Search Results

Search found 3544 results on 142 pages for 'auth token'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 63/142 | < Previous Page | 59 60 61 62 63 64 65 66 67 68 69 70  | Next Page >

  • including tk.h and tcl.h in c program

    - by user362075
    hi, i am working on an ubuntu system. My aim is to basically make an IDE in C language using GUI tools from TCL/TK. I installed tcl 8.4, tk8.4, tcl8.4-dev, tk8.4-dev and have the tk.h and tcl.h headers file in my system. But, when I am running a basic hello world program it's showing a hell lot of errors. include "tk.h" include "stdio.h" void hello() { puts("Hello C++/Tk!"); } int main(int, char *argv[]) { init(argv[0]); button(".b") -text("Say Hello") -command(hello); pack(".b") -padx(20) -pady(6); } Some of the errors are tkDecls.h:644: error: expected declaration specifiers before ‘EXTERN’ /usr/include/libio.h:488: error: expected ‘)’ before ‘*’ token In file included from tk.h:1559, from new1.c:1: tkDecls.h:1196: error: storage class specified for parameter ‘TkStubs’ tkDecls.h:1201: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘attribute’ before ‘*’ token /usr/include/stdio.h:145: error: storage class specified for parameter ‘stdin’ tk.h:1273: error: declaration for parameter ‘Tk_PhotoHandle’ but no such parameter Can anyone please tell me how can I rectify these errors? Please help...

    Read the article

  • WCF Custom Delegation/Authentication without Kerberos

    - by MichaelGG
    I'm building a simple WCF service, probably exposed via HTTPS, using NTLM security. Since not all users are going to be capable of using the service directly, we're writing a simple web front-end for the service. Users will auth with HTML to the web front-end. What we want is a way to delegate the user of the web site all the way to the WCF service. I understand Kerberos delegation can do this, but that's not available to us. What I want to do is make the web front-end account a specially trusted account, so that if a request hits the WCF service authenticated as "DOMAIN\WebApp", we read a WCF message header containing the real identity, then switch the principal to that and continue as normal. Is there any "simple" way of achieving this? Should I give up entirely on this idea, and instead make users "sign-in" to the WCF app and then do complete custom auth? The WCF extensibility and security options seem so vast, I'd like to get a heads up on which path to start heading down.

    Read the article

  • how does hash element make a secure login on zend framework?

    - by ulduz114
    hello all i saw a example for login form same blow code class Form_Login extends Zend_Form { //put your code here public function init($timeout=360){ $this->addElement('hash', 'token', array( 'timeout' => $timeout )); $this->setName('Login'); $username = $this->createElement ( 'text', 'username' ); $username->setLabel('user name:') ->setRequired(); $this->addElement($username); $password=$this->createElement('password','password'); $password->setLabel('password:'); $password->setRequired(); $this->addElement($password); $login=$this->createElement('submit','login'); $login->setLabel('Login'); $this->addElement($login); $this->setMethod('post'); $this->setAction(Zend_Controller_Front::getInstance()->getBaseUrl().'/authentication/login'); } } and in submitAction a part code same below if (!$form->isValid($request->getPost())) { if (count($form->getErrors('token')) > 0) { return $this->_forward('csrf-forbidden', 'error'); } $this->view->form = $form; return $this->render('login'); } now , my question, whats the reason for use of hash element? how this hash element make secure login? anybody may help explain these? thanks

    Read the article

  • Django deployment - can't import app.urls

    - by hora
    I just moved a django project to a deployment server from my dev server, and I'm having some issues deploying it. My apache config is as follows: <Location "/"> Order allow,deny Allow from all SetHandler python-program PythonHandler django.core.handlers.modpython SetEnv DJANGO_SETTINGS_MODULE project.settings PythonDebug On PythonPath "['/home/django/'] + sys.path" </Location> Django does work, since it renders the Django debug views, but I get the following error: ImportError at / No module named app.urls And here is all the information Django gives me: Request Method: GET Request URL: http://myserver.com/ Django Version: 1.1.1 Python Version: 2.6.5 Installed Applications: ['django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.sites', 'django.contrib.admin', 'django.contrib.admindocs', 'project.app'] Installed Middleware: ('django.middleware.common.CommonMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware') Traceback: File "/usr/lib64/python2.6/site-packages/django/core/handlers/base.py" in get_response 83. request.path_info) File "/usr/lib64/python2.6/site-packages/django/core/urlresolvers.py" in resolve 218. sub_match = pattern.resolve(new_path) File "/usr/lib64/python2.6/site-packages/django/core/urlresolvers.py" in resolve 216. for pattern in self.url_patterns: File "/usr/lib64/python2.6/site-packages/django/core/urlresolvers.py" in _get_url_patterns 245. patterns = getattr(self.urlconf_module, "urlpatterns", self.urlconf_module) File "/usr/lib64/python2.6/site-packages/django/core/urlresolvers.py" in _get_urlconf_module 240. self._urlconf_module = import_module(self.urlconf_name) File "/usr/lib64/python2.6/site-packages/django/utils/importlib.py" in import_module 35. __import__(name) Exception Type: ImportError at / Exception Value: No module named app.urls Any ideas as to why I get an import error?

    Read the article

  • Cross domain login - what to store in the database?

    - by Jenkz
    I'm working on a system which will allow me to login to the same system via various domains. (www.example.com, www.mydomain.com, sub.domain.com etc) The following threads form the basis of my research so far: Single Sign On across multiple domains Cross web domain login with .net membership What I want to happen is that If I am logged in on the master domain and I visit a page on a client domain to be automatically logged in on the client. Obviously If I am not logged in on the master, I will need to enter my username and password. Walkthrough: 1. User logs in on master site 2. User navigates to client site 3. Client site re-directs to master site to see if User is logged in. 4. If User is logged in on master, record a RFC 4122 token ID and send this back to the client site. 5. Client site then looks up the token ID in the central database and logs this user in. This might eventually end up running on more than once instance of PHP and Apache, so I can't just store: token_id, php_session_id, created Is there any problem with me storing and using this: token_id, username, hashed_password, created Which is deleted on use, or automatically after x seconds.

    Read the article

  • Django's self.client.login(...) does not work in unit tests

    - by thebossman
    I have created users for my unit tests in two ways: 1) Create a fixture for "auth.user" that looks roughly like this: { "pk": 1, "model": "auth.user", "fields": { "username": "homer", "is_active": 1, "password": "sha1$72cd3$4935449e2cd7efb8b3723fb9958fe3bb100a30f2", ... } } I've left out the seemingly unimportant parts. 2) Use 'create_user' in the setUp function (although I'd rather keep everything in my fixtures class): def setUp(self): User.objects.create_user('homer', '[email protected]', 'simpson') Note that the password is simpson in both cases. I've verified that this info is correctly being loaded into the test database time and time again. I can grab the User object using User.objects.get. I can verify the password is correct using 'check_password.' The user is active. Yet, invariably, self.client.login(username='homer', password='simpson') FAILS. I'm baffled as to why. I think I've read every single Internet discussion pertaining to this. Can anybody help? The login code in my unit test looks like this: login = self.client.login(username='homer', password='simpson') self.assertTrue(login) Thanks.

    Read the article

  • Help setting up command line gist

    - by smotchkkiss
    setup I'm following defunkt's gist setup guide. [smotchkkiss ~]$ sudo gem install gist [smotchkkiss ~]$ git config --global github.user "my github name" [smotchkkiss ~]$ git config --global github.token "my github token" [smotchkkiss ~]$ echo "puts 'hello, gist.'" > hello.rb [smotchkkiss ~]$ gist hello.rb output Usage: open [-e] [-t] [-f] [-W] [-n] [-g] [-h] [-b <bundle identifier>] [-a <application>] [filenames] Help: Open opens files from a shell. By default, opens each file using the default application for that file. If the file is in the form of a URL, the file will be opened as a URL. Options: -a Opens with the specified application. -b Opens with the specified application bundle identifier. -e Opens with TextEdit. -t Opens with default text editor. -f Reads input from standard input and opens with TextEdit. -W, --wait-apps Blocks until the used applications are closed (even if they were already running). -n, --new Open a new instance of the application even if one is already running. -g, --background Does not bring the application to the foreground. -h, --header Searches header file locations for headers matching the given filenames, and opens them. return value nil help! nil return value? What gives? No new gist appears in my My Gists page on github.

    Read the article

  • Secure Webservice (WCF) without storing credentials on consumer application

    - by Pai Gaudêncio
    Howdy folks, I have a customer that sells a lottery analysis application. In this application, he consumes a webservice (my service, I mean, belongs to the company I work for now) to get statistical data about lottery results, bets made, amounts, etc., from all across the globe. The access to this webservice is paid, and each consult costs X credits. Some people have disassembled this lottery application and found the api key/auth key used to access the paid webservice, and started to use it. I would like to prevent this from happening again, but I can't find a way to authenticate on the webservice without storing the auth. keys on the application. Does anyone have any ideas on how to accomplish such task? ps1.Can't ask for the users to input any kind of credentials. Has to be transparent for them (they shouldn't know what is happening). ps2. Can't use digital certificates for the same reason above, not to mention it's easy to retrieve them and we would fall into the original problem. Thanks in advance.

    Read the article

  • MultipartFormDataContent Access to patch xx is denied

    - by Florian Schaal
    So I'm trying to upload a pdf file to a restapi. For some reason I the application cant get access to the files on my pc. The code im using to upload: public void Upload(string token, string FileName, string FileLocation, string Name, int TypeId, int AddressId, string CompanyName, string StreetNr, string Zip, string City, string CountryCode, string CustomFieldName, string CustomFieldValue) { var client = new HttpClient(); client.BaseAddress = _API.baseAddress; //upload a new form client.DefaultRequestHeaders.Date = DateTime.Now; client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue(token); using (var multiPartContent = new MultipartFormDataContent()) { //get te bytes from a file byte[] pdfData; using (var pdf = new FileStream(@FileLocation, FileMode.Open))//Here i get the error. { pdfData = new byte[pdf.Length]; pdf.Read(pdfData, 0, (int)pdf.Length); } var fileContent = new ByteArrayContent(pdfData); fileContent.Headers.ContentDisposition = new ContentDispositionHeaderValue("attachment") { FileName = FileName + ".pdf" }; //add the bytes to the multipart message multiPartContent.Add(fileContent); //make a json message var json = new FormRest { Name = Name, TypeId = TypeId, AddressId = AddressId, CompanyName = CompanyName, StreetNr = StreetNr, Zip = Zip, City = City, CountryCode = CountryCode, CustomFields = new List<CustomFieldRest> { new CustomFieldRest {Name = CustomFieldName, Value = CustomFieldValue} } }; var Content = new JsonContent(json); //add the json message to the multipart message multiPartContent.Add(Content); var result = client.PostAsync("forms", multiPartContent).Result; } } }

    Read the article

  • Bison input analyzer - basic question on optional grammer and input interpretation

    - by kumar_m_kiran
    Hi All, I am very new to Flex/Bison, So it is very navie question. Pardon me if so. May look like homework question - but I need to implement project based on below concept. My question is related to two parts, Question 1 In Bison parser, How do I provide rules for optional input. Like, I need to parse the statment Example : -country='USA' -state='INDIANA' -population='100' -ratio='0.5' -comment='Census study for Indiana' Here the ratio token can be optional. Similarly, If I have many tokens optional, then How do I provide the grammer in the parser for the same? My code looks like, %start program program : TK_COUNTRY TK_IDENTIFIER TK_STATE TK_IDENTIFIER TK_POPULATION TK_IDENTIFIER ... where all the tokens are defined in the lexer. Since there are many tokens which are optional, If I use "|" then there will be many different ways of input combination possible. Question 2 There are good chance that the comment might have quotes as part of the input, so I have added a token -tag which user can provide to interpret the same, Example : -country='USA' -state='INDIANA' -population='100' -ratio='0.5' -comment='Census study for Indiana$'s population' -tag=$ Now, I need to reinterpret Indiana$'s as Indiana's since -tag=$. Please provide any input or related material for to understand these topic. Thanks for your input in advance.

    Read the article

  • Connection details & timeouts in a java web service client

    - by f1sh
    Hello fellow Coders, I have to implement a webservice client to a given WSDL file. I used the SDK's 'wsimport' tool to create Java classes from the WSDL as well as a class that wrap's the webservice's only method (enhanceAddress(auth, param, address)) into a simple java method. So far, so good. The webservice is functional and returning results correcty. The code looks like this: try { EnhancedAddressList uniservResponse = getWebservicePort().enhanceAddress(m_auth, m_param, uniservAddress); //Where the Port^ is the HTTP Soap 1.2 Endpoint }catch (Throwable e) { throw new AddressValidationException("Error during uniserv webservice request.", e); } The Problem now: I need to get Information about the connection and any error that might occur in order to populate various JMX values (such as COUNT_READ_TIMEOUT, COUNT_CONNECT_TIMEOUT, ...) Unfortunately, the method does not officially throw any Exceptions, so in order to get details about a ConnectException, i need to use getCause() on the ClientTransportException that will be thrown. Even worse: I tried to test the read timeout value, but there is none. I changed the service's location in the wsdl file to post the request to a php script that simply waits forever and does not return. Guess what: The web service client does not time out but waits forever as well (I killed the app after 30+ minutes of waiting). That is not an option for my application as i eventually run out of tcp connections if some of them get 'stuck'. The enhanceAddress(auth, param, address) method is not implemented but annotated with javax.jws.* Annotations, meaning that i cannot see/change/inspect the code that is actually executed. Do i have any option but to throw the whole wsimport/javax.jsw-stuff away and implement my own soap client?

    Read the article

  • CSRF Protection in AJAX Requests using MVC2

    - by mnemosyn
    The page I'm building depends heavily on AJAX. Basically, there is just one "page" and every data transfer is handled via AJAX. Since overoptimistic caching on the browser side leads to strange problems (data not reloaded), I have to perform all requests (also reads) using POST - that forces a reload. Now I want to prevent the page against CSRF. With form submission, using Html.AntiForgeryToken() works neatly, but in AJAX-request, I guess I will have to append the token manually? Is there anything out-of-the box available? My current attempt looks like this: I'd love to reuse the existing magic. However, HtmlHelper.GetAntiForgeryTokenAndSetCookie is private and I don't want to hack around in MVC. The other option is to write an extension like public static string PlainAntiForgeryToken(this HtmlHelper helper) { // extract the actual field value from the hidden input return helper.AntiForgeryToken().DoSomeHackyStringActions(); } which is somewhat hacky and leaves the bigger problem unsolved: How to verify that token? The default verification implementation is internal and hard-coded against using form fields. I tried to write a slightly modified ValidateAntiForgeryTokenAttribute, but it uses an AntiForgeryDataSerializer which is private and I really didn't want to copy that, too. At this point it seems to be easier to come up with a homegrown solution, but that is really duplicate code. Any suggestions how to do this the smart way? Am I missing something completely obvious?

    Read the article

  • OAuth secrets in mobile apps

    - by Felixyz
    When using the OAuth protocol, you need a secret string obtained from the service you want to delegate to. If you are doing this in a web app, you can simply store the secret in your data base or on the file system, but what is the best way to handle it in a mobile app (or a desktop app for that matter)? Storing the string in the app is obviously not good, as someone could easily find it and abuse it. Another approach would be to store it on you server, and have the app fetch it on every run, never storing it on the phone. This is almost as bad, because you have to include the URL in the app. I don't believe using https is any help. The only workable solution I can come up with is to first obtain the Access Token as normal (preferably using a web view inside the app), and then route all further communication through our server, where a script would append the secret to the request data and communicates with the provider. Then again, I'm a security noob, so I'd really like to hear some knowledgeable peoples' opinions on this. It doesn't seem to me that most apps are going to these lengths to guarantee security (for example, Facebook Connect seems to assume that you put the secret into a string right in your app). Another thing: I don't believe the secret is involved in initially requesting the Access Token, so that could be done without involving our own server. Am I correct?

    Read the article

  • Why does Fabric display the disconnect from server message for almost 2 minutes?

    - by Matthew Rankin
    Fabric displays Disconnecting from username@server... done. for almost 2 minutes prior to showing a new command prompt whenever I issue a fab command. This problem exists when using Fabric commands issued to both an internal server and a Rackspace cloud server. Below I've included the auth.log from the server, and I didn't see anything in the logs on my MacBook. Any thoughts as to what the problem is? Server's SSH auth.log with LogLevel VERBOSE Apr 21 13:30:52 qsandbox01 sshd[19503]: Accepted password for mrankin from 10.10.100.106 port 52854 ssh2 Apr 21 13:30:52 qsandbox01 sshd[19503]: pam_unix(sshd:session): session opened for user mrankin by (uid=0) Apr 21 13:30:52 qsandbox01 sudo: mrankin : TTY=unknown ; PWD=/home/mrankin ; USER=root ; COMMAND=/bin/bash -l -c apache2ctl graceful Apr 21 13:30:53 qsandbox01 sshd[19503]: pam_unix(sshd:session): session closed for user mrankin Server Configuration OS: Ubuntu 9.10 OpenSSH: Ubuntu package version 1.5.1p1-6ubuntu2 Client Configuration OS: Mac OS X 10.6.3 Fabric ver 0.9 Vritualenv ver 1.4.7 pip ver 0.7 Thoughts on Cause of the Issue I don't know how long the problem has existed. However, I know that at one point I didn't have this problem. Things that have changed since then are that I have recreated my virtualenv's using virtualenv 1.4.7, virtualenvwrapper 2.1, and pip 0.7. Not sure if this is related, but it is a thought since I run my fabfiles from within a virtualenv.

    Read the article

  • How do php apps identify a user after the session has timed out?

    - by Bill Zimmerman
    I am trying to understand how PHP apps check to see if a user is logged in. I am specifically looking at mediawiki's code to try to help me understand, but these cases should be fairly common in all php apps. From what I gather, the main cases are: A user just logged in or was created, every time they visit the page PHP knows its them by checking data common to the $_SESSION variable and the cookie. A user had the 'remember me' option checked on the login page a long time ago. They have a cookie on there computer with a tokenID, which is checked with a token on the server to authenticate them. In this case, there is no session variable, because the time between accesses could be weeks. My question is, what happens when a user is logged in, but the PHP session times out and he wants to access a page? I would have assumed that there is no easy way for the server to know who the person is - and that they would have to be redirected to the login page. However, mediawiki does just that. I've verified that the session files are deleted after X minutes, but when I hit refresh in mediawiki, it knows which user I am, and the 'token' variable is not included in the cookie.

    Read the article

  • Django tests failing on invalid keyword argument

    - by Darwin Tech
    I have a models.py like so: from django.db import models from django.contrib.auth.models import User from datetime import datetime class UserProfile(models.Model): user = models.OneToOneField(User) def __unicode__(self): return self.user.username class Project(models.Model): user = models.ForeignKey(UserProfile) created = models.DateTimeField(auto_now_add=True) updated = models.DateTimeField(auto_now=True) product = models.ForeignKey('tool.product') module = models.ForeignKey('tool.module') model = models.ForeignKey('tool.model') zipcode = models.IntegerField(max_length=5) def __unicode__(self): return unicode(self.id) And my tests.py: from django.test import TestCase, Client # --- import app models from django.contrib.auth.models import User from tool.models import Module, Model, Product from user_profile.models import Project, UserProfile # --- unit tests --- # class UserProjectTests(TestCase): fixtures = ['admin_user.json'] def setUp(self): self.product1 = Product.objects.create( name='bar', ) self.module1 = Module.objects.create( name='foo', enable=True ) self.model1 = Model.objects.create( module=self.module1, name='baz', enable=True ) self.user1 = User.objects.get(pk=1) ... def test_can_create_project(self): self.project1 = Model.objects.create( user=self.user1, product=self.product1, module=self.module1, model=self.model1, zipcode=90210 ) self.assertEquals(self.project1.zipcode, 90210) But I get a TypeError: 'product' is an invalid keyword argument for this function error. I'm not sure what is failing but I'm guessing something to do with the FK relationships... Any help would be much appreciated.

    Read the article

  • HttpServerUtility.UrlTokenDecode fails "sometimes" (Invalid length for a Base-64 char array.)

    - by Josef
    We have an IHttpHandler for stylesheets and add a <link/> tag to the page like this: HtmlGenericControl link = new HtmlGenericControl("link"); link.Attributes.Add("rel", "stylesheet"); link.Attributes.Add("href", "stylesheet.axd?d=" + HttpServerUtility.UrlTokenEncode(token)); head.Controls.Add(link); In the stylesheet.axd handler, we UrlTokenDecode the d query string parameter like this: var token = HttpServerUtility.UrlTokenDecode(Request.QueryString["d"]); This works most of the time but every now and then we find one of the following two exceptions in our log: [FormatException: Invalid character in a Base-64 string.] System.Convert.FromBase64CharArray(Char[] inArray, Int32 offset, Int32 length) System.Web.HttpServerUtility.UrlTokenDecode(String input) ... [FormatException: Invalid length for a Base-64 char array.] System.Convert.FromBase64CharArray(Char[] inArray, Int32 offset, Int32 length) System.Web.HttpServerUtility.UrlTokenDecode(String input) System.Web.HttpServerUtilityWrapper.UrlTokenDecode(String input) ... Any ideas what would cause this phenomenon? Remarks: the resulting URL is < 1500, so below any known URL limits (e.g. IE: 2083) seems to be independent of user agent (we have these exceptions for IE6,7,8, FF & Chrome) our (unconfirmed) suspicions include AntiVirus products, HTTP proxies, browser addons found this remotely related question, but it's about a viewstate issue

    Read the article

  • Ajax model binding of a complex type

    - by David G
    I am trying to do something along the lines of the following where I have a Controller with an method similar to: public ActionResult Insert(Author author) { //do something... } Where the Author type looks like: public class Author { public string FirstName { get; set; } public string LastName { get; set; } public Book[] Books { get; set; } public Author() { Books = new Book[0]; } } public class Book { public string Title { get; set; } public int NumberOfPages { get; set; } } From a page I want to submit data using JQuery and Ajax something like function addAuthor() { var auth = { 'FirstName': 'Roald', 'LastName': 'Dahl', 'Books': [ { 'Title': 'Charlie and the Chocolate Factory', 'NumberOfPages': 264 }, { 'Title': 'The Twits', 'NumberOfPages': 316 } ] }; $.ajax({ type: "GET", url: "/Insert", data: auth }); } MVC binds the Author object (FirstName and LastName are set) but doesn't bind the Books property. Why is that and how can I submit an object containing an Array (or a Collection) as a property through AJAX?

    Read the article

  • plupload with webpy.

    - by markus
    Hi, i have a problem. I want to upload a file with plupload with the HML5 runtime. This is my html/js code : jQuery(function(){ jQuery("#uploader").pluploadQueue({ // General settings runtimes : 'html5', name : 'file', url : 'http://server.name/addContent', max_file_size : '${maxSize}$_("GB")', }); jQuery('#form_upload_file').submit(function(e) { var uploader = jQuery('#uploader').pluploadQueue(); // Validate number of uploaded files if (uploader.total.uploaded == 0) { // Files in queue upload them first if (uploader.files.length > 0) { // When all files are uploaded submit form uploader.bind('UploadProgress', function() { if (uploader.total.uploaded == uploader.files.length) jQuery('#form_upload_file').submit(); }); uploader.start(); } else alert('You must at least upload one file.'); e.preventDefault(); } }); }); <form id="form_upload_file" action="#" method="POST"> <div id="uploader"></div> <input type="hidden" name="token" value="token" /> <input type="hidden" name="idUser" value="$idUser" /> </form> So, when i click in the button to upload(the submit() method is not called), it does an OPTIONS HTTP request to my server so i don't know what i must do to save the file? this is my webpy code : def OPTIONS(self): web.header('Content-type', 'text/plain: charset=utf-8') web.header('Cache-Control', 'no-store, no-cache, must-revalidate') web.header('Cache-Control', 'post-check=0, pre-check=0', False) web.header('Pragma', 'no-cache') def POST(self): input = web.input(_unicode=False, file={})#on récupère les input self.copy(input.file.file) etc. any idea ? thanks.

    Read the article

  • Authenticated WCF: Getting the Current Security Context

    - by bradhe
    I have the following scenario: I have various user's data stored in my database. This data was entered via a web app. We'd like to expose this data back to the user over a web service so that they can integrate their data with their applications. We would also like to expose some business logic over these services. As such we do not want to use OData. This is a multi-tenant application so I only want to expose their data back to them and not other users. Likewise, the business logic we expose should be relative to the authenticated user. I would like let the user use an OASIS scheme to authenticate with the web service -- WCF already allows for this out of the box as far as I understand -- or perhaps we can issue them certificates to authenticate with. That bit hasn't really been worked out yet. Here is a bit of pseudo-code of how I envision this would work within the service: function GetUsersData(id) var user := Lookup User based on Username from Auth Context var data := Get Data From Repository based on "user" return data end function For the business logic scenario I think it would look something like this: function PerformBusinessLogic(someData) var user := Lookup User based on Username from Auth Context var returnValue := Perform some logic based on supplied data return returnValue end function The hard bit here is getting the current username (or cert info in the cert scenario) that the user authenticated with! Does WCF even enable this scenario? If not would WSE3 enable this? Thanks,

    Read the article

  • Why is Collection<String>.class Illegal?

    - by Peter
    I am puzzled by generics. You can declare a field like: Class<Collection<String>> clazz = ... It seems logical that you could assign this field with: Class<Collection<String>> clazz = Collection<String>.class; However, this generates an error: Syntax error on token ">", void expected after this token So it looks like the .class operator does not work with generics. So I tried: class A<S> {} class B extends A<String> {} Class<A<String>> c = B.class; Also does not work, generates: Type mismatch: cannot convert from Class<Test.StringCollection> to Class<Collection<String>> Now, I really fail to see why this should not work. I know generic types are not reified but in both cases it seems to be fully type safe without having access to runtime generic types. Anybody an idea? Peter Kriens

    Read the article

  • Ruby-on-rails: routing problem: controller action looks for show when it should look for finalize

    - by cbrulak
    background: trying to use the twitter gem for ruby-on-rails. in routes: map.resources :twitter_sessions map.finalize_twitter_sessions 'twitter_sessions/finalize', :controller => 'twitter_sessions', :action => 'finalize' (twitter_sessions is the controller for the twitter sessions in my app). The view has one file new.html.erb and is very simple: <% form_tag(twitter_sessions_path) do |f| %> <p><%= submit_tag "twitter!" %></p> <% end %> and the twitter_sessions_controller.rb: def new end def create oauth.set_callback_url(finalize_twitter_sessions_url) session['rtoken'] = oauth.request_token.token session['rsecret'] = oauth.request_token.secret redirect_to oauth.request_token.authorize_url end def destroy reset_session redirect_to new_session_path end def finalize oauth.authorize_from_request(session['rtoken'], session['rsecret'], params[:oauth_verifier]) profile = Twitter::Base.new(oauth).verify_credentials session['rtoken'] = session['rsecret'] = nil session[:atoken] = oauth.access_token.token session[:asecret] = oauth.access_token.secret sign_in(profile) redirect_back_or root_path end However, after I click the "twitter" button, I get this error: 401 Unauthorized .../gems/oauth-0.3.6/lib/oauth/consumer.rb:200:in `token_request' .../gems/oauth-0.3.6/lib/oauth/consumer.rb:128:in `get_request_token' .../gems/twitter-0.9.2/lib/twitter/oauth.rb:32:in `request_token' .../gems/twitter-0.9.2/lib/twitter/oauth.rb:25:in `set_callback_url' app/controllers/twitter_sessions_controller.rb:7:in `create' If I go to the finalize url, http://localhost:3000/twitter_sessions/finalize, directly, I get this error: Unknown action No action responded to show. Actions: create, destroy, finalize, isLoggedInToBeta, login_required, and new Any ideas? Thanks

    Read the article

  • Zend: Fetching row from session db table after generating session id

    - by Nux
    Hi, I'm trying to update the session table used by Zend_Session_SaveHandler_DbTable directly after authenticating the user and writing the session to the DB. But I can neither update nor fetch the newly inserted row, even though the session id I use to check (Zend_Session::getId()) is valid and the row is indeed inserted into the table. Upon fetching all session ids (on the same request) the one I newly inserted is missing from the results. It does appear in the results if I fetch it with something else. I've checked whether it is a problem with transactions and that does not seem to be the problem - there is no active transaction when I'm fetching the results. I've also tried fetching a few seconds after writing using sleep(), which doesn't help. $auth->getStorage()->write($ident); //sleep(1) $update = $this->db->update('session', array('uid' => $ident->user_id), 'id='.$this->db->quote(Zend_Session::getId())); $qload = 'SELECT id FROM session'; $load = $this->db->fetchAll($qload); echo $qload; print_r($load); $update fails. $load doesn't contain the row that was written with $auth-getStorage()-write($identity). $qload does contain the correct query - copying it to somewhere else leads to the expected result, that is the inserted row is included in the results. Database used is MySQL - InnoDB. If someone knows how to directly fix this (i.e. on the same request, not doing something like updating after redirecting to another page) without modifying Zend_Session_SaveHandler_DbTable: Thank you very much!

    Read the article

  • Translating CURL to FLEX HTTPRequests

    - by Joshua
    I am trying to convert from some CURL code to FLEX/ActionScript. Since I am 100% ignorant about CURL and 50% ignorant about Flex and 90% ignorant on HTTP in general... I'm having some significant difficulty. The following CURL code is from http://code.google.com/p/ga-api-http-samples/source/browse/trunk/src/v2/accountFeed.sh I have every reason to believe that it's working correctly. USER_EMAIL="[email protected]" #Insert your Google Account email here USER_PASS="secretpass" #Insert your password here googleAuth="$(curl https://www.google.com/accounts/ClientLogin -s \ -d Email=$USER_EMAIL \ -d Passwd=$USER_PASS \ -d accountType=GOOGLE \ -d source=curl-accountFeed-v2 \ -d service=analytics \ | awk /Auth=.*/)" feedUri="https://www.google.com/analytics/feeds/accounts/default\ ?prettyprint=true" curl $feedUri --silent \ --header "Authorization: GoogleLogin $googleAuth" \ --header "GData-Version: 2" The following is my abortive attempt to translate the above CURL to AS3 var request:URLRequest=new URLRequest("https://www.google.com/analytics/feeds/accounts/default"); request.method=URLRequestMethod.POST; var GoogleAuth:String="$(curl https://www.google.com/accounts/ClientLogin -s " + "-d [email protected] " + "-d Passwd=secretpass " + "-d accountType=GOOGLE " + "-d source=curl-accountFeed-v2" + "-d service=analytics " + "| awk /Auth=.*/)"; request.requestHeaders.push(new URLRequestHeader("Authorization", "GoogleLogin " + GoogleAuth)); request.requestHeaders.push(new URLRequestHeader("GData-Version", "2")); var loader:URLLoader=new URLLoader(); loader.dataFormat=URLLoaderDataFormat.BINARY; loader.addEventListener(Event.COMPLETE, GACompleteHandler); loader.addEventListener(IOErrorEvent.IO_ERROR, GAErrorHandler); loader.addEventListener(SecurityErrorEvent.SECURITY_ERROR, GAErrorHandler); loader.load(request); This probably provides you all with a good laugh, and that's okay, but if you can find any pity on me, please let me know what I'm missing. I readily admit functional ineptitude, therefore letting me know how stupid I am is optional.

    Read the article

  • How to send a JSONObject to a REST service?

    - by Sebi
    Retrieving data from the REST Server works well, but if I want to post an object it doesn't work: public static void postJSONObject(int store_type, FavoriteItem favorite, String token, String objectName) { String url = ""; switch(store_type) { case STORE_PROJECT: url = URL_STORE_PROJECT_PART1 + token + URL_STORE_PROJECT_PART2; //data = favorite.getAsJSONObject(); break; } HttpClient httpClient = new DefaultHttpClient(); HttpPost postMethod = new HttpPost(url); try { HttpEntity entity = new StringEntity("{\"ID\":0,\"Name\":\"Mein Projekt10\"}"); postMethod.setEntity(entity); HttpResponse response = httpClient.execute(postMethod); Log.i("JSONStore", "Post request, to URL: " + url); System.out.println("Status code: " + response.getStatusLine().getStatusCode()); } catch (ClientProtocolException e) { I always get a 400 Error Code. Does anybody know whats wrong? I have working C# code, but I can't convert: System.Net.WebRequest wr = System.Net.HttpWebRequest.Create("http://localhost:51273/WSUser.svc/pak3omxtEuLrzHSUSbQP/project"); wr.Method = "POST"; string data = "{\"ID\":1,\"Name\":\"Mein Projekt\"}"; byte [] d = UTF8Encoding.UTF8.GetBytes(data); wr.ContentLength = d.Length; wr.ContentType = "application/json"; wr.GetRequestStream().Write(d, 0, d.Length); System.Net.WebResponse wresp = wr.GetResponse(); System.IO.StreamReader sr = new System.IO.StreamReader(wresp.GetResponseStream()); string line = sr.ReadToEnd();

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 59 60 61 62 63 64 65 66 67 68 69 70  | Next Page >