I want to use a Java EE application server (GlassFish 3) as SSO service for both Java applications and PHP applications. If a user gets authenticated by GlassFish he should also be logged into the PHP applications. Is there a best practise to share the Servlet session (more precise: authentication status) with PHP? ...
I have created a list of 5 users.How do i find out which user has logged in currently ? Also please mention , if there is any way to find out if the super-user has logged in ? My requirement is , I want to restrict the access of certain pages in the templates only to the superuser . Thanks in anticipation. ...
Hi, I want to expose a resource using RESTlet with a fine-grained authentication. My ServerResource should be accessable via GET only for authenticated members (using BASIC Authentication). However, requests using POST should be available also for callers without any authentication. In order to clearify: http://path/myapp/user shoul...
Hello, I would like to ask you for help with the following code I have quickly write, beucase I always get "403 FORBIDDEN". HttpWebRequest pozadavek = (HttpWebRequest)WebRequest.Create("LINK THAT ASKS FOR AUTHLOGIN"); //https System.IO.StreamReader stream = null; System.String result = null; public Form1() { Init...
Hello, I just found out that my site authentication is not working in IE8. It works in FF, Chrome, Opera but not in IE8. I've deleted all the cookies and temporary files but no change. After a short research I found out that there is some problems with the cookies with IE8. Look at this http://www.reachfarther.com/persistent_cookies_fa...
I'm trying to make the Auth module to 'remember' the user session with a checkbox on the login page. What happens is that no cookie is created, only session as usually. I've noticed the user_tokens table, but don't see any use of user_token model's methods at all. I do pass (bool) TRUE as a third parameter to login() method, but there's ...
Is there a way to get the information of the main thread (the application thread) from a second thread? My problem is that I have to set the currentprincipal in the main thread, but the authentication is done in another thread because it's a long and complex task, but when I set the currentPrincipal in the second thread, the main thread...
In several frameworks (symfony/Django), you have admin generators that usually control access via a User table (which assigns a user to a specified Group table). I'm curious, why not simply use MySQL's actual users (with select/read/write access already baked in) instead? ...
We have a library of ZIP files that we would like to make available for download at an ASP.NET site. The files are sitting on a NAS device that is accessible from out web farm. Here is our initial strategy: Map an IIS virtual directory to the shared drive at path /zipfiles Users can download the zip files when given the URL However...
I have developed a facebook application for the web, iPhone, and Blackberry. For the web, I direct users to http:// facebook.com/login.php?api_key=eb5e547ac5534ffc3862bc74017d344d&v=1.0&next=webLogin.php, where they can sign in without issue. That is, if they enter a wrong password and then enter the correct password, they are forwarde...
When users verify their email address successfully, could I just log them in automatically? I consider the following reasons to do so: The link is a random hash Users will already be annoyed by having to validate I will trust anybody who has access to the email inbox anyway, since you can reset your password Users can of course only v...
How can I enable HTTP Basic Authentication in JBoss 4 for a specific web application? Having a fixed username/password will do. ...
Hi, Does anybody has any pointer regarding this? We are currently trying with Java SOAP API. The URL used for windows live authentication is:https://login.live.com/RST2.srf <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401...
Hi have form authenticaion for my site, and it works fine on localhost and godaddy, but after moving to another hosting it stop working. After login in admin area after 2-3 minutes I redirecting back to login screen. Does anybody know if I change some settings on IIS or what is the source of the problem? My code looks like <authentica...
I am trying to Sip Register and I get the challenge from the server. So I need to use the MD5 algorithm on the nonce and then send that to the server to authenticate. I have come across two examples of MD5 encryption and I have tried both and each one gives a different string back to me, so I was wondering which one is the correct one ...
Stackoverflow uses OpenId as many other websites. However, I rarely need to provide my OpenId to Stackoverflow while with other OpenId enabled websites, I have to do it once a day or week. This suggests to me that the expiry of the session is with the website and not the OpenId provider. Looking at the DotNetOpenId code in ASP MVC, I c...
How do you setup server to server SFTP to use public-key authentication instead of user account and password? ...
Is there an example of an OAuth implementation or profile which uses multiple authorization tokens in one interaction? Can this be done with vanilla OAuth (as opposed to an extension)? Is there any discussion on the reasons for or against using multiple tokens in one request? OAuth WRAP uses two tokens, but only one is an authorizatio...
I would like to create a login page using ASP.NET. I don't want to use the ASP.NET login control. How do I do this? ...
Are there any libraries that can authenticate via active directory? This is a new application, so I want to make the correct design patterns in the beginning. I want my authentication service to be able to support my session/cookie based authentication and active directory/ldap. Are there any examples online that I can look over that ...