Search Results

Search found 6525 results on 261 pages for 'restful authentication'.

Page 53/261 | < Previous Page | 49 50 51 52 53 54 55 56 57 58 59 60  | Next Page >

  • Configuring Multiple ASP.NET MVC Sites To Use a Single Database For Authentication/Membership

    - by Maxim Z.
    Is it possible for two or more ASP.NET MVC sites to use a single SQL Server database for authentication and other things? Here's how I'm thinking of setting it up: I will combine the current database of each site into one single database, prefixing the tables with the name of the site they belong to. I currently have authentication tables generated by the asp.net_regsql.exe utility. How should I combine those tables? I'm guessing that the way to do it is to somehow set the "application_id" column in those tables... Thanks in advance.

    Read the article

  • How to secure a directory in Apache using a PHP session

    - by Cogsy
    I have a site that uses PHP session for authentication. There is one directory that I would like to restrict access to that does not use any PHP, it's just full of static content. I just don't know how to restrict access without every request going through a PHP script. Is there some way to have Apache check the session credentials and restrict access like Basic Auth?

    Read the article

  • A way to avoid deriving from the provider classes in mvc authentication

    - by Shymep
    Looking for the best practice for authentication in MVC I unfortunately didn't find the clear answer to my question. Thinking of the problem I tried to imagine some priciples that could be useful in my design. Well, I would like to use a base AccountController class I want to place all the tables such as "Users", Roles, Rights etc into my own database. But I wouldn't like to implement the standard aspnetdb design (which can be easy got by using aspnet_regsql) So the main question is can I do this without deriving abstract classes like MembershipProvider, RoleProvider etc? What I would prefer not to do is implement all the abstract methods from these classes. The second question is still about the best practice for authentication e.g. for the small projects, for the large ones?

    Read the article

  • Access a Windows Proxy server through Debian/Ubuntu

    - by Lee
    I am trying to access the Internet from a Debian server using a Windows Proxy server which requires authentication. I have tried using this command in the /etc/bash/bashrc file, but it still doesn't seem to work, any ideas? export HTTP_PROXY=http://user:pass@ipaddress:port Many thanks

    Read the article

  • How can I password prompt certain IPs and allow all others free access using Apache?

    - by Moak
    SOLVED: The idea is that if the visitor comes from China they have to pass a basic authentication. If you have any other IP address you can visit the site without being hassled (including proxies) //1400 rules.... SetEnvIf Remote_Addr 222.249.128.0/19 china SetEnvIf Remote_Addr 222.249.160.0/20 china SetEnvIf Remote_Addr 222.249.176.0/20 china AuthType Basic AuthName "Restricted" AuthUserFile /www/passwd/users Require valid-user Order allow,deny Allow from All Deny from env=china Satisfy any

    Read the article

  • svnserve.conf authentication not worked

    - by Carson
    I can setup Subversion server. I can commit change. The only thing I am not sure is to set up the basic authentication with svnserve. Here is the tutorial I followed: http://tortoisesvn.net/docs/release/TortoiseSVN_en/tsvn-serversetup-svnserve.html#tsvn-serversetup-svnserve-4 Based on the tutorial, I edited the 2 files: svnserve.conf and passwd, and restarted the apache server. But the authentication still cannot work. Even if I set: anon-access = none and restart apache, I can still read svn files and commit change from Eclipse. Have I missed any steps?

    Read the article

  • How do I POST/GET from rails to API with either ActiveResource or rest-client (preferred)?

    - by Angela
    Hi, this is a pretty basic question but I'm not entirely clear how to do this. I am trying to use a third-party service that has RESTful service. The service is called Postful. But I'm not clear what exactly to do? I've looked at ActiveResource (http://api.rubyonrails.org/classes/ActiveResource/Base.html) and rest-client, but I'm still not clear exactly what steps, code, and files to create. http://www.postful.com/service/mail is one of the services (details found http://www.postful.com/developer/guide#rest ), but to upload an image I have to post the following (but I'm not sure how I actually do this?). Thanks! > http://www.postful.com/service/upload > > Be sure to include the Content-Type > and Content-Length headers and the > image itself as the body of the > request. > > POST /upload HTTP/1.0 Content-Type: > application/octet-stream > Content-Length: 301456 > > ... file content here ... > > If the upload is successful, you will > receive a response like the following: > > <?xml version="1.0" encoding="UTF-8"?> > <upload> > <id>290797321.waltershandy.2</id> > </upload>

    Read the article

  • Configure host access rights in OpenLDAP

    - by Anonymous Coward
    I've set up an OpenLDAP-Server to authenticate users to our Ubuntu-servers. The authentication works quite well but I'd like to restict the user's access to certain servers. I know this can be done through nss_base_something in the client's ldap.conf. However, this requires the group restrictions to be specified on the client. I wonder if the restrictions can be set completely in OpenLDAP. If it is, I'd like to know how. Thanks, AC

    Read the article

  • Form based authentication - Login get fails

    - by Sachin
    Hi All, I am using form based suthentication in my site. I have used one custom user control in my site which read items in sharepoint list and display it in a grid. Everything works fine with windows authentication but when I change the authentication to form based the login process get fails. I see the Error log it is giving me an error saying that "An SPRequest object was not disposed before the end of this thread" Then I have dispose all my spweb and spsite object that I have used in user control but still login process is not wotking. Thanks in advance

    Read the article

  • How do I integrate ruby on rails app with postful using POST and XML?

    - by Angela
    Hi, this is a pretty basic question but I'm not entirely clear how to do this. I am trying to use a third-party service that has RESTful service. The service is called Postful. But I'm not clear what exactly to do? http://www.postful.com/service/mail is one of the services, but to upload an image I have to post the following (but I'm not sure how I actually do this?). Thanks! > http://www.postful.com/service/upload > > Be sure to include the Content-Type > and Content-Length headers and the > image itself as the body of the > request. > > POST /upload HTTP/1.0 Content-Type: > application/octet-stream > Content-Length: 301456 > > ... file content here ... > > If the upload is successful, you will > receive a response like the following: > > <?xml version="1.0" encoding="UTF-8"?> > <upload> > <id>290797321.waltershandy.2</id> > </upload>

    Read the article

  • NTLM Authentication fails ONLY with IE against 2k8 App server behind 2k8 IIS7 Reverse Proxy

    - by CptSkippy
    I'm developing an ASP.NET application for an intranet site that is using Windows/NTLM/WIA/whatever authentication. The application is hosted on a Windows 2k8 server but is accessed through a Reverse Proxy using IIs7 on another 2k8 machine. Authentication works fine in FireFox, Chrome and Safari but fails in IE8. If I circumvent the Proxy and access the application server directly then it works fine so it has something to do with proxy. There's nothing in the Event Viewer on any of the 3 machines to indicate what might be happening. If you connect using IE8 it prompts for your credentials instead of automatically passing them, yes I've setup an explicit trust over an above the domain trust, but it still errors out with a 401 error returned from the proxy. Any ideas where to start troubleshooting this?

    Read the article

  • ASP.NET & Oracle Windows Authentication - Is this possible?

    - by user118190
    I am trying to enable Windows Authentication on my IIS 6.0 Server with some client technology and Oracle DB server. When I load the ASPX page and have unchecked Anonymous Access and checked Integrated Windows Authentication, I can see my LOGON_USER credentials on the server via tracing. I am now trying to see if the same user can read data from a LINUX-based Oracle server. I can't seem to pass over the credentials! How can I connect to Oracle? Anything special I should know about in terms of web.config files? Another question is, I'm assuming the Oracle server should be 'hooked' to Active Directory? How about manually adding users to the allowed tables? What about Oracle's LDAP, OID? Can anyone direct me to a good link for reference?

    Read the article

  • Ldap invalid credentials not loading authentication failure url

    - by Murari
    Able to do the custom ldap authentication for external db authorities. But when i am trying to test wrong password the authentication failure url is not showing instead my browser prints the exception details.Below is my securitycontext.xml and exption given <http auto-config="false" access-decision-manager-ref="accessDecisionManager" access-denied-page="/accessDenied.jsp"> <!-- Restrict access to ALL other pages --> <intercept-url pattern="/index.jsp" filters="none" /> <!-- Don't set any role restrictions on login.jsp --> <intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" /> <intercept-url pattern="/service/**" access="PRIV_Report User, PRIV_305" /> <logout logout-success-url="/index.jsp" /> <form-login authentication-failure-url="/index.jsp?error=1" default-target-url="/home.jsp" /> <anonymous/> </http> <b:bean id="accessDecisionManager" class="org.springframework.security.vote.AffirmativeBased"> <b:property name="decisionVoters"> <b:list> <b:ref bean="roleVoter" /> <b:ref bean="authenticatedVoter" /> </b:list> </b:property> </b:bean> <b:bean id="roleVoter" class="org.springframework.security.vote.RoleVoter"> <b:property name="rolePrefix" value="PRIV_" /> </b:bean> <b:bean id="authenticatedVoter" class="org.springframework.security.vote.AuthenticatedVoter"> </b:bean> <b:bean id="contextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource"> <b:constructor-arg value="ldap://mydomain:389" /> </b:bean> <b:bean id="ldapTemplate" class="org.springframework.ldap.core.LdapTemplate"> <b:constructor-arg ref="contextSource" /> </b:bean> <b:bean id="ldapAuthenticationProvider" class="com.zo.sas.gwt.security.login.server.SASLdapAuthenticationProvider"> <b:property name="authenticator" ref="ldapAuthenticator" /> <custom-authentication-provider /> </b:bean> <b:bean id="ldapAuthenticator" class="com.zo.sas.gwt.security.login.server.SASAuthenticator"> <b:property name="contextSource" ref="contextSource" /> <b:property name="userDnPatterns"> <b:value>uid={0},OU=People</b:value> </b:property> </b:bean> and my exception logs..... org.springframework.ldap.AuthenticationException: [LDAP: error code 49 - Invalid Credentials]; nested exception is javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid Credentials] org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:180) org.springframework.ldap.core.support.AbstractContextSource.createContext(AbstractContextSource.java:266) org.springframework.ldap.core.support.AbstractContextSource.getContext(AbstractContextSource.java:106) com.zo.sas.gwt.security.login.server.SASAuthenticator.authenticate(SASAuthenticator.java:55) com.zo.sas.gwt.security.login.server.SASLdapAuthenticationProvider.authenticate(SASLdapAuthenticationProvider.java:45) org.springframework.security.providers.ProviderManager.doAuthentication(ProviderManager.java:188) org.springframework.security.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:46) org.springframework.security.ui.webapp.AuthenticationProcessingFilter.attemptAuthentication(AuthenticationProcessingFilter.java:82) org.springframework.security.ui.AbstractProcessingFilter.doFilterHttp(AbstractProcessingFilter.java:258) org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) org.springframework.security.ui.logout.LogoutFilter.doFilterHttp(LogoutFilter.java:89) org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) org.springframework.security.context.HttpSessionContextIntegrationFilter.doFilterHttp(HttpSessionContextIntegrationFilter.java:235) org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) org.springframework.security.util.FilterChainProxy.doFilter(FilterChainProxy.java:175) org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:183) org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:138) This is my index.jsp <html> <script type="text/javascript" language="javascript"> var dictionary = { loginErr: "${SPRING_SECURITY_LAST_EXCEPTION.message}", error: "${param.error}" }; </script> <head> </head> <body > <iframe src="javascript:''" id="__gwt_historyFrame" style="width:0;height:0;border:0"></iframe> <script type="text/javascript" language="javascript" src="com.zo.sas.gwt.sasworkflow.home.Home.nocache.js"></script> </body> </html>

    Read the article

  • How to access a web service behind a NAT?

    - by jr
    We have a product we are deploying to some small businesses. It is basically a RESTful API over SSL using Tomcat. This is installed on the server in the small business and is accessed via an iPhone or other device portable device. So, the devices connecting to the server could come from any number of IP addresses. The problem comes with the installation. When we install this service, it seems to always become a problem when doing port forwarding so the outside world can gain access to tomcat. It seems most time the owner doesn't know router password, etc, etc. I am trying to research other ways we can accomplish this. I've come up with the following and would like to hear other thoughts on the topic. Setup a SSH tunnel from each client office to a central server. Basically the remote devices would connect to that central server on a port and that traffic would be tunneled back to Tomcat in the office. Seems kind of redundant to have SSH and then SSL, but really no other way to accomplish it since end-to-end I need SSL (from device to office). Not sure of performance implications here, but I know it would work. Would need to monitor the tunnel and bring it back up if it goes done, would need to handle SSH key exchanges, etc. Setup uPNP to try and configure the hole for me. Would likely work most of the time, but uPNP isn't guaranteed to be turned on. May be a good next step. Come up with some type of NAT transversal scheme. I'm just not familiar with these and uncertain of how they exactly work. We have access to a centralized server which is required for the authentication if that makes it any easier. What else should I be looking at to get this accomplished?

    Read the article

  • SSPI Errors for SQL Server Authentication?!

    - by Nathan
    We have several old ASP and PHP web applications which use SQL Server Authentication. Periodically, all the applications lose the ability to connect to our SQL Server 2000 database server, getting access denied. Corresponding to roughly the same times, we are getting 1115 Cannot generate SSPI Context SQLSTATE HY000 errors on the SQLServer 2000 server. And here's the weird part - rebooting the web server fixes the problem. Rebooting the database server has no effect. This makes no sense to me - I didn't think SSPI was in any way involved with SQL Server Authentication. Any ideas? Edit: Some additional details: The web server is in the DMZ. The hosts file on the web server has an entry for the database server (and the ip address is correct), so the web server (theoretically at least) shouldn't even be going to DNS to connect to the database server. It does not appear to be a firewall issue.

    Read the article

  • How do I turn on basic HTTP-auth for a page in jboss?

    - by Electrons_Ahoy
    I'm setting up a jboss server for testing some java code that talks to http servers. That's pretty easy. However one of the things I'm testing is interfacing with classic "old-school" HTTP-Auth protected pages, and for the life of me I can't figure out how to turn that on in jboss (and my google-fu seems to have let me down.) So, how do I add a basic username and password to a single html (or jsp) file in jboss using http Basic Access Authentication?

    Read the article

  • Where to place the login/authentication related actions in MVC

    - by rogeriopvl
    I've searched around and found that when implementing an authentication module in MVC architecture some people opt to place the login related actions in the User controller while others place it in a controller dedicated to authentication only. In pseudo-java-like code: class UserController extends Controller { public login() { //... } } Accessed with http://mydomain.com/user/login. vs. class AuthController extends Controller { public login() { //... } } Accessed with http://mydomain.com/auth/login. I would like to know which approach is better, and why. That is, if there's really any difference at all. Thanks in advance.

    Read the article

  • Does using Apache Basic Auth affect yum installations?

    - by MJB
    I don't have further information yet, but I am going to be troubleshooting this in the morning and I wanted to get a head-start. Is there any reason that a yum install (that worked fine yesterday) would fail after I set up basic authentication in Apache last night? I have searched with google and SF for almost an hour and can't find anything relevant.

    Read the article

  • Apache mod_rewrite : How to REWRITE (or whatever) child directories to parent?

    - by ????
    Actually i am trying to make a PHP MVC like application. A basic one. The current milestone i am reaching already includes: Basic RESTful Routing Means, if i type: www.example.com/items/book/8888 .. it properly just stays there as it is and i can already slice out the URL by slashes / and loads the responsible Controllers .... etc from the top single index.php file. I mean, so it is OK for the backend PHP. But the only problem is, it still CAN NOT process the REWRITES properly. For example, the CSS & JS are BROKEN as if i VIEW PAGE SOURCE of the page www.example.com/items/book/8888, the asset files are being called as: www.example.com/items/book/8888/css/main.css www.example.com/items/book/8888/js/jquery.js .. which really are PROBLEMS because in the code is like: <link type="text/css" rel="stylesheet" media="all" href="css/main.css"> <script type="text/javascript" src="js/jquery.js"></script> So the question is: How can i use Apache REWRITE (or whatever approach) to make sure every ASSET FILES to be correctly being called from the DOCROOT. For example, if i am in the URL: www.example.com/items/book/8888 My ASSET FILES should still be called as: www.example.com/css/main.css www.example.com/js/jquery.js Or is there any other methods i need to follow? Please kindly help suggest. Thank you.

    Read the article

  • Tell postfix to merge three Authentication-Results:-Lines into one?

    - by Peter
    I am running a postfix mta with debian wheezy. I am using postfix-policyd-spf-python, openkdim and opendmarc. When receiving e-mails from google (google apps with own domain) for example, the header looks like this: [...] Authentication-Results: mail.xx.de; dkim=pass reason="1024-bit key; insecure key" header.d=yyy.com [email protected] header.b=OswLe0N+; dkim-adsp=pass; dkim-atps=neutral<br> [...] Authentication-Results: mail.xx.de; spf=pass (sender SPF authorized) smtp.mailfrom=yyy.com (client-ip=2a00:1450:400c:c00::242; helo=mail-wg0-x242.google.com; [email protected]; [email protected]) [...] Authentication-Results: mail.xx.de; dmarc=pass header.from=yyy.com<br> [...] This means any of these programs creates it's own Authentication-Results:-Line. Is it possible to tell postfix to merge this into one single Authentication-Results:-Line? When I send an e-mail to google, it says: [...] Authentication-Results: mx.google.com; spf=pass (google.com: domain of [email protected] designates xxx.xxx.xxx.xxx as permitted sender) [email protected]; dkim=pass [email protected]; dmarc=pass (p=NONE dis=NONE) header.from=xxx.com [...] And this is exactly what I want. Just one Authentication-Results-Header. How can I do this? Thanks. Regards, Peter

    Read the article

  • Tomcat 7 vs. ehCache Standalone Server (Glassfish) Configuration with RESTful Web Services

    - by socal_javaguy
    My requirements consist of using ehCache to send and store data via RESTful web service calls. The data can be stored in-memory or via the filesystem... Never used ehCache before so I am having some issues deciding on which bundle to use. Have downloaded the following bundles: ehcache-2.6.2 ehcache-standalone-server-1.0.0 (1) What is the difference between the two? It seems the ehcache-2.6.2 contains src and binaries, which essentially enables one to bundle it with their webapps (by putting the compiled jar or binaries inside the webapp's WEB-INF/lib folder). But it doesn't seem that it has support for Restful web services. Whereas, ehcache-standalone-server-1.0.0 (comes with an embedded Glassfish server and has support for REST & SOAP) can be used to run as a standalone server. If I my answers to my own question are correct, then that means, I should just use the standalone server? (2) My requirements are to setup ehCache (with REST support) on Tomcat 7. So, how could I setup ehCache on Tomcat 7 as a separate app with REST & SOAP support? Thank you for taking the time to read this...

    Read the article

  • What is the current standard for authenticating Http requests (REST, Xml over Http)?

    - by CodeToGlory
    The standard should solve the following Authentication challenges like- Replay attacks Man in the Middle Plaintext attacks Dictionary attacks Brute force attacks Spoofing by counterfeit servers I have already looked at Amazon Web Services and that is one possibility. More importantly there seems to be two most common approaches: Use apiKey which is encoded in a similar fashion like AWS but is a post parameter to a request Use Http AuthenticationHeader and use a similar signature like AWS. Signature is typically obtained by signing a date stamp with an encrypted shared secret. This signature is therefore passed either as an apiKey or in the Http AuthenticationHeader. I would like to know weigh both the options from the community, who may have used one or more and would also like to explore other options that I am not considering. I would also use HTTPS to secure my services.

    Read the article

< Previous Page | 49 50 51 52 53 54 55 56 57 58 59 60  | Next Page >