Search Results

Search found 6090 results on 244 pages for 'digest authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 27/244 | < Previous Page | 23 24 25 26 27 28 29 30 31 32 33 34  | Next Page >

  • Empathy "Authentication failed" when connecting to Freenode

    - by mac9416
    I have set up an IRC account in Empathy - the default server is, of course, Freenode. Empathy tries to connect and after a few moments reports, "Authentication failed". I have tried with and without a password (My nickname is registered with Freenode.). What could I possibly be doing wrong? Update: I was able to connect when on another network. Could the problem be with my Verizon Mobile Broadband?

    Read the article

  • How to make ASP.NET authentication persist the Url Fragment when redirecting to the login page?

    - by estourodepilha.com
    After I inserted the configuration below in my Web.Config <authentication mode="Forms"> <forms name="appNameAuth" path="/" loginUrl="login.aspx" protection="All" timeout="30"> <credentials passwordFormat="Clear"> <user name="user" password="password" /> </credentials> </forms> </authentication> <authorization> <deny users="?" /> </authorization> All requests to Menu.aspx#fragment are redirected to login.aspx?ReturnUrl=/Menu.aspx and I expected it to be redirected to login.aspx?ReturnUrl=/Menu.aspx#fragment How to achieve the desired behavior?

    Read the article

  • How to build an easy Rails authentication with OpenID and OAuth1.0a-2.0?

    - by Andrei
    Hi, I'am looking for an easy authentication for my users mostly via facebook, but keeping OpenID and other OAuth alternatives as well. For the case if something will go very bad, I will ask my users to optionally provide their email address, which should be obtained via OpenID or OAuth if possible. The same thing is about their name. I am a newbie in Rails, so I started with Railscasts.com #160 (authlogic) and #170 (authlogic and OpenID), however, I had some problems trying to sign in with my Google Account. As I understand, it will take some effort to adjust #170 for my objectives. On the other hand, there is gem authlogic_rpx which will possibly provide me the needed functionality (see http://rails-authlogic-rpx-sample.heroku.com/signin). What would you do? Is it reasonable to put one more step (RPX) in the authentication logic?

    Read the article

  • ASP.NET MVC User authentication - why it should be so sophisticated?

    - by Serge
    Hello guys, I'm trying to use ASP.NET MVC to my new project and have been expected that the user authentication should be rather simple there. My goal is to have a separate user database table in my main database. I thought that the SqlTableProfileProvider should be the solution. So I added the corresponding table into my database and changed the web.config file. But it seems no matter what I change there, my web application still using the default authentication (via ASPNETDB.mdf file). What could be the problem? (my web.config file beginning is:)

    Read the article

  • What is wrong with my Basic Authentication in FireFox?

    - by Pure.Krome
    Hi folks, i'm trying to goto the following url :- http://user1:pass1@localhost:1234/api/users?format=xml nothing to complex. Notice how i've got the username/password in the url? this, i believe, is for basic authentication. When i do that, the Request Headers are MISSING the 'Authorize' header. Er... that's not right :( I have anonymous authentication only setup on the site. I don't want to have anon off and basic turned on .. because not all of the site requires basic.. only a few action methods. So .. why is this not working? Is this something to do with the fact my code is not sending a 401 challenge or some crap? For What It's Worth, my site is ASP.NET MVC1 running on IIS7 (and the same thing happens when i run it on cassini).

    Read the article

  • How to wrap Plone authentication around a third-party servlet?

    - by smocking
    We're using Plone to serve up some third-party middle-ware. Unfortunately the middle-ware has a particular servlet that gets invoked from a Java applet and doesn't do any kind of authentication. I would like to firewall this off and somehow wrap authentication around it, preferably using the existing session that users will have on Plone. My first idea was to configure nginx (which we're using as the reverse proxy) to check the cookie and only proxy if the user has a valid session (along the lines of this example). However, how to check the session ID against Plone, since it's all stored in the Zope database? Alternatively we could have a Plone python script that basically passes everything along to the back-end after authenticating, but I'm not sure how to do that. Any suggestions? Or alternative ideas?

    Read the article

  • How practical to change MVC app from traditional authentication to cookieless?

    - by Phil.Wheeler
    I have an application written in MVC that uses your regular .Net Forms Authentication. There's nothing particularly new or exciting going on with it. My client has now asked that users be able to log in to the app on the same machine but in different browsers, or different tabs within the same browser. To my mind, he's asking for a scope change to have authentication moved to cookieless instead of its current design. Not having had any experience with doing this in MVC, I'm curious to know before I get started how much hurt I'm in for by trying this. Are there better ways to do it? What should I consider? Any advice appreciated.

    Read the article

  • Accessing a webpage folder with .htaccess in it via apache webdav?

    - by pingo
    I have setup webdav access in order to enable an external user to upload the content of his web page to his folder on my server that is served by apache to the web. This way he could update his web page via webdav. Now the problem is that the user requires a .htaccess file and of course .htaccess breaks webdav probably because it overrides settings. (new files cannot be uploaded anymore via webdav if below specified .htaccess exists) I am running Apache2.2.17 and this is my webdav config: Alias /folderDAV "d:/wamp/www/somewebsite/" <Location /folderDAV> Order Allow,Deny Allow from all Dav On AuthType Digest AuthName DAV-upload AuthUserFile "D:/wamp/passtore/user.passwd" AuthDigestProvider file require valid-user </Location> This config is part of my naive solution to fixing this problem. The idea was to specify an alias to the web page folder where webdav would be enabled and then set AllowOverride to none so that the .htaccess would have no effect. Of course I then found out that in <Location /> AllowOverride directive is not valid. The .htaccess file looks like this: #opencart settings Options +FollowSymlinks Options -Indexes <FilesMatch "\.(tpl|ini)"> Order deny,allow Deny from all </FilesMatch> RewriteEngine On RewriteBase / RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)\?*$ index.php?_route_=$1 [L,QSA] ErrorDocument 403 /403.html deny from 1.1.1.1/19 allow from 2.2.2.2 What would be the solution here? I would like to have the web page accessible from the web but at the same time be able to access and modify it via apache's webdav (with digest auth). How would I do that? Also if possible I would like a solution that permits the existence of the .htaccess so that the user still has the power to setup access rules for his web page.

    Read the article

  • How to handle User Authentication for program in client’s local machine?

    - by Daniel
    Which user authentication scheme could be used at following scenario? 1.Application A developed by my company is installed at user's local computer. 2.Users login at my company's website. 3.If login is successful, access to the application A in user's local machine is granted. The development environment is .NET. Is there a secure way to authenticate the user to access the application? I've thought about encrypting the login information entered at the website, and then sending that information to the program at user's local machine for authentication. but I think as long as the client program has the decrypting ability, it is vulnerabe to decompiling,etc. Thanks in advance!

    Read the article

  • Which SharePoint Authentication Mode Should I be using for this scenario?

    - by Dynamic
    I currently have a sharepoint 2010 site for which NTLM windows authentication has been enabled (by default it is against Active Directory I believe). I'd need to change this so that I have 1 custom login page which accepts username/password/domain and validates those information against the active directory, then if that was valid, I'll write logic to logon to another webservice which is located on another server and returns me a unique sessionId that I can store (as a cookie) for further use. Please could you advise which authentication mode I can use to create this custom login page? should that be FBA against AD? not sure how that works. Thanks in advance.

    Read the article

  • Weird IIS with Windows Authentication + IE problem

    - by Paulius Maruška
    Hello. I have a website running on IIS and using Windows Authentication. All users that are configured to get access to the site are form a AD domain (not local users). In the properties of a Website, I have set to use the AD domain as the realm. Now, when using Firefox, Safari or Chrome - Everything is fine. When the user tries to open the site, he get's the login box. he enters simply "username" and "password" (let's pretend that it's an actual login and password :P) and he get's into the site. When using IE, however, things get nasty. When the user tries to open the site - he get's the login box. User enters the "username" and "password" again, but those get rejected! And when the second time login box pops up - it has the username filled in as "web-server-domain-name\username" which is wrong, because web-server-domain-name is not the domain where all users reside (it's "ad-domain"). I've spent days trying to figure out what's going on... Note, that if I manually enter "ad-domain\username" - I get accepted into the site without problems. So, my guess is that IE sends wrong username if domain is not specified. Anyway, IE is the only browser that triggers this behavior! Is it possible to do a server-side fix? Maybe it's possible to somehow auto-map the users to AD users? If it's not solvable server-side - is there a client-side fix for this? Thank you. PS: I'm more of a programmer than a sys-admin, so configuring servers isn't the strong side of mine... :P UPDATE: @Evan: Yes, "Digest authentication for Windows domain servers" is also enabled. @Eric: IIS version is 6.0. The authentication methods enabled are: Integrated and digest - all other methods are disabled. As for the security log. I looked at it, when doing "username" and "password" login in Chrome/Firefox and when doing "ad-domain\username" and "password" login from IE - the generated log messages are the same (I see no difference, anyway). When entering "username" and "password" I don't see any errors in the security (or any other) log, so can't tell what method it's trying to use. UPDATE 2: As suggested by Eric in the comments - I played around with Fiddler... While playing with it, I noticed, that when "username" and "password" is entered in FF and IE - the "Authorization" header value (encrypted) sent by IE is longer (almost two times) than one sent by FF. I tried to disable Windows Integrated authentication and only leave the Digest enabled - that fixed the problem (meaning, IE used the right realm just like other browsers), but that caused bazillion other problems with my site, because with Digest - user impersonation on the server doesn't work (that causes problems, when connecting to database etc). Any ideas?

    Read the article

  • Weird IIS with Windows Authentication + IE problem

    - by Paulius Maruška
    I have a website running on IIS and using Windows Authentication. All users that are configured to get access to the site are form a AD domain (not local users). In the properties of a Website, I have set to use the AD domain as the realm. Now, when using Firefox, Safari or Chrome - Everything is fine. When the user tries to open the site, he get's the login box. he enters simply "username" and "password" (let's pretend that it's an actual login and password :P) and he get's into the site. When using IE, however, things get nasty. When the user tries to open the site - he get's the login box. User enters the "username" and "password" again, but those get rejected! And when the second time login box pops up - it has the username filled in as "web-server-domain-name\username" which is wrong, because web-server-domain-name is not the domain where all users reside (it's "ad-domain"). I've spent days trying to figure out what's going on... Note, that if I manually enter "ad-domain\username" - I get accepted into the site without problems. So, my guess is that IE sends wrong username if domain is not specified. Anyway, IE is the only browser that triggers this behavior! Is it possible to do a server-side fix? Maybe it's possible to somehow auto-map the users to AD users? If it's not solvable server-side - is there a client-side fix for this? Thank you. PS: I'm more of a programmer than a sys-admin, so configuring servers isn't the strong side of mine... :P UPDATE: @Evan: Yes, "Digest authentication for Windows domain servers" is also enabled. @Eric: IIS version is 6.0. The authentication methods enabled are: Integrated and digest - all other methods are disabled. As for the security log. I looked at it, when doing "username" and "password" login in Chrome/Firefox and when doing "ad-domain\username" and "password" login from IE - the generated log messages are the same (I see no difference, anyway). When entering "username" and "password" I don't see any errors in the security (or any other) log, so can't tell what method it's trying to use. UPDATE 2: As suggested by Eric in the comments - I played around with Fiddler... While playing with it, I noticed, that when "username" and "password" is entered in FF and IE - the "Authorization" header value (encrypted) sent by IE is longer (almost two times) than one sent by FF. I tried to disable Windows Integrated authentication and only leave the Digest enabled - that fixed the problem (meaning, IE used the right realm just like other browsers), but that caused bazillion other problems with my site, because with Digest - user impersonation on the server doesn't work (that causes problems, when connecting to database etc). Any ideas?

    Read the article

  • How can I secure an installation of MediaWiki?

    - by Thomas Owens
    I want to run an installation of MediaWiki as a Internet-accessible personal wiki, running on wiki.mysite.com. However, I want to ensure that I am the only one who can read and write to this wiki. In the future, I may explicitly give other people read and/or read/write access, so the method of securing the wiki should account for that as well. I see two options: I can use some MediaWiki plugin or I can secure the subdomain with HTTP authentication. However, I'm not sure what the advantages and disadvantages of either are in the long run. Suggestions or advice as to what plugins or authentication methods might be most reliable?

    Read the article

  • Apache configuration to make NTLM authentication work through a Proxy

    - by Nick Pierpoint
    I'm running an application server behind an Apache proxy with the following sort of thing in my Apache config: ProxyPass /app http://myapplication:8080/myapp ProxyPassReverse /app http://myapplication:8080/myapp When I switch on NTLM authentication (using mod_ntlm) the authentication fails (it works fine when bypassing the proxy). A quick search reveals lots of issues when running NTLM behind a proxy due to the connection-specific NTLM specification. Does anyone have a working Apache configuration that allows NTLM authentication through a proxy? Thanks for any help.

    Read the article

  • Sql 2000 Connect From Domain PC to WorkGroup PC using Windows Authentication

    - by bb
    Sql 2000 - I am trying to connect from a PC w/ client tools that is on a domain, to a Sql Server 2000 box that is NOT on the domain using Windows Authentication. I thought I had done this in the past this by creating an account on the non domain PC with the same username/pwd I am logged in on the domain PC, but that doesn't seem to be working. I am specifically looking at using Windows Authentication, I know Sql Authentication works. Any ideas?

    Read the article

  • Enabling publickey authentication for server's sshd

    - by aaron
    I have two servers running RHEL 5. Both have nearly identical configurations. I have set up RSA Publickey authetication on both, and one works but the other does not: [my_user@client] $ ssh my_user@server1 --- server1 MOTD Banner --- [my_user@server1] $ and on the other server: [my_user@client] $ ssh my_user@server2 my_user@server2's password: --- server2 MOTD Banner --- [my_user@server2] $ server2's /etc/ssh/sshd_config file snippet: RSAAuthentication yes PubkeyAuthentication yes AuthorizedKeysFile .ssh/authorized_keys When I run ssh -vvv I get the following snippet: debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug3: Next authentication method: publickey debug1: Offering public key: /home/my_user/.ssh/id_rsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: Authentication that can continue: publickey,gssapi-with-mic,passowrd debug1: Offering public key: /home/my_user/.ssh/id_dsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: Authentication that can continue: publickey,gssapi-with-mic,passowrd debug3: authmethod_lookup password debug3: remaining preferred: ,password debug3: authmethod_is_enabled password debug1: Next authentication method: password my_user@server2's password:

    Read the article

  • Linux - How to control Winbind Authentication cache timeout

    - by cybervedaa
    I have configured my linux machines (running CentOS 5.2) to authenticate against a Windows server running Active Directory. I have even enabled winbind offline logon. Everything works as expected, however I'm also looking to impose a TTL for the winbind authentication cache. So far all I found was the below snippet from the samba documentation winbind cache time (G) This parameter specifies the number of seconds the winbindd(8) daemon will cache user and group information before querying a Windows NT server again. **This does not apply to authentication requests**, these are always evaluated in real time unless the winbind offline logon option has been enabled. Default: winbind cache time = 300 Clearly the winbind cache time parameter does not control the cache TTL for authentication requests. Is there any other way I can implement a cache timeout for winbind authentication requests? Thank you

    Read the article

  • Change authentication wifi WPA to WEP on Windows 8

    - by Kites
    I use netsh wlan set hostednetwork mode=allow ssid=Kites key=phambaoViet netsh wlan start hostednetwork To share WiFi from LAN network on laptop (Windows 8) to my other device. When I show information netsh wlan show hostednetwork the supported authentication is WPA. My device support authentication WEP only. How can I change the authentication to WEP? Infomation: Interface name: Wi-Fi Driver : Qualcomm Atheros AR9002WB-1NG Wireless Network A dapter Vendor : Qualcomm Atheros Communications Inc. Provider : Microsoft Date : 03/07/2012 Version : 3.0.0.130 INF file : C:\Windows\INF\netathrx.inf Files : 2 total C:\Windows\system32\DRIVERS\athrx.sys C:\Windows\system32\drivers\vwifibus.sys Type : Native Wi-Fi Driver Radio types supported : 802.11b 802.11g 802.11n FIPS 140-2 mode supported : Yes 802.11w Management Frame Protection supported : Yes Hosted network supported : Yes Authentication and cipher supported in infrastructure mode: Open None Open WEP-40bit Open WEP-104bit Open WEP WPA-Enterprise TKIP WPA-Personal TKIP WPA2-Enterprise TKIP WPA2-Personal TKIP Vendor defined TKIP WPA2-Enterprise Vendor defined Vendor defined Vendor defined WPA-Enterprise CCMP WPA-Personal CCMP WPA2-Enterprise CCMP Vendor defined CCMP WPA2-Enterprise Vendor defined Vendor defined Vendor defined WPA2-Personal CCMP Vendor defined Vendor defined Authentication and cipher supported in ad-hoc mode: Open None Open WEP-40bit Open WEP-104bit Open WEP WPA2-Personal CCMP Vendor defined Vendor defined

    Read the article

  • Can't connect to a remote server with Nautilus and a private key

    - by Desmond Hume
    The remote server requires a private key and passphrase for authentication. I tried putting username@server in the "Server" field and leaving "User name" and "Password" fields blank, putting the passphrase in the "Password" field, but it still says "Permission denied" and it doesn't ask for the private key at any point. I also tried ssh-add path/to/privatekey, but it says "Could not open a connection to your authentication agent.", however I'm not sure if ssh-add is even relevant. I can ssh into the server from the terminal just fine with the key/passphrase.

    Read the article

  • Why does Google report a soft 404 when I redirect to the signup page?

    - by Hettomei
    In the last month, I've got an increased number of "soft 404" errors reported by Google webmaster tools which actually work well for users. Configuration (maybe useless): I have a website built with rails 3.1 Authentication is handled by the gem Devise Problem: On this page http://en.bemyboat.com/yacht-charter/9965-sailboat-beneteau-oceanis-43 Click on "Ask a Boat request" (a simple form, in GET to: http://en.bemyboat.com/boat_requests/new/9965) You are redirected with the HTTP status 302 to sign in You are then sent back to the new page if successfully sign in. Google tells me that the link on "ask a boat request" returns a soft 404. I can't make this form in "POST" (which will solve the problem) because we need to automatically redirect users back to the page after sign in. (the Gem Devise memorizes the "get" link.) To simplify, the question is: How to protect a private page with authentication, reached with a simple "GET" and not to be penalized by Google as a "soft 404".

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 23 24 25 26 27 28 29 30 31 32 33 34  | Next Page >