authorization

问题 I need to create a user authorization with different user's roles (admin and simple user). Admin will have more functional abilities. So, what classes or engines should I use to implement user authorization to my destkop application? Should I use classes in javax.security.auth.login ? 回答1: The two most common ways to implement authorization in a desktop application are: Java Authentication and Authorization Service (JAAS) Roll your own, either entirely from scratch or using something like

问题 It is suggested that whether your app uses code or token as your response_type you should perform an automated check on the access_token to confirm that the token belongs to the person the app expects it to belong to and that it was your app that generated the token. You are supposed to do this on GET graph.facebook.com/debug_token? input_token={token-to-inspect} &access_token={app-token-or-admin-token} where app-token is app_id|app_secret and token-to-inspect is the user's access_token. Also

问题 I have an custom role provider that gets the roles a user belongs to from a database. I also have a custom authentication module registered in my web.config's httpModules which sniffs incoming HTTP requests and (if it's an OAuth signed request) sets the HttpContext.Current.User property to impersonate the user, and the IPrincipal that it sets includes all the user's roles, plus an extra one called "delegated". The trouble is, after I set my custom IPrincipal, apparently ASP.NET still calls my

问题 I've got a policy that I want to test in C# public class WorkflowCreatePolicy { public AuthorizationPolicy AuthorizationPolicy => new AuthorizationPolicyBuilder() .RequireClaim("scope", "WorkflowAdmin") .Build(); } Does anyone know of a way to test the AuthorizationPolicy to confirm that the scope "WorkflowAdmin" is successful and all others aren't? This is what I see when I inspect the object: I've managed to find this website: Authorization Handler Unit Tests but its talking about testing

问题 I am trying to find a way to display my flash errors on the active page without the redirect_to method. By the way, the standard flash[:alert] = exception.message didn't show me any error messages, so I changed it to flash[:error] . Thanks for any advice! rescue_from CanCan::AccessDenied do |exception| flash[:error] = exception.message redirect_to deadlines_path end 回答1: Try: rescue_from CanCan::AccessDenied do |exception| flash.now[:alert] = exception.message render 'something_else' return

问题 I used google maps api for selecting some points on map and find to shortest driving route. Everythings works in localhost, but when i publish and upload it server, it doesn't work... Why it's happen? There isn't any error. Map is coming on page but i can't see markers and directionResult doesn't load the result. Is it about authorization? I have valid account and api key etc. And i allowed referer of my domain. Edit: I check the script with crome JS debugger. There is no response here;

问题 Is it possible to use multiple authorization elements in a single web.config to allow additional users access to one file? E.g., I would like to allow User1 access to the whole application (including Page1.aspx), and User2 access to only Page1.aspx: <system.web> <authorization> <allow users="DOMAIN\User1" /> <deny users="*" /> </authorization> </system.web> <location path="~/Page1.aspx"> <system.web> <authorization> <allow users="DOMAIN\User2" /> <deny users="*" /> </authorization> </system

问题 Here's an issue: I need to implement both HTTP basic authorization and MS NTLM authorization. I use asynchronous NSURLConnection so I receive -(void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge callback. The full code of this method looks like that: -(void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge { NSString* authMethod = [[challenge

问题 How do I combine these two rules (1) Any user can access (read, write, etc.) to the resources http://www.example.com/info1 and http://www.example.com/info2 (2) Any reading action (read) to any resource can only be accessed by users which belong to the group admin and manager. in a single one? What I have done so far is this: <?xml version="1.0" encoding="UTF-8"?> <Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" PolicyId="1" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule

问题 I'm hosting a Static Website on AmazonS3 (http://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html). However, I wish to grant access to my page ONLY by authorizing and subsequently authenticating users. What services are available (Heroku, etc.,) that allows me to do that? I would like the option of having login using their social networking IDs (facebook, twitter, etc.,). Thanks for your direction on this. 回答1: The scenario you describe cannot be achieved purely via Amazon S3.