I am working on an app right now where I have Individuals, Athletes and Coaches. A coach has many athletes and they create athletes as well. Whereas individuals can just come to the site and use a different set of tools. So for functionality and logic reasons I prefer to keep the individual model separate from the athlete model. When u...
Sorry, that it isn't exactly programming question, but it is also interest. So my question is: where from user private key comes? Whether it comes in key-pair together with public key in certificate that is generated in CA, or it is generated in client OS, when only thumb-print, public key and so on comes from CA? Thank you for ahead. ...
I want to password protect an entire directory and authenticate users though a MySQL database using PHP. I know you can password protect directories using .htaccess but I can't seem to find out how to use PHP and MySQL along with that. ...
I'm trying to create a desktop program that will interact with the online todo list manager rememberthemilk.com. The final step in the authentication process is launching a link where the user can log in to the service and verify that they want to allow the program to access their account. However, right now I don't have a way to det...
In an ASP.NET 3.5 application running on IIS, how do I force a "deauthentication" of all currently logged-in and authenticated users? iisreset didn't seem to do the trick! ...
While creating a new application on App Engine, I can choose whether to allow any standard Google Accounts to log into my application or limit the logins to one particular Google Apps domain. I am afraid allowing Google account only login could damage an application acceptance. Is it possible to use a simple authentication mechanisms...
I am trying to use hashing for a test case in tomcat-users.xml. (I plan on implementing a subclass of one of the Realm classes to do the real authentication with auditing, logging, etc.) I ran the command $TOMCAT_HOME/bin/digest.sh -a sha secret and got the result 'secret:e5e9fa1ba31ecd1ae84f75caaa474f3a663f05f4'. I pasted this into t...
hi, I have reviewed some of the similar questions on this site but could not find one with an answer appropriate for my situation. I am using asp.net mvc, and it is communicating securely with stateless wcf services. for each service call, i need to pass in the username and a few other ints for identification purposes. - not password...
In SQL Server 2005, setting up an anonymous user to view a report was simple (just create a windows user with limited privileges and give that user permission to see the report in IIS). However, in 2008, it seems more complicated. Under my present configuration, users require domain authentication to view reports. There does not seem t...
Could anyone please tell me, how can I handle the j_security_check servlet in Form based authentication in java? Do I have to map the servlet class with j_security_check name in web-xml file like: <servlet> <servlet-name>Anyname</servlet-name> <servlet-class>Anyclass</servlet-name> </servlet> <servlet-mapping> <servlet-name>Anyname</s...
I have a WebApplication on asp.net 2.0 with namespace Admin. I have Form Authentification mode for the project. <authentication mode="Forms"> <forms name="ASP_XML_Form" loginUrl="Login.aspx" protection="All" timeout="30" path="/" requireSSL="false" slidingExpiration="true" cookieless="AutoDetect...
I'm using JNDI for authentication in a web app. On the OpenLDAP side I'm using ppolicy to (for example) block a user's account after three failed log in attempts. My problem is that I need specific error messages (e.g. "Account locked") to let the user know what was the specific problem but right now I'm just getting an exception when ...
Hello, I am using the Single Access Token from authlogic to sync data from a MS Access Database to a Rails App. Because I sort of think that the URL sort of exposes the single access token, I am uneasy about extended use. I have heard that if one uses basic http authentication, HTTPS is really important for security. Is my case similar? ...
I'm using Tomcat 6.0 as a webserver, and I want to know how can I run login page over https protocol? I've implemented form based authentication correctly with NONE as value in tag, but when I changed <transport-gurantee> tag with the value CONFIDENTIAL, my browser is not able to display the page and returning an error: Firefox can'...
I am using Windows Authentication for Login in My site, I need the email Address of my contact to send email. How can I achieve this . ...
Hi there I am developing a component, and i am having my own login form and tables. After authentication of user through my component, userinfo is being stored in Session. Everything is fine. but user is able to access the views that are supposed to be viewed by logged in users. I wanted to restrict the access through link. How to do ...
Why hello SOers. My question today is about authentication endpoints and the architecture surrounding them. Most web frameworks and applications I've encountered seem to have a single URL or endpoint to deal with 'authentication' - e.g. processing authentication tokens such as usernames and passwords, and doing something with them. It ...
Hey everyone, I am wondering if its possible to to open a port listen for a connection, if a connection is made authenticate it, and if it passes the authentication then an event is fired? Is it maybe possible to do this with XMPP? Thanks for your help! ...
I am using Spring Security in our application My requirement intially was to allow a user to login to our application using open id. I was able to do so referring to online tutorials on using open id in Spring sercurity. eg: ... <http auto-config="false"> ... <openid-login authentication-failure-url="/FailurePage.jsp" ...
Sharepoint Internal / External Urls We have a question regarding standard practices for authentication to Sharepoint using internal versus public URL’s via an ISA server. Here is the setup. We have SharePoint server configured to use windows authentication with the Default Zone being https://myportal-internal. We also have to serv...