Search Results

Search found 34094 results on 1364 pages for 'open authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 18/1364 | < Previous Page | 14 15 16 17 18 19 20 21 22 23 24 25  | Next Page >

  • Cross Domain Authentication

    - by gnosio
    I am Curious about how cross domain authentication work? for example. To sign into Orkut.com you need to to sign in via Google.com. So the authentication happens at Google.com and it sets the cookie. So my question now is how does Orkut.com able to read this cookie or authenticate the user with no other information ? What can possibly go wrong?

    Read the article

  • Open NetApp CIFS Share

    - by kingfish
    I have a CIFS share on a NetApp device. I want this share to be completely open to any user/computer on the same network. I don't want any authentication (domain, workgroup, etc) required; no login/password should need to be provided. Currently I have CIFS configured to use "Domain - Windows 2000" authentication and have the permissions on the share set to "Everyone - Full Read/Write" but if you try to connect to it from a machine that isn't bound to the domain it is asking for login info.

    Read the article

  • "Unknown user name or bad password" when I launch ADUC

    - by Chris
    When I open up Active Directory Users and Computers from my workstation, I receive an error: Naming information cannot be located because: Logon failure: unknown user name or bad password. Contact your system administrator to verify that your domain is properly configured and is currently online. If I log in to my workstation as somebody else, it works. If I log into a different workstation using my account, it works. All the workstations in question are running Windows Vista (32 and 64 bit) or Windows Server 2008. The domain controller in question is running Windows Small Business Server 2008. Everything else (that I tried) in the Remote Server Administration Tools runs just fine. Any thoughts? Edit: I just tried reinstalling RSAT. No such luck.

    Read the article

  • .NET SAP Connection Authentication via WEB Service

    - by mehmet6parmak
    Hi, I am trying to connect to a web service served by SAP and i have authentication problem. I simply added the service by right clicking project, selecting add service reference, giving WSDL url for the service and clicking OK.(After clicking ok asked for credentials and i provided them) Then when i tried to call a method from the serviceclien object i got the error message below: The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Basic realm="SAP Web Application Server <hostname>"'. Web Config Related Part: <basicHttpBinding> <binding name="binding" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true"> <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" /> <security mode="None"> <transport clientCredentialType="None" proxyCredentialType="None" realm=""> <extendedProtectionPolicy policyEnforcement="Never" /> </transport> <message clientCredentialType="UserName" algorithmSuite="Default" /> </security> </binding> Also, What problems will i face with? I do not want to use SAP .NET Connector. Thanks...

    Read the article

  • RESTful WCF Data Service Authentication

    - by Adrian Grigore
    Hi, I'd like to implement a REST api to an existing ASP.NET MVC website. I've managed to set up WCF Data services so that I can browse my data, but now the question is how to handle authentication. Right now the data service is secured via the site's built in forms authentication, and that's ok when accessing the service from AJAX forms. However, It's not ideal for a RESTful api. What I would like as an alternative to forms authentication is for the users to simply embed the user name and password into the url to the web service or as request parameters. For example, if my web service is usually accessible as http://localhost:1234/api.svc I'd like to be able to access it using the url http://localhost:1234/api.svc/{login}/{password} So, my questions are as follows: Is this a sane approach? If yes, how can I implement this? It seems trivial redirecting GET requests so that the login and password are attached as GET parameters. I also know how to inspect the http context and use those parameters to filter the results. But I am not sure if / how the same approach could be applied to POST, PUT and DELETE requests. Thanks, Adrian

    Read the article

  • ASP.Net Forms authentication provider issue

    - by George2
    Hello everyone, I am using VSTS 2008 + .Net 3.5 + ASP.Net to develop a simple web application. And I am using Forms authentication for my web site (I use command aspnet_regsql.exe to create a new database in SQL Server 2008 Enterprise to host database for Forms Authentication. I am not using SQL Server Express.). I am learning Forms authentication from here, http://msdn.microsoft.com/en-us/library/ff648345.aspx#paght000022_usingthesqlmembershipprovider my question is for the name of membership defaultProvider, the value must be "SqlProvider"? Or I can use any arbitrary name, for example like this (I replace the value "SqlProvider" to "MyTestSqlProvider")? <connectionStrings> <add name="MySqlConnection" connectionString="Data Source=MySqlServer;Initial Catalog=aspnetdb;Integrated Security=SSPI;" /> </connectionStrings> <system.web> ... <membership defaultProvider="MyTestSqlProvider" userIsOnlineTimeWindow="15"> <providers> <clear /> <add name="MyTestSqlProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="MySqlConnection" applicationName="MyApplication" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="true" requiresUniqueEmail="true" passwordFormat="Hashed" /> </providers> </membership> thanks in advance, George

    Read the article

  • Hudson fails to use unix user/group to do authentication

    - by Kane
    I'm trying to use unix user/group database as security realm of hudson. The linux server is using NIS for user management. My account could login the hudson server via ssh. And the hudson server is running by user 'hudson' that is also a member of group 'shadow', so hudson could read /etc/shadow. And I tested the configuration using 'test' button, hudson tells me it works well. But I can't use my unix account and password to login the hudson sever. And I found below java exception in the log of hudson, Jan 12, 2011 8:23:42 AM hudson.security.AuthenticationProcessingFilter2 onUnsuccessfulAuthentication INFO: Login attempt failed org.acegisecurity.BadCredentialsException: pam_authenticate failed : Authentication failure; nested exception is org.jvnet.libpam.PAMException: pam_authenticate failed : Authentication failure at hudson.security.PAMSecurityRealm$PAMAuthenticationProvider.authenticate(PAMSecurityRealm.java:100) at org.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:195) at org.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:45) at org.acegisecurity.ui.webapp.AuthenticationProcessingFilter.attemptAuthentication(AuthenticationProcessingFilter.java:71) at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:252) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:173) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249) at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:66) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164) at winstone.FilterConfiguration.execute(FilterConfiguration.java:195) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:368) at winstone.RequestDispatcher.forward(RequestDispatcher.java:333) at winstone.RequestHandlerThread.processRequest(RequestHandlerThread.java:244) at winstone.RequestHandlerThread.run(RequestHandlerThread.java:150) at java.lang.Thread.run(Thread.java:595) Caused by: org.jvnet.libpam.PAMException: pam_authenticate failed : Authentication failure at org.jvnet.libpam.PAM.check(PAM.java:105) at org.jvnet.libpam.PAM.authenticate(PAM.java:123) at hudson.security.PAMSecurityRealm$PAMAuthenticationProvider.authenticate(PAMSecurityRealm.java:90) ... 18 more

    Read the article

  • Http Digest Authentication, Handle different browser char-sets...

    - by user160561
    Hi all, I tried to use the Http Authentication Digest Scheme with my php (apache module) based website. In general it works fine, but when it comes to verification of the username / hash against my user database i run into a problem. Of course i do not want to store the user´s password in my database, so i tend to store the A1 hashvalue (which is md5($username . ':' . $realm . ':' . $password)) in my db. This is just how the browser does it too to create the hashes to send back. The Problem: I am not able to detect if the browser does this in ISO-8859-1 fallback (like firefox, IE) or UTF-8 (Opera) or whatever. I have chosen to do the calculation in UTF-8 and store this md5 hash. Which leads to non-authentication in Firefox and IE browsers. How do you solve this problem? Just do not use this auth-scheme? Or Store a md5 Hash for each charset? Force users to Opera? (Terms of A1 refer to the http://php.net/manual/en/features.http-auth.php example.) (for digest access authentication read the according wikipedia entry)

    Read the article

  • As a young student aspiring to have a career as a programmer, how should I feel about open source software?

    - by Matt
    Every once in a while on some technology websites a headline like this will pop up: http://www.osor.eu/news/nl-moving-to-open-source-would-save-government-one-to-four-billion My initial thought about government and organizations moving to open source software is that tons of programmers would lose their jobs and the industry would shrink. At the same time the proliferation and use of open source software seems to be greatly encouraged in many programming communities. Is my thinking that the full embrace of open source software everywhere will hurt the software industry a misconception? If it is not, then why do so many programmers love open source software?

    Read the article

  • What is the difference between industrial development and open source development?

    - by Ida
    Intuitively, I think open source development should be much more "casual" than industrial development process (like in Microsoft). Because for OSS development: Duty separation is not that strict than in big companies (maybe developers == testers in open source development?) People come in and out of the open source community, much more frequently than in big companies However, above are just my guesses. I really want to know more about the major difference between the open source and industrial development. Is their division of duty totally different (e.g., is there a leader/manager-like role in open source development?)? Maybe it is their communication style that differs a lot? Or their workflow? Please share your opinions. Thanks a lot!

    Read the article

  • What made you contribute to that open source project? [closed]

    - by Ermin
    I'm interested in real experience and personal answers not just those standard worn out "benefits of contributing to open source" that we all memorized by heart by now. I've met many people who contribute to open source project and almost never did this topic come up: why did they contribute to this open source project. So, if you've contributed to an open source project before in any way, can you please pause for a second and try to remember what really made you decide to contribute to that particular project. Was it a random decision, was it because you were bored, was it because the company you worked for was already using it and you contributed as part of your job, was it because the project was too big you wanted to get contracts, or the project was too small you wanted to build it, or because your prof or co-worker asked you to help with his open source project, or..... To substantiate your reasons, please mention the project name and rate your involvement (heavy, occasional, light, once).

    Read the article

  • Authentification-None for one folder(page) when the project is under FormsAuthentifications

    - by Sirius Lampochkin
    I have a WebApplication on asp.net 2.0 with namespace Admin. I have Form Authentification mode for the project. <authentication mode="Forms"> <forms name="ASP_XML_Form" loginUrl="Login.aspx" protection="All" timeout="30" path="/" requireSSL="false" slidingExpiration="true" cookieless="AutoDetect"> </forms> </authentication> Now, I try to share one folder (one inside page) for not Authentificatied users: <location path="Recovery"> <system.web> <roleManager enabled="false" > </roleManager> <authentication mode="None"> </authentication> <authorization> <allow users="*" /> </authorization> <httpHandlers> <remove verb="GET" path="image.aspx" /> <remove verb="GET" path="css.aspx" /> </httpHandlers> </system.web> </location> But when I create the page inside the shared folder, it can't get access to the assembly. And I see the error like this: Could not load file or assembly 'Admin' or one of its dependencies. The system cannot find the file specified. It also shows me the error: ASP.NET runtime error: It is an error to use a section registered as allowDefinition='MachineToApplication' beyond application level. This error can be caused by a virtual directory not being configured as an application in IIS. Does anybody know how to share (Authentification None) one folder(page) when the project is under FormsAuthentifications?

    Read the article

  • Delphi 7 SOAP Authentication and SessionID HowTo

    - by Justin Philbrow
    Hello All, I am developing a 3 tier database application. 1.) MS SQL DB 2.) Middle tier SOAP Server (with Delphi 7) connected to the DB 3.) Clients (first win32 gui (with Delphi 7) - later other platfomrs) connected to the SOAP server I chose a SOAP Server to be open to various clients at a later stage (also some of the win32 gui clients will be stationed abroad - so the clients need to be thin) (this as suggested by Dr. Bob). I am new to SOAP and have been looking at different examples and papers about authentication. But cant quite get my head around it. I have made a SOAP server and client with Delphi's SOAP Server Application Wizard and added a SOAP SERVER Data Module, added a database connection and some datasets and providers. Connected the client with dbgrid etc and that part works fine. But I want the client first to login and then be able to access data and I want the server to log each connection and also when the client logs off or is disconnected, so I am guessing I need the sessionID and a timeout. I also want the server to be able to tell the clients who else is "connected" (or whos session is still active) at any given time. I have gathered that I need to make a authentication header, but cant figure out where or who I can get a sessionID. I presume that each time a client connectes to the server the server generates a sessionID? How do I get this? Any help or suggestions/pointer would be appreciated, thanks Justin OK take 2: OK, I have done the following so far (this is used from the example Bank Account SOAP application that comes with Delphi 7): procedure TForm1.btnLoginClick(Sender: TObject); var H: TAuthHeader; Headers: ISOAPHeaders; SoapData: IThorPayServerDB; begin SoapData := HTTPRIOOnForm as IThorPayServerDB; if not(SoapData.login(edtUser.Text,edtPassword.Text)) then begin showmessage('Not correct login'); exit; end; Headers := SoapData as ISoapHeaders; { Get the header from the incoming message } Headers.Get(TAuthHeader, TSoapHeader(H)); try if H < nil then begin FIdKey := H.IdNumber; FTimeStamp := H.TimeStamp; end else ShowMessage('No authentication header received from server'); finally H.Free; end; if FIdKey 0 then showmessage('Authenticated');; end; The SoapData.login returns the correct result, but for some reason I cant get hold of the header. In this case H is nil and the result becomes 'No authentication header received from server'. If I intersept the SOAP xml I can see that the header is there, here is the returned package: 1 1 4208687 2010-05-14T10:03:49.469+03:00 true Anyone any idea? In this case I am not using the SOAPConnetion that I am using for the DB, but a seperate HTTPTRIO component.

    Read the article

  • Windows authentication - MVC 2 ASP.Net

    - by bergin
    Hi there Having real problems moving my app over to windows authentication. the sql error messages are to do with problems creating in the aspnetdb.mdf file. I'm wondering whether the connection string is at fault or other elements of the web.config I have windows authentication set in IIS. web.config: <?xml version="1.0"?> <!-- For more information on how to configure your ASP.NET application, please visit http://go.microsoft.com/fwlink/?LinkId=152368 --> <configuration> <connectionStrings> <add name="ApplicationServices" connectionString="data source=.\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|ASPNETDB.MDF;User Instance=true" providerName="System.Data.SqlClient" /> <add name="orderbaseConnectionString" connectionString="Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\orderbase.mdf;Integrated Security=True;User Instance=True" providerName="System.Data.SqlClient" /> </connectionStrings> <system.web> <compilation debug="true" targetFramework="4.0"> <assemblies> <add assembly="System.Web.Abstractions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> <add assembly="System.Web.Routing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> <add assembly="System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> </assemblies> </compilation> <authentication mode="windows"> </authentication> <membership> <providers> <clear/> <add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="ApplicationServices" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/" /> </providers> </membership> <profile> <providers> <clear/> <add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ApplicationServices" applicationName="/" /> </providers> </profile> <roleManager enabled="true"> <providers> <clear /> <add connectionStringName="ApplicationServices" applicationName="/" name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" /> <add applicationName="/" name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" /> </providers> </roleManager> <pages> <namespaces> <add namespace="System.Web.Mvc" /> <add namespace="System.Web.Mvc.Ajax" /> <add namespace="System.Web.Mvc.Html" /> <add namespace="System.Web.Routing" /> </namespaces> </pages> </system.web> <system.webServer> <validation validateIntegratedModeConfiguration="false"/> <modules runAllManagedModulesForAllRequests="true"/> </system.webServer> <runtime> <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1"> <dependentAssembly> <assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" /> <bindingRedirect oldVersion="1.0.0.0" newVersion="2.0.0.0" /> </dependentAssembly> </assemblyBinding> </runtime> </configuration>

    Read the article

  • How should I contribute to an open source project?

    - by Rajan Walia
    I know basic C++ like about classes and other basic stuff what are the things which i need to know so that i can understand the source code of some advance open source projects and be able to make one too. Like if i read the code of vlc or some other projects I can't understand many things moreover i am just a beginner have not worked on even multi file programs so please suggest which are the books and what are the basic projects from where i can start.

    Read the article

  • Getting session authenticity token via ajax (rails, jquery)

    - by ming yeow
    Hi folks, I wish to authenticate a user without having the page reloaded, and having the user submit a given form. However, the problem that I immediately run into here is that the authenticity token typically gets set when the page is reloaded. I need the authenticity token for the form submission, but i do not have it yet because the page is yet to reload. I figure this cannot be that rare - anyone has any idea on how to resolve this? 1 idea could be getting rails to pass back the authenticity token after authentication, but i do not know how to access it from the controller 1) not logined user sees form 2) not logined user types in message and submit 3) facebox asking for authentication 4) after authentication, submit form automatically without refreshing 5) //but authenticity token is needed for form submission, which is not there yet

    Read the article

  • Android “open for embedded”? Must-read Ars Technica article

    - by terrencebarr
    A few days ago ars technica published an article “Google’s iron grip on Android: Controlling open source by any means necessary”. If you are considering Android for embedded this article is a must-read to understand the severe ramifications of Google’s tight (and tightening) control on the Android technology and ecosystem. Some quotes from the ars technica article: “Android is open – except for all the good parts“ “Android actually falls into two categories: the open parts from the Android Open Source Project (AOSP) … and the closed source parts, which are all the Google-branded apps” “Android open source apps … turn into abandonware by moving all continuing development to a closed source model.” “Joining the OHA requires a company to sign its life away and promise to not build a device that runs a competing Android fork.” “Google Play Services is a closed source app owned by Google … to turn the “Android App Ecosystem” into the “Google Play Ecosystem” “You’re allowed to contribute to Android and allowed to use it for little hobbies, but in nearly every area, the deck is stacked against anyone trying to use Android without Google’s blessing“ Compare this with a recent Wired article “Oracle Makes Java More Relevant Than Ever”: “Oracle has actually opened up Java even more — getting rid of some of the closed-door machinations that used to be part of the Java standards-making process. Java has been raked over the coals for security problems over the past few years, but Oracle has kept regular updates coming. And it’s working on a major upgrade to Java, due early next year.” Cheers, – Terrence Filed under: Embedded, Mobile & Embedded Tagged: Android, embedded, Java Embedded, Open Source

    Read the article

  • What is the economic rationale behind programmers who work on a open source project (free) instead of a commercial project (not free)?

    - by Kim Jong Woo
    I can't understand why some people dedicate so much hour into a completely open source project without closing it and yielding greater profit from it. I don't think profiting from your code is evil, I think it's a great motivator. Why do some people feel that commercial software and generating money from it is bad? There seems to be this black and white thinking that open source = good, commercial = bad. I hardly find this convincing, and often commercial companies which are supported by sales produce very good results. An open source software in the same niche can't compete against the corporation. Of course, sometimes this is completely the other way around where private companies produce inferior product compared to open source counterparts. So help me understand, why do programmers open source their code when there is commercial prospects for it? Shouldn't the rational programmer or human being make every effort to capitalize on their opportunity cost? Working on a open source project for months when you could've spent the same number of hours at commidity wage or some other monetary compensation?

    Read the article

  • Mixing Forms and Token Authentication in a single ASP.NET Application (the Details)

    - by Your DisplayName here!
    The scenario described in my last post works because of the design around HTTP modules in ASP.NET. Authentication related modules (like Forms authentication and WIF WS-Fed/Sessions) typically subscribe to three events in the pipeline – AuthenticateRequest/PostAuthenticateRequest for pre-processing and EndRequest for post-processing (like making redirects to a login page). In the pre-processing stage it is the modules’ job to determine the identity of the client based on incoming HTTP details (like a header, cookie, form post) and set HttpContext.User and Thread.CurrentPrincipal. The actual page (in the ExecuteHandler event) “sees” the identity that the last module has set. So in our case there are three modules in effect: FormsAuthenticationModule (AuthenticateRequest, EndRequest) WSFederationAuthenticationModule (AuthenticateRequest, PostAuthenticateRequest, EndRequest) SessionAuthenticationModule (AuthenticateRequest, PostAuthenticateRequest) So let’s have a look at the different scenario we have when mixing Forms auth and WS-Federation. Anoymous request to unprotected resource This is the easiest case. Since there is no WIF session cookie or a FormsAuth cookie, these modules do nothing. The WSFed module creates an anonymous ClaimsPrincipal and calls the registered ClaimsAuthenticationManager (if any) to transform it. The result (by default an anonymous ClaimsPrincipal) gets set. Anonymous request to FormsAuth protected resource This is the scenario where an anonymous user tries to access a FormsAuth protected resource for the first time. The principal is anonymous and before the page gets rendered, the Authorize attribute kicks in. The attribute determines that the user needs authentication and therefor sets a 401 status code and ends the request. Now execution jumps to the EndRequest event, where the FormsAuth module takes over. The module then converts the 401 to a redirect (302) to the forms login page. If authentication is successful, the login page sets the FormsAuth cookie.   FormsAuth authenticated request to a FormsAuth protected resource Now a FormsAuth cookie is present, which gets validated by the FormsAuth module. This cookie gets turned into a GenericPrincipal/FormsIdentity combination. The WS-Fed module turns the principal into a ClaimsPrincipal and calls the registered ClaimsAuthenticationManager. The outcome of that gets set on the context. Anonymous request to STS protected resource This time the anonymous user tries to access an STS protected resource (a controller decorated with the RequireTokenAuthentication attribute). The attribute determines that the user needs STS authentication by checking the authentication type on the current principal. If this is not Federation, the redirect to the STS will be made. After successful authentication at the STS, the STS posts the token back to the application (using WS-Federation syntax). Postback from STS authentication After the postback, the WS-Fed module finds the token response and validates the contained token. If successful, the token gets transformed by the ClaimsAuthenticationManager, and the outcome is a) stored in a session cookie, and b) set on the context. STS authenticated request to an STS protected resource This time the WIF Session authentication module kicks in because it can find the previously issued session cookie. The module re-hydrates the ClaimsPrincipal from the cookie and sets it.     FormsAuth and STS authenticated request to a protected resource This is kind of an odd case – e.g. the user first authenticated using Forms and after that using the STS. This time the FormsAuth module does its work, and then afterwards the session module stomps over the context with the session principal. In other words, the STS identity wins.   What about roles? A common way to set roles in ASP.NET is to use the role manager feature. There is a corresponding HTTP module for that (RoleManagerModule) that handles PostAuthenticateRequest. Does this collide with the above combinations? No it doesn’t! When the WS-Fed module turns existing principals into a ClaimsPrincipal (like it did with the FormsIdentity), it also checks for RolePrincipal (which is the principal type created by role manager), and turns the roles in role claims. Nice! But as you can see in the last scenario above, this might result in unnecessary work, so I would rather recommend consolidating all role work (and other claims transformations) into the ClaimsAuthenticationManager. In there you can check for the authentication type of the incoming principal and act accordingly. HTH

    Read the article

  • When is the right time to join open source project for programmer?

    - by Mahesh
    Most of the newcomers in programming start with basic projects to start with programming. Most of the C++ progammers spend some time with puzzles and contests but this is not always helpful. Sometimes you've to spend some time on real projects. Starting your own open source project could be a problem in self-learning for newbie cause of lack of mentors and peers who can't look at your code and give suggestions. Open source projects can solve this problem, some projects could be best suited for new programmers. Besides everybody is newbie at some point. So i'll try and make this question a bit from beginners perspective. I tried few questions on stack overflow before asking this like How do i join & Bare minimum you need and how to get involved with open source and what level of programming etc. But this is not helping me when it comes to self-evaluating with skills. How to find that out ? How can i check what it takes to join open source project and am i really that comfortable with huge source code etc. My question is when to consider yourself comfortable joining open source programming ? I mean how will you test yourself that you're ready to take burden of big/small projects of open source ? how will you test yourself to see if you could work with version control/other programmers/tight schedule etc ?

    Read the article

  • When to open source a project under development? [closed]

    - by QuasarDonkey
    Possible Duplicate: Is it OK to push my code to GitHub while it is still in early development? I've been working on a hobby project for a few months now; it's clocking in at over 15000 source lines of code. A number of people have expressed interest in joining development, and I have full intentions of going open source, since it would not be feasible for me to complete the project alone. I'm just not sure when to open-source it. For context, I've notice many successful open source projects, such as the Linux kernel, had considerable work done before they were open-sourced. In my case, I'd been planning on open-sourcing it after I complete all the underlying libraries and overall architecture. Is this a mistake; should I just release it right now? I'm worried that since certain critical underlying components haven't been finalized, if people build a large codebase around them, it will be very difficult to change or fix things later. On the other hand, it's a very large project that will require multiple developers to complete in a reasonable time. So when is the right time during development to go open source? Preferably, I'd like to hear from some folks who have started their own projects.

    Read the article

  • Basic HTTP Authentication using Obj C and Xcode.

    - by Kristiaan
    Hi Everyone, I am hoping someone can help me with a question i have relating to Basic HTTP Authentication in an Xcode 2.3 application. Basically i have a PHP page that is on our server and when called with certain parameters returns data relating to the servers condition etc. i have managed to get a small Xcode application working where by it reads the data from the page and populates an NSTextView with the data. however to make sure this information stays safe i have setup basic HTTP Authentication on the page, but i cannot work out how to provide the username and password in XCode. here is my code to retrieve the page. NSURL *url = [NSURL URLWithString:@"http://www.google.com"]; NSString *content = [NSString stringWIthContentsOfUrl:url]; [myTextView setString:content]; i am still at a very basic beginner level regarding xcode and obj c, so nice simple examples of how i go about this would really be appreciated. Thanks Kris

    Read the article

  • the HTTP request is unauthorized with client authentication scheme 'Anonymous'

    - by user1246429
    I use firstdata webservice API.I use C# client call firstdata webservice API with WCF. But show error message: "But show error message "System.ServiceModel.Security.MessageSecurityException: The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was ''. --- System.Net.WebException: The remote server returned an error: (401) Unauthorized. at System.Net.HttpWebRequest.GetResponse() at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout) --- End of inner exception stack trace --- Server stack trace: at System.ServiceModel.Channels.HttpChannelUtilities.ValidateAuthentication(HttpWebRequest request, HttpWebResponse response, WebException responseException, HttpChannelFactory factory) at System.ServiceModel.Channels.HttpChannelUtilities.ValidateRequestReplyResponse(HttpWebRequest request, HttpWebResponse response, HttpChannelFactory factory, WebException responseException, ChannelBinding channelBinding) at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout) at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout) at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type) at com.firstdata.globalgatewaye4.api.ServiceSoap.SendAndCommit(SendAndCommitRequest request) at com.firstdata.globalgatewaye4.api.ServiceSoapClient.com.firstdata.globalgatewaye4.api.ServiceSoap.SendAndCommit (SendAndCommitRequest request) at com.firstdata.globalgatewaye4.api.ServiceSoapClient.SendAndCommit(Transaction SendAndCommitSource)" My web.config info below: <behaviors> <endpointBehaviors> <behavior name="FDGGBehavior"> <clientCredentials> <clientCertificate findValue="WS1909642825._.1" storeLocation="LocalMachine" x509FindType="FindBySubjectName" storeName="TrustedPeople" /> <serviceCertificate> <authentication certificateValidationMode="PeerTrust" /> </serviceCertificate> </clientCredentials> </behavior> </endpointBehaviors> </behaviors> <binding name="ServiceSoap" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true"> <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" /> <security mode="TransportWithMessageCredential"> <transport clientCredentialType="Certificate" proxyCredentialType="Ntlm" /> <message clientCredentialType="UserName" algorithmSuite="Default" /> </security> </binding> <endpoint address="https://api.globalgatewaye4.firstdata.com/transaction/v11" binding="basicHttpBinding" bindingConfiguration="ServiceSoap" contract="com.firstdata.globalgatewaye4.api.ServiceSoap" name="ServiceSoap" behaviorConfiguration="FDGGBehavior" /> How can resolve question?

    Read the article

  • Logoff button IIS6 ASP.NET Basic Authentication

    - by willyconnor
    I have a requirement for an explicit logout button for users in a ASP.NET web app. I am using IIS6 with Basic Authentication (SSL). I can redirect to another web page but the browser keeps the session alive. I have googled around and found a way to do it by enabling an active x control to communicate with IIS and kill the session. I am in a restricted environment that does not allow forms authentication and active x controls are not forbidden as well. Has anyone else had this requirement and how have you handled it? Okay that is what I was afraid of. I have seen similar answers on the net and I was hoping someone would have a way of doing it. Thanks for your time though. I guess I can use javascript to prevent the back button like the history.back()

    Read the article

  • Rails 2.x http basic authentication

    - by randombits
    I'm trying to get basic http authentication working on my Rails app. I'm offering a simple REST interface served by a Rails server, only xml/json output. Every method needs authentication, so I put the authenticate filter in ApplicationController: class ApplicationController < ActionController::Base helper :all # include all helpers, all the time before_filter :authenticate protected def authenticate authenticate_or_request_with_http_basic do |u, p| true end end end Even with having the method return true, I'm receiving a 401 from the server: $ curl http://127.0.0.1:3000/myresource/1.xml -i HTTP/1.1 401 Unauthorized Cache-Control: no-cache WWW-Authenticate: Basic realm="Application" X-Runtime: 1 Content-Type: text/html; charset=utf-8 Content-Length: 27 Server: WEBrick/1.3.1 (Ruby/1.9.1/2010-01-10) Date: Thu, 03 Jun 2010 02:43:55 GMT Connection: Keep-Alive HTTP Basic: Access denied. If I'm explicitly returning true, yet getting served a 401.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 14 15 16 17 18 19 20 21 22 23 24 25  | Next Page >