Search Results

Search found 9658 results on 387 pages for 'authentication provider'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 23/387 | < Previous Page | 19 20 21 22 23 24 25 26 27 28 29 30  | Next Page >

  • Cakephp with OpenID and User Authentication

    - by nolandark
    I have a table "users" and I want to enable my visitors to login with their openID Account. For this I use the OpenId Component for Cakephp and it works fine (When I login with the Google URL I receive the "successfully authenticated!" notification). But now I'm kind of stuck because I don't know how to go on from there. Do I have to create a User-Entry for every user which has a new entry in the "oid_associations" table (I save all OpenId interaction in the mysql database)? Do I have to authenticate the User after the login (or is the OpenID-component doing that automatically?). Am I completely misunderstanding the concept?

    Read the article

  • Roles authentication with Rails 3 and Devise.

    - by Oluf Nielsen
    Hi, first happy new year, may you make the best applications in 2011! So to my question, i have used devise ever since i got over to Rails 3, that was around the first or second beta, and now i also needs some Roles. So i searched the net, and i searched! And what i found was that CanCan should be the best solution. But i'm unsure if CanCan can manage my needs, like i want a forum moderator who can edit/destroy the topic, but the user who created the topic should also be able to edit, so how can i do that? Cheers, Oluf.

    Read the article

  • WPF integrate Windows live authentication for Microsoft health vault

    - by AnD
    Hi all, I'm just wondering if there's any way for WPF application integrated with windows live ID? and it's actually for windows health vault [www.healthvault.com] so health vault is using windows live id or open id to login into their system. and what i gonna do is, creating wpf application (instead of web application) for health vault, so all of the login form username pass and everything is handled inside the wpf application without showing/using any internet browser. so since this's quite new for me, i hope if there's somebody ever did this before especially for health vault system that run on standalone wpf app. alright, so that's it, thank you in advance!

    Read the article

  • Problem with Authentication in sharepoint using active directory

    - by user549708
    I am currently using windows server 2008 machine. I have active directory and sharepoint setup on the machine. I have a user 'A' in the active directory and i have given the user read permissions to my site. The problem i now face is that, if i log in as user 'A' the site simply shows "error:access denied". This problem goes away if i put 'A' as a site collection administrator, however that is not what i want. I just want 'A' to be a visitor that can browse the site. I also tried granting 'read' permission to my site for 'A' but that still gives me the access denied message. Thank you for your time.

    Read the article

  • Domain Authentication from .NET Client over VPN

    - by Holy Christ
    I am writing a ClickOnce WPF app that will sometimes be used over VPN. The app uses resources available only to domain authenticated users. Some of the things include accessing SSRS Reports, accessing LDAP to lookup user information, hitting web services, etc. When a user logs in from a machine that is not authenticated on the domain, I need to somehow get his credentials, authenticate him on the domain, and store his credentials. What is the recommended approach for authenticating domain users over VPN? How can I securely store the credentials? I've found several articles but, not much posted recently and a lot of the solutions seem kinda hacky, or aren't very secure (ie - storing strings clear text in memory). It would be cool if I could use the ActiveDicrtoryMembershipProvider, but that seems to be geared for use in web apps. EDIT: The above is kind of a workaround. The user must enter their domain credentials to authenticate on the VPN. It would be ideal to access the credentials the user has already entered to login to the VPN instead of the WindowsIdentity.GetCurrent() (which returns the user logged into the computer). Any ideas on how that could work? We use Juniper Networks to connect to the VPN. Thanks!

    Read the article

  • User authentication in Django. Problems with is_authenticated

    - by tim
    I have one problem with users menu. So, I want, that authenticated user can see his/her profile page and logout (links) in menu. It works (when I logging in) on index page: index, page1, profile, logout ,but, if I go to the, for example, page1 I can see in menu: index, page1, login, not profile and logout. How to fix it? in urls: url(r'^accounts/login/$', 'django.contrib.auth.views.login' ), url(r'^accounts/logout/$', 'django.contrib.auth.views.logout_then_login' ), url(r'^accounts/profile/$', 'my_app.views.profile' ), in views: def profile(request): if not request.user.is_authenticated(): return HttpResponseRedirect("/accounts/login/") else: user = request.user.is_authenticated() return render_to_response('profile.html',locals()) Part of index.html: {% if user.is_authenticated or request.user.is_authenticated %} <li><a href="/accounts/profile/">Profile</a></li> <li><a href="/accounts/logout/">logout</a></li> {% else %} <li><a href="/accounts/login/">login</a></li> {% endif %} login.html: {% extends "index.html" %} {% load url from future %} {% block application %} {% if form.errors %} <p>Try one more time</p> {% endif %} <form method="post" action="{% url 'django.contrib.auth.views.login' %}"> {% csrf_token %} <table> <tr> <td>{{ form.username.label_tag }}</td> <td>{{ form.username }}</td> </tr> <tr> <td>{{ form.password.label_tag }}</td> <td>{{ form.password }}</td> </tr> </table> <input type="submit" value="Login" /> <input type="hidden" name="next" value="{{ next }}" /> </form> {% endblock %} profile.html: {% extends "index.html" %} {% block application %} {% if request.user.is_authenticated %} <p>Welcome, {{ request.user.username }}. Thanks for logging in.</p> {% else %} <p>Welcome, new user. Please log in.</p> {% endif %} {% endblock %}

    Read the article

  • Refactoring multiple if statements for user authentication with subdomains

    - by go minimal
    I'm building a typical web app where once a user signs up they access the app through their own subdomain (company.myapp.com). The "checking what kind of user if any is logged in" piece is starting to get very hairy and it obviously needs to be well-written because its run so often so I was wondering how you guys would re-factor this stuff. Here are the different states: A user must be logged in, the user must not have a company name, and the sub-domain must be blank A user must be logged in, the user must have a company name, that company name must match the current sub-domain A user must be logged in, the user must have a company name, that company name must match the current sub-domain, and the user's is_admin boolean is true if !session[:user_id].nil? @user = User.find(session[:user_id]) if @user.company.nil? && request.subdomains.first.nil? return "state1" elsif [email protected]? if @user.company.downcase == request.subdomains.first.downcase && [email protected]_admin return "state2" elsif @user.company.downcase == request.subdomains.first.downcase && @user.is_admin return "state3" end end end

    Read the article

  • What are the alternatives for Java authentication?

    - by Crusader
    Preferably something that integrates well with a Flex front end. Yes the Spring Security guys say this is possible, but all examples seem to use legacy jsp tag libraries making them half useless as examples. I don't want to spend a month setting up and learning how to use a security tool. I would like a tool which supports using annotations (@RolesAllowed etc), MINIMAL XML, and 'remember-me' features (not cookie based). Apache Shiro seems to support Flex/Silverlight/Swing as well but I'd like to know if there are any other alternatives that are NOT container specific.

    Read the article

  • Check user authentication at page load

    - by Shrewd Demon
    ok i have another question ! (god! i have so many questions) i have an application and a user must log-in before he/she can access pages. now once the user logs in i keep the user details in a session variable (say Session["CurrentUser"]). now if a user tries to jump to a page directly i will check if the Session["CurrentUser"] has a value or not...if not then the user will be directed to the login page... my problem is that i have done this or rather say written this "Checking Code" on almost all the pages. what i want is this code to stay on a particular location and i will just access that method all the time on all the pages...now where should i write this method ?? thank you.

    Read the article

  • OpenId authentication and automatic registration with Spring Security 3.0.2

    - by xlluch
    I'm implementing an app using spring security 3.0.2 with OpenId login and registration. I can login succesfully, but if the user isn't registered i want to do: 1) Get some OpenId attributes like email and name. 2) Show to the user a registration form with just these two fields and the OpenId URI filled. I've been searching a lot but i didn't find an "ellegant" way of doing this. I wonder if some of u can come out with a solution to implement this strategy in my app. Thanks in advance.

    Read the article

  • Pass authentication between php and Ruby On Rails application

    - by Li
    Hi, I have a simple Ruby on rails application that I want to integrate with an existing php website. I only want that users who's been authenticated by the php application would have access to my Ruby on Rails application (it should appear to the user as the same website, in the same domain, though it can be a different sub-domain if I chose to) What's the best way to do that? Thanks for the help, Li

    Read the article

  • .htaccess authentication from a php script to prevent a browser dialog box

    - by digitalbart
    Using php I authenticate a user, then behind the scenes,they are then again authenticated a second time with a single .htaccess username & password. This would be the same for all users, but I would not want them to have to enter a username and password again and they would now be allowed to enter the password protected directory. I prefer not to use http://username@password:somedomain.com. Any thoughts?

    Read the article

  • How Google is managing authentication between multiple domains?

    - by vaibhav
    I think everyone here would be knowing that, if I am logged in any of the google's website(i.e www.orkut.com), I don't need to authenticate again for www.gmail.com. How google is managing this. I think, it would be a cookie stored on user's browser. But, if it is a cookie, how different domains are able to read this cookie. What do you say.

    Read the article

  • servlet authentication and further reference to the credentials

    - by user553592
    What I got so far: It all begins with an HTML form which prompts the user for a username and password. From there it post the acquired user/pass to a servlet, GateKeeper. GateKeeper determines if the user/pass combination match any records in the MySQL database. Here is the sql I use: SELECT id FROM Users WHERE username='?' AND password=MD5('?') where the ? indicate information provided the previous HTML form. What I need now: I need some way to store the username and id of the record in the database. GateKeeper redirects the user to a control panel upon success. Therefore, I need a method to reference the username to display simple greetings, etc and also the id so it eliminates unnecessary calls to the database. The control panel may make AJAX calls to Servlets that preform some sort of task to the MySQL database.

    Read the article

  • $.ajax + authentication + `@` in username

    - by Koning Baard XIV
    I am creating a web app which uses jQuery to authenticate: $.ajax({ url: "/session/create?format=json", type: "GET", dataType: "json", cache: false, username: $("#signin-email").val(), password: $("#signin-password").val(), success: function(data) { if(data.success) { success = true; } } }); The problem is that the code only makes the AJAX-request when the username does not include things like an @, which is required in my app. Can anyone help me with how I can do this? I do not mind changing the back-end a little bit, but requiring users to have an @-less email is not an option. Oh, my back-end is a Ruby-on-Rails app

    Read the article

  • Unwanted redirection after authentication

    - by jodaha
    Hello world! We have a form to submit ratings for a certain restaurant in a in our views/restaurants/show.html.erb. We only want logged in users to create new ratings. We put before_filter :login_required, :only = [ :new, :create ] (but we also tried only ":create") on top of our RatingsController. If we click the submit button after typing in the rating details we are prompted to log in (which is what we want). After filling in username and password and submitting the login form we get redirected back to e. g. /restaurants/36/ratings, but we want to be redirected back to where we came from - e. g. /restaurants/36/. We tried redirect_to(:back), but this redirects us back to the login form. Also the new rating does not get saved to the database. Any idea how we can change the redirection and how to make sure the rating gets saved? Thanks!

    Read the article

  • ASP.NET WebAPI Security 4: Examples for various Authentication Scenarios

    - by Your DisplayName here!
    The Thinktecture.IdentityModel.Http repository includes a number of samples for the various authentication scenarios. All the clients follow a basic pattern: Acquire client credential (a single token, multiple tokens, username/password). Call Service. The service simply enumerates the claims it finds on the request and returns them to the client. I won’t show that part of the code, but rather focus on the step 1 and 2. Basic Authentication This is the most basic (pun inteneded) scenario. My library contains a class that can create the Basic Authentication header value. Simply set username and password and you are good to go. var client = new HttpClient { BaseAddress = _baseAddress }; client.DefaultRequestHeaders.Authorization = new BasicAuthenticationHeaderValue("alice", "alice"); var response = client.GetAsync("identity").Result; response.EnsureSuccessStatusCode();   SAML Authentication To integrate a Web API with an existing enterprise identity provider like ADFS, you can use SAML tokens. This is certainly not the most efficient way of calling a “lightweight service” ;) But very useful if that’s what it takes to get the job done. private static string GetIdentityToken() {     var factory = new WSTrustChannelFactory(         new WindowsWSTrustBinding(SecurityMode.Transport),         _idpEndpoint);     factory.TrustVersion = TrustVersion.WSTrust13;     var rst = new RequestSecurityToken     {         RequestType = RequestTypes.Issue,         KeyType = KeyTypes.Bearer,         AppliesTo = new EndpointAddress(Constants.Realm)     };     var token = factory.CreateChannel().Issue(rst) as GenericXmlSecurityToken;     return token.TokenXml.OuterXml; } private static Identity CallService(string saml) {     var client = new HttpClient { BaseAddress = _baseAddress };     client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("SAML", saml);     var response = client.GetAsync("identity").Result;     response.EnsureSuccessStatusCode();     return response.Content.ReadAsAsync<Identity>().Result; }   SAML to SWT conversion using the Azure Access Control Service Another possible options for integrating SAML based identity providers is to use an intermediary service that allows converting the SAML token to the more compact SWT (Simple Web Token) format. This way you only need to roundtrip the SAML once and can use the SWT afterwards. The code for the conversion uses the ACS OAuth2 endpoint. The OAuth2Client class is part of my library. private static string GetServiceTokenOAuth2(string samlToken) {     var client = new OAuth2Client(_acsOAuth2Endpoint);     return client.RequestAccessTokenAssertion(         samlToken,         SecurityTokenTypes.Saml2TokenProfile11,         Constants.Realm).AccessToken; }   SWT Authentication When you have an identity provider that directly supports a (simple) web token, you can acquire the token directly without the conversion step. Thinktecture.IdentityServer e.g. supports the OAuth2 resource owner credential profile to issue SWT tokens. private static string GetIdentityToken() {     var client = new OAuth2Client(_oauth2Address);     var response = client.RequestAccessTokenUserName("bob", "abc!123", Constants.Realm);     return response.AccessToken; } private static Identity CallService(string swt) {     var client = new HttpClient { BaseAddress = _baseAddress };     client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", swt);     var response = client.GetAsync("identity").Result;     response.EnsureSuccessStatusCode();     return response.Content.ReadAsAsync<Identity>().Result; }   So you can see that it’s pretty straightforward to implement various authentication scenarios using WebAPI and my authentication library. Stay tuned for more client samples!

    Read the article

  • Can PPP CHAP authentication use Cisco "Type 5" MD5 passwords?

    - by romandas
    Looking over Cisco's documentation, and RFC 1994 (PPP CHAP authentication), my initial guess is "no", because CHAP requires a cleartext password to rehash every time it sends a challenge. Is this true? If so, is there another way to configure CHAP so it doesn't use the easily-decoded type 7 passwords? The Cisco device in question uses local authentication, not a TACACS+ or RADIUS server. Would using RADIUS eliminate the problem or just move it to the RADIUS server?

    Read the article

  • Can I set up a different method of authentication on Nagios?

    - by cwd
    Nagios is a wonderful too for monitoring servers. Their web interface is not bad, either. However I am not crazy about using the HTTP Authentication that comes standard. Is there a way to use another method of authentication? (and I don't mean restricting access by IP address in the .htaccess file) Something with a form-based login would be wonderful, but perhaps there is no such thing. I'm hoping you guys have found something I haven't.

    Read the article

  • Websphere 7 simple realm (like tomcat-users.xml)

    - by Heavy Bytes
    I am trying to port a J2EE app from Tomcat to Websphere and I'm not too familiar with Websphere. The only problem I am having is authorization (I use basic-authentication in my web.xml). In Tomcat I use the tomcat-users.xml file to define my users/passwords and to what roles they belong. How do I do this "simply" in Websphere? When deploying the EAR to Websphere it also asks me to map my role from web.xml to a user or group. Do I have to set up some sort of realm? Custom user registry? Thanks. UPDATE: I configured a Standalone custom registry, however I can't get a log-in prompt for username/password. It works just fine in Tomcat, and it doesn't in Websphere. Code from web.xml <security-constraint> <web-resource-collection> <web-resource-name>basic-auth security</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>HELLO_USER</role-name> </auth-constraint> <user-data-constraint>NONE</user-data-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> </login-config> <security-role> <role-name>HELLO_USER</role-name> </security-role>

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 19 20 21 22 23 24 25 26 27 28 29 30  | Next Page >