Search Results

Search found 2316 results on 93 pages for 'credentials'.

Page 60/93 | < Previous Page | 56 57 58 59 60 61 62 63 64 65 66 67  | Next Page >

• How do I limit the permissions of a C# program to read only on an SQLServer Database?

  - by gav

  Hi Guys, I have written some C# which connects to a live production database. I want to give my application read only access to the DB but am unsure how to achieve this. Is there any trivial way to get this done by amending the connection string? My understanding is that the application will logon with the credentials of the person running the application and hence may or may not have write access to the db based on that fact. Can I statically limit the permissions of the application so that if someone changes the program to do something devastating at a later date any manipulation will fail? Apologies for how trivial the question may be but it's my first venture into the world of MS programming. Thanks, Gav

  Read the article

• IE 8 Errors for Group Permissions for access

  - by Jeff P.

  Hello, The company I work for is about to begin testing for a transition from IE6 to IE8. One of our main concerns is about using permissions to control intranet access to internal sites,etc. This was a problem we encountered during testing for IE7 and scrapped it all together. However, IE6 has more than its foot in the grave, its head is peeking out. Microsoft is only supporting IE6 until 2014 when they also abandon support for Windows XP. IE7 just came up with a box asking for you to enter your credentials. It didn't matter if you had permissions, it always said access denied. We have yet to begin testing but I was hoping someone has encountered this issue as well and may be able to shed some light on the subject.

  Read the article

• Copying (or recovering) a .PFX password to another machine?

  - by Adam Robinson

  First things first, I'm aware of all of the finger-wagging potential that this question provides. However, I'm attempting to help out a friend with a project so I haven't been part of the decision making process thus far. I'm attempting to set up a new development machine, but one of the projects is signed with a .PFX key that's password protected and the original developer does not remember the password. The current development machine can open and build the project just fine, so I'm wondering if there is any way either to copy or to recover the saved password that Visual Studio is using on the original box so that the file can be used on the new box. Signing with a new file is obviously an option, but one that we'd prefer to avoid. Does anyone know of a way either to recover or copy the credentials for this file to a new machine?

  Read the article

• Servlet Session - switch from URL Rewriting to Cookie

  - by lajuette

  Situation: I have a "dumb" Javascript frontend that can contact some kind of SSO middleware (MW). The MW can obtain sessions by issuing requests that contain authentication credentials (username, password). I.e. the session will be created for a certain user. My frontend needs to "restart" the session to gain the user's permissions to the target system. For that i need a valid session cookie. The target system is not under my control (could be a more or less public WFS, WMS, etc.), so i cannot add any SSO mechanism to it. Question: Is it possible to "steal" a Session forging a request which URL contains a valid session ID in the jsessionid parameter? Goal : Issue such a request to a Servlet and make it respond with a Set-Cookie header that contains the same id. That way the frontend joins the session and may do whatever the user, which was used to create the session, is able to do.

  Read the article

• RESTFul, statelesness and sessions

  - by Per Arneng

  RESTFul service has a rule that it should be stateless. By beeing that it does not allow a session to be created and maintained by sending a session key between the client and the server and then holding a session state on the server. If i look at the definition in wikipedia of stateless server http://en.wikipedia.org/wiki/Stateless_server "A stateless server is a server that treats each request as an independent transaction that is unrelated to any previous request" It states that it should be unrelated to any previous request. In practice this means that any type of authentication will be comparing the credentials of a user to a state on the server that was created by a previous operation. So a service called login is related to and dependent on the state that has been created by previous requests (ex: create_user and/or change_password). In my view you are breaking statelessnes by doing authentication. My point is that people are complaining about having sessions in RESTFul is breaking statelesness but doing authentication is also breaking the same rule. What do you think?

  Read the article

• is JsonP working with Opera, Chrome & Safari ?

  - by Tom

  Hi, On a web site that I am building , when you log in (because the database is on an other server), I use json padding to check if the user as the right credentials. It's working flawlessly (ie7,ie8 & FF), until I tried it on chrome, safari & opera where it's a complete disaster. $.ajax({ type: "GET", dataType: "jsonp", url: "http://someurl.com", data: aRequestData, cache: false, error: function (XMLHttpRequest, textStatus, errorThrown) { // typically only one of textStatus or errorThrown // will have info alert("Error occured textStatus=" + textStatus + " errorThrown=" + errorThrown); }, success: function(data) { alert('success'); } }); Plain and simple and it works in browser window, however, to my big surprise it did not work in chrome, safari & opera, never got to the success alert. Does anyone know how to solve this issue? Thanks.

  Read the article

• URL Encoding of Characters in a password field

  - by Alavoil

  I am trying to pass login credentials to a PHP script that I have in my iPhone app. When I pull a password with special characters the password is missing certain characters especially the percent sign. I am trying to encode the text but even before I send it, the percent sign is missing. //password_field is a UITextField holding the password: !@#$%^&*() NSString *tmpPass = [password_field.text stringByAddingPercentEscapesUsingEncoding:NSUTF8StringEncoding]; NSLog(p_field.text); NSLog(tmpPass); This is what appears in the console: !@#$^&*() [email protected]&*() Is there any reason why it would be dropping the percent sign?

  Read the article

• Restfull authentication between two GAE apps.

  - by user259349

  Hello everyone, i am trying to write a restful google app engine application (python) that accepts requests only from another GAE that i wrote. I dont like any of the ways that i thought of to get this done, please advice if you know of something better than: Get SSL setup, and simply add the credentials on the request that my consuming app will send. I dont like it cause SSL will slow things down. Security by obsecurity. Pass a long number by my consuming app that is in Xmod0, where X is a secret number that both applications know. I just,,,, dont like this. Check the HTTP header to see where is the request coming from. This option is the one that i hate the least, not alot of processing, and spoofing an HTTP request is not really worth it, for my application's data. Is there any other clean solution for this?

  Read the article

• Requesting information from the user inside a GTK main loop

  - by Victor Stanciu

  Hello, I am learning Python by building a simple PyGTK application that fetches data from some SVN repositories, using pysvn. The pysvn Client has a callback you can specify that it calls when Subversion needs authentication information for a repository. When that happens, I would like to open a dialog to ask the user for the credentials. The problem is, it seems the callback is called inside the GTK main loop, so it's basically called on every tick. Is there a way to prevent this? Perhaps by opening the dialog in a new thread? But then how do I return the tuple with the user data to the callback so it can return it to the pysvn.Client?

  Read the article

• Verifying university membership/attendance via email address

  - by mettadore

  My client's web app allows members to sign up (Rails using AuthLogic) and those signups are limited in that they must be under the auspices of a university. To wit: A university organizer can sign up to be the representative of a university, and students can sign up as "attendees" of that university. I've been tasked with finding if there is a programmatic way to verify university membership/attendance. The only way I can see doing this is having a database of universities and a database of associated emails, and verifying that the student's email address is part of this database. That doesn't help if using Facebooker and AuthLogic's "sign up with Facebook credentials" ability, however. I suspect the answer to this is "via human intervention," and that this is something we can't solve programmatically. Either we, or the university, will have to bite the bullet and check records. However, I'd thought I'd ask if anyone else has run into the issue of verification of university membership before.

  Read the article

• Determine if count of related model > 0

  - by Lowgain

  I have a model called Stem. I need a 'thumbs up' feature, so I have created a second model called Thumb, which consists of stem_id and user_id. I'm also using the restful authentication plugin for user credentials. I have the 'thumbs up' button working, which adds a row to the thumbs table fine, but I'd like to be able to check if the currently logged in user has already given a thumbs up to this particular stem. I tried adding this to the Stem model: def thumbed Thumb.count_by_sql ["SELECT COUNT(*) FROM thumbs WHERE user_id = ? AND stem_id = ?", current_user.id, self.id ] end The problem here is that the stem model has no access to the current_user variable the the controllers have. Is there a way I can get access to this property, or alternatively, is there another way I could go about checking this? I was hoping to get this as a property in the model because the stems are passed over to a Flex app using RubyAMF. Thanks!

  Read the article

• How do I authenticate a Twitter user and access the API without leaving my iPhone app?

  - by thebossman

  I'd like to allow users to send out Tweets from my iPhone app. That's all the functionality I need at the moment. From what I know of the Twitter API, there's a standard authentication mechanism, which allows the developer to include the user's name and password in the request string that the application sends to Twitter. This method will no longer be supported come June 30, 2010. Given the timeframe, the better other choice is oAuth. One of the caveats of oAuth is that it requires a UIWebView to pop up within the app to allow the user to enter his or her credentials or a PIN number. None of the Twitter apps on my phone do this, however: Tweetie, TweetDeck and Twitterific. I assume they're using the first authentication method, but it seems like Twitter wouldn't deprecate an API that would hurt the user experience across the board. There must be an alternative method--what am I missing?

  Read the article

• Calling https process from ASP Net

  - by David M

  I have an ASP NET web server application that calls another process running on the same box that creates a pdf file and returns it. The second process requires a secure connection via SSL. The second process has issued my ASP NET application with a digital certificate but I still cannot authenticate, getting a 403 error. The code is a little hard to show but here's a simplified method ... X509Certificate cert = X509Certificate.CreateFromCertFile("path\to\cert.cer"); string URL = "https://urltoservice?params=value"; HttpWebRequest req = HttpWebRequest.Create(URL) as HttpWebRequest; req.ClientCertificates.Add(cert); req.Credentials = CredentialCache.DefaultCredentials; req.PreAuthenticate = true; /// error happens here WebResponse resp = req.GetResponse(); Stream input = resp.GetResponseStream(); The error text is "The remote server returned an error: (403) Forbidden." Any pointers are welcome.

  Read the article

• Dollar ($) sign in password string treated as variable

  - by ncatnow

  Spent some time troubleshooting a problem whereby a PHP/MySQL web application was having problems connecting to the database. The database could be accessed from the shell and phpMyAdmin with the exact same credentials and it didn't make sense. Turns out the password had a $ sign in it: $_DB["password"] = "mypas$word"; The password being sent was "mypas" which is obviously wrong. What's the best way to handle this problem? I escaped the $ with a \ $_DB["password"] = "mypas\$word"; and it worked. I generally use $string = 'test' for strings which is probably how I avoided running into this before. Is this correct behavious? What if this password was stored in a database and PHP pulled it out - would this same problem occur? What am I missing here...

  Read the article

• Email goes to spam

  - by VICKY Shastri

  i am creating an simple mail sending application in c# windows form application. My application works well but when i send email to my yahoo account it goes to spam not in inbox but if i send email to gmail it goes to inbox. please tell me what i need to do to send email in inbox below is my code: try { // setup mail message MailMessage message = new MailMessage(); message.From = new MailAddress(textBox1.Text); message.To.Add(new MailAddress(textBox2.Text)); message.Subject = textBox3.Text; message.Body = richTextBox1.Text; // setup mail client SmtpClient mailClient = new SmtpClient("smtp.mail.yahoo.com"); mailClient.Credentials = new NetworkCredential(textBox1.Text, "password"); // send message mailClient.Send(message); MessageBox.Show("Sent"); } catch(Exception) { MessageBox.Show("Error"); }

  Read the article

• Create, Delete and Use e-mail accounts within a website! Is it possible?

  - by BitDrink

  Hello! I'm developing an administration panel (in php), for a website (in a shared host), to let the administrator to manage the personal infos of the employees! With this panel should be possible to create or delete an e-mail account for an employee and if the employee logs in the admin panel, he/she should be able to access to his/her e-mail account! I had thought to install Horde WebMail on the website to let the employees use their e-mail accounts ... but how can I pass the login credentials to Horde? And what you suggest to create and delete the e-mails account that can be read by Horde? Any other suggestion is greatly appreciated! Thanks in advance!!! EDIT: Or are there better alternatives to Horde to accomplish, at least, the e-mail account access from within the web site?

  Read the article

• GData API works in Android 2.0 SDK & up?

  - by user266361

  I used GData API to pull in Calender info. It works fine if I use 1.6. But the same code, if I change to Android 2.0 & up, it would throw AuthenticationException. Below is my code for ur ref: CalendarService myService = new CalendarService("My Application"); myService.setUserCredentials(args[0],args[1]); // Set up the URL and the object that will handle the connection: URL feedUrl = new URL("http://www.google.com/calendar/feeds/"+args[0]+"/private/full"); args[0] & args[1] are the credentials. AuthenticationException will be thrown when calling myService.setUserCredentials(). Anybody has any clue?

  Read the article

• codeigniter: how to redirect after login to current controller (php_self in regular php)

  - by krike

  Well it's not really a problem but I check if the user exist and log them in and redirect to site/members_area, but I don't want to send the user to a specific page but i want to reload the current controller. So if I login in index/home I would like to be redirected at index/home, how should I proceed? in regular php I would put in the action to redirect to current page <?php echo $_SERVER['PHP_SELF']; ?> This is the code in the framework function validate_credentials() { $this->load->model('membership_model'); $query = $this->membership_model->validate(); if($query) // if the user's credentials validated... { $data = array( 'username' => $this->input->post('username'), 'is_logged_in' => true ); $this->session->set_userdata($data); redirect('site/members_area'); //<-- this line here should be dynamic } else // incorrect username or password { $this->index(); } }

  Read the article

• Is Eclipse Remote System Explorer broken on Windows?

  - by Kev

  I have the following setup on Windows 7 Ultimate x64: Eclipse Indigo 2.7.2 (Build: M20120208-0800) Remote System Explorer 3.3.2 (see screenshot) (Oracle/Sun) Java 1.6 Update 31 (x86) Despite all my best efforts I am unable to connect to a remote system (a Centos 5.6 server on my local LAN) using a Remote System Explorer SSH connection - I've tried both password authentication and using my SSH private key. Here is a screenshot of both the Eclipse error dialogue and what is logged in my /var/log/secure log file: /var/log/secure: Apr 1 12:00:21 nagios sshd[6176]: Received disconnect from 172.16.3.88: 3: com.jcraft.jsch.JSchException: Auth fail When I connect for the first time I do get prompted to verify the authenticity of the remote host and the RSA key fingerprint. But that's as far as things go. Performing the same operation with the same credentials on my Fedora Core 16 box (also running the same version of Eclipse and Java) to the same server is successful. This leads me to believe that RSE SSH support on Windows is either broken or there's some piece of the SSH-on-Windows puzzle I'm missing. Is this the case?

  Read the article

• How to assign permissions for Copy/Paste on windows

  - by jalchr

  Well, as everyone knows there is no way you can assign permissions for Copy/Paste of files on windows platform. I need to control the copy process from a central file server, in a way that helps me know: which user performed the copy Which files were copied where did he pasted them Total size of data copied Time of copy operation If user exceeds the allowed "Copy-Limit", a dialog box requests him to enter administrative credentials or deny him (as it would be configured) Store all this data in a file for later review or send by email. I need to collect this data by putting a utility program on the server itself, without any other installation on client computers. I know about monitoring the Clipboard, but which clipboard would it be? the user's clipboard or the server's clipboard ? And what about drag-drop operation, which doesn't even pass through the clipboard? Any knowledge of whether SystemFileWatcher is useful in such case ? Any ideas ?

  Read the article

• Get HttpResponse from a page in the same web application

  - by tivo

  I have the following code: HttpWebRequest myHttpWebRequest = (HttpWebRequest)WebRequest.Create("http://mycomputer/myWebApp/WebPage2.aspx"); myHttpWebRequest.Credentials = CredentialCache.DefaultNetworkCredentials; HttpWebResponse myHttpWebResponse = HttpWebResponse)myHttpWebRequest.GetResponse(); The last line of code throws a (500) Internal Server Error... This code is part of myWebApp/WepPage1.aspx, yes both aspx pages are on the same webapp. What I want to accomplish is to get WebPage2.aspx html response, put it on an email and send it from WebPage1.aspx. I would really appreciate any tips.. Thanks!!!

  Read the article

• Sign in as different user when using Integrated Windows Authentication

  - by Sam

  I have restricted access to a site by using Integrated Windows Authentication and turning off anonymous access. This way I can then show them their real name (from looking up on Active Directory and using the server variable LOGON_USER) and do other related Active Directory tasks. How can I then prompt again for their user credentials, through a 'sign in as other user' link , showing the browser prompt (like you would get on a browser like Chrome or Firefox, or if the site was not in the 'Intranet' zone in IE) rather than a Web Form? Since SharePoint offers this functionality, I assume there is a way to do this through code, but I don't know what code can do this (using C#). I can send a 401 header which makes the prompt appear, but how do you then confirm if they are logged in?

  Read the article

• How to lock non-browser clients from submitting a request?

  - by Thomas Kohl

  I want to block non-browser clients from accessing certain pages / successfully making a request. The website content is served to authenticated users. What happens is that our user gives his credentials to our website to 3rd party - it can be another website or a mobile application - that performs requests on his behalf. Say there is a form that the user fills out and sends a message. Can I protect this form so that the server processing the submission can tell whether the user has submitted it directly from the browser or not? I don't want to use CAPTCHA for usability reasons. Can I do it with some javascript?

  Read the article

• How to send argument securely using Process class?

  - by Sebastian

  Hello, I'm using System.Diagnostics.Process to execute an svn command from a windows console application. This is the configuration of the process: svn.StartInfo.FileName = svnPath; svn.StartInfo.Arguments = string.Format("copy {0}/trunk/ {0}/tags/{1} -r head -q --username {3} --password {4} -m \"{2}\"", basePathToRepo, tagName, message, svnUserName, svnPassword); svn.StartInfo.UseShellExecute = false; svn.Start(); svn.WaitForExit(); My problem is that those arguments, which include the svn credentials, are sent (I suppose) in an unsecure way. Is there a way to send these arguments in a secure way using the Process class? Thanks!

  Read the article

• Powershell: error handling with try and catch

  - by resolver101

  I'm writing a script and want to control the errors. However im having trouble finding information on error handling using the try, catch. I want to catch the specific error (shown below) and then perform some actions and resume the code. What code is needed for this? This is the code i am running and im entering in a invalid username when prompted. Get-WMIObject Win32_Service -ComputerName localhost -Credential (Get-Credential) Get-WmiObject : User credentials cannot be used for local connections At C:\Users\alex.kelly\AppData\Local\Temp\a3f819b4-4321-4743-acb5-0183dff88462.ps1:2 char:16 + Get-WMIObject <<<< Win32_Service -ComputerName localhost -Credential (Get-Credential) + CategoryInfo : InvalidOperation: (:) [Get-WmiObject], ManagementException + FullyQualifiedErrorId : GetWMIManagementException,Microsoft.PowerShell.Commands.GetWmiObjectCommand

  Read the article

< Previous Page | 56 57 58 59 60 61 62 63 64 65 66 67  | Next Page >