Search Results

Search found 54190 results on 2168 pages for 'http authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 10/2168 | < Previous Page | 6 7 8 9 10 11 12 13 14 15 16 17  | Next Page >

  • Outlook Anywhere inconsistencies with authentication methods

    - by gravyface
    So I've read this question and attempted just about every other workaround I've found online. Problem seems completely illogical to me, anyways: SBS 2011, vanilla install; haven't touched anything in IIS or Exchange outside of what's been done through the checklist (brand new domain, completely new customer) except to import an existing wildcard certificate for *.example.com (which is valid, Remote Web Workplace and Outlook Web Access work fine). On the two test machines and one production machine running a mixture of Windows XP Pro, Windows 7 and Outlook 2003 through to 2010, I've had no problem saving the password after configuring Outlook Anywhere using the wrong authentication method. I repeat, I have had no issues using the wrong authentication method on these test machines; password saves the first time, no problem, can verify it exists in the credentials manager (Start Run control userpasswords2), close Outlook, reboot, go make a sammie, come back, credentials are still saved. When I say wrong, it's because I was choosing NTLM and Exchange (under Exchange Console Server Configuration Client Access) was set by default to use Basic. On two completely different machines setup by a co-worker, they had (under my guidance) used NTLM as well... except that frustratingly, Outlook would always ask for a password. One machine was Windows XP with Outlook 2010, the other was Windows 7 with Outlook 2003. When these two machines were set to use Basic -- the correct settings -- the option to save was there and now works without issue. Puzzled by how my machines could possibly work with the wrong authentication, I then went into one of them and changed the authentication method to Basic. Now here's where it gets a little crazy: if I go under Outlook and change the authentication to use the correct setting (Basic) it fails to save the password and Outlook prompts every time (without a "remember me" checkbox). I have not had a chance to change it to Basic on the other two machines to see if this is just a fluke or not, but something just isn't right here. My two hunches are either a missing/installed KB Update or perhaps a local security policy. I should add that none of the 5 test machines in the equation here have ever been joined to the domain.

    Read the article

  • Parse an HTTP request Authorization header with Python

    - by Kris Walker
    I need to take a header like this: Authorization: Digest qop="chap", realm="[email protected]", username="Foobear", response="6629fae49393a05397450978507c4ef1", cnonce="5ccc069c403ebaf9f0171e9517f40e41" And parse it into this using Python: {'protocol':'Digest', 'qop':'chap', 'realm':'[email protected]', 'username':'Foobear', 'response':'6629fae49393a05397450978507c4ef1', 'cnonce':'5ccc069c403ebaf9f0171e9517f40e41'} Is there a library to do this, or something I could look at for inspiration? I'm doing this on Google App Engine, and I'm not sure if the Pyparsing library is available, but maybe I could include it with my app if it is the best solution. Currently I'm creating my own MyHeaderParser object and using it with reduce() on the header string. It's working, but very fragile. Brilliant solution by nadia below: import re reg = re.compile('(\w+)[=] ?"?(\w+)"?') s = """Digest realm="stackoverflow.com", username="kixx" """ print str(dict(reg.findall(s)))

    Read the article

  • Simple HTTP Framework and time issue

    - by Deniz Acay
    I'm using Simple Framework for my recent project, and there is a problem with the date headers generated by the system. I can get my local time from Date class correctly, but setDate method of Simple's Response class sets date in milliseconds and when i do that by calling System.currentTimeInMillis, dates in response headers are incorrect. is there any way to solve this problem with Simple Framework? If not, what can i do except calling set method with a date string? Thanks in advance... EDIT: Date in the headers are in wrong timezone. And i also tried Calendar.getInstance().getTimeInMilis() method.

    Read the article

  • Finding an HTTP proxy that will intercept static resource requests

    - by pkh
    Background I develop a web application that lives on an embedded device. In order to make dev times sane, frontend development is done using apache serving static documents, with PHP proxying out to the embedded device for specifically configured dynamic resources. This requires that we keep various server-simulation scripts hanging around in source control, and it requires updating those scripts whenever we add a new dynamic resource. Problem I'd like to invert the logic: if the requested document is available in the static documents directory, serve it; otherwise, proxy the request to the embedded device. Optimally, I want a software package that will do this for me (for Windows or buildable on cygwin). I can deal with forcing apache to do it with PHP, but I'm unsure how to configure it to make it happen. I've looked at squid and privoxy, but neither of them seem to do what I want. Any ideas? I'd rather not have to roll my own.

    Read the article

  • Ideal HTTP cache control headers for different types of resources

    - by chris_l
    I want to find a minimal set of headers, that work with "all" caches and browsers (also when using HTTPS!) On my (GWT-based) web site, I'll have three kinds of resources: 1. Forever cacheable (public / equal for all users) These files don't ever change, and they get a filename based on the MD5 of their contents (this is GWT's approach). They should get cached as much as possible, even when using HTTPS (so I assume, I should set Cache-Control: public, especially for Firefox?) 2. Changing for every new version of the site (public / equal for all users) These files can be cached, but probably need to be revalidated every time. 3. Individual for each request (private / user specific) These resources (e. g. JSON responses) should never be cached unencrypted to disk under no circumstances. (Maybe I'll have a few specific requests that could be cached.) I have a general idea on which headers I would probably use for each type, but there's always something I could be missing.

    Read the article

  • Laptop authentication/logon via accelerometer tilt, flip, and twist

    - by wonsungi
    Looking for another application/technology: A number of years ago, I read about a novel way to authenticate and log on to a laptop. The user simply had to hold the laptop in the air and execute a simple series of tilts and flips to the laptop. By logging accelerometer data, this creates a unique signature for the user. Even if an attacker watched and repeated the exact same motions, the attacker could not replicate the user's movements closely enough. I am looking for information about this technology again, but I can't find anything. It may have been an actual feature on a laptop, or it may have just been a research project. I think I read about it in a magazine like Wired. Does anyone have more information about authentication via unique accelerometer signatures? Here are the closest articles I have been able to find: Knock-based commands for your Linux laptop Shake Well Before Use: Authentication Based on Accelerometer Data[PDF] Inferring Identity using Accelerometers in Television Remote Controls User Evaluation of Lightweight User Authentication with a Single Tri-Axis Accelerometer Identifying Users of Portable Devices from Gait Pattern with Accelerometers[PDF] 3D Signature Biometrics Using Curvature Moments[PDF] MoViSign: A novel authentication mechanism using mobile virtual signatures

    Read the article

  • IIS 6 Windows Authentication in ASP.Net app fails

    - by Kjensen
    I am trying to install an ASP.Net app on an IIS6 webserver. The site requires the user to authenticate with windows, and this works on several other apps on the same server. In IIS I have enabled anonymous access and windows authentication. In web.config, authentication is set to: <authentication mode="Windows"/> and authorization...: <authorization> <allow roles="Users"/> <deny users="*"/> </authorization> Ie. allow all users in role "Users" and deny everybody else. This is the approach that is working with several other apps on the same server. If I run the site, I am prompted for username and password. If I remove the line: <deny users="*"/> I can access the site and everything works - but the user credentials are not passed to the site (Page.User.Identity.Name returns a blank string in ASP.Net). The site has identical (inherited) file permissions as other working sites on the server. The only difference in authentication/authorization between this site and the other working sites is, that this runs Asp.Net 4 (but there are other working asp.net 4 sites on the server as well). What am I missing here? Where should I look?

    Read the article

  • Laptop authentication/logon via accelometer tilt, flip, and twist

    - by wonsungi
    Looking for another application/technology: A number of years ago, I read about a novel way to authenticate and log on to a laptop. The user simply had to hold the laptop in the air and execute a simple series of tilts and flips to the laptop. By logging accelerometer data, this creates a unique signature for the user. Even if an attacker watched and repeated the exact same motions, the attacker could not replicate the user's movements closely enough. I am looking for information about this technology again, but I can't find anything. It may have been an actual feature on a laptop, or it may have just been a research project. I think I read about it in a magazine like Wired. Does anyone have more information about authentication via unique accelerometer signatures? Here are the closest articles I have been able to find: Knock-based commands for your Linux laptop Shake Well Before Use: Authentication Based on Accelerometer Data[PDF] Inferring Identity using Accelerometers in Television Remote Controls User Evaluation of Lightweight User Authentication with a Single Tri-Axis Accelerometer Identifying Users of Portable Devices from Gait Pattern with Accelerometers[PDF] 3D Signature Biometrics Using Curvature Moments[PDF] MoViSign: A novel authentication mechanism using mobile virtual signatures

    Read the article

  • http requests, using sprites and file sizes -

    - by crazy sarah
    Hi all I'm in the process of finding out all about sprites and how they can speed up your pages. So I've used spriteMe to create a overall sprite image which is 130kb, this is made up of 14 images with a combined total size of about 65kb So is it better to have one http request and a file size of 130kb or 14 requests for a total of 65kb? Also there is a detailed image which has been put into the spite which caused it's size to go up by about 60kb odd, this used to be a seperate jpg image which was only 30kb. Would I be better off having it seperate and suffering the additional request?

    Read the article

  • How can I use a Windows 2003 server as a HTTP proxy?

    - by Will
    I'd like to set up an HTTP proxy on a windows 2003 server so that I can access blocked websites such as YouTube from behind a corporate firewall (DAMN THE MAN!). I've never done this before, so I'm not even sure if the picture I have in my head is valid or possible. So I'm stuck behind a firewall that blocks sites that I need to access occasionally but that are blocked because of abuse by slackers. I've got a Windows 2003 server hosted out on the internet (i.e., outside of this odious firewall). I know I can configure my browser to use a proxy for my HTTP traffic, so why not use my server? What I'd like to know is: Is my concept valid? Can this be done, and will it work? How do I configure my server to act as a proxy? What applications may I have to install? Free is fine but don't leave out commercial software TIA

    Read the article

  • Are HTTP requests cached? [closed]

    - by nischayn22
    Many HTTP requests are sent repeatedly by browsers on almost every page load, such as requesting the jQuery .js file etc. Since these are already used on too many sites doesn't modern browsers keep a cache for this? I am thinking of a system where the browser has a cached copy of the .js file used very very frequently. On a new request for the .js file, it sends the server a request for a hash of the .js file (provided the server can reply to that) and compares the returned hash with the cached copy's hash... rest is intuitive.

    Read the article

  • Should HTTP Verbs Be Used Semantically?

    - by Xophmeister
    If I'm making a web application which integrates with a server-side backend, would it be considered best practice to use HTTP methods semantically? That is, for example, if I'm fetching data (e.g., to populate a menu, etc.), I would use GET, but to update data (e.g., save a record), I would use POST. (I realise there are other methods that may be even more appropriate, but we need to consider browser support.) I can see the benefits of this in the sense that it's effectively a RESTful API, but at a slightly increased development cost. In my previous projects, I've POST'd everything: Is it worth switching to a RESTful mindset simply for the sake of best practice?

    Read the article

  • Parser, send an argument/receive xml (receive already done/ send not)

    - by bruno
    public List<Afood> getFoodFromCat(String cat) { String resultado = ""; List<Afood> list = new ArrayList<Afood>(); try { URL xpto = new URL("http://10.0.2.2/webservice/nutrituga/get_food_by_cat.php"); HttpURLConnection conn; conn = (HttpURLConnection) xpto.openConnection(); conn.setDoInput(true); conn.connect(); InputStream is = conn.getInputStream(); DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); try { DocumentBuilder db = dbf.newDocumentBuilder(); Document doc = db.parse(is); NodeList nl = doc.getElementsByTagName("item"); // resultado = String.valueOf(nl.getLength()); for (int i = 0; i < nl.getLength(); i++) { Node n = nl.item(i); Node childNode = n.getFirstChild(); while (childNode != null) { if (childNode.getNodeType() == Node.ELEMENT_NODE) { if (childNode.getNodeName().equalsIgnoreCase( "NAME_FOOD")) { Node valor = childNode.getFirstChild(); // resultado = resultado + valor.getNodeValue(); list.add(new Afood(valor.getNodeValue(), "", (int) Math.round(Math.random()), 1, 1, 1, 1, 1, 1)); } } childNode = childNode.getNextSibling(); } } return list; } catch (ParserConfigurationException e1) { e1.printStackTrace(); } catch (SAXException e1) { e1.printStackTrace(); } catch (IOException e1) { e1.printStackTrace(); } } catch (IOException e) { // TODO Auto-generated catch block e.printStackTrace(); } return list; } I have this function that receives a xml and copy it to the list. This is well implemented. What i want do to know, is to send a category (that i receive like an argument of the function) and receive only the food from that category. The server is ready to receive the category and to send the food from that category. What do i have to do to send the category and receive the correct xml?

    Read the article

  • IIS7 authentication

    - by Kev
    To give our user's the ability to protect content on their IIS6 sites we used a tool called IISPassword which emulates .htaccess to provide Basic authentication. There isn't support for IISPassword on IIS7 at the moment. Is there an equivalent mechanism I can use built into IIS7 instead? I'm well aware of ASP.NET Forms Authentication, but I need a way for users deploying non-ASP.NET content (such as PHP, Perl, images etc) to be able to use Basic authentication but not have to write code to achieve this. Is this possible?

    Read the article

  • Windows Server 2008, IIS7 and Windows Authentication

    - by Chalkey
    We currently have a development server set up which we are trying to test some Windows authentication ASP.NET code on. We have turned on Windows Authentication in IIS7 on Windows Server 2008 R2 fine, and it asks the user for a username and password as excepted, but the problem is it doesn't appear to accept any credentials. This code for example... Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load Page.Title = "Home page for " + User.Identity.Name End Sub ...always returns an empty string. One theory we have is that we dont have Active Directory installed as of yet, we are just testing this by logging on via the machine name not a domain. Is this type of authentication only applicatable to domains (if so we can probably install Active Directory and some test accounts) - or is it possible to get the user identity when logging in using the machine name? Ideally we would like to be able to test this on our local machines (Windows 7 Pro) using our own accounts (again these aren't on a domain) and IIS but this has the same issue as our dev server. Thanks,

    Read the article

  • MOSS 2007 authentication

    - by Dante
    Hi, I have a MOSS web site configured with Windows Integrated Authentication. I added a couple of local users in the server, added them to Sharepoint groups, and I can log into my site (as long as the local user is part of the administrators group... odd). If I add a domain user to the Owners group, I can't access the site with it. Anybody knows what must be done to open access to domain users in a site configured with Windows Authentication or Basic Authentication? Thanks in advance

    Read the article

  • External USB Fingerprint Reader for Pre-boot Authentication for Dell Laptop

    - by cop1152
    My company just purchased several Dell Latitude E6500 laptops with docking stations and external monitors. These laptops have a fingerprint scanner located next to the keyboard. DOCKED users who prefer to use the included fingerprint scanner for pre-boot authentication are forced to open their laptop in order to access the scanner. This is an inconvenience when the laptop is docked. We are looking for an external, usb fingerprint scanner, that will work with the current preboot authentication setup. I assume that this scanner would have to access the existing credentials for authentication....wherever they are stored. So we would require something that would work PRE-BOOT, use the existing credentials, and not interfere with usage when the machine was not docked, such as when the laptop is being used at home. Does anyone have experience with this scenario? Thanks.

    Read the article

  • IIS: redirect to a webpage if authentication fails

    - by DrStalker
    We have an IIS site (MOSS 2007) that uses Windows Authentication. When a user that has forgotten their password tries to login the servers keeps sending 401 requests. This means on IE the user gets three prompts before IE displays a blank page, on Firefox the user is prompted over and over until they give up. We would like to change the behavior so if a user fails to login three times in a row we send them a redirect to a different site, instead of another 401 Forms authentication is not an option; the site has to remain on windows authentication to allow for SSO capabilities and certain sharepoint functions. Is there any way to tweak the IIS behavior to do this?

    Read the article

  • Cannot connect to a VPN server - authentication failed with error code 691

    - by stacker
    When trying to connect to a VPN server, I get the 691 error code on the client, which say: Error Description: 691: The remote connection was denied because the user name and password combination you provided is not recognized, or the selected authentication protocol is not permitted on the remote access server. Now, I validated that the username and password are correct, and tried to login with domain name and without. I also installed a certification to use with the IKEv2 security type. I also validated that the VPN server support security method. But I cannot login. In the server log I get this log: Network Policy Server denied access to a user. The user DomainName\UserName connected from IP address but failed an authentication attempt due to the following reason: The remote connection was denied because the user name and password combination you provided is not recognized, or the selected authentication protocol is not permitted on the remote access server. Any idea of what can I do? Thanks in advance!

    Read the article

  • AD Authentication fails in local machine but works from Production server

    - by jesu
    Hi i am using a AD authentication and facing 2 problems. Authentication works fine when i move the application to a production server but FAILS in my LOCAL machine. Both local machine and server are in same domain and used same domain account logging in. When the machine logs in the users with domain account , AD authentication from the application says that the account is not valid. Please suggest me , if you can find out the problem and ways to recover. thanks in advance! Regards jesu

    Read the article

  • Improving Windows Authentication performance on IIS

    - by flalar
    We're struggling with performance issues with a ASP.NET MVC site that is using Windows Authentication. Response time is very slow on the first request to the site when the user is being authenticated. Further, every time the Authorization header is sent from the browser the response time increases with many seconds. The same issue occurs for both executed files and static content like CSS and JS. Access to the application is restricted to users within a certain role and we are now planning to allow access to static files for all authenticated users to see if that helps. The authentication method in use is NTLM. How should we go forward in pinpointing why authentication decreases performance drastically?

    Read the article

  • How to stop LDAP authentication in ubuntu?

    - by Kery
    My OS is Ubuntu 12.04 and use LDAP authentication. Now I meet a problem that another people want to access my system. But he is in another domain so he can't login. And I have no right to change this configuration in LDAP server. So I have to choose a workaround to solve this problem, for example close the LDAP authentication and use local authentication (I have root right in my system) or create another account which is not registered in LDAP server (I did this but can't change the created account password. The error is 'password reset by root is not supported'). Of course any other suggestion is appreciated! Than you in advance!

    Read the article

  • When to use http status code 404

    - by Sybiam
    I am working on a project and after arguing with people at work for about more than a hour. I decided to know what people on stack-exchange might say. We're writing an API for a system, there is a query that should return a tree of Organization or a tree of Goals. The tree of Organization is the organization in which the user is present, In other words, this tree should always exists. In the organization, a tree of goal should be always present. (that's where the argument started). In case where the tree doesn't exist, my co-worker decided that it would be right to answer response with status code 200. And then started asking me to fix my code because the application was falling apart when there is no tree. I'll try to spare flames and fury. I suggested to raise a 404 error when there is no tree. It would at least let me know that something is wrong. When using 200, I have to add special check to my response in the success callback to handle errors. I'm expecting to receive an object, but I may actually receive an empty response because nothing is found. It sounds totally fair to mark the response as a 404. And then war started and I got the message that I didn't understand HTTP status code schema. So I'm here and asking what's wrong with 404 in this case? I even got the argument "It found nothing, so it's right to return 200". I believe that it's wrong since the tree should be always present. If we found nothing and we are expecting something, it should be a 404. Extra Also, I believe the best answer to the problem is to create default objects when organizations are created, having no tree shouldn't be a valid case and should be seen as an undefined behavior. There is no way an account can be used without both trees. For that reasons, they should be always present.

    Read the article

  • Suggested HTTP REST status code for 'request limit reached'

    - by Andras Zoltan
    I'm putting together a spec for a REST service, part of which will incorporate the ability to throttle users service-wide and on groups of, or on individual, resources. Equally, time-outs for these would be configurable per resource/group/service. I'm just looking through the HTTP 1.1 spec and trying to decide how I will communicate to a client that a request will not be fulfilled because they've reached their limit. Initially I figured that client code 403 - Forbidden was the one, but this, from the spec: Authorization will not help and the request SHOULD NOT be repeated bothered me. It actually appears that 503 - Service Unavailable is a better one to use - since it allows for the communication of a retry time through the use of the Retry-After header. It's possible that in the future I might look to support 'purchasing' more requests via eCommerce (in which case it would be nice if client code 402 - Payment Required had been finalized!) - but I figure that this could equally be squeezed into a 503 response too. Which do you think I should use? Or is there another I've not considered?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 6 7 8 9 10 11 12 13 14 15 16 17  | Next Page >