Search Results

Search found 15558 results on 623 pages for 'basic authentication'.

Page 336/623 | < Previous Page | 332 333 334 335 336 337 338 339 340 341 342 343 | Next Page >

Retrieve web user's Identity outside of request scope

- by Kendrick

I have an ASP.NET app that logs Audit reports using nHibernate's IPreUpdateListener. In order to set the current user in the Listener events, I was using System.Security.Principal.WindowsIdentity.GetCurrent(). This works fine when debugging on my machine, but when I move it to the staging server, I'm getting the ASP.NET process credentials, not the requesting user. In the ASP.NET page, I can use Request.LogonUserIdentity (which works fine since I'm using integrated authentication), but how do I reference this user directly without having to pass it directly to my event? I don't want to have to pass this info through the pipeline because it really doesn't belong in the intermediate events/calls.

Read the article
Secure way to backup MySQL databases?

- by user203538

What is the best/secure way to backup a mysql database on windows server (2008)? I have "MySQL Administrator" but that requires that you save passwords for backup project. I'm not keen on doing as anyone gaining access to the server would then have easy access to the database. Can you do anything similar to SQL Server like using Windows authentication. If not what is the most secure (and practical) way of backups. Lastly, what are the privileges needed to backup a database? I have created a single user just for this task. Please advise.

Read the article
How to Synchronize Session / Security between ASP.NET and Tomcat?

- by Jay Stevens

I have an Asp.NET 3.5 application with security/authentication. I have a second application (built using GWT and running on Windows Tomcat) running on a different machine. I need to make the second application available to the user via a link generated from the .NET application. This part is easy, I have constructed the link in the asp.net page and the user can click on it to start working in the GWT/Tomcat session. My question is this... How do I set it up so that the Tomcat/GWT application is Only Accessible via the link in my asp.NET application? I don't want the user to be able to copy the link from my asp.net page and then share that with someone else who is not authenticated within my asp.net application.

Read the article
Login form to an a secured app in tomcat

- by patricio

I have a normal HTML page in a normal Apache http server (http://yyy.yyy.yyy.yyy/index.html ), with an authentication form, with that form I need to access with the credentials to an application located in other server with diferent IP , that server have a secured application with tomcat: here is the login form in the apache http server: <form method="POST" id="theForm" action="http://xxx.xxx.xxx.xxx:8080/securedapp/j_security_check"> <input name="j_username" type="text" class="tx_form" id="j_username" size="20" /> <input name="j_password" type="password" class="tx_form" id="textfield2" size="20" /> <input name="btn" type="submit" value="login" /> </form> the submit only works random in chrome and dont work in IE and FF. im doing something wrong?

Read the article
Zend Framework Autoloading in 3 modules

- by haohan

I am new to ZF and I am writing in Zend Framework 1.10 . Here is my application directory structure. APPLICATION_PATH` +-configs +-layouts +-modules +-admin ¦ +-controllers ¦ +-forms ¦ +-models ¦ +-views ¦ +-filters ¦ +-helpers ¦ +-scripts ¦ +-authentication ¦ +-cars ¦ +-index +-default +-controllers +-forms ¦ +-admin +-models ¦ +-DbTable +-plugins +-views +-helpers +-scripts +-about +-contact +-error +-index +-insurance +-used-cars I have 3 bootstrap.php files in APPLICATION_PATH, /default/ and /admin, i used AutoLoader to load models and forms $modelLoader = new Zend_Application_Module_Autoloader(array( 'namespace' => '', 'basePath' => APPLICATION_PATH . '/modules/default')); The code above will load all models and forms automatically in modules/default, and now, I have a problem to load forms and models in /modules/admin, Any solutions to solve this problem? How should I name the class name in /modules/admin Thanks.

Read the article
My php project work properly on local server but does not work properly when I put it online on the web server, WHY?

- by Amr Mekkawy

I'm working on a php project.. And I started building the admin login system and have already finished it and it works properly on my machine (local server) where I'm developing the project.. But when I moved it to a (web server) it didn't work properly as it was working on (local server). the problem that showed up is that when the admin get authentication to log in to the admin area, once he clicks any link in the page or even he reloads the page that page disappear and the login page appear again which mean the admin forced to log out even he didn't.

Read the article
Erroneous Matches with Regular Expression

- by Ballsacian1

$regexp = '/(?:<input\stype="hidden"\sname="){1}([a-zA-Z0-9]*)(?:"\svalue="1"\s\/>)/'; $response = '<input type="hidden" name="7d37dddd0eb2c85b8d394ef36b35f54f" value="1" />'; preg_match($regexp, $response, $matches); echo $matches[1]; // Outputs: 7d37dddd0eb2c85b8d394ef36b35f54f So I'm using this regular expression to search for an authentication token on a webpage implementing Joomla in order to preform a scripted login. I've got all this working but am wondering what is wrong with my regular expression as it always returns 2 items. Array ( [0] => [1] => 7d37dddd0eb2c85b8d394ef36b35f54f) Also the name of the input I'm checking for changes every page load both in length and name.

Read the article
can't make svn store password, even though the configuration allows it

- by davka

did everything the book says, i.e. removed the authentication files from .subversion/auth, and explicitly set the relevant config parameters to 'yes' even though this is a default, and yet the shell svn commands ask for password each time. The repository is on cvsdude.com, the client is linux. I also use the subclipse plugin that caches the password ok. I vaguely remember that when I started working with it, the command asked interactively if I wanted to save clear password, and I said no. Can this choice be stored somewhere and take precedence over the configuration? Thanks!

Read the article
Hibernate entities stored as HttpSession attribute values

- by njudge

I'm dealing with a legacy Java application with a large, fairly messy codebase. There's a fairly standard 'User' object that gets stored in the HttpSession between requests, so the servlets do stuff like this at the top: HttpSession session = request.getSession(true); User user = (User)session.getAttribute("User"); The old user authentication layer (which I won't describe; suffice to say, it did not use a database) is being replaced with code mapped to the DB with Hibernate. So 'User' is now a Hibernate entity. My understanding of Hibernate object life cycles is a little fuzzy, but it seems like storing 'User' in the HttpSession now becomes a problem, because it will be retrieved in a different transaction during the next request. What is the right thing to be doing here? Can I just use the Hibernate Session object's update() method to reattach the User instance the next time around? Do I need to?

Read the article
Validation of viewstate MAC failed in Safari

- by Midhat

Hi I have a web app using forms authentication. When I perform the following steps Let the login cookie expire Click on a link that requires a logged in user The user is redirected to the login page Click the browser back button The user is redirected to the login page again Log in using a valid username/password I get this exception Validation of viewstate MAC failed. If this application is hosted by a Web Farm or cluster, ensure that configuration specifies the same validationKey and validation algorithm. AutoGenerate cannot be used in a cluster. This case appears only in safari (windows and mac). The fundamental difference between safari and other browsers is that when we click the back button in step 4, safari shows the login page again, while the other browsers show the previous page the user was working on. Please help in this regard

Read the article
can't make svn store password, even though the configuration is set to allow it

- by davka

did everything the book says, i.e. removed the authentication files from .subversion/auth, and explicitly set the relevant config parameters to 'yes' even though this is a default, and yet the shell svn commands ask for password each time. The repository is on cvsdude.com, the client is linux. I also use the subclipse plugin that caches the password ok. I vaguely remember that when I started working with it, the command asked interactively if I wanted to save clear password, and I said no. Can this choice be stored somewhere and take precedence over the configuration? Thanks!

Read the article
Click once Deployment suddenly does not work. Displays windows login?

- by Raja

Hello All, I am facing a peculiar issue. We use click once deployment for our windows application. It was working fine till last week. I made some changes to the application (just code nothing changed in properties) and suddenly I cannot publish anymore. When we give publish now it displays windows authentication dialog and when we provide the credentials nothing happens. It tries to connect to remote server (local LAN) and shows the dialog again. Any idea why this happens? Thanks for your help.

Read the article
PHP CURL works fine from localhost not from server

- by Joby Joseph

I have 2 servers, srv1 and srv2. All client sites are stored in srv2 and all authentication details are stored in srv1. Each time a client site is loaded, the site in srv2 sends a curl request to srv1 to validate. I am always getting bool(false) when I print the curl response using var_dump. But if I am requesting for validation from my local wamp installation(localhost) it is perfectly returning the response. According to my understanding srv2 is blocking srv1 ip or something like that. Any help or suggestions will be greatly appreciated. The solution is really urgent as all my clients are stuck with invalid authorization message. Edit: Now when i tested curl in srv2 is working fine i think. Because I am able to fetch other websites without any trouble. But I am not able to fetch data from srv1. I can view a page from srv1 through browser url but not through curl.

Read the article
Getting data into MATLAB from HTTPS

- by yuk

Anybody know if it's possible? I'm trying to get the data by using the following code url = 'https://cgwb.nci.nih.gov/cgi-bin/hgTracks'; params = {'org','Human','db','hg18','position','EGFR'}; urltxt = urlread(url,'get',params); but get the error ??? Error using ==> urlread at 111 Error downloading URL. Your network connection may be down or your proxy settings improperly configured. If I substitute https to http, it works, but I get "301 Moved Permanently" page with the above https-link. The link in browser works properly in both cases (redirecting http request). The site does not require any authentication. May be there are other ways than urlread?

Read the article
Displaying objects based on if a user is logged in or not

- by MaxMackie

I'm learning about PHP sessions for user authentication on my website. I know how to restrict the viewing of a complete page using sessions (simply check if the 'uid' session variable is set and if it is, show content, if not redirect to an error). However I'm trying to figure out the best way to selectively show and hide different objects (div, text, images) based on if a user is logged in or not. Is it as simple as checking for the 'uid' session variable and displaying based on if it set or not? Is there a more efficient way of doing this id there are a lot of conditional elements on a page?

Read the article
Oauth2 External Browser Request - App Launches, Credentials received, Browser Not Updated

- by Michael Drozdowski

I'm using an external browser request to authenticate myself with the SoundCloudAPI in OSX. My app launches, and has a button that opens an external browser window to authenticate against SoundCloud. When I click "connect" in the new window, I get a "External Protocol Request" that is consistent with my custom launch URI scheme. Clicking this loads the app, and it gets the correct credentials. The trouble is, the browser window never changes - it simply says that it's connecting forever. There is no "connection confirmed" alert coming from SoundCloud. I know I'm logged in because I can make the correct calls to the API to get things such as my username. Why isn't the browser confirming the connection or dismissing? The same thing happens if I load the authentication in an internal WebView in the app.

Read the article
What are the requirements to consider someone as a Software Engineer? Is it just a job title? [close

- by mike

I am employed as a Software Engineer with a background in C# and .NET. I am trying to interface with an web API. I asked for help because I didn't know to connect to it or handle the results. Someone told me that I shouldn't consider myself a Software Engineer because I didn't know to how to do it. They said the API was well documented, required no authentication, and returned XML that I could easily parse. They said the documentation should be enough to figure out how to use the API. Isn't having a job title of Software Engineer the only consideration for being a Software Engineer?

Read the article
Google App Engine, Java, and HTTP Performance

- by polyclef

A friend and I are currently working on a turn-based game with chat with both desktop browser and Android clients, with Google App Engine as the server. We're using the Java API for GAE and using HTTP for communication with the server. We've implemented simple chat functionality, and we're getting undesirable latencies 1-3 seconds from both the browser and Android clients while just posting simple one-word chat messages. My friend thought it would be best to use XMPP instead of HTTP, but we want to use a Google Accounts cookie for authentication from the Android client, and according to the GAE documentation, XMPP clients cannot use a Google Accounts cookie and must use the user's password. Does anyone have any suggestions as to where the latency might be coming from, how to troubleshoot it, and/or what to do about it? Also, is anyone aware of any opensource implementations of chat (or something similar) on GAE done in Java? Can't seem to find any.

Read the article
What would be the best approach for this?

- by chobo

I have a site which has an area that requires authentication. Right now I use the roles attribute on all the controllers in that area, and I run a query to retrieve that users ID, and all their settings. It seems like a code or design smell to me that I am retrieving the userid and settings each time a controller in that area loads up? I'm not sure if I should be using sessions, or if ASP.Net MVC 2.0 provides some unique way to handle this. Another concern is security. Overall, I don't really know which way to turn. Design wise I would like the userId and settings retrieved only once when the user logs into the area. Right now I grab the userId each time a controller loads up, and then if required, I query the database for their settings each time as well.

Read the article
Build common interface for two applications(one is in .asp, other in java)

- by govardhan

We have two applications. One application in .asp and second application in java. we want to build interface for universal authentication, so that one can access the other application once signed into one application. Both applications are using SQL database, but one is written in .ASP hosted on Windows server while the other is in JAVA hosted on a Linux server. The applications are currently resided on two different servers. requirements: 1)The end user are most likely to access the applications through .ASP first, then reach the 2nd application more like "back office" management system. 2)he JAVA application currently works well with IE web browser, but not very smooth with other browsers such as Firefox. Would like to make the application to be more compatible with other browsers. Please help me, its very important to me. Thanks in advance!

Read the article
devise forgot password function not working when creating own user controller?

- by ragupathi

I use devise for authentication and i have created a user controller and specified as shown below in my routes which lets me to create users,edit and delete users, devise_for :users do resources :users, :only => [:index, :new, :create, :edit, :update, :destroy] end but i cannot able to make the forgot password functionality work using this but in case i specify as devise_for :users then i can able to use the forgot password function that comes with devise and i could not able to create , edit or delete when i specify like this. So how can i make both to work ? please help me

Read the article
SharePoint Returning a 401.1 for a Specific User/Computer

- by Joe Gennari

We have a SharePoint Services 3.0 site set up supporting about 300 users right now. This report is isolated and has never been duplicated. We have one AD user who cannot log into the SharePoint site with his account from his machine and is subsequently returned a 401.1 error. If any other user tries to log on with their account from his machine, it works okay. If he moves to another machine and logs on, it works okay. The only solution to this point has been to install FireFox on the machine. When he authenticates with FF, everything is okay. Remedies tried so far: Cleared cookies/cache Turned off/on Integrated Windows Authentication in IE Downgraded IE 8 to IE 6 Removed site from Intranet Sites zone Renamed the machine Disjoined/Rejoined Domain

Read the article
Sharepoint Web performance optimization

- by hertzel

We are running on SSL on following server topology: 1 ISA (SSL Terminate/cache/proxy+AD authentication) 1 Sharepoint 1 IBM DB2 Database as enterprise/corporate DB 1 MS SQL Server as local DB We have recently optimized the caching, compression, minification, and other ASP.net best practices such as viewstate and cookie sizes, minimizing round trips, parallel connections/domain sharding and a lot more.... Now we are not convinced that the we are in an optimized position as the network resources i.e. bandwidth and especially latency are out of our control!! The client/browser to server/sharepoint is trans-Atlantic i.e. (ASIA, USA, EUROPE). As of my understanding the only ways to improve the network (latency) are: - TCP/SSL optimization - hardware/software? - CDNs - cloud or our own ? Your opinion and insights would be much appreciated Best regards Hertzel

Read the article
How to ensure consistency of enums in Java serialization?

- by Uri

When I serialize an object, I can use the serialVersionUID mechanism at the class level to ensure the compatibility of the two types. However, what happens when I serialize fields of enum values? Is there a way to ensure that the enum type has not been manipulated between serialization and deserialization? Suppose that I have an enum like OperationResult {SUCCESS, FAIL}, and a field called "result" in an object that is being serialized. How do I ensure, when the object is deserialized, that result is still correct even if someone maliciously reversed the two? (Suppose the enum is declared elsewhere as a static enum) I am wondering out of curiosity - I use jar-level authentication to prevent manipulation.

Read the article
cannot render json without login. What should i do?

- by logesh

I am new to rails and i am trying few examples. I have login page using devise authentication and i have one more page where user can store their details, view, edit and delete the details. It is displayed in html format, once login is done. I want to produce json for iPhone so if i call as localhost:3000/posts/1.json it does not show json but after login i can see the json. so how shoud i do this? Pls help me.

Read the article

< Previous Page | 332 333 334 335 336 337 338 339 340 341 342 343 | Next Page >