I am trying Netbeans subversion features, I found when I try to commit to my googlecode subversion repository, I always get authentication failure. I am 100% sure didn't input the wrong username or password, and I have tested this on another computer and everything works just fine. What might cause this problem? ...
Hello, I am trying to create a basecamp like login where users can login to see their companies projects using the url: http://abc.com/companyname/ I dont know how to create a 2 level auth... (one at the company level and another at the user level) I am new to cakePHP and I dont know how to modify the in built Auth component for my requ...
I'm very new to Perl, and I have absolutely no idea how to approach this. We have an old Perl application which previously used Apache auth; we'd like to replace this with a cookie based form-style authentication. I understand that this is very case-specific, and there is no one answer as such, but some general tips would be much appreci...
Hi all, I have come across a theory on Auth protocol hacking vulnerability which can be found in http://www.owasp.org/index.php/Reflection_attack_in_an_auth_protocol. I understand how this vulnerability causes problems in exchanging the messages and how to bypass validation to become a logged-in and to be a valid user. The following co...
I'm using the Auth component on my pages and I would like to show a login overlay when an Ajax action is called for which the user doesn't have permission. Example: User wants to edit a jeditable field, then when the users wants to change the value, he will first get a login/register overlay. My current way is to check in the action f...
I am just learning CakePHP, so excuse me I am using CakePHP 1.2.5 Auth component with UsersController. User model contains two tables: class User extends AppModel { var $name = 'User'; var $belongsTo = 'Company'; } When login() is called, I see the data being retrieved in the SQL log (LEFT JOIN is being executed), so the mod...
I'm trying to learn Django and I would like feedback from anyone who has any MVC/MTV/PHP/Ruby framework experience. Does anyone find that the user model is too tightly coupled with auth? Background: When you first implement authentication for Django, you include the module django.contrib.auth This will bring in several models like Use...
I've noticed that when I refresh the page twice in a row or double click on a link, the user is automatically logged out. I'm using cakephp 1.2 and the Auth component. I don't have a lot of experience with CakePHP, any ideas what could cause this? ...
In the auth module, we have users and roles with a many to many relationship. My question probably has a simple answer, but I couldn't find it by myself... How would I go about selecting only users having a certain role using ORM? What I'd like to do is something like this: ORM::factory('user')->with('roles')->where('role','member')->f...
We have a system written in PHP where account passwords are stored as the first 128 chars of a whirlpool hash of the password. I'd like to transition to handling the logins with Django without changing the database or asking users to change their passwords. Also, I'd prefer to stick with whirlpool vs. the less secure hashes Django has b...
I'm trying to compare shadow password with php cli but not work ! i use this function so i can create password like shadow function shadow ($input){ for ($n = 0; $n < 9; $n++){ $s .= chr(rand(64,126)); } $seed = "$1$".$s."$"; $return = crypt($input,$seed); return $return; } when i replace the result in sha...
I'm managing a set of web apps, almost exclusively written in PHP, and would like to find an authentication platform to build a role-based authorization system on top of. Also, I'd like the authentication system to be extensible to use for, for example, system services (SSH, etc.) Here are some of the main characteristics I'm looking fo...
I have a Media Temple DV server hosting dev.example.com with django mounted at /. There is a legacy directory in my httpsdocs I need to continue to serve at /legacy. But for this directory I need to redirect anyone coming over http over to https, then prompt for http basic auth. In the virtual host conf, I'm pointing the root to a djang...
Hi, I'm trying to understand how SSL works. In my wish to make a small FTP client which supports SSL I've run into some problems: TcpClient FtpConnection = new TcpClient(FtpServer, FtpPort); NetworkStream FtpStream = FtpConnection.GetStream(); StreamReader FtpReader = new StreamReader(FtpStream); FtpWriter = new StreamWriter(IrcStream)...
Trying to implements simple privileges for admin user. Don't need huge acl rules and groups system. There are admin users, overs - just registered users. They can't access actions with admin prefix. So It was implemented in cakephp1.2 version with following code in app_controller: function isAuthorized() { if (isset($this->params[Co...
I am a developer a large social network. Does the protocol OAuth without browser? I plan to write desktop and mobile applications that can not use your browser to get access_token. It worries me step for get Access_token, I can not understand how to implement it. Give examples of code if possible ... ...
I need to call a SOAP Webservice in Silverlight 4 which is protected by HTTP Basic Auth. The service is hosted on a different domain than the silverlight application. Is there any way to do this. Setting ClientCredentials.Username doesn't work for me ... Any suggestions? ...
What is the difference between using AuthComponent::allowedActions and AuthComponent::allow? When I Google, I see the majority of examples and documents using or talking about allow(), but only a few using allowedActions. But they both seem similar in usage. ...
What are the cakePHP usages/meanings of the model, lft, and rght fields in a acos table? Similarly, what are the usages/meanings of the lft and rght fields in a aros table? ...
Hello Stackoverflow Users, Today I've tested the Kohana3, which has been changed a lot. I'm working so much with the Auth Module, and need this in my new Project also. Now I found a Bug, I think it is a bug, what can I do? Problem: After I'm deleting a user from the Database, who is at this Moment logged_in() in my Website, and he i...