Search Results

Search found 5866 results on 235 pages for 'authentication'.

Page 179/235 | < Previous Page | 175 176 177 178 179 180 181 182 183 184 185 186  | Next Page >

• Determine if count of related model > 0

  - by Lowgain

  I have a model called Stem. I need a 'thumbs up' feature, so I have created a second model called Thumb, which consists of stem_id and user_id. I'm also using the restful authentication plugin for user credentials. I have the 'thumbs up' button working, which adds a row to the thumbs table fine, but I'd like to be able to check if the currently logged in user has already given a thumbs up to this particular stem. I tried adding this to the Stem model: def thumbed Thumb.count_by_sql ["SELECT COUNT(*) FROM thumbs WHERE user_id = ? AND stem_id = ?", current_user.id, self.id ] end The problem here is that the stem model has no access to the current_user variable the the controllers have. Is there a way I can get access to this property, or alternatively, is there another way I could go about checking this? I was hoping to get this as a property in the model because the stems are passed over to a Flex app using RubyAMF. Thanks!

  Read the article

• LinkedIn / Twitter / Facebook as OAuth and OpenId use

  - by monkeylee

  Firstly I understand OpenId is for authentication and OAuth is for authorisation and unlike other questions on the site I am not asking which should be used for which but if anyone can advise a solution for my issue. I want to allow users to login to my site via their LinkedIn/Twitter/Facebook account once logged in say via LinkedIn they could also then authorise their Twitter and Facebook account as a optional login method. This would allow the user to authenticate via any of the three but end up with their user account on my site as the end result. I also want to use the authorisation they have provided to get basic user details (profile pic/name etc) and post status updates. I don't want to ask a user to login with their account via openId then have to authorise the same account again via oauth to allow my site to publish to their service feed and have to do this for each of the 3 services. Any ideas or issues to this issue Lee

  Read the article

• AddThis Social SignIn and Django

  - by piokuc

  I am developing a Django website. I've been using django-registration for user registration so far but I would really like to allow users to login to my site using their Facebook, Twitter, Google, etc accounts. I am using addthis sharing buttons. I just noticed they introduced a social sign in solution. The idea seems great, you integrate your authentication system with their service once, and your users can login via all of the popular social networking sites. Has anybody integrated addthis social signin plugin with a django website? How can you use it along side django-registration? Are there any similar, alternative solutions?

  Read the article

• Authenticating wcf service

  - by Muhammad Jamal Shaikh

  hi , i want to implement a web service which is both in java and .net.but i will first create a wcf service and later convert the code to java . for securing the webservice , i have this in my mind. i shall be implementing asp.net form authentication type of stuff . i intent to sent a token to the client on providing valid userID and password to the login method. in return i would send a token. on all other service operations i shall check the token . Now i have a wcf client and a wcf service . what should be the shortest way forward ?should i use soap auth header to send the user ID and password and how should the token be transported ( in which field ? http or soap's ?) . P.S: of course i shall enable ssl later.

  Read the article

• Consume restful webservice through web proxy

  - by Chico

  Hello, I'm trying to consume a restful webservice in java using the Apache Wink framework through my school web proxy requiring authentification ClientConfig clientConfig = new ClientConfig(); clientConfig.proxyHost("proxy.school.com"); clientConfig.proxyPort(3128); //nothing to set username and password :( RestClient client = new RestClient(clientConfig); Resource resource = client.resource("http://vimeo.com/api/v2/artist/videos.xml"); String response = resource.accept("text/plain").get(String.class); I've also tried to use the BasicAuthSecurityHandler but it seems to be used to authenticate directly to a web server, not the web proxy BasicAuthSecurityHandler basicAuthHandler = new BasicAuthSecurityHandler(); basicAuthHandler.setUserName("username"); basicAuthHandler.setPassword("password"); config.handlers(basicAuthHandler); It still fail with a HTTP 407 error code : Proxy Authentication Required. I've googled the best I could, nothing came up better to consume a webservice from a Java client through a web proxy, if someone has another idea, feel free to respond

  Read the article

• Zend_Auth using multiple tables

  - by Christian

  What I'm trying to do is use Zend_Auth for authentication with the issuing being that the 'identity' is stored in a different table then then 'credential.' I'm able to pass an array for the credential and the identity but when it comes to the actual tables I'm not able to get it to accept the array. It ignores the 2nd table name. I was wondering if anyone has ever made this work in this way without extending the Zend_Auth class or if I will need to do so. Thanks in advance.

  Read the article

• How to implement a good system for login/out into a webapp

  - by Brandon Wang

  I am one of the developers at PassPad, a secure password generator and username storage system. We're still working on it, but I have a few questions on the best way to implement a secure login/out system. Right now, what we plan on doing is to have the login system save a cookie with the username and a session key, and that's all that serves as authentication. The server verifies the two to match. Upon login/out a new key is created. This is a security-related webapp and while we don't actually store any information that might make the user queasy, because it is security-oriented it makes it a necessity for us to at least appear secure in a way that the user would be happy with. Is there a better way to implement a login/out system in PHP? Preferably it won't take too much coding time or server resources. Is there anything else I need to implement, like brute-force protection, etc? How would I go about that?

  Read the article

• How to build a RESTful API?

  - by Sharon Haim Pour

  Hi friends, The issue is this: I have a web application that runs on a PHP server. I'd like to build a REST api for it. I did some research and I figured out that REST api uses HTTP methods (GET, POST...) for certain URI's with an authentication key (not necessarily) and the information is presented back as a HTTP response with the info as XML or JSON (I'd rather JSON). My question is: 1. How do I, as the developer of the app, build those URI's? Do I need to write a PHP code at that URI? 2. How do I build the JSON objects to return as a response? I hope I was clear enough. Thanks!

  Read the article

• ODBC Linked server in sql 2005 doesn’t work from remote box

  - by mhj96813

  I have a dev workstation with sql 2005 installed and in it I created a linked server to a odbc connection to a clarion database. I can run select statements against it inside sql Mgt studio. When I take a second workstation and connect to the sql on the first box using sql mgt studio, then try the exact same query I get OLE DB provider "MSDASQL" for linked server "liveclarion" returned message "[SoftVelocity Inc.][TopSpeed ODBC Driver][ISAM]ISAM Table Not Found". Any thoughts? It appears to have the same functionality on a second sql server. No remote sql mgt studio connect success in queries against my linked ODBC clarion DB. All done with windows authentication and the same AD user.

  Read the article

• What should I know to begin Developing Applications with smart card

  - by Muhammad Nour

  I am using .Net 2.0 C# The Reader is ACR83 which can be found hxxp://www.acs.com.hk/index.php?pid=product&id=ACR83 and for the Card it self I am using ACOS3-32 also from the same company hxxp://www.acs.com.hk/index.php?pid=product&id=ACOS3 Also I have a .net wrapping for the local winscard api from the vendor SDK ok, this is my first time developing apps with smart card I need to Know what should I know to begin developing applications using smart card for now I need to use the smart card for authentication in a login process in a simple login form what should I put on the card and how should I read the contents from it also I need to encrypt the contents

  Read the article

• XML and ServerXMLHTTP problem

  - by ZAfrican

  Error Type: msxml3.dll (0x80072F0C) A certificate is required to complete client authentication I am sending an XML file to a remote server putUrl =https://www.myweb.com/test/drhandler.php xml_put = "<?xml version=""1.0""?><subscription id=""" & "14" &"""><status>" &"das" & "</status></subscription>" Public Function SendBatch(xml_put,putUrl) Set xmlhttp = CreateObject("MSXML3.ServerXMLHTTP") xmlhttp.Open "PUT", putUrl , False xmlhttp.setRequestHeader "Content-Type", "application/x-www-form-urlencoded" xmlhttp.send(xml_put) Set xmlhttp = Nothing end function Any help out there?

  Read the article

• mod_rewrite in conjunction with "options indexes"

  - by Travis

  I have a directory ("files") where sub-directories and files are going to be created and stored over time. The directories also need to deliver a directory listing, using "options indexes", but only if a user is authenticated, and authorized. I have that part built, and working, by doing the following: <Directory /var/www/html/files> Options Indexes IndexOptions FancyIndexing SuppressHTMLPreamble HeaderName /includes/autoindex/auth.php </Directory> Now I need to take care of file delivery. To force authentication for files, I have built the following: RewriteCond %{REQUEST_URI} -f RewriteRule /files/(.*) /auth.php I also tried: RewriteCond %{REQUEST_URI} !-d RewriteRule /files/(.*) /auth.php Both directives are redirecting to auth.php when I request: foo.com/files/bar/ foo.com/files/bar/baz I am outputting the SERVER global on auth.php during testing and it is showing the requests as I made them (I thought Apache may have been doing something behind the scenes by adding something like "index.html" to the end with "Options Indexes" being on). Ideas?

  Read the article

• Handling Google clientLogin Captcha Example

  - by Yan Cheng CHEOK

  I have a desktop application. I try to perform authentication using http://code.google.com/apis/accounts/docs/AuthForInstalledApps.html However, whenever I get a Captcha challenge, I use a HTTP GET request (I test using web browser) to get the image to present to user. https://www.google.com/accounts/Captcha?ctoken=Y-DrsDJRiWNOP3gR7fq0PAq4Yxvi3UXewu7P7jgAKjk0eZKQ358nbh27-JZ3-nlzXvfKOD3JvZNXwmlRunyz8jPKzqmkOLw2LYb3ZWjg-tE%3A0gMUFttsSH7QwganSJd1aw However, I always get the images : Sorry, we are unable to handle your request at this time. Please try again later. Any idea what I had did wrong? Thanks!

  Read the article

• Weird problem: IE8 user can't authenticate with web service

  - by NovaJoe

  I have an asp.net app. It has a page that requires authentication. The authenticated user can view the page because he/she is authenticated. The page makes a jQuery Ajax call to a WCF service. The WCF service checks that the user is authenticated via HttpContext. I have a user that is using WinXP and IE8. This user can authenticate to the page, but when the Ajax call is made from the page to the wb service, the user recieves my "session not authenticated" message on the page, generated by the service and displayed on the page. When I use the same OS/browser combo, the page and service work just fine, as expected; no errors. What option in this user's IE settings would cause this behavior?

  Read the article

• browser cookie issue

  - by George2

  Hello everyone, In my previous understanding, for a web site, only login user of a web site (no matter what login/authentication approach is used) could have cookie as persistent identifier, so that if the user close the browser, open browser again to go to the same web site, the web site could remember the user. But I learned recently that it seems for non-login user, there could still be a cookie associated with the user (after the user close browser, and then open the browser again to go to the same web site, the web site could remember the user), and it is called browser cookie? Is that true? If it is true, who is responsible to set the browser cookie? i.e. need some coding/config at web server side, client browser configuration (without coding from server side), or both? How could web server access such cookie? Appreciate if any code samples. thanks in advance, George

  Read the article

• How to change ldap password using zend

  - by NAVEED

  I am working with zend framework, PHP , Ldap on Ubuntu. I am authenticating users from ldap using zend library. Now I want to change user's ldap passwords using zend. Any Idea? This is the method that I am using to get zend authentication adapter. It is working perfectly and users are authenticated using this adapter. public function getAuthAdapter(array $params) { $front = Zend_Controller_Front::getInstance(); $options = $front->getParam('bootstrap')->getOption('ldap'); $params['username'] = split( "@" , $params['username'] ); $username = 'cn=' . $params['username'][0] . ',' . $options['server1']['baseDn']; $adapter = new Zend_Auth_Adapter_Ldap( $options, $username, $params['password']); $adapter->setIdentity( $params['username'] ); $adapter->setCredential( $params['password'] ); return $adapter; } Now how to change ldap passwords? Thanks

  Read the article

• Why would a FaceBook application "work" on a profile, but not a page?

  - by ed.talmadge

  I made a FaceBook application that works fine on profiles, but I can't figure out how to get it to show on a FaceBook page. For example, after I visit the application canvas URL, allow the application, then edit application settings and "add" to box and tab view... I cannot click the "plus" symbol to the left of the tabs in order to add a tab for the application. It does not appear in the list of available applications. Meanwhile, the application is working/showing up on profiles with no issues. I DID check the "Installable to Pages" checkbox on the application (authentication tab) settings. What could cause this? Here is the application canvas URL: http://apps.facebook.com/russian_girls/

  Read the article

• How to get JSON back from HTTP POST Request (to another domain)

  - by roman m

  I'm trying to use the API on a website, here's the part of the manual: Authenticated Sessions (taken from here) To create an authenticated session, you need to request an authToken from the '/auth' API resource. URL: http://stage.amee.com/auth (this is not my domain) Method: POST Request format: application/x-www-form-urlencoded Response format: application/xml, application/json Response code: 200 OK Response body: Details of the authenticated user, including API version. Extra data: "authToken" cookie and header, containing the authentication token that should be used for subsequent calls. Parameters: username / password Example Request POST /auth HTTP/1.1 Accept: application/xml Content-Type: application/x-www-form-urlencoded username=my_username&password=my_password Response HTTP/1.1 200 OK Set-Cookie: authToken=1KVARbypAjxLGViZ0Cg+UskZEHmqVkhx/Pm...; authToken: 1KVARbypAjxLGViZ0Cg+UskZEHmqVkhx/PmEvzkPGp...== Content-Type: application/xml; charset=UTF-8 QUESTION: How do I get that to work? I tried jQuery, but it seems to have problem with XSS. Actual code snippet would be greatly appreciated. p.s. All I was looking for was WebClient class in C#

  Read the article

• Best Pratice to Implement Secure Remember Me

  - by Yan Cheng CHEOK

  Sometimes, I came across certain web development framework which doesn't provide authentication feature as in Authenication ASP.NET I was wondering what is the security measure needs to be considered, when implementing "Remember Me" login feature, by hand coding? Here are the things I usually did. 1) Store the user name in cookie. The user name are not encrypted. 2) Store a secret key in cookie. The secret key is generated using one way function based on user name. The server will verify secret key against user name, to ensure this user name is not being changed. 3) Use HttpOnly in cookie. http://www.codinghorror.com/blog/2008/08/protecting-your-cookies-httponly.html Any things else I could miss out, which could possible lead a security hole.

  Read the article

• Cookie: ASP.NET SessionId Issue

  - by LB

  I have a load generator that appends a ASP.NET_SessionId to the Cookie when making a Soap test call from Machine A to Machine B. Cookie: ASP.NET_SessionId=gf0ouay24sdneiuicpiggn45; However, when I'm running the soap test hitting my local server it doesn't have an ASP.NET_Session variable in the cookie. Why is this happening? UPDATE: I'm getting this issue now on the server: Forms authentication failed for the request. Reason: The ticket supplied was invalid. I've followed this: http://msmvps.com/blogs/omar/archive/2006/08/20/108307.aspx But to no avail.

  Read the article

• Unable to access LinkedIn conections using python rauth library

  - by srinath sastry

  I was trying out this example at https://github.com/litl/rauth/blob/master/examples/linkedin-web.py I get a 403, Access to connections denied error and it returns KeyError: '_total'. r_network option is present. Has anyone faced this issue? Also if you look at http://docs.python-requests.org/en/latest/user/quickstart/#oauth-authentication, the 'requests' library is initializing resource_owner_key, resource_owner_secret apart from the application keys. Not sure how these are getting passed from the 'rauth' library, Was wondering if that was causing this 403 error.

  Read the article

• Authorization in a more purely OOP style...

  - by noblethrasher

  I've never seen this done but I had an idea of doing authorization in a more purely OO way. For each method that requires authorization we associate a delegate. During initialization of the class we wire up the delegates so that they point to the appropriate method (based on the user's rights). For example: class User { private deleteMemberDelegate deleteMember; public StatusMessage DeleteMember(Member member) { if(deleteMember != null) { deleteMember(member); } } //other methods defined similarly... User(string name, string password) //cstor. { //wire up delegates based on user's rights. //Thus we handle authentication and authorization in the same method. } } This way the client code never has to explictly check whether or not a user is in a role, it just calls the method. Of course each method should return a status message so that we know if and why it failed. Thoughts?

  Read the article

• How to create a RESTful web service in asp.net?

  - by jonhobbs

  Hi Guys, I simply want to create a fairly basic REST service, so that I can expose some of the data in my asp.net/SQL server application to the outside works, like this..... http://domain.com/api/offices - would return an xml set of office locations. http://domain.com/api/offices/15 - would return all the details of office 15. It's all fairly standard stuff (including basic authentication) but there seem to be several ways to achieve this using Microsoft technologies and I don't really know where to start. These seem to be the options... 1) WCF 2) ASP.NET MVC 3) ADO.NET Data Services 4) Rest Starter Kit project templates? Which of these is the easiest and most "up-to-date" solution to creating a web service?

  Read the article

• Twitter xAuth vs open source

  - by Yorirou

  Hi I am developing an open source desktop twitter client. I would like to take advantage on the new xAuth authentication method, however my app is open source which means that if I put the keys directly into the source file, it may be a vulnerability (am I correct? The twitter support guy told me). On the other hand, putting the key directly into a binary also doesn't make sense. I am writing my application in python, so if I just supply the pyc files, it is one more seconds to get the keys, thanks to the excellent reflection capatibilities of Python. If I create a small .so file with the keys, it is also trivial to obtain the key by looking at the raw binary (keys has fixed length and character set). What is your opinion? Is it really a secutiry hole to expose the API keys?

  Read the article

• How do i get out of the habit of procedural programming and into object oriented programming?

  - by Shadi Almosri

  Hiya all, I'm hoping to get some tips to kinda help me break out of what i consider after all these years a bad habit of procedural programming. Every time i attempt to do a project in OOP i end up eventually reverting to procedural. I guess i'm not completely convinced with OOP (even though i think i've heard everything good about it!). So i guess any good practical examples of common programming tasks that i often carry out such as user authentication/management, data parsing, CMS/Blogging/eComs are the kinda of things i do often, yet i haven't been able to get my head around how to do them in OOP and away from procedural, especially as the systems i build tend to work and work well. One thing i can see as a downfall to my development, is that i do reuse my code often, and it often needs more rewrites and improvement, but i sometimes consider this as a natural evolution of my software development. Yet i want to change! to my fellow programmers, help :) any tips on how i can break out of this nasty habbit?

  Read the article

< Previous Page | 175 176 177 178 179 180 181 182 183 184 185 186  | Next Page >