Search Results

Search found 74 results on 3 pages for 'authentification'.

Page 1/3 | 1 2 3  | Next Page >

• L'authentification forte par Token compromise ? Victime d'une cyber-attaque, RSA se fait dérober des informations sur sa technologie

  L'authentification forte par Token compromise ? La société RSA victime d'une cyber-attaque se fait dérober des informations sur sa technologie La société RSA est bien connue dans le monde de la sécurité d'entreprise. Elle fournit les fameux « Token », ces petits récepteurs qui permettent une authentification forte. [IMG]http://ftp-developpez.com/gordon-fowler/Token.gif[/IMG] Le principe est simple. Une identification « classique » repose sur un identifiant et un mot de passe. Une authentification forte repose, en plus, sur un numéro changeant en permanence (au moins une fois par minute). Ce numéro est envoyé en continue sur ...

  Read the article

• Mozilla lance la bêta de Persona, son système d'authentification centralisée pour le Web qui met fin aux identifiants et mots de passe

  Mozilla lance la bêta de Persona son système d'authentification centralisée pour le Web, qui met fin aux identifiants et mots de passe Mozilla vient de lancer la version beta de « Persona », son nouveau système d'authentification pour le Web. Persona est un moyen d'identification qui élimine les identifiants et mots de passe sur les sites Web, tout en étant sécurisé et facile à utiliser. Le but du projet est de permettre aux utilisateurs de s'identifier sur différents sites sans mot de passe spécifique et sans avoir recours à des services d'authentification centralisée comme Facebook ou OpenID, et aux sites Web de ne plus s'inquiéter sur la sécurité des mots de passe.

  Read the article

• Google renforce la sécurité de ses services hébergés avec l'authentification basée sur les certificats pour Cloud Storage, Prediction API

  Google renforce la sécurité de ses services hébergés avec l'authentification basée sur les certificats pour Cloud Storage, Prediction API, URL Shortener Google a apporté une mise à jour à ses services Cloud pour les développeurs en renforçant la sécurité de ceux-ci. Les services hébergés de la firme pourront désormais communiquer avec des applications qui utilisent des comptes de service basés sur les certificatifs pour l'authentification. Ainsi, la requête d'une application Web au service Google Cloud Storage pourra par exemple être authentifiée par un certificat ou lieu d'une clé partagée. Les certificats de sécurité offrent une méthode d'authentification plus renforc...

  Read the article

• Authentification-None for one folder(page) when the project is under FormsAuthentifications

  - by Sirius Lampochkin

  I have a WebApplication on asp.net 2.0 with namespace Admin. I have Form Authentification mode for the project. <authentication mode="Forms"> <forms name="ASP_XML_Form" loginUrl="Login.aspx" protection="All" timeout="30" path="/" requireSSL="false" slidingExpiration="true" cookieless="AutoDetect"> </forms> </authentication> Now, I try to share one folder (one inside page) for not Authentificatied users: <location path="Recovery"> <system.web> <roleManager enabled="false" > </roleManager> <authentication mode="None"> </authentication> <authorization> <allow users="*" /> </authorization> <httpHandlers> <remove verb="GET" path="image.aspx" /> <remove verb="GET" path="css.aspx" /> </httpHandlers> </system.web> </location> But when I create the page inside the shared folder, it can't get access to the assembly. And I see the error like this: Could not load file or assembly 'Admin' or one of its dependencies. The system cannot find the file specified. It also shows me the error: ASP.NET runtime error: It is an error to use a section registered as allowDefinition='MachineToApplication' beyond application level. This error can be caused by a virtual directory not being configured as an application in IIS. Does anybody know how to share (Authentification None) one folder(page) when the project is under FormsAuthentifications?

  Read the article

• User Authentification on external machines

  - by Matt Argyle

  Our website has been working and still works if we are connected to the LAN but now if someone is elsewhere and tries to connect, they are presented with the screen called "User Authentification" asking for a username and password. What would have changed? The website is http://pc.bartselectric.com Any help is greatly appreciated. Thank you in advance.

  Read the article

• Dovecot authentification not working

  - by user1488723

  I run a Ubuntu 10.04 VPS with Postfix and Dovecot installed. For a while I had problems with the mailserver itself (Postfix) but now it runs ok. I can telnet into it from localhost (telnet localhost 25 while logged in) and Im blocked if I try to do it from the outside (telnet mail.example.org 25). This is as it should be according to my main.cf However when I try to log in using Dovecot (openssl s_client -connect mail.example.com:993) I'm allowed in but denied when trying to identify myself as a user: Excerpt from Dovecot log in: Key-Arg : None Start Time: 1341074622 Timeout : 300 (sec) Verify return code: 18 (self signed certificate) OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready. When I continue and try to log in to a specific user with the command: A001 login user password I get: A001 NO [AUTHENTICATIONFAILED] Authentication failed. I've reset the password to ensure it is correct and I know the user (user) exists on the system. When I do /etc/init.d/dovecot reload I get: /etc/init.d/dovecot: 29: maildir:~/Maildir: not found * Reloading IMAP/POP3 mail server dovecot [ OK ] Could it be that the mailboxes isn't found? Postfix main.cf: home_mailbox = Maildir/ mailbox_command = recipient_delimiter = + inet_interfaces = all smtpd_use_tls = yes smtpd_tls_auth_only = no smtpd_tls_loglevel = 1 smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem smtpd_sasl_auth_enable = yes smtpd_client_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination broken_sasl_auth_clients = yes smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_local_domain = $mydomain Dovecot.conf: protocols = imap imaps disable_plaintext_auth = no log_timestamp = "%b %d %H:%M:%S " ssl = yes ssl_cert_file = /etc/postfix/ssl/smtpd.crt ssl_key_file = /etc/postfix/ssl/smtpd.key mail_location = maildir:~/Maildir auth_verbose = yes mail_access_groups = mail auth_username_chars = abcdefghijklmnopqrstuvwxyz0123456789 protocol imap { imap_client_workarounds = delay-newmail tb-extra-mailbox-sep } auth default { mechanisms = plain login passdb pam { } userdb passwd { } socket listen { client { path = /var/spool/postfix/private/auth user = postfix group = postfix mode = 0660 } } }

  Read the article

• SSH authentification with public key fails

  - by palani

  I have my id_rsa.pub key under my /home/user/.ssh. I carefully copied that key and paste my key to respository Git account. While trying to connect from my local system to my git respository, I got the following error: warning: Authentication failed. Disconnected; no more authentication methods available (No further authentication methods available.) I removed SSH in system and re-enable and did again, but no luck. I have no idea what's happening with my SSH key. Can any one please tell me on this? Note : I noticed in my home /home/user/.ssh && /home/user/.ssh2

  Read the article

• Private Git repo using Smart HTTP with LDAP authentification

  - by ALOToverflow

  I've been crawling the interwebz and getting my hands dirty for the last few days, but I can't seem to make it all work together. I managed to get a HTTP repo working with Ubuntu 10.04 over Smart HTTP (pull and push over HTTP) for a single repo. This means that I do the initial setup over SSH to the server (git init --bare) and after that the clients can pull and push to it (git clone http://servername/allgitrepos/repo.git). Unfortunately it's impossible to add a new repo without SSHing to the server and adding it manually) i.e. git push http://servername/allgitrepos/repo2.git (allgitrepos is available for everyone to read-write and execute) would fail talking about git update-server-info (which seems to be a general error message). So far the repository is anonymous, so I would like to authenticate using LDAP and also use the LDAP creds to make the git commit. So, how can I push new repos to the server and how can I use the LDAP creds to make the git commit. Thanks

  Read the article

• What approach should be suitable for user authentification in simle client/server app

  - by TerryS

  My previous question was closed so I will be more specific. I need to create an application, desktop one written in C#, that will ask for user credentials and after verification opens the GUI allowing to work with DB (black box for users). It should be used from everywhere, not LAN or SQL domain. I assume I would need to do the following: Create a client and a server applications that will deal with authentification. That would mean a lot of socketing stuff.. Once the user is verified, the client queries would be sent to database (client-server-DB). The server would need to send the DB data sets back to the client. As you can see, this is just my guess but I have no idea whether its too complicated or completely wrong. The main thing is that it must be desktop app (not web based one) and accessible from everywhere. I am interested in main points how to design the system and will be extremely grateful for that.

  Read the article

• JAAS + authentification from database

  - by AhmedDrira

  i am traying to performe an authentification from data base using JAAS i v configured the login-config.xml like this <application-policy name="e-procurment_domaine"> <authentication> <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required"> <module-option name = "dsJndiName">BasepfeDS</module-option> <module-option name="securityDomain">java:/jaas/e-procurment_domaine</module-option> <module-option name="principalsQuery">SELECT pass FROM personne WHERE login=?</module-option> <module-option name="rolesQuery">SELECT disc FROM personne WHERE login=?</module-option> </login-module> </authentication> </application-policy> and I've written a test : this one @Test public void testFindALL() { System.out.println("Debut test de la méthode findALL"); // WebAuthentication wa=new WebAuthentication(); // wa.login("zahrat", "zahrat"); securityClient.setSimple("zahrat", "zahrat"); try { securityClient.login(); } catch (LoginException e) { // TODO Auto-generated catch block e.printStackTrace(); } Acheteur acheteur = new Acheteur(); System.out.println("" + acheteurRemote.findAll().size()); // } catch (EJBAccessException ex) { // System.out.println("Erreur attendue de type EJBAccessException: " // + ex.getMessage()); // } catch (Exception ex) { // ex.printStackTrace(); // fail("Exception pendant le test find ALL"); System.out.println("Fin test find ALL");} // } the test is fail i dont know why , but when i change the polycy with the methode of .property file it works .. i am using the annotation on the session BEAN classes @SecurityDomain("e-procurment_domaine") @DeclareRoles({"acheteur","vendeur","physique"}) @RolesAllowed({"acheteur","vendeur","physique"}) and the annotation on the session for the methode @RolesAllowed("physique") @Override public List<Acheteur> findAll() { log.debug("fetching all Acheteur"); return daoGenerique.findWithNamedQuery("Acheteur.findAll"); } i think that the test have an acess to my data base doe's it need mysql DRIVER or a special config on JBOSS?

  Read the article

• send email C# using smtp server with username password authentification

  - by KK

  I have a piece of code that sends email.. heres the code This is not working for me. This a remote smtp service ... and i double checked that email web access works fine .. i can login using the gui, recieve and send emails. But when i try to do it through code .. it fails with the message ... {System.Net.Mail.SmtpException: The SMTP server requires a secure connection or the client was not authenticated. The server response was: 5.7.0 No AUTH command has been given. Can anybody advise ... and also they dont have EWS exposed ie.e exchange web service ./.. this is the way to go .. port is 25 and no SSL or TLS Button b = sender as Button; try { MailMessage msg = new MailMessage(senderEmail, recieverEmail, "afdasfas", "safasfa"); //MailMessage msg = new MailMessage(senderEmail, recieverEmail, subject, subject); System.Net.Mail.SmtpClient mailclient = new System.Net.Mail.SmtpClient(EmailSmtpServer, outgoingPort); System.Net.NetworkCredential auth = new System.Net.NetworkCredential(senderEmail, senderPassword); mailclient.Host = EmailSmtpServer; mailclient.UseDefaultCredentials = false; mailclient.Credentials = auth; mailclient.Send(msg); MessageBox.Show(b.Content + ":WORKED"); } catch (Exception e4) { MessageBox.Show(b.Content + ": " +e4.Message); MessageBox.Show(b.Content + ": " + e4.StackTrace); }

  Read the article

• asp.net forms authentification security issues

  - by Andrew Florko

  Hi there, I have a kind of asp.net forms authentication with the code like that: FormsAuthentication.SetAuthCookie(account.Id.ToString(), true); HttpContext.Current.User = new GenericPrincipal(new GenericIdentity(account.Id.ToString()), null); What kind of additional efforts shall I take to make authentication cookie (that is user id) more securable? (https, encoding for example) Thank you in advance!

  Read the article

• deployd authentification using jquery ajax

  - by user2507987

  I have installed deployd in my debian 7.0.0 64 bit, I have also succesfully installed mongodb in it, I have create some collection and user collection in deployd dashboard, then using user guide how to connect and query the table in deployd, I choose jquery ajax to log in to deployd from my localhost site and after login success I try to get/post some data, but somehow deployd return access denied. I have create collection name it people, and then at the GET, POST, PUT Event I have write this code : cancelUnless(me, "You are not logged in", 401); then using this ajax code, I try to login and POST new people data: $(document).ready(function(){ /* Create query for username and password for login */ var request = new Object; request.username = 'myusername'; request.password = 'mypassword'; submitaddress = "http://myipaddress:myport/users/login"; $.ajax({ type: "POST", url: submitaddress, data: request, cache: false, success: function(data){ var returndata = eval(data); /* After Login success try to post people data */ if (returndata){ var request2 = new Object; request2.name = 'People Name'; submitaddress2 = "http://myipaddress:myport/people"; $.ajax({ type: "POST", url: submitaddress2, data: request2, cache: false, success: function(){ } }) } } } }); }) The login process success, it's return session id and my user id, but after login success and I try to POST people data it's return "You are not logged in", can anyone help me, what is the correct way to login to deployd using jquery from other website(cross domain)?

  Read the article

• No Cookies at second Webrequest

  - by Collin Peters

  Hello, I write a little Tool in C# with Visual Studio 2008. My Problem: I login to a website by HTTP-webrequest, I get an authentification cookie, thats all ok. Than I make a new HTTP-webrequest and add the cookies from the first request to call the next page where i can see my personal data. I see that the cookies will associated with the second request if I debug it but if I check the network traffic I see that are no Cookies transmitted at the second request. I tried many possibilities to see why i dont work but i found nothing. Does somebody have the same problem or know a solution? (Sorry for bad english)

  Read the article

• Setting Sql server security rights for multiple situations

  - by DanDan

  We have an application which uses an instance of Sql Server locally for its backend storage. The administrator windows login has had its sysadmin right revoked, and instead two sql logins have been created; one for the application with a secret password and one read only login we let users view the raw data with. This was working fine until we moved on FileStreams, which requires intergrated windows authentication. So now the sql server logins must be replaced. As a result, I am now reviewing all of our logins but I am not sure how it is possible. It seems that the application needs full read/write access, yet I still need to lock down writing to the tables so the user cannot login into the database and delete data randomly. Does anyone have any tips for setting multiple levels of security using intergrated windows logins, or can you direct me to any further reading? Thanks.

  Read the article

• Any SMTP client for Windows that supports SSL and SMTP server authentification?

  - by bonefisher

  I am looking for a command line mailers which support SSL and authentification, so far I tried 'blat' but it doesn't support SSL. Any suggestions? Thanks

  Read the article

• Any SMTP client that support SSL and SMTP server authentification?

  - by bonefisher

  I am looking for a command line mailers which support SSL and authentification, so far I tried blat but it doesn't support SSL. Any suggestions? Thanks

  Read the article

• How to get roles with JSR 196 authentification in GlassFish?

  - by deamon

  I want to use a custom authentication module conforming to JSR 196 in GlassFish 3. The interface javax.security.auth.message.ServerAuth has the method: AuthStatus validateRequest( MessageInfo messageInfo, javax.security.auth.Subject clientSubject, javax.security.auth.Subject serviceSubject ) AuthStatus can be one of several constants like FAILURE or SUCCESS. The question is: How can I get the roles from a "role datebase" with JSR 196? Example: The server receives a request with a SSO token (CAS token for example), checks whether the token is valid, populates the remote user object with roles fetches from a database via JDBC or from REST service via http. Is the role fetching in the scope of JSR 196? How could that be implemented? Do I have to use JSR 196 together with JSR 115 to use custom authentication and a custom role source?

  Read the article

• No database connection when trying to use IIS locally with asp.net MVC 1.0

  - by mark4asp

  Login failed for user ''. The user is not associated with a trusted SQL Server connection. When I try to use IIS locally instead of Cassini I get this error. The ASP.NET MVC 1.0 site is running on WinXP. The database is local and has SQL Server and Windows Authentification mode enabled. The website runs OK using Cassini, with the same connection string. It fails when I try to use IIS instead of Cassini. These permissions are set on the Virtual directory which IIS points to. ASP.NET Machine Account [Full Control] Internet Guest Account [Full Control] System [Full Control] This virtual directory is the same are the directory holding my project files. I am using Linq and the database connection string is stored in the App.config file of my data project. I get the same error whether I set the connection string to use Windows or Sql server authentification. My sql server has both [MyMachineName\ASPNET] and SqlServerUser Logins and a User on the database. CREATE LOGIN [MyMachineName\ASPNET] FROM WINDOWS WITH DEFAULT_DATABASE=[master], DEFAULT_LANGUAGE=[us_english] Use My_database CREATE USER [MyMachineName\ASPNET] FOR LOGIN [MyMachineName\ASPNET] WITH DEFAULT_SCHEMA=[dbo] CREATE LOGIN [MwMvcLg] WITH PASSWORD=N'blahblah', DEFAULT_DATABASE=[master], DEFAULT_LANGUAGE=[British], CHECK_EXPIRATION=OFF, CHECK_POLICY=ON Use My_database CREATE USER [MwMvcLg] FOR LOGIN [MwMvcLg] WITH DEFAULT_SCHEMA=[dbo] How come I have no problem running this website on IIS6 remotely. Why does IIS5.1, running locally, need these extra logins? PS: My overwhelming preference is to use Sql Server authentification - as this is how it runs when deployed.

  Read the article

• Vnc viewer authentication failure

  - by Twosingleton

  I recently backed up my data and I had moved the vnc viewer executable from my PC to my portable hard disk. Realizing that I no longer had vnc, I got the latest one, but all of a sudden I could not connect to my server anymore and got authentification failure. So I moved the VNC exectuable back from my portable HD to my local HD. And I am still getting Authentification failure errors. I had a certain setup and I don't want to re-create it, do you know how I can recover or what happened to get auth failures all of a sudden ? I checked and the vncserver process is running fine. Old VNC viewer: vnc-4_1_3-x86_win32_viewer.exe New one:

  Read the article

• ScriptResource.axd Access is denied. Cross-Domain iFrame

  - by EtienneT

  We have a web page containing an iframe containing a page sharing an authentification cookie with it's parent page. For example the iframe page is on the domain foo.domain.com and the page containing the iframe is on foo2.domain.com. Both share a cookie from domain.com. Authentification works great, but the problem is with ASP.NET in IE7, we always get a javascript error: Access is denied. ScriptResource.axd We are using ASP.NET 3.5, we use Ajax Control Toolkit also (latest version 3.0.30930.0). The problem doesn't occur for IE8. No problem in Firefox and Chrome also. Anyone encountered this problem before?

  Read the article

• MSSQL2008: DTC Transaction - Internal abort

  - by Teutales

  Hi all, I write a small own replication - a trigger which fires an DTC INSERT to another server (one reason for my own "replication": while trigger is running it calculates some data, another: it works from an express version to an express version). When I do the initial insert from the same Host with the windows authentification it works fine. But there is a webserver on another host, which uses the sqlserver login (for testing sa). When this Host do the initial insert I get a Internal abort after the entlisting and creating phase in the DTCTransaction EventClass (Profiler). The magic is: When I first fire it from the same Host with the windows authentification, I can fire it from the webserver and it works fine. But I just have to wait some minutes and it won't work. Where is my error in reasoning... Thanks! Greetz Teutales Here is my initial server script: EXEC master.dbo.sp_addlinkedserver @server = @Servername, @srvproduct=N'SQL Server' EXEC master.dbo.sp_addlinkedsrvlogin @rmtsrvname = @Servername, @locallogin = NULL , @useself = N'False', @rmtuser = @Serverlogin, @rmtpassword = @Serverpwd

  Read the article

• How to write in an file in MSIL code

  - by Thomas

  Hi all, I have a aspx webpage which uses an assembly mine (which mades a custom authentification). I would like to modify MSIL code (so just with ILDASM/ILASM tools) of my assembly in order to log something in a file. I have tried to add this at the end of the authentification method of my assembly : IL_0034: ldstr "C:\\path_to_my_website\\log.txt" IL_0039: newobj instance void [mscorlib]System.IO.StreamWriter::.ctor(string) IL_003e: stloc.1 IL_003f: ldloc.1 IL_0040: ldstr "test" IL_0045: callvirt instance void [mscorlib]System.IO.TextWriter::Write(string) IL_004a: nop IL_004b: ldloc.1 IL_004c: callvirt instance void [mscorlib]System.IO.TextWriter::Close() IL_0051: nop ILASM does not find any error, and the CLR does not throw any exception at runtime, but the file is not created or modified ! :( Any idea ?

  Read the article

• getimagesize on alfresco image

  - by SupFrig

  i'm working on a front display for an alfresco filled with pictures. i'm building my pictures url like this : http://myHost.com:8080/share/proxy/alfresco-noauth/api/node/content/workspace/SpacesStore/bf0a8b21-b8d9-487d-a529-dee8c49d7c6f/filetitle.jpg?alf_ticket=myTicket where myHost is the server and myTicket is the ticket generated at this url : http://myHost.com:8080/alfresco/service/api/login?u=login&pw=password Picture is displaying correctly with this url, but i want to use phpthumb to resize it, and when i try to use it on my picture, i get an http 500 error on the script and the following log : PHP Warning: getimagesize(http://myHost.com:8080/share/proxy/alfresco-noauth/api/node/content/workspace/SpacesStore/bf0a8b21-b8d9-487d-a529-dee8c49d7c6f/filetitle.jpg?alf_ticket=myTicket): failed to open stream: HTTP request failed! HTTP/1.1 401 Non-Autorisé I shouldn't hit the authentification, since my link has a valid ticket (I don't hit authentification when i display normally my picture)

  Read the article

• Is it possible to run javascript with other target?

  - by Kristoffer Nolgren

  I have a facebook app that I authenticate using a general-purpose authentification. Like this: // Fixar oAuth jso_configure({ "facebook": { client_id: "393963983989013", redirect_uri: "http://resihop.herokuapp.com/", authorization: "https://www.facebook.com/dialog/oauth", presenttoken: "qs" } }); // Make sure that you have jso_ensureTokens({ "facebook": [""] }); // This dumps all cached tokens to console, for easyer debugging. //jso_dump(); jso_ensureTokens({ "facebook": [""] }); It's tirggered on document.ready. Because it's a facebook app I can't run the authentification in the iFrame. Facebook denies this using X-Frame-Options. The solution, if you authenticate with a link is to use target="_top". How do i Achieve the same effect in javascript? Maybe I need to edit one of the funcitons (though ideally not, as they are part of a library) in that case please point me in the right direction.

  Read the article

1 2 3  | Next Page >