Search Results

Search found 3452 results on 139 pages for 'zend auth'.

Page 110/139 | < Previous Page | 106 107 108 109 110 111 112 113 114 115 116 117 | Next Page >

Have the default security settings changed in Windows 7 that would affect IPrincipal.IsInRole?

- by adrianbanks

We use NTLM auth in our application to determine whether a user can perform certain operations. We use the IPrincipal of their current Windows login (in WinForms applications), calling IsInRole to check for specific group memberships. To check that a user is a local administrator on the machine, we use: AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal); ... bool allowed = Thread.CurrentPrincipal.IsInRole(@"Builtin\Administrators") This works if the current user is the Administrator user, or is another user that is a member of the Builtin\Administrators group. In our testing on Windows 7, we have found that this no longer works as expected. The Administrator user still works fine, but any other user that is a member of the Builtin\Administrators group returns false for the IsInRole call. What could be causing this difference? I have a gut feeling that a default setting has changed somewhere (possible in gpedit), but cannot find anything that looks like the culprit.

Read the article
Single SignOn - Best practice

- by halfdan

Hi Guys, I need to build a scalable single sign-on mechanism for multiple sites. Scenario: Central web application to register/manage account (Server in Europe) Several web applications that need to authenticate against my user database (Servers in US/Europe/Pacific region) I am using MySQL as database backend. The options I came up with are either replicating the user database across all servers (data security?) or allowing the servers to directly connect to my MySQL instance by explicitly allowing connections from their IPs in my.cnf (high load? single point of failure?). What would be the best way to provide a scalable and low-latency single sign-on for all web applications? In terms of data security would it be a good idea to replicate the user database across all web applications? Note: All web applications provide an API which users can use to embed widgets into their own websites. These widgets work through a token auth mechanism which will again need to authenticate against my user database.

Read the article
In Django, why is user.is_authenticated a method and not a member variable like is_staff

- by luc

Hello all, I've lost some time with a bug in my app due to user authentication. I think that it's a bit confusing but maybe someone can explain the reason and it will appear to me very logical. The user.is_staff is a member variable while user.is_authenticated is a method. However is_authenticated only returns True or False depending if the class is User or AnonymousUser (see http://docs.djangoproject.com/en/dev/topics/auth/) Is there a reason for that? Why user.is_authenticated is a method? Thanks in advance

Read the article
Custom login in Django

- by alpgs

Django newbie here. I wrote simplified login form which takes email and password. It works great if both email and password are supplied, but if either is missing i get KeyError exception. According to django documentation this should never happen: By default, each Field class assumes the value is required, so if you pass an empty value -- either None or the empty string ("") -- then clean() will raise a ValidationError exception I tried to write my own validators for fields (clean_email and clean_password), but it doesn't work (ie I get KeyError exception). What am I doing wrong? class LoginForm(forms.Form): email = forms.EmailField(label=_(u'Your email')) password = forms.CharField(widget=forms.PasswordInput, label=_(u'Password')) def clean_email(self): data = self.cleaned_data['email'] if not data: raise forms.ValidationError(_("Please enter email")) return data def clean_password(self): data = self.cleaned_data['password'] if not data: raise forms.ValidationError(_("Please enter your password")) return data def clean(self): try: username = User.objects.get(email__iexact=self.cleaned_data['email']).username except User.DoesNotExist: raise forms.ValidationError(_("No such email registered")) password = self.cleaned_data['password'] self.user = auth.authenticate(username=username, password=password) if self.user is None or not self.user.is_active: raise forms.ValidationError(_("Email or password is incorrect")) return self.cleaned_data

Read the article
3-legged-oauth and Google ContactsClient problem

- by PanosJee

Hi I am using 3-legged-oauth to import a users' Google contacts in my app. I did not find the ContactsClient library but i was using only the ContacsService and i was fetching the ContactsFeed but that resulted to not having a lot of data. After the user allows my apps i store the auth_token key and secret so i can run a cron task to fetch contacts' updates I am using this code atm: google = gdata.contacts.service.ContactsService(source=GOOGLE_OAUTH_SETTINGS['APP_NAME']) google.SetOAuthInputParameters(GOOGLE_OAUTH_SETTINGS['SIG_METHOD'], GOOGLE_OAUTH_SETTINGS['CONSUMER_KEY'], consumer_secret=GOOGLE_OAUTH_SETTINGS['CONSUMER_SECRET']) access_token = gdata.auth.OAuthToken(user_oauth_token, user_oauth_secret) access_token.oauth_input_params = google.GetOAuthInputParameters() google.SetOAuthToken(access_token) feed = google.GetContactsFeed() When i try to use the contacts client contacts_client = gdata.contacts.client.ContactsClient( source=GOOGLE_OAUTH_SETTINGS['APP_NAME']) feed2 = contacts_client.GetContacts(auth_token = access_token) I get the following error (please note that the access_token is the same as above and I user 3-legged-oauth HMAC) Actual results: File "/Library/Python/2.5/site-packages/atom/client.py", line 108, in request auth_token.modify_request(http_request)

Read the article
mod rewrite works fine apart from for missing directory index files

- by j w

I have a legacy web site hosted on Apache. It has a number of web pages sitting in the public web root and its subfolders. publicDocs/ directorywith_no_defaultfile/ some-legacy-flat-page.htm .htaccess index.php some-legacy-flat-page.htm I would like to start using Zend MVC for some of the newer pages. I have got a .htaccess mod rewrite rule working so that any request for a non-existent file is sent to be handled by the MVC bootstrap file (/index.php). With my current set-up, the following types of requests are routed to '/index.php', the MVC bootstrap: /index.php /blah /directorywith_no_defaultfile/bloo The following types of request are served by old legacy (flat) pages /some-legacy-flat-page.htm /directorywith_no_defaultfile/some-legacy-flat-page.htm But, when I a request a non-existent file that is a directory like these: /directorywith_no_defaultfile or /directorywith_no_defaultfile/ I get an error: Forbidden You don't have permission to access /directorywith_no_defaultfile/ on this server. Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request. I suspect this may have something to do with the way Apache handles default files. Do you know which Apache directives could be causing this?

Read the article
How to find out what is causing a slow down of the application on this server?

- by Jan P.

This is not the typical serverfault question, but I'm out of ideas and don't know where else to go. If there are better places to ask this, just point me there in the comments. Thanks. Situation We have this web application that uses Zend Framework, so runs in PHP on an Apache web server. We use MySQL for data storage and memcached for object caching. The application has a very unique usage and load pattern. It is a mobile web application where every full hour a cronjob looks through the database for users that have some information waiting or action to do and sends this information to a (external) notification server, that pushes these notifications to them. After the users get these notifications, the go to the app and use it, mostly for a very short time. An hour later, same thing happens. Problem In the last few weeks usage of the application really started to grow. In the last few days we encountered very high load and doubling of application response times during and after the sending of these notifications (so basically every hour). The server doesn't crash or stop responding to requests, it just gets slower and slower and often takes 20 minutes to recover - until the same thing starts again at the full hour. We have extensive monitoring in place (New Relic, collectd) but I can't figure out what's wrong; I can't find the bottlekneck. That's where you come in: Can you help me figure out what's wrong and maybe how to fix it? Additional information The server is a 16 core Intel Xeon (8 cores with hyperthreading, I think) and 12GB RAM running Ubuntu 10.04 (Linux 3.2.4-20120307 x86_64). Apache is 2.2.x and PHP is Version 5.3.2-1ubuntu4.11. If any configuration information would help analyze the problem, just comment and I will add it. Graphs info phpinfo() apc status memcache status collectd Processes CPU Apache Load MySQL Vmem Disk New Relic Application performance Server overview Processes Network Disks (Sorry the graphs are gifs and not the same time period, but I think the most important info is in there)

Read the article
Using gmail as SMTP server in Java web app is slow

- by Annie

Hi, I was wondering if anyone might be able to explain to me why it's taking nearly 30 seconds each time my Java web app sends an email using Gmail's SMTP server? See the following timestamps: 13/04/2010-22:24:27:281 DEBUG test.service.impl.SynchronousEmailService - Before sending mail. 13/04/2010-22:24:52:625 DEBUG test.service.impl.SynchronousEmailService - After sending mail. I'm using spring's JavaMailSender class with the following settings: email.host=smtp.gmail.com [email protected] email.password=mypassword email.port=465 mail.smtp.auth.required=true Note that the mail is getting sent and I'm receiving it fine, there's just this delay which is resulting in a slow experience for the application user. If you know how I can diagnose the problem myself that would be good too :)

Read the article
Double hop SQL delegation not working

- by eKoz

I've been trying to diagnose this for some time, and unfortunately Im still getting the dreaded anonymous logon issue when trying to connect to a sql db as a domain user. Steps taken: App Pool created with delegation service acct Site / Virtual dir running with Integrated Windows auth only Made sure site itself can use kerberos KB 215383 Service acct added to IIS_WPG group Service acct added to "act as part of operating system" under Local Security settings Service acct added to Log on as service under Local Security Settings HTTP SPN set for web address + service account (and FQDN) MSSQLSvc SPN set for sql box and domain acct sql is running as Trust for delegation turned on service acct, specified services, and sql service acct After all this, Im still getting the exact same error from when I started. Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'. This has advanced my balding by at least 5 years so far. I would greatly appreciate any additional tips on diagnosing or setting up.

Read the article
Why is dwm.exe using so much memory?

- by Leonard Challis

I've scoured the web, but I'm sick of reading "scan your computer for viruses" and "upgrade your RAM" on answers to similar questions to this. I understand that dwm.exe is for (simply put) caching bitmaps for things like Aero-peek and similar, but as far as I have read it shouldn't be using vast amounts of memory. My colleague and I both have 4GB of RAM, Core 2 Duo, blah, blah -- essentially they're pretty capable. His dwm.exe is running at around 30mb, mind is currently running at about half a gig, though it does fluctuate quite a lot. This is the same while running the exact same applications (currently Zend studio, FireFox (with firemin - low memory usage), Outlook). Every so often I will get a notification asking me if I want to switch to Aero Basic because it's using too much memory, and sometimes it will just switch itself to basic and let me know why. I know it's possible to stop it switching, but I want to know why it is using too much memory otherwise it's just papering over the cracks. One thing to add is this seems to have started after a robbery on Monday, where two of my monitors were stolen, and I had to temporarily use a couple of alternative monitors. I am now using brand new monitors but the problem is the same. All drivers installed and working seemingly fine. Any ideas why the usage is so high? We are using windows 7 64-bit Professional.

Read the article
Ajax Post Request Returns JSON but Deferred Fails

- by imrane

I have a cross-domain POST request to http://api.local/user/auth - my API endpoint. I allow Cross Domain requests in my api with CORS. Using Chrome if that makes a difference. I get a valid server JSON response with 200 Status Code but I am using deferreds from a backbone model like so: @model.save() .fail(-> console.log 'sync fail') .success -> console.log 'sync OK' And I consistently get a 'sync fail' instead of the expected 'sync OK' Thoughts?

Read the article
Mongodb using db.help() on a particular db command

- by user1325696

When I type db.help() It returns DB methods: db.addUser(username, password[, readOnly=false]) db.auth(username, password) ... ... db.printShardingStatus() ... ... db.fsyncLock() flush data to disk and lock server for backups db.fsyncUnock() unlocks server following a db.fsyncLock() I'd like to find out how to get more detailed help for the particular command. The problem was with the printShardingStatus as it returned "too many chunks to print, use verbose if you want to print" mongos> db.printShardingStatus() --- Sharding Status --- sharding version: { "_id" : 1, "version" : 3 } shards: { "_id" : "shard0000", "host" : "localhost:10001" } { "_id" : "shard0001", "host" : "localhost:10002" } databases: { "_id" : "admin", "partitioned" : false, "primary" : "config" } { "_id" : "dbTest", "partitioned" : true, "primary" : "shard0000" } dbTest.things chunks: shard0001 12 shard0000 19 too many chunks to print, use verbose if you want to for ce print I found that for that particular command I can specify boolean parameter db.printShardingStatus(true) which wasn't shown using db.help().

Read the article
Code igniter authentication code in controller security question

- by Prime Studios

I have a main controller to handle the very front-end of my authentication system, it handles login, logout, update user info, etc. functions that I anticipate calling by POST'ing from views/forms. What about something like a "delete_user" function though? My thoughts are a button in someones admin panel would say "Delete Account" and it would post to "/auth/delete", and the function would delete the user based on their session username or id. This seems a bit open ended, you could send out a link to someone and when they opened it while in that application it would delete their account.. Whats the best way to handle this?

Read the article
getRequestProperty("Authorization") always returns null

- by Thilo

I am trying to read the authorization header for an HTTP request (because I need to add something to it), but I always get null for the header value. Other headers work fine. public void testAuth() throws MalformedURLException, IOException{ URLConnection request = new URL("http://google.com").openConnection(); request.setRequestProperty("Authorization", "MyHeader"); request.setRequestProperty("Stackoverflow", "anotherHeader"); // works fine assertEquals("anotherHeader", request.getRequestProperty("Stackoverflow")); // Auth header returns null assertEquals("MyHeader", request.getRequestProperty("Authorization")); } Am I doing something wrong? Is this a "security" feature? Is there a way to make this work with URLConnection, or do I need to use another HTTP client library?

Read the article
How can I login in a website with Pyhon?

- by Shady

How can I do it? I was trying to enter some specified link (with urllib), but to do it, I need to log. I have this source from the site <form id="login-form" action="auth/login" method="post"> <div>  <label for="email" id="email-label" class="no-js">Email</label> <input id="email-email" type="text" name="handle" value="" autocomplete="off" /> <label for="combination" id="combo-label" class="no-js">Combination</label> <input id="password-clear" type="text" value="Combination" autocomplete="off" /> <input id="password-password" type="password" name="password" value="" autocomplete="off" /> <input id="sumbitLogin" class="signin" type="submit" value="Sign In" /> It's possible?

Read the article
Sharepoint 2010 - AAM - SPSite(SPContext.Current.Site.ID) RootWeb.Url is from wrong zone

- by user2026343

I have a sharepoint 2010 web application with 2 different zones, default zone with windows login (for search crawl), internet with Claims (FBA) for users to login. I have custom webparts that uses using (SPSite mySite = new SPSite(SPContext.Current.Site.ID)) using (SPWeb web = mySite.RootWeb) { string url = web.Url I use this url to include to emails etc... Problem is: when user connects to FBA (extended zone), and goes to the webpart,string url in my code returns the url of the default zone(windows auth) where user should not be touching. I have different host headers for these zones, any help would be very appreciated. Update: fixed it with using (SPSite newsite =new SPSite(SPContext.Current.Site.ID,SPContext.Current.Site.Zone)) using (SPWeb web = newsite.RootWeb) { //do your implementation here }

Read the article
Building PHP For MacOS

- by Eray

I was using XAMPP and decided to uninstall it and use MacOS' in-built apache and php modules. But while uninstalling XAMPP I deleted /usr/bin/php files and other PHP-CLI files accidentally. And I decided to install newest version of PHP (5.5.12) instead of rebuilding current version (5.4.24). Downloaded it and unzip. After this executed this command as mentioned at this guide. ./configure '--with-apxs2=/usr/sbin/apxs' '--enable-cli' '--with-config-file-path=/etc' '--with-zlib=/usr' '--enable-bcmath' '--with-bz2=/usr' '--enable-calendar' '--disable-cgi' '--with-curl=/usr' '--enable-dba' '--enable-ndbm=/usr' '--enable-exif' '--enable-fpm' '--enable-ftp' '--with-gd' '--enable-gd-native-ttf' '--enable-mbregex' '--with-mysql=mysqlnd' '--with-mysqli=mysqlnd' '--with-pear' '--with-pdo-mysql=mysqlnd' '--with-mysql-sock=/var/mysql/mysql.sock' '--with-tidy' '--enable-wddx' '--with-xmlrpc' '--enable-zip' make make install When i check phpinfo() , it's still version 5.4.24 . This line from my httpd.conf LoadModule php5_module libexec/apache2/libphp5.so /usr/libexec/apache2/libphp5.so coming from old version and i couldn't ind libphp5.so for new version. There is no libphp5.so file inside modules dir. How can i use new PHP build with Apache ? UPDATE Results of php -v command . PHP 5.5.12 (cli) (built: May 27 2014 05:17:21) Copyright (c) 1997-2014 The PHP GroupZend Engine v2.5.0, Copyright (c) 1998-2014 Zend Technologies

Read the article
.NEt on WIN to Mono on Ubuntu

- by Srikanth

I am looking at a possibility to change my ASP.NET 2.0 app to Mono framework. I have used the mono analyzer tool and it does detect some p/invoke and interop dependencies. For ex. 1) We use excel interops and on linux we are looking to use staroffice/Openoffice instead. Is there an easy way of substituting excel with staroffice? (I know it sounds bizarre, but just don't want to miss out in case anyone has done it already.) 2) LDAP auth: What could be the best alternative in Ubuntu (or an other flavour of Linux) ? 3) Is there an ajax framework for mono? Preferably with similar controls as Atlas?? I hope I am not too ambitious here.. thanks.

Read the article
Relation/Sort not working in rails controller?

- by Elliot

I have the following relation in my rails app: genre - has many - authors authors - belong to genre and has many books books - belongs to authors and belongs to users (users can add books to the db) in my controller I have: @books=current_user.books(:include => [:author => :genre], :order => 'created_at DESC') While I am able to use the @books variable in my views - nothing is done correctly (i.e. its not showing me only books added by that user, and its not descending by created_at)... any ideas? -- Also I'm using clearance for the user auth, so current_user without the @ in the controller seems to work fine Actually, I think the relation is working, only the sort might not be working...

Read the article
Best way to send mass email to my subscribers ( BCC or PEAR mail queue ? )

- by xRobot

I need to send email to my 5000 subscribers. What is the best way to do this ? 1) By using BCC ?: $from_addr = '[email protected]'; $mailing_list = '[email protected]', '[email protected]', '[email protected]; $message_subject = 'this is a test'; `$headers = array ("From" => $from_addr, "Bcc" => $mailing_list, "Subject" => $message_subject); $smtp = Mail::factory("smtp", array ('host' => "smtp.example.com", 'auth' => true, 'username' => "xxx", 'password' => "xxx")); $mail = $smtp->send($email, $headers, $message_body);` . 2) by using PEAR mail queue ?

Read the article
Process for beginning a Ruby on Rails project

- by Daniel Beardsley

I'm about to begin a Ruby on Rails project and I'd love to hear how others go through the process of starting an application design. I have quite a bit of experience with RoR, but don't have that many starting from scratch with only a vision experiences and would appreciate the wisdom of others who've been there. I'm looking for an order of events, reasons for the order, and maybe why each part is important. I can think of a few starting points, but I'm not sure where it's best to begin Model design and relationships (entities, how they relate, and their attributes) Think of user use-cases (or story-boards) and implement the minimum to get these done Create Model unit-tests then create the necessary migrations and AR models to get the tests to pass Hack out the most basic version of the simplest part of your application and go from there Start with a template for a rails app (like http://github.com/thoughtbot/suspenders) Do the boring gruntwork first (User auth, session management, ...) ...

Read the article
SAFE MODE Restriction in effect. The script not allowed to access directory owned by uid

- by user57221

I am running a dedicated server with multiple websites. I have created a global directory for common scripts for all websites, rather than repeating them in every website directory. How can I make this global directory accessible for all website. I am getting following error. Warning: require_once() [function.require-once]: SAFE MODE Restriction in effect. The script whose uid is XXXX is not allowed to access /vhosts/globallibrary/Zend/Application.php owned by uid XXXX I have change the ownership of global directory for X website. so it works fine for X website. latter I added another website Y Now I am getting the same error again. If I change the CHOWN for Y website then X website will have the same error. I don't want to disable the safemode restriction. Is there a work around, so that this global dir will be accessible by all website. I am getting following error in my browser when I try to access global directory. Global directory is on same level as all other websites. Is this a good practice to enable safemode for websites?

Read the article
best way to add route under resource in Laravel 4

- by passingby

I would like know if there is a better way to add additional route aside from the default of resource in Laravel 4. I have this code below which is no problem with regard to the functionality, it's just that it seems to be long: <?php Route::group(array('before' => 'auth'), function() { # API Route::group(array('prefix' => 'api'), function() { Route::resource('projects', 'ProjectsController'); Route::resource('projects.groups', 'GroupsController'); Route::post('/projects/{projects}/groups/{groups}/reorder', 'GroupsController@reorder'); }); }); If in Rails Rails.application.routes.draw do # API namespace :api, defaults: { format: 'json' } do scope module: :v1 do resources :projects do resources :groups do member do post :reorder end end end end end end

Read the article
Debugging a Browser Redirect Loop

- by just_wes

Hi all, I am using CakePHP with the Auth and ACL components. My page loads fine for non-registered users, but if I try to log in as a registered user I get an infinite redirect loop in the browser. I am sure that this is some sort of permissions problem, but the problem exists even for users who have permissions for everything. The only way to prevent this behavior is to allow '*' in my AppController's beforeFilter method. What is the best way to debug this sort of problem? Thanks!

Read the article
Backup Google Calendar programmatically: https://www.google.com/calendar/exporticalzip

- by Michael

I'm struggling with writing a python script that automatically grabs the zip fail containing all my google calendars and stores it (as a backup) on my harddisk. I'm using ClientLogin to get an authentication token (and successfully can obtain the token). Unfortunately, i'm unable to retrieve the file at https://www.google.com/calendar/exporticalzip It always asks me for the login credentials again by returning a login page as html (instead of the zip). Here's the critical code: post_data = post_data = urllib.urlencode({ 'auth': token, 'continue': zip_url}) request = urllib2.Request('https://www.google.com/calendar', post_data, header) try: f = urllib2.urlopen(request) result = f.read() except: print "Error" Anyone any ideas or done that before? Or an alternative idea how to backup all my calendars (automatically!)

Read the article

< Previous Page | 106 107 108 109 110 111 112 113 114 115 116 117 | Next Page >