Search Results

Search found 15558 results on 623 pages for 'basic authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 2/623 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • Form based authentication in java

    - by Stardust
    I want to know how can I enable form based authentication in java through database. After connecting to database, how can I verify whether the username and password, which I'm entering through html page is correct or not? Do I have to change action servlets from j_security_check to another my own defined servlets, which will connect to database and do all its verification on its own? Or I've to send authentication information to j_security_check, which will automatically connect to database, verify username and password. I'm successful in connecting to database through context.xml file, which is in META-INF directory of my own web application, but I'm not able to understand what's more I've to do enable form based authentication. I'm using Tomcat 6 as web server.

    Read the article

  • Fiction that includes BASIC programs [closed]

    - by Clinton Blackmore
    Back in what must've been the mid-80s, when every microcomputer included BASIC and Choose Your Own Adventure Books were really popular, there were some novels that had BASIC programs listed in the text, for you to type in and further enjoy. For example, as I recall, in one of these books, the adventurers were infiltrating an undersea base (and eventually wiped the bad guy's data storage [I do believe it was a hard drive, even though they were uncommon then]). One of the programs involved a game were you piloted a submarine and had to avoid or shoot sharks. The code was in BASIC; minor changes (such as 'CLS' - 'HOME') had to be made for your specific computer, and it used good old 40-column text-mode to display the action. IIRC, the plot never depended upon the programs. My question is, does anyone else recall these sorts of books? Do you know any titles that I could look for, or of any online? I am toying with the idea of writing a story like this (no, not in BASIC!), and would really like to see how it was done, back in the day.

    Read the article

  • AutoCompleteExtender - authentication failure (forms authentication)

    - by Paddy
    I'm using the AutoCompleteExtender from the AJAX control toolkit on my aspx page - I have it wired up to a WCF service that is returning a string array and everything works happily. If I change my service definition to include a demand for the caller to be authenticated, like so: <OperationContract(), PrincipalPermission(SecurityAction.Demand, Authenticated:=True)> _ Public Function GetLookupValues(ByVal prefixText As String, ByVal count As Integer, ByVal contextKey As String) As String() Then the autocomplete extender stops working, and I get an authentication error in the service. The service is set up to use ASPNetCompatibility mode, and I was hoping that the extender would pass the authentication credentials for my logged in user - does anyone know how to make this work?

    Read the article

  • Apache authentication, security exceptions and safari

    - by Purcell
    I have apache authentication set up on a site, it works fine in firefox and chrome, you type in the username/pass once and then you can happily visit any page on the site. Unfortunately this is not the behavior in safari. Every time you go to another page, you must re-enter your credentials. Is there some way I can look at the security exceptions for safari and set it to always trust the certificate or find some other setting to not ask for authentication on each page?

    Read the article

  • HTTP Basic Auth for Selenium in Firefox 2

    - by Peter
    I know that normally you can login to sites that require HTTP basic authentication with Selenium by passing the username and password in the URL, e.g.: selenium.open("http://myusername:[email protected]/mypath"); I've been running a Selenium test with Firefox 2 and there I still get the "Authentication Required" dialog window? Thanks for any hints! Peter

    Read the article

  • Rails 3 HTTP digest authentication

    - by Cimm
    Is HTTP digest authentication still supported in Rails 3? I tried the following code in Rails 2.3.5, it works. class Admin::BaseController < ApplicationController before_filter :authenticate USERS = { "lifo" => "world" } def authenticate authenticate_or_request_with_http_digest("Application") do |name| USERS[name] end end end Now, the same thing in Rails 3.0.0.beta) returns an error: can't convert nil into String Am I missing something or is this a bug in Rails 3? HTTP basic authentication works fine.

    Read the article

  • Use Apache authentication in Django without popup

    - by chernevik
    I am using Apache to authenticate users for Django, but I would like to do so without the popup form that Apache uses in its basic configuration. How do I embed the login form within a page while still using Apache for authentication? That is, I'd like a page that says "Please login" and provides a form asking for username and password, and passes this information on to Apache for authentication. (I'd do this over an SSL connection, of course.)

    Read the article

  • HTTP PHP Authentication and Android

    - by edc598
    I am working on a website for which I hope to have an application for as well. Because of this, I am creating PHP API's which will go into my Database and serve specific data based on the method/function called. I want to protect these API's from misuse however, and I plan on implementing Authentication Digest to do so. However one of the OS's I want to support is Android. And I know that a malicious user would be able to reverse engineer the Android app and figure out my authentication scheme. I am left wondering: 1. Is there a better way to protect these API's from misuse? 2. Is there a way to prevent a malicious user from reverse engineering the app and potentially seeing the source code for it, enabling them to see my authentication scheme? 3. If none of these are preventable, then is my only option to have a Username/Password cred specifically for the Android app, and when eventually hacked, change the creds and issue an update for the app? I apologize if this is not the place to post such a question. Still pretty new to StackOverflow. Thanks in advance for any insight, it would be quite helpful.

    Read the article

  • Custom basic authentication fails in IIS7

    - by manu08
    I have an ASP.NET MVC application, with some RESTful services that I'm trying to secure using custom basic authentication (they are authenticated against my own database). I have implemented this by writing an HTTPModule. I have one method attached to the HttpApplication.AuthenticateRequest event, which calls this method in the case of authentication failure: private static void RejectWith401(HttpApplication app) { app.Response.StatusCode = 401; app.Response.StatusDescription = "Access Denied"; app.CompleteRequest(); } This method is attached to the HttpApplication.EndRequest event: public void OnEndRequest(object source, EventArgs eventArgs) { var app = (HttpApplication) source; if (app.Response.StatusCode == 401) { string val = String.Format("Basic Realm=\"{0}\"", "MyCustomBasicAuthentication"); app.Response.AppendHeader("WWW-Authenticate", val); } } This code adds the "WWW-Authenticate" header which tells the browser to throw up the login dialog. This works perfectly when I debug locally using Visual Studio's web server. But it fails when I run it in IIS7. For IIS7 I have the built-in authentication modules all turned off, except anonymous. It still returns an HTTP 401 response, but it appears to be removing the WWW-Authenticate header. Any ideas?

    Read the article

  • SharePoint 2010 Custom WCF Service - Windows and FBA Authentication

    - by e-rock
    I have SharePoint 2010 configured for Claims Based Authentication with both Windows and Forms Based Authentication (FBA) for external users. I also need to develop custom WCF Services. The issue is that I want Windows credentials passed into the WCF Service(s); however, I cannot seem to get the Windows credentials passed into the services. My custom WCF service appears to be using Anonymous authentication (which has to be enabled in IIS in order to display the FBA login screen). The example I have tried to follow is found at http://msdn.microsoft.com/en-us/library/ff521581.aspx. The WCF service gets deployed to _vti_bin (ISAPI folder). Here is the code for the .svc file <%@ ServiceHost Language="C#" Debug="true" Service="MyCompany.CustomerPortal.SharePoint.UI.ISAPI.MyCompany.Services.LibraryManagers.LibraryUploader, $SharePoint.Project.AssemblyFullName$" Factory="Microsoft.SharePoint.Client.Services.MultipleBaseAddressBasicHttpBindingServiceHostFactory, Microsoft.SharePoint.Client.ServerRuntime, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" CodeBehind="LibraryUploader.svc.cs" %> Here is the code behind for the .svc file [ServiceContract] public interface ILibraryUploader { [OperationContract] string SiteName(); } [BasicHttpBindingServiceMetadataExchangeEndpoint] [AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Required)] public class LibraryUploader : ILibraryUploader { //just try to return site title right now… public string SiteName() { WindowsIdentity identity = ServiceSecurityContext.Current.WindowsIdentity; ClaimsIdentity claimsIdentity = new ClaimsIdentity(identity); return SPContext.Current.Web.Title; } } The WCF test client I have just to test it out (WPF app) uses the following code to call the WCF service... private void Button1Click(object sender, RoutedEventArgs e) { BasicHttpBinding binding = new BasicHttpBinding(); binding.Security.Mode = BasicHttpSecurityMode.TransportCredentialOnly; binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Ntlm; EndpointAddress endpoint = new EndpointAddress( "http://dev.portal.data-image.local/_vti_bin/MyCompany.Services/LibraryManagers/LibraryUploader.svc"); LibraryUploaderClient libraryUploader = new LibraryUploaderClient(binding, endpoint); libraryUploader.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation; MessageBox.Show(libraryUploader.SiteName()); } I am somewhat inexperienced with IIS security settings/configurations when it comes to Claims and trying to use both Windows and FBA. I am also inexperienced when it comes to WCF configurations for security. I usually develop internal biz apps and let Visual Studio decide what to use because security is rarely a concern.

    Read the article

  • Using Forms authentication with remote auth system?

    - by chobo
    I am working on a website that uses a remote websites database to check for authentication (they are both share some database tables, but are separate website...) Right now I check the username and password against the remote websites account / member table, if there is a match I create a session. Questions: Is this secure? On authenticated pages I just check if a session of a specific type exists.Is it possible for someone to create an empty session or something that could bypass this? Is it possible to use Forms authentication with this setup? Right now if a user is authenticated I just get an object back with the username, email and id.

    Read the article

  • How should an API use http basic authentication

    - by user1626384
    When an API requires that a client authenticates to it, i've seen two different scenarios used and I am wondering which case I should use for my situation. Example 1. An API is offered by a company to allow third parties to authenticate with a token and secret using HTTP Basic. Example 2. An API accepts a username and password via HTTP Basic to authenticate an end user. Generally they get a token back for future requests. My Setup: I will have an JSON API that I use as my backend for a mobile and web app. It seems like good practice for both the mobile and web app to send along a token and secret so only these two apps can access the API blocking any other third party. But the mobile and web app allow users to login and submit posts, view their data, etc. So I would want them to login via HTTP Basic as well on each request. Do I somehow use a combination of both these methods or only send the end user credentials (username and token) on each request? If I only send the end user credentials, do I store them in a cookie on the client?

    Read the article

  • Audiencing with Forms-Based Authentication (FBA)

    - by PeterBrunone
    This really is no different from when you create an audience with regular old NTLM (Windows Authentication).  The difference is that while the AD provider is set up by default in all environments, the extra membership provider (that you use for Forms Authentication) isn't included anywhere except in the web application where you install it.  To be able to find your FBA users in the audience creation tool, you'll need to add the extra membership provider(s) to the web.config for your SSP site in IIS.  At that point, the People Picker should start recognizing your Forms Auth users, and you can create your audience as needed.

    Read the article

  • Sharing Authentication Across Subdomains using cookies

    - by Jordan Reiter
    I know that in general cookies themselves are not considered robust enough to store authentication information. What I am wondering is if there is an existing design pattern or framework for sharing authentication across subdomains without having to use something more complex like OpenID. Ideally, the process would be that the user visits abc.example.org, logs in, and continues on to xyz.example.org where they are automatically recognized (ideally, the reverse should also be possible -- a login via xyz means automatic login at abc). The snag is that abc.example.org and xyz.example.org are both on different servers and different web application frameworks, although they can both use a shared database. The web application platforms include PHP, ColdFusion, and Python (Django), although I'm also interested in this from a more general perspective (i.e. language agnostic).

    Read the article

  • Standard -server to server- and -browser to server- authentication method

    - by jeruki
    I have server with some resources; until now all these resources were requested through a browser by a human user, and the authentication was made with an username/password method, that generates a cookie with a token (to have the session open for some time). Right now the system requires that other servers make GET requests to this resource server but they have to authenticate to get them. We have been using a list of authorized IPs but having two authentication methods makes the code more complex. My questions are: Is there any standard method or pattern to authenticate human users and servers using the same code? If there is not, are the methods I'm using now the right ones or is there a better / more standard way to accomplish what I need? Thanks in advance for any suggestion.

    Read the article

  • Ubuntu Wifi Not Connecting (And keeps asking for authentication every minute or so)

    - by kelvinsong
    This is a problem in 12.10 that has been driving me nuts, and it's a problem with the wifi. Ubuntu will never connect to the network. All of my other devices work fine. What will happen is I will type in the password, the authentication window will go away, and the Wifi icon will pulsate for a while. Then about a minute later, a window will pop up asking for authentication to join the same wifi network. If you type in the password again it will do the same thing, and even if you hit [Cancel], the window will still pop back up in another minute. This is a very irritating thing.

    Read the article

  • Proxy authentication box not showing (sometimes)

    - by zerologiko
    I'm behind a proxy that require authentication by means of user/pass. I'm using Ubuntu 11.04, I think the proxy is "Squid". Usually everything works fine, that means that the browser shows me the window to insert proxy user/pass and I can navigate. The problem: Sometimes the browser refuse to show the authentication windows and if I wait enough it gives me an error like: Errore 130 (net::ERR_PROXY_CONNECTION_FAILED) Even if I restart, disconnect, the situation doesn't change. BUT on Windows the network (and the proxy) works.. So, bottomline what I know is: the network is working (though only on Windows) the Ubuntu configuration is ok (because i can navigate most days) The problems resolves itself in a few hours but I don't understand why. Some hints? Thanks in advance! Andrea

    Read the article

  • Log in using Java where server's authentication could be sso or web applcation container's basic

    - by Ed
    Hi, I have a situation where ideally I want to be able to log-in to a secure area using a Java application. I would like to make an HTTP request and check the response to see if I need to do some kind of authenication before I can actually get the response expected, instead of effectively some login page. The complication is that the server that responds will not always be the same - the user of the Java app specifies the URL - and the server may be using some kind of single sign on authentication or the web container's. I don't know the field names for the username and password fields or the action of the form, is there a simple way to obtain this kind of information from the URL? I see the URLConnection object has methods getPermission() which has a method getActions() but are not suitable, anything that might be? I guess example things I am looking to determine: Does the response require authentication? If so; what type / which servlet? e.g. j_security_check, josso single sign on, ... And then some way of authenticating the client And finally managing the state of the authenticated user for other requests Do I need to know the attributes of the login form before attemping to login? And then, is the onoly way of verifying permission to the requested resource to manually manage the cookies? Thanks in advance.

    Read the article

  • Sending basic authentication information via form

    - by VolatileStorm
    I am working on a site that currently uses a basic authentication dialog box login system, that is the type of dialog that you get if you go here: http://www.dur.ac.uk/vm.boatclub/password/index.php I did not set this system up and am not in a position to easily/quickly work around it, but it DOES work. The issue however is that the dialog box is not very helpful in telling you what login information you have to use (that is which username and password combination), and so I would like to replace it with a form. I had been thinking that this wasn't possible but I wanted to ask in order to find out. Is it possible to set up an HTML form that sends the data to the server such that it accepts it in the same way that it would using this dialog box? Alternatively is it possible to set up a PHP script that would take normal form data and process it somehow passing it to the server such that it logs in? Edit: After being told that this is basic authentication I went around and have managed to find a way that works and keeps the user persistently logged in. However, this does not work in internet explorer. The solution was simply to redirect the user to: http://username:[email protected]/vm.boatclub/password/index.php But Internet Explorer removed it due to phishing uses about 3 years ago. Is there a way to use javascript to get the browser to access the site in this way? Or will I have to simply change my UI?

    Read the article

  • Looking for information on Scholastic BASIC programming books from the mid-1980s

    - by Jason Berkan
    My very first introduction to programming was in grade school, when I would purchase books full of BASIC code listings from the Scholastic school catalogue. Lately I have been searching teh Internetz for information on these books, but without any success. Does anyone know or remember anything about these books? All I can recall is that they were large paperbacks full of various BASIC code listings, some of which were game like. They all included instructions on how to modify the code listings for the different systems of the day, and I distinctly remember that they would always ask for a number in order to seed the RANDOMIZE command (since I figured out on my own that RANDOMIZE TIMER eliminated the need for the question and answer).

    Read the article

  • Securing ASP.Net Pages - Forms Authentication - C# and .Net 4

    - by SAMIR BHOGAYTA
    ASP.Net has a built-in feature named Forms Authentication that allows a developer to easily secure certain areas of a web site. In this post I'm going to build a simple authentication sample using C# and ASP.Net 4.0 (still in beta as of the posting date). Security settings with ASP.Net is configured from within the web.config file. This is a standard ASCII file, with an XML format, that is located in the root of your web application. Here is a sample web.config file: configuration system.web authenticationmode="Forms" formsname="TestAuthCookie"loginUrl="login.aspx"timeout="30" credentialspasswordFormat="Clear" username="user1"password="pass1"/ username="user2"password="pass2"/ authorization denyusers="?"/ compilationtargetFramework="4.0"/ pagescontrolRenderingCompatibilityVersion="3.5"clientIDMode="AutoID"/ Here is the complete source of the sample login.aspx page: div Username: asp:TextBox ID="txtUsername" runat="server":TextBox Password: asp:TextBox ID="txtPassword" runat="server":TextBox asp:Button ID="Button1" runat="server" onclick="Button1_Click" Text="Login" / asp:Label ID="lblStatus" runat="server" Text="Please login":Label /div And here is the complete source of the login.aspx.cs file: using System; using System.Web.UI.WebControls; using System.Web.Security; public partial class Default3 : System.Web.UI.Page { protected void Button1_Click(object sender, EventArgs e) { if (FormsAuthentication.Authenticate(txtUsername.Text, txtPassword.Text)) { lblStatus.Text = ("Welcome " + txtUsername.Text); FormsAuthentication.RedirectFromLoginPage(txtUsername.Text, true); } else { lblStatus.Text = "Invalid login!"; } } }

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >