I've got a web app I'm building in ASP.NET that has the following security requirements: Must be able to integrate with a master authentication scheme that passes back a unique key to the application to indicate a user has logged in via a third-party site. Must be able to use existing user/roles tables. May use forms authentication and...
I've got a SharePoint MOSS 2007 development setup on to which I installed the WSS infrastructure update. Now, whenever I try to access any site collection in my SharePoint farm using IE7 I get a username and password prompt. I enter valid credentials for my Site Collection admin account and I see the box again. This happens three time...
Is there a way to disable IIS default authentication in global.asax or somewhere else depending on passed parameters. A client requests the same form would be secured using IIS authentication and by providing authentication information in POST variables ...
I'm currently working to specify my company's new partner/public API, which will be a resource-oriented RESTful web service. The missing piece of the puzzle at the moment is authentication/authorization. The requirements are: Initially it must work for a server-to-server environment, e.g. a server application must be able to identify ...
I want to let the user automatically re-login in my Flex app, which uses Basic Authentication By the way, I have noted this StackOverflow question, which is relevant, but does not address the question of logging out client-side. For example, after user A logs in, user B comes to the browser, goes to the login screen (perhaps in a new t...
Is there a good way to do this in django without rolling my own authentication system? I want the username to be the user's email address instead of them creating a username. Please advise, thank you. ...
The idea of unified authentication behind a single API like PAM is very attractive to me. However, PAM seems to be more oriented toward shell authentication and offer a rather limited set of features from its API and require system-wide configuration from a file. I'm looking for something like this for a CGI (C language) web interface t...
I would like to have a clean C# class that authenticates from Active Directory. It should be pretty simple, it just has to ask for credentials and check if it matches what AD is expecting. I am responsible for a number of C# applications, and I would like all of them to use the same class. Could someone please provide a clean code s...
Hi all, I am trying to setup a shared authentication system on a build server. We have several maven projects that declares how the deployment should be done regarding the different teams that we have (each team has its own authentication user/password): <profile> <id>release-profile</id> <distributionManagement> <repository> ...
I have a client/server WCF application that needs some sort of user authentication against a database. The application (both client and server together) is being developed to be sold to dozens of customers, for use on their intranets. We're not too worried about encrypting most of the data moving across the wire, except of course durin...
Unfortunately their Wiki is down for maintenance and the web is not being helpful. How do I add a new user to JBoss so I can login. In Tomcat you change the tomcat-users.xml file. There seems to be a similarly located and titled file called login-config.xml in the config folder of jboss. Is it something to do with this file or somethi...
I have a number of services that will be running under the security context of NT Authority\System as a Windows service (the services are NetTCP-based). There are six groups stored in Active Directory that will be allowed to access these services: Users Agents Approvers Administrators (three levels of admins) I know I can get the user ...
Hi all, I want to implement a discrete remote authentication server that handles login for many sites. Somewhat similar to OpenID. Basically, I have site-1 and site-2 and they're both reliant on the same user database, which is on a separate auth-site. So, auth-site handles user authentication for them, and during this process, makes i...
Hi, Other than forms authentication, what are other common forms of authentication that an application should ideally support? Is it just active directory or is LDAP a must also? ...
Is it possible to pass credentials using AJAX to a webserver that request www-authentication? I want to log in to a website that uses .NET Bsic www-authentication, and pass the credentials using ajax. When visiting the server with a browser, the browser prompts the user with an authentication/login window. The html header contains this...
well, on a IIS web site with integrated windows authentication and no anonymous access, I can retrieve the logon username of the user, something like like domain\user... is it possible to achieve this with jsp on tomcat? (or any other container) I've tried with request.getHeaderNames (on tomcat) but I only get host, user-agent, accep...
Scenario For a multiple file uploader I am implementing, I need to have a handler within a windows authenticated site that uses anonymous access. As detailed here, this is because Flash cannot use windows authentication. The aforementioned post states that the only way to accomplish this is to create a completely separate site. Howev...
Using a provided username, password, and domain name, how can I retrieve a boolean value indicating if a user has successfully authenticated with a primary domain controller? Authentication should be performed using the Kerberos protocol for windows domain controllers. Thanks in advance, Dan ...
I have been looking through java web frameworks lately (though this question need not be limited to java), and I noticed that most examples on web framework websites leave out auth & auth examples in their stock documentation. one ruby example: acts_as_authenticated (link?) grails has: http://www.grails.org/Authentication+Plugin Anywa...
Hello, Imagine you have an ASP.NET based website that users have to authenticate for to get access. The user data (such as username, password and other information relevant for the website) is stored in a Microsoft Sql database. I know that it is possible to write an custom membership provider to create an own authentication method. H...