Ok, if someone could shed some light on this for me, I would greatly appreciate it. So here we go. I had a rest service running fine the other day but after I accidentally overwrote the web.config all hell broke loose. I've spent the past day and a half trying to sort things out but I can't seem to figure out what is missing or misplaced...
Who can show me how I must use declarative_authorization (http://github.com/stffn/declarative_authorization) with restfult_authentication (http://github.com/technoweenie/restful-authentication)? ...
The standard should solve the following Authentication challenges like- Replay attacks Man in the Middle Plaintext attacks Dictionary attacks Brute force attacks Spoofing by counterfeit servers I have already looked at Amazon Web Services and that is one possibility. More importantly there seems to be two most common approaches: Use ...
hi, I am trying to athenticate from the elgg local server. by refering http://www.danielansari.com/wordpress/2008/12/how-to-use-the-rest-api-in-elgg-11/ I am getting following error: Status: **** ERROR (-1) **** Message: Method call 'login' has not been implemented. Result: exception 'APIException' with message 'Method call 'login'...
I have a site with Restful authentication as authentication plugin. I need to integrate Facebook connect. Facebook does not provide email address for the user (maybe only if user agrees if), and of course does not provide a password. The main issue is that the User model has a lot of validates_** on those 2 fields (from Restful authent...
Is there a way to change the minimum length for passwords with restful_authentication? Currently it's 6 characters and I need another value. I've tried calling validates_length_of before and after Authentication::ByPassword like this validates_length_of :password, :within => 4..40, :if => :password_required? include Authentication::B...
We're experiencing a really bizarre bug in our Rails 2.3.4 app. This bug only happens in Internet Explorer (7 and 8). Here's what happens: A new customer creates an account at https://domain.com/signup/free (notice no subdomain) Their account is identified by a subdomain like "example.domain.com" After signing up, they get a welcome s...
I'm writing an application in Android that consumes some REST services I've created. These web services aren't issuing a standard Apache Basic challenge / response. Instead in the server-side code I'm wanting to interrogate the username and password from the HTTP(S) request and compare it against a database user to make sure they can run...
As the title says: how can I use the Restful Authentication Plugin with Ruby on Rails. When I want to create a new user, it requires me to set the (wrong-named, confusing field) login (= username), email address and password. However, I want, like Facebook does, to require the user to enter only an email address and password, not a usern...
Hi there, I want to run a the following example in cucumber: Scenario: Anonymous user can log in and be remembered Given I am logged in with reminder When I navigate away And I go to the list of cornetas Then I should be logged in But I don't know how to write the "And I navigate away" step. I already tried to "visi...
Hello world! We have a form to submit ratings for a certain restaurant in a in our views/restaurants/show.html.erb. We only want logged in users to create new ratings. We put before_filter :login_required, :only => [ :new, :create ] (but we also tried only ":create") on top of our RatingsController. If we click the submit button after...
I have a Rails app handling authentication with the restful_authentication plugin. I'm experiencing problems with the email activation feature and before I deal with that I would like to just allow my users to register without having to go through the email activation process. How do I disable the email activation feature. Rails 2.2.3...
I want to give the users the ability to change their account info with restful_authentication plugin in rails. I added this two methods to my users controller: def edit @user = User.find(params[:id]) end def update @user = User.find(params[:id]) # Only update password when necessary params[:user].delete(:p...
I am designing an API system in Ruby-on-Rails, and I want to be able to log queries and authenticate users. However, I do not have a traditional login system, I want to use an APIkey and a signature that users can submit in the HTTP headers in the request. (Similar to how Amazon's services work) Instead of requesting /users/12345/phot...
One test webserver, with the following applications service.ganymedes.com:8008 - WCF RESTful service, basically the FormsAuth sample from WCF Starter Kit Preview 2 mvc.ganymedes.com:8008 - ASP.NET MVC 2.0 application web.config for service.ganymedes.com: <authentication mode="Forms"> <forms loginUrl="~/login.aspx" timeout="2880" ...
I want to make nice and clean api; I'm making site and I want to offer the ability to mobile apps use web API of my site. I don't want to use oAuth, becouse the mobile and embedded applications that are facing the biggest hurdle, as they may not be able to bring up and/or control the web browser. Also its a little complicate. I know, t...
Hi I am using Netbeans 6.8 on ubuntu 10.04 and am having trouble installing RESTful Authentication. I have gone to Install Generators, selected restful_authentication and installed it - all messages from Gem show that it has installed and it shows under the Installed tab. However, when I come to use it by clicking on the Generator drop...
Hi! I'm about to replace my oldfashioned sessionbased server solutions with RESTful ones. Where can I find information about design principles concerning security, authentication etc. when moving into this stateless domain? I need to find solutions that work with different client platforms (Flex/Air, Browser, desktop and mobile apps et...
Hi, I'm about to implement an RESTful API to our website (based on WCF data services, but that probably does not matter). All data offered via this API belongs to certain users of my server, so I need to make sure only those users have access to my resources. For this reason, all requests have to be performed with a login/password com...
Hi. We have a form with ratings to submit for a certain restaurant. After the user has entered some values and wants to submit them, we check whether the user is logged in or not. If not, we display a login form and let the user put in his account data and redirect him to the restaurant he wanted to submit a rating for. The problem is, ...