authorization | 易学教程

ClaimsAuthorizationManager pull policies from database

阅读更多关于 ClaimsAuthorizationManager pull policies from database

问题 I'm new to the Claims Security approach for authorizing users access to resources. I've been doing a lot of research and the majority of sites I've read have the policies for ClaimsAuthorizationManager entered in Web.config file. What are some ways to accomplish this? Can you point me to some links where policies are served from a database? Thanks. 回答1: I also ran into the same problem. Hopefully these links will help you. What I did was implemented my own ClaimsAuthorizationManager to get

Authorization/Authentication with Google account in GWT

阅读更多关于 Authorization/Authentication with Google account in GWT

I'm trying to enable my GWT application authenticate users with their Google accounts. What I basically need is just to have an unique value for every user and be sure that these values will always describe correct users. The main requirement is, the number of lines of code I have to write is as small as possible :-) I'm trying to use gwt-oauth2 library, but it looks like the whole idea of OAuth is to provide a token that allows access to different private resources like mail, contacts, etc., but it doesn't define the user itself. Question #1 - is that right that token Google gives me only

How to handle sensitive properties in a RESTful API (such as passwords, credit cards, etc)

阅读更多关于 How to handle sensitive properties in a RESTful API (such as passwords, credit cards, etc)

问题 Working on a REST framework that will support multiple hypermedia types and authentication. One thing I'm not really sure how to handle are sensitive values in the resources. For instance, if I were to include user management in the API, I would need a way to expose to the client that there was a field for the password, but not show the actual password hash. Same thing with a credit card. If I don't, it would violate the hypermedia constraint as knowledge of the fields would become out of

Does SVN allows blanks in paths for svn auth file rules?

阅读更多关于 Does SVN allows blanks in paths for svn auth file rules?

问题 We currently have problems with directories that contain blanks and are part of rules in the svn auth file. So we want to have path based authorization, and have a file that contains the following: [/] * = rw [/junk of me] * = me = rw When I clear the authentication data and checkout the root of my repository as me , I see the root directory and the sub-directory junk of me . When I add a file inside of junk of me , and try it to commit as another user, I am allowed to do that. It looks like

Login Membership .NET

阅读更多关于 Login Membership .NET

Hi I was wondering what is the best way to force the user to login when arriving at a website, in .net. I have set up the Membership features and I was wondering what is the best way to ensure that no matter what address the user arrives at, they must first get authenticated before proceding to the page they requested. Any resources will be great, thanks. Alter Web.config in application root to read: <authentication mode="forms"> <forms loginUrl="Login.aspx" defaultUrl="/" /> </authentication> <authorization> <deny users="?" /> <allow users="*" /> </authorization> Side note : Obviously, ASP

Inheritance of Authorized Roles in controller classes

阅读更多关于 Inheritance of Authorized Roles in controller classes

I've created controller classes to assist with Role authorization. I have a base class ControllersAuthorities , which is the highest level of authority. I have created the other classes to extend each base class. [Authorize(Roles = "Owner")] public abstract class ControllerAuthorities:Controller { } [Authorize(Roles = "Admin")] public abstract class AdminController:ControllerAuthorities { } [Authorize(Roles = "Employee")] public abstract class EmployeeController:AdminController { } [Authorize(Roles = "Sales")] public abstract class SalesController:EmployeeController { } First question, will

GCP Authentication: RefreshError

阅读更多关于 GCP Authentication: RefreshError

问题 In order to round-trip test mail sending code in our GCP backend I am sending an email to a GMail inbox and attempting to verify its arrival. The current mechanism for authentication to the GMail API is fairly standard, pasted from the GMail API documentation and embedded in a function: def authenticate(): """Authenticates to the Gmail API using data in credentials.json, returning the service instance for use in queries etc.""" store = file.Storage('token.json') creds = store.get() if not

Fine-grained access control

阅读更多关于 Fine-grained access control

问题 I'm familiar with a whole bunch of ways to authenticate users for the web-based administration application we're developing, and even various techniques to keep tabs on authorisation... However, my question to you is, how would you recommend I implement a fine-grained access control mechanism that offers the following: Users belong to 'roles' or 'groups' such as 'salesperson', 'planning', etc. The admin menu system shows only 'pages' which have functions relevant to the users role(s) Specfic

Application authorization in a trusted third party WIF environment

阅读更多关于 Application authorization in a trusted third party WIF environment

All, I'm a little confused over some of the concepts behind Windows Intentity Foundation and the overall architectural fit in a third-party "trusted" environment as regards Authorisation. I think I may have missed something but I can't see how it would work in the real world. As an example, we have a number of systems behind a portal. Customers can access the portal and, based on their permissions they can access features of each different application. In the current scenario, we may have a single authentication step (user id/password) that passes the authorised identity/principal (against a

How to allow authorization to an rss feed using ASP.NET MVC?

阅读更多关于 How to allow authorization to an rss feed using ASP.NET MVC?

问题 Our shop is in the process of converting our internal project management application from ASP.NET Web Forms to ASP.NET MVC. I would like to provide an RSS feed for our customers of their current open issues ... but I would like to do so with some type of authorization, e.g. login and a password. Is this possible using ASP.NET MVC or should this be done through some other service like WCF? Sample code would be much appreciated . 回答1: I'm not sure of the best way, but can think of a few, none