asp.net mvc - Secure a single action with Forms Authentication & Basic Authentication simultaneously -

-

my mvc application secured using forms authentication. have global filter applies authorizeattribute.

i have controller called development action called report. can access fine authenticating in normal way , going http://localhost:8080/development/report. if not authenticated redirects me forms authentication login.

i trying embed page ios app user can view information without having manually authenticate themselves. confuse things ios app uses different authentication system, holds device id , unique token mvc app store.

what trying make report action available both via forms authentication , ios app using basic authentication username device id , password token. it's important when authenticated using method user can access report action. what's best way implement whilst keeping secure?

i thinking of marking report action allowanonymous attribute , creating custom authentication action. best way?

authentication strategies that: strategies. they're not intended mixed , matched; pick 1 best suits application , go it.

that said, see 2 ways forward. either way, however, not allow use same action everything. best bet factor out shared code utility class or similar.

  1. put 2 actions in separate projects. each project can implement own auth strategy. again, similar code can factored out utility class, , in case, shared via class library both projects may reference.

  2. create separate action in same project , don't use authorize on or use allowanonymous if it's part of controller authorized. turn off standard auth action , provide no protection. however, you're freed own "authorization" manually. can either check values of device id , token directly in action or create action filter so. choose depends on how need this. if one-off might want check directly in action quicker , easier. however, if one-off may still want use action filter you're prepare should use become more widespread.


Comments

Post a Comment

Popular posts from this blog

html - Firefox flex bug applied to buttons? -

-
i'm trying apply flex button on firefox i'm having problem on chrome doesn't happens. this css: .button { display: inline-flex; align-items: center; } as can see in fiddle, "caret" word moved new line, happens if element <button> tag, <div> works expected. http://codepen.io/anon/pen/xblmgx is firefox bug or there css i'm missing? nevermind, looks "mr firefox" doesn't idea... <button> not implementable (by browsers) in pure css, bit of black box, perspective of css. means don't react in same way e.g. <div> would. this isn't specific flexbox -- e.g. don't render scrollbars if put "overflow:scroll" on button, , don't render table if put "display:table" on it. stepping further, isn't specific <button> . consider <fieldset> , <table> have special rendering behavior: data:text/html,<fieldset style="d...
Read more

html - Missing border-right in select on Firefox -

-
Image
when put select div width , padding-left, options have no border on right. more, happend if select have width 118px , parent have 15px of padding left! have idea, going on? my code: <!doctype html> <html> <head lang="en"> </head> <body> <div style="width: 1000px; padding-left: 15px;"> <select style="width: 118px;"> <option>a</option> <option>b</option> <option>c</option> </select> </div> </body> </html> and result: here plunker: click it happend on firefox on windows. tested on 40.0.2 version -webkit-box-sizing: border-box; -moz-box-sizing: border-box; -ms-box-sizing: border-box; box-sizing: border-box; source: https://stackoverflow.com/a/11390432/4431269 source of problem: https://bugzilla.mozilla.org/show_bug.cgi?id=924068 and use of google ! edit: (source of problem, explained) after rea...
Read more

python - build a suggestions list using fuzzywuzzy -

-
i building suggestion engine database. i'm using fuzzywuzzy module match user input string existing database shown below. if request.method == "get": display_dict = {} user_input = request.get["user_input"] # user input match_dict = {} food_items_obj = food_items.objects.all() # fetch objects table items in food_items_obj : match = fuzz.ratio(user_input.lower(),items.name.lower()) # try match user input existing names match_dict[match] = items.name # put 1 dictionary matched_dict = ordereddict(sorted(match_dict.items(),reverse = true)) # sort dictionary if max(matched_dict.keys()) == 100: # if exact match put in dict , return display_dict[100] = matched_dict[100] else : # if not found try best matching words.. ###########this part need help! ############# k,v in matched_dict.items(): if user_input in v : display_dict[k]...
Read more