Search Results

Search found 92246 results on 3690 pages for 'user authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 23/3690 | < Previous Page | 19 20 21 22 23 24 25 26 27 28 29 30  | Next Page >

  • User account restriction error and unable to access share

    - by user44394
    I have a windows share with full control granted to individual domain user accounts on the share and security permission. Whenever the user attempts to browse to the share they receive the error: Logon failure user account restriction. Possible reasons are blank passwords not allowed, logon hour restrictions, or a policy restriction has been enforced. If the users are added to the administrators group on this machine they are able to browse the share without issue. What do I need to change to allow them access to the share without being administrators on that machine?

    Read the article

  • Getting session authenticity token via ajax (rails, jquery)

    - by ming yeow
    Hi folks, I wish to authenticate a user without having the page reloaded, and having the user submit a given form. However, the problem that I immediately run into here is that the authenticity token typically gets set when the page is reloaded. I need the authenticity token for the form submission, but i do not have it yet because the page is yet to reload. I figure this cannot be that rare - anyone has any idea on how to resolve this? 1 idea could be getting rails to pass back the authenticity token after authentication, but i do not know how to access it from the controller 1) not logined user sees form 2) not logined user types in message and submit 3) facebox asking for authentication 4) after authentication, submit form automatically without refreshing 5) //but authenticity token is needed for form submission, which is not there yet

    Read the article

  • Mixing Forms and Token Authentication in a single ASP.NET Application (the Details)

    - by Your DisplayName here!
    The scenario described in my last post works because of the design around HTTP modules in ASP.NET. Authentication related modules (like Forms authentication and WIF WS-Fed/Sessions) typically subscribe to three events in the pipeline – AuthenticateRequest/PostAuthenticateRequest for pre-processing and EndRequest for post-processing (like making redirects to a login page). In the pre-processing stage it is the modules’ job to determine the identity of the client based on incoming HTTP details (like a header, cookie, form post) and set HttpContext.User and Thread.CurrentPrincipal. The actual page (in the ExecuteHandler event) “sees” the identity that the last module has set. So in our case there are three modules in effect: FormsAuthenticationModule (AuthenticateRequest, EndRequest) WSFederationAuthenticationModule (AuthenticateRequest, PostAuthenticateRequest, EndRequest) SessionAuthenticationModule (AuthenticateRequest, PostAuthenticateRequest) So let’s have a look at the different scenario we have when mixing Forms auth and WS-Federation. Anoymous request to unprotected resource This is the easiest case. Since there is no WIF session cookie or a FormsAuth cookie, these modules do nothing. The WSFed module creates an anonymous ClaimsPrincipal and calls the registered ClaimsAuthenticationManager (if any) to transform it. The result (by default an anonymous ClaimsPrincipal) gets set. Anonymous request to FormsAuth protected resource This is the scenario where an anonymous user tries to access a FormsAuth protected resource for the first time. The principal is anonymous and before the page gets rendered, the Authorize attribute kicks in. The attribute determines that the user needs authentication and therefor sets a 401 status code and ends the request. Now execution jumps to the EndRequest event, where the FormsAuth module takes over. The module then converts the 401 to a redirect (302) to the forms login page. If authentication is successful, the login page sets the FormsAuth cookie.   FormsAuth authenticated request to a FormsAuth protected resource Now a FormsAuth cookie is present, which gets validated by the FormsAuth module. This cookie gets turned into a GenericPrincipal/FormsIdentity combination. The WS-Fed module turns the principal into a ClaimsPrincipal and calls the registered ClaimsAuthenticationManager. The outcome of that gets set on the context. Anonymous request to STS protected resource This time the anonymous user tries to access an STS protected resource (a controller decorated with the RequireTokenAuthentication attribute). The attribute determines that the user needs STS authentication by checking the authentication type on the current principal. If this is not Federation, the redirect to the STS will be made. After successful authentication at the STS, the STS posts the token back to the application (using WS-Federation syntax). Postback from STS authentication After the postback, the WS-Fed module finds the token response and validates the contained token. If successful, the token gets transformed by the ClaimsAuthenticationManager, and the outcome is a) stored in a session cookie, and b) set on the context. STS authenticated request to an STS protected resource This time the WIF Session authentication module kicks in because it can find the previously issued session cookie. The module re-hydrates the ClaimsPrincipal from the cookie and sets it.     FormsAuth and STS authenticated request to a protected resource This is kind of an odd case – e.g. the user first authenticated using Forms and after that using the STS. This time the FormsAuth module does its work, and then afterwards the session module stomps over the context with the session principal. In other words, the STS identity wins.   What about roles? A common way to set roles in ASP.NET is to use the role manager feature. There is a corresponding HTTP module for that (RoleManagerModule) that handles PostAuthenticateRequest. Does this collide with the above combinations? No it doesn’t! When the WS-Fed module turns existing principals into a ClaimsPrincipal (like it did with the FormsIdentity), it also checks for RolePrincipal (which is the principal type created by role manager), and turns the roles in role claims. Nice! But as you can see in the last scenario above, this might result in unnecessary work, so I would rather recommend consolidating all role work (and other claims transformations) into the ClaimsAuthenticationManager. In there you can check for the authentication type of the incoming principal and act accordingly. HTH

    Read the article

  • Drupal 7: One-time user account

    - by Noob
    I'm going to create a survey in Drupal 7 with the webform module, installed on a debian system which may be adapted in every way. The users (personally known, approx. 120) doing that survey will walk into a room and complete the survey in browsers on different computers. After that, they'll leave the room and other persons will enter, complete the survey on the same computers and so on. Each user may enter only one submission. The process needs to be anonymous, i. e. I mustn't have any idea of who did wich submission. My current solution is to generate random one-time-passwords and hand out one password per user (without noting who got which password). Within the survey there will be a password field where the one-time-password is entered. The value is checked by webform to be unique. I'll get the data via csv or Excel and verify the passwords manually in excel by comparing them to the list of valid passwords. The problem is: I don't like the idea of manually generating the password list, copying it to excel and doing a manual check. That's a good idea for one-time-use, but we're going to repeat the survey every once in a while. I'd rather generate one-time-logins (like user0001/fdlkjewf, user0002/dfrefnnr, ...) for each survey, hand them out to the users and let drupal/debian/whatever check whether a submission is valid or not. Do you have any idea how to batch-generate about 120 users with one-time-passwords in Drupal 7 and verify that each user may submit the form only once? Do you even have a better idea how to accomplish the task within the intranet? Thank you for your help.

    Read the article

  • django create user and log them in

    - by Scott Willman
    In a view I'm trying to create a new user and then log them in but result in a new url on success. def create(request): if request.method == "POST": # do user creation # user.save() auth_user = authenticate(username=user.username,password=user.password) if auth_user is not None: login(request, auth_user) return HttpResponseRedirect('/user/account/') return render_to_response('create_form.html') So, how do I maintain the user object using the HttpResponseRedirect or validate the logged in user in an unassociated view?

    Read the article

  • cPanel Virtfs won't umount

    - by JPerkSter
    Anyone have any experience with virtfs on cPanel servers? I can't seem to get them to unmount, as they say they are already unmounted: [root@Server ~]# cat /proc/mounts | grep user /dev/root /home/virtfs/user/lib ext3 rw,errors=continue,data=ordered 0 0 /dev/root /home/virtfs/user/opt ext3 rw,errors=continue,data=ordered 0 0 /dev/sda3 /home/virtfs/user/usr/lib ext3 rw,nodev,errors=continue,data=ordered 0 0 /dev/sda3 /home/virtfs/user/usr/sbin ext3 rw,nodev,errors=continue,data=ordered 0 0 /dev/sda3 /home/virtfs/user/usr/share ext3 rw,nodev,errors=continue,data=ordered 0 0 /dev/sda3 /home/virtfs/user/usr/bin ext3 rw,nodev,errors=continue,data=ordered 0 0 /dev/sda3 /home/virtfs/user/usr/man ext3 rw,nodev,errors=continue,data=ordered 0 0 /dev/sda3 /home/virtfs/user/usr/X11R6 ext3 rw,nodev,errors=continue,data=ordered 0 0 /dev/sda3 /home/virtfs/user/usr/kerberos ext3 rw,nodev,errors=continue,data=ordered 0 0 /dev/sda3 /home/virtfs/user/usr/libexec ext3 rw,nodev,errors=continue,data=ordered 0 0 /dev/sda3 /home/virtfs/user/usr/local/bin ext3 rw,nodev,errors=continue,data=ordered 0 0 /dev/sda3 /home/virtfs/user/usr/local/share ext3 rw,nodev,errors=continue,data=ordered 0 0 /dev/sda3 /home/virtfs/user/usr/local/Zend ext3 rw,nodev,errors=continue,data=ordered 0 0 /dev/sda3 /home/virtfs/user/usr/local/IonCube ext3 rw,nodev,errors=continue,data=ordered 0 0 /dev/sda3 /home/virtfs/user/usr/include ext3 rw,nodev,errors=continue,data=ordered 0 0 /dev/sda3 /home/virtfs/user/usr/local/lib ext3 rw,nodev,errors=continue,data=ordered 0 0 /dev/sda2 /home/virtfs/user/var/spool ext3 rw,nodev,noatime,nodiratime,errors=continue,data=ordered 0 0 /dev/sda2 /home/virtfs/user/var/lib ext3 rw,nodev,noatime,nodiratime,errors=continue,data=ordered 0 0 /dev/sda2 /home/virtfs/user/var/cpanel ext3 rw,nodev,noatime,nodiratime,errors=continue,data=ordered 0 0 /dev/sda2 /home/virtfs/user/var/run ext3 rw,nodev,noatime,nodiratime,errors=continue,data=ordered 0 0 /dev/sda2 /home/virtfs/user/var/log ext3 rw,nodev,noatime,nodiratime,errors=continue,data=ordered 0 0 /dev/sda6 /home/virtfs/user/tmp ext3 rw,nosuid,nodev,noexec,noatime,errors=continue,data=ordered 0 0 /dev/root /home/virtfs/user/bin ext3 rw,errors=continue,data=ordered 0 0 [root@Server ~]# for i in cat /proc/mounts |grep virtfs |grep user |awk '{print$2}'; do umount $i; done umount: /home/virtfs/user/lib: not mounted umount: /home/virtfs/user/opt: not mounted umount: /home/virtfs/user/usr/lib: not mounted umount: /home/virtfs/user/usr/sbin: not mounted umount: /home/virtfs/user/usr/share: not mounted umount: /home/virtfs/user/usr/bin: not mounted umount: /home/virtfs/user/usr/man: not mounted umount: /home/virtfs/user/usr/X11R6: not mounted umount: /home/virtfs/user/usr/kerberos: not mounted umount: /home/virtfs/user/usr/libexec: not mounted umount: /home/virtfs/user/usr/local/bin: not mounted umount: /home/virtfs/user/usr/local/share: not mounted umount: /home/virtfs/user/usr/local/Zend: not mounted umount: /home/virtfs/user/usr/local/IonCube: not mounted umount: /home/virtfs/user/usr/include: not mounted umount: /home/virtfs/user/usr/local/lib: not mounted umount: /home/virtfs/user/var/spool: not mounted umount: /home/virtfs/user/var/lib: not mounted umount: /home/virtfs/user/var/cpanel: not mounted umount: /home/virtfs/user/var/run: not mounted umount: /home/virtfs/user/var/log: not mounted umount: /home/virtfs/user/tmp: not mounted umount: /home/virtfs/user/bin: not mounted umount: /home/virtfs/user/dev: not mounted umount: /home/virtfs/user/proc: not mounted

    Read the article

  • Basic HTTP Authentication using Obj C and Xcode.

    - by Kristiaan
    Hi Everyone, I am hoping someone can help me with a question i have relating to Basic HTTP Authentication in an Xcode 2.3 application. Basically i have a PHP page that is on our server and when called with certain parameters returns data relating to the servers condition etc. i have managed to get a small Xcode application working where by it reads the data from the page and populates an NSTextView with the data. however to make sure this information stays safe i have setup basic HTTP Authentication on the page, but i cannot work out how to provide the username and password in XCode. here is my code to retrieve the page. NSURL *url = [NSURL URLWithString:@"http://www.google.com"]; NSString *content = [NSString stringWIthContentsOfUrl:url]; [myTextView setString:content]; i am still at a very basic beginner level regarding xcode and obj c, so nice simple examples of how i go about this would really be appreciated. Thanks Kris

    Read the article

  • the HTTP request is unauthorized with client authentication scheme 'Anonymous'

    - by user1246429
    I use firstdata webservice API.I use C# client call firstdata webservice API with WCF. But show error message: "But show error message "System.ServiceModel.Security.MessageSecurityException: The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was ''. --- System.Net.WebException: The remote server returned an error: (401) Unauthorized. at System.Net.HttpWebRequest.GetResponse() at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout) --- End of inner exception stack trace --- Server stack trace: at System.ServiceModel.Channels.HttpChannelUtilities.ValidateAuthentication(HttpWebRequest request, HttpWebResponse response, WebException responseException, HttpChannelFactory factory) at System.ServiceModel.Channels.HttpChannelUtilities.ValidateRequestReplyResponse(HttpWebRequest request, HttpWebResponse response, HttpChannelFactory factory, WebException responseException, ChannelBinding channelBinding) at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout) at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout) at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type) at com.firstdata.globalgatewaye4.api.ServiceSoap.SendAndCommit(SendAndCommitRequest request) at com.firstdata.globalgatewaye4.api.ServiceSoapClient.com.firstdata.globalgatewaye4.api.ServiceSoap.SendAndCommit (SendAndCommitRequest request) at com.firstdata.globalgatewaye4.api.ServiceSoapClient.SendAndCommit(Transaction SendAndCommitSource)" My web.config info below: <behaviors> <endpointBehaviors> <behavior name="FDGGBehavior"> <clientCredentials> <clientCertificate findValue="WS1909642825._.1" storeLocation="LocalMachine" x509FindType="FindBySubjectName" storeName="TrustedPeople" /> <serviceCertificate> <authentication certificateValidationMode="PeerTrust" /> </serviceCertificate> </clientCredentials> </behavior> </endpointBehaviors> </behaviors> <binding name="ServiceSoap" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true"> <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" /> <security mode="TransportWithMessageCredential"> <transport clientCredentialType="Certificate" proxyCredentialType="Ntlm" /> <message clientCredentialType="UserName" algorithmSuite="Default" /> </security> </binding> <endpoint address="https://api.globalgatewaye4.firstdata.com/transaction/v11" binding="basicHttpBinding" bindingConfiguration="ServiceSoap" contract="com.firstdata.globalgatewaye4.api.ServiceSoap" name="ServiceSoap" behaviorConfiguration="FDGGBehavior" /> How can resolve question?

    Read the article

  • Logoff button IIS6 ASP.NET Basic Authentication

    - by willyconnor
    I have a requirement for an explicit logout button for users in a ASP.NET web app. I am using IIS6 with Basic Authentication (SSL). I can redirect to another web page but the browser keeps the session alive. I have googled around and found a way to do it by enabling an active x control to communicate with IIS and kill the session. I am in a restricted environment that does not allow forms authentication and active x controls are not forbidden as well. Has anyone else had this requirement and how have you handled it? Okay that is what I was afraid of. I have seen similar answers on the net and I was hoping someone would have a way of doing it. Thanks for your time though. I guess I can use javascript to prevent the back button like the history.back()

    Read the article

  • Review my ASP.NET Authentication code.

    - by Niels Bosma
    I have had some problems with authentication in ASP.NET. I'm not used most of the built in authentication in .NET. I gotten some complaints from users using Internet Explorer (any version - may affect other browsers as well) that the login process proceeds but when redirected they aren't authenticated and are bounced back to loginpage (pages that require authentication check if logged in and if not redirect back to loginpage). Can this be a cookie problem? Do I need to check if cookies are enabled by the user? What's the best way to build authentication if you have a custom member table and don't want to use ASP.NET login controls? Here my current code: using System; using System.Linq; using MyCompany; using System.Web; using System.Web.Security; using MyCompany.DAL; using MyCompany.Globalization; using MyCompany.DAL.Logs; using MyCompany.Logging; namespace MyCompany { public class Auth { public class AuthException : Exception { public int StatusCode = 0; public AuthException(string message, int statusCode) : base(message) { StatusCode = statusCode; } } public class EmptyEmailException : AuthException { public EmptyEmailException() : base(Language.RES_ERROR_LOGIN_CLIENT_EMPTY_EMAIL, 6) { } } public class EmptyPasswordException : AuthException { public EmptyPasswordException() : base(Language.RES_ERROR_LOGIN_CLIENT_EMPTY_PASSWORD, 7) { } } public class WrongEmailException : AuthException { public WrongEmailException() : base(Language.RES_ERROR_LOGIN_CLIENT_WRONG_EMAIL, 2) { } } public class WrongPasswordException : AuthException { public WrongPasswordException() : base(Language.RES_ERROR_LOGIN_CLIENT_WRONG_PASSWORD, 3) { } } public class InactiveAccountException : AuthException { public InactiveAccountException() : base(Language.RES_ERROR_LOGIN_CLIENT_INACTIVE_ACCOUNT, 5) { } } public class EmailNotValidatedException : AuthException { public EmailNotValidatedException() : base(Language.RES_ERROR_LOGIN_CLIENT_EMAIL_NOT_VALIDATED, 4) { } } private readonly string CLIENT_KEY = "9A751E0D-816F-4A92-9185-559D38661F77"; private readonly string CLIENT_USER_KEY = "0CE2F700-1375-4B0F-8400-06A01CED2658"; public Client Client { get { if(!IsAuthenticated) return null; if(HttpContext.Current.Items[CLIENT_KEY]==null) { HttpContext.Current.Items[CLIENT_KEY] = ClientMethods.Get<Client>((Guid)ClientId); } return (Client)HttpContext.Current.Items[CLIENT_KEY]; } } public ClientUser ClientUser { get { if (!IsAuthenticated) return null; if (HttpContext.Current.Items[CLIENT_USER_KEY] == null) { HttpContext.Current.Items[CLIENT_USER_KEY] = ClientUserMethods.GetByClientId((Guid)ClientId); } return (ClientUser)HttpContext.Current.Items[CLIENT_USER_KEY]; } } public Boolean IsAuthenticated { get; set; } public Guid? ClientId { get { if (!IsAuthenticated) return null; return (Guid)HttpContext.Current.Session["ClientId"]; } } public Guid? ClientUserId { get { if (!IsAuthenticated) return null; return ClientUser.Id; } } public int ClientTypeId { get { if (!IsAuthenticated) return 0; return Client.ClientTypeId; } } public Auth() { if (HttpContext.Current.User.Identity.IsAuthenticated) { IsAuthenticated = true; } } public void RequireClientOfType(params int[] types) { if (!(IsAuthenticated && types.Contains(ClientTypeId))) { HttpContext.Current.Response.Redirect((new UrlFactory(false)).GetHomeUrl(), true); } } public void Logout() { Logout(true); } public void Logout(Boolean redirect) { FormsAuthentication.SignOut(); IsAuthenticated = false; HttpContext.Current.Session["ClientId"] = null; HttpContext.Current.Items[CLIENT_KEY] = null; HttpContext.Current.Items[CLIENT_USER_KEY] = null; if(redirect) HttpContext.Current.Response.Redirect((new UrlFactory(false)).GetHomeUrl(), true); } public void Login(string email, string password, bool autoLogin) { Logout(false); email = email.Trim().ToLower(); password = password.Trim(); int status = 1; LoginAttemptLog log = new LoginAttemptLog { AutoLogin = autoLogin, Email = email, Password = password }; try { if (string.IsNullOrEmpty(email)) throw new EmptyEmailException(); if (string.IsNullOrEmpty(password)) throw new EmptyPasswordException(); ClientUser clientUser = ClientUserMethods.GetByEmailExcludingProspects(email); if (clientUser == null) throw new WrongEmailException(); if (!clientUser.Password.Equals(password)) throw new WrongPasswordException(); Client client = clientUser.Client; if (!(bool)client.PreRegCheck) throw new EmailNotValidatedException(); if (!(bool)client.Active || client.DeleteFlag.Equals("y")) throw new InactiveAccountException(); FormsAuthentication.SetAuthCookie(client.Id.ToString(), true); HttpContext.Current.Session["ClientId"] = client.Id; log.KeyId = client.Id; log.KeyEntityId = ClientMethods.GetEntityId(client.ClientTypeId); } catch (AuthException ax) { status = ax.StatusCode; log.Success = status == 1; log.Status = status; } finally { LogRecorder.Record(log); } } } }

    Read the article

  • Rails 2.x http basic authentication

    - by randombits
    I'm trying to get basic http authentication working on my Rails app. I'm offering a simple REST interface served by a Rails server, only xml/json output. Every method needs authentication, so I put the authenticate filter in ApplicationController: class ApplicationController < ActionController::Base helper :all # include all helpers, all the time before_filter :authenticate protected def authenticate authenticate_or_request_with_http_basic do |u, p| true end end end Even with having the method return true, I'm receiving a 401 from the server: $ curl http://127.0.0.1:3000/myresource/1.xml -i HTTP/1.1 401 Unauthorized Cache-Control: no-cache WWW-Authenticate: Basic realm="Application" X-Runtime: 1 Content-Type: text/html; charset=utf-8 Content-Length: 27 Server: WEBrick/1.3.1 (Ruby/1.9.1/2010-01-10) Date: Thu, 03 Jun 2010 02:43:55 GMT Connection: Keep-Alive HTTP Basic: Access denied. If I'm explicitly returning true, yet getting served a 401.

    Read the article

  • ASP.NET Windows Authentication

    - by Jason M
    Hi All I have an ASP.NET website set up using Windows authentication. Each time I open IE and try to access the webpage I get a windows authentication screen. Once I have logged in I can see the website fine. My problem is that every time I open a new IE browser I have to re-enter my username and password. I have heard about thew double hop issue, is this what it could be. If so how many ip fix this. Any ideas how i can stop this box showing up each time? I have ticked the "remember my username/password" tick box but still no joy. I am using Windows Server 2003, IIS 6.0 and .NET 4.0. Thanks JM

    Read the article

  • Interfacing my application with existing authentication systems

    - by Karan Bhangui
    I'm writing a web based application that will have its own authorization/authentication mechanism (traditional cookie/session based user/pass). However, depending on the organization that licenses the software, I want them to be able to plug in their own existing internal authentication system as a way to replace mine. Ideally, they'd have to run as little code as possible on their end; I'm trying to make this a mostly hosted service. I'm aware of the existence of OAuth, but don't entirely understand how I would go about implementing the system at a higher level. Any tips would be appreciated.

    Read the article

  • Consuming web service from BizTalk with authentication credentials

    - by lox
    I am trying to consume a web service from BizTalk by supplying credentials in the SOAP adapter port. I type in the Web Service URL and then I have the choice of Anonymous, Basic, Digest and NTLM authentication types. How do I supply my username, password and domain?.. when testing with soapUI it works perfectly. The only way I get to supply credentials is Basic or Digest but no matter what I fill in I get a "not authroized" error. The strange thing is that it actually works when I choose the NTLM authentication type but how does it get acces when I have not supplied the credentials. And there is no way that my server has direct access to the service?

    Read the article

  • Public-facing SharePoint 2007 portal - authentication question

    - by jdcorr
    I am involved in developing a portal with a public-facing side. For this i created a web application with windows authentication for intranet zone and after that, I created an extension for an internet zone with fba. In the internet extension we have the following requirement: - able to acess to sharepoint backoffice using fba. - have a authentication mecanism for portal visitors, where they can authenticate and acess to a page where they can subscribe the newsletter and define some site appearance (this users can't acess to sharepoint backoffice). My idea is use the aspnet membership provider to authenticate both users and create diferente roles for them. Anyone suggests another approach? Is there any way to ensure that visitors (2 case) do not enter the backoffice portal? Thanks

    Read the article

  • How to check if FORM Realm authentication failed?

    - by Sergio del Amo
    I use FORM Authentication. <login-config> <auth-method>FORM</auth-method> <form-login-config> <form-login-page>/loginPage.jsp</form-login-page> <form-error-page>/loginPage.jsp</form-error-page> </form-login-config> </login-config> I would like to use the same JSP for my form-login-page and form-error-page, for sake of code reuse. I use a Realm ( org.apache.catalina.realm.JDBCRealm ). In my JSP, I would like to display error messages if the authentication failed. Does Realm store anything in the request, which I could check?

    Read the article

  • asp.net forms authentication timing out after 1 minute

    - by user548929
    I'm using ASP.NET MVC 3 with the Authorize attribute, but it keeps kicking me to the logon page after 1 minute, but even though my expiration is set to a very high value, it times out quickly. I check the cookie in my browser and its still there and not set to expire until about a month later, and it's set to be persistent, so I'm not sure why it keeps booting me. It only happens on my published location, locally it works just fine. var ticket = new FormsAuthenticationTicket(username, true, 500000); var encryptedTicket = FormsAuthentication.Encrypt(ticket); var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket); cookie.Expires = ticket.Expiration; Response.Cookies.Add(cookie); web.config: <authentication mode="Forms"> <forms loginUrl="~/Account/LogOn" timeout="7200" slidingExpiration="false"/> </authentication>

    Read the article

  • WCF client using basic HTTP authentication

    - by AZ
    I'm trying to connect to a service that uses basic HTTP authentication. I've configured my binding like this <bindings> <basicHttpBinding> <binding name ="binding"> <security mode="TransportCredentialOnly"> <transport clientCredentialType="Basic"/> </security> </binding> </basicHttpBinding> </bindings> and i'm setting the credentials like this: client.ClientCredentials.UserName.UserName = Settings.UserName; client.ClientCredentials.UserName.Password = Settings.Password; Sill when i make a request i get a "The HTTP request is unauthorized with client authentication scheme 'Basic'" fault back. What am i doing wrong? (i don't have control over the service so all solutions must relate to the client configuration)

    Read the article

  • IsAuthenticated is false!

    - by Naor
    This is how I login ('user' holds the data of the user): HttpResponse Response = HttpContext.Current.Response; HttpRequest Request = HttpContext.Current.Request; FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, user.UserId.ToString(), DateTime.Now, DateTime.Now.AddHours(12), false, UserResolver.Serialize(user)); HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(ticket)); cookie.Path = FormsAuthentication.FormsCookiePath; Response.Cookies.Add(cookie); string redirectUrl = user.HomePage; Response.Redirect(redirectUrl); After this login I get IsAuthenticated == false. Why?? It worked for me before an hour but I don't know what is wrong now.

    Read the article

  • SharePoint form-based authentication with custom database

    - by Clodin
    Hi, I have SharePoint site and I want to use form-based authentication, not Windows how it is by default. For this I read that I have to modify the web.config from Central Administration and web.config from my site with the membership and roleManager tags configured properly. But if I use this: <membership> <providers> <add name="MyProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" .../> </providers> </membership> System.Web.Security.SqlMembershipProvider requires a database generated with ASP.NET SQL Server Setup Wizard (aspnet_regsql.exe), and this is my problem! I want to use another database with cunstom table 'Users' from where to take the username and password for authentication. How can I do this? Thank you in advance

    Read the article

  • Apache basic auth, mod_authn_dbd and password salt

    - by Cristian Vrabie
    Using Apache mod_auth_basic and mod_authn_dbd you can authenticate a user by looking up that user's password in the database. I see that working if the password is held in clear, but what if we use a random string as a salt (also stored in the database) then store the hash of the concatenation? mod_authn_dbd requires you to specify a query to select that password not to decide if the user is authenticated of not. So you cannot use that query to concatenate the user provided password with the salt then compare with the stored hash. AuthDBDUserRealmQuery "SELECT password FROM authn WHERE user = %s AND realm = %s" Is there a way to make this work?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 19 20 21 22 23 24 25 26 27 28 29 30  | Next Page >