I have a j2ee web app that is using JAAS form based authentication. However, due to some unusual requirements, I cannot have the user enter their username and password directly into the logon.jsp form and have them submit it. Instead, I must gather the data on a separate page, and then later redirect to logon.jsp to log them in. What I ...
I am using IIS 6.0 and have a virtual directory setup. The server is setup on my company's intranet. Under the security settings, anonymous access is disabled, integrated windows authentication is enabled, digest authentication for windows domain servers is enabled, and the realm has our AD domain address. Everything works fine with thi...
I am having a problem using LogonUser from vb.net to authenticate a user. I am using the LogonType of "LOGON32_LOGON_NETWORK" (3). The documentation specifies to use this option for simple authentication and that it does not cache credentials. The problem I am having is if a user has just changed their password, they can login using e...
Edit: I think I can boil it down to: I want to use windows authentication mode, but be able to get a list of users like you would with Membership.GetAllUsers(). I'm trying to develop a solution for use on an intranet, so all the users will be authenticated. I guess I'm looking for a best of both worlds solution. Here's the gist (I'...
I recently was tasked to implement Single Sign In functionality where users could register and sign in to this site using their credentials from a more popular site. That got me to start looking and asking around as to who was doing Single Sign In. I was surprised to learn how much of a hot button topic it turned out to be. If you have ...
Im trying to consume a Service with an WCF Console Application. But the only thing i get as a Response is "The remote server returned an unexpected response: (400) Bad Request." The Service is configurated with the following options: <services> <service name="TryOut.BasicService" behaviorConfiguration="NicksBasicBehavior"> <host>...
I am playing about with the Zend Framework at the moment and I have a written the authentication code using Zend_Auth. I am trying to find a way to ensure that the user is logged in before they can view anything but I don't want to do it on a per controller basis. I am thinking a plugin, but all the books I have on it are pretty rubbish...
Hi, I am currently designing a role based authentication system for resources where many users have different access rights to it. A role may be a single user, or a group of roles (so a role is a tree of roles). (see graphic below) A resource can have multiple authentication properties (like read, write, delete), where each of this ...
Instead of using basic or digest authentication for an upload, could it be possible for a service to generate a certificate for the client to download for authenticated uploads? Keygen could be used for example, though it might be more straightforward to "Save the certificate" somewhere. Once the user has the certificate, the user is ab...
I'm developing a CakePHP site for which I've just enabled VAS authentication using a .htaccess file: AuthType VAS AuthVasUseBasic On AuthVasRemoteUserMap local Require valid-user I'd expect to be able to find out who was logged in by using $_SERVER['REMOTE_USER'], but I'm finding that the key is missing from the $_SERVER structure: ...
I’m looking for recommendations of how to authenticate user/password combination and verify group association across a number of differing operating systems. Basically I have a C# application that is working in both MS Visual Studio C# and Mono C# and I need to add an authentication mechanism to it to support Windows, Linux, and MacOSX....
I need to implement Integrated Windows Authentication for a WCF service hosted on IIS 6.0 (Windows Server 2003) without certificates. The requirement is to simply authenticate Windows Credentials of users within a particular Active Directory group when they hit the service. The Framework version being used is 3.0. WCF Configuration: Th...
There are several ways to use OpenID on ASP.net sites, but none of them seem to use the existing mechanism of Membership and Authentication Providers. I wonder what the proper way would be to create a site that solely relies on OpenID? Continuing to use Forms Authentication but implementing a variant of the SqlMembershipProvider that do...
I'm using asp.net configuration manager and the standard login control to allow users to logon. What I'm wondering is can I find out what user is currently logged in from the business layer or do I need to pass it in from the UI? ...
I am trying to setup TeamCity on my Windows XP machine. It is failing to get the code from subversion because of an authentication error. I have put my windows domain\user username and password into the TeamCity configuration - but it looks like it's trying basic authentication. What do I need to change? Here is the TeamCity SVN log (th...
Here at work, we have a non-root shared login account on UNIX that is used to admin a particular application. The policy is to not allow direct logins to the shared account; you must login as yourself and use the "su" command to change over to the shared account. This is for logging/security purposes. I've started using SSH public/priv...
Forgive me if this has already been asked (and feel free to provide a reference and close this). The ultimate goal is to associate some data with each user (obviously) and display that data to users differently based on their roles. I have looked extensively for a simple, drop-in solution for authenticating users in PHP. I am not look...
I have a web reference created from the WSDL, but I'm not allowed to call the function unless I pass in the username / password; the original code for the XML toolkit was: Set client = CreateObject("MSSOAP.SOAPClient30") URL = "http://" & host & "/_common/webservices/Trend?wsdl" client.mssoapinit (URL) client.ConnectorProperty("WinHTT...
Let's say that I have subclassed User model (CustomUser) properly (as explained here: http://scottbarnham.com/blog/2008/08/21/extending-the-django-user-model-with-inheritance/) and installed the comments app. to access the user of a comment in the template I write: {{comment.user}} # which provides User, not my CustomUser and theref...
I need to write a python script that makes multiple HTTP requests to the same site. Unless I'm wrong (and I may very well be) urllib reauthenticates for every request. For reasons I won't go into I need to be able to authenticate once and then use that session for the rest of my requests. I'm using python 2.3.4 ...