Hi friends! In my web application (asp.net mvc) I have an restrict area. In my model, I have an entity called "User" represents a user can do login/logout in web app. I've used Forms Authentication to login/out my users and everything works fine but, I'd like to know, if is there any way to save an entity (of the user logged) during the...
So i only need to do windows authentication and not forms authentication. Instead of giving the user a popup box for login.. i want to have a login page with Username, domain and password..also an option of remember password. If the user does not exist it should just show that wrong username and password. I have 2 types of users: admin...
the login box is in the header of the website, availalbe on all pages. I'm using a javascript : <script type="text/javascript" language="javascript"> history.forward(); Which solves the issue of the backspace in the login box. But while I'm browsing the rest of the website, I can use backspace to see the previous page, I'd ha...
Currently I have a Client login area. In this login area I was going to create a snippet that shows certain information for 'Admin' users. I had a feeling I could use <?php if ($modx->getLoginUserType()) { echo 'hi'; } else {} ?> However, all User Types are web. I was also looking around and found a script that prints out web-use...
^ or whats the best auth class for codeigniter? ...
I'm trying to figure out if it is better to store my user's data in a session cookie (like password, username, etc), and update that cookie only when I change the MYSQL database from my PHP, OR Store the user's username and user ID in a session cookie and reach out to the MYSQL database every time I need to get the user's data. Which ...
Hello everyone, I am in the process of writing a login/register form for my MVC website and am facing an issue regarding security and AJAX. It seems that more and more popular sites are utilizing javascript to process logins, and many from a non https URL (www.giantbomb.com and www.gametrailers.com to name two). I'm wondering if there...
I'm trying to block login for x minutes after y failed attempts. I'm already planning to log user logins, so I guess I could use the same database to calculate if blocking needs to happen. My questions: does it make sense to use the same logs table to run the logic of the y failed attempts blocking? Some people have a table just for t...
I'm setting up a login system for a site and someone suggested using openID instead. In my current setup, I log users' login attempts into a db table. When using openID, would I still be able to have that fine-grained control or not? ...
I have a folder in the webroot at http://somesite.com/folder which I'm password protecting with the directory password protection feature in cpanel which I guess uses some form of htacccess. So it's not protected with a normal login system that's connected to a database that I can check against. Once a correct username and password is ...
This question is related to a previous question I asked, but it's a different. I'm using htaccess to control login to http://somesite.com/folder. Once logged in, I have php code in folder/index.php to check the username and password used to login: $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW']. I log that info to a database. ...
I'm trying to use mod_authn_dbd to password protect a directory. I used the code from their apache help page, but it's chocking on the DBDriver line # mod_dbd configuration DBDriver mysql //modified DBDParams "dbname=mydbname user=myuser password=mypass" //modified /path/to/folder/.htaccess: Invalid command 'DBDriver', perhaps missp...
Do i login using cookies or sessions in a login system? I've seen examples using sessions and cookies so i am confused! Can someone please explain this? What do most sites use? love to know! Thanks in advance;-) ...
Hello, I have a password protected area of a site that I use Sessions to allow the user to move from page to page of the protected area. However if I open new tab YET keep the other tab open (the one in the protected area) and then do somethings in the new tab and switch back then to the old tab I am forced to re login. I have tried set...
I need to make sure that every users accessing my web application can do that from one machine only, so 100 users would mean 100 machines. What would be the best solution? Is detecting and storing IP during first login good idea? I think IP might change even during lifetime of the session is that right? I was also thinking of storing coo...
Hi, I'm trying to return some custom Authentication data using the details and/or the principal fields from that interface (org.springframework.security.core.Authentication) but nothing happens. The data returned on the other side of the Channel Set includes only the name and the authorities list (as Strings), and it's not useful enoug...
Is it feasible to allow users to login to my web application (php/mysql) using thumb scanner? USB scanners seems available and not too expensive, but has anyone got experience with it? How to make it work with php so users instead of filling in regular username/password fields would actually be able to login by scanning thumb. Are there ...
Hello, I am working on an application with a LoginViewController and a TabBarViewcontroller. When the application is ran, I add the LoginViewController as a subView of window in the delegate. Once the login is ok, I remove the LoginViewController (removeFromSuperView) and add the TabBarViewController instead as a subview of windows. T...
Hi, How can I create and register my own LoginMessageInterceptor in Spring? Thanks! ...
i have developed an online tool that requires authentication. The UN & PW will be the same for all the users as their other ones for the regular site. As of now, if they are running on the DNN site, they must relogin if they go to my site. Is there a way to make it so that they remain logged in? Thanks for any help. Let me know if you n...