Search Results

Search found 9318 results on 373 pages for 'django authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 156/373 | < Previous Page | 152 153 154 155 156 157 158 159 160 161 162 163  | Next Page >

  • Multiple formsauthentifications in the same application

    - by citronas
    Hi there, I was wondering if it is possible to use two different formsauthentification logins with the following directory structure: /default.aspx /login.aspx /web.config /subdirectory/sublogin.aspx /subdirectory/subdefault.aspx /subdirectory/web.config The web.config in the root contains the following settings: <authentication mode="Forms"> <forms protection="All" slidingExpiration="true" loginUrl="~/login.aspx" path="/"/> </authentication> <authorization> <deny users="?"/> </authorization> What I want to achieve is, that all directories except 'subdirectory' are protected by the login.aspx in the root. 'subdirectory' has its own login.aspx (sublogin.aspx) How would the correct content of the web.config in subdirectory look like?

    Read the article

  • Simple mail server setup for a user-based website.

    - by Absolute0
    I am working on a simple website that has user registration. All I need to do is confirm email addresses by emailing a confirmation email and maybe send out periodic emails regarding various information. I am also considering having a [email protected] email for user questions and comments. The application is written in django and I am running it on ArchLinux on a VPS. I have no knowledge of mail servers. I tried setting up postfix and qmail but had no luck. They are complicated and require a lot of configuration to get them working properly. My use case is super simple and doesn't not require anything fancy. Is there any simple mailing setup that will enable me to quickly get emailing working with my django app with minimal work?

    Read the article

  • Devise authenticating with username instead of email

    - by teknull
    I'm new to Devise and have it working fine by using an email address as the authentication key. However, I have a use case which requires a username instead and I can't seem to get it working. I've added a string column, "username" to the users table, changed the fields from :email to :username in the sign-in form, and have changed the authentication key in devise.rb to :username yet when I go to sign in I'm met with this prompt: "Please enter an email address". What am I doing wrong? **new.html.erb** <div><%= f.label :username %><br /> <%= f.email_field :username %></div> **User.rb** class User < ActiveRecord::Base # Include default devise modules. Others available are: # :token_authenticatable, :encryptable, :confirmable, :lockable, :timeoutable and :omniauthable devise :database_authenticatable, :registerable, :recoverable, :rememberable, :trackable, :validatable, :authentication_keys => [:username] # Setup accessible (or protected) attributes for your model attr_accessible :email, :password, :password_confirmation, :remember_me, :username # attr_accessible :title, :body end **devise.rb** config.authentication_keys = [ :username ]

    Read the article

  • Network update solutions for a company of ~20 (5 local, 15 remote)?

    - by Margaret
    Hi all This is probably going to be a bit up in the air, because we're still in the "reaching towards solutions" phase, but I figured I'd see what you guys had to say. Plus I honestly know very little about systems and what is good and bad pratice. My organisation has always more or less worked on the concept of local machines; since it primarily employed contractors who were working from home, each of those people was largely responsible for their own machine and backup procedures and the like. We're now expanding, though we're still reasonably small (we're up to about 20 staff members). Most people still work remotely, but we have a central office where about five people are working. But we're getting large enough that we're starting to think it would be a good idea to have a central file server, and things like that - if someone gets hit by a bus, we want someone else to know where to look for the files to continue their work. A lot of the people who work for us remotely work on projects for other companies as well, so I don't want to force them to log in to our server whenever they're on a network. But I do want to make connection to be as painless as possible to do so, to improve utilisation. The other thing is that we're getting more people who would like to remote into the office server and do their work there. Our current remote connection application is an SSH install that allows people access to the network; the problem is, it's a black box to me, and I've never understood how to even connect to it (despite supposedly being de facto sysadmin). Thus far I've been able to bounce questions about how to get it working to the guy who does know it well, but he's leaving the company soon. So we probably need a solution for this that I actually understand. We were knocking around the idea of implementing a VPN with some form of remote desktop, and someone mentioned that this was largely a matter of purchasing a router capable of it; I'm not sure of the truth of that statement. This is what we have in the office: Two shiny new i7 servers, each running Windows Server 2008. Precise eventual layout is still being debated, a little, but the current suggestion is that one is primary database crunching, while the other is a warm backup of the databases, along with running Reporting Services. They currently have SQL Server 2008 installed on them, which is being connected to via the 'sa' account. We're hoping to make each person use their own account (preferably one tied to the 'central' password we set up, so we can use Windows Authentication). An older server, running XP Pro, that we are currently using as a test bed for a project that requires access to older versions of software. This machine is also being used to take backups, but I'm thinking of moving that functionality elsewhere. A spare desktop from a guy who left the company (XP Pro). We're thinking of bumping up the hard disk space and using it as the magical file server that's going to solve one particular everything. Assorted desktops, laptops, etc, at least one for each person in the office (mix of Win XP and Win 7; occasionally a person who normally works remotely might drop in to the office and bring a laptop bearing Vista, but it's pretty rare). All are set up as local user accounts at the moment; I don't know if it's the best arrangement. Purchasing more hardware is not a big problem, but we figure we might as well make use of what we've got first. Is Active Directory a big magic wand that's going to solve all the world's problems? Is there some other arrangement we should be looking to instead?

    Read the article

  • What exactly is an invalid HTTP_HOST header

    - by rolling stone
    I've implemented Django's relatively new allowed hosts setting, which is meant to prevent attackers from submitting requests with a fake HTTP Host header. Since adding that setting, I now get anywhere from 20-100 emails a day notifying me of invalid HTTP_HOST headers. I've copied in an example of a typical error message below. I'm hosting my site on EC2, and am relatively new to setting up/maintaining a server, so my question is what exactly is happening here, and what is the best way to manage these invalid and I assume malicious requests? [Django] ERROR: Invalid HTTP_HOST header: 'www.launchastartup.com'.You may need to add u'www.launchastartup.com' to ALLOWED_HOSTS.

    Read the article

  • Does Apache allow to authorize an HTTP request based on a result of a subrequest?

    - by Jan Wrobel
    I'm looking for an equivalent of nginx http auth request module but for Apache. For each incoming HTTP requests, the module sends a subrequests to authentication/authorization back-end. Th auth request carries a path and all headers of the original request. Based on the result of the auth request, the original requests is allowed (HTTP code 200), denied (HTTP code 403) or login is requested (HTTP code 401). Such a generic mechanism allows to build really flexible authentication and authorization schemes. Is something like this possible in Apache (likely with a help of some third party module)?

    Read the article

  • User.Identity.Name returning NT AUTHORITY\NETWORK SERVICE i want Domain\USER

    - by Jalvemo
    in my asp.net MVC project i have an database connection with connectionstring: Data Source=.;Initial Catalog=dbname;Integrated Security=True All users can execute Stored Procedures on that connection and i want to log those users. so after each execution I store "User.Identity.Name" to another database. This work great on my development machine but after deployment, to access the site i have to go through a VPN-connention and then remote desktop to the same server that the IIS is running on and use a web-browser there. Then i get User.Identity.Name: "NT AUTHORITY\NETWORK SERVICE". i would expect it to be the credentials i entered in remote desktop that have access to the database. any idea how i can get this to work? iis6 authentication: "windows authentication: enabled" web.config:

    Read the article

  • strange SQL Server attach database error

    - by George2
    Hello everyone, I am using SQL Server 2008 Enterprise with VSTS 2008, and I am developing a simple web application using ASP.Net and Forms Authentication. When I am using the configuration tool/menu of VSTS of my ASP.Net project (I want to use this tool to manually add some Forms authentication users), I met with the following error (SqlException), Trying to attach file D:\Projects\MyTest\App_Data\aspnetdb.mdf to automatically named database failed. It may be caused by existing the same name database, or may be caused by specified file can not be opened or caused by the specified file exists in UNC share. In my computer, there is no aspnetdb.mdf under dir D:\Projects\MyTest\App_Data, and I have used aspnet_regsql to generate database successfully before I run the configuration tool. Why there is such error? How to fix it? thanks in advance, George

    Read the article

  • Send nginx X-Accel-Redirect request from remote server

    - by phingage
    I have 2 server first (domain.com) is a django/apache server, second (f1.domain.com) is a file server (nginx) where some files are protected and should be allow download only to registred user, so i have setup a nginx server with a server { listen 80 default_server; server_name *.domanin.com; access_log /home/domanin/logs/access.log; location /files/ { internal; root /home/domanin; } } and from django I send a request via X-Accel-Redirect header, but dosen't work i think because come from a remote server, how can i accomplish my task? regards!

    Read the article

  • Authorization in Rails

    - by sev
    Who can show me how I must use declarative_authorization (http://github.com/stffn/declarative_authorization) with restfult_authentication (http://github.com/technoweenie/restful-authentication)?

    Read the article

  • How to send data securely over a public channel?

    - by Daniel
    Hi! I have a smart client application being deployed with a CickOnce webpage. here's the current scenario. 1.User runs the application, and the application shows a login form. 2.User enters ID/Password in the login form, and the application sends that information to the server. 3.The server authenticates the user and sends configuration and data to the application. Different users have different configuration and data for their application. I was concerned that anyone can download the application from the webpage if they know the URL. So I'm trying to change the authentication scheme, so that users can login at the webpage to download the application. I want to send the authentication info from the webpage(Program running at the server) to the smart client app, so that application can download the configuration information from the server, without prompting users to make a login again. How can the webpage send the ID/Passoword to the application securely?

    Read the article

  • How to configure IIS7 to Redirect member of An active Directory group to static page

    - by user1759075
    On IIS, we have disabled Anonymous authentication and enabled Windows Authentication What we need is to only allow users who are members of an Active Directory security group to access the Access Point at all. All other users should be directed to a static web page that will give them instructions on how to request access. By adding the security group to the website permissions, and removing the \Users group, we have almost achieved this. Users in the group are allowed through, those not in the group are asked for a (Windows) username and password. Instead of requesting the username and password, we want IIS to redirect them to the static page. Please advise me on how can this be done.

    Read the article

  • Use multiple WSGI mount points in Apache with an Nginx reverse proxy

    - by Thomas
    I am trying to set up multiple virtual hosts on the same server with Nginx and Apache and have run into a curious configuration issue. I have nginx is configured with a generic upstream to apache. upstream backend { server 1.1.1.1:8080; } I'm trying to set up multiple subdomains in nginx that hit different mountpoints in apache. Each would act like the following examples. server { listen 80; server_name foo.yoursite.com; location / { proxy_pass http://backend/bar/; include /etc/nginx/proxy.conf; } ... } server { listen 80; server_name delta.yoursite.com; location / { proxy_pass http://backend/gamma/; include /etc/nginx/proxy.conf; } ... } These mountpoints are pointed at django projects, however each of the url entries are coming back prepended with the apache mountpoint path. So, if I called the django url entry for foo.yoursite.com/wiki/biz/, django appears to be returning foo.yoursite.com/bar/wiki/biz/. Similarly, if I call for the url entry for delta.yoursite.com/wiki/biz/, I get delta.yoursite.com/gamma/wiki/biz/. Is there any way get rid of the prefix being returned on the url entries by django and apache?

    Read the article

  • How to localize an app on Google App Engine?

    - by Petri Pennanen
    What options are there for localizing an app on Google App Engine? How do you do it using Webapp, Django, web2py or [insert framework here]. 1. Readable URLs and entity key names Readable URLs are good for usability and search engine optimization (Stack Overflow is a good example on how to do it). On Google App Engine, key based queries are recommended for performance reasons. It follows that it is good practice to use the entity key name in the URL, so that the entity can be fetched from the datastore as quickly as possible. Currently I use the function below to create key names: import re import unicodedata def urlify(unicode_string): """Translates latin1 unicode strings to url friendly ASCII. Converts accented latin1 characters to their non-accented ASCII counterparts, converts to lowercase, converts spaces to hyphens and removes all characters that are not alphanumeric ASCII. Arguments unicode_string: Unicode encoded string. Returns String consisting of alphanumeric (ASCII) characters and hyphens. """ str = unicodedata.normalize('NFKD', unicode_string).encode('ASCII', 'ignore') str = re.sub('[^\w\s-]', '', str).strip().lower() return re.sub('[-\s]+', '-', str) This works fine for English and Swedish, however it will fail for non-western scripts and remove letters from some western ones (like Norwegian and Danish with their œ and ø). Can anyone suggest a method that works with more languages? 2. Translating templates Does Django internationalization and localization work on Google App Engine? Are there any extra steps that must be performed? Is it possible to use Django i18n and l10n for Django templates while using Webapp? The Jinja2 template language provides integration with Babel. How well does this work, in your experience? What options are avilable for your chosen template language? 3. Translated datastore content When serving content from (or storing it to) the datastore: Is there a better way than getting the *accept_language* parameter from the HTTP request and matching this with a language property that you have set with each entity?

    Read the article

  • general learning methodology

    - by momo
    just wanted to hear on the different general learning paths people embark on when learning a new language/framework. the one i currently use, which is how i learned bash and am currently learning python, is: instant hacking tutorial (very short tutorial introducing the basic syntax, variable declaration, loops, data types, etc. and how they are generally used) in depth tutorial with good programming style and slightly topic-specific (e.g. Mark Pilgrim's Dive into Python), important topics for me personally are regex methods, file IO, and ways the different data types are utilized best (i wrote a very primitive bayesian spam filter using python's dictionaries to keep track of word occurrences) spaced-repition of syntax or short recipes (i use anki, with questions like 'create dictionary with filename and filesize metadata, human-readable' or simpler ones like 'match 0 - 3 occurences of the letter M in a string', or 'return/create an iterator from two sequences') the use of spaced-repitition has been invaluable, and i credit it with the ease that i can recall/create python algorithms. however, i've recently started looking into django, and i've found that spaced-repitition, at least in my case, doesn't work very well for learning a framework, it works best with short code recipes (either that or i should start looking into more basic django framework tutorials). the problem i'm encountering is that since framework programming is not only algorithms, but actually learning the API, which can be quite complex since you have to learn all the methods, modules, the places where they are stored, and the sequence of which things have to be done. for ex. in django to start a project that deals with polls (from the django tutorial), one has to create the project, edit the settings.py file, create the polls app, edit the models.py file (which requires knowing the classes that are present in the module models), edit the urls.py file, etc. i found that my spaced-repition method didn't work very well for this type of learning, so i wanted to ask you guys what method(s) you use for learning the different frameworks/APIs.

    Read the article

  • How can i use a commandlinetool (ie. sox) via subprocess.Popen with mod_wsgi?

    - by marue
    I have a custom django filefield that makes use of sox, a commandline audiotool. This works pretty well as long as i use the django development server. But as soon as i switch to the production server, using apache2 and mod_wsgi, mod_wsgi catches every output to stdout. This makes it impossible to use the commandline tool to evaluate the file, for example use it to check if the uploaded file really is an audio file like this: filetype=subprocess.Popen([sox,'--i','-t','%s'%self.path], shell=False,\ stdout=subprocess.PIPE, stderr=subprocess.PIPE) (filetype,error)=filetype.communicate() if error: raise EnvironmentError((1,'AudioFile error while determining audioformat: %s'%error)) Is there a way to workaround for this? edit the error i get is "missing filename". I am using mod_wsgi 2.5, standard with ubuntu 8.04. edit2 What exactly happens, when i call subprocess.Popen from within django in mod_wsgi? Shouldn't subprocess stdin/stdout be independent from django stdin/stdout? In that case mod_wsgi should not affect programms called via subprocess... I'm really confused right now, because the file i am trying to access is a temporary file, created via a filenamevariable that i pass to the file creation and the subprocess command. That file is being written to /tmp, where the rights are 777, so it can't be a rights issue. And the error message is not "file does not exist", but "missing filename", which suggests i am not passing a filename as parameter to the commandlinetool.

    Read the article

  • How to configure apache to basic authentication or allow when ntlm while proxying?

    - by trotzim
    Here is my study case: browser --- apache proxy --- ISA server --- internet The ISA server requires an authentication. The issue is to allow HTTPS through the two proxies. A configuration that works with HTTP is something like this: (yes, I don't want to use ProxyPass but ProxyRequests) <virtualhost *:8080> ... SetEnv auth-proxy-chain on ... ProxyRequests On ProxyRemote * http://isaproxy:80 ... <proxy *> AuthName "ISA server auth" AuthType Basic [here a module to authenticate] require valid-user Allow from all </proxy> ... </virtualhost> The user can authenticate on the apache proxy then the authentication chain is sent to the ISA server that allows the HTTP trafic. But, while the browser switchs to HTTPS, the ISA server "speaks" NTLM and breaks the authentication on the apache proxy. If I try to use the SSPI module (ntlm) with something like this: blablabla <proxy *> AuthName "ISA server auth" AuthType ntlm [ SSPI stuff ] Require valid-user Allow from all </proxy> The apache server reject the authentication (or the ISA server I don't really know). I use wireshark to look at the nominal process while using directly the ISA server as proxy. The first auth-chain is a BASIC type then it switchs to NTLM (and the challenge continues with NTLM). How should I configure apache that it transfers the NTLM authentication to the ISA proxy without checking it(*)? Or to rewrite headers to force BASIC authentication? (*) It seems not to be as easy as it seems...

    Read the article

  • Python Django sites on Apache+mod_wsgi with nginx proxy: highly fluctuating performance

    - by Halfgaar
    I have an Ubuntu 10.04 box running several dozen Python Django sites using mod_wsgi (embedded mode; the faster mode, if properly configured). Performance highly fluctuates. Sometimes fast, sometimes several seconds delay. The smokeping graphs are al over the place. Recently, I also added an nginx proxy for the static content, in the hopes it would cure the highly fluctuating performance. But, even though it reduced the number of requests Apache has to process significantly, it didn't help with the main problem. When clicking around on websites while running htop, it can be seen that sometimes requests are almost instant, whereas sometimes it causes Apache to consume 100% CPU for a few seconds. I really don't understand where this fluctuation comes from. I have configured the mpm_worker for Apache like this: StartServers 1 MinSpareThreads 50 MaxSpareThreads 50 ThreadLimit 64 ThreadsPerChild 50 MaxClients 50 ServerLimit 1 MaxRequestsPerChild 0 MaxMemFree 2048 1 server with 50 threads, max 50 clients. Munin and apache2ctl -t both show a consistent presence of workers; they are not destroyed and created all the time. Yet, it behaves as such. This tells me that once a sub interpreter is created, it should remain in memory, yet it seems sites have to reload all the time. I also have a nginx+gunicorn box, which performs quite well. I would really like to know why Apache is so random. This is a virtual host config: <VirtualHost *:81> ServerAdmin [email protected] ServerName example.com DocumentRoot /srv/http/site/bla Alias /static/ /srv/http/site/static Alias /media/ /srv/http/site/media WSGIScriptAlias / /srv/http/site/passenger_wsgi.py <Directory /> AllowOverride None </Directory> <Directory /srv/http/site> Options -Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory> Ubuntu 10.04 Apache 2.2.14 mod_wsgi 2.8 nginx 0.7.65 Edit: I've put some code in the settings.py file of a site that writes the date to a tmp file whenever it's loaded. I can now see that the site is not randomly reloaded all the time, so Apache must be keeping it in memory. So, that's good, except it doesn't bring me closer to an answer... Edit: I just found an error that might also be related to this: File "/usr/lib/python2.6/subprocess.py", line 633, in __init__ errread, errwrite) File "/usr/lib/python2.6/subprocess.py", line 1049, in _execute_child self.pid = os.fork() OSError: [Errno 12] Cannot allocate memory The server has 600 of 2000 MB free, which should be plenty. Is there a limit that is set on Apache or WSGI somewhere?

    Read the article

  • iPhone: How to Get Basic Authentication to HTTPS Web Service Using NSURLCredential

    - by ian1971
    I am trying to call an https web service (RESTful) using basic authentication. It works fine if I put the credentials in the url itself but I would rather add it to the request so that the password does not appear, for instance in an exception. I am using the following code: NSURLCredential *credential = [NSURLCredential credentialWithUser:@"myuser" password:@"mypassword" persistence:NSURLCredentialPersistenceForSession]; NSURLProtectionSpace *protectionSpace = [[NSURLProtectionSpace alloc] initWithHost:@"example.com" port:443 protocol:@"https" realm:nil authenticationMethod:NSURLAuthenticationMethodHTTPBasic]; [[NSURLCredentialStorage sharedCredentialStorage] setDefaultCredential:credential forProtectionSpace:protectionSpace]; NSURLConnection *theConnection = [NSURLConnection connectionWithRequest:theRequest delegate:self]; but it does not work. The didReceiveAuthenticationChallenge delegate method gets called and I can add a credential there but ideally I would send it with the request. Any ideas?

    Read the article

  • Axis over SSL and authentication with a PKCS#12 keystore

    - by Camilo Díaz
    I have PKCS#12 keystore that I've sucessfully imported in my browser for accessing a server that needs 2-way SSL authentication. Works perfectly reaching any https URL there. However, I'm unable to access an URL in the same server, and from the same host when using Axis 1.4. The given Axis faultString is: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target My javax.net.ssl.{keyStore,keyStorePassword,keyStoreType} properties seem to be set up fine. How can I solve this?

    Read the article

  • Proxy Authentication Error while calling FedEx webservice

    - by Abdel Olakara
    Hi all, I am trying to call the FedEx tracking webservice. Currently I am running the sample application provided by FedEx itself (Added my test account number and other details). When I run the application, I get the following error: The remote server returned an error: (407) Proxy Authentication Required. I am inside a proxy at my organization and I tried provided the proxy server details to the webservice client using the WebProxy class as: trackService.Proxy = WebProxy.GetDefaultProxy(); and also by providing the proxy server details as: trackService.Proxy = new WebProxy("IP",8080); But I still keep getting the same error!! Could somebody help me how to resolve this problem? Thanks in advance, Regards, Abdel Olakara

    Read the article

  • NSURLConnection and Basic HTTP Authentication

    - by Justin Galzic
    I need to invoke an initial GET HTTP request with Basic Authentication. This would be the first time the request is sent to the server and I already have the username & password so there's no need for a challenge from the server for authorization. First question: 1) Does NSUrlConnection have to be set as synchronous to do Basic Auth? According to the answer on this post, it seems that you can't do Basic Auth if you opt for the async route. 2) Anyone know of any some sample code that illustrates Basic Auth on a GET request without the need for a challenge response? Apple's documentation shows an example but only after the server has issued the challenge request to the client. I'm kind of new the networking portion of the SDK and I'm not sure which of the other classes I should use to get this working. (I see the NSURLCredential class but it seems that it is used only with NSURLAuthenticationChallenge after the client has requested for an authorized resource from the server).

    Read the article

  • Oracle Linked Server error: ORA-12640: Authentication adapter initialization failed

    - by Chenster
    I have a linked server on SQL Server that talks to Oracle. Executing the following sql statement using Openquery SELECT * FROM OPENQUERY(finance, 'select * from KFRI.VW_XREF_PROJECTS') will get error as the following: OLE DB provider "OraOLEDB.Oracle" for linked server "finance" returned message "ORA-12640: Authentication adapter initialization failed". Msg 7303, Level 16, State 1, Line 1 Cannot initialize the data source object of OLE DB provider "OraOLEDB.Oracle" for linked server "finance". I tried to set : SQLNET.AUTHENTICATION_SERVICES= (NONE) in {$ORACLE_HOME}\NETWORK\ADMIN\sqlnet.ora. It did not help. What's interesting is my coworker is able to execute the exactly same query successfully on his machine without a hitch. Any tips on how to fix this is greatly appreciated!!

    Read the article

  • Symfony user authentication using Active Directory

    - by Radu Dragomir
    Is there a way to authenticate users in symfony apps using Active Directory? Can you please point out some documentation? edit What i need is to have a transparent login in my application. The user authenticates once at windows logon, then all applications should be accessed with the same credentials without being asked for the domain\username and password again. I tried the following in a simple php script: if (!isset($_SERVER['PHP_AUTH_USER'])) { header('WWW-Authenticate: Basic realm="my realm"'); header('HTTP/1.0 401 Unauthorized'); exit; } else { echo "<p>Hello {$_SERVER['PHP_AUTH_USER']}.</p>"; echo "<p>You entered {$_SERVER['PHP_AUTH_PW']} as your password.</p>"; } but then i get the authentication form popped up. Is there any way to pass the header the credentials used at windows logon? Thanks, Radu.

    Read the article

  • Programatical authentication in J2EE 6

    - by Kevin
    Hello, is it possible to authenticate programmatically a user in J2ee 6? Let me explain with some more details: I've got an existing Java SE project with Servlets and hibernate; where I manage manually all the authentication and access control: class Authenticator { int Id string username } Authenticator login(string username, string password) ; void doListData(Authenticator auth) { if (isLoggedIn(auth)) listData(); else doListError } void doUpdateData (Authenticator auth) { if (isLoggedAsAdmin(auth)) updateData() ; else doListError(); } void doListError () { listError() ; } And Im integrating J2ee/jpa/servlet 3/... (Glassfish 3) in this project. I've seen anotations like : @RolesAllowed ("viewer") void doListdata (...) { istData() ; } @RolesAllowed("admin") void doUpdateData (...) { updateData() ; } @PermotAll void dolisterror () { listerror() ; } but how can I manually state, in login(), that my user is in the admin and/or viewer role?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 152 153 154 155 156 157 158 159 160 161 162 163  | Next Page >