authentication

WCF, ASP.NET Compatibility Mode and custom authentication using membership providers

Hello all, I need help in following:) To begin with I work on the large application, that has a WinForms client and server. Server in our case is the set of WCF services. There is one service that is responsible for authentication of users. The logic of authentication is custom and complex and authentication service uses different memb...

JSP login with declarative security - How does the actual authentication happen?

Hi, I've been a little puzzled with this as I have not seen many examples that gave me the complete picture. The best explanation I found so far is this. By defining a security role in web.xml such as "admin" for example, and having my login form with all the necessary fields (i.e j_security_check as action, and fields j_username, j_pa...

After adding login-required in pages.xml styles are no longer loaded.

In a seam-gen generated application I added the login-required attribute, to force a user login. After that the CSS-Styles from richfaces aren't loaded neither in the login page itself nor at the other pages after successful authentication. (The application is unusable) <page view-id="*" login-required="true"> <navigation> <...

Is a Session-Less Design feasible?

Just brainstorming some ideas for a Web App I'm building soon. One of the cornerstones of the Web is Session Handling: Have the user log in, send a cookie with magic binary encoded pixie dust, trust the user blindly afterwards. I just wonder if it's feasible to completely eliminate 'traditional' sessions for a web app that would normal...

How to support NTLM authentication with fall-back to form in ASP.NET MVC?

How can I implement following in ASP.NET MVC application: user opens intranet website user is silently authenticated if possible if NTLM authentication didn't worked out, show login form to user user indicate login password and select domain from list of predefined domains user is authenticated in code using AD I know how to implem...

LSA Returns STATUS_BAD_VALIDATION_CLASS

Hello, I'm building an Authentication Package for Windows and I'm now just trying to make a skeleton for the package that I'm going to build. The Package at some point in time will need to call MSV1_0 but the workflow of my authentication is forbidding me from implementing it as a SubAuthentication Package for MSV1_0. Now, please exa...

How do I implement basic authentication with sessions in Rails?

Just learning Rails via Michael Hartl's tutorial and one of the things we have to do is implement basic authentication with sessions instead of cookies. I am trying to find any literature online that discusses it, but can't find anything. The Rails Guides talk about sessions from a security point of view, so they assume you have your a...

Protect files with asp.net forms authentication

I'm using Asp.net running on a shared hosting environment. I'm using forms authentication to authenticate users. Now I need to add support for the users to create pdfs and images and save them on the server. The problem is that I need to protect the pdf/image created so only the user that created the file can use it, so it is protected f...

How to authenticate users by their role declarative?

How can Seam be configured to use different security-constraints for different web-resource-collections? In web.xml I included a sections like <security-constraint> <web-resource-collection> <web-resource-name>AdminPages</web-resource-name> <url-pattern>/secure/*</url-pattern> </web-resource-collection> <au...

Web-service authentication management

Hello, I'll have to develop some private web-services, so I need a way to authenticate the users in order for each service to be able to know if a request is valid and to maintain some session states. I'd like to have a central authentication service with some simple operations like "logIn(login, password)" (that uses a directory like ...

Can I use SharePoint to authenticate users on a separately hosted website?

The behaviour I would like is for a user to be able to visit a custom built website and if they are already authenticated against sharepoint for the custom website to know who they are and give them various rights. If they are not recognised by sharepoint then I would like them to login to sharepoint and be directed back to the custom we...

How can I authenticate with an existing LDAP server with authlogic_ldap using Rails?

I am working on a corporate intranet site and need users to be authenticated prior to using the rails application. I have experience using auth_logic, but in this case I don't care about creating/editing/deleting users, simply authenticating them. I found that Ruby Toolbox (http://ruby-toolbox.com/categories/ldap.html#binarylogic_aut...

authenticate silverlight app from third party software

Hi Peers, I need your help. I have a requirement to perform secure log in for my silverlight application(using wcf). I am launching this app from old call center software. From here, I need to pass some information to silverlight app in a secured manner (currently passing as url parameters). I doesn't want to provide log in screen ...

Examples of 2 factor authentication?

Hi all, I am doing a HIPAA application soon and it requires 2 factor authentication. Can anyone give me an example? I am thinking a secure login and then a form that requires the user to enter their birth date or something. Thanks, Darren ...

Best Practises on using Facebook-Connect in addition to your own authentification in your php application

I'm using the Kohana 3.x Webframework and I integrated Facebook-Login successfully. That means: the user can click on the Facebook-Login-Button, I get the fbs_ Cookie and I can query facebook for all the information i need (like name, friends, etc...). I believe that I can trust facebook and their security so I just get the facebookid ...

IE7 form authentication after ntlm authentication failed

I have a problem with authentication: Users that have valid domain credentials are logined using NTLM authentication (i send "WWW-Authenticate: NTLM " header and 401 status in my jsp filter. Then IE authenticate user using NTLM and everything is fine. I have other users (connected to lan with their own computers) and they can't logged...

connecting to wifi network using username and pass (GNU/Linux)

Hi, I have a problem to connect to wifi network, because I dont know how to set username and password, needed by network. I usually use "iwconfig" command to connect. But I didnt find nothing in man pages how to say which pass and username will be used in authentification process. Thanks for every advice. Bey ...

How to store authentication credentials for legacy systems in a J2EE container?

I need to store authentication credentials for legacy systems in a J2EE container (IBM WebSphere Application Server Network Deployment 6.1). These legacy systems are accessed using an HTTP interface, but it's not a Web Service. The idea is to query these credentials using JNDI (or some other mechanism) and then use it to authenticate in ...

how should I render views when users habtm roles. cake

ok here is my issue... user habtm groups(roles) i have views for admins, boardmembers, managers, and vps. so when an user have just one role the app reads the role and we're going fine... BUT when he/she/it have two or more roles it just take the first one and dissmiss the others... the questions how should i manage those role so...

manage users views with different roles cakephp

Possible Duplicate: how should I render views when users habtm roles. cake hi i got users habtm roles the thing is when i login i dont know how to separate or mix the views for users that have more than one role... any help? how would you manage this issue? by letting the user select which role he wants to play? or mixing ...