Search Results

Search found 9928 results on 398 pages for 'facebook authentication'.

Page 25/398 | < Previous Page | 21 22 23 24 25 26 27 28 29 30 31 32 | Next Page >

What are the potential problems with exposing the Facebook API secret?

- by genehack

I'm writing a little web utility that posts status updates to Twitter and/or Facebook. That involved creating 'applications' with both those services in order to get API keys and 'secrets'. My question is how protected I really need to keep those secrets -- in order for this to work at all, you seem to need the secret to interact with the authentication part of the service to grant the app access to your account and/or grant it permission to post updates on your behalf. Facebook's documentation says to protect the secret, but at least one other Facebook utility distributes the API key and secret in the source. It's important to note: this isn't your standard Facebook 'application' that runs within the context of Facebook, nor is it a standard "desktop"-style compiled app -- it's a web-based application intended to be run on your own web server. The audience for this is probably small and somewhat more sophisticated than average -- so, one technical alternative would be to require people to obtain their own API key and secret to use the app. That seems like a lot of work, however, and a fairly large barrier to entry to anybody using this. Anybody know or have any insight on what sort of trouble I'm letting myself in for if I put both the secrets and the API keys in the config for my app and check it into Github for all the world to see?

Read the article
How can I get Facebook Profile image from email?

- by Forbini

There's an outlook plugin called Xobni that has a really cool feature, if a contact has an email address, it will fetch that contact's profile picture and display it. Their FAQ states the following: Xobni sends an encrypted email address to Facebook to retrieve the Facebook profile for the person who is currently being viewed in the Xobni sidebar. Your own Facebook profile is never altered by Xobni, and all Facebook privacy settings are strictly followed when viewing other profiles. I'd like to duplicate this functionality. However, I can't figure out which API call they're using. I'm assuming when they say "encrypted email address" that's laymen's terms for the email hash. Once a username is derived, the graph api looks ideal for actually fetching the image, but I'm having trouble going from email hash to profile ID.

Read the article
facebook login problem

- by khoyendra

This is the code which is use for login in facebook but it is go to the finaly block and show my facebook link in browser. i am show from which it go to the finaly block in program. how to login without open browser this example is yack from http://code.google.com/p/facebook-java-api/wiki/Examples try{ MDC.put(ipAddress, req.getRemoteAddr()); HttpServletRequest request = (HttpServletRequest) req; HttpServletResponse response = (HttpServletResponse) res; HttpSession session = request.getSession(true); IFacebookRestClient<Document> userClient = getUserClient(session); if (userClient == null) { logger.debug("User session doesn't have a Facebook API client setup yet. Creating one and storing it in the user's session."); userClient = new FacebookXmlRestClient(api_key, secret); session.setAttribute(FACEBOOK_USER_CLIENT, userClient); } logger.trace("Creating a FacebookWebappHelper, which copies fb_ request param data into the userClient"); FacebookWebappHelper<Document> facebook = new FacebookWebappHelper<Document>(request, response, api_key, secret, userClient); String nextPage = request.getRequestURI(); nextPage = nextPage.substring(nextPage.indexOf("/", 1) + 1); //cut out the first /, the context path and the 2nd / logger.trace(nextPage); boolean redirectOccurred = facebook.requireLogin(nextPage); if (redirectOccurred) { return; //from this pt. send to finaly block and open my facebook page } redirectOccurred = facebook.requireFrame(nextPage); if (redirectOccurred) { return; } long facebookUserID; try { facebookUserID = userClient.users_getLoggedInUser(); } catch (FacebookException ex) { response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Error while fetching user's facebook ID"); logger.error("Error while getting cached (supplied by request params) value " + "of the user's facebook ID or while fetching it from the Facebook service " + "if the cached value was not present for some reason. Cached value = {}", userClient.getCacheUserId()); return; } MDC.put(facebookUserId, String.valueOf(facebookUserID)); chain.doFilter(request, response); } finally { MDC.remove(ipAddress); MDC.remove(facebookUserId); }

Read the article
Publish to Facebook Stream via PHP using Graph API

- by Liquid

I'm trying to post a message to a user's wall using the new graph API and PHP. Connection seems to work fine, but no post appears. I'm not sure how to set up the posting code correctly. Please help me out. Sorry for the broken-looking code, for some reason StackOverflow didn't want to close it all in the code block. Below is my full code. Am I missing an extender permission requests, or is that taken care in this code: PHP Code <?php include_once 'facebook.php'; $facebook = new Facebook(array( 'appId' => 'xxxxxxxxxxxxxxxxxx', 'secret' => 'xxxxxxxxxxxxxxxxxxxxxxxxxx', 'cookie' => true )); $session = $facebook->getSession(); if (!$session) { $url = $facebook->getLoginUrl(array( 'canvas' => 1, 'fbconnect' => 0 )); echo "<script type='text/javascript'>top.location.href = '$url';</script>"; } else { try { $uid = $facebook->getUser(); $me = $facebook->api('/me'); $updated = date("l, F j, Y", strtotime($me['updated_time'])); echo "Hello " . $me['name'] . "<br />"; echo "You last updated your profile on " . $updated; $connectUrl = $facebook->getUrl( 'www', 'login.php', array_merge(array( 'api_key' => $facebook->getAppId(), 'cancel_url' => 'http://www.test.com', 'req_perms' => 'publish_stream', 'display' => 'page', 'fbconnect' => 1, 'next' => 'http://www.test.com', 'return_session' => 1, 'session_version' => 3, 'v' => '1.0', ), $params) ); $result = $facebook->api( '/me/feed/', 'post', array('access_token' => $facebook->access_token, 'message' => 'Playing around with FB Graph..') ); } catch (FacebookApiException $e) { echo "Error:" . print_r($e, true); } } ?>

Read the article
Laptop authentication/logon via accelerometer tilt, flip, and twist

- by wonsungi

Looking for another application/technology: A number of years ago, I read about a novel way to authenticate and log on to a laptop. The user simply had to hold the laptop in the air and execute a simple series of tilts and flips to the laptop. By logging accelerometer data, this creates a unique signature for the user. Even if an attacker watched and repeated the exact same motions, the attacker could not replicate the user's movements closely enough. I am looking for information about this technology again, but I can't find anything. It may have been an actual feature on a laptop, or it may have just been a research project. I think I read about it in a magazine like Wired. Does anyone have more information about authentication via unique accelerometer signatures? Here are the closest articles I have been able to find: Knock-based commands for your Linux laptop Shake Well Before Use: Authentication Based on Accelerometer Data[PDF] Inferring Identity using Accelerometers in Television Remote Controls User Evaluation of Lightweight User Authentication with a Single Tri-Axis Accelerometer Identifying Users of Portable Devices from Gait Pattern with Accelerometers[PDF] 3D Signature Biometrics Using Curvature Moments[PDF] MoViSign: A novel authentication mechanism using mobile virtual signatures

Read the article
IIS 6 Windows Authentication in ASP.Net app fails

- by Kjensen

I am trying to install an ASP.Net app on an IIS6 webserver. The site requires the user to authenticate with windows, and this works on several other apps on the same server. In IIS I have enabled anonymous access and windows authentication. In web.config, authentication is set to: <authentication mode="Windows"/> and authorization...: <authorization> <allow roles="Users"/> <deny users="*"/> </authorization> Ie. allow all users in role "Users" and deny everybody else. This is the approach that is working with several other apps on the same server. If I run the site, I am prompted for username and password. If I remove the line: <deny users="*"/> I can access the site and everything works - but the user credentials are not passed to the site (Page.User.Identity.Name returns a blank string in ASP.Net). The site has identical (inherited) file permissions as other working sites on the server. The only difference in authentication/authorization between this site and the other working sites is, that this runs Asp.Net 4 (but there are other working asp.net 4 sites on the server as well). What am I missing here? Where should I look?

Read the article
Laptop authentication/logon via accelometer tilt, flip, and twist

- by wonsungi

Looking for another application/technology: A number of years ago, I read about a novel way to authenticate and log on to a laptop. The user simply had to hold the laptop in the air and execute a simple series of tilts and flips to the laptop. By logging accelerometer data, this creates a unique signature for the user. Even if an attacker watched and repeated the exact same motions, the attacker could not replicate the user's movements closely enough. I am looking for information about this technology again, but I can't find anything. It may have been an actual feature on a laptop, or it may have just been a research project. I think I read about it in a magazine like Wired. Does anyone have more information about authentication via unique accelerometer signatures? Here are the closest articles I have been able to find: Knock-based commands for your Linux laptop Shake Well Before Use: Authentication Based on Accelerometer Data[PDF] Inferring Identity using Accelerometers in Television Remote Controls User Evaluation of Lightweight User Authentication with a Single Tri-Axis Accelerometer Identifying Users of Portable Devices from Gait Pattern with Accelerometers[PDF] 3D Signature Biometrics Using Curvature Moments[PDF] MoViSign: A novel authentication mechanism using mobile virtual signatures

Read the article
how to make Facebook FBML code - Valid

- by Athul

Facebook FBML codes shows invalid The code i need is a Facebook Fan Box widget. Make a code for a sample for facebook fan widget having Stream and Fans Please test the code with http://validator.w3.org/check & share with me You may find that every FBML code is INVALID

Read the article
How can Facebook's session get mixed up because of NAT and/or Proxy

- by Alex

Have received some reports from a customer (a very large company) they reported issues from clients who are using Facebook. These clients claim that once in a while when they log in to Facebook they end up in someone else's session. I know that network is NATed then Proxied before getting to Facebook.com. Although I'm not able to explain how this issue can occur. Is it possible that the Proxy is not sending the right session back to the clients? How can they end up with someone else's session since Facebook is cookie based session?? Anyone seen this before?

Read the article
Blocking facebook's Like button in firefox

- by Quiark

Many sites today use widgets from facebook such as the Like button, list of friends who are fans of that site and so on. While it may be a nice feature, I perceive it to be a serious privacy intrusion, because facebook most likely stores information about which sites you visit. I also heard that when you are not logged into facebook, it still tracks the sites you visit (probably with a cookie) and once you log in attaches the data to your real account. For now, I want to keep using facebook, but I would like to block just these widgets so it can't track me. Is there any Firefox extension which could do that?

Read the article
Facebook, Twitter, Yahoo doesn't work

- by Toktik

Some sites doesn't work normally, they are open, without css, images and javascript errors... Facebook stucks on static.ak.fbcdn.net Twitter stucks on a1.twimg.com Yahoo stucks on l.yimg.com On firefox I'm receiving Waiting for ...(any of those). I can access facebook only with SSL. Like https://facebook.com I ping them, only receive request timed out.

Read the article
Any script to replace Facebook "fake" links? (Facebook apps requiring installation before viewing content)

- by Nicolas Raoul

In Facebook, some links to articles or videos appear to be genuine links, but in fact there are leading to some "content viewing" Facebook apps, like "Dailymotion", "The Guardian", or "Yahoo!". Those apps usually require access to my email address, basic info, birthday, location, plus right to post on my behalf. Some even say in small letters "To use this app, you will be upgraded to Facebook Timeline": Workaround: Copy the name of the article/video Paste it into Google within quotes First result is the original unencumbered content. I don't want to install Facebook spyapps that provide zero value, so I do this every time. QUESTION:Is there a Greasemonkey script or similar, that would perform these 3 steps for me? I am using Chrome on Linux. I hesitated to post this question on WebApps, but over there they are clear that such questions should be posted on SuperUser.

Read the article
How can I uninstall Facebook Messenger for Firefox?

- by BennyMcBenBen

I have Firefox beta installed and when I visited Facebook the other day I turned on Messenger for Firefox. I tried it and I think I'll pass. However, I do not see any way to uninstall it. I skimmed through Firefox Options and returned to the Facebook "Turn On" page, but I do not see a Turn Off button anywhere. I can't even hide the Facebook buttons added to my navigation toolbar by dragging them into the Customize Toolbar window. The Mozilla article announcing the Social API claims "It’s just as easy to remove", but offers no instructions on how to do so. How can I turn off or uninstall Facebook Messenger for Firefox?

Read the article
Facebook to iPhone sync only

- by pmac72

Is there a simple way to sync your Facebook contacts to your iPhone and only that direction? The Facebook app syncs both ways and there are contacts on my phone that I do not want on Facebook. At least that is how I interpret their warning when you turn sync on.

Read the article
How to read the birthday_date from the Facebook API

- by Steve

I have been chasing my tail on this! And it should be so simple!! I have an app in FaceBook that is working fine. However, I need to get the user's birth date. I have successfully got the request for extended permissions, but cannot get the birthday_date out and into a variable/store in database. <?php require_once('facebook.php'); $facebook = new Facebook(array( 'appId' => 'xxxxx', 'secret' => 'yyyyyyy', 'cookie' => true )); if ($facebook->getSession()) { $uid = $facebook->getUser(); $fbme = $facebook->api('/me'); } else { $params = array( 'fbconnect'=>0, 'canvas'=>1, 'req_perms'=>'publish_stream','email','user_location','user_birthday' ); $loginUrl = $facebook->getLoginUrl($params); print "<script type='text/javascript'>top.location.href = '$loginUrl';</script>"; } $session = $facebook->getSession(); $token = $session['access_token']; I would be very grateful if someone could show me the PHP code that reads the extended permissions and places the results into variables. Thanks Steve

Read the article
Facebook dialog appears but always says "An error has occurred"

- by Conor James

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml"> ... <head> ... <script src="http://connect.facebook.net/en_US/all.js#xfbml=1"></script> </head> <body> <div id="fb-root"></div> <fb:like id="fb-like" href="http://www.example.com" layout="button_count" show_faces="false" width="100"></fb:like> ... myscript.js: FB.ui( { method: 'stream.publish', message: 'getting educated about Facebook Connect', attachment: { name: 'Connect', caption: 'The Facebook Connect JavaScript SDK', description: ( 'A small JavaScript library that allows you to harness ' + 'the power of Facebook, bringing the user\'s identity, ' + 'social graph and distribution power to your site.' ), href: 'http://github.com/facebook/connect-js' }, action_links: [ { text: 'Code', href: 'http://github.com/facebook/connect-js' } ], user_message_prompt: 'Share your thoughts about Connect' }, function(response) { if (response && response.post_id) { alert('Post was published.'); } else { alert('Post was not published.'); } } ); I have Facebook like button on my page which works fine. But when I call the FB.ui method above from my JavaScript source, the Facebook dialog pops up but displays this error message: **An error occurred. Please try again later.** This has happened repeatedly for two days since I started trying to implement it. Not a very helpful error message. Any idea what might cause it or how to narrow down the problem?

Read the article
IIS7 authentication

- by Kev

To give our user's the ability to protect content on their IIS6 sites we used a tool called IISPassword which emulates .htaccess to provide Basic authentication. There isn't support for IISPassword on IIS7 at the moment. Is there an equivalent mechanism I can use built into IIS7 instead? I'm well aware of ASP.NET Forms Authentication, but I need a way for users deploying non-ASP.NET content (such as PHP, Perl, images etc) to be able to use Basic authentication but not have to write code to achieve this. Is this possible?

Read the article
Windows Server 2008, IIS7 and Windows Authentication

- by Chalkey

We currently have a development server set up which we are trying to test some Windows authentication ASP.NET code on. We have turned on Windows Authentication in IIS7 on Windows Server 2008 R2 fine, and it asks the user for a username and password as excepted, but the problem is it doesn't appear to accept any credentials. This code for example... Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load Page.Title = "Home page for " + User.Identity.Name End Sub ...always returns an empty string. One theory we have is that we dont have Active Directory installed as of yet, we are just testing this by logging on via the machine name not a domain. Is this type of authentication only applicatable to domains (if so we can probably install Active Directory and some test accounts) - or is it possible to get the user identity when logging in using the machine name? Ideally we would like to be able to test this on our local machines (Windows 7 Pro) using our own accounts (again these aren't on a domain) and IIS but this has the same issue as our dev server. Thanks,

Read the article
MOSS 2007 authentication

- by Dante

Hi, I have a MOSS web site configured with Windows Integrated Authentication. I added a couple of local users in the server, added them to Sharepoint groups, and I can log into my site (as long as the local user is part of the administrators group... odd). If I add a domain user to the Owners group, I can't access the site with it. Anybody knows what must be done to open access to domain users in a site configured with Windows Authentication or Basic Authentication? Thanks in advance

Read the article
External USB Fingerprint Reader for Pre-boot Authentication for Dell Laptop

- by cop1152

My company just purchased several Dell Latitude E6500 laptops with docking stations and external monitors. These laptops have a fingerprint scanner located next to the keyboard. DOCKED users who prefer to use the included fingerprint scanner for pre-boot authentication are forced to open their laptop in order to access the scanner. This is an inconvenience when the laptop is docked. We are looking for an external, usb fingerprint scanner, that will work with the current preboot authentication setup. I assume that this scanner would have to access the existing credentials for authentication....wherever they are stored. So we would require something that would work PRE-BOOT, use the existing credentials, and not interfere with usage when the machine was not docked, such as when the laptop is being used at home. Does anyone have experience with this scenario? Thanks.

Read the article
IIS: redirect to a webpage if authentication fails

- by DrStalker

We have an IIS site (MOSS 2007) that uses Windows Authentication. When a user that has forgotten their password tries to login the servers keeps sending 401 requests. This means on IE the user gets three prompts before IE displays a blank page, on Firefox the user is prompted over and over until they give up. We would like to change the behavior so if a user fails to login three times in a row we send them a redirect to a different site, instead of another 401 Forms authentication is not an option; the site has to remain on windows authentication to allow for SSO capabilities and certain sharepoint functions. Is there any way to tweak the IIS behavior to do this?

Read the article
Cannot connect to a VPN server - authentication failed with error code 691

- by stacker

When trying to connect to a VPN server, I get the 691 error code on the client, which say: Error Description: 691: The remote connection was denied because the user name and password combination you provided is not recognized, or the selected authentication protocol is not permitted on the remote access server. Now, I validated that the username and password are correct, and tried to login with domain name and without. I also installed a certification to use with the IKEv2 security type. I also validated that the VPN server support security method. But I cannot login. In the server log I get this log: Network Policy Server denied access to a user. The user DomainName\UserName connected from IP address but failed an authentication attempt due to the following reason: The remote connection was denied because the user name and password combination you provided is not recognized, or the selected authentication protocol is not permitted on the remote access server. Any idea of what can I do? Thanks in advance!

Read the article
AD Authentication fails in local machine but works from Production server

- by jesu

Hi i am using a AD authentication and facing 2 problems. Authentication works fine when i move the application to a production server but FAILS in my LOCAL machine. Both local machine and server are in same domain and used same domain account logging in. When the machine logs in the users with domain account , AD authentication from the application says that the account is not valid. Please suggest me , if you can find out the problem and ways to recover. thanks in advance! Regards jesu

Read the article
Improving Windows Authentication performance on IIS

- by flalar

We're struggling with performance issues with a ASP.NET MVC site that is using Windows Authentication. Response time is very slow on the first request to the site when the user is being authenticated. Further, every time the Authorization header is sent from the browser the response time increases with many seconds. The same issue occurs for both executed files and static content like CSS and JS. Access to the application is restricted to users within a certain role and we are now planning to allow access to static files for all authenticated users to see if that helps. The authentication method in use is NTLM. How should we go forward in pinpointing why authentication decreases performance drastically?

Read the article
How to stop LDAP authentication in ubuntu?

- by Kery

My OS is Ubuntu 12.04 and use LDAP authentication. Now I meet a problem that another people want to access my system. But he is in another domain so he can't login. And I have no right to change this configuration in LDAP server. So I have to choose a workaround to solve this problem, for example close the LDAP authentication and use local authentication (I have root right in my system) or create another account which is not registered in LDAP server (I did this but can't change the created account password. The error is 'password reset by root is not supported'). Of course any other suggestion is appreciated! Than you in advance!

Read the article

< Previous Page | 21 22 23 24 25 26 27 28 29 30 31 32 | Next Page >