authorization - w3toppers.com

Java: how to use UrlConnection to post request with authorization?

A fine example found here. Powerlord got it right, below, for POST you need HttpURLConnection, instead. Below is the code to do that, URL url = new URL(urlString); URLConnection conn = url.openConnection(); conn.setDoOutput(true); conn.setRequestProperty (“Authorization”, encodedCredentials); OutputStreamWriter writer = new OutputStreamWriter(conn.getOutputStream()); writer.write(data); writer.flush(); String line; BufferedReader reader = new BufferedReader(new InputStreamReader(conn.getInputStream())); while ((line = reader.readLine()) … Read more

Authorization header missing in django rest_framework, is apache to blame?

If you are using Apache and mod_wsgi, then I found the easy solution to this in the official Django REST framework website Apache mod_wsgi specific configuration Note that if deploying to Apache using mod_wsgi, the authorization header is not passed through to a WSGI application by default, as it is assumed that authentication will be … Read more

ASP.NET MVC Forms Authentication + Authorize Attribute + Simple Roles

I think I’ve implemented something similar. My solution, based on NerdDinner tutorial, is following. When you sign the user in, add code like this: var authTicket = new FormsAuthenticationTicket( 1, // version userName, // user name DateTime.Now, // created DateTime.Now.AddMinutes(20), // expires rememberMe, // persistent? “Moderator;Admin” // can be used to store roles ); string … Read more

How to dynamically decide access attribute value in Spring Security?

The FilterInvocationSecurityMetadataSourceParser class in Spring-security (try Ctrl/Cmd+Shift+T in STS with the source code) parses the intercept-url tags and creates instances of ExpressionBasedFilterInvocationSecurityMetadataSource, that extends DefaultFilterInvocationSecurityMetadataSource that implements FilterInvocationSecurityMetadataSource that extends SecurityMetadataSource. What I did is to create a custom class that implements FilterInvocationSecurityMetadataSource, OptionsFromDataBaseFilterInvocationSecurityMetadataSource. I used DefaultFilterInvocationSecurityMetadataSource as base to use urlMatcher, to implement the … Read more

Restrict access to a specific controller by IP address in ASP.NET MVC Beta

I know this is an old question, but I needed to have this functionality today so I implemented it and thought about posting it here. Using the IPList class from here (http://www.codeproject.com/KB/IP/ipnumbers.aspx) The filter attribute FilterIPAttribute.cs: using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.Http; using System.Security.Principal; using System.Configuration; namespace Miscellaneous.Attributes.Controller { /// <summary> … Read more

Redirecting unauthorized controller in ASP.NET MVC

Create a custom authorization attribute based on AuthorizeAttribute and override OnAuthorization to perform the check how you want it done. Normally, AuthorizeAttribute will set the filter result to HttpUnauthorizedResult if the authorization check fails. You could have it set it to a ViewResult (of your Error view) instead. EDIT: I have a couple of blog … Read more

How to use JWT in MVC application for authentication and authorization?

In order for MVC to understand anything about your JWT you basically have to tell it 🙂 . First, install the Jwt package from nuget: Install-Package Microsoft.Owin.Security.Jwt Then open up your Startup.cs file and add a new funtion that will tell MVC how to consume JWT. At basics your Startup will look something like: using … Read more

How do I set up access control in SVN?

In your svn\repos\YourRepo\conf folder you will find two files, authz and passwd. These are the two you need to adjust. In the passwd file you need to add some usernames and passwords. I assume you have already done this since you have people using it: [users] User1=password1 User2=password2 Then you want to assign permissions accordingly … Read more

“Sign in with Google temporarily disabled for this app” error when trying to authorize a script

Update 1: As reported by Rubén, Google says it won’t fix this – #163 Some workarounds are provided in #76, #145 and #150 – showing solutions like changing GCP and providing a oauth consent screen. Update: Switching Google cloud project from default to a standard project have resolved the issue for some users. This is … Read more

How to use basic authorization in PHP curl

Try the following code : $username=”ABC”; $password=’XYZ’; $URL='<URL>’; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL,$URL); curl_setopt($ch, CURLOPT_TIMEOUT, 30); //timeout after 30 seconds curl_setopt($ch, CURLOPT_RETURNTRANSFER,1); curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY); curl_setopt($ch, CURLOPT_USERPWD, “$username:$password”); $result=curl_exec ($ch); $status_code = curl_getinfo($ch, CURLINFO_HTTP_CODE); //get status code curl_close ($ch);