Search Results

Search found 54190 results on 2168 pages for 'http authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 163/2168 | < Previous Page | 159 160 161 162 163 164 165 166 167 168 169 170  | Next Page >

  • Google App Engine - Uploading blobs and authentication

    - by Keyur
    (I tried asking this on the GAE forums but didn't get an answer so am trying it here.) Currently to upload blobs, the app engine's blob store service creates a unique one- time URL that a user can post blobs to. My requirement is that I only want authenticated / authorized users to post blobs in my application. I can achieve this currently if the page that includes the multipart form to upload blobs is in my application. However, I am looking to providing a "REST API" for my users to upload their blobs. While it is true that the one-time nature of the upload URL mitigates the chances of rogue use but it's still possible. I was wondering if there is anyone on the app engine team here that can consider a feature where developers can register an upload listener. (Or if there is already a way, I'll be all ears). A standard servlet filter could also potentially do the job. This will give us an opportunity to authenticate / validate / decorate requests before the request gets forwarded to the blob store service. Thanks, Keyur

    Read the article

  • Is my form password being passed in clear text?

    - by liinkas
    This is what my browser sent, when logging into some site: POST http://www.some.site/login.php HTTP/1.0 User-Agent: Opera/8.26 (X2000; Linux i686; Z; en) Host: www.some.site Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 Accept-Language: en-US,en;q=0.9 Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0 Referer: http://www.some.site/ Proxy-Connection: close Content-Length: 123 Content-Type: application/x-www-form-urlencoded lots_of_stuff=here&e2ad811=my_login_name&e327696=my_password&lots_of_stuff=here Can I state that anyone can sniff my login name and password for that site? Maybe just on my LAN? If so (even only on LAN ) then I'm shocked. I thought using <input type="password"> did something more than make all characters look like ' * ' p.s. If it matters I played with netcat (on linux) and made connection browser <= netcat (loged here) <= proxy <= remote_site

    Read the article

  • Running log operation in Http Modules?

    - by Niranjan
    Hi, I have a simple requirement in which I want to execute a long running application program on server (e.g. DTSX) I want to make an HTTP module for this, But I have a question whether the DTSX will run even if the user closes the page and browser. In my case user hits the handler with a query string but what if the user closes the browser immediately? How is the behavior different from simple linear page processing? I want my DTSX package to finish once its started no matter how much time it takes and also dont want to halt the user that is why I am using http modules in place of linear asp page processing. Reagrds, Niranjan

    Read the article

  • Newbie queston: Cannot load http://localhost/phptest:8080/

    - by Princess Innah
    Hi guys, I decided to learn HTML so I installed apache on windows vista. Everything seems to work fine; when I go to http://localhost:8080 the sample webpage installed by apache shows. Apache is configured at port 8080. So far so good. Since my DocumentRoot is c:\pub, I made another folder inside, e.g., c:\pub\test. What I'm trying to figure out is why the page at http://localhost/test:8080 cannot load? It has index.html and apache is working fine. Any ideas?

    Read the article

  • Getting Session in Http Handler ashx

    - by prakash
    Hi All, I am using Http Handler ashx file for showing the images. I was using Session object to get image and return in the response Now problem is i need to use custom Session object its nothing but the Wrapper on HttpSession State But when i am trying to get existing custom session object its creating new ... its not showing session data , i checked the session Id which is also different Please adive how can i get existing session in ashx file ? Note: When i use ASP.NET Sesssion its working fine [WebService(Namespace = "http://tempuri.org/")] [WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)] public class GetImage : IHttpHandler, System.Web.SessionState.IRequiresSessionState {

    Read the article

  • How to record different authentication types (username / password vs token based) in audit log

    - by RM
    I have two types of users for my system, normal human users with a username / password, and delegation authorized accounts through OAuth (i.e. using a token identifier). The information that is stored for each is quite different, and are managed by different subsytems. They do however interact with the same tables / data within the system, so I need to maintain the audit trail regardless of whether human user, or token-based user modified the data. My solution at the moment is to have a table called something like AuditableIdentity, and then have the two types inheriting off that table (either in the single table, or as two seperate tables with 1 to 1 PK with AuditableIdentity. All operations would use the common AuditableIdentity PK for CreatedBy, ModifiedBy etc columns. There isn't any FK constraint on the audit columns, so any text can go in there, but I want an easy way to easily determine whether it was a human or system that made the change, and joining to the one AuditableIdentity table seems like a clean way to do that? Is there a best practice for this scenario? Is this an appropriate way of approaching the problem - or would you not bother with the common table and just rely on joins (to the two seperate un-related user / token tables) later to determine which user type matches which audit records?

    Read the article

  • Does ADFS2.0 provide custom authentication stores?

    - by chugh97
    I wanted to find out if ADFS2.0 provides a way for users to be authenticated with a Custom Store? Version 1.0 you could only authenticate users in the Windows domain, using Forms/Windows Integrated/Cardspace. I have an ASP.NEt website, which I would like the users to be authenticated against a custom store in SQL and then ADFS2.0 to take care of the claims issued to the user...

    Read the article

  • Password authentication in sqlite3 for iphone

    - by user271753
    Hey Guys .. I am new to programming in Objective C . I checked many tutorials on reading data in sqlite3 , but almost all of them have show the data in UITableView . I have a page where the user types in the password, the password lets say 1234 is saved in the database ( I have created a table already ) . I have got the database into the project folder . I just want a statement like if(databasepassword == correct from the uitextfield ) { show next page } else { password is incorrect.text } I will figure out on how to show the next page and display the password is incorrect.text I just want a method to cross check with the password saved in the database . How can I do that ? Regards

    Read the article

  • Simulate Incorrect Content-Length Headers for HTTP in C#

    - by cfeduke
    We are building a comprehensive integration test framework in C# for our application which exists on top of HTTP using IIS7 to host our applications. As part of our integration tests we want to test incoming requests which will result in EndOfStreamExceptions ("Unable to read beyond end of stream") that occur when a client sends up a HTTP header indicating a larger body size than it actually transmits as part of the body. We want to test our error recovery code for this condition so we need to simulate these sorts of requests. I am looking for a .NET Fx-based socket library or custom HttpWebRequest replacement that specifically allows developers to simulate such conditions to add to our integration test suite. Does anyone know of any such libraries? A scriptable solution would work as well.

    Read the article

  • WebSockets authentication

    - by Tomi
    What are the possible ways to authenticate user when websocket connection is used? Example scenario: Web based multi-user chat application through encrypted websocket connection. How can I ensure (or guarantee) that each connection in this application belongs to certain authenticated user and "can't be" exploited by false user impersonation during the connection.

    Read the article

  • Multiple key/value pairs in HTTP POST where key is the same name

    - by randombits
    I'm working on an API that accepts data from remote clients, some of which where the key in an HTTP POST almost functions as an array. In english what this means is say I have a resource on my server called "class". A class in this sense, is the type a student sits in and a teacher educates in. When the user submits an HTTP POST to create a new class for their application, a lot of the key value pairs look like: student_name: Bob Smith student_name: Jane Smith student_name: Chris Smith What's the best way to handle this on both the client side (let's say the client is cURL or ActiveResource, whatever..) and what's a decent way of handling this on the server-side if my server is a Ruby on Rails app? Need a way to allow for multiple keys with the same name and without any namespace clashing or loss of data.

    Read the article

  • Why won't IIS serve my website? - 404 Page Not Found

    - by Giffyguy
    Built a brand new server, with a fresh copy of Windows Server 2003 Enterprise x86 Edition. Installed the .NET Framework 1.1, 2.0, 3.5, and 4.0 Added the "Domain Controller" and "Application Server" roles. Created a new website, pointed it to a local directory: C:\Inetpub\angryoctopus.net\ Added the appropriate headers: angryoctopus.net, www.angryoctopus.net, TCP port 80, all IPs Moved the website content into the local directory. Configured the default document in IIS: Default.aspx Enabled ASP.NET for this website, and set it to the correct version: 2.0.50727 Configured the zone angryoctopus.net in DNS. Tested DNS lookup here to ensure DNS was functional. Opened website in VS 2008 and re-built (and debugged) to ensure the content was functional. I can clearly see that IIS is responding normally, by browsing directly to my server's IP address. Since this does not use the angryoctopus HTTP header, the default website is displayed instead: the "Under Construction" page. And yet, after all of this, angryoctopus.net still returns 404. Does anybody know what could be wrong? What troubleshooting steps have I forgotten? Is there a command-line diagnostic that might provide more information?

    Read the article

  • Problem in getting Http Response in crome

    - by Bhaskasr
    hi Am trying to get http response from php web service in javascript , but am getting null in firefox and crome. plz tell me where am doing mistake here is my code, function fetch_details() { if (window.XMLHttpRequest) { xhttp=new XMLHttpRequest() alert("first"); } else { xhttp=new ActiveXObject("Microsoft.XMLHTTP") alert("sec"); } alert("hi."); xhttp.open("GET","http://122.166.97.94:8080/proxim_live/phpsend.php?UserID=881&DeviceID=Imm123&LastSyncDate=",false); xhttp.send(""); xmlDoc=xhttp.responseXML; alert(xmlDoc); alert(xmlDoc.getElementsByTagName("Inbox")[0].childNodes[0].nodeValue); }

    Read the article

  • Securely persist session between https://secure.yourname.com and http://www.yourname.com on rails ap

    - by Matt
    My rails site posts to a secure host (e.g. 'https://secure.yourname.com') when the user logs into the site. Session data is stored in the database, with the cookie containing only the session ID. The problem is that when the user returns to a non-https page, such as the home page (e.g. 'http://www.yourname.com') the user appears to have logged out. I believe the reason for this is that a separate cookie is stored for each host (www vs. secure). Is this correct? What is the best secure way to persist the session between both the http and https sections of the site? Does anyone know of any plugins that address this problem? The site runs on Heroku.

    Read the article

  • Subversion: svn protocol with HTTP/HTTPS proxy

    - by Neeraj
    Hi all, I need to do a svn checkout,say svn checkout svn://XYZ.com/trunk. I am using the svn client from behind the proxy. I had accessed other repositries using the http protocol in past but with svn protocol,it fails with "Connection Refused", reason I think being the port not allowed by the proxy.Nonetheless, the HTTP protocol is not supported on the server. However, svn+ssh gets connected but it prompts for an account at that server which I don't have? Is there any way out other than requesting for an account? Note that I can't affect the settings of the proxy server.

    Read the article

  • How to clone a mercurial repository over an ssh connection initiated by fabric when http authorizati

    - by Monika Sulik
    I'm attempting to use fabric for the first time and I really like it so far, but at a certain point in my deployment script I want to clone a mercurial repository. When I get to that point I get an error: err: abort: http authorization required My repository requires http authorization and fabric doesn't prompt me for the user and password. I can get around this by changing my repository address from: https://hostname/repository to: https://user:password@hostname/repository But for various reasons I would prefer not to go this route. Are there any other ways in which I could bypass this problem?

    Read the article

  • Authentication and authorization for RESTfull API (java jersery)

    - by abovesun
    Hi, implementing service something similar with tinyurl or bit.ly, I'm would like to expose service as API, I'm using java and jersey as RESTfull service implementation. I'm looking for simplest way for authentification of users who use API, OAuth is first thing coming in mind, but the problem is I don't need this 3 iteration calls with request token query, than access token query with callback url passing. I just need to give user ability to invoke api with no additional security calls to my server.

    Read the article

  • WCF service hosted in IIS 5.0 - http get methods not invoked through the browser

    - by Dmitry
    I have service hosted in IIS5.0 and configured such way : ** <behaviors> <endpointBehaviors> <behavior name="GalleriesBehavior"> <webHttp/> </behavior> ** When I make request to http://localhost/sandboxWidget/Galleries.svc?Test ,the message I get is : "Metadata publishing for this service is currently disabled." and instructions how to expose meta data exchange...Tried this but doesn't help.. I can write any function name ,even not existing (http://localhost/sandboxWidget/Galleries.svc?blabla) ,but the message is same .... I'm new to Wcf ,but what looks me strange is that ,the same application was working in my job environment ,but not on my home PC .... I have same VS2008,NET3.5 with service pack 1

    Read the article

  • ASP.Net forms authentication - multiple providers

    - by Chris Klepeis
    I have an ASP.Net 4.0 application, and within it is a folder called "Forum", setup as a sub application in IIS 7. This forum package implements a custom provider for .net membership. The forum is running in .net 3.5. I'd like to setup the main site so that when users login, it logs them into both my site and the forum site. Both the main site and the forum have separate .Net membership tables. How can I specify which provider to use with formsauthentication? right now I have FormsAuthentication.SetAuthCookie(...); this, however, just uses my default provider and does nothing with the provider for the forum I tried setting the forum app and my web app to have the same cookie name, as well as setting the machinekey on each: <machineKey validationKey="AutoGenerate" validation="SHA1" /> no dice. I googled and didnt really come up with any example of how to use multiple providers like I want to. I updated my web.config to have both provideers but this is useless if I cannot specify in my code which one to use.

    Read the article

  • Good tool to test WCF service (not SOAP/HTTP webservice)

    - by Kangkan
    I recently found SOAPUI and discovered that it is just a great tool for testing any SOAP/HTTP service. Conventionally, we have been developing our own driver to test our services (WCF based netTCP binding) so far. But with SOAPUI experience, I am really looking for some such tool that can be used with such ease with built-in facilities for load testing, functional testing etc. The other thought in my mind is that for services that I wish to deploy with netTCP can be first tested using a HTTP binding using SOAPUI. Once found suitable, the binding can be changed for the intended one. I shall like the views from all the experts here. Thanks.

    Read the article

  • Is it valid to replace http:// with // in a <script src="http://...">?

    - by Darryl Hein
    I have the following tag: <script type="text/javascript" src="https://cdn.example.com/js_file.js"></script> In this case the site is HTTPS, but the site may also be just HTTP. (The JS file is on another domain.) I'm wondering if it's valid to do the following for convenience sake: <script type="text/javascript" src="//cdn.example.com/js_file.js"></script> I'm wondering if it's valid to remove the http: or https: ? It seems to work everywhere I have tested, but are there any cases where it doesn't work?

    Read the article

  • Is Webhooks a style/pattern or a specification?

    - by Emilio
    I've been reading about Webhooks and I'm trying to determine if it's a specification vs a style/pattern. By "specification" I mean that the implementation details, e.g. headers, payload and so on are well defined. By "style" or "pattern" I mean in the sense that REST is a style (as opposed to a spec) or a pattern which describes usage but doesn't define implementation details. From what I see, Webhooks is a style/pattern. That the event(s) which triggers the http callbacks are generated however the developer wants, and that the http callbacks have no specific implementation requirements except to be an http post. Is this correct?

    Read the article

  • Twitter Authentication through Android's AccountManager classes.

    - by Robby Pond
    I am working on a twitter based app and am trying to incorporate Android's built-in Account support for Twitter. The following code works to popup the confirmation dialog for my app to access twitter but I am unsure of what to pass in as the authenticationType. Any help would be appreciated. I've googled all over the place and can't seem to find the correct answer. It goes in place of "oauth" below. AccountManager am = AccountManager.get(this); Account[] accts = am.getAccountsByType(TWITTER_ACCOUNT_TYPE); if(accts.length > 0) { Account acct = accts[0]; am.getAuthToken(acct, "oauth"/*what goes here*/, null, this, new AccountManagerCallback<Bundle>() { @Override public void run(AccountManagerFuture<Bundle> arg0) { try { Bundle b = arg0.getResult(); Log.e("TrendDroid", "THIS AUTHTOKEN: " + b.getString(AccountManager.KEY_AUTHTOKEN)); } catch (Exception e) { Log.e("TrendDroid", "EXCEPTION@AUTHTOKEN"); } }}, null); }

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 159 160 161 162 163 164 165 166 167 168 169 170  | Next Page >