Questions tagged [authentication]
Authentication is the process of providing a proof of identity or verifying identity.
75,870
questions
5518
votes
11
answers
686k
views
The definitive guide to form-based website authentication [closed]
Moderator note:
This question is not a good fit for our question and answer format with the topicality rules which currently apply for Stack Overflow. We normally use a "historical lock" for ...
1217
votes
50
answers
2.3m
views
Git push results in "Authentication Failed"
I have been using GitHub for a little while, and I have been fine with git add, git commit, and git push, so far without any problems. Suddenly I am having an error that says:
fatal: Authentication ...
- 12.5k
1170
votes
23
answers
363k
views
What's the difference between OpenID and OAuth?
I'm really trying to understand the difference between OpenID and OAuth? Maybe they're two totally separate things?
- 114k
1070
votes
17
answers
1.3m
views
PostgreSQL error: Fatal: role "username" does not exist
I'm setting up my PostgreSQL 9.1. I can't do anything with PostgreSQL: can't createdb, can't createuser; all operations return the error message
Fatal: role h9uest does not exist
h9uest is my ...
- 11.3k
989
votes
43
answers
717k
views
"UNPROTECTED PRIVATE KEY FILE!" Error using SSH into Amazon EC2 Instance (AWS) [closed]
I've created a new linux instance on Amazon EC2, and as part of that downloaded the .pem file to allow me to SSH in.
When I tried to ssh with:
ssh -i myfile.pem <public dns>
I got:
@@@@@@@@@@@@@...
- 26.6k
796
votes
14
answers
429k
views
RESTful Authentication
What does RESTful Authentication mean and how does it work? I can't find a good overview on Google. My only understanding is that you pass the session key (remeberal) in the URL, but this could be ...
- 9,305
710
votes
17
answers
258k
views
Authentication versus Authorization
What's the difference in web applications? In short, please.
I see the abbreviation "auth" a lot. Does it stand for auth-entication or auth-orization? Or both?
- 21.2k
658
votes
17
answers
317k
views
JWT (JSON Web Token) automatic prolongation of expiration
I would like to implement JWT-based authentication to our new REST API. But since the expiration is set in the token, is it possible to automatically prolong it? I don't want users to need to sign in ...
- 6,799
643
votes
24
answers
554k
views
How to reset Django admin password?
I am using Django (version 1.3) and have forgotten both admin username and password. How to reset both?
And is it possible to make a normal user into admin, and then remove admin status?
- 6,712
638
votes
48
answers
1.1m
views
Google OAuth 2 authorization - Error: redirect_uri_mismatch
On the website https://code.google.com/apis/console I have registered my application, set up generated Client ID: and Client Secret to my app and tried to log in with Google.
Unfortunately, I got the ...
- 47.4k
601
votes
9
answers
508k
views
What are the main differences between JWT and OAuth authentication?
I have a new SPA with a stateless authentication model using JWT. I am often asked to refer OAuth for authentication flows like asking me to send 'Bearer tokens' for every request instead of a simple ...
- 13.9k
592
votes
15
answers
576k
views
Validate a username and password against Active Directory?
How can I validate a username and password against Active Directory? I simply want to check if a username and password are correct.
Scott
569
votes
8
answers
445k
views
What is token-based authentication?
I want to understand what token-based authentication means. I searched the internet but couldn't find anything understandable.
- 6,165
509
votes
2
answers
412k
views
How to implement REST token-based authentication with JAX-RS and Jersey
I'm looking for a way to enable token-based authentication in Jersey. I am trying not to use any particular framework. Is that possible?
My plan is: A user signs up for my web service, my web service ...
- 6,503
485
votes
7
answers
198k
views
Understanding passport serialize deserialize
How would you explain the workflow of Passport's serialize and deserialize methods to a layman.
Where does user.id go after passport.serializeUser has been called?
We are calling passport....
- 7,188
476
votes
34
answers
735k
views
Clone A Private Repository (Github)
I have a private repository on Github for a project I'm working on. Until now I had only worked on my home desktop, but I just bought a laptop, and am trying to set it up so that I can work on the ...
- 6,645
466
votes
10
answers
867k
views
Use basic authentication with jQuery and Ajax
I am trying to create a basic authentication through the browser, but I can't really get there.
If this script won't be here the browser authentication will take over, but I want to tell the browser ...
- 26.7k
444
votes
20
answers
633k
views
How to secure MongoDB with username and password
I want to set up user name & password authentication for my MongoDB instance, so that any remote access will ask for the user name & password. I tried the tutorial from the MongoDB site and ...
- 49.7k
397
votes
11
answers
154k
views
How should I choose an authentication library for CodeIgniter? [closed]
I see there are a few. Which ones are maintained and easy to use? What are their pros and cons?
- 6,184
390
votes
3
answers
154k
views
SPA best practices for authentication and session management
When building SPA style applications using frameworks like Angular, Ember, React, etc. what do people believe to be some best practices for authentication and session management? I can think of a ...
- 14.5k
379
votes
16
answers
1.0m
views
How to connect to MySQL from the command line
How can you connect to MySQL from the command line in a Mac? (i.e. show me the code)
I'm doing a PHP/SQL tutorial, but it starts by assuming you're already in MySQL.
- 41.1k
360
votes
8
answers
87k
views
Why is there an "Authorization Code" flow in OAuth2 when "Implicit" flow works so well?
With the "Implicit" flow the client (likely a browser) will get a access token, after the Resource Owner (i.e. the user) gave access.
With the "Authorization Code" flow however, ...
- 20k
359
votes
7
answers
201k
views
Where to store JWT in browser? How to protect against CSRF?
I know cookie-based authentication. SSL and HttpOnly flags can be applied to protect cookie-based authentication from MITM and XSS. However, more special measures will be needed to apply in order to ...
- 5,481
354
votes
26
answers
268k
views
How to log out user from web site using BASIC authentication?
Is it possible to log out user from a web site if he is using basic authentication?
Killing session is not enough, since, once user is authenticated, each request contains login info, so user is ...
- 30.8k
349
votes
24
answers
574k
views
How do I remove documents using Node.js Mongoose?
FBFriendModel.find({
id: 333
}, function (err, docs) {
docs.remove(); //Remove all the documents that match!
});
The above doesn't seem to work. The records are still there.
Can someone fix?...
- 266k
338
votes
7
answers
381k
views
How to check if a user is logged in (how to properly use user.is_authenticated)?
I am looking over this website but just can't seem to figure out how to do this as it's not working. I need to check if the current site user is logged in (authenticated), and am trying:
request.user....
- 16.9k
319
votes
6
answers
334k
views
How to change users in TortoiseSVN
I was setting up another user to use our SVN repository. He didn't have a username/password, so I logged in with my credentials. We now have a username/password for him.
How do I get TortoiseSVN ...
- 12.4k
310
votes
3
answers
215k
views
How does cookie-based authentication work?
What would be a step-by-step description of how cookie-based authentication work?
I've never done anything involving either authentication or cookies. What does the browser need to do? What does the ...
- 3,279
310
votes
5
answers
254k
views
JWT refresh token flow
I'm building a mobile app and am using JWT for authentication.
It seems like the best way to do this is to pair the JWT access token with a refresh token so that I can expire the access token as ...
- 5,927
306
votes
7
answers
162k
views
Authentication: JWT usage vs session
What is the advantage of using JWTs over sessions in situations like authentication?
Is it used as a standalone approach or is it used in the session?
- 3,544
301
votes
7
answers
97k
views
Where do you store your salt strings?
I've always used a proper per-entry salt string when hashing passwords for database storage. For my needs, storing the salt in the DB next to the hashed password has always worked fine.
However, ...
- 66.3k
298
votes
14
answers
131k
views
Best practices for Storyboard login screen, handling clearing of data upon logout
I'm building an iOS app using a Storyboard. The root view controller is a Tab Bar Controller. I'm creating the login/logout process, and it's mostly working fine, but I've got a few issues. I need to ...
- 4,645
296
votes
12
answers
173k
views
Removing the remembered login and password list in SQL Server Management Studio
I've recently used our company's spare laptop (that has a general user set up) while mine was being repaired. I've checked the "Remember password" option in SQL Server Management Studio when logging ...
Elanie Meyer
294
votes
8
answers
72k
views
What if JWT is stolen?
I am trying to implement stateless authentication with JWT for my RESTful APIs.
AFAIK, JWT is basically an encrypted string passed as HTTP headers during a REST call.
But what if there's an ...
- 63.2k
289
votes
10
answers
141k
views
What is the purpose of a "Refresh Token"?
I have a program that integrates with the YouTube Live Streaming API. It runs on timers, so its been relatively easy for me to program in to fetch a new Access Token every 50 minutes with a Refresh ...
- 7,445
286
votes
15
answers
112k
views
user authentication libraries for node.js?
Are there any existing user authentication libraries for node.js? In particular I'm looking for something that can do password authentication for a user (using a custom backend auth DB), and associate ...
- 11.2k
286
votes
11
answers
285k
views
Add Keypair to existing EC2 instance
I was given AWS Console access to an account with 2 instances running that I cannot shut down (in production). I would, however, like to gain SSH access to these instances, is it possible to create a ...
- 20.9k
273
votes
7
answers
102k
views
Why does AuthorizeAttribute redirect to the login page for authentication and authorization failures?
In ASP.NET MVC, you can mark up a controller method with AuthorizeAttribute, like this:
[Authorize(Roles = "CanDeleteTags")]
public void Delete(string tagName)
{
// ...
}
This means that, if the ...
- 90.5k
270
votes
13
answers
412k
views
In Subversion can I be a user other than my login name?
I'd like to know how to get Subversion to change the name that my changes appear under.
I'm just starting to use Subversion. I'm currently using it to version control code on an XP laptop where I'm ...
- 9,504
269
votes
15
answers
311k
views
Set cookies for cross origin requests
How to share cookies cross origin? More specifically, how to use the Set-Cookie header in combination with the header Access-Control-Allow-Origin?
Here's an explanation of my situation:
I am ...
- 7,500
261
votes
3
answers
152k
views
What is the difference between Digest and Basic Authentication?
What is the difference between Digest and Basic Authentication ?
- 4,193
259
votes
10
answers
277k
views
What is an Endpoint?
I have been reading about OAuth and it keeps talking about endpoints. What exactly is an endpoint?
- 3,205
258
votes
29
answers
385k
views
Configuration System Failed to Initialize
I'm currently creating a Login form and have this code:
string connectionString = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
try
{
using (OdbcConnection ...
- 9,248
251
votes
9
answers
173k
views
Token Authentication vs. Cookies
What is the difference between token authentication and authentication using cookies?
I am trying to implement the Ember Auth Rails Demo but I do not understand the reasons behind using token ...
- 13.4k
244
votes
6
answers
129k
views
JWT vs cookies for token-based authentication
I read some posts about "JWT vs Cookie" but they only made me more confused...
I want some clarification, when people talking about "token-based authentication vs cookies", cookies here merely refer ...
- 10.1k
240
votes
2
answers
352k
views
How to create user for a db in postgresql? [closed]
I have installed PostgreSQL 8.4 on my CentOS server and connected to root user from shell and accessing the PostgreSQL shell.
I created the database and user in PostgreSQL.
While trying to connect ...
user925355
235
votes
6
answers
111k
views
Security of REST authentication schemes
Background:
I'm designing the authentication scheme for a REST web service. This doesn't "really" need to be secure (it's more of a personal project) but I want to make it as secure as possible as an ...
- 75k
226
votes
3
answers
239k
views
How Spring Security Filter Chain works
I realize that Spring security build on chain of filters, which will intercept the request, detect (absence of) authentication, redirect to authentication entry point or pass the request to ...
- 22.7k
222
votes
5
answers
215k
views
PostgreSQL: role is not permitted to log in
I have trouble connecting to my own postgres db on a local server.
I googled some similar problems and came up with this manual
https://help.ubuntu.com/stable/serverguide/postgresql.html
so:
pg_hba....
- 8,410
220
votes
15
answers
491k
views
How to center a component in Material UI and make it responsive?
I don't quite understand the Material UI grid system. If I want to use a form component for login, what is the easiest way to center it on the screen on all devices (mobile and desktop)?
- 2,405