FAQ Database Discussion Community


Rails basic auth not working properly

ruby-on-rails,ruby,authentication
I am building a small API that uses basic authentication. What I have done, is that a user can generate a username and password, that could be used to authenticate to the API. However I have discovered that it is not working 100% as intended. It appears that a request...

Log in user with one-time token using Loopback

javascript,authentication,access-token,loopbackjs
I'm working on a Loopback application that has two types of users — a "Supervisor" that can self-register within the app and a "Subordinate" that can only be registered by Supervisors (and is tied to that person). Supervisors use an email and password to log in like the base User...

Failed NetSuite RESTlet authentication

javascript,authentication,restlet,netsuite
I'm trying to develop in NetSuite a simple form portlet submitting to a RESTlet in the back end. Here's my form portlet: function workManagerPortlet(portlet, column) { portlet.setTitle('Portlet'); portlet.addField(....) // INSERT HERE ALL THE FORM FIELDS portlet.setSubmitButton(nlapiResolveURL('RESTLET', 'customscript_gw_ss_form_backend', 'customdeploy_wm_form_backend', true), 'Submit', '_hidden'); } When I click on submit I can see...

Django authenticate method return None

python,django,authentication,web
I've read a lot topics about this problem but still can't fix problem. I am going by Tango With Django tutorial (part 9) and get strange problem. When I create user, I can't then get user object using authenticate method. GitHub project: (link) This is my register function from views:...

How to assign default user role in entrust?

php,authentication,web,laravel-5
I just want to assign a role to newly registered user. How I can achieve this in Laravel 5 with Entrust? I am using Entrust for roles and permissions. Last time I tried to fire event after user registration in a file in vendor folder. Is there any way to...

Cakephp 2 : Have two different authentication functions

php,cakephp,authentication
I am using a custom authentification object in cake php. I have created a file in component/Auth/LdapAuthenticate.php. In this file I have a function who made the authentification with LDAP. It looks like this: App::uses('BaseAuthenticate', 'Controller/Component/Auth'); class LdapAuthenticate extends BaseAuthenticate { public function authenticate(CakeRequest $request, CakeResponse $response) { $username=$request->data["Users"]["username"]; $pwd=$request->data["Users"]["password"];...

How to use the same username for different users in different organizations?

ruby-on-rails,authentication,ruby-on-rails-4,login,devise
I use the same user table for all organizations. I have org_id in my users table to allocate the users from different organizations. Now I want to set a unique username for only that organization. For example, org_id = 1 have admin username, org_id = 2 also have admin username....

Using middleware to call an Authentication API using ExpressJS

angularjs,node.js,authentication,express
I'm using two Node.js + Express applications: Backend Authentication And my front-end is built in AngularJS Basically I'm trying to send a json web token with every request to the Backend, and then use a route middleware to call the Authentication API. It validates that token and add user data...

Authentication Window in .NET Web API

c#,.net,web-services,authentication
I have a Web API using the ADO.NET Framework and I removed the authentication and authorization fields in the web.config file, yet in google chrome the authentication window keeps coming. How to remove the window ? I tried removing the authorization element, authentication element and yet the authentication window keeps...

Bluemix authentication ios8 with google and facebook

facebook,authentication,ios8,bluemix,google-authentication
I am trying to implement two types of authentication from an iOS8 device in the bluemix platform. I succeeded in adding one type of authentication: google. I am using a ADVANCED MOBILE ACCESS module, and I am at the User Authentication part. It looks from a dashboard like I can...

Is it nessesarry to send credentials on every single request to MVC Web Api?

authentication,asp.net-web-api,web-api
I am about to create my first restfull web service where i chose MVC WEB API to be the "provider". After reading about authentication i am a little confused. My requirements is that on call to any url of webservice i want client to be authenticated, except sign in url....

How to secure tcp connection - nodejs?

javascript,node.js,events,authentication,tcp
I have following sample code used in the tcp server var server = net.createServer(); server.on('connection', function (socket) { if(restrictedIP == sock.remoteAddress){ //How to close the particular connection safely without //affecting other connections } socket.on('data', function(data) { console.log(data); }); socket.on('close', function(data) { console.log('client disconnected'); }); }); server.listen(3000, '127.0.0.1'); Note : I...

Riak CS LDAP authentication

authentication,ldap,riak,riak-cs
I read here that Riak CS supports LDAP for authentication: http://bit.ly/1Rb2yTF "Pluggable Authentication/Authorization for Integration with Existing Infrastructure – Riak CS provides an extensible authentication system, enabling integration with existing directory services (LDAP, ActiveDirectory, NIS, PAM)." However I cannot find anything relating to the LDAP authentication configuration in the docs....

Access secured Web Services using integrated windows authentication from Angular app on different server

angularjs,authentication,iis,iis-7.5,windows-authentication
I have a web service (currently localhost:100) which uses Windows Authentication, is served through IIS and is set up with Access Control Allow Origin properties in the web.config: <httpProtocol> <customHeaders> <add name="Access-Control-Allow-Origin" value="http://localhost:81" /> <add name="Access-Control-Allow-Credentials" value="true" /> </customHeaders> </httpProtocol> I'm trying to access them from an angularJS app served...

Node passport-local strategy always fails

javascript,node.js,authentication
I'm using the Node.js Passport module to build an authentication process, and I'm unable to figure out why the verification always fails, even when I return success every time from the verification callback. To keep the example simple, I'm just using the passport-local strategy with no persistent storage: var passport...

Sails.js 0.11 and passport: 'Missing Credentials' error

javascript,node.js,authentication,sails.js,passport.js
I've followed tutorial from this site: http://iliketomatoes.com/implement-passport-js-authentication-with-sails-js-0-10-2/ Signup form works correctly, everything is saved to my database (MongoDB) but when I want to log in, I've got missing credentials error: { "message": "Missing credentials", "user": false } This is strange, I've cloned https://github.com/iliketomatoes/passport_with_sails , sails lift it and everything works...

QuickBlox Chat not logging in

ios,swift,authentication,chat,quickblox
I'm working on swift and quickblox and I'm trying to have chatting occur between users. The user authentication and sign in is working its just that the chat isn't Logging in for some reason Code in question: QBRequest.createSessionWithExtendedParameters(parameters, successBlock: { (response : QBResponse! ,session : QBASession!) -> Void in var...

SonarQube LDAP authentication is not working

authentication,ldap,authorization,sonarqube
Presently, connecting to Apache Directory Server 2.0 from SonarQube 5.0.1. Have given the following entries in sonar.properties file: # LDAP configuration # General Configuration sonar.security.realm=LDAP sonar.security.savePassword=false ldap.url=ldap://10.53.67.11:30389 # User Configuration ldap.user.baseDn=o=TechMahindra ldap.user.request=(&(objectClass=inetOrgPerson)(uid={login})) ldap.user.realNameAttribute=cn ldap.user.emailAttribute=mail # Group Configuration...

web service/api supporting basic, anonymous and windows authentication

asp.net,authentication,windows-authentication
We have multiple web services that provide access to some large data extractions. They're implemented as http handlers, so we can stream the result directly into the response stream. We already have anonymous and HTTP basic authentication working on a single endpoint. We would now like to add Windows Authentication,...

AuthenticationException LDAP using plain Java

java,authentication,exception,active-directory,ldap
i have a problem while connecting to an Active Directory via ldap using plain Java. If the displayName begins with a , (Comma e.g. ", name") I get a javax.naming.AuthenticationException. The displayName is never used in the application. Context.SECURITY_PRINCIPAL and Context.SECURITY_CREDENTIALS wich I use dont contain any commas. Can somebody...

Loopback Angular SDK response code 401 intercept

angularjs,authentication,loopback
I'm using the Angular Loopback SDK and am trying to implement a 401 handler that automatically detects when the user needs to authenticate. Loopback responds to a data request with a 401 and I use that to invoke a login dialog. Basically using the strategy described here - http://docs.strongloop.com/display/public/LB/AngularJS+JavaScript+SDK#AngularJSJavaScriptSDK-Handling401Unauthorized However,...

How to perform an HTTP/XML authentication with requests

python,xml,authentication,cookies,python-requests
I am trying to authenticate to Docushare with Python 3.4 using requests 2.7. I am relatively new to Python and to the requests module but I've done a lot of reading and am not able to make any more progress. My code doesn't give any errors and I receive a...

When to refresh token?

rest,authentication,oauth,lync,ucwa
I have application that continuously running in background. The app uses UCWA REST api. After authentication I get OAuth token and some expiration time. Authentication docs say "The lifetime of a token is eight (8) hours for authenticated users. The client application should monitor the expiration time and refresh the...

HTTP Basic Auth in Snap?

haskell,authentication,snap-framework
I'm certain that I must be missing something obvious, but I can't find any built-in way to use HTTP Basic auth within a Snap application. The Auth snaplet (https://hackage.haskell.org/package/snap-0.14.0.4) doesn't appear to provide any mechanism for using HTTP Basic, so at this point I've basically written my own: type AuthHeader...

Error Hashing + Salt password

python,authentication,python-3.x,hash,salt
Someone can help me to fix this problem: TypeError: can't concat bytes to str I am trying to safely store hash+salt passwords, I think the problem is that my salt is a byte object how can I transform it into a string? Or is there a way to hash it...

Dart Language: Authentication and session control (shelf_auth)

session,authentication,dart
I'm developing a Dart application that will need authentication and session control. I'm trying shelf_auth to do that, but the examples doesn't seem to work or, more likely, I'm not implementing them the right way. In short, this is what I want to happen: An user opens the application on...

How to pass credentials when accessing a Nuget feed

api,authentication,nuget,nuget-server
I am trying to download packages from a Nuget repository which requires credentials for it to be accessed using NuGet.Core. I know that Nuget repositories with no authentication can be accessed as follows: //ID of the package to be looked up string packageID = "EntityFramework"; //Connect to the official package...

Asp .NET Identity Cookie Authentication

authentication,asp.net-identity
I'm using MVC 5 default template with "Individual Accounts" selected for authentication. it uses ASP .NET Identity with Entity Framework. Using Chrome I opened the app and Registered a user and then login with the user. I accidentally deleted the database. Now when I open the app again in Chrome...

Validate Deezer access token on server

authentication,deezer
I'm writing a Deezer InApp and I want to store some user-specific settings on my own server. The users are authenticated in the InApp, which then sends the user ID and access token when making API calls to my server, so it can identify the user. When my server receives...

JQuery Add expiration to authentication token stored with HTML5 localStorage?

php,jquery,mysql,security,authentication
I am making a mobile game with JQuery Mobile, a multipage template (so all pages in 1 html file, which makes it usable with PhoneGap). Since it is HTML I am using JQuerys $.post function to send data to php scripts such as login.php, register.php, which add/update/delete data from the...

Laravel 5 Entrust one route - load different controller based on Role

php,authentication,laravel,user,admin
So I'm just starting to learn Laravel and I've implemented the Entrust Role Permission package, which works really well. Now my question is, I'd like to have a 'Dashboard' page like so: example.com/dashboard. The thing is, I'm not sure how to set this up. Since In my App\Http\Controllers folder I...

LaunchUriAsync with Authentication and other custom headers

authentication,windows-phone-8.1,single-sign-on
I am new to windows phone development. I have an app and a website and both of them needs authentication. When I launch the website from my app and if the user is already authenticated I want to pass the authentication headers so the user doesn't need to authenticate again...

Can't Authenticate Auth Token When Pushed to Heroku

ruby-on-rails,authentication,heroku
I have an app that works fine on my localhost. I've set the session_store as this. Rails.application.config.session_store :cookie_store, key: '_myapp_session', domain: :all When I push to heroku every POST I make displays Can't verify CSRF token authenticity error in my log. I have no idea why this isn't working. The...

Laravel 5 ignore Authentication specific route

php,authentication,laravel,token
I am new in laravel 5. I have a dashboard page and a login page. whenever I go to localhost:8080/dashboard it always redirect me to localhost:8080/auth/login. I wanted to show my dashboard localhost:8080/dashboard to be viewed without logging in first. Here is my code in VerifyCsfrToken namespace App\Http\Middleware; use Closure;...

shall I use Spring framework for a performance-critical proxy application? [closed]

java,spring,authentication,servlets
I've created a servlet (Tomcat) application which has these functions: It performs HTTP Basic Authentication. It connects to a user and role database. It works as "security facade" for some geodata servers behind It forwards requests after doing some authorization tests In case the response contains XML data, it performs...

Grails: How to get username of currently logged in user, and what imports does that require?

authentication,grails
I simply need the name of the currently logged in user. The same that gets displayed in gsp with <sec:username/>. I'm at a loss as to what to do. Here's previous answers and questions - they all seem to require some import and none of the solutions works for me:...

X509Certificate: what is the difference between getIssuerDN() and getSubjectDN() methods

java,security,authentication,x509
I'm using X509Certificate class in java, and when I want to get the subject name I try: x509certificate.getIssuerDN().getName(); and x509certificate.getSubjectDN().getName(); both methods have the same result. So what is the difference between them ??...

JWT authentication doesn't work for custom controller in Django

django,authentication,django-rest-framework,json-web-token
I am using the Django Rest Framework in my Python app, and am using JSON Web Token Authentication (DRF JWT) for the api authentication. My problem comes when I am building a custom controller. I pointed a specific URL to a function in my calculations.py file that I created. Following...

Simple token-like authentication

php,authentication,token
Does the following authentication system seem reasonable: Client calls the login end point with a user name and password to the main server. The main server sends this off to another authentication server (which will receive no further mention), which returns a yes/no if this is valid and a user...

Slim PHP Framework middleware custom URL filter

php,rest,authentication,middleware,slim
I am creating API using Slim Framework. I need to filter requests required authentication and route them to the specific auth handler. Or it would be better to say that I need to filter URI that don't require auth (public information). I have created following middleware skileton class TokenAuth extends...

Sign Up screen with Parse.com Android Studio

java,android,authentication,parse.com
I'm an Android student and I'm trying to set up a Sign Up screen and save the user in parse.com but when I click on Sign Up button gives me error and I don't know why. Also I don't know how to test if the password and repeat password editable...

backbone persistent login - login removed on browser quit

javascript,rest,authentication,backbone.js,login
I am working on a backbone application that hooks into RESTful API. One problem I having at the moment, is that a user can be logged, they can then close there browser, reopen it go to my application and be logged out. Is is possible to make a login persistent...

Node Express auth status

node.js,authentication,express
I have multiple routes, split into different files (my app consists of different "modules", which I maintain in separate folders. For each folder, there is an index.js file in which I manage the routes per module, and I require these in the app.js file). For every route, I will require...

Configuring a Custom LDAP Authentication Provider with Spring Security

java,spring,authentication,spring-security,ldap
I'm trying to configure the Spring Security with LDAP Authentication, but I need to get the username for all login requests. I configure my spring-security.xml who points to my MyCustomAuthenticationProvider class. I think the configuration is correct, but in runtime, the Spring first try to login with his own LdapAuthenticationProvider....

Instagram Authentication no longer shows sign in inputs just serves instagram.com

authentication,callback,instagram
So I know that instagram just did some API updates which I am trying to implement. But the very first step no longer seem to work: https://api.instagram.com/oauth/authorize/?client_id=CLIENT-ID&redirect_uri=REDIRECT-URI&response_type=code This very first step used to send you to a sign in page where you input your username and password, if you were...

Laravel 5: How to add Auth::user()->id through the constructor ?

authentication,laravel,constructor
I can get the ID of the authenticated user like this: Auth::user()->id = $id; Great it works, ... but I have a load of methods which need it and I want a cleaner way of adding it to the class as a whole,so I can just reference the $id in...

Token Based Authentication in ASP.NET 5 (vNext) (refreshed)

c#,authentication,authorization,web-api,asp.net-5
I'm working with ASP.NET 5 (vNext) application. I'm trying to implement Token Based Authentication but can not figure out how to use new Security System. My scenario: A client requests a token. My server should authorize the user and return access_token which will be used by the client in following...

Association Error with Sorcery Gem in Rails

ruby-on-rails,ruby,authentication,gem,sorcery
I used Sorcery to set up authentication in Rails and I'm trying to create a model where the user id for the user is linked as reference to the model for data entered, but I get an error: Couldn't find User without an ID it refers to the following code:...

Laravel 5 Override Login Function

php,authentication,laravel,login,laravel-5
I'm working on my Laravel Project and trying to override the default postLogin() from AuthenticatesAndRegistersUsers . So I have updated my AuthController and added this to override the built-in login, public function postLogin(Request $request) { $this->validate($request, [ 'email' => 'required|email', 'password' => 'required', ]); $credentials = $request->only('email', 'password'); if ($this->auth->attempt($credentials,...

Google Analytics API authentication

authentication,google-analytics,analytics,google-analytics-api
I was using this code until yesterday: $gaemail = 'my email'; $gapassword = 'my password'; $gaprofileid = 'my profile id'; require 'gapi.php'; $ga = new gapi($gaemail,$gapassword); Today it started giving me the error: Exception: GAPI: Failed to authenticate user. Error: "https://developers.google.com/accounts/docs/AuthForInstalledApps " in C:\wamp\www\projects\gapi.php on line 418 Was there any...

Thinktecture IdentityServer3 - Single sign out for distributed system

authentication,single-sign-on,thinktecture-ident-server
I'm building an distributed system with multiple clients that use a single identity server for authentication. This provides single sign on between these clients. When a user signs out from one of the clients, and thus signs out from the identity server, can the identity server sign the user out...

What was I wrong when using Jersey Client to authenticate an Spring Security web application?

spring,authentication,jersey-client
I have a web application which is protected by Spring Security Login Form authentication. Now I want to use Jersey Client to authenticate to my web pages and I think I should pass through login form as I do on a normal browser. My client authentication code is as below...

Cannot login with new SQL User - SQL 2014

sql,authentication,sql-server-2014
I'm having some trouble with logging in with a newly created SQL User. I have created a login and user on my SQL Server. I have changed the SQL Authentication mode to mixed and restarted the service. Each time I try to login it gives me this error: Login failed...

Authentication with OAuth and JWT but without OpenID Connect

session,authentication,oauth,authorization,openid-connect
I’m wondering if I really need OpenID Connect to provide authentication on top of OAuth2. It seems to me if I generate JWTs (JWE) as my access token and I store user claims, roles/permissions, etc. in the access token, then the OpenID Connect's id token isn't needed. Resource servers can...

Coding of Admin-Guest login section in an OS

linux,authentication,cmd,linux-kernel,operating-system
I developed an authentication algorithm for user authentication as part of my masters thesis and implemented it in PHP. I intend to know how can I implement the algorithm for operating system login, in which language (for linux)? also where the code will reside because it will not be click...

Change password function not working - hash wrong

cakephp,authentication,hash,passwords
Ok, I've been hitting my head against this wall all evening. Can someone explain to my why this returns false (user model): public function changePassword($user_id, $currentPassword, $newPassword, $repeatPassword){ //Check repeat /* if($newPassword != $repeatPassword) return false; */ //Check old password $this->id = $user_id; $current = $this->field('password'); $passwordHasher = new BlowfishPasswordHasher();...

Laravel Authentification fails

authentication,laravel,login,controller
I got a problem, my Authentifications keeps getting to the else statement, while I put in the correct email and password into the login form. With the else statement I mean the last line of my SessionController else { return Redirect::to('login') } Here are my routes.php // ~ Root Route::get('/',...

Validating Multiple Roles in Spring Security

spring,authentication,spring-security,authorization,intercept
I have added all the required libs and dependencies for the security and the application is working for single role & Any role cases Single: <security:intercept-url pattern="/**" access="hasRole('enabled')" /> Any Role <security:intercept-url pattern="/**" access="hasAnyRole('enabled','view')" /> is there are way to check multiple(AND or All Roles) roles using the expression ?...

Web API Basic Auth inside an MVC app with Identity Auth

c#,authentication,asp.net-web-api,asp.net-mvc-5
So I have a C# MVC app using Identity for its authentication. I now have a need to expose a few things via Web API to some of my clients. Instead of building a separate app, project, deployment... I've simply added an API Controller to my existing project. To keep...

Authorization fingerprint example

android,authentication,fingerprint
Whether you can authenticate to an application using fingerprint? If, yes. Can it someone show you an example. To the application must be logged password or fingerprint. The fingerprint will be stored locally.

Display flash messages after login/logout

symfony2,authentication,flash-message
I have been following this tutorial from the Symfony Book to manage my users. Now, I would like to set a flash message after the login has succeeded OR if somebody attempts to access a forbidden area. What I understand is that authentication and authorization are not managed inside controllers....

python requests with redirection

python,authentication,redirect,curl,python-requests
Trying to authenticate on http://72.ru site, noticed that there were a redirect to https://loginka.ru/auth/. Found that there were 302 POST with plain credentials in data form. Copying headers from Chrome can reproduce that in cURL, but still can't reach in requests module. Warning: page is full of russian letters, registration...

Is it possible to use Google Cloud Endpoints built in authentication with Google+ Domains API?

google-app-engine,authentication,google-plus,google-cloud-endpoints,google-plus-domains
Google Cloud Endpoints has it's own authentication process in which the backend endpoint method is simply passed a com.google.appengine.api.users.User object. https://cloud.google.com/appengine/docs/java/endpoints/auth The Google+ Domains API specifies its own authentication process in order to get the com.google.api.client.auth.oauth2.Credential object. This allows for the building of the com.google.api.services.plusDomains.PlusDomain object. https://developers.google.com/+/domains/authentication/ How would you...

Third-party security providers like Google, Twitter etc. in ASP.Net

asp.net,authentication
I have created a standard ASP.Net web project in Visual Studio 2013 and enabled authentication. A class called 'StartupAuth.cs' is created auotmatically, with following lines. When the app runs on localhost dev server it throws an exception as pasted in screen shot below the code. I need to have it...

Client certificate authentication

authentication,ssl,https,ssl-certificate,x509
I am new to SSL and Certificates . I have been doing my research about client certificate authentication. I have read this and wiki. So If I have to implement a client certificate auth solution for my B2B REST service should I do following Ask clients to generate their own...

Connet to right custom Exchange server

c++,authentication,wsdl,exchangewebservices,gsoap
I am trying to implement a client side service which exchange data with exchange server, so i'm using gSoap library. However i want that any user can access their own mail data with their official mail credentials via my this client service. I'm using wsdl file from https://outlook.office365.com/EWS/services.wsdl to get...

Connecting to database using Windows Athentication

sql-server,vb.net,authentication,connection-string
I would like to use window authentication in my program to connect to my sql server. users already have certain permissions on the SQL server and I would like to leverage that in my program. The way I currently connect to the server is using this connection string. Dim ConnectionString...

SQL server bulkinsert errors

python,sql-server-2008,authentication,ssms,bulkinsert
When I run this query to bulkinsert a file on a shared drive to SQL server 2008 with username and password (not Windows authentication), I get these errors. DBA, system admins and network guys are all denying these errors are related to their teams and I am lost... Can anyone...

What is the best practice for sending password from frontend to API server?

javascript,ruby-on-rails,api,rest,authentication
I am implementing a web application composed by a Javascript front end (single page application if you prefer), and a Rails backend. The front end app make request through API to the server, I want to know what is the best practice for sending the password on the login or...

Google Play Game Service Check user logged in or not Unity3d

android,authentication,logging,unity3d,google-play-games
I want to check user has been logged in or not if it has been logged in then i will check for achievement. I have written like this : void Update() { Social.localUser.Authenticate((bool success) => { Social.ReportProgress("Cfjewijawiu_QA", 100.0f, (bool success) => { // handle success or failure }); }); }...

PHP path starting /

php,authentication
In HTML you can set your href to "/folder/page" and the starting / would go to the root-directory of your web application (meaning it would start at www.yoursite.com) and move on from there. Now, in PHP, can i do this? I am having a problem, since i have a file,...

How to change User Table in Laravel?

php,mysql,authentication,laravel,laravel-5
I use Laravel 5.0. I have user table in my DB. I changed table variables in User and Config/Auth to user but when I try to register Laravel gives me an error: Table 'xxxx.crmx_users' doesn't exist (SQL: select count(*) as aggregate from `xxxx` where `email` = xxx What I do...

NTML authentication on Apache 2.4 with mod_authnz_sspi

apache,authentication,network-programming,ntlm
I've difficulties reaching a file on one Apache web server from another web server. Or even from the same web server. First let me give you the specfications of the two servers involved. Server 1: Windows Server 2003 Apache 2.2 32bit PHP 5.2.10 Server 2: Windows Server 2012 R2 Standard...

MVC5 Login to custom Database

asp.net-mvc,authentication,login,asp.net-mvc-5,owin
What if you have your own database and a BAL (Business Access Layer) and don't want to use DefaultConnection and the template ASPNET database tables but my own user tables? How can you use a custom database? ConnectionString: public class AppDbContext : IdentityDbContext<AppUser> { public AppDbContext() : base("DefaultConnection") { }...

How to deny user access when back in browser is clicked and user have already logout

php,codeigniter,authentication
I want to deny user access when user is not logged in. So, what I did is put this code in every function of my controller: if((!$this->session->userdata('logged_in'))){ redirect(site_url()."/Login/logged_in",'refresh'); } And I also have this one: public function logged_in(){ $logged_in = $this->session->userdata('logged_in'); if(!isset($logged_in) || $logged_in !== true){ $this->load->view('ErrorAccess'); } } Then...

What is the preferred method of using Google for sign-in?

authentication,oauth-2.0,google-plus,google-oauth
Google has a habit of providing multiple means to achieve a goal. And of ditching services when they feel like it. If I would need to implement a "sign-in with Google" authentication feature today, which one should I pick? Google Sign-In or Google+ Sign-In? Or to put it differently: which...

API Authentication using HMAC

authentication,hash,oauth-2.0,slim,hmac
I am looking for a decent method of authentication to use when writing a simple API for use within our internal systems. Other questions on Stack Overflow have suggested HMAC along with links to tutorials, which I went ahead and decided to implement. After setting this up, I realized I...

PostgreSQL: MD5 Authentication in pg_hba.conf gives me FATAL: Peer authentication failed for user “postgres”

postgresql,authentication,psql
I'm running Ubuntu 14.04 and installed PostgreSQL 9.3. Edited /etc/postgresql/9.3/main/pg_hba.conf as: # "local" is for Unix domain socket connections only local all all md5 # IPv4 local connections: host all all 127.0.0.1/32 md5 # IPv6 local connections: host all all ::1/128 md5 I restarted the server and now I'd like...

Enter Database PHP connection with userform [closed]

php,authentication,post,mysqli
I'm trying to enter a username into a text field and click submit then this should connect me to my database. A) What is wrong with the code below: <!DOCTYPE HTML> <html> <head> <style> .error {color: #FF0000;} </style> </head> <body> <?php // define variables and set to empty values $nameErr...

Express JWT Error: Not enough or too many segments in socket.io initial auth

javascript,authentication,socket.io,jwt,express-jwt
During the initial handshake where a token and username are passed, I am catching this strange error-- { handle: 10, type: 'error', className: 'Error', constructorFunction: { ref: 11 }, protoObject: { ref: 12 }, prototypeObject: { ref: 3 }, properties: [ { name: 'stack', attributes: 2, propertyType: 3, ref: 3...

How can I require authentication in Laravel 5 on a conditional basis?

php,authentication,laravel,laravel-5
I have an application which uses Laravel 5's out of the box authentication. I need to require authentication on the show method of a controller ONLY when the field called "approved" is equal to 1. How can I require authentication using middlewares on a conditional basis such that unauthenticated users...

How to respond in Middleware Slim PHP Framework

php,rest,authentication,middleware,slim
I am creating middleware for auth into REST API. My API is created using Slim PHP Framework ,which in case provide great features to build APIs. One of this feature is Middleware. I need to check credentials in Middleware and respond with an error (HTTP code with JSON descriptions) to...

django rest framework - understanding authentication and logging in

rest,authentication,login,django-rest-framework
I am a beginner to django rest framework (and to REST in general) and I have a server side which (for now) has a UserViewSet which allows to register new users and I can POST to the url from my android app just fine (I get 201 CREATED). I read...

Django : intercept authentication to store session variable or cookie

django,authentication
I am working on a project that's running on django. I would like to authenticate in multiple places. First, I would like to maintain the standard authentication mechanism and continue using it for site administration. Second, I would like to intercept the login request in addition to the standard authentication,...

Authenticate Google Account with php

authentication,printing,cloud
Is there a possibility to log in on to Google Accountt with php? Until 26th of May I was using https://www.google.com/accounts/ClientLogin to verify account. Now this method is disabled. What Im trying to do is to connect Google Printer Cloud to print orders in resaturant. Client makes order on website...

Integrate Authentication For Front End And Backend Generate Using Jhipster

java,angularjs,authentication,jhipster
I'm configuring the backend (in Java) and frontend (in AngularJS) with JHipster. I would like to use my own front end code which is in AngularJS instead of the code generated by JHipster. The problem is: I get an authentication error after any API call of the back end. Is...

How often are CRLs checked?

list,authentication,certificate,ca
Are Certificate Revocation Lists checked everytime a client receives a certificate? Or does it happen just the first time, and then again when the CRL is updated?

Multiple form authentication in the same domain

php,forms,authentication
I have a website with two form authentication in different pages, have different input name and link to different pages . The problem is that when I save my authentication to a browser (chrome) of a form , the browser fill in the fields with the same data in the...

Web Authentication with client certification

asp.net,authentication,x509certificate
I'm trying to authenticate login of a web app with three elements: Userid of web app Password of web app Client Certificates installed on user's PC. I see a client or machine certificate as a long string or key which is stored in Windows registry. I'm planning to put those...

Authenticating mobile app login using webservice using oauth connection

php,android,api,authentication,oauth
I have developed a website in PHP ( zend framework 2 ). It has user authentication to access user specific content and views which is only accessed by the user. Now I want to create a mobile app which has same functionailty as this. So I created a web service...

How to use: $this->Auth->user('id') in a model? Cakephp 3.0

cakephp,authentication,model,cakephp-3.0
I've been working on the skinny controller fat model way. Before, I used this in my controller: $this ->find('all') ->contain(['Declarator']) ->where(['user_id' => $this->Auth->user('id')]) ->order(['Declarations.created' => 'DESC']); However, $this->Auth->user('id'), doesn't work in a model. What other way is there to get the id from the authenticated user in a model?...

Multi service with one-login authentication (Single sign-on)

authentication,login,single-sign-on,saml
Single sign-on (SSO) is a property of access control of multiple related, but independent software systems. With this property a user logs in once and gains access to all systems without being prompted to log in again at each of them. (from wikipedia) now, I have more web service:...

Google TURN server for WebRTC with REST API authentication

javascript,rest,authentication,webrtc,turn
I'm trying to set up the Google TURN server for webRTC from here. I was able to successfully relay my video through this TURN server using a turnuserdb.conf file where I have my username and password (my_user_name:my_password). And on the web client side I used: "iceServers":{[ "url": "turn:my_user_name,@turn_server_ip", "credential":"my_password" }]...

How to enable multiple login tries in asp.net forms authentication?

c#,asp.net,asp.net-mvc,authentication
I have a MVC project with forms authentication. Basically it works fine: The user wants to access a controller with Authorize-Attribute and gets redirected to login-page if not authenticated. On redirect the parameter returnUrl gets forwarded as well. However, in case the first try of the login fails, the return...

Difference between django.contrib.auth.login and django.contrib.auth.views.login

django,authentication
What's the difference to use django.contrib.auth.login or django.contrib.auth.views.login? First in __init__.py and second in views.py I saw that code and it differs from each other. Same is with some other views, for example 'logout'. As I understand, django.contrib.auth.views.login is used when I want to redefine some parametrs of that view?

How to implement Spring Security Ldap authentication using the configurer class correctly?

spring,authentication,spring-security,ldap,spring-ldap
Hi I'm trying to implement spring's ldap authentication using the WebSecurityConfigurerAdapter class. So far I can authenticate through the in memory method and even my corp's ldap server, however the latter method I'm only able to authenticate if I pass a hardcoded userDN and password when I create the new...

MS Azure Resource Provider SDK - Authentication

php,authentication,azure,certificate
I'm trying to implement the MS Azure authentication described here: https://github.com/Azure/azure-resource-provider-sdk/tree/master/docs#authentication but the only thing stated there is: You are responsible for verifying the caller's certificate thumbprint. Only accept calls from certificates that have the correct public key. How to make it? Preferably in PHP. Thanks in advance....

Django LDAP authentication fails: SERVER_DOWN

python,django,authentication,active-directory,django-auth-ldap
I'm using the django-auth-ldap for the authentication. I'm having the following error: Caught LDAPError while authenticating xxx: SERVER_DOWN({'info': '(unknown error code)', 'desc': "Can't contact LDAP server"},) Using: AUTH_LDAP_CONNECTION_OPTIONS = { ldap.OPT_X_TLS_REQUIRE_CERT : ldap.OPT_X_TLS_NEVER } in setting.py should solve the problem, but it doesn't. I played around and it looks like...

Using JWT with Active Directory authentication in NodeJS backend

node.js,security,authentication,active-directory,jwt
I am building an intranet web application consisting of an Angular frontend and a Node.JS backend. The application needs to use the corporate Active Directory for authentication and authorization. I'm considering how to best implement this in a secure way. I am planning to use the Active Directory node module...

Forbid the access to the connect page when user is already logged

ruby-on-rails,authentication
I made an app with Rails 4 where the users can access to the website only if they are logged. I didn't use Devise to do that but I've followed this railcast. It works well but I have a problem, when an user is logged he can still go to...