Search Results

Search found 9696 results on 388 pages for 'proxy authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 45/388 | < Previous Page | 41 42 43 44 45 46 47 48 49 50 51 52  | Next Page >

  • authentication of webapps when passwords are hashed with bcrypt

    - by dubreakkk
    I created a GWT project which requires authentication. Initially, the users' passwords were in plain text, but now I would like to hash them with BCrypt. I searched but I cannot find a place describing how to make Jetty authenticate against a BCrypt hashed password. I'm sending the password to the server using a FORM in plain text and over SSL. What do I need to do to make Jetty hash this password and compare it to the one in the database? Thank you;

    Read the article

  • Service-Based Authentication Using Tokens

    - by jerhinesmith
    I'm having a tough time trying to find clear and concise examples of how one would implement a service-based authentication scheme using tokens. As far as I can tell, the basic steps are as follows: Client requests username/password from user Client passes username/password to identity provider Provider checks username/password and sends back a token if the user is valid Client does something with the token? The third and fourth step are where I'm getting stuck. I assume the "token" in this case just has to be either an encrypted string that the client can decrypt or some random string that gets stored somewhere (i.e. a database) that the client can then verify against, but I'm not really sure what the client is then supposed to do with the token or why you even need a token at all -- couldn't a simple user ID also suffice?

    Read the article

  • Looking for a way to get HTTP Digest Authentication headers from incoming http requests

    - by duncancarroll
    I've been working on a REST implementation with my existing Cake install, and it's looking great except that I want to use HTTP Digest Authentication for all requests (Basic Auth won't cut it). So great, I'll generate a header in the client app (which is not cake) and send it to my cake install. Only problem is, I can't find a method for extracting that Digest from the request... I've looked through the Cake API for something that I can use to get the Digest Header. You'd think that Request Handler would be able to grab it, but I can't find anything resembling that. There must be another method of getting the digest that I am overlooking? In the meantime I'm writing my own regex to parse it out of the Request... once I'm done I'll post it here so no one has to waste as much time as I did hunting for it.

    Read the article

  • Form authentication works on dev server but not on IIS

    - by Ilknur
    Hi, We have a similar problem. We have a web application running under default appdomain. It was working fine until a week before...Suddenly it has encountered a problem. Below message is taken from event logs. Event code: 4005 Event message: Forms authentication failed for the request. Reason: The ticket supplied has expired. Application uses FormsAuthentication and gets the roles from aspnetdb.. After the error, when user logins to the page, it does not redirects to the default.aspx. Again login.aspx comes up. On the other hand application works fine on development server(localhost), but not on www(IIS 6.0). Does any one has an idea? Thanks, Ilknur

    Read the article

  • Windows Phone 7 Application + WCF + SSL + Username Authentication

    - by s7orm
    Hello, I have developed a test service with WCF, which I try to consume from a Windows Phone 7 Application, however when calling a method from the service I get a weird exception: There was no endpoint listening at https://server/Service.svc that could accept the message. This is often caused by an incorrect address or SOAP action. The WCF service uses a custom binding with UserNameOverTransport authentication and SSL. For the authorization I am using an implementation of the UserNamePasswordValidator. If I try to consume the service from a console or silverlight application (cross domain policy is enabled) - it works fine (authorization as well). And the most weird thing is that the ServiceReferences.ClientConfig file generated for the WP7 App is exactly the same as the config file generated for the silverlight application. I have no idea what is wrong with my service...

    Read the article

  • How do I stack Plack authentication handlers?

    - by Schwern
    I would like to have my Plack app try several different means of authorizing the user. Specifically, check if the user is already authorized via a session cookie, then check for Digest authentication and then fall back to Basic. I figured I could just enable a bunch of Auth handlers in the order I wanted them to be checked (Session, Digest, Basic). Unfortunately, the way that Plack::Middleware::Auth::Digest and Plack::Middleware::Auth::Basic are written they both return 401 if digest or basic auth doesn't exist, respectively. How is this normally dealt with in Plack?

    Read the article

  • Web Application - Authentication / Login Framework

    - by user456563
    This is a very simple, probably a most asked question and frequently developed as part of any web application. Say I'm planning to build a web application and some of the functional requirements include (apart from the usual hard hitting security reqs), - Need to have users sign up for a new account profile - Authenticate user using the native app authentication / Facebook or Google or Yahoo or OpenId login - Allow lost password retrieval - Session handling needs Is there an out of the box frameworks (Drupal, Liferay??) that I can use to wrap my application which can be a bunch of JSP's or HTML's with JS? I know I'm asking a very simple and maybe a naive question. But this is a topic every web developer guru will go thru. Any help, advise and pointers much appreciated.

    Read the article

  • Established javascript solution for secure registration & authentication without SSL

    - by Tomas
    Is there any solution for secure user registration and authentication without SSL? With "secure" I mean safe from passive eavesdropping, not from man-in-the-middle (I'm aware that only SSL with signed certificate will reach this degree of security). The registration (password setup, i.e. exchanging of pre-shared keys) must be also secured without SSL (this will be the hardest part I guess). I prefer established and well tested solution. If possible, I don't want to reinvent the wheel and make up my own cryptographic protocols. Thanks in advance.

    Read the article

  • Cannot connect to MySQL 4.1+ using old authentication

    - by B T
    I'm trying to connect to a mySQL database at http://bluesql.net, but when I try to connect, it gives this error: Connect Error (2000) mysqlnd cannot connect to MySQL 4.1+ using old authentication I've looked into this, and it has to do with some old password scheme used before MySQL 4.1. Newer versions have the option to use old passwords, which I've read may cause this problem. I'm running php 5.3, and connecting with mySQLi (new mysqli(...)). I'm hoping I can do something in the code to connect to the DB at bluesql.net - clearly I don't control how their database is set up. Downgrading php versions isn't an option. Anyone have any ideas?

    Read the article

  • User forms authentication in JSF

    - by Proton
    I'm a novice at JSF and I got a couple of questions concerning organizing user authentication there. 1) How can i redirect the registered user to a welcome page (for example welcome.xhtml)? I heard about using Filter or navigation-rule tag, but i didn't found a full-blown tutorial of how it works. 2) How can i tell the server that unauthorized users can access not only the login page but also the registration page? Is there an analog for ASP.NET web.config tag or something like this?

    Read the article

  • Best Solution For Authentication in Ruby on Rails

    - by Dan Wolchonok
    I'm looking for a pre-built solution I can use in my RoR application. I'm ideally looking for something similar to the ASP.NET Forms authentication that provides email validation, sign-up controls, and allows users to reset their passwords. Oh yeah, and easily allows me to pull the user that is currently logged into the application. I've started to look into the already written pieces, but I've found it to be really confusing. I've looked at LoginGenerator, RestfulAuthentication, SaltedLoginGenerator, but there doesn't seem to be one place that has great tutorials or provide a comparison of them. If there's a site I just haven't discovered yet, or if there is a de-facto standard that most people use, I'd appreciate the helping hand.

    Read the article

  • download authentication?

    - by Sahat
    Hi I am sorry if this question has been asked before but I am looking for some sort of download authentication. In other words if I am going to give the user a link to a file, I want to make sure only that person will get it, and get it only once! Is there a simple solution without setting up the whole database. Even better if it's possible to have an ecrypted web link that will let you download a file from my FTP server just once, after that the link becomes invalid. Thanks.

    Read the article

  • how to Acces Blocked Sites?

    - by Muhammad AYUB Khan BALOUCH
    im in Pakistan and Youtube is blocked in Pakistan . i want to take the Lecture videos from youtube. in windows i was using Hotsopshield to bypass proxy but now in Ubuntu i dnt know how to Bypass Proxy . i found some where that i can bypas proxy by Putty software . can u guide me how can i bypass proxy by that. but i was not able to do so . kindly tell me some easy method to bypass proxy . i dnt want to used websites like accesstoblockedsites.com

    Read the article

  • Can't ping external websites

    - by Frantumn
    I can't ping google.com with my virtual ubuntu 12.04 server. I have set up a proxy URL in my /etc/apt/apt.conf file and it says Aquire::http::proxy http://urlname.com:9999; Now, I don't know a lot about how the proxy works, but I do know when we use it on windows VMachines it's a pac script that we place in internet explorer LAN settings and it automatically detects the script and gives internet access. I tried including the 9999/proxy.pac in the apt.conf URL and it didn't seem to work any better. Would ubuntu know how to handle a proxy.pac assuming it was created for windows? Should my URL include the .pac or just end after the port numbers? I've tried both without sucess, but I would like to know. A quick test to ping a fellow co-workers' PC was sucessful. So I can see network computers, but not google. or other internet sources.

    Read the article

  • Does git clone work through NTLM proxies?

    - by AndreaG
    I've tried both using export http_proxy=http://[username]:[pwd]@[proxy] and git config --global http.proxy http://[username]:[pwd]@[proxy]. I couldn't make it work. It looks like git uses Basic authentication: Initialized empty Git repository in /home/.../.git/ * Couldn't find host github.com in the .netrc file, using defaults * About to connect() to github.com port 8080 (#0) * Trying 10.... * Connected to github.com (10....) port 8080 (#0) * Proxy auth using Basic with user '...' > GET http://github.com/sunlightlabs/fiftystates.git/info/refs HTTP/1.1 Proxy-Authorization: Basic MD... User-Agent: git/1.6.1.2 Host: github.com Pragma: no-cache Accept: */* Proxy-Connection: Keep-Alive < HTTP/1.1 407 Proxy Authentication Required ( The ISA Server requires authorization to fulfill the request. Access to t he Web Proxy filter is denied. ) < Via: 1.1 ... < Proxy-Authenticate: Negotiate < Proxy-Authenticate: Kerberos < Proxy-Authenticate: NTLM < Connection: Keep-Alive < Proxy-Connection: Keep-Alive < Pragma: no-cache < Cache-Control: no-cache < Content-Type: text/html < Content-Length: 4118 * The requested URL returned error: 407 * Closing connection #0 fatal: http://github.com/sunlightlabs/fiftystates.git/info/refs download error - The requested URL returned error: 407 Google search returned mixed and probably not updated results. Somewhere it says that curl is (was?) used under the hood, but its options are (were?) hardwired into code. For example, curl --proxy-ntlm --proxy ...:8080 google.com works, and I'd like to use the same option with git. I need some more definite answers here: has anybody succeed using git through Windows proxies? Which version? Thanks.

    Read the article

  • is there a way using Ruby's net/http to post form data to an http proxy?

    - by Derek P.
    I have a basic Squid server setup and I am trying to use Ruby's Net::HTTP::Proxy class to send a POST of form data to a specified HTTP endpoint. I assumed I could do the following: Net::HTTP::Proxy(my_host, my_port).start(url.host) do |h| req = Net::HTTP::Post.new(url.path) req.form_data = { "xml" => xml } h.request(req) end But, alas, proxy vs. non-proxied Net::HTTP classes don't seem to use the proxy IP Address. my remote service responds telling me that it received a request from the wrong IP address, ie: not the proxy. I am looking for a specific way to write the procedure, so that I can successfully send a form post via a proxy. Help? :)

    Read the article

  • How do I route watir through a proxy pragmatically?

    - by feydr
    I'm trying to route watir through a proxy pragmatically -- this means within the script I'd like to change my proxy dynamically before launching the browser. Here's what I've tried so far (and so far am failing): I'm running chrome and lucid lynx ubuntu. I chose TREX cause I thought watir might be making use of PROXY or something. I rewrote /usr/bin/google-chrome as: #!/bin/bash /opt/google/chrome/chrome --proxy-server="$TREX" $@ The reason I'm passing in the environment variable to proxy-server rather than http_proxy is because I never could get http_proxy to work as is anyways then I did a simple: require 'rubygems' require 'watir-webdriver' ENV['TREX'] = "XX.XX.XX.XX:YY" browser = Watir::Browser.new(:chrome) browser.goto("http://mysite.com") Anyways, what is happening here is that it is forwarding me to the login page of the proxy rather than just forwarding the request. What am I missing here? I feel like I'm pretty close.

    Read the article

  • C# Can I return HttpWebResponse result to iframe - Uses Digest authentication

    - by chadsxe
    I am trying to figure out a way to display a cross-domain web page that uses Digest Authentication. My initial thought was to make a web request and return the entire page source. I currently have no issues with authenticating and getting a response but I am not sure how to properly return the needed data. // Create a request for the URL. WebRequest request = WebRequest.Create("http://some-url/cgi/image.php?type=live"); // Set the credentials. request.Credentials = new NetworkCredential(username, password); // Get the response. HttpWebResponse response = (HttpWebResponse)request.GetResponse(); // Get the stream containing content returned by the server. Stream dataStream = response.GetResponseStream(); // Open the stream using a StreamReader for easy access. StreamReader reader = new StreamReader(dataStream); // Read the content. string responseFromServer = reader.ReadToEnd(); // Clean up the streams and the response. reader.Close(); dataStream.Close(); response.Close(); return responseFromServer; My problems are currently... responseFromServer is not returning the entire source of the page. I.E. missing body and head tags The data is encoded improperly in responseFromServer. I believe this has something to do with the transfer encoding being of the type chunked. Further more... I am not entirely sure if this is even possible. If it matters, this is being done in ASP.NET MVC 4 C#. Thanks, Chad

    Read the article

  • Forms authentication in Silverlight

    - by Matt
    I have a website using forms authentication. Everything runs sweet their. I've got a Silverlight app that uses Duplex messaging to talk to a WCF service. I'd like to be able to authenticate users in my service. I realize that by doing this <serviceHostingEnvironment aspNetCompatibilityEnabled="true" /> that my service would then have access to the HttpContext.Current context and I could easily authenticate a user. But herein lies the problem. aspNetCompatibilityEnabled="true" combined with Duplex messaging results in very, very, very slow communication between silverlight and the website (10 seconds or more). Unless I have a configuration wrong, I'm going to assume that this is a bug in WCF / Silverlight. So basically I'm looking for a workaround. One idea I wanted to try was to read the ASPSESSID cookie from the browser and send that value over the wire. But I don't know what to do with the cookie on the service side. Is there some way to authenticate a user by sending their cookie data over duplex messaging?

    Read the article

  • Universal Authentication to Google Data API?

    - by viatropos
    Hey, I want to be able to have say 10 admin users store all their documents on google docs for a domain ('http://docs.google.com/a/domain.com'), and have everyone else be able to view them through 'domain.com/documents'. I'm just not certain how the whole authentication thing works in that case. Should I use OAuth? Or could I just use ClientLogin for say the root/global admin, and anytime someone goes to the site, they login as that? That works for personal docs, but it doesn't seem to be working for Google Apps. I would like it so the user has no idea they're accessing google docs, so I don't want them to have to say "Yes, Authenticate this App with Google", as seen in this Doclist Manager App. The app is basically: Admin stores a bunch of forms and documents User uses form and views documents the admin has posted ... so there's no need to access the user's Google Docs. But it seems like AuthSub and OAuth are addressing that instead... Thanks for the tips.

    Read the article

  • IIS as proxy to rails/mongrel - force a proxied host to generate REMOTE_USER

    - by rbn
    Hello -- Using Application Request Routing I have IIS 7.5 set up as a reverse proxy to a Mongrel service which is serving a rails app. IIS is set up to use Windows Auth and is working but I cannot access the REMOTE_USER variable in the rails app to get at current user's identity. I have inspected the request object in rails and I don't have any other variables like LOGON_USER, HTTP_REMOTE_USER, AUTH_USER, etc. I am trying to find a way to inject the REMOTE_USER variable into Mongrel's server variables. This post describes what I am looking for using mod_rewrite on Apache but I am having trouble recreating this rule for iis. this is the rewrite rule from the post mentioned above for Apache RewriteEngine On RewriteCond %{LA-U:REMOTE_USER} (.+) RewriteRule . - [E=RU:%1] Header add X-Forwarded-User %{RU}e I tried reproducing the rule in IIS and got a URL Rewrite Module error ("The condition's expression "%{LA-U:REMOTE_USER}" is invalid."). I know I'm probably using Apache syntax where IIS syntax is needed but am not sure how to proceed at this point. Any help greatly appreciated.

    Read the article

  • Using PHP cURL with an HTTP Debugging Proxy

    - by Kane
    I'm using the app "Fiddler" to debug a GET attempt to a website via PHP cURL. In order to see the cURL traffic I had to specify that the cURL connection use the Fiddler proxy (see code below). $ch = curl_init(); curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, 1); curl_setopt($ch, CURLOPT_PROXY, '127.0.0.1:8888'); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); curl_setopt($ch, CURLOPT_TIMEOUT, 10); curl_setopt($ch, CURLOPT_HEADERFUNCTION, 'read_header'); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_USERAGENT, $user_agent); curl_setopt($ch, CURLOPT_REFERER, "http://domain.com"); curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); curl_setopt($ch, CURLOPT_COOKIEJAR, "my_cookies.txt"); curl_setopt($ch, CURLOPT_COOKIEFILE, "my_cookies.txt"); curl_setopt($ch, CURLOPT_URL, "http://domain.com"); $response = curl_exec($ch); But the problem is that in Fiddler I can only see this: Request (domain.com is just an alias): CONNECT domain.com:80 HTTP/1.1 Response: HTTP/1.1 200 Blind-Connection Established If I manually load the website in a browser Fiddler gives me WAY more information. I can see the cookies, the header information, and what I'm receiving via the GET. Any ideas why Fiddler can't see more useful information from PHP cURL? Edit: I tried turning on the "Enable HTTPS Decryption" option inside Tools / Fiddler Options / HTTPS (which I'm not sure why I'd need to use as I didn't tell cURL to use HTTPS). Unfortunately, by changing this setting I now get a Response of: HTTP/1.1 502 Connection failed Edit: If it helps, the app "Charles" shows me WAY more information than Fiddler, but I really want to figure out Fiddler since I like it better.

    Read the article

  • httplib2 giving internal server error 500 with proxy

    - by NJTechie
    Following is the code and error it throws. It works fine without the proxy http = httplib2.Http() . Any pointers are highly appreciated! Usage : http = httplib2.Http(proxy_info = httplib2.ProxyInfo(socks.PROXY_TYPE_HTTP, '74.115.1.11', 80)) main_url = 'http://www.mywebsite.com' response, content = http.request(main_url, 'GET') Error : File "testproxy.py", line 17, in <module> response, content = http.request(main_url, 'GET') File "/home/kk/bin/pythonlib/httplib2/__init__.py", line 1129, in request (response, content) = self._request(conn, authority, uri, request_uri, method, body, headers, redirections, cachekey) File "/home/kk/bin/pythonlib/httplib2/__init__.py", line 901, in _request (response, content) = self._conn_request(conn, request_uri, method, body, headers) File "/home/kk/bin/pythonlib/httplib2/__init__.py", line 862, in _conn_request conn.request(method, request_uri, body, headers) File "/usr/lib/python2.5/httplib.py", line 866, in request self._send_request(method, url, body, headers) File "/usr/lib/python2.5/httplib.py", line 889, in _send_request self.endheaders() File "/usr/lib/python2.5/httplib.py", line 860, in endheaders self._send_output() File "/usr/lib/python2.5/httplib.py", line 732, in _send_output self.send(msg) File "/usr/lib/python2.5/httplib.py", line 699, in send self.connect() File "/home/kk/bin/pythonlib/httplib2/__init__.py", line 740, in connect self.sock.connect(sa) File "/home/kk/bin/pythonlib/socks.py", line 383, in connect self.__negotiatehttp(destpair[0],destpair[1]) File "/home/kk/bin/pythonlib/socks.py", line 349, in __negotiatehttp raise HTTPError((statuscode,statusline[2])) socks.HTTPError: (500, 'Internal Server Error')

    Read the article

  • CAS authentication and redirects with jQuery Ajax

    - by Steve Nay
    I've got an HTML page that needs to make requests to a CAS-protected (Central Authentication Service) web service using the jQuery AJAX functions. I've got the following code: $.ajax({ type: "GET", url: request, dataType: "json", complete: function(xmlHttp) { console.log(xmlHttp); alert(xmlHttp.status); }, success: handleRedirects }); The request variable can be either to the CAS server (https://cas.mydomain.com/login?service=myServiceURL) or directly to the service (which should then redirect back to CAS to get a service ticket). Firebug shows that the request is being made and that it comes back as a 302 redirect. However, the $.ajax() function isn't handling the redirect. I wrote this function to work around this: var handleRedirects = function(data, textStatus) { console.log(data, textStatus); if (data.redirect) { console.log("Calling a redirect: " + data.redirect); $.get(data.redirect, handleRedirects); } else { //function that handles the actual data processing gotResponse(data); } }; However, even with this, the handleRedirects function never gets called, and the xmlHttp.status always returns 0. It also doesn't look like the cookies are getting sent with the cas.mydomain.com call. (See this question for a similar problem.) Is this a problem with the AJAX calls not handling redirects, or is there more going on here than meets the eye?

    Read the article

  • Forms/AD Authentication with Sharepoint

    - by David Lively
    All, I'm configuring Sharepoint to use forms authentication with LDAP/Active Directory. I'm new to Sharepoint, so if this is obvious, please point me in the right direction. Whenever I attempt to log in with a bad account or password, I get the very friendly (and correct) error message, The server could not sign you in. Make sure your user name and password are correct, and then try again. ... which implies that Sharepoint is able to communicate with AD. If I log in with a valid account, I get a page that says: (I added the grey bar to cover up the login name) Any suggestions? The account I'm logging in with is an administrator and has been granted full control in central administration. Also, interesting note: If I click the "sign in as a different user" link, and attempt to sign in using with the same credentials I just used, the site just redirects back to the login page, with no error or status message. If I then manually enter the site url, it again shows the "Error: Access Denied" page. Argh.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 41 42 43 44 45 46 47 48 49 50 51 52  | Next Page >