Search Results

Search found 92246 results on 3690 pages for 'user authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 212/3690 | < Previous Page | 208 209 210 211 212 213 214 215 216 217 218 219  | Next Page >

  • IIS7 integrated mode closing token between requests

    - by user607287
    We are migrating to IIS7 integrated mode and have come across an issue. We authenticate using WindowsAuthentication but then store a reference to the WindowsPrincipal so that on future requests we can authorize as needed against AD. In IIS 7 Integrated mode, the token is being closed (between requests) so that when we try to run IsInRole it generates a disposed exception. Is there a way to cache this token or change our use of WindowsPrincipal so that we don't need to make successive AD requests to get it for each authorization request? Here is the exception being thrown from WindowsPrincipal.IsInRole("") - System.ObjectDisposedException: {"Safe handle has been closed"} Thanks.

    Read the article

  • Create an own "OpenID-like system" Provider

    - by user502052
    I know that Facebook use their own OpenID-like system called "Facebook connect", which you can use to authenticate users on your site, among other features. In my case I have multiple Ruby on Rails applications: users.example.com profiles.example.com photos.example.com ... I would like to use 'users.example.com' as a web service that allows users to authenticate to all my other applications the same way as works "Facebook connect" or OpenID. In few words, 'users.example.com' must works as a "OpenID-like system" for my applications in 'example.com'. Can anyone give me tips and links to some useful resources? P.S.: since I am a newbie in this matter, I do not know if I'm saying things that make sense. So someone could help me to understand (if I am wrong) ...

    Read the article

  • Tmp issues with java service on windows 2008 service

    - by Mans
    Hello! I am having a rather nasty problem with windows 2008 server. We have a java application that is running as a service using the local services user. The problem is this user does not have access to read/write to the specified java tmp directory (specified by the system). This means that every time the application tries to create a tmp file an IOException is thrown. Is there any way to make a java application that need access to the tmp directory run as a service without: Creating a new user specifically for the purspose Specifying a new tmp directory (which you will have to clean up yourself)

    Read the article

  • Can't sign into linkedin when using a QT4 (WebKit-based) browser?

    - by Inshim
    I started using the lightweight QT4 browser for some of the time on my Mac. Most simple websites, and even quite a few AJAX-heavy web apps, work for me flawlessly, including gmail (!) However, with LinkedIn, I can't even manage to sign in. Even when I change the useragent to one of a regular browser, it keeps kicking me out. Any ideas what could be wrong and for some workaround? Thanks!

    Read the article

  • Using web.config directory security and extensionless urls

    - by Matt Brailsford
    Hi Guys, I'd like to use the built in directory security features built into the web.config to restrict access to child pages of a parent page. My structure is as follows: Members Members/News Members/Press Members/Movies Users should be able to have access to the members parent page, but not child pages. My problem is, because I am using extensionless URLs, the web.config thinks this is a directory and so access is blocked. Is there a way to say only restrict access for sub pages?

    Read the article

  • Writing a custom auth system (like the default django auth system), use it to generate tables in DB

    - by dotty
    Hay all, I've been reading up on middleware and how to use it with a context object. I want to write a simple middleware class which i can use on my own applications, it will essentially be a cut down version of the django one. The problem i seem to have is that if i have INSTALLED_APPS = ('django.contrib.my_auth') in the settings file, all is well. I've also added MIDDLEWARE_CLASSES = ('django.contrib.my_auth.middleware.MyAuthMiddleware') in it and everything is fine. My question is, how would i make my middleware automatically generate tables from a models.py module, much like how the django auth does when i run manage.py syncdb? thanks

    Read the article

  • Sending data to a web site over HTTP

    - by sfactor
    i have a program that receives data from a wireless device over bluetooth...i now need to do some operations in the data and then send it to the website (web server!!!) as a .csv file...i also need to authenticate the device itself from it hardware address which is also obtained in the program.i am coding this in gcc linux compiler using C...can anyone tell me how do i go about doing this?

    Read the article

  • twitter basic authorisation not working?

    - by Bunny Rabbit
    URL url = new URL("http://twitter.com/statuses/update.xml"); HttpURLConnection conn = (HttpURLConnection) url.openConnection(); conn.setDoOutput(true); String cridentials = new sun.misc.BASE64Encoder().encode((username + ":" + password).getBytes()); conn.setRequestProperty ("Authorization", "Basic " + cridentials); OutputStreamWriter wr = new OutputStreamWriter(conn.getOutputStream()); wr.write(status); wr.flush(); wr.close(); why the above code for updating twitter status is not working ? i am running it on google app engine.

    Read the article

  • Parameters lost on login form submitted with post in JBoss

    - by Supowski
    My login page contains two forms: one for logging in and one for signing up. Shorten like this: <form name="LoginForm" id="LoginForm" method="post" action="j_security_check" > <input type="text" name="j_username" /> <input type="text" name="j_password" /> <input type="submit" value="Sing In" /> <form> <form name="SignUpForm" id="SignUpForm" method="post" action="/homepage" > <input type="text" name="loginName" /> <input type="password" name="password1" /> <input type="password" name="password2" /> <input type="submit" value="Sing Up" /> <form> I If 'Sing Up', than values of input are lost during processing and not passed into my Servlet. It works fine with GET, but than there is password in URL, so it's not the right solution :) Similar problem has been posted to community.jboss.org, but with no response: http://community.jboss.org/message/7150#7150. I'm using JBoss 4.3eap. Any help?

    Read the article

  • How to implement a Client-side Ajax Login on Asp.Net MVC (A link to the solution for Asp.Net Webform

    - by Matt
    Hi, I'm trying to implement a client-side ajax login on Asp.Net MVC. I used to have this set up just fine on WebForms, but now that I've moved to MVC it's giving me some troubles. If you'd like a tutorial on Client-side Ajax Login for Asp.Net Webforms, it can be found here -- Easy, A++ Now... for some reason it's not working for Asp.Net MVC. I used the exact same tutorial as for the Webforms, except when it executes the ssa.login() (equivalently: Sys.Services.AuthenticationService.login()) it's not doing anything. I have alerts in both the onLoginComplete() function and the onError() function. As well I have an alert before the ssa.login gets called and right after... function loginHandler() { var username = $("#login_UserName").val(); var password = $("#login_Password").val(); var isPersistent = $("#login_RememberMe").attr("checked"); var customInfo = null; var redirectUrl = null; // Log them in. alert("try login"); ssa.login(username, password, isPersistent, customInfo, redirectUrl, onLoginComplete, onError); alert("made it here"); } The first alert fires but the second one doesn't which means the function is failing. Here's the function I pulled from Asp.Net Ajax to show you: function(c, b, a, h, f, d, e, g) { this._invoke(this._get_path(), "Login", false, { userName: c, password: b, createPersistentCookie: a }, Function.createDelegate(this, this._onLoginComplete), Function.createDelegate(this, this._onLoginFailed), [c, b, a, h, f, d, e, g]); } Anyone have any idea of why it's failing?

    Read the article

  • Self Authenticating Links in Django

    - by awolf
    In my web app I would like to be able to email self-authenticating links to users. These links will contain a unique token (uuid). When they click the link the token being present in the query string will be enough to authenticate them and they won't have to enter their username and password. What's the best way to do this?

    Read the article

  • CakePHP ACO based on each entry

    - by Randuin
    I'm trying to make a blogging system but obviously certain users in certain groups should only be able to edit/delete their own posts/comments. How would I go about doing this in CakePHP? I followed the manual's basic Acl guide to setup my current Auth system.

    Read the article

  • Bizarre Bug with our Rails app in IE

    - by Callmeed
    We're experiencing a really bizarre bug in our Rails 2.3.4 app. This bug only happens in Internet Explorer (7 and 8). Here's what happens: A new customer creates an account at https://domain.com/signup/free (notice no subdomain) Their account is identified by a subdomain like "example.domain.com" After signing up, they get a welcome screen with a link to their account's home page They follow the link, then click the "log in" button and attempt to login Even though they provide valid credentials, the app redirects back to their account's root url ... they can never reach their admin area The only way they can login (on IE) is by quitting and re-opening IE ... then it works fine ... Something with their initial session is preventing them from logging in. If it matters, we are using restful_authentication and the ssl_requirement plugin ... I'm not sure if one or both of those has a problem with IE but we are stumped here. Also, I've read IE has an issue with subdomains that contain underscores ... this isn't what's going on.

    Read the article

  • Does mcrypt support asymmetric encryption?

    - by bryanagee
    I want to use asymmetric encryption of headers in RESTful requests to verify the identity of the system sending the request: i e System A encrypts it's name, timestamp, and the service name using it's public key in a request to System B. System B then uses the public key of System A to decrypt, proving the authenticity of the request. 1) Does php-mcrypt support this? 2) Has anyone benchmarked this type of operation?

    Read the article

  • Problem with skipping login validation for authlogic

    - by Andrei
    Hi, I want to use email for signing in, and to allow users to have similar names. One way to do this is to rename login/username field to something different. However, I want to do it just by setting up authlogic. I tried the following acts_as_authentic do |c| c.login_field :email c.validate_login_field false c.validate_email_field true end but it still complains that the login already exists. What must be done to avoid username validation without renaming the field?

    Read the article

  • Theory of Game Interface Design

    - by anon
    Anyone know of a good book on Game Interface Design (not game play mechanics; the actual UI). I'm particular interested in theories of cognition, and how game interfaces are designed to allow the enduser efficient communication with the game (whether it in FPS, RTS, or so on). In a modern game, the amount of information conveyed to the user, the amount of choices the user can make; and the support for the user to make said decisions is simply astounding (think UIs for Starcraft II / WoW). Any insights into this would be greatly appreciated.

    Read the article

  • Restricting access to records. Is claim-based permissions a good idea.

    - by Vitalik
    in .net Claim-based identity framework If i wanted to restrict users to do an operation (view or edit) on let's say an account, a particular account #123456.(i am talking about business entity, like a bank account.) Is it a good idea to create a claim for each account they can view or edit? Any disadvantages of having a lot of claims in a set? a system admin might have access to all accounts in the system thus creating hundreds of claims (maybe more than one for each account)

    Read the article

  • How can I make CAPTCHA work across multiple pages?

    - by jm04469
    Ever visit a website such as myspace where they leverage CAPTCHA to prevent spam? The typical pattern is to present a challenge to each URL that is opened, yet the challenge doesn't actually belong to the page itself which causes additional bandwidth usage. So, if I open up six pages at the same time and want to present a challenge on each page. I want the challenge to be tied to the page and not to the session. How can I make this work with Spring and/or Struts.

    Read the article

  • How does java LoginContext.login() work?

    - by tangens
    I have this code to create a configuration of a java client to connect to a JBoss application server: System.setProperty( "java.security.auth.login.config", "auth.conf" ); LoginContext auth = new LoginContext( "myAuth", new LoginCallbackHandler( username, password ) ); auth.login(); The file auth.conf contains the following lines: myAuth { org.jboss.security.ClientLoginModule required; }; Now, somewhere else in the code (the LoginContext auth isn't known there) I have an EJB that does a initialContext.lookup( jndiName ) and a narrow() to access a Bean on the JBoss application server. This narrow only succeeds if the login information of the first step was correct. Question How does the login information propagate from the LoginContext to the narrow()? I don't see any connection between these two places. And further, how could I do two or more different logins inside of one client?

    Read the article

  • WYSIWYG-editor with "add custom html feature" and secure (validated) html output?

    - by Tom
    I've been looking into some of the WYSIWYG editors (TinyMCE, FCKEditor, etc.) and they all seem to offer a lot of options. However, one vital feature that seems to lack is a simple "add custom html" option which would allow the user to input any of these embed-snippets you find all around the web these days, for example a youtube video. This is different than a "edit html/source" feature as that requires actual knowledge of html and there is the risk of the user writing invalid code. Another issue that I couldn't find much about is the output html. How would I make sure that this output causes no security invulnerabilities? Even when the user has the ability to add his own html? So, basically, is there an open source WYSIWYG editor which covers these 2 features?

    Read the article

  • CouchDB read authorization

    - by mdikici
    In couchdb website - technical overview - security and validation - http://couchdb.apache.org/docs/overview.html - it writes that (on reader access part) "To protect document contents, CouchDB documents can have a reader list. This is an optional list of reader-names allowed to read the document. When a reader list is used, protected documents are only viewable by listed users." I searched about how to use it but i found nothing. So is it actually used and if it is how? Thanks. -- Mustafa

    Read the article

  • Is it immoral to put a captcha on a login form?

    - by azkotoki
    In a recent project I put a captcha test on a login form, in order to stop possible brute force attacks. The immediate reaction of other coworkers was a request to remove it, saying that it was inapropiate for that purpose, and that it was quite exotic to see a captcha in that place. I've seen captcha images on signup, contact, password recovery forms, etc. So I personally don't see inapropiate to put a captcha also on a place like that. Well, it obviously burns down usability a little bit, but it's a matter of time and getting used to it. With the lack of a captcha test, one would have to put some sort of blacklist / account locking mechanism, which also has some drawbacks. Is it a good choice for you? Am I getting somewhat captcha-aholic and need some sort of group therapy? Thanks in advance.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 208 209 210 211 212 213 214 215 216 217 218 219  | Next Page >