basic-authentication

IIS7 and Authentication problems

Hi Folks, i've got a stock standard ASP.NET web site, deployed to our development machine (internal machine in our server room). Now, this dev site can be accessed by both INTERNAL and EXTERNAL users. Now, in IIS6 we used to have it so that Anonymous Authentication was turned off and something else was turned on .. giving the users a p...

ASP.Net: How to properly implement this Authentication flow

Here's the flow I'm looking for for authentication: Attempt to pull in the user's name from windows authentication If that failed (user is external to network), use BASIC authentication to get the username/password. Check the username/password against the SQL database. If windows, password isn't required, if BASIC authentication and p...

ASP.Net: Ignore Windows Auth

I have an application where I need to use 'Basic Authentication'; however, in order for you to debug the application in Visual Studio, IIS requires the directory to also have 'Windows Authentication' enabled. The problem is my user handler tries to send out a request for basic authentication to compare them to a database... but the basi...

Custom HTTP Basic Authentication for ASP.NET Web Services on .NET 3.5/VS 2008

I am refactoring a working ASP.NET Web Application to expose Web Services interface using ASP.NET Web Service. According to Web Services authentication - best practices, Basic Auth over https is the way to go. Let's assume it is, as opposed to doing WS-Security, X509, etc.. On .NET 3.5/VS 2008, what's the simplest way of implementing cu...

Pure Javascript code for HTTP Basic Authentication?

Where can I find reference code that implements a HTTP Basic Authentication client in pure Javascript, suitable for Ajax? (Yes, I could read the spec and implement it myself, but it's for a side project and I'd rather not spend much time on it.) Extra points for code, or pointers to code, that can be used independent of JS toolkits lik...

Apache2 Reverse Proxy to an end-point that requires BasicAuth but want to hide this from user

Basically my scenario is that I have an internal website that requires a SINGLE hard-coded username and password to access (and this can't be turned off, only changed). I am exposing this website through a reverse proxy for various reasons (hiding the port, simplifying url, simplifying NAT, etc). However, what I would like to do is be ...

Apache2 - authorize users against a Location using BasicAuth but ONLY for users outside local subnet

In my Apache 2 config I have a VirtualHost which looks something like this: <VirtualHost *:80> ServerName sub.domain.com # username:password sent on to endpoint RequestHeader set Authorization "Basic dXNlcm5hbWU6cGFzc3dvcmQ==" ProxyPass /xyz http://192.168.1.253:8080/endpoint ProxyPassReverse /xyz http://192.168.1.253...

Logoff button IIS6 ASP.NET Basic Authentication

I have a requirement for an explicit logout button for users in a ASP.NET web app. I am using IIS6 with Basic Authentication (SSL). I can redirect to another web page but the browser keeps the session alive. I have googled around and found a way to do it by enabling an active x control to communicate with IIS and kill the session. I am i...

How to get Basic Authentication Information in a Firefox Extension?

I'm coding a Firefox extension and want to get Basic Authentication information for a website (or for the current document). How can I get Basic Authentication Information in a Firefox Extension? ...

Changing credentials on client-side for Basic Authentication on Flex

I want to let the user automatically re-login in my Flex app, which uses Basic Authentication By the way, I have noted this StackOverflow question, which is relevant, but does not address the question of logging out client-side. For example, after user A logs in, user B comes to the browser, goes to the login screen (perhaps in a new t...

[HTTP Basic Auth] Is there a way to force the browser to always pass the Authorization header if credential is already available?

Using Basic Authentication, if the user has already logged in, the browser will include the username/password in the http request in the succeeding http requests ONLY IF it receives a 401 response containing an authentication challenge. Username/password is passed via Authorization header. Is there a way to force the browser to always i...

Download a file from the internet using java : How to authenticate?

Hi, Thanks to this thread http://stackoverflow.com/questions/921262/how-to-download-and-save-a-file-from-internet-using-java I know how to download a file, now my problem is that I need to authenticate on the sever from which I'm dowloading. It's an http interface to a subversion server. Which field do I need to look up into ? Using th...

.Net CF 2.0 HttpWebRequest pre-authentication and sending credentials on first request.

I'm attempting to communicate with bit.ly's REST API using their modified version of basic authentication. However in order for this to work HttpWebRequest needs to attach the credentials on the first request, however, HttpWebRequest will not send credentials on the first request and will wait for a 401 before sending any credentials eve...

XMLHttpRequest, basic authentication and expiring password

I use XMLHttpRequest and basic-auth to access application interface. Password is temorary and is generated by other request, so it expires after some time. But browser (Firefox least) keep using old one, failing and showing login popup. If i suppress popup by returning 403 for requests with X-Requested-By and wrong password, mozilla nev...

Testing HTTP Basic Auth in Rails 2.2+

As part of an API I am building, there is a user authentication method which upon success, returns a payload of useful user information, API token, etc. In writing functional tests for the controller that handles this, I am running in to an issue testing HTTP Basic auth; I have found numerous blogs that mention the following code should...

Issue FORM POST Request From PHP using HTTP Basic Authentication

I hope this is a relatively straight forward thing to do, and that my google skills have simply failed me on this occasion. I have a BASIC authentication protected resource which I want to have PHP perform a POST HTTP request against. I have tried injecting Authentication: Basic (encrypted u/p data) into the headers which didn't appear ...

Accessing an Artifactory/Maven Repo that requires basic-auth

I have an Artifactory repo that sits behind basic authentication. How would I configure the settings.xml to allow access? <mirrors> <mirror> <id>artifactory</id> <mirrorOf>*</mirrorOf> <url>https://myserver.example.com/artifactory/repo&lt;/url&gt; <name>Artifactory</name> </mirror> </mirrors> <servers> <!-- This server con...

PHP: Download file from different web server using basic authentication?

I have been using PHP for a while but I am not too too advanced. I do not have much experience with server-to-server stuff. I need to research setting up a data-feed with a vendor. The contact person that I talked to said I would be downloading a file from their server using a username and password via basic authentication. Can someone p...

Using HTTP Basic-Auth with Google App Engine URLFetch service

How can I specify the username and password for making Basic-Auth requests with App Engine's URLFetch service (in Java)? It seems I can set HTTP headers: URL url = new URL("http://www.example.com/comment"); HttpURLConnection connection = (HttpURLConnection) url.openConnection(); connection.setRequestProperty("X-MyApp-Version", "2.7.3")...

Unable to add CrmDeploymentService Web Reference due to Authentication Issue

I am having an issue adding a Web Service Reference to the CRM Deployment Service at http:///MSCRMServices/2007/CrmDeploymentService.asmx When I first attempt to connect it says Connecting to and prompts for credentials. After entering my credentials, it will continue to prompting for credentials indefinately. When I attempt to navi...