Howdy folks, I have a customer that sells a lottery analysis application. In this application, he consumes a webservice (my service, I mean, belongs to the company I work for now) to get statistical data about lottery results, bets made, amounts, etc., from all across the globe. The access to this webservice is paid, and each consult co...
I want to enable form based authentication by using database as realm but I'm always getting that message whenever I try to authenticate as Tomcat manager in Tomcat 6. I have already created a table user_name and user_roles and mapped the username(blue) to admin and manager as role in user_roles table in mysql, but I'm still unable to au...
Are Session variables (in ASP.NET) the safest way to store data relating to whether a user is logged in or not? i.e. Session["LoggedIn"] = 'No' I know Session variables can be spoofed so I assume there must be a safer way. Any ideas for ASP.NET? Thanks! ...
I found the following claim in the documentation for Net::OpenSSH: Note that using password authentication in automated scripts is a very bad idea. When possible, you should use public key authentication instead. What's flawed in using password authentication in automated scripts? ...
So a bit of background, I'm working on an existing web application which has a set of users, who are able to log in via a traditional login screen with a user name and password, etc. Recently we've managed to score a client (who have their own Intranet site), who are wanting to be able to have their users log into their Intranet site...
I'm consuming a web service from C#, and the web service requires a login call and then uses cookie sessions. The web service will time out sessions after a certain timeframe, after which the client will have to re-login. I'd like to find a way to automatically catch the soap fault the service sends back in this scenario, and handle it b...
I do have a web-application, where users must log in. The password is stored in a LDAP server. All information about the LDAP server are stored in the application server (glassfish) as external jndi resource. So my application does no know anything about the LDAP server and only gets a LdapContext like this: @Resource(name = "ldap/user...
I'm struggling with writing a python script that automatically grabs the zip fail containing all my google calendars and stores it (as a backup) on my harddisk. I'm using ClientLogin to get an authentication token (and successfully can obtain the token). Unfortunately, i'm unable to retrieve the file at https://www.google.com/calendar/...
Need to develop a Web application that will be used to authenticate and authorize internal and external users to log and then re-route to web applications for the organization. The login application should be able to provider smooth integration with any future applications that needs a secured authentication. Should I be using WIF - Cla...
Here is a good example how to create custom autorization for RIA services: http://stackoverflow.com/questions/1195326/ria-services-how-can-i-create-custom-authentication In my case a silverlight-pages will be displayed as a part of HTML-content and user authorisation is already implemented on the server-side (ASP.NET Membership is not u...
Summary Long story short, we've been tasked with gutting the authentication and authorization parts of a fairly old and bloated asp.net application that previously had all of these components written from scratch. Since our application isn't a typical one, and none of us have experience in asp.net's built in membership provider stuff, ...
So I noticed some odd behavior with Apache today. It appears that when I change my location from "/" to "/somedir" that PHP does not properly set the $_SERVER['PHP_AUTH_PW'] variable. I am not sure why this is happening nor do I know where to go to see why it could not be getting set. I am using PHP5 and Apache2 with LDAP as my authenti...
First off I will say I am completely new to security in coding. I am currently helping a friend develop a small game (in Python) which will have a login server. I don't have much knowledge regarding security, but I know many games do have issues with this. Everything from 3rd party applications (bots) to WPE packet manipulation. Consider...
I am using authlogic for authentication in my Rails app. Have named routes for the frequent actions, viz: map.login "login", :controller => "user_sessions", :action => "new" map.logout "logout", :controller => "user_sessions", :action => "destroy" map.register "register", :controller => "users", :action => "new" map.ed...
Warning (2): Cannot modify header information - headers already sent by (output started at /Applications/MAMP/htdocs/iframeworking/iframe/app/models/frame.php:7) [COREcake/libs/controller/controller.php, line 647] here is the code from frame.php: <?php class Frame extends AppModel { var $name = 'Frame'; var $belongsTo = array('Use...
I am setting up my own CAS. A authentication handler was written and username/password are authenticated against a MySQL db. I also add signup page and related logic. Now I would like to let user automatically log on when he/she has registered as a user. How to achieve this? ...
My Kohana app runs perfectly on my local machine. When I deployed my app to a server (and adjust the config files appropriately), I can no longer log into the app. I've traced through the app login routine on both my local version and the server version and they both agree with each other all the way through until you get to the auth.p...
Good day! I have an silverlight site (silverlight navigation application) and I want clients to log in on my site. I want to give them different rights of viewing pages. A WCF service gives me true or false when I enter a login and a password. Then, if it returns true, I want to remember the logged user. How can I do it? Using cookies or...
I have a security number generator device, small enough to go on a key-ring, which has a six digit LCD display and a button. After I have entered my account name and password on an online form, I press the button on the security device and enter the security code number which is displayed. I get a different number every time I press the...
Is there any easy way to bring OpenID authentication into a Joomla 1.0.x website? I am particularly interested in Google authentication (so I'll want OAuth &/or OpenID Attribute Exchange as well later), but for now just authentication will work. I know Joomla 1.5.x supports OpenID natively but I have to stick with 1.0.x for now. Any idea...