Hello there, I'm new to this site but I've read the rules and also searched the questions section but not found any related question answered well. anyway, the question: what's the Pros. & Cons. of using OpenID on a website instead of a regular login system? My customer wants me to use this kind of logins for a local sale system & I ha...
Is there any way (apart from HTTP authentication, which I gather is inherently insecure over the Internet?) for a "real life" website to handle logins and authentication rather than the traditional way, using session cookies? ...
hey everyone, Has anyone created or read an article on creating a multi-factor login system for asp.net? The ideas would to be a have a security question after the login to validate the user. The security question would be something they would generate. Kinda similiar to the way some online banks do it. ...
Hello, I'm writing a java application which needs to perform an unusual login procedure. One of my problems is that the user needs to supply more than a simple username/password combination. Specifically, a username/password/domain combination is required. Another problem is that my application enforces some password lifetime rules (eg...
Hi everyone I am wondering how guys out there work on limiting number of users to a web application. Sometimes you may say you want to limit the web app to only handle say 20 users at a time. Our company sells their applications based on a number of licenses, but we are not sure what the behaviour could be in a web app. I've seen the s...
Hi, I have a login form in every page of a website so the user can login from everywhere. I have a login.php file that I refer to it from the form (using 'action'). I use $_SERVER['HTTP_REFERER'] to redirect the user to the same page he logged in from when he succesfully log in or when he logs out. But if there was a problem logging ...
Hi Guys, I'm using the Zend framework and the openid selector from http://code.google.com/p/openid-selector/ - however I find I can't login using sites like Google and Yahoo as they use direct identity based login system whereby one is just redirected to a url as opposed to entering a unique url of their own for authentication. I've che...
Take an example login() function within a class Account. class Account { /* Class variables */ public function login() { if(isset($_POST['username']) else if(isset($_SESSION['accountId'])) return $this->_sessionLogin(); else if(isset($_COOKIE['username']) else return false; } ...
Hello folks, I have a project with the following setup: Tomcat 6.x Struts 2.1.6 DisplayTag 1.2 Spring 2.x (1 or 5, don't remember now) I want to know to to do session controlling in every action of my app, like if the users weren't logged in, they're redirect to certain page to login (in the case of my project, either the user come t...
In my web application, I have used the asp Login control to facilitate the login process. I have noticed that if I open the site in a browser and log in, and then open another browser and go to the site, then the second browser shows that I am already logged in, even though I didn't log in using that browser. I have noticed that some ...
I have an authentication key (USB dongle) that I would like to use in place of logging into windows. The dongle is not just a simple thumb-drive it is a specialized dongle made for software authentication. I've seen tutorials on how to do this with Phidgets RFID kit, however I can't seem to find that tutorial anywhere now. Basically I...
I have a createuserwizard and a login control on a page. both of them are customized (standard textboxes are replaced by RadTextBoxes) When i enter a value in the form and refresh the browser without submitting, the forms retain their values. Is there any way i can clear these fields on refresh. I have tried settinf EnableViewState fa...
I want to keep a user logged in as long as possible. What should I use? regular cookie persistent cookie flash cookie ip address session or some combination of these? ...
I have a basic ASMX service that I'm trying to get running (I'd rather use WCF but can't get the server to work with it). It runs fine in a no security setup but as soon as I turn on security I get: The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was '...
Hi guys, I plan to use OpenId with my project, it will be cool if I can authenticate the user to openId provider through Ajax. I am not sure weather it is possible? ...
Please I need a clear example about session in asp.net using c# for example(using session in log in operation) and thank you very much...... ...
Hi guys, i upgraded my grails 1.0.4 + acegi 0.4.1 project to grails 1.1 with acegi 0.5.1. I'm able to start my application without errors, but when i want to login i get a "wrong username or password" message. Grails-shell output is: 2009-04-26 12:38:46,997 [403984690@qtp0-0] ERROR springsecurity.GrailsDaoImpl - User [admin] ...
Dear All, I want to know how can I implement the scenario "if the user is already logged in or not?" i.e. I have an application which initially redirects u to Login.aspx and then redirect to Home.aspx.There I am showing one msg like Welcome "UserName".Now if the user dont logged out and close the browser and next time visit the site he s...
How can I get the username/login name in java ? I tried: try{ LoginContext lc = new LoginContext(appName,new TextCallbackHandler()); lc.login(); Subject subject = lc.getSubject(); Principal principals[] = (Principal[])subject.getPrincipals().toArray(new Principal[0]); for (int i=0; i<principals.len...
What do I call my override function in template.php? themename_user_login_block() ??? I need to alter this line: $output .= drupal_get_form('user_login_block'); to something like this: $output .= drupal_get_form('themename_user_login_block'); Thx, John ...