I'm working on web app based on CodeIgniter/Doctrine. I've tested several auth libraries, but all of them use ActiveRecord. Is there a plugin/library that uses Doctrine, or can be adapted to Doctrine?! Or can I use both Doctrine and CodeIgniter in a project?! ...
A product I'm helping to develop will basically work like this: A Web publisher creates a new page on their site that includes a <script> from our server. When a visitor reaches that new page, that <script> gathers the text content of the page and sends it to our server via a POST request (cross-domain, using a <form> inside of an <ifr...
We are in the process of revamping our server side API, and we need to manage security. Our current model requires that a credentials object (containing user, password, and pin) be included in each method invocation. Our development team, however, has decided that we should have session objects instead (which is fine by me), but the new ...
Trying to use use SharpSVN in an ASP.NET app. So far, it's been nothing but trouble. First, I kept getting permission errors on "lock" files (that don't exist), even though NETWORK SERVICE has full permissions on the directories. Finally in frustration I just granted Everyone full control. Now I get a new error: OPTIONS of 'https://...
Third party zend encrypted system has Web API, that let's you login through it and acquire session_id (for later calls?). Then there's a task, how to bypass login form having that session_id. Is something like this possible at all? ...
In my mental model of authentication, a user should be distinct from the way they log in. So for example, a User could have an associated EmailLogin (with an email/password), or they could have many (or none). Similarly they could have 0..* associated OpenIDLogin credentials. Are there any existing authentication libraries for Rails whi...
I'm think something like Facebook apps here. User generated pieces of code that people can write to interact with my app. I understand how an authenticated API works, but this seems a little more complicated because not only does the APP have to authenticate itself (with a regular api-key) but the USER using the app has to be authentic...
Hi there, I'd like to scrape the discussion list of a private google group. It's a multi-page list and I might have to this later again so scripting sounds like the way to go. Since this is a private group, I need to login in my google account first. Unfortunately I can't manage to login using wget or ruby Net::HTTP. Surprisingly googl...
http://adldap.sourceforge.net/wiki/doku.php?id=api_user_functions#user_ingroup_username_group_recursive_null I am using the adLDAP class above to authenticate users against our ldap server. I was wondering how I could check multiple groups to see if the user belongs to either, if they belong to either. I don't know if user_ingroup($...
SECURITY Flaws in this design for User authentication. From: http://wiki.pylonshq.com/display/pylonscookbook/Simple+Homegrown+Authentication Note: a. Project follows the MVC pattern. b. Only a user with a valid username and password is allowed submit something. Design: a. Have a base controller from which all controllers ...
TortoiseSVN is nice for the most part, but one thing that blows in a team development situation where more than one person is using a particular PC is the authentication. When I'm working on stuff, I like to save my credentials so that I don't need to keep entering it in for logging, branching, committing, etc. The problem is that I al...
So I'm having trouble understanding something... If you do Oauth for Web Apps, you register your site with a callback URL and get a unique consumer secret key. But once you've obtained an Oauth for Web Apps token, you don't have to generate Oauth calls to the google server from your registered domain. I regularly use my key and token fr...
I am using JBoss AS 4.2.3 JBossSeam 2.1 My Problem is that I can login/logout with different users as long as I do not enter a wrong password for one user. If this happens it is not possible to authenticate any user. Authentication always fails. If I delete the browser cookies everything works fine. I have tried to set DefaultCacheTim...
I have created Zend_Auth adapter implementing Zend_Auth_Adapter_Interface (similar to Pádraic's adapter) and created simple ACL plugin. Everything works fine with default session handler. So far, so good. As a next step I have created custom Session SaveHandler to persist session data in the database. My implementation is very similar t...
I have a simple authentication scheme for a set of semi-public REST API's we are building: /-----------------------\ | Client POST's ID/Pass | | to an Auth Service | \-----------------------/ [Client] ------------POST----------------------> [Service/Authentica...
Hi, I would like my application - an iPhone app, to use the Google App Engine to authenticate for all requests. I would prefer a single email/password to be stored inside the app, and to be used for these reqeusts. Now, suppose the app is installed by say 1000 people and all 1000 people use it at the same time - will google cause issue...
I have been Googling a problem that I have with trying to integrate the web application that I am working on with SharePoint 2010. The web application is a wiki style tool that allows users to log in via forms authentication or WIA against Active Directory and create content for themselves and others. What we would like to do is to al...
Hi gang, We are moving to SSO in our N-tiered SOA applications. If all the services were SOAP, I'd be ok with just the WS-Security, WS-Trust, WS-Federation set of protocols. My problem is that many of the services are RESTful (ironic) and those protocols do not address REST services. What is your advice for SSO protecting the REST se...
Need to integrate Django with an existing authentication system. That system has it's own database, API, login/logout,edit profile web pages and cookie. (I may have to add a few additional profile fields stored/updated locally) What's the proper approach to substitute the out-of-the-box authentication in Django? ...
How do you handle ajax requests when user is not authenticated? Someone enters the page, leaves room for an hour, returns, adds comment on the page that goes throuh ajax using jQuery ($.post). Since he is not authenticated, method return RedirectToRoute result (redirects to login page). What do you do with it? How do you handle it on c...