Questions tagged [authentication]

Authentication is the process of determining whether someone or something is, in fact, who or what it is declared to be.

0
votes
0answers
4 views

How to configure Jenkins to use MFA/2FA

We would like users to use their username/password along with another form of Multifactor Authentication, such as Google Auth (or Authy), to log into Jenkins. We did not find any plugins that support ...
0
votes
0answers
8 views

Forcing a fingerprint authentication using MSAL or ADAL

So I have an Azure Active Directory app registration for my Xamarin mobile app that allows a user to authenticate with AAD and do things like show their profile information. All is well. What I am ...
0
votes
1answer
4 views

Angular 8 differential loading failing due to auth issues with dotnet core

I recently updated from Angular 7 to Angular 8 using ng update. After following the expected migration path with no issues I built and deployed. Everything worked great until I started checking other ...
0
votes
0answers
7 views

How to allow fingerprint unlocking to work directly on start screen?

Currently, the start screen ask the user for his PIN or to click a button to be able to unlock using his fingerprint. How to allow unlocking with the fingerprint doable directly, without having to ...
0
votes
0answers
6 views

What are the security risks having a proxy in front of an external website login page?

We are thinking providing a whitelisted proxy http to access an external login page on a different website. user => login.toto.eu => proxy http => login.tata.org What are the risks of having this ...
0
votes
1answer
15 views

Store secret key in Xamarin Forms

I try to understand how I can store secrets in a xamarin forms project. I have a web api core as a backend and a xamarin forms app as a frontend. I am trying to code facebook authentication with ...
0
votes
0answers
10 views

AWS Cognito username, email and password input and XSS threat?

i am building a Vue app using AWS cognito (using amplify auth). i have very little knowledge of XSS and would like to secure my site against it. specifically how to protect my cognito authentication ...
0
votes
0answers
7 views

Microsoft graph authentication doesn't work on mobile

I am building an application for a client in which im using Microsoft graph to manage data from their Azure AD. It works perfectly and as expected except for 1 minor detail. I can't log in using my ...
0
votes
1answer
16 views

How can I make a dynamic, no redirect login page?

I want to build a login page that is static. What I mean by that is after I press "log-in", If my entry detaild are wring' I want to see it immediately, without re-directions. e.g. Google's login ...
0
votes
0answers
8 views

Secureness of the Middleware Authentication with Laravel and Azure AD

I'm having a Laravel Web Application in which i enabled Middleware Authetication using these Instructions. I am using the Extended Installation, which is described below the Normal Installation. As ...
2
votes
1answer
21 views

How to calculate the SID for new logins?

I want to create a number of database users on two sql server instances. To be able to easily copy databases from one instance to another, I want the SIDs to be consistent. My idea was to use ...
0
votes
1answer
7 views

How and where can I create a getUserById function?

I'm trying to find a way to get users in strapi by ID. But I don't have access to the User identity in the controller. I have tried go write a function in the controller and service both diedn't ...
0
votes
0answers
6 views

authContext.getCachedUser() is not working in safari Ios 12.1

I am using adal.min.js version (1.0.11) and authContext.getCachedUser() works perfectly fine in chrome, safari. But not working on any versions less that IOS 12.2 authContext.getCachedUser() gives ...
0
votes
0answers
11 views

Problem w/ Login Authentication without password hashing [duplicate]

Hi i have been stuck on authentication of login for a long long time, this is only my third day doing PHP. Such a bummer, can anyone help me? i've tried many methods and they didnt work also i decided ...
0
votes
0answers
15 views

TTL of Access Token

I have enabled the multiuser mode in hyperledger composer and setting ldap for users to login and mongodb using environment variables. While checking the data in DB, I noticed that the TTL for access ...
-1
votes
0answers
13 views

Recommendation for user synchronization between organization and external website [on hold]

We are building a small social media platform for collaboration among a group of similar (but disparate) organizations. Each organization will have a small group of users who will be able to post ...
0
votes
0answers
18 views

Dynamics 2011 CRM Org Service Authentication Failure

Update: I can make this work by using the DisableLoopbackCheck, but I'd prefer a solution that does not require switching off security features. Getting an error connecting to Dynamics 2011 CRM ...
0
votes
0answers
18 views

I have a multi-page website using aws-amplify running on multiple servers with pm2. I cannot get the site to keep users logged in

I have an express server serving multiple pages where some need authentication. I'm running pm2 with 8 servers. I am using @aws-amplify/auth on the server and I am saving the token in cookies. I have ...
0
votes
1answer
33 views

How to disable Laravel registration after first user

I want to disable Laravel registration in my app after the first user has signed up. This is what I tried. if(User::count() != 0) { Auth::routes(['register' => false]); } else { Auth::...
0
votes
0answers
16 views

How to use different scope for different routes in hapi.js using keycloack?

I'm trying to implement token based authorization in hapi.js using keycloack. I've created a user and client id in keycloak. I've several scopes for each user in my setup. I'm generating a token using ...
1
vote
1answer
24 views

Built-in UserCreationForm throws “The two password fields didn't match” when passwords match. Django==2.2.2

I'm setting up user registration with built-in User model and UserCreationForm. Problem is that form validation fails when proper credentials are given. And I can't understand why? It looks like form....
0
votes
0answers
14 views

How to access asp.net Identity cookie across sub domain apps and authenticate?

I have trouble how to access the asp.net identity cookie across the sub domain applications. I have ASP.net applications (MVC, VB, Web forms), I was tasked to implement single sign on. I created a ...
0
votes
0answers
19 views

User not recognized as logged in when application is run as Start Without Debugging, user authentication works perfectly when run as Start Debugging

I've built a small ASP.NET web application in Visual Studio 2019, starting from the ASP.NET MVC web application project template for VB, which uses the default Individual User Accounts for ...
0
votes
1answer
28 views

[symfony]connection register on the same page?

I do have a problem with my symfony code, I'm actually searching how to put two forms, one for connections and one for login on the same page and this shows me error if I submit the register form, ...
0
votes
0answers
7 views

unrecognised browser login functionality implmentation

What is the best way to implement "unrecognised browser login" feature in web application if a particular user login from different browsers without tracking the IP address of the user. Is there any ...
0
votes
1answer
35 views

laravel and jwt: always return Unauthorized

I want to use JWT to login in my API but it always give me error: "Unauthorized". Before this, i already register the email and password of the user in my database before trying to login here's my ...
0
votes
1answer
21 views

How to make Google sign in or sign out buttons change depending on state?

I am a student developing a website that authorizes users using Google sign in. To make the Google sign in or sign out buttons I have a div that looks like this: <div id="login_div"> </div&...
0
votes
3answers
41 views

How to get Auth::user() inside a controller it's called by ajax function

I have a ajax function which call a controller listed on api.php (route). Inside this controller, I'm trying to make a user's log. So, I need to store the id user in a log table. But, when I try to ...
1
vote
0answers
19 views

How to log into phpmyadmin with rust http requests

I'm a beginner at rust so pardon my mistakes. I'm trying to log into my teams phpmyadmin server to webscrape some SQL data, but I'm unsure on how to proceed. I've managed to get request the login ...
0
votes
0answers
23 views

OpenIdConnect Auth Server in dotnet core with ReactJs frontend

I need to authentication frontend reactJs against .net core back end. What should it look like: User hits login in reactJs. the login goes to /api/login in .netcore the .netcore redirects to our ...
0
votes
0answers
15 views

ReturnUrlParameter is not avaliable

services.AddAuthentication("Auth").AddCookie("Anth",cfg=> { cfg.LoginPath = "Account/Login"; cfg.LogoutPath = "Account/Logout"; cfg.ReturnUrlParameter = "backUrl"; cfg....
2
votes
0answers
18 views

Authenticate to a server using Azure Ad - React Native

I am trying to implement authentication with my server using Azure(react-native-azure-ad2), however, I have no idea where to insert the server's URL to which I will send a POST request for login. I ...
0
votes
0answers
8 views

Technically, why is a tablet regarded as meeting 'Possession" for PSD2 but not a computer

The Payment Service Directive 2 (PSD2) https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32018R0389&from=DE requires that two elements from the categories “knowledge”, “possession” or “...
0
votes
1answer
30 views

Secure way to handle authentication using JWT webtoken in Node js

I'm using jsonwebtoken package to Implement JWT WebToken for authentication in my MEAN app. I used the below code to generate a WebToken after successful user authentication. I added the userid and ...
0
votes
0answers
3 views

Package installation in salt-stack including --allow-unauthenticated

During deployment, I am trying to install a package. It works fine on some environment and does not work on others. I added a flag, that will get the value True when I'm on one of the problematic ...
-2
votes
1answer
39 views

Login system keeps saying that I can't login

I'm following a guide (https://www.youtube.com/watch?v=a3Wxi-ZvUng) now I'm done with this part of the login system but now it doesn't work, I did everything like the guy on the tutorial does and I ...
-1
votes
0answers
22 views

In authentication success, redirecting to login page in spring security

In spring security I am trying to authenticate user via UsernamePasswordAuthenticationToken by giving userName and password. In response I got authentication is true. after authentication still ...
1
vote
1answer
20 views

Integration with Amplify JS and Cognito in React

I have been trying the Authentication using Amplify JS and able to log in and Change password when user.challengeName === 'NEW_PASSWORD_REQUIRED' and I have componentDidMount() in my Approuter where ...
-1
votes
0answers
15 views

CORS POC “missing authentication”

Basically on this site I found that the response of a certain request has access-control-allow-origin: (whatever site I put as origin in request) access-control-allow-credentials: true but when I open ...
0
votes
0answers
23 views

Optional authentication with AuthorizationAttribute

I have an ASP.NET Core app that used the AAD authentication project generator. If a user is not authenticated, they are redirected to the AAD login page. The generator provided the following snippet ...
-2
votes
0answers
25 views

Looking for PHP code example to connect to a webapi using a bearer-token authentication

Need to connect to a webapi using bearer-token authentication preferably in PHP. Looking for sample code, first time doing this and I am a little lost. The instructions for the API call is something ...
1
vote
2answers
45 views

How to secure and allow authentication with ElasticSearch?

I have IP to ES: http://1.2.3.4:9200/index/_search?size=1000&q=*:* and me or anyone can access to see data once we have IP: { "query" : { "match_all" : {} }, ...
0
votes
0answers
71 views

403 Forbidden when using client managed authentication on Azure App Service

I've been working on a multi-app project for a few months now using Azure App Service for my database and ADD B2C for authentication. There are three applications in this project: an admin WPF app, a ...
0
votes
0answers
17 views

Duplicate user created with Devise gem despite having uniqueness validation

I have a rails 4 app that uses devise gem for authentication. I have a validates_uniqueness_of :email check in user.rb Despite this check I am seeing duplicate entries being created in the users ...
0
votes
0answers
13 views

What is the correct way to implement an authorization server?

I have worked with JWT-based authorization in a sample app previously, so I understand the fundamentals of how access tokens are generated, how to refresh them, etc. However, I am now the sole ...
0
votes
1answer
24 views

Non connection with database?

I am newbie to Android Studio and i am creating a project with login and registration. I am using room technology and yet have searched on the Internet i couldn't find why i can't access my database. ...
0
votes
0answers
16 views

Signal/R, Azure Web Role and Authentication

We’re building an app using Orleans and Azure Cloud Services Classic (web/worker role). The browser client primarily utilizes SignalR 2.0 to communicate with the web role. However, the authentication ...
1
vote
1answer
19 views

Auto login a site with a slider checker?

I'm trying to login this site using puppeteer. Account and password can be auto-filled, but i still need to slide the shape to a proper position using my mouse. Is it possible to login this site ...
0
votes
0answers
13 views

How to prevent Wordpress JWT Authentication from blocking certain endpoints

After adding JWT Authentication for WP-API, WooCommerce product page is no longer accessible How does one allow WooCommerce products to be public, but other data like user information to require JWT ...
0
votes
2answers
36 views

How to specify custom logout URL when using Azure AD authentication in .NET core

I have an ASP.NET core 2.2 web application that uses work or school accounts (Azure AD authentication). When I sign out, the application ends up at /AzureAD/Account/SignedOut I'd like for it to ...