Search Results

Search found 13776 results on 552 pages for 'password reset'.

Page 148/552 | < Previous Page | 144 145 146 147 148 149 150 151 152 153 154 155  | Next Page >

• Service-Based Authentication Using Tokens

  - by jerhinesmith

  I'm having a tough time trying to find clear and concise examples of how one would implement a service-based authentication scheme using tokens. As far as I can tell, the basic steps are as follows: Client requests username/password from user Client passes username/password to identity provider Provider checks username/password and sends back a token if the user is valid Client does something with the token? The third and fourth step are where I'm getting stuck. I assume the "token" in this case just has to be either an encrypted string that the client can decrypt or some random string that gets stored somewhere (i.e. a database) that the client can then verify against, but I'm not really sure what the client is then supposed to do with the token or why you even need a token at all -- couldn't a simple user ID also suffice?

  Read the article

• ActionController::InvalidAuthenticityToken: verified with authentication token on the form!

  - by goodwill

  I don't know why it happens but my form for some reason does not post properly. I am very sure the form contains the required authentication token: <form action="/account/complete_verify_email/4df78710-e27b-4527-bd2d-71cd2e9a1271" method="post"><div style="margin:0;padding:0"><input name="authenticity_token" type="hidden" value="341b07dfa682ed11a045e19956e2e3f5f499e8cb"></div> <input id="password" name="password" type="password"> <input name="commit" type="submit" value="Continue"> </form> Note the authenticity_token is there. What happened? And YOU KNOW WHAT? Quitting Safari and restart again solved the issue... but I can't think of what kind of intermittent behaviour could cause such problem.

  Read the article

• Django design question: extending User to make users that can't log in

  - by jobrahms

  The site I'm working on involves teachers creating student objects. The teacher can choose to make it possible for a student to log into the site (to check calendars, etc) OR the teacher can choose to use the student object only for record keeping and not allow the student to log in. In the student creation form, if the teacher supplies a username and a password, it should create an object of the first kind - one that can log in, i.e. a regular User object. If the teacher does not supply a username/password, it should create the second type. The other requirement is that the teacher should be able to go in later and change a non-logging-in student to the other kind. What's the best way to design for this scenario? Subclass User and make username and password not required? What else would this affect?

  Read the article

• What's wrong with XOR encryption?

  - by Colin

  I wrote a short C++ program to do XOR encryption on a file, which I may use for some personal files (if it gets cracked it's no big deal - I'm just protecting against casual viewers). Basically, I take an ASCII password and repeatedly XOR the password with the data in the file. Now I'm curious, though: if someone wanted to crack this, how would they go about it? Would it take a long time? Does it depend on the length of the password (i.e., what's the big-O)?

  Read the article

• [Android] How do I load URL that requires login into variable?

  - by bebeTech

  I am trying to port my usage meter from a JavaScript Gadget (win) / Widget (OSX) to Android. Total newbie when comes to JAVA + Eclipse + Android 2.1 SDK. Essentially what I want to do is load a page, pass through a username and password and load the resulting page into a array that I can then run some regular expressions through. My code from JavaScript (I've replace the actual URL with a dummy one) is: xmlhttp.open("post","https://acme.com.au/your_account/index.php?function=login",false); xmlhttp.setRequestHeader("If-Modified-Since", "Sat, 1 Jan 2000 00:00:00 GMT"); xmlhttp.setRequestHeader("Content-Type", "application/x-www-form-urlencoded"); xmlhttp.send("check_username=" + username + "&password=" + password); I need to know the Android equivalent to the above please. I've played around with WebView but that loads the page in a web browser which isn't what I want.

  Read the article

• Ruby On Rails : db:migrate do not run

  - by user332219

  Hi, When i run this command i have an error : rake db:migrate --trace rake aborted! NoMethodError: undefined method `ord' for 0:Fixnum: SET NAMES 'utf8' see the log file here : http://patxi.mayol.free.fr/public/trace.txt my database.yml file is here : MySQL. Versions 4.1 and 5.0 are recommended. # development: adapter: mysql encoding: utf8 reconnect: false database: annuaire_development pool: 5 username: root password: host: 127.0.0.1 test: adapter: mysql encoding: utf8 reconnect: false database: annuaire_test pool: 5 username: root password: host: 127.0.0.1 production: adapter: mysql encoding: utf8 reconnect: false database: annuaire_production pool: 5 username: root password: host: 127.0.0.1 Thanks My config : WampServer 2.0 with MySQL 5.0.51a Aptana 2.0.4 Ruby 1.8.5 Gems: actionmailer (2.3.4, 2.3.2) actionpack (2.3.4, 2.3.2) activerecord (2.3.4, 2.3.2) activeresource (2.3.4, 2.3.2) activesupport (2.3.4, 2.3.2) cgi_multipart_eof_fix (2.5.0) fastthread (1.0.1) gem_plugin (0.2.3) linecache (0.43) mongrel (1.1.5) mysql (2.8.1, 2.7.3) rack (1.0.0) rails (2.3.4, 2.3.2) rake (0.8.7) ruby-debug-base (0.10.3) ruby-debug-ide (0.4.5) sqlite3-ruby (1.2.1)

  Read the article

• How to get result size from an SQL query and check size

  - by Jimmy

  Hi I'm trying to write a piece of code for a simple verification method as part of a MVC. At present the SQL is not written as a prepared statement so obviously it is at risk to a SQL injection so any help in regards to writing the SQL as a prepared statement would be really helpful. The method which is in the User model. public boolean getLoginInfo() { try { DBAccess dbAccess = new DBAccess(); String sql = "SELECT username, password FROM owner WHERE username = '" + this.username + "'AND password = '" + this.password + "';"; dbAccess.close();dbAccess.executeQuery(sql); dbAccess.close(); return true; } catch (Exception e) { return false; } } I want to get the size of the result set which is generated by the SQL query and if the size of it is 1 return true else it's false. If you need more info on the rest of the MVC just post and I'll get it up here.

  Read the article

• error string list handle in C#

  - by Chelsea_cole

  Same namespace: 2 forms. public class Account //frm1 { public string Username; public string Password; } public class ListAcc { public static List<Account> UserList; } private void button1_Click(object sender, EventArgs e) { List<Account> UserList = new List<Account>(); Account acc = new Account(); acc.Username = textBox1.Text; acc.Password = textBox2.Text; UserList.Add(acc); } private void button2_Click(object sender, EventArgs e) //frm2 { string p = frmDangky.ListAcc.UserList[0].Username; // null ->error string p = frmDangky.ListAcc.UserList[0].Password; // null ->error } Someone help me? :( why my string is NULL???????? The textBox is not empty... Thanks!

  Read the article

• Hashbytes comparison in stored proceduring not matching record

  - by Michael Itzoe

  The password field in my user table (SQL Server 2008) is encrypted using HASHBYTES on insertion. I have a stored procedure with parameters for the username and plain-text password which does a SELECT using that username and the password sent through HASHBYTES, then returns the user record if it finds a match. The SP is always returning an empty recordset, but if I copy and paste just the SELECT from the SP to a new query window, it returns the matched record. There're no other statements in the SP. I'm missing something here; what is it?

  Read the article

• Cannot start jboss remotely in ruby (Net::SSH)

  - by Jared

  I am trying to start/stop jboss remotely with ruby Net::SSH library. I am able to stop jboss with the following code: require 'net/ssh' Net::SSH.start('xx.xx.xx.xx', 'jboss', :password => "jboss") do |session| session.open_channel do |channel| channel.request_pty(:term => 'xterm') do |ch, success| raise "could not request pty!" unless success channel.exec "/etc/init.d/jboss_new stop\n" end puts "shell opened" channel.on_data do |channel, data| puts data sleep 1 if data =~ /Password: / sleep 2 channel.send_data("jboss\n") end end end end But when I substitute stop with start I get nothing in return, jboss is not started. I changed password to invalid and get a response su: Authentication failure Is there any gimmick here? Can you please advise what is wrong?

  Read the article

• Sending passwords over the web

  - by Falmarri

  So I'm working on a mobile platform application that I'd like to have users authenticate over the web. I was wondering the best way to do security. The user is sending a password for HTTP to a php server wich authenticates against a mysql database on the same server. Obviously I don't want to send the password in plain text over the internet, but I also don't want to do 2 SHA hashes. This is what the server looks like (in pseudocode) $pass = $_POST['pass']; if ((get PASSWORD where USERNAME = USERNAME) == SHA($pass)) return PASS; This is pretty standard and I don't think there's any other way to do this. But I was wondering how I should prepare the data before sending it over the internet.

  Read the article

• PHP 2-way encryption: I need to store passwords that can be retrieved

  - by gAMBOOKa

  I am creating an application that will store passwords, which the user can retrieve and see. The passwords are for a hardware device, so checking against hashes are out of the question. What I need to know is: How do I encrypt and decrypt a password in PHP? What is the safest algorithm to encrypt the passwords with? Where do I store the private key? Instead of storing the private key, is it a good idea to require users to enter the private key any time they need a password decrypted? (Users of this application can be trusted) In what ways can the password be stolen and decrypted? What do I need to be aware of?

  Read the article

• connect perl with mssql

  - by Bharanikumar

  i have user id, password,databasename, datasource details, i want to connect perl with mssql server, i just used following snippet, but getting error, #!/usr/bin/perl -w use strict; use DBI; my $data_source = q/dbi:ODBC:192.168.3.137/; my $user = q/bharani/; my $password = q/123456/; # Connect to the data source and get a handle for that connection. my $dbh = DBI->connect($data_source, $user, $password) or die "Can't connect to $data_source: $DBI::errstr"; My Error DBI connect('192.168.3.137','bharani',...) failed: [Microsoft][ODBC Driver Manag er] Data source name not found and no default driver specified (SQL-IM002) at my sqlconnect.pl line 14 Can't connect to dbi:ODBC:192.168.3.137: [Microsoft][ODBC Driver Manager] Data s ource name not found and no default driver specified (SQL-IM002) at mysqlconnect .pl line 14. Information: my sql server present in another system, am just trying to connect with above details, plz tellme, i should crease DSN in my system, or anything i missed in my program

  Read the article

• Android and PHP - Do I need to use sessions?

  - by jtnire

  I have created an Android App that communicates with a PHP web server. They both send JSON to each other. My App is almost finished, however there is one thing left to do: authentication. Since the user's username and password will be stored in Android SharedPreferences, is there any need to use PHP sessions, given that the user won't need to enter the username/password at every request? Since I can just send the username and password in the HTTP POST header for every request, and that I will be using SSL, is this sufficient? I guess I could add an extra field in the header called 'random' that just adds a random value, just to use as a salt so that the encrypted SSL payload will be different everytime. The reason why I don't want to use sessions is that my Android App would either have to handle cookies, or managed the storage of the session ID. If there are some serious cons to using my method above, then I'm more than happy to use sessions, however all advice is appreciated. Thanks

  Read the article

• How? Encrypt and Decrypt user membership passwords in ASP.NET

  - by smdrager

  We are creating a new site using ASP.NET membership provider for user registration and log in. Our old system encrypted user passwords so that we could recover them if we needed to. I am having a great deal of trouble figuring out if it is possible to use ASP.NET membership functions to simply encrypt the password when the user registers and then unencrypt it so I can see it. Documentation for this is neigh non-existant. I know how to configure Web.config to have it store passwords as encrypted ala passwordFormat="Hashed" in the provider and assigning a validationKey in the machineKey, however it seems like the password still gets hashed (though perhaps it is just well encrypted). Either way I cannot decifer how the password can be recovered (by us) if neccessary. Thanks!

  Read the article

• How not to lose focus on a login page

  - by Misha Moroshko

  I have a simple login form with 2 input fields: "username" and "password". "username" field is focused by default. The problem is that when user clicks outside "username" or "password" fields, the focus is gone (it is neither on "username" nor on "password" fields"). How can I force the focus to be on these 2 fields only ? In my case, this is a really annoying behavior, so I really want to do this :) Can I do something like: $("*").focus(function() { if (!$(this).hasClass("my_inputs_class")) { // How to stop the focusing process here ? } }); ?

  Read the article

• MVC Forms Authentication with custom database

  - by AndrewVos

  I'm trying to get forms authentication working for an mvc site. I have a custom database with a users table, and I would like to do my own password validation. I am logging in my user like this: if (PasswordHasher.Hash(password) == dataUser.Password) { FormsAuthentication.SetAuthCookie(email, true); return true; } The problem is, when the session expires obviously the user has to login again. I am thinking I should be storing this Auth cookie in my users table? Update: I'm obviously in desperate need of more education in this area. I just noticed that the user stays authenticated even after an iisreset. I guess what I'm asking is how can I get persistent and non persistent authentication working properly. I want a user to not have to login again if they click "remember", and if they don't then their authentication should expire when the forms authentication is set to expire.

  Read the article

• SQL query INSERT not working inserting values into my DB.

  - by Aiden Ryan

  Hello, I'm trying to insert registration data into a database but my php code isn't inserting the values into the DB although I'm not getting any errors either, can someone help me? this is the code i'm currently using: $connect = mysql_connect("localhost","myusername","mypassword"); mysql_select_db("application"); $queryreg = mysql_query('INSERT INTO users("username","password","email","date") VALUES("$username","$password","$email","$date")'); die ("You Have Been Registered."); I just need to add the username password email and date into the fields i have specified but it won't work, please someone help!

  Read the article

• Custom Rails Validation (Doesn't seem to be working)

  - by Karl Entwistle

  Hey guys ive got the following Model for Accounts require 'net/http' require 'uri' require 'date' class Account < ActiveRecord::Base validates_presence_of :username, :password, :on => :update validate :valid_expiry_date, :on => :update def valid_expiry_date reply = Net::HTTP.get URI.parse("http://api.rapidshare.com/cgi-bin/rsapi.cgi?sub=getaccountdetails_v1&type=prem&login=" + username + "&password=" + password) account = Time.at(reply[80..90].to_i) if (Time.now + 2419200) <= account return true else return false errors.add_to_base("Sorry this account isnt valid") end end end I know the code works in a ruby.rb file and will return true or false, however I seem to be having rather a lot of difficultly trying to translate this code into an actual validation, any help would be much appreciated. Thanks :) Its also defiantly at least connecting to the website as my firewall asked me if the Terminal was aloud to access it. At the moment not only is it displaying no errors its actually letting anything through and saving it.

  Read the article

• mysqli insert into database

  - by Simon

  Hello all i have this script and i will not insert into the database and i get no errors :S, do you know what it is? function createUser($username, $password) { $mysql = connect(); if($stmt = $mysql->prepare('INSERT INTO users (username, password, alder, hood, fornavn, efternavn, city, ip, level, email) VALUES (?,?,?,?,?,?,?,?,?,?)')) { $stmt->bind_param('ssssssssss',$username,$password, $alder, $hood, $fornavn, $efternavn, $city, $ip, $level, $email); $stmt->execute(); $stmt->close(); } else { echo 'error: ' . $mysql->error; }

  Read the article

• rake db:migrate and rake db:create both work on test database, not development database

  - by geography_guy

  I am new to Stack Overflow and Ruby on Rails. My problem is, when I run the command rake db:create or rake db:migrate, the test database is affected, but the development database is not. rails (3.2.2) my database.yml: # Warning: The database defined as "test" will be erased and # re-generated from your development database when you run "rake". # Do not set this db to the same as development or production. test: &test adapter: postgresql encoding: unicode database: ticketee_test pool: 5 username: ticketee password: my_password_here development: adapter: postgresql encoding: unicode database: ticketee_development pool: 5 username: ticketee password: my_password_here production: adapter: postgresql encoding: unicode database: ticketee_production pool: 5 username: ticketee password: my_password_here cucumber: <<: *test

  Read the article

• Multiple databases support in Symfony

  - by Ngu Soon Hui

  I am using Propel as my DAL for my Symfony project. I can't seem to get my application to work across two or more databases. Here's my schema.yml: db1: lkp_User: pk_User: { type: integer, required: true, primaryKey: true, autoIncrement: true } UserName: { type: varchar(45), required: true } Password: longvarchar _uniques: Unique: [ UserName ] db2: tesco: Id: { type: integer, required: true, primaryKey: true, autoIncrement: true } Name: { type: varchar(45), required: true } Description: longvarchar And here's the databases.yml: dev: db1: param: classname: DebugPDO test: db1: param: classname: DebugPDO all: db1: class: sfPropelDatabase param: classname: PropelPDO dsn: 'mysql:dbname=bpodb;host=localhost' #where the db is located username: root password: #pass encoding: utf8 persistent: true pooling: true db2: class: sfPropelDatabase param: classname: PropelPDO dsn: 'mysql:dbname=mystore2;host=localhost' #where the db is located username: root password: #pass encoding: utf8 persistent: true pooling: true When I call php symfony propel-build-model, only db1 is generated, db2 is not. Any idea how to fix this problem?

  Read the article

• Cannot get principal id on my Spock test

  - by Ant's

  I have a controller like this : @Secured(['ROLE_USER','IS_AUTHENTICATED_FULLY']) def userprofile(){ def user = User.get(springSecurityService.principal.id) params.id = user.id redirect (action : "show", params:params) } I want to test the controller above controller in spock, so I wrote a test code like this: def 'userProfile test'() { setup: mockDomain(User,[new User(username:"amtoasd",password:"blahblah")]) when: controller.userprofile() then: response.redirectUrl == "/user/show/1" } When I run my test, this test fails with this error message : java.lang.NullPointerException: Cannot get property 'principal' on null object at mnm.schedule.UserController.userprofile(UserController.groovy:33) And in case of Integration test: class UserSpec extends IntegrationSpec { def springSecurityService def 'userProfile test'() { setup: def userInstance = new User(username:"antoaravinth",password:"secrets").save() def userInstance2 = new User(username:"antoaravinthas",password:"secrets").save() def usercontroller = new UserController() usercontroller.springSecurityService = springSecurityService when: usercontroller.userprofile() then: response.redirectUrl == "/user/sho" } } I get the same error as well. What went wrong? Thanks in advance.

  Read the article

• Strange DataMapper (0.10.2) error. Please help!

  - by Joel M.

  See the full error here: http://notesapp.heroku.com/ I'm using DataMapper and dm-validations 0.10.2. No matter how much I tweak my models, I get the same error, or another one. Here's how my model looks like: class User include DataMapper::Resource attr_accessor :password, :password_confirmation property :id, Serial, :required => true property :email, String, :required => true, :format => :email_address, :unique => true property :hashed_password, String property :salt, String, :required => true property :created_at, DateTime, :default => Time.now property :permission_level, Integer, :default => 1 validates_present :password_confirmation, :unless => Proc.new { |t| t.hashed_password } validates_present :password, :unless => Proc.new { |t| t.hashed_password } validates_is_confirmed :password

  Read the article

• check for several conditions when a user logs in

  - by paul

  I would like to accomplish the following: If a username or password field is null, notify the user. If user name already exists, do not insert into the database and notify user to create a different name. if the username is unique and password is not null, return the username to the user. As of now it always returns "Please enter a different user name." I believe the issue has to do with the database query but I am not sure. If anyone can have a look and see if I am making an error, I greatly appreciate it, thanks. if ($userName or $userPassword = null) { echo "Please enter a user name and password or return to the homepage."; } elseif (mysql_num_rows(mysql_query("SELECT count(userName) FROM logininfo WHERE userName = '$userName'")) ==1) { echo "Please enter a different user name."; } elseif ($userName and $userPassword != null) { echo "Your login name is: $userName"; }

  Read the article

< Previous Page | 144 145 146 147 148 149 150 151 152 153 154 155  | Next Page >