authorization

I am working on an API in a system that has very complex access control rules. Often times there are complex SQL queries required to determine if a user has read or write access to a particular resource. This causes a lot of complexity and redundancy in our client applications as they have to know all these rules in order to determine whether to present the user with CRUD options for each object. My goal is to reduce much of the complexity on the client side and house all the complex logic in the API. This way new client applications written against our API can avoid re-implementing the

I have a script that checks a SharePoint list for a specific file revision and returns the result. This works well, but currently my authorisation method requires me to include my own password in the code to gain access to the SharePoint list, which isn't ideal given that passwords have to be updated frequently and other users can potentially view my login details. Can someone point me in the right direction for using the current users credentials to access the SharePoint site? I've been going round in circles looking at ActiveDirectory, NTLM, SOAP etc and cannot decipher which of these is the

I have an Apache server setup as a reverse proxy in front of a some backend servers. One of the backend servers requires basic authentication but somehow Apache seems to remove the Authorization header from the request. Do I have to configure something special in order to make Apache pass on the Authorization header to the backend server? My Apache configuration is pretty basic. I only added some proxy directives like: ProxyRequests Off ProxyPass /backend-server https://backend.server SSLProxyEngine on You will have to set the proxy-chain-auth environment variable: If the proxy requires

I am new in ASP.NET Membership. And I want to implement ASP.NET Membership in ASP.NET MVC project. I am not sure is it possible or not. Whenever we going to create MVC application at that time we found option for change authentication(no authentication, identity authentication, organization etc.). I've select identity authentication and get those tables in my application. look attached. But I don't want ASP.NET Identity table and functionality. I want ASP.NET Membership table and functionality(user CRUD operations, assign role, change user password etc) look attached . I have found the way for

for a few users (maybe not that few, considering the number of related mails I'm receiving) the access token associated with an OAUTH authorization seems to be immediately invalidated. The user is guided through the usual authorization process, he accepts the permissions, he is redirected to the right page which includes the access token, but as soon as my application tries to use the access token to get the user ID, an error is received instead: {"error":{"message":"Error validating access token: Session has expired at unix time 0. The current unix time is 1323939801.","type":"OAuthException"