basic-authentication

Cross domain basic authentication using jQuery

Hi, Here is my problem: I'm developing a system that can be polled to retrieve dynamic data. It's in Grails, and when I do a request on a certain controller action, say "http://localhost:8080/foo/bar", a JSON list is returned containing the latest data. For added security and functionality, I protected my page using Spring Security (Gr...

Modify the URL of the request in UIWebView

I tried what is described in this post. Even though I was able to change the URL of the request, but the original URL was still loaded. What I am trying to do is to insert an authentication string into the URL (i.e. http://user:pass@url) for those that don't already have it. The URL I'm loading has frames, so the [[webview request] U...

Form-based authentication using c/c++ code on server side

I'm looking for examle/tutorial showing implementation of both client and server side code. Client - simple html webform containg three controlls: username, pasword input and a submit button. Server - a program written in c/c++ that receives username and password from the client and verifies them(sql or simple file). ...

Get the HTTP Basic Auth username from javascript?

I have a webpage that is only accessible over http basic auth. How can I figure out the basic auth username in javascript in that page. i.e. when someone visits it (after logging in), I want to make a popup that says "Hello, you're currently signed in as the user $USERNAME" ...

Forward Basic Authentication to a form?

Alright, I don't know if anyone has tried to do this yet, however. I have a website lets just call it localhost. for now. I have a form on that page. however, I want to be able to skip the form, and redirect my data to the form by using the basic authentication method. for example: http://admin:admin@localhost would send the username an...

HTTPS and BASIC authentication

When I use HTTP BASIC authentication along with HTTPS, are the username and password securely passed to the server? I would be happy if you can help me with some references. I mean, it would be great if I can cite StackOverflow Q&A as a reference in, say, assignments, reports, exams, or even in a technical paper. But I think I am not t...

Integration testing Rails API with basic authentication

I'm trying to get a test signing in using basic authentication. I've tried a few approaches. See code below for a list of failed attempts and code. Is there anything obvious I'm doing wrong. Thanks class ClientApiTest < ActionController::IntegrationTest fixtures :all test "adding an entry" do # No access to @request #@requ...

Securing a URL using a username-password

I am working on creating a toolbar application that will invoke a URL on the server and increase a User's points(as an incentive to use the toolbar). Right now the URL is a GET(I can and will change it to POST). The issue is, I need to make sure that someone cannot, using any sort of a hack, increase the points. The URL is ofcourse a pu...

http basic authentication - maximum allowed trial times?

Hi all: I am working on a login section for a new project, which definitely requires user authentication. The easiest way of doing that I assume would be using the http basic authentication. I implemented it fine on the Apache server, ssl was also intorudced to provide better security. However, one thing concerns me, that it seems the...

HTTP Basic Authentication for WEBService call

Hello, I trying to invoke a web service, which has an Basic HTTP Authentication. I generated the client code using the WSDL2JAVA tool from AXIS. But I am not able to set the username and password to the webservice call. I tried to have them in the endpoint url as http://username:password@somwserver/wsdl But I am getting the un...

Should I still provide basic authentication for my API

My latest API is going to "ship" soon. Coming from a "release early and often" background, I'm planning to implement oAuth in a later release version. What are the reasons why e.g. Twitter removes Basic Auth from its API? What are the pros and cons and maybe security implications using Basic authentication in any API? Best Henrik ...

Adding basic authentication to ASP MVC action

I have an ASP MVC app that uses it's own custom authentication mechanism. However there is only one Action in one controller that I need to secure using Basic Authentication. The idea is when the URL for this particular action is hit, the browser pops up the basic authentication dialog and then I need to have the username and password I...

Devise and basic auth

Hi, could you tell me plz - is it possible to disable warden/devise for one or more controllers/actions? I need to allow requests with basic auth to one of controllers, but everytime i send similar requests i've seed message, that basi auth is not required for my app. I'm writing oauth2 provider and its a problem to allow client applic...

Twitter - automatic aggregation of replies to an account - OAuth problem

We have a company twitter account. We have 6 members. I wanted the 6 members to be able to tweet from their accounts and we aggregate it and show it at our site if the tweet is about the company (it basically shows "Whats happening"). I created a company twitter account, and members will reply to the company twitter account, when its a ...

IIS7 Basic Authentication on PHP Site

I have a PHP5 site running on IIS7 and I just wanted to add basic authentication on a subfolder called admin. I enabled both anonymous authentication and basic authentication and I just want to turn off anonymous authentication on the subfolder in order to force the basic authentication? Any suggestions? I tried adding a web.config in...

XMLHttpRequest Basic Auth, second request

Hello, normally browser stores and adds authentication header automaticly after successfull authentication. I have a XMLHttpRequest and added the authentication header for basic auth. No problem at all. Then I try to send a second request to the same url that is basic http protected without adding manually the http request header t...

Silverlight/ASMX/HTTPS: browser challenges end-user for credentials

I am trying to connect to a secured ASMX web service over HTTPS using Silverlight 4. When I add the web service reference I get challeged for credentials and I get warned that those credentials will be sent in clear text over the network; however, since the data is transported over HTTPS this should not be a concern. The resulting Serv...

Retrieving WSDL file from secure service

I have a Web Service developed with JAX-WS. I have secured the web service with BASIC authentication configured in Tomcat. When I try to access the web service using a Java client, I first need to create the port, and then specify the credentials, as follows: CustomerServiceClient customerServiceClient = new CustomerServiceBottomUpSer...

Firefox remove basic authorization info

As you know Firefox remembers the basic authentication info for a user once the user logs in. How do I remove this programmatically using javascript? Scenario: User logs in An ajax request using basic authentication is sent to the server If successful, firefox then remembers authentication info If user logs out, firefox still remembe...

better way to debug XAMPP authentication issue

Hi all: I've been working with a simple authentication process on localhost, here is the .htaccess file: AuthType Basic AuthName "Admin login page" AuthUserFile /Application/XAMPP/htdocs/.htpasswd AuthGroupFile /dev/null Require User [email protected] I have created the related .htpasswd file, the browser can prompt for me to...