I am working on MAC Application in which I have to create a VPN Connection through my application and which I have done successfully with the Help of EBAS Example code from Apple.
Now when user want to connect to VPN, I need to modify the Network Interface and for that an AUTHORIZATION POPUP Comes to get user Permission.
This is the Process to Modify the Network Interface.
First Lock the System Preference using Below Code
Boolean result = SCPreferencesLock(prefToUnlock,TRUE); // Authentication PopUp Comes here to lock the system preferences.
and then rest of the code to modify the network which is working fine.
Now whenever above line execute popup comes to get authorization to Lock SystemPeference. I want this to be done by Helper Tool Without Authorization Popup. I tried that but it always returns false.
Is there any other way I can archive this.
Thanks
Related
I would like to upload files to Microsoft One Drive using c# and shared to some of my friends on weekly basis.
I have tried few things but when using Authenticate API, browser shows login prompt.
So I would like to upload them without login, because I am uploading these files through Windows Service, which is running in background.
Please suggest the best way to do that.
You'll need some user interaction to gain initial consent for your application to operate on the user's behalf, however as long as that process gives you a refresh token you'll be able to use that in your service to get current tokens without user interaction. It will eventually expire so you'll need a way to notify, and interact with, the user on occasion.
You'll need to ask for the offline_access scope to get the refresh token, see:
https://learn.microsoft.com/en-us/onedrive/developer/rest-api/getting-started/msa-oauth?view=odsp-graph-online#authentication-scopes
In IBM MobileFirst console, we are able to set Application Access form "Active" to "Access disabled", then the app will be disallow to access to the MFP server.
My question is, can we disallow user to access to the app itself ? [For example: once user launch the app, the app will pop out a message to tell user to download new version]
Is there an client side API for detect whether allow user access to the server ?
My question is, can we disallow user to access to the app itself ?
[For example: once user launch the app, the app will pop out a message
to tell user to download new version]
This scenario is exactly what Remote Disable is doing. You have v1 and v2 deployed on the server and you want to force your user(s) to upgrade from v1 to v2, so your set remote disable on v1... and then the user(s) are forced to confirm and upgrade.
Are you asking to do this only for singular users instead of for everyone at once?
Assuming your have implemented authentication on your application, since you know who is logging in to your backend system then you should be able to customize this by implementing the server-side code to also query the database for the version the specific user is using (you'll need to also make sure to enter this data to the database, I believe), and based on the result to have custom client-side code to fail the login and point the user to the App Store.
As you can imagine, this is not available out-of-the-box...
What is not sufficient with Remote Disable?
I am developing an hybrid mobile application using ibm mobilefirst platform.
I am using the custom authentication module example to implement the login module. The problem here is when the user closes the application the app gets logged out.
Is there anyway that I can implement so that the user will not be logged out unless they opt to click on logout button. In simple I am trying to achieve something similar to Facebook remember me option.
You could do something like this (very rough idea):
As part of your authentication flow, if the user has passed the authentication - store in either localStorange or JSONStore a "token" that will basically state that the user has previously logged in. Also save in the server's database using userPrefs something to validate the token.
Whenever the app launches, it will attempt to connect to the server. The environment will be protected with a securityTest so that the server will present a challenge - if a token exist it will attempt to verify it, if there is no token, a login form will display instead.
Assuming this is a first-time launch, if the login passed successfully then store a token in the device and store in the database its "public key"
The next time the app is launched the challenge will be presented again but this time, since we have a token - it will attempt to verify it. If verified - don't present the login screen, skip the rest of the authentication flow and display the secure content
Something like that...
Perhaps to create a 'better' user experience, on app launch also extend the splash screen duration while you're checking for the token, This can be done using this API method.
On logout, clear the token from the device and server.
I'm trying to develop a rally app using the app builder. When I load App-debug.html in my browser, I am prompted to enter my user credentials in the form provided. I enter them, but the form re-appears over and over again.
I did notice that the login attempts to authenticate via https://rally1.rallydev.com:443. If I go to this in another window and enter my account details I am able to get in. However, when I do log in, there is a corporate redirect that takes place (for SSO) and I ultimately end up on us1.rallydev.com.
How would I get my app to authenticate through us1.rallydev.com. Changing urls in App.js and config.json only causes errors when trying to load javascript for APIs.
The app should always just piggyback on your existing session. Changing the serverin config.json and re-running rab build should cause all traffic to go to that server- if that's not happening then that's a bug.
You won't be able to authenticate from scratch using SSO from an app, but it should have no problem re-using an existing session.
Another option is to use an API Key to develop: https://help.rallydev.com/apps/2.0/doc/#!/guide/embedding_apps
In my IBM worklight demo app I've implemented Login Module. It works fine, but in what way I should maintain the session ? I want to log-out my user if log-out action is performed but not when app goes into background. Currently when my app is closed by Android device back button or anyhow if app goes into background session gets expire and again user has to login. Can I achieve this maintaining some server side session?
When you close your application OS destroys WebView component thus destroying your http context, specifically jSessionId cookie. As a result next time you open it you will have a new session and will need to reauthenticate.
If you really want to implement "remember me" functionality there are several solutions. One might be the following
keep in mind that "remember me" greatly reduces security level
see #1
create some sort of server side token and store it on a client side (e.g. in localStorage, encryptedCache or JSONStore)
Make sure that this token is associated with your user identity on a server side
Send this token to server on application startup (e.g. as a global header, as an adapter procedure invocation param etc.)
Detect this token in your login module and establish authenticated session.