I am trying to handle pop-ups like accept or cancel. Which tag can be used in pace automation framework to handle pop-ups?
<alert> can be used to in case of any pop-up on the web application which requires action by the user like accept/cancel or input from user to proceed, authenticate using username/password to proceed etc.
Related
I use spring-authoriation-server 0.2
I need to implement a login workflow which is based on a user-interaction on his mobile phone.
Which means instead of username/password custom page, I need to generate some information, and show as QR code. Then a user scans it, and can login.
Now, I have some problems to find the right place in the authorization server where I can integrate own workflow into the login page. I need to wait for the user, and then create the authorization code for the client. So any hints?
We have developed a web program for one of our customers, where we use the company’s AD to validate the user. We use function AdsOpenObject('WinNT://... and this work fine, whoever one fail use of wrong password, and the user is disabled, and need to be reactivated. The AD is set up to use 5 fail login before disabling, and their mail system is working accordingly.
Any ide where to look for or any idea of using another method to validate a user against an AD. We use Delphi but other solution is welcome.
We have a desktop application that is used to upload content to a web application, both use Okta for authentication. Before uploading, the desktop application authenticates the user via Okta using an embedded browser control. Later in the workflow we want to open the user's default browser so he/she can start using the web application directly. At the moment the user will need to login a second time when their default browser opens.
We planned to implement a mechanism to generate a one-time key (transferable session token) that can be passed as a URL parameter when the browser is opened. For our application's own token we can achieve this but we also need to transfer the Okta session (cookie) and we have not found a way to transfer this from the desktop browser control to the standalone browser.
What options are available to achieve this?
Edit: it is acceptable if a new session is created for the standalone browser as long as the user identity stays the same and the user does not have to provide login details a second time.
Unfortunately, Okta does not have a way to transfer one active session to another as you describe.
However, if you have enough control over the organization's environment, you could simulate this behavior. For Okta organizations that use IWA to authenticate users, you would get this sort of feature "automatically" (provided that the user's default browser supports Active Directory). Another way could be to configure your web application as a "SAML IdP" and have it "transfer a session" to Okta using a SAML Response and Okta's Inbound SAML functionality.
I am building a WP7 Twitter client. The normal OAuth 1.0 flow involves obtaining a request token by navigating a web browser to https://api.twitter.com/1/oauth/authenticate with my app's consumer key; this page will show a login prompt and ask the user to authorize my app to perform actions on their behalf. Upon completion, this page will redirect to a callback URL supplied by my app, with the request token supplied as a parameter.
For web apps this makes sense. I don't understand how this is supposed to work for a standalone mobile/desktop app, though. The Twitter API documentation seems to imply that this should be a feasible option. They do offer an alternative xAuth mechanism that allows an app to gather username/password itself and then supply that directly to obtain an access token. The API documentation points out that this is an inferior option (as it requires the user to trust the app, not just Twitter, with their password), but I don't see how I have any reasonable alternative?
(there is also a PIN-based option, but that's a pretty burdensome solution for the user)
I just want to make sure I'm not missing anything obvious.
"For web apps this makes sense. I don't understand how this is
supposed to work for a standalone mobile/desktop app, though."
Just embed a web browser control in your app, and navigate to the twitter authentication page. Then detect the redirection to the callback url (using the Navigating event) and retrieve the parameter. Many twitter apps do that, it's basically the same as asking the user for the login and password, except that instead of your own controls you're displaying twitter's page.
Nope, you're correct. The option for a mobile/desktop application is either a pin-based option or to use xAuth. Once you have an xAuth application has an access token it is indistinguishable from OAuth (it only changes the authorisation workflow). One thing it does change, and this is very specific to Twitter, is that if you do use xAuth then your application will not be allowed to read or write Direct Messages. See Twitter's The Application Permission Model page for more information.
The main problem is, how would you ensure people can login to the xmpp server securely without having to login again from the web app login page?
I assume that you want to send a <presence/> stanza indicating that the user is available. In that case, you need to instantiate a new session, either by logging in manually, or other means.
If you want to automatically login a user and start up the application, try using localStorage, then triggering login so that it seems like the user did not login.
If you wanted to send a <presence><show>chat</show></presence> or something akin to that, you might be able to get away with using a preexisting BOSH connection. The problem with that is you won't presence from JIDs in the roster because no probes were sent out.
I recommend the first solution. The second is there more for informational purposes than anything else. And if push comes to shove, go to http://xmpp.org. Look through BOSH XEP (if you are using it), RFC 3920 (XMPP Core) and RFC 3921 (XMPP IM).