basic-authentication

问题 At the moment I'm trying set up authentication on my test server. The following is the list of files in the folder I'm trying to set up authentication for. sftp://it@192.168.0.157/var/www/secret/.htpasswd sftp://it@192.168.0.157/var/www/secret/.htaccess sftp://it@192.168.0.157/var/www/secret/index.html Here's what .htaccess contains: AuthName "Restricted Area" AuthType Basic AuthUserFile /secret/.htpasswd AuthGroupFile /dev/null <Files test.html> require valid-user </Files> I'm not getting

问题 In my android app made with phonegap, users can sign in. When they do it, JQuery get their login and their password and do an ajax call with theirs credentials following the HTTP Basic Auth specification. Everything works fine. However I'm encountering a problem for handling the situation when a user sets bad credentials. In the .error() callback, I want to display a specific message for status 401 (like "authentication failed") and another message for other status ("technical problem"). My

问题 I'm using WSO2 EI 6.3.0 and WSO2 Developer Studio 3.8.0. I'm working with an ESB Project and a Proxy Service inside it. The Proxy service is a simple pass through service; it receives a request from a webapp and forward it to a Soap Web Service, gets the response from the WS and gives it back to the web app. I realized this configuration following this tutorial: https://youtu.be/3OsuGhEMQgc The setup is very simple, everything worked fine until I found a web service whose endpoint has http

问题 I am using jboss server. I want to do BASIC authentication using web.xml file. How do I do that? 回答1: The tutorial on How to Configure JBoss for Basic Authentication should help you in this 回答2: The steps are Add security-constraint in web.xml for secure pages Apply login-config in web.xml In jboss-web.xml apply security-domain Create properties files for user and roles The following link explains this pretty well with an example https://community.jboss.org/wiki/BASICAuthentication users

问题 I´m currently messing around with JAX-RS specifically Resteasy, because it "just works" with Wildfly and I don´t have to configure anything. That´s really the only reason I use that. I did already implement Basic Authentication, looking forward to replacing it with OAuth2 later, just did this now for simplicity reasons. The ContainerRequestFilter looks like this @Provider public class SecurityFilter implements ContainerRequestFilter { private static final String AUTHORIZATION_HEADER_KEY =

问题 Is OAuth more secure than Basic Auth through HTTPS for server to server dialog? I mean, if I want to do some API request from server A to server B with OAuth, I have to store some auth data (key, secret, etc.) on server A. Then using these auth data, I can have a token and make requests with this token to server B. And using the same auth data later, I will have a token key and will be able to make request with this fresh token. With Basic Auth, I have some auth data (user, password) on

问题 I have python flask running on my server exposing a REST API that is being consumed by an iOS app. I'm using HTTP Basic Authentication using the Flask-HTTPAuth: module. I wanted to know how secure this is because the username:password string would be sent on every request. Do I need to use HTTPS instead? Thanks! Sorry for bad english. Still learning. 回答1: Your current system is (very!) insecure, the login information can be seen during transit by anyone. The easiest way to add secure HTTP is

问题 Have a look at the following code: DefaultHttpClient http = new DefaultHttpClient(); http.getCredentialsProvider().setCredentials( new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT), new UsernamePasswordCredentials( Configuration.username, Configuration.developerKey ) ); HttpPost post = new HttpPost(strURL); StringEntity entity = new StringEntity( ac.toXMLString() ); entity.setContentType("text/xml"); post.setEntity( entity ); org.apache.http.HttpResponse response = http.execute( post );

问题 I'm building a test app and used the instructions here (http://flask.pocoo.org/snippets/8/) to setup simple authentication. On pages where auth is required I get a popup saying "Authorization Required". Instead of that, I'd like to redirect to a login page where the user can put their user/pass in a form. Here's what I have currently (same as the snippet in the link): from functools import wraps from flask import request, Response def check_auth(username, password): """This function is called

问题 Can I have two AuthUserFile directives in an apache2/sites-enabled/000-default configuration file? <Location /repo/trac> AuthType Basic AuthName "Trac" AuthUserFile /etc/apache2/passfile1 AuthUserFile /etc/apache2/passfile2 Require valid-user </Location> I want username/password for two types of users. DEV - can access SVN and Trac NOM - can only access Trac I have two options: keep separate password files for Trac and Svn and include them separately, or have 2 password files in 1 I put DEV