I tried using htpasswd but Safari on iOS does not allow for remembering of username and password.
Is there a script somewhere that may be of use? Or do I need to set up a mysql database.
the username:password#mysite.com solution is not ideal unfortunately.
Related
I have this task that need to show the suggested username & password on my app.
something like this that I found [credits to this site]
https://brainsandbeards.com/blog/quick-change-that-helps-ios-users-sign-in-quicker
or something like this
Other way to autofill
But every time I press the 'password' on the top of the keyboard it always goes directly to the list of keychains and not giving the option like the above image showing a suggested account or choose other passwords.
I even followed this documentation:
https://developer.apple.com/documentation/bundleresources/entitlements/com_apple_developer_associated-domains
even use an 'alternate-mode' on the associated domain.
I suspect that the webserver we're using is not managed shared credentials enabled server?
Is there a possibility to do this without associated-domain capability?
Thanks in advance!
I'm looking for solutions, or workarounds, for detecting users accessing my website from within a company network without the need of a user/password login. These users have some unrestricted access to my site.
Came to my mind to check the user's IP against a known IP range or subnetwork, but this does not seems to be the most reliable or secure solution.
We when say safely detect the users ,it means we are authenticating the users in way and then without the need of user/password login makes it tricky.But we can acheive this
All you have to do is enable windows authentication for your website
in IIS.
If we configure windows authentication correctly,you will get following
if the website is browsed using IE, mostly the login will be transparent as there will not be any authentication prompt
For firefox/crhome,if i remember correctly,there is a flag to enable to make automatic kerberos login in firefox and chrome should automatically login .
Normally the windows login prompt works perfectly fine with IE (some settings are needed but those settings can be controlled using domian policies). In case you still get auth prompts ,you just want some kind of authentication,you can have NTLM enabled and no kerberos in IIS settings
If you still get authentication prompt,try enabling just NTLM and check
IIS ->Website->Authentication->Windows Authentication->Providers remove negotiate
For some reason user cannot be authenticated(user comes from different domain or forest),then an authentication prompt is shown.
In iOS 11 they have introduced password autofill which fills the username and password in iOS app like the same way it does in Safari, User goes to website first, logged in save the username and password in keychain and then open app were the fields are automatically populated, the username and password
can it be implemented in other ways, like I logged in the app first and then while going on the website through Safari it automatically fills the username and password?
Is there any documentation or articles regarding it?
Editing My Answer:
Looks like it is possible to do so. The same kind of association we can see in SharedWebCredentials which is released in iOS8. Using SharedWebCredentials doing in both ways is possible. From app to website and website to app. Assuming Password autofill in iOS11 has done on top of this.
Here is how the association will happen.
We have entitlement certificate for an app where we will provide domain to be linked with. Then we have a website where we will hold information in JSON format related to that website. In that JSON, you have to put your bundle identifier. So when the user saves this passwords and logs in through app. Then the app entitlement file will provide the web address to safari. Safari will bring that JSON file and validate the bundle identifier is same or not. If validation success it will populate username and password.
For more info: Password Autofill in iOS 11
I asked about this at the developer labs at WWDC and was informed that it's possible. The key is that the new password autofill is based on the existing Shared Web Credentials API, which works both ways. If you use that API to save credentials from your app, they'll be available in Mobile Safari. Shared Web Credentials was the topic of a 2014 WWDC session.
I haven't tried it yet, but based on the source I'm pretty confident that it should work.
I'm developing an internal app that will leverage our corporate Google Drive accounts and will be used on shared devices (iPads shared among teachers and students at school sites).
Is there a way to force GIDSignIn to require a password with each sign-in attempt? Right now, even after calling GIDSIgnIn.sharedInstance().signOut() (or GIDSignIn.sharedInstacne().disconnect()) the user doesn't need to enter their password the next time they access the app. That means, when the device is taken by the next user, they could very easily access the other user's account.
Am I missing something? Do I need to somehow clear the cookies store in the UIWebView that the GIDSignIn process uses?
Where available, the GIDSignIn login process uses a SFSafariViewController, not a UIWebView. It leverages the cookies (as well as passwords) stored in Safari, for a quicker login.
I don't think you would be able to clear such cookies. You should be able to force a Google log out, though, by opening https://www.google.com/accounts/Logout in an SFSafariViewController, though the interaction with the rest of your app may be a bit weird. See Logout link with return URL (OAuth) for a way to provide a return URL which you may try to use to control the process (you'll need to use an URL scheme to return, though).
Note that iOS may prompt to save login information, and then provide said login information to subsequent users. You'll need to disable that in Settings -> Safari -> AutoFill
There may be other ways of achieving it via configuration of the device, but iOS is not really designed for multiple users at the moment.
I have written GreaseMonkey script to automate captive portal login.
document.getElementById("username").value="myUserName";
document.getElementById("passwd").value=B64.encode("myPassword");
document.form.submit();
Browser's inbuilt password manager can log me into web-based captive portal only if I'm on actual captive login URL. (say http://192.168.1.1/login.html). But what if login-page appears while I am on stackoverflow.com. In this case, I need to enter my password, then I get redirected to same page which I was on, and foolish browser offers me to save password for stackoverflow.com
Is there any way to programmatically retrieve passwords from browser password manager. I found LastPass can retrieve my stored passwords in this way.
What I wanted to achieve?
Auto-Login (without need of hitting login button)
Using Browser's inbuilt password manager.( I can set master password, I can use Sync)
Make browser able to detect captive login page. (Using #include *, in greasemonkey script)
Dont want to save password in plain-text.