Search Results

Search found 6525 results on 261 pages for 'restful authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 37/261 | < Previous Page | 33 34 35 36 37 38 39 40 41 42 43 44  | Next Page >

  • ASP.NET MVC: How does one add authentication to RSS Feeds?

    - by Mark Redman
    I have seen a few examples of how to create RSS feeds using ASP.NET MVC, either by creating an Action or through an HttpHandler. I need to authenticate feeds and am wondering how this is to be done (and supported by RSS readers rather than just browsing to the page/xml through a browser) and how would authentications differ between an MVC Action or HttpHandler?

    Read the article

  • Automatic User Authentication Framework for Controllers in ASP.NET MVC?

    - by Austin
    In rails I could do something like this to make sure a user is authenticated before accessing an action in the controller: before_filter :checked_logged_in, :only => [:edit, :update] I was wondering if ASP.NET MVC had something similar or if there was a framework out there that could essentially do something like the following: For certain methods with actions that take a certain parameter, I want to point the action to a method, check to see if the user owns that object, and if so, proceed to the controller action. If not, I want to redirect him to another action where I can show him he has invalid credentials. So basically I am looking for a sort of "before_filter." Anyone know of anything out there that can do this? Thanks!

    Read the article

  • Node.js A Good authentication module ? or whats the proper way to authenticate users?

    - by Mohamed Ahmed
    I'm learning Node.js and looking forward to create a simple web application which will be based on Express and I was thinking of something like creating user groups and each group has its own users and each group has its own permissions (Just like ACL in Cakephp) So can anyone recommend a good module or whatever to do so ? Also I'm a little curious about security and how these passwords are going to be saved and what type of encryption the passwords will be encrypted in. Thanks :)

    Read the article

  • Prompting for authentication from a wxPython program and passing it along to IIS?

    - by MetaHyperBolic
    I have a client (written in Python, with a wxPython front end in dead-simple wizard style) which communicates a website running IIS. A python script receives requests and does the usual client-server dance. I would have written this as a browser application, but for the requirement that certain things happen on the local PC that the web can't help with (file manipulation, interfacing with certain USB hardware, etc.) Right now, I am simply using the logon credentials, compounded as a string from os.environ['USERDOMAIN'] and os.environ['USERNAME'], to pass along to the server, which connects to Active Directory and enumerates the members of the group, looking for those logon credentials. It's an ugly hack, but it works. Obviously, I could make people log out of the generic helper accounts and log back into Windows using specific accounts. However, I wondered how feasible it would be to provide some kind of logon prompt wherein the user can type in a name and password, then some kind of authorization token could be passed on to IIS. This seems like something I would not want to do myself, given that amateurs almost always make huge security mistakes. Now you can see why I am wishing this was purely web-based. What's a good way to handle this?

    Read the article

  • When should I think about implementing my User authentication / session?

    - by Jason N
    After spending some time wireframing my ideas, I want to start building my rails app. However, I'm well aware that later down the line I'd like to consider multiple user accounts. Should I be thinking about the implementation of this from this early stage, or is this something I can implement without too much fuss later? It seems like something that would be stupid to attempt later, but part of me just wants to get the guts of the thing working - a couple of simply forms and writing/reading some stuff from the db.

    Read the article

  • do not require smtp authentication for a specific domain using hMail server

    - by toryan
    One of my clients has a needlessly complex e-mail setup for a couple of domains, which is causing problems when they try to send e-mail between them. They have a couple of domains where mail follows a slightly weird path: Users connect to an Exchange server to send e-mail The exchange server relays the message to an ISP-owned SMTP server as a smart host The ISPs server delivers the mail to the mail exchanger specified in DNS The mail exchanger is another server that runs hMailServer The Exchange server connects to the hMail server via POP3 and retrieves the messages. The problem arises when they send mail between addresses in the same domain, or two addresses that are present on the hMail server. hMail requires SMTP authentication when sending from local to local addresses, so the messages don't arrive. Removing SMTP authentication isn't really an option, as the server has been the target of spam being sent from spoofed local addresses. SMTP authentication prevents this. It is possible to add the ISP's mail server as an IP range with specific rules, but this seems inelegant. Bearing in mind I only have access to the hMail server and not the Exchange server, is there a better way of going about this?

    Read the article

  • OpenLDAP Authentication UID vs CN issues

    - by user145457
    I'm having trouble authenticating services using uid for authentication, which I thought was the standard method for authentication on the user. So basically, my users are added in ldap like this: # jsmith, Users, example.com dn: uid=jsmith,ou=Users,dc=example,dc=com uidNumber: 10003 loginShell: /bin/bash sn: Smith mail: [email protected] homeDirectory: /home/jsmith displayName: John Smith givenName: John uid: jsmith gecos: John Smith gidNumber: 10000 cn: John Smith title: System Administrator But when I try to authenticate using typical webapps or services like this: jsmith password I get: ldapsearch -x -h ldap.example.com -D "cn=jsmith,ou=Users,dc=example,dc=com" -W -b "dc=example,dc=com" Enter LDAP Password: ldap_bind: Invalid credentials (49) But if I use: ldapsearch -x -h ldap.example.com -D "uid=jsmith,ou=Users,dc=example,dc=com" -W -b "dc=example,dc=com" It works. HOWEVER...most webapps and authentication methods seem to use another method. So on a webapp I'm using, unless I specify the user as: uid=smith,ou=users,dc=example,dc=com Nothing works. In the webapp I just need users to put: jsmith in the user field. Keep in mind my ldap is using the "new" cn=config method of storing settings. So if someone has an obvious ldif I'm missing please provide. Let me know if you need further info. This is openldap on ubuntu 12.04. Thanks, Dave

    Read the article

  • Remote Desktop Network Level Authentication Not Supported

    - by Iszi
    I'm running Windows XP Professional SP3 x86, trying to connect to a system with Windows 7 Ultimate SP1 x64. Recently, I updated the Remote Desktop Connection software on the XP system in hopes of using Network Level Authentication (NLA) for my connections to the Windows 7 box. After the update, I connected to the Windows 7 box over RDP and enabled NLA believing that the updated client should support it. After disconnecting and attempting to reconnect, I'm presented with the following error: The remote computer requires Network Level Authentication, which your computer does not support. For assistance, contact your system administrator or technical support. So, I checked the About page in Remote Desktop Connection to make sure the update had applied. This is what I see. Remote Desktop Connection Shell Version 6.1.7600 Control Version 6.1.7600 © 2007 Microsoft Corporation. All rights reserved. Network Level Authentication not supported. Remote Desktop Protocol 7.0 supported. I thought NLA was supposed to be a part of RDP 7.0 clients. Is there a component I'm missing somewhere?

    Read the article

  • LDAP Authentication fails with 500 or 401 depending on bind for Apache2

    - by Erik
    I'm setting up LDAP authentication for our Subversion repository hosted through Apache on a RHEL 5 system. I run into two different issues when I try to authenticate against Active Directory. <Location /svn/> Dav svn SvnParentPath /srv/subversion SVNListParentPath On AuthType Basic AuthName "Subversion Repository" AuthBasicProvider ldap AuthLDAPBindDN "cn=userfoo,ou=Service Accounts,ou=User Accounts,dc=my,dc=example,dc=com" AuthLDAPBindPassword "mypass" AuthLDAPUrl "ldap://my.example.com:389/ou=User Accounts,dc=my,dc=example,dc=com?sAMAccountName?sub?(objectClass=user)" NONE Require valid-user </Location> If I use the above configuration it continually prompts me with the Basic prompt and I have to eventually select Cancel, which returns a 401 (Authorization Required). If I comment out the bind parts it returns 500 (Internal Server Error), griping that authentication failed: [Mon Nov 02 12:00:00 2009] [warn] [client x.x.x.x] [10744] auth_ldap authenticate: user myuser authentication failed; URI /svn [ldap_search_ext_s() for user failed][Operations error] When I perform the bind using ldapsearch and filter for a simple attribute it returns correctly: ldapsearch -h my.example.com -p 389 -D "cn=userfoo,ou=Service Accounts,ou=User Accounts,dc=my,dc=example,dc=com" -b "ou=User Accounts,dc=my,dc=example,dc=com" -w - "&(objectClass=user)(cn=myuser)" sAMAccountName Unfortunately I have no control or insight into the AD part of the system, only the RHEL server. Does anyone know what the hang up is here?

    Read the article

  • PostgreSQL user authentication against PAM

    - by elmuerte
    I am trying to set up authentication via PAM for PostgreSQL 9.3. I already managed to get this working on an Ubuntu 12.04 server, but I am unable to get this working on a Centos-6 install. The relevant pg_hba.conf line: host all all 0.0.0.0/0 pam pamservice=postgresql93 The pam.d/postgressql93 is the default config shipped with the official postgresql 9.3 package: #%PAM-1.0 auth include password-auth account include password-auth When a user tries to authenticate the following is reported in secure log: hostname unix_chkpwd[31807]: check pass; user unknown hostname unix_chkpwd[31808]: check pass; user unknown hostname unix_chkpwd[31808]: password check failed for user (myuser) hostname postgres 10.1.0.1(61459) authentication: pam_unix(postgresql93:auth): authentication failure; logname= uid=26 euid=26 tty= ruser= rhost= user=myuser The relevant content of password-auth config is: auth required pam_env.so auth sufficient pam_unix.so nullok try_first_pass auth requisite pam_succeed_if.so uid >= 500 quiet auth required pam_deny.so account required pam_unix.so account sufficient pam_localuser.so account sufficient pam_succeed_if.so uid < 500 quiet account required pam_permit.so The problem is with the pam_unix.so. It is unable to validate the password, and unable to retrieve the user info (when I remove the auth entry of pam_unix.so). The Centos-6 install is only 5 days old, so it does not have a lot of baggage. The unix_chkpwd is suid and has execute rights for everybody, so it should be able to check the shadow file (which has no privileges at all?).

    Read the article

  • Firefox proxy authentication with Kerberos: one service ticket per connection (Linux)

    - by Dari
    I am trying to enable proxy authentication via Kerberos for Firefox. The setup is: Active Directory domain (for LDAP and Kerberos; this works and I can log in the computer and get Kerberos tickets without problems) Microsoft Windows witness machine (on which Firefox runs fine with no ticket problem) CentOS 6.3 system with Firefox (the tests were performed with both the 10.0.1 ESR found in the CentOS package repositories and the 15.0.1 downloaded from Mozilla's website) BlueCoat proxy with Kerberos authentication enabled For the moment, Firefox requests an element of a website, gets an HTTP error code of "407 Proxy Authentication Required" from the proxy, gets a ticket granting service (TGS) from the domain for the proxy and performs the request again while passing the ticket. The transaction runs fine. However, when more elements are requested (in parallel), Firefox requests one more ticket per proxy connection. And this takes many DNS queries, Kerberos interactions with domain controllers and costs a lot of time (for example, the home page of Adobe takes several minutes to load and at the end, I have about 30 valid Kerberos tickets). I am stuck on this since a while, and help would be greatly appreciated. Minor information: the CentOS operating system is virtualized with VMware Player 3.1.3, but I do not think this would be a game changer.

    Read the article

  • Sharepoint: authenticating users via forms authentication

    - by sbee
    My problem is the following(sharepoint Newbie) , i want to change the default zone from being a Windows Authenticated Zone to a Forms Authenticated Zone ,thereby forcing the site collection administrator to log in via forms authentication and not windows also the sharepoint users will be accesing the site internally my goal is to effectively replace windows authentication with forms authentication as my company does not have active directory installed. So far i have created an ASP Application that adds the users to the database,the database was created via the .Net Framework Asp tool(Asp reg_sql),however when i change the default zone to the AspNetSqlMembershipProvider(Forms) and attempt to add my site collection administrator via the Central admistrator, i get the following error "No Exact Match found" as shown on the screenshot. My inkling is that somehow the people picker is failing to read the users from the database but reasearch on correcting that thus far has proved fruitless. I have made all the relevant changes on the these sites(Central admin site,My test site & Add Users site) config files.Changes are the following(Membeship Provider,Connection String,People Picker) i left out the role provider for now as it is optional. Help on this would ge highly appreciated...

    Read the article

  • MSSQL 2008 login failed for windows authentication

    - by Force Flow
    I'm running Microsoft SQL 2008 on a Windows 2008 Server. The MSSQL server server authentication is set to SQL Server and Windows Authentication mode. I have created an active directory security group "xyz app users". I have added a normal user (without any active directory admin privledges) and a user with domain admin privledges to the "xyz app users" group. I have added the group to the MSSQL management console as a login user. This group is a member of the public server role and is mapped to two databases. On a workstation, when the normal user is logged in, I configure a DSN ODBC connection, and I'm able to successfully create the DSN and test the SQL connection. However, when I'm logged in as the user with domain admin privledges, when I attempt to configure the DSN ODBC connection, I can't get past the login ID configuration screen. If I select "windows authentication" and click "next", I get an error: Connection failed: SQLState: '28000' SQL Server Error: 18456 [Microsoft][ODBC SQL Server Driver][SQL Server]Login failed for user 'mydomain\myuser' On the server's application event logs, this error appears: Login failed for user 'mydomain\myuser'. Reason: Token-based server access validation failed with an infrastructure error. Check for previous errors. [CLIENT: 172.x.x.x] And in MSSQL's event logs: Error: 18456, Severity: 14, State: 11 Solutions that I've seen so far do not seem to fit this situation (some solutions I've seen are only applicable when the BUILDIN\Administrator is being used locally on the server, which is not the case here).

    Read the article

  • Hadoop in a RESTful Java Web Application - Conflicting URI templates

    - by user1231583
    I have a small Java Web Application in which I am using Jersey 1.12 and the Hadoop 1.0.0 JAR file (hadoop-core-1.0.0.jar). When I deploy my application to my JBoss 5.0 server, the log file records the following error: SEVERE: Conflicting URI templates. The URI template / for root resource class org.apache.hadoop.hdfs.server.namenode.web.resources.NamenodeWebHdfsMethods and the URI template / transform to the same regular expression (/.*)? To make sure my code is not the problem, I have created a fresh web application that contains nothing but the Jersey and Hadoop JAR files along with a small stub. My web.xml is as follows: <?xml version="1.0" encoding="UTF-8"?> <web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"> <servlet> <servlet-name>ServletAdaptor</servlet-name> <servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet- class> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>ServletAdaptor</servlet-name> <url-pattern>/mytest/*</url-pattern> </servlet-mapping> <session-config> <session-timeout> 30 </session-timeout> </session-config> <welcome-file-list> <welcome-file>index.jsp</welcome-file> </welcome-file-list> </web-app> My simple RESTful stub is as follows: import javax.ws.rs.core.Context; import javax.ws.rs.core.UriInfo; import javax.ws.rs.Path; @Path("/mytest") public class MyRest { @Context private UriInfo context; public MyRest() { } } In my regular application, when I remove the Hadoop JAR files (and the code that is using Hadoop), everything works as I would expect. The deployment is successful and the remaining RESTful services work. I have also tried the Hadoop 1.0.1 JAR files and have had the same problems with the conflicting URL template in the NamenodeWebHdfsMethods class. Any suggestions or tips in solving this problem would be greatly appreciated.

    Read the article

  • Looking for RESTful Suggestions In Porting ASP.NET to MVC.NET

    - by DaveDev
    I've been tasked with porting/refactoring a Web Application Platform that we have from ASP.NET to MVC.NET. Ideally I could use all the existing platform's configurations to determine the properties of the site that is presented. Is it RESTful to keep a SiteConfiguration object which contains all of our various page configuration data in the System.Web.Caching.Cache? There are a lot of settings that need to be loaded when the user acceses our site so it's inefficient for each user to have to load the same settings every time they access. Some data the SiteConfiguration object contains is as follows and it determines what Master Page / site configuration / style / UserControls are available to the client, public string SiteTheme { get; set; } public string Region { private get; set; } public string DateFormat { get; set; } public string NumberFormat { get; set; } public int WrapperType { private get; set; } public string LabelFileName { get; set; } public LabelFile LabelFile { get; set; } // the following two are the heavy ones // PageConfiguration contains lots of configuration data for each panel on the page public IList<PageConfiguration> Pages { get; set; } // This contains all the configurations for the factsheets we produce public List<ConfiguredFactsheet> ConfiguredFactsheets { get; set; } I was thinking of having a URL structure like this: www.MySite1.com/PageTemplate/UserControl/ the domain determines the SiteConfiguration object that is created, where MySite1.com is SiteId = 1, MySite2.com is SiteId = 2. (and in turn, style, configurations for various pages, etc.) PageTemplate is the View that will be rendered and simply defines a layout for where I'm going to inject the UserControls Can somebody please tell me if I'm completely missing the RESTful point here? I'd like to refactor the platform into MVC because it's better to work in but I want to do it right but with a minimum of reinventing-the-wheel because otherwise it won't get approval. Any suggestions otherwise? Thanks

    Read the article

  • Client for restful web service

    - by Ish
    I'd like to create a http-centric client for a restful web service created using CXF. To that end: Does any one know the (maven) dependencies for ONLY the CXF clients (Proxy & HTTP)? Is there any advantage to using CXF's built-in clients over say, Apache HttpClient?

    Read the article

  • RESTful service description

    - by Anax
    From what I understand, I need to use WADL to describe a RESTful web service. Still, I have read many answers in relevant posts, where users are strongly opposed the use of WADL. What are the disadvantages of WADL? Is there any alternative solution?

    Read the article

  • RESTful API: How to model 'request new password'?

    - by Jan P.
    I am designing a RESTful API for a booking application and was quite happy to see I could map all details of the application to the 4 HTTP methods. /users - GET, POST /users/({id}|myself) - GET, POST, PUT, DELETE /users/({id}|myself)/bookings - GET, POST /users/({id}|myself)/bookings/{id} - GET, POST, PUT, DELETE Example: Updating my own user uses a PUT to /users/myself. But now I found out that one thing is missing: The possibility to request a new password if I forgot my old one. Any idea how I could add this?

    Read the article

  • Couldn't upload files to Sharepoint site while passing through Squid Proxy

    - by Ecio
    Hi all, we have this issue: one of our employees is collaborating with a supplier and he needs to upload documents on a Sharepoint site hosted on the supplier's main site. In our environment we use Squid Proxy to allow people navigate on the net (we have NTLM authentication and users transparently authenticate while using IE and FF). It seems that this specific Sharepoint site is using Integrated Windows Authentication only, and according to some research on the net it seems that this can have troubles with proxies. More specifically, we have tried two Squid versions: with Squid 3.0 we are unable to login to the site (the browser loads an empty page) with Squid 2.7 (that supports "Connection Pinning") we are able to login into the site, move on the different sections BUT.. when we try to upload a file that is bigger than a couple of KiloBytes (i.e. 10KB) the browser loads an error page (i think it's a 401 unauthorized but i must verify it) we've tried changing a couple of Squid options (in 2.7), what we got is that when you try to upload the file you got an authentication box (just like the initial login) and it refuses to go on even if you enter the same authentication credentials. What's really strange is that when you try to upload a small file (i.e. a text or binary 1KB file) the upload succeeds. I initially thought that maybe there was something misconfigured on their Sharepoint site but I've tried also this site: www.xsolive.com (it's a sharepoint 2007 demo site) and I've experienced the same problem. Has any of you experienced such behaviour? Thanks! Of course we've suggested to the supplier to activate also Basic+SSL and we're waiting for their reply..

    Read the article

  • Can't access IIS 7 server URL from the same IIS 7 server.

    - by Kevin Raffay
    We have an intranet site ie, xxx.yyyy.com, that users access by entering "http"://xxx.yyy.com. Our problems started when we migrated to IIS 7 running on a new 2003 server. We got rid of our single-sign on code and implemented a security model where we capture a user's domain credentials which we then authenticate against a DB. In order to get the domain credentials passed to our ASP.NET app, we have the following settings: Anonymous Authentication:Disabled ASP.NET Impersonation: Enabled Basic/Digest/Forms Authentication: Disabled Windows Authentication: Enabled We allow "*" and deny "?" in the web.config. Browsing "http"://xxx.yyy.com from any client PC results in a domain login prompt, and if your enter a proper user/pwd, you can get in. However, browsing "http"://xxx.yyy.com while remoting into the server results in 3 domain login prompts and eventually a 401 error - unauthorized. We have traced this behavior to problems with our web site where we have pages doing "screen scraping" using the HttpRequest calling a url on the same server. When doing a HttpRequest from any other client, using a test harness that passes authorized credentials, all is good. So internal HttpRequest calls on the server fail, just like attempts to browse that server's url from within a remote session. Why would a to "http"://xxx.yyy.com on server xxx.yyy.com fail authentication?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 33 34 35 36 37 38 39 40 41 42 43 44  | Next Page >