I want to use the Azure Active Directory for identity. I searched for a solution how to "integrate" it into a Vue.js single page application -> result was the oidc-client-js.
Now I am looking for a solution how to save sensible information about the user in a cookie and not in local or session storage of the browser.
Many thanks for the support in advance!
I'am grateful for alternatives to oidc.
Related
Just because of authentication I need to create an app manifest and share the app manifest with users who want to test it .Is there a way to Authenticate user without creating app manifest so that I can directly share bot link with users.
Talking to your bot by ID is intended for basic testing purposes only. Any Teams-specific functionality you have added to your bot fails to work.
Doc ref: Talk to your bot directly by ID
In this example
Is is an OAUTH flow with Azure AD directory v2 without any app manifest.
This one is in java_springboot but you can find the same for your prefered langage in the samples directory. The number 18 (and all the others) in all samples is the example but in different langages.
I'm building an application with Vue and Electron, and I'm wondering what the best approach is for authenticating users.
I'm using JSStore as a wrapper for IndexedDB as my database. I'm familiar with using bcryptjs as a means for authenticating users when I create Node backend and have traditional /login or /signup routes.
But this is where I'm starting to get confused. Do I need to set up a Node server to start up when my application starts up? Because given that I'm using IndexedDB, I don't know that it makes sense to have a process of Sign Up --> Request to Node Server --> Send data back to browser
Would I be better served using a different type of database? Could I do something such as adding bcryptjs to the Vue prototype, so that's it's accessible where I need it to work with JS Store? Are there security concerns that I should be aware of with an approach like that?
At this point I'm stuck, and have more questions than answers. I've done some looking around for articles, and I find a lot of content about setting up authentication with Vue, but not within the context of an Electron application. I'm not sure how that variable changes things.
Any advice or direction would be greatly appreciated.
JsStore is client side technology, which means if you are setting up authentication in client side, it will be available only to that device.
Let's understand it more by use case -
Say your application named My Awesome app has authenticaion implemented. User register it and then they are able to use it after registration. They are logging out and signing in again with registration data and everything is working normal.
Here is what wrong with this approach -
User buys another pc and installed application My Awesome app, he tries to login but unable to login because registration data does not exist on their new PC.
Due to some issue, user hard disk crashed & he installed new hard disk. Same thing as above he is not able to log in.
So it is recommended to implement the signin on some server & keep data there.
I have a strange request for a project - we have a text file containing a list of login credentials for Dropbox for around 10 users. I have to validate their credentials automatically and notify the users if login fails with their credentials.
I've looked at the dropbox API, but that uses OAuth, which requires the user to manually fill in credentials, but that doesn't do the trick for me.
Is there a way for me to check if a bunch of logins? I've looked at the DropboxUpload repository on github, but it works fine for single user logins, but fails to achieve what I want when it comes to checking the same thing for multiple users.
Any help/leads on how I should go about proceeding with this would be greatly appreciated!
Many thanks,
John
You can use dropbox webpage to check user credentials doing normal login/logout but in an automated way.
To create a "bot" which will login and logout and check if credentials are correct you can use Selenium.
Selenium is a framework for testing web page ui but it can also be used to create automated checker/tester/bot for what you need.
It is also possible to setup selenium in a such way that it will use renderless browser engine so no browser will be visible during test/check. This also speeds up the process of testing.
I hope this will help you if you'll not find any better way and can be used as a final solution since it is not the best way to check credentials
I have a Vaadin 7 application that needs to use SSO (or a better kind of enterprise sign on method?) to authorize users through an LDAP directory. I also need to use groups or "roles" to differ between users and what they are allowed to access in my application. I am new to both login processes and Vaadin, and all I have right now is a working login form in my application that authorizes users against a fake "AD class" that I made myself.
So...
Where and how do I even start?
I read something about portlets and Liferay in this context. Is it even possible to achieve my goals without using Liferay or portlets?
Are there any good Vaadin addons that can help me with this?
Can I use Spring security for this? (I am using xpoft SpringVaadinIntegration addon and I know it handles roles for example)...
If I sound lost, it's probably because I am. I will gladly read up on this, if I even knew where to start. Please help me chop this monolithic blob of confusion into smaller pieces =)
SSO with windows login only works in the intranet and it requires the use of kerberos or ntlm.
You can use a library like waffle to integrate things.
Look here:
Link #1
Link #2
I've a iOS app and I would like my users to upload images to S3 directly.
I need UserX to be able to upload folders to __MY_BUCKET__/UserX/* Only. So that each one of my users have their own folder and only they can modify content in them.
Given that scenario I need to create dynamic permissions to my S3 bucket
Is that possible?
If it is... maybe I am in the right path or not....
What I've done so far is
I am using this guide to create Elastic Beanstalk with a Token Vending Machine. Then I used this other guide to configure the TVM.
Now my issue with that in none of the guides it shows an example of how to register a dynamic user (my app user) or how get the token from the TVM or how to say "Hey TVM, this userID needs upload access to __BUCKET_/ThiUserID/*" from a iOS app.
So I guess what I wonder, is how do I fill the gaps if what I am trying to achieve is possible?
I'm one of the maintainers of the AWS Mobile SDKs. The page you linked to includes projects for both iOS and Android that show how to integrate the customized TVM code in a mobile application. I suggest you look there and if you need further clarification, please update your with specific questions about the code.
You may also want to look at our web identity federation sample which is included with the SDKs. In combination with IAM policy variables, you can generate dynamic policies without the use of a Token Vending Machine.