Search Results

Search found 1408 results on 57 pages for 'declarative authorization'.

Page 37/57 | < Previous Page | 33 34 35 36 37 38 39 40 41 42 43 44  | Next Page >

  • wcf data service security configuration

    - by Daniel Pratt
    I'm in the process of setting up a WCF Data Services web service and I'm trying to sort out the security configuration. Although there's quite a lot of documentation out there for configuring WCF security, a lot of it seems to be outmoded or does not apply to my scenario. Ultimately, I am planning on managing authorization of operations via change interceptors. Thus, all I really need is the simplest way to permit a client to pass credentials along with a request and to be able to authenticate those credentials against either AD or an ASP.NET membership provider (I'd much prefer the latter unless it makes things much more complicated). I'm intending to manage encryption at the transport level (i.e. HTTPS). I'm hoping that the eventual solution does not involve a huge web.config. Likewise, I'd much prefer to avoid writing custom code for the purpose of authentication.

    Read the article

  • C#/.Net Download file from premium rapidshare account

    - by Simon
    Hello, how can I log to premium rapidshare account from my source? I tryed this but it is not working: string authInfo = "name" + ":" + "pass"; authInfo = Convert.ToBase64String(Encoding.Default.GetBytes(authInfo)); client.Headers["Authorization"] = "Basic " + authInfo; client.DownloadFile("url", "C:\\Temp\\aaaa.file"); OR WebClient client = new WebClient(); client.Credentials = new NetworkCredential("name", "pass"); client.DownloadFile("url", "C:\\Temp\\aaaa.file"); Is there any simple way how download the file directly from rapidshare premium? Thank you a lot! Regards, simon

    Read the article

  • OAuth gives me 401 error

    - by Radek
    I am trying to get the access key but I cannot make it work. `request_token.get_access_token is giving me 401 Unauthorized (OAuth::Unauthorized) error. I copy the authorize_url into my browser, allow the application, I receive some kind of PIN from twitter but after hitting enter in my script I always get 401 error. I did some search and I found this helped access_token = request_token.get_access_token(:oauth_verifier => params[:oauth_verifier]) but it is giving me undefined local variable or methodparams' for main:Object (NameError)` the ruby script is like ( I was following this tutorial ) gem 'oauth' require 'oauth/consumer' consumer_key = 'your key' consumer_secret ='your secret' consumer=OAuth::Consumer.new "consumer_key", "consumer_secret", {:site=>"http://twitter.com"} #{:site=>"https://agree2.com"} request_token = consumer.get_request_token puts request_token.token puts request_token.secret puts request_token.authorize_url puts "Hit enter when you have completed authorization." STDIN.gets access_token = request_token.get_access_token #access_token = request_token.get_access_token(:oauth_verifier => params[:oauth_verifier]) puts access_token.token puts access_token.secret puts puts access_token.inspect

    Read the article

  • ASP.NET MVC and ASP.NET membership template provider

    - by rem
    In a standard ASP.NET MVC template application that is created by default in Visual Studio when starting a new ASP.NET MVC application there is already a built-in membership / authentication / authorization system. Using web search one can find lots of info about how to work with a built-in ASP.NET membership system, but very often this material is a bit of an old and refer to ASP.NET only, not mentioning ASP.NET MVC framework. Just for example: http://msdn.microsoft.com/en-us/library/ms998347.aspx#paght000022%5Fmembershipapis or http://www.4guysfromrolla.com/articles/091207-1.aspx To what extent all that applies to ASP.NET built-in membership system applies also to ASP.NET MVC ready template membership system?

    Read the article

  • NSURLConnection and Basic HTTP Authentication

    - by Justin Galzic
    I need to invoke an initial GET HTTP request with Basic Authentication. This would be the first time the request is sent to the server and I already have the username & password so there's no need for a challenge from the server for authorization. First question: 1) Does NSUrlConnection have to be set as synchronous to do Basic Auth? According to the answer on this post, it seems that you can't do Basic Auth if you opt for the async route. 2) Anyone know of any some sample code that illustrates Basic Auth on a GET request without the need for a challenge response? Apple's documentation shows an example but only after the server has issued the challenge request to the client. I'm kind of new the networking portion of the SDK and I'm not sure which of the other classes I should use to get this working. (I see the NSURLCredential class but it seems that it is used only with NSURLAuthenticationChallenge after the client has requested for an authorized resource from the server).

    Read the article

  • java enterprise project

    - by darko petreski
    Hi All, All the time we are hearing that java is enterprise. We have read many books about jpa, entity beans and other stuff. All this books explain this technology with some dummy examples. I have not seen a book that explains real problems with enterprise beans, java clients and security! I mean real book not some imaginated stupid examples . Is there any book that describes completely some enterprise system, Its architecture, communication, security, of course the client that uses the distributed components ? I need a book that will cover the flowing: server side components (ejb, jpa) client side java desktop application security (authentication and authorization) web services with complete authentication clustering (we can find for all of this a book, but there is no book that covers all this things in one piece. Also all the books are with dummy samples.) Or may be some project that is documented. Regards, Darko

    Read the article

  • Extending Code Igniter Model functions to external PHP Scripts

    - by Fábio Antunes
    Hello everybody. I'm doing a small web app, which uses CKeditor for user input, and CKfinder for file management (images/flash). Those who know CKFinder, also know that the config file for CKFinder as a function named CheckAuthentication() that returns false or true, giving or not permissions to use CKFinder. This is were a Custom PHP Code checks if the user as authorization to access CKFinder or not. Well for my app I'm using Code Igniter, and of course I've created a model were i handle everything about User Permissions, Loggin, Session Cookies, etc. And i also have a function witch its propose is just to check if the user is Logged in. So I would like to know if someone knows a way that i can call the function isLoggedIn() inside the model security from inside the function CheckAuthentication() in CKFinder config file. Thanks in advance.

    Read the article

  • Jersey, Spring, Tomcat and Security Annotations

    - by jr
    I need to secure a simple jersey RESTful API in a Tomcat 6.0.24 container. I'd like to keep the authentication with Basic Authentication using the tomcat-users.xml file to define the users and roles (this is for now, like I said its small). Now, for authorization I'd like to be able to use the JSR 250 annotations like @RolesAllowed, @PermitAll, @DenyAll, etc. I cannot for the life of me figure out how to wire this all up together. I really don't want to go spring-security route, since I need something very simple at the current time. Can someone point me in the right direction.

    Read the article

  • Google Gears - Database - VACUUM

    - by Sirber
    With this code: var db = google.gears.factory.create('beta.database'); db.open('cominar'); db.execute('CREATE TABLE IF NOT EXISTS Ajax (AJAX_ID INTEGER PRIMARY KEY AUTOINCREMENT , MODULE TEXT, FUNCTION TEXT, CONTENT_JSON TEXT);'); db.execute('VACUUM;'); // nettoye la DB I'm trying to clean the database (VACUUM) the database at each initialisation but I get this error: Uncaught Error: Database operation failed. ERROR: authorization denied DETAILS: not authorized The database was created by me (the same page). Thank you!

    Read the article

  • Using rest-client to upload a paperclip attachment but getting no file found error

    - by Angela
    Hello, I have a paperclip attachment that I wan to upload to a web-service using rest-client. However, when I try to run it, I get an error: No such file or directory - /system/postalimages/1/original/postcard-1.png?1274635084 But the file exists for sure: I see it in my directory. How do I debug this? Here is the code in my controller which makes the upload: def upload @postalcard = Postalcard.find(:last) response = RestClient.post('http://www.postful.com/service/upload', { :upload => { :file => File.new(@postalcard.postalimage.url,'rb') #paperclip file path } }, #end payload {"Content-Type" => @postalcard.postalimage.content_type, "Content-Length" => @postalcard.postalimage.size, "Authorization" => 'Basic dGltZm9uZzg4OEBnbWFpbC5jb206ZDlQcTVKUU4='} # end headers ) #close arguments to Restclient.post return response.body end

    Read the article

  • Legacy application with JDBC and JNDI REALM authentication

    - by KB
    Hello All, My application currently relies on JDBC realm authentication. Recent needs have forced us to think about having LDAP authentication as well. We are thinking about using Active Directory for both authentication as well as authorization (roles). As a standalone test, I was able to authenticate my application with AD. But here is the confusion I have going forward. If the user chooses LDAP authentication when he logs in, I authenticate the user with AD, get the user's roles and do I replicate(create a new) windows user in my database?. I have to have the user in the database, because many parts of the application is designed to retrieve the user from database If the users chooses local login, I still should have JDBCRealm somewhere that I should use to authenticate the user. Is it possible to have multiple realms in tomcat? (I sort of know it is possible, but havent seen much documentation around it) Any thoughts, comments, suggestions would immensely help me Thanks K

    Read the article

  • Did we really always need to use Ruby/ rails plugin?

    - by Devlim
    I been intersted in ruby and rails lately but what I always encounter in blog/ podcast / book is they will always teach how to use ruby or rails plugin/ ruby instead of writing one. Did we really always need to use plugin, even thing like authorization? Authenticate? Is it really waste time Or hard to write from start? Then if it hard and waste time why rails say make web development less painful? Or I was wrong in term of concept? Goal ? Or anything else? Of rails? Anyone can guide me ?

    Read the article

  • ASP.Net MVC 2 Forms Authentication cookieless = "UseUri" while submit autherization fails

    - by rintoantony
    hi, I just started working with ASP.Net MVC 2. I created a new ASP.Net MVC application and created one vehicle controler with a database table connected with LINQ. Then created forms authentication mechanism for the application and tried to use the uri instead of cookies it was working smoothly but when i submit the form by creating a "Create" view from the controler using the utility it just dont work. The autherization got failed and asking to enter the user name and password again.I had created the authorization mechanism by adding Authorise attribute to the Controller so as to get authorized for all the actions. namespace MVCNEW.Controllers { [Authorize] public class VehicleController : Controller { But if i use the cookies instead of uri it works fine. Thanks in advance...

    Read the article

  • ASP.NET authentication login and logout with browser back button

    - by Eatdoku
    Hi, I am looking for a solution for user use the browser's back button to navigate to previous page once logged out. I have a web application build in asp.net and using a custom membership provider for authentication and authorization. Everything works fine except when the user click on the logout link to log out of the application and being redirect to a default cover page, if the use click on the BACK BUTTON on their browser, it will actually go back to where they were before and the data will still show up. Of course they can't do anything on that page, click on anything link they will be redirect to a login page again. But having those information display is making a lot users confused. i am just wondering if there is any way i can either clear the browser's history so use can't go BACK, or when they click on the back button and have them redirect to the login page. thanks

    Read the article

  • How to secure access to SWF file using ASP.NET?

    - by elsharpo
    hi guys, We have a swf file that we want to secure and make available only to authorized users. I embedded the file in an aspx page and that works fine, since ASP.NET handles the aspx page, I can use ASP.NET authorization features and in the web.config restrict the access to roles="AllowedUsers" for example. However smart users could still get to the file by accessing directly for example www.mysite/flash.swf. We want to make that kind of access secure. Any help would be greatly appreciated! Thanks!

    Read the article

  • htaccess not called when the url point to an existing folder

    - by Eldad
    Hi, I'm running zend server on windows 7. I'm using the htaccess from jooml: Options +FollowSymLinks RewriteEngine On RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR] RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR] RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR] RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR] RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) RewriteRule ^(.*)$ index.php [F,L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_URI} !^/index.php RewriteCond %{REQUEST_URI} (/|\.php|\.html|\.htm|\.feed|\.pdf|\.raw|/[^.]*)$ [NC] RewriteRule (.*) index.php RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L] when I'm calling this url: http://localhost/ABC/ the data is been redirect to index.php but if I'm creating the folder ABC the server is showing the ABC folder content and not redirecting the data back to index.php. how can I prevent that, I want all the calls data to be directed into index.php? Thanks

    Read the article

  • Retrieving WSDL file from secure service

    - by Anonimo
    I have a Web Service developed with JAX-WS. I have secured the web service with BASIC authentication configured in Tomcat. When I try to access the web service using a Java client, I first need to create the port, and then specify the credentials, as follows: CustomerServiceClient customerServiceClient = new CustomerServiceBottomUpService(); //1 CustomerService customer = customerServiceClient.getCustomerServicePort(); //2 Map<String, Object> context = ((BindingProvider) customer).getRequestContext(); //3 context.put(BindingProvider.USERNAME_PROPERTY, "kermit"); //4 context.put(BindingProvider.PASSWORD_PROPERTY, "thefrog"); //5 The problem I have is that, after line 1, I get an Authorization error (HTTP 401) as I obviously haven't provided the server with the credentials yet. I am creating the client artifacts from a server WSDL, hence the authentication problem when creating the service, and don't want my clients to store the WSDL locally as it's just annoying for them. How can I get around this problem?

    Read the article

  • How can I pre-authorize authopen?

    - by Georg
    I'm using authopen inside one of my programs to modify files owned by root. As can be seen in the screenshot below authopen asks for a admin password. What I'd like to achieve is that the dialog shows my app's name and then passes the authorization to authopen. Code Launching authopen which returns an authorized file descriptor. int pipe[2]; socketpair(AF_UNIX, SOCK_STREAM, 0, pipe); if (fork() == 0) { // child // close parent's pipe close(pipe[0]); dup2(pipe[1], STDOUT_FILENO); const char *authopenPath = "/usr/libexec/authopen"; execl(authopenPath, authopenPath, "-stdoutpipe", [self.device.devicePath fileSystemRepresentation], NULL); NSLog(@"Fatal error, quitting."); exit(-1); } // parent // close childs's pipe close(pipe[1]); // get file descriptor through sockets I'd really like not to use AuthorizationExecuteWithPrivileges because then I'd have to get more rights than I want to.

    Read the article

  • Can't access web service when connected to the network :: HTTP 407

    - by Ian
    Hi All, I have a console application that communicates with a web service. Both of them are on the same machine. When I am accessing the web service with the LAN disabled, it connects without a problem. But if the LAN is enabled and connected to our office network, I receive this error: "HTTP 407 Proxy Authentication required - The ISA Server requires authorization to fulfill the request. Access to the Web Proxy service is denied." We've been hunting the source of the problem for three days now. We have tried everything that we can think of. Any ideas what's causing the problem? Additional notes: - The machine is in a Workgroup setup but with DNS suffix (computer.local). When accessing the web service, we type the address as "http://machine.computer.local/service.asmx" I talked to the IT guys and they said that we don't have an ISA server installed There is no "proxy" set in IE. The machine is in mint condition.

    Read the article

  • MDE Access decrypt JDBC

    - by michelemarcon
    I want to perform JDBC SQL queries on a MDE Access file. I've set up the data source ODBC and everything worked well for a MDE file. Now, I'm working with a newer version of the MDE file, and here is the result: java.sql.SQLException: [Microsoft][Driver ODBC Microsoft Access] Cannont read record. Read authorization unavailable for "tbl_mytable". If I open the MDE with Access Runtime I am asked for a password, and after leaving a blank password I can see all the data. Of course, "tbl_mytable" does exist inside the database.

    Read the article

  • Running a GWT application inside an IFRAME from an ASP.NET 3.5 app?

    - by Jay Stevens
    We are looking at integrating a full-blown GWT (Google Web Toolkit 2.0) application with an existing ASP.NET 3.5 application. My first gut reaction is that this is a horrible frankenstein idea. However, the customer has insisted that we use this application developed by a third-party. I have almost NO CONTROL over the development of the GWT app. My first thought is to actually attempt to embed this in an iFrame. Because GWT is running under Tomcat/Jakarta, it is hosted on a different server from the .NET app so the iFrame src will be to a URL on the other machine. I need to utilize our own ASP.NET authorization scheme to restrict access to the embedded GWT application. The GWT app also uses embedded java applets, which don't seem to be working right now inside the iframe. Any major problems with this approach that anyone can see? Will GWT work on an iframe while hosted on a different machine?

    Read the article

  • How to propagate spring security login to EJBs?

    - by tangens
    Context I have a J2EE application running on a JBoss 4.2.3 application server. The application is reachabe through a web interface. The authentication is done with basic authentication. Inside of the EJBs I ask the security context of the bean for the principal (the name of the logged in user) and do some authorization checks if this user is allowed to access this method of the EJB. The EJBs life inside a different ear than the servlets handling the web frontend, so I can't access the spring application context directly. Required change I want to switch to Spring Security for handling the user login. Question How can I propagate the spring login information to the JBoss security context so I can still use my EJBs without having to rewrite them? Ideas and links I already found a page talking about "Propagating Identity from Spring Security to the EJB Layer", but unfortunatelly it refers to an older version of Spring Security (Acegi) and I'm not familiar enough with Spring Security to make this work with the actual version (3.0.2).

    Read the article

  • MVC Site - Ensuring the default entry view is always correct

    - by Klaptrap
    I have a MVC site with AD authorization. This is all working fine. I publish the site to the webserver and call the site directly (http://intranet). If I have not logged in for a while (I have an authorised cookie with a 30 minute TTL), I am prompted to log-in and if successful I am redirected to the homeController's index view. This is great and as expected. If I keep the session open (browser open) and browse away from the site, if I then browse back to http://intranet, I am not challenged as I have recently authenticated but the default page is from a different controller and not the home page view. How can I stop this from happening? It cannot be a session setting as this is not a new session and the routes appear correct - they are not beng called at this point anyhow. Please MVC guru's advise....!

    Read the article

  • Upload file with POST method on Qt4

    - by mosg
    Hello! I'm looking for a basic code samples of how to upload files to server with HTTP POST method on Qt. My task: I have simple Qt program and I need to select any image file from the local host and upload it to the server. The selection part and GUI is simple and I have already done it, but with POST uploading I'm confused. In addition I have to say, that there is no authorization to upload file. If someone already looking this topic? PS: the reason why I'm asking and not coding my self is time, I need to get this method quick. Thank you, all success solutions from my side will be posted here for others.

    Read the article

  • Twisted Python getPage

    - by David Dixon II
    I tried to get support on this but I am TOTALLY confused. Here's my code: from twisted.internet import reactor from twisted.web.client import getPage from twisted.web.error import Error from twisted.internet.defer import DeferredList from sys import argv class GrabPage: def __init__(self, page): self.page = page def start(self, *args): if args == (): # We apparently don't need authentication for this d1 = getPage(self.page) else: if len(args) == 2: # We have our login information d1 = getPage(self.page, headers={"Authorization": " ".join(args)}) else: raise Exception('Missing parameters') d1.addCallback(self.pageCallback) dl = DeferredList([d1]) d1.addErrback(self.errorHandler) dl.addCallback(self.listCallback) def errorHandler(self,result): # Bad thingy! pass def pageCallback(self, result): return result def listCallback(self, result): print result a = GrabPage('http://www.google.com') data = a.start() # Not the HTML I wish to get the HTML out which is given to pageCallback when start() is called. This has been a pita for me. Ty! And sorry for my sucky coding.

    Read the article

< Previous Page | 33 34 35 36 37 38 39 40 41 42 43 44  | Next Page >