Search Results

Search found 1466 results on 59 pages for 'authenticate'.

Page 35/59 | < Previous Page | 31 32 33 34 35 36 37 38 39 40 41 42  | Next Page >

  • Encryption-Decreyption in Rails

    - by Salil
    Hi All, I am using "require 'digest/sha1'" ro encrypt my password and save into database. While login i authenticate by matching the encrepted passowrd saved in database and again encrypted the one use enter in password field. As of now everything works fine but now i want to do 'Forgot Passowrd' functionality.to do this i need to decrypt the password which is saved in database to find original one.How to decrypt using 'digest/sha1' ? Or someone know any algoritham which supports encryption & decryption as well? Iam using ruby-on-rails so i need Ruby way to accomplish it.

    Read the article

  • ValidateCredentials() returns FALSE on First Call but TRUE on Subsequent Calls

    - by Nick Gotch
    I'm using the following code to authenticate users on my web service: using (PrincipalContext context = new PrincipalContext(ContextType.Domain, domain)) { return context.ValidateCredentials(userName, password); } The obstacle I'm running into is that the first call to ValidateCredentials() is returning false but subsequent calls return true. I placed a breakpoint at this line and in the Intermediate window I see the same results: first call returns false, second returns true, even though nothing was changed (by me) between calls. The 'domain' is String.Empty but I've also tried it with the actual domain name and get the same results. I'm not that versed in network administration so any help would be appreciated,

    Read the article

  • Getting session authenticity token via ajax (rails, jquery)

    - by ming yeow
    Hi folks, I wish to authenticate a user without having the page reloaded, and having the user submit a given form. However, the problem that I immediately run into here is that the authenticity token typically gets set when the page is reloaded. I need the authenticity token for the form submission, but i do not have it yet because the page is yet to reload. I figure this cannot be that rare - anyone has any idea on how to resolve this? 1 idea could be getting rails to pass back the authenticity token after authentication, but i do not know how to access it from the controller 1) not logined user sees form 2) not logined user types in message and submit 3) facebox asking for authentication 4) after authentication, submit form automatically without refreshing 5) //but authenticity token is needed for form submission, which is not there yet

    Read the article

  • Programmatic authentication in JEE 6

    - by Kevin
    Hello, is it possible to authenticate programmatically a user in J2ee 6? Let me explain with some more details: I've got an existing Java SE project with Servlets and hibernate; where I manage manually all the authentication and access control: class Authenticator { int Id string username } Authenticator login(string username, string password) ; void doListData(Authenticator auth) { if (isLoggedIn(auth)) listData(); else doListError } void doUpdateData (Authenticator auth) { if (isLoggedAsAdmin(auth)) updateData() ; else doListError(); } void doListError () { listError() ; } And Im integrating J2ee/jpa/servlet 3/... (Glassfish 3) in this project. I've seen anotations like : @RolesAllowed ("viewer") void doListdata (...) { istData() ; } @RolesAllowed("admin") void doUpdateData (...) { updateData() ; } @PermotAll void dolisterror () { listerror() ; } but how can I manually state, in login(), that my user is in the admin and/or viewer role?

    Read the article

  • Configure Active Relying Party STS to Trust Multiple Identity Provider STSes

    - by CodeChef
    I am struggling with the configuration for the scenario below. I have a custom WCF/WIF STS (RP-STS) that provides security tokens to my WCF services RP-STS is an "Active" STS RP-STS acts as a claims transformation STS RP-STS trusts tokens from many customer-specific identity provider STSes (IdP-STS) When a WCF Client connects to a service it should authenticate with it's local IdP-STS The reading that I've done describes this as Home Realm Discovery. HRD is usually described within the context of web applications and Passive STSes. My questions is, for my situation, does the logic for choosing an IdP-STS endpoint belong in the RP-STS or the WCF Client application? I thought it belonged in the RP-STS, but I cannot figure out the configuration to make this happen. RP-STS has a single endpoint, but I cannot figure out how to add more than one trusted issuer per endpoint. Any guidance on this would be very appreciated (I'm out of useful keywords to Google.) Also, if I'm way off please offer alternative approaches. Thanks!

    Read the article

  • Silverlight authentication during startup - how to mimic syncronous behavior?

    - by jkohlhepp
    I have a Silverlight app that is using the MVVM pattern. I have a WCF service which will allow me to authenticate users (I don't have direct control over that service - assume it is a black box that just returns me the user info and a list of privileges the user has). So, when the app starts up, I want to pull security data from that service. Right now, when I do this, my views and view models can end up getting initialized before the service returns with the security data. This causes problems because the view models need to disable buttons and make things visible/invisible based on the user having certain privileges. Is there a pattern that allows me to prevent the initialization of the views / view models until the WCF call has returned? How would you go about solving this problem as elegantly as possible?

    Read the article

  • Handling User Authentication in C#.NET?

    - by Daniel
    I am new to .NET, and don't have much experience in programming. What is the standard way of handling user authentication in .NET in the following situation? 1.In Process A, User inputs ID/Password 2.Process A sends the ID/Password to Process B over a nonsecure public channel. 3.Process B authenticates the user with the recieved ID/Password what are some of the standard cryptographic algorithms I can use in above model? The users(customers that bought my company's software) will be running the software(Process A) locally in their computer(connected to internet). I need to authenticate the users so that only registered users can run the program. Thank You!

    Read the article

  • Is Transport security a bad practice for the WCF service over the Internet?

    - by Sergey
    Hello, I have a WCF service accessible over the Internet. It has wsHttpBinding binding and message security mode with username credentials to authenticate clients. The msdn says that we should use message security for the Internet scenarios, because it provides end-to-end security instead of point-to-point security as Transport security has. What if i use transport security for the wcf service over the Internet? Is it a bad practice? Could my data be seen by malicious users? Thanks, Sergey

    Read the article

  • Using Facebook Graph to simply post a wall message with just javascript

    - by Glycerine
    Hey guys, Now I know this question has been asked similarly a lot of times but I'm really struggling here. Its a simple thing I need to do: I would like to post a message onto a users wall saying "I scored 8/10 on objects game" then a URL Thats it. I don't mind if facebook needs to authenticate and then post the message. and I really don't want to have to use the full API - as I don't want to handle user login details. Is it possible using the new Graph API and javascript. Uber thanks guys this'll allow me to sleep tonight.

    Read the article

  • Facebook RESTful API require_login() callback

    - by skidding
    Hi, I'm trying to authenticate a user through the RESTful API (not Connect) but I can't since the callback system does not work for me. I have a local app that creates the Facebook API object with my key and secret, then calls the Facebook API require_login() method; I am sent to Facebook login, I login, and then I am sent to http://www.facebook.com/login.php?auth_token=<...>, where there's another login with just a field for password (not username), I write it again, and after that I am redirected to normal Facebook home. What am I doing wrong? I have set the callback URL in the Facebook app proprieties. Does it have anything to do with the fact that it's localhost? Thanks!

    Read the article

  • Access current_user in model

    - by LearnRails
    I have 3 tables items (columns are: name , type) history(columns are: date, username, item_id) user(username, password) When a user say "ABC" logs in and creates a new item, a history record gets created with the following after_create filter. How to assign this username ‘ABC’ to the username field in history table through this filter. class Item < ActiveRecord::Base has_many :histories after_create :update_history def update_history histories.create(:date=Time.now, username= ?) end My login method in session_controller def login if request.post? user=User.authenticate(params[:username]) if user session[:user_id] =user.id redirect_to( :action='home') flash[:message] = "Successfully logged in " else flash[:notice] = "Incorrect user/password combination" redirect_to(:action="login") end end end I am not using any authentication plugin. I would appreciate if someone could tell me how to achieve this without using plugin(like userstamp etc.) if possible.

    Read the article

  • How do I use LDAP proxy user authentication from .net?

    - by DN
    I have a .net web application that uses simple bind to query the LDAP. The application uses integrated windows authentication. Do you have any recommendations on which option to use to authenticate against the LDAP: 1. simple LDAP bind using the logged in user's credentials 2. simple LDAP bind using a service account created for the application's use 3. LDAP proxy user authentication - I dont have enough info about this, so i'd be grateful if someone could explain it's benefit, recommended use and sample .net code to do the query.

    Read the article

  • Using the Facebook Graph APIs PHP library

    - by briggins5
    I am using the PHP library for the Graph API (http://github.com/facebook/php-sdk) but am a bit confused about how it is all working (or not). I just want to authenticate the user and get the user ID back. What I really want to know is what to do once the user has logged in to Facebook and returned to my site. There is data called 'session' in the URL. Does this need to be stored in order to continually get the user ID? It is really not apparent, to me, from the samples or (lack of) documentation. Also, would it be easier to just cut out the PHP library altogether and just handle the reponse myself, storing it in a session variable. If i were to do this, what is the best method of getting/extracting the current users ID?

    Read the article

  • Servlet 3.0 logout doesn't work

    - by Kevin
    I've got a problem with the authentication features of Servlet 3.0: With this code in a Servlet v3: log.info(""+request.getUserPrincipal()); log.info(""+request.getAuthType()); log.info("===^==="); request.logout() ; log.info(""+request.getUserPrincipal()); log.info(""+request.getAuthType()); request.authenticate(response) ; log.info("===v==="); log.info(""+request.getUserPrincipal()); log.info(""+request.getAuthType()); I would always expect to see the Username/login windows, because of the logout() function. Instead, it seems to be a 'cache' mechanism which repopulate the credential and cancel my logout ... Admin BASIC ===^=== null null ===v=== Admin BASIC Is it a problem with my firefox, or something I'm missing in the Servlet code?

    Read the article

  • Devise within namespace

    - by Harm de Wit
    Hey, I'm trying to split my rails project in a front-end for regular users and a back-end for admins. Therefore i have created a namespace 'admin' so that i can easily control admin specific controller methods/layouts/authentication in the map admin. I'm using Devise to register/authenticate my admins only. Because it is only used for admins only i'm trying to move Devise to the admin namespace. I could not find exactly what i was looking for in the documentation of Devise but i tried something like this in routes.rb: namespace 'admin'do devise_for :admins end I also tried to make a custom Devise::Sessions controller but that too didn't seem to work out. Does anyone know how to do this? Should i just use the regular routes for devise with a custom(admin) layout?

    Read the article

  • Detecting first time login of user into application (Google Appengine)

    - by Jake
    My app requires users to login using their google account. I have this set in my App.yamp file: url: /user/.* script: user.py login: required Now when any user tries to access files under /user/secret.py he will need to authenticate via google, which will redirect the user back to /user/secret.py after successful authentication. Now the problem I am facing is when the user is redirected back to the app, I cannot be sure if this is the first time the user has logged in or is it a regular user to my site who has come back again from just the user object which google passes using users.get_current_user() . I thus need to maintain state in the datastore to check if the user already exists or not everytime. If he does not exist i need to create a new entry with other application specific settings. My question is: Is there some easier way to handle this? without having to query the datastore to figure if this is a first time user or a regular one?

    Read the article

  • rails accessing value from facebooker hash/array

    - by Ben
    This is my first time using the facebooker plugin with rails, and I'm having trouble accessing user info. The website uses FB connect to authenticate users. I am trying to get the name of the university that the logged in user attends. When I use the command <%= facebook_session.user.education_history[:name] %>, I get an error "Symbol as array index". I have also tried using education_history[1], but that just returns "# Facebooker::EducationInfo:<some sort of alphanumeric hash value>" When I use something like <%= facebook_session.user.relationship_status %> , it returns the relationship status just fine. Similarly, <%= facebook_session.user.hometown_location.city %> returns the city name just fine. I've checked out the documentation for facebooker, but I can't figure out the correct way to get the values I need. Any idea on how to get this to work? Thanks!

    Read the article

  • Google Checkout, OpenId, and downloadable products

    - by craigmoliver
    I going to use Google Checkout to process orders to purchase downloadable content. When the order process is completed via Google Checkout I'd like for the user to be able come back to my site, authenticate using their Google credentials (OpenID?) that they purchased the item with linked back end, and download the goods. The site is written using C# and ASP.NET MVC. Is this possible or how should I rethink this? Are there open-source libraries to get me started?

    Read the article

  • How do I use NTLM authentication with Active Directory

    - by Jon Works
    I am trying to implement NTLM authentication on one of our internal sites and everything is working. The one piece of the puzzle I do not have is how to take the information from NTLM and authenticate with Active Directory. There is a good description of NTLM and the encryption used for the passwords, which I used to implement this, but I am not sure of how to verify if the user's password is valid. I am using Coldfusion but a solution to this problem can be in any language (Java, Python, PHP, etc). Edit: I am using Coldfusion on Redhat Enterprise Linux. Unfortunately we cannot use IIS to manage this and instead have to write or use a 3rd party tool for this.

    Read the article

  • ie6 p3p 'file download security warning'

    - by cometta
    i have a page inside iframe, so i set the header to "P3P","CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"" after that my page inside iframe able to load properly and i able to authenticate user with 'form' post . but on ie6, when i post 'form' inside iframe, i get ie6 message 'file download security warning on javascript file' . those javascript files are put on 'head' of pages inside iframe. how comes ie6 suddenly pop up dialog asking to download those files? anyone know which p3p parameter cause this problem?

    Read the article

  • Calling Facebook API without authenticating user/"connecting"

    - by Andy
    Hi, I am working with facebook's API and I want to call the links.prevew method. http://wiki.developers.facebook.com/index.php/Links.preview Is it possible to call this method without having my user authenticate or "connect"? For example, not all of my users have hooked up their facebook accounts to my website, but I still want to use this API method. I am getting the following error: Fatal error: Uncaught Exception: 453: A session key is required for calling this method thrown in /public_html/libs/facebook.php on line 413 But on the wiki it says that the method does not require a session key? If it is not possible to make API calls without such a key, is there anyway I can make calls on behalf of my account or my applications account (rather then a users account)? Any help is appreciated, thanks!

    Read the article

  • adldap class, need to search for user in two groups

    - by Brad
    http://adldap.sourceforge.net/wiki/doku.php?id=api_user_functions#user_ingroup_username_group_recursive_null I am using the adLDAP class above to authenticate users against our ldap server. I was wondering how I could check multiple groups to see if the user belongs to either, if they belong to either. I don't know if user_ingroup($username,$group,$recursive=NULL); can handle search two different groups for the user, need help coding it to search for the user in two different groups, and as soon as it finds it in one of those, break the operation and set a variable to true. Any help is appreciated.

    Read the article

  • WCF REST based services authentication schemes

    - by FlySwat
    I have a simple authentication scheme for a set of semi-public REST API's we are building: /-----------------------\ | Client POST's ID/Pass | | to an Auth Service | \-----------------------/ [Client] ------------POST----------------------> [Service/Authenticate] | /-------------------------------\ | Service checks credentials | [Client] <---------Session Cookie------- | and generates a session token | | | in a cookie. | | \-------------------------------/ | [Client] -----------GET /w Cookie -------------> [Service/Something] | /----------------------------------\ | Client must pass session cookie | | with each API request | | or will get a 401. | \----------------------------------/ This works well, because the client never needs to do anything except receive a cookie, and then pass it along. For browser applications, this happens automatically by the browser, for non browser applications, it is pretty trivial to save the cookie and send it with each request. However, I have not figured out a good approach for doing the initial handshake from browser applications. For example, if this is all happening using a AJAX technique, what prevents the user from being able to access the ID/Pass the client is using to handshake with the service? It seem's like this is the only stumbling block to this approach and I'm stumped.

    Read the article

  • [LDAP] The distinguished name contains invalid syntax ERROR!!

    - by handle0088
    I'm trying using LDAP to authenticate user, but I have a problem with LDAP. This is my code string hostOrDomainName = "MrHand-PC"; string targetOu = "cn=Huy Pham,ou=people,dc=example,dc=com"; // create a search filter to find all objects string ldapSearchFilter = "uid=pdhuy"; // establish a connection to the directory LdapConnection connection = new LdapConnection(hostOrDomainName); Console.WriteLine("\r\nPerforming a simple search ..."); SearchRequest searchRequest = new SearchRequest(targetOu, ldapSearchFilter, System.DirectoryServices.Protocols.SearchScope.OneLevel, null); // cast the returned directory response as a SearchResponse object SearchResponse searchResponse = (SearchResponse)connection.SendRequest(searchRequest); << **Throw exception: The distinguished name contains invalid syntax.** Can anyone help my solve this problem. Thank you so much.

    Read the article

  • Problem authenticating with shiro in grails app

    - by xain
    I have a grails 1.2 app and I want to use declarative security in order to restrict accesses based on roles. I decided to try shiro, installed the plugin, but when I try to authenticate, the message "Invalid username and/or password" shows up in the header. I check the db entry and the user is there with the sha'ed password. No messages are shown neither in the console nor in the stacktrace file. I added "warn 'org.jsecurity'" to Config.groovy with no results. Any hints/tricks to troubleshoot this ?

    Read the article

< Previous Page | 31 32 33 34 35 36 37 38 39 40 41 42  | Next Page >