Search Results

Search found 6525 results on 261 pages for 'restful authentication'.

Page 61/261 | < Previous Page | 57 58 59 60 61 62 63 64 65 66 67 68  | Next Page >

  • How secure is WCF wsHttpBinding's Windows authentication?

    - by Akash Kava
    I have created WCF and I have used wsHttpBinding and MTOM as message transport with authentcation as "Windows". Now my service is not current SECURE, its plain HTTP, running on custom port. Is Windows Authentication of WCF's wsHttpBinding secure? can anyone see the password or guess through network trace? Thank you, - Akash

    Read the article

  • Tomcat 403 error after LDAP authentication.

    - by user352636
    I'm currently trying to use an LDAP server to authenticate users who are trying to access our Tomcat setup. I believe I have managed to get the LDAP authentication working in the form of a JNDI realm call from Tomcat, but immediately after the user enters their password Tomcat starts throwing 403 (permission denied) errors for everything except from the root page (ttp://localhost:1337/). I have no idea why this is happening. I am following the example at http://blog.mc-thias.org/?title=tomcat_ldap_authentication&more=1&c=1&tb=1&pb=1 . server.xml (the interesting/changed bits) <Realm className="org.apache.catalina.realm.JNDIRealm" debug="99" connectionURL="ldap://localhost:389" userPattern="uid={0},ou=People,o=test,dc=company,dc=uk" userSubTree="true" roleBase="ou=Roles,o=test,dc=company,dc=uk" roleName="cn" roleSearch="memberUid={1}" /> <Valve className="org.apache.catalina.authenticator.SingleSignOn" /> web.xml (the interesting/changed bits) <security-constraint> <display-name>Security Constraint</display-name> <web-resource-collection> <web-resource-name>Protected Area</web-resource-name> <!-- Define the context-relative URL(s) to be protected --> <url-pattern>/*</url-pattern> <!-- If you list http methods, only those methods are protected --> </web-resource-collection> <auth-constraint> <!-- Anyone with one of the listed roles may access this area --> <role-name>admin</role-name> <role-name>regular</role-name> </auth-constraint> </security-constraint> <!-- Default login configuration uses form-based authentication --> <login-config> <auth-method>BASIC</auth-method> </login-config> <!-- Security roles referenced by this web application --> <security-role> <role-name>admin</role-name> <role-name>regular</role-name> </security-role> I cannot access my LDAP setup at the moment, but I believe it is alright as the login is accepted by the BASIC auth method, it's just tomcat that is rejecting it. The roles should be as defined in web.xml - admin and regular. If there is any other information you require me to provide, please just ask! My thanks in advance to anyone who can help, and my apologies for any major mistakes I have made - yesterday was pretty much the first time I'd ever heard of LDAP =D. EDIT: Fixed the second xml segment. Apologies for the formating-fail.

    Read the article

  • Proxy Authentication in .NET - for external API

    - by n0vic3c0d3r
    I'm developing a twitter messaging utility using Twitter API (twitterizer). But since I'm within a corporate proxy, I'm getting the error '407 Proxy Authentication Required'. Is there any way to authenticate the user before calling the API or use the default proxy settings? P.S Internally the API is using HttpWebRequest.

    Read the article

  • Where Federation authentication token is saved [WIF STS]?

    - by Googler
    Hi all, While i started to explore WIF, i have a doubt on the following: In the Windows Identification Foundation[WIF],looking on to Security Token Service[STS], i wish to know where the federation authentication token is being saved? I think its in browser cookie, if so can anyone please give me a insight about it?

    Read the article

  • X.509 certificate based authentication with OpenSSL (without using sockets)

    - by hartem
    Hi, Is there an alternative in OpenSSL to SSL_set_connect_state()/SSL_set_accept_state() for X.509 certificate based authentication? The problem is that in my application the client and server do not communicate using sockets, and the establishment of direct connection between them is not possible. So what I want from OpenSSL is to 'expose' the intermediate SSL context establishment messages which I would then convey to the party at the other end. Thanks for your help!

    Read the article

  • Google App Engine appcfg.py data_upload Authentication fail

    - by Pradeep Upadhyay
    Hi, I am using appcfg.py to upload data to datastore from a csv file. But every time I try, I am getting error: [info ] Authentication failed even if i am using Admin id and password. In my app.yaml file I am having: handlers: - url: /remote_api script: $PYTHON_LIB/google/appengine/ext/remote_api/handler.py login: admin - url: .* script: MainHandler.py Can anybody please help me? Thanks in advance.

    Read the article

  • Tomcat JMX connection - Authentication failed.

    - by ziggy
    I am having some problems setting up Tomcat for JMX. I added the following properties to CATALINA_OPTS="-Dcom.sun.management.jmxremote.port=18070 -Dcom.sun.management.jmxremote.password.file=$CATALINA_BASE/conf/jmxremote.password -Dcom.sun .management.jmxremote.ssl=false" And have added the jmxremote.password file in to the conf directory. I wrote a client tool that connects to the JMX server running on port 18070. When i run the client program i get the following error. Exception in thread "main" java.lang.SecurityException: Authentication failed! Credentials required at com.sun.jmx.remote.security.JMXPluggableAuthenticator.authenticationFailure(JMXPluggableAuthenticator.java:193) at com.sun.jmx.remote.security.JMXPluggableAuthenticator.authenticate(JMXPluggableAuthenticator.java:145) at sun.management.jmxremote.ConnectorBootstrap$AccessFileCheckerAuthenticator.authenticate(ConnectorBootstrap.java:185) at javax.management.remote.rmi.RMIServerImpl.doNewClient(RMIServerImpl.java:213) at javax.management.remote.rmi.RMIServerImpl.newClient(RMIServerImpl.java:180) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:305) at sun.rmi.transport.Transport$1.run(Transport.java:159) at java.security.AccessController.doPrivileged(Native Method) at sun.rmi.transport.Transport.serviceCall(Transport.java:155) at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:535) at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:790) at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:649) at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:885) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:907) at java.lang.Thread.run(Thread.java:619) at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(StreamRemoteCall.java:255) at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:233) at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:142) at javax.management.remote.rmi.RMIServerImpl_Stub.newClient(Unknown Source) at javax.management.remote.rmi.RMIConnector.getConnection(RMIConnector.java:2312) at javax.management.remote.rmi.RMIConnector.connect(RMIConnector.java:277) at javax.management.remote.JMXConnectorFactory.connect(JMXConnectorFactory.java:248) at com.bt.c21sc.c21tkprobe.accessors.C21TkProbeJmxDAO.connect(Unknown Source) at com.bt.c21sc.c21tkprobe.service.C21TkProbeBD.execute(Unknown Source) at com.bt.c21sc.c21tkprobe.C21AppserverProbe.main(Unknown Source) If i change the CATALINA_OPTS properties to CATALINA_OPTS="-Dcom.sun.management.jmxremote.port=18070 -Dcom.sun.management.jmxremote.password.file=$CATALINA_BASE/conf/jmxremote.password -Dcom.sun .management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false" Then it works fine. I think what i am confused of is what is classed as remote access. I am running the client program away from the Tomcat instance but both Tomcat and the client tool are on the same machine (i.e. different virtual machines but same environemnt). I thought i had to configure the remote authentication if i access the JMX server remotely from a different machine. By remote access do they mean accessing the JMX server from any VM either locally or remotely?

    Read the article

  • Approach for authentication and storing user details.

    - by cappuccino
    Hey folks, I am using the Zend Framework but my question is broadly about sessions / databases / auth (PHP MySQL). Currently this is my approach to authentication: 1) User signs in, the details are checked in database. - Standard stuff really. 2) If the details are correct only the user's unique ID is stored in the session and a security token (user unique ID + IP + Browser info + salt). The session in written to the filesystem. I've been reading around and many are saying that storing stuff in sessions is not a good idea, and that you should really only write a unique ID which refers back to the user's details and a security token to prevent session hijacking. So this is the approach i've taken, i use to write the user's details in session, but i've moved that out. Wanted to know your opinions on this. I'm keeping sessions in the filesystem since i don't run on multiple servers, and since i'm only writting a tiny tiny bit of data to sessions, i thought that performance would be greater keeping sessions in the filesystem to reduce load on the database. Once the session is written on authentication, it really is only read-only from then on. 3) The rest of the user's details (like subscription details, permissions, account info etc) are cached in the filesystem (this can always be easily moved to memory if i wanted even more performance). So rather than keeping the user's details in session, the user's details are cached in the file system. I'm using Zend_Cache and the unique cache id is something like md5(/cache/auth/2892), the number is the unique id of the user. I guess the benefit of this method is that once the user is logged in, there is essentially not database queries being run to get the user's details. Just wonder if this approach is better than keeping the whole lot in session... 4) As the user moves throughout the site the only thing that is checked is the ID in the session and the security token. So, overall the first question is 1) is the filesystem more efficient than a database for this purpose 2) have i taken enough security precautions 3) is separating user detail's from the session into a cached file a pointless task? Thanks.

    Read the article

  • SQL Server Windows Authentication.

    - by rrecoba
    Hi, im trying to connect to a remote sql express server using win. authentication. I´m logued with a user with username Administrator, but when loggin, i got the next error: Login failed for user guest ... Why is not using the Administrator account? Thanks in advance.

    Read the article

  • authentication winform + asp

    - by user156144
    I am building a desktop application that needs to update current user's status frequently. This status will be available as RSS feed. In order to do this, I think I can create a asp.net folder and secure it using form authentication. When the desktop application written as winform in c# needs to update status, it can set WebRequest.Credentials and upload data. Is there any better way of doing this? Thanks

    Read the article

  • psql: FATAL: Ident authentication failed for user "postgres"

    - by morpheous
    I have installed PostgreSQL and pgAdminIII on my Ubuntu Karmic box. I am able to use pgAdminIII successfully (i.e. connect/log on), however when I try to login to the server using the same username/pwd on the command line (using psql), I get the error: psql: FATAL: Ident authentication failed for user "postgres" Does anyone now how to resolve this issue?

    Read the article

  • Digest authentication using LDAP only

    - by Elephant
    Is there a way to validate digest authentication using LDAP only? I.e. if I have the following request from a client (stealed from Wikipedia): GET /dir/index.html HTTP/1.0 Host: localhost Authorization: Digest username="Mufasa", realm="[email protected]", nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093", uri="/dir/index.html", qop=auth, nc=00000001, cnonce="0a4f113b", response="6629fae49393a05397450978507c4ef1", opaque="5ccc069c403ebaf9f0171e9517f40e41" could I validate the user against LDAP, meaning if I don't now user password hence is not able to construct a digest hash to compare with the response?

    Read the article

  • Maven site deploy authentication error with scp

    - by Navi
    I get Auth fail error when running mvn -X site:deploy. org.apache.maven.wagon.authentication.AuthenticationException: Cannot connect. Reason: Auth fail It seems that the correct private key is used and I can scp files normally to the project site directory using scp on Ubuntu. What can be causing this?

    Read the article

  • facebook authentication using qt

    - by user310706
    can authentication for facebook be done without a web browser in qt? the way i want to authenticate is to enter a username and password in text boxes and pass it as parameters in the url? is it possible? please help. thanks in advance.

    Read the article

  • Unable to login to SQL Server + SQL Server Authentication + Error: 18456

    - by Nev_Rahd
    Hello I have created login account on my localhost\sql2008 Server (Eg. User123) Mapped to Database (default) Authentication Mode on SQL Server is set to both (Windows and SQL) But login to SQL Server fails with following message (for User123) Note: Have checked mutliple time that UserName / Password are typed in correctly Error Details: Login failed for user 'User123' (Net.SqlClient Data Provider) Server Name : localhost\sql2008 Error Number: 18456 Severity : 14 State : 1 Line Number : 65536 any help on this please. Thanks

    Read the article

  • Download File from server that uses Icefaces form based authentication

    - by user266443
    I am a newbie to ICEfaces and i have a requirement where i need to download a document from a given url (http://ipaddress/formexec?objectid=201). This URL uses a form based authentication that is deployed through ICEFaces. i tracked the request of this URL and i get the following line: &ice.submit.partial=false&ice.event.target=loginForm%3Aj_id33&ice.event.captured=loginForm%3Aj_id33 Is there any libraries or code to download the document by successfully passing the username and password.

    Read the article

  • Pass windows authentication username to asp variable

    - by Darren Cook
    Hi, I have a site that processes orders taken by phone into a SQL database. Access to the portal uses Windows Authentication and I would like to pass the username of the order processor along with the order so that I can record who has taken the order. How can I pass the user name to a form element? The pages are written in classic asp. Thanks.

    Read the article

< Previous Page | 57 58 59 60 61 62 63 64 65 66 67 68  | Next Page >