I am developing a custom windows login so that user either can user webcam (face recognition) or username and password. I am able to show a window with all required control at login screen but I don't understand how to authenticate with provided username name and password. Window uses GetSerialize() function for this purpose.
GetSerialization(
__out CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE* pcpgsr,
__out CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION* pcpcs,
__deref_out_opt PWSTR* ppwszOptionalStatusText,
__in CREDENTIAL_PROVIDER_STATUS_ICON* pcpsiOptionalStatusIcon
)
above is function signature. As you can see system uses CREDENTIAL_PROVIDER_GET_SERIALIZATION_RESPONSE* and CREDENTIAL_PROVIDER_CREDENTIAL_SERIALIZATION* pointer to get info about username and password. How I can call this for authentication. Or is there any alternative method for doing this at the time of login.
I wonder whether you have solved this by now?
You don't call GetSerialization(), that's called by Windows (e.g. by WinLogon to perform an interactive logon). You just have to fill the serialization response and the serialized credential. If you pass back a response saying that you have successfully collected a credential from the user then the serialized data is passed to the Local Security Authority for checking.
If you actually want to get the credentials into your own application you can do so using CredUIPromptForWindowsCredentials.
Related
I've just started using loopback4 and I would like to protect the /explorer from being public. The user would initially see a page where username and password must be entered. If successful, the user is redirected to /explorer where he can see all API methods (and execute them). If user is not authenticated, accessing the path /explorer would give a response of "Unauthorized". Is there a way to easily implement this?
There is issue talking about a GLOBAL default strategy is enabled for all routes including explorer in https://github.com/strongloop/loopback-next/issues/5758
The way is to specify a global metadata through the options:
this.configure(AuthenticationBindings.COMPONENT).to({
defaultMetadata: {
strategy: 'JWTStrategy'
}
})
this.component(AuthenticationComponent);
registerAuthenticationStrategy(this, JWTAuthenticationStrategy)
But in terms of enabling a single endpoint added by route.get(), it's not supported yet, see code of how explorer is registered. #loopback/authentication retrieves auth strategy name from a controller class or its members, but if the route is not defined in the controller, it can only fall back to the default options, see implementation
Hello there i am learning node.js and got stuck in a scenario.The flow is that in website user register himself and after successfully registering i will be sending him to route named create_profile which in is post request and also i want to send userId to create_profile route.In case if user close the website then if he agains open it and login then if profile is incomplete then i will be taking his userId and send to create_profile route.And after that to home page.What i was thinking to store session for user authentication in create profile page and login.This is because if login there can be tow cases : If user has successfully completed his profile then take him to home and store a global session there and second case it to take him to create profile as its incomplete then after successfully creating take him to home store global session for user authentication.But my confusion is to how to pass userId from login to create profile which is post request.Do i need to make temp session ? Please solve my issue i am confused how to solve this .
You can create a "profile_completed" coloumn in DB and set it as "false" (default), update it to "true" if user has completed the profile. While user login check if his profile is updated ,if yes send him to home else ask him to update.
You can pass user I'd to create_profile via request or get it from session storage you saved earlier
I am trying to create a local workspace so I can map it to VisualStudio online account. Here is the command I am trying to run.
tf workspace -new -login:"Windows Live ID"\user,pass -collection:https://shaggyinjun.visualstudio.com/DefaultCollection
For some reason I am seeing an error. The command does have a domain/user,pass. What is this new username and password it is asking me for ?
Federated authentication to this server requires a username and password.
Apparantly this is issue is caused even when using java clients. Here is what Visual Studio Online has to say for it's questionable behavior.
Alternate authentication credentials
Some applications that work outside the browser (including Team Explorer Everywhere
command line client and the git-tf utility) require basic authentication credentials.
Other applications do not properly handle using an e-mail address for the user name
during authentication.
To work with these applications, you need to enable alternate credentials, set a
password, and optionally set a secondary user name not in the form of an e-mail address. > Please note that alternate credentials cannot be used to sign in to the service from a web
browser or outside of these applications.
Here is another question that I posted and was shot down. Just documenting here for future reference
I am able to login using my Visual Studio online credentials via the CLC, but When I try to do the same with a java program, I get an Authentication exception. Is there anything special that needs to be done for Java and / or Visual Studio Online ?
Java Code
public static final String NATIVE_LIBS_SYSTEM_PROPERTY = "com.microsoft.tfs.jni.native.base-directory";
public void connect() {
System.setProperty(NATIVE_LIBS_SYSTEM_PROPERTY, TFS_NATIVE_LIBS_HOME);
Credentials credentials = new UsernamePasswordCredentials("Windows Live ID\\user", "password");
TFSConnection connection = null;
try {
connection = new TFSConfigurationServer(new URI("https://shaggyinjun.visualstudio.com/DefaultCollection"), credentials);
connection.authenticate();
} catch (URISyntaxException ex) {
Exceptions.printStackTrace(ex);
}
}
}
Exception
com.microsoft.tfs.core.ws.runtime.exceptions.UnauthorizedException: Authorization failure connecting to 'https://shaggyinjun.visualstudio.com/DefaultCollection/TeamFoundation/Administration/v3.0/LocationService.asmx' (authenticating as Windows Live ID\user)
at com.microsoft.tfs.core.ws.runtime.client.SOAPService.executeSOAPRequestInternal(SOAPService.java:709)
at com.microsoft.tfs.core.ws.runtime.client.SOAPService.executeSOAPRequest(SOAPService.java:473)
at ms.ws._LocationWebServiceSoap12Service.connect(_LocationWebServiceSoap12Service.java:384)
at com.microsoft.tfs.core.clients.framework.location.internal.LocationWebServiceProxy.connect(LocationWebServiceProxy.java:70)
Caused: com.microsoft.tfs.core.exceptions.TFSUnauthorizedException: Access denied connecting to TFS server https://shaggyinjun.visualstudio.com/ (authenticating as Windows Live ID\venkatram.akkineni#gmail.com)
at com.microsoft.tfs.core.exceptions.mappers.TECoreExceptionMapper.map(TECoreExceptionMapper.java:75)
at com.microsoft.tfs.core.exceptions.mappers.LocationExceptionMapper.map(LocationExceptionMapper.java:32)
at com.microsoft.tfs.core.clients.framework.location.internal.LocationWebServiceProxy.connect(LocationWebServiceProxy.java:76)
at com.microsoft.tfs.core.clients.framework.location.LocationService.connect(LocationService.java:754)
at com.microsoft.tfs.core.clients.framework.location.LocationService.authenticate(LocationService.java:928)
at com.microsoft.tfs.core.TFSConnection.authenticate(TFSConnection.java:748)
at org.netbeans.modules.libswrapper.Installer.restored(Installer.java:54)
at org.netbeans.core.startup.NbInstaller.loadCode(NbInstaller.java:471)
[catch] at org.netbeans.core.startup.NbInstaller.loadImpl(NbInstaller.java:394)
at org.netbeans.core.startup.NbInstaller.access$000(NbInstaller.java:105)
at org.netbeans.core.startup.NbInstaller$1.run(NbInstaller.java:346)
at org.openide.filesystems.FileUtil$2.run(FileUtil.java:447)
at org.openide.filesystems.EventControl.runAtomicAction(EventControl.java:127)
at org.openide.filesystems.FileSystem.runAtomicAction(FileSystem.java:609)
at org.openide.filesystems.FileUtil.runAtomicAction(FileUtil.java:431)
at org.openide.filesystems.FileUtil.runAtomicAction(FileUtil.java:451)
at org.netbeans.core.startup.NbInstaller.load(NbInstaller.java:343)
at org.netbeans.ModuleManager.enable(ModuleManager.java:1194)
at org.netbeans.ModuleManager.enable(ModuleManager.java:1017)
at org.netbeans.core.startup.ModuleList.installNew(ModuleList.java:340)
at org.netbeans.core.startup.ModuleList.access$2400(ModuleList.java:118)
at org.netbeans.core.startup.ModuleList$Listener.stepEnable(ModuleList.java:1409)
at org.netbeans.core.startup.ModuleList$Listener.access$1400(ModuleList.java:1007)
at org.netbeans.core.startup.ModuleList$Listener$1.run(ModuleList.java:1231)
at org.openide.filesystems.EventControl.runAtomicAction(EventControl.java:127)
at org.openide.filesystems.FileSystem.runAtomicAction(FileSystem.java:609)
at org.netbeans.core.startup.ModuleList$Listener.run(ModuleList.java:1207)
at org.openide.util.RequestProcessor$Task.run(RequestProcessor.java:1423)
at org.openide.util.RequestProcessor$Processor.run(RequestProcessor.java:2033)
If you're connecting to visualstudio.com from the cross-platform command line client, you need to set up and use "alternate credentials".
You cannot use a Microsoft Account (Live ID) because - crazy as it sounds - that only works by supplying passwords to that web page and we cannot rely on a web browsers existence on many platforms.
I am using the Spring Security Core plugin and can successfully log users in and out of my application. However, when the user successfully signs up, I don't understand how to set that user's security context on the signup postback so that they can be redirected to a secure page without having to log in again. Any help is welcome. Thanks.
The other link you reference is 2 years old. Since then I've added a reauthenticate method to SpringSecurityService. See section "6.2 SpringSecurityService" in the docs:
http://grails-plugins.github.com/grails-spring-security-core/docs/
I eventually came upon this link, which does the trick: https://stackoverflow.com/a/7112838/469106
Here are the contents of that link:
If you don't have the password, you can load the user via
def user = User.findByUsername(username)
and setting the authority array in the 3-parameter constructor. Create the auths via
GrantedAuthority[] auths = user.authorities.collect { new GrantedAuthorityImpl(it.authority) }
Then you can omit the call to authenticate() and use:
SecurityContextHolder.context.authentication = new UsernamePasswordAuthenticationToken(username, 'unknown', auths)
I'm writing a Java web-app that I created a Flickr-app for.
If a Flickr-user registers my app he/she is automatically sent to the URL I entered in Flickr's authentication flow of the app. Along with that I receive a parameter frob. I can use that one to get the Flickr's user-id of that particular user:
flickrId = flickrj.getAuthInterface().getToken(frob).getUser().getId();
So that works fine.
However, if he/she uses the screen "Apps You're Using" and clicks on my app I don't get any information about the user as far as I can tell. Nonetheless, if I use flickrj like
frob = flickrj.getAuthInterface().getFrob();
I get a frob like 7x1x7x2x2x8x1x1x0-48x9f1xfdbx8ex9d-x00x5x9(note that I x-ed some numbers), whatever that frob is supposed to be. If I then use that frob on
flickrId = flickrj.getAuthInterface().getToken(frob).getUser().getId();
I run into a
com.aetrion.flickr.FlickrException: 108: Invalid frob
at com.aetrion.flickr.auth.AuthInterface.getToken(AuthInterface.java:182)
:
What do I need to do to get information about Flickr's currently logged in user? I had hoped to find something like a place-holder I can use in that URL or Flickr automatically sends some parameter, but I couldn't find information about this.
After some more trial and error I simply use the permission URL that flickrj creates.
String frob = flickrj.getAuthInterface().getFrob();
return "redirect:" + flickrj.getAuthInterface().buildAuthenticationUrl(Permission.READ, frob);
This calls the URL I entered in Flickr's authentication flow of the app. The only problem is to distinguish from such a request to when the user came in from Flickr's authorization form.
But that's another story...