hi, My asp.net mvc application, requires me to login every 20-50 seconds, i contacted the hosting provider, who says its due to recycle of pool. i have added following code to web.config. <sessionState mode="StateServer" stateConnectionString="tcpip=localhost:42424" cookieless="false" timeout="20"/> the problem is not solved, how do...
Hi, I'm working on OpenID authentication in my Rails app. Because Authlogic seems to be received well by the community, I gave it a try. I got to the point where I can register a new user with an OpenID URL. However, when I tried logging in with the URL I signed up with, I keep receiving a message: "Openid identifier did not match ...
I'm designing a hypermedia API, yes, a RESTful API, with the hypertext constraint. Each user of the system will access the system using their own credentials, so every request we process is authenticated and authorized. Each user will typically have specific credentials so that they may have different permissione (e.g. none, read, read...
I have an MVC 2 application that every page requires authorization on (except currently for /Account/Logon), but I would prefer that instead of it forwarding to "/Account/LogOn?ReturnUrl=/SomePage" to authenticate the user, that it would just show the login form instead on the page the user requested so the URL doesn't change I already ...
When using the Granados C# SSH Library, is there any way to set the ForwardAgent directive to true? The library works perfectly for me, but I need to use it when connecting to a compute cluster and it does not forward on my auth keys to the other servers. ...
I'm working with Django on Linux and I have an application that integrates with Active Directory. I'm seeking opinions and advice about whether or not it would be feasible or reasonable to access the HTTP headers from within the application to coordinate HTTP authentication. The end goal would be to perform NTLM authentication without...
Hi! my user will use form authentication against Active Directory or database. Theres no Windows Integrated Authentication there!! What i want is when the user submit the authentication form, it will try to validate the user against Active Directory and if it fail, try with the database. How can i do that? What i had in mind was to bu...
Hi folks. I currently have a RESTful servlet running that returns json upon receiving a POST query. I would like to implement authentication over SSL, so that the user will first login and send his credentials so the servlet knows what level of authorization it has to return the data, but I'm not sure how to go about implementing this fo...
Hi, I am trying to create a custom ASP.NET MVC site that can show the RemoteApp's published through Remote Desktop Services at one of our servers. I am parsing the XML from the /rdweb/feed/webfeed.aspx feed and downloading the RDP files. However, when I access this webfeed.aspx, I have to provide network credentials for it, which means...
i need help understanding password security. concept of salts, nonce etc. i read http://stackoverflow.com/questions/401656/secure-hash-and-salt-for-php-passwords but its quite advanced for me. i don't really understand what problems salts etc solve, and how it is implemented, maybe from the basics // basics i learnt from school, using ...
How do I configure .NET webservice to require all consumers to supply credentials, then verify their validity against database table? ...
How can I hide our main nav and use it as the home page but only for logged in users? The following is the code for the slideshow. The MENU is an element though. Should they both be in the element file together? Before I attempt to hide when logged in? File /elements/nb_menu_home.ctp reads: <script src="/js/loopedslider.js" type="text/...
I am writing a small app that uses the GAE. I have parts of my app that are for administrative use only. I have two options using login: admin option in the app.yaml or google.appengine.api.users.is_current_user_admin() in python code. The basic authentication is sufficient for my case. Which solution is better? The advantage of using ...
What are the issues with double POSTing user data? I am building a site for a client that requires login to a bespoke backend system that I am constructing, and login at the same time to a third party system hosted on a seperate domain. Client system is built in PHP and Vendor system in .NET. The login process requires both sites to pe...
Is it possible to limit what admin pages a user is able to VIEW and modify i know it is currently possible to limit changes to them, but is it possibly to limit a user via permissions or otherwise to only the administration views for one app. If possibly i am also aiming that superusers can access the standard django admin Looking aroun...
Hi everyone. We have a project in wich the customer needs the crm to be authenticated using a custom web form. I do not want to use the default IDF provided by crm. Is there a way we can pass the user name and password to crm authentication dialog? Or any suggested approach? Thanks ...
Hi, I have a NetTcpBinding with SecurityMode.TransportWithMessageCredential. Transport.ClientCredentialType is set to MessageCredentialType.Windows, but I'm considering MessageCredentialType.UserName. Then there's a class DataStoreServerProxy for fetching database data which implements IDataStoreContract. It contains methods such as ...
Hi folks, I need to access a controller level action from another action. This is accessed by the view (so need authenticity token) def post_message #creates the message #normally accessed via webform with authenticity token end def post_via_email #my virtual mailserver calls this method when it receives an email #i need to cal...
I am developing a web service that authenticates a user trying to access a web application. I'm new to web services and have seen a lot of different APIs and have started using JAX WS. Im not sure if this is an alternative to JAXB or if it should be used with it. Currently I have a test page that a user can enter their username and pass...
We recently setup osTicket Ticket System and have been testing it to see whether to implement in our office. It would really help to have the ability to authenticate against our existing open directory. I found an article (http://www.bauer-power.net/2010/04/how-to-make-osticket-160-authenticate.html) that talks about using Active Directo...