Search Results

Search found 412 results on 17 pages for 'openid'.

Page 14/17 | < Previous Page | 10 11 12 13 14 15 16 17  | Next Page >

  • How to refuse to give an access to passwords to a customer without being unprofessional or rude?

    - by MainMa
    Let's say you're creating a website for a customer. This website has its own registration (either combined with OpenID or not). The customer asks you to be able to see the passwords the users are choosing, given that the users will probably be using the same password on every website. In general, I say: either that it is impossible to retrieve the passwords, since they are not stored in plain text, but hashed, or that I have no right to do that or that administrators must not be able to see the passwords of users, without giving any additional details. The first one is false: even if the passwords are hashed, it is still possible to catch and store them on each logon (for example doing a strange sort of audit which will remember not only which user succeeded or failed to logon, but also with which password). The second one is rude. How to refuse this request, without being either unprofessional or rude?

    Read the article

  • Mozilla lance la bêta de Persona, son système d'authentification centralisée pour le Web qui met fin aux identifiants et mots de passe

    Mozilla lance la bêta de Persona son système d'authentification centralisée pour le Web, qui met fin aux identifiants et mots de passe Mozilla vient de lancer la version beta de « Persona », son nouveau système d'authentification pour le Web. Persona est un moyen d'identification qui élimine les identifiants et mots de passe sur les sites Web, tout en étant sécurisé et facile à utiliser. Le but du projet est de permettre aux utilisateurs de s'identifier sur différents sites sans mot de passe spécifique et sans avoir recours à des services d'authentification centralisée comme Facebook ou OpenID, et aux sites Web de ne plus s'inquiéter sur la sécurité des mots de passe.

    Read the article

  • Profiling Script [closed]

    - by Abhirup Manna
    Possible Duplicate: I need an open source php social script, minus the social features I am looking for a web script in which users can register and create a simple profile page; something like a CV. When users log in they will be able to fill out a simple form with details like name, dob, etc. and it displays in a simple fashion on the profile page like domain.com/username Is there any simple script available for this maybe free or open sourced? An example is prairie identity server (openID). I need something similar but more customizable.

    Read the article

  • How to create a Uri instance parsed with GenericUriParserOptions.DontCompressPath

    - by Andrew Arnott
    When the .NET System.Uri class parses strings it performs some normalization on the input, such as lower-casing the scheme and hostname. It also trims trailing periods from each path segment. This latter feature is fatal to OpenID applications because some OpenIDs (like those issued from Yahoo) include base64 encoded path segments which may end with a period. How can I disable this period-trimming behavior of the Uri class? Registering my own scheme using UriParser.Register with a parser initialized with GenericUriParserOptions.DontCompressPath avoids the period trimming, and some other operations that are also undesirable for OpenID. But I cannot register a new parser for existing schemes like HTTP and HTTPS, which I must do for OpenIDs. Another approach I tried was registering my own new scheme, and programming the custom parser to change the scheme back to the standard HTTP(s) schemes as part of parsing: public class MyUriParser : GenericUriParser { private string actualScheme; public MyUriParser(string actualScheme) : base(GenericUriParserOptions.DontCompressPath) { this.actualScheme = actualScheme.ToLowerInvariant(); } protected override string GetComponents(Uri uri, UriComponents components, UriFormat format) { string result = base.GetComponents(uri, components, format); // Substitute our actual desired scheme in the string if it's in there. if ((components & UriComponents.Scheme) != 0) { string registeredScheme = base.GetComponents(uri, UriComponents.Scheme, format); result = this.actualScheme + result.Substring(registeredScheme.Length); } return result; } } class Program { static void Main(string[] args) { UriParser.Register(new MyUriParser("http"), "httpx", 80); UriParser.Register(new MyUriParser("https"), "httpsx", 443); Uri z = new Uri("httpsx://me.yahoo.com/b./c.#adf"); var req = (HttpWebRequest)WebRequest.Create(z); req.GetResponse(); } } This actually almost works. The Uri instance reports https instead of httpsx everywhere -- except the Uri.Scheme property itself. That's a problem when you pass this Uri instance to the HttpWebRequest to send a request to this address. Apparently it checks the Scheme property and doesn't recognize it as 'https' because it just sends plaintext to the 443 port instead of SSL. I'm happy for any solution that: Preserves trailing periods in path segments in Uri.Path Includes these periods in outgoing HTTP requests. Ideally works with under ASP.NET medium trust (but not absolutely necessary).

    Read the article

  • How to deploy http://code.google.com/p/dyuproject/ into app engine

    - by portoalet
    Hi, I am trying to use openid/hybrid in app engine, but so far, no luck. No success with openid4java (because it creates socket etc), and no luck with dyuproject either. How do it deploy dyuproject into my java appengine? I just could not understand the different structure of the code in http://dyuproject.googlecode.com/files/dyuproject.appspot.com-source-2009-10-08.zip It is just so different than the default new google web application. Many thanks.. I have been struggling the whole week

    Read the article

  • Plug and play login system?

    - by yuval
    Does anybody know of a plug-and-play login system that supports existing logins like Google and OpenID? I am looking to implement something similar to that of Stack Overflows. Thanks!

    Read the article

  • What's open-source commenting system are available?

    - by Shamoon
    My site has several listing pages and on each page, I'd like to enable a commenting mechanism, but I want it to be as open source as humanly possible. This means full use of OpenID's, Facebook connect, etc. Does such a system exist that'll allow users to post their comments on my listing pages? By the way, my site utilizes a LAMP architecture.

    Read the article

  • Managing User Profiles with PHP/MySQL for Beginners

    - by serhio
    I am beginner in PHP/MySql and would develop a simple site that has user management. I like the idea of using OpenId's (like stackoverflow uses). I wonder from where to start? What should I read? I have not much time so probably will net enter in all details of PHP user session management, this because I search something like User profiles management in PHP for dummies 8D Environment: Linux OS Apache 2.2.15 MySQL 5.1.41 PHP 5.2.13 cPanel 11.25.0

    Read the article

  • Webdevelopement : Login Specification

    - by mr.bio
    Hi there , i just started with PHP and i wanted to implement a Login. Rather than inventing the Wheel : is there any Online Specification for a Login System ? Things a should care about : detect Brute Force attacks implement password recovery maybe openID and/or with facebook account prevent SQL injection ..... So i think this has been done more than 1000 times. Where can i read about it ?

    Read the article

  • Rails Plugin Installation Problem

    - by Steve
    When I tried to install the openid plugin, I do not get any confirmation msg about the installation.Even I specify some random .git plugin name, It does not give out any error. Can someone please tell me what about to do to rectify the problem? I used the following syntax ruby script/plugin install git://github.com/rails/open_id_authentication.git

    Read the article

  • Google App Engine - The most awaited feature

    - by systempuntoout
    This list is taken from the official Google App Engine roadmap: SSL for third-party domains Background servers capable of running for longer than 30s Ability to reserve instances to reduce application loading overhead Ability to select different availability vs. latency options for Datastore Support for mapping operations across datasets Datastore dump and restore facility Raise request/response size limits for some APIs Improved monitoring and alerting of application serving Support for Browser Push (Comet) communication Built-in support for OAuth & OpenID What is your most awaited feature and why?

    Read the article

  • Facebook Connect: Redirect to FB login page instead of popup

    - by AyKarsi
    I'm just starting of to get Facebook connect to work. One thing that really bugs me, is that when I click the FB login button, it opens up a popup. I would much more prefer to have the user redirected to FB, where he can login and be sent back to my site. (Just like openid login works here at SO) I can't find anything in the docs, although I have the feeling I'm not looking in the right place: http://developers.facebook.com/docs/reference/javascript/fb.api/

    Read the article

  • dasBlog

    - by Daniel Moth
    Some people like blogging on a site that is completely managed by someone else (e.g. http://wordpress.com/) and others, like me, prefer hosting their own blog at their own domain. In the latter case you need to decide what blog engine to install on your web space to power your blog. There are many free blog engines to choose from (e.g. the one from http://wordpress.org/). If, like me, you want to use a blog engine that is based on the .NET platform you have many choices including BlogEngine.NET, Subtext and the one I picked: dasBlog. In this post I'll describe the steps I took to get going with the open source dasBlog (home page, source page). A. Installing First I installed dasBlog on my local Windows 7 machine where I have IIS7 installed. To install dasBlog, I started by clicking the "Install" button on its web gallery page. After that I went through configuration, theming and adding content as described below. Once I was happy that everything was working correctly on the local machine, I set this up on a hosting service. I went for a Windows IIS7 shared hosting 3 month Economy plan from GoDaddy. The dasBlog site lists a bunch of other hosts. You can read the installation instructions for dasBlog, and with GoDaddy I just had to click one button since it is available as part of their quick-install apps. With GoDaddy I had a previewdns option that allowed me to play around and preview my site before going live. B. Configuring After it was installed (on local machine and/or hosting provider), I followed the obvious steps to create an admin user and logged in. This displays an admin navigation bar with the following options: 1. Navigator Links: I decided I was not going to use this feature. I manage links on the side of my blog manually elsewhere as part of the theme. So, I deleted every entry on this page and ignored it thereafter. 2. Blogroll: Ditto - same comment as for Navigator Links. 3. Content Filters: I did not delete (or add) these, but I did ensure both checkboxes are not checked. I.e. I am not using this feature now, but I may return to it in the future. 4. Activity: This is a read-only view of various statistics. So nothing to configure here, but useful to come back to for complementary statistics to whatever other statistical package you use (e.g. free stats as part of the hosting and I also use feedburner for syndication stats). 5. Cross-posting: I did not need that, so I turned it off via the Configuration Settings discussed next. 6. Configuration Settings: This is where the bulk of the configuration for the blog takes place and they are stored in a single XML file: Site.Config file. There are truly self-explanatory options to pick for Basic Settings, Services Settings and Services to Ping, Syndication Settings (this is where you link to your feedburner name if you have one) and Mail to Weblog Settings (I keep this turned off). There are also "Xml Storage System Settings" (I keep this turned off), "OpenId Settings" (I allow OpenID commenters), "Spammer Settings" (Enable captcha, never show email addresses) and "Comment settings" (Enable comments, don't allow on older posts, don't allow html). There are also Appearance Settings (I checked the "Use Post Title for Permalink", replaced spaces with hyphen and unchecked the "Use Unique Title"). Finally, there are also Notification Settings, but they are a bit of hit and miss in my case, in that I don’t always get the emails (still investigating this). C. Adding Content You can add content via the "Add Entry" link on the admin navigation bar or by configuring the "Mail to Weblog" settings and sending email or, do what I've started doing, use Live Writer (also the team has a blog). Another way to add content is programmatically if, for example, you are migrating content from another blog (and I'll cover that in separate post sharing the code). What you should know is that all blog content (posts and comments) live in XML files in a folder called "content" under your dasBlog installation. D. Theming There is a very good guide about themes for dasBlog, there is also a similar guide with screenshots (scroll down to "So how do I create a theme") and the dasBlog macro reference. When you install dasBlog, there are many themes available; each theme is in its own folder (representing the folder name) under the themes folder. You may have noticed that you can switch between these via the "Appearance Settings" described above (look for the combobox after the Default Theme label). I created my own theme by copy-pasting an existing theme folder, renaming it and then switching to it as the default. I then opened the folder in Visual Studio and hacked around the HTML in the 3 files (itemTemplate, homeTemplate and dayTemplate). These files have a blogtemplate file extension, which I temporarily renamed to HTML as I was editing them. There is no more advice I can offer here as this is a matter of taste and the aforementioned links is all I used. Personally, I had salvaged the CSS (and structure) from my previous blog and wanted to make this one match it as closely as possible - I think I have succeeded. E. If you run into any issue with dasBlog... ...use your favorite search engine to find answers. Many bloggers have been using this engine for a while and have documented issues and workarounds over time. One such example is ScottHa's dasBlog category; another example is therightstuff where I "borrowed" the idea/macro for the outlook-style on-page navigation. If you don't find what you want through searching, try posting a question to the forums. Comments about this post welcome at the original blog.

    Read the article

  • How do I get started with Chef?

    - by Brad Wright
    The chef documentation is pretty bad. And Google isn't helping me. Can anyone point me at a decent article or something that would help me get started? My specific issues are: How do I get a client to read my configuration? chef-solo seems like the best start (I don't want to run an OpenID server or Merb) How do I configure Apache to serve Django? I already know how to do this via regular server configuration, but I figure an example Chef recipe would be a good start;

    Read the article

  • Frustration with superuser.com user interface (please migrate this to "meta")

    - by Randolf Richardson
    Can someone please migrate this question to "meta" for me? I'm unable to post there while I wait for OpenID to fix my password problems. Thanks. I'm having problems with superuser.com's interface -- when I provide an answer to a question, sometimes the buttons get locked and then I find out that the question was migrated. Usually I can go back and copy-and-paste my answer at whatever site it goes to, but on occasion my answer is lost and I have to re-type it. This is very time-consuming, and makes it quite frustrating to use the system. In addition, I find that I'm wasting a lot of time dealing with having to re-register on the other sites. My suggestion is to not de-activate the "Submit answer" button but to just forward that along to the migrated site automatically, thus ensuring that answers that people put a lot of effort into don't get lost. Thanks in advance.

    Read the article

  • Releasing Shrinkr – An ASP.NET MVC Url Shrinking Service

    - by kazimanzurrashid
    Few months back, I started blogging on developing a Url Shrinking Service in ASP.NET MVC, but could not complete it due to my engagement with my professional projects. Recently, I was able to manage some time for this project to complete the remaining features that we planned for the initial release. So I am announcing the official release, the source code is hosted in codeplex, you can also see it live in action over here. The features that we have implemented so far: Public: OpenID Login. Base 36 and 62 based Url generation. 301 and 302 Redirect. Custom Alias. Maintaining Generated Urls of User. Url Thumbnail. Spam Detection through Google Safe Browsing. Preview Page (with google warning). REST based API for URL shrinking (json/xml/text). Control Panel: Application Health monitoring. Marking Url as Spam/Safe. Block/Unblock User. Allow/Disallow User API Access. Manage Banned Domains Manage Banned Ip Address. Manage Reserved Alias. Manage Bad Words. Twitter Notification when spam submitted. Behind the scene it is developed with: Entity Framework 4 (Code Only) ASP.NET MVC 2 AspNetMvcExtensibility Telerik Extensions for ASP.NET MVC (yes you can you use it freely in your open source projects) DotNetOpenAuth Elmah Moq xUnit.net jQuery We will be also be releasing  a minor update in few weeks which will contain some of the popular twitter client plug-ins and samples how to use the REST API, we will also try to include the nHibernate + Spark version in that release. In the next release, not sure about the timeline, we will include the Geo-Coding and some rich reporting for both the User and the Administrators. Enjoy!!!

    Read the article

  • Membership e Authentication no ASP.NET 4.5

    - by renatohaddad
    Vejam que boa notícia. Para quem desenvolve em asp.net e usa autenticação com membership terá uma grande novidade na hora de autenticar. Na versão 4.5 poderemos autenticar o usuário usando a rede social, ou seja, o login poderá ser feito usando os serviços do Google, Yahoo, Facebook, Twitter e Windows Live. Isto tudo será possível pq teremos novos providers OAuth e OpenID para authentication.1.No site "developer website for Windows Live, Facebook, or Twitter", crie uma app e registre uma chave (key=minhaChave) com o valor "curso asp.net 4.5".2. No seu site altere o arquivo _AppStart.cshtml e crie o código do provider do Facebook:OAuthWebSecurity.RegisterOAuthClient(     BuiltInOAuthClient.Facebook, consumerKey: "", minhaChave: "");3. No arquivo ~/Account/Login.cshtml descomente o bloco do fieldset para habilitar o provider.<fieldset>     <legend>Log in using another service</legend>     <input type="submit" name="provider" id="facebook"value="Facebook"         title="Log in using your Facebook account." />     <input type="submit" name="provider" id="twitter" value="Twitter"         title="Log in using your Twitter account." />     <input type="submit" name="provider" id="windowsLive"         value="WindowsLive"         title="Log in using your Windows Live account." /> </fieldset>4. Por fim, no arquivo ~/Account/AssociateServiceAccount.cshtml descomente o bloco do fieldset e pronto, na autenticação serão exibidos todos os providers.

    Read the article

  • Password-free logins using your email address only?

    - by Mario
    The state of logins is horrendous. With each site having it's own rules for passwords, it can be very hard to remember what variation you used on any given site. Logins are pure pain. One thing I love about Craigslist is that it did away with logins altogether. I know this design may not suit every site, but there's something to their design that beckons to be repeated. OpenID is great on sites that have adopted it, but it's still not standard. Would it be feasible/wise to use an email address as a login and provide no password? The site would send a short-term key directly to your email address. You click on the link and you're in. When you're done, you "logout" and your key is terminated. I've toyed with this idea before. What concerns (i.e. spammers, bots, etc.) would make this impractical or unsafe and could they be overcome?

    Read the article

  • Configuring LiveID authentication with SharePoint2010

    - by ybbest
    With the addition of the new claims based authentication framework in SharePoint 2010, SharePoint is now more loosely coupled to the authentication layer than ever. You’ve probably seen presentations or webinars where it was mentioned that you can use claims authentication against authentication providers such as Live ID and OpenID. In this blog I will show you the common problems while you configure you LiveID integration with SharePoint2010.The detailed configuration can be found in the following blogs. Part 1 – http://www.wictorwilen.se/Post/Visual-guide-to-Windows-Live-ID-authentication-with-SharePoint-2010-part-1.aspx Part 2 – http://www.wictorwilen.se/Post/Visual-guide-to-Windows-Live-ID-authentication-with-SharePoint-2010-part-2.aspx Part 3 – http://www.wictorwilen.se/Post/Visual-guide-to-Windows-Live-ID-authentication-with-SharePoint-2010-part-3.aspx Here are some problems I have following the instructions: Problem 1: If you had the following exceptions when you run the PowerShell scripts to create the new LiveID authentication provider New-SPTrustedIdentityTokenIssuer : Exception of type ‘System.ArgumentException’ was thrown.Parameter name: claimType At line:1 char:42 + $authp = New-SPTrustedIdentityTokenIssuer <<<< -Name “LiveID INT” -Description “LiveID INT” -Realm $realm -ImportTrustCertificate $certfile -ClaimsMappings $emailclaim,$upnclaim -SignInUrl “https://login.live-int.com/login.srf” -IdentifierClaim $emailclaim.InputClaimType + CategoryInfo : InvalidData:(Microsoft.Share…dentityProvider:SPCmdletNewSPIdentityProvider) [New-SPTrustedIdentityTokenIssuer], ArgumentException + FullyQualifiedErrorId :Microsoft.SharePoint.PowerShell.SPCmdletNewSPIdentityProvider Solution: You need to Remove the existing the SPTrustedIdentityTokenIssuer.     1. You need to first get the existing TokenIssuer name by Get-SPTrustedIdentityTokenIssuer, and then run Remove- SPTrustedIdentityTokenIssuer to remove the existing TokenIssuer.     2. After that , you can re-run the script , everything should work fine now. Problem 2: Live INT automatically logs out Whenever I try to log in (https://login.live-int.com/login.srf), after entering valid email/password I get redirected to the logout page. Solution: You can find the solution in my previous blog.

    Read the article

  • Is this possible?

    - by PythonNewbie2
    Hello, I'm exploring some technologies and JSP with JSF 2.0 and Primefaces seems really cool. I'm new to all of these, but I'm a fast learner. I wondering if I can create the web app I want withh JSP/JSF/Primefaces or should I be looking to different technologies? If I should, which ones do you recommend? Here's a basic description of the app: Users log in with their username and password (maybe I can somehow incorporate google OPENID)? With a really nice UI, they will be presented a large list of questions specific to a certain category, for example, JSP. When they click on any of these questions, a little input opens up below it to allow the user to put in a link. If the link they enter has the same question on that webpage the URL points to, they will be awarded one point. This question then disappears and gets added to a different page that has a list of all correctly linked questions. On the right side of the screen, there will be a leaderboard with the usernames of the people with the top ten points. Is this possible with JSP/JSF/Primefaces, or should I be looking elsewhere for a different web technology? The idea is relatively simple - to be able to compile links to external websites for specific questions. I know I can build the UI easily with Primefaces. What I'm not sure is if JSP/JSF gives the ability to parse HTML at a certain URL to see if it contains words. I can do this with python easily by using urllib. Any help would be appreciated!!! What would be more helpful than a "Yes" or "No" answer would be links to where I can see sample code of external HTML parsing. Your input is truly appreciated! Thanks!

    Read the article

  • Authentication system brainstorm

    - by gansbrest
    Hi. We got multiple small websites (microsites) and one main high traffic one with big users base. Right now the requirement is to build authentication system which should allow users to loign with the same identity across the network. All website are running on different domains, powered by Drupal 6 CMS and have separate databases (so sharing tables with prefix is not an option + it creates a huge mess in the db). Here is the set of core requirements I came up with: Users should be able to login with the same credentials to all sites within the network User’s data sharing between Main site (storage) and all micro sites within the network Data synchronization across the network when user changes the data (update email or password for example) The login/registration process should be seamless and consistent Register on any of the sites across the network and use that identity to login later on. In the future there might be a need to add openid authentication options. Basically we are looking at something similar stackexchange does, but not sure if they have central users base on not. I was thinking about custom solution which will include 2 parts (modules), one will be stored on the Main site for users data storing and responding to requests from clients. Second part (module) will be placed on each microsite, which is going to send requests to the Master. Some kind of client - server setup. One of the complications I see right away is #3. Data Synhcronization across the network. I just don't want to reinvent the wheel and maybe some work is already done in this direction. Looking forward to your ideas on how to approach this project. EDIT: We use MySQL database

    Read the article

  • Mozilla Persona to the login rescue?

    - by Matt Watson
    A lot of website now allow us to login or create accounts via OAuth or OpenID. We can use our Facebook, Twitter, Google, Windows Live account and others. The problem with a lot of these is we have to have allow the websites to then have access to our account and profile data that they shouldn't really have. Below is a Twitter authorization screen for example when signing in via Technorati. Now Technorati can follow new people, update my profile and post tweets? All I wanted to do was login to Technorati.com to comment on a post!Mozilla has just released their new solution for this called Persona. First thought is oh great another solution! But they are actually providing something a little different and better. It is based on an email address and isn't linked to anything like our personal social networks or their information. Persona only exists to help with logging in to websites. No loose strings attached.Persona is based on a new standard called BrowserID and you can read more about it here:How BrowserID Works.  The goal is to integrate BrowserID in to the browser at a deeper level so no password entry is required at all. You can tell your web browser to just auto sign in for you. I am really hoping this takes off and will look at implementing it in current projects! I would recommend researching it and lets hope it or something like it becomes a wide spread reality in the future.

    Read the article

  • Do you sign contracts digitally or still on paper? And what do clients think?

    - by user1162541
    We are all getting used to checking a box and putting our name in a text field to create a contract with an airline, a hosting company, or a software download. However, for some reason I am still asking clients to sign our contracts for website development on paper, and send me a scan. Few complain about this procedure, but I am personally thinking: what am I doing, doing this the old fashion way?! Signing contracts digitally would be faster, more convenient for clients and for me, and easier to store. So to me it appears to be time to start creating some contract agreement online that clients can read, then print their name, and mark a box "I AGREE WITH THIS CONTRACT AND BY PRINTING MY NAME I AGREE TO SIGNING THIS", or something like that. I would record their IP, browser data, and time of signing. If I really want to ensure their identity, I could link this to OpenID and require them to log in with their e-mail so that I can ensure that they are logged in on an existing e-mail account. Sounds OK to me. My question is: is this practice becoming a standard practice in professional IT services? Are you (as a professional) doing this? If you are, how do clients react? Any drawbacks doing this? EDIT: This question is not about the legal aspects. It is about common practices among programmers and web-development companies, and what clients think of this.

    Read the article

< Previous Page | 10 11 12 13 14 15 16 17  | Next Page >