I've setup and deployed a simple forms authentication website with membership using .NET 4. I've created a virtual directory (now converted to "Application") in IIS7 and setup the web.config file in the virtual directory as follows: <configuration> <system.web> <authorization> <deny users="?"> </authoriz...
I am working with Zend_Auth and cookie/session persistence. I can't seem to figure out how to force an authentication with this class. Is there any way to force Zend_Auth to believe it has authenticated as a user? ...
I am trying to build a simple OpenID login panel similar to how Stack Overflow's works. The goal is: User clicks OpenID/Oauth provider OpenID/Oauth stuff happens, we end up with the result (already made that) Then we want to confirm that the user wants to actually create a new account (vs. associating account with another OpenID accou...
I have a client app that makes calls to a WCF service. This app is on a public computer that's easily accessible and anyone can easily copy the .EXE and .CONFIG of my app into another machine and start using it. Is there a pattern where I can check if the request is coming only from an app on a computer I installed it on and not on one ...
I can read new emails using gmail pop3 in c#, I'm looking for a way to open each one of new emails in browser just like Google Talk When you receive new email Google talk notify you and if you click on message, you can read your email in browser new window. Any Idea? ...
I'd like to authorize the user/application combination, not only the user. The scenario is that we've built an app that guides the user to safe updates of some data. If the same user installs PL/SQL Dev, Toad, or any other Oracle management tool, she can edit the data in ways that the app prohibits. ...
I'm trying to make a blogging system but obviously certain users in certain groups should only be able to edit/delete their own posts/comments. How would I go about doing this in CakePHP? I followed the manual's basic Acl guide to setup my current Auth system. ...
I have written a SyncAdapter that takes a "com.google" account and performs a sync with an appengine web service. Testing this with the dev tools sync tester (on the emulator), this sync appears to work just fine. The problem is, it's not syncing by default. And going to the account in "accounts & sync" shows my google account to be bla...
I have an application written in MVC that uses your regular .Net Forms Authentication. There's nothing particularly new or exciting going on with it. My client has now asked that users be able to log in to the app on the same machine but in different browsers, or different tabs within the same browser. To my mind, he's asking for a sc...
The Sha1Hash function is used to convert the passwords into hex format in order to store them. How we can pass a username and password as strings in the Bootstrap.groovy and create our users easily. IF i want to use a GSP to create a user,how do i go about using the Sha1hash function. This functin when given sha1hash(params.password)retu...
Hi, I have a mobile application and will like to have the authentication implemented either through the Application itself or through Facebook username and password. For example, if I have username and password of Facebook then one can login into the Application. I don't want to integrate the facebook completely only the authenticatio...
Hi, I am trying to develop a java http client with apache httpcomponents 4.0.1. This client calls the page "https://myHost/myPage". This page is protected on the server by a JNDIRealm with a login form authentication, so when I try to get https://myHost/myPage I get a login page. I tried to bypass it unsuccessfully with the following co...
What are some iPhone or Android applications that use SMS as their primary means of user authentication? I'm interested to see such apps in action. SMS-auth seems like a natural approach that is well-situated to mobile contexts. The basic workflow is: to sign up, a user provides a phone number; the app calls a backend webservice which ...
Which approach would you recommend to the following issue: My app needs to have an account with several users inputting tasks on the same account. Only one of the users (the one that opened the account) will have admin privileges. I'm thinking on using Authlogic for authentication and CanCan for determining user privileges. The point is...
Hi, NOTE: I have included 3 links in here to my localhost areas but could not submit the post so I seperetaed them with a space character so it would post on stackoverflow. I currently have 2 ASP.NET MVC apps in my solution. First I run the first one by setting it to be startup project. It goes to the login page, from there once the da...
I've got a hardware internet radio player which needs to play a stream which is behind an http auth (standard 401 request). Unfortunately, the device can't cope with http auth, you can't build the username and password into the link (eg: username:password@http etc - and besides, the server won't accept that) and it plays streams by call...
I have a PHP application that is successfully authenticating against a CAS server. One of the features supported by the application is impersonation; a user with the appropriate privileges can impersonate another of the application. Generally, this isn't a problem because the app itself can keep track of who the user is impersonating and...
I have a basic xml-rpc web service service running. What is the simplest way(I'm a newbie) to implement secure authentication? I just need some direction.. thanks in advance ! ...
Hello, I need to implement an authentication in my client application against my server application. I don't want users to enter any kind of credentials and I don't want to hard-code any password. The purpose is to prevent other people/application to steal data from the server. What is the best way to achieve this? ...
I need some help with authentication when using the web reportviewer to view SSRS reports. In IIS I've set "Windows Authentication" only and unchecked "Anonymous Access" and the other checks in the Directory Security tab. The result in my website is that WindowsIdentity.GetCurrent() returns the ASPNET user and Request.LogonUserIdentity...