Search Results

Search found 15010 results on 601 pages for 'password protected'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 169/601 | < Previous Page | 165 166 167 168 169 170 171 172 173 174 175 176  | Next Page >

  • Check for modification failure in content Integration using VisualSVN Server and Cruisecontrol.net

    - by harun123
    I am using CruiseControl.net for continous integration. I've created a repository for my project using VisualSvn server (uses Windows Authentication). Both the servers are hosted in the same system (Os-Microsoft Windows Server 2003 sp2). When i force build the project using CruiseControl.net "Failed task(s): Svn: CheckForModifications" is shown as the message. When i checked the build report, it says as follows: BUILD EXCEPTION Error Message: ThoughtWorks.CruiseControl.Core.CruiseControlException: Source control operation failed: svn: OPTIONS of 'https://sp-ci.sbsnetwork.local:8443/svn/IntranetPortal/Source': **Server certificate verification failed: issuer is not trusted** (https://sp-ci.sbsnetwork.local:8443). Process command: C:\Program Files\VisualSVN Server\bin\svn.exe log **sameUrlAbove** -r "{2010-04-29T08:35:26Z}:{2010-04-29T09:04:02Z}" --verbose --xml --username ccnetadmin --password cruise --non-interactive --no-auth-cache at ThoughtWorks.CruiseControl.Core.Sourcecontrol.ProcessSourceControl.Execute(ProcessInfo processInfo) at ThoughtWorks.CruiseControl.Core.Sourcecontrol.Svn.GetModifications (IIntegrationResult from, IIntegrationResult to) at ThoughtWorks.CruiseControl.Core.Sourcecontrol.QuietPeriod.GetModifications(ISourceControl sourceControl, IIntegrationResult lastBuild, IIntegrationResult thisBuild) at ThoughtWorks.CruiseControl.Core.IntegrationRunner.GetModifications(IIntegrationResult from, IIntegrationResult to) at ThoughtWorks.CruiseControl.Core.IntegrationRunner.Integrate(IntegrationRequest request) My SourceControl node in the ccnet.config is as shown below: <sourcecontrol type="svn"> <executable>C:\Program Files\VisualSVN Server\bin\svn.exe</executable> <trunkUrl> check out url </trunkUrl> <workingDirectory> C:\ProjectWorkingDirectories\IntranetPortal\Source </workingDirectory> <username> ccnetadmin </username> <password> cruise </password> </sourcecontrol> Can any one suggest how to avoid this error?

    Read the article

  • check status application pool iis7 with csharp (access-denied)

    - by jack
    I need to monitor the status of an application in the applications pool of IIS 7 from an other machine on the same domain. My monitoring application must be in C# and running as a Windows service. On my server, I create a user with administration rights and I execute the command aspnet_regiis -ga machine\username wich worked succesfully. My problem is when I try to access the application pool i still get COMExcepttion "Access denied". What did i do wrong or wich step did i miss? I used code from http://patelshailesh.com/index.php/create-a-website-application-pool-programmatically-using-csharp as example. int status = 0; string ipAddress = "10.20.2.13"; string username = "username"; string password = "password"; try { DirectoryEntry de = new DirectoryEntry(string.Format("IIS://{0}/W3SVC/AppPools/MyAppPoolName", ipAddress), username, password); //the exception is thron here. status = (int)de.InvokeGet("AppPoolState"); switch (status) { case 2: //Runnig break; case 4: //Stopped break; default: break; } } catch (Exception ex) { }

    Read the article

  • Django - Override admin site's login form

    - by TrojanCentaur
    I'm currently trying to override the default form used in Django 1.4 when logging in to the admin site (my site uses an additional 'token' field required for users who opt in to Two Factor Authentication, and is mandatory for site staff). Django's default form does not support what I need. Currently, I've got a file in my templates/ directory called templates/admin/login.html, which seems to be correctly overriding the template used with the one I use throughout the rest of my site. The contents of the file are simply as below: # admin/login.html: {% extends "login.html" %} The actual login form is as below: # login.html: {% load url from future %}<!DOCTYPE html> <html> <head> <title>Please log in</title> </head> <body> <div id="loginform"> <form method="post" action="{% url 'id.views.auth' %}"> {% csrf_token %} <input type="hidden" name="next" value="{{ next }}" /> {{ form.username.label_tag }}<br/> {{ form.username }}<br/> {{ form.password.label_tag }}<br/> {{ form.password }}<br/> {{ form.token.label_tag }}<br/> {{ form.token }}<br/> <input type="submit" value="Log In" /> </form> </div> </body> </html> My issue is that the form provided works perfectly fine when accessed using my normal login URLs because I supply my own AuthenticationForm as the form to display, but through the Django Admin login route, Django likes to supply it's own form to this template and thus only the username and password fields render. Is there any way I can make this work, or is this something I am just better off 'hard coding' the HTML fields into the form for?

    Read the article

  • Header Setup in SOAP with ASP.NET 3.5 WCF

    - by Adam
    I'm pretty new to SOAP so go easy on me. I'm trying to setup a SOAP service that accepts the following header format: <soap:Header> <wsse:Security> <wsse:UsernameToken wsu:Id='SecurityToken-securityToken'> <wsse:Username>Username</wsse:Username> <wsse:Password>Password</wsse:Password> <wsu:Created>Timestamp</wsu:Created> </wsse:UsernameToken> </wsse:Security> </soap:Header> The application I'm incorporating this service into is an ASP.NET 3.5 web application and I've already setup a SOAP endpoint using WCF. I've setup a basic service to make sure the WCF works and it works fine (disregarding the header). I heard that the above format follows WS-Security so I added WSHttpBinding in the web.config: <service name="Nexternal.Service.XMLTools.VNService" behaviorConfiguration="VNServiceBehavior"> <!--The first endpoint would be picked up from the confirg this shows how the config can be overriden with the service host--> <endpoint address="" binding="wsHttpBinding" contract="Nexternal.Service.XMLTools.IVNService"/> </service> I downloaded a test harness (soapUI) and pasted in a test message with the above header and it came back with a 400 Bad Request error. ...for what it's worth, I'm running Visual Studio 2008 using IIS7. I feel like I'm going in circles so any help would be awesome. Thanks in advance.

    Read the article

  • Executing bat file and returning the prompt

    - by Lieven Cardoen
    I have a problem with cruisecontrol where an ant scripts executes a bat file that doesn't give me the prompt back. As a result, the project in cruisecontrol keeps on bulding forever until I restart cruisecontrol. How can I resolve this? It's a startup.bat from wowza (Streaming Server) that I'm executing: @echo off call setenv.bat if not %WMSENVOK% == "true" goto end set _WINDOWNAME="Wowza Media Server 2" set _EXESERVER= if "%1"=="newwindow" ( set _EXESERVER=start %_WINDOWNAME% shift ) set CLASSPATH="%WMSAPP_HOME%\bin\wms-bootstrap.jar" rem cacls jmxremote.password /P username:R rem cacls jmxremote.access /P username:R rem NOTE: Here you can configure the JVM's built in JMX interface. rem See the "Server Management Console and Monitoring" chapter rem of the "User's Guide" for more information on how to configure the rem remote JMX interface in the [install-dir]/conf/Server.xml file. set JMXOPTIONS=-Dcom.sun.management.jmxremote=true rem set JMXOPTIONS=%JMXOPTIONS% -Djava.rmi.server.hostname=192.168.1.7 rem set JMXOPTIONS=%JMXOPTIONS% -Dcom.sun.management.jmxremote.port=1099 rem set JMXOPTIONS=%JMXOPTIONS% -Dcom.sun.management.jmxremote.authenticate=false rem set JMXOPTIONS=%JMXOPTIONS% -Dcom.sun.management.jmxremote.ssl=false rem set JMXOPTIONS=%JMXOPTIONS% -Dcom.sun.management.jmxremote.password.file= "%WMSCONFIG_HOME%/conf/jmxremote.password" rem set JMXOPTIONS=%JMXOPTIONS% -Dcom.sun.management.jmxremote.access.file= "%WMSCONFIG_HOME%/conf/jmxremote.access" rem log interceptor com.wowza.wms.logging.LogNotify - see Javadocs for ILogNotify %_EXESERVER% "%_EXECJAVA%" %JAVA_OPTS% %JMXOPTIONS% -Dcom.wowza.wms.AppHome="%WMSAPP_HOME%" -Dcom.wowza.wms.ConfigURL="%WMSCONFIG_URL%" -Dcom.wowza.wms.ConfigHome="%WMSCONFIG_HOME%" -cp %CLASSPATH% com.wowza.wms.bootstrap.Bootstrap start :end

    Read the article

  • Calling a wsdl in php over https using Zend Soap Client

    - by Sam Segers
    When I'm trying to connect to a webservice I always get the next fault SoapFault exception: [s:Sender] An error occurred when verifying security for the message I have to use a security header like: <o:Security env:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> <wsu:Timestamp env:mustUnderstand="1" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> <wsu:Created>2010-06-10T08:22:59Z</wsu:Created> <wsu:Expires>2010-06-12T10:22:59Z</wsu:Expires> </wsu:Timestamp> <o:UsernameToken> <o:Username>myUsername</o:Username> <o:Password>myPassword</o:Password> </o:UsernameToken> </o:Security> My username and password are correct, I have allready tried to change the expiration date later but that doesn't solve it. What else could be the reason for this fault?

    Read the article

  • .post inside jQuery.validator.addMethod always returns false :(

    - by abdullah kahraman
    Hello! I am very new to jQuery and javascript programming. I have a program below that checks whether username is taken or not. For now, the PHP script always returns if(isset($_POST["username"]) )//&& isset($_POST["checking"])) { $xml="<register><message>Available</message></register>"; echo $xml; } Login function works, but username checking doesn't. Any ideas? Here is all of my code: $(document).ready(function() { jQuery.validator.addMethod("checkAvailability",function(value,element){ $.post( "login.php" , {username:"test", checking:"yes"}, function(xml){ if($("message", xml).text() == "Available") return true; else return false; }); },"Sorry, this user name is not available"); $("#loginForm").validate({ rules: { username: { required: true, minlength: 4, checkAvailability: true }, password:{ required: true, minlength: 5 } }, messages: { username:{ required: "You need to enter a username." , minlength: jQuery.format("Your username should be at least {0} characters long.") } }, highlight: function(element, errorClass) { $(element).fadeOut("fast",function() { $(element).fadeIn("slow"); }) }, success: function(x){ x.text("OK!") }, submitHandler: function(form){send()} }); function send(){ $("#message").hide("fast"); $.post( "login.php" , {username:$("#username").val(), password:$("#password").val()}, function(xml){ $("#message").html( $("message", xml).text() ); if($("message", xml).text() == "You are successfully logged in.") { $("#message").css({ "color": "green" }); $("#message").fadeIn("slow", function(){location.reload(true);}); } else { $("#message").css({ "color": "red" }); $("#message").fadeIn("slow"); } }); } $("#newUser").click(function(){ return false; }); });

    Read the article

  • Help securing files access with htaccess and php?

    - by bschaeffer
    I'm working on a site that allows users to purchase digital content and have implemented a method that attempts to serve secure downloads. I'm using CodeIgniter to force downloads like this: $file = file_get_contents($path); force_download("my_file_name.zip", $file); Of course, I make sure the user has access to the file using a database before serving the download, but I was wondering if there was a way to make these files more secure. I'm using a some 8-10 letter keys to create the file paths so urls to the files aren't exactly easy to figure out... something like http://mysite.com/as67Hgr/asdo0980/uth89.zip in lieu of http://mysite.com/downloads/my_file.zip. Also, I'm using .htaccess to deny directory browsing like so: Options All -Indexes. Other than that... I have no idea what steps to take. I've seen articles suggesting username and password methods using .htaccess, but I don't understand how to bypass the password prompt that would occur using that method. I was hoping there might be a method where I could send a username and password combination using headers and cUrl (or something similar), but I wouldn't know where to start. Any help would be hugely appreciated. Thanks in advance!

    Read the article

  • Hibernate one-to-one mapping

    - by Andrey Yaskulsky
    I have one-to-one hibernate mapping between class Student and class Points: @Entity @Table(name = "Users") public class Student implements IUser { @Id @Column(name = "id") private int id; @Column(name = "name") private String name; @Column(name = "password") private String password; @OneToOne(fetch = FetchType.EAGER, mappedBy = "student") private Points points; @Column(name = "type") private int type = getType(); //gets and sets... @Entity @Table(name = "Points") public class Points { @GenericGenerator(name = "generator", strategy = "foreign", parameters = @Parameter(name = "property", value = "student")) @Id @GeneratedValue(generator = "generator") @Column(name = "id", unique = true, nullable = false) private int Id; @OneToOne @PrimaryKeyJoinColumn private Student student; //gets and sets And then i do: Student student = new Student(); student.setId(1); student.setName("Andrew"); student.setPassword("Password"); Points points = new Points(); points.setPoints(0.99); student.setPoints(points); points.setStudent(student); Session session = HibernateUtil.getSessionFactory().getCurrentSession(); session.beginTransaction(); session.save(student); session.getTransaction().commit(); And hibernate saves student in the table but not saves corresponding points. Is it OK? Should i save points separately?

    Read the article

  • Sample twitter application.

    - by Jack
    <?php function updateTwitter($status) { // Twitter login information $username = 'xxxxx'; $password = 'xxxxxx'; // The url of the update function $url = 'http://twitter.com/statuses/update.xml'; // Arguments we are posting to Twitter $postargs = 'status='.urlencode($status); // Will store the response we get from Twitter $responseInfo=array(); // Initialize CURL $ch = curl_init($url); // Tell CURL we are doing a POST curl_setopt ($ch, CURLOPT_POST, true); // Give CURL the arguments in the POST curl_setopt ($ch, CURLOPT_POSTFIELDS, $postargs); // Set the username and password in the CURL call curl_setopt($ch, CURLOPT_USERPWD, $username.':'.$password); // Set some cur flags (not too important) curl_setopt($ch, CURLOPT_VERBOSE, 1); curl_setopt($ch, CURLOPT_NOBODY, 0); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_FOLLOWLOCATION,1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); // execute the CURL call $response = curl_exec($ch); // Get information about the response $responseInfo=curl_getinfo($ch); // Close the CURL connection curl_close($ch); // Make sure we received a response from Twitter if(intval($responseInfo['http_code'])==200){ // Display the response from Twitter echo $response; }else{ // Something went wrong echo "Error: " . $responseInfo['http_code']; } } updateTwitter("Just finished a sweet tutorial on http://brandontreb.com"); ?> I get the following output Error: 0 Please help.

    Read the article

  • Invalid argument supplied for foreach() using adldap

    - by Brad
    I am using adldap http://adldap.sourceforge.net/ And I am passing the session from page to page, and checking to make sure the username within the session is a member of a certain member group, for this example, it is the STAFF group. <?php ini_set('display_errors',1); error_reporting(E_ALL); require_once('/web/ee_web/include/adLDAP.php'); $adldap = new adLDAP(); session_start(); $group = "STAFF"; //$authUser = $adldap->authenticate($username, $password); $result=$adldap->user_groups($_SESSION['user_session']); foreach($result as $key=>$value) { switch($value) { case $group: print '<h3>'.$group.'</h3>'; break; default: print '<h3>Did not find specific value: '.$value.'</h3>'; } if($value == $group) { print 'for loop broke'; break; } } ?> It gives me the error: Warning: Invalid argument supplied for foreach() on line 15, which is this line of code: foreach($result as $key=$value) { When I uncomment the code $authUser = $adldap-authenticate($username, $password); and enter in the appropriate username and password, it works fine, but I shouldn't have to, since the session is valid, I just want to see if the username stored within the valid_session is apart of the STAFF group. Why would it be giving me that problem?

    Read the article

  • MySQL Connection Error in PHP

    - by user309381
    I have set the password for root and grant all privileges for root. Why does it say it is denied? ****mysql_query() [function.mysql-query]: Access denied for user 'SYSTEM'@'localhost' (using password: NO) in C:\wamp\www\photo_gallery\includes\database.php on line 56 Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in C:\wamp\www\photo_gallery\includes\database.php on line 56 The Query has problemAccess denied for user 'SYSTEM'@'localhost' (using password: NO) Code as follows: <?php include("DB_Info.php"); class MySQLDatabase { public $connection; function _construct() { $this->open_connection(); } public function open_connection() { /* $DB_SERVER = "localhost"; $DB_USER = "root"; $DB_PASS = ""; $DB_NAME = "photo_gallery";*/ $this->connection = mysql_connect($DBSERVER,$DBUSER,$DBPASS); if(!$this->connection) { die("Database Connection Failed" . mysql_error()); } else { $db_select = mysql_select_db($DBNAME,$this->connection); if(!$db_select) { die("Database Selection Failed" . mysql_error()); } } } function mysql_prep($value) { if (get_magic_quotes_gpc()) { $value = stripslashes($value); } // Quote if not a number if (!is_numeric($value)) { $value = "'" . mysql_real_escape_string($value) . "'"; } return $value; } public function close_connection() { if(isset($this->connection)) { mysql_close($this->connection); unset($this->connection); } } public function query($sql) { //$sql = "SELECT*FROM users where id = 1"; $result = mysql_query($sql); $this->confirm_query($result); //$found_user = mysql_fetch_assoc($result); //echo $found_user; return $found_user; } private function confirm_query($result) { if(!$result) { die("The Query has problem" . mysql_error()); } } } $database = new MySQLDatabase(); ?>

    Read the article

  • How to check name of Domino Server to which lotus notes is configured? using C#

    - by Preeti
    Hi, I am trying to login Domino server. For that i am taking Lotus Notes Password and Domino Server Name from user. if (notesPassword == "" && serverName == "") { MessageBox.Show("Please enter the server name !! "); return; } else { if (connectToDomino(notesPassword, serverName)) { MessageBox.Show("Connection Established Succesfully!!.."); } else { MessageBox.Show("Connection Fail.Please Login Again To Begin"); } }//else and in public bool connectToDomino(string NotesPassword, string strDominoServerName) { try { if (_lotesNotesSession == null) { NotesSession notesSession = new Domino.NotesSessionClass(); notesSession.Initialize(NotesPassword); } return true; } catch(Exception ex) { return false; } } Here i am initializing notes password.So in this case it is just verifying Notes Password. So even if user enters invalid entry of server name above function will return true. I tried : string serverName = notesSession.ServerName; But it is showing null value. :( Regards, Preeti

    Read the article

  • implementing Ws-security within WCF proxy

    - by harrisonmeister
    Hi, I have imported an axis based wsdl into a VS 2008 project as a service reference. I need to be able to pass security details such as username/password and nonce values to call the axis based service. I have looked into doing it for wse, which i understand the world hates (no issues there) I have very little experience of WCF, but have worked how to physically call the endpoint now, thanks to SO, but have no idea how to set up the SoapHeaders as the schema below shows: <S:Envelope xmlns:S="http://www.w3.org/2001/12/soap-envelope" xmlns:ws="http://schemas.xmlsoap.org/ws/2002/04/secext"> <S:Header> <ws:Security> <ws:UsernameToken> <ws:Username>aarons</ws:Username> <ws:Password>snoraa</ws:Password> </ws:UsernameToken> </wsse:Security> ••• </S:Header> ••• </S:Envelope> Any help much appreciated Thanks, Mark

    Read the article

  • WS-Security using the ASMX file in ASP.NET 3.5

    - by Adam
    Basically I need to setup my ASMX file so that when I pull it up in a browser to display the WebMethod specification the Soap Header conforms to this format: <soap:Header> <wsse:Security> <wsse:UsernameToken wsu:Id='SecurityToken-securityToken'> <wsse:Username>Username</wsse:Username> <wsse:Password>Password</wsse:Password> <wsu:Created>Timestamp</wsu:Created> </wsse:UsernameToken> </wsse:Security> </soap:Header> Back-story: I'm integrating with a client application that is already built (and owned by another company). Basically this client application already has their soap messages all set up from its past integrations with other companies. So we've opted to just build a web service using an ASMX file that matches the WSDL that they're already setup to consume. Is it possible to get WS-Security working on an ASMX file or is ASMX too simplistic and I have to upgrade to WFC (which I really don't want to do)?

    Read the article

  • Getting content from PHP: Trouble with POST and query.

    - by vgm64
    Apologies for my longest question on SO ever. I'm trying to interface with a php frontend for a mysql database in ROOT (a CERN framework in C++ for high energy physics analysis). To start off with, I tried to get this php interface to play nice with wget and curl first because I'm more familiar with them. The following command works: wget --post-data "hostname=localhost:3306&un=joeuser&pw=psswd&myquery=show_spazio_databases;" http://some.host.edu/log/log_query_matlab.php The results are: database1 database2 That's good. If I leave out the --post-data then I get the result: Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'admin'@'localhost' (using password: NO) in /log/log_query_matlab.php on line 6 i'm dead! Access denied for user 'admin'@'localhost' (using password: NO) Warning: mysql_query() [function.mysql-query]: Access denied for user 'admin'@'localhost' (using password: NO) in /log/log_query_matlab.php on line 29 Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /log/log_query_matlab.php on line 29 I have access to the php script (read only), but the error itself isn't too important. What matters it that using ROOT, I use a function called as socket.SendRaw(message, message.Length()) (socket is a TSocket) and this gives me the same "error" as wget without the post data switch if my "message" is "POST http://some.host.edu/log/log_query_matlab.php?hostname=localhost:3306&un=joeuser&pw=psswd&myquery=show_spazio_databases" This may be in vain, but does someone knows a way I should format the "message" that includes something that is equivalent to the --post-data switch. Or, is there a standard way to format POST requests in a single line (I've seen multi-line stuff. Is that right?) Sorry I'm clueless! PS. The mysql query is show databases but the space has been replaced with _spazio_, Italian for space. The author of the db and php interface requires it (and various replacements for symbols), but has anyone seen this before? Trying to troubleshoot that was terrible!

    Read the article

  • Send mail in asp.net

    - by Zerotoinfinite
    Hi Experts, I am using asp.net 3.5 and C#. I want to send mail from asp.net, for that I have got some details from my hosting provider which are these: mail.MySite.net UserName Password But I am unable to send mail through these details, I have done the following changes in my web.config file: <system.net> <mailSettings> <smtp> <network host="mail.MySite.net" port="8080" userName="UserName" password="Password" /> </smtp> </mailSettings> </system.net> Also, at the code behind I am writing this function: MailMessage mail = new MailMessage("[email protected]", "[email protected]"); mail.Subject = "Hi"; mail.Body = "Test Mail from ASP.NET"; mail.IsBodyHtml = false; SmtpClient smp = new SmtpClient(); smp.Send(mail); but I am getting error message as message sending failed. Please let me know what I am doing wrong and what I have to do to make it work fine. Thanks in advance.

    Read the article

  • Can per-user randomized salts be replaced with iterative hashing?

    - by Chas Emerick
    In the process of building what I'd like to hope is a properly-architected authentication mechanism, I've come across a lot of materials that specify that: user passwords must be salted the salt used should be sufficiently random and generated per-user ...therefore, the salt must be stored with the user record in order to support verification of the user password I wholeheartedly agree with the first and second points, but it seems like there's an easy workaround for the latter. Instead of doing the equivalent of (pseudocode here): salt = random(); hashedPassword = hash(salt . password); storeUserRecord(username, hashedPassword, salt); Why not use the hash of the username as the salt? This yields a domain of salts that is well-distributed, (roughly) random, and each individual salt is as complex as your salt function provides for. Even better, you don't have to store the salt in the database -- just regenerate it at authentication-time. More pseudocode: salt = hash(username); hashedPassword = hash(salt . password); storeUserRecord(username, hashedPassword); (Of course, hash in the examples above should be something reasonable, like SHA-512, or some other strong hash.) This seems reasonable to me given what (little) I know of crypto, but the fact that it's a simplification over widely-recommended practice makes me wonder whether there's some obvious reason I've gone astray that I'm not aware of.

    Read the article

  • Autologin for web application

    - by Maulin
    We want to AutoLogin feature to allow user directly login using link into our Web Application. What is the best way achieve this? We have following approches in our mind. 1) Store user credentials(username/password) in cookie. Send cookie for authentication. e.g. http: //www.mysite.com/AutoLogin (here username/password will be passed in cookie) OR Pass user credentials in link URL. http: //www.mysite.com/AutoLogin?userid=<&password=< 2) Generate randon token and store user random token and user IP on server side database. When user login using link, validate token and user IP on server. e.g. http: //www.mysite.com/AutoLogin?token=< The problem with 1st approach is if hacker copies link/cookie from user machine to another machine he can login. The problem with 2nd approach is the user ip will be same for all users of same organization behind proxy. Which one is better from above from security perspective? If there is better solution which is other than mentioned above, please let us know.

    Read the article

  • Emailing smtp with Python error

    - by jakecar
    I can't figure out why this isn't working. I'm trying to send an email from my school email address with this code I got online. The same code works for sending from my GMail address. Does anyone know what this error means? The error occurs after waiting for about one and a half minutes. import smtplib FROMADDR = "FROM_EMAIL" LOGIN = "USERNAME" PASSWORD = "PASSWORD" TOADDRS = ["TO_EMAIL"] SUBJECT = "Test" msg = ("From: %s\r\nTo: %s\r\nSubject: %s\r\n\r\n" % (FROMADDR, ", ".join(TOADDRS), SUBJECT) ) msg += "some text\r\n" server = smtplib.SMTP('OUTGOING_SMTP', 587) server.set_debuglevel(1) server.ehlo() server.starttls() server.login(LOGIN, PASSWORD) server.sendmail(FROMADDR, TOADDRS, msg) server.quit() And here's the error I get: Traceback (most recent call last): File "emailer.py", line 13, in server = smtplib.SMTP('OUTGOING_SMTP', 587) File "/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/smtplib.py", line 239, in init (code, msg) = self.connect(host, port) File "/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/smtplib.py", line 295, in connect self.sock = self._get_socket(host, port, self.timeout) File "/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/smtplib.py", line 273, in _get_socket return socket.create_connection((port, host), timeout) File "/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/socket.py", line 514, in create_connection raise error, msg socket.error: [Errno 60] Operation timed out

    Read the article

  • Login for webapp, needs to be availible for supportstaff

    - by Christian W
    I know the title is a little off, but it's hard to explain the problem in a short sentence. I am the administrator of a legacy webapp that lets users create surveys and distribute them to a group of people. We have two kinds of "users". 1. Authorized licenseholders which does all setup themselves. 2. Clients who just want to have a survey run, but still need a user (because the webapp has "User" as the top entity in a surveyenvironment.) Sometimes users in #1 want's us to do the setup for them (which we offer to do). This means that we have to login as them. This is also how we do support, we login as them and then follow them along, guiding them. Which brings me to my dilemma. Currently our security is below par. But this makes it simple for us to do support. We do want to increase our security, and one thing I have been considering is just doing the normal hashing to DB, however, we need to be able to login as a customer, and if they change their password without telling us, and the password is hashed in the db, we have no way of knowing it. So I was thinking of some kind of twoway encryption for the passwords. Either that or some kind of master password. Any suggestions? (The platform is classic ASP... I said it was legacy...)

    Read the article

  • Using a class within a class?

    - by Josh
    I built myself a MySQL class which I use in all my projects. I'm about to start a project that is heavily based on user accounts and I plan on building my own class for this aswell. The thing is, a lot of the methods in the user class will be MySQL queries and methods from the MySQL class. For example, I have a method in my user class to update someone's password: class user() { function updatePassword($usrName, $newPass) { $con = mysql_connect('db_host', 'db_user', 'db_pass'); $sql = "UPDATE users SET password = '$newPass' WHERE username = '$userName'"; $res = mysql_query($sql, $con); if($res) return true; mysql_close($con); } } (I kind of rushed this so excuse any syntax errors :) ) As you can see that would use MySQL to update a users password, but without using my MySQL class, is this correct? I see no way in which I can use my MySQL class within my users class without it seeming dirty. Do I just use it the normal way like $DB = new DB();? That would mean including my mysql.class.php somewhere too... I'm quite confused about this, so any help would be appreciated, thanks.

    Read the article

  • MySqlDataReader giving error at build

    - by TuxMeister
    Hey there. I have a function in VB.net that authenticates a user towards a MySQL DB before launching the main application. Here's the code of the function: Public Function authConnect() As Boolean Dim dbserver As String Dim dbuser As String Dim dbpass As String dbserver = My.Settings.dbserver.ToString dbuser = My.Settings.dbuser.ToString dbpass = My.Settings.dbpass.ToString conn = New MySqlConnection myConnString = "server=" & dbserver & ";" & "user id=" & dbuser & ";" & "password=" & dbpass & ";" & "database=rtadmin" Dim myCommand As New MySqlCommand Dim myAdapter As New MySqlDataAdapter Dim myData As New DataTable Dim myDataReader As New MySqlDataReader Dim query As String myCommand.Parameters.Add(New MySqlParameter("?Username", login_usr_txt.Text)) myCommand.Parameters.Add(New MySqlParameter("?Password", login_pass_txt.Text)) query = "select * from users where user = ?Username and passwd = ?Password" conn.ConnectionString = myConnString Try conn.Open() Try myCommand.Connection = conn myCommand.CommandText = query myAdapter.SelectCommand = myCommand myDataReader = myCommand.ExecuteReader If myDataReader.HasRows() Then MessageBox.Show("You've been logged in.", "RT Live! Information", MessageBoxButtons.OK, MessageBoxIcon.Information) End If Catch ex As Exception End Try Catch ex As Exception End Try End Function The function is not yet complete, there are a few other things that need to be done before launching the application, since I'm using a MessageBox to display the result of the login attempt. The error that I'm getting is the following: Error 1 'MySql.Data.MySqlClient.MySqlDataReader.Friend Sub New(cmd As MySql.Data.MySqlClient.MySqlCommand, statement As MySql.Data.MySqlClient.PreparableStatement, behavior As System.Data.CommandBehavior)' is not accessible in this context because it is 'Friend'. C:\Users\Mario\documents\visual studio 2010\Projects\Remote Techs Live!\Remote Techs Live!\Login.vb 43 13 Remote Techs Live! Any ideas? Thanks.

    Read the article

  • LINQDataSource and private columns

    - by fyjham
    Hey, I was trying to use a ListView bound to a LinqDataSource to insert to a table where I had a few columns private to the table class (Specifically password columns - only access I want to give outside the class is methods that generate the salt and encrypt the password to store it in 1 go). I gave this a few shots, but I didn't come up with anything I really liked... was wondering if anyone has a better way to do this. The methods I've found: Use the LinqDataSource inserting event and make the appropriate calls on e.NewObject. I don't really like this because it's so far removed from the actual input and there's no simple way to hold the password in the meantime other than a class variable set during the ListView's inserting event (Which works, but seems a little dodgy). Open up these properties and just ask everyone to use the appropriate static methods for encoding the passwords they pass in. I don't really like this cause I'd prefer that class to enforce data integrity rather than relying on all calling code doing it properly... I'm currently going with option #1, but I don't really like passing values between events using class variables like that (It just seems unstructured... even though I can guarantee the events will happen in the right order). Does anyone know a better way, or alternatively am I being too pedantic and one of the methods above is actually the right way to go? Thanks

    Read the article

  • How to combine twill and python into one code that could be run on "Google App Engine"?

    - by brilliant
    Hello everybody!!! I have installed twill on my computer (having previously installed Python 2.5) and have been using it recently. Python is installed on disk C on my computer: C:\Python25 And the twill folder (“twill-0.9”) is located here: E:\tmp\twill-0.9 Here is a code that I’ve been using in twill: go “some website’s sign-in page URL” formvalue 2 userid “my login” formvalue 2 pass “my password” submit go “URL of some other page from that website” save_html result.txt This code helps me to log in to one website, in which I have an account, record the HTML code of some other page of that website (that I can access only after logging in), and store it in a file named “result.txt” (of course, before using this code I firstly need to replace “my login” with my real login, “my password” with my real password, “some website’s sign-in page URL” and “URL of some other page from that website” with real URLs of that website, and number 2 with the number of the form on that website that is used as a sign-in form on that website’s log-in page) This code I store in “test.twill” file that is located in my “twill-0.9” folder: E:\tmp\twill-0.9\test.twill I run this file from my command prompt: python twill-sh test.twill Now, I also have installed “Google App Engine SDK” from “Google App Engine” and have also been using it for awhile. For example, I’ve been using this code: import hashlib m = hashlib.md5() m.update("Nobody inspects") m.update(" the spammish repetition ") print m.hexdigest() This code helps me transform the phrase “Nobody inspects the spammish repetition” into md5 digest. Now, how can I put these two pieces of code together into one python script that I could run on “Google App Engine”? Let’s say, I want my code to log in to a website from “Google App Engine”, go to another page on that website, record its HTML code (that’s what my twill code does) and than transform this HTML code into its md5 digest (that’s what my second code does). So, how can I combine those two codes into one python code? I guess, it should be done somehow by importing twill, but how can it be done? Can a python code - the one that is being run by “Google App Engine” - import twill from somewhere on the internet? Or, perhaps, twill is already installed on “Google App Engine”?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 165 166 167 168 169 170 171 172 173 174 175 176  | Next Page >