this is the scenario: multiple web systems (mostly lampp/wampp) exist, most of them with separate login information, (some share it). We're considering the benefits/disadvantages of unifying them somehow, or at least making handling the user administration parts easier. Due to the nature of some systems (its a mixed bag of custom OSS s...
I am working on a single sign-on login page using Shibboleth that will be used for a variety of web applications. Obviously we would like to make this page as secure and usable as possible while limiting the effects of phishing scams. What are the best practices to keep in mind when designing a login page? Some questions that have come...
I'm trying to decide what to put in a dialog box that tells the user their login doesn't work, there is probably a duplicate. The system uses email addresses as user names, then requires a password. Right now, I'm using "Email Login" but that just sounds stupid. For instance: 1) Application Starts, recognizes that it has never been r...
I'm pretty new to JSF and the many many related technologies out there. I'm trying to make a website that has a header which includes a logo, navigation links, and a login box, such that this header can easily be included in all of the site's pages unless the user logs in, in which case a different header will appear. Something similar ...
I have a web login page with the standard username password and login button controls. I would like to write a wrapper page that will render and auto fill the username and login form text boxes with a constant and force the onclick event for login button. Any suggestions how to accomplish this? ...
Is there a way to restrict a specific sql 2005 login on a Microsoft SQL Server 2005, standard version (sql is in mixed mode) to specific IP adresses, while other logins, windows authentated ones, are unaffected? ...
After logging in using the Login control the browser loses the session. This only occurs in Internet Explorer 7. Has anyone else run into this problem? If so, do you know a work around? ...
Hello all, I need some help with what is probably a newbie question in terms of modifying phpBB. I have a whole system developed in PHP, and I would like to integrate phpBB so that people can navigate into the forums and post seamlessly, without logging in again. Now, using the phpBB users table as the users table for my system (and h...
Hi all, is there a way to change an oracle user's default schema? I found it in the FAQ that I can alter it in the session, but it's not what I want. E.G. the user at log on always sees another schema as default. Thanks in advance. ...
What is the best way to password protect quicktime streaming videos using php/.htaccess. They are being streamed using rtsp, but I can use other formats if necessary. I know how to do authentication with php, but I'm not sure how to setup authentication so that will protect the streaming files urls so that a user can't just copy the url...
Hi there, If I want to provide OpenID as the only registration method available AND want to do something meaningful with the nick name, how can I handle 2 users with the same Jon Smith nickname? Actually, when I looked at StackOverflow's URL schema I was surprised that the internal user ID was being used in the URL. For example: http:...
I have a WSS installation that's behind basic authentication/SSL (it's hosted at a public web host). I'm creating a sister site in ASP.NET, and am considering just running the credentials through and allowing users to log into the new system providing there is no 401 Not Authorized error returned. Both are internet-facing applications t...
I am using my own custom authentication with IIS, and I want the server on every page load (no matter what type of file) to first check the Application variable to see if the user is authenticated and authorized to see the site. In global.asax this could be: void Application_Start(Object Sender, EventArgs e) { if(Application["username...
Is there a way to create new logins and set database permissions on a SQL Server 2005 using C# and SMO? If so, how? If not, what is the best way of doing that? ...
I was trying the ASP.NET login control tutorial and everything works well. However, I do not know how to have the Log-in control use my own database (SQL Server 2005) instead of using it's mdf file. I also have no idea where this file was created from since it doesn't show up at all on my solution. Any literature that I can find on the w...
I've written this to try and log onto a forum (phpBB3). import urllib2, re import urllib, re logindata = urllib.urlencode({'username': 'x', 'password': 'y'}) page = urllib.urlopen("http://www.woarl.com/board/ucp.php?mode=login"[logindata]) output = page.read() However when I run it it comes up with; Traceback (most recent call last):...
Hi, I'm working on a windows forms client server app. It uses client application services with a login form that implements IClientFormsAuthenticationCredentialsProvider and this is called using membership.validateuser(nothing, nothing) to authenticate user. What I want to confirm either way is if this method encrypts the credentials pas...
I'm developing a web tool using JSP, where there are many users of multiple kind (i.e. administrators, guest, write-enabled users, ...). Since this will be a subscription based system (i.e. user pay for a 3/6/12 month subscription), I need to enforce at most 1 login per user at the same time. For example, say Mr. John Smith subscribes to...
I'm making modifications to a members-based site whose owner wants to be able to track time spent on site (login/logout) for all users in a DB backend. Login is easy; there's one point of entry (the login form) and as a result, logins can be thrown in the database as soon as they happen. Logouts, however, are a bit trickier, as unless ...
We have offer a number of online services. We are required to develop a system which provides a quick/simple experience for users if they are transferred from one service (on domain1.com) to another service (on domain2.com). Is there a safe and secure way to automatically login a user automatically once they have been transferred to the...