Search Results

Search found 1925 results on 77 pages for 'auth'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 53/77 | < Previous Page | 49 50 51 52 53 54 55 56 57 58 59 60  | Next Page >

  • Securing a REST API

    - by Christopher McCann
    I am in the middle of developing a REST API - the first one I ever have. The data being passed through the API is not of such a critical nature that there will be loss of life, economics etc if it was intercepted but at the same time I would like it to be secure. The data being transferred is simply like the data that would be transferred on Twitter or Facebook - not overly confidential but still should be kept private. What is the best way to secure this data? Am I best to use HTTP Basic Auth over SSL or should I be looking into something like OAuth. I have never really used REST much before so bit of a first for me. Thanks

    Read the article

  • Membership systems for MVC4 that support RavenDB

    - by brad oyler
    I create a lot of quick "proof of concept" MVC apps and I actually found the SimpleMembership provider that shipped with the MVC4 templates to be very handy since it gets me up and running with user registration & OAuth in a matter of minutes. But...I've started to use RavenDb (on RavenHQ for a lot for my projects). So, I starting trying to implement my own "custom membership provider" based on the ExtendedMembershipProvider and while doing that I realized that didn't make much sense. I later stumbled upon 2 interesting projects that try to solve this exact problem: WorldDomination.Web.Auth: https://github.com/PureKrome/WorldDomination.Web.Authentication MemFlex: https://github.com/OdeToCode/Memflex Both are pretty interesting recent efforts and was wondering if these are the only ones being built right now. I'm essentially looking for nuget pkg that I can drop into a MVC4 app, connect to my RavenDb and be done. I'm willing to build this thing but don't want to duplicate any efforts that are already in motion. Thx!

    Read the article

  • SVN Subversion use explicit cached credentials

    - by Nick
    I am trying to run a SVN command in a script, but the script is launched as a system service that has cached svn username/password credentials. I could always just put the username/password arguments in the command: svn info --username bob --password pass but I'd rather not have my username/password just sitting in a text file. I've discovered that my cached credentails (when run svn normally) end up here: C:\Documents and Settings\bob\Application Data\Subversion\auth\svn.simple\6ef188c2163f1ccc860a690b7ad21a15 Is there any way I could copy this cached credential file to where my script exists and just call that file explicitly?

    Read the article

  • Where to place the login/authentication related actions in MVC

    - by rogeriopvl
    I've searched around and found that when implementing an authentication module in MVC architecture some people opt to place the login related actions in the User controller while others place it in a controller dedicated to authentication only. In pseudo-java-like code: class UserController extends Controller { public login() { //... } } Accessed with http://mydomain.com/user/login. vs. class AuthController extends Controller { public login() { //... } } Accessed with http://mydomain.com/auth/login. I would like to know which approach is better, and why. That is, if there's really any difference at all. Thanks in advance.

    Read the article

  • Changing gmail Settings with Ruby

    - by Technocrat
    I need to configure my gmail account(s) programmatically with Ruby. I checked out the apps api and it looks like the simplest possible solution would be to use ClientLogin for logging in and a simple XML PUT for changing the forwarding setting, for example. I wrote a little test script like so: http://gist.github.com/373457 It would appear that the call to ClientLogin works because it comes back with an Auth= token. When it sends the PUT request to google, however, it comes back with a RestClient::Unauthorized exception. I rewrote the script with pure net/https and it turns out the message I'm getting is invalid token, yet I can't figure out what is wrong with my token. Can anyone else see it?

    Read the article

  • sharepoint wss 3.0 user domain

    - by user549966
    I've inherited a sharepoint wss 3.0 farm that is pulling users from 2 different domains, say domainA and domainB. So if I go into Add User and Browse, and type Smith, it is coming up with domainA\jsmith and domainB\jsmith. The company has moved away from domainA and uses only domainB now. So I want to remove domainA from the sharepoint configuration. I don't need to migrate existing sharepoint users, I just want for the domainA users to stop showing up when new users are added. I've been through every page I can find in Central Administration and I don't see where the names of the domain controller(s) are specified. It is using windows auth / NTLM.

    Read the article

  • Twitter OAuth question

    - by Squall
    Hi there, I'm making a Twitter client in Java, and I've came to a problem I don't know how to solve it. How the hell I store open auth for twitter? I mean it doesn't make very sense for a person to allow an application every time he wants to use the client. I've been look at the Twitter documentation, but I must say, it's really poor in terms of Java. So do you guy have some idea to solve this? Thanks in advance!

    Read the article

  • How do you preform an EJB lookup with application security?

    - by Hillgod
    I'm trying to lookup an EJB from a standalone java application. I'm thinking in terms of WebSphere Application Server 6.1, but if someone knows how to do this for another application server, it may get me in the right direction. What I'm currently doing: initialContext= new InitialContext(env); initialContext.lookup(""); lc = new LoginContext("WSLogin", new WSCallbackHandlerImpl("wasadmin", "defaultWIMFileBasedRealm", "wasadmin")); lc.login(); subject = lc.getSubject(); WSSubject.setRunAsSubject(subject); This isn't working... my subject is still "/UNAUTHENTICATED", and I get an error when I try to lookup the EJB. I'm also specifying the following parameters to the VM when executing the application: -Dcom.ibm.CORBA.ConfigURL="C:\was\profiles\AppSrv01\properties\sas.client.props" -Djava.security.auth.login.config="C:\was\profiles\AppSrv01\properties\wsjaas_client.conf"

    Read the article

  • PHPMailer echo's from successful sent email

    - by Chris
    Hello I finally got PHPMailer to work with Google but now I am finding out that I am getting this output to the screen after the message has been sent. SMTP -> FROM SERVER:220 mx.google.com ESMTP f34sm21891943qco.35 SMTP -> FROM SERVER: 250-mx.google.com at your service, [76.28.109.170] 250-SIZE 35651584 250-8BITMIME 250-AUTH LOGIN PLAIN XOAUTH 250 ENHANCEDSTATUSCODES SMTP -> FROM SERVER:250 2.1.0 OK f34sm21891943qco.35 SMTP -> FROM SERVER:250 2.1.5 OK f34sm21891943qco.35 SMTP -> FROM SERVER:354 Go ahead f34sm21891943qco.35 SMTP -> FROM SERVER:250 2.0.0 OK 1276700936 f34sm21891943qco.35 I was wondering if there was any way to remove this output so the users don't see it?

    Read the article

  • Looking for a specific kind of WEB framework, no malarkey please

    - by Hello you all men
    We do maintenence on a number of systems. I'm finally in a place where I'm teh fucking boss for once, and have to design a large system that will have a long maintenance contract. There's a couple of tasks I find myself always repeating: 1) similar tasks for users with JS and those without 2) similar things for contents and rss/atom feeds, etc. To combat these I will need appropriate handling of assets (think JS files, CSS, themes/templates, etc.), excellent auth/user systems, javascript/ajax forethought, appropriate model setups. Codeigniter fails on many of these. Basically, with enough time I could build this system with Zend, but I'm curious what else is out there as Zend is also kind of a heavy-weight. We need something that is Rapid but maintainable, CodeIgniter is not maintainable. We will have a lot of AJAX APIs in place for the design team to play with. At first I thought jQuery was cool, but now I'm looking at Dojo.

    Read the article

  • Determine what account IIS 7 is using to access folders (and other resources)

    - by Andrew
    Often, out of sheer desperation I will end up enabling "Everyone" access on a folder that a web app is accessing (perhaps for file creation, reading, etc) because I can't figure which user account to enable access on. Obviously, this is a very bad thing to do. Is there a way to determine what account IIS is using at that exact moment to access folders (and perhaps other resources like SQL Server, etc)? Are there logs I can look at that will tell me? Or perhaps some other way? I usually use Windows Auth without impersonation. Not sure if that information is relevant.

    Read the article

  • Is it possible to run node script from a web page as differnt user?

    - by Blame
    I'am searching for days now but could not get an answer. I would like to do the following: User connects to editor.html (Apache2 with basic http auth) User want to open a file on the server with his user/pass (same as in passwd) Node.js Script gets startet with user rights from above and user can edit file The Node Script will handly the connection via websockets and read/writes files. I think the biggest problem is that its not possible to run a node script on the server from a web page... and I don´t want to involve any php/cgi scripts... only Apache and Node.js / JS. Please also comment or answer if you know that it is really not possible... Thanks! Kodak

    Read the article

  • can't make svn store password, even though the configuration allows it

    - by davka
    did everything the book says, i.e. removed the authentication files from .subversion/auth, and explicitly set the relevant config parameters to 'yes' even though this is a default, and yet the shell svn commands ask for password each time. The repository is on cvsdude.com, the client is linux. I also use the subclipse plugin that caches the password ok. I vaguely remember that when I started working with it, the command asked interactively if I wanted to save clear password, and I said no. Can this choice be stored somewhere and take precedence over the configuration? Thanks!

    Read the article

  • Cross domain secure cookie usage?

    - by asdasda
    I have a website that came with a SSL site for HTTPS but its on a different server. Example being my website: http://example.com my SSL site: http://myhostingcompany.com/~myuseraccount/ So I can do transactions over HTTPS and we have user accounts and everything but it is located on a different domain. The cookie domain is set for that one. Is there a way I can check on my actual site to see if a cookie is set for the other one? And possibly grab its data and auth a user? I think this violates a major principle of security and can't be done for good reasons, but am i wrong? is this possible?

    Read the article

  • Adding custom fields to users in django

    - by Gaurav
    I am the create_user() function that Django provides to create my users. Also I want to store additional information about the users. So I tried following the instructions given at http://docs.djangoproject.com/en/dev/topics/auth/#storing-additional-information-about-users but I cannot get it to work for me. Is there a step-by-step guide that I can follow to get this to work for me? Also, once I have added these custom fields, I would obviously need to add / edit / delete data from them. I cannot seem to find any instructions on how to do this.

    Read the article

  • How can I login to a website with Python?

    - by Shady
    How can I do it? I was trying to enter some specified link (with urllib), but to do it, I need to log in. I have this source from the site: <form id="login-form" action="auth/login" method="post"> <div> <!--label for="rememberme">Remember me</label><input type="checkbox" class="remember" checked="checked" name="remember me" /--> <label for="email" id="email-label" class="no-js">Email</label> <input id="email-email" type="text" name="handle" value="" autocomplete="off" /> <label for="combination" id="combo-label" class="no-js">Combination</label> <input id="password-clear" type="text" value="Combination" autocomplete="off" /> <input id="password-password" type="password" name="password" value="" autocomplete="off" /> <input id="sumbitLogin" class="signin" type="submit" value="Sign In" /> Is this possible?

    Read the article

  • can't make svn store password, even though the configuration is set to allow it

    - by davka
    did everything the book says, i.e. removed the authentication files from .subversion/auth, and explicitly set the relevant config parameters to 'yes' even though this is a default, and yet the shell svn commands ask for password each time. The repository is on cvsdude.com, the client is linux. I also use the subclipse plugin that caches the password ok. I vaguely remember that when I started working with it, the command asked interactively if I wanted to save clear password, and I said no. Can this choice be stored somewhere and take precedence over the configuration? Thanks!

    Read the article

  • Facebook "->api" permissions

    - by Matthieu Marcé
    I have trouble using Facebook auth on my website... I'm using the PHP Sdk and I don't understand why I can use some functions like "getLoginUrl"/"getLoginStatusUrl"/"getUser" (with right answers : the facebook session is started, i get the user's facebook ID) and when I want to use something like $me = $facebook->api("/me/permissions"); or just $me = $facebook->api("/me"); there's always an exception and nothing works ... I guess it has something to do with permissions or token maybe, but I don't know what. When the user sign up on my website, I ask permissions I need with this scope : "email,user_about_me,user_location,read_friendlists,publish_stream" A clue that the permissions seem to be ok is that when the exception occures, I ask the user to sign in again (facebook connect) and no window appears as if everything's ok, but still, the page is reloaded and the exception appears again and again... Please help, Thank you !

    Read the article

  • inheritance from the django user model results in error when changing password

    - by Jerome
    I inherited form the django user model like so: from django.db import models from django.contrib.auth.models import User, UserManager from django.utils.translation import ugettext_lazy as _ class NewUserModel(User): custom_field_1 = models.CharField(_('custom field 1'), max_length=250, null=True, blank=True) custom_field_2 = models.CharField(_('custom field 2'), max_length=250, null=True, blank=True) objects = UserManager() When i go to the admin and add an entry into this model, it saves fine, but below the "Password" field where it has this text "Use '[algo]$[salt]$[hexdigest]' or use the change password form.", if i click on the "change password form' link, it produces this error Truncated incorrect DOUBLE value: '7/password' What can i do to fix this?

    Read the article

  • What is the proper way to check the previous value of a field before saving an object? (Using Django

    - by anonymous coward
    I have a Django Model with updated_by and an approved_by fields, both are ForeignKey fields to the built-in (auth) User models. I am aware that with updated_by, it's easy enough to simply over-ride the .save() method on the Model, and shove the request.user in that field before saving. However, for approved_by, this field should only ever be filled in when a related field (date_approved) is first filled in. I'm somewhat certain that I can check this logically, and fill in the field if the previous value was empty. What is the proper way to check the previous value of a field before saving an object? I do not anticipate that date_approved will ever be changed or updated, nor should there be any reason to ever update the approved_by entry. UPDATE: Regarding forms/validation, I should have mentioned that none of the fields in question are seen by or editable by users of the site. If I have misunderstood, I'm sorry, but I'm not sure how forms and validation apply to my question.

    Read the article

  • Getting service unavailable message when sending messages to google xmpp using wokkel

    - by Code freak
    Hi, I made a wokkel (twisted python) bot to send and receive messages from the google xmpp service. Everything (auth, presence) etc works fine. One of the rquirements of our prject is that we need to send broadcast messages to everyone in the list. Normal messages and replies work fin, but when i snd a broadcast message, i get this service unavailable error 503 message. There are about 1000 user in my contact list. Is this some bug in the code or is it google policy to prevent rapid messaging. Also, how do other google bots cater to a large contact base ? does google provide a commercial solution for such applications ? Thanks

    Read the article

  • Django Find Out if User is Authenticated in Custom Tag

    - by greggory.hz
    I'm trying to create a custom tag. Inside this custom tag, I want to be able to have some logic that checks if the user is logged in, and then have the tag rendered accordingly. This is what I have: def user_actions(context): request = template.Variable('request').resolve(context) return { 'auth': request['user'].is_athenticated() } register.inclusion_tag('layout_elements/user_actions.html', takes_context=True)(user_actions) When I run this, I get this error: Caught VariableDoesNotExist while rendering: Failed lookup for key [request] in u'[{}]' The view that renders this ends like this: return render_to_response('start/home.html', {}, context_instance=RequestContext(request)) Why doesn't the tag get a RequestContext object instead of the Context object? How can I get the tag to receive the RequestContext instead of the Context? EDIT: Whether or not it's possible to get a RequestContext inside a custom tag, I'd still be interested to know the "correct" or best way to determine a user's authentication state from within the custom tag. If that's not possible, then perhaps that kind of logic belongs elsewhere? Where?

    Read the article

  • Laravel Passing variable not working

    - by Friend
    Hello People here is my code i have used in controller... public function bulk() { return View::make('bulk')->with('message','hii there'); } my route file contains... Route::get('bulk',array('uses'=>'HomeController@bulk'))->before('auth'); In my view Iam testing it by ... @if(Session::has('message')) Present @else not Present @endif The page is making a view with the message 'not Present' why is it?? I even tried return Redirect::to('bulk')->with('message','hii there'); I get an erro mesage on Console mypro/public/bulk net::ERR_TOO_MANY_REDIRECTS What could be the problem?? is there any issues with name?? I tried this method earlier which worked fine for me.... :( Iam using Blade Template..

    Read the article

  • Authenticating model - best practices

    - by zerkms
    I come into ASP.NET from php so the reason why i ask my question is because it's totally different nature of how application works and handles requests. well, i have an exists table with user creditians, such as: id, login, password (sha hashed), email, phone, room i have built custom membership provider so it can handle my own database authentication schema. and now i'm confused, because User.Identity.Name contains only user's login, but not the complete object (i'm using linq2sql to communicate with database and i need in it's User object to work). at php applications i just store user object at some static method at Auth class (or some another), but here at ASP.NET MVC i cannot do this, because static member is shared across all requests and permanent, and not lives within only current request (as it was at php). so my question is: how and where should i retrieve and store linq2sql user object to work with it within current and only current request? (after request processed successfully i expect it will be disposed from memory and on next request will be created again). or i'm following totally wrong way?

    Read the article

  • Java Authenticator on a per connection basis?

    - by Martijn Laarman
    I'm building an Eclipse plugin that talks to a REST interface which uses Basic Authentication. When the authentication fails I would like to popup my plugin's settings dialog and retry. Normally I could use the static Authenticator.setDefault() to setup an authenticator for all HttpURLConnection's for this, but since I am writing a plugin I don't want to overwrite Eclipse's default Authenticator (org.eclipse.ui.internal.net.auth); I thought of setting my custom Authenticator before loading and putting Eclipse's default back afterwards, but I imagine this will cause all sorts of race issues with multithreading so I quickly lost that notion. Google searches yield all sorts of results basically telling me it's not possible: The Java URLConnection API should have a setAuthenticator(Authenticator) method for making it easier to use this class in multi-threaded context where authentication is required. Source If applications contains few third party plugins and each plugin use its own Authenticator what we should do? Each invocation of "Authenticator.setDefault()" method rewrite previously defined Authenticator... Source Are there any different approaches that might help me overcome this issue?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 49 50 51 52 53 54 55 56 57 58 59 60  | Next Page >