Search Results

Search found 15558 results on 623 pages for 'basic authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 60/623 | < Previous Page | 56 57 58 59 60 61 62 63 64 65 66 67  | Next Page >

  • Configuring Multiple ASP.NET MVC Sites To Use a Single Database For Authentication/Membership

    - by Maxim Z.
    Is it possible for two or more ASP.NET MVC sites to use a single SQL Server database for authentication and other things? Here's how I'm thinking of setting it up: I will combine the current database of each site into one single database, prefixing the tables with the name of the site they belong to. I currently have authentication tables generated by the asp.net_regsql.exe utility. How should I combine those tables? I'm guessing that the way to do it is to somehow set the "application_id" column in those tables... Thanks in advance.

    Read the article

  • How to secure a directory in Apache using a PHP session

    - by Cogsy
    I have a site that uses PHP session for authentication. There is one directory that I would like to restrict access to that does not use any PHP, it's just full of static content. I just don't know how to restrict access without every request going through a PHP script. Is there some way to have Apache check the session credentials and restrict access like Basic Auth?

    Read the article

  • A way to avoid deriving from the provider classes in mvc authentication

    - by Shymep
    Looking for the best practice for authentication in MVC I unfortunately didn't find the clear answer to my question. Thinking of the problem I tried to imagine some priciples that could be useful in my design. Well, I would like to use a base AccountController class I want to place all the tables such as "Users", Roles, Rights etc into my own database. But I wouldn't like to implement the standard aspnetdb design (which can be easy got by using aspnet_regsql) So the main question is can I do this without deriving abstract classes like MembershipProvider, RoleProvider etc? What I would prefer not to do is implement all the abstract methods from these classes. The second question is still about the best practice for authentication e.g. for the small projects, for the large ones?

    Read the article

  • Access a Windows Proxy server through Debian/Ubuntu

    - by Lee
    I am trying to access the Internet from a Debian server using a Windows Proxy server which requires authentication. I have tried using this command in the /etc/bash/bashrc file, but it still doesn't seem to work, any ideas? export HTTP_PROXY=http://user:pass@ipaddress:port Many thanks

    Read the article

  • Rails: restful authentication setup help

    - by SuperString
    Hi I downloaded the plugin from http://github.com/techweenie/restful-authentication.git Then I run rails generate plugin authenticated user session This is the result I got: create vendor/plugins/authenticated create vendor/plugins/authenticated/MIT-LICENSE create vendor/plugins/authenticated/README create vendor/plugins/authenticated/Rakefile create vendor/plugins/authenticated/init.rb create vendor/plugins/authenticated/install.rb create vendor/plugins/authenticated/uninstall.rb create vendor/plugins/authenticated/lib create vendor/plugins/authenticated/lib/authenticated.rb invoke test_unit inside vendor/plugins/authenticated create test create test/authenticated_test.rb create test/test_helper.rb Then I tried to do rake db:migrate But I got error that says rake tasks in restful-authentication/tasks/auth.rake are deprecated. Use lib/tasks instead. I am new to rails, tried looking online but things seem to be outdated. Please help!

    Read the article

  • svnserve.conf authentication not worked

    - by Carson
    I can setup Subversion server. I can commit change. The only thing I am not sure is to set up the basic authentication with svnserve. Here is the tutorial I followed: http://tortoisesvn.net/docs/release/TortoiseSVN_en/tsvn-serversetup-svnserve.html#tsvn-serversetup-svnserve-4 Based on the tutorial, I edited the 2 files: svnserve.conf and passwd, and restarted the apache server. But the authentication still cannot work. Even if I set: anon-access = none and restart apache, I can still read svn files and commit change from Eclipse. Have I missed any steps?

    Read the article

  • Configure host access rights in OpenLDAP

    - by Anonymous Coward
    I've set up an OpenLDAP-Server to authenticate users to our Ubuntu-servers. The authentication works quite well but I'd like to restict the user's access to certain servers. I know this can be done through nss_base_something in the client's ldap.conf. However, this requires the group restrictions to be specified on the client. I wonder if the restrictions can be set completely in OpenLDAP. If it is, I'd like to know how. Thanks, AC

    Read the article

  • Form based authentication - Login get fails

    - by Sachin
    Hi All, I am using form based suthentication in my site. I have used one custom user control in my site which read items in sharepoint list and display it in a grid. Everything works fine with windows authentication but when I change the authentication to form based the login process get fails. I see the Error log it is giving me an error saying that "An SPRequest object was not disposed before the end of this thread" Then I have dispose all my spweb and spsite object that I have used in user control but still login process is not wotking. Thanks in advance

    Read the article

  • NTLM Authentication fails ONLY with IE against 2k8 App server behind 2k8 IIS7 Reverse Proxy

    - by CptSkippy
    I'm developing an ASP.NET application for an intranet site that is using Windows/NTLM/WIA/whatever authentication. The application is hosted on a Windows 2k8 server but is accessed through a Reverse Proxy using IIs7 on another 2k8 machine. Authentication works fine in FireFox, Chrome and Safari but fails in IE8. If I circumvent the Proxy and access the application server directly then it works fine so it has something to do with proxy. There's nothing in the Event Viewer on any of the 3 machines to indicate what might be happening. If you connect using IE8 it prompts for your credentials instead of automatically passing them, yes I've setup an explicit trust over an above the domain trust, but it still errors out with a 401 error returned from the proxy. Any ideas where to start troubleshooting this?

    Read the article

  • ASP.NET & Oracle Windows Authentication - Is this possible?

    - by user118190
    I am trying to enable Windows Authentication on my IIS 6.0 Server with some client technology and Oracle DB server. When I load the ASPX page and have unchecked Anonymous Access and checked Integrated Windows Authentication, I can see my LOGON_USER credentials on the server via tracing. I am now trying to see if the same user can read data from a LINUX-based Oracle server. I can't seem to pass over the credentials! How can I connect to Oracle? Anything special I should know about in terms of web.config files? Another question is, I'm assuming the Oracle server should be 'hooked' to Active Directory? How about manually adding users to the allowed tables? What about Oracle's LDAP, OID? Can anyone direct me to a good link for reference?

    Read the article

  • Ldap invalid credentials not loading authentication failure url

    - by Murari
    Able to do the custom ldap authentication for external db authorities. But when i am trying to test wrong password the authentication failure url is not showing instead my browser prints the exception details.Below is my securitycontext.xml and exption given <http auto-config="false" access-decision-manager-ref="accessDecisionManager" access-denied-page="/accessDenied.jsp"> <!-- Restrict access to ALL other pages --> <intercept-url pattern="/index.jsp" filters="none" /> <!-- Don't set any role restrictions on login.jsp --> <intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" /> <intercept-url pattern="/service/**" access="PRIV_Report User, PRIV_305" /> <logout logout-success-url="/index.jsp" /> <form-login authentication-failure-url="/index.jsp?error=1" default-target-url="/home.jsp" /> <anonymous/> </http> <b:bean id="accessDecisionManager" class="org.springframework.security.vote.AffirmativeBased"> <b:property name="decisionVoters"> <b:list> <b:ref bean="roleVoter" /> <b:ref bean="authenticatedVoter" /> </b:list> </b:property> </b:bean> <b:bean id="roleVoter" class="org.springframework.security.vote.RoleVoter"> <b:property name="rolePrefix" value="PRIV_" /> </b:bean> <b:bean id="authenticatedVoter" class="org.springframework.security.vote.AuthenticatedVoter"> </b:bean> <b:bean id="contextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource"> <b:constructor-arg value="ldap://mydomain:389" /> </b:bean> <b:bean id="ldapTemplate" class="org.springframework.ldap.core.LdapTemplate"> <b:constructor-arg ref="contextSource" /> </b:bean> <b:bean id="ldapAuthenticationProvider" class="com.zo.sas.gwt.security.login.server.SASLdapAuthenticationProvider"> <b:property name="authenticator" ref="ldapAuthenticator" /> <custom-authentication-provider /> </b:bean> <b:bean id="ldapAuthenticator" class="com.zo.sas.gwt.security.login.server.SASAuthenticator"> <b:property name="contextSource" ref="contextSource" /> <b:property name="userDnPatterns"> <b:value>uid={0},OU=People</b:value> </b:property> </b:bean> and my exception logs..... org.springframework.ldap.AuthenticationException: [LDAP: error code 49 - Invalid Credentials]; nested exception is javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid Credentials] org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:180) org.springframework.ldap.core.support.AbstractContextSource.createContext(AbstractContextSource.java:266) org.springframework.ldap.core.support.AbstractContextSource.getContext(AbstractContextSource.java:106) com.zo.sas.gwt.security.login.server.SASAuthenticator.authenticate(SASAuthenticator.java:55) com.zo.sas.gwt.security.login.server.SASLdapAuthenticationProvider.authenticate(SASLdapAuthenticationProvider.java:45) org.springframework.security.providers.ProviderManager.doAuthentication(ProviderManager.java:188) org.springframework.security.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:46) org.springframework.security.ui.webapp.AuthenticationProcessingFilter.attemptAuthentication(AuthenticationProcessingFilter.java:82) org.springframework.security.ui.AbstractProcessingFilter.doFilterHttp(AbstractProcessingFilter.java:258) org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) org.springframework.security.ui.logout.LogoutFilter.doFilterHttp(LogoutFilter.java:89) org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) org.springframework.security.context.HttpSessionContextIntegrationFilter.doFilterHttp(HttpSessionContextIntegrationFilter.java:235) org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) org.springframework.security.util.FilterChainProxy.doFilter(FilterChainProxy.java:175) org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:183) org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:138) This is my index.jsp <html> <script type="text/javascript" language="javascript"> var dictionary = { loginErr: "${SPRING_SECURITY_LAST_EXCEPTION.message}", error: "${param.error}" }; </script> <head> </head> <body > <iframe src="javascript:''" id="__gwt_historyFrame" style="width:0;height:0;border:0"></iframe> <script type="text/javascript" language="javascript" src="com.zo.sas.gwt.sasworkflow.home.Home.nocache.js"></script> </body> </html>

    Read the article

  • SSPI Errors for SQL Server Authentication?!

    - by Nathan
    We have several old ASP and PHP web applications which use SQL Server Authentication. Periodically, all the applications lose the ability to connect to our SQL Server 2000 database server, getting access denied. Corresponding to roughly the same times, we are getting 1115 Cannot generate SSPI Context SQLSTATE HY000 errors on the SQLServer 2000 server. And here's the weird part - rebooting the web server fixes the problem. Rebooting the database server has no effect. This makes no sense to me - I didn't think SSPI was in any way involved with SQL Server Authentication. Any ideas? Edit: Some additional details: The web server is in the DMZ. The hosts file on the web server has an entry for the database server (and the ip address is correct), so the web server (theoretically at least) shouldn't even be going to DNS to connect to the database server. It does not appear to be a firewall issue.

    Read the article

  • Where to place the login/authentication related actions in MVC

    - by rogeriopvl
    I've searched around and found that when implementing an authentication module in MVC architecture some people opt to place the login related actions in the User controller while others place it in a controller dedicated to authentication only. In pseudo-java-like code: class UserController extends Controller { public login() { //... } } Accessed with http://mydomain.com/user/login. vs. class AuthController extends Controller { public login() { //... } } Accessed with http://mydomain.com/auth/login. I would like to know which approach is better, and why. That is, if there's really any difference at all. Thanks in advance.

    Read the article

  • Tell postfix to merge three Authentication-Results:-Lines into one?

    - by Peter
    I am running a postfix mta with debian wheezy. I am using postfix-policyd-spf-python, openkdim and opendmarc. When receiving e-mails from google (google apps with own domain) for example, the header looks like this: [...] Authentication-Results: mail.xx.de; dkim=pass reason="1024-bit key; insecure key" header.d=yyy.com [email protected] header.b=OswLe0N+; dkim-adsp=pass; dkim-atps=neutral<br> [...] Authentication-Results: mail.xx.de; spf=pass (sender SPF authorized) smtp.mailfrom=yyy.com (client-ip=2a00:1450:400c:c00::242; helo=mail-wg0-x242.google.com; [email protected]; [email protected]) [...] Authentication-Results: mail.xx.de; dmarc=pass header.from=yyy.com<br> [...] This means any of these programs creates it's own Authentication-Results:-Line. Is it possible to tell postfix to merge this into one single Authentication-Results:-Line? When I send an e-mail to google, it says: [...] Authentication-Results: mx.google.com; spf=pass (google.com: domain of [email protected] designates xxx.xxx.xxx.xxx as permitted sender) [email protected]; dkim=pass [email protected]; dmarc=pass (p=NONE dis=NONE) header.from=xxx.com [...] And this is exactly what I want. Just one Authentication-Results-Header. How can I do this? Thanks. Regards, Peter

    Read the article

  • How to simulate htaccess for auth with IIS without having access to the server config ?

    - by bgy
    Hi, I need to put a website on windows server IIS, i'd like to use basic authentification like i'd do with Apache, with the .htaccess / .htpasswd I read here & there, that i could do this through the admin tabs of IIS, but i'm not the administrator, and i only have ftp access. It seems to be a 'web.config' file where i could do this. Is there a way to set up such things within a config file ? I'm not used to work with IIS...

    Read the article

  • openldap make sure password does not contain username

    - by Ryan Horrisberger
    Is there a way using openldap to ensure that a user's password does not contain their name or their username? I know that you can use the ppolicy overlay pwdCheckModule by writing a C function to do password checking, but is this the best approach? It doesn't seem like many folks are doing password quality checking this way--the only example I've found is a github example which only does basic checking.

    Read the article

  • Why is my WCF Rest Service on IIS7 Authenticating TWICE!?!?

    - by TheAggie
    Ok, if someone could shed some light on this for me, I would greatly appreciate it. So here we go. I had a rest service running fine the other day but after I accidentally overwrote the web.config all hell broke loose. I've spent the past day and a half trying to sort things out but I can't seem to figure out what is missing or misplaced. So, I've designed this service around WCF Rest Contrib (http://wcfrestcontrib.codeplex.com)'s authentication process. Now, I can get this working fine on my localhost w/ the current web.config (minus the endpoint entry) but once I upload it to discountasp and select "basic authorization" in the ISS7 Manager, it appears that I'm getting authenticated twice! Once using my discount asp.net user/pass and then the next time using the application user/pass. Unfortunately I only provide one set of credentials and don't want to hard code my discountasp account info into the app. Like I said before, this worked fine a few days ago. Anyway. here is my web.config as it is now: <?xml version="1.0"?> <configuration> <connectionStrings> <add name="SQL2008_ConnectionString" connectionString="Data Source=sql2k8xx.discountasp.net;Initial Catalog=SQL2008_xx;Persist Security Info=True;User ID=SQL2008_xx_user;Password=myPass" providerName="System.Data.SqlClient" /> </connectionStrings> <system.web> <httpRuntime maxRequestLength="204800" executionTimeout="3600"/> <compilation debug="true"> <assemblies> <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/> <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> </assemblies> </compilation> <httpModules> <add name="ServiceAnonymityModule" type="WcfRestContrib.Web.ServiceAnonymityModule, WcfRestContrib"/> </httpModules> </system.web> <system.codedom> <compilers> <compiler language="c#;cs;csharp" extension=".cs" warningLevel="4" type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> <providerOption name="CompilerVersion" value="v3.5"/> <providerOption name="WarnAsError" value="false"/> </compiler> </compilers> </system.codedom> <system.webServer> <validation validateIntegratedModeConfiguration="false"/> <modules> <remove name="ServiceAnonymityModule"/> <add name="ServiceAnonymityModule" type="WcfRestContrib.Web.ServiceAnonymityModule, WcfRestContrib"/> </modules> <handlers> <remove name="WebServiceHandlerFactory-Integrated"/> </handlers> </system.webServer> <system.diagnostics> <trace autoflush="true" /> </system.diagnostics> <system.serviceModel> <serviceHostingEnvironment aspNetCompatibilityEnabled="false"> <baseAddressPrefixFilters> <add prefix="http://www.mydomain.com/myServiceBaseAddress"/> </baseAddressPrefixFilters> </serviceHostingEnvironment> <extensions> <behaviorExtensions> <add name="webAuthentication" type="WcfRestContrib.ServiceModel.Configuration.WebAuthentication.ConfigurationBehaviorElement, WcfRestContrib, Version=1.0.5.0, Culture=neutral, PublicKeyToken=89183999a8dc93b5"/> <add name="errorHandler" type="WcfRestContrib.ServiceModel.Configuration.ErrorHandler.BehaviorElement, WcfRestContrib, Version=1.0.5.0, Culture=neutral, PublicKeyToken=89183999a8dc93b5"/> <add name="webFormatter" type="WcfRestContrib.ServiceModel.Configuration.WebDispatchFormatter.ConfigurationBehaviorElement, WcfRestContrib, Version=1.0.5.0, Culture=neutral, PublicKeyToken=89183999a8dc93b5"/> <add name="webErrorHandler" type="WcfRestContrib.ServiceModel.Configuration.WebErrorHandler.ConfigurationBehaviorElement, WcfRestContrib, Version=1.0.5.0, Culture=neutral, PublicKeyToken=89183999a8dc93b5"/> </behaviorExtensions> </extensions> <bindings> <customBinding> <binding name="HttpStreamedRest"> <httpTransport maxReceivedMessageSize="209715200" manualAddressing="true" /> </binding> <binding name="HttpsStreamedRest"> <httpsTransport maxReceivedMessageSize="209715200" manualAddressing="true" /> </binding> </customBinding> </bindings> <behaviors> <serviceBehaviors> <behavior name="Rest"> <webAuthentication requireSecureTransport="false" authenticationHandlerType="WcfRestContrib.ServiceModel.Dispatcher.WebBasicAuthenticationHandler, WcfRestContrib" usernamePasswordValidatorType="MyLibrary.Runtime.SecurityValidator, MyLibrary" source="MyRESTServiceRealm"/> <webFormatter> <formatters defaultMimeType="application/xml"> <formatter mimeTypes="application/xml,text/xml" type="WcfRestContrib.ServiceModel.Dispatcher.Formatters.PoxDataContract, WcfRestContrib"/> <formatter mimeTypes="application/json" type="WcfRestContrib.ServiceModel.Dispatcher.Formatters.DataContractJson, WcfRestContrib"/> <formatter mimeTypes="application/x-www-form-urlencoded" type="WcfRestContrib.ServiceModel.Dispatcher.Formatters.FormUrlEncoded, WcfRestContrib"/> </formatters> </webFormatter> <errorHandler errorHandlerType="WcfRestContrib.ServiceModel.Web.WebErrorHandler, WcfRestContrib"/> <webErrorHandler returnRawException="true" logHandlerType="MyLibrary.Runtime.LogHandler, MyLibrary" unhandledErrorMessage="An error has occured processing your request. Please contact technical support for further assistance."/> </behavior> </serviceBehaviors> </behaviors> </system.serviceModel> </configuration> So, whenever I upload this and change the ISS setting to Basic Authentication, it looks like it is trying to use the default handler for authentication as if I try to enter my web app user/pass, I get an error screen which has the following detailed information about the moduel/handler Detailed Error Information Module: IIS Web Core Notification: AuthenticateRequest Handler: svc-ISAPI-2.0 Error Code: 0x80070005 Requested URL: http://www.mydomain.com:80/MyService.../MyService.svc Physical Path: E:\web\xxxxxx\htdocs\MyServiceBaseAddress\MyService.svc Logon Method: Not yet determined Logon User: Not yet determined Now for the fun stuff... i tried providing my discountasp.net account username/password for kicks and sure enough it responded properly for any [OperationContract] which doesn't have [OperationAuthentication] defined (which is only one or two of the operations I have). I thought this was strange, so I looked at fiddler and saw something interesting. Whenever I try request a procedure with [OperationAuthentication] defined and provide my discountasp.net username/pass I get two different "WWW-Authenticate" headers back in Fiddler: WWW-Authenticate: Basic realm="MyRESTServiceRealm" WWW-Authenticate: Basic realm="www.mydomain.com" On the other hand, if I try to access the same procedures with only my application's user/pass, I only get the site's header: WWW-Authenticate: Basic realm="www.mydomain.com" My hypothesis is that for some reason I'm having to pass through the default "Basic Authorization" layer set by IIS before I can get to the application's "Custom Basic Authorization" layer. After verifying this by created an identical user/pass for my service that I use for my discountasp.net account, I was able to successfully pass both layers of authentication without any issues... so I think I can conclude that this is indeed the issue. Now how do I disable the default one? Do I need to do this in the IIS Manager, or in the web.config? Anyway, I have absolutely no idea how this is possible or what I need to do to resolve the issue, but I know that something is seriously out of whack. Any suggestions would be greatly appreciated! Thanks.

    Read the article

  • Distinction between IO error and refusing to authenticate using HTTPService (ActionScript 3.0)

    - by Jonas
    I'm using HTTPService (tried with URLLoader but result is the same) to load XML file. Furthermore, XML file is secured with basic HTTP authentication. There are two kind of events I want to separate: IO Error User refuses to authenticate (pressing cancel on credential request dialog) The problem is that these two kind of events looks exactly the same (401 Status code is not presented). Is there any way to find out whether IO error occurred or authentication failed?

    Read the article

  • Grails + Spring Security one field login

    - by Miguel
    Hi all Is it possible, using spring security plugin 0.5.3 with Grails 1.2.1, to authenticate a user using only one field? I mean, for example, making j_username and j_password fields in the authentication form equal previous to the authentication. I read it was possible to define j_username field in Config.groovy with acegi plugin, in older versions of the plugin. Now it uses SecurityConfig.groovy but the possibility of defining the field exists no more. Any ideas?? Thanks a lot, Miguel

    Read the article

  • how to force client(winform) application to use NTLM when calling web services

    - by peanut
    Hi, I have a winform application calling web services hosted in IIS, by default, the client app will use Kerberose for authentication to IIS, and it failed for some reasons? But the same app works fine at another PC(with different user login), and I found it is using NTLM by checking the IIS server event log. is there anyway we can change the client app(winform) authentication type? Thanks in advance

    Read the article

  • C# Wrapping an application within another application

    - by Gio Borje
    I want to secure some applications for some people without teaching them how to add an encryption or authentication, so I thought about mocking up a simple application that launches another application if some password or authentication function returns true. How would I wrap the application so that only the launcher would be able to access the file?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 56 57 58 59 60 61 62 63 64 65 66 67  | Next Page >