Search Results

Search found 9658 results on 387 pages for 'authentication provider'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 19/387 | < Previous Page | 15 16 17 18 19 20 21 22 23 24 25 26  | Next Page >

  • multiple login pages in ASP.NET forms authentication

    - by Brad
    My bank's website has 2 login pages for online banking. On the first page, I enter my username. If I don't enter a valid username, I get an error message, and do not get to the 2nd page. The 2nd page displays a picture based on my user name, and has me enter my password. If I manually type a URL to a page inside the site after entering my username but before entering my password, I am redirected back to the first login page. Is there a good way to implement this in ASP.NET with Forms Authentication? I only get 1 loginUrl in my web.config. I am fairly certain my bank uses Java.

    Read the article

  • Convert svn repository to hg - authentication fails

    - by Kim L
    I'm trying to convert an existing svn repository to a mercurial repo with the following command hg convert <repository> <folder> My problem is that the svn repository's authentication is done with p12 certificates. I'm a bit lost on how to configure the certificate for the hg client so that I can pull the svn repo and convert it. Currently, if I try to run the above command, I get initializing destination hg-client repository abort: error: _ssl.c:480: error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure In other words, it cannot find the required certificate. The question is, how do I configure my hg client so that it can use my certificate? I'm using the command line hg client on linux.

    Read the article

  • Grails LDAP authentication failed

    - by Leo
    Hi, guys I am developing a web app by using Grails and using Grails LDAP as my Authentication mechanism. However, i always get following error: {Error 500: Cannot pass null or empty values to constructor Servlet: default URI: /ldap-app/j_spring_security_check Exception Message: Cannot pass null or empty values to constructor Caused by: Cannot pass null or empty values to constructor Class: GrailsAuthenticationProcessingFilter } My SecurityConfig.groovy file is : security { // see DefaultSecurityConfig.groovy for all settable/overridable properties active = true loginUserDomainClass = "User" authorityDomainClass = "Role" requestMapClass = "Requestmap" useLdap = true ldapRetrieveDatabaseRoles = false ldapRetrieveGroupRoles = false ldapServer = 'ldap://worf-mi.dapc.kao.au:389' ldapManagerDn = 'CN=sa-ldap-its,OU=Unix Servers for Kerberos,OU=Information Technology Services,OU=Special Accounts,DC=nexus,DC=dpac,DC=cn' ldapManagerPassword = 'Asdf1234' ldapSearchBase = 'OU=People,DC=nexus,DC=dpac,DC=cn' ldapSearchFilter = '(&(cn={0})(objectClass=user))' }

    Read the article

  • Authentication for SaaS

    - by josh
    What would be recommended as an authentication solution for a Software-as-a-service product? Specifically, my product would have clients that would typically have low information technology skills, potentially not even having an IT department within their organization. I would still like to have my application authenticate against their internal directory service (eDirectory, Active Directory, etc.). I don't want them, however, to have to open/forward ports (for instance, opening up port 636 so I can do LDAPS binds directly to their directory service). One idea I had was to have an application installed on a server within their organization's network that would backconnect to my service. This would be a persistant socket. When I need to authenticate a user, I send the credentials via the socket (encrypted) - the application then performs a bind/whatever to authenticate against the directory service and replies with OK/FAIL. What would you suggest? My goal here is to essentially have the client install an application within their network, with very little configuration or intervention.

    Read the article

  • IIS 7.0 - Every site suddenly redirecting root request to forms authentication

    - by Pittsburgh DBA
    Suddenly, IIS 7.0 is redirecting every request for the root of any domain hosted on the box to ~/Account/Logon, which is our Forms Authentication redirect. Additionally, some JavaScript and image requests are being similarly redirected, but not other aspx pages. This is not desirable. Nobody will admit to changing anything. Any ideas? EDIT: It turns out that something has gone wrong with the disk permissions. Can anyone point me to the way things are supposed to be in Windows Server 2008 for a standard ASP.Net installation? The disk permissions are out of whack now.

    Read the article

  • Sign in as different user when using Integrated Windows Authentication

    - by Sam
    I have restricted access to a site by using Integrated Windows Authentication and turning off anonymous access. This way I can then show them their real name (from looking up on Active Directory and using the server variable LOGON_USER) and do other related Active Directory tasks. How can I then prompt again for their user credentials, through a 'sign in as other user' link , showing the browser prompt (like you would get on a browser like Chrome or Firefox, or if the site was not in the 'Intranet' zone in IE) rather than a Web Form? Since SharePoint offers this functionality, I assume there is a way to do this through code, but I don't know what code can do this (using C#). I can send a 401 header which makes the prompt appear, but how do you then confirm if they are logged in?

    Read the article

  • IIS Virtual Directory/Application & Forms authentication

    - by user216194
    I've setup and deployed a simple forms authentication website with membership using .NET 4. I've created a virtual directory (now converted to "Application") in IIS7 and setup the web.config file in the virtual directory as follows: <system.webServer> <directoryBrowse enabled="true" /> </system.webServer> Great! I browse to the virtual directory: ../mydomain/books/ and I'm automatically redirected to the login page specified by web.config in my root directory and the url path is placed as follows: ../Account/Login.aspx?ReturnUrl=%2fbooks At this point, I login succesfully, but I am not redirected anywhere, and when I manually return to the directory, ../books, I'm sent back to the login page, where I'm already logged in? So I'm confused about what my problem is! I should be successfully authenticated, and than redirected back to the directory, or at the very least be able to view it manually after I log in right?

    Read the article

  • Application loses authentication when performing redirect to a virtual directory

    - by nuhusky2003
    I have the following setup: http://www.example.com/dir1/ and http://www.example.com/dir2/ Each virtual directory is configured on IIS6.0 as an application with own AppPool. When redirecting authenticated user from dir1 to dir2 using response.redirect I lose authentication information for the user and the user is being redirected to the login page. This issue was not coming up with each app (dir1 and dir2) were configured under subdomain, ex: http://dir1.example.com and http://dir2.example.com. I have resolved the issue by adding a machine key to the machine.config file. Can someone explain to me why it's not working on a http://www.example.com/dir1 configuration?

    Read the article

  • Web services Authentication Jungle

    - by redben
    I have been doing some research lately about best approaches to authenticating web services calls (REST SOAP or whatever). But none of the Approaches convinced me... But i still can't a make a choise... Some talk about SSL and http basic authentication -login/password- which just seems weird for a machine (i mean having to assign a login/password to a machine, or is it not ?). Some others say API keys (seems like these scheme is more used for tracking and not realy for securing). Some say tokens (like session IDs) but shouldn't we stay stateless (especially if in REST style) ? In my use case, when a remote app is calling one of our web services, i have to authenticate the calling application obviously, and the call must - if applicable - tell me which user it impersonates so i can deal with authorization later. Any thoughts ?

    Read the article

  • Code igniter authentication code in controller security question

    - by Prime Studios
    I have a main controller to handle the very front-end of my authentication system, it handles login, logout, update user info, etc. functions that I anticipate calling by POST'ing from views/forms. What about something like a "delete_user" function though? My thoughts are a button in someones admin panel would say "Delete Account" and it would post to "/auth/delete", and the function would delete the user based on their session username or id. This seems a bit open ended, you could send out a link to someone and when they opened it while in that application it would delete their account.. Whats the best way to handle this?

    Read the article

  • apache: basic authentication before rewrite

    - by pyro
    I have an apache in frontend that redirect a request via a rewrite rule. I have to put a basic authentication before redirect a request, so I put this in the config file: <VirtualHost *:443> ServerAdmin xxxxxx DocumentRoot /var/www/html/ ServerName xxxxxxx RewriteEngine on ErrorLog logs/error.log CustomLog logs/access_log common <Directory /var/www/html/> AuthType Basic AuthName "Restricted Files" AuthUserFile /etc/httpd/conf/tag.pwd Require valid-user RewriteRule ^/(.*) http://xxxxxx:xxx/$1 [P,L] </Directory> </VirtualHost> But doesn't work. Any suggestions?

    Read the article

  • Using couchdb authentication by xmpp users

    - by flossy
    Hi, I'd like use couchdb for a web application with external user authentication by a XMPP-Server (Openfire). How can I achieve that? Let's say we have thre users: [email protected] [email protected] [email protected] Now [email protected] should be able to read all documents that are suited for basic users. [email protected] should be able to read AND write all documents that are suited for basic users. [email protected] should be able to read all documents that are suited for basic and advanced users. Is that possible?

    Read the article

  • authentication of webapps when passwords are hashed with bcrypt

    - by dubreakkk
    I created a GWT project which requires authentication. Initially, the users' passwords were in plain text, but now I would like to hash them with BCrypt. I searched but I cannot find a place describing how to make Jetty authenticate against a BCrypt hashed password. I'm sending the password to the server using a FORM in plain text and over SSL. What do I need to do to make Jetty hash this password and compare it to the one in the database? Thank you;

    Read the article

  • Looking for a way to get HTTP Digest Authentication headers from incoming http requests

    - by duncancarroll
    I've been working on a REST implementation with my existing Cake install, and it's looking great except that I want to use HTTP Digest Authentication for all requests (Basic Auth won't cut it). So great, I'll generate a header in the client app (which is not cake) and send it to my cake install. Only problem is, I can't find a method for extracting that Digest from the request... I've looked through the Cake API for something that I can use to get the Digest Header. You'd think that Request Handler would be able to grab it, but I can't find anything resembling that. There must be another method of getting the digest that I am overlooking? In the meantime I'm writing my own regex to parse it out of the Request... once I'm done I'll post it here so no one has to waste as much time as I did hunting for it.

    Read the article

  • Form authentication works on dev server but not on IIS

    - by Ilknur
    Hi, We have a similar problem. We have a web application running under default appdomain. It was working fine until a week before...Suddenly it has encountered a problem. Below message is taken from event logs. Event code: 4005 Event message: Forms authentication failed for the request. Reason: The ticket supplied has expired. Application uses FormsAuthentication and gets the roles from aspnetdb.. After the error, when user logins to the page, it does not redirects to the default.aspx. Again login.aspx comes up. On the other hand application works fine on development server(localhost), but not on www(IIS 6.0). Does any one has an idea? Thanks, Ilknur

    Read the article

  • Windows Phone 7 Application + WCF + SSL + Username Authentication

    - by s7orm
    Hello, I have developed a test service with WCF, which I try to consume from a Windows Phone 7 Application, however when calling a method from the service I get a weird exception: There was no endpoint listening at https://server/Service.svc that could accept the message. This is often caused by an incorrect address or SOAP action. The WCF service uses a custom binding with UserNameOverTransport authentication and SSL. For the authorization I am using an implementation of the UserNamePasswordValidator. If I try to consume the service from a console or silverlight application (cross domain policy is enabled) - it works fine (authorization as well). And the most weird thing is that the ServiceReferences.ClientConfig file generated for the WP7 App is exactly the same as the config file generated for the silverlight application. I have no idea what is wrong with my service...

    Read the article

  • How do I stack Plack authentication handlers?

    - by Schwern
    I would like to have my Plack app try several different means of authorizing the user. Specifically, check if the user is already authorized via a session cookie, then check for Digest authentication and then fall back to Basic. I figured I could just enable a bunch of Auth handlers in the order I wanted them to be checked (Session, Digest, Basic). Unfortunately, the way that Plack::Middleware::Auth::Digest and Plack::Middleware::Auth::Basic are written they both return 401 if digest or basic auth doesn't exist, respectively. How is this normally dealt with in Plack?

    Read the article

  • Web Application - Authentication / Login Framework

    - by user456563
    This is a very simple, probably a most asked question and frequently developed as part of any web application. Say I'm planning to build a web application and some of the functional requirements include (apart from the usual hard hitting security reqs), - Need to have users sign up for a new account profile - Authenticate user using the native app authentication / Facebook or Google or Yahoo or OpenId login - Allow lost password retrieval - Session handling needs Is there an out of the box frameworks (Drupal, Liferay??) that I can use to wrap my application which can be a bunch of JSP's or HTML's with JS? I know I'm asking a very simple and maybe a naive question. But this is a topic every web developer guru will go thru. Any help, advise and pointers much appreciated.

    Read the article

  • Established javascript solution for secure registration & authentication without SSL

    - by Tomas
    Is there any solution for secure user registration and authentication without SSL? With "secure" I mean safe from passive eavesdropping, not from man-in-the-middle (I'm aware that only SSL with signed certificate will reach this degree of security). The registration (password setup, i.e. exchanging of pre-shared keys) must be also secured without SSL (this will be the hardest part I guess). I prefer established and well tested solution. If possible, I don't want to reinvent the wheel and make up my own cryptographic protocols. Thanks in advance.

    Read the article

  • Cannot connect to MySQL 4.1+ using old authentication

    - by B T
    I'm trying to connect to a mySQL database at http://bluesql.net, but when I try to connect, it gives this error: Connect Error (2000) mysqlnd cannot connect to MySQL 4.1+ using old authentication I've looked into this, and it has to do with some old password scheme used before MySQL 4.1. Newer versions have the option to use old passwords, which I've read may cause this problem. I'm running php 5.3, and connecting with mySQLi (new mysqli(...)). I'm hoping I can do something in the code to connect to the DB at bluesql.net - clearly I don't control how their database is set up. Downgrading php versions isn't an option. Anyone have any ideas?

    Read the article

  • User forms authentication in JSF

    - by Proton
    I'm a novice at JSF and I got a couple of questions concerning organizing user authentication there. 1) How can i redirect the registered user to a welcome page (for example welcome.xhtml)? I heard about using Filter or navigation-rule tag, but i didn't found a full-blown tutorial of how it works. 2) How can i tell the server that unauthorized users can access not only the login page but also the registration page? Is there an analog for ASP.NET web.config tag or something like this?

    Read the article

  • Best Solution For Authentication in Ruby on Rails

    - by Dan Wolchonok
    I'm looking for a pre-built solution I can use in my RoR application. I'm ideally looking for something similar to the ASP.NET Forms authentication that provides email validation, sign-up controls, and allows users to reset their passwords. Oh yeah, and easily allows me to pull the user that is currently logged into the application. I've started to look into the already written pieces, but I've found it to be really confusing. I've looked at LoginGenerator, RestfulAuthentication, SaltedLoginGenerator, but there doesn't seem to be one place that has great tutorials or provide a comparison of them. If there's a site I just haven't discovered yet, or if there is a de-facto standard that most people use, I'd appreciate the helping hand.

    Read the article

  • download authentication?

    - by Sahat
    Hi I am sorry if this question has been asked before but I am looking for some sort of download authentication. In other words if I am going to give the user a link to a file, I want to make sure only that person will get it, and get it only once! Is there a simple solution without setting up the whole database. Even better if it's possible to have an ecrypted web link that will let you download a file from my FTP server just once, after that the link becomes invalid. Thanks.

    Read the article

  • How should I handle a redirect to an identity provider during a web api data request

    - by Erds
    Scenario I have a single-page web app consisting purely of html, css, and javascript. After initial load and during use, it updates various views with data from one or more RESTful apis via ajax calls. The api calls return data in a json format. Each web api may be hosted on independent domains. Question During the ajax callout, if my authorization token is not deemed valid by the web api, the web api will redirect me (302) to the identity provider for that particular api. Since this is an ajax callout for data and not necessarily for display, i need to find a way to display the identity provider's authentication page. It seems that I should trap that redirect, and open up another view to display the identity provider's login page. Once the oauth series of redirects is complete, i need to grab the token and retrigger my ajax data call with the token attached. Is this a valid approach, and if so are there any examples showing the ajax handling of the redirects?

    Read the article

  • C# Can I return HttpWebResponse result to iframe - Uses Digest authentication

    - by chadsxe
    I am trying to figure out a way to display a cross-domain web page that uses Digest Authentication. My initial thought was to make a web request and return the entire page source. I currently have no issues with authenticating and getting a response but I am not sure how to properly return the needed data. // Create a request for the URL. WebRequest request = WebRequest.Create("http://some-url/cgi/image.php?type=live"); // Set the credentials. request.Credentials = new NetworkCredential(username, password); // Get the response. HttpWebResponse response = (HttpWebResponse)request.GetResponse(); // Get the stream containing content returned by the server. Stream dataStream = response.GetResponseStream(); // Open the stream using a StreamReader for easy access. StreamReader reader = new StreamReader(dataStream); // Read the content. string responseFromServer = reader.ReadToEnd(); // Clean up the streams and the response. reader.Close(); dataStream.Close(); response.Close(); return responseFromServer; My problems are currently... responseFromServer is not returning the entire source of the page. I.E. missing body and head tags The data is encoded improperly in responseFromServer. I believe this has something to do with the transfer encoding being of the type chunked. Further more... I am not entirely sure if this is even possible. If it matters, this is being done in ASP.NET MVC 4 C#. Thanks, Chad

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 15 16 17 18 19 20 21 22 23 24 25 26  | Next Page >