What would be the best way to store additional information outside of active directory? I will be utilizing AD authentication as well as WIndowsTokenRoleProvider but I will also need to store some additional information about a user that will be used for authorizations purposes. This is a ASP.net application with a SQL backend, I am loo...
I have a MVC application that I am now trying to add authentication and authorization to. I want to allow users to get to the site and be automatically authenticated. So I set authentication mode="Windows" in the web.config, and enabled NTLM in the project options. The site now shows my domain name in the top right when I run it, but wh...
I have a WCF service with multiple operations exposed as a RESTful API. Most operations on the service do not require authentication/authorization, but one or two do. The authorization policy I need to use is outside of my control, and is expensive to run. Therefore, I'd like to avoid using it on those operations that do not require it. ...
Hello guys, We are programming a three tier application with a rich GUI client using swing and we need to add some authentication and authorization control. I'm completely new in this topic so I made a bit research in the web. My first intention was to use JAAS for this feature, but as far as I can see, JAAS only contains functionality...
In the Windows Identity Foundation (WIF), there is a class called ClaimsPrincipalPermission. The documentation on MSDN is very sparse. It states: ClaimsPrincipalPermission represents the permission required to access a resource. ClaimsPrincipalPermission takes in a string that represents the resource to be accessed, and a string t...
Is there a way to display an action-specific authorisation message for when an [Authorize] or [Authorize(Roles="Administrator")] attribute redirects the user to the sign-in page? Ideally, [Authorize(Roles="Administrator", Message="I'm sorry Dave. I'm afraid I can't let you do that.")] public ActionResult SomeAdminFunction() { // do...
There are a lot of questions relating to license keys asked on Stack Overflow. But they don't answer this question. Can anyone provide a simple license key algorithm that is technology independent and doesn't required a diploma in mathematics to understand? The license key algorithm is similar to public key encryption. I just need some...
Hi, I'm gonna add authorization, user and groups management to my application, basically... you will can define a set of permissions for a concrete user or group. For example, you could specify whom can use a concrete resource. So I want to ensure that my assumptions about ACLs are right: A basic rule could be "Grant", "Deny", "NoSet...
On MOSS2007, I have a webpart that display the content of a xml feed. I use a xslt with parameters for transforamtions. There is a situation when I receive a 401 Authorisation exception. I realize that this happen when a document() function from my xslt try to open an external xml. If I try to open this xml in browser all work ok. I prov...
Hi gyus, I know what are you saying already (baad idea), but please read first :) I am developing ASP.NET MVC based app, which will require some specific features: combination of "local" users and facebook connect login, but FB users will be "mirrored" to some kind of local representation, because there will be some statistics and oth...
Hello, I have implemented Authlogic. I believe that this isn't an authlogic specific quesetion. Assume that I have a User model and each User has a column in the database called "login". Upon creating a user, the login column is populated. However, I don't want the user to be able to change their login once they set it. Currently, I h...
I'm attempting to execute an uninstaller (written in AppleScript) through AuthorizationExecuteWithPrivileges. I'm setting up my rights after creating an empty auth ref like so: char *tool = "/usr/bin/osascript"; AuthorizationItem items = {kAuthorizationRightExecute, strlen(tool), tool, 0}; AuthorizationRights rights = {size...
We have a multi-tenant system with multiple different levels of access--sometimes even for the same user as they switch between multiple roles. We're beginning a discussion on moving over to a RESTful implementation of things. I'm just starting to get my feet wet with the whole REST thing. So how do I go about limiting access to the c...
how can i deny access to call method. something like this [HandleError] [Authorize(Roles = "role1, role2")] public class AdminController : Controller { [Deny(Roles = "role2")] public ActionResult ResultPage(string message) { ViewData["message"] = message; return...
I'm creating a ASP MVC application. And because of the complex authorization i'm trying to build my own login system. (So i'm not using asp membership providers, and related classes). Now i'm able to create new accounts in the database with hashed passwords. But how do i keep track that a user is logged in. Is generating a long random...
I have portfolio table with portoflio_id and parent_portfolio_id and I have user table now some users may have access to all portfolios, or selective portfolios or depending on group, everything under a portfolio tree. can someone suggest a good schema or any existing framework ...
I'm building the 2nd iteration of a web-based CRM+CMS for a franchise service business in ASP.NET MVC 2. I need to control access to each franchise's services based on the roles a user is assigned for that franchise. 4 examples: Receptionist should be able to book service jobs in for her "Atlantic Seaboard" franchise, but not do any r...
Sorry for being a total beginner in cocoa and for asking the following stupid question, but it's too confusing for me to google it myself or maybe i'm just missing something. I need to run a shellscript with elevated privileges in cocoa. As i understand, "AuthorizationExecuteWithPrivileges" is the correct way to do it. So i've created ...
can I make role based authorization when sending requests to an ASP.NET MVC backend system. I am calling action methods and expecting JSON results, however, some action methods are decorated with the [Authorize] attribute, others require some role privileges to be present. I certainly hope that passing authorization data with every reque...
Per the Agile Development book, I have an Admin MVC that controls how users log in. In ApplicationController, I have a before_filter that checks for authorization. So, this will check that the user has logged in for every page. The problem is that I want everyone to be able to access the new method, for example, in Users (that is, anyo...