Search Results

Search found 6090 results on 244 pages for 'digest authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 83/244 | < Previous Page | 79 80 81 82 83 84 85 86 87 88 89 90  | Next Page >

  • CakePHP Auth how to allow specific controller and actions

    - by nolandark
    I have a "Posts" and a "Users" controller. I use the Auth Component and I want that all users can visit "Post.index" but only logged in users can visit "User.index". In my app_controller.php I have this $this->Auth->allow('signup', 'confirm', 'index'); but with that all users can visit post.index and user.index. How can I specify a Controller in the allow-method? This didn't work for me: $this->Auth->allow('signup', 'confirm', 'Post.index');

    Read the article

  • How to set the ReturnUrl for the Login link in MVC 3 app?

    - by user762196
    using System; using Microsoft.Practices.Unity; namespace <MyNameSpace> { public class UrlFactory { public static UrlFactory Current { get { return HttpApplicationUnityContext.Current.Resolve<UrlFactory>(); } } public string GetLoginUrl() { return String.Format("{0}/login?ReturnUrl={1}", MyConfig.BaseHttpUrl, <GET_PAGE_URL>); } } The user can be on any page on the site and click the Login link. But the ReturnUrl must always point to the exact page where he clicked it. I must take the user back to the page he clicked the login link. In my code above, how do I get the page url in <GET_PAGE_URL>? Thanks

    Read the article

  • Can a MAC address be used as a reliable part of a rights management (DRM) scheme?

    - by Jarrod Mosen
    We're currently writing some software that we want to protect. We thought that registering a user's MAC address in a database upon activation of the software seemed viable; we can profile and grab that with a Java applet, (is there a better way?) so getting it isn't too much of a problem. However, we want their computer to only run the application, and download application files/updates from the server when their MAC address has been verified with their one on-file. We understand that this means a lockdown to one computer, but special changes can be made on request. What would be the best way to verify their MAC address, to see if it exists in the database, and then serve them the files to run the application? (And to simply run it on subsequent requests, to prevent re-downloading.)

    Read the article

  • How to authenticate users against a Windows AD?

    - by Potinos
    I've a JSF-Hibernate web application. I need to authenticate users against a Windows AD and the web application should only allow logins from members of group X, otherwise it should redirect to an error page. How can I configure this? Also, I would like to display the name of the logged-in user on all pages, not the name of the Windows user of the server machine. I have tried the System.property("user.name") for this, but this only returns the name of the Windows user of the server name.

    Read the article

  • Logging out of Facebook invalidates offline_access token

    - by Mike Pateras
    I'm getting an offline access token like this: https://graph.facebook.com/oauth/access_token?scope=offline_access&client_id=MYCLIENTID&redirect_uri=MYREDIRECTURI&client_secret=MYSECRET&code=MYCODE obviously the MYCLIENTID and stuff have been changed for the sake of this post. Anyway, as soon as the user logs out of facebook, the key seems to no longer be valid. Am I not requesting offline_access properly (there's still an "expires" value on it, should there be if it is actually getting offline access), or is that just how it works? If it's the latter, how can I get a key that will persist, regardless of if the user logs out of facebook? I'm sure this is possible, because Tweetdeck can still write to Facebook, even though I'm currently logged out.

    Read the article

  • Symfony: Routing 'secure' and 'login' actions to another application

    - by Darmen
    Hello, Suppose we have 3 apps - appMain, app1 and app2. Applications 1 and 2 are protected, they have is_secure: true and everything works fine with sfDoctrineGuard plugin. A behavior I want to achieve is when a user is not authenticated, current application to forward him to another one, say appMain with defined module and action. Is that possible? Or can someone tell me where to dig about security mechanisms in symfony?

    Read the article

  • Saving form values to database after a user logs in

    - by redfalcon
    Hi. We have a form with ratings to submit for a certain restaurant. After the user has entered some values and wants to submit them, we check whether the user is logged in or not. If not, we display a login form and let the user put in his account data and redirect him to the restaurant he wanted to submit a rating for. The problem is, that after he successfully logged in himself, the submitted values are not saved to the database (which works fine if the user is already logged in). So I wondered if it is possible, to somehow save the data although the user is not logged in. I thought of maybe saving the filled values in a variable and have then automatically re-entered after we redirected the user. But I guess this wont work because we use before_filter :login_required, :only => [ :create ] So we couldnt even access the filled in values, since we display the login-form before the method has processed the values in the form, right? Any idea how we can make rails to save the values or at least have them automatically re-entered to the form? Thanks!

    Read the article

  • Devise role based routing

    - by teknull
    I have an app with multiple users. Each user as a theoretical role (user, client, etc). I've designed a view/controller for each user type. I want to be able to login each type of user do a different root url and lock them to it. Originally I was going to add a column to Users in Devise called role and so I can differentiate the users. The problem I'm having is how to say in routes.rb if current_user.role == "client" root :to = 'controller#index' Once they are logged in to the page I also want to keep them from being able to visit any of my other paths ie: domain.com/calls domain.com/units I've been looking into cancan to run alongside Devise but I'm not sure if this is the answer.

    Read the article

  • cakephp isAuthorized() not being called

    - by Jack B Nimble
    I am trying to use the isAuthorized() method to do a check for an admin flag, but the function never seems to be called. Even when I set the function to always return false, it allows any user. It just seems like it isn't being called. Do I need to do something more than setting $this-Auth-authorize = 'controller' ? from /app/app_controller.php class AppController extends Controller { var $components = array('Auth'); function beforeFilter() { $this->Auth->loginAction = array('controller' => 'users', 'action' => 'login'); $this->Auth->loginRedirect = array('controller' => 'pages', 'display' => 'home'); $this->Auth->logoutRedirect = '/'; $this->Auth->authorize = 'controller'; $this->Auth->userScope = array('User.active' => 1); } function isAuthorized() { if (strpos($this->action, "admin_") != false) { if ($this->Auth->user('isAdmin') == '0') { return false; } } return true; } }

    Read the article

  • global variables doesn't change value in Javascript

    - by user1856906
    My project is composed by 2 html pages: 1)index.html, wich contains the login and the registration form. 2)user_logged.html, wich contains all the features of a logged user. Now, what I want to do is a control if the user is really logged, to avoid the case where a user paste a url in the browser and can see the pages of another user. hours as now, if a user paste this url in the browser: www.user_loggato.html?user=x#profile is as if logged in as user x and this is not nice. My html pages both use js files that contains scripts. I decided to create a global variable called logged inizialized to false and change the variable to true when the login is succesfull. The problem is that the variable, remains false. here is the code: var logged=false; (write in the file a.js) while in the file b.js I have: function login() { //if succesfull logged=true; window.location.href = "user_loggato.html?user="+ JSON.parse(str).username + #profilo"; Now with some alerts I found that my variable logged is always false. Why? if I have not explained well or if there is not some information in order to respond to my question let me know.

    Read the article

  • Drupal OAuth Service Module

    - by user470714
    I am trying to do some research into potentially setting up an existing Drupal site with user accounts/login page to also be an OAuth service provider, basically authenticating users to make calls with a web service. I am looking for a Drupal module which will give this functionality. Most of what I run into are OAuth consumer modules, which is not what I want in this case. I've found a few modules which I think might do this for me, but the module descriptions are generally pretty vague and don't have much of a user base which doesn't inspire much confidence. Has anyone else done this before? What are the best modules available for doing this?

    Read the article

  • Require User to be Logged in to Download ZIP Files

    - by Jonathan Wood
    Is it possible to require the user be authenticated (logged in) when downloading ZIP files from my site? Note that I don't have direct control of IIS7. (I'm on a shared hosting account.) I can't simply alter the access for a particular directory because many directories are involved and most contain other files that can be accessed freely. I've Googled this a bit and found similar questions. But I've been unable to find this exact question.

    Read the article

  • Access denied for user 'root@localhost' (using password:NO)

    - by Nasser Hajloo
    I'm new to mysql, I'm trying to run Wordpress inmy windows desktop and it need Mysql. I install everything with Web Platform Installer which provided by microsoft. I never seta root password for mysql and in final step of installing wordpressit askfor root password of mysql. What is the default password for root (if there is one) and how to change it? I try mysql -u root password '123' but it show me Access denied for user 'root@localhost' (using password:NO) after this I try mysql -u root -p but it ask for a password which I don't have Thank you in advance

    Read the article

  • Understanding Security Certificates (and thier pricing)

    - by John Robertson
    I work at a very small company so certificate costs need to be absolutely minimal. However for some applications we do Need to have our customers get that warm fuzzy not-using-a-self-signed certificate feeling. Since creating a "certificate authority" with makecert really just means creating a public/private key pair, it seems pretty clear that creating a public/private key pair FROM such a "certificate authority" really just means generating a second public/private key pair and signing both with the private key that belongs to the "certificate authority". Since the keys are signed anyone can verify they came from the certificate authority I created, or if verisign gave me the pair they sign it with one of their own private keys, and anyone can use verisigns corresponding public key to confirm verisign as the source of the keys. Given this I don't understand when I go to verisign or godaddy why they have rates only for yearly plans, when all I really want from them is a single public/private key pair signed with one of their private keys (so that anyone else can use their public keys to confirm that, yes, they gave me that public/private key pair and they confirmed I was who I said I was so you can trust my public/private key pair as belonging to a legitimate third party). Clearly I am misunderstanding something, what is it? Does verisign retire their public/private key pairs periodically so that my verisign signed key pair "expires" and I need new ones?

    Read the article

  • Are cookies enough for storing login data?

    - by jpjp
    I am reading the Head First PHP/Mysql book and they say to store both the user's username, email into cookies and sessions. Is it safe to assume that everyone nowadays accepts cookies? Or should I store both in sessions and cookies? I am not storing any sensitive data in cookies such as password, etc.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 79 80 81 82 83 84 85 86 87 88 89 90  | Next Page >