How to make sure media are used only on authorized sites?
I have a video library that I need to publish for my clients. The clients need to be able to embed a player into their sites and play the videos. I need to restrict access to my clients only so that no one else could put videos on their sites or access them programmatically.
WebAPI authorisation for other apps
I would like to create a WebAPI application that can serve some of my web sites. My goal is to abstract some common task such as email sending, address resolving etc by providing an API to all of my web sites.
Adding new service to authenticated website
So I’ve created an API that I want to leverage to add some functionality to an existing web app. My current website authenticates users using SAML. What I’m looking to do is instead of moving the code into the existing codebase is to find a way to authenticate to the new site and leverage the APIs that are already there.
Using Prolog to implement authorization rules
I’m working on a user management “pseudoframework” in PHP, and I’m trying to implement fine-grained rule-based authorization. I’m using a combination of SQL and condition-checking functions written in PHP right now, but I’m not completely satisfied. It works, but it is not very elegant and suffers from some limitations.
Using Prolog to implement authorization rules
I’m working on a user management “pseudoframework” in PHP, and I’m trying to implement fine-grained rule-based authorization. I’m using a combination of SQL and condition-checking functions written in PHP right now, but I’m not completely satisfied. It works, but it is not very elegant and suffers from some limitations.
Authorizing view content
Let’s say I have a view which should change it’s content based on the user resp. on the users permission.
Oauth 2 store access token vs verifying on each call
Let’s say my Server is both Authorization Server and Resource server
Oauth 2 store access token vs verifying on each call
Let’s say my Server is both Authorization Server and Resource server
Is it a good idea to require passwords in offline applications?
I am developing an application which can install extension modules (plugins, if you will) from APT-style repositories hosted elsewhere. The plugins need not be signed (although the downloads are verified), and can be downloaded over basic insecure HTTP. Is it a good idea to require the user’s password (in a similar way to sudo) to download packages, or just to install them? Should I require a login at all?
Is it a good idea to require passwords in offline applications?
I am developing an application which can install extension modules (plugins, if you will) from APT-style repositories hosted elsewhere. The plugins need not be signed (although the downloads are verified), and can be downloaded over basic insecure HTTP. Is it a good idea to require the user’s password (in a similar way to sudo) to download packages, or just to install them? Should I require a login at all?