I've found numerous posts on stackoverflow on how to store user passwords. However, I need to know what is the best way to store a password that my application needs to communicate with another application via the web? Currently, our web app needs to transmit data to a remote website. To upload the data, our web app reads the password fr...
Hi I am sorry if this question has been asked before but I am looking for some sort of download authentication. In other words if I am going to give the user a link to a file, I want to make sure only that person will get it, and get it only once! Is there a simple solution without setting up the database? Even better if it's possible to...
I am wondering how to do a simple Javascript log in for my web pages on my dev server. I want it to be very simple, like the ones that pop up when you go to 192.168.1.1 to adjust the settings on your Linksys router. Any suggestions? ...
Hi there, I have a webapp with form-based authentication. On the login page, I have placed a link to a public registration form. The registration adds a user in the database that is used for authentication. Now, is is possible to do an automatic login as the new user after the registration is complete, without returning to the login pa...
Hi gyus, I know what are you saying already (baad idea), but please read first :) I am developing ASP.NET MVC based app, which will require some specific features: combination of "local" users and facebook connect login, but FB users will be "mirrored" to some kind of local representation, because there will be some statistics and oth...
I am trying to port a J2EE app from Tomcat to Websphere and I'm not too familiar with Websphere. The only problem I am having is authorization (I use basic-authentication in my web.xml). In Tomcat I use the tomcat-users.xml file to define my users/passwords and to what roles they belong. How do I do this "simply" in Websphere? When dep...
What is the relation between web.xml and jboss-web.xml? Seems like: Jboss-web.xml specifies the security domain (which can be found in login-config.xml) web.xml specifies what the security level is I don't understand what happens when jboss-web.xml specifies a weak security domain. Ie: one that cannot do what web.xml s...
Hello, I have implemented Authlogic. I believe that this isn't an authlogic specific quesetion. Assume that I have a User model and each User has a column in the database called "login". Upon creating a user, the login column is populated. However, I don't want the user to be able to change their login once they set it. Currently, I h...
I currently have my ldap authentication context set up like this: <ldap-server url="ldap://host/dn" manager-dn="cn=someuser" manager-password="somepass" /> <authentication-manager> <ldap-authentication-provider user-search-filter="(samaccountname={0})"/> </authentication-manager> Now, I need to be ...
I am trying to set up an ldap authentication context where the authorities is a separate ldap instance (with the same principal name). I am having trouble setting up the authentication part, the logs dont show any search results for the following context. Can anyone see what I am doing wrong? <beans:bean id="ldapAuthProvider" class="or...
Hi! I want to make a login form at the Clickonce deployment webpage, and only allow the authenticated users to download the application. and I want the downloaded application to use the same credentials entered at the webpage, without prompting the users to enter the credentials again. Details: I have an application(Windows Client) whi...
I wish there was a central, fully customizable, open source, universal login system that allowed you to login and manage all of your online accounts (maybe there is?)... I just found RPXNow today after starting to build a Sinatra app to login to Google, Facebook, Twitter, Amazon, OpenID, and EventBrite, and it looks like it might save s...
I am getting this error from a PostMethod using commons-httpclient No credentials available for DIGEST 'realm'@localhost and a 401 back from the server. I followed the example from this post java client program to send digest authentication request using HttpClient API (2) However, it still seems to fail. I am trying to connect to ...
I have a client (written in Python, with a wxPython front end in dead-simple wizard style) which communicates a website running IIS. A python script receives requests and does the usual client-server dance. I would have written this as a browser application, but for the requirement that certain things happen on the local PC that the we...
The ways I can think of are: Use Windows Identity Foundation (WIF). I have never done this so is a black box and risky. Use Forms Authentication or similar, then use database replication to make sure each application has access to the data store. No doubt there are other options. More info: This is for an internet solution, not intr...
I've created a small web application using AppFuse(with JSP as Web Framework) and RichFaces. There is a page that uses rich:dataTable that should be accessible without authentication. To make this page public I put it into a folder called "public" and added the following line to the security.xml: <intercept-url pattern="/public/*" acce...
I need to authenticate users from database, Spring Security documents don't tell how to authenticate with hibernate. Is that possible and how can I do that? ...
I'm trying to secure my entire MVC site, so before the Home controller, I added an [Authorize] attribute. Now if you run it from Visual Studio or navigate using the root URL (e.g. http://localhost:2897) it does redirect to the login page, as expected. However the URL in the address bar after redirection looks like this: http://localhos...
Hello StackOverflow Community, Can Adobe AIR use Integrated Windows Authentication (Kerberos) to authenticate from a user’s work station to SharePoint? Thanks, Mauricio ...
Hi everyone, I would like to know how can I generate a random pre-master key PMK in java? (related in key exchange and authentication) Is it similar with other randam key generating? What particularly is a pre master key? Thanks, Sebby. ...