Search Results

Search found 15558 results on 623 pages for 'basic authentication'.

Page 478/623 | < Previous Page | 474 475 476 477 478 479 480 481 482 483 484 485  | Next Page >

• How to tell what account my webservice is running under in Visual Studio 2005

  - by John Galt

  I'm going a little nuts trying to understand the doc on impersonation and delegation and the question has come up what account my webservice is running under. I am logged as myDomainName\johna on my development workstation called JOHNXP. From Vstudio2005 I start my webservice via Debug and the wsdl page comes up in my browser. From Task Manager, I see the following while sitting at a breakpoint in my .asmx code: aspnet_wp.exe pid=1316 UserName=ASPNET devenv.exe pid=3304 UserName=johna The IIS Directory Security tab for the Virtual Directory that hosts my ws.asmx code has "Enable Anonymous access" UNCHECKED and has "Integrated Windows Authentication" CHECKED. So when the MSDN people state "you must configure the user account under which the server process runs", what would they be refering to in the case of my little webservice described above? I am quoting from: http://msdn.microsoft.com/en-us/library/aa302400.aspx Ultimately, I want this webservice of mine to impersonate whatever authenticated domain user browses through to an invoke of my webservice. My webservice in turn consumes another ASMX webservice on a different server (but same domain). I need this remote webservice to use the impersonated domain user credentials (not those of my webservice on JOHNXP). So its getting a little snarly for me to understand this and I see I am unclear about the account my web service uses. I think it is ASPNET in IIS 5.1 on WinXP but not sure.

  Read the article

• .Net 2.0 ServiceController.GetServices()

  - by Miles

  I've got a website that has windows authentication enable on it. From a page in the website, the users have the ability to start a service that does some stuff with the database. It works fine for me to start the service because I'm a local admin on the server. But I just had a user test it and they can't get the service started. My question is: Does anyone know of a way to get a list of services on a specified computer by name using a different windows account than the one they are currently logged in with? I really don't want to add all the users that need to start the service into a windows group and set them all to a local admin on my IIS server..... Here's some of the code I've got: public static ServiceControllerStatus FindService() { ServiceControllerStatus status = ServiceControllerStatus.Stopped; try { string machineName = ConfigurationManager.AppSettings["ServiceMachineName"]; ServiceController[] services = ServiceController.GetServices(machineName); string serviceName = ConfigurationManager.AppSettings["ServiceName"].ToLower(); foreach (ServiceController service in services) { if (service.ServiceName.ToLower() == serviceName) { status = service.Status; break; } } } catch(Exception ex) { status = ServiceControllerStatus.Stopped; SaveError(ex, "Utilities - FindService()"); } return status; } My exception comes from the second line in the try block. Here's the error: System.InvalidOperationException: Cannot open Service Control Manager on computer 'server.domain.com'. This operation might require other privileges. --- System.ComponentModel.Win32Exception: Access is denied --- End of inner exception stack trace --- at System.ServiceProcess.ServiceController.GetDataBaseHandleWithAccess(String machineName, Int32 serviceControlManaqerAccess) at System.ServiceProcess.ServiceController.GetServicesOfType(String machineName, Int32 serviceType) at TelemarketingWebSite.Utilities.StartService() Thanks for the help/info

  Read the article

• Should we deploy a Webkit browser for our intranet applications?

  - by Jeff Meatball Yang

  At my place of employment, we are increasingly finding it difficult to develop for IE, which was historically the easiest browser to target, from an intranet-app point of view. It was already deployed. It already understood NTLM authentication, thus well integrated with our domain-level security. It had neat, albeit non-standard features such as XMLDOM and XmlHTTP. Now, we are increasingly irritated by issues presented by IE: There are several versions: IE 7, 8, and soon 9 beta, which all have slightly different issues related to performance, functionality (especially re:security and zones), and aesthetics. IE 7 and 8 are slower than Webkit-based browsers. Period. There are technology limitations such as missing canvas element, CSS bugs, etc. that make it hard to use 3rd party packages or even consistently write code across IE versions. Users are increasingly using Firefox or Chrome, even for intranet use. Does anyone have experience with making a transition? Any advice would be welcome.

  Read the article

• Spring 2.0.0/2.0.6 to 3.0.5 migration stories

  - by Pangea

  We are in the process of migrating to 3.0.5 of spring from 2.0.x. We mainly use spring in below scenarios custom scope: thread local scope persistence: jdbc+hibernate 3.6 (but moving to mix of ejb 3.0+jpa 2.0+hibernate, not sure if all 3 can co-exist in 1 app) transactions: local (but planning to use jta due to the necessity of using multiple persistence inits, and has to use ejb+jpa+hibernate in 1 single trans), declarative trans mgmt parent-child contexts cxf annotations+xml OracleLobHandler Resource/ResourceBundleMessageResource JSF/Facelets with FacesSpringVariableResolver ActiveMQ integration Quartz integration TaskExecutor JMX exporter HttpExporter/Invoker Appreciate if someone can share their experiences like what to watch out for head aches/pain points which ones to drop for better alternate choices in new 3.0.5 release Is it better to switch from commons/iscreen validator to Hibernate Validator (Spec impl) or Spring Validator Is there a bean mapping framework in spring that i can use instead of Dozer XSLT transformation helper: currently we have small homegrown framework to cache xslts during load. if spring can do that for me then I would like to drop this Encryption/Decryption support. Password generation support. Authentication with SALT any SAML (or claims based secur New ideas Suggestions Switch to latest version of aspectj Upgrade guide from 2.5 to 3.0.5

  Read the article

• MS Word opens documents hosted on WebDav share read-only on Windows Vista and 7 but only if no other

  - by rjmunro

  We have a WebDav server with some Word documents on it. (We are using PHP's HTTP_WebDAV_Server but get the same issue on tests with Apache mod_dav - both use digest authentication, basic auth doesn't work on Vista or later) We have a web page that opens the word documents using javascript like: Doc = new ActiveXObject("Sharepoint.OpenDocuments.3"); Doc.EditDocument(url, 'Word.Document'); which causes word to connect to the webdav server and open the document, bypassing IE and most of windows built in WebDav client. On Windows XP, this works perfectly, and (after prompting you to log in) allows you to edit the word document and save it back to the server. On Windows 7 and Windows Vista, this usually opens the document read only, but not in all cases. After quite a bit of trial and error, we found that it worked (i.e. opened read/write) if Explorer happened to be already connected to a WebDav server. Note that this works with any Webdav server, not neccesarily the one with the document that you are trying to edit. So other than telling our users to change settings on their machine, is there anything we can do in the javascript sharepoint call, or on the WebDav server that will fix this issue. Ps. We have the same problem when launching Word from an HTA file version of our system, with javascript like: wordApp = new ActiveXObject("Word.application"); wordApp = new ActiveXObject("Word.application"); wordApp.Visible = true; doc = wordApp.Documents.Open(url); Pps. Sorry if you think this question should be on Serverfault (or even SuperUser). I couldn't decide, but because we are programming the WebDav server ourself (in PHP) and I have more rep on this site than the others, I decided to post it here :-)

  Read the article

• PHP: Post ASPX form that uses 'WebForm_DoPostBackWithOptions' with cUrl

  - by Oliver Cooper

  I am trying to post an ASPX form which uses SharePoint with PHP. Posting data works with standard forms, I just can't seem to get this form working. I did notice an onclick attribute on the submit button: onclick="javascript:WebForm_DoPostBackWithOptions(new WebForm_PostBackOptions("ctl00$PlaceHolderMain$btnSaveTask", "", true, "", "", false, false))" I have never used ASPX and have no idea what this is. It is not an authentication problem or something wrong with the url as it returns the webpage (which contains the form) fine. Here is my PHP code: function add($username, $password){ $data = array( 'ctl00$PlaceHolderSearchArea$ctl01$ctl00' => 'https://keystone.stpeters.sa.edu.au', 'ctl00$PlaceHolderSearchArea$ctl01$ctl04' => '0', 'ctl00$PlaceHolderMain$DateStart$DateStartDate' => '9/05/2012', 'ctl00$PlaceHolderMain$DateDue$DateDueDate' => '10/05/2012', 'ctl00$PlaceHolderMain$Title' => 'test again', 'ctl00$PlaceHolderMain$btnSaveTask' => 'OK', '__spText1' => '', '__spText2' => '' ); $curl_handle = curl_init(); $fullurl = "https://keystone.stpeters.sa.edu.au/_layouts/StPeters.Keystone/MyTasks/MyTaskDetail.aspx?id=0&IsDlg=1"; // $ch = curl_init(); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_VERBOSE, 1); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $data); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_FAILONERROR, 0); curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY); curl_setopt($ch, CURLOPT_USERPWD, "$username:$password"); curl_setopt($ch, CURLOPT_URL, $fullurl); $returned = curl_exec($ch); curl_close ($ch); return $returned; }

  Read the article

• Membership.Updateuser not really updating the database.

  - by Shimrod

  Hi everybody, I'm currently working on a membership system for my web application, which is based on forms authentication from the framework. I created some users with the integrated tool, and the login is perfectly working. But now what I want to do is to give administrator the capability to create, modify, delete users. So here is what I've got right now: Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load Dim muc As MembershipUserCollection = Membership.GetAllUsers() ComboBox1.DataSource = muc ComboBox1.DataValueField = "UserName" ComboBox1.DataTextField = "UserName" ComboBox1.DataBind() End Sub Protected Sub ComboBox1_SelectedIndexChanged(ByVal sender As Object, ByVal e As EventArgs) Handles ComboBox1.SelectedIndexChanged Dim userName As String = ComboBox1.SelectedValue Dim mu As MembershipUser = Membership.GetUser(userName) Dim userRoles As String() = Roles.GetRolesForUser(userName) tbComments.Text = mu.Comment tbEmail.Text = mu.Email lblUserName.Text = mu.UserName End Sub Protected Sub Button1_Click(ByVal sender As Object, ByVal e As EventArgs) Handles Button1.Click Dim userName As String = ComboBox1.SelectedValue Dim mu As MembershipUser = Membership.GetUser(userName) If Not mu Is Nothing Then Try mu.Comment = tbComments.Text Membership.UpdateUser(mu) mu.Email = tbEmail.Text Membership.UpdateUser(mu) mu.IsApproved = True Membership.UpdateUser(mu) mu = Nothing Catch ex As Exception Console.WriteLine(ex.ToString()) End Try End If DetailPanel.Visible = False End Sub The problem is that the record doesn't seem to be updated in the database. I made the multiple calls to Membership.UpdateUser after reading this blog entry, but it didn't change anything. A strange think I noticed while debugging, is that when I enter the Button1_Click method, Membership.GetUser(userName) returns me values from my precedent attempt ! I don't really understand what I'm missing. Does someone have a clue ? Thanks in advance !

  Read the article

• Are these settings correct for sending mail through Rails/Gmail?

  - by aressidi

  Hi there, I spend a good deal of time building an email system for my Rails app that uses Gmail to send bulk mail to a list of opt-in users. I realize a shortcomming of using Google Apps for my mail, namely a rate limit on the number of emails it will send out (i believe 500). Anyway, I have reached out to my users to see how many have received the email, and a lot of them have not, though some have. The list I tried sending to was about 540 users, so I would have expected more "yes, got it," then "nope, still waiting" responses. I have two questions: Do these settings look correct for outgoing bulk mailing through Gmail? Again, using google apps to manage my domain and i know some people (including myself) have received the mailer. This is in a mail.rb initializer in my app. ActionMailer::Base.delivery_method = :sendmail ActionMailer::Base.smtp_settings = { :address => "smtp.gmail.com", :port => 25, :domain => "mydomain.com", :authentication => :login, :user_name => "[email protected]", :password => "mypass" } Is there any way I can test if the mail was delivered, or at least attempted to be delivered? I can't tell where in the list the mailer stops mailing! The way I generate the list is through a query which then passes the user info to a mailer worker which sends the emails out via Starling/Workling. Any advice here would be useful. Happy to post code, but want to make sure the method I'm using is sound. Thanks for the help!

  Read the article

• apache web server configuration problem

  - by mohit

  i want to have apache server to serve only /var/www/ directory now it serves all my files on system from directory "/" i tried to edit httpd.conf placed in /etc/apache2 and placed the folllowing content in it(intially it was empty) <Directory /> Options None AllowOverride None </Directory> DocumentRoot "/var/www" <Directory "/var/www"> Options Indexes FollowSymLinks AllowOverride None Order allow,deny Allow from all </Directory> then saved it,restarted apache server put the location /var/www in the web browser address bar,still it shows the higher level directories too then i edited the file Default,Default-ssl in the sites-available folder repeated the same process still apache serves all files on my system 2.when i try to use the following command gedit httpd.conf I get the error gedit:2696): EggSMClient-WARNING **: Failed to connect to the session manager: None of the authentication protocols specified are supported GConf Error: Failed to contact configuration server; some possible causes are that you need to enable TCP/IP networking for ORBit, or you have stale NFS locks due to a system crash. See http://projects.gnome.org/gconf/ for information. (Details - 1: Failed to get connection to session: Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken.)

  Read the article

• "rsAccessDenied" error for SSRS 2008

  - by JackLocke

  Hi All, I have been trying to access SSRS Web Service URL hxxp://myServer:80/ReportServer (from Reporting Service Configuration Manager), but my IE always shows "rsAccessDenied" message saying that my account doesn't have privilage required to view. Here are my system specs. Its my laptop with Windows 7 x64, and SQL Server 2008 with SP1 and I am using Mixed Mode Authentication with My account as SysAdmin privilages and this is what I have been trying / tried ... (ofcourse with restarting the service everytime I make any change in configuration), I changed service account from Reporting Service Configuration Manager to make it use My account but nothing happend. I tried running my IE as admin, by RUN AS ADMIN but still same message. Then I read somewhere I have to delete/recreate my encryption keys as well, so I tried again with that, then it was asking me to enter ID/PWD to access server here I am totally blank because it was not accepting my account credentials !!!. Weird thing is I can see my existing reports if I follow this URL hxxp://myServer:80/Reports , for which My guess is solely used to view reports. I have read post here about kind of same problem, but it seems that OP just left forum after asking question... Also, MSDN does have these helps hxxp://msdn.microsoft.com/en-us/library/ms156034.aspx hxxp://msdn.microsoft.com/en-us/library/bb630430.aspx but both of this didn't workout for me. I will really appriciate it if any one can help me out. Jack p.s. I was not allowed to post more than 1 URL because of my "reputation" so I had to change the string a bit. Please replace hxxp wih http in URLs.

  Read the article

• Register new memer for vBulletin via Mobile API

  - by Nikolay Stariradeff

  I'm trying to use the vBulletin REST Mobile API to simply register. The sourced are installed on my local machine and according the documentation https://www.vbulletin.com/forum/content.php/393-User-Registration-Process-Mobile-API This procedure should not be so hard, especially without humanity and COPPA authentication. However I've stacked! The method definition describes "addnewmember" clear, so I've generated a test link, which should do the job. https://www.vbulletin.com/forum/content.php/365-User-Related-Methods The link is: .../forum/api.php?&api_m=register_addmember&api_c=1&api_s=76ec9eec61e7fdfef2f3feee28d5f392&api_sig=8fe54313b333cc0fef4ddd8e398b5c80&api_v=6&agree=1&username=testuser&email=XXXXXX%40gmail.com&emailconfirm=XXXXX%40gmail.com&password=12345678&passwordconfirm=12345678 As a response I get: register_not_agreed The Docs: register_not_agreed The agree parameter should be set to 1. Which is also clear - agree parameter was not there. Here comes the funny part - In the API-Log I can see that the 'agree' parameter is correctly passed *1 test_client Gast 13:23, 18.06.2012 register_addmember Array ( [api_m] = register_addmember [api_c] = 1 [api_s] = 76ec9eec61e7fdfef2f3feee28d5f392 [api_sig] = 8fe54313b333cc0fef4ddd8e398b5c80 [api_v] = 6 [agree] = 1 [username] = testuser [email] = ....* Is there anybody with experience with the Mobile API that could help?

  Read the article

• PHP check http referer for form submitted by AJAX, secure?

  - by Michael Mao

  Hi all: This is the first time I am working for a front-end project that requires server-side authentication for AJAX requests. I've encountered problems like I cannot make a call of session_start as the beginning line of the "destination page", cuz that would get me a PHP Warning : Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at C:\xampp\htdocs\comic\app\ajaxInsert Book.php:1) in C:\xampp\htdocs\comic\app\common.php on line 10 I reckon this means I have to figure out a way other than checking PHP session variables to authenticate the "caller" of this PHP script, and this is my approach : I have a "protected" PHP page, which must be used as the "container" of my javascript that posts the form through jQuery $.ajax(); method In my "receiver" PHP script, what I've got is: <?php define(BOOKS_TABLE, "books"); define(APPROOT, "/comic/"); define(CORRECT_REFERER, "/protected/staff/addBook.php"); function isRefererCorrect() { // the following line evaluates the relative path for the referer uri, // Say, $_SERVER['HTTP_REFERER'] returns "http://localhost/comic/protected/staff/addBook.php" // Then the part we concern is just this "/protected/staff/addBook.php" $referer = substr($_SERVER['HTTP_REFERER'], 6 + strrpos($_SERVER['HTTP_REFERER'], APPROOT)); return (strnatcmp(CORRECT_REFERER, $referer) == 0) ? true : false; } //http://stackoverflow.com/questions/267546/correct-http-header-for-json-file header('Content-type: application/json charset=UTF-8'); header('Cache-Control: no-cache, must-revalidate'); echo json_encode(array ( "feedback"=>"ok", "info"=>isRefererCorrect() )); ?> My code works, but I wonder is there any security risks in this approach? Can someone manipulate the post request so that he can pretend that the caller javascript is from the "protected" page? Many thanks to any hints or suggestions.

  Read the article

• Not able to connect to TFS Server from TFS Proxy

  - by GV India

  In our office we have setup TFS for project development. The TFS Server is WIN 2003 server SP2 with VSTFS 2008 and is running fine. Now we need to setup a TFS Proxy server on client site for client to access. Before going for the client setup, I wanted to build and test proxy in our office on a dummy server (will call it Proxy server hereon) by keeping it on a different domain. OS configuration of the Proxy server is the same as TFS server. I have installed and configured TFS proxy on Proxy server to connect to TFS Server. Also we have built trust between the two different domains to enable communication. Now problem is that I am not able to at all connect to TFS server. I am trying to connect from Internet Explorer of proxy server using proxy service account. It gives me error: The page cannot be displayed. HTTP 500 - Internal server error. The page I was browsing was http://tfs:8080/VersionControl/v1.0/ProxyStatistics.asmx. I think I have done all the required steps correctly to configure proxy as described in MSDN and also TFS installation guide. Here Proxy service account is a member of ‘Team Foundation Valid Users’ group. I am able to connect to TFS Server (specifying port) using Telnet from command prompt on proxy server as suggested by few sites. The TFS server web sites have been configured to use Integration Windows Authentication. Event Logs on both the servers are also not giving any error. Overall I’m not able to get it done. Any ideas on what might be the problem???

  Read the article

• Alternatives to the Entity Framework for Serving/Consuming an OData Interface

  - by Egahn

  I'm researching how to set up an OData interface to our database. I would like to be able to pull/query data from our DB into Excel, as a start. Eventually I would like to have Excel run queries and pull data over HTTP from a remote client, including authentication, etc. I've set up a working (rickety) prototype so far, using the ADO.NET Entity Data Model wizard in Visual Studio, and VSTO to create a test Excel worksheet with a button to pull from that ADO.NET interface. This works OK so far, and I can query the DB using Linq through the entities/objects that are created by the ADO.NET EDM wizard. However, I have started to run into some problems with this approach. I've been finding the Entity Framework difficult to work with (and in fact, also difficult to research solutions to, as there's a lot of chaff out there regarding it and older versions of it). An example of this is my being unable to figure out how to set the SQL command timeout (as opposed to the HTTP request timeout) on the DataServiceContext object that the wizard generates for my schema, but that's not the point of my question. The real question I have is, if I want to use OData as my interface standard, am I stuck with the Entity Framework? Are there any other solutions out there (preferably open source) which can set up, serve and consume an OData interface, and are easier to work with and less bloated than the Entity Framework? I have seen mention of NHibernate as an alternative, but most of the comparison threads I've seen are a few years old. Are there any other alternatives out there now? Thanks very much!

  Read the article

• Applying fine-grained security to an existing application

  - by Mark

  I've inherited a reasonably large and complex ASP.NET MVC3 web application using EF Code First on SQL Server. It uses ASP.NET Membership roles with database authentication. The controller actions are secured with attributes derived from AuthorizeAttribute that map roles to actions. There are extension methods for the finer points, such as showing a particular widget to particular roles. This is works great and I have a good understanding of the current security model. I've been asked to provide finer grained security at the data level. For example a 'Customer' user can only see data (throughout the database) associated with themselves and not other Customers. The problem is that 'Customer' is only 1 of 5 different types with their own specific restrictions (each of the 9 roles is one of these 5 types). The best thing I can think of is to go through all the data repositories and extend each and every LINQ statements/query with a filter for every user type. Even if I had time for that it doesn't seem like the most elegant way. Any suggestions? I really don't know where to start with this so anything could be helpful. Many thanks.

  Read the article

• Possible to capture all events in a web browser?

  - by David

  I am working on a pet project and am at the research stage. Quick summary I am trying to intercept all form submits, onclick, and every single keydown. My library of choice is either jquery, or jquery + prototypejs. I figure I can batch up the events into a queue/stack and send it back to the server in time interval batches to keep performance relatively stable. Concerns Form submits and change's would be relatively simple.. Something like $("form :inputs").bind("change", function() { ... record event... }); But how to ensure I get precedence over the applications handlers as I have a habit of putting return false on a lot of my form handlers when there is a validation issue. As I understand it, that effectively stops the event in its tracks. My project For my smaller remote clients I will put their products onto a VPS or run it in my home data center. Currently I use a basic authentication system, given a username/password they see the website and then hopefully send me somewhat sane notes on what is broken or should be tweaked. As a better solution, I've written a simple proxy web server that does the above but allows me to have one DNS entry and then depending on credentials it makes an internal request relaying headers and re-writing URLS as needed. Every single html/text or application/* request is compressed and shoved into a sqlite table so I can partially replay what they've done. Now I am shifting to the frontend and would like to capture clicks, keydown's, and submits on everything on the page.

  Read the article

• Componentizing complex functionality in an MVC web app

  - by NXT

  Hi Everyone, This is question about MVC web-app architecture, and how it can be extended to handle componentizing moderately complex units of functionality. I have an MVC style web-app with a customer facing credit card charge page. I've been asked to allow the admins to enter credit card payments as well, for times when credit cards are taken over the phone. The customer facing credit card charge section of the website is currently it's own controller, with approximately 3 pages and a login. That controller is responsible for: Customer login credential authentication Credit card data collection Calling a library to do the actual charge. reporting the results to the user. I would like to extract the card data collection pages into a component of some kind so that I can easily reuse the code on the admin side of the app. Right now my components are limited to single "view" pages with PHP style embedded Perl code. This is a simple, custom MVC framework written in Perl. Right now, controllers are called directly from the framework to service web requests. My idea is to allow controllers to be called from other controllers, so that I can componentize more complex functionality. For simplicity I think I prefer composition over inheritance, even though it will require writing a bunch of pass-through methods (actions). Being Perl, I could in theory do multiple inheritance. I'm wondering if anyone with experience in other MVC web frameworks can comment on how this sort of thing is usually done. Thank you.

  Read the article

• Credit Card storage solution

  - by jtnire

  Hi Everyone, I'm developing a solution that is designed to store membership details, as well as credit card details. I'm trying to comply with PCI DSS as much as I can. Here is my design so far: PAN = Primary account number == long number on credit card Server A is a remote server. It stores all membership details (Names, Address etc..) and provides indivudal Key A's for each PAN stored Server B is a local server, and actually holds the encrypted PANs, as well as Key B, and does the decryption. To get a PAN, the client has to authenticate with BOTH servers, ask Server A for the respective Key A, then give Key A to server B, which will return the PAN to the client (provided authentication was sucessful). Server A will only ever encrypt Key A with Server B's public Key, as it will have it beforehand. Server B will probably have to send a salt first though, however I doin't think that has to be encrypted I havn't really thought about any implementation (i.e. coding) specifics yet regarding the above, however the solution is using Java's Cajo framework (wrapper for RMI) so that is how the servers will communicate with each other (Currently, membership details are transfered in this way). The reason why I want Server B to do the decryption, and not the client, is that I am afraid of decryption keys going into the client's RAM, even though it's probably just as bad on the server... Can anyone see anything wrong with the above design? It doesn't matter if the above has to be changed. Thanks jtnire

  Read the article

• How to Connect to a web service (SSL enabled and proxy interface)

  - by blgnklc

  There is a web service running on tomcat on a server. It is built on Java Servlet. It is listening others to call itself on a SSL enabled http port. so its web service adreess looks like: https://172.29.12.12/axis/services/XYZClient?wsdl On the other hand I want to connect the web service above from a windows application which is built on .NET frame work. Finally, when I want to connect the web service from my computer; I get some specific erros; Firstly I get; Proxy authentication error; then I added some new line to my code; Dim cr As System.Net.NetworkCredential = New System.Net.NetworkCredential("xname", "xsurname", "xdomainname") Dim myProxy As New WebProxy("http://mar.xxxyyy.com", True) myProxy.Credentials = cr Secondly, after this modifications It says that bad request. I did not get over this error. Moreover I did try to connect the web server on the same computer. I copied my executable program to the computer where the web service runs. The error was like; The underlying connection was closed: Could not establish trust relationship for SSL/TLS secure channel PS: When I try to connect to web service by using Internet Explorer; I see firstly some warnings about accepting an unknown certificate and I click take me to web service an I get there clearly. I want to know what are the basic elements to connect a web service, could you please tell me the requirements that I have to use on my windows project. regards bk

  Read the article

• Using PHP and cURL to login to indyarocks.com

  - by Divya

  I am new to cURL and don't know much about it. I basically want to login to my account on www.indyarocks.com through libcurl for PHP. I don't know what type of authentication it uses (I don't know how to find that out.). When I go to http://www.indyarocks.com, I get a login form which asks for my username and password. I put in my username and password and click login and everything is good. I tried to automate this using cURL. This is a snippet of my code. curl_setopt($curl_connection, CURLOPT_URL, "http://www.indyarocks.com/loginchk.php"); curl_setopt($curl_connection, CURLOPT_POST, 1); curl_setopt($curl_connection, CURLOPT_HTTPAUTH, CURLAUTH_ANY); curl_setopt($curl_connection, CURLOPT_USERPWD, $username.':'.$password); I looked at the source of the login page and found out the address of the page to which the username and password are sent (the action attribute of the form) which is "http://www.indyarocks.com/loginchk.php" and set it as the target url. When I run this, I get username or password is wrong error and the login fails. My username and password is correct. I don't know what the problem is. Can the password be encrypted? Can that be responsible for this failure? Please help me get around this problem. I'll be really thankful. Thanks in advance.

  Read the article

• Identity.Name is disposed in a IIS7 Asp.NET MVC application Thread

  - by vIceBerg

  I have made the smallest demo project to illustrate my problem. You can download the sources Here Visual Studio 2008, .NET 3.5, IIS7, Windows 7 Ultimate 32 bits. The IIS Website is configured ONLY for Windows Authentication in an Integreated pipeline app pool (DefaultAppPool). Here's the problem. I have an Asp.NET MVC 2 application. In an action, I start a thread. The View returns. The thread is doing it's job... but it needs to access Thread.CurrentPrincipal.Identity.Name BANG The worker process of IIS7 stops. I have a window that says: "Visual Studio Just-In-Time Debugger An unhandled exception ('System.Object.DisposedException') occured in w3wp.exe [5524]" I checked with the debugger and the Thread.CurrentPrincipal.Identity is valid, but the Name property is disposed. If I put a long wait in the action before it returns the view, then the Thread can do it's job and the Identity.Name is not disposed. So I think the Name gets disposed when the view is returned. For the sake of the discussion, here's the code that the thread runs (but you can also download the demo project. The link is on top of this post): private void Run() { const int SECTOWAIT = 3; //wait SECTOWAIT seconds long end = DateTime.Now.Ticks + (TimeSpan.TicksPerSecond * SECTOWAIT); while (DateTime.Now.Ticks <= end) continue; //Check the currentprincipal. BANG!!!!!!!!!!!!! var userName = Thread.CurrentPrincipal.Identity.Name; } Here's the code that starts the thread public void Start() { Thread thread = new Thread(new ParameterizedThreadStart(ThreadProc)); thread.SetApartmentState(ApartmentState.MTA); thread.Name = "TestThread"; thread.Start(this); } static void ThreadProc(object o) { try { Builder builder = (Builder)o; builder.Run(); } catch (Exception ex) { throw; } } So... what am i doing wrong? Thanks

  Read the article

• How do I connect to SQL Server with VB?

  - by Wayne Werner

  Hi, I'm trying to connect to a SQL server from VB. The SQL server is across the network uses my windows login for authentication. I can access the server using the following python code: import odbc conn = odbc.odbc('SignInspection') c = conn.cursor() c.execute("SELECT * FROM list_domain") c.fetchone() This code works fine, returning the first result of the SELECT. However, I've been trying to use the SqlClient.SqlConnection in VB, and it fails to connect. I've tried several different connection strings but this is the current code: Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click Dim conn As New SqlClient.SqlConnection conn.ConnectionString = "data source=signinspection;initial catalog=signinspection;integrated security=SSPI" Try conn.Open() MessageBox.Show("Sweet Success") 'Insert some code here, woo Catch ex As Exception MessageBox.Show("Failed to connect to data source.") MessageBox.Show(ex.ToString()) Finally conn.Close() End Try End Sub It fails miserably, and it gives me an error that says "A network-related or instance-specific error occurred... (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server) I'm fairly certain it's my connection string, but nothing I've found has given me any solid examples (server=mySQLServer is not a solid example) of what I need to use. Thanks! -Wayne

  Read the article

• Gdata JavaScript Authsub continues redirect

  - by Krustal

  I am using the JavaScript Google Data API and having issues getting the AuthSub script to work correctly. This is my script currently: google.load('gdata', '1'); function getCookie(c_name){ if(document.cookie.length>0){ c_start=document.cookie.indexOf(c_name + "="); if(c_start!=-1){ c_start=c_start + c_name.length+1; c_end=document.cookie.indexOf(";",c_start); if(c_end==-1) c_end=document.cookie.length; return unescape(document.cookie.substring(c_start, c_end)); } } return ""; } function main(){ var scope = 'http://www.google.com/calendar/feeds/'; if(!google.accounts.user.checkLogin(scope)){ google.accounts.user.login(); } else { /* * Retrieve all calendars */ // Create the calendar service object var calendarService = new google.gdata.calendar.CalendarService('GoogleInc-jsguide-1.0'); // The default "allcalendars" feed is used to retrieve a list of all // calendars (primary, secondary and subscribed) of the logged-in user var feedUri = 'http://www.google.com/calendar/feeds/default/allcalendars/full'; // The callback method that will be called when getAllCalendarsFeed() returns feed data var callback = function(result) { // Obtain the array of CalendarEntry var entries = result.feed.entry; //for (var i = 0; i < entries.length; i++) { var calendarEntry = entries[0]; var calendarTitle = calendarEntry.getTitle().getText(); alert('Calendar title = ' + calendarTitle); //} } // Error handler to be invoked when getAllCalendarsFeed() produces an error var handleError = function(error) { alert(error); } // Submit the request using the calendar service object calendarService.getAllCalendarsFeed(feedUri, callback, handleError); } } google.setOnLoadCallback(main); However when I run this the page redirects me to the authentication page. After I authenticate it send me back to my page and then quickly sends me back to the authenticate page again. I've included alerts to check if the token is being set and it doesn't seem to be working. Has anyone has this problem?

  Read the article

• Parallel.Foreach loop creating multiple db connections throws connection errors?

  - by shawn.mek

  Login failed. The login is from an untrusted domain and cannot be used with Windows authentication I wanted to get my code running in parallel, so I changed my foreach loop to a parallel foreach loop. It seemed simple enough. Each loop connects to the database, looks up some stuff, performs some logic, adds some stuff, closes the connection. But I get the above error? I'm using my local sql server and entity framework (each loop uses it's own context). Is there some problem with connecting multiple times using the same local login or something? How did I get around this? I have (before trying to covert to a parallel.foreach loop) split my list of objects that I am foreach looping through into four groups (separate csv files) and run four concurrent instances of my program (which ran faster overall than just one, thus the idea for parallel). So it seems connecting to the db shouldn't be a problem? Any ideas? EDIT: Here's before var gtgGenerator = new CustomGtgGenerator(); var connectionString = ConfigurationManager.ConnectionStrings["BioEntities"].ConnectionString; var allAccessionsFromObs = _GetAccessionListFromDataFiles(collectionId); ForEach(cloneIdAndAccessions in allAccessionsFromObs) DoWork(gtgGenerator, taxonId, organismId, cloneIdAndAccessions, connectionString)); after var gtgGenerator = new CustomGtgGenerator(); var connectionString = ConfigurationManager.ConnectionStrings["BioEntities"].ConnectionString; var allAccessionsFromObs = _GetAccessionListFromDataFiles(collectionId); Parallel.ForEach(allAccessionsFromObs, cloneIdAndAccessions => DoWork(gtgGenerator, taxonId, organismId, cloneIdAndAccessions, connectionString)); Inside the DoWork I use the BioEntities using (var bioEntities = new BioEntities(connectionString)) {...}

  Read the article

• identify accounts using zend-openid [HELP]

  - by tawfekov

  Hi! , i had successfully implemented simple open ID authentication with the [gmail , yahoo , myopenid, aol and many others ] exactly as stackoverflow do but i had a problem with identifying accounts for example 'openid_ns' => string 'http://specs.openid.net/auth/2.0' (length=32) 'openid_mode' => string 'id_res' (length=6) 'openid_op_endpoint' => string 'https://www.google.com/accounts/o8/ud' (length=37) 'openid_response_nonce' => string '2010-05-02T06:35:40Z9YIASispxMvKpw' (length=34) 'openid_return_to' => string 'http://dev.local/download/index/gettingback' (length=43) 'openid_assoc_handle' => string 'AOQobUf_2jrRKQ4YZoqBvq5-O9sfkkng9UFxoE9SEBlgWqJv7Sq_FYgD7rEXiLLXhnjCghvf' (length=72) 'openid_signed' => string 'op_endpoint,claimed_id,identity,return_to,response_nonce,assoc_handle' (length=69) 'openid_sig' => string 'knieEHpvOc/Rxu1bkUdjeE9YbbFX3lqZDOQFxLFdau0=' (length=44) 'openid_identity' => string 'https://www.google.com/accounts/o8/id?id=AItOawk0NAa51T3xWy-oympGpxFj5CftFsmjZpY' (length=80) 'openid_claimed_id' => string 'https://www.google.com/accounts/o8/id?id=AItOawk0NAa51T3xWy-oympGpxFj5CftFsmjZpY' (length=80) i thought that openid_claimed_id or openid_identity is identical for every account but after some testing turns out the claimed id is changeable by the users them self in yahoo and randomly changing in case of gmail FYI am using zend openid with a bit modification on consumer class and i can't use SERG [Simple Refistration Extension] cuz currently it uses openid v1 specification :( i hadn't read the specification of openid so if any body know please help me to how to identify openid accounts to know if this account has signed in before or not

  Read the article

< Previous Page | 474 475 476 477 478 479 480 481 482 483 484 485  | Next Page >