security

问题 maybe the following will sound somehow wierd and I have some false assumptions so I hope you can condone over this. Just some brief introduction what we want to achieve: Right now we are developing an app that needs a backend storing user specific data (eg images, comments, etc). As we want to get rid off all the user authentication and we want to use facebook functions, too, we will let Facebook do all the authentication stuff and just create a user based on the id/email we will receive

问题 I have a JMX server started by JVM process that can be optionally secured (for now its not, so I'm ready to consider any extensible way for it). For example as an option I looked at official tutorial and its ok for now to use user/password authentication. The MBeans are deployed via spring (annotations approach is used). Now I would like to get from within my MBean the user name for some additional actions. Is it possible to do in JMX technology at all? If Yes how? :) Example: public class

问题 I am following the link http://middlewaremagic.com/weblogic/?p=2034 to perform form based authentication. I have created a security realm then successfully delegate the authentication check to weblogic 10.3. Everything is fine, but I could not get username, HttpServletRequest->getRemoteUser() returns null. Do you have an idea how to get username after login? I am going to use username in every Managed bean to log user operations. EDIT: I have found my mistake that I invalidated the session

问题 I am following the link http://middlewaremagic.com/weblogic/?p=2034 to perform form based authentication. I have created a security realm then successfully delegate the authentication check to weblogic 10.3. Everything is fine, but I could not get username, HttpServletRequest->getRemoteUser() returns null. Do you have an idea how to get username after login? I am going to use username in every Managed bean to log user operations. EDIT: I have found my mistake that I invalidated the session

问题 I'm using the NameAndPassword authorization plugin to login through the OS X lock screen (the fixed version of the plugin since original is broken). I need it to be able to access stored passwords somehow, and currently I'm trying to achieve this by using keychains. I managed to create the keychain and save some password inside, along with the ACL needed to access the password without prompting the user. Any application added to the ACL works fine with no prompts, but when I try to access the

问题 I'm using the NameAndPassword authorization plugin to login through the OS X lock screen (the fixed version of the plugin since original is broken). I need it to be able to access stored passwords somehow, and currently I'm trying to achieve this by using keychains. I managed to create the keychain and save some password inside, along with the ACL needed to access the password without prompting the user. Any application added to the ACL works fine with no prompts, but when I try to access the

问题 When implementing an AccessDeniedHandlerInterface to catch any AccessDeniedExceptions is it possible to access the role of the user in order to determine an appropriate RedirectResponse route? I want to direct people who aren't logged in to one place, and people that are logged in but don't have the permissions to another place, instead of just getting a 403 page. 回答1: One solution to the problem is to pass the SecurityContext object as an argument to the AccessDeniedHandlerInterface in the

问题 My app needs to do some privileged operations at runtime. For example,when the user is first time to run my app, i have to create and format a virtual dirve. I use the undocumented api formatex to do the fomating job, but formatex need administrator privileges. If OS is vista or later, i can prompt UAC dialog with 'COM Elevation Moniker' and it works fine. But on xp, this technique is not suitable, so i use the impersonate method. if app is run as limited user, i do formating like this:

问题 My app needs to do some privileged operations at runtime. For example,when the user is first time to run my app, i have to create and format a virtual dirve. I use the undocumented api formatex to do the fomating job, but formatex need administrator privileges. If OS is vista or later, i can prompt UAC dialog with 'COM Elevation Moniker' and it works fine. But on xp, this technique is not suitable, so i use the impersonate method. if app is run as limited user, i do formating like this:

问题 Closed. This question is off-topic. It is not currently accepting answers. Want to improve this question? Update the question so it's on-topic for Stack Overflow. Closed 8 years ago . I have a web application using a database in SQL Server 2008. I am the developer of this project and this project has been hosted elsewhere. I've delivered the project to the administrator. Now the administrator is able to connect to SQL Server but I don't want the administrator to be able to see the database