I looked for the ways, how a client can send authentication credentials to a webservice (e.g. Tomcat Manager) and found this topic http://stackoverflow.com/questions/1885844/resteasy-client-framework-authentication-credentials Just have some questions after reading: 1. Are there other possibilities to do that? 2. What imports are neede...
Some time ago we needed a solution for Single Sign On authentication between multiple web services. At least at that time we considered OpenID protocol too complicated and we were not convinced about the Ruby on Rails plugins for it. Therefore we designed a protocol of our own instead of implementing an OpenID provider and OpenID consume...
I'm relatively new to django.. In the app that I'm building, there are multiple types of users (ie User1, User2, User3) that are all inheriting from django.contrib.auth.models.User and upon login, each user should be redirected to a success page depending on what type of user they are. In views.py: def login_attempt(request): user = ...
Anyone have any ideas on how I could get a unique username (but not the email address) for each user. Ideally, I'd show them a page asking them to specify a username for the site, but the only way I can think of doing that is to show it to them after they've authenticated via G Accounts or OpenId. But, that requires another page, and wha...
Hello, A programmer has created a Microsoft Office Add-In (PC) for me. We would now like to implement online activation of the add-in. Is anyone aware of an open source solution to handle serial number validation via online activation? Many thanks for any insight anyone can offer. ...
I've got a weird one. I'm using Forms Authentication and all works well on my development workstation, but when I post to the production environment authentication fails... but ONLY for Safari. It works great in IE, Firefox and Chrome, but not Safari. Anybody got any ideas on this? Thanks ...
Are there any good books, blogs, wiki's, etc, on coding security systems? and standards that should be followed? I'm specifically interested in writing Access Control (DAC, MAC, RBAC) and auditing. I think I have a solid working understanding of DAC due to my experience with *nix systems. But I don't know what goes into implementing thes...
Hi, I'm trying to use custom validations with Authlogic gem for Rails. In the method "acts_as_authentic" I'm just using some kind of validations such as "merge_validates_format_of", but now I'm trying to use "validates_exclusion_of" that's not working because there are only some of ActiveRecord validation methods implemented for Authlogi...
I am working on the security design for a new application at my company. We are using the Windows Identity Foundation framework. I have a logon application that issues a token to a user who successfully authenticates. The token is then used to access the new application. Of course, this happens transparently to the user. The WIF fra...
Hi all, I was told in the 'case-of-monday' meeting that I am going to integrate MS-sharepoint authentication to a existing PHP site. The idea is a MS-sharepoint user can login via the PHP site which has permission to query a sub set of the Sharepoint resources (generic documents i.e. employee manual). I need something to get started. A...
I'm using ASP.NET MVC2 which request methods from Web-service (My all DAO place in Web-service). For Web-service using Basic Authentication. For authentication from asp.net to web-service, I use FormsAuthentication. For this I was write WebServiceMembershipProvider inheritance from MembershipProvider. In method ValidateUser I connect to...
I´m having trouble using .NET Web Services with the Android Platform because the web service i want to consume is locked behind Windows (NTLM) authentication. How can i to use NTLM authentication with an HttpClient request in a android application? Regards ...
I've been reading about Python's urllib2's ability to open and read directories that are password protected, but even after looking at examples in the docs, and here on StackOverflow, I can't get my script to work. import urllib2 # Create an OpenerDirector with support for Basic HTTP Authentication... auth_handler = urllib2.HTTPBasicAut...
I am looking into porting a website in CouchDB and it looks very interesting. However, a big problem is that CouchDB does not seem to support read authentication; all documents within a database are accessable by all readers. It is suggested elsewhere to use different databases for different reader-groups or to implement reader authen...
Greeting, I have two levels of authentications in ASP.NET application. I have a Webadmin user that have full access to all the websites and Webuser user that have limited access. I want to destroy all open sessions before do any new login, no matter who will do the login. Where should I place my code to destroy all open sessions befo...
Hi folks, setting up my authentication, in my users_controller i have a register action listed below. I'm getting an error at line 20 which is if (!empty($this->data)) { The error is: syntax error, unexpected T_STRING Here is my entire users_controller: <?php class UsersController extends AppController { var $name = 'Users'; va...
Hi all: I am working on a login section for a new project, which definitely requires user authentication. The easiest way of doing that I assume would be using the http basic authentication. I implemented it fine on the Apache server, ssl was also intorudced to provide better security. However, one thing concerns me, that it seems the...
I am trying to get LDAP authentication to work under Rails. I have chosen net/ldap since it's a native Ruby LDAP library. I have tried all possible stuff, specially examples from http://net-ldap.rubyforge.org/classes/Net/LDAP.html but still unable to get it work. Any ideas? ...
I've got an asp.net application which seems to forget that a user is logged in after a while. I'm using the membership provider and when opt to "remember" the log in it remembers it during the session. I can even close the browser, restart and come back and it will still be logged in. But after a while it forgets and it seems to do it...
Hi all, I've got an asp.net app that uses forms authentication that denies anonymous users. It's working fine if i access the server directly, however if i access it via a reverse proxy it does not seem to work so good. What happens is the reverse proxy sends you to the default page, then gets redirected to the login.aspx page because ...