 at 10:01, Mohamed Chebbi
mailto:mhmdche...@gmail.com>> wrote:
>
>> Hi Geertjan
>>
>> i can't reset my password for my user mhmdchebbi.
>>
>> when i try to reset i don't receive the mail with the temporary
password.
>>
>>
>> can you help pls.
>>
>> Cdt
>>
>> chebbi
>>
>>

Re: Synergy password reset

2020-03-28 Thread Geertjan Wielenga 
I think you’ll hear from Jiri during the beginning of next week, he’ll send
you your password.

Gj

On Sat, 28 Mar 2020 at 10:03, Mohamed Chebbi  wrote:

> i already check there.
>
> Le 28/03/2020 à 10:02, Geertjan Wielenga a écrit :
> > Maybe in your spam folder?
> >
> > Gj
> >
> > On Sat, 28 Mar 2020 at 10:01, Mohamed Chebbi 
> wrote:
> >
> >> Hi Geertjan
> >>
> >> i can't reset my password for my user mhmdchebbi.
> >>
> >> when i try to reset i don't receive the mail with the temporary
> password.
> >>
> >>
> >> can you help pls.
> >>
> >> Cdt
> >>
> >> chebbi
> >>
> >>
>

Re: Synergy password reset

2020-03-28 Thread Geertjan Wielenga 
Maybe in your spam folder?

Gj

On Sat, 28 Mar 2020 at 10:01, Mohamed Chebbi  wrote:

> Hi Geertjan
>
> i can't reset my password for my user mhmdchebbi.
>
> when i try to reset i don't receive the mail with the temporary password.
>
>
> can you help pls.
>
> Cdt
>
> chebbi
>
>

Re: synergy backend.

2020-03-10 Thread Geertjan Wielenga 
Excellent, thanks!

Gj

On Tue, 10 Mar 2020 at 14:09, Eric Barboni  wrote:

> Hi folks,
>
>
>
> As part of jira reorganization I've set a Synergy  - infra component over
> the NETBEANSINFRA subproject.
>
>
>
> https://issues.apache.org/jira/projects/NETBEANSINFRA component Synergy -
> infra
> <
> https://issues.apache.org/jira/issues/?jql=project+%3D+NETBEANSINFRA+AND+co
> mponent+%3D+%22Synergy+-+infra%22
> >
>
>
>
>
> This is to report technical issue about synergy itself.
>
>
>
> Best Regards
>
> Eric
>
>
>
>

Re: Synergy sign-up is insecure

2018-10-11 Thread Vladimir Riha 
Hi Alvin, you're right. I've a fix "ready" for this issue (it took a bit 
more changes due some generated API responses...) but I'll commit it 
after my vacation when I have more time to review it and try it  (ETA 
end of October) because I'm not sure how one particular changed file 
will or will not be deployed in the Apache env and I would rather avoid 
breaking Synergy and (quite honestly) deal with it during my time off.



Thanks,
Lada

On 04/10/18 19:51, Alvin Thompson wrote:
Specifically, the assertion "Synergy should work just fine no matter 
which protocol is used, you can load the register page via Https just 
fine and I think all XHR requests are being made to relative urls so 
it should respect the protocol" isn't quite true because some assets 
are hard-wired as `http`.


On Oct 4, 2018, at 1:48 PM, Alvin Thompson > wrote:


Unfortunately no. Can someone tweak the page source to load the page 
assets securely? It shouldn't be too involved at all.


On Oct 3, 2018, at 11:53 PM, Vladimir Riha > wrote:


Hi, I'm on a vacation for the next month so it will have to wait I'm 
afraid. Synergy should work just fine no matter which protocol is 
used, you can load the register page via Https just fine and I think 
all XHR requests are being made to relative urls so it should 
respect the protocol. It is possible that some redirect causes 
change of https to http though. Is this the case?


Thanks,
Lada



4. října 2018 0:25:30 SELČ, "Jiří Kovalský" 
mailto:jiri.koval...@oracle.com>> napsal:

Vladimír,

  do you think this would be an easy fix to keep the secure protocol
upon logging in securely? As Alvin pointed out Synergy redirects from
https to http for me.

Thanks for your answer!

-Jirka

Dne 3.10.2018 v 20:01 Alvin Thompson napsal(a):

Unfortunately it's not quite such an easy fix. The page itself relies

on assets which are also not secure (for example, jquery is loaded over
an insecure connection). The page source must be tweaked to load all
assets securely and the service it hits to submit the information must
be secured (if it isn't already). Then the page can be served over
HTTPS. Everything must be secure or nothing is.


On Oct 3, 2018, at 1:29 PM, Leo Donahue > wrote:


Do you think whoever created the wiki page simply forgot to include

https in the url they posted here, on step #3.




https://urldefense.proofpoint.com/v2/url?u=https-3A__cwiki.apache.org_confluence_display_NETBEANS_NetCAT-2B10.0-2BParticipants=DwIFAg=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4=AOtFKoKXPMlll_r-jRLoGPxCEXD3yLe3upMrT0n4ipE=2C0Rknr0VdjT2muhBycBusrBosI8S2IbYeKRFk5YOFk=



The cert for the domain is good for https


https://urldefense.proofpoint.com/v2/url?u=https-3A__netbeans-2Dvm.apache.org=DwIFAg=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4=AOtFKoKXPMlll_r-jRLoGPxCEXD3yLe3upMrT0n4ipE=_x3q3qTK5RdcQVpzH-i4g8zxXDiMKqFypyA6elloINY=



It seems like a very short time (3 months) to pay for...

On Wed, Oct 3, 2018, 11:14 Alvin Thompson 
> wrote:

That is not something the filler of the form could or should do; not

only does the web service that the form sends this information to need
to be secure, but the form itself must be secure.


It's possible that the javascript that the page uses to submit the

password (it's an angular.js app) submits to a service secured with
HTTPS already, but by that time it's too late. Since the javascript
itself was loaded over an insecure connection, it can be modified with
a "man in the middle" attack to submit the data somewhere
else--therefore it just can't be trusted.


On Wed, Oct 3, 2018 at 11:50 AM Leo Donahue 
> wrote:

Can you just change protocol of url to https?

On Wed, Oct 3, 2018, 09:25 Alvin Thompson 
> wrote:

Sorry to be a stickler for this, but the Synergy sign-up page (


https://urldefense.proofpoint.com/v2/url?u=http-3A__netbeans-2Dvm.apache.org_synergy_client_app_-23_register=DwIFAg=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4=AOtFKoKXPMlll_r-jRLoGPxCEXD3yLe3upMrT0n4ipE=mWQUdJG3W154YmEs9jZHEDFyk-nrHEK50ztQAWmBFYA=

Re: Synergy sign-up is insecure

2018-10-04 Thread Alvin Thompson 
Specifically, the assertion "Synergy should work just fine no matter which 
protocol is used, you can load the register page via Https just fine and I 
think all XHR requests are being made to relative urls so it should respect the 
protocol" isn't quite true because some assets are hard-wired as `http`.

> On Oct 4, 2018, at 1:48 PM, Alvin Thompson  wrote:
> 
> Unfortunately no. Can someone tweak the page source to load the page assets 
> securely? It shouldn't be too involved at all.
> 
>> On Oct 3, 2018, at 11:53 PM, Vladimir Riha > > wrote:
>> 
>> Hi, I'm on a vacation for the next month so it will have to wait I'm afraid. 
>> Synergy should work just fine no matter which protocol is used, you can load 
>> the register page via Https just fine and I think all XHR requests are being 
>> made to relative urls so it should respect the protocol. It is possible that 
>> some redirect causes change of https to http though. Is this the case?
>> 
>> Thanks,
>> Lada
>> 
>> 
>> 
>> 4. října 2018 0:25:30 SELČ, "Jiří Kovalský" > > napsal:
>>> Vladimír,
>>> 
>>>   do you think this would be an easy fix to keep the secure protocol 
>>> upon logging in securely? As Alvin pointed out Synergy redirects from 
>>> https to http for me.
>>> 
>>> Thanks for your answer!
>>> 
>>> -Jirka
>>> 
>>> Dne 3.10.2018 v 20:01 Alvin Thompson napsal(a):
 Unfortunately it's not quite such an easy fix. The page itself relies
>>> on assets which are also not secure (for example, jquery is loaded over
>>> an insecure connection). The page source must be tweaked to load all
>>> assets securely and the service it hits to submit the information must
>>> be secured (if it isn't already). Then the page can be served over
>>> HTTPS. Everything must be secure or nothing is.
 
> On Oct 3, 2018, at 1:29 PM, Leo Donahue  > wrote:
> 
> Do you think whoever created the wiki page simply forgot to include
>>> https in the url they posted here, on step #3.
> 
> 
>>> https://urldefense.proofpoint.com/v2/url?u=https-3A__cwiki.apache.org_confluence_display_NETBEANS_NetCAT-2B10.0-2BParticipants=DwIFAg=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4=AOtFKoKXPMlll_r-jRLoGPxCEXD3yLe3upMrT0n4ipE=2C0Rknr0VdjT2muhBycBusrBosI8S2IbYeKRFk5YOFk=
>>>  
>>> 
>>> 
> 
> The cert for the domain is good for https
> 
>>> https://urldefense.proofpoint.com/v2/url?u=https-3A__netbeans-2Dvm.apache.org=DwIFAg=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4=AOtFKoKXPMlll_r-jRLoGPxCEXD3yLe3upMrT0n4ipE=_x3q3qTK5RdcQVpzH-i4g8zxXDiMKqFypyA6elloINY=
>>> 
> 
> It seems like a very short time (3 months) to pay for...
> 
> On Wed, Oct 3, 2018, 11:14 Alvin Thompson >> > wrote:
> That is not something the filler of the form could or should do; not
>>> only does the web service that the form sends this information to need
>>> to be secure, but the form itself must be secure.
> 
> It's possible that the javascript that the page uses to submit the
>>> password (it's an angular.js app) submits to a service secured with
>>> HTTPS already, but by that time it's too late. Since the javascript
>>> itself was loaded over an insecure connection, it can be modified with
>>> a "man in the middle" attack to submit the data somewhere
>>> else--therefore it just can't be trusted.
> 
> On Wed, Oct 3, 2018 at 11:50 AM Leo Donahue >> > wrote:
> Can you just change protocol of url to https?
> 
> On Wed, Oct 3, 2018, 09:25 Alvin Thompson >> > wrote:
> Sorry to be a stickler for this, but the Synergy sign-up page (
> 
>>>

Re: Synergy sign-up is insecure

2018-10-04 Thread Alvin Thompson 
Unfortunately no. Can someone tweak the page source to load the page assets 
securely? It shouldn't be too involved at all.

> On Oct 3, 2018, at 11:53 PM, Vladimir Riha  wrote:
> 
> Hi, I'm on a vacation for the next month so it will have to wait I'm afraid. 
> Synergy should work just fine no matter which protocol is used, you can load 
> the register page via Https just fine and I think all XHR requests are being 
> made to relative urls so it should respect the protocol. It is possible that 
> some redirect causes change of https to http though. Is this the case?
> 
> Thanks,
> Lada
> 
> 
> 
> 4. října 2018 0:25:30 SELČ, "Jiří Kovalský"  > napsal:
>> Vladimír,
>> 
>>   do you think this would be an easy fix to keep the secure protocol 
>> upon logging in securely? As Alvin pointed out Synergy redirects from 
>> https to http for me.
>> 
>> Thanks for your answer!
>> 
>> -Jirka
>> 
>> Dne 3.10.2018 v 20:01 Alvin Thompson napsal(a):
>>> Unfortunately it's not quite such an easy fix. The page itself relies
>> on assets which are also not secure (for example, jquery is loaded over
>> an insecure connection). The page source must be tweaked to load all
>> assets securely and the service it hits to submit the information must
>> be secured (if it isn't already). Then the page can be served over
>> HTTPS. Everything must be secure or nothing is.
>>> 
 On Oct 3, 2018, at 1:29 PM, Leo Donahue  wrote:
 
 Do you think whoever created the wiki page simply forgot to include
>> https in the url they posted here, on step #3.
 
 
>> https://urldefense.proofpoint.com/v2/url?u=https-3A__cwiki.apache.org_confluence_display_NETBEANS_NetCAT-2B10.0-2BParticipants=DwIFAg=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4=AOtFKoKXPMlll_r-jRLoGPxCEXD3yLe3upMrT0n4ipE=2C0Rknr0VdjT2muhBycBusrBosI8S2IbYeKRFk5YOFk=
>> 
 
 The cert for the domain is good for https
 
>> https://urldefense.proofpoint.com/v2/url?u=https-3A__netbeans-2Dvm.apache.org=DwIFAg=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4=AOtFKoKXPMlll_r-jRLoGPxCEXD3yLe3upMrT0n4ipE=_x3q3qTK5RdcQVpzH-i4g8zxXDiMKqFypyA6elloINY=
>> 
 
 It seems like a very short time (3 months) to pay for...
 
 On Wed, Oct 3, 2018, 11:14 Alvin Thompson > > wrote:
 That is not something the filler of the form could or should do; not
>> only does the web service that the form sends this information to need
>> to be secure, but the form itself must be secure.
 
 It's possible that the javascript that the page uses to submit the
>> password (it's an angular.js app) submits to a service secured with
>> HTTPS already, but by that time it's too late. Since the javascript
>> itself was loaded over an insecure connection, it can be modified with
>> a "man in the middle" attack to submit the data somewhere
>> else--therefore it just can't be trusted.
 
 On Wed, Oct 3, 2018 at 11:50 AM Leo Donahue > > wrote:
 Can you just change protocol of url to https?
 
 On Wed, Oct 3, 2018, 09:25 Alvin Thompson > > wrote:
 Sorry to be a stickler for this, but the Synergy sign-up page (
 
>> https://urldefense.proofpoint.com/v2/url?u=http-3A__netbeans-2Dvm.apache.org_synergy_client_app_-23_register=DwIFAg=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4=AOtFKoKXPMlll_r-jRLoGPxCEXD3yLe3upMrT0n4ipE=mWQUdJG3W154YmEs9jZHEDFyk-nrHEK50ztQAWmBFYA=
>> )
>> asks you to
 submit a password over an insecure connection. Can this be moved to
>> HTTPS?
>>> 
>>> 
> 
> -- 
> Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: Synergy sign-up is insecure

2018-10-04 Thread Vladimir Riha 
Hi, I'm on a vacation for the next month so it will have to wait I'm afraid. 
Synergy should work just fine no matter which protocol is used, you can load 
the register page via Https just fine and I think all XHR requests are being 
made to relative urls so it should respect the protocol. It is possible that 
some redirect causes change of https to http though. Is this the case?

Thanks,
Lada



4. října 2018 0:25:30 SELČ, "Jiří Kovalský"  napsal:
>Vladimír,
>
>do you think this would be an easy fix to keep the secure protocol 
>upon logging in securely? As Alvin pointed out Synergy redirects from 
>https to http for me.
>
>Thanks for your answer!
>
>-Jirka
>
>Dne 3.10.2018 v 20:01 Alvin Thompson napsal(a):
>> Unfortunately it's not quite such an easy fix. The page itself relies
>on assets which are also not secure (for example, jquery is loaded over
>an insecure connection). The page source must be tweaked to load all
>assets securely and the service it hits to submit the information must
>be secured (if it isn't already). Then the page can be served over
>HTTPS. Everything must be secure or nothing is.
>> 
>>> On Oct 3, 2018, at 1:29 PM, Leo Donahue  wrote:
>>>
>>> Do you think whoever created the wiki page simply forgot to include
>https in the url they posted here, on step #3.
>>>
>>>
>https://urldefense.proofpoint.com/v2/url?u=https-3A__cwiki.apache.org_confluence_display_NETBEANS_NetCAT-2B10.0-2BParticipants=DwIFAg=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4=AOtFKoKXPMlll_r-jRLoGPxCEXD3yLe3upMrT0n4ipE=2C0Rknr0VdjT2muhBycBusrBosI8S2IbYeKRFk5YOFk=
>
>>>
>>> The cert for the domain is good for https
>>>
>https://urldefense.proofpoint.com/v2/url?u=https-3A__netbeans-2Dvm.apache.org=DwIFAg=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4=AOtFKoKXPMlll_r-jRLoGPxCEXD3yLe3upMrT0n4ipE=_x3q3qTK5RdcQVpzH-i4g8zxXDiMKqFypyA6elloINY=
>
>>>
>>> It seems like a very short time (3 months) to pay for...
>>>
>>> On Wed, Oct 3, 2018, 11:14 Alvin Thompson > wrote:
>>> That is not something the filler of the form could or should do; not
>only does the web service that the form sends this information to need
>to be secure, but the form itself must be secure.
>>>
>>> It's possible that the javascript that the page uses to submit the
>password (it's an angular.js app) submits to a service secured with
>HTTPS already, but by that time it's too late. Since the javascript
>itself was loaded over an insecure connection, it can be modified with
>a "man in the middle" attack to submit the data somewhere
>else--therefore it just can't be trusted.
>>>
>>> On Wed, Oct 3, 2018 at 11:50 AM Leo Donahue > wrote:
>>> Can you just change protocol of url to https?
>>>
>>> On Wed, Oct 3, 2018, 09:25 Alvin Thompson > wrote:
>>> Sorry to be a stickler for this, but the Synergy sign-up page (
>>>
>https://urldefense.proofpoint.com/v2/url?u=http-3A__netbeans-2Dvm.apache.org_synergy_client_app_-23_register=DwIFAg=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4=AOtFKoKXPMlll_r-jRLoGPxCEXD3yLe3upMrT0n4ipE=mWQUdJG3W154YmEs9jZHEDFyk-nrHEK50ztQAWmBFYA=
>)
>asks you to
>>> submit a password over an insecure connection. Can this be moved to
>HTTPS?
>> 
>> 

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: Synergy sign-up is insecure

2018-10-03 Thread Jiří Kovalský 

Vladimír,

   do you think this would be an easy fix to keep the secure protocol 
upon logging in securely? As Alvin pointed out Synergy redirects from 
https to http for me.


Thanks for your answer!

-Jirka

Dne 3.10.2018 v 20:01 Alvin Thompson napsal(a):

Unfortunately it's not quite such an easy fix. The page itself relies on assets 
which are also not secure (for example, jquery is loaded over an insecure 
connection). The page source must be tweaked to load all assets securely and 
the service it hits to submit the information must be secured (if it isn't 
already). Then the page can be served over HTTPS. Everything must be secure or 
nothing is.


On Oct 3, 2018, at 1:29 PM, Leo Donahue  wrote:

Do you think whoever created the wiki page simply forgot to include https in 
the url they posted here, on step #3.

https://urldefense.proofpoint.com/v2/url?u=https-3A__cwiki.apache.org_confluence_display_NETBEANS_NetCAT-2B10.0-2BParticipants=DwIFAg=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4=AOtFKoKXPMlll_r-jRLoGPxCEXD3yLe3upMrT0n4ipE=2C0Rknr0VdjT2muhBycBusrBosI8S2IbYeKRFk5YOFk=
 


The cert for the domain is good for https
https://urldefense.proofpoint.com/v2/url?u=https-3A__netbeans-2Dvm.apache.org=DwIFAg=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4=AOtFKoKXPMlll_r-jRLoGPxCEXD3yLe3upMrT0n4ipE=_x3q3qTK5RdcQVpzH-i4g8zxXDiMKqFypyA6elloINY=
 


It seems like a very short time (3 months) to pay for...

On Wed, Oct 3, 2018, 11:14 Alvin Thompson mailto:al...@thompsonlogic.com>> wrote:
That is not something the filler of the form could or should do; not only does 
the web service that the form sends this information to need to be secure, but 
the form itself must be secure.

It's possible that the javascript that the page uses to submit the password (it's an 
angular.js app) submits to a service secured with HTTPS already, but by that time it's 
too late. Since the javascript itself was loaded over an insecure connection, it can be 
modified with a "man in the middle" attack to submit the data somewhere 
else--therefore it just can't be trusted.

On Wed, Oct 3, 2018 at 11:50 AM Leo Donahue mailto:donahu...@gmail.com>> wrote:
Can you just change protocol of url to https?

On Wed, Oct 3, 2018, 09:25 Alvin Thompson mailto:al...@thompsonlogic.com>> wrote:
Sorry to be a stickler for this, but the Synergy sign-up page (
https://urldefense.proofpoint.com/v2/url?u=http-3A__netbeans-2Dvm.apache.org_synergy_client_app_-23_register=DwIFAg=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4=AOtFKoKXPMlll_r-jRLoGPxCEXD3yLe3upMrT0n4ipE=mWQUdJG3W154YmEs9jZHEDFyk-nrHEK50ztQAWmBFYA=
 
)
 asks you to
submit a password over an insecure connection. Can this be moved to HTTPS?





-
To unsubscribe, e-mail: netcat-unsubscr...@netbeans.apache.org
For additional commands, e-mail: netcat-h...@netbeans.apache.org

For further information about the NetBeans mailing lists, visit:
https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists

Re: Synergy sign-up is insecure

2018-10-03 Thread Alvin Thompson 
Unfortunately it's not quite such an easy fix. The page itself relies on assets 
which are also not secure (for example, jquery is loaded over an insecure 
connection). The page source must be tweaked to load all assets securely and 
the service it hits to submit the information must be secured (if it isn't 
already). Then the page can be served over HTTPS. Everything must be secure or 
nothing is.

> On Oct 3, 2018, at 1:29 PM, Leo Donahue  wrote:
> 
> Do you think whoever created the wiki page simply forgot to include https in 
> the url they posted here, on step #3.
> 
> https://cwiki.apache.org/confluence/display/NETBEANS/NetCAT+10.0+Participants 
> 
> 
> The cert for the domain is good for https
> https://netbeans-vm.apache.org 
> 
> It seems like a very short time (3 months) to pay for...
> 
> On Wed, Oct 3, 2018, 11:14 Alvin Thompson  > wrote:
> That is not something the filler of the form could or should do; not only 
> does the web service that the form sends this information to need to be 
> secure, but the form itself must be secure.
> 
> It's possible that the javascript that the page uses to submit the password 
> (it's an angular.js app) submits to a service secured with HTTPS already, but 
> by that time it's too late. Since the javascript itself was loaded over an 
> insecure connection, it can be modified with a "man in the middle" attack to 
> submit the data somewhere else--therefore it just can't be trusted.
> 
> On Wed, Oct 3, 2018 at 11:50 AM Leo Donahue  > wrote:
> Can you just change protocol of url to https?
> 
> On Wed, Oct 3, 2018, 09:25 Alvin Thompson  > wrote:
> Sorry to be a stickler for this, but the Synergy sign-up page (
> http://netbeans-vm.apache.org/synergy/client/app/#/register 
> ) asks you to
> submit a password over an insecure connection. Can this be moved to HTTPS?

Re: Synergy sign-up is insecure

2018-10-03 Thread Alvin Thompson 
Since I've received a private reply, I'll point out the main issue here:

Not only does the web service that the form sends this information to need
to be secure, but the form itself must be secure.

It's possible that the javascript that the page uses to submit the password
(the registration page is an angular.js app) submits to a service secured
with HTTPS already, but by that time it's too late. Since the javascript
itself was loaded over an insecure connection, it can be modified with a
"man in the middle" attack to submit the data somewhere else--therefore
neither the javascript nor the page can be trusted.

On Wed, Oct 3, 2018 at 11:25 AM Alvin Thompson 
wrote:

> Sorry to be a stickler for this, but the Synergy sign-up page (
> http://netbeans-vm.apache.org/synergy/client/app/#/register) asks you to
> submit a password over an insecure connection. Can this be moved to HTTPS?
>

Re: Synergy problem

2018-03-27 Thread Vladimir Riha 
Hi Luca,
I've fixed it :)

On March 25, 2018 11:47:39 AM GMT+02:00, Luca Mambretti 
<luca.mambre...@bizeta.net> wrote:
>Hi,
>
>tried that again today and it works, weird since before posting I got
>the same problem on a different system where I hadn't touched Synergy
>before, will be filling a new bug shortly, after that I'll see if it
>freezes up again.
>
>Regards
>Luca.
>
>- Messaggio originale -
>Da: "Jiří Kovalský" <jiri.koval...@oracle.com>
>A: "netcat" <netcat@netbeans.apache.org>, "Vladimír ŘÍHA"
><vladimir.r...@oracle.com>
>Inviato: Sabato, 24 marzo 2018 23:27:19
>Oggetto: Re: Synergy problem
>
>Hi Luca,
>
>   I have just tried to start one my test assignment and I was able to 
>both proceedand save results and then also restart it from where I 
>stopped. However, it's true that I can no longer see the second view of
>
>the test run (it's just empty) whereas the first view still works fine:
>
>https://urldefense.proofpoint.com/v2/url?u=http-3A__netbeans-2Dvm.apache.org_synergy_client_app_-23_run_28_v_1=DwIFaQ=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE=995ezHe0yzwqDL2W40z3jER9m-MCzCaF9I0Hhm75C8k=lp6mji0lzIz-Z13ofHXmz14IREsiyIDs0bs3LmgFab0=FX2hBG3E2qo1PDkS9swrff6lHmzt97QO_u1bSMX0teU=
>
>Láďo, can you please reproduce the problem and hopefully fix it?
>
>Thanks a lot,
>-Jirka
>
>Dne 24.3.2018 v 13:03 Luca Mambretti napsal(a):
>> It's just me or Synergy is having problems running test suites. I can
>no longer resume testing, and if I go to the current test run I cannot
>see any assignments.
>> 
>> Everything started after I filled [
>https://urldefense.proofpoint.com/v2/url?u=https-3A__issues.apache.org_jira_browse_NETBEANS-2D518=DwICaQ=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4=QPFPqeRIZPRGN0V-IoyTtFJ_Ja5e3PERJAzAiSGOwt0=JmaRkiUHnPpsmY5tLFcQu1P9bcPQP5oUjHvMR80jD0s=
>| NETBEANS-518 ] on maven " [
>https://urldefense.proofpoint.com/v2/url?u=http-3A__netbeans-2Dvm.apache.org_synergy_client_app_-23_case_3848_suite_2275_v_1=DwICaQ=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4=QPFPqeRIZPRGN0V-IoyTtFJ_Ja5e3PERJAzAiSGOwt0=vP72ei62AhmMZFj_DCe5pAx3LhWWXX9KXHb-6C9RAXo=
>| Test file ] " case, from there onwards I was unable to continue
>working, maybe it's not related at all but who knows.
>> 
>> Regards
>> Luca.
>> 
>
>-
>To unsubscribe, e-mail: netcat-unsubscr...@netbeans.apache.org
>For additional commands, e-mail: netcat-h...@netbeans.apache.org
>
>For further information about the NetBeans mailing lists, visit:
>https://urldefense.proofpoint.com/v2/url?u=https-3A__cwiki.apache.org_confluence_display_NETBEANS_Mailing-2Blists=DwIFaQ=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE=995ezHe0yzwqDL2W40z3jER9m-MCzCaF9I0Hhm75C8k=lp6mji0lzIz-Z13ofHXmz14IREsiyIDs0bs3LmgFab0=zGMIO0Et74WWbsgBXH4g5tGfZVa6qkNAumVadyAOMXU=

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: synergy password reset

2018-03-26 Thread Alied Pérez Martínez 
Thanks!

On 03/26/2018 10:18 AM, Jiří Kovalský wrote:
> Hi Alied,
>
> please use chang3me and then set it to whatever you like.
>
> Hope this helps,
> -Jirka
>
> Dne 26.3.2018 v 07:01 Alied Pérez Martínez napsal(a):
>
>> Same here; I tried with the same password as Jira/Confluence (which of
>> course didn't work), and the reset password won't send a mail.
>>
>> On 03/20/2018 09:43 AM, Holman Zsolt wrote:
>>> The same problem here. Could you please send me directly a new
>>> password for
>>> Synergy?
>>>
>>> Hermien Pellissier  ezt írta (időpont: 2018. márc.
>>> 20., K 13:31):
>>>
 The email part is indeed not working yet. I can reset your password
 though
 - will send the new one to you directly.

 ~ Hermien

 On Tue, Mar 20, 2018 at 1:01 PM, Yonathan W'Gebriel
  wrote:
> Does password reset in synergy work?I tried multiple times but never
> received the verification email.
>
>>
>>
>>
>>
>> -
>> To unsubscribe, e-mail: netcat-unsubscr...@netbeans.apache.org
>> For additional commands, e-mail: netcat-h...@netbeans.apache.org
>>
>> For further information about the NetBeans mailing lists, visit:
>> https://urldefense.proofpoint.com/v2/url?u=https-3A__cwiki.apache.org_confluence_display_NETBEANS_Mailing-2Blists=DwIBAg=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4=SWQa-whc5L4M239kmwAVqm3yxVOT6uAeWgfl_W8dEfA=G3mnvE0gV6mLtFCshjEw4oHdMUXcDF_FzvZFtBL5ZX4=
>>
>>
>
> -
> To unsubscribe, e-mail: netcat-unsubscr...@netbeans.apache.org
> For additional commands, e-mail: netcat-h...@netbeans.apache.org
>
> For further information about the NetBeans mailing lists, visit:
> https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists
>



0x5122EAC4.asc
Description: application/pgp-keys

-
To unsubscribe, e-mail: netcat-unsubscr...@netbeans.apache.org
For additional commands, e-mail: netcat-h...@netbeans.apache.org

For further information about the NetBeans mailing lists, visit:
https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists

Re: synergy password reset

2018-03-26 Thread Jiří Kovalský 

Hi Alied,

please use chang3me and then set it to whatever you like.

Hope this helps,
-Jirka

Dne 26.3.2018 v 07:01 Alied Pérez Martínez napsal(a):


Same here; I tried with the same password as Jira/Confluence (which of
course didn't work), and the reset password won't send a mail.

On 03/20/2018 09:43 AM, Holman Zsolt wrote:

The same problem here. Could you please send me directly a new password for
Synergy?

Hermien Pellissier  ezt írta (időpont: 2018. márc.
20., K 13:31):


The email part is indeed not working yet. I can reset your password though
- will send the new one to you directly.

~ Hermien

On Tue, Mar 20, 2018 at 1:01 PM, Yonathan W'Gebriel

Re: Synergy problem

2018-03-25 Thread Sven Reimers 
Sorry for the hassle - works for me now..

Sven

On Sun, Mar 25, 2018 at 9:49 PM, Sven Reimers <sven.reim...@gmail.com>
wrote:

> Tried to start my test and got a page telling me "Action Failed"
>
> Now it seems I can not go forward..
>
> Waiting for feedback
>
> Sven
>
> On Sun, Mar 25, 2018 at 4:06 PM, Jiří Kovalský <jiri.koval...@oracle.com>
> wrote:
>
>> Thanks a lot Láďo!
>>
>> -Jirka
>>
>> Dne 25.3.2018 v 13:55 Vladimir Riha napsal(a):
>>
>> Hi Luca,
>>> I've fixed it :)
>>>
>>> On March 25, 2018 11:47:39 AM GMT+02:00, Luca Mambretti <
>>> luca.mambre...@bizeta.net> wrote:
>>>
>>> Hi,
>>>
>>> tried that again today and it works, weird since before posting I
>>> got the same problem on a different system where I hadn't touched Synergy
>>> before, will be filling a new bug shortly, after that I'll see if it
>>> freezes up again.
>>>
>>> Regards
>>> Luca.
>>>
>>> ----- Messaggio originale -
>>> Da: "Jiří Kovalský" <jiri.koval...@oracle.com>
>>> A: "netcat" <netcat@netbeans.apache.org>, "Vladimír ŘÍHA" <
>>> vladimir.r...@oracle.com>
>>> Inviato: Sabato, 24 marzo 2018 23:27:19
>>> Oggetto: Re: Synergy problem
>>>
>>> Hi Luca,
>>>
>>>  I have just tried to start one my test assignment and I was
>>> able to
>>> both proceedand save results and then also restart it from where I
>>> stopped. However, it's true that I can no longer see the second view
>>> of
>>> the test run (it's just empty) whereas the first view still works
>>> fine:
>>>
>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__netbeans
>>> -2Dvm.apache.org_synergy_client_app_-23_run_28_v_1=DwIFaQ&
>>> c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE=995ezHe0yzwq
>>> DL2W40z3jER9m-MCzCaF9I0Hhm75C8k=lp6mji0lzIz-Z13ofHXmz14IRE
>>> siyIDs0bs3LmgFab0=FX2hBG3E2qo1PDkS9swrff6lHmzt97QO_u1bSMX0teU=
>>>
>>> Láďo, can you please reproduce the problem and hopefully fix it?
>>>
>>> Thanks a lot,
>>> -Jirka
>>>
>>> Dne 24.3.2018 v 13:03 Luca Mambretti napsal(a):
>>>
>>> It's just me or Synergy is having problems running test suites.
>>> I can no longer resume testing, and if I go to the current test
>>> run I cannot see any assignments.
>>>
>>> Everything started after I filled [
>>> https://urldefense.proofpoint.com/v2/url?u=https-3A__issues.
>>> apache.org_jira_browse_NETBEANS-2D518=DwICaQ=RoP1YumCXCg
>>> aWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE=8_Pz0x0SKeT5e3IehhQKCbQ2x
>>> l3tz40jnCU133NrdP4=QPFPqeRIZPRGN0V-IoyTtFJ_Ja5e3PERJAzAiSG
>>> Owt0=JmaRkiUHnPpsmY5tLFcQu1P9bcPQP5oUjHvMR80jD0s=
>>> | NETBEANS-518 ] on maven " [
>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__netbeans
>>> -2Dvm.apache.org_synergy_client_app_-23_case_3848_suite_
>>> 2275_v_1=DwICaQ=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_
>>> JnE=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4=QPFPqeRI
>>> ZPRGN0V-IoyTtFJ_Ja5e3PERJAzAiSGOwt0=vP72ei62AhmMZFj_
>>> DCe5pAx3LhWWXX9KXHb-6C9RAXo=
>>> | Test file ] " case, from there onwards I was unable to
>>> continue working, maybe it's not related at all but who knows.
>>>
>>> Regards
>>> Luca.
>>>
>>>
>>> 
>>> 
>>>
>>> To unsubscribe, e-mail: netcat-unsubscr...@netbeans.apache.org
>>> For additional commands, e-mail: netcat-h...@netbeans.apache.org
>>>
>>> For further information about the NetBeans mailing lists, visit:
>>> https://urldefense.proofpoint.com/v2/url?u=https-3A__cwiki.a
>>> pache.org_confluence_display_NETBEANS_Mailing-2Blists=DwIF
>>> aQ=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE=995ezHe0y
>>> zwqDL2W40z3jER9m-MCzCaF9I0Hhm75C8k=lp6mji0lzIz-Z13ofHXmz14
>>> IREsiyIDs0bs3LmgFab0=zGMIO0Et74WWbsgBXH4g5tGfZVa6qkNAumVadyAOMXU=
>>>
>>>
>>> --
>>> Sent from my Android device with K-9 Mail. Please excuse my brevity.
>>>
>>
>> -
>> To unsubscribe,

Re: Synergy problem

2018-03-24 Thread Jiří Kovalský 

Hi Luca,

   I have just tried to start one my test assignment and I was able to 
both proceedand save results and then also restart it from where I 
stopped. However, it's true that I can no longer see the second view of 
the test run (it's just empty) whereas the first view still works fine:


http://netbeans-vm.apache.org/synergy/client/app/#/run/28/v/1

Láďo, can you please reproduce the problem and hopefully fix it?

Thanks a lot,
-Jirka

Dne 24.3.2018 v 13:03 Luca Mambretti napsal(a):

It's just me or Synergy is having problems running test suites. I can no longer 
resume testing, and if I go to the current test run I cannot see any 
assignments.

Everything started after I filled [ 
https://urldefense.proofpoint.com/v2/url?u=https-3A__issues.apache.org_jira_browse_NETBEANS-2D518=DwICaQ=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4=QPFPqeRIZPRGN0V-IoyTtFJ_Ja5e3PERJAzAiSGOwt0=JmaRkiUHnPpsmY5tLFcQu1P9bcPQP5oUjHvMR80jD0s=
 | NETBEANS-518 ] on maven " [ 
https://urldefense.proofpoint.com/v2/url?u=http-3A__netbeans-2Dvm.apache.org_synergy_client_app_-23_case_3848_suite_2275_v_1=DwICaQ=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4=QPFPqeRIZPRGN0V-IoyTtFJ_Ja5e3PERJAzAiSGOwt0=vP72ei62AhmMZFj_DCe5pAx3LhWWXX9KXHb-6C9RAXo=
 | Test file ] " case, from there onwards I was unable to continue working, maybe it's not related at all but who knows.

Regards
Luca.



-
To unsubscribe, e-mail: netcat-unsubscr...@netbeans.apache.org
For additional commands, e-mail: netcat-h...@netbeans.apache.org

For further information about the NetBeans mailing lists, visit:
https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists

Re: synergy password reset

2018-03-22 Thread Holman Zsolt 
Jirka, it is OK now: logged in, changed pwd...

Thanks,
Zsolt

2018. 03.  22, csütörtök keltezéssel 20.46-kor Jiří Kovalský ezt írta:
> Hi Zsolt,
> 
> I was able to login [1] using your temporary credentials 
> (holzsol/chang3me). What error message do you get on your end?
> 
> [1] http://netbeans-vm.apache.org/synergy/client/app/#/login
> 
> Thanks,
> -Jirka
> 
> Dne 22.3.2018 v 12:34 Holman Zsolt napsal(a):
> > 
> > Hello Jiří,
> > 
> > I was not able amend my Synergy account. Could you please check it?
> > 
> > Regards,
> > Zsolt
> > 
> > Jiří Kovalský  ezt írta (időpont: 2018.
> > márc.
> > 20., K 14:25):
> > 
> > > 
> > > Holman,
> > > 
> > > I don't see your account in Synergy. You are not even registered
> > > as
> > > NetCAT 9.0 participant:
> > > 
> > > 
> > > https://urldefense.proofpoint.com/v2/url?u=https-3A__cwiki.apache
> > > .org_confluence_display_NETBEANS_NetCAT-2B9.0-
> > > 2BParticipants=DwIFaQ=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI
> > > _JnE=8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4=Jm4rs53sUSuo
> > > IgdbIdrx432eP3f81G6DyLcTAl_7P9U=USRVWzOqv_qNJCSISyS8MJ9bcc6BW-
> > > JcrEeYSJVS_Y4=
> > > 
> > > -Jirka
> > > 
> > > Dne 20.3.2018 v 13:43 Holman Zsolt napsal(a):
> > > > 
> > > > The same problem here. Could you please send me directly a new
> > > > password
> > > for
> > > > 
> > > > Synergy?
> > > > 
> > > > Hermien Pellissier  ezt írta (időpont:
> > > > 2018. márc.
> > > > 20., K 13:31):
> > > > 
> > > > > 
> > > > > The email part is indeed not working yet. I can reset your
> > > > > password
> > > though
> > > > 
> > > > > 
> > > > > - will send the new one to you directly.
> > > > > 
> > > > > ~ Hermien
> > > > > 
> > > > > On Tue, Mar 20, 2018 at 1:01 PM, Yonathan W'Gebriel
> > > > >  > > > > > 
> > > > > > wrote:
> > > > > > 
> > > > > > Does password reset in synergy work?I tried multiple times
> > > > > > but never
> > > > > > received the verification email.
> > > > > > 
> > > ---
> > > --
> > > To unsubscribe, e-mail: netcat-unsubscr...@netbeans.apache.org
> > > For additional commands, e-mail: netcat-h...@netbeans.apache.org
> > > 
> > > For further information about the NetBeans mailing lists, visit:
> > > https://urldefense.proofpoint.com/v2/url?u=https-3A__cwiki.apache
> > > .org_confluence_display_NETBEANS_Mailing-
> > > 2Blists=DwIFaQ=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE=
> > > 8_Pz0x0SKeT5e3IehhQKCbQ2xl3tz40jnCU133NrdP4=Jm4rs53sUSuoIgdbIdr
> > > x432eP3f81G6DyLcTAl_7P9U=i-
> > > eps_8T1sf77hQwZiZ7gszacPvujT3mHRqQ1eut6rI=
> > > 
> > > 
> -
> To unsubscribe, e-mail: netcat-unsubscr...@netbeans.apache.org
> For additional commands, e-mail: netcat-h...@netbeans.apache.org
> 
> For further information about the NetBeans mailing lists, visit:
> https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists
> 

-
To unsubscribe, e-mail: netcat-unsubscr...@netbeans.apache.org
For additional commands, e-mail: netcat-h...@netbeans.apache.org

For further information about the NetBeans mailing lists, visit:
https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists

Re: synergy password reset

2018-03-20 Thread Jiří Kovalský 

Holman,

I don't see your account in Synergy. You are not even registered as 
NetCAT 9.0 participant:


https://cwiki.apache.org/confluence/display/NETBEANS/NetCAT+9.0+Participants

-Jirka

Dne 20.3.2018 v 13:43 Holman Zsolt napsal(a):

The same problem here. Could you please send me directly a new password for
Synergy?

Hermien Pellissier  ezt írta (időpont: 2018. márc.
20., K 13:31):


The email part is indeed not working yet. I can reset your password though
- will send the new one to you directly.

~ Hermien

On Tue, Mar 20, 2018 at 1:01 PM, Yonathan W'Gebriel

Re: synergy password reset

2018-03-20 Thread Holman Zsolt 
The same problem here. Could you please send me directly a new password for
Synergy?

Hermien Pellissier  ezt írta (időpont: 2018. márc.
20., K 13:31):

> The email part is indeed not working yet. I can reset your password though
> - will send the new one to you directly.
>
> ~ Hermien
>
> On Tue, Mar 20, 2018 at 1:01 PM, Yonathan W'Gebriel
>  > wrote:
>
> > Does password reset in synergy work?I tried multiple times but never
> > received the verification email.
> >
>