We have one browser-based application where we want to make the user reauthenticate when they enter it. So when they access that URL we want them to be presented with the PIN prompt so they have to reauthenticate. Is there a reasonable way to do that?
Added info: This is for a CAC card and the workstations have ActivIdentity and Tumble...
I've got a WCF service that will need to receive client credentials, and maintain some kind of role-based data, based on my auth method.
The clients will reside on many different systems, and as such, each client will have a unique userID and pw.
I'm using basicHttpBinding and have read a few articles, such as this one,
http://nirajru...
I know the "XMLHttpRequest" object supports a method "open" which has an optional parameter of a username and password. I just found out that these parameters can be supplier for requests requiring container-based authentication.
This is the method signature:
open(method, url, async, username, password)
Can someone help me out with t...
I am getting message "You are not authorized to view this page", whenever i am trying to open my IIS in IE8. How to stop IIS asking authentication?
...
Hey,
When I log onto some sites, ex. http://mysite.com and then go to http://www.mysite.com, I'm not logged in? But if I switch back to http://mysite.com (without the www's) I'm logged in again?
Anyone know why this is or how to make it so that if you log in on one, you're logged in on both?
Thanks,
Matt
...
I'm making small web service(1) and I decided to use resteasy to make it. But I need to know what would be best practise to develop authentication with resteasy. And what kind of responses webservice should send? Are responses usually in XML or what format, and what format of XML response should be?
Btw. I use jboss 4 and Java 5.
http...
Which authentication plugin for Rails would you choose? I'm not interested in the permissions, roles and other authorization stuff.
I'm interested in the:
user model/controllers generation
predefined components to support various ways of authentication (HTML form, OpenID) with various back-end (database, LDAP, textfile).
I'm looking...
I can open as many instances of IE7 as I want and I get prompted for a cert each time (but no PIN). However, if I close any of the instances of IE7, then on the next open I get the PIN prompt. So it seems to me that the IE7 program is doing something when it is closed to tell the smart card to "expire" the current PIN. I would like to ...
Hi,
How can i secure Web Service calls from a desktop application (winform) ?
I first think about pass login/password to each web services methods and then check from my database of user is authorized, but i'm looking for a better way to secure that.
Thanks.
...
I have a ASP.NET MVC site that is locked down using Forms Authentication. The web.config has
<authentication mode="Forms">
<forms defaultUrl="~/Account/LogOn" loginUrl="~/Account/LogOn" timeout="2880"/>
</authentication>
<authorization>
<deny users="?"/>
</authorization>
None of my pages other than Account/LogOn can be viewed unless...
Hi everyone,
I am developing a Netflix application for the Blackberry, and so far one of my biggest challenges has been related to the OAuth protocol. I have been searching for examples of implementing OAuth with Java (on the Blackberry), and I have found very little. One of the other posts on stackoverflow recommended Signpost (http://...
In my web.config I have this:
<system.web>
<authentication mode="Forms">
<forms loginUrl="Login.aspx" protection="All" path="/" timeout="30"/>
</authentication>
<sessionState timeout="20" />
</system.web>
<location path="admin">
<system.web>
<authorization>
<deny users="*"/>
<allow us...
Hi,
Just wondering what people would suggest for an approach for a WinForms client that will have to interact with my web application (ruby on rails, which will use AuthLogic for authentication).
For example options such as:
* authentication each HTTP request,
* gets a token for the session until it times out
* other?
This can be t...
I am upgrading a site to use MVC and am looking for the best way to setup Authenication.
At this point i have the login working off of Active Directory, validating a username and password and then setting the auth cookie.
My question is how do i store the users role information at time of login in order for my controllers to see those ...
Hi
I've posted this on Serverfaults also, but since it is a development problem to me, I'll try it here also.
I have a ASP.NET web app with normal login controls.
When I type in the following in my web broser: http_://localhost/WebApp1
The page renders, I input my login credentials, and I get logged in.
But when I type the following...
I’m developing a small application that interacts with a web service which authorizes access based on the client IP. When developing on my local machine at home, I am not allow to access the web service, unless I request an authorization for the random IP that i get from my ISP.
My question: Is there an easy way to get around this probl...
I have a Flex-WebORB-Asp.NET application. When logging in, there's a AuthenticationHandler which implements a WebORB interface:
IPrincipal CheckCredentials(string username, string password, Request message);
So I create a Principal and return it. WebORB uses the Principal to check for Authentication and Authorization of remote method ...
Is Facebook an OpenID provider? I know they are an OpenID supporter but do they allow people to authenticate with other sites via OpenID with their Facebook credentials?
...
Hello, firstly I would like to thank you in advance for any assistance provided.
I am new to software development and have designed several Client/Server applications over the last 12 months or so, I am currently working on a project that involves a user logging in to gain access to the application and I am looking at the most efficient ...
Hi,
I have a website that uses Basic Authentication (username/password).
Why is the following code not working? When I run it the web application takes me to the login controller, whereas I'm expecting that it should already be authenticated given I'm populating the credentials. In other words I'm trying to confirm how, in .NET, I...