Retreiving the URL http://www.google.com/reader/api/0/token returns a token, which is periodically updated. What's required to generate this token? Apparently, and I'm guessing a, or some, cookies are accessed by Google for authentication. Here are my results so far: thufir@ARRAKIS:~/projects/curl$ thufir@ARRAKIS:~/projects/curl$ rub...
I want to use a custom authentication module conforming to JSR 196 in GlassFish 3. The interface javax.security.auth.message.ServerAuth has the method: AuthStatus validateRequest( MessageInfo messageInfo, javax.security.auth.Subject clientSubject, javax.security.auth.Subject serviceSubject ) AuthStatus can be one of several cons...
(rephrased...) How do you manage 'application' database accounts that have to follow the same policy as regular login-capable user accounts. We have many processes in our system that run, unattended all the time, or part of scheduled jobs that need to access the database (Informix). These have been, up until now, nologin/noexpire acco...
Running Eclipse 3.5 (= Galileo) under (K)Ubuntu Linux 9.10 . Corporate environment with HTTP proxies. I have my Preferences | General | Network Connections all set up with HTTP, host, port, Authentication required and the credentials. Eclipse is asking for my master password at Eclipse startup. So I've provided all the authorization I...
I know this is a basic question so it should be a basic answer. I have always done a user login system using sessions only, I would like to now make it an option for a user to stay logged in when they come back to my site if they choose to by using cookies. I am not sure the best way of doing this but I have a small mockup of the basic...
I installed SVN in Windows XP, I got the error when I create a project, any idea? C:\svn\bin>svn mkdir svn://localhost/myproject -m "some msg" --username user1 --password pass svn: Authorization failed here is the config file in svn. svnserve.conf anon-access = none auth-access = write password-db = passwd passwd [users...
The session state timeout is set using this web.config element <sessionState mode="InProc" cookieless="false" timeout="120" /> The forms auth is configured using this web.config element <system.web> <authentication mode="Forms"> <forms loginUrl="Login.aspx" protection="All" timeout="30" name=".A...
I want to know rough time when a member was last seen in the system. I remember login for 2 weeks. So actual "ValidateUser" on MembershipProvider can be executed quite infrequently. For now I just call DB.UpdateMembershipLastSeenTime() every time from RequireAuthorizationAttribute, i.e. on every authentication-requiring action. Any...
I have been simply writing 2 cookies, 1 containing the user ID, and the 2nd containing 1/2 the SH1 hash of the password (salted). The way it works is self-evident. I realized that I wasnt doing this in the most secure way. Whats a better way of doing this? Preferably using a single authentication cookie. Also, is there a point to usin...
I know this can be done via WindowsIdentity.GetCurrent().IsAuthenticated, but I need another method. Is there a way we can query Active Directory and find out if a particular user has already been authenticated. Thanks for your help. ...
I am adapting an existing web application based on Tomcat 5.5 to add user authentication using an LDAP server. I successfully modified the server.xml and web.xml files to authenticate users using basic authentication, however I want to create my own custom login page for users. I switched over to form authentication, using examples fro...
Hi I work for a company with multiple public-facing web sites. Some of these sites are built using third party products (Moveable Type, myBB, Trac and others). We also have a couple of bespoke sites built on the Microsoft stack. Currently, we have no unified authentication/authorisation solution; each site implements its own user sto...
I'm running the latest version of YetAnotherForum in a folder beneath my main WebApplication. The subfolder is configured as an application in IIS and navigating to the folder and logging in works wonderfully. YAF is setup with a membership provider and uses Forms Authentication. What I'm trying to do now is to auto login a user into th...
I am using ASP.Net's forms authentication, but do not want the default behavior of redirecting to a login page when a restricted area is accessed. Instead I would like to invoke a javascript JQuery dialog for the login on the current page, preventing the content behind from loading. My only issue is that by default the forms authenticat...
Hello I am completely new to login and authentication concepts. I am working on a Glassfish web application that should present general content to any visitor, and some extra content for registered users logged in with username and password. I have been reading the Java EE tutorial about security, and I thought that the Form-based or H...
I have some java code which allows users to reset their passwords stored on a LDAP server. The code runs as part of a web application running on Glassfish. The problem I'm seeing is that after calling the change password operation, the user can subsequently use either password to access the application. I have a unit test which runs...
The following function works in IE but not in Chrome: function doStuff() { var request = new XMLHttpRequest(); request.open("POST", "http://twitter.com/statuses/update.json", true, "USERNAME-HERE", "PASSWORD-HERE"); request.send("status=STATUS UPDATE HERE"); } Chrome generates the following request. Note the Authorization heade...
So we're currently using CodeIgniter + DataMapper OverZealous Edition + DX Auth. It is working on our local machines, as well as our staging server. As soon as we push to their server though, the login doesn't work at all. Upon further investigation, the data from the form is not coming in to the controller where we do our authenticat...
I'm calling a SharePoint Web Service (Webs.asmx) with JQuery to get a list of all subsites: $(document).ready(function() { var hrefParts = window.location.href.split('/'); var wsURL = ""; for (i = 0; i < (hrefParts.length - 2); i++) { if (i > 0) wsURL += "/"; wsURL += hrefP...
How do I get git-svn to forget the svn authentication details ? We have a pairing machine running windows server 2008 on which we have a git repo and we check-in to a central subversion repository. I want git to prompt me for my subversion authentication details each time I check-in. I have removed the subversion files from under %APPD...