Most Oauth implementations require the user to login with the originating site in the process. An example is: http://code.google.com/apis/accounts/images/OAuthDiagram.png Now, what if I want to use my own account to access a generic feature, such as a search for people outside of my network, and don't want them to login? Is there any w...
Hi, I'm developing a login and authentication system for a new PHP site and have been reading up on the various attacks and vulnerabilities. However, it's a bit confusing, so I want to check that my approach makes sense. I plan on storing the following data: In the session: user-id, hashed + salted HTTP_USER_AGENT In the cookie and i...
I couldn't find resources on how to use authlogic with sinatra. Or at least no documentation about a canonical way to do authentication with authlogic ... Anyone has pointers to some tutorials, sample code or can sketch out a minimal authlogic/sinatra example? Thanks in advance. ...
Guys and girls: Third party app (A) needs to link users to our app (B) and log them in behind the scenes. Both apps work independently with their own auth systems. Users share a common unique ID, but have different authentication tokens (username/password/key etc) at each app. The two complicating factors are as follows: One app B u...
I am using the authlogic gem for user validation on one of my sites. All is going well, but I am wondering if it's possible to change the error message that gets returned when the user types in an invalid email address. Thanks! ...
Hi, In light of http://igigi.baywords.com/rockyou-com-exposed-more-than-32-millions-of-passwords-in-plaintext/, I am just curious what kind of authentication systems are in place for big players such as facebook, google, myspace? Are they using LDAP or just database? Regards ...
Hi. I'm trying to connect with a webservice that's in a password protected host, i.e. you must enter user+pass to access the remote WSDL. The key word there is "trying", I have a client made by WSDL2JAVA that works ok if the service is unprotected, but I can't find how to add the login to that code. To clarify, it's not the webservice ...
I am building a project management app and I am not sure which is the best/correct authentication model to implement given I am new to Rails (and programming in general). Here is what I am trying to do. I want to be able to add a "client" to the application and then multiple projects to a client. I would like to be able to add users (t...
I'm trying to create a database in couchdb, which has an admin user/password set, using couchbeam. I've set my credentials in couchdb's local.ini file and restarted. My code to create a db is: couchbeam:start(), Params = #couchdb_params{username="test" ,password="pass"}, Connection = couchbeam_server:start_connection_link(Params), Db = ...
If I want to store the username and password to be used inside an Android application, what is the best way to do it? Is it through the preferences screen (but what if the user misses this?), or pop up a dialog box and ask the user for the credentials? If so, I do have to maintain state for the application. How would I do this? ...
Hi I'm using CakePHP's Auth component and it's in my app_controller.php. The problem is I want to allow specific views in the built-in pages controller. How do I do that? Thanks in advance! ...
I'm developing an ASP.NET system that has two different 'tiers' of roles. The main tier will use Active Directory groups to determine membership, while the second tier will use a database. All users will have a tier-1 AD role, but not all users will have a tier-2 database role. I know I can use the AspNetWindowsTokenRoleProvider to mana...
Is it possible to integrate OWA (Outlook Web Access) and OpenID with a standard, existing component? If not, is it theoretically possible with a straightforward integration plugin (most probably using dotnetopenid)? Any hints on necessary API-s, components, technologies etc would be useful. ...
I am setting up the authentication cookie in c# as persistent and with an end date of one year from now, but it expires not too long after being set. The code is below... DateTime endDate = new DateTime(); endDate = DateTime.Now.AddYears(1); FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, ...
My website can be access from many domain (a my own blog engine). So, how i can cross authentication? I'm using: IIS7, C#, asp.net membership, form authentication. ...
So, I've been coding for a little (2 years), and I have a very subjective question: Is it wrong to use $_REQUEST for Data? This mainly pertains to authentication by the way. If you think about the 3 ways data can occur in $_REQUEST, it can come from either a cookie, a form, or a query string. Now, I know that most people directly gra...
Lets say that I have only DHT (distributed hash table) implemented (in Python), and I want to build authentication service over P2P network, but without introducing centralized authentication server with such a service. Can it be done, and if so how can I achieve this? I'm familiar with how Skype and Wuala have done this, but I am looki...
Ok, suppose to have this db schema (relation): |User | (1-->n) |Customer | (1-->n) |Car | (1-->n) |Support | |--------| |---------| |-----| |-----------| |id | | user_id | |Brand| |Description| |username| |lastname | |PS | |Cost | |password| ...
Hi, I have application in C# that consume Java WS. Everything worked fine until WS was configured to use authentication. Now I should user login i password to execute methods from WS but I'm not sure how to do it. I've try var client = new MyBeanClient(); client.ClientCredentials.UserName.UserName = "admin"; ...
Hello, I have a controller named sales_controller at this controller I got a function in wich I want to: update information about the sale -> DONE create a new record on other model -> DONE update a field on a user record -> PROBLEM My last attempted to do this was: App::import('model','User'); $user= $this->Auth->user(); $nr = $t...