My application is running in a domain. It's installed on each Windows PC in this domain. Customers can buy a domain license and register it once, on a server for example. Then domain users on other PCs don't have to register it again. In the case where there are lots of PCs in a domain, registering on each one is quite annoying.
Is it possible to implement the registration this way? The application is coded in C++ and running on Windows, what's the easiest way to implement it?
There's a related question to determine the AD domain. You'd want to do something similar, I think: get the domain, and check if that domain object holds your license information.
(AD is implemented on top of LDAP nowadays, and the Microsoft schema can be extended)
Related
I have a project in mind for a desktop aplication that interacts with e-shops directly. My goal is to create an application that uses the e-shop´s table and presents it to the shop through this app.
Before I get too into it I want to find a shoping cart software (preferably the oneclick installs that many webhosts offer) that will let me access it´s tables and modify/read/write at will without going throught the website.
Could I do this with OpenCart?
if not which way should I shoot?
Thanks in advance
Normally this is not possible unless You'd stick directly with some DB administration tool that will connect directly to the database server. There are some options though:
write an API for the desktop application - it could be based on web services - that the desktop application will comunicate with (more work has to be done but this should be the best solution)
let the desktop application connect directly to the database server (the same settings as OpenCart uses; requires only the desktop application development)
or as I mentioned, use a desktop DBMS tool for MySQL (or one that is universal), there are plenty of them, many also free... (no development at all but I'm not sure if this would be the desired solution)
I am building a windows 8 application which will be used as the interface to a web service I have running.
I need to find a safe way of encrypting sensitive data to pass, then decrypt it the other end.
Two things I need to do (as they may require separate methods);
1) User will enter a username and password which needs to be authenticated
2) User will enter personal information to be saved.
Now I have looked at many encryption/decryption methods, but I cannot find anything which is common place between the two. For example System.Security.Cryptography is not available within the windows 8 app, and my website can't use CryptographicEngine.
I am basically trying to find the best way to DO what I need to do. Along with a way of actually doing it in code.
You will not be able to use the same namespaces, as you have recognized. What you need to do is settle on a standard crypto algorithm on both ends.
Here is a discussion for one approach on the Win8 side using AES256. http://social.msdn.microsoft.com/Forums/en/winappswithcsharp/thread/8f9ecac4-80d2-47c8-8c41-9d7877565bf5
Here is a solution for doing AES256 with regular .NET
http://msdn.microsoft.com/en-us/magazine/cc164055.aspx
If you just need to secure the channel, then use an HTTPS web service, that's what HTTPS was designed for. The client-side HttpWebRequest class should just do the rest for you.
You'll need a certificate on the web server.
I'm building an app that will run on our network for job tracking with two user levels, one for general users and one for administrators.
How are user systems usually implemented in Qt? For example, how are user state and user roles handled? Should I just include a C++ class and set these types of things as properties within that class, or are there established and well documented "best practices" for implementing user systems within Qt?
I also need to be able to share user state and role among various classes. For example, the menu class needs to know the user state & role to know what items to display.
Any help is appreciated!
What you are asking for doesn't make sense in terms of Qt on it's own. Qt is a framework for local client apps. The Qt application displays it's information to only 1 user at a time on one display / desktop at a time.
You framed the question in terms of a networked job tracking application. Lets assume this implies there is some sort of job tracking server. Likewise, let's assume you are writing a client for this server application in Qt. In this model you could let the Qt application login to the server using credentials provided by the user. Then it would be the server's job to tell you whether the user is who they claim to be and what role they have and to enforce any security restrictions.
Since you say you are familiar with web applications, lets draw an analogy. Qt is intended to provide you the tools to write the web browser only; you would still need to provide the the web server and web application to run within it. Thus
Qt application is to web browser as X is to web server.
You have to provide "X", and that is where you implement the user system.
Of course Qt does provide basic support stuff like network sockets, but on it's own I don't think it's well suited to writing a server application.
The two web service(rest) are running on separated JVM instances with its own authentication.
The services is used by external user's log in, the server2 is for customer service team. After external use log in, he can call server2 for query. Oppositely, after customer service guy log in server2, he also can call server1 to change external user profile.
In another word, these two services trust each other. It seems like a SSO between them. Since both of them run on internal environment, I am wondering if there is a simple solution to implement it.
Thanks
I've had a good experience with JOSSO:
The setup is relatively simple (gateway and partner applications)
Non intrusive (no big changes needed for your application to work with it)
Based on JAAS
Supports various stores (LDAP, XML, DB...)
Works with Java, PHP and ASP (we use Java and PHP at our company and it works flawlessly)
You've got a lot of different options:
You could roll your own authentication system. It'd be exactly what you need, but you get to debug it yourself.
You could deploy Kerberos. A little old-school, but it clearly differentiates login servers from trusting servers.
If you're already in an MS-heavy environment, Active Directory might be just the tool.
OpenID is the new kid on the block; as used by StackOverflow :) but implementations of servers and clients might be harder to find.
LDAP is an easy way to get site-wide directory services; actually doing authentication against it might be a bit more work. (Which is why Active Directory is as popular as it is -- combining LDAP with Kerberos into one mechanism for site-wide authentication and authorization. Neat.)
We currently have an application that runs an embedded jetty 6.1.14 server to which we need to add authentication via Kerberos. I'm new to Kerberos, which makes the task about 100x harder that maybe it should be. I've scoured the internet and have found conflicting reports as to whether or not it is even possible but nothing much to provides guidance as to how to proceed.
I've managed to have the server basically be able to authenticate the users via kerberos but can't find away to have the client automatically send its kerberos ticket: I have to use the from auth-method, though there are hints that this may be using filters, which are very poorly documented.
My question - and I apologize for it being a bit vague, I've not been this exasperated in quite a long time - is to request some guidance for plugging in kerberos authentication without login forms in Jetty 6? Or am I just out of luck? Has anyone added this type of authentication to jetty 6?
If Jetty supports Servlet Filters (JSR-53), then this open source project http://spnego.sourceforge.net might be what you are looking for.
You have to prepare your domain environment first. Make sure that your server if part of your domain (joined it). Then you have to create an machine account and assign an SPN. If you have done that, create a keytab for that account. From now on a client will be able to search for the host in the domain and create a ticket for. Then comes Jetty into play.