http-authentication

问题 I don't know why but when i type a wrong password it always take alot of time to come back with authentication dialog. but when i type a correct password it always go fast. htaccess: AuthUserFile c:/senha1 AuthName "Bem vindo" AuthType Basic require valid-user I created this 'senha1' file with htpasswd. Thanks. 回答1: That's a simple measure to slow down brute force attacks. Correctly authenticated requests are handled instantly, while incorrect authentication attempts are delayed by a second

问题 I'm trying to build a simple WebView which shows a web page - the page requires http authentication for all pages (for testing purposes). Here is my code: class ViewController: UIViewController, WKUIDelegate { var webView: WKWebView! override func loadView() { let webConfiguration = WKWebViewConfiguration() webView = WKWebView(frame: .zero, configuration: webConfiguration) webView.uiDelegate = self view = webView } // #1 variant func webView(webView: WKWebView,

问题 I'm using HTTP Basic Authentication with AJAX requests. Firefox 3 is a whiner and always displays a dialog box for failed credentials -- even though I don't want one. This question summarizes some of the browser and JS issues; you'll notice it's unresolved on the client side. Luckily, I have at least some freedom to change the server -- I can modify my .htaccess file. Basically, whenever Firefox sees the WWW-Authenticate header, it tries to authenticate again. Can I suppress that header only

问题 The AuthorizeAttribute shows up just fine, but for the life of me I can't figure out where the AllowAnonymousAttribute class is. Whenever I add it to code, I get compiler errors. [Authorize] //works fine public ActionResult DoSomething(){ ... } [AllowAnonymous] //COMPILER ERROR type not found. Red squigglies. Bad. public ActionResult Foo() { ... } I'm in an MVC3 project. 回答1: ASP.NET MVC 3, or more precisely the System.Web.Mvc version 3.0.0.0 assembly does not contain AllowAnonymousAttribute.

问题 I'm trying to connect to API and send authentication headers. I'm using Base64 as described here How do I get basic auth working in angularjs? function Cntrl($scope, $http, Base64) { $http.defaults.headers.common['Authorization'] = 'Basic ' + Base64.encode('----myusername----' + ':' + '----mypass---'); $http({method: 'GET', url: 'https://.../Category.json'}). success(function(data, status, headers, config) { console.log('success'); }). error(function(data, status, headers, config) { alert

问题 I have a site with links like this: http://www.example.com/index.php?id=1 http://www.example.com/index.php?id=3 etc. I would like to have htaccess password protection for a specific ID, say 200. How can I do this? 回答1: This is not straight forward but here is a way it can be done in .htaccess itself: RewriteEngine On # set URI to /index.php/200 if query string is id=200 RewriteCond %{QUERY_STRING} (?:^|&)id=(200|1)(?:&|$) [NC] RewriteRule ^(index\.php)/?$ $1/%1 [NC] # set SECURED var to 1 if

问题 I installed jenkins on my server and I want to protected it with nginx http auth so that requests to: http://my_domain.com:8080 http://ci.my_domain.com will be protected except one location: http://ci.my_domain.com/job/my_job/build needed to trigger build. I am kinda new to nginx so I stuck with nginx config for that. upstream jenkins { server 127.0.0.1:8080; } server { listen x.x.x.x:8080; server_name *.*; location '/' { proxy_pass http://jenkins; proxy_set_header X-Forwarded-For $proxy_add

问题 I have an API with HTTP Basic Auth. If non-authenticated users send HTTP requests, then the server returns 401 status code and WWW-Authenticate header. And browser shows standard login form. Is it possible to show my HTML login form instead of standard browser's login form? 回答1: Since you are using an AJAX call, you could intercept the 401 status code from the server and redirect the user to a custom login form. For example let's suppose that you were using jQuery and trying to access the

问题 I need to make a page that will Login to a site automatically via http-authentication Show said site with an iframe I was thinking I could use XHR and specify the login headers directly, and then use javascript to create the iframe. Does this make sense? Will it work? 回答1: Due to the same-origin-policy your XHR approach won't work. However, for HTTP authentication you can simply include the data in the url, i.e. the src of the <iframe> : <iframe src="http://username:password@domain.tld/..."><

问题 I need to perform preemptive basic authentication against an HTTP server, i.e., authenticate right away without waiting on a 401 response. Can this be done with httplib2? Edit: I solved it by adding an Authorization header to the request, as suggested in the accepted answer: headers["Authorization"] = "Basic {0}".format( base64.b64encode("{0}:{1}".format(username, password))) 回答1: Add an appropriately formed 'Authorization' header to your initial request. 回答2: This also works with the built