There is a WIN32 WebView2 Sample availble here: https://learn.microsoft.com/en-us/microsoft-edge/webview2/get-started/win32, with this sample, trying to implemet a way to select the client certificate automatically withiout any user intervention while accessing https://client.badssl.com/. Is there any way to do it. Any sample is highly appreciated.
Note: Certificate is available here: https://badssl.com/download/
Related
I'm wondering if it is somehow possible to display a private report if we don't have access to the account or company's Data Studio environment? Using the Google API would be ideal.
The reason why we need an API is because the reports need to be displayed on a distributed network of displays where user interaction is not possible. They are all separated from each other and run on their own browser instance. Setting the reports public to embed them is not an option due to sensitive data being exposed to the internet. Embedding is fine but we need some way of accessing the customers data without user interaction, i.e. via access tokens or something. If the user authenticates to our app beforehand and that allows us to then use their access token inside of the embed iframe would be fine too.
As far as I can tell I cannot display private reports through the official google-data-studio API. I did find another stackoverflow link that mentions something about community connectors. Would this still be a solution to our problem if we don't own the reports itself? We are just displaying the reports but do not have access to their Google Cloud environment nor their data sources.
Any help is appreciated.
This is not supported by Google Data Studio.
In short, if you can't make your report public, and you can't authenticate to view it, you're out of luck.
The link you provided is much more a hack than a feature. It suggests you to make your data public with a custom authentication mechanism developed in a Community Connector that requires a token as parameter.
This way, your report will be available to anyone, however, since your report requires the token to work (a kind of password), it won't show any data to unauthorized users (those who don't provide a valid token).
Although it is possible, I think it requires so much effort to make it work, and, of course, it requires that you change the connector of your report. So 'yes', you need to own the report to connect to your data through the suggested Community Connector.
I am working on application in which i have to create and connect to VPN Server direct through my application.
After lots of research i came to know that i need to store Password and SharedSecretKey in System.Keychain. now to store PASSWORD and SHAREDSECRETKEY in SYSTEM Keychain we need helper tool as per apple's guideline.
Now i downloaded the CODE from apple and tried to add my certificate and identifiers in sample code but it doesn't work for me.
Do i have to use 2 different identifier for app id and Helper Tool identifier?
Any one have any proper implementation steps for this?
Any help will be appriciated.
I hope I am not being to dense but I don't know how to use phpoidc. I have downloaded phpoidc from https://bitbucket.org/PEOFIAMP/phpoidc. I have followed the instructions in the INSTALL file. Now that it it supposedly installed, how do I use it? There does not seem to be any documentation on this.
I just want to set up simple user authentication on my site. I am running CodeIgniter 3.0 rc. I primarily want to allow login with google accounts.
Are you talking about the OP side or RP side?
OP side should be quite self-explanatory as it is a stand alone thing.
RP side needs integration to your application.
The phpRp is just a sample implementation that uses these libraries.
What it does is to create an OpenID Connect request and process the call back to see validate the response. Then, typically, an application needs to associate the iss and sub in the ID Token to a local account: you need a mapping table for it. Once you are done with that, create a session and off you go.
I'm using the enterprise library and AZ Man to authenticate users into my winforms application. I've got the code working fine using the XML file. I don't understand how to securely deploy the application though.
In app.config there is a path to the XML file. There doesn't appear to be anything stopping a user from opening this XML file in azman.msc and giving themselves access they shouldn't have.
If we put the XML file on the server and make it read-only to user, there is nothing stopping the user from copying everything locally and changing the app.config pointer to a local file they can write to.
There seems to be something major I'm missing here, but I've been reading and can't figure it out.
I think what you'd probably want to do is create your authorization store inside of Active Directory instead of an xml file. You can find instructions on how to do that here. Here's the interesting bit:
Working with Authorization Stores
Creating an Authorization Store
Open Authorization Manager, right-click Authorization Manager, click
Options, select Developer mode, and then click OK.
In the
Authorization Manager console, right-click Authorization Manager,
click New, and then click Authorization Store.
Select either Active
Directory or XML file as the store type.
Type a complete store name in
the Store name box, or use the Locations button to select a location
by using the New Authorization Store dialog box.
If it is an Active
Directory authorization store, use the LDAP name -- for example
CN=myStore,CN=Program Data,OU=Authorization,DN=myCompany,DN=com. If it
is an XML authorization store, use a path and file name that will be
valid at run time -- for example C:\AuthStores\MyStore.xml.
Type a
description of the new authorization store in the Description box, and
then click OK.
NOTE: Authorization stores can be created only in Developer mode. See
the "Setting the Authorization Manager Options" section of this
article for instructions about setting Developer mode.
Once you have the store created in Active Directory you can restrict who has write access to AD and the AzMan store. You can also create a store in SQL if you so desired.
Another option you have is to encrypt your connection strings to AzMan in your app.config. And since you're using Enterprise Library, I think you have the option of encrypting the entire AzMan xml file. None of it is completely bulletproof, but your users would have to go through a lot of trouble to hack your application. But if your users are willing to go through that much effort to break into your program, you don't have a programming issue - you have a personnel issue that needs to be addressed (my opinion, anyway).
This looks like a good walkthrough on encrypting app.config sections. Essentially, I think the idea is you create a new RSA key on your workstation and use that key to encrypt the app.config sections. Then import that key to a server and grant your users read access to that key. I'm sure there are plenty of other solutions for encryption if you Google it (or search here on stackoverflow).
Is there any certificate authority that allows for programmatic signing of windows mobile applications? At the moment my team uses Geotrust. Our build procedure looks like this:
Build app
"pre-sign" app with multi-step tool (
fill out form and upload "pre-signed" app on geotrust web site
download signed app
repeat
There must be a better way to do this.
Verisign provide a SOAP API that you can automate for M2M signing when using the "new" signing procedures.
The company I work for use Verisign using the old method and we build a application to automate the web forum filling out and uploading which worked ok. We are in the middle of re-writing to use the SOAP API instead under the new M2M signing rules.