Search Results

Search found 3452 results on 139 pages for 'zend auth'.

Page 110/139 | < Previous Page | 106 107 108 109 110 111 112 113 114 115 116 117  | Next Page >

• Single SingOn - Best practice

  - by halfdan

  Hi Guys, I need to build a scalable single sign-on mechanism for multiple sites. Scenario: Central web application to register/manage account (Server in Europe) Several web applications that need to authenticate against my user database (Servers in US/Europe/Pacific region) I am using MySQL as database backend. The options I came up with are either replicating the user database across all servers (data security?) or allowing the servers to directly connect to my MySQL instance by explicitly allowing connections from their IPs in my.cnf (high load? single point of failure?). What would be the best way to provide a scalable and low-latency single sign-on for all web applications? In terms of data security would it be a good idea to replicate the user database across all web applications? Note: All web applications provide an API which users can use to embed widgets into their own websites. These widgets work through a token auth mechanism which will again need to authenticate against my user database.

  Read the article

• Custom login in Django

  - by alpgs

  Django newbie here. I wrote simplified login form which takes email and password. It works great if both email and password are supplied, but if either is missing i get KeyError exception. According to django documentation this should never happen: By default, each Field class assumes the value is required, so if you pass an empty value -- either None or the empty string ("") -- then clean() will raise a ValidationError exception I tried to write my own validators for fields (clean_email and clean_password), but it doesn't work (ie I get KeyError exception). What am I doing wrong? class LoginForm(forms.Form): email = forms.EmailField(label=_(u'Your email')) password = forms.CharField(widget=forms.PasswordInput, label=_(u'Password')) def clean_email(self): data = self.cleaned_data['email'] if not data: raise forms.ValidationError(_("Please enter email")) return data def clean_password(self): data = self.cleaned_data['password'] if not data: raise forms.ValidationError(_("Please enter your password")) return data def clean(self): try: username = User.objects.get(email__iexact=self.cleaned_data['email']).username except User.DoesNotExist: raise forms.ValidationError(_("No such email registered")) password = self.cleaned_data['password'] self.user = auth.authenticate(username=username, password=password) if self.user is None or not self.user.is_active: raise forms.ValidationError(_("Email or password is incorrect")) return self.cleaned_data

  Read the article

• mod rewrite works fine apart from for missing directory index files

  - by j w

  I have a legacy web site hosted on Apache. It has a number of web pages sitting in the public web root and its subfolders. publicDocs/ directorywith_no_defaultfile/ some-legacy-flat-page.htm .htaccess index.php some-legacy-flat-page.htm I would like to start using Zend MVC for some of the newer pages. I have got a .htaccess mod rewrite rule working so that any request for a non-existent file is sent to be handled by the MVC bootstrap file (/index.php). With my current set-up, the following types of requests are routed to '/index.php', the MVC bootstrap: /index.php /blah /directorywith_no_defaultfile/bloo The following types of request are served by old legacy (flat) pages /some-legacy-flat-page.htm /directorywith_no_defaultfile/some-legacy-flat-page.htm But, when I a request a non-existent file that is a directory like these: /directorywith_no_defaultfile or /directorywith_no_defaultfile/ I get an error: Forbidden You don't have permission to access /directorywith_no_defaultfile/ on this server. Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request. I suspect this may have something to do with the way Apache handles default files. Do you know which Apache directives could be causing this?

  Read the article

• Extracting Mail from Microsoft Exchange server 2007 through IMAPS in java

  - by abhishekgem84

  props.put("mail.debug", "true"); props.setProperty("mail.store.protocol","imaps"); props.setProperty("mail.imaps.auth.plain.disable","false"); props.setProperty("mail.imaps.host","Mail3.connect.com"); props.setProperty("mail.imaps.port","135"); props.setProperty("mail.imaps.user","test"); props.setProperty("mail.imaps.pwd","123"); props.setProperty("mail.imaps.ssl.protocols","SSL"); props.setProperty("mail.imaps.socketFactory.class", "javax.net.ssl.SSLSocketFactory"); props.setProperty("mail.imaps.socketFactory.fallback", "false"); props.setProperty("mail.imaps.socketFactory.port", "135"); i have done all this but it still says javax.mail.AuthenticationFailedException: failed to connect, no password specified? kindly help me out thanks

  Read the article

• Have the default security settings changed in Windows 7 that would affect IPrincipal.IsInRole?

  - by adrianbanks

  We use NTLM auth in our application to determine whether a user can perform certain operations. We use the IPrincipal of their current Windows login (in WinForms applications), calling IsInRole to check for specific group memberships. To check that a user is a local administrator on the machine, we use: AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal); ... bool allowed = Thread.CurrentPrincipal.IsInRole(@"Builtin\Administrators") This works if the current user is the Administrator user, or is another user that is a member of the Builtin\Administrators group. In our testing on Windows 7, we have found that this no longer works as expected. The Administrator user still works fine, but any other user that is a member of the Builtin\Administrators group returns false for the IsInRole call. What could be causing this difference? I have a gut feeling that a default setting has changed somewhere (possible in gpedit), but cannot find anything that looks like the culprit.

  Read the article

• In Django, why is user.is_authenticated a method and not a member variable like is_staff

  - by luc

  Hello all, I've lost some time with a bug in my app due to user authentication. I think that it's a bit confusing but maybe someone can explain the reason and it will appear to me very logical. The user.is_staff is a member variable while user.is_authenticated is a method. However is_authenticated only returns True or False depending if the class is User or AnonymousUser (see http://docs.djangoproject.com/en/dev/topics/auth/) Is there a reason for that? Why user.is_authenticated is a method? Thanks in advance

  Read the article

• 3-legged-oauth and Google ContactsClient problem

  - by PanosJee

  Hi I am using 3-legged-oauth to import a users' Google contacts in my app. I did not find the ContactsClient library but i was using only the ContacsService and i was fetching the ContactsFeed but that resulted to not having a lot of data. After the user allows my apps i store the auth_token key and secret so i can run a cron task to fetch contacts' updates I am using this code atm: google = gdata.contacts.service.ContactsService(source=GOOGLE_OAUTH_SETTINGS['APP_NAME']) google.SetOAuthInputParameters(GOOGLE_OAUTH_SETTINGS['SIG_METHOD'], GOOGLE_OAUTH_SETTINGS['CONSUMER_KEY'], consumer_secret=GOOGLE_OAUTH_SETTINGS['CONSUMER_SECRET']) access_token = gdata.auth.OAuthToken(user_oauth_token, user_oauth_secret) access_token.oauth_input_params = google.GetOAuthInputParameters() google.SetOAuthToken(access_token) feed = google.GetContactsFeed() When i try to use the contacts client contacts_client = gdata.contacts.client.ContactsClient( source=GOOGLE_OAUTH_SETTINGS['APP_NAME']) feed2 = contacts_client.GetContacts(auth_token = access_token) I get the following error (please note that the access_token is the same as above and I user 3-legged-oauth HMAC) Actual results: File "/Library/Python/2.5/site-packages/atom/client.py", line 108, in request auth_token.modify_request(http_request)

  Read the article

• Using gmail as SMTP server in Java web app is slow

  - by Annie

  Hi, I was wondering if anyone might be able to explain to me why it's taking nearly 30 seconds each time my Java web app sends an email using Gmail's SMTP server? See the following timestamps: 13/04/2010-22:24:27:281 DEBUG test.service.impl.SynchronousEmailService - Before sending mail. 13/04/2010-22:24:52:625 DEBUG test.service.impl.SynchronousEmailService - After sending mail. I'm using spring's JavaMailSender class with the following settings: email.host=smtp.gmail.com [email protected] email.password=mypassword email.port=465 mail.smtp.auth.required=true Note that the mail is getting sent and I'm receiving it fine, there's just this delay which is resulting in a slow experience for the application user. If you know how I can diagnose the problem myself that would be good too :)

  Read the article

• Double hop SQL delegation not working

  - by eKoz

  I've been trying to diagnose this for some time, and unfortunately Im still getting the dreaded anonymous logon issue when trying to connect to a sql db as a domain user. Steps taken: App Pool created with delegation service acct Site / Virtual dir running with Integrated Windows auth only Made sure site itself can use kerberos KB 215383 Service acct added to IIS_WPG group Service acct added to "act as part of operating system" under Local Security settings Service acct added to Log on as service under Local Security Settings HTTP SPN set for web address + service account (and FQDN) MSSQLSvc SPN set for sql box and domain acct sql is running as Trust for delegation turned on service acct, specified services, and sql service acct After all this, Im still getting the exact same error from when I started. Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'. This has advanced my balding by at least 5 years so far. I would greatly appreciate any additional tips on diagnosing or setting up.

  Read the article

• Code igniter authentication code in controller security question

  - by Prime Studios

  I have a main controller to handle the very front-end of my authentication system, it handles login, logout, update user info, etc. functions that I anticipate calling by POST'ing from views/forms. What about something like a "delete_user" function though? My thoughts are a button in someones admin panel would say "Delete Account" and it would post to "/auth/delete", and the function would delete the user based on their session username or id. This seems a bit open ended, you could send out a link to someone and when they opened it while in that application it would delete their account.. Whats the best way to handle this?

  Read the article

• How can I login in a website with Pyhon?

  - by Shady

  How can I do it? I was trying to enter some specified link (with urllib), but to do it, I need to log. I have this source from the site <form id="login-form" action="auth/login" method="post"> <div> <!--label for="rememberme">Remember me</label><input type="checkbox" class="remember" checked="checked" name="remember me" /--> <label for="email" id="email-label" class="no-js">Email</label> <input id="email-email" type="text" name="handle" value="" autocomplete="off" /> <label for="combination" id="combo-label" class="no-js">Combination</label> <input id="password-clear" type="text" value="Combination" autocomplete="off" /> <input id="password-password" type="password" name="password" value="" autocomplete="off" /> <input id="sumbitLogin" class="signin" type="submit" value="Sign In" /> It's possible?

  Read the article

• getRequestProperty("Authorization") always returns null

  - by Thilo

  I am trying to read the authorization header for an HTTP request (because I need to add something to it), but I always get null for the header value. Other headers work fine. public void testAuth() throws MalformedURLException, IOException{ URLConnection request = new URL("http://google.com").openConnection(); request.setRequestProperty("Authorization", "MyHeader"); request.setRequestProperty("Stackoverflow", "anotherHeader"); // works fine assertEquals("anotherHeader", request.getRequestProperty("Stackoverflow")); // Auth header returns null assertEquals("MyHeader", request.getRequestProperty("Authorization")); } Am I doing something wrong? Is this a "security" feature? Is there a way to make this work with URLConnection, or do I need to use another HTTP client library?

  Read the article

• Why is dwm.exe using so much memory?

  - by Leonard Challis

  I've scoured the web, but I'm sick of reading "scan your computer for viruses" and "upgrade your RAM" on answers to similar questions to this. I understand that dwm.exe is for (simply put) caching bitmaps for things like Aero-peek and similar, but as far as I have read it shouldn't be using vast amounts of memory. My colleague and I both have 4GB of RAM, Core 2 Duo, blah, blah -- essentially they're pretty capable. His dwm.exe is running at around 30mb, mind is currently running at about half a gig, though it does fluctuate quite a lot. This is the same while running the exact same applications (currently Zend studio, FireFox (with firemin - low memory usage), Outlook). Every so often I will get a notification asking me if I want to switch to Aero Basic because it's using too much memory, and sometimes it will just switch itself to basic and let me know why. I know it's possible to stop it switching, but I want to know why it is using too much memory otherwise it's just papering over the cracks. One thing to add is this seems to have started after a robbery on Monday, where two of my monitors were stolen, and I had to temporarily use a couple of alternative monitors. I am now using brand new monitors but the problem is the same. All drivers installed and working seemingly fine. Any ideas why the usage is so high? We are using windows 7 64-bit Professional.

  Read the article

• Building PHP For MacOS

  - by Eray

  I was using XAMPP and decided to uninstall it and use MacOS' in-built apache and php modules. But while uninstalling XAMPP I deleted /usr/bin/php files and other PHP-CLI files accidentally. And I decided to install newest version of PHP (5.5.12) instead of rebuilding current version (5.4.24). Downloaded it and unzip. After this executed this command as mentioned at this guide. ./configure '--with-apxs2=/usr/sbin/apxs' '--enable-cli' '--with-config-file-path=/etc' '--with-zlib=/usr' '--enable-bcmath' '--with-bz2=/usr' '--enable-calendar' '--disable-cgi' '--with-curl=/usr' '--enable-dba' '--enable-ndbm=/usr' '--enable-exif' '--enable-fpm' '--enable-ftp' '--with-gd' '--enable-gd-native-ttf' '--enable-mbregex' '--with-mysql=mysqlnd' '--with-mysqli=mysqlnd' '--with-pear' '--with-pdo-mysql=mysqlnd' '--with-mysql-sock=/var/mysql/mysql.sock' '--with-tidy' '--enable-wddx' '--with-xmlrpc' '--enable-zip' make make install When i check phpinfo() , it's still version 5.4.24 . This line from my httpd.conf LoadModule php5_module libexec/apache2/libphp5.so /usr/libexec/apache2/libphp5.so coming from old version and i couldn't ind libphp5.so for new version. There is no libphp5.so file inside modules dir. How can i use new PHP build with Apache ? UPDATE Results of php -v command . PHP 5.5.12 (cli) (built: May 27 2014 05:17:21) Copyright (c) 1997-2014 The PHP GroupZend Engine v2.5.0, Copyright (c) 1998-2014 Zend Technologies

  Read the article

• Sharepoint 2010 - AAM - SPSite(SPContext.Current.Site.ID) RootWeb.Url is from wrong zone

  - by user2026343

  I have a sharepoint 2010 web application with 2 different zones, default zone with windows login (for search crawl), internet with Claims (FBA) for users to login. I have custom webparts that uses using (SPSite mySite = new SPSite(SPContext.Current.Site.ID)) using (SPWeb web = mySite.RootWeb) { string url = web.Url I use this url to include to emails etc... Problem is: when user connects to FBA (extended zone), and goes to the webpart,string url in my code returns the url of the default zone(windows auth) where user should not be touching. I have different host headers for these zones, any help would be very appreciated. Update: fixed it with using (SPSite newsite =new SPSite(SPContext.Current.Site.ID,SPContext.Current.Site.Zone)) using (SPWeb web = newsite.RootWeb) { //do your implementation here }

  Read the article

• Mongodb using db.help() on a particular db command

  - by user1325696

  When I type db.help() It returns DB methods: db.addUser(username, password[, readOnly=false]) db.auth(username, password) ... ... db.printShardingStatus() ... ... db.fsyncLock() flush data to disk and lock server for backups db.fsyncUnock() unlocks server following a db.fsyncLock() I'd like to find out how to get more detailed help for the particular command. The problem was with the printShardingStatus as it returned "too many chunks to print, use verbose if you want to print" mongos> db.printShardingStatus() --- Sharding Status --- sharding version: { "_id" : 1, "version" : 3 } shards: { "_id" : "shard0000", "host" : "localhost:10001" } { "_id" : "shard0001", "host" : "localhost:10002" } databases: { "_id" : "admin", "partitioned" : false, "primary" : "config" } { "_id" : "dbTest", "partitioned" : true, "primary" : "shard0000" } dbTest.things chunks: shard0001 12 shard0000 19 too many chunks to print, use verbose if you want to for ce print I found that for that particular command I can specify boolean parameter db.printShardingStatus(true) which wasn't shown using db.help().

  Read the article

• .NEt on WIN to Mono on Ubuntu

  - by Srikanth

  I am looking at a possibility to change my ASP.NET 2.0 app to Mono framework. I have used the mono analyzer tool and it does detect some p/invoke and interop dependencies. For ex. 1) We use excel interops and on linux we are looking to use staroffice/Openoffice instead. Is there an easy way of substituting excel with staroffice? (I know it sounds bizarre, but just don't want to miss out in case anyone has done it already.) 2) LDAP auth: What could be the best alternative in Ubuntu (or an other flavour of Linux) ? 3) Is there an ajax framework for mono? Preferably with similar controls as Atlas?? I hope I am not too ambitious here.. thanks.

  Read the article

• Ajax Post Request Returns JSON but Deferred Fails

  - by imrane

  I have a cross-domain POST request to http://api.local/user/auth - my API endpoint. I allow Cross Domain requests in my api with CORS. Using Chrome if that makes a difference. I get a valid server JSON response with 200 Status Code but I am using deferreds from a backbone model like so: @model.save() .fail(-> console.log 'sync fail') .success -> console.log 'sync OK' And I consistently get a 'sync fail' instead of the expected 'sync OK' Thoughts?

  Read the article

• Call REST service while impersonating a user that is already authorized to the glasfish server

  - by user1894489

  There are two web-applications deployed on a glassfish server. Both web applications provide a REST web service. the access to both web-services is secured via glassfish security constraints (at the moment BASIC Auth and file-realm). Let's say a user is accessing the service of web application A. After he is authorized, service A wants to call service B via REST client. Is there a way for a service to impersonate a user that is already authorized to the glasfish server? Maybe something like forwarding the security context or editing the headers? Is there another Filter? @Context private SecurityContext securityContext; username = securityContext.getUserPrincipal().getName(); password = ??? client.addFilter(new com.sun.jersey.api.client.filter.HTTPBasicAuthFilter(username, password)); Thanks!

  Read the article

• SAFE MODE Restriction in effect. The script not allowed to access directory owned by uid

  - by user57221

  I am running a dedicated server with multiple websites. I have created a global directory for common scripts for all websites, rather than repeating them in every website directory. How can I make this global directory accessible for all website. I am getting following error. Warning: require_once() [function.require-once]: SAFE MODE Restriction in effect. The script whose uid is XXXX is not allowed to access /vhosts/globallibrary/Zend/Application.php owned by uid XXXX I have change the ownership of global directory for X website. so it works fine for X website. latter I added another website Y Now I am getting the same error again. If I change the CHOWN for Y website then X website will have the same error. I don't want to disable the safemode restriction. Is there a work around, so that this global dir will be accessible by all website. I am getting following error in my browser when I try to access global directory. Global directory is on same level as all other websites. Is this a good practice to enable safemode for websites?

  Read the article

• Relation/Sort not working in rails controller?

  - by Elliot

  I have the following relation in my rails app: genre - has many - authors authors - belong to genre and has many books books - belongs to authors and belongs to users (users can add books to the db) in my controller I have: @books=current_user.books(:include => [:author => :genre], :order => 'created_at DESC') While I am able to use the @books variable in my views - nothing is done correctly (i.e. its not showing me only books added by that user, and its not descending by created_at)... any ideas? -- Also I'm using clearance for the user auth, so current_user without the @ in the controller seems to work fine Actually, I think the relation is working, only the sort might not be working...

  Read the article

• best way to add route under resource in Laravel 4

  - by passingby

  I would like know if there is a better way to add additional route aside from the default of resource in Laravel 4. I have this code below which is no problem with regard to the functionality, it's just that it seems to be long: <?php Route::group(array('before' => 'auth'), function() { # API Route::group(array('prefix' => 'api'), function() { Route::resource('projects', 'ProjectsController'); Route::resource('projects.groups', 'GroupsController'); Route::post('/projects/{projects}/groups/{groups}/reorder', 'GroupsController@reorder'); }); }); If in Rails Rails.application.routes.draw do # API namespace :api, defaults: { format: 'json' } do scope module: :v1 do resources :projects do resources :groups do member do post :reorder end end end end end end

  Read the article

• Best way to send mass email to my subscribers ( BCC or PEAR mail queue ? )

  - by xRobot

  I need to send email to my 5000 subscribers. What is the best way to do this ? 1) By using BCC ?: $from_addr = '[email protected]'; $mailing_list = '[email protected]', '[email protected]', '[email protected]; $message_subject = 'this is a test'; `$headers = array ("From" => $from_addr, "Bcc" => $mailing_list, "Subject" => $message_subject); $smtp = Mail::factory("smtp", array ('host' => "smtp.example.com", 'auth' => true, 'username' => "xxx", 'password' => "xxx")); $mail = $smtp->send($email, $headers, $message_body);` . 2) by using PEAR mail queue ?

  Read the article

• Process for beginning a Ruby on Rails project

  - by Daniel Beardsley

  I'm about to begin a Ruby on Rails project and I'd love to hear how others go through the process of starting an application design. I have quite a bit of experience with RoR, but don't have that many starting from scratch with only a vision experiences and would appreciate the wisdom of others who've been there. I'm looking for an order of events, reasons for the order, and maybe why each part is important. I can think of a few starting points, but I'm not sure where it's best to begin Model design and relationships (entities, how they relate, and their attributes) Think of user use-cases (or story-boards) and implement the minimum to get these done Create Model unit-tests then create the necessary migrations and AR models to get the tests to pass Hack out the most basic version of the simplest part of your application and go from there Start with a template for a rails app (like http://github.com/thoughtbot/suspenders) Do the boring gruntwork first (User auth, session management, ...) ...

  Read the article

• High-performance Academic Server [closed]

  - by PHPsmith

  Suppose I want to build a server for the university's academic interests. The server is dedicated only to a site, where users (students and lecturers) just view and fill the academic data. But at a time (e.g. once a semester), about 12,000 students will access the site simultaneously. Due to limitation of resources, I have to build the server using free software (except for the operating system Windows 7, the university has been prepared). The hardware is also limited to the usual 4-core computers (eg, Ivy Bridge Intel Core i7-3770) with approximately 16GB of memory (DDR3 1600 MHz), equipped with an RJ-45 port (Intel 82 579 Gigabit Ethernet). With all these limitations, I have to choose the software (web server, database, etc) are appropriate for this purpose is achieved. I decided to create a site in PHP. Please help me by answering the following questions based on your expertise. (my prime candidate software to consider after googling) Web server which is faster & stable & secure, when implemented and optimized for PHP? And why? (nginx) PHP accelerator which is faster & stable & compatible with the selected web server? And why? (APC with Zend Optimizer+) Database which is faster & stable & secure, when implemented and optimized for selected web server and selected PHP accelerator? (MySQL) Are there any errors that have been or will be happening from my condition is? If there is, please enlighten me? Is there anything else I need to know in order to achieve this goal? If there is, please enlighten me? I understand that the performance also depends on the implementation of source-code program, so I assume it will create a site with the best efficiency (e.g. using AJAX).

  Read the article

< Previous Page | 106 107 108 109 110 111 112 113 114 115 116 117  | Next Page >