authorization

问题 I am planning to build an office extension application ( more or less a HTML5 application). The most valuable part of the application is the content provided by the application, so content information must be securely kept in a database. anyone trying to access the content must prove their identities by showing their usernames and passwords. I have a Cloudant database named "_users" which stores all the users login information such as usernames and passwords, and another Cloudant database

问题 I have a page that needs to be secured. I add [Authorize] attribute to that action method. if you are not logged in, you will be redirect to the login page everytime you visit that secure page. it works except I rename logon action to login , but applicaiton still redirects user to logon action. its no long there, I rename it, how do I fix it? 回答1: In your Web.config file change the forms loginUrl. <authentication mode="Forms"> <forms loginUrl="~/Controller/Action" /> </authentication> 回答2:

问题 I am building a website on an intranet and one of the directories can only be accessed by hard coded authorized users. They are defined in web.config. It looks similar to this. <location path="admin"> <system.web> <authorization> <allow users="user1"/> <allow users="user2"/> <allow users="user3"/> <allow users="user4"/> <deny users="*"/> </authorization> </system.web> </location> What I want then is to create a link to this directory which only appears to those users... At the moment, to

问题 I am trying to implement a web application with spring security. I understand the role based mechanism of spring security and can get it to work. My problem is, in my web app users can create there own groups and add friends (other users of the app) to it. The access to some pages of the user is based on this friends-group. It should work similar to facebook user and groups. How can I implement these custom user groups and the access to users pages with spring security? Is there a default

问题 I made an application where there are two controllers (user and home). The user controller performs actions such as registering a user and logging them in/out, while the home controller is used to perform actions once the user is authenticated. I found this answer on SO: What is the best practice for restricting specific pages to logged in users only in Codeigniter? But I saw that the verifying of a session value is performed in a separate, custom controller. I was wondering why that's

问题 So I've been trying to figure out why my Google Contacts wasn't being enabled after I had enabled it on Google developer console as so: After I had enabled it, when I log in I am able to see this knowing that the Google+ Api is working fine. As we can see, it seems as though the Contacts API is not Authorizing the enabled Contacts API. Why is that? I would expect it to be the following image. Any help would be greatly appreciated. Its been like 2 days and I haven't got my hand on this. 回答1:

问题 I'm new in iOS programming. I made iOS app with connection to MSSQL . It works fine when online dialog authorization to server deactivated Accordingly when we activate authorization my app does not work. Server authorization picture. How can I specify authorization data in my app? How can I fill login and pass background in app? And whether it be safe? My code is the next: ViewController.m #import "ViewController.h" #import "SBJson.h" @interface ViewController () @end @implementation

问题 I'm trying to get an ASP.NET Web API application running on IIS7.5. I've added an application tot the default web site for it. It's running in the DefaultAppPool, with anonymous authentication enabled and ASP.NET impersonation disabled. The Web API works fine: I can run it and it returns results. However, when I call an operation that is supposed to return an image, I get a System.UnauthorizedAccessException. I figured it's just an authorization issue, so I went to the file's security dialog

问题 I am getting " Policy uploading failed. Invalid Entitlement Policy. Policy is not valid according to XACML schema " message, whenever i am uploading policy in WSO2 identity server. I have wso2is-5.1.0 version. I got this XACML policy from this WSO2 tutorial. The XACML policy is: <Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" PolicyId="Entitlement_Filter_Sample_Policy" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:first-applicable" Version="1.0">

问题 I have my c# asp.net web application set up for windows authentication. <authorization> <deny users="?" /> <!-- Denies access to the anonymous user. --> </authorization> I have 2 issues. Firstly, if I navigate to my site from my local PC, I get asked for a username/password to which I enter the credentials I use to log on to the server and these are successful and I gain access. However if I navigate to the site on the server via the internet browser, I get asked for the credentials to which