Search Results

Search found 1408 results on 57 pages for 'declarative authorization'.

Page 11/57 | < Previous Page | 7 8 9 10 11 12 13 14 15 16 17 18  | Next Page >

  • RIA Services: custom autorization

    - by Budda
    Here is a good example how to create custom autorization for RIA services: http://stackoverflow.com/questions/1195326/ria-services-how-can-i-create-custom-authentication In my case a silverlight-pages will be displayed as a part of HTML-content and user authorisation is already implemented on the server-side (ASP.NET Membership is not used). It is required to show on the silverlight pages different information for authorised and non-authorised users. Is there any possibility to track on the Silverlight side if user is already authorized on the server side (on the usual ASP.NET web-site)? Please adivse how to do this. Thank you in advance.

    Read the article

  • if_attribute syntax problem on declarative_authorization

    - by Victor Martins
    I have an Organization that has_many Affiliations And a mission that has_one Organization So i can do this: m = Mission.first m.organization.affiliations A user also has_many affiliations so I can do: u = User.first u.affiliations In declarative_authorization I want a user to be able to manage a mission if he is affiliated to the organization of the mission. I'm trying this: has_permission_on :missions, :to => [:manage] do if_attribute [:affiliations, {:mission => :organization} ] => intersects_with { user.affiliations.type_admin } end But I get the error: [:affiliations, {:mission=>:organization}] is not a symbol What's wrong with the syntax?

    Read the article

  • Display action-specific authorisation message for [Authorize] attribute

    - by FreshCode
    Is there a way to display an action-specific authorisation message for when an [Authorize] or [Authorize(Roles="Administrator")] attribute redirects the user to the sign-in page? Ideally, [Authorize(Roles="Administrator", Message="I'm sorry Dave. I'm afraid I can't let you do that.")] public ActionResult SomeAdminFunction() { // do admin stuff return View(); } As I understand it, attributes are not meant to add functionality, but this seems purely informational. One could do this inside the action, but it seems inelegant compared to the use of an attribute. Alternatively, if (!Request.IsAuthenticated) { if (!User.IsInRole("Administrator")) SetMessage("You need to be an administrator to destroy worlds."); // write message to session stack return RedirectToAction("SignIn", "Account"); } Is there an existing way to do this or do I need to override the [Authorize] attribute?

    Read the article

  • looking for a license key algorithm.

    - by giulio
    There are a lot of questions relating to license keys asked on stackoverflow. But they don't answer this question. Can anyone provide a simple license key algorithm that is technology independent and doesn't required a diploma in mathematics to understand ? The license key algorithm is similar to public key encryption. I just need something simple that can be implemented in any platform .Net/Java and uses simple data like characters. Preferably no byte translations required. So if a person presents a string, a complementary string can be generated that is the authorisation code. Below is a common scenario that it would be used for. Customer downloads s/w which generates a unique key upon initial startup/installation. S/w runs during trial period. At end of trial period an authorisation key is required. Customer goes to designated web-site, enters their code and get authorisation code to enable s/w, after paying :) Don't be afraid to describe your answer as though you're talking to a 5 yr old as I am not a mathemtician. Just need a decent basic algorithm, we're not launching nukes... NB: Please no philosophy on encryption nor who is Diffie-Hellman. I just need a basic solution.

    Read the article

  • Silverlight 4 race condition with DataGrid master details control

    - by Simon_Weaver
    Basically I want a DataGrid (master) and details (textbox), where DataGrid is disabled during edit of details (forcing people to save/cancel)... Here's what I have... I have a DataGrid which serves as my master data. <data:DataGrid IsEnabled="{Binding CanLoad,ElementName=dsReminders}" ItemsSource="{Binding Data, ElementName=dsReminders}" > Its data comes from a DomainDataSource: <riaControls:DomainDataSource Name="dsReminders" AutoLoad="True" ... I have a bound Textbox which is the 'details' (very simple right now). There are buttons (Save/Cancel) which should be enabled when user tries to edit the text. Unfortunately Silverlight doesn't support UpdateSourceTrigger=PropertyChanged so I have to raise an event: <TextBox Text="{Binding SelectedItem.AcknowledgedNote, Mode=TwoWay, UpdateSourceTrigger=Explicit, ElementName=gridReminders}" TextChanged="txtAcknowledgedNote_TextChanged"/> The event to handle this calls BindingExpression.UpdateSource to update the source immediately: private void txtAcknowledgedNote_TextChanged(object sender, TextChangedEventArgs e) { BindingExpression be = txtAcknowledgedNote.GetBindingExpression(TextBox.TextProperty); be.UpdateSource(); } IN other words - typing in the textbox causes CanLoad of the DomainDataSource to become False (because we're editing). This in turn disables the DataGrid (IsEnabled is bound to it) and enables 'Cancel' and 'Save' buttons. However I'm running up against a race condition if I move quickly through rows in the DataGrid (just clicking random rows). The TextChanged presumably is being called on the textbox and confusing the DomainDataSource which then thinks there's been a change. So how should I disable the DataGrid while editing without having the race condition? One obvious solution would be to use KeyDown events to trigger the call to UpdateSource but I always hate having to do that.

    Read the article

  • When are ASP.NET Expression Builders most useful?

    - by SkippyFire
    I saw an example of using Expression Builders, and creating your own Custom Expression Builder Classes here: http://aspnet.4guysfromrolla.com/articles/022509-1.aspx However, I fail to see the value in using this approach. It doesn't seem much easier than programmatically setting values in your code behind. As far as I can tell, the only thing you can do with them is set properties. Maybe they would be useful for setting defaults on certain controls? Can anyone shed light on where this ASP.NET feature becomes powerful?

    Read the article

  • What are the real-world benefits of declarative-UI languages such as XAML and QML?

    - by Stu Mackellar
    I'm currently evaluating QtQuick (Qt User Interface Creation Kit) which will be released as part of Qt 4.7. QML is the JavaScript-based declarative language behind QtQuick. It seems to be a very powerful concept, but I'm wondering if anybody that's made extensive use of other, more mature declarative-UI languages like XAML in WPF or Silverlight can give any insight into the real-world benefits that can be gained from this style of programming. Various advantages are often cited: Speed of development Forces separation between presentation and logic Better integration between coders and designers UI changes don't require re-compilation Also, are there any downsides? A few potential areas of concern spring to mind: Execution speed Memory usage Added complexity Are there any other considerations that should be taken into account?

    Read the article

  • looking for a license key algorithm.

    - by giulio
    There are alot of questions relating to license keys asked on stackoverflow. But they don't answer this question. Can anyone provide a simple license key algorithm that is technology independent and doesn't required a diploma in mathematics to understand ? The license key algorithm is similar to public key encryption. I just need something simple that can be implemented in any platform .Net/Java and uses simple data like characters. Written as Pseudo code is perfect. So if a person presents a string, a complementary string can be generated that is the authorisation code. Below is a common scenario that it would be used for. Customer downloads s/w which generates a unique key upon initial startup/installation. S/w runs during trial period. At end of trial period an authorisation key is required. Customer goes to designated web-site, enters their code and get authorisation code to enable s/w, after paying :) Don't be afraid to describe your answer as though you're talking to a 5 yr old as I am not a mathemtician.

    Read the article

  • Rails Authentication

    - by Oluf Nielsen
    Hey, i need some help with rails, again! Last it was about Authlogic.. Well I'm gone a bit backward since.. I mean, Authlogic isn't a Authentcate system i like.. So now i wan't you guys to tell me what you think is the best! I going to use it to a project of mine. Where there has to be a few roles like Admin, User and Guest.. So might you guys can tell me what is good and what is bad..?

    Read the article

  • AspNetMembership provider with WCF service

    - by Sly
    I'm trying to configure AspNetMembershipProvider to be used for authenticating in my WCF service that is using basicHttpBinding. I have following configuration: <system.serviceModel> <serviceHostingEnvironment aspNetCompatibilityEnabled="true" /> <bindings> <basicHttpBinding> <binding name="basicSecureBinding"> <security mode="Message"></security> </binding> </basicHttpBinding> </bindings> <behaviors> <serviceBehaviors> <behavior name="MyApp.Services.ComputersServiceBehavior"> <serviceAuthorization roleProviderName="AspNetSqlRoleProvider" principalPermissionMode="UseAspNetRoles" /> <serviceCredentials> <userNameAuthentication userNamePasswordValidationMode="MembershipProvider" membershipProviderName="AspNetSqlMembershipProvider"/> </serviceCredentials> <serviceMetadata httpGetEnabled="true" /> <serviceDebug includeExceptionDetailInFaults="true" /> </behavior> </serviceBehaviors> </behaviors> <services> <service behaviorConfiguration="MyApp.Services.ComputersServiceBehavior" name="MyApp.Services.ComputersService"> <endpoint binding="basicHttpBinding" contract="MyApp.Services.IComputersService" /> <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" /> </service> </services> </system.serviceModel> Roles are enabled and membership provider is configured (its working for web site). But authentication process is not fired at all. There is no calles to data base during request, and when I try to set following attribute on method: [PrincipalPermission(SecurityAction.Demand, Authenticated = true)] public bool Test() { return true; } I'm getting access denied exception. Any thoughts how to fix it?

    Read the article

  • Secure Webservice (WCF) without storing credentials on consumer application

    - by Pai Gaudêncio
    Howdy folks, I have a customer that sells a lottery analysis application. In this application, he consumes a webservice (my service, I mean, belongs to the company I work for now) to get statistical data about lottery results, bets made, amounts, etc., from all across the globe. The access to this webservice is paid, and each consult costs X credits. Some people have disassembled this lottery application and found the api key/auth key used to access the paid webservice, and started to use it. I would like to prevent this from happening again, but I can't find a way to authenticate on the webservice without storing the auth. keys on the application. Does anyone have any ideas on how to accomplish such task? ps1.Can't ask for the users to input any kind of credentials. Has to be transparent for them (they shouldn't know what is happening). ps2. Can't use digital certificates for the same reason above, not to mention it's easy to retrieve them and we would fall into the original problem. Thanks in advance.

    Read the article

  • AuthorizationExecuteWithPrivileges and osascript failing

    - by cygnl7
    I'm attempting to execute an uninstaller (written in AppleScript) through AuthorizationExecuteWithPrivileges. I'm setting up my rights after creating an empty auth ref like so: char *tool = "/usr/bin/osascript"; AuthorizationItem items = {kAuthorizationRightExecute, strlen(tool), tool, 0}; AuthorizationRights rights = {sizeof(items)/sizeof(AuthorizationItem), &items}; AuthorizationFlags flags = kAuthorizationFlagDefaults | kAuthorizationFlagExtendRights | kAuthorizationFlagPreAuthorize | kAuthorizationFlagInteractionAllowed; status = AuthorizationCopyRights(authorizationRef, &rights, NULL, flags, NULL); Later I call: status = AuthorizationExecuteWithPrivileges(authorizationRef, tool, kAuthorizationFlagDefaults, (char *const *)args, NULL); On Snow Leopard this works fine, but on Leopard I get the following in syslog.log: Apr 19 15:30:09 hostname /usr/bin/osascript[39226]: OpenScripting.framework - 'gdut' event blocked in process with mixed credentials (issetugid=0 uid=501 euid=0 gid=20 egid=20) Apr 19 15:30:12: --- last message repeated 1 time --- ... Apr 19 15:30:12 hostname [0x0-0x2e92e9].com.example.uninstaller[39219]: /var/folders/vm/vmkIi0nYG8mHMrllaXaTgk+++TI/-Tmp-/TestApp_tmpfiles/Uninstall.scpt: Apr 19 15:30:12 hostname [0x0-0x2e92e9].com.example.uninstaller[39219]: execution error: «constant afdmasup» doesn’t understand the «event earsffdr» message. (-1708) Am I going about this all wrong? I just want to run the equivalent of "sudo /usr/bin/osascript ..."

    Read the article

  • deny custom role

    - by kusanagi
    how can i deny access to call method. something like this [HandleError] [Authorize(Roles = "role1, role2")] public class AdminController : Controller { [Deny(Roles = "role2")] public ActionResult ResultPage(string message) { ViewData["message"] = message; return View(); } }

    Read the article

  • How to configure the roles in my tomcat application to work with JNDI(WIN AUTH)

    - by Itay Levin
    Hi, I'm trying to change the authentication mode of my application from JDBC-REALM to JNDI-REALM. I configured the following section inside the Server.xml <Realm className="org.apache.catalina.realm.JNDIRealm" debug="99" connectionURL="ldap://****:389/DC=onsetinc,DC=com??sAMccountName?sub?(objectClass=*)" connectionName="[email protected]" connectionPassword="password" userBase="CN=Users" referrals="follow" userSearch="(sAMAccountName={0})" userSubtree="true" roleBase="CN=Users" roleName="name" roleSubtree="true" roleSearch="(member={1})"/> I have also configured the web.xml under my appfolder to contain the following: <security-role> <role-name>Admin</role-name> </security-role> <security-role> <role-name>WaterlooUsers</role-name> </security-role> <security-constraint> <web-resource-collection> <web-resource-name>Tube</web-resource-name> <url-pattern>/ComposeMessage.jsp</url-pattern> <url-pattern>/PageStatus.jsp</url-pattern> <url-pattern>/UserStatus.jsp</url-pattern> <url-pattern>/SearchEC.jsp</url-pattern> <url-pattern>/SearchEC2.jsp</url-pattern> <url-pattern>/SearchMessageStatisticsEC.jsp</url-pattern> <url-pattern>/SearchMessageStatus.jsp</url-pattern> <url-pattern>/SearchMessageStatisticsPager.jsp</url-pattern> <url-pattern>/SearchPageStatus.jsp</url-pattern> </web-resource-collection> <auth-constraint> <role-name>WaterlooUsers</role-name> </auth-constraint> </security-constraint> In my Active directory i have created a new group called WaterlooUsers It's distinguish name is : distinguishedName: CN=WaterlooUsers,CN=Users,DC=onsetinc,DC=com It has a property member which contains the following user: member: CN=Itay Levin,CN=Users,DC=onsetinc,DC=com (which is my user) My record on the active directory looks like that: sAMAccountName: itayL distinguishedName: CN=Itay Levin,CN=Users,DC=onsetinc,DC=com memberOf: CN=WaterlooUsers,CN=Users,DC=onsetinc,DC=com and when i get the popup for user/password i enter the username "ItayL" in the authentication message box (and my password) I have 2 questions: How do i configure correctly the roles parameters correctly in the Realm section in the server.xml to enable me to both authenticate and authorize both this group of users WaterlooUsers and also assign them to the appropriate role so that they can see all the relevant pages in my website. - currently it seems that all the Users in my domain are authenticated to the site but get the http-403 Error and can't access any of the pages in the site. I also want to be able to create 2 different set of roles in my site - which can both have access to the same pages - but will see different things on the page. (for instance adding some administrative ability to the admin) Hope it was clear enough and not too long. Thanks in advance, Itay

    Read the article

  • Integrating Apache Shiro with ASP.NET MVC

    - by Garry Shutler
    I'm looking at using Apache Shiro as a central authentication service for all our applications over a variety of platforms. It's hinted at that it can integrate with a variety of platforms which would be ideal for my purposes but I cannot find any examples of how this is achieved from .NET (ASP.NET MVC specifically if it makes any difference). Does anyone know where I can find an example of how to do this?

    Read the article

  • REST, caching, and authorizing with multiple user roles

    - by keithjgrant
    We have a system with multiple different levels of access--sometimes even for the same user as they switch between multiple roles. We're beginning a discussion on moving over to a RESTful implementation of things. I'm just starting to get my feet wet with the whole REST thing. So how do I go about limiting access to the correct records when they access a resource, particularly when taking caching into consideration? If user A access example.com/employees they would receive a different response than user B; user A may even receive a different response as he switches to a different role. To help facilitate caching, should the id of the role be somehow incorporated into the uri? Maybe something like example.com/employees/123 (which violates the rules of REST), or as some sort of subordinate resource like example.com/employees/role/123 (which seems silly, since role/### is going to be appended to URIs all over the place). I can help but think I'm missing something here.

    Read the article

  • Run AppleScript with Elevated Privileges from Objective C

    - by cygnl7
    I'm attempting to execute an uninstaller (written in AppleScript) through AuthorizationExecuteWithPrivileges. I'm setting up my rights after creating an empty auth ref like so: char *tool = "/usr/bin/osascript"; AuthorizationItem items = {kAuthorizationRightExecute, strlen(tool), tool, 0}; AuthorizationRights rights = {sizeof(items)/sizeof(AuthorizationItem), &items}; AuthorizationFlags flags = kAuthorizationFlagDefaults | kAuthorizationFlagExtendRights | kAuthorizationFlagPreAuthorize | kAuthorizationFlagInteractionAllowed; status = AuthorizationCopyRights(authorizationRef, &rights, NULL, flags, NULL); Later I call: status = AuthorizationExecuteWithPrivileges(authorizationRef, tool, kAuthorizationFlagDefaults, (char *const *)args, NULL); On Snow Leopard this works fine, but on Leopard I get the following in syslog.log: Apr 19 15:30:09 hostname /usr/bin/osascript[39226]: OpenScripting.framework - 'gdut' event blocked in process with mixed credentials (issetugid=0 uid=501 euid=0 gid=20 egid=20) Apr 19 15:30:12: --- last message repeated 1 time --- ... Apr 19 15:30:12 hostname [0x0-0x2e92e9].com.example.uninstaller[39219]: /var/folders/vm/vmkIi0nYG8mHMrllaXaTgk+++TI/-Tmp-/TestApp_tmpfiles/Uninstall.scpt: Apr 19 15:30:12 hostname [0x0-0x2e92e9].com.example.uninstaller[39219]: execution error: «constant afdmasup» doesn’t understand the «event earsffdr» message. (-1708) After researching this for a few hours my first guess is that Leopard somehow doesn't want to do what I'm doing because it knows it's in a setuid situation and blocks calls that ask about user-specific things in the applescript. Am I going about this all wrong? I just want to run the equivalent of "sudo /usr/bin/osascript ..." Edit: FWIW, the first line that causes the "execution error" is: set userAppSupportPath to (POSIX path of (path to application support folder from user domain)) However, even with an empty script (on run argv, end run and that's it) I still get the 'gdut' message.

    Read the article

  • Implementing Role based Helpers

    - by Cynics
    So my question is how would you implement your handwritten Helpers based on the role of current user. Would it be efficient to change the behaviour at request time? e.g. the Helper somehow figures out the role of user, and include the proper SubModule? module ApplicationHelper module LoggedInHelper # Some functions end module GuestHelper # The Same functions end # If User is Guest then include GuestHelper # If User is LoggedIn then include LoggedInHelper end Is it efficient this way? is it rails way? I've got a whole bunch of function that act like this, and I don't want to wrap every single one of them in an if statement def menu_actions if current_user.nil? # User is guest { "Log in" => link_to "Login", "/login" } else # User is Logged In { "Log out" => link_to "Logout", "/logout" } end end Thank you for your time and thoughts.

    Read the article

  • Can someone explain this block of ASP.NET MVC code to me, please?

    - by Pure.Krome
    Hi folks, this is the current code in ASP.NET MVC2 (RTM) System.Web.Mvc.AuthorizeAttribute class :- public virtual void OnAuthorization(AuthorizationContext filterContext) { if (filterContext == null) { throw new ArgumentNullException("filterContext"); } if (this.AuthorizeCore(filterContext.HttpContext)) { HttpCachePolicyBase cache = filterContext.HttpContext.Response.Cache; cache.SetProxyMaxAge(new TimeSpan(0L)); cache.AddValidationCallback( new HttpCacheValidateHandler(this.CacheValidateHandler), null); } else { filterContext.Result = new HttpUnauthorizedResult(); } } so if i'm 'authorized' then do some caching stuff, otherwise throw a 401 Unauthorized response. Question: What does those 3 caching lines do? cheers :)

    Read the article

  • rest and client rights integration, and backbone.js

    - by Francois
    I started to be more and more interested in the REST architecture style and client side development and I was thinking of using backbone.js on the client and a REST API (using ASP.NET Web API) for a little meeting management application. One of my requirements is that users with admin rights can edit meetings and other user can only see them. I was then wondering how to integrate the current user rights in the response for a given resource? My problem is beyond knowing if a user is authenticated or not, I want to know if I need to render the little 'edit' button next to the meeting (let's say I'm listing the current meetings in a grid) or not. Let's say I'm GETing /api/meetings and this is returning a list of meetings with their respective individual URI. How can I add if the user is able to edit this resource or not? This is an interesting passage from one of Roy's blog posts: A REST API should be entered with no prior knowledge beyond the initial URI (bookmark) and set of standardized media types that are appropriate for the intended audience (i.e., expected to be understood by any client that might use the API). From that point on, all application state transitions must be driven by client selection of server-provided choices that are present in the received representations or implied by the user’s manipulation of those representations It states that all transitions must be driven by the choices that are present in the representation. Does that mean that I can add an 'editURI' and a 'deleteURI' to each of the meeting i'm returning? if this information is there I can render the 'edit' button and if it's not there I just don't? What's the best practices on how to integrate the user's rights in the entity's representation? Or is this a super bad idea and another round trip is needed to fetch that information?

    Read the article

  • error while using cancan in ruby: "uninitialized constant CanCan::Rule::Mongoid"

    - by Ran
    here is my controller: class AdminController < ApplicationController before_filter :require_user authorize_resource :class => false def index end def users_list end end here is my Ability class: class Ability include CanCan::Ability def initialize(user) if user.admin? can :manage, :all else can :read, :all end end end when trying to access "/admin/users_list" (with an admin user or without) i get the following error: uninitialized constant CanCan::Rule::Mongoid any thoughts?

    Read the article

< Previous Page | 7 8 9 10 11 12 13 14 15 16 17 18  | Next Page >