I am facing issue while implementing Child Sessions launcher in my app. Basically as per Microsoft document when admin user launches child session then it shouldn't ask for credentials. However it does ask credentials (shows as popup to enter the credentials). If the user cancel it then we want to capture the cancel event.
We have implemented the child launcher functionality by referring to this url -
https://learn.microsoft.com/en-us/windows/win32/termserv/child-sessions
when it calls ImsRdpClient9.connect(), then it pop-ups to enter the credentials. Now if user clicks on cancel then I want to capture the event. I tried implementing https://learn.microsoft.com/en-us/windows/win32/termserv/imstscaxevents-interface but it didn't work. Is anyone out there to show an example how to implement the IMsTscAxEvents interface and listen to the various event (e.g, OnLogonError, OnAuthenticationWarningDisplayed etc) when windows show up with the logon error (on child session launcher).
Related
My application is about getting the contact information of the user when filing an job application. I want for the user to have the ability to save what he/she initially filled up and when he/she wants to finish filling-up the form the information he/she already filled up will there. Is there a way to save the state of the application so that when the user closes the application or navigate to another page the form that the user filled-up wont be gone?
Depending on the number and types of fields of your application I would use Preferences.
https://learn.microsoft.com/en-us/xamarin/essentials/preferences?tabs=ios
As far as I could understand, when the user presses the Submit button eventually, the GetSerialization method will be called to get login details.
I am programming a Credential Provider that waits for some external signal to log in, and I do not want the user to press the Submit button.
Is it possible to trigger the submit event from the Credential Provider?
I found a way to do it. The trick is not to call the submit button, but use the ICredentialProviderEvents::CredentialsChanged method. I have a thread running, that will eventually trigger the CredentialsChanged. This will then enable a new Credential that logs the user in.
This is shown in the Microsoft Sample SampleHardwareEventCredentialProvider.
It is worth notice that the Windows LogonUI automatically selects this new Credential. I do not know if this is in the documentation, but it is the behaviour I experienced.
The more appropriate way would be to implement the IConnectableCredentialProviderCredential interface, which is designed specifically for this purpose.
i have a problem with a WP7 app. I want that a user can login into the application, doing some stuff and logout.
Now, then a new user get the phone, it should not be possible to get into the session of the old user (by simply pressing back until the user see the intern data of the previous user who was logged in).
how to make this?
The best thing would be, that when a user press the back button, it will be forwared to the first page of the app. the problem then is, that there will be a loop and the app will not pass the certification because it will not be possible to exit it.
Here is an overview:
loginPage (no return just exiting the app) -> internPage (possibility to logout and return to loginPage)
You can clear the back stack using NavigationService.RemoveBackEntry:
while (this.NavigationService.BackStack.Any())
{
this.NavigationService.RemoveBackEntry();
}
Put this in the OnNavigatedTo of your LoginPage, so pressing back on this page will exit the application. If the LoginPage is the first page the user sees when launching the app (and therefore is the application main page), it should pass certification.
try the nonlinearnavigationservice that way back will unwind your history properly an you back out of the mainpage it will exit your app correctly.
http://create.msdn.com/en-US/education/catalog/article/nln-serv-wp7
why not have the mainpage show the icons for the different users, and a click onto the user would ask for their password?
You cannot change the navigation flow of your application so that the back-button takes you to the first page. This will result in you failing the marketplace certification.
What you could do is handle the application lifecycle events, when the user leaves your application, then navigates back to it via the back-button you application is re-started either from a dormant or tombstoned state.
You can read about the lifecycle here:
http://www.scottlogic.co.uk/blog/colin/2011/10/a-windows-phone-7-1-mango-mvvm-tombstoning-example/
You need to add logic into the Activated event. At this point you could display a logic Popup that ensures the user has to re-enter their credentials to continue using the application.
The best way is to create separate view like UserControl and then show it as Popup when you need user to log in.
This is the way recommended by Microsoft also, and zou won't be having this navigation problems.
Something like this:
enter link description here
Background:
I have a JScript that runs when the computer starts up (from task scheduler). The script does some magic and determines if a user should be allowed to login at all. It starts by disabling all user accounts and then if a user is to be allowed in it enables the users account by firing the 'net user' command using wshShell.Exec(). All this works well and the accounts are correctly enabled/disabled.
Problem:
However the vista graphical login screen has no idea that user accounts have been enabled/disabled and does not refresh itself to show/remove the user account pictures. Actually it does refresh itself if I wait long enough at the login screen to start the screensaver. When the mouse is then moved the visa login screen returns refreshed. However I want to be able to restart/refresh the login screen from my script. Any ideas?
What I have already tried:
I tried launching winlogon.exe from
the script, it had no effect
I tried launching logon.scr from the ecript
to trigger the screensaver manually,
it did not trigger.
If you need the script, look here: http://code.google.com/p/truecryptautomount/
Anything you do from the service's context will not affect it as the login screen is an entirely different session/desktop. This is a security feature designed to stop user programs from emulating the login screen to capture a password. CTRL+ALT+DEL will always bring you to this alternate desktop/session.
The screensaver you are starting is not the same one you see start on the login screen. With that in mind, you should be able to configure the screensaver for the system account's profile to have a very short wait time. You can probably learn what you need to know from this article:
http://blogs.technet.com/heyscriptingguy/archive/2006/03/08/how-can-i-configure-the-screensaver-used-when-no-one-is-logged-on-to-a-computer.aspx
Hope this helps,
-Oisin
I am writing my first FireFox extension and I have some questions. Maybe someone can help.
I have a website which requires login. The sign-in is one user per login type. So if I am logged with the username "tom" from one PC and go to other PC and try to login with the same details, it fails. When I click the log-out button from my authenticated page, the new location executes a PHP function to log-out the user (updates the "logged" status of the user in MySQL). The problem is that if a user is logged in from his work desk and surfing the page then suddenly he gets a call by a friend to quickly grab lunch in his break and has to meet him in short time, he just clicks the X (close) button from Firefox, forgetting to press the log-out button so the status of the logged is still 1. Later on, if he wants to access the page again from home, he won't be able to log in.
So, I need to grab the "close" event from firefox somehow. I am thinking about looking for the ones that contain the "website.com" domain only. Then, if a tab is closed or the main window of Firefox is closed, send an unique key, and the username to that URL that logs out the user and the problem may be solved. I don't know if this is possible. Please post any idea (followed by code if you can) for this extension to be built.
Thank you.
By design, this is wrong.
If a user's PC crashes (harddisk failure, power failure) your plugin won't be able to log out the user. And so, the user won't be able to login on any PC.
--
Let's revisit the premise,
a. why does logging in from another PC need to fail?
b. How about invalidating the login from the previous PC (log out) when the user logs in to another PC. THis is kind of like how chat applications like Yahoo! Messenger work.
From your answers, here's what i would suggest: if the user is logged in on another PC, warn and present the user with options:
cancel logging in
forcibly log out the other user and proceed to logging in
Logging the user out after a certain time of inactivity is the (application or web) server's responsibility, not (only) the client-browser's. This is called a session timeout.
You might be able to avoid the timeout by a browser implementation as you describe it, but this should not be the primary solution.
Here's an off hand approach you might take:
In your case I would include a timestamp in the table where the 'locked' state is stored. Every time a user does an action that timestamp is updated. When you try to login again ad the timestamp is older that a certain threshold (e.g. 15min) your login code should silently logout the previous user.
In order to receive a notice about the tab being closed, you'll want to do something like this sample code. However, instead of listening for load, you'll want to listen for unload.
When you do end up getting notified about unload, you'll have to do a request to the logout page just like the web application does. You can figure out what the location of the document that is unloading is by checking aEvent.originalTarget.location.href. Note that aEvent.originalTarget will give you the document object of the tab that is closing. You'll then want to use an XLMHttpRequest for this in your event handler.
You could use ajax that would ping a page on the site - all the session info will be passed and you can verify that the user still has an active browser/page open. If Firefox crashes it won't be able to ping the website anymore and the session could time-out after 15 minutes. I think that allowing a forced logout on another sign-in would be best. Usually when I leave work at the end of the day I wouldn't close all the programs or logout or anything - just lock my computer to prevent anyone from using it. Next morning I come back with all my programs still running so I can continue where I left off.
BTW, Yahoo Web messenger probably uses some form of session-based cookies. That is, cookies are stored in memory and are gone when the tab or browser are closed.
Just enable to the user to re-login from another machine. And if you get a request from the user on first machine, ask him to re-login too. So you get a single logged in user at a time.