Search Results

Search found 15798 results on 632 pages for 'authentication required'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 34/632 | < Previous Page | 30 31 32 33 34 35 36 37 38 39 40 41  | Next Page >

  • Weird IIS with Windows Authentication + IE problem

    - by Paulius Maruška
    I have a website running on IIS and using Windows Authentication. All users that are configured to get access to the site are form a AD domain (not local users). In the properties of a Website, I have set to use the AD domain as the realm. Now, when using Firefox, Safari or Chrome - Everything is fine. When the user tries to open the site, he get's the login box. he enters simply "username" and "password" (let's pretend that it's an actual login and password :P) and he get's into the site. When using IE, however, things get nasty. When the user tries to open the site - he get's the login box. User enters the "username" and "password" again, but those get rejected! And when the second time login box pops up - it has the username filled in as "web-server-domain-name\username" which is wrong, because web-server-domain-name is not the domain where all users reside (it's "ad-domain"). I've spent days trying to figure out what's going on... Note, that if I manually enter "ad-domain\username" - I get accepted into the site without problems. So, my guess is that IE sends wrong username if domain is not specified. Anyway, IE is the only browser that triggers this behavior! Is it possible to do a server-side fix? Maybe it's possible to somehow auto-map the users to AD users? If it's not solvable server-side - is there a client-side fix for this? Thank you. PS: I'm more of a programmer than a sys-admin, so configuring servers isn't the strong side of mine... :P UPDATE: @Evan: Yes, "Digest authentication for Windows domain servers" is also enabled. @Eric: IIS version is 6.0. The authentication methods enabled are: Integrated and digest - all other methods are disabled. As for the security log. I looked at it, when doing "username" and "password" login in Chrome/Firefox and when doing "ad-domain\username" and "password" login from IE - the generated log messages are the same (I see no difference, anyway). When entering "username" and "password" I don't see any errors in the security (or any other) log, so can't tell what method it's trying to use. UPDATE 2: As suggested by Eric in the comments - I played around with Fiddler... While playing with it, I noticed, that when "username" and "password" is entered in FF and IE - the "Authorization" header value (encrypted) sent by IE is longer (almost two times) than one sent by FF. I tried to disable Windows Integrated authentication and only leave the Digest enabled - that fixed the problem (meaning, IE used the right realm just like other browsers), but that caused bazillion other problems with my site, because with Digest - user impersonation on the server doesn't work (that causes problems, when connecting to database etc). Any ideas?

    Read the article

  • Remote Desktop from Linux to Computer that Requires Network Level Authentication

    - by Kyle Brandt
    Is there a way to use rdesktop or another Linux client to connect to a server that requires Network Level Authentication? From Windows Server 2008 R2 -- Control Panel -- System And Security -- System -- Allow Remote Access there is an option that says "Allow connections only from computers running Remote Desktop with Network Level Authentication". So with this enabled I can con not connect from Linux. I can connect from XP but you need SP3 and I had to edit a couple of things in the registry for it to work.

    Read the article

  • Debugging info for authentication in tomcat

    - by Tom A
    I have a JDBC realm setup and a web-app using basic authentication, but I can't get it to work. It is putting up the password dialog but it never succeeds. If I could get the authentication process to spit out some logs, I would be fine. I have debug="99" in my realm specification but I see nothing getting logged in the usual places. Am I missing something?

    Read the article

  • Forms authentication for main site, Windows auth for subfolder

    - by John D
    Hi all, On my Windows 2008 R2 server with IIS 7.5 I would like to have my ASP.NET website running with forms authentication, while protecting a subfolder with the basic Windows authentication. I have done this on Windows 2003 with IIS 6 for years, but I simply can't get it to work with IIS 7.5. Your input would be highly appreciated :)

    Read the article

  • "SASL authentication failed" with mutt and Gmail, why?

    - by hhh
    I am confused by this, I have installed a lot of new pkgs and followed some tutorials after googling but I keep getting this kind of SASL -err. I am not sure whether the mistake is in some Gmail settings or should I check some settings in Ubuntu? I thought this tutorial here would have solved this problem (i am simply trying to set up local mail reading with mutt, using gmail) but I cannot see the instructed things with telnet: "250-STARTTLS 250-AUTH PLAIN LOGIN" so that is why it is not working. $cat .muttrc set imap_user = "[email protected]" set imap_pass = "pass" #set smtp_url = "smtp://[email protected]:465/" set smtp_url = "smtp://[email protected]:587/" set smtp_pass = "pass" set from = "[email protected]" set realname = "name" set folder = "imaps://imap.gmail.com:993" set spoolfile = "+INBOX" set postponed="+[Gmail]/Drafts" set move = no

    Read the article

  • MOSS Search Error: Authentication failed because the remote party has closed the transport stream

    - by Cherie Riesberg
    http://support.microsoft.com/?id=962928 To resolve this issue, follow these steps: Stop the Office SharePoint Services Search service. To do this, follow these steps: Click Start, click Run, type cmd , and then click OK. At the command prompt, type net stop osearch, and then press ENTER. Type exit to exit the command prompt. Download and install the IIS 6.0 Resource Kit Tools. To obtain the IIS 6.0 Resource Kit Tools, visit the following Microsoft Web site: http://www.microsoft.com/downloads/details.aspx?familyid=56FC92EE-A71A-4C73-B628-ADE629C89499 (http://www.microsoft.com/downloads/details.aspx?familyid=56FC92EE-A71A-4C73-B628-ADE629C89499) On each server in the farm that has Office SharePoint 2007 installed, follow these steps: Click Start, click Run, type cmd , and then click OK. Navigate to the location of the IIS 6.0 Resource Kit Tools (default location is: C:\Program Files\IIS Resources\SelfSSL) At the command prompt, type selfssl /s:951338967 /v:1000, and then press ENTER. Notes For 64 bit Server, 951338967 is the default ID of the Office Server Web Services certificate. For 32 bit Server, 1720207907 is the default ID of the Office Server Web Services certificate. You can check the ID of Office Server Web Services from IIS. 1000 is the number of days that the certification will be valid. You need to execute the selfssl command on each MOSS Server in the farm which is running a "Office Server Web Services" site. SharePoint partly uses SSL name resolution in the background between farm servers, which users generally do not need to be aware of. Start the Office SharePoint Services Search service. To do this, follow these steps: At the command prompt, type net start osearch, and then press ENTER. Type exit to exit the command prompt. Download and install the following update to the .NET Framework 3.5 SP1. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 959209  (http://support.microsoft.com/kb/959209/ ) An update for the .NET Framework 3.5 Service Pack 1 is available

    Read the article

  • ASP.NET 4 Hosting :: How to set up Forms Authentication for your ASP.NET web site

    - by mbridge
    Please follow this steps: 1. Log in to your Control Panel. 2. From the menu, select Databases ? SQL Server 2008. 3. Click the Create User button. 4. Enter a user name and password and click Save. In this demonstration, the user name is dotnetuser and the password is dotnetuserpass. 5. Click the Create Database button. 6. Enter a database name and grant access to the user you created above and click Save. In this demonstration the database is called DotNetAuthentication. 7. Locate and run the ASP.NET SQL Server Setup Wizard. This file is located in your .NET framework directory and is named aspnet_regsql.exe (example: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_regsql.exe). 8. Click Next and choose Configure SQL Server for application services. 9. Click Next and enter the server name and database log in credentials. The server name is the web site pointer address to where your application will be published and the log in credentials are the SQL server user name and password created earlier. 10. Click Next twice and the wizard will take a moment to complete the scripting actions that populate the new database with all the objects necessary to configure the ASP.NET provider.  Once complete, click Finish to close the wizard. 11. Finally, modify the web.config file in your ASP.NET web application to use the database you created.

    Read the article

  • Session management error: None of the authentication protocols specified are supported

    - by JBWhitmore
    The title is the first error that has sent me on a mission to fix things. Motivation: I was trying to install the new Enthought Python Distribution -- when the error above first showed up. The install finished -- and looked like there were a few more times it flagged dcopserver problems: Please check that "dcopserver" program is running! Could not read network connection list: ~/home/user/.DCOPserver_host__0 When running ipython from the distribution, it claims that readline (the ability to up arrow in history or tab-complete) is not available for my system. It is though -- if I run the ipython that's sitting in /usr/bin/ipython all readline features work perfectly. So, I tried to fix the install by trying to fix what I thought could be causing the problems. Bad things that are happening that I want to be fixed: When restarting I get the error: Could not update ICEauthority file /home/username/.ICEauthority. ipython readline doesn't work with Enthought's ipython Things I have tried: changed the owner of my ~/.ICEauthority to be me. changed the owner of home directory (and all nested files and folders) to be me double checked that /var/lib/gdm was owned by Gnome (yep) attempted to reinstall DCOP, kbuildsycoca stuff (fail) I've removed nautilus; rebooted; reinstalled; rebooted; removed ubuntu-desktop; rebooted; reinstalled; rebooted. Any suggestions on how to fix the Bad Things that are happening would be greatly appreciated! Computer: Ubuntu 10.04 x86

    Read the article

  • MVC & Windows Authentication

    - by TJ
    Changed the ValidateUser function  public bool ValidateUser(string userName, string password)         {             bool validation;             try             {                 LdapConnection ldc = new LdapConnection(new LdapDirectoryIdentifier((string)null, false, false));                 NetworkCredential nc = new NetworkCredential(userName, password, "domainname.com");                 ldc.Credential = nc;                 ldc.AuthType = AuthType.Negotiate;                 ldc.Bind(nc); // user has authenticated at this point, as the credentials were used to login to the dc.                  string myvar = ldc.SessionOptions.DomainName;                 validation = true;             }             catch (LdapException)             {                 validation = false;             }             return validation;         }

    Read the article

  • Unable to run 'sudo apt-get dist-upgrade' due to authentication issues

    - by TobyG
    I've just attempted to run sudo apt-get dist-upgrade on my Ubuntu box, but am getting the following error... WARNING: The following packages cannot be authenticated! librdbmspp php5-ioncube-loader sw-libboost-date-time1.49.0 sw-libboost-system1.49.0 sw-libboost-filesystem1.49.0 sw-libboost-program-options1.49.0 sw-libboost-regex1.49.0 sw-libboost-serialization1.49.0 sw-libpoco I've tried running... $ sudo apt-key update $ sudo apt-get update ... as found in this question, but I'm still getting the error. Can anyone help, please? Update on 5th June Repos currently in /etc/apt/sources.list (links broken due to reputation being too low to include more than 2 links)… deb http: //gb.archive.ubuntu.com/ubuntu/ precise main restricted universe multiverse deb http: //gb.archive.ubuntu.com/ubuntu/ precise-updates main restricted universe multiverse deb http: //gb.archive.ubuntu.com/ubuntu precise-security main restricted universe multiverse deb http: //archive.canonical.com/ubuntu precise partner deb-src http://archive.canonical.com/ubuntu precise partner deb http: //security.ubuntu.com/ubuntu precise-security main restricted universe multiverse deb-src http://security.ubuntu.com/ubuntu precise-security main restricted universe multiverse deb http: //autoinstall.plesk.com/ubuntu/PSA_11.5.30 precise all deb http: //autoinstall.plesk.com/debian/SITEBUILDER_11.5.10 all all deb http: //autoinstall.plesk.com/debian/BILLING_11.5.30 all all

    Read the article

  • google chrome : http authentication issue on iframe

    - by Daniel Dzussa
    I have an HTML file with 2 links http://versionplus.in/pass/new.html, both links are in an iframe to load the contents inside the iframe. I have two protected directories one on the same server and other on another server. If you click on either link it will popup the login box, same for both links in all browsers except google chorme. google chrome doesn't show login box for the protected folder on another server, how can I fix this ?

    Read the article

  • Week in Geek: Dropbox Rolls Out 2-Step Authentication Feature in Experimental Desktop Client Build

    - by Asian Angel
    Our last edition of WIG for August is filled with news link goodness covering topics such as Firefox 17 will make add-ons more secure, password hints are easily extracted from Windows 7 and 8, the latest stable release of ChromeOS adds a new apps list feature, and more. How To Switch Webmail Providers Without Losing All Your Email How To Force Windows Applications to Use a Specific CPU HTG Explains: Is UPnP a Security Risk?

    Read the article

  • Drop in service for account management, authentication, identity?

    - by Mike Repass
    I'm building an Android app and associated set of web services for uploading/downloading data. I need a basic (no frills) solution for account management (register, login, logout, verify credentials/token). What open source / third party solutions exist for this scenario? I need: create a new account db based on a salt simple web service to create a new account simple web service to authenticate supplied credentials and return some sort of token That's it, I can get by without 'fancy' email activation or password reset for the time being. Are there off-the-shelf components for this? Should I just use a 'blank' django or rails app to get this done? Seems crazy for everyone to be doing CREATE TABLE user_accounts ... Thoughts? Thank you.

    Read the article

  • Best Method/Library For Remote Authentication

    - by Mike
    I have a web app that has a REST API interface: http://api.example.com/core that uses API Keys and domain specific keys (key has to be used on the specified domain). I then will have several client sites with ajax forms where we will require users to sign in before being able to submit the form. This form will add data to a table, and submit an email to several recipients along with checking credentials. This form will use an ajax submit to our REST API. All Communication to/from the API is over SSL Ideal Flow: Visitor Fills Form Out -> Enters User/pass -> Submits Form -> ajax request to REST API -> API Verifies credentials -> does CRUD -> sends emails -> returns 200/403 -> perform DOM manipulation based on return code in ajax call Are there any libraries in PHP that currently do something to this similarly? Would OAuth be a good use for this scenario? Languages used are: js/html/css/php/MySQL

    Read the article

  • Handle all authentication logic in database or code?

    - by Snuffleupagus
    We're starting a new(ish) project at work that has been handed off to me. A lot of the database sided stuff has been fleshed out, including some stored procedures. One of the stored procedures, for example, handles creation of a new user. All of the data is validated in the stored procedure (for example, password must be at least 8 characters long, must contain numbers, etc) and other things, such as hashing the password, is done in the database as well. Is it normal/right for everything to be handled in the stored procedure instead of the application itself? It's nice that any application can use the stored procedure and have the same validation, but the application should have a standard framework/API function that solves the same problem. I also feel like it takes away the data from the application and is going to be harder to maintain/add new features to.

    Read the article

  • Silverlight 4 + RIA Services - Ready for Business: Authentication and Personalization

    To continue our series,  In real business applications our data is often very valuable and as such we need to know who is accessing what data and control certain data access to only users with privilege.  Luckily this is very easy to do with RIA Services.  For example, say we want to let only authenticated users access our data in this example.   That is as easy to accomplish as adding an attribute, see line 2 below.    1: [EnableClientAccess] 2: ...Did you know that DotNetSlackers also publishes .net articles written by top known .net Authors? We already have over 80 articles in several categories including Silverlight. Take a look: here.

    Read the article

  • CUPS Authentication for Admin on localhost:631 interface

    - by Tony Kruse
    I have searched quite a bit, saw the one response that purported to have a solution to this but it did not work in my case. My Brother printer is not shown in CUPS so I go to Admin-Add Printer it gives me the User Name/Password popup with refuses to recognize my user name on the machine. This is a brand new install of 13.1. My Restrict Access to the admin pages section has: Order allow, deny Allow localhost

    Read the article

  • Sending login form to an open-mesh acess point for authentication with my own RADIUS server

    - by PachinSV
    I have my RADIUS server up and running and a custom external captive portal. But I'm not sure: what information should I send to the Open-Mesh AP with my login form (it is necessary to encrypt the password?, because if I don't use a secret word to encrypt in my network configuration the RADIUS server complaints about it and in the log shows me some strange characters in the password) I don't know what to do with the "challenge" and "md" parameters in my login splash page. Thank you very much for your help.

    Read the article

  • SonicOS Enhanced 5.8.1.2 L2TP VPN Authentication Failed

    - by Dean A. Vassallo
    I have a SonicWall TZ 215 running SonicOS Enhanced 5.8.1.2-6o. I have configured the L2TP VPN using the default crypto suite ESP: 3DES/HMAC SHA1 (IKE). Proposals are as such: IKE (Phase 1) Proposal DH Group: Group 2 Encryption: 3DES Authentication: SHA1 Life Time (seconds): 28800 Ipsec (Phase 2) Proposal Protocol: ESP Encryption: 3DES Authentication: SHA1 Enable Perfect Forward Secrecy DISABLED Life Time (seconds): 28800 When attempting to connect via my Mac OS X client I get an authentication error. It appears to pass the pre-authentication but fails to complete. I am at a complete loss. I reconfigured from scratch multiple times...used simple usernames and passwords to verify this wasn't a miskeyed password issue. I have Here are the logs (noted IP has been removed for privacy): 7/1/13 8:19:05.174 PM pppd[1268]: setup_security_context server port: 0x1503 7/1/13 8:19:05.190 PM pppd[1268]: publish_entry SCDSet() failed: Success! 7/1/13 8:19:05.191 PM pppd[1268]: publish_entry SCDSet() failed: Success! 7/1/13 8:19:05.191 PM pppd[1268]: pppd 2.4.2 (Apple version 727.1.1) started by dean, uid 501 7/1/13 8:19:05.192 PM pppd[1268]: L2TP connecting to server ‘0.0.0.0’ (0.0.0.0)... 7/1/13 8:19:05.193 PM pppd[1268]: IPSec connection started 7/1/13 8:19:05.208 PM racoon[1269]: accepted connection on vpn control socket. 7/1/13 8:19:05.209 PM racoon[1269]: Connecting. 7/1/13 8:19:05.209 PM racoon[1269]: IPSec Phase 1 started (Initiated by me). 7/1/13 8:19:05.209 PM racoon[1269]: IKE Packet: transmit success. (Initiator, Main-Mode message 1). 7/1/13 8:19:05.209 PM racoon[1269]: >>>>> phase change status = Phase 1 started by us 7/1/13 8:19:05.231 PM racoon[1269]: >>>>> phase change status = Phase 1 started by peer 7/1/13 8:19:05.231 PM racoon[1269]: IKE Packet: receive success. (Initiator, Main-Mode message 2). 7/1/13 8:19:05.234 PM racoon[1269]: IKE Packet: transmit success. (Initiator, Main-Mode message 3). 7/1/13 8:19:05.293 PM racoon[1269]: IKE Packet: receive success. (Initiator, Main-Mode message 4). 7/1/13 8:19:05.295 PM racoon[1269]: IKE Packet: transmit success. (Initiator, Main-Mode message 5). 7/1/13 8:19:05.315 PM racoon[1269]: IKEv1 Phase 1 AUTH: success. (Initiator, Main-Mode Message 6). 7/1/13 8:19:05.315 PM racoon[1269]: IKE Packet: receive success. (Initiator, Main-Mode message 6). 7/1/13 8:19:05.315 PM racoon[1269]: IKEv1 Phase 1 Initiator: success. (Initiator, Main-Mode). 7/1/13 8:19:05.315 PM racoon[1269]: IPSec Phase 1 established (Initiated by me). 7/1/13 8:19:06.307 PM racoon[1269]: IPSec Phase 2 started (Initiated by me). 7/1/13 8:19:06.307 PM racoon[1269]: >>>>> phase change status = Phase 2 started 7/1/13 8:19:06.308 PM racoon[1269]: IKE Packet: transmit success. (Initiator, Quick-Mode message 1). 7/1/13 8:19:06.332 PM racoon[1269]: attribute has been modified. 7/1/13 8:19:06.332 PM racoon[1269]: IKE Packet: receive success. (Initiator, Quick-Mode message 2). 7/1/13 8:19:06.332 PM racoon[1269]: IKE Packet: transmit success. (Initiator, Quick-Mode message 3). 7/1/13 8:19:06.333 PM racoon[1269]: IKEv1 Phase 2 Initiator: success. (Initiator, Quick-Mode). 7/1/13 8:19:06.333 PM racoon[1269]: IPSec Phase 2 established (Initiated by me). 7/1/13 8:19:06.333 PM racoon[1269]: >>>>> phase change status = Phase 2 established 7/1/13 8:19:06.333 PM pppd[1268]: IPSec connection established 7/1/13 8:19:07.145 PM pppd[1268]: L2TP connection established. 7/1/13 8:19:07.000 PM kernel[0]: ppp0: is now delegating en0 (type 0x6, family 2, sub-family 3) 7/1/13 8:19:07.146 PM pppd[1268]: Connect: ppp0 <--> socket[34:18] 7/1/13 8:19:08.709 PM pppd[1268]: MS-CHAPv2 mutual authentication failed. 7/1/13 8:19:08.710 PM pppd[1268]: Connection terminated. 7/1/13 8:19:08.710 PM pppd[1268]: L2TP disconnecting... 7/1/13 8:19:08.711 PM pppd[1268]: L2TP disconnected 7/1/13 8:19:08.711 PM racoon[1269]: IPSec disconnecting from server 0.0.0.0 7/1/13 8:19:08.711 PM racoon[1269]: IKE Packet: transmit success. (Information message). 7/1/13 8:19:08.712 PM racoon[1269]: IKEv1 Information-Notice: transmit success. (Delete IPSEC-SA). 7/1/13 8:19:08.712 PM racoon[1269]: IKE Packet: transmit success. (Information message). 7/1/13 8:19:08.712 PM racoon[1269]: IKEv1 Information-Notice: transmit success. (Delete ISAKMP-SA). 7/1/13 8:19:08.713 PM racoon[1269]: glob found no matches for path "/var/run/racoon/*.conf" 7/1/13 8:19:08.714 PM racoon[1269]: pfkey DELETE failed: No such file or directory

    Read the article

  • Domain changes required for SSL integration

    - by user131003
    Currently my site supports regular payment options (User is taken to Payment Gateway/PG website). Now I'm trying to implement "seamless" PG integration. I need SSL for this. I'm having a dedicated server with 5 static IPs from Hostgator/HG. options: I take SSL for www.my_domain.com. According to HG, I need to change IP of main site as current IP is not really dedicated as it is being shared by cpanel etc. So They need to bind another dedicated IP to main domain for SSL to work. This would required DNS change for main website and hence cause few hours downtime (which is ok). I've noticed that most of the e-commerce websites are using subdomains like secure.my_domain.com for ssl/https. This sounds like a better approach. But I've got few doubts in this case: a) Would I need to re-register with existing PGs (Paypal, Google Checkout, Authorize.net) if I switch to subdomain? Re-registering is not an option for me. b) Would DNS change be required for www.my_domain.com in this case. This confusion arose because of following reply from HG : "If the sub domain secure.my_domain.com is added to an existing cPanel it will use the IP for that cPanel so as long as it is a Dedicated IP that will be fine. If secure.my_domain.com gets setup as its own cPanel it will need to be assigned to a Dedicated IP which would have a DNS change involved.". PLease suggest.

    Read the article

  • Certificates required for WHQL-certified drivers

    - by Kasius
    The 64-bit Windows 7 image that we deploy to machines at our site does not contain all of the certificates included on a default Windows image. Automatic root certificate installation is also disabled per policy from higher in the organization. We have had a lot of trouble installing many WHQL-certified drivers from reputable companies (ex. HP, Lexmark, Dell, etc.), and I hypothesize that a required certificate is missing from one of the certificate stores on the machine. The error we typically get is: The driver cannot be installed because it is either not digitally signed or not signed in the appropriate manner. I know that it is signed. A .CAT file is included, and it has the following tree from top to bottom: Microsoft Root Authority (thumbprint a4 34 89 15 9a 52 0f 0d 93 d0 32 cc af 37 e7 fe 20 a8 b4 19) Microsoft Windows Hardware Compatibility PCA (thumbprint 93 b8 d8 82 0a 32 db 20 a5 ea b6 8d 86 ad 67 8e fa 14 ea 41) Microsoft Windows Hardware Compatibility Publisher (thumprint b0 50 45 45 42 4e be 2c 16 2f 62 5b bf 5a e6 9b 96 bf 0b 0b) What certificates are required to install WHQL-certified drivers? Is it possibly something other than certificates? Thanks! NOTE: I have posted this question on Technet as well, but honestly, I've never had a lot of luck posting questions on the Technet forums.

    Read the article

  • API Auth vs User Auth

    - by user1626384
    I have read many posts and articles on this topic but still cant connect the dots. I want to make a Rails app that is strictly a JSON API maybe using Sinatra or the rails-api gem. I also want to make both a web client app and an iPhone app which consumes the API. No plans on letting third party dev's use it. So I could create a separate username/password combination for both the web and mobile client and use HTTP Basic over SSL. Each app would have these values as configs in the source and use it to authenticate to the API so only these can make a call. Anyone else trying would get a 401 error returned. This would be considered handling the API authentication. The web and mobile client apps allow end users to sign up and read/write data to the API. When each user is created, I create and save a token in their profile. If a user successfully signs in, I send back the token. On each future read/write then also send along this token in the header. I get the token and lookup the user in the database and make the read/write. Does this sound like an appropriate way to handle it. For the web client, when I initially send back the token, where do I store it. In a cookie? Do I also drop a cookie to handle session state?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 30 31 32 33 34 35 36 37 38 39 40 41  | Next Page >