I am implementing a web server API for my application, and I got stuck in the process of figuring out what authentication method I should use to authenticate requests by the users (and also by other client applications). I think that I did not really understand what OAuth and other authentication protocols are made for. I want the authe...
I'm developing a LMS solution with php/apache which takes SCORM files and outputs the courses for users to undertake in the format http://www.example.com/courses/course1/index.html The LMS itself will be accessible by anyone and as the course content is static html I dont seem to have many options in regards to authentication. I origin...
Hi All, We going to develop a little API application in Sinatra. What are the authentication options available to secure the API calls? Thanks, Imran ...
I have something that I thought was a relatively common problem, but after researching the issue, it appears not to be as easy as thought. I have a CakePHP application (using version 1.2.7) and I am trying to change the standard login procedure using the Auth Component. I would like to use a persistent login screen ( like this Jquery p...
I'm in the process of launching a client tool that stores information on an apache server. I want to be able to control access to the files after they've been created. The basic Apache Auth module seems to meet my requirements, my only concern is that the permissions must be maintained by a non-technical user. Does anyone have a recomme...
Hi, I'm totally scripting noob, so sorry for my question. I create folder in my joomla instalation. Users should be access to this folder directly but only when they logged in joomla. Is this possible? ...
Hi, I am trying to access a web service using NSURConnection, but i am not sure how to send password there because the example code given in php is setting CURLOPT_USERPWD field of libcurl, and there seems to be no such field in NSURLConnection/NSURLReqest. ...
I want to customise the django.contrib.auth UserCreationForm to: Ignore the email field, and only display a user-name which must be an email address Prompt the user for first name and last name. I'm using django-registration if that makes a difference. How can I do this? I can subclass the form, but how do I tell the auth system to...
Hello. I have an application that must first authenticate with a Symantec Web Gateway. My customer is using Symantec Web Gateway version 4.5.3.38. I am writing the application in C# and it will be running on a machine that is not joined to the domain and they do not want to enter an exception in the gateway box. The gateway uses NT...
I am looking at adding a custom authentication for my WCF web service and is wondering which the "industry standard" best practice for web service authentication is? I need the web service to be supported from many different coding platforms with minor configuration. Thanks! ...
I want to do the following with django's authentication: Log incorrect log-in attempts Temporarily lock accounts after 'x' number of incorrect log-in attempts Log successful log-ins. I thought a custom auth backend would be the solution. I can do most of what i want, but I want to log the IP and REMOTE_HOST of the user making the at...
Hi.. I'm given a task to write a user authentication and login system in java. How do I start? I can write a simple login page asking for username and password and then check them in a servlet against a database. Is this a 'User authentication and Login system'? Also I can use JAAS.but i think JAAS is already an authentication service. B...
I'm trying to use the Google Data API for an installed application on Android 2.1. I don't want the user to have to enter their credentials if he already has an account configured on the device. Thus, I'm using the AccountManager with Account type "com.google". But where to go from there? There are no samples from Google on how to do Go...
Hi @ll, since yersterday i play a little bit with the .Net WebProxy Class, because i think the usage of webproxys in one of the big traps in the development of applications with web access (my java experience). So i made a test case: i used a squid proxy without proxy authentication and defined the proxy settings in my "ms internet ex...
I have 3 components in my system: COM Object - Provide Services to application that has func1(), func2() App1 - Trusted Application that need to use the com object funcs (1 and 2) App2 - Malicious application, not authorized to use func1(), can use func2() it is not harmful. How can the COM Object can "authenticate" App1 and allowin...
I'm new to OData (most everyone is I think). If I have an OData service, how do I secure it from unauthorized use? I'm looking at using WS-Trust/SAML, or standard authentication if that matters. ...
Lots of places use sharepoint. How can we securely retrieve the logged on sharepoint user when they view our app inside a web part? ...
Are there any existing user authentication libraries for node.js? In particular I'm looking for something that can do password authentication for a user (using a custom backend auth DB), and associate that user with a session. Before I wrote an auth library, I figured I would see if folks knew of existing libraries. Couldn't find anythi...
Hi guys. I need to implement authentication in a php app but using fingerprint as part of credentials. So, sincerely I'm kind of lost here. 1) Do I need a product (reader) with javascript SDK? I've seen some using ActiveX but obviously this will work just for IE. I would like a cross-browser solution here. 2) On server side, I supp...
I am using C# and .Net Framework 4. I am looking for a foolproof method to get the login id of the currently logged in windows user that is not susceptible to impersonation or hacking. I am looking for this in the form of: DOMAINNAME\USERNAME e.g. SOMEDOMAIN\JohnDoe Currently the best I have is: var identity = System.Security.Princi...