Search Results

Search found 367 results on 15 pages for 'authorize'.

Page 10/15 | < Previous Page | 6 7 8 9 10 11 12 13 14 15 | Next Page >

Using Google AppEngine app as a OAuth provider

- by Alistair

Hi, I'm using the Google AppEngine 1.3.4 SDK which offers to allow your application to act as a OAuth service provider (http://code.google.com/appengine/docs/python/oauth/). Setting up a standard application on my localhost and using the following: Request URL /_ah/OAuthGetRequestToken Authorize URL /_ah/OAuthAuthorizeToken Access Token URL /_ah/OAuthGetAccessToken The client application just gets sent to a page requesting to grant OAuth access even though no user is logged in. Clicking 'Grant access' results in a message saying 'OAuth access granted' with no tokens or anything exchange. Can't see how this could work when it's not even prompting for a login. As this functionality is quite new I can't find much out there. I've created a OAuth provider before in Rails and know that you need a Consumer Key and Secret, something that seems to be lacking in GAE? Any ideas on how to get OAuth working in a sample GAE project are most welcome.

Read the article
Subscription payment processing with ASP.NET

- by bobsmith123

I would like to create a subscription based website with users getting charged every month. I know I have to create an account with paypal or authorize.net. Do these payment providers automatically bill the user every month? How would I take care of offering the service free for 30 days and start billing after that? Also, I've heard of middle men services like spreedly, chargify. Where do they fit into the equation? Can someone help me wrap my head around these concepts? Considering, I am based in the U.S but would like to have the payment provider accept any kind of currency. Which payment provider do you suggest?

Read the article
oauth process for twitter. the difference between client and web application

- by Radek

I managed to make the oauth process work for PIN kind of verification. My twitter application is client type. When enter authorize url into web browser and grant the application access then I have to enter pin in my ruby application. Can I finish the process of getting access token without the pin thing? My current code is like. What changes do I need to do to make it work without pin? gem 'oauth' require 'oauth/consumer' consumer_key = 'w855B2MEJWQr0SoNDrnBKA' consumer_secret ='yLK3Nk1xCWX30p07Id1ahxlXULOkucq5Rve28pNVwE' consumer=OAuth::Consumer.new consumer_key, consumer_secret, {:site=>"http://twitter.com"} request_token = consumer.get_request_token puts request_token.authorize_url puts "Hit enter when you have completed authorization." pin = STDIN.readline.chomp access_token = request_token.get_access_token(:oauth_verifier => pin) puts puts access_token.token puts access_token.secret

Read the article
[Rais] OAuth with Digg API

- by Karl

I'm attempting to get Rails to play nice with the Digg API's OAuth. I'm using the oauth gem (ruby one, not the rails one). My code looks approximately like this: @consumer = OAuth::Consumer.new(API_KEY, API_SECRET, :scheme => :header, :http_method => :post, :oauth_callback => "http://locahost:3000", :request_token_url => 'http://services.digg.com/1.0/endpoint?method=oauth.getRequestToken', :access_token_url => 'http://services.digg.com/1.0/endpoint?method=oauth.getAccessToken', :authorize_url => 'http://digg.com/oauth/authorize') @request_token = @consumer.get_request_token session[:request_token] = @request_token.token session[:request_token_secret] = @request_token.secret redirect_to @request_token.authorize_url Which is by-the-book in terms of what the gem documentation gave me. However, Digg spits a "400 Bad Request" error back at me when @consumer.get_request_token is called. I can't figure out what I'm doing wrong. Any ideas?

Read the article
Goolge App Engine authorization with Google Apps Domain

- by Ron

I have successfully followed the examples to gain an AuthSub token to authorize my application to have access to the user's Google Calendar. I have added the domain parameter to the method gdata.auth.generate_auth_sub_url so that the application is authenticated against a Google Apps Domain user. The app is then installed in one of our test domains. This is working fine, however, each user in the domain has to go through the authorization process. In other Marketplace Apps that I have tried, this authorization is done once for the whole domain when the app is installed. How is this achieved?

Read the article
Using the ASP.NET membership provider database with your own database?

- by Shaharyar

Hello everybody, We are developing an ASP.NET MVC Application that currently uses it's own databse ApplicationData for the domain models and another one Membership for the user management / membership provider. We do access restrictions using data-annotations in our controllers. [Authorize(Roles = "administrators, managers")] This worked great for simple use cases. As we are scaling our application our customer wants to restrict specific users to access specific areas of our ApplicationData database. Each of our products contains a foreign key referring to the region the product was assembled in. A user story would be: Users in the role NewYorkManagers should only be able to edit / see products that are assembled in New York. We created a placeholder table UserRightsRegions that contains the UserId and the RegionId. How can I link both the ApplicationData and the Membership databases in order to work properly / having cross-database-key-references? (Is something like this even possible?) All help is more than appreciated!

Read the article
Facebook connect integration (registration & login)

- by nikospkrk

Hi, I'm really struggling to make facebook connection working for my system. What I want to do : When the user is not yet registered on facebook : Fetch some user profile fields into my database (ideqally via my registration page already working for non facebook users) Log the user into my website Redirect the user into my homepage What I've done so far : Set up the application in FB Add the Facebook class from the github website and integrate some code to make it working Add additionnal paremeters to login/register facebook link. I'm struggling to redirect the user after authorizing, to my register page (register/?facebook). The "Post-Authorize Redirect URL" field doesn't seem to work properly, I maybe do not fill the right field? My other question is, if my registration page uses a redirection show (index.php redirect to register.php), do the information given by facebook through the $_POST method would be available in the register.php page ? I don't think so, do you ? Regards, Nicolas.

Read the article
T4MVC calling controller methods multiple times?

- by Maslow

I suspected there was some hidden magic somewhere that stopped what looks like actual method calls all over the place in T4MVC. Then I had a view fail to compile, and the stackTrace went into my actual method, not the generated code in T4MVC. <%=Ajax.ActionLink("Apply", "Apply", new RouteValueDictionary() { { "shortName", item.Shortname } }, new AjaxOptions() { UpdateTargetId = "masterstatus" })%> <%=Html.ActionLink("Apply",MVC.Alliance.Apply(item.Shortname),new AjaxOptions() { UpdateTargetId = "masterstatus" }) %> The second method threw an exception on compile because the method Apply in my controller has an [Authorize] attribute so that if someone that isn't logged on clicks this, they get redirected to login, then right back to this page. There they can click on apply again, this time being logged in. And yes I realize one is Ajax.ActionLink while the other is Html.ActionLink I did try them both with the T4MVC version. Is this a fluke or is it actually calling into the real methods and running my database calling code just to generate the views?

Read the article
ASP.Net MVC 2 Forms Authentication cookieless = "UseUri" while submit authorization fails

- by rintoantony

hi, I just started working with ASP.Net MVC 2. I created a new ASP.Net MVC application and created one vehicle controler with a database table connected with LINQ. Then created forms authentication mechanism for the application and tried to use the uri instead of cookies it was working smoothly but when i submit the form by creating a "Create" view from the controler using the utility it just dont work. The autherization got failed and asking to enter the user name and password again.I had created the authorization mechanism by adding Authorise attribute to the Controller so as to get authorized for all the actions. namespace MVCNEW.Controllers { [Authorize] public class VehicleController : Controller { But if i use the cookies instead of uri it works fine. Thanks in advance...

Read the article
ReturnUrl = Default.aspx for MVC?

- by Cynthia

I'm trying to secure my entire MVC site, so before the Home controller, I added an [Authorize] attribute. Now if you run it from Visual Studio or navigate using the root URL (e.g. http://localhost:2897) it does redirect to the login page, as expected. However the URL in the address bar after redirection looks like this: http://localhost:2897/Account/LogOn?ReturnUrl=%2fdefault.aspx%3f I haven't tested this out, seeing as I have not implemented my authentication code. However, this looks like a big problem to me, since I do not have a default.aspx in my project! My authentication tag in the web.config looks like this: <authentication mode="Forms"> <forms loginUrl="~/Account/LogOn" defaultUrl="~/Home/Index" timeout="2880"/> </authentication> Why doesn't it pick up this route as the default ReturnUrl instead of default.aspx?

Read the article
Request error "enable cookies" while posting app request to LinkedIn

- by Jay

Cookie error Hi, I am running S60 SDK 5th with Eclipse pulsar on win 7. I have oauth_token using with this Url https://www.linkedin.com/uas/oauth/authorize?oauth_token=. To get that grant access screen by LinkedIn. I am loading above Url using htmlComponent, and adding HtmlComponent to form and show it. Occasionally when I click on the "Ok I'll Allow It" button (i.e. after the button has been pressed) I get the following error message. "We’re sorry, there was a problem with your request. Please make sure you have cookies enabled and try again." but i'm receiving the response with oauth_token, oauth_token_secret, oauth_callback_confirmed = true, xoauth_request_auth_url, oauth_expires_in. Some buddy please help.

Read the article
How to get an ASP.NET MVC Ajax response to redirect to new page instead of inserting view into Updat

- by Jeff Widmer

I am using the Ajax.BeginForm to create a form the will do an ajax postback to a certain controller action and then if the action is successful, the user should get redirected to another page (if the action fails then a status message gets displayed using the AjaxOptions UpdateTargetId). using (Ajax.BeginForm("Delete", null, new { userId = Model.UserId }, new AjaxOptions { UpdateTargetId = "UserForm", LoadingElementId = "DeletingDiv" }, new { name = "DeleteForm", id = "DeleteForm" })) { [HTML DELETE BUTTON] } If the delete is successful I am returning a Redirect result: [Authorize] public ActionResult Delete(Int32 UserId) { UserRepository.DeleteUser(UserId); return Redirect(Url.Action("Index", "Home")); } But the Home Controller Index view is getting loaded into the UpdateTargetId and therefore I end up with a page within a page. Two things I am thinking about: Either I am architecting this wrong and should handle this type of action differently (not using ajax). Instead of returning a Redirect result, return a view which has javascript in it that does the redirect on the client side. Does anyone have comments on #1? Or if #2 is a good solution, what would the "redirect javascript view" look like?

Read the article
Linked XSD files in Visual Studio 2010 - How to work with a file in the Unauthorized Zone

- by David

I am trying to view a 3rd Party's XSD file in Visual Studio 2010. The XSD file is stored on my local drive. It includes another XSD file, which is stored in the same folder on my local drive. Visual Studio (or perhaps the underlying .Net framework) will not process the included XSD file, because it is in an "unauthorized zone". This much is explained in the following MSDN blog. Does anybody know how I can authorize this included file, so I can see it in the beautiful new content model view?

Read the article
steps for facebook connect graph api

- by dskanth

Hi, iam using facebook connect in my site, and i want to know how do i use the graph api for authenticating the user. I followed these steps: 1) Initially i sent a request for "code", by clicking on the facebook icon in my site: https://graph.facebook.com/oauth/authorize? client_id=xxx&redirect_uri=http://xxxxxxxx 2) And then after getting a code, i sent a request for "access token", by clicking on another link in my site: https://graph.facebook.com/oauth/access_token? client_id=xxx&redirect_uri=http://xxxxxxx&client_secret=xxxx&code=xxxxx 3) And after i got the token, i sent another request for getting user data, by clicking on yet another link: https://graph.facebook.com/me?access_token=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Then finally i got the user data in array format, which i need to parse for my required data like user's firstname, email, etc. Now my question is that how i can automate this process with just one click ? Right now, iam using 3 different links for sending those requests. Can anyone suggest a solution ?

Read the article
IIS7 integrated mode closing token between requests

- by user607287

We are migrating to IIS7 integrated mode and have come across an issue. We authenticate using WindowsAuthentication but then store a reference to the WindowsPrincipal so that on future requests we can authorize as needed against AD. In IIS 7 Integrated mode, the token is being closed (between requests) so that when we try to run IsInRole it generates a disposed exception. Is there a way to cache this token or change our use of WindowsPrincipal so that we don't need to make successive AD requests to get it for each authorization request? Here is the exception being thrown from WindowsPrincipal.IsInRole("") - System.ObjectDisposedException: {"Safe handle has been closed"} Thanks.

Read the article
Twitter @Anywhere oauth_bridge_code

- by AngelCabo

I'm having trouble with Twitter's implementation of an oauth_bridge_code for the @anywhere api. I've seen a few walkthrough's on how to use this functionality but I can't seem to get the request to work for me. I'm using Ruby on Rails with the oauth gem. My code is as follows: def callback consumer = OAuth::Consumer.new(APP_CONFIG['twitter_key'], APP_CONFIG['twitter_secret'], :site => "http://api.twitter.com", :request_token_path => "/oauth/request_token", :authorize_path => "/oauth/authorize", :access_token_path => "/oauth/access_token", :http_method => :post) request = OAuth::AccessToken.new consumer json = request.post("https://api.twitter.com/oauth/access_token?oauth_bridge_code=#{params[:oauth_bridge_code]}") end I keep getting 401 unauthorized responses from the signed post request even though this is supposed to be working according to this walkthrough: http://blog.abrah.am/2010/09/using-twitter-anywhere-bridge-codes.html and a presentation from Matt Harris on slideshare. Any ideas on what I'm doing wrong (besides possibly trying to hit functionality that may not be in place)? Greatly appreciated!

Read the article
asp.net forms authentication timing out after 1 minute

- by user548929

I'm using ASP.NET MVC 3 with the Authorize attribute, but it keeps kicking me to the logon page after 1 minute, but even though my expiration is set to a very high value, it times out quickly. I check the cookie in my browser and its still there and not set to expire until about a month later, and it's set to be persistent, so I'm not sure why it keeps booting me. It only happens on my published location, locally it works just fine. var ticket = new FormsAuthenticationTicket(username, true, 500000); var encryptedTicket = FormsAuthentication.Encrypt(ticket); var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket); cookie.Expires = ticket.Expiration; Response.Cookies.Add(cookie); web.config: <authentication mode="Forms"> <forms loginUrl="~/Account/LogOn" timeout="7200" slidingExpiration="false"/> </authentication>

Read the article
Software protection

- by anfono

I want to protect my software from being used without permission. I will provide it for free to the parties I authorize to use it. Anyone knows a good protection scheme against having it copied and run by unauthorized parties ? So far, I thought about introducing a key validation mechanism: periodically, the user needs to send me (web site query) a code based on which I generate a new code that app validates against. There is an initial code, and so I can track users... Thoughts ? Later edit: I changed the licensing part to avoid unfocused discussion.

Read the article
Open a file with su/sudo inside Emacs

- by Chris Conway

Suppose I want to open a file in an existing Emacs session using su or sudo, without dropping down to a shell and doing sudoedit or sudo emacs. One way to do this is (require 'tramp) C-c C-f /sudo::/path/to/file but this requires an expensive round-trip through SSH. Is there a more direct way? [EDIT] @JBB is right. I want to be able to invoke su/sudo to save as well as open. It would be OK (but not ideal) to re-authorize when saving. What I'm looking for is variations of find-file and save-buffer that can be "piped" through su/sudo.

Read the article
Non-string role names in ASP.NET MVC?

- by MikeWyatt

ASP.NET MVC has good support for role-based security, but the usage of strings as role names is maddening, simply because they cannot be strongly-typed as enumerations. For example, I have an "Admin" role in my app. The "Admin" string will now exist in the Authorize attribute of my action, in my master page (for hiding a tab), in my database (for defining the roles available to each user), and any other place in my code or view files where I need to perform special logic for admin or non-admin users. Is there a better solution, short of writing my own authorization attribute and filter, that would perhaps deal with a collection of enumeration values?

Read the article
.NET security: how to check if a method is allowed to execute under current user's perrmissions

- by Gart

Given an ASP.NET MVC Controller class declaration: public class ItemController : Controller { public ActionResult Index() { // ... } public ActionResult Details() { // ... } [Authorize(Roles="Admin, Editor")] public ActionResult Edit() { // ... } [Authorized(Roles="Admin")] public ActionResult Delete() { // .. } } I need to reflect a list of methods in this class which may be invoked with the current user's permissions. The [Authorized] attribute is specific to ASP.NET MVC, and this is only an example. I would prefer a universal solution for this problem which works for any .NET class. Please share some ideas of what could be done in this case.

Read the article
What's the correct way to hide/prevent access to wp-admin

- by Jaypee

I'm dealing with this matter since a while, I have read a ton of articles and stuff out there but I couldn't find a place that shows the RIGHT way, standard, correct, whatever you like to call it, to prevent access to my wp-admin or wp-login.php On all Wordpress sites I see (the well made ones) you will never see anything if you type thesite.com/wp-admin As I could see, one way to do this is by restricting the access to that folder by creating an .htaccess file and restrict by IP the access to the folder. Seems to be the "cleanest" way to do. What I'm not sure about it is that I have a dynamic address provided by my ISP, so on a certain time my IP will change, that will force me to also change the .htaccess to my new address, I don't see that practical. I can set a range also, but by doing that I will also authorize access to all people within that range of IPs (other clients of my ISP for example). I'm then struggling to find the best/standard way to do this. Anyone can help me? Thanks

Read the article
What is wrong with my Basic Authentication in FireFox?

- by Pure.Krome

Hi folks, i'm trying to goto the following url :- http://user1:pass1@localhost:1234/api/users?format=xml nothing to complex. Notice how i've got the username/password in the url? this, i believe, is for basic authentication. When i do that, the Request Headers are MISSING the 'Authorize' header. Er... that's not right :( I have anonymous authentication only setup on the site. I don't want to have anon off and basic turned on .. because not all of the site requires basic.. only a few action methods. So .. why is this not working? Is this something to do with the fact my code is not sending a 401 challenge or some crap? For What It's Worth, my site is ASP.NET MVC1 running on IIS7 (and the same thing happens when i run it on cassini).

Read the article
BuildUrlFromExpression inside of HTML - getting 404 error from link

- by ctote

I'm trying to build a link that will direct the user to an MVC page when they click it. Currently I have: HTMLTable.AppendLine("<td class=\"team\"> " + tournament.TournamentRoundMatches[col][effective_match_id].competitorId1 + "<a href=\"<% =Html.BuildUrlFromExpression<CompetitionController>(c => c.Details(83)) %>\">" + " update" + "</a>" + "</td>"); But this just results in a 404 error, with the following link generated: localhost:52313/Tournament/Details/%3C%%20=Html.BuildUrlFromExpression%3CCompetitionController%3E(c%20=%3E%20c.Details(83))%20%%3E My controller method looks like this: [Authorize] public ActionResult Details(int id) { var competition = Competition.getCompetitionById(id); return View(competition); } Does anyone see what I might be doing wrong?

Read the article
Can't register credit card with Microsoft Windows Azure

- by user1083268

I get the following error when trying to sign up for the Microsoft Azure 90-day free trial: We can't authorize the payment method. Please make sure the information is correct, or use another payment method. If you continue to get this message, please contact your financial institution. I've tried three different cards, two credit and one debit. Those cards are issued from two different banks. I've also tried the cards on two separate accounts. Someone from my work also confirmed that he could not sign up for the free trial either. Has anyone else had this problem? I haven't really seen much help searching Google and the support staff doesn't seem interested in helping people sign up for free accounts.

Read the article

< Previous Page | 6 7 8 9 10 11 12 13 14 15 | Next Page >