authorization

Is there a super UNIX like "root" user for MongoDB? I've been looking at http://docs.mongodb.org/manual/reference/user-privileges/ and have tried many combinations, but they all seem to lack in an area or another. Surely there is a role that is above all the ones listed there. WiredPrairie While out of the box, MongoDb has no authentication, you can create the equivalent of a root/superuser by using the "any" roles to a specific user to the admin database. Something like this: use admin db.addUser( { user: "<username>", pwd: "<password>", roles: [ "userAdminAnyDatabase", "dbAdminAnyDatabase",

I need to know how to go about implementing general security for a C# application. What options do I have in this regard? I would prefer to use an existing framework if it meets my needs - I don't want to re-invent the wheel. My requirements are as follows: the usual username/password authentication managing of users - assign permissions to users managing of roles - assign users to roles, assign permissions to roles authorization of users based on their username and role I am looking for a free / open-source framework/library that has been time-tesed and used by the .Net community. My

There are a lot of questions relating to license keys asked on Stack Overflow. But they don't answer this question. Can anyone provide a simple license key algorithm that is technology independent and doesn't required a diploma in mathematics to understand? The license key algorithm is similar to public key encryption. I just need something simple that can be implemented in any platform .NET/Java and uses simple data like characters. Answers written as Pseudo code are perfect. So if a person presents a string, a complementary string can be generated that is the authorisation code. Below is a

I'm having some troubles understanding how OAUTH-v2 works. The OAuth version 2 spec reads: Accessing Protected Resources The client accesses protected resources by presenting the access token to the resource server. The resource server MUST validate the access token and ensure it has not expired and that its scope covers the requested resource. The methods used by the resource server to validate the access token (as well as any error responses) are beyond the scope of this specification , but generally involve an interaction or coordination between the resource server and the authorization

I am building a multiple page admin interface for an internal enterprise software platform. Think lots of glue logic tying together various APIs, db queries, and shell scripts. We will be using node.js, the express framework (including jade templates), and LDAP for authentication. I am struggling to find information regarding design patterns and best practices for authorization in node applications. Preferably, I would like to use the role-based model since my users are familiar with that approach and its care and feeding. I am new to node.js so please don't assume I've already seen a module

I need to consume a web resource from a VB.NET app. I have successfully retrieved the access token and am ready to use it to make calls to the protected resource. However, everytime I call the protected resource I receive a 401 Unauthorized response because the Authorization field has not been added to the header. Here is my code. WebRequest = DirectCast(Net.WebRequest.Create(ApiUri), HttpWebRequest) WebRequest.Method = "POST" WebRequest.ContentType = "application/json" WebRequest.ContentLength = Bytes.Length Dim RequestStream As IO.Stream = WebRequest.GetRequestStream RequestStream.Write