Search Results

Search found 6090 results on 244 pages for 'digest authentication'.

Page 182/244 | < Previous Page | 178 179 180 181 182 183 184 185 186 187 188 189 | Next Page >

ASP.NET MVC and ASP.NET membership template provider

- by rem

In a standard ASP.NET MVC template application that is created by default in Visual Studio when starting a new ASP.NET MVC application there is already a built-in membership / authentication / authorization system. Using web search one can find lots of info about how to work with a built-in ASP.NET membership system, but very often this material is a bit of an old and refer to ASP.NET only, not mentioning ASP.NET MVC framework. Just for example: http://msdn.microsoft.com/en-us/library/ms998347.aspx#paght000022%5Fmembershipapis or http://www.4guysfromrolla.com/articles/091207-1.aspx To what extent all that applies to ASP.NET built-in membership system applies also to ASP.NET MVC ready template membership system?

Read the article
Is the usage of Isolated Storage in Silverlight 3 a security concern

- by Prashant

I am using Silverlight 3 on my website. I have a Login Page for role based authentication, that routes users with different privileges to different parts of the website. I want to use something analogous to the Session Variables available in standard ASP.Net applications. I intend to use Isolated Storage to achieve this. But I am skeptical about security in this option, as the Isolated Storage exists on the client side, and can be manipulated on client side. I am new to the Isolated Storage concept and don't know about the security options provided by it in terms of Encryption and server-side validation etc. If any of you have used it or are aware of the security provided in this case, could you please shed some light on the same. Thanks

Read the article
Authenticating from a "child" application via CAS

- by Rob Wilkerson

I have a portal application that loads external content (widgets) via an iframe. Users login to CAS via the portal itself. There are a few portal APIs, though, that need to be called from that external content. What information do I have to pass from the portal to the widgets that the widgets can use to make these calls without being rejected by CAS? UPDATE The more I investigate, the more I think that my question boils down to how CAS actually does what it's supposed to do. In other words, how can I go from one site where I've authenticated to another and tell it that I've already done the authentication thing. What's the mechanism behind that and how can I employ in in a web context.

Read the article
Authenticating with Netflix: Netflix OAuth vs. SignPost OAuth: Which is correct?

- by Stefan Kendall

With signpost 1.2: String authUrl = provider.retrieveRequestToken( consumer, callbackUrl ); Netflix API response: <status> <status_code> 400 </status_code> <message> oauth_consumer_key is missing </message> </status> I see how to craft the URL manually via the netflix documentation, but this seems to contradict other services which use OAuth authentication. Who's incorrect, here? Is there a way to get signpost to work with Netflix, aside from contributing to the signpost source? :P

Read the article
Win32 API Question

- by Lalit_M

We have developed a ASP.NET web application and has implemented a custom authentication solution using active directory as the credentials store. Our front end application uses a normal login form to capture the user name and password and leverages the Win32 LogonUser method to authenticate the user’s credentials. When we are calling the LogonUser method, we are using the LOGON32_LOGON_NETWORK as the logon type. The issue we have found is that user profile folders are being created under the C:\Users folder of the web server. The folder seems to be created when a new user who has never logged on before is logging in for the first time. As the number of new users logging into the application grows, disk space is shrinking due to the large number of new user folders getting created. Has anyone seen this behavior with the Win32 LogonUser method? Does anyone know how to disable this behavior?

Read the article
Update to php5.3 breaks connecting to mysql db

- by bobbyb

I just updated php to 5.3 and can no longer connect to my remote mysql server. I get the following errors: mysqli_connect(): OK packet 6 bytes shorter than expected mysqli_connect(): (HY000/2000): mysqlnd cannot connect to MySQL 4.1+ using old authentication It seems this has to do with the new mysqlnd driver. Is there a way to force it to use the old libmysql driver. Also, reverting to php5.2.11 doesn't seem to fix the issue which seems to work for most people. Anyone have any suggestions? thanks!

Read the article
http post with ant for file uploading

- by paleozogt

As part of my Ant build process, I'd like to upload files to a webserver via HTTP Post. Ant only comes with an HTTP Get task. However, Ant Contrib seems to have an HTTP Post task. The problem is that it doesn't have any authentication (like get does) or any way to specify a file upload (despite what the docs say, "rawFile" is not part of the distro). My question is: does Ant Contrib's Post task actually support what I want, but in a non-obvious way (perhaps I have to do it by hand)? Or is there some other way to do this?

Read the article
Interacting with google docs after logging into my google market apps - how

- by Ali

Hi guys I have a google apps account set up and even set up a simple hello world application from the available samples on the tutorial however I need to set it so I am able to interact with the google docs account associated with the account which has added my application. To interact with google docs I am aware that a token is requested from google upon authentication and verification of the account however that is in a situation where you code specifically for interacting with google docs - I'm talking about having access to the google docs of the account which has added my application so my application can be used to upload documents to the google docs and make references to them - basically my application is a resource management application and it needs to be able to store references to google docs.

Read the article
Move asp.net website to subfolder/subdomain

- by brz dot net

What is the effective way to deploy an asp.net website in subfolder/subdomain? Actually I need to keep web.config in root directory and modify following things for this. Web.config Location tags Web.config authentication forms tag Web.sitemap Style.css Response.redirect/Server.transfer Image path Is there any way to avoid these changes? So my development work is not more different from production. Means I am expecting one place where applied changes are effective on whole site. No need to modify path on each page.

Read the article
HttpClient 4 SSL and client side certificates

- by Luke

Hi All, I am having trouble working out how I can get get HttpClient 4 to use SSL in the way I need. I have X https servers that I send requests to. One requires a client side certificate while the others have trusted certificates and therefore require no client side certificate. I have no issue connecting to the server requiring the client side certificate (its in my keystore), however every time I try to connect to the servers with trusted certificates, my client side certificate is offered by HttpClient and therefore fails authentication. My question is this: is there a way for HttpClient to offer the client side certificate only to the server requiring it and not to the others? Thanks in advance, Luke

Read the article
Receive XML via POST with ASP.NET

- by Mark Hurd

I have to set up an XML "web service" that receives a POST where the 'Content-type header will specify “text/xml”.' What is the simplest way to get the XML into an XDocument for access by VB.NET's axis queries? I don't believe the web service is guaranteed to follow any protocol (e.g. SOAP, etc); just specific tags and sub-tags for various requests, and it will use Basic Authentication, so I will have to process the headers. (If it matters: * the live version will use HTTPS, and * the response will also be XML.)

Read the article
Visual Studio / Visual Source Safe / Integrated Security / IIS 7

- by Jason

Using Visual Source Safe with IIS integration (the working dir is the IIS site) Visual Studio, pointed to the IIS site would load up the Web project. It would be under VSS control (have to check out files, etc). Recently, we had to switch to Integrated Security for our database connections from the web app. This means changing the impersonation of the IIS app pool (and anon authentication) to the impersonated account. Since I did this -- my project loads in Visual Studio, but it acts as if I'm not me, and the files aren't under source control anymore. I'm going to assume it's something with the pass-through from IIS to the VSS (as if you'll remember you had to add IIS_USERS to the VSS list of users). Even trying to add the impersonated account didn't work. Any ideas?

Read the article
Request builder call not returning when using ssl(https)

- by Zeeshan Khan

Hi , I am using GWT. Currently using gwt-rpc to for login authentication. For only login purpose i want to use ssl(https) and so instead of using gwt-rpc i am trying Request Builder and calling a servlet with https. When in Servlet URL i use protocol as http the request builder works perfectly and response returns to client side(onResponseReceived ). but when i use https in the servlet url then the servlet is gettting called but the response is not returning to the onResponseReceived method of request builder. my url with http looks like : http://localhost:8888/myproject/myservlet and with https it looks like :https://localhost/myproject/myservlet Please give any suggestion or is there any other way to do it.and also is it possible to use ssl over gwt-rpc.

Read the article
web.config, configSource, and "The 'xxx' element is not declared" warning.

- by UpTheCreek

I have broken down the horribly unwieldy web.config file into individual files for some of the sections (e.g. connectionStrings, authentication, pages etc.) using the configSource attribute. This is working file, but the individual xml files that hold the section 'snippets' cause warnings in VS. For example, a file named roleManager.config is used for the role manager section, and looks like this: <roleManager enabled="false"> </rolemanager> However I get a blue squiggle under the roleManager element in VS, and the following warning: The 'roleManager' element is not declared I guess this is something to do with valid xml and schemas etc. Is there an easy way to fix this? Something I can add to the individual files? Thanks P.S. I have heard that it is bad practice to break the web.config file out like this. But don't really understand why - can anyone illuminate me?

Read the article
Get-WMIObject fails when run AsJob

- by codepoke

It's a simple question, but it's stumped me. $cred = Get-Credential $jobs = @() $jobs += Get-WmiObject ` -Authentication 6 ` -ComputerName 'serverName' ` -Query 'Select * From IISWebServerSetting' ` -Namespace 'root/microsoftiisv2' ` -EnableAllPrivileges ` -Credential $cred ` -Impersonation 4 ` -AsJob $joblist = Wait-Job -Job $jobs -Timeout 60 foreach ($job in $jobs) { if ($job.State -eq "Completed") { $app = Receive-Job -Job $job $app } else { ("Job not completed: " + $job.Name + "@" + $job.State + ". Reason:" + $job.ChildJobs[0].JobStateInfo.Reason) Remove-Job -Job $job -Force } } The query succeeds when run directly and fails when run -AsJob. Reason:System.UnauthorizedAccessException: Access is denied. I've jiggered with -Impersonation, -Credentials, -Authority, and -EnableAllPrivileges to no useful effect. It appears I'm overlooking something fundamental. Why is my Powershell prompt allowed to connect to the remote server, but my child process denied?

Read the article
How to access the Principal from a Java service object without using FlexContext?

- by Marplesoft

We're building some Java objects that are exposed via BlazeDS to our flex client application. So basically the BlazeDS messagebroker servlet instantiates and invokes methods on these objects in response to client requests. Works great. We're using app server-based authentication and have set up a security constraint on the <destination> elements in the remoting-config.xml file element to prevent unauthenticated clients from being able to access these remote java objects. Again, works fine. However, there are several places within the implementation of these java objects where we want to get the currently logged on user's username. Right now we are doing this via FlexContext.getUserPrincipal(), which gives access to this but we have a nagging concern that we don't like the idea that the implementation of these objects (the service layer) has a hard dependency on a BlazeDS class. But we're not sure how else to get access to this. The same applies to accessing the ServletContext and such. Any ideas?

Read the article
Why is LOGON_USER Server Variable is blank on New Windows / New Tab?

- by Alex Papadimoulis

We are noticing some very strange behavior on an installation of a .NET2-based webapp on Server 2008. Our app uses "old school" Integrated Windows Authentication and simply reads the LOGIN_USER server variable from the request collection. There's a good reason for this, but that's somewhat irrelevant to the question, since the underlying WindowsAuthentication code from ASP.NET does the same thing. Anyway... When you enter the URL in the browser, it loads up just fine and displays the username (from LOGIN_USER) no problem. When you click on a link within the web app, it loads the page just fine and authenticates without any problems. When you "hard refresh" (Ctrl-F5) it also works just fine. However, when you click "open in a new window" or "open in a new tab", the LOGON_USER variable is blank Any ideas? Am I missing some IIS7 setting somewhere? Tested clients are Windows 7 with IE8 or Windows XP with IE6.

Read the article
What components of your site do you typically "offload" or embed?

- by Chad

Here's what I mean. In developing my ASP.NET MVC based site, I've managed to offload a great deal of the static file hosting and even some of the "work". Like so: jQuery for my javascript framework. Instead of hosting it on my site, I use the Google CDN Google maps, obviously "offloaded" - no real work being performed on my server - Google hosted jQueryUI framework - Google CDN jQueryUI CSS framework - Google CDN jQueryUI CSS framework themes - Google CDN So what I'm asking is this, other than what I've got listed... What aspects of your sites have you been able to offload, or embed, from outside services? Couple others that come to mind... OpenAuth - take much of the authentication process work off your site Google Wave - when it comes out, take communication work off of your site

Read the article
wsimport and header params for logging

- by Milan

I have this situation. Generating form based on the WSDL. I made it but I came to the situation when the wsimport tool generates classes with methods with params for header(for authentication) and the params are not just simple types. But some complex. The problem is that I dont know which classes will be generated so I need simple types for the methods. @WebMethod(operationName = "DNSLookup", action = "http://www.strikeiron.com/DNSLookup") @WebResult(name = "DNSLookupResult", targetNamespace = "http://www.strikeiron.com") @RequestWrapper(localName = "DNSLookup", targetNamespace = "http://www.strikeiron.com", className = "invoker.DNSLookup") @ResponseWrapper(localName = "DNSLookupResponse", targetNamespace = "http://www.strikeiron.com", className = "invoker.DNSLookupResponse") public SIWsOutputOfDNSInfo dnsLookup( @WebParam(name = "HostNameOrIPAddress", targetNamespace = "http://www.strikeiron.com") String hostNameOrIPAddress, @WebParam(name = "LicenseInfo", targetNamespace = "http://ws.strikeiron.com", header = true, partName = "LicenseInfo") LicenseInfo licenseInfo, @WebParam(name = "SubscriptionInfo", targetNamespace = "http://ws.strikeiron.com", header = true, mode = WebParam.Mode.OUT, partName = "SubscriptionInfo") Holder<SubscriptionInfo> subscriptionInfo); you can see that LicenseInfo licenseInfo, and Holder subscriptionInfo);? Is it possible to somehow to specify to have simple types for header params?

Read the article
Ruby 1.9, gmail and NET::SMTP

- by anshul

I am running ruby 1.9.1p243 (2009-07-16 revision 24175) [x86_64-linux]. require 'mail' options = { :address => "smtp.gmail.com", :port => 587, :domain => 'REMOVED', :user_name => 'REMOVED', :password => 'REMOVED', :authentication => 'plain', :enable_starttls_auto => true } Mail.defaults do delivery_method :smtp, options end Mail.deliver do to 'REMOVED' from 'REMOVED' subject 'Testing' body 'Test body' end results in the error Net::SMTPAuthenticationError: 530 5.7.0 Must issue a STARTTLS command first. x.REMOVED! What am I doing wrong and how do I fix it?

Read the article
Problem sending mail with simple .net application. Server refusal error.

- by Fatih

I have a very simple .net application for testing SMTP on .net. But i am receiving this weird error. "System.Net.Mail.SmtpException: Failure sending mail. --- System.Net.WebException: Unable to connect to the remote server --- System.Net.Sockets.SocketException: No connection could be made because the target machine actively refused it" SMTP server is remote and doesn't need any kind of authentication so i don't need credentials. But i can send mails from this computer with outlook using same smtp server and same smtp settings without any problem. Any ideas? It will be appreciated so much. Imports System.Net.Mail Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click Dim smtp As New SmtpClient smtp.Host = "10.241.128.220" smtp.Port = 25 smtp.Send("[email protected]", "[email protected]", "test", "test") End Sub

Read the article
Mocking User.Identity in ASP.NET MVC

- by Trey Carroll

I need to create Unit Tests for an ASP.NET MVC 2.0 web site. The site uses Windows Authentication. I've been reading up on the necessity to mock the HTTP context for code that deals with the HttpContext. I feel like I'm starting to get a handle on the DI pattern as well. (Give the class an attribute of type IRepository and then pass in a Repository object when you instantiate the controller.) What I don't understand, however, is the proper way to Mock the Windows Principal object available through User.Identity. Is this part of the HttpContext? Does any body have a link to an article that demonstrates this (or a recommendation for a book)? Thanks, Trey Carroll

Read the article
Creating an admin user in Devise on Rails beta 3

- by erskingardner

Ok, I'm probably going to feel quite dumb when someone answers this one with a simple thing that I'm missing but... here goes: I've got a brand new app on rails 3 beta and I'm using devise for the authentication. I've run all the comments and everything is working perfectly at the moment. I've created a user role and an admin role (following these instructions: http://wiki.github.com/plataformatec/devise/adding-an-admin-role) and I've registered myself as the first user but how to do I register or create an admin role user? The directions from the devise guys setup the admin role to not be registerable but I'm unsure how you're supposed to create the admin if you can't register?! Any help would be appreciated! Thanks!

Read the article
Upgrading to IIS7 stopped Firefox from receiving cookies?

- by Ted Spence

Our website has been using IIS6 for a long time. We test on IE8, Firefox, and Chrome. All browsers worked fine. We recently did an upgrade to IIS7, and Chrome and IE8 continue to work normally, but Firefox appears to be unable to get the ASP session cookie. As a result, when our code checks the Session[] object, we see nothing, we think the user has logged out, and the site resets your session. Does anyone know why upgrading to IIS7 would cause this behavior in Firefox? We've: 1) Reverted our application pool back to classic mode (no change); 2) Added a dummy value in the Global.asax object (no change); and 3) changed the web.config file from "authentication cookieless=autodetect" to "cookieless=usercookie" and back (no change).

Read the article
Storing and comparing biometric information

- by Chathuranga Chandrasekara

I am not sure whether this is the best place to post this. But this is strongly related with programming so decided to put this here. In general we use biometrics in computer applications say for authentication. Lets get 2 examples finger prints and facial recognition. In those cases how we keep the information for comparison. As an example we can't keep a image and process it every time. So what are the methodologies we use to store/determine the similarity in such cases? Are there any special algorithms that designed for that purposes.? (Ex : To return a approximately equal value for a finger print of a certain person every time)

Read the article

< Previous Page | 178 179 180 181 182 183 184 185 186 187 188 189 | Next Page >