Search Results

Search found 5698 results on 228 pages for 'django openid auth'.

Page 196/228 | < Previous Page | 192 193 194 195 196 197 198 199 200 201 202 203 | Next Page >

How do i use repoze.who?

- by misterwebz

I'm having some trouble understanding how repoze.who works. I've followed a tutorial i found by searching on google and here's what i already have: This is what i added in my middleware.py file from repoze.who.config import make_middleware_with_config as make_who_with_config app = make_who_with_config(app, global_conf, app_conf['who.config_file'], app_conf['who.log_file'], app_conf['who.log_level']) Here's the who.ini : http://pastebin.com/w5Tba2Fp Here's repoze_auth.py in /lib/auth/: from paste.httpexceptions import HTTPFound from iwant.model import User class UserModelPlugin(object): def authenticate(self, environ, identity): try: username = identity['login'] password = identity['password'] except KeyError: return None success = User.authenticate(username, password) return success def add_metadata(self, environ, identity): username = identity.get('repoze.who.userid') user = User.get(username) if user is not None: identity['user'] = user I've also checked the plugins in the repoze.who folder, but i failed to understand how it's supposed to be used. I'd appreciate it if someone would push me in the right direction.

Read the article
Framework Similar to Pylons for Ruby

- by Travis

I've been using Python for most of my web projects lately, and have come to really love the Pylons MVC framework. I like the incredible transparency (lack of magic), the built-in components they selected (sqlalchemy, formencode, routes), and the ability to easily change things up (use a different ORM or templating engine). Moving forward, due to constraints at my company, I'm going to be trying out Ruby rather than Python. I'm wondering if people with experience in both have any recommendations for a Ruby framework that is comparable to Pylons. Python is to Django as Ruby is to Rails Python is to Pylons as Ruby is to ?

Read the article
How can I authenticate when using the Bugzilla Perl API in a script?

- by Allan Anderson

Working from the Bugzilla API, I've written a quick Perl script to clone a Bugzilla Product (recreating all the Components under their new Product). The Bugzilla Perl API is quite easy to use from the command line. I could have just worked on the database directly, but I wanted a longer-term solution. Another option was the webservice, but I thought I'd try using the API directly this time. The one problem I'm running into is authenticating as my Bz admin user so I can create the new components. Looking at Bugzilla's Bugzilla.pm file, I see that they just run login() from a Bugzilla::Auth object. I'm not sure how to get the username and password in there. I suppose I could just add the script to the Bugzilla admin interface... Can any of you point me in the right direction?

Read the article
Talking to an Authentication Server

- by Kyle Terry

I'm building my startup and I'm thinking ahead for shared use of services. So far I want to allow people who have a user account on one app to be able to use the same user account on another app. This means I will have to build an authentication server. I would like some opinions on how to allow an app to talk to the authentication server. Should I use curl? Should I use Python's http libs? All the code will be in Python. All it's going to do is ask the authentication server if the person is allowed to use that app and the auth server will return a JSON user object. All authorization (roles and resources) will be app independent, so this app will not have to handle that. Sorry if this seems a bit newbish; this is the first time I have separated authentication from the actual application.

Read the article
Displaying Google Calendar event data on FullCalendar

- by aurealus

I am using Google Calendar as a storage engine for a calendar system I am building, however, I am using a single Google user account with multiple calendars, i.e. each user on my system has their own calendar within the one user account. I'm able to create a calendar per user just fine, but I would like to have FullCalendar retrieve the events for display purposes, without manually getting the magic cookie url from Google Calendar settings. I would like to be able to retrieve it programmatically or 'proxy' the feed via an authenticated call to get event data that I'm doing in Django. $('#calendar').fullCalendar({ events: $.fullCalendar.gcalFeed( "http://www.google.com/calendar_url/" <-- or /my/event/feed/url ) });

Read the article
Where to add the PHP script and MYSQL Dump code in the LAMP server?

- by primal

Hi, I dont know if this is the right place to ask this question. But as time is limited and here I have always got the right answers I am asking it away. I want to setup a login page on a local server so as to communicate with it via android. As time permits, I googled and found out the necessary php script and mySQL code needed for the same. I don't know where to add these code in the local server and connect them. :( (This is mainly for testing purpose as we would develop a website in Django latter on.) Any help would be much appreciated..

Read the article
google oauth doesn't redirect to callback after authorization

- by dstywho

I can't seem to get google to redirect to the callback url after obtaining the auth token. By redirecting the user to the following url, the user can click grant or deny access. After that the user clicks on one of the choices, the user is not redirected back to the callback url. https://www.google.com/accounts/OAuthAuthorizeToken?oauth_token=4%2F5ETLZ84rGmRxE_yx0b-_IFDReUxe&oauth_callback=http://blahblahblah.com/user_sessions/create&oauth_version=1.0&hd=default I'm wondering if anyone knows what the problem might be. Also does google require I use something like openssl.

Read the article
Rails: restful authentication setup help

- by SuperString

Hi I downloaded the plugin from http://github.com/techweenie/restful-authentication.git Then I run rails generate plugin authenticated user session This is the result I got: create vendor/plugins/authenticated create vendor/plugins/authenticated/MIT-LICENSE create vendor/plugins/authenticated/README create vendor/plugins/authenticated/Rakefile create vendor/plugins/authenticated/init.rb create vendor/plugins/authenticated/install.rb create vendor/plugins/authenticated/uninstall.rb create vendor/plugins/authenticated/lib create vendor/plugins/authenticated/lib/authenticated.rb invoke test_unit inside vendor/plugins/authenticated create test create test/authenticated_test.rb create test/test_helper.rb Then I tried to do rake db:migrate But I got error that says rake tasks in restful-authentication/tasks/auth.rake are deprecated. Use lib/tasks instead. I am new to rails, tried looking online but things seem to be outdated. Please help!

Read the article
Oracle Application Server 10.1.3.5 Security issue.

- by Marius Bogdan IONESCU

Hello! we are tying to port a J2EE app from OAS 9.0.4 (working perfectly) on OAS 10.1.3.5 the reson we do that is because we need the app compiled with java 1.5 and OAS 10.1.3.5 would be the single major version supporting that binaries which has oc4j/orion kernel. The issue is that the security constraints in matter of user/group/role are not read by the app server, and instead of asking for these sets of users, i have to use the oc4jadmin instead the selected users for auth. All xml files needed for describing these sets of rules are being checked with the OAS book, and it seems they are correctly filled in... anybody has an idea about this?

Read the article
With VIM, use both snipMate and pydiction together (share the <tab> key?)

- by thornomad

I am trying to use snipMate and pydiction in vim together - however, both use the <tab> key to perform their genius-auto-completion-snippet-rendering-goodness-that-I-so-desire. When pydiction is installed, snipMate stops working. I assume its because they can't both own the <tab> key. How can I get them to work together? I wouldn't mind mapping one of them to a different key, but I am not really sure how to do this ... (maybe pydiction to the <ctrl-n> key so it mimics vim's autocomplete?). Here is the relevant .vimrc: filetype indent plugin on autocmd FileType python set ft=python.django autocmd FileType html set ft=html.django_template let g:pydiction_location = '~/.vim/ftplugin/pydiction-1.2/complete-dict'

Read the article
Application Buddy Lists and Authentication - How does it all go together

- by Krevin

This is a broad but specific question. The idea is that we want to tie in a 'buddy' functionality to a communications app. Very broadly, I believe that the application clients would connect to a central database/auth service which would provide the buddy data and then allow client apps to connect directly to eachother, without passing communications through the server. Specifically, however, what solutions, software, products, servers, technologies, etc would be best to implement to handle such a task? Thanks for reading and responses are much appreciated. //edit: the com app may run on a linux distro, may be web based, or both

Read the article
Learning JavaScript... Should I skip straight to the good stuff (the frameworks)?

- by Grogs

I learnt HTML/CSS a good few years back, then PHP a little later. I've recently become interesting in web development again, just started playing with frameworks like Django and RoR. I'm curious as to how much time/effort I should spend learning straight JS before looking at frameworks. I've been reading through a let of articles called Mastering AJAX by Brett McLaughlin which seems quite good, but I'm seeing a lot of stuff (such as cross browser compatibility - even for things like XMLHttpRequest) coming up which look like they would be non-issues if using a framework. So, should I keep reading through these articles and try to build stuff using basic JS, or should I just start looking into jQuery and the like? Also, I've been watching a few videos regarding GWT from Google I/O. I've been learning Java over the last year, built a few medium sized apps in it. I'm wondering if GWT is something that's worth going straight to, along with gQuery?

Read the article
simply way to add another webapp framework to my project.

- by zjm1126

one webapp project has many url and i have to change this: ('/addTopic', AddTopic), ('/delTopic', DeleteTopic), ('/addPost', AddPost), ('/delPost', DeletePost), to this: ('/tribes/addTopic', AddTopic), ('/tribes/delTopic', DeleteTopic), ('/tribes/addPost', AddPost), ('/tribes/delPost', DeletePost), but ,if i add this to my project ,i have to change the url in every py file or html file , in django it can be this : urlpatterns = patterns('', (r'^articles/2003/$', 'news.views.special_case_2003')), ) it is easy to add the url of 'news' to my peoject, but does webapp has this ? thanks updated: (1) my main page url is : ('/', MainPage), ('/sign', Guestbook), (2) the url of a webapp project that i want to add is : ('/', MainPage), ('/logout', LogoutPage), ('/login_response', LoginHandler), and i want to change (1) to this: ('/', MainPage), ('/sign', Guestbook), ('/aa/', p2.MainPage), ('/aa/logout', p2.LogoutPage), ('/aa/login_response', p2.LoginHandler), so i have to change so many url like / to /aa/ , or change /logout to /aa/logout in py file and html file , that is a hard work so any simple way to do this ?

Read the article
Replay attacks for HTTPS requests

- by MatthewMartin

Let's say a security tester uses a proxy, say Fiddler, and records an HTTPS request using the administrator's credentials-- on replay of the entire request (including session and auth cookies) the security tester is able to succesfully (re)record transactions. The claim is that this is a sign of a CSRF vulnerability. What would a malicious user have to do to intercept the HTTPS request and replay it? It this a task for script kiddies, well funded military hacking teams or time-traveling-alien technology? Is it really so easy to record the SSL sessions of users and replay them before the tickets expire? No code in the application currently does anything interesting on HTTP GET, so AFAIK, tricking the admin into clicking a link or loading a image with a malicious URL isn't an issue.

Read the article
Is Eclipse Remote System Explorer broken on Windows?

- by Kev

I have the following setup on Windows 7 Ultimate x64: Eclipse Indigo 2.7.2 (Build: M20120208-0800) Remote System Explorer 3.3.2 (see screenshot) (Oracle/Sun) Java 1.6 Update 31 (x86) Despite all my best efforts I am unable to connect to a remote system (a Centos 5.6 server on my local LAN) using a Remote System Explorer SSH connection - I've tried both password authentication and using my SSH private key. Here is a screenshot of both the Eclipse error dialogue and what is logged in my /var/log/secure log file: /var/log/secure: Apr 1 12:00:21 nagios sshd[6176]: Received disconnect from 172.16.3.88: 3: com.jcraft.jsch.JSchException: Auth fail When I connect for the first time I do get prompted to verify the authenticity of the remote host and the RSA key fingerprint. But that's as far as things go. Performing the same operation with the same credentials on my Fedora Core 16 box (also running the same version of Eclipse and Java) to the same server is successful. This leads me to believe that RSE SSH support on Windows is either broken or there's some piece of the SSH-on-Windows puzzle I'm missing. Is this the case?

Read the article
Flex: Result event given multiple times

- by Tom

Hello everybody!! I am trying to learn Flex and now i have the next code: http://pastebin.com/rZwxF7w1 This code is for my login component. I want to get a special string for encrypting my password. This string is given by my authservice. But when i login i get a multiple times a alert with Done(line 69 in the pastebin code or line 4 in the code on the bottom of this question). But i want that it shows one single time. Does someone know what is wrong with this code? Tom protected function tryLogin():void { encryptStringResult.addEventListener('result', function(event:ResultEvent):void { var encryptString:String = event.result.toString(); Alert.show('Done'); }); encryptStringResult.token = auth.getEncryptString(); }

Read the article
Authenticating wcf service

- by Muhammad Jamal Shaikh

hi , i want to implement a web service which is both in java and .net.but i will first create a wcf service and later convert the code to java . for securing the webservice , i have this in my mind. i shall be implementing asp.net form authentication type of stuff . i intent to sent a token to the client on providing valid userID and password to the login method. in return i would send a token. on all other service operations i shall check the token . Now i have a wcf client and a wcf service . what should be the shortest way forward ?should i use soap auth header to send the user ID and password and how should the token be transported ( in which field ? http or soap's ?) . P.S: of course i shall enable ssl later.

Read the article
Are there Python ORMs out there that support multiple independent databases concurrently in use?

- by sdt

I'm writing an application in Python where I wish to use sqlite as the backing store for documents edited by the app, with documents generally living in memory, but being saved to disk-based databases when the application saves. Ideally I'd like to use something like an ORM to make access to the data from my Python application code simple. Unfortunately it seems like the majority of Python ORMs, including SQLAlchemy, SQLObject, Django, and Storm, associate the database connection (or engine or whatever) with the classes representing table data, rather than instances of those classes. This restricts these ORMs to working with a single database connection across all instances. Since I'd like to support having multiple documents open simultaneously, this isn't going to work for me. Are there any ORMs out there that support this usage model in Python? Bazaar seems to support this, but it's quite out of date, and at first glance appears to have some other shortcomings. Thanks for any suggestions!

Read the article
To keep my own versioned app or not.

- by Esteban Feldman

Hi all. I need some opinions here. I'm working on a Django project using buildout to get the dependencies, etc... I use mercurial as DVCS. Now... I need to customize one of the dependencies, so I can do one of the following: (* The changes may not be useful for everyone else.) 1- Do a fork of the project in (github, bitbucket, etc...) maintain my version, and get the dependency with (mercurial or git) recipe. 2- Clone the project, put it in the PYTHONPATH, erase DVCS dirs and add it to my projects version. So every change will be private. Here I need to erase all the info from their DVCS or something. Any other you can think of. I'm missing something? I'm too off? Thanks!

Read the article
Storing year/make/model in a database?

- by Mark

Here's what I'm thinking (excuse the Django format): class VehicleMake(Model): name = CharField(max_length=50) class VehicleModel(Model): make = ForeignKey(VehicleMake) name = CharField(max_length=50) class VehicleYear(Model): model = ForeignKey(VehicleModel) year = PositiveIntegerField() This is going to be used in those contingent drop-down select boxes, which would visually be laid out like [- Year -][- Make -][- Model -]. So, to query the data I need I would first have to select all distinct years from the years table, sorted descending. Then I'd find all the vehicle makes that have produced a model in that year. And then all the models by that make in that year. Is this a good way to do it, or should I re-arrange the foreign keys somehow? Or use a many-to-many table for the years/models so that no year is repeated?

Read the article
Single SignOn - Best practice

- by halfdan

Hi Guys, I need to build a scalable single sign-on mechanism for multiple sites. Scenario: Central web application to register/manage account (Server in Europe) Several web applications that need to authenticate against my user database (Servers in US/Europe/Pacific region) I am using MySQL as database backend. The options I came up with are either replicating the user database across all servers (data security?) or allowing the servers to directly connect to my MySQL instance by explicitly allowing connections from their IPs in my.cnf (high load? single point of failure?). What would be the best way to provide a scalable and low-latency single sign-on for all web applications? In terms of data security would it be a good idea to replicate the user database across all web applications? Note: All web applications provide an API which users can use to embed widgets into their own websites. These widgets work through a token auth mechanism which will again need to authenticate against my user database.

Read the article
Single SingOn - Best practice

- by halfdan

Hi Guys, I need to build a scalable single sign-on mechanism for multiple sites. Scenario: Central web application to register/manage account (Server in Europe) Several web applications that need to authenticate against my user database (Servers in US/Europe/Pacific region) I am using MySQL as database backend. The options I came up with are either replicating the user database across all servers (data security?) or allowing the servers to directly connect to my MySQL instance by explicitly allowing connections from their IPs in my.cnf (high load? single point of failure?). What would be the best way to provide a scalable and low-latency single sign-on for all web applications? In terms of data security would it be a good idea to replicate the user database across all web applications? Note: All web applications provide an API which users can use to embed widgets into their own websites. These widgets work through a token auth mechanism which will again need to authenticate against my user database.

Read the article
correct approach to store in database

- by John

I'm developing an online website (using Django and Mysql). I have a Tests table and User table. I have 50 tests within the table and each user completes them at their own pace. How do I store the status of the tests in my DB? One idea that came to my mind is to create an additional column in User table. That column containing testid's separated by comma or any other delimiter. userid | username | testscompleted 1 john 1, 5, 34 2 tom 1, 10, 23, 25 Another idea was to create a seperate table to store userid and testid. So, I'll have only 2 columns but thousands of rows (no of tests * no of users) and they will always continue to increase. userid | testid 1 1 1 5 2 1 1 34 2 10

Read the article
What is a Web Framework ? How does it compare with LAMP

- by Nishant

I started web development in LAMP/WAMP and it was logical to me . There is a Web Server program called Apache which does the networking part of setting up a service on port 80 ( common port ) . If the request is regular HTML it uses the HTTP headers to transport files .And if the request for the file is a PHP one , it has a mod_php with which Apache invokes the PHP interpreter to process the file and it gives back HTML which is again transferred as usual HTML . Now the question is what is a Web Framework ? I came across Python based website creation and there is Flask . What is a flask , how does it compare with LAMP . Further are DJango / Ruby on Rails different from flask ? Can someone answer me and also give some good places to read on these .Thanks for your answers in advance . Further is things like LAMP slower than the common FRAMEWORKS because they claimn easy deplyment fo web apps .

Read the article
Multiple classes in a Python module

- by ralphL

I'm very new to Python (I'm coming from a JAVA background) and I'm wondering if anyone could help me with some of the Python standards. Is it a normal or "proper" practice to put multiple class in a module? I have been working with Django and started with the tutorials and they place their database model classes in the same module. Is this something that is normally done or should I stick with 1 class per module? Is their a reason I would do one over the other? Hope I'm being clear and not to generic. Thanks to everyone in advance!

Read the article

< Previous Page | 192 193 194 195 196 197 198 199 200 201 202 203 | Next Page >