Search Results

Search found 5866 results on 235 pages for 'authentication'.

Page 180/235 | < Previous Page | 176 177 178 179 180 181 182 183 184 185 186 187  | Next Page >

• Login time out when calling opening a new window from modal popup (ASP.NET)

  - by Harsh Shah

  I have a weird problem. I have a window, on a button click I open a modal popup (using ModelPopupExtender), that let's you select a few criteria and then click a submit button. On click of submit button, I open a new window (using window.open()) that shows the status of what happened to your submitted request. However, every time this status window is opened, it goes to the login page. I am thinking the modal popup can't pass the authentication cookie to the newly opened window, but I'm not sure. Here's my web.config portion:

  Read the article

• Best Pratice to Implement Secure Remember Me

  - by Yan Cheng CHEOK

  Sometimes, I came across certain web development framework which doesn't provide authentication feature as in Authenication ASP.NET I was wondering what is the security measure needs to be considered, when implementing "Remember Me" login feature, by hand coding? Here are the things I usually did. 1) Store the user name in cookie. The user name are not encrypted. 2) Store a secret key in cookie. The secret key is generated using one way function based on user name. The server will verify secret key against user name, to ensure this user name is not being changed. 3) Use HttpOnly in cookie. http://www.codinghorror.com/blog/2008/08/protecting-your-cookies-httponly.html Any things else I could miss out, which could possible lead a security hole.

  Read the article

• How to get JSON back from HTTP POST Request (to another domain)

  - by roman m

  I'm trying to use the API on a website, here's the part of the manual: Authenticated Sessions (taken from here) To create an authenticated session, you need to request an authToken from the '/auth' API resource. URL: http://stage.amee.com/auth (this is not my domain) Method: POST Request format: application/x-www-form-urlencoded Response format: application/xml, application/json Response code: 200 OK Response body: Details of the authenticated user, including API version. Extra data: "authToken" cookie and header, containing the authentication token that should be used for subsequent calls. Parameters: username / password Example Request POST /auth HTTP/1.1 Accept: application/xml Content-Type: application/x-www-form-urlencoded username=my_username&password=my_password Response HTTP/1.1 200 OK Set-Cookie: authToken=1KVARbypAjxLGViZ0Cg+UskZEHmqVkhx/Pm...; authToken: 1KVARbypAjxLGViZ0Cg+UskZEHmqVkhx/PmEvzkPGp...== Content-Type: application/xml; charset=UTF-8 QUESTION: How do I get that to work? I tried jQuery, but it seems to have problem with XSS. Actual code snippet would be greatly appreciated. p.s. All I was looking for was WebClient class in C#

  Read the article

• Saving highscores coupled to a facebook account

  - by Eiko

  I want to offer a "highscore" list for friends in my app (at this point iPhone/iPad), so that if the user connected to facebook, he will get a list with his/her friends scores. Connecting is easy, retrieving friends is easy, but figuring out the best way to store the scores is not. As it seems I need to the store the scores on my own server server, no big deal. But what is considered a reasonable safe way to transfer the data? When communicating with facebook, authentication is clear - but communicating with my server basically anyone could post scores for another user if I send user id and score. Obfuscation might help a bit, but is there any better way to make sure that the data comes from the fb-logged-in person? Scores can also go down, so changing scores for other persons won't necessary help them. Thanks :)

  Read the article

• Authorization in a more purely OOP style...

  - by noblethrasher

  I've never seen this done but I had an idea of doing authorization in a more purely OO way. For each method that requires authorization we associate a delegate. During initialization of the class we wire up the delegates so that they point to the appropriate method (based on the user's rights). For example: class User { private deleteMemberDelegate deleteMember; public StatusMessage DeleteMember(Member member) { if(deleteMember != null) { deleteMember(member); } } //other methods defined similarly... User(string name, string password) //cstor. { //wire up delegates based on user's rights. //Thus we handle authentication and authorization in the same method. } } This way the client code never has to explictly check whether or not a user is in a role, it just calls the method. Of course each method should return a status message so that we know if and why it failed. Thoughts?

  Read the article

• Twitter xAuth vs open source

  - by Yorirou

  Hi I am developing an open source desktop twitter client. I would like to take advantage on the new xAuth authentication method, however my app is open source which means that if I put the keys directly into the source file, it may be a vulnerability (am I correct? The twitter support guy told me). On the other hand, putting the key directly into a binary also doesn't make sense. I am writing my application in python, so if I just supply the pyc files, it is one more seconds to get the keys, thanks to the excellent reflection capatibilities of Python. If I create a small .so file with the keys, it is also trivial to obtain the key by looking at the raw binary (keys has fixed length and character set). What is your opinion? Is it really a secutiry hole to expose the API keys?

  Read the article

• flash - django communication -- amf, xml, or json?

  - by shanyu

  We are considering to develop a Flash front-end to a web application written using Django. The Flash front-end will send a simple "id" to the server and in response receive a couple of objects. The application will be open only to authenticated users. To the extend of my current knowledge (which is basic for Flash) we can either use AMF or take an XML or JSON approach. AMF seems to have an upperhand as there are examples out on the internet showing it can cooperate easily with Django's authentication mechanism (most examples feature pyAMF). On the other hand, implementing a XML/JSON based solution may be easier and hassle free. Guidance will be much appreciated.

  Read the article

• How do I pass the currently logged in user's credentials to a web service using Integrated Windows A

  - by Chris Smith

  I am having a frustrating time trying to do something with Perl that would take a couple of lines of code in C#, namely to call a web service on a Windows server that requires Integrated Windows Authentication. The most likely candidate I've found for success is a module called LWP::Authen::Ntlm, but all the examples I've googled require you to explicitly supply username, password and domain. I don't want to do that - I just want the request to use the credentials of the currently logged in user, a la CredentialCache.DefaultCredentials in .NET. Have any of you Perl gurus out there ever had to do this? Thanks.

  Read the article

• What are the app pool identity and account for anonymous access for?

  - by apollodude217

  I understand what the two are used for, except I don't know what each does--i.e. what one is for vs. what the other is for. (I usually set them to the same account anyway.) If you're not sure what accounts I'm talking about, in the IIS manager thingy: Right-click on the app pool in question, go to Properties, and click the Identity tab to see the App Pool Identity. Right-click a Web site, go to Properties - Directory Security, and click Edit under Anonymous Access and authentication control to view the Account for anonymous access.

  Read the article

• How do i get out of the habit of procedural programming and into object oriented programming?

  - by Shadi Almosri

  Hiya all, I'm hoping to get some tips to kinda help me break out of what i consider after all these years a bad habit of procedural programming. Every time i attempt to do a project in OOP i end up eventually reverting to procedural. I guess i'm not completely convinced with OOP (even though i think i've heard everything good about it!). So i guess any good practical examples of common programming tasks that i often carry out such as user authentication/management, data parsing, CMS/Blogging/eComs are the kinda of things i do often, yet i haven't been able to get my head around how to do them in OOP and away from procedural, especially as the systems i build tend to work and work well. One thing i can see as a downfall to my development, is that i do reuse my code often, and it often needs more rewrites and improvement, but i sometimes consider this as a natural evolution of my software development. Yet i want to change! to my fellow programmers, help :) any tips on how i can break out of this nasty habbit?

  Read the article

• Uploading videos to Twitter using OAuth

  - by deepa

  Hi, I am developing an iPhone app that uses Twitvid library for uploading videos to TwitVid. This library first authenticates the app using the user-name and password input parameters. Then it uploads the video. But, recently I switched to OAuth mechanism of authentication which leads to a web-page where user can enter the user-name and password. So, I cannot provide the input fields for user-name and password in my app for uploading video. Can someone help me out to solve this problem. Thanks and Regards, Deepa

  Read the article

• Auto login on website

  - by jacktol

  I'm working on an application which consists of a Web Application and a Standalone Application. Both of the applications use the same database and require authentication and authorization. Within the Standalone Application a web browser needs to be opened, going to a page within the Web Application. This page is for authorized users only. Could anyone tell me if there is an easy way to automatically login within the Web Application via the Standalone Application? Besides using cookies or providing a token in the url. Thank you.

  Read the article

• Return back to the parent activity from subactivity

  - by ZelluX

  My application supports twitter and needs to open browser for OAuth. When the user clicks the Share on Twitter button, the main activity will create another subactivity (TwitterActivity) to handle twitter authentication issues. Here is a flow graph showing how activities are invoked currently. Main is short for MainActivity and Twit for TwitterActivity. startActivity() OAuth intent OAuth callback finish() Main ---------------> Twit ------------> Browser --------------> Twit --------> Browser As you may notice, after the TwitterActivity calls finish() to stop, it will now return back to MainActivity, but Browser instead. How can I make it return back to MainActivity? Many thanks

  Read the article

• SQL Server 2008 - cannot register default instance MSSQLSERVER

  - by Paul Moss

  Hello, I have installed SQL Server 2008 Developer on Windows 7 64 bit. In Management Studio I cannot register the default instance MSSQLSERVER, it cannot find it although the service is running. I get the message: Cannot connect to PHOENIX\MSSQLSERVER. A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: SQL Network Interfaces, error: 25 - Connection string is not valid) (Microsoft SQL Server, Error: 87) However Management Studio does show the SQL Server 2005 Express instance (that was installed with VS 2008 Pro) which appeared as already registered. I an using Windows Authentication as I installed it in mixed mode. Any ideas would be appreciated, many thanks paul

  Read the article

• How can I isolate the form controls in a ASP Web User Control from the rest of the page's form contr

  - by Justin808

  I have a Web User Control I created for authentication. The web user control is inside the box below. Clicking any button (1 or 2) below works correct as it goes to the correct c# button click event in the code behind file. If I press enter on fields a or b it goes to the correct callback (button1's) if I press enter on field c it still goes to button1's callback, not button2's How can I give my web user control a nice self contained for and view state etc, so it wont mess with the remainder of the page's form? +--------------+ | User: __a___ | | Pass: __b___ | | [button1]| +--------------+ Prompt:______c______ [button2]

  Read the article

• Why would a FaceBook application "work" on a profile, but not a page?

  - by ed.talmadge

  I made a FaceBook application that works fine on profiles, but I can't figure out how to get it to show on a FaceBook page. For example, after I visit the application canvas URL, allow the application, then edit application settings and "add" to box and tab view... I cannot click the "plus" symbol to the left of the tabs in order to add a tab for the application. It does not appear in the list of available applications. Meanwhile, the application is working/showing up on profiles with no issues. I DID check the "Installable to Pages" checkbox on the application (authentication tab) settings. What could cause this? Here is the application canvas URL: http://apps.facebook.com/russian_girls/

  Read the article

• Using twitter gem to signup and authenticate users

  - by Jim Jones

  Hi, I'd like to allow users the option to register using their Twitter account. Basically, I'll present them with a standard signup form (name, login, email, pwd, pwd_confirm) as well as a "Signup with Twitter" link. If a user chooses to signup with Twitter creds, then I'll create a user record in db. Then I'd like to be able to allow a user to authenticate using their Twitter creds on returning visits. Also, I'm using restful_authentication, so I need to have this work within that context. What is the best way to do this? I haven't been to find any tutorials on allowing the signup and authentication pieces. Most examples just show how to authenticate a Twitter user into your app. Thanks.

  Read the article

• Remote Server access/login problem

  - by shamim

  My OS is Windows Server 2008 Enterprise. I have installed SqlServer 2008. In network i want to access Other users Server,i have already enable remote access,when i try to login show bellow error **Connection can not TITLE: Connect to Server ------------------------------ Cannot connect to TECHNO009. ------------------------------ ADDITIONAL INFORMATION: Login failed for user 'TECHNO009\Guest'. (Microsoft SQL Server, Error: 18456) For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft+SQL+Server&EvtSrc=MSSQLServer&EvtID=18456&LinkId=20476 ------------------------------ BUTTONS: OK ------------------------------** Several times i try to connect as windows and sqlServer Authentication mode.But i failed,Other users also try to connect with my server they also failed and get the same message. Why error occur ,How to solve it?

  Read the article

• how to check session upon start in masterpage or in global.asax

  - by user572276

  i am new in asp.net form authentication and sessions i would like to know how to save session in masterpage or in global.asax and how to clear session how to better handle session timeout by redirecting to a page this is my web.config session settings <sessionState mode="InProc" cookieless="false" timeout="1"></sessionState> code in my masterpage if (Request.Url.AbsolutePath.EndsWith("SessionExpired.aspx", StringComparison.InvariantCultureIgnoreCase)) { HtmlMeta meta = new HtmlMeta(); meta.HttpEquiv = "Refresh"; meta.Content = "7; URL=./Login.aspx"; Page.Header.Controls.Add(meta); } else HttpContext.Current.Response.AppendHeader("Refresh", Convert.ToString((Session.Timeout * 60)) + "; Url=./Public/SessionExpired.aspx");

  Read the article

• What is the best tool to achieve this API design?

  - by Jose Fernandez

  Our web app offers a service that allows a "Publisher" to create a website (we give them a CMS system) that is ready to provide this service to "Members" (think Shopify). We have some possible clients that wish to become "Publishers" but they already have existing websites (vbulletin, word press blog, etc) with their own user base. We wish to develop an API that would allow these "Publishers" to keep using their own websites, and embed our services into them. Our main business requirement is that once "Members" are logged into the "Publishers" existing system, they should be able to also access our website without having to log-in again OR have to create another account there. The process should be seamless to the "Member" and "Publishers" should not have to sync their user base with our system. We also want to use an existing API authentication/authorization system instead of creating our own (OAuth, OpenID, etc) What would be the best way to use OAuth to achieve this sigle-sign on design? If OAuth is not the best tool, is there any other one out there that fits our requirements?

  Read the article

• Authlogic: Create records on other users' behalf

  - by Friðrik

  Hi Using Authlogic, what is the best way to create a record in rails on other users' behalf? Description: I have a c++ server which handles Tcp connections from many c++ clients, and I want the c++ server to create a new record in the rails database using its REST api. However, the c++ server needs to be authenticated before creating that record. What I want is to attach the original user ID (from the c++ client) to the record (but not the servers) so I know from which user the record came from. One way is for the c++ client to send its persistence token over to the c++ server which sends that token as a parameter to the create action, does that make sense? or are there maybe some better ways to do this? I have a rails app which uses authlogic for authentication. I also have another c++ client which is logs in and provides I have a c++ server which uses

  Read the article

• SVN Authorization

  - by Weslei

  I am trying to setup SVN authorization (authentication works fine already) and my AuthzSVNAccessFile looks like the following: [groups] todos = user1, user2 proj = user1 [/] @todos = r [/myproj] @proj = rw However, I can checkout the content of proj (as user1) but I can't commit to it... If i change the file changing to the following: [groups] todos = user1, user2 proj = user1 [/] @todos = rw [/myproj] @proj = rw I can successful commit... Anyone knows what's wrong with my access file? I am using SVN with SVNParentPath, to point to a folder containing multiple repositories. The errors it gives are: svn: Error: Server sent unexpected return value (403 Forbidden) in response to CHE CKOUT Thanks.

  Read the article

• OpenID token from Google (using www)?

  - by MunkiPhD

  I've come across the following situation when using OpenID and Google as the authenticator. If you type siteName.com it takes you to http://sitename.com Which returns a different token than if I were to login to www.siteName.com, which would take me to http://www.siteName.com As a result, Google returns a different authentication token. Is there a simple fix around this? Maybe redirect the user from siteName.com to www.siteName.com? Would this be a server issue, or is this something I can do programmatically? Thanks in advance for any answers, this question had plagued me for some time now as I just figured out why others had been receiving different credentials upon logging in.

  Read the article

• How to create an object reference to a xaml page from App.xaml.cs codebehind?

  - by John K.

  Hi all, I have a Silverlight 4 Business Project where I have enabled the ASP.NET Authentication/Authorization role information. I would like to pass the currently authenticated user's account information from the app.xaml.cs codebehind to a different XAML page, but I have no idea how that is done, or if it's even possible. My goal is to databind the IsEnabled property of various buttons of my target XAML page, based on whether the current user is in a particular admin related role or not. The Application_UserLoaded event handler of app.xaml.cs seems to be the safest event handler to initiate this task because it fires only after the user's account information is loaded from the server. I had previously attempted to retrieve the current user information directly from my target XAML page, but I was never getting the current user information because Application_UserLoaded hadn't finished loading the current user info yet. public partial class App : Application { private void Application_UserLoaded(LoadUserOperation operation) { // How do you create an object reference to a XAML page from your project solution // from this event handler? } } Thanks in advance for any assistance, John

  Read the article

• How do I send signed emails from ActionMailer?

  - by James A. Rosen

  I'm using GMail as my SMTP server. I have that configuration working just fine: # config/initializers/action_mailer.rb: ActionMailer::Base.smtp_settings = { :tls => true, :address => "smtp.gmail.com", :port => "587", :domain => "www.example.org", :authentication => :login, :user_name => "[email protected]", :password => "it's a secret" } I also have a public/private RSA key pair in config/ssl/rsa.public and config/ssl/rsa.private. What do I do to sign the emails before shipping them off to GMail's SMTP server?

  Read the article

< Previous Page | 176 177 178 179 180 181 182 183 184 185 186 187  | Next Page >