I'm swimming in the relationships and hierarchies of a web application that I'm trying to secure with custom sql membership and role providers. I'm a little fuzzy on forms authentication, principals, and the like. So -- The web.config is set up for forms authentication with a custom membership provider and custom roles provider. When ...
We're currently developing a Windows Smartclient that needs to authenticate users using their AD group membership. We now have a requirement for some users to connect over VPN. Is there any way I can get the AD account identity and groups from the VPN login? WindowsIdentity.GetCurrent() returns the local user account rather than their ...
HEllo, In an ASP.net application I'm using Login control with custom membership provider that I wrote, and what I also want to do is to set Thread.CurrentPrincipal to my custom Principal object, just after the user is authenticated. I'm using the setter: Thread.CurrentPrincipal and it sets the Principal object for me but, on all the c...
[environment] Apache 2.2.13 connect to Tomcat 5.5 with mod_jk (ajp13). Apache requires basic-auth for "/" i.e. for all URLs it serves. [problem] Once the request arrives at my app in Tomcat (it's a Servlet filter) request.getUserPrincipal() returns null. Apache, however, did authenticate the request, I did enter user/password in the bro...
I noticed something in R , say pc is the result of applying PCA to a data matrix and pc$x is my sample principal component matrix . when try plot(pc$x) , it will only plot the first principal component (pc1) against the second (pc2) , but I actually have more than 2 principal components. how do I show all of them ? ...
Hi, Lately I've run into the following problem. I've started using Workflow 4.0, one of the challenges now is to have the workflow run on the correct user, the one who's actually starting it. In WCF we use a sort of flowing-headers behaviour wich does the trick, but in WF it doesn't work obviously because the workflowhost spawns (almost...
I am trying to create a Principal like this: PrincipalContext pc = new PrincipalContext(ContextType.Machine); GroupPrincipal group = new GroupPrincipal(pc); group.Name = "Some Group Name"; group.Description = "Some Group Name Description"; group.Save(); However, when the code is executed, I get the following exception message: ...
When using spring security, specifically with @notation; what is the proper way to access the principal in a Controller? Lets say the following is my controller, but I would like to access the principal in the secure() method somewhere... @Controller public class LoginController { @RequestMapping(value = "/login", method = Request...
Hi all, we use a ServiceAutorizationManager in WCF to set the principal in our services. We are planning to switch to WIF. But with workflows hosted as WCF service that are able to suspend or idle we have a problem to restore the principal. Which hook can we use so that the principal is loaded correctly without having to alter our workf...
How to start a thread in the security context of a different user? When a process starts a thread normally the security context is also passed but how to launch a thread in a different security context with the principal of a different user? ...
Hi gang, I've been working through various samples to try and piece together a solution for SAML token-based authentication for ASP.Net web services and WCF RESTful web services... some of the samples I've been referencing: http://custombasicauth.codeplex.com/Wikipage http://www.leastprivilege.com/SecuringWCFDataServicesUsingWIF.aspx...
I have a situation where I need to store a globally unique identifier that points to an Active Directory user account. I'm leaning towards the Guid because it is easier to store than the Sid. According to the MSDN entry, the property (which is a Nullable), will always return null if the ContextType is set to "Machine." I don't need to ...
I want to create a WindowsIdentity for a given user. I don't need it for impersonation, just for group membership checks. I need it to work with and without a domain (none of that S4U Kerberos delegation stuff). The constructor for WindowsIdentity that takes a username only seems to work for domain scenarios. Is there any other way I ca...
I want to store extra information in the authenticated user so that I can have it easily accessible (like User.Identity.Id, for example), instead of just the name, since I'm planning on having that non-unique. So far I've gathered that I should look to implement custom Principal and/or Identity, but I'm not sure how to go about it. I'v...
In the constructor of my WCF service class I am setting the current principal to be that of the principal passed in the header of the message: Thread.CurrentPrincipal = OperationContext.Current.IncomingMessageHeaders.GetHeader<BBPrincipal>("bbPrincipal", "ns"); This seems to work fine, however when I come to reference the principal in...
I want to be able to access custom properties for an authenticated user like UserId and FirstName without querying the database each time. I found this site through a post on Stack Overflow and I like the approach - but I use IoC / repositories and decided not to try and get global.asax to communicate with the database for fear that it ...
Hello, I'm trying to develop webservice authentication by checking hash_ID given in wsdl URL. I use servlet webservice (JAXWS, without ejb). I've extended WSServlet class. In doGet method I check if the given hashId is valid and if so, I do the programmatic login. The problem is that after login, principal is not propagated from servlet...