Search Results

Search found 5866 results on 235 pages for 'authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 25/235 | < Previous Page | 21 22 23 24 25 26 27 28 29 30 31 32  | Next Page >

  • Token based Authentication for WCF HTTP/REST Services: Authorization

    - by Your DisplayName here!
    In the previous post I showed how token based authentication can be implemented for WCF HTTP based services. Authentication is the process of finding out who the user is – this includes anonymous users. Then it is up to the service to decide under which circumstances the client has access to the service as a whole or individual operations. This is called authorization. By default – my framework does not allow anonymous users and will deny access right in the service authorization manager. You can however turn anonymous access on – that means technically, that instead of denying access, an anonymous principal is placed on Thread.CurrentPrincipal. You can flip that switch in the configuration class that you can pass into the service host/factory. var configuration = new WebTokenWebServiceHostConfiguration {     AllowAnonymousAccess = true }; But this is not enough, in addition you also need to decorate the individual operations to allow anonymous access as well, e.g.: [AllowAnonymousAccess] public string GetInfo() {     ... } Inside these operations you might have an authenticated or an anonymous principal on Thread.CurrentPrincipal, and it is up to your code to decide what to do. Side note: Being a security guy, I like this opt-in approach to anonymous access much better that all those opt-out approaches out there (like the Authorize attribute – or this.). Claims-based Authorization Since there is a ClaimsPrincipal available, you can use the standard WIF claims authorization manager infrastructure – either declaratively via ClaimsPrincipalPermission or programmatically (see also here). [ClaimsPrincipalPermission(SecurityAction.Demand,     Resource = "Claims",     Operation = "View")] public ViewClaims GetClientIdentity() {     return new ServiceLogic().GetClaims(); }   In addition you can also turn off per-request authorization (see here for background) via the config and just use the “domain specific” instrumentation. While the code is not 100% done – you can download the current solution here. HTH (Wanna learn more about federation, WIF, claims, tokens etc.? Click here.)

    Read the article

  • How to configure SoapUI with client certificate authentication

    - by gvdmaaden
    SoapUI is one of the best free tools around to test web services. Some time ago I was trying to send a soap message towards a SSL web service that was set up for client certificate authentication. I pretty soon got stuck at the “javax.net.ssl.SSLException: HelloRequest followed by an unexpected handshake message” error, but after reading several posts on the internet I solved that issue. It’s not really that complicated after all, but since I could not find a decent place on the internet that explains this scenario in a proper way, here’s a list of steps that you need to do to make it work. Note: this following steps are based on a Windows environment   Step one: Export your certificate (the one that you want to use as the client certificate) using the export wizard with the private key and with all certificates in the certification path: Give it a password (anything you want): And export it as a PFX file to a location somewhere on disk: Step two: Install the newest version of SOAP UI (currently it is 3.6.1) Open the file C:\Program Files\eviware\soapUI-3.6.1\bin\ soapUI-3.6.1.vmoptions and add this line at the bottom: -Dsun.security.ssl.allowUnsafeRenegotiation=true This is needed because of a JAVA security feature in their newest frameworks (For further reading about this issue, read this: http://www.soapui.org/forum/viewtopic.php?t=4089 and this: http://java.sun.com/javase/javaseforbusiness/docs/TLSReadme.html).   Open SOAPUI and go to preferences>SSL Settings and configure your certificate in the keystore (use the same password as in step one): That should be it. Just create a new project and import the WSDL from the client authenticated SSL webservice: And now you should be able to send soap messages with client certificate authentication. The above steps worked for me, but please drop a note if it does not work for you.

    Read the article

  • Properly force SSL with .htaccess, no double authentication

    - by cwd
    I'm trying to force SSL with .htaccess on a shared host. This means there I only have access to .htaccess and not the vhosts config. I know you can put a rule in the VirtualHost config file to force SSL which will be picked up there (and acted upon first), preventing double authentication, but I can't get to that. Here's the progress I've made: Config 1 This works pretty well but it does force double authentication if you visit http://site.com - once for http and then once for https. Once you are logged in, it automatically redirects http://site.com/page1.html to the https coutnerpart just fine: RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] RewriteEngine on RewriteCond %{HTTP_HOST} !(^www\.site\.com*)$ RewriteRule (.*) https://www.site.com$1 [R=301,L] AuthName "Locked" AuthUserFile "/home/.htpasswd" AuthType Basic require valid-user Config 2 If I add this to the top of the file, it works a lot better in that it will switch to SSL before prompting for the password: SSLOptions +StrictRequire SSLRequireSSL SSLRequire %{HTTP_HOST} eq "site.com" ErrorDocument 403 https://site.com It's clever how it will use the SSLRequireSSL option and the ErrorDocument403 to redirect to the secure version of the site. My only complaint is that if you try and access http://site.com/page1.html it will redirect to https://site.com/ So it is forcing SSL without a double-login, but it is not properly forwarding non-SSL resources to their SSL counterparts. Regarding the first config, Insyte mentioned "using mod_rewrite to perform a simple redirect is a bit of overkill. Use the Redirect directive instead. It's possible this may even fix your problem, as I believe mod_rewrite rules are some of the last directives to be processed, just before the file is actually grabbed from the filesystem" I have not had no such luck on finding a force-ssl config option with the redirect directive and so have been unable to test this theory.

    Read the article

  • MVC 4 Authentication

    - by Aligned
    First: After searching for awhile to figure out what’s new/different with MVC 4 and forms authentication, this is the best article I've found on the subject: http://weblogs.asp.net/jgalloway/archive/2012/08/29/simplemembership-membership-providers-universal-providers-and-the-new-asp-net-4-5-web-forms-and-asp-net-mvc-4-templates.aspx Some quotes from the article: “The ASP.NET Web Pages team designed SimpleMembership to (wait for it) simplify the task of dealing with membership” "WSAT is built to work with ASP.NET Membership, and is not compatible with Simple Membership. There are two main options there: Use the WebSecurity and OAuthWebSecurity API to manage the users and roles Create a web admin using the above APIs Since SimpleMembership runs on top of your database, you can update your users as you would any other data - via EF or even in direct database edits (in development, of course)" “If you want to use an existing ASP.NET Membership Provider in ASP.NET MVC 4, you can't use the new AccountController. You can do a few things:” “Universal Providers do not work with Simple Membership.” ~ this post (look for Bob.at.SBS’s answer) says Universal Providers is not needed for MVC 4 to work in Azure)   I've been trying to figure out the Forms Authentication in MVC4. It's different than the past approach (aspnet_regsql). If you do file new project -> MVC 4 -> internet application, you get a really nice template with the controller and model setup for you. However, the tables are different than using aspnet_regsql and the ASP.Net Configuration tool (WSAT) wasn’t connecting to the data I had (it was creating an App_Data/aspnet.mdf file, which I didn’t see right away). Points of Note The database tables are created in the SimpleMembershipInitializer class, when you first run your app using Entity Framework 5 migration functionality. The tables created are webpages_Membership, webpages_OAuthMembership, webpages_Roles, webpages_UsersInRoles, UserProfile. Web.config settings don’t seem to be needed.   Scott Hanselman on Universal Providers was also useful if not somewhat out dated. Universal Providers and SimpleMembership are not compatible. http://www.asp.net/web-pages/tutorials/security/16-adding-security-and-membership – walk-through

    Read the article

  • apt-get does not work with proxy

    - by tommyk
    For a command sudo apt-get update I get following error W: Failed to fetch http://ch.archive.ubuntu.com/ubuntu/dists/maverick-updates/multiverse/binary-i386/Packages.gz 407 Proxy Authentication Required ( The ISA Server requires authorization to fulfill the request. Access to the Web Proxy filter is denied. ) I am running Ubuntu 10.10 installed on Windows XP using VirtualBox. For internet connections I am using proxy server with an authentication. I tried to use gnome-network-proxy tool to set proxy settings system-wide. After that /etc/environment has been updated by http_proxy variable with the format http://my_proxy:port/, there were no authentication data. I checked this with firefox. Browser asked my for login and password and everything was working fine. It was unfortunately not the case for apt-get. I have also tried to do as described here. Unfortunately it does not work. May it be somehow related to the fact that a proxy is in a Windows domain, any ideas ? EDIT: My proxy name is http-proxy. Is '-' a special character here ?

    Read the article

  • ASP.NET MVC WebService - Security for Industrial Android Clients

    - by Chris Nevill
    I'm trying to design a system that will allow a bunch of Android devices to securely log into an ASP.NET MVC REST Web service. At present neither side are implemented. However there is an ASP.NET MVC website which the web service will site along side. This is currently using forms authentication. The idea will be that the Android devices will download data from the web service and then be able to work offline storing data in their own local databases, where users will be able to make updates to that data, and then syncing updates back to the main server where possible. The web service will be using HTTPS to prevent calls being intercepted and reduce the risk of calls being intercepted. The system is an industrial system and will not be in used by the general Android population. Instead only authorized Android devices will be authorized by the Web Service to make calls. As such I was thinking of using the Android devices serial number as a username and then a generated long password which the device will be able to pick up - once the device has been authorized server side. The device will also have user logins - but these will not be to log into the web service - just the device itself - since the device and user must be able to work offline. So usernames and passwords will be downloaded and stored on the devices themselves. My question is... what form of security is best setup on the web service? Should it use forms Authentication? Should the username and password just be passed in with each GET/POST call or should it start a session as I have with the website? The Android side causes more confusion. There seems to be a number of options here Spring-Android, Volley, Retrofit, LoopJ, Robo Spice which seems to use the aforementioned Spring, Retrofit or Google HttpClient. I'm struggling to find a simple example which authenticates with a forms based authentication system. Is this because I'm going about this wrong? Is there another option that would better suite this?

    Read the article

  • apt-get does not work with proxy

    - by tommyk
    For a command sudo apt-get update I get following error W: Failed to fetch http://ch.archive.ubuntu.com/ubuntu/dists/maverick-updates/multiverse/binary-i386/Packages.gz 407 Proxy Authentication Required ( The ISA Server requires authorization to fulfill the request. Access to the Web Proxy filter is denied. ) I am running Ubuntu 10.10 installed on Windows XP using VirtualBox. For internet connections I am using proxy server with an authentication. I tried to use gnome-network-proxy tool to set proxy settings system-wide. After that /etc/environment has been updated by http_proxy variable with the format http://my_proxy:port/, there were no authentication data. I checked this with firefox. Browser asked my for login and password and everything was working fine. It was unfortunately not the case for apt-get. I have also tried to do as described here. Unfortunately it does not work. May it be somehow related to the fact that a proxy is in a Windows domain, any ideas ? EDIT: My proxy name is http-proxy. Is '-' a special character here ?

    Read the article

  • RADIUS authentication on Cisco switches: how to assign privilege levels?

    - by Massimo
    I need to configure some Cisco switches (IOS 12.x) to authenticate against a RADIUS server; the server is Windows Server 2003's IAS, and it validates users against his Active Directory domain. I know how to configure the switches to validate usernames/passwords against the RADIUS server, and I can succesfully login using an AD account; the question is: how can I set privilege level 15 for users, in order to not have to use enable each time?

    Read the article

  • mac osx active directory authentication and linux samba share problems.

    - by Matt Delves
    As a precursor, the network setup is one that includes a combination of Novell Netware servers as well as Windows Servers and Linux servers. I've successfully been able to bind my mac to the Windows Domain and can login without any problems. I've been able to mount shares without needing to resupply login credentials to any windows based share. The problem I've found is that when I'm attempting to mount a share from a linux server, it is asking to resupply the login credentials. Has anyone experienced this kind of problem. The linux servers are a combination of SLES 10 and 11 and RHEL 4 and 5. Thanks, Matt

    Read the article

  • How to generate the right password format for Apache2 authentication in use with DBD and MySQL 5.1?

    - by Walkman
    I want to authenticate users for a folder from a MySQL 5.1 database with AuthType Basic. The passwords are stored in plain text (they are not really passwords, so doesn't matter). The password format for apache however only allows for SHA1, MD5 on Linux systems as described here. How could I generate the right format with an SQL query ? Seems like apache format is a binary format with a lenght of 20, but the mysql SHA1 function return 40 long. My SQL query is something like this: SELECT CONCAT('{SHA}', BASE64_ENCODE(SHA1(access_key))) FROM user_access_keys INNER JOIN users ON user_access_keys.user_id = users.id WHERE name = %s where base64_encode is a stored function (Mysql 5.1 doesn't have TO_BASE64 yet). This query returns a 61 byte BLOB which is not the same format that apache uses. How could I generate the same format ? You can suggest other method for this too. The point is that I want to authenticate users from a MySQL5.1 database using plain text as password.

    Read the article

  • A little guidance setting up FTP server authentication on Windows Server 2008 R2 standard?

    - by Ropstah
    I have a (clean) server running Windows Server 2008 R2 standard. I would just like to use it for serving a website and a FTP server through IIS. IIS is installed and serves my website propery. I have now added a FTP site but when I try to logon using my user/pass i get the following error: 530 User cannot login From this article (http://support.microsoft.com/kb/200475) I understand that these four causes can be pointed out: The Allow only anonymous connections security setting has been turned on in the Microsoft Management Console (MMC). Not the case The username does not have the Log on locally permission in User Manager. The user is in the Users group, however I'm not able to logon through RDP. I tried configuring this by following this article through GPMC however this only works when I'm logged in as a domain user on a domain controller which I'm not: I'm logged in as administrator The username does not have the Access this computer from the network permission in User Manager. Not sure what this implies...? The Domain Name was not specified together with the username (in the form of DOMAIN\username). Tried adding the server name: server\username, not working... I am an absolute server noob and I'd just like to be able to connect through FTP... Any guidance is highly appreciated!

    Read the article

  • How can I clear the "authentication cache" in Windows 7 to a password protected samba share?

    - by Chris Drumgoole
    I have a Linux samba server and have explicitly listed users that can access the folder. I have successfully congfigured Samba to require a username and password when accessing the share from windows (using the smbpasswd, etc.). But now I want to force clear the auth cache on the windows machine. Such as when I go to a colleague's computer, I use my account to access a file in the protected share, but then before I leave his computer, i'll want to make sure the authorization cache is cleared so he cannot access that folder with my credentials. I found the command to use in the windows command prompt on google a couple of weeks ago but silly me I didn't save it... Hope someone can help, thanks! Oh, Samba is configured as a workgroup and not a domain (if that helps) - so windows users do NOT log into a domain on start up. thanks!

    Read the article

  • Calling Web Services with HTTP Basic Authentication from BPEL 10.1.3.4

    - by Ramkumar Menon
    Are you using BPEL 10.1.3.4 and hunting for the property names in the partnerlinkBindings that will work for outbound HTTP Basic Authentication? Here's the answer. <partnerLinkBinding ...>  <property name="basicHeaders">credentials</property>  <property name="basicUsername">WhoAmI</property>  <property name="basicPassword">thatsASecret</property></partnerLinkBinding>The drop down options in JDeveloper dont seem to work.

    Read the article

  • Using PHP Encryption for Login Authentication

    <b>Webreference:</b> "Following up on "Implementing One-way Encryption in PHP," my previous tutorial about using one-way encryption to build a secure online diary application, this article explores using PHP encryption for login authentication."

    Read the article

  • Full disk encryption with seperate boot and encrypted keyfile storage: Two-Form Authentication

    - by Cain
    I am trying to setup true Full Disk encryption with two-form authentication on 12.04 and can not find out how to call a keyfile for the encrypted root out of another encrypted partition. All documentation or questions I am finding for whole or full disk encryption only encrypts separate partitions on the same disk. This is not what most are calling full disk encryption, /boot is not on a partition on the root drive, rather it is on a usb stick as sdx1. Instead root is on a logical partition on top of a LUKS container. Luks is run on the whole disk, encrypting the partition table as well. All drives in the machine are completely encrypted and to open it it requires a USB drive (what I have) as well as a passphrase (what I know) resulting in Two-Form Authentication to boot the machine. Device sdx cryptroot vg00 lvroot / There is no passphrase to open the encrypted root device, only a keyfile. That keyfile is kept on the usb drive with /boot, in its own encrypted partition (I'll call this cryptkey). In order for the root file system (cryptroot) to be opened, initramfs must ask for the passphrase to cryptkey on the usb drive, then use the keyfile inside that to open cryproot. I did manage to find what I think is the how-to I used to do this once before: http://wiki.ubuntu.org.cn/UbuntuHelp:FeistyLUKSTwoFormFactor I already have the system installed and can chroot into it, however, I can not get it to call for the keys on the USB during boot. I did find a how-to saying I needed to make a cryptroot conf for initramfs but, I believe that is for a passphrase: https://help.ubuntu.com/community/EncryptedFilesystemLVMHowto#Notes_for_making_it_work_in_Ubuntu_12.04_.22Precise_Pangolin.22_amd64 I also tried to setup crypttab. However, crypttab only works for drives mounted after the root drive as calling for a keyfile on a device not yet mounted to the system doesnt work. The Feisty how-to included scripts that would be run during boot instructing initramfs to mount the usb drive temporarily and call the keyfile for root which worked quite well except those scripts are outdated now, many of the things they relied on have been merged into something else, changed, or simply don't exist anymore. If I have missed a clear how-to for this, that would be wonderful, I just don't think I have.

    Read the article

  • Empathy "Authentication failed" when connecting to Freenode

    - by mac9416
    I have set up an IRC account in Empathy - the default server is, of course, Freenode. Empathy tries to connect and after a few moments reports, "Authentication failed". I have tried with and without a password (My nickname is registered with Freenode.). What could I possibly be doing wrong? Update: I was able to connect when on another network. Could the problem be with my Verizon Mobile Broadband?

    Read the article

  • How to make ASP.NET authentication persist the Url Fragment when redirecting to the login page?

    - by estourodepilha.com
    After I inserted the configuration below in my Web.Config <authentication mode="Forms"> <forms name="appNameAuth" path="/" loginUrl="login.aspx" protection="All" timeout="30"> <credentials passwordFormat="Clear"> <user name="user" password="password" /> </credentials> </forms> </authentication> <authorization> <deny users="?" /> </authorization> All requests to Menu.aspx#fragment are redirected to login.aspx?ReturnUrl=/Menu.aspx and I expected it to be redirected to login.aspx?ReturnUrl=/Menu.aspx#fragment How to achieve the desired behavior?

    Read the article

  • How to build an easy Rails authentication with OpenID and OAuth1.0a-2.0?

    - by Andrei
    Hi, I'am looking for an easy authentication for my users mostly via facebook, but keeping OpenID and other OAuth alternatives as well. For the case if something will go very bad, I will ask my users to optionally provide their email address, which should be obtained via OpenID or OAuth if possible. The same thing is about their name. I am a newbie in Rails, so I started with Railscasts.com #160 (authlogic) and #170 (authlogic and OpenID), however, I had some problems trying to sign in with my Google Account. As I understand, it will take some effort to adjust #170 for my objectives. On the other hand, there is gem authlogic_rpx which will possibly provide me the needed functionality (see http://rails-authlogic-rpx-sample.heroku.com/signin). What would you do? Is it reasonable to put one more step (RPX) in the authentication logic?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 21 22 23 24 25 26 27 28 29 30 31 32  | Next Page >