Search Results

Search found 12796 results on 512 pages for 'password hash'.

Page 72/512 | < Previous Page | 68 69 70 71 72 73 74 75 76 77 78 79  | Next Page >

  • how to store passwords in database?

    - by rgksugan
    I use jsp and servlets in my web application. i need to store passwords in the database. I found that hashing will be the best way to do that. I used this code to do it. java.security.MessageDigest d = null; d = java.security.MessageDigest.getInstance("SHA-1"); d.reset(); d.update(pass.getBytes("UTF-8")); byte b[] = d.digest(); String tmp = (new BASE64Encoder()).encode(b); When i tried to print the value of tmp, i get some other value.i guess its the hash value of the password. But when i persist this data to the database the original password gets saved there other than the value in tmp.. What is the problem???

    Read the article

  • [PHP] md5(uniqid) makes sense for random unique tokens?

    - by Exception e
    I want to create a token generator that generates tokens that cannot be guessed by the user and that are still unique (to be used for password resets and confirmation codes). I often see this code; does it make sense? md5(uniqid(rand(), true)); According to a comment uniqid($prefix, $moreEntopy = true) yields first 8 hex chars = Unixtime, last 5 hex chars = microseconds. I don't know how the $prefix-parameter is handled.. So if you don't set the $moreEntopy flag to true, it gives a predictable outcome. QUESTION: But if we use uniqid with $moreEntopy, what does hashing it with md5 buy us? Is it better than: md5(mt_rand())

    Read the article

  • SHA1 Password returns as cleartext after DB query

    - by Code Sherpa
    Hi. I have a SHA1 password and PasswordSalt in my aspnet_Membership table. but, when I run a query from the server (a Sql Query), the reader reveals that the pass has returned as its cleartext equivalent. I am wondering if my web.config configuration is causing this? <membership defaultProvider="CustomMembershipProvider" userIsOnlineTimeWindow="20" hashAlgorithmType="SHA1"> <providers> <clear/> <add name="CustomMembershipProvider" type="Custom.Utility.CustomMembershipProvider" connectionStringName="MembershipDB" enablePasswordRetrieval="false" enablePasswordReset="true" requiresUniqueEmail="false" requiresQuestionAndAnswer="false" passwordStrengthRegularExpression="" minRequiredPasswordLength="1" minRequiredNonalphanumericCharacters="0" passwordFormat="Hashed" thanks in advance...

    Read the article

  • Aren't passwords written in inputbox vulnerable through a stack trace ?

    - by loursonwinny
    Hello, I am not a guru of the stack tracing, at all. I even don't know how to get some. Anyway, I am wondering if entering a password entered in an inputbox is safe. Can't it be retrieved by getting a stack trace ? A password entered that way will be found in many places : Caption property of the TEdit Result of the function which creates the inputbox probably, a variable that stores the Result of the InputBox Command etc... If the answer is "yes, it is a vulnerability", then my world collapses :p. What can be done to avoid that vulnerability hole ? NOTE : The InputBox is an example but it can be with a "homebrewed" login prompt. InputBox is a Delphi command but I haven't tagged the question with the Delphi tag because I suppose that the question concerns any language. Thanks for reading

    Read the article

  • using php Download File From a given URL by passing username and password for http authentication

    - by Acharya
    Hi all, I need to download a text file using php code. The file is having http authentication. What procedure I should use for this. Should I use fsocketopen or curl or Is there any other way to do this? I am using fsocketopen but it does not seem to work. $fp=fsockopen("www.example.com",80,$errno,$errorstr); $out = "GET abcdata/feed.txt HTTP/1.1\r\n"; $out .= "User: xyz \r\n"; $out .= "Password: xyz \r\n\r\n"; fwrite($fp, $out); while(!feof($fp)) { echo fgets($fp,1024); } fclose($fp); Here fgets is returning false. Any help!!!

    Read the article

  • How to automate rsync without asking for password prompt

    - by Rijosh K
    i would like to automate the rsync task as a cron job.. since it needs the passphrase i am not able to do the cronjob. i need to specify the passphrase along with the rsync command or i will store the passphrase in a file and i will read from it. my command will look like this.. rsync -aPe "ssh -i ' . $server-{'ssh_key'} . '" ' . $server_lock_dir; so where do i put the password .. pls help

    Read the article

  • Best approach to store username & password

    - by Zerotoinfinite
    Hi All, I have created a site in asp.net 3.5 & my query is this that I have only 2 or 3 login Id (user) who can login to my website, then what would be the better way to save the login details. What I know I am writing below, please let me know which would be the correct approach to achieve this also if their is any nice approach to get this done: 1: to save username and password in web.config file 2: to create a text file in directory and modify it 3: To use form authentication Please let me know the approach I can use to solve it. thanks in advance P.S. : I have to create only 2-3 users, or in future may be 1-2 more, that's it.

    Read the article

  • Hide 'Would you like to remember password' iFrame

    - by nsilva
    Basically I have a website called http://yellow-taxis.uk/ which features an online booking system that is placed on the web site within an iFrame. On the online booking, it automatically logs the user in as a 'Guest' for credit card payments. When the site loads it comes up with a window asking the viewer if they 'would like to remember the password'. I was wondering if there was anyway possible to not display this window as it would be a much simpler option than changing a lot of the code within the online booking. Just to add, the iFrame is hosted on the same server as the web site (not sure if this makes a difference) Any help would be much appreciated.

    Read the article

  • I saved PuTTY password when logging in, how to unsave it?

    - by xiaolaidd
    I mistakenly saved password first time logging to the server through PuTTY. How can I unsave the password? I don't want the password to be saved, instead I want to type the password everytime when I want to log in. Sorry that the question maybe confusing. The problem is I mistakenly click "yes" when PuTTY asked me to save the password or not. When logging in, it will prompt running "my username" and "my password". Apparently it will complain command not found. Just want to know where PuTTY stores my password so that I can delete it. Thanks,

    Read the article

  • How to modify IMM password from the default one?

    - by evachristine
    We cannot modify the default USERID/PASSW0RD on an IMM because when we try it modify the USERID's password with a logged in USERID user (that has the "max" rights) we get this message after clicking on "SAVE" (save the new password..) Could not modify password: *** Provider OSBase_AccountProvider(21770) exiting due to a SIGSEGV signal Our question: How can we modify the default password to something else? UPDATE: by IMM we wanted to mean this: https://en.wikipedia.org/wiki/IBM_Remote_Supervisor_Adapter#Integrated_Management_Module_.28IMM.29

    Read the article

  • How Do I Reset My Root Password on MySQL on a Mac?

    - by classicrock985
    I'm using SequelPro (http://www.sequelpro.com/) and I would like to know how to reset my root password. I'm trying to log in as host: localhost username: root password: (BLANK) but I keep getting this error: Unable to connect to host because access was denied. Double-check your username and password and ensure that access from your current location is permitted. MySQL said: Access denied for user 'root'@'localhost' (using password: NO) Any suggestions?!

    Read the article

  • Can you password protect access to a directory (to local and networked PCs) in Windows XP Pro?

    - by Clay Nichols
    I could just compress the directory as a .zip file w/ a password (which I think would just look like a compressed folder w/ a password) but I'd like something with less overhead (i.e., none of the decompression, etc.) Any ideas? Clarification/update: I'd like to have anyone be able to access it from another computer if they know the password. I.e., I don't want them to have to log in as a different user, etc., but, rather just enter a password.

    Read the article

  • What's the most compact way to store a password-protected RSA key?

    - by Tim
    I've tried converting a PEM-encoded key to DER format, and it appears the password is stripped regardless of the -passout argument. Example: openssl rsa -in tmp.pem -outform DER -out tmp.der -passin pass:foo -passout pass:bar -des3 The resulting key appears no longer password-protected, so I am assuming that DER format does not support a password - is that correct? What alternative way is there to store this in a compact, binary form, and keep the password-protection?

    Read the article

  • Boost MultiIndex - objects or pointers (and how to use them?)?

    - by Sarah
    I'm programming an agent-based simulation and have decided that Boost's MultiIndex is probably the most efficient container for my agents. I'm not a professional programmer, and my background is very spotty. I've two questions: Is it better to have the container contain the agents (of class Host) themselves, or is it more efficient for the container to hold Host *? Hosts will sometimes be deleted from memory (that's my plan, anyway... need to read up on new and delete). Hosts' private variables will get updated occasionally, which I hope to do through the modify function in MultiIndex. There will be no other copies of Hosts in the simulation, i.e., they will not be used in any other containers. If I use pointers to Hosts, how do I set up the key extraction properly? My code below doesn't compile. // main.cpp - ATTEMPTED POINTER VERSION ... #include <boost/multi_index_container.hpp> #include <boost/multi_index/hashed_index.hpp> #include <boost/multi_index/member.hpp> #include <boost/multi_index/ordered_index.hpp> #include <boost/multi_index/mem_fun.hpp> #include <boost/tokenizer.hpp> typedef multi_index_container< Host *, indexed_by< // hash by Host::id hashed_unique< BOOST_MULTI_INDEX_MEM_FUN(Host,int,Host::getID) > // arg errors here > // end indexed_by > HostContainer; ... int main() { ... HostContainer testHosts; Host * newHostPtr; newHostPtr = new Host( t, DOB, idCtr, 0, currentEvents ); testHosts.insert( newHostPtr ); ... } I can't find a precisely analogous example in the Boost documentation, and my knowledge of C++ syntax is still very weak. The code does appear to work when I replace all the pointer references with the class objects themselves. As best I can read it, the Boost documentation (see summary table at bottom) implies I should be able to use member functions with pointer elements.

    Read the article

  • No more: "What was my password again? Was it 12345 or 123456?"

    - by hinkmond
    Keep track of all your passwords with this Java ME password tracker on your Java feature phone. See: Java ME KeePassMobile Here's a quote: You can put all your passwords in one database, which is locked with one master key and/or a key file. ... KeePassMobile is a password manager software for mobile phones (J2ME platform) that is compatible to KeePass. With KeePassMobile you are able to store all your passwords in a highly-encrypted KeePass (1.x*) database on your mobile phone and view them on the go! Don't leave home without it! And, don't forget your master password either, because if you do... you're pretty much fried with Y-rays. Hinkmond

    Read the article

  • Is it possible to allow the user to access the 'Volumes' without asking the Administrator's password?

    - by Tom
    Am the administrator of my Ubuntu system. Recently I added a new user account. But when ever the user tries to access or open the 'Volumes'(Drives where movies, songs and other files are stored) it asks for the Administrator's password. I created the user account to my other family members and I don't want to tell them my password. So is it possible to allow them to access the Volumes without asking Administrator's password ? UPDATE : Ubuntu was installed alongside Windows in my system. I will provide a screenshot of the Volume details -

    Read the article

  • Data Source Security Part 1

    - by Steve Felts
    I’ve written a couple of articles on how to store data source security credentials using the Oracle wallet.  I plan to write a few articles on the various types of security available to WebLogic Server (WLS) data sources.  There are more options than you might think! There have been several enhancements in this area in WLS 10.3.6.  There are a couple of more enhancements planned for release WLS 12.1.2 that I will include here for completeness.  This isn’t intended as a teaser.  If you call your Oracle support person, you can get them now as minor patches to WLS 10.3.6.   The current security documentation is scattered in a few places, has a few incorrect statements, and is missing a few topics.  It also seems that the knowledge of how to apply some of these features isn’t written down.  The goal of these articles is to talk about WLS data source security in a unified way and to introduce some approaches to using the available features.  Introduction to WebLogic Data Source Security Options By default, you define a single database user and password for a data source.  You can store it in the data source descriptor or make use of the Oracle wallet.  This is a very simple and efficient approach to security.  All of the connections in the connection pool are owned by this user and there is no special processing when a connection is given out.  That is, it’s a homogeneous connection pool and any request can get any connection from a security perspective (there are other aspects like affinity).  Regardless of the end user of the application, all connections in the pool use the same security credentials to access the DBMS.   No additional information is needed when you get a connection because it’s all available from the data source descriptor (or wallet). java.sql.Connection conn =  mydatasource.getConnection(); Note: You can enter the password as a name-value pair in the Properties field (this not permitted for production environments) or you can enter it in the Password field of the data source descriptor. The value in the Password field overrides any password value defined in the Properties passed to the JDBC Driver when creating physical database connections. It is recommended that you use the Password attribute in place of the password property in the properties string because the Password value is encrypted in the configuration file (stored as the password-encrypted attribute in the jdbc-driver-params tag in the module file) and is hidden in the administration console.  The Properties and Password fields are located on the administration console Data Source creation wizard or Data Source Configuration tab. The JDBC API can also be used to programmatically specify a database user name and password as in the following.  java.sql.Connection conn = mydatasource.getConnection(“user”, “password”); According to the JDBC specification, it’s supposed to take a database user and associated password but different vendors implement this differently.  WLS, by default, treats this as an application server user and password.  The pair is authenticated to see if it’s a valid user and that user is used for WLS security permission checks.  By default, the user is then mapped to a database user and password using the data source credential mapper, so this API sort of follows the specification but database credentials are one-step removed from the application code.  More details and the rationale are described later. While the default approach is simple, it does mean that only one database user is doing all of the work.  You can’t figure out who actually did the update and you can’t restrict SQL operations by who is running the operation, at least at the database level.   Any type of per-user logic will need to be in the application code instead of having the database do it.  There are various WLS data source features that can be configured to provide some per-user information about the operations to the database. WebLogic Data Source Security Options This table describes the features available for WebLogic data sources to configure database security credentials and a brief description.  It also captures information about the compatibility of these features with one another. Feature Description Can be used with Can’t be used with User authentication (default) Default getConnection(user, password) behavior – validate the input and use the user/password in the descriptor. Set client identifier Proxy Session, Identity pooling, Use database credentials Use database credentials Instead of using the credential mapper, use the supplied user and password directly. Set client identifier, Proxy session, Identity pooling User authentication, Multi Data Source Set Client Identifier Set a client identifier property associated with the connection (Oracle and DB2 only). Everything Proxy Session Set a light-weight proxy user associated with the connection (Oracle-only). Set client identifier, Use database credentials Identity pooling, User authentication Identity pooling Heterogeneous pool of connections owned by specified users. Set client identifier, Use database credentials Proxy session, User authentication, Labeling, Multi-datasource, Active GridLink Note that all of these features are available with both XA and non-XA drivers. Currently, the Proxy Session and Use Database Credentials options are on the Oracle tab of the Data Source Configuration tab of the administration console (even though the Use Database Credentials feature is not just for Oracle databases – oops).  The rest of the features are on the Identity tab of the Data Source Configuration tab in the administration console (plan on seeing them all in one place in the future). The subsequent articles will describe these features in more detail.  Keep referring back to this table to see the big picture.

    Read the article

  • Is it possible to allow the User Account to access the 'Volumes' without asking the Administrator's password?

    - by Tom
    Am the administrator of my Ubuntu system. Recently I added a new user account. But when ever the user tries to access or open the 'Volumes'(Drives where movies, songs and other files are stored) it asks for the Administrator's password. I created the user account to my other family members and I don't want to tell them my password. So is it possible to allow them to access the Volumes without asking Administrator's password ? UPDATE : Ubuntu was installed alongside Windows in my system. I will provide a screenshot of the Volume details -

    Read the article

  • how to pass password text while calling java-cxf webservice from php

    - by Darpan Desai
    hi, i have developed my webservice in java-cxf which returns java.util.List. This webservice is password enabled. that means i have used org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor for security purpose. Now i want to call this webservice from php. but i am not able to do so. Without security settings i am able to access my webservice using nusoap. but when i enabled security feture (interceptor) in webservice, i am getting error like ns1:InvalidSecurity An error was discovered processing the header and i am getting response as follows: HTTP/1.1 500 Internal Server Error Server: Apache-Coyote/1.1 Content-Type: text/xml;charset=ISO-8859-1 Content-Length: 361 Date: Fri, 18 Jun 2010 08:53:54 GMT Connection: close < soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"< soap:Body< soap:Fault< faultcode xmlns:ns1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" ns1:InvalidSecurity< /faultcode< faultstringAn error was discovered processing the <wsse:Security header< /faultstring< /soap:Fault< /soap:Body any help will be appriciated thanks in advance Darpan Desai

    Read the article

  • iPhone SQLite Password Field Encryption

    - by Louis Russell
    Good Afternoon Guys and Girls, Hopefully this will be a quick and easy question. I am building an App that requires the user to input their login details for an online service that it links to. Multiple login details can be added and saved as the user may have several accounts that they would like to switch between. These details will be stored in an SQLite database and will contain their passwords. Now the questions are: 1: Should these passwords be encrypted in the database? My instinct would say yes but then I do not know how secure the device and system is and if this is necessary. 2: If they should be encrypted what should I use? I think encrypting the whole database file sounds a bit over-kill so should I just encrypt the password before saving it to the database? If this is case what could I use to achieve this? I have found reference to a "crypt(3)" but am having trouble finding much about it or how to implement it. I eagerly await your replies!

    Read the article

  • How to pass password text while calling Java CXF webservice from PHP

    - by Darpan Desai
    I have developed my webservice in Java CXF which returns java.util.List. This webservice is password enabled. that means i have used org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor for security purpose. Now i want to call this webservice from php. but i am not able to do so. Without security settings i am able to access my webservice using nusoap. but when i enabled security feture (interceptor) in webservice, i am getting error like ns1:InvalidSecurity An error was discovered processing the header and i am getting response as follows: HTTP/1.1 500 Internal Server Error Server: Apache-Coyote/1.1 Content-Type: text/xml;charset=ISO-8859-1 Content-Length: 361 Date: Fri, 18 Jun 2010 08:53:54 GMT Connection: close < soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"< soap:Body< soap:Fault< faultcode xmlns:ns1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" ns1:InvalidSecurity< /faultcode< faultstringAn error was discovered processing the <wsse:Security header< /faultstring< /soap:Fault< /soap:Body any help will be appriciated thanks in advance Darpan Desai

    Read the article

  • Error trying to set svn password on Hudson.

    - by Daniel Moura
    After filling the Repository URL, User name and password I get the following error. Does anyone knows how to fix it? No authentication was attemped. FAILED: svn: Operation cancelled org.tmatesoft.svn.core.SVNCancelException: svn: Operation cancelled at hudson.scm.SubversionSCM$DescriptorImpl.postCredential(SubversionSCM.java:1421) at hudson.scm.SubversionSCM$DescriptorImpl.doPostCredential(SubversionSCM.java:1317) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:160) at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:76) at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:73) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:30) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:436) at org.kohsuke.stapler.MetaClass$6.doDispatch(MetaClass.java:186) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:30) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:436) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:354) at org.kohsuke.stapler.Stapler.service(Stapler.java:114) at javax.servlet.http.HttpServlet.service(HttpServlet.java:45) at winstone.ServletConfiguration.execute(ServletConfiguration.java:249) at winstone.RequestDispatcher.forward(RequestDispatcher.java:335) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:378) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:91) at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:83) at winstone.FilterConfiguration.execute(FilterConfiguration.java:195) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:368) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:155) at winstone.FilterConfiguration.execute(FilterConfiguration.java:195) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:368) at winstone.RequestDispatcher.forward(RequestDispatcher.java:333) at winstone.RequestHandlerThread.processRequest(RequestHandlerThread.java:244) at winstone.RequestHandlerThread.run(RequestHandlerThread.java:150) at java.lang.Thread.run(Unknown Source)

    Read the article

  • I get an Exception when trying to implement reset password with Authlogic

    - by Tam
    Hi, I'm using Ruby on Rails 2.3.5 and Ruby 1.9 and implmeneted Authlogic as my authentication engine. Authlogic works fine. But now I have been trying to implement password reset using the following tutorial: http://www.binarylogic.com/2008/11/16/tutorial-reset-passwords-with-authlogic/ But I'm getting the following exception when I type mysite.com/password_resets/new Processing PasswordResetsController#new (for 127.0.0.1 at 2010-03-13 01:09:45) [GET] Completed in 9ms (DB: 0) | 200 [http://localhost/password_resets/new] [2010-03-13 01:09:45] ERROR TypeError: can't convert Array into String /Users/tammam56/.rvm/gems/ruby-1.9.1-p378/gems/activesupport-2.3.5/lib/active_support/core_ext/string/output_safety.rb:34:in `concat' /Users/tammam56/.rvm/gems/ruby-1.9.1-p378/gems/activesupport-2.3.5/lib/active_support/core_ext/string/output_safety.rb:34:in `concat_with_safety' /Users/tammam56/.rvm/gems/ruby-1.9.1-p378/gems/rack-1.0.1/lib/rack/handler/webrick.rb:63:in `block in service' /Users/tammam56/.rvm/gems/ruby-1.9.1-p378/gems/actionpack-2.3.5/lib/action_controller/response.rb:158:in `each' /Users/tammam56/.rvm/gems/ruby-1.9.1-p378/gems/actionpack-2.3.5/lib/action_controller/response.rb:158:in `each' /Users/tammam56/.rvm/gems/ruby-1.9.1-p378/gems/actionpack-2.3.5/lib/action_controller/string_coercion.rb:16:in `send' /Users/tammam56/.rvm/gems/ruby-1.9.1-p378/gems/actionpack-2.3.5/lib/action_controller/string_coercion.rb:16:in `method_missing' /Users/tammam56/.rvm/gems/ruby-1.9.1-p378/gems/actionpack-2.3.5/lib/action_controller/reloader.rb:22:in `method_missing' /Users/tammam56/.rvm/gems/ruby-1.9.1-p378/gems/rack-1.0.1/lib/rack/handler/webrick.rb:62:in `service' /Users/tammam56/.rvm/rubies/ruby-1.9.1-p378/lib/ruby/1.9.1/webrick/httpserver.rb:111:in `service' /Users/tammam56/.rvm/rubies/ruby-1.9.1-p378/lib/ruby/1.9.1/webrick/httpserver.rb:70:in `run' /Users/tammam56/.rvm/rubies/ruby-1.9.1-p378/lib/ruby/1.9.1/webrick/server.rb:183:in `block in start_thread' Honestly I'm not sure where to start debugging for this. Is it because I'm using Ruby 1.9? some people seem to be having trouble with Authlogic and Ruby 1.9: http://isitruby19.com/authlogic Please advise me how to go about solving/debugging this issues? Thanks, Tam

    Read the article

  • How to record different authentication types (username / password vs token based) in audit log

    - by RM
    I have two types of users for my system, normal human users with a username / password, and delegation authorized accounts through OAuth (i.e. using a token identifier). The information that is stored for each is quite different, and are managed by different subsytems. They do however interact with the same tables / data within the system, so I need to maintain the audit trail regardless of whether human user, or token-based user modified the data. My solution at the moment is to have a table called something like AuditableIdentity, and then have the two types inheriting off that table (either in the single table, or as two seperate tables with 1 to 1 PK with AuditableIdentity. All operations would use the common AuditableIdentity PK for CreatedBy, ModifiedBy etc columns. There isn't any FK constraint on the audit columns, so any text can go in there, but I want an easy way to easily determine whether it was a human or system that made the change, and joining to the one AuditableIdentity table seems like a clean way to do that? Is there a best practice for this scenario? Is this an appropriate way of approaching the problem - or would you not bother with the common table and just rely on joins (to the two seperate un-related user / token tables) later to determine which user type matches which audit records?

    Read the article

< Previous Page | 68 69 70 71 72 73 74 75 76 77 78 79  | Next Page >