I'm currently developing a weblog engine. I use Live Id for authentication when logging in online. I'm building support for Live Writer thru the MetaWeblogAPI. Is it possible to check Live ID authentication from within Live Writer? Does anyone know if this it is possible to do this myself? or do I have to create an alternative authenti...
I am possibly taking over an app that literally just encrypts user passwords by doing md5( password ) They have ~2000 users to date, so I'm wondering how I can migrate those passwords (or can I?) to a stronger encryption schema (e.g. involving a salt, user-specific hash, and their password, all encrypted with sha1, bcrypt, whatever) Th...
I have a project that has .htaccess Authentication but i want to remove it for a certain assets folder. i tried adding a htaccess in that folder with : AuthType none Satisfy Any Allow from All Order Allow, Deny but it doesnt seem to work :( Any thought on this. Thank you so much Edit The directory i am trying to unprotect is not a ...
Hi all, i am trying to play a video from my IIS, which is protected with basic authentication. Can any one help with how to play an video with authentication. MPMoviePlayerController has only these parameters. contentURL property backgroundColor property scalingMode property movieControlMode property how to give auth det...
Will it shut down & lock up after repeated false password tries, and/or will it add lags in-between retries? Or does this depend on which modules you or your provider install? Thanks! ...
Our customer wants to use their existing active directory to authenticate users on a new WSS 3.0 server. The company is using several domains. I have read this thread sharepoint-wss-authentication-across-multiple-domains but it does not give me the information on how to set up the sync-connection. Ive seen on meny places that AD sync is...
Is there any way to grant permission to a MySQL Server based on the host and not the username/password. So whitelisted hosts can connect to the MySQL server without using a username or password. Would doing so improve performance at all? (the servers are on a LAN that's not connected to the internet at all, security is of no concern ...
This is my first time on StackOverflow though I "read" Coding Horror quite often. Anyway... I'm working on a school/college project using CakePHP and I'm using the built in AuthComponent to support user Authentication (i.e. logging in, etc). My problem is that it logs me out after very short intervals. It doesn't even have me wait a f...
One of the goals of OpenID is to be resistant against the failure of any one corporation. This sounds good, but there is another problem: if the site your ID is hosted on goes down, so does your ID. I thought that there must be a login system that would be totally resistant to failure. My idea is like this: I go to a website and I have ...
I implemented Forms authentication by creating Default.aspx and custom login page named login.aspx. If unauthenticated users brows to Default.aspx, they are redirected to login.aspx, and only if match is found for the supplied credentials, is user redirected to default.aspx. But when using Firefox, it appears all browser instances use ...
Hello, Q1 To configure membership provider, you also have to add section to your web.config file. One of the properties of SqlMembershipProvider is also applicationName. If you don’t specify this attribute, then membership API will associate objects in database to the root application with the “/” name. A) what is meant by r...
Hello, Q1 - I’ve created two membership databases ( using aspnet_regsql tool ) DB1 and DB2. I then created web applications A1 and A2. A1 uses DB1 to store user credentials, while A2 uses DB2. If the user I created in A1 ( via Asp.Net WAT tool ) uses email [email protected], then none of the users created in A2 can have the same email add...
Can anyone briefly explain what is the use of GenericIdentity and where to use it. ...
Hello, A) Book I’m learning from says that if we handle Login.Authenticate event, then we have to authenticate users on our own. Thus control won’t automatically validate username and password. I thought book suggested this would only happen if we override Login.OnAuthenticate() method, but it appears that even if only add an event ha...
Hello, When using custom template for Login control, if we add control with ID = Login and set its CommandName to “Login”, then Login control will automatically handle authentication. Control with ID=Login can be any control that supports event bubbling. Thus I assume this control can be either Button, ImageButton, LinkButton o...
Symptom: Some users cannot successfully POST, most can successfully POST. When the error occurs, users are redirected to the site's Shared/Error page. Technologies used: IIS v6 Windows Server 2003 asp.net v3.5 asp.net mvc framework v1.0 jQuery linq sql server 2005 Authentication: Windows with the AspNetActiveDirectoryMembershipProvider...
Hello, Q1 A) Is there a way to create membership database ( using aspnet_regsql tool ) where each user could have several email addresses specified ( instead of just one ) during registration process? B) Is there also a way to somehow "inform" Security wizard in WAT to include new input fields ( where additional email addresses w...
I know that it is possible to use "OS authentication" to authenticate Windows users in Oracle database. The process is basically passing current Windows user id to Oracle for authentication. The question is - is it possible to authenticate domain group in Oracle (as it is possible with SQL Server integrated security), so that there wou...
Hello, A) Why, when using templates with CreateUserWizard control, does including Textbox with ID=Email depend on whether CreateUserWizard.RequireEmail property is set to true, but TextBox with ID=Question is required only if underlying membership provider requires password question? In other words, why wouldn’t it also be up to und...
Hello, This is probably a stupid question, but still.. A Wizard control is made up of a collection of WizardStep objects that represent single steps of a wizard. But why are these W*izardStep* object represented as controls ( thus they require runat=Server attribute )?Couldn’t they be handled similarly to ListItem objects, which don’...