authorization

Is it possible to restrict PHP page to certain devices?

回眸只為那壹抹淺笑 提交于 2019-11-28 10:37:57
问题 I've build a PHP web application which I only want my wife and I to have access too. Adding password protection adds an unnecessary user step - is it possible to restrict the page to certain devices (e.g. our iPhones, iPad and MacBook) regardless of wifi / 3G network etc. I don't think PHP can determine MAC address - so is there a suitable method other than password protection? Thanks, Mike EDIT Some further info to help clarify: The server is running on Debian/Linux (The RaspBMC off-shoot of

How to dynamic handle roles|permissions in Symfony2: restrict functions with dynamic roles

橙三吉。 提交于 2019-11-28 10:22:27
问题 This post aims to be a kind of second part of this post so you may have to read it to understand this question. Having that info and the answer from previous post and also having found this useful UserBundle which help me as an example to illustrate possible relationship as Many To Many between roles and users I may ask: I have dynamic roles and now how I use those new ROLES ? What I mean, for example I want to limit a existent function to role ROLE_NEWROLE which has been created dynamically

What is a common approach to scope records by those that an user can “read”?

流过昼夜 提交于 2019-11-28 09:56:06
问题 I am using Ruby on Rails 3.2.2 and I would like to know what is a common approach when it must be checked if an user has proper authorizations to "read" records present in a "list" of records. That is, at this time I have the following: class Article < ActiveRecord::Base def readable_by_user?(user) # Implementation of multiple authorization checks that are not easy to # translate into an SQL query (at database level, it executes a bunch of # "separate" / "different" SQL queries). ... # return

rails leaving out some parts from fragment caching

…衆ロ難τιáo~ 提交于 2019-11-28 09:33:35
问题 I have a rails 4 app using pundit gem for authorization. If I do russian-doll fragment caching like the code below, the conditional statement used for authorization will be also cached, which is not good, since edit/delete buttons should only be available for the post.user . What is the good way to get around this? Should I split the cache into smaller parts or is there a way to exclude some parts of the caching? What's the rails convention in this case? index.html.erb <% cache ["posts-index"

Issue with custom Authorization in DropWizard

拟墨画扇 提交于 2019-11-28 09:24:40
问题 I am trying to add custom authorization in dropwizard but not able to successed. I have a custom authentication added for dropwizard by binding it to authFactory Authenticator ssoAuthenticator = createSSOAuthenticator(configuration.getSsoGrantClientConfiguration()); environment.jersey().register(AuthFactory.binder( new SSOTokenAuthFactory<SSOGrant>( ssoAuthenticator, SYSTEM_PREFIX, SSOGrant.class)) ); and adding a dynamicfeature for authorization environment.jersey().register

Java Google Contacts API Access Service Account Authentication

柔情痞子 提交于 2019-11-28 09:15:33
问题 I'm trying to access Googles Contacts API but my attempt failed already on getting authorized. From other (web) languages i'm used to the APIConsole and the public API-key (authorization). GoogleCredential credential = new GoogleCredential().setAccessToken("<<PublicAPIKey>>"); System.out.println(credential.refreshToken()); // false This way I'm not able to refresh the token and be unsure about using the public-key as accesstoken... Instead I tried over a service account: private static final

c# check if the user member of a group?

旧时模样 提交于 2019-11-28 09:09:36
I have a code that I use to check if the user is member of the AD, worked perfectly, now I want to add the possibility to check if the user also a member of a group! what do I need to modify to achieve that, I did some work, but it fails! so here is my code: //Authenticate a User Against the Directory private bool Authenticate(string userName,string password, string domain) { if (userName == "" || password == "") { return false; } bool authentic = false; try { DirectoryEntry entry = new DirectoryEntry("LDAP://" + domain,userName, password); object nativeObject = entry.NativeObject; authentic =

How can I return user ID with token in Django?

一个人想着一个人 提交于 2019-11-28 09:01:35
问题 I generate tokens using default view in Django: url(r'^login/', rest_auth_views.obtain_auth_token), I have a problem because my front-end doesn't know what is the currently logged in user ID. Should I return it with token or maybe create some another request? I know that there is a lot of different ways, but I would like to choose the most optimal solution. 回答1: You could override rest_framework.authtoken.views.ObtainAuthToken.post in order to get the result you want. myapp/views.py from rest

Implementing User Authorization in PHP and Javascript

穿精又带淫゛_ 提交于 2019-11-28 08:19:32
问题 Assuming I have a valid session and an authenticated user, what are some ways to go about implementing user authorization in an application with a PHP/MySQL backend, and a heavy JavaScript front-end? Most of the implementation examples I can find seem too focused on user authentication and the authorization just sort of happens. For instance, an if statement checking if the type of user an admin. This seems way too implemented to me. In an implementation like mine, there is no way of knowing

Multiple HTTP Authorization headers?

陌路散爱 提交于 2019-11-28 06:42:39
Is it possible to include multiple Authorization Headers in an HTTP message? Specifically, I would like to include one of Bearer token type (passing an OAuth access token) and one of Basic type (passing a base64 encoded username:password). GET /presence/alice HTTP/1.1 Host: server.example.com Authorization: Bearer mF_9.B5f-4.1JqM Authorization: Basic YXNkZnNhZGZzYWRmOlZLdDVOMVhk I see no reason this should not be possible, just wanted to vet it with the community to be sure. Sam Critchley This should be possible, you just have to add a comma between field values, e.g: GET /presence/alice HTTP
订阅 authorization