authentication

How to make passwords optional using Devise?

How can I make the password optional into the registration and login when authenticating a user (if no password then it will just use the e-mail) using Devise. Although if they register with a password (or update it later) it should then be require for login. How can I accomplish this using Devise? Note: I'm using Rails 3.0.1 and Devise...

Django authentication middleware denies login consistently

Preface: I taught myself how to use Django a couple of years ago, developed a webapp, handed the keys to my clients, and haven't had to do much with the app since then, nor have I developed with Django since then. The Problem A lot of users cannot log in successfully, and this appears to be a persistent problem for those it affects. Ho...

IE not saving asp.net authentication token / cookies

I have an asp.net site. Its a mixture of web forms and MVC2. I have this on 2 different servers which I get to via different urls. On one server authentication works fine via all browsers (IE 8, FF 3.6, Chrome) On the other IE 8 fails, it doesn't send back the cookie on the request to the page after authenticating. Using Fiddler I ...

Using DX Auth for Codeigniter

Has anyone used DX Auth for Codeigniter bundeled examples? After following Installing DX Auth library with bundled examples on http://dexcell.shinsengumiteam.com/dx_auth/installation/index.html I added a route $route['auth'] = "auth"; in config/routes.php, uploaded /controllers/auth.php, added $autoload['libraries'] = array('database'...

SMTP Authentication problem

I'm writing a simple mail client in Perl, that uses SMTP to log in a Mail server, and from there sends a mail to another E-mail address (on different host). I use raw SMTP commands, because strawberry perl doesn't come with SASL.pm which is needed in order to authenticate. However, when the script tries to authenticate itself, it fails. ...

Best way to implement Single-Sign-On with all major providers?

I already did a lot of research on this topic and have implemented a lot of solutions myself. Including OpenID, Facebook Connect (using the old Rest api and the new Graph Oauth 2.0 Api), Sign in with twitter (wich has been upgraded to fully qualified Openid by now as far as I know), and so on... But what I'm still missing is the perfec...

Has anyone used omniauth with rails 2.3.8?

Hello All, I am new to Rails and I am trying to use omniauth with rails 2.3.8. I couldn't find any tutorial for this version of rails so I referred to http://blog.railsrumble.com/blog/2010/10/08/intridea-omniauth. I added the initializer as follows: omniauth.rb OmniAuth::Strategies::Twitter = { :consumer_key => 'xxxxxx', ...

Can I use browser authentication to make RESTful calls to GAE?

We're writing a Desktop application that relies on Google Appengine to authenticate the user and retrieve and store data associated to it. The way we'd like to authenticate the user is that on launching the application the browser is launched at the login url for our application. Then the user logins there, and then the application makes...

rails, rolling my own authentication system, what are security issues I should be taking into consideration?

Here is a list of security issues that my authentication system has to address (I know there are already plugins for this, I want to create my own -- I'm just like that! ((especially since I want to learn how to do it)). using rails form forgery protection storing a guid as the auth_token in the cookie, not the user id. Have this toke...

Transparent Single Sign On across multiple websites

I have a network of sites. Some of them as subdomains and other as domains. I want to create a central login place for all my users like http://login.example.com/ where they can log in. I have a sign in link on all the sites which the user can click to sign in. If they sign in once, they should be transparently logged in to all all other...