Click here to Skip to main content
14,393,196 members

Welcome to the Lounge

   

For discussing anything related to a software developer's life but is not for programming questions. Got a programming question?

The Lounge is rated Safe For Work. If you're about to post something inappropriate for a shared office environment, then don't post it. No ads, no abuse, and no programming questions. Trolling, (political, climate, religious or whatever) will result in your account being removed.
 
GeneralWoot! Woot! Pin
Chris C-B7-Aug-19 5:38
MemberChris C-B7-Aug-19 5:38 
GeneralRe: Woot! Woot! Pin
OriginalGriff7-Aug-19 5:51
mveOriginalGriff7-Aug-19 5:51 
GeneralRe: Woot! Woot! Pin
Chris C-B7-Aug-19 6:17
MemberChris C-B7-Aug-19 6:17 
GeneralRe: Woot! Woot! Pin
honey the codewitch7-Aug-19 6:09
Memberhoney the codewitch7-Aug-19 6:09 
GeneralRe: Woot! Woot! Pin
Chris C-B7-Aug-19 6:24
MemberChris C-B7-Aug-19 6:24 
GeneralRe: Woot! Woot! Pin
RickZeeland7-Aug-19 7:19
communityengineerRickZeeland7-Aug-19 7:19 
GeneralRe: Woot! Woot! Pin
Chris Maunder7-Aug-19 12:18
cofounderChris Maunder7-Aug-19 12:18 
GeneralNow that's secure... Pin
Sander Rossel7-Aug-19 5:35
professionalSander Rossel7-Aug-19 5:35 
So I'm working on this SOAP service, which needs to have a sort of two-layered security (according to specs).
The first is basic authentication, which is, of course, a well known protocol (which I had to implement myself because Azure App Services doesn't support this because it checks the (on-premise) AD by default).
The second is on message level, each request has an authentication token in the form of [username][divider][password].
Seems overkill, but alright.
Except that the username and password for the basic authentication are hard-coded! WTF | :WTF:
It seems I can set the password in the third party application (although that's not possible/allowed according to the specs), but the username is definitely hard-coded in the application Laugh | :laugh:
If the username is hard-coded, but the password isn't, all I can do is check if the supplied password matches any passwords in the database* and then check if the token in the message belongs to that password*.
It's all rather clunky Laugh | :laugh:

So basically it's just authentication on message level with extra steps D'Oh! | :doh:

* Hashed, of course!

GeneralRe: Now that's secure... Pin
honey the codewitch7-Aug-19 5:54
Memberhoney the codewitch7-Aug-19 5:54 
GeneralRe: Now that's secure... Pin
Sander Rossel7-Aug-19 6:05
professionalSander Rossel7-Aug-19 6:05 
GeneralRe: Now that's secure... Pin
honey the codewitch7-Aug-19 6:06
Memberhoney the codewitch7-Aug-19 6:06 
Generalthe choice Pin
honey the codewitch6-Aug-19 23:26
Memberhoney the codewitch6-Aug-19 23:26 
GeneralRe: the choice PinPopular
F-ES Sitecore6-Aug-19 23:51
mveF-ES Sitecore6-Aug-19 23:51 
GeneralRe: the choice Pin
honey the codewitch6-Aug-19 23:58
Memberhoney the codewitch6-Aug-19 23:58 
GeneralRe: the choice Pin
0x01AA7-Aug-19 0:12
professional0x01AA7-Aug-19 0:12 
GeneralRe: the choice Pin
F-ES Sitecore7-Aug-19 0:19
mveF-ES Sitecore7-Aug-19 0:19 
GeneralRe: the choice Pin
Jörgen Andersson7-Aug-19 1:36
professionalJörgen Andersson7-Aug-19 1:36 
GeneralRe: the choice Pin
W Balboos7-Aug-19 2:46
mveW Balboos7-Aug-19 2:46 
GeneralRe: the choice Pin
BillWoodruff7-Aug-19 3:14
mveBillWoodruff7-Aug-19 3:14 
GeneralRe: the choice Pin
W Balboos7-Aug-19 3:22
mveW Balboos7-Aug-19 3:22 
GeneralRe: the choice Pin
BillWoodruff7-Aug-19 3:36
mveBillWoodruff7-Aug-19 3:36 
GeneralRe: the choice Pin
CodeWraith7-Aug-19 4:26
MemberCodeWraith7-Aug-19 4:26 
JokeRe: the choice Pin
W Balboos7-Aug-19 4:30
mveW Balboos7-Aug-19 4:30 
GeneralRe: the choice Pin
CodeWraith7-Aug-19 4:39
MemberCodeWraith7-Aug-19 4:39 
GeneralRe: the choice Pin
honey the codewitch7-Aug-19 6:00
Memberhoney the codewitch7-Aug-19 6:00 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.