Search Results

Search found 6525 results on 261 pages for 'restful authentication'.

Page 63/261 | < Previous Page | 59 60 61 62 63 64 65 66 67 68 69 70  | Next Page >

  • FormsAuthentication redirecting to login page when visiting root of website

    - by Ryan Lattimer
    I wanted to use FormsAuthentication to secure my static files as well on my site, so I followed the instructions located here http://learn.iis.net/page.aspx/244/how-to-take-advantage-of-the-iis7-integrated-pipeline/ under title "Enabling Forms Authentication for the Entire Application". Now though, when I try to visit the site by going directly to http://www.mysite.com I get redirected to http://www.mysite.com/Login.aspx?ReturnUrl=%2f instead of it using my DefaultDocument I have set. I can go to my default document by just visiting http://www.mysite.com/Home.aspx without any issues because it is set to allow anonymous access. Is there something I need to add into my web.config file to make iis7 allow anonymous access to the root? I tried adding with anonymous access but no such luck. Any help would be much appreciated. Both Home and the Login form allow anonymous. <location path="Home.aspx"> <system.web> <authorization> <allow users="*" /> </authorization> </system.web> </location> <location path="Login.aspx"> <system.web> <authorization> <allow users="*" /> </authorization> </system.web> </location> Login form is set as the loginUrl <authentication mode="Forms"> <forms protection="All" loginUrl="Login.aspx"> </forms> </authentication> Default document is set as Home.aspx <defaultDocument> <files> <add value="Home.aspx" /> </files> </defaultDocument> I have not removed any of the iis7 default documents. However, Home.aspx is first in the priority.

    Read the article

  • How to expose MEX when I need the service to have NTLM authentication

    - by Ram Amos
    I'm developing a WCF service that is RESTful and SOAP, now both of them needs to be with NTLM authentication. I also want to expose a MEX endpoint so that others can easily reference the service and work with it. Now when I set IIS to require windows authentication I can use the REST service and make calls to the service succesfully, but when I want to reference the service with SVCUTIL it throws an error that it requires to be anonymous. Here's my web.config: <system.serviceModel> <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true"/> <bindings> <basicHttpBinding> <binding name="basicHttpBinding" maxReceivedMessageSize="214748563" maxBufferSize="214748563" maxBufferPoolSize="214748563"> <security mode="TransportCredentialOnly"> <transport clientCredentialType="Ntlm"> </transport> </security> </binding> </basicHttpBinding> <webHttpBinding> <binding name="webHttpBinding" maxReceivedMessageSize="214748563" maxBufferSize="214748563" maxBufferPoolSize="214748563"> <security mode="TransportCredentialOnly"> <transport clientCredentialType="Ntlm"> </transport> </security> </binding> </webHttpBinding> <mexHttpBinding> <binding name="mexHttpBinding"></binding> </mexHttpBinding> </bindings> <standardEndpoints> <webHttpEndpoint> <standardEndpoint name="" automaticFormatSelectionEnabled="true" helpEnabled="True"> </standardEndpoint> </webHttpEndpoint> </standardEndpoints> <services> <service name="Intel.ResourceScheduler.Service" behaviorConfiguration="Meta"> <clear /> <endpoint address="soap" name="SOAP" binding="basicHttpBinding" contract="Intel.ResourceScheduler.Service.IResourceSchedulerService" listenUriMode="Explicit" /> <endpoint address="" name="rest" binding="webHttpBinding" behaviorConfiguration="REST" contract="Intel.ResourceScheduler.Service.IResourceSchedulerService" /> <endpoint address="mex" name="mex" binding="mexHttpBinding" behaviorConfiguration="" contract="IMetadataExchange" /> </service> </services> <behaviors> <endpointBehaviors> <behavior name="REST"> <webHttp /> </behavior> <behavior name="WCFBehavior"> <dataContractSerializer maxItemsInObjectGraph="2147483647" /> </behavior> </endpointBehaviors> <serviceBehaviors> <behavior name="Meta"> <serviceMetadata httpGetEnabled="true"/> </behavior> <behavior name="REST"> <dataContractSerializer maxItemsInObjectGraph="2147483647" /> </behavior> <behavior name="WCFBehavior"> <serviceMetadata httpGetEnabled="true"/> <dataContractSerializer maxItemsInObjectGraph="2147483647" /> </behavior> <behavior name=""> <!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment --> <serviceMetadata httpGetEnabled="true" /> <!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information --> <serviceDebug includeExceptionDetailInFaults="false" /> </behavior> </serviceBehaviors> </behaviors> Any help will be appreciated.

    Read the article

  • anonymous access disabled but...

    - by Melody Friedenthal
    My web app (asp VB 2005) uses Windows authentication. If the user isn't part of a specific AD security group they don't get to edit the data; instead I redirect the user to a read-only page. The program works fine in the IDE. I published the web app to my laptop and Disabled anonymous access. When I ran the program I got redirected to the read-only page. I added a write event to the application event log to see what was going on, and found that the WindowsPrincipal.Identity.Name contained my laptop's ID, not my user name. I reassert: anonymous access is disabled in IIS and the web.config file has Windows Authentication. Can anyone suggest what else to check? Or can you explain what's going on?

    Read the article

  • One click login to my google apps solution how can I do it?

    - by Ali
    Hi guys I'm developing a google apps solution and I'm building on the tutorial application give by google at http://code.google.com/googleapps/marketplace/tutorial_php.html - the thing is that the example given sets up the application such that the user has to enter in manually the email address or username and then it takes the user through an authentication process whereby it asks the user if they wish to allow the application to be given access to the services mentioned in the manifest.xml file. Isn't there a better way to do this I mean like I want that when the user upon logging into his google apps account just has to click in the application link installed and straight on should be able to enter the application. Can't the process of authentication and all be transparent in the backdrop. I need help on this asap. Thanks a bunch!

    Read the article

  • What are best practices for securing the admin section of a website?

    - by UpTheCreek
    I'd like to know what people consider best practice for securing the Admin sections of websites, specifically from an authentication/access point of view. Of course there are obvious things, such as using SSL and logging all access, but I'm wondering just where above these basic steps people consider the bar to be set. For example: Are you just relying on the same authentication mechanism that you use for normal users? If not, what? Are you running the Admin section in the same 'application domain'? What steps do you take to make the admin section undiscovered? (or do you reject the while 'obscurity' thing)

    Read the article

  • Transport Security with Certificate Authentication

    - by Brian T
    I'm getting the following error when I access my webservice localhost/MyService/MyService.svc The SSL settings for the service 'SslRequireCert' does not match those of the IIS 'Ssl, SslNegotiateCert'. I've following the web.config examples as specified in http://msdn.microsoft.com/en-us/library/ms731074.aspx Here is my wcf server web.config: <?xml version="1.0" encoding="UTF-8"?> <configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0"> <appSettings /> <system.web> <identity impersonate="false" /> <roleManager enabled="true" /> <authentication mode="Windows" /> <customErrors mode="Off" /> <webServices> <protocols> <add name="HttpGet" /> <add name="HttpPost" /> </protocols> </webServices> </system.web> <system.webServer> <directoryBrowse enabled="true" /> <validation validateIntegratedModeConfiguration="false" /> <security> <authorization> <remove users="*" roles="" verbs="" /> <add accessType="Allow" users="*" roles="" /> </authorization> </security> </system.webServer> <system.serviceModel> <services> <service name="AspNetSqlProviderService" behaviorConfiguration="MyServiceBehavior"> <endpoint binding="wsHttpBinding" contract="Interface1" bindingConfiguration="CertificateWithTransportWSHttpBinding" /> <endpoint binding="wsHttpBinding" contract="Interface2" bindingConfiguration="CertificateWithTransportWSHttpBinding" /> <endpoint address="mex" binding="wsHttpBinding" bindingConfiguration="CertificateWithTransportWSHttpBinding" name="Metadata_Exchange" contract="IMetadataExchange" /> </service> </services> <behaviors> <serviceBehaviors> <behavior name="MyServiceBehavior"> <serviceDebug includeExceptionDetailInFaults="True" /> <serviceMetadata /> <serviceCredentials> <clientCertificate> <authentication trustedStoreLocation="LocalMachine" revocationMode="Online"/> </clientCertificate> </serviceCredentials> </behavior> </serviceBehaviors> </behaviors> <bindings> <wsHttpBinding> <binding name="CertificateWithTransportWSHttpBinding"> <security mode="Transport"> <transport clientCredentialType="Certificate" /> </security> </binding> </wsHttpBinding> </bindings> </system.serviceModel> </configuration> I've configured IIS as follows: https binding added using self signed certificate Under SSL settings, require SSL and accept client certificates is checked The self signed certificate has been added to the Local Computer Trusted Root CA. I can browse and execute the .asmx service definition, but the .svc gives me the error described above.

    Read the article

  • Smart Client App: How to give Different Settings for Different Users

    - by Daniel
    Hi! I have a smart client application being deployed with a CickOnce webpage. here's the current scenario. User runs the application, and the application shows a login form. User enters ID/Password in the login form, and the application sends that information to the server. The server authenticates the user and sends configuration and data to the application. Different users have different configuration and data for their application. I was concerned that anyone can download the application from the webpage if they know the URL. So I'm trying to change the authentication scheme, so that users can login at the webpage to download the application. I want to send the authentication info from the webpage(Program running at the server) to the smart client app, so that application can download the configuration information from the server, without prompting users to make a login again. How can the webpage send the ID/Passoword to the application securely?

    Read the article

  • Preferred Method Of Application Purchase

    - by Chuck
    This is more of a "programmers" question, but felt that it was technical enough to belong on Stack Overflow instead. I'm launching an application soon that will follow the shareware model of purchase. I've thought about implementing this in a few ways: Limited access to the application until they purchase Full access to the application but expires after 30 day, requiring them to purchase to retain utility. Full access to the application indefinitely, but with a 10-15 second pop-up box on start-up asking them to register -- like mIRC does (or used to do). The method of authentication will be web-based. I'll provide them with an authentication key and they'll put it in the application. Whenever the application boots up, it'll check my web service and determine whether the application is genuine or not. This isn't my question. My question is: Is there a preferred method of implementation? I'd like to piss off the users as little as possible, but I'd also like to get paid for my work.

    Read the article

  • Multiple formsauthentifications in the same application

    - by citronas
    Hi there, I was wondering if it is possible to use two different formsauthentification logins with the following directory structure: /default.aspx /login.aspx /web.config /subdirectory/sublogin.aspx /subdirectory/subdefault.aspx /subdirectory/web.config The web.config in the root contains the following settings: <authentication mode="Forms"> <forms protection="All" slidingExpiration="true" loginUrl="~/login.aspx" path="/"/> </authentication> <authorization> <deny users="?"/> </authorization> What I want to achieve is, that all directories except 'subdirectory' are protected by the login.aspx in the root. 'subdirectory' has its own login.aspx (sublogin.aspx) How would the correct content of the web.config in subdirectory look like?

    Read the article

  • Network update solutions for a company of ~20 (5 local, 15 remote)?

    - by Margaret
    Hi all This is probably going to be a bit up in the air, because we're still in the "reaching towards solutions" phase, but I figured I'd see what you guys had to say. Plus I honestly know very little about systems and what is good and bad pratice. My organisation has always more or less worked on the concept of local machines; since it primarily employed contractors who were working from home, each of those people was largely responsible for their own machine and backup procedures and the like. We're now expanding, though we're still reasonably small (we're up to about 20 staff members). Most people still work remotely, but we have a central office where about five people are working. But we're getting large enough that we're starting to think it would be a good idea to have a central file server, and things like that - if someone gets hit by a bus, we want someone else to know where to look for the files to continue their work. A lot of the people who work for us remotely work on projects for other companies as well, so I don't want to force them to log in to our server whenever they're on a network. But I do want to make connection to be as painless as possible to do so, to improve utilisation. The other thing is that we're getting more people who would like to remote into the office server and do their work there. Our current remote connection application is an SSH install that allows people access to the network; the problem is, it's a black box to me, and I've never understood how to even connect to it (despite supposedly being de facto sysadmin). Thus far I've been able to bounce questions about how to get it working to the guy who does know it well, but he's leaving the company soon. So we probably need a solution for this that I actually understand. We were knocking around the idea of implementing a VPN with some form of remote desktop, and someone mentioned that this was largely a matter of purchasing a router capable of it; I'm not sure of the truth of that statement. This is what we have in the office: Two shiny new i7 servers, each running Windows Server 2008. Precise eventual layout is still being debated, a little, but the current suggestion is that one is primary database crunching, while the other is a warm backup of the databases, along with running Reporting Services. They currently have SQL Server 2008 installed on them, which is being connected to via the 'sa' account. We're hoping to make each person use their own account (preferably one tied to the 'central' password we set up, so we can use Windows Authentication). An older server, running XP Pro, that we are currently using as a test bed for a project that requires access to older versions of software. This machine is also being used to take backups, but I'm thinking of moving that functionality elsewhere. A spare desktop from a guy who left the company (XP Pro). We're thinking of bumping up the hard disk space and using it as the magical file server that's going to solve one particular everything. Assorted desktops, laptops, etc, at least one for each person in the office (mix of Win XP and Win 7; occasionally a person who normally works remotely might drop in to the office and bring a laptop bearing Vista, but it's pretty rare). All are set up as local user accounts at the moment; I don't know if it's the best arrangement. Purchasing more hardware is not a big problem, but we figure we might as well make use of what we've got first. Is Active Directory a big magic wand that's going to solve all the world's problems? Is there some other arrangement we should be looking to instead?

    Read the article

  • Devise authenticating with username instead of email

    - by teknull
    I'm new to Devise and have it working fine by using an email address as the authentication key. However, I have a use case which requires a username instead and I can't seem to get it working. I've added a string column, "username" to the users table, changed the fields from :email to :username in the sign-in form, and have changed the authentication key in devise.rb to :username yet when I go to sign in I'm met with this prompt: "Please enter an email address". What am I doing wrong? **new.html.erb** <div><%= f.label :username %><br /> <%= f.email_field :username %></div> **User.rb** class User < ActiveRecord::Base # Include default devise modules. Others available are: # :token_authenticatable, :encryptable, :confirmable, :lockable, :timeoutable and :omniauthable devise :database_authenticatable, :registerable, :recoverable, :rememberable, :trackable, :validatable, :authentication_keys => [:username] # Setup accessible (or protected) attributes for your model attr_accessible :email, :password, :password_confirmation, :remember_me, :username # attr_accessible :title, :body end **devise.rb** config.authentication_keys = [ :username ]

    Read the article

  • Creating a User Registration Page using MongoEngine

    - by Drew Watkins
    I am currently working an a webapp, using mongoengine and django, which will require users to create an account from a registration page. I know MongoEngine has an authentication backend, but does it also include a registration form, etc..., like django itself does? If not, are there any example projects which show how to implement this? The only open-source mongoengine project I've found is django-mumblr, but I can't find the examples I want in it. I'm not interested in alternative options, such as MongoKit or mango for handling authentication. I am just getting started with django and mongoDB, so please excuse my lack of knowledge. Thanks in advance for the help!

    Read the article

  • Does Apache allow to authorize an HTTP request based on a result of a subrequest?

    - by Jan Wrobel
    I'm looking for an equivalent of nginx http auth request module but for Apache. For each incoming HTTP requests, the module sends a subrequests to authentication/authorization back-end. Th auth request carries a path and all headers of the original request. Based on the result of the auth request, the original requests is allowed (HTTP code 200), denied (HTTP code 403) or login is requested (HTTP code 401). Such a generic mechanism allows to build really flexible authentication and authorization schemes. Is something like this possible in Apache (likely with a help of some third party module)?

    Read the article

  • User.Identity.Name returning NT AUTHORITY\NETWORK SERVICE i want Domain\USER

    - by Jalvemo
    in my asp.net MVC project i have an database connection with connectionstring: Data Source=.;Initial Catalog=dbname;Integrated Security=True All users can execute Stored Procedures on that connection and i want to log those users. so after each execution I store "User.Identity.Name" to another database. This work great on my development machine but after deployment, to access the site i have to go through a VPN-connention and then remote desktop to the same server that the IIS is running on and use a web-browser there. Then i get User.Identity.Name: "NT AUTHORITY\NETWORK SERVICE". i would expect it to be the credentials i entered in remote desktop that have access to the database. any idea how i can get this to work? iis6 authentication: "windows authentication: enabled" web.config:

    Read the article

  • strange SQL Server attach database error

    - by George2
    Hello everyone, I am using SQL Server 2008 Enterprise with VSTS 2008, and I am developing a simple web application using ASP.Net and Forms Authentication. When I am using the configuration tool/menu of VSTS of my ASP.Net project (I want to use this tool to manually add some Forms authentication users), I met with the following error (SqlException), Trying to attach file D:\Projects\MyTest\App_Data\aspnetdb.mdf to automatically named database failed. It may be caused by existing the same name database, or may be caused by specified file can not be opened or caused by the specified file exists in UNC share. In my computer, there is no aspnetdb.mdf under dir D:\Projects\MyTest\App_Data, and I have used aspnet_regsql to generate database successfully before I run the configuration tool. Why there is such error? How to fix it? thanks in advance, George

    Read the article

  • How to send data securely over a public channel?

    - by Daniel
    Hi! I have a smart client application being deployed with a CickOnce webpage. here's the current scenario. 1.User runs the application, and the application shows a login form. 2.User enters ID/Password in the login form, and the application sends that information to the server. 3.The server authenticates the user and sends configuration and data to the application. Different users have different configuration and data for their application. I was concerned that anyone can download the application from the webpage if they know the URL. So I'm trying to change the authentication scheme, so that users can login at the webpage to download the application. I want to send the authentication info from the webpage(Program running at the server) to the smart client app, so that application can download the configuration information from the server, without prompting users to make a login again. How can the webpage send the ID/Passoword to the application securely?

    Read the article

  • How to configure IIS7 to Redirect member of An active Directory group to static page

    - by user1759075
    On IIS, we have disabled Anonymous authentication and enabled Windows Authentication What we need is to only allow users who are members of an Active Directory security group to access the Access Point at all. All other users should be directed to a static web page that will give them instructions on how to request access. By adding the security group to the website permissions, and removing the \Users group, we have almost achieved this. Users in the group are allowed through, those not in the group are asked for a (Windows) username and password. Instead of requesting the username and password, we want IIS to redirect them to the static page. Please advise me on how can this be done.

    Read the article

  • How to configure apache to basic authentication or allow when ntlm while proxying?

    - by trotzim
    Here is my study case: browser --- apache proxy --- ISA server --- internet The ISA server requires an authentication. The issue is to allow HTTPS through the two proxies. A configuration that works with HTTP is something like this: (yes, I don't want to use ProxyPass but ProxyRequests) <virtualhost *:8080> ... SetEnv auth-proxy-chain on ... ProxyRequests On ProxyRemote * http://isaproxy:80 ... <proxy *> AuthName "ISA server auth" AuthType Basic [here a module to authenticate] require valid-user Allow from all </proxy> ... </virtualhost> The user can authenticate on the apache proxy then the authentication chain is sent to the ISA server that allows the HTTP trafic. But, while the browser switchs to HTTPS, the ISA server "speaks" NTLM and breaks the authentication on the apache proxy. If I try to use the SSPI module (ntlm) with something like this: blablabla <proxy *> AuthName "ISA server auth" AuthType ntlm [ SSPI stuff ] Require valid-user Allow from all </proxy> The apache server reject the authentication (or the ISA server I don't really know). I use wireshark to look at the nominal process while using directly the ISA server as proxy. The first auth-chain is a BASIC type then it switchs to NTLM (and the challenge continues with NTLM). How should I configure apache that it transfers the NTLM authentication to the ISA proxy without checking it(*)? Or to rewrite headers to force BASIC authentication? (*) It seems not to be as easy as it seems...

    Read the article

  • Does mcrypt support asymmetric encryption?

    - by bryanagee
    I want to use asymmetric encryption of headers in RESTful requests to verify the identity of the system sending the request: i e System A encrypts it's name, timestamp, and the service name using it's public key in a request to System B. System B then uses the public key of System A to decrypt, proving the authenticity of the request. 1) Does php-mcrypt support this? 2) Has anyone benchmarked this type of operation?

    Read the article

  • Axis over SSL and authentication with a PKCS#12 keystore

    - by Camilo Díaz
    I have PKCS#12 keystore that I've sucessfully imported in my browser for accessing a server that needs 2-way SSL authentication. Works perfectly reaching any https URL there. However, I'm unable to access an URL in the same server, and from the same host when using Axis 1.4. The given Axis faultString is: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target My javax.net.ssl.{keyStore,keyStorePassword,keyStoreType} properties seem to be set up fine. How can I solve this?

    Read the article

  • NSURLConnection and Basic HTTP Authentication

    - by Justin Galzic
    I need to invoke an initial GET HTTP request with Basic Authentication. This would be the first time the request is sent to the server and I already have the username & password so there's no need for a challenge from the server for authorization. First question: 1) Does NSUrlConnection have to be set as synchronous to do Basic Auth? According to the answer on this post, it seems that you can't do Basic Auth if you opt for the async route. 2) Anyone know of any some sample code that illustrates Basic Auth on a GET request without the need for a challenge response? Apple's documentation shows an example but only after the server has issued the challenge request to the client. I'm kind of new the networking portion of the SDK and I'm not sure which of the other classes I should use to get this working. (I see the NSURLCredential class but it seems that it is used only with NSURLAuthenticationChallenge after the client has requested for an authorized resource from the server).

    Read the article

  • Proxy Authentication Error while calling FedEx webservice

    - by Abdel Olakara
    Hi all, I am trying to call the FedEx tracking webservice. Currently I am running the sample application provided by FedEx itself (Added my test account number and other details). When I run the application, I get the following error: The remote server returned an error: (407) Proxy Authentication Required. I am inside a proxy at my organization and I tried provided the proxy server details to the webservice client using the WebProxy class as: trackService.Proxy = WebProxy.GetDefaultProxy(); and also by providing the proxy server details as: trackService.Proxy = new WebProxy("IP",8080); But I still keep getting the same error!! Could somebody help me how to resolve this problem? Thanks in advance, Regards, Abdel Olakara

    Read the article

  • Oracle Linked Server error: ORA-12640: Authentication adapter initialization failed

    - by Chenster
    I have a linked server on SQL Server that talks to Oracle. Executing the following sql statement using Openquery SELECT * FROM OPENQUERY(finance, 'select * from KFRI.VW_XREF_PROJECTS') will get error as the following: OLE DB provider "OraOLEDB.Oracle" for linked server "finance" returned message "ORA-12640: Authentication adapter initialization failed". Msg 7303, Level 16, State 1, Line 1 Cannot initialize the data source object of OLE DB provider "OraOLEDB.Oracle" for linked server "finance". I tried to set : SQLNET.AUTHENTICATION_SERVICES= (NONE) in {$ORACLE_HOME}\NETWORK\ADMIN\sqlnet.ora. It did not help. What's interesting is my coworker is able to execute the exactly same query successfully on his machine without a hitch. Any tips on how to fix this is greatly appreciated!!

    Read the article

  • Symfony user authentication using Active Directory

    - by Radu Dragomir
    Is there a way to authenticate users in symfony apps using Active Directory? Can you please point out some documentation? edit What i need is to have a transparent login in my application. The user authenticates once at windows logon, then all applications should be accessed with the same credentials without being asked for the domain\username and password again. I tried the following in a simple php script: if (!isset($_SERVER['PHP_AUTH_USER'])) { header('WWW-Authenticate: Basic realm="my realm"'); header('HTTP/1.0 401 Unauthorized'); exit; } else { echo "<p>Hello {$_SERVER['PHP_AUTH_USER']}.</p>"; echo "<p>You entered {$_SERVER['PHP_AUTH_PW']} as your password.</p>"; } but then i get the authentication form popped up. Is there any way to pass the header the credentials used at windows logon? Thanks, Radu.

    Read the article

  • Programatical authentication in J2EE 6

    - by Kevin
    Hello, is it possible to authenticate programmatically a user in J2ee 6? Let me explain with some more details: I've got an existing Java SE project with Servlets and hibernate; where I manage manually all the authentication and access control: class Authenticator { int Id string username } Authenticator login(string username, string password) ; void doListData(Authenticator auth) { if (isLoggedIn(auth)) listData(); else doListError } void doUpdateData (Authenticator auth) { if (isLoggedAsAdmin(auth)) updateData() ; else doListError(); } void doListError () { listError() ; } And Im integrating J2ee/jpa/servlet 3/... (Glassfish 3) in this project. I've seen anotations like : @RolesAllowed ("viewer") void doListdata (...) { istData() ; } @RolesAllowed("admin") void doUpdateData (...) { updateData() ; } @PermotAll void dolisterror () { listerror() ; } but how can I manually state, in login(), that my user is in the admin and/or viewer role?

    Read the article

< Previous Page | 59 60 61 62 63 64 65 66 67 68 69 70  | Next Page >