Hello everybody !
Do you know how I could do to use a variable to define the AuthUserFile in a .htaccess file ? Like :
RewriteRule ^ - [E=BASE:%{DOCUMENT_ROOT}mysite/www/]
AuthUserFile %{ENV:BASE}admin/.htpasswd
It don't work...
Here is my full .htaccess file (if you want to understand why I need to do that) :
Any help would be real...
To retrieve data from ActiveDirectory I used the following code:
SPSecurity.RunWithElevatedPrivileges(delegate()
(
var currentDirectory = new DirectoryEntry(domainAddress);
));
But changing a property's value and attempt to update the values in ActiveDirectory (function CommitChanges()) generates System.UnauthorizedAccess...
I have an HTML5 app which is capable of running offline. However, I need to password protect the directory this app resides in to only allow access to authorized users. Initially I was using a PHP login page which set a cookie (outside of the app directory) then redirected to the app directory. The app (JavaScript) checks for the cook...
hi,
im trying to understand how to implement my own authentication and authorization machinery for my GAE app. does anyone already implemented something like that and maybe can give me some advice?
what i need is grant access on certain sections to specific users and restrict the access to others.
i looked at repoze.who and reapoze.wh...
I am trying to make a change at the auth.models.py file to force the password hashing function (get_hexdigest()) to not use the salt when passing the sha1. So the change would be:
auth.models.py line 33
before:
return sha_constructor(salt+raw_password)
after:
return sha_constructor(raw_password)
However, when I make the chang...
Hi,
I'm developing a GWT+Spring application and I'm having hard times integrating GWT with Spring Security system.
Services are protected by spring security and response with 401 for un-authenticated users (anonymous) and 403 for unauthorized access. My problem here is that I can not make failed AsyncRequests handle those errors the wa...
Working my way through clarkware's iphone-rails-tutorial and trying to build and run the final rails code that is included but I get this error in the server's console whenever I try to access localhost:3000/
ActionController::RoutingError (uninitialized constant ApplicationController::Authentication):
app/controllers/application_cont...
I am currently exploring Zend_Auth, part of Zend Framework, but am dissapointed with the lack of more advanced features such as nonces, authentication tokens, lock-out, etc. In one of my recent projects, I implemented an authentication and ACL (Access Control List) scheme that has the following features:
Salted hashes
Automatic IP addr...
I've been tasked to build a system that allows someone in our company to send out an email with a link to a pdf file that will be kept on our webserver. The recipient can follow the link to view a newsletter we normally sell. The idea is we do this for three months, then see if they'd like to continue and pay for the full subscription.
...
Hi All,
How will I do authentication using Rails 2.3.8 using MongoDB and
mongo_mapper?
Let me know your expert advise on this.
By the way, a Rails noob here :)
Thanks!
...
I'm trying to get authenticated using the the Authentication Service and my Membership Provider. Ideally I want to call my membership provider, but I bomb out before hitting my provider. Says a token cannot be validated. Checking my error log, it appears I'm trying to Authenticate using Windows auth. That's not what I'm intending to do. ...
Hi,
is there a way to ask for an OAuth authorization without redirecting the user to the service and then back again to my app?
In detail, I'm creating a web service that need access to the Facebook Graph API, that requires the OAuth 2.0 authentication. Is that possible?
Thanks
...
Guys, Can Anybody tell me, I want to give same Authentication Mechanism (No Registration on the site) as of Stack overflow, Is there any link Or Something to start with.
...
Just going to start making a web application and was wondering which was better, or at least what are the main differences between them (as it probably matters what I am using them for)?
Windows Authentication
Passport Authentication
Form Authentication
...
hi,
i've always read that the user you set in the IIS website/virtual directory is the user that runs the app (anonymous user identity)
But in the application pool, i can also set a user (process model, identity)
what is the difference between the two, and which one will need access if i do a file read?
EDIT:
the bounty is for this ...
Suppose an unauthenticated user tries to get the page which only authorized users can see: /profile/preferences
Is it a normal practice to reply to this with 401 Unauthorized along with the content of the login page or is it better to serve 302 Found redirect to the login page and then send the user back to /profile/preferences?
What a...
I'm just a beginner in SQL Server database development and was wondering which authentication method to use. My database needs to have the simplest protection there is.
If I choose Windows authentication, what username and password do I pass when connecting to the database? What will happen when another user installs the application on ...
I currently need to access an API that is set up in an staging environment on an Apache web server but the web server throws up a username/password dialog when browsing to the API url. Unfortunately I do not have access or control over the behavior of this web server.
Is it possible to programmatically send the username and password to ...
I'm trying to create a form to create a user. Currently I have
- form_for @user do |f|
= "Username"
%br
= f.text_field :username
%br
= "Password"
%br
= f.text_field :password
%br
= "Confirm Password"
%br
= f.text_field :password_confirmation
%br
= "Email"
%br
= f.text_field :email
%br
= f.submit "Submi...
I need to implement authentication for the project I am working on. But I can't make the choice: to use OpenId or not. The main question for me is how to retrieve user's email (it is critical for sending notifications) if user has logged in by OpenId. Of course, most OpenId providers return this information but I can't trust them (as any...