Search Results

Search found 4151 results on 167 pages for 'mod auth'.

Page 138/167 | < Previous Page | 134 135 136 137 138 139 140 141 142 143 144 145 | Next Page >

How do I handle user authorization the safest way?

- by Irro

I'm developing a small website where I'm going to allow user to create accounts but I'm quite clueless when it comes to safety around authorizations. I have built my project in PHP with codeigniter and found a library (Tank Auth) that could handle authorization for me. It stores password in a safe way but I'm still worried about the part when the user sends their password to my server. One easy way to do it would be to send the password in a post-request but I would guess that it's quite easy to sniff such a password. Should I do something with the password on the client side before sending it to my server? And is there any good javascript libraries for this?

Read the article
Split node list to parts.

- by Kalinin

xml: <mode>1</mode> <mode>2</mode> <mode>3</mode> <mode>4</mode> <mode>5</mode> <mode>6</mode> <mode>7</mode> <mode>8</mode> <mode>9</mode> <mode>10</mode> <mode>11</mode> <mode>12</mode> i need to separate it on parts (for ex. on 4): xslt: <xsl:variable name="vNodes" select="mode"/> <xsl:variable name="vNumParts" select="4"/> <xsl:variable name="vNumCols" select="ceiling(count($vNodes) div $vNumParts)"/> <xsl:for-each select="$vNodes[position() mod $vNumCols = 1]"> <xsl:variable name="vCurPos" select="(position()-1)*$vNumCols +1"/> <ul> <xsl:for-each select="$vNodes[position() >= $vCurPos and not(position() > $vCurPos + $vNumCols -1)]"> <li><xsl:value-of select="."/></li> </xsl:for-each> </ul> </xsl:for-each> this code is written by Dimitre Novatchev - great coder)) but for the number of nodes less then number of parts (for ex. i have 2 modes) this code does not work - it outputs nothing. How it upgrade for that case (without choose construction)?

Read the article
MVC Forms Authentication with custom database

- by AndrewVos

I'm trying to get forms authentication working for an mvc site. I have a custom database with a users table, and I would like to do my own password validation. I am logging in my user like this: if (PasswordHasher.Hash(password) == dataUser.Password) { FormsAuthentication.SetAuthCookie(email, true); return true; } The problem is, when the session expires obviously the user has to login again. I am thinking I should be storing this Auth cookie in my users table? Update: I'm obviously in desperate need of more education in this area. I just noticed that the user stays authenticated even after an iisreset. I guess what I'm asking is how can I get persistent and non persistent authentication working properly. I want a user to not have to login again if they click "remember", and if they don't then their authentication should expire when the forms authentication is set to expire.

Read the article
Where to place the login/authentication related actions in MVC

- by rogeriopvl

I've searched around and found that when implementing an authentication module in MVC architecture some people opt to place the login related actions in the User controller while others place it in a controller dedicated to authentication only. In pseudo-java-like code: class UserController extends Controller { public login() { //... } } Accessed with http://mydomain.com/user/login. vs. class AuthController extends Controller { public login() { //... } } Accessed with http://mydomain.com/auth/login. I would like to know which approach is better, and why. That is, if there's really any difference at all. Thanks in advance.

Read the article
SVN Subversion use explicit cached credentials

- by Nick

I am trying to run a SVN command in a script, but the script is launched as a system service that has cached svn username/password credentials. I could always just put the username/password arguments in the command: svn info --username bob --password pass but I'd rather not have my username/password just sitting in a text file. I've discovered that my cached credentails (when run svn normally) end up here: C:\Documents and Settings\bob\Application Data\Subversion\auth\svn.simple\6ef188c2163f1ccc860a690b7ad21a15 Is there any way I could copy this cached credential file to where my script exists and just call that file explicitly?

Read the article
Does GAE/OpenID/OAuth support xmlhttp proxy?

- by h2g2java

Currently, my code would construct the GWT form, which user would submit directly to openId (or any authenticaiton service). Such a method works fine. However, what if I had the gwt page server access the OpenID provider, is there a way/strategy for the server to mediate authentication between its client and the auth provider? I wish to know the answers with respect to GAE as the proxy and, regardless if GAE or Tomcat is the intended proxy, answers wrt Google Accounts OpenID OAuth If so, it would be wonderful if someone could describe the installation strategy.

Read the article
django threadedcomments

- by Patrick

Hi folks, I would like to setup a comment systems on my site, using django threadedcomments, and I follow all the steps in the Tutorial, however, I get the following error: No module named newforms.util I am not sure what causing this issue, here is my configuration: #settings.py INSTALLED_APPS = ( 'django.contrib.admin', 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.sites', 'myproject.myapp', 'threadedcomments', ) #urls.py from django.conf import settings from django.conf.urls.defaults import * from django.contrib import admin admin.autodiscover() urlpatterns = patterns('', (r'^admin/', include(admin.site.urls)), (r'^threadedcomments/', include('threadedcomments.urls')), ) Please let me know if there is another better choice for commenting, as long as the comment system is flexible and able to do lot of customization, as well as threadedcomment, of coz, integrating with Rating, I am happy to use the other one. Thanks guys.

Read the article
Membership systems for MVC4 that support RavenDB

- by brad oyler

I create a lot of quick "proof of concept" MVC apps and I actually found the SimpleMembership provider that shipped with the MVC4 templates to be very handy since it gets me up and running with user registration & OAuth in a matter of minutes. But...I've started to use RavenDb (on RavenHQ for a lot for my projects). So, I starting trying to implement my own "custom membership provider" based on the ExtendedMembershipProvider and while doing that I realized that didn't make much sense. I later stumbled upon 2 interesting projects that try to solve this exact problem: WorldDomination.Web.Auth: https://github.com/PureKrome/WorldDomination.Web.Authentication MemFlex: https://github.com/OdeToCode/Memflex Both are pretty interesting recent efforts and was wondering if these are the only ones being built right now. I'm essentially looking for nuget pkg that I can drop into a MVC4 app, connect to my RavenDb and be done. I'm willing to build this thing but don't want to duplicate any efforts that are already in motion. Thx!

Read the article
Is this a possible way to get Drupal AD SSO?

- by JollyRogers

I'm currently building a Drupal website in an Active Directory environment. One of the site's requirements is Single Sign On, which to date seems to be impossible because there is no Kerberos SPNEGO/GSSAPI auth module for drupal. I've come up with an idea on how SSO could be attempted on IIS. Since IIS has the option to require Kerberos authentication, we can let IIS handle authentication and use the AUTH_USER server variable to pass the authorized user name to the an 'improved' LDAP_auth module. The LDAP_auth module would then check the user name (but not password since it doesn't know or need to know the password) against LDAP to get the user's roles. (AD groups) Does anyone know if this is possible? If so, does anyone have any ideas on how to implement this?

Read the article
How can I login to a website with Python?

- by Shady

How can I do it? I was trying to enter some specified link (with urllib), but to do it, I need to log in. I have this source from the site: <form id="login-form" action="auth/login" method="post"> <div>  <label for="email" id="email-label" class="no-js">Email</label> <input id="email-email" type="text" name="handle" value="" autocomplete="off" /> <label for="combination" id="combo-label" class="no-js">Combination</label> <input id="password-clear" type="text" value="Combination" autocomplete="off" /> <input id="password-password" type="password" name="password" value="" autocomplete="off" /> <input id="sumbitLogin" class="signin" type="submit" value="Sign In" /> Is this possible?

Read the article
grails mail connection refused

- by mkoryak

it seems i have tried the mail config in the way that its docs said, but still i get: Error 500: Executing action [x] of controller [x] caused exception: Mail server connection failed; nested exception is javax.mail.MessagingException: Could not connect to SMTP I am using google apps for my email so [email protected] is using gmail. i cannot get grails to send out a test message on my dev box (win 7). my config is: host = "smtp.gmail.com" port = 465 username = "[email protected]" password = "x" props = ["mail.smtp.auth":"true", "mail.smtp.debug":"true", "mail.smtp.starttls.enable":"true", "mail.smtp.socketFactory.port":"465", "mail.smtp.socketFactory.class":"javax.net.ssl.SSLSocketFactory", "mail.smtp.socketFactory.fallback":"false"]

Read the article
Setting Up TFS Server outside of a domain

- by Ben

Hi Im trying to set up TFS 2010 on a machine that is connected to a network, but not on the domain. I am trying to connect this to a SQL Server that is also connected to the network and also not on the domain. When I run through the TFS configuration Wizard and try to connect to the SQL Server, it fails with a message "A connection can not be made...." which looks like it cant see the Server. However when i connect through SQL Management Studio it works when i use SQL Authentication (not Windows Auth). I beleive its failing because TFS needs to connect using Windows Authetication (please correct me if im wrong). I can not add the Windows Authentication for my TFS machine onto the SQL machine becuase they are on different domains (again, pleas correct me if I'm wrong). Does anyone have any suggestions? Thanks.

Read the article
Modular Inverse and BigInteger division

- by dano82

I've been working on the problem of calculating the modular inverse of an large integer i.e. a^-1 mod n. and have been using BigInteger's built in function modInverse to check my work. I've coded the algorithm as shown in The Handbook of Applied Cryptography by Menezes, et al. Unfortunately for me, I do not get the correct outcome for all integers. My thinking is that the line q = a.divide(b) is my problem as the divide function is not well documented (IMO)(my code suffers similarly). Does BigInteger.divide(val) round or truncate? My assumption is truncation since the docs say that it mimics int's behavior. Any other insights are appreciated. This is the code that I have been working with: private static BigInteger modInverse(BigInteger a, BigInteger b) throws ArithmeticException { //make sure a >= b if (a.compareTo(b) < 0) { BigInteger temp = a; a = b; b = temp; } //trivial case: b = 0 => a^-1 = 1 if (b.equals(BigInteger.ZERO)) { return BigInteger.ONE; } //all other cases BigInteger x2 = BigInteger.ONE; BigInteger x1 = BigInteger.ZERO; BigInteger y2 = BigInteger.ZERO; BigInteger y1 = BigInteger.ONE; BigInteger x, y, q, r; while (b.compareTo(BigInteger.ZERO) == 1) { q = a.divide(b); r = a.subtract(q.multiply(b)); x = x2.subtract(q.multiply(x1)); y = y2.subtract(q.multiply(y1)); a = b; b = r; x2 = x1; x1 = x; y2 = y1; y1 = y; } if (!a.equals(BigInteger.ONE)) throw new ArithmeticException("a and n are not coprime"); return x2; }

Read the article
Changing gmail Settings with Ruby

- by Technocrat

I need to configure my gmail account(s) programmatically with Ruby. I checked out the apps api and it looks like the simplest possible solution would be to use ClientLogin for logging in and a simple XML PUT for changing the forwarding setting, for example. I wrote a little test script like so: http://gist.github.com/373457 It would appear that the call to ClientLogin works because it comes back with an Auth= token. When it sends the PUT request to google, however, it comes back with a RestClient::Unauthorized exception. I rewrote the script with pure net/https and it turns out the message I'm getting is invalid token, yet I can't figure out what is wrong with my token. Can anyone else see it?

Read the article
mysql query not running correctly from inside the application

- by Mala

I am completely stumped. Here is my php (CodeIgniter) code: function mod() { $uid = $this->session->userdata('uid'); $pid = $this->input->post('pid'); if ($this->_verify($uid,$pid)) { $name = $this->input->post('name'); $price = $this->input->post('price'); $curr = $this->input->post('curr'); $url = $this->input->post('url'); $query = $this->db->query("UPDATE items SET name=".$this->db->escape($name).", price=".$this->db->escape($price).", currency=".$this->db->escape($curr),", url=".$this->db->escape($url)." WHERE pid=".$this->db->escape($pid)." LIMIT 1"); } header('location: '.$this->session->userdata('current')); } The purpose of this code is to modify the properties (name, price, currency, url) of a row in the 'items' table (priary key is pid). However, for some reason, allowing this function to run once modifies the name, price, currency and url of ALL entries in the table, regardless of their pid and of the LIMIT 1 thing I tacked on the end of the query. It's as if the last line of the query is being completely ignored. As if this wasn't strance enough, I replaced "$query = $this->db->query(" with an "echo" to see the SQL query being run, and it outputs a query much like I would expect: UPDATE items SET name='newname', price='newprice', currency='newcurrency', url='newurl' WHERE pid='10' LIMIT 1 Copy-pasting this into a MySQL window acts exactly as I want: it modifies the row with the selected pid. What is going on here???

Read the article
Web scrapping from a Google Chrome extension

- by limoragni

I've started to develop a Chrome extension to navigate and prform actions on a website. Until now the extension is able to receive a couple of parameters and check a set of radio-buttons, fill in a few inputs of a form and then submit it. What I want to do now is to repeat the process, but I'm stuck when the page is reloaded. And I don't know how can I do to make the script reacts to the finish of the request. The workflow I want to achieve is the following (is for automaticly copying a certain object): Popup side Enter the number of the Master object to copy Enter the base name of the copies (example Mod, so the I can iterate and add mod1, mod2, modn) Enter the number of copies Background side Select master Select standard options Fill in inputs Submit form Wait for the page to complete the request and continue to the next copy. (here I need help) The problem is on the repetition, the rest is taking care of. I assume that must be a way of dealing with requests. Any ideas? By the way I'm doing it all with the extension and tabs methods of google chrome plus javascript and jquery.

Read the article
can't make svn store password, even though the configuration allows it

- by davka

did everything the book says, i.e. removed the authentication files from .subversion/auth, and explicitly set the relevant config parameters to 'yes' even though this is a default, and yet the shell svn commands ask for password each time. The repository is on cvsdude.com, the client is linux. I also use the subclipse plugin that caches the password ok. I vaguely remember that when I started working with it, the command asked interactively if I wanted to save clear password, and I said no. Can this choice be stored somewhere and take precedence over the configuration? Thanks!

Read the article
How do you preform an EJB lookup with application security?

- by Hillgod

I'm trying to lookup an EJB from a standalone java application. I'm thinking in terms of WebSphere Application Server 6.1, but if someone knows how to do this for another application server, it may get me in the right direction. What I'm currently doing: initialContext= new InitialContext(env); initialContext.lookup(""); lc = new LoginContext("WSLogin", new WSCallbackHandlerImpl("wasadmin", "defaultWIMFileBasedRealm", "wasadmin")); lc.login(); subject = lc.getSubject(); WSSubject.setRunAsSubject(subject); This isn't working... my subject is still "/UNAUTHENTICATED", and I get an error when I try to lookup the EJB. I'm also specifying the following parameters to the VM when executing the application: -Dcom.ibm.CORBA.ConfigURL="C:\was\profiles\AppSrv01\properties\sas.client.props" -Djava.security.auth.login.config="C:\was\profiles\AppSrv01\properties\wsjaas_client.conf"

Read the article
inheritance from the django user model results in error when changing password

- by Jerome

I inherited form the django user model like so: from django.db import models from django.contrib.auth.models import User, UserManager from django.utils.translation import ugettext_lazy as _ class NewUserModel(User): custom_field_1 = models.CharField(_('custom field 1'), max_length=250, null=True, blank=True) custom_field_2 = models.CharField(_('custom field 2'), max_length=250, null=True, blank=True) objects = UserManager() When i go to the admin and add an entry into this model, it saves fine, but below the "Password" field where it has this text "Use '[algo]$[salt]$[hexdigest]' or use the change password form.", if i click on the "change password form' link, it produces this error Truncated incorrect DOUBLE value: '7/password' What can i do to fix this?

Read the article
Facebook "->api" permissions

- by Matthieu Marcé

I have trouble using Facebook auth on my website... I'm using the PHP Sdk and I don't understand why I can use some functions like "getLoginUrl"/"getLoginStatusUrl"/"getUser" (with right answers : the facebook session is started, i get the user's facebook ID) and when I want to use something like $me = $facebook->api("/me/permissions"); or just $me = $facebook->api("/me"); there's always an exception and nothing works ... I guess it has something to do with permissions or token maybe, but I don't know what. When the user sign up on my website, I ask permissions I need with this scope : "email,user_about_me,user_location,read_friendlists,publish_stream" A clue that the permissions seem to be ok is that when the exception occures, I ask the user to sign in again (facebook connect) and no window appears as if everything's ok, but still, the page is reloaded and the exception appears again and again... Please help, Thank you !

Read the article
Django Find Out if User is Authenticated in Custom Tag

- by greggory.hz

I'm trying to create a custom tag. Inside this custom tag, I want to be able to have some logic that checks if the user is logged in, and then have the tag rendered accordingly. This is what I have: def user_actions(context): request = template.Variable('request').resolve(context) return { 'auth': request['user'].is_athenticated() } register.inclusion_tag('layout_elements/user_actions.html', takes_context=True)(user_actions) When I run this, I get this error: Caught VariableDoesNotExist while rendering: Failed lookup for key [request] in u'[{}]' The view that renders this ends like this: return render_to_response('start/home.html', {}, context_instance=RequestContext(request)) Why doesn't the tag get a RequestContext object instead of the Context object? How can I get the tag to receive the RequestContext instead of the Context? EDIT: Whether or not it's possible to get a RequestContext inside a custom tag, I'd still be interested to know the "correct" or best way to determine a user's authentication state from within the custom tag. If that's not possible, then perhaps that kind of logic belongs elsewhere? Where?

Read the article
How to break out from nested doseqs

- by fizbin

Hi, I have a question regarding nested doseq loops. In the start function, once I find an answer I set the atom to true, so that the outer loop validation with :while fails. However it seems that it doesn't break it, and the loops keep on going. What's wrong with it? I am also quite confused with the usage of atoms, refs, agents (Why do they have different names for the update functions when then the mechanism is almost the same?) etc. Is it okay to use an atom in this situation as a flag? Obviously I need a a variable like object to store a state. (def pentagonal-list (map (fn [a] (/ (* a (dec (* 3 a))) 2)) (iterate inc 1))) (def found (atom false)) (defn pentagonal? [a] (let [y (/ (inc (Math/sqrt (inc (* 24 a)))) 6) x (mod (* 10 y) 10)] (if (zero? x) true false))) (defn both-pent? [a b] (let [sum (+ b a) diff (- a b)] (if (and (pentagonal? sum) (pentagonal? diff)) true false))) (defn start [] (doseq [x pentagonal-list :while (false? @found)] (doseq [y pentagonal-list :while (<= y x)] (if (both-pent? x y) (do (reset! found true) (println (- x y)))))))

Read the article
Why is DivMod Limited to Words (<=65535)?

- by Andreas Rejbrand

In Delphi, the declaration of the DivMod function is procedure DivMod(Dividend: Cardinal; Divisor: Word; var Result, Remainder: Word); Thus, the divisor, result, and remainder cannot be grater than 65535, a rather severe limitation. Why is this? Why couldn't the delcaration be procedure DivMod(Dividend: Cardinal; Divisor: Cardinal; var Result, Remainder: Cardinal); The procedure is implemented using assembly, and is therefore probably extremely fast. Would it not be possible for the code PUSH EBX MOV EBX,EDX MOV EDX,EAX SHR EDX,16 DIV BX MOV EBX,Remainder MOV [ECX],AX MOV [EBX],DX POP EBX to be adapted to cardinals? How much slower is the naïve attempt procedure DivModInt(const Dividend: integer; const Divisor: integer; out result: integer; out remainder: integer); begin result := Dividend div Divisor; remainder := Dividend mod Divisor; end; that is not (?) limited to 16-bit integers?

Read the article
Complexity of subset product

- by threenplusone

I have a set of numbers produced using the following formula with integers 0 < x < a. f(x) = f(x-1)^2 % a For example starting at 2 with a = 649. {2, 4, 16, 256, 636, 169, 5, 25, 649, 576, 137, ...} I am after a subset of these numbers that when multiplied together equals 1 mod N. I believe this problem by itself to be NP-complete (based on similaries to Subset-Sum problem). However starting with any integer (x) gives the same solution pattern. Eg. a = 649 {2, 4, 16, 256, 636, 169, 5, 25, 649, 576, 137, ...} = 16 * 5 * 576 = 1 % 649 {3, 9, 81, 71, 498, 86, 257, 500, 135, 53, 213, ...} = 81 * 257 * 53 = 1 % 649 {4, 16, 256, 636, 169, 5, 25, 649, 576, 137, 597, ...} = 256 * 25 * 137 = 1 % 649 I am wondering if this additional fact makes this problem solvable faster? Or if anyone has run into this problem previously or has any advice?

Read the article
Using pair in c++

- by user1543957

Can someone please tell why i am unable to compile the following program #include<iostream> #include<string> #include<cmath> #include<iostream> #include<cfloat> #define MOD 10000009 using namespace std; double distance(pair<int,int> p1,pair<int,int> p2) { double dist; dist = sqrt( (p1.first-p2.first)*(p1.first-p2.first) + (p1.second-p2.second)*(p1.second-p2.second) ); return(dist); } int main() { int N,i,j; cin >> N; pair<int,int> pi[N]; for(i=0;i<N;i++) { cin >> pi[i].first >> pi[i].second; } for(i=0;i<N;i++) { cout << pi[i].first << " "<< pi[i].second << endl; } distance(pi[0],pi[1]); // This line is giving error return 0; }

Read the article

< Previous Page | 134 135 136 137 138 139 140 141 142 143 144 145 | Next Page >