Why does Kerberos authentication use T125 protocol? I believe Kerberos authentication behaves this way:
Client asks for a ticket to the Kerberos authority
The Kerberos authority provides a Ticket to the client
The Client tries to authenticate towards a Server and sends to the server this Ticket.
The Server verifies the Ticket is OK wit...
I am creating a standalone asp.net page that needs to be embedded into a sharepoint site using the Page Viewer Web Part. The asp.net page is published to the same server on a different port, giving me the URL to embed.
The requirement is that after a user is authenticated using Sharepoint authentication, they navigate to a page contain...
I have an .asmx in a folder in my application and I keep getting a 401 trying to access it.
I have double and triple checked the setting including the directory security settings. It allows anonymous. I turned off Windows Authentication.
If I delete the application and the folder its in, then redeploy it under the same application na...
I've set up DAV in apache2, which works great. The thing is, all read/write operations are done with the apache user's credentials. Instead I want to use the HTTP authenticated user's credentials. If I authenticate as "john", all read and write operations should use the system user john's credentials (from /etc/passwd). suEXEC seems...
I am currently building an internal web application used in a factory/warehouse type location. The users will be sharing a single PC between several people, so we need to have a fairly short session timeout to stop people wandering off and leaving the application logged in where someone else can come to the PC and do something under the ...
I am tasked with writing an authentication component for an open source JAVA app. We have an in-house authentication widget that uses https. I have some example php code that accesses the widget which uses cURL to handle the transfer.
My question is whether or not there is a port of cURL to JAVA, or better yet, what base package wil...
I do not understand how I can authenticate a user in a Facebook Flash application. I have read from the documentation that Facebook platform gives arguments, such as user id and session secret, to the Flash application, but how can I inside the Flash application make sure that these arguments are correct and not fake? Should I make some ...
I've just built a basic ASP MVC web site for deployment on our intranet. It expects users to be on the same domain as the IIS box and if you're not an authenticated Windows User, you should not get access.
I've just deployed this to IIS6 running on Server 2003 R2 SP2. The web app is configured with it's own pool with it's own pool user ...
I've got the directive
<VirtualHost *>
<Location />
AuthType Digest
AuthName "global"
AuthDigestDomain /
AuthUserFile /root/apache_users
<Limit GET>
Require valid-user
</Limit>
</Location>
WSGIScriptAlias / /some/script.wsgi
WSGIDaemonProcess mywsgi user=someuse...
I have been trying to follow the guidelines in this Microsoft article to authenticate
against Apache with Kerberos and AD. I have successfully tested the communication between the apache server and the AD server with kinit. However when I attempt to access a restricted page on the server with IE I get an Internal server error and the fo...
I'm looking at building a simple web app that will expose an API that lets third-party (well, written by me, but that's not the point) apps query for and modify user-specific data stored on the site.
Obviously I don't want to allow apps to be able to get user-specific information without that users consent. I would want some kind of app...
I want to use forms authentication in my asp.net mvc site.
Can I use an already existing sql db (on a remote server) for it? How do I configure the site to use this db for authentication? Which tables do I need/are used for authentication?
...
I'm looking for the best/easiest way to add extensions to an existing protocol (can't change the actual protocol easily) to allow the user to do windows authentication (NTLM?) in .NET. I looked at the AuthenticationManager class already but it requires that I use Web(Http)Request which isn't an option. NegotiateStream is an option either...
How do I authenticate against AD using Python + LDAP. I'm currently using the python-ldap library and all it is producing is tears.
I can't even bind to perform a simple query:
import sys
import ldap
Server = "ldap://my-ldap-server"
DN, Secret, un = sys.argv[1:4]
Base = "dc=mydomain,dc=co,dc=uk"
Scope = ldap.SCOPE_SUBTREE
Filter = "...
I have a self built JSP webapp and at the moment I'm using tomcats built in admin pannel to manage user accounts (that are stored in tomcats config xml files) but this is limited because i can not create new accounts from within the web-app (eg. I can not have a sign up website) and need to manually create the accounts.
What is the mos...
OK, probably best to give an example here of what I mean.
Imagine a web based forum system, where the user authentication is done by some external method, which the system is aware of.
Now, say for example, a user enters the URL for a thread that they do not have access to. For this should I return a 403 (Forbidden), letting the user k...
Is it possible to create a .NET equivalent to the following code?
<?php
if (!isset($_SERVER['PHP_AUTH_USER'])) {
header('WWW-Authenticate: Basic realm="My Realm"');
header('HTTP/1.0 401 Unauthorized');
echo 'Text to send if user hits Cancel button';
exit;
} else {
echo "<p>Hello {$_SERVER['PHP_AUTH_USER']}.</p>";
...
My client wants me to enable a "Remember Me" checkbox when the user logs in. I am encrypting and storing both the username and password in a cookie.
However, you cannot write to a textbox when it's in password mode.
I've seen this done numerous times, so how are they doing it?
thanks in advance!
...
I'm used to doing basic password protection for Apache w/ the following method in Apache config files:
AuthType Basic
AuthName "By Invitation Only"
AuthUserFile /path/to/.htpasswd
Require valid-user
However, I've been asked to put some protection on a subdirectory of a site running ColdFusion on top of IIS6, and I'm unfamil...
There seem to many ways to skin this particular cat - but which is the best and easiest to implement. It would seem that the ASP.net Membership Provider is the one that will save more time, so my questions are:
What are the pros/cons of Membership?
How do you integrate the auto generated user db with your own custom made db? e.g custo...