authorization

How to load menu on webpage depends upon login user? I want to make websites where some menu will show before login and after login it will show more menu depends upon login user if admin is login then some administraive menu will appear if normal user is login then some different menu will be added. I want to build this project using JSP/Servlet. When user click on any menu total page will not be reloaded only some part will be changed where show the details description of this menu. BalusC You can just use JSTL to programmatically control the flow in the HTML output of the JSP. You can check

I have a sample question with this post Dynamically add roles to authorize attribute for controller but for ASP.NET 5 (vNext) In ASP.NET 5, I can not overwrite AuthorizeAttribute class as above post said. So how can I add roles dynamically Controllers in ASP.NET 5 (vNext) Thanks in advance. As mike mentioned, you need policies. Here is one implementation. public class CustomRoleRequirement : AuthorizationHandler<CustomRoleRequirement>, IAuthorizationRequirement { protected override void Handle(Microsoft.AspNet.Authorization.AuthorizationContext context, CustomRoleRequirement requirement) { var

I am using ASP.NET MVC 1.1 with Windows authentication. I trying to only authorize members of a group and myself. I am not a member of the group and would not need to be a member of this group. I am getting windows login/password prompt every time I access the URL of the web app. The HomeController has [HandleError] [Authorize(Roles=@"MyDomain\\company.security.group.name")] [Authorize(Users=@"MyDoamin\\MyName")] [OutputCache(Duration=86400,VaryByParam="PageIndex")] public class HomeController : Controller How do I enable such authorization? The web app is running under a site on IIS6. The

I am passing an Authorization: Bearer { Token } as a HTTP request to my Symfony Rest Controller. My Request: GET /app_dev.php/api/members HTTP/1.1 Host: localhost Authorization: Bearer 123456789 Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded Inside My controller: $this->getRequest()->headers; For some reason when I use Symfony's Request method the Authorization header isn't available to my controller. When I use PHP's getallheaders() the Authorization header shows up as expected. Any Ideas on why Symfony isn't seeing it? Thanks It is most likely stripped by Apache.

I am implementing a simple registation/login module. While testing user credentials, I start thinking which HTTP status code will be appropriate, for the situation if a user send a request with incorrect credentials. At first, I thought 401 Unauthorized would be a nice status code, but it seems it will be better to use it when a user is trying to get some resource without authorisation. After, I switched to 409 Conflict This code is only allowed in situations where it is expected that the user might be able to resolve the conflict and resubmit the request. So, friends, please give me an advise

I would like to have two home pages, the first would be for users who have not logged in and the second for users that are logged in. This is my current set up: .config(function ($stateProvider, $urlRouterProvider, $locationProvider, $httpProvider) { $urlRouterProvider .otherwise('/'); $locationProvider.html5Mode(true); $httpProvider.interceptors.push('authInterceptor'); }) .factory('authInterceptor', function ($rootScope, $q, $cookieStore, $location) { return { // Add authorization token to headers request: function (config) { config.headers = config.headers || {}; if ($cookieStore.get('token

This is one of this things that should be extremely simple and I just can't work out why it's not working. I'm trying to set up some very quick authentication for an ASP.net 3.5 app but storing the usernames and passwords in the web.config file (I know it's not very secure but it's an internal app that I keep getting asked to add and remove logins for so this is the quickest way to do it). So, the relevant config section looks like this: <authentication mode="Forms"> <forms loginUrl="~/login.aspx"> <credentials> <user name="user" password="password" /> <user name="user2" password="password2" /

I have an Angular app using UI Router where I'm trying to validate a user's token, if one exists, when the app runs. I am also checking that the user has permission to access certains routes. The problem is that $stateChangeStart is running before I receive the response back from the authorization endpoint. Here's some code (coffeescript with js below) - this is all within my run block. app.run(($rootScope, $state, $stateParams, $log, Auth) -> currentState = 'home' $rootScope.$state = $state # read a cookie if cookie exists if Auth.setAuthenticationToken() # hit api endpoint to validate token