Search Results

Search found 34094 results on 1364 pages for 'open authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 24/1364 | < Previous Page | 20 21 22 23 24 25 26 27 28 29 30 31  | Next Page >

  • IIS Virtual Directory/Application & Forms authentication

    - by user216194
    I've setup and deployed a simple forms authentication website with membership using .NET 4. I've created a virtual directory (now converted to "Application") in IIS7 and setup the web.config file in the virtual directory as follows: <system.webServer> <directoryBrowse enabled="true" /> </system.webServer> Great! I browse to the virtual directory: ../mydomain/books/ and I'm automatically redirected to the login page specified by web.config in my root directory and the url path is placed as follows: ../Account/Login.aspx?ReturnUrl=%2fbooks At this point, I login succesfully, but I am not redirected anywhere, and when I manually return to the directory, ../books, I'm sent back to the login page, where I'm already logged in? So I'm confused about what my problem is! I should be successfully authenticated, and than redirected back to the directory, or at the very least be able to view it manually after I log in right?

    Read the article

  • Application loses authentication when performing redirect to a virtual directory

    - by nuhusky2003
    I have the following setup: http://www.example.com/dir1/ and http://www.example.com/dir2/ Each virtual directory is configured on IIS6.0 as an application with own AppPool. When redirecting authenticated user from dir1 to dir2 using response.redirect I lose authentication information for the user and the user is being redirected to the login page. This issue was not coming up with each app (dir1 and dir2) were configured under subdomain, ex: http://dir1.example.com and http://dir2.example.com. I have resolved the issue by adding a machine key to the machine.config file. Can someone explain to me why it's not working on a http://www.example.com/dir1 configuration?

    Read the article

  • Web services Authentication Jungle

    - by redben
    I have been doing some research lately about best approaches to authenticating web services calls (REST SOAP or whatever). But none of the Approaches convinced me... But i still can't a make a choise... Some talk about SSL and http basic authentication -login/password- which just seems weird for a machine (i mean having to assign a login/password to a machine, or is it not ?). Some others say API keys (seems like these scheme is more used for tracking and not realy for securing). Some say tokens (like session IDs) but shouldn't we stay stateless (especially if in REST style) ? In my use case, when a remote app is calling one of our web services, i have to authenticate the calling application obviously, and the call must - if applicable - tell me which user it impersonates so i can deal with authorization later. Any thoughts ?

    Read the article

  • apache: basic authentication before rewrite

    - by pyro
    I have an apache in frontend that redirect a request via a rewrite rule. I have to put a basic authentication before redirect a request, so I put this in the config file: <VirtualHost *:443> ServerAdmin xxxxxx DocumentRoot /var/www/html/ ServerName xxxxxxx RewriteEngine on ErrorLog logs/error.log CustomLog logs/access_log common <Directory /var/www/html/> AuthType Basic AuthName "Restricted Files" AuthUserFile /etc/httpd/conf/tag.pwd Require valid-user RewriteRule ^/(.*) http://xxxxxx:xxx/$1 [P,L] </Directory> </VirtualHost> But doesn't work. Any suggestions?

    Read the article

  • Code igniter authentication code in controller security question

    - by Prime Studios
    I have a main controller to handle the very front-end of my authentication system, it handles login, logout, update user info, etc. functions that I anticipate calling by POST'ing from views/forms. What about something like a "delete_user" function though? My thoughts are a button in someones admin panel would say "Delete Account" and it would post to "/auth/delete", and the function would delete the user based on their session username or id. This seems a bit open ended, you could send out a link to someone and when they opened it while in that application it would delete their account.. Whats the best way to handle this?

    Read the article

  • Using couchdb authentication by xmpp users

    - by flossy
    Hi, I'd like use couchdb for a web application with external user authentication by a XMPP-Server (Openfire). How can I achieve that? Let's say we have thre users: [email protected] [email protected] [email protected] Now [email protected] should be able to read all documents that are suited for basic users. [email protected] should be able to read AND write all documents that are suited for basic users. [email protected] should be able to read all documents that are suited for basic and advanced users. Is that possible?

    Read the article

  • authentication of webapps when passwords are hashed with bcrypt

    - by dubreakkk
    I created a GWT project which requires authentication. Initially, the users' passwords were in plain text, but now I would like to hash them with BCrypt. I searched but I cannot find a place describing how to make Jetty authenticate against a BCrypt hashed password. I'm sending the password to the server using a FORM in plain text and over SSL. What do I need to do to make Jetty hash this password and compare it to the one in the database? Thank you;

    Read the article

  • Service-Based Authentication Using Tokens

    - by jerhinesmith
    I'm having a tough time trying to find clear and concise examples of how one would implement a service-based authentication scheme using tokens. As far as I can tell, the basic steps are as follows: Client requests username/password from user Client passes username/password to identity provider Provider checks username/password and sends back a token if the user is valid Client does something with the token? The third and fourth step are where I'm getting stuck. I assume the "token" in this case just has to be either an encrypted string that the client can decrypt or some random string that gets stored somewhere (i.e. a database) that the client can then verify against, but I'm not really sure what the client is then supposed to do with the token or why you even need a token at all -- couldn't a simple user ID also suffice?

    Read the article

  • Looking for a way to get HTTP Digest Authentication headers from incoming http requests

    - by duncancarroll
    I've been working on a REST implementation with my existing Cake install, and it's looking great except that I want to use HTTP Digest Authentication for all requests (Basic Auth won't cut it). So great, I'll generate a header in the client app (which is not cake) and send it to my cake install. Only problem is, I can't find a method for extracting that Digest from the request... I've looked through the Cake API for something that I can use to get the Digest Header. You'd think that Request Handler would be able to grab it, but I can't find anything resembling that. There must be another method of getting the digest that I am overlooking? In the meantime I'm writing my own regex to parse it out of the Request... once I'm done I'll post it here so no one has to waste as much time as I did hunting for it.

    Read the article

  • Form authentication works on dev server but not on IIS

    - by Ilknur
    Hi, We have a similar problem. We have a web application running under default appdomain. It was working fine until a week before...Suddenly it has encountered a problem. Below message is taken from event logs. Event code: 4005 Event message: Forms authentication failed for the request. Reason: The ticket supplied has expired. Application uses FormsAuthentication and gets the roles from aspnetdb.. After the error, when user logins to the page, it does not redirects to the default.aspx. Again login.aspx comes up. On the other hand application works fine on development server(localhost), but not on www(IIS 6.0). Does any one has an idea? Thanks, Ilknur

    Read the article

  • How do I stack Plack authentication handlers?

    - by Schwern
    I would like to have my Plack app try several different means of authorizing the user. Specifically, check if the user is already authorized via a session cookie, then check for Digest authentication and then fall back to Basic. I figured I could just enable a bunch of Auth handlers in the order I wanted them to be checked (Session, Digest, Basic). Unfortunately, the way that Plack::Middleware::Auth::Digest and Plack::Middleware::Auth::Basic are written they both return 401 if digest or basic auth doesn't exist, respectively. How is this normally dealt with in Plack?

    Read the article

  • Windows Phone 7 Application + WCF + SSL + Username Authentication

    - by s7orm
    Hello, I have developed a test service with WCF, which I try to consume from a Windows Phone 7 Application, however when calling a method from the service I get a weird exception: There was no endpoint listening at https://server/Service.svc that could accept the message. This is often caused by an incorrect address or SOAP action. The WCF service uses a custom binding with UserNameOverTransport authentication and SSL. For the authorization I am using an implementation of the UserNamePasswordValidator. If I try to consume the service from a console or silverlight application (cross domain policy is enabled) - it works fine (authorization as well). And the most weird thing is that the ServiceReferences.ClientConfig file generated for the WP7 App is exactly the same as the config file generated for the silverlight application. I have no idea what is wrong with my service...

    Read the article

  • Web Application - Authentication / Login Framework

    - by user456563
    This is a very simple, probably a most asked question and frequently developed as part of any web application. Say I'm planning to build a web application and some of the functional requirements include (apart from the usual hard hitting security reqs), - Need to have users sign up for a new account profile - Authenticate user using the native app authentication / Facebook or Google or Yahoo or OpenId login - Allow lost password retrieval - Session handling needs Is there an out of the box frameworks (Drupal, Liferay??) that I can use to wrap my application which can be a bunch of JSP's or HTML's with JS? I know I'm asking a very simple and maybe a naive question. But this is a topic every web developer guru will go thru. Any help, advise and pointers much appreciated.

    Read the article

  • Cannot connect to MySQL 4.1+ using old authentication

    - by B T
    I'm trying to connect to a mySQL database at http://bluesql.net, but when I try to connect, it gives this error: Connect Error (2000) mysqlnd cannot connect to MySQL 4.1+ using old authentication I've looked into this, and it has to do with some old password scheme used before MySQL 4.1. Newer versions have the option to use old passwords, which I've read may cause this problem. I'm running php 5.3, and connecting with mySQLi (new mysqli(...)). I'm hoping I can do something in the code to connect to the DB at bluesql.net - clearly I don't control how their database is set up. Downgrading php versions isn't an option. Anyone have any ideas?

    Read the article

  • Established javascript solution for secure registration & authentication without SSL

    - by Tomas
    Is there any solution for secure user registration and authentication without SSL? With "secure" I mean safe from passive eavesdropping, not from man-in-the-middle (I'm aware that only SSL with signed certificate will reach this degree of security). The registration (password setup, i.e. exchanging of pre-shared keys) must be also secured without SSL (this will be the hardest part I guess). I prefer established and well tested solution. If possible, I don't want to reinvent the wheel and make up my own cryptographic protocols. Thanks in advance.

    Read the article

  • User forms authentication in JSF

    - by Proton
    I'm a novice at JSF and I got a couple of questions concerning organizing user authentication there. 1) How can i redirect the registered user to a welcome page (for example welcome.xhtml)? I heard about using Filter or navigation-rule tag, but i didn't found a full-blown tutorial of how it works. 2) How can i tell the server that unauthorized users can access not only the login page but also the registration page? Is there an analog for ASP.NET web.config tag or something like this?

    Read the article

  • Best Solution For Authentication in Ruby on Rails

    - by Dan Wolchonok
    I'm looking for a pre-built solution I can use in my RoR application. I'm ideally looking for something similar to the ASP.NET Forms authentication that provides email validation, sign-up controls, and allows users to reset their passwords. Oh yeah, and easily allows me to pull the user that is currently logged into the application. I've started to look into the already written pieces, but I've found it to be really confusing. I've looked at LoginGenerator, RestfulAuthentication, SaltedLoginGenerator, but there doesn't seem to be one place that has great tutorials or provide a comparison of them. If there's a site I just haven't discovered yet, or if there is a de-facto standard that most people use, I'd appreciate the helping hand.

    Read the article

  • download authentication?

    - by Sahat
    Hi I am sorry if this question has been asked before but I am looking for some sort of download authentication. In other words if I am going to give the user a link to a file, I want to make sure only that person will get it, and get it only once! Is there a simple solution without setting up the whole database. Even better if it's possible to have an ecrypted web link that will let you download a file from my FTP server just once, after that the link becomes invalid. Thanks.

    Read the article

  • How to run open dns on a network

    - by user37652
    I need to be enlightened in this topic. First, is it possible to run open dns on a network so that you won't have to install the open dns updater to update the ip address of those machines with dynamic ip address. Second, how do I set it up. Can I set it up on the router?

    Read the article

  • "Must-Have" Open Source software?

    - by marco.ragogna
    When I am searching for a program to use at home I will consider at first all open source programs because I like the philosophy, the approach and the communities behind these projects. What are, in your opinion, the must-have Open Source software that should be installed on every Home PC? One program per answer please.

    Read the article

  • Open dialog box won't show files in libraries, but explorer will

    - by Alex
    I have the weirdest problem when trying to open or save files. When I try to get to "My Documents" through the "Libraries" side link it won't show any of my files. It will show them if I go around from the C:// drive into the user files though. I thought it was because I didn't have the right location defined for the "Libraries" shortcut, but when I use "Explorer" to open my "Libraries" it shows all the files. Any ideas?

    Read the article

  • C# Can I return HttpWebResponse result to iframe - Uses Digest authentication

    - by chadsxe
    I am trying to figure out a way to display a cross-domain web page that uses Digest Authentication. My initial thought was to make a web request and return the entire page source. I currently have no issues with authenticating and getting a response but I am not sure how to properly return the needed data. // Create a request for the URL. WebRequest request = WebRequest.Create("http://some-url/cgi/image.php?type=live"); // Set the credentials. request.Credentials = new NetworkCredential(username, password); // Get the response. HttpWebResponse response = (HttpWebResponse)request.GetResponse(); // Get the stream containing content returned by the server. Stream dataStream = response.GetResponseStream(); // Open the stream using a StreamReader for easy access. StreamReader reader = new StreamReader(dataStream); // Read the content. string responseFromServer = reader.ReadToEnd(); // Clean up the streams and the response. reader.Close(); dataStream.Close(); response.Close(); return responseFromServer; My problems are currently... responseFromServer is not returning the entire source of the page. I.E. missing body and head tags The data is encoded improperly in responseFromServer. I believe this has something to do with the transfer encoding being of the type chunked. Further more... I am not entirely sure if this is even possible. If it matters, this is being done in ASP.NET MVC 4 C#. Thanks, Chad

    Read the article

  • Forms authentication in Silverlight

    - by Matt
    I have a website using forms authentication. Everything runs sweet their. I've got a Silverlight app that uses Duplex messaging to talk to a WCF service. I'd like to be able to authenticate users in my service. I realize that by doing this <serviceHostingEnvironment aspNetCompatibilityEnabled="true" /> that my service would then have access to the HttpContext.Current context and I could easily authenticate a user. But herein lies the problem. aspNetCompatibilityEnabled="true" combined with Duplex messaging results in very, very, very slow communication between silverlight and the website (10 seconds or more). Unless I have a configuration wrong, I'm going to assume that this is a bug in WCF / Silverlight. So basically I'm looking for a workaround. One idea I wanted to try was to read the ASPSESSID cookie from the browser and send that value over the wire. But I don't know what to do with the cookie on the service side. Is there some way to authenticate a user by sending their cookie data over duplex messaging?

    Read the article

  • Universal Authentication to Google Data API?

    - by viatropos
    Hey, I want to be able to have say 10 admin users store all their documents on google docs for a domain ('http://docs.google.com/a/domain.com'), and have everyone else be able to view them through 'domain.com/documents'. I'm just not certain how the whole authentication thing works in that case. Should I use OAuth? Or could I just use ClientLogin for say the root/global admin, and anytime someone goes to the site, they login as that? That works for personal docs, but it doesn't seem to be working for Google Apps. I would like it so the user has no idea they're accessing google docs, so I don't want them to have to say "Yes, Authenticate this App with Google", as seen in this Doclist Manager App. The app is basically: Admin stores a bunch of forms and documents User uses form and views documents the admin has posted ... so there's no need to access the user's Google Docs. But it seems like AuthSub and OAuth are addressing that instead... Thanks for the tips.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 20 21 22 23 24 25 26 27 28 29 30 31  | Next Page >