I've been hungry for a long time to connect to the mysql database so that the user can not see the password. I do not know how to do it. I've been reading articles, here, but nowhere.
How does this, for example, make a discord? Which is connected to the mysql database, and yet the user can not see the password?
You should not connect directly to a database from the client application that the user runs. Instead you should create an API that requires authentication that the clients application can call.
Related
I'm trying to understand the functionalities of Keycloak and trying to find a way to monitor request flows (like in Wireshark) in a local environment (localhost). What tool could I use for this purpose in a Windows environment? I've got an Angular app that is integrated with Keycloak, and it works. When I request localhost:4200, the browser takes me to Keycloak login screen.
To view logs, I changed the log level in the Keycloak server at ..\keycloak-4.8.3.Final\standalone\configuration from INFO to ALL. It did expand the log entries that showed in the console but it didn't show any logs when my angular application redirects to Keycloak and when I enter user credentials in Keycloak login screen.
I would like to see the request flow from browser to Keycloak and all the auth requests and so on. Is there a tool that I could use for this purpose?
Configure the events part of the server the way you prefer. They are stored in the DB.
Keycloak provides a rich set of auditing capabilities. Every single
login action can be recorded and stored in the database and reviewed
in the Admin Console. All admin actions can also be recorded and
reviewed. There is also a Listener SPI with which plugins can listen
for these events and perform some action. Built-in listeners include a
simple log file and the ability to send an email if an event occurs.
Still I don't know if this covers the specific case of your application redirecting to the KC login screen. If not, you might need to log this in your application, but it might be a little bit tricky if you use the Angular adapter, as it gets executed in client side (you would need to do POST to some server that you own to get it logged, or directly switch to any server side based KC adapter).
another way to get the event is from the
Keycloak keycloak = KeycloakBuilder.builder()
.serverUrl("localhost")
.realm("myRealm")
.grantType(OAuth2Constants.PASSWORD)
.clientId("myclient")
.clientSecret("xxxx-xxxxx-xxxx-xxx")
.username("foo")//the admin user
.password("password")
.build();
List<EventRepresentation> events = keycloak.realm("myRealm").getEvents();
then you choose the type of event you want to target
I have a rails application running on nginx + unicorn and I want that users can login in with their Active Directory crendentials. I've already implemented connecting to AD server and authenticating users, but they need to enter passwords.
Is it possible to somehow get this information on this setup? I've found some topics about this problems, but they don't quite explain how to solve this problem and most of the answers are for IIS sever.
I know that it propably can work only in Internet Explorer.
Signing in automatically is handled by the web server, not your application. Since you are using nginx, there are a couple of third party modules you can use, such as spnego-http-auth-nginx-module or nginx-mod-auth-kerb. IIS has support built-in, of course.
Once you've set up the web server, your application can retrieve the user's username from the REMOTE_USER environment variable. Internet Explorer will automatically log in; Firefox and Chrome will do so if they have been configured for the domain by the system administrator, but this is off by default.
I have a website that users can log into to see their account info.
I would like to build functionality into my iOS app that allows them to log in and see their info in the app. The usernames and passwords are stored in a SQL database.
How can I authenticate the username and password the user types into the app with the database?
If you have better atuthentication system in your web..
then i would prefer you to use the WEBVIEW for your login page. and continues the other using the normal app flow.
there are lot of tutorials for creating username and password login Function in IOS. i dont know whther you are basic or new progrmmer. But try this you may get some idea.
http://www.youtube.com/watch?v=HrZR2SyeoSk.
You can go with JSON serialisation, if you experienced to load data from server.
There are multiple ways you can go about this but at the end of the day you need an endpoint for your iOS application to talk to your web server. This can be done with a TCP connection (little more complicated) or with a RESTful HTTP API endpoint which is generally the way most developers will go.
To get you running up and quickly on the client side have a look at AFNetworking to do the heavy lifting on your HTTP requests. You will then need a URL on your website that the iOS application can query. Abstract things to keep your API on a different subdomain, say for instance by creating a subdomain to handle your API requests. A login example could look like this
http://api.mysite.com/login
For a PHP based REST API here is a tutorial for you, PHP API or you could use a Node.js framework such as Restify
The general practise is to use JSON encoded data when sending requests back and forth from the server, iOS 7 has built in JSON encoding/decoding, node and PHP also have pretty good support.
Once you are able to send and receive HTTP request from your iOS device to your web server it is just a matter of checking the username and password match up on the server side (seems you already know how to do this?) to the ones in your database and sending back a authentication BOOL and option error message if failed.
I would try my best to explain.
I have configured team foundation server on my server machine, and on client i can check in my projects on server and on other clients i can get final version. It is working correctly.
Now i have two questions.
1- From client pc, when i connect to team foundation, it asks for username and password, and on team foundation server the password configured there is the same password of server windows admin credentials. I try to create any other user on it but i think so i must have to create a server admin account for this. But i dont wana give my server credentials to clients. It seems to me quite dangerous. See the image.
2- If i do some changes and i do check in, it works good. And changes are loaded there. On other client, if i do check out, it did not get the latest different changes, it does nothing. But when i do get latest version then it works fine but bring all latest changes and merge. Why check out does not get only "different" statement changes among them?
I am newbie TFS, so kindly forgive me if i am asking something fool.
I have found the way to resolve this.
Just create a new account on your active directory.
And use it for login. Provide that account here
Now i can provide this username and password which i created as a user account on active directory.
I'm trying to write a web application that would use Twitter via OAuth.
I run my local server as 'localhost', so I need the callback URL to be something like http://localhost/something/twitter.do but Twitter doesn't like that: Not a valid URL format
I'm probably going to do a lot of tests, but once I've approved my app with my username, I can't test again can I? Am I supposed to create multiple twitter accounts? Or can you remove an app and do it again?
You can use 127.0.0.1 instead of localhost.
You can authorize your app as many times as you like from the same twitter account without the necessity to revoke it. However, the authenticate action will only prompt for Allow/Deny once and all subsequent authenticate requests will just pass through until you revoke the privilege.
Twitter's "rate limiting" for API GET calls is based on IP address of the caller. So, you can test your app from your server, using the same IP address, and get (once approved) 15,000 API calls per hour. That means you can pound on your app with many different usernames, as long as your approved IP address remains the same.
When you send the e-mail to Twitter to ask for an increase to your rate limit, you can also ask for the increase to apply to your Twitter username too.
I believe Twitter requires you - if you need to change your IP address, or change the username that is using the app - to send in another request asking for the rate limit increase for that new IP address or username. But, in my experience, Twitter has been pretty quick at turning around these requests (maybe less than 48 hours?).
use like this
for Website :http://127.0.0.1
and for callback URL: http://127.0.0.1/home
or any of your page address like http://127.0.0.1/index
Have you tried creating your own caching mechanism? You can take the result of an initial query, cache it on thread local, and given an expiration time, refresh from Twitter. This would allow you to test your app against Twitter data without incurring call penalties.
There is also another solution (a workaround, rather) which requires you to edit your hosts file.
Here is how you do it on a linux box:
Open your /etc/hosts file as root. To do this, you can open a terminal and type something like sudo vi /etc/hosts.
Pick a non-existent domain to use as your local address, and add it to your hosts file. For example, you will need to add something similar to the following at the end.
127.0.0.1 localhost.cep # this domain name was accepted.
So, that's pretty much it. Pointing your browser to localhost.cep will now take you to your local server. Hope that helped :)
In answer to (1), see this thread, in particular episod's replies: https://dev.twitter.com/discussions/5749
It doesn't matter what callback URL you put in your app's management page on dev.twitter.com (as long as you don't use localhost). You provide the 'real' callback URL as part of your request for an OAuth token.
1.) Don't use localhost. That's not helpful. Why not stand up another server instance or get a testing vm slice from slicehost?
2.) You probably want a bunch of different user accounts and a couple different OAuth key/secret credentials for testing.
You were on the right track though: DO test revoking the app's credentials via your twitter account's connections setting. That should happen gracefully. You might want to store a status value alongside the access token information, so you can mark tokens as revoked.