Search Results

Search found 799 results on 32 pages for 'authlogic oauth'.

Page 28/32 | < Previous Page | 24 25 26 27 28 29 30 31 32  | Next Page >

  • rails separate login for an api

    - by Squadrons
    I have a very simple api that is part of a rails app that requires logging in. I just need a way to make the api part accessible with a simple form that allows the user to enter parameters like a key (just a simple one stored in the DB, no OAuth or anything), a userId to find and return a user via json, and maybe some other parameters like asking for their schedule. How can I keep this seperate from the rest of the app, making it a public facing form that will grant access only to the api? Thanks.

    Read the article

  • Creating folders and uploading a file without using a web browser

    - by Ashpak
    I am using the Java Api We have a web application wherein we want our file to be uploaded on an on_click even on some submit button. We don't want the browser to prompt us to enter the username and password to get the access token. Instead, we can provide the username and the password through the code so that we get the access token and the file will be uploaded directly. Right now, OAuth 2 requires that we enter the username and password to be entered through the browser. Reading through the post, I see that we can authenticate for the first time, obtain a refresh token and then keep on refreshing that token periodically. But our application requirements does not allow for this work-flow. Is there any way to automate the process of entering the user credentials using Java code. or Is there any library that will keep the browser away from the process.

    Read the article

  • Where are the factory_girl records?

    - by gmile
    I'm trying to perform an integration test via Watir and RSpec. So, I created a test file within /integration and wrote a test, which adds a test user into a base via factory_girl. The problem is — I can't actually perform a login with my test user. The test I wrote looks as following: ... before(:each) @user = Factory(:user) @browser = FireWatir::Firefox.new end it "should login" @browser.text_field(:id, "username").set(@user.username) @browser.text_field(:id, "password").set(@user.password) @browser.button(:id, "get_in").click end ... As I'm starting the test and see a "performance" in browser, it always fires up a Username is not valid error. I've started an investigation, and did a small trick. First of all I've started to have doubts if the factory actually creates the user in DB. So after the immediate call to factory I've put some puts User.find stuff only to discover that the user is actually in DB. Ok, but as user still couldn't have logged in I've decided to see if he's present in DB with my own eyes. I've added a sleep right after a factory call, and went to see what's in the DB at the moment. I was crushed to see that the user is actually missing there! How come? Still, when I'm trying to output a user within the code, he is actually being fetched from somewhere. So where does the records, made by factory_girl within a runtime lie? Is it test or dev DB? I don't get it. I've 10 times checked if I'm running my Mongrel in test mode (does it matter? I think it does, as I'm trying to tun an integration test) and if my database.yml holds the correct connection specific data. I'm using an authlogic, if that can give any clue (no, putting activate_authlogic doesn't work here).

    Read the article

  • Server http://www.myopenid.com/server responds that the 'check_authentication' call is not valid

    - by viatropos
    I've been struggling with this for a few days now, haven't pinpointed the problem. I am trying to get OpenID to work in Rails 2.3 and Rails 3, using ruby-openid rack-openid open_id_authentication I am logging in using my viatropos.myopenid.com account, but it consistently returns this error: Server http://www.myopenid.com/server responds that the 'check_authentication' call is not valid What could that be from, it's not a very descriptive error... Does it have to do with something ruby-specific, or is this entirely on the OpenID protocol side of things? More specifically, I am using Authlogic and ActiveRecord, so could this be a problem with my User or UserSession models somehow? Or is it more to do with the header or request? In ruby response I'm getting (from puts inside ruby-openid) is: #<OpenID::Consumer::FailureResponse:0x25e282c @reference=nil, @endpoint=#<OpenID::OpenIDServiceEndpoint:0x2601984 @local_id="http://viatropos.myopenid.com/", @display_identifier=nil, @type_uris=["http://specs.openid.net/auth/2.0/signon", "http://openid.net/sreg/1.0", "http://openid.net/extensions/sreg/1.1", "http://schemas.openid.net/pape/policies/2007/06/phishing-resistant", "http://openid.net/srv/ax/1.0"], @used_yadis=true, @server_url="http://www.myopenid.com/server", @canonical_id=nil, @claimed_id="http://viatropos.myopenid.com/">, @message="Server http://www.myopenid.com/server responds that the 'check_authentication' call is not valid", @contact=nil> Any tips would be greatly appreciated. Thanks

    Read the article

  • rails test.log is always empty

    - by Raiden
    All the log entries generated when running tests with 'rake' are written to my development.log instead of test.log file Do I have to explicitly enable logging for test in enviornments/test.config?? (I'm using 'turn' gem to format test output, Can that cause an issue?) I'm running rails 2.3.5, ruby 1.8.7 I've all these gems installed for RAILS_ENV=test. Any help is appreciated. -[I] less -[I] treetop = 1.4.2 - [I] polyglot = 0.2.5 - [I] mutter = 0.4.2 - [I] mysql - [I] authlogic - [R] activesupport - [I] turn - [I] ansi = 1.1.0 - [I] facets = 2.8.0 - [I] rspec = 1.2.0 - [I] rspec-rails = 1.2.0 - [I] rspec = 1.3.0 - [R] rack = 1.0.0 - [I] webrat = 0.4.3 - [I] nokogiri = 1.2.0 - [R] rack = 1.0 - [I] rack-test = 0.5.3 - [R] rack = 1.0 - [I] cucumber = 0.2.2 - [I] term-ansicolor = 1.0.4 - [I] treetop = 1.4.2 - [I] polyglot = 0.2.5 - [I] polyglot = 0.2.9 - [R] builder = 2.1.2 - [I] diff-lcs = 1.1.2 - [R] json_pure = 1.2.0 - [I] cucumber-rails - [I] cucumber = 0.6.2 - [I] term-ansicolor = 1.0.4 - [I] treetop = 1.4.2 - [I] polyglot = 0.2.5 - [I] polyglot = 0.2.9 - [R] builder = 2.1.2 - [I] diff-lcs = 1.1.2 - [R] json_pure = 1.2.0 - [I] database_cleaner = 0.2.3 - [I] launchy - [R] rake = 0.8.1 - [I] configuration = 0.0.5 - [I] faker - [I] populator - [R] flog = 2.1.0 - [R] flay - [I] rcov - [I] reek - [R] ruby_parser ~ 2.0 - [I] ruby2ruby ~ 1.2 - [R] sexp_processor ~ 3.0 - [R] ruby_parser ~ 2.0 - [R] sexp_processor ~ 3.0 - [I] roodi - [R] ruby_parser - [I] gruff - [I] rmagick - [I] ruby-prof - [R] jscruggs-metric_fu = 1.1.5 - [I] factory_girl - [I] notahat-machinist

    Read the article

  • Rails redirections with new users and logins

    - by Kenji Crosland
    So I'm trying to get the user to return to the page they were looking at before they click "log in" This is what I got in my user application controller: def redirect_back_or_default(default) redirect_to(session[:return_to] || default) session[:return_to] = nil end And this is what I have in my sessions controller: def new @user_session = UserSession.new session[:return_to] = request.referer end end def create @user_session = UserSession.new(params[:user_session]) if @user_session.save flash[:notice] = "Login successful!" redirect_back_or_default(home_path) else render :action => :new end end This works fine most of the time but if a user logs in right after they register to the site, they will get redirected to a blank page. I imagine this is the "create" action because it was the last action before going to user sessions new. So I tried this: def new @user_session = UserSession.new unless request.referer == join_path session[:return_to] = request.referer end end And this tries to take me back to the login page after I log in. What I'd really like to do is have the user see their profile when they log in for the very first time. This wouldn't give me a user id and raised a routing error def create @user_session = UserSession.new(params[:user_session]) if @user_session.save flash[:notice] = "Login successful!" redirect_back_or_default(user_path(current_user)) else render :action => :new end end Anybody gone through these redirecting acrobatics before? I can't seem to get it to work. I'm using authlogic if that helps.

    Read the article

  • Examples using Active Directory/LDAP groups for permissions \ roles in Rails App.

    - by Nick Gorbikoff
    Hello. I was wondering how other people implemented this scenario. I have an internal rails app ( inventory management, label printing, shipping,etc). I'm rewriting security on the system, cause the old way got to cumbersome to maintain ( users table, passwords, roles) - I used restful_authentication and roles. It was implemented about 3 years ago. I already implemented AuthLogic with ruby-ldap-net to authenticate users ( actually that was surprisingly easy, compared to how I struggled with other frameworks/languages before). Next step is roles. I already have groups defined in Active Directory - so I don't want to run a separate roles system in my rails app, I just want to reuse Active Directory groups - since that part of the system is already maintained for other purposes ( shared drives, backups, pc access, etc) So I was wondering if others had experience implementing permissions/roles in a rails app based on groups in Active Directory or LDAP. Also the roles requirements are pretty complex. Here is an example: For instance I have users that belong to the supervisors group in AD and to inventory dept, so I was that user to be able to run "advanced" tasks in invetory - adjust qty, run reports, however other "supervisors" from other departmanets, shouldn't be able to do this, also Top Management - should be able to use those reports (regardless weather they belong to the invetory or not), but not Middle Management, unless they are in inventory group. Admins of the system (Domain Admins) should have unrestricted access to the system , except for HR & Finances part unless they are in HR ( like you don't want all system admins (except for one authorized one) to see personal info of other employees). I looked at acl9, cancan, aegis. I was wondering if there are any advantaged/cons to using one versus the other for this particular use of system access based on AD. Suggest other systems if you had good experience. Thank you!!!

    Read the article

  • Can't understand sessions in Rails

    - by ciss
    Hello everyone. Please don't bit my for my misunderstanding. The sessions are very new for me, and i have some problems. Okay i read many information about sessions and especially rails session. But this don't give me right imagine about sessions. Did i understand right, when users send request to server (get) - Server create a new session (and store this some file in hard drive with session id), session id - is a random generated num? so, server create a new session (and store session on drive) after this server send back answer to client and set session_id in cookies? Ok, i debug some params and see some results: debug(session): {:_csrf_token=>"jeONIfNxFmnpDn/xt6I0icNK1m3EB3CzT9KMntNk7KU=", :session_id=>"06c5628155efaa6446582c491499af6d", "flash"=>{}} debug(cookies): {"remember_user_token"=>"1::3GFRFyXb83lffzwPDPQd", "_blog_session"=>"BAh7CDoQX2NzcmZfdG9rZW4iMWplT05JZk54Rm1ucERuL3h0NkkwaWNOSzFtM0VCM0N6VDlLTW50Tms3S1U9Og9zZXNzaW9uX2lkIiUwNmM1NjI4MTU1ZWZhYTY0NDY1ODJjNDkxNDk5YWY2ZCIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoKQHVzZWR7AA==--348c88b594e98f4bf6389d94383134fbe9b03095"} Okay, i know, what _csrf_token helps to prevent csrf. session_id - is id of the session which stored on hard drive (by default) but what is _blog_session in cookies? also, remeber_user_token containes my id (1::*) and what about second part, what is it? Sorry for this stupid questions, i know what i can easy use any nice auth-plugins (authlogic/clearance/devise), but i want to fully understand sessions. Thank you. (also sorry for my english, this is not my native language)

    Read the article

  • What Test Environment Setup do Committers Use in the Ruby Community?

    - by viatropos
    Today I am going to get as far as I can setting up my testing environment and workflow. I'm looking for practical advice on how to setup the test environment from you guys who are very passionate and versed in Ruby Testing. By the end of the day (6am PST?) I would like to be able to: Type one 1-command to run test suites for ANY project I find on Github. Run autotest for ANY Github project so I can fork and make TESTABLE contributions. Build gems from the ground up with Autotest and Shoulda. For one reason or another, I hardly ever run tests for projects I clone from Github. The major reason is because unless they're using RSpec and have a Rake task to run the tests, I don't see the common pattern behind it all. I have built 3 or 4 gems writing tests with RSpec, and while I find the DSL fun, it's less than ideal because it just adds another layer/language of methods I have to learn and remember. So I'm going with Shoulda. But this isn't a question about which testing framework to choose. So the questions are: What is your, the SO reader and Github project committer, test environment setup using autotest so that whenever you git clone a gem, you can run the tests and autotest-develop them if desired? What are the guys who are writing the Paperclip Tests and Authlogic Tests doing? What is their setup? Thanks for the insight. Looking for answers that will make me a more effective tester.

    Read the article

  • What Test Environment Setup do Top Project Committers Use in the Ruby Community?

    - by viatropos
    Today I am going to get as far as I can setting up my testing environment and workflow. I'm looking for practical advice on how to setup the test environment from you guys who are very passionate and versed in Ruby Testing. By the end of the day (6am PST?) I would like to be able to: Type one 1-command to run test suites for ANY project I find on Github. Run autotest for ANY Github project so I can fork and make TESTABLE contributions. Build gems from the ground up with Autotest and Shoulda. For one reason or another, I hardly ever run tests for projects I clone from Github. The major reason is because unless they're using RSpec and have a Rake task to run the tests, I don't see the common pattern behind it all. I have built 3 or 4 gems writing tests with RSpec, and while I find the DSL fun, it's less than ideal because it just adds another layer/language of methods I have to learn and remember. So I'm going with Shoulda. But this isn't a question about which testing framework to choose. So the questions are: What is your, the SO reader and Github project committer, test environment setup using autotest so that whenever you git clone a gem, you can run the tests and autotest-develop them if desired? What are the guys who are writing the Paperclip Tests and Authlogic Tests doing? What is their setup? Thanks for the insight. Looking for answers that will make me a more effective tester.

    Read the article

  • Ruby on Rails login using legacy user database

    - by ricsmania
    Hello, I have a Rails application that connects to a legacy database (Oracle) and displays some information from a particular user. Right now the user is passed as a URL parameter, but this has obvious security issues because users should only be able to see their own data. To solve that, I want to implement a user login, and I did some research and came across 2 components for that, restful_authentication and authlogic. The problem is that I need to use an existing user/password database instead of creating a new one, which is the common way to use those components. The password is encrypted by a custom Oracle package, but let's assume it is stored as plain text to make things simpler. I only need very basic functionality, which is login a user and keep them logged in forever until logout. No changes to the database will be made by this application, so there's no need for sign up, e-mail activation, reset password, etc. Can someone point me in the right direction on how to do that? Is any of those 2 components a good solution? If not, what would be recommended? Thanks!

    Read the article

  • Rails: Duplicate functionality across controllers? A humble plea.

    - by Alex
    So I'm working with authlogic, and I'm trying to duplicate the login functionality to the welcome page, so that you can log in by restful url or by just going to the main page. No, I don't know if we'll keep that feature, but I want to test it out anyway. Here's the error message: RuntimeError in Welcome#index Called id for nil, which would mistakenly be 4 -- if you really wanted the id of nil, use object_id The code is below. Basically, what's happening is the index view (the first code snippet) is sending the information from the form to the create method of user_sessions controller. At this point, in theory, it create should just pick up, but it doesn't. PLEASE help. Please. I've been doing this for about 8 hours. I checked Google. I checked IRC. I checked every book I could find. You don't even have to answer, I can to the grunt work if you just point me in the right direction. <% form_for @user_session, :url => user_sessions_path do |f| %> <%= f.text_field :email %><br /> <%= f.password_field :password %> <%= submit_tag 'Login' %> <% end %> class ApplicationController < ActionController::Base helper :all # include all helpers, all the time protect_from_forgery # See ActionController::RequestForgeryProtection for details # Scrub sensitive parameters from your log # filter_parameter_logging :password helper_method :current_user_session, :current_user before_filter :new_session_object protected def new_session_object unless current_user @user_session = UserSession.new(params[:user_session]) end end private def current_user_session return @current_user_session if defined?(@current_user_session) @current_user_session = UserSession.find end def current_user return @current_user if defined?(@current_user) @current_user = current_user_session && current_user_session.record end end

    Read the article

  • Using MAC Authentication for simple Web API’s consumption

    - by cibrax
    For simple scenarios of Web API consumption where identity delegation is not required, traditional http authentication schemas such as basic, certificates or digest are the most used nowadays. All these schemas rely on sending the caller credentials or some representation of it in every request message as part of the Authorization header, so they are prone to suffer phishing attacks if they are not correctly secured at transport level with https. In addition, most client applications typically authenticate two different things, the caller application and the user consuming the API on behalf of that application. For most cases, the schema is simplified by using a single set of username and password for authenticating both, making necessary to store those credentials temporally somewhere in memory. The true is that you can use two different identities, one for the user running the application, which you might authenticate just once during the first call when the application is initialized, and another identity for the application itself that you use on every call. Some cloud vendors like Windows Azure or Amazon Web Services have adopted an schema to authenticate the caller application based on a Message Authentication Code (MAC) generated with a symmetric algorithm using a key known by the two parties, the caller and the Web API. The caller must include a MAC as part of the Authorization header created from different pieces of information in the request message such as the address, the host, and some other headers. The Web API can authenticate the caller by using the key associated to it and validating the attached MAC in the request message. In that way, no credentials are sent as part of the request message, so there is no way an attacker to intercept the message and get access to those credentials. Anyways, this schema also suffers from some deficiencies that can generate attacks. For example, brute force can be still used to infer the key used for generating the MAC, and impersonate the original caller. This can be mitigated by renewing keys in a relative short period of time. This schema as any other can be complemented with transport security. Eran Rammer, one of the brains behind OAuth, has recently published an specification of a protocol based on MAC for Http authentication called Hawk. The initial version of the spec is available here. A curious fact is that the specification per se does not exist, and the specification itself is the code that Eran initially wrote using node.js. In that implementation, you can associate a key to an user, so once the MAC has been verified on the Web API, the user can be inferred from that key. Also a timestamp is used to avoid replay attacks. As a pet project, I decided to port that code to .NET using ASP.NET Web API, which is available also in github under https://github.com/pcibraro/hawknet Enjoy!.

    Read the article

  • How do I get public feed from facebook without user authentication on a native/Desktop app?

    - by KronoS
    I'm looking to get publicly available facebook feeds (i.e. Google's facebook page/posts). However instead of forcing the user to sign into their own facebook app, I want to be able to access these posts. I've looked into using "App Access Tokens" however since my application is a native/Desktop app (iOS, Android, WP8/Win 8) I'm not able to do this. Is there a way to get publicly accessible feeds from facebook without user authentication? I'm using the Facebook C# SDK to access facebook. Currently I'm doing the following: dynamic tokenInfo = fb.Get( String.Format( "/oauth/access_token?client_id={0}&client_secret={1}&grant_type=client_credentials", FbController.AppId, FbController.AppSecret)); var appAccessToken = (string) tokenInfo.access_token; fb = new FacebookClient(); dynamic response = fb.Get( String.Format( "/google/posts?access_token={0}", appAccessToken)); Problem is that this only works if my application is set to "web" instead of "native/Desktop". I get the following error when running this code and classified app as native/Desktop. (OAuthException - #15) (#15) Requires session when calling from a desktop app

    Read the article

  • Howto use FB Graph to post a message on a feed (wall)

    - by qualbeen
    I have created an app, and now i want to post a message on one of my friends wall with use of the new Graph API. Is this do-able? I am already using oAuth and the Graph-api to get a list of all my friends. The API at http://developers.facebook.com/docs/api tells me to cURL https://graph.facebook.com/[userid]/feed to read the feed, but it also tells me howto post a message: curl -F 'access_token=[...]' -F 'message=Hello, Arjun. I like this new API.' https://graph.facebook.com/arjun/feed Ofcourse this doesn't work! And I can't find out why.. Here are my PHP-code: require_once 'facebook.php'; // PHP-SDK downloaded from http://github.com/facebook/php-sdk $facebook = new Facebook(array(appId=>123, secret=>'secret')); $result = $facebook->api( '/me/feed/', array('access_token' => $this->access_token, 'message' => 'Playing around with FB Graph..') ); This code does not throws any error, and I know my access_token are correct (otherwise i could't run $facebook-api('/me?access_token='.$this-access_token); to get my userobject. Have anyone out there sucsessfully posted a message using Graph-api? Then i need your help! :-)

    Read the article

  • JSON ParserError

    - by ashok
    Unexpected response from the api: (app/a437x7/generate/ff) :: 665: unexpected token at '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8" /> <title>We're sorry, but something went wrong (500)</title> <style type="text/css"> body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; } div.dialog { width: 25em; padding: 0 4em; margin: 4em auto 0 auto; border: 1px solid #ccc; border-right-color: #999; border-bottom-color: #999; } h1 { font-size: 100%; color: #f00; line-height: 1.5em; } </style> </head> <body> <!-- This file lives in public/500.html --> <div class="dialog"> <h1>We're sorry, but something went wrong.</h1> <p>We've been notified about this issue and we'll take a look at it shortly.</p> </div> </body> </html> ' (JSON::ParserError)!No access! Please verify your OAuth access token and secret.

    Read the article

  • Android Studio Could not call IncrementalTask.taskAction() on task ':project:dexDebug'

    - by akenawell85x
    I recently decided to switch from Eclipse to Android Studio. I imported a project I was working on and am now getting this error when I try to run the project. Gradle: Execution failed for task ':project:dexDebug'. > Could not call IncrementalTask.taskAction() on task ':project:dexDebug' I've been cruising this site for 2 days now and trying different suggestions to no avail. I did run gradlew compileDebug --stacktrace and this is what I got: C:\Users\adam\AndroidStudioProjects\projectProject>gradlew compileDebug --stacktrace Relying on packaging to define the extension of the main artifact has been deprecated and is scheduled to be removed in Gradle 2.0 :project:preBuild UP-TO-DATE :project:preDebugBuild UP-TO-DATE :project:preReleaseBuild UP-TO-DATE :project:prepareComAndroidSupportAppcompatV71800Library UP-TO-DATE :project:prepareComGoogleAndroidGmsPlayServices3225Library UP-TO-DATE :project:prepareDebugDependencies :project:compileDebugAidl UP-TO-DATE :project:compileDebugRenderscript UP-TO-DATE :project:generateDebugBuildConfig UP-TO-DATE :project:mergeDebugAssets UP-TO-DATE :project:mergeDebugResources UP-TO-DATE :project:processDebugManifest UP-TO-DATE :project:processDebugResources UP-TO-DATE :project:generateDebugSources UP-TO-DATE :project:compileDebug UP-TO-DATE BUILD SUCCESSFUL Total time: 10.459 secs However I am still getting that error when I try to actually run the project. Here is my build.gradle (i do have a 'libs' folder in my project with all the jars for a google maps/places app): buildscript { repositories { mavenCentral() } dependencies { classpath 'com.android.tools.build:gradle:0.6.+' } } apply plugin: 'android' repositories { mavenCentral() } android { compileSdkVersion 18 buildToolsVersion "18.1.1" defaultConfig { minSdkVersion 8 targetSdkVersion 18 } } dependencies { compile fileTree(dir: 'libs') compile 'com.google.android.gms:play-services:3.2.25' compile 'com.android.support:support-v4:18.0.0' compile 'com.android.support:appcompat-v7:+' } and my settings.gradle: include ':project', ':project:libs:android-support-v4', ':project:libs:google-api-client-1.10.3-beta', ':project:libs:google-api-client-android2-1.10.3-beta', ':project:libs:google-http-client-1.10.3-beta', ':project:libs:google-http-client-android2-1.10.3-beta', ':project:libs:google-oauth-client-1.10.1-beta', ':project:libs:gson-2.1', ':project:libs:guava-11.0.1', ':project:libs:jackson-core-asl-1.9.4', ':project:libs:jsr305-1.3.9', ':project:libs:protobuf-java-2.2.0', ':project:libs:GoogleAdMobAdsSdk-6.4.1' As I said, I've tried pretty much everything I have read on here about this error and am having no luck. Any help would be greatly appreciated.

    Read the article

  • Heroku- Could not find paperclip-3.1.3 in any of the sources

    - by otchkcom
    This morning when I tried to update my website, heroku didn't let me push the app. Here's the message I got. Fetching gem metadata from http://rubygems.org/....... Fetching gem metadata from http://rubygems.org/.. Fetching git://github.com/drhenner/nifty-generators.git Could not find paperclip-3.1.3 in any of the sources ! ! Failed to install gems via Bundler. ! ! Heroku push rejected, failed to compile Ruby/rails app ! [remote rejected] master -> master (pre-receive hook declined) I don't have paperclip- 3.1.3 in my gem file. I'm not sure why it's looking for paperclip 3.1.3 Here's my gem file source 'http://rubygems.org' gem 'rails', '~> 3.2.6' gem 'asset_sync' group :assets do gem 'uglifier', '>= 1.0.3' end gem 'sass-rails', " ~> 3.2.3" gem "activemerchant", '~> 1.17.0' #, :lib => 'active_merchant' gem 'authlogic', "3.0.3" gem 'bluecloth', '~> 2.1.0' gem 'cancan', '~> 1.6.7' gem 'compass', '~> 0.12.rc.0' gem 'compass-rails' gem 'dalli', '~> 1.1.5' gem "friendly_id", "~> 3.3" gem 'haml', ">= 3.0.13"#, ">= 3.0.4"#, "2.2.21"#, gem "jquery-rails" gem 'aws-sdk' group :production do gem 'pg' gem 'thin' end gem 'nested_set', '~> 1.6.3' gem 'nokogiri', '~> 1.5.0' gem 'paperclip', '~> 3.0' gem 'prawn', '~> 0.12.0' gem 'rails3-generators', '~> 0.17.0' gem 'rmagick', :require => 'RMagick' gem 'rake', '~> 0.9.2' gem 'state_machine', '~> 1.1.2' gem 'sunspot_solr' gem 'sunspot_rails', '~> 1.3.0rc' gem 'will_paginate', '~> 3.0.0' gem 'dynamic_form' group :development do gem 'sqlite3' gem "autotest-rails-pure" gem "rails-erd" gem "ruby-debug19" end group :test, :development do gem "rspec-rails", "~> 2.8.0" gem 'capybara', :git => 'git://github.com/jnicklas/capybara.git' gem 'launchy' gem 'database_cleaner' end group :test do gem 'factory_girl', "~> 3.3.0" gem 'factory_girl_rails', "~> 3.3.0" gem 'mocha', '~> 0.10.0', :require => false gem 'rspec-rails-mocha' gem "rspec", "~> 2.8.0" gem "rspec-core", "~> 2.8.0" gem "rspec-expectations", "~> 2.8.0" gem "rspec-mocks", "~> 2.8.0" gem 'email_spec' gem "faker" gem "autotest", '~> 4.4.6' gem "autotest-rails-pure" gem "autotest-growl" gem "ZenTest", '4.6.2' end

    Read the article

  • java RMI newbie-- some basic questions about SSL and auth/.rate limiting an RMI service

    - by Arvind
    I am trying to work to secure a java based RMI service using SSL. I have some basic questions about the capabilities of using SSL. Specifically, from what I understand, the client and server connecting via SSL will need to have appropriate credential certificates in both client and server, for a client to be granted access to the server. Am I correct in my understanding? Also, what I want to know is, can a person who is already using my RMI service and has access to a client machine , make a copy of the certificate in the client machine to other client machines-- and then invoke my RMI service from those other machines as well? How do I prevent such a situation from occurring? I mean, in a REST API you can use OAuth authentication, can we have some kind of authentication in an RMI Service? Also, can I possibly limit usage of the RMI service? For eg, a specific client may be allowed to make only 5000 calls per day to my RMI service, and if he makes more calls the calls occurring after the 5000 calls limit are all denied? How do I do such rate limiting and/or authentication for my RMI Service?

    Read the article

  • Twitter4J throws exception in TwitterFactory

    - by Philipp Andre
    Hello Guys, i'm trying to access twitter via oauth. Therefore, i registered my app, downloaded Twitter4j, added the jars in my Eclipse-Project, and then tried to execute the following code: Twitter twitter = new TwitterFactory().getOAuthAuthorizedInstance("[key]","[secretKey]); RequestToken requestToken = twitter.getOAuthRequestToken(); System.out.println(requestToken.getAuthorizationURL()); But it raises the following exception: [Sat May 29 11:19:11 CEST 2010]Using class twitter4j.internal.logging.StdOutLoggerFactory as logging factory. [Sat May 29 11:19:11 CEST 2010]Use twitter4j.internal.http.alternative.HttpClientImpl as HttpClient implementation. Exception in thread "main" java.lang.AssertionError: java.lang.reflect.InvocationTargetException at twitter4j.internal.http.HttpClientFactory.getInstance(HttpClientFactory.java:71) at twitter4j.internal.http.HttpClientWrapper.<init>(HttpClientWrapper.java:59) at twitter4j.http.OAuthAuthorization.init(OAuthAuthorization.java:83) at twitter4j.http.OAuthAuthorization.<init>(OAuthAuthorization.java:74) at twitter4j.TwitterFactory.getOAuthAuthorizedInstance(TwitterFactory.java:112) at MainProgram.main(MainProgram.java:18) Caused by: java.lang.reflect.InvocationTargetException at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source) at java.lang.reflect.Constructor.newInstance(Unknown Source) at twitter4j.internal.http.HttpClientFactory.getInstance(HttpClientFactory.java:65) ... 5 more Caused by: java.lang.NoClassDefFoundError: org/apache/http/impl/client/DefaultHttpClient at twitter4j.internal.http.alternative.HttpClientImpl.<init>(HttpClientImpl.java:63) ... 10 more I currently can't figure out why ... can you please give me some suggestions? Best regards Philipp

    Read the article

  • python-social-auth AuthCanceled exception

    - by vero4ka
    I'm using python-social-auth in my Django application for authentication via Facebook. But when a user tries to login and when it's been refirected to Facebook app page clicks on "Cancel" button, appears the following exception: ERROR 2014-01-03 15:32:15,308 base :: Internal Server Error: /complete/facebook/ Traceback (most recent call last): File "/home/vera/virtualenv/myapp/local/lib/python2.7/site-packages/django/core/handlers/base.py", line 114, in get_response response = wrapped_callback(request, *callback_args, **callback_kwargs) File "/home/vera/virtualenv/myapp/local/lib/python2.7/site-packages/django/views/decorators/csrf.py", line 57, in wrapped_view return view_func(*args, **kwargs) File "/home/vera/virtualenv/myapp/local/lib/python2.7/site-packages/social/apps/django_app/utils.py", line 45, in wrapper return func(request, backend, *args, **kwargs) File "/home/vera/virtualenv/myapp/local/lib/python2.7/site-packages/social/apps/django_app/views.py", line 21, in complete redirect_name=REDIRECT_FIELD_NAME, *args, **kwargs) File "/home/vera/virtualenv/myapp/local/lib/python2.7/site-packages/social/actions.py", line 54, in do_complete *args, **kwargs) File "/home/vera/virtualenv/myapp/local/lib/python2.7/site-packages/social/strategies/base.py", line 62, in complete return self.backend.auth_complete(*args, **kwargs) File "/home/vera/virtualenv/myapp/local/lib/python2.7/site-packages/social/backends/facebook.py", line 63, in auth_complete self.process_error(self.data) File "/home/vera/virtualenv/myapp/local/lib/python2.7/site-packages/social/backends/facebook.py", line 56, in process_error super(FacebookOAuth2, self).process_error(data) File "/home/vera/virtualenv/myapp/local/lib/python2.7/site-packages/social/backends/oauth.py", line 312, in process_error raise AuthCanceled(self, data.get('error_description', '')) AuthCanceled: Authentication process canceled Is the any way to catch it Django?

    Read the article

  • secure rest API for running user "apps" in an iframe

    - by Brian Armstrong
    I want to let users create "apps" (like Facebook apps) for my website, and I'm trying to figure out the best way to make it secure. I have a REST api i want to run the user apps in an iframe on my own site (not a safe markup language like FBML) I was first looking at oAuth but this seems overkill for my solution. The "apps" don't need to be run on external sites or in desktop apps or anything. The user would stay on my site at all times but see the user submitted "app" through the iframe. So when I call the app the first time through the iframe, I can pass it some variables so it knows which logged in user is using it on my site. It can then use this user session in it's own API calls to customize the display. If the call is passed in the clear, I don't want someone to be able to intercept the session and impersonate the user. Does anyone know a good way to do this or good write up on it? Thanks!

    Read the article

  • PHP-SDK too many redirects

    - by Roel Veldhuizen
    I'm using the PHP-SDK for Facebook and got the example to work on my localhost. However, when building a script on a server the script stays quite busy with redirecting from my script to facebook and back. (Error: Fout 310 (net::ERR_TOO_MANY_REDIRECTS):) It seems that many more people have got this issue (here, here, here, here). Though, I can't find a clear answer what goes wrong. Redirect to facebook (response 302): https://www.facebook.com/dialog/oauth?client_id=166958180001271&redirect_uri=http%3A%2F%2Fdomain.com%2Fscripts%2FGateway.php%3Faction%3DAllowFacebookAccessAction%26app%3D14&state=0dbc178a375595da4751265a7147c01e#_=_ Redirect to mydomain (response 302): http://domain.com/scripts/Gateway.php?action=AllowFacebookAccessAction&app=14&state=0dbc178a375595da4751265a7147c01e&code=AQD-dTeyns0OWpGb_PzfHxUy2iRmpc1XgP6Q24DDRX8MiRTE10lV-b-aSNIlOLVHk576vRs3H8Pf9n0kGwU827MrkzUCUoQGFGEQBkkOJnCy9zb6hZs7TVBsKL2iSuZIhDjLsCOPeKy3zfb37Q6LGhtMICCdB_IQAvU0uRvAkSAX8tdVJ65PEv8imx-2yvLaMoGJleZwKogh7m03vlhV8hJk#_=_ Part of the code that creates this issue ... $facebook = new FacebookApi(array( 'appId' => $app->getProperty('apiKey'), 'secret' => $app->getProperty('secretKey'), )); $user = $facebook->getUser(); if (!$user) { header('location: ' . $facebook->getLoginUrl()); exit; } ... UPDATE: I ruled out that its a server setting. I was able to run the original example script on that server.

    Read the article

  • Provisioning Api using java

    - by user268515
    Hi i'm working in java and tried to retrieve all the user in the domain for that i used Provisionin api............ Its working good But my idea is to Use 2-legged OAuth to retrieve the users from the domain Is it Possible? I dont how to specify the URL please Help me And i triede the following the program final String CONSUMER_KEY = "xxxxxxxxxx.com"; final String CONSUMER_SECRET = "12345678122154154df9"; final String DOMAIN = "xxxxxxxxxx.com"; GoogleOAuthParameters oauthParameters = new GoogleOAuthParameters(); oauthParameters.setOAuthConsumerKey(CONSUMER_KEY); oauthParameters.setOAuthConsumerSecret(CONSUMER_SECRET); oauthParameters.setOAuthType(OAuthType.TWO_LEGGED_OAUTH); OAuthHmacSha1Signer signer = new OAuthHmacSha1Signer(); URL feedUrl = new URL("https://apps-apis.google.com/a/feeds/" + DOMAIN + "/user/2.0/[email protected]"); userService = new UserService("Myapplication"); userService.setOAuthCredentials(oauthParameters, signer); userService.useSsl(); UserFeed allUsers = new UserFeed(); UserFeed allpage; Link nextLink; do { allpage = userService.getFeed(feedUrl, UserFeed.class); allUsers.getEntries().addAll(allpage.getEntries()); nextLink = allpage.getLink(Link.Rel.NEXT, Link.Type.ATOM); if (nextLink != null) { feedUrl = new URL(nextLink.getHref()); } }while (nextLink != null); return allUsers; } Its returing the error as com.google.gdata.util.AuthenticationException: Unknown authorization header

    Read the article

  • Running bundle install fails trying to remote fetch from rubygems.org/quick/Marshal...

    - by dreeves
    I'm getting a strange error when doing bundle install: $ bundle install Fetching source index for http://rubygems.org/ rvm/rubies/ree-1.8.7-2010.02/lib/ruby/site_ruby/1.8/rubygems/remote_fetcher.rb:304 :in `open_uri_or_path': bad response Not Found 404 (http://rubygems.org/quick/Marshal.4.8/resque-scheduler-1.09.7.gemspec.rz) (Gem::RemoteFetcher::FetchError) I've tried bundle update, gem source -c, gem update --system, gem cleanup, etc etc. Nothing seems to solve this. I notice that the URL beginning with http://rubygems.org/quick does seem to be a 404 -- I don't think that's any problem with my network, though if that's reachable for anyone else then that would be a simple explanation for my problem. More hints: If I just gem install resque-scheduler it works fine: $ gem install resque-scheduler Successfully installed resque-scheduler-1.9.7 1 gem installed Installing ri documentation for resque-scheduler-1.9.7... Installing RDoc documentation for resque-scheduler-1.9.7... And here's my Gemfile: source 'http://rubygems.org' gem 'json' gem 'rails', '>=3.0.0' gem 'mongo' gem 'mongo_mapper', :git => 'git://github.com/jnunemaker/mongomapper', :branch => 'rails3' gem 'bson_ext', '1.1' gem 'bson', '1.1' gem 'mm-multi-parameter-attributes', :git=>'git://github.com/rlivsey/mm-multi-parameter-attributes.git' gem 'devise', '~>1.1.3' gem 'devise_invitable', '~> 0.3.4' gem 'devise-mongo_mapper', :git => 'git://github.com/collectiveidea/devise-mongo_mapper' gem 'carrierwave', :git => 'git://github.com/rsofaer/carrierwave.git' , :branch => 'master' gem 'mini_magick' gem 'jquery-rails', '>= 0.2.6' gem 'resque' gem 'resque-scheduler' gem 'SystemTimer' gem 'capistrano' gem 'will_paginate', '3.0.pre2' gem 'twitter', '~> 1.0.0' gem 'oauth', '~> 0.4.4'

    Read the article

< Previous Page | 24 25 26 27 28 29 30 31 32  | Next Page >