Search Results

Search found 92246 results on 3690 pages for 'user authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 211/3690 | < Previous Page | 207 208 209 210 211 212 213 214 215 216 217 218  | Next Page >

  • Does someone have used Network Emulator API exposed in VS 2010

    - by Pritam
    Hi, I have seen VS2010 exposing Network Emulator API. I have installed it and trying to use this API, but not able detect whether it is really running with this code or not. Sometime I have given wrong profile name but it does not throw any error. Please find below my piece of code. If some one have used it please help me. IntPtr m_emulatorHandle = IntPtr.Zero; NetworkEmulationApi.LoadProfile(m_emulatorHandle, "300KB_WithLatency.xml"); NetworkEmulationApi.StartEmulation(m_emulatorHandle); Thanks, Pritam

    Read the article

  • OAuth2 Flow for Mobile Devices

    - by Bart Jedrocha
    We're currently working on an API that will be consumed by a variety of different devices. We want to use the OAuth2 spec as it defines several flows which were not available in the original OAuth spec. My question is, what flow would work best for a mobile device such as the iPhone or iPad? What flow does an application like TweetDeck use? Looking around the web it seems clients like TweetDeck use the 'Username and Password Credentials Flow" (browserless token exchange). Can anyone provide more information on this topic?

    Read the article

  • Rails 3 Authenticity Token

    - by matsko
    Does anyone know how the authenticity token is managed in rails 3? With all the unobtrusive javascript rails 3 articles showing how the html5 data attributes are used I don't see the authenticity token anywhere.

    Read the article

  • Bundler http auth support

    - by brad
    does anyone know if Bundler supports http auth? I'm pretty sure rubygems does (I think i read that somewhere) but I don't see anywhere in the docs where I might specify a username/pwd for a particular repo I'm trying to run my own private gem server so as not to expose sensitive code

    Read the article

  • How to transfer url parameters to repoze custom predicate checkers

    - by user281521
    I would like to create a repoze custom predicate checker that is capable to access url parameters and validate something. But I would like to use allow_only to set this permission checker in all the controller's scope. Something like: class MyController(BaseController): allow_only = All(not_anonymous(msg=l_(u'You must be logged on')), my_custom_predicate(msg=l_(u'something wrong'))) def index(self, **kw): return dict() then, my_custom_predicate should check the url paramters for every request in every MyController method, and do whatever it do. The problem is just that: how to allow my_custom_predicate to check the url parameters, using it in that way I wrote above.

    Read the article

  • How can I validate/secure/authenticate a JavaScript-based POST request?

    - by Bungle
    A product I'm helping to develop will basically work like this: A Web publisher creates a new page on their site that includes a <script> from our server. When a visitor reaches that new page, that <script> gathers the text content of the page and sends it to our server via a POST request (cross-domain, using a <form> inside of an <iframe>). Our server processes the text content and returns a response (via JSONP) that includes an HTML fragment listing links to related content around the Web. This response is cached and served to subsequent visitors until we receive another POST request with text content from the same URL, at which point we regenerate a "fresh" response. These POSTs only happen when our cached TTL expires, at which point the server signifies that and prompts the <script> on the page to gather and POST the text content again. The problem is that this system seems inherently insecure. In theory, anyone could spoof the HTTP POST request (including the referer header, so we couldn't just check for that) that sends a page's content to our server. This could include any text content, which we would then use to generate the related content links for that page. The primary difficulty in making this secure is that our JavaScript is publicly visible. We can't use any kind of private key or other cryptic identifier or pattern because that won't be secret. Ideally, we need a method that somehow verifies that a POST request corresponding to a particular Web page is authentic. We can't just scrape the Web page and compare the content with what's been POSTed, since the purpose of having JavaScript submit the content is that it may be behind a login system. Any ideas? I hope I've explained the problem well enough. Thanks in advance for any suggestions.

    Read the article

  • How to retreive SID's byte array

    - by rursw1
    Hello experts, How can I convert a PSID type into a byte array that contains the byte value of the SID? Something like: PSID pSid; byte sidBytes[68];//Max. length of SID in bytes is 68 if(GetAccountSid( NULL, // default lookup logic AccountName,// account to obtain SID &pSid // buffer to allocate to contain resultant SID ) { ConvertPSIDToByteArray(pSid, sidBytes); } --how should I write the function ConvertPSIDToByteArray? Thank you!

    Read the article

  • FormsAuthentication.SetAuthCookie

    - by Miral
    hi we are using FormsAuthentication.SetAuthCookie(profile.Id, false); Now the question is when does this cookie expires? It ofcourse expires once i close all the browsers but it doesn't i keep the browser open and i dont know the timelimit.

    Read the article

  • how to decrypt a string

    - by Avinash
    Hi, How to restore the value of a string after using FormsAuthentication.HashPasswordForStoringInConfigFile() i have a string s1 = "abc" then FormsAuthentication.HashPasswordForStoringInConfigFile(s1, "SHA1") = A9993E364706816ABA3E25717850C26C9CD0D89D How can i decrypt "A9993E364706816ABA3E25717850C26C9CD0D89D" back to "abc"??

    Read the article

  • Calling https process from ASP Net

    - by David M
    I have an ASP NET web server application that calls another process running on the same box that creates a pdf file and returns it. The second process requires a secure connection via SSL. The second process has issued my ASP NET application with a digital certificate but I still cannot authenticate, getting a 403 error. The code is a little hard to show but here's a simplified method ... X509Certificate cert = X509Certificate.CreateFromCertFile("path\to\cert.cer"); string URL = "https://urltoservice?params=value"; HttpWebRequest req = HttpWebRequest.Create(URL) as HttpWebRequest; req.ClientCertificates.Add(cert); req.Credentials = CredentialCache.DefaultCredentials; req.PreAuthenticate = true; /// error happens here WebResponse resp = req.GetResponse(); Stream input = resp.GetResponseStream(); The error text is "The remote server returned an error: (403) Forbidden." Any pointers are welcome.

    Read the article

  • Rails creating a new session every page view

    - by danhere
    Hi everyone, I'm following the Agile RoR book somewhat to apply it to a project for school. It's going good until I get to sessions. I continually get Authenticity Invalid Tokens and when I look at my sessions table in the database, there's a new session being created every time I refresh the page. Is that right or is something messed up? Thanks.

    Read the article

  • Is it inmoral to put a captcha on a login form?

    - by azkotoki
    In a recent project I put a captcha test on a login form, in order to stop possible brute force attacks. The inmediate reaction of other coworkers was a request to remove it, saying that it was innapropiate for that purpose, and that it was quite exotic to see a captcha in that place. I've seen captcha images on signup, contact, password recovery forms, etc. So I personally don't see innapropiate to put a captcha also on a place like that. Well, it obviously burns down usability a little bit, but it's a matter of time and getting used to it. With the lack of a captcha test, one would have to put some sort of blacklist / account locking mechanism, which also has some drawbacks. Is it a good choice for you? Am I getting somewhat captcha-aholic and need some sort of group therapy? Thanks in advance.

    Read the article

  • Installing PostgreSQL on Windows

    - by Ross
    I'm in a bit of a mess here. I installed PostgreSQL on my Vista computer a couple of days ago but then when asked to enter the password for the postgre user account I couldn't remember it (allegedly I was asked during setup but I don't remember that). Anyway, so I uninstalled Pg with the intention of reinstalling it, removed the user account, it's /Users/ directory and it's special privelleges ("Advanced user profile properties") but when I come to install Pg it seems to think the account still exists as when I supply a password during setup it says that it is not the correct password - meaning that the account still exists somewhere. Is there anyway I can recover this?

    Read the article

  • Flex URLRequest and .NET authorization

    - by user252160
    can I make role based authorization when sending requests to an ASP.NET MVC backend system. I am calling action methods and expecting JSON results, however, some action methods are decorated with the [Authorize] attribute, others require some role privileges to be present. I certainly hope that passing authorization data with every request is possible

    Read the article

  • mod_rewrite with location-based ACL in apache?

    - by Alexey
    Hi. There is a CGI-script that provides some API for our customers. Call syntax is: script.cgi?module=<str>&func=<str>[&other-options] The task is to make different authentiction rules for different modules. Optionally, it will be great to have nice URLs. My config: <VirtualHost *:80> DocumentRoot /var/www/example ServerName example.com # Global policy is to deny all <Location /> Order deny,allow Deny from all </Location> # doesn't work :( <Location /api/foo> Order deny,allow Deny from all Allow from 127.0.0.1 </Location> RewriteEngine On # The only allowed type of requests: RewriteRule /api/(.+?)/(.+) /cgi-bin/api.cgi?module=$1&func=$2 [PT] # All others are forbidden: RewriteRule /(.*) - [F] RewriteLog /var/log/apache2/rewrite.log RewriteLogLevel 5 ScriptAlias /cgi-bin /var/www/example <Directory /var/www/example> Options -Indexes AddHandler cgi-script .cgi </Directory> </VirtualHost> Well, I know that problem is order of processing that directives. <Location>s will be processed after mod_rewrite has done its work. But I believe there is a way to change it. :) Using of standard Order deny,allow + Allow from <something> directives is preferable because it's commonly used in other places like this. Thank you for your attention. :)

    Read the article

  • Did anyone have this issue with a simple Facebook app or know how to solve it?

    - by Jian Lin
    I have a really simple few lines of Facebook app, using the new Facebook API: <pre> <?php require 'facebook.php'; // Create our Application instance. $facebook = new Facebook(array( 'appId' => '117676584930569', 'secret' => '**********', // hidden here on the post... 'cookie' => true, )); var_dump($facebook); ?> but it is giving me the following output: http://apps.facebook.com/woolaladev/i2.php would give out object(Facebook)#1 (6) { ["appId:protected"]=> string(15) "117676584930569" ["apiSecret:protected"]=> string(32) "**********" <--- just hidden on this post ["session:protected"]=> NULL ["sessionLoaded:protected"]=> bool(false) ["cookieSupport:protected"]=> bool(true) ["baseDomain:protected"]=> string(0) "" } Session is NULL for some reason, but I am logged in and can access my home and profile and run other apps on Facebook (to see that I am logged on). I am following the sample on: http://github.com/facebook/php-sdk/blob/master/examples/example.php http://github.com/facebook/php-sdk/blob/master/src/facebook.php (download using raw URL: wget http://github.com/facebook/php-sdk/raw/master/src/facebook.php ) Trying on both hosting companies at dreamhost.com and netfirms.com, and the results are the same.

    Read the article

  • How to share the credentials between Webform and Winform?

    - by Daniel
    Hi! Question: I want to make a login form at the Clickonce deployment webpage, and only allow the authenticated users to download the application. and I want the downloaded application to use the same credentials entered at the webpage, without prompting the users to enter the credentials again. Details: I have an application(Windows Client) which needs customized settings for different users. the application is deployed through ClickOnce. Currently, the users are given the ClickOnce webpage URL, then download the application from there. after download and running the application, the application prompts users with a login form. If their credentials are authenticated, the application loads the customized settings from the server's database according to the credentials given. The problem is, any unauthenticated users can download the application if they just know the ClickOnce deployement webpage's URL. Unauthenticated users won't be able to run the application anyways, because the application asks for credentials when started, but I want to prevent the unauthenticated users from downloading the application at all. Am I asking the wrong question maybe? Your help is much appreciated!

    Read the article

  • Restrict access to a specific URL, running on IIS7 / ASP.NET

    - by frankadelic
    I am deploying a public ASP.NET website on an IIS7 web farm. The application runs on 3 web servers and is behind a firewall. We want to create a single page on the website that is accessible only to internal users. It is primarily used for diagnostics, trigger cache expiry, etc. /admin/somepage.aspx What is the best way to control access to this page? We need to: Prevent all external (public) users from accessing the URL. Permit specific internal users to access the page, only from certain IPs or networks. Should this access control be done at the (a) network level, (b) application level, etc.?

    Read the article

  • What is the best way to get support from microsoft developers [closed]

    - by Malcolm Frexner
    I have a problem at my production web, that I am not able to solve. I am not able to reproduce the problem in stage or development. It only appears when the website is under heavy load. I think it is solvable if somebody who has a very good understanding of the internals of FormsAuthentication would have a look at it by logging into our system. It should be at least Scottgu! Somebody told me that Microsoft Premier Support is a good choice for this kind of problems. We have no MSDN subscription or other connection to microsoft that enables us to use MPS. Is there a way to get support on a incident base? Are there other ways to get this kind of support? EDIT Here is the problem itself: http://stackoverflow.com/questions/2448720/different-users-get-the-same-cookie-value-in-aspxanonymous

    Read the article

  • simple authorisation in web api

    - by monthon1
    I want to make nice and clean api; I'm making site and I want to offer the ability to mobile apps use web API of my site. I don't want to use oAuth, becouse the mobile and embedded applications that are facing the biggest hurdle, as they may not be able to bring up and/or control the web browser. Also its a little complicate. I know, that HTTP basic authorisation is not safe, but it's so simple... I want to use it in my api. I have somee users logins and their passwords (md5-encoded) in mysql base, but how to use those data in this HTTP basic authorisation?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 207 208 209 210 211 212 213 214 215 216 217 218  | Next Page >