Our site requires the password be passed onto another page to auto log into vendor sites which are brought in via iframe. Since passwords are stored as a hash value in our site, the only way I can see being able to get the password from the page that needs it is to store it as a session variable, or pass it along on the querystring, whe...
I'm looking for an open-source or commercial Adobe Flex module to do user Login, Registration, and License management. The back-end can be either on my site (PHP and MySQL) or secure 3'rd party site. User Interface would have the following: Register (new user) Log-in (registered user) Purchase a new license (logged-in user) Apply the...
I'm looking for a secure user login/session management component for a public web app. Spring Security seems to have potential, are there any other high quality alternatives? Conceptually this is easy and we currently have code that works fine, but I'd rather be using code that has been publicly reviewed for security flaws. Needs: ...
The Django framework easily handles redirecting when a user fails to log in properly. However, this redirection goes to a separate login page. I can set the template to be the same as the page I logged in on, but none of my other objects exist in the new page. For example, I have a front page that shows a bunch of news articles. On the ...
I need to design a "Conditions of Use" dialog that is presented to users after they logon to Windows XP. It must not allow the user to proceed until they check an "I agree" box. It must not be possible to shut it using Task Manager or any other method. And it should be fullscreen and modal. The "I agree" will remain checked automatically...
I have a Delphi (5) application that uses a log-in screen (standard user name/password) and have just found out recently that password storage applications can identify the log-in fields in the screen, even if they are obfuscated, and offer to save the information for the user. Due to the high security nature of our program, we don't wa...
HI, I have a problem with cake php built in auth - i cannot log in ... 1)user is added through app control pannel and hashed using $this->auth->password('xxx') - i've checked it's corrent in db 2)security salt is not emtpy 3) in action User/Login data['User']['password'] is empty (i don't know if this is correct but i've read t...
Hi, I have found what looks like a good, secure PHP login script, however i am having trouble figuring out how to implement it. (It is located here http://www.adesdesign.net/php/tutorials/php/php_login1.php) I am new to PHP so don't know much yet. I can't figure out how you actually authenticate a user and return a message to them if i...
How do you make it convenient to use the system for new users in the initial stages and move toward more permanent accounts. ...
Maybe the title is badly phrased but couldn't think of a better way of saying it. I am working on a login system at the moment (nothing formal, just experimenting) and was planning on using PHPLiveX (an AJAX library) for some features. Basically you create some PHP functions which are then called via JavaScript. You can add parameters (...
Hello DJango warriors ! I am building a small app as a service in django and now is the time to integrate it on some clients PHP web app. Our client A from domain www.a.com handles his own authentication for his users and probably use cookies for sessions. How could i make logged in users from his domain also logged in on my Django ap...
I'm currently debating whether I should use OpenID login for one of my websites. OpenID may be harder for me to implement because I already have registration and login code written, but this is just a time consideration. What advantages and disadvantages are there to using OpenID in contrast to, say, a traditional website user account sy...
I was setting up another user to use our SVN repository. He didn't have a username/passowrd, so I logged in with my credentials. We now have a username/password for him. How do I get TortoiseSVN to let me enter the new username/password? ...
I am starting a new Rails project and I need to implement a login system that is secure because the application will be dealing with health data. What is the best way to lock down the app in rails? ...
Hi, I'm starting to work on a site that will be strongly connected to a corresponding Facebook app. I want the contents to be free for all to view, but only registered users will be able to edit it (quite similar to serverfault, actually). Since I think that most of my users will be logged in to facebook, I would really like to use the...
i been having problem in compiling a simple login page in asp default.aspx.vb Imports System.data Imports System.Data.OleDb Partial Class _Default Inherits System.Web.UI.Page Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click Dim cn As New OleDbConnection("Provider=Microso...
I asked this as part of another question but feel like it should have its own: With a shared hosting plan, is there any way to secure multiple domains (assuming the host allows multiple domains under a single plan) with a single SSL certificate? I know that private SSL certificates require a dedicated IP but I am looking for work-aroun...
I have two ASP.NET pages: site.com/foo/bar.aspx that should be world accessible and site.com/foo/baz.aspx that I want to password protect. I want any un-authenticated users to see a username/password page and then, once they pass that, I want them to see the real thing. I'm looking for the simplest possible solution (this looked good til...
This is an offshoot of this question. How do I use a Login control if I don't have a MembershipProvider to point it at? Am I understanding the use model correctly? Is it even reasonable to talk about using a Login control without a MembershipProvider? Dose the MembershipProvider do more than just username/password checking? Would it...
I'm using jQuery to build simple animations for a login form in my CMS. The jQuery toggles the visibility of two forms, a login form, and a reset password form. The script works perfectly fine, but I seem to figure out how to shorten it up, since most of the code is redundant. Note: The .click function is called twice in each case to ...