I have a webpage that which need to access some user data on his windows PC.
Ex.Read Outlook Email , due to security restrictions browsers wont allow this.
What is the best way to achieve this ?
Write an ActiveX control ? [what about FF,Chrome]
I need this work with Firefox,IE,Chrome.
Thanks.
You can't do this - it would be a huge security/privacy issue if a browser could access information on the user's machine. The only way to get Outlook emails would be to tell the user to export their emails from Outlook and have them upload the exported emails to your website.
You will need to write a tool like Google Calendar Sync that your users would download and install.
They would have to input their website credentials or a token that you generate for them and your app would do whatever needs to be done on the local PC. You may also have a trust issue as well. Will your users trust running your app to read their emails? Depends on the situation I guess, but a totally browser based solution probably won't work if it needs to be cross-browser compliant.
Related
I'm building a Laravel website for the employees at the company I work at, but one of the requirements is that the users shouldn't have to fill in any credentials to log in, this means instant login when navigating to the website.
Right now I'm using an oauth package that lets them login with their Office365 email, they only have to use their email the first time they visit the website, but this isn't good enough to meet the requirements.
Does anyone know how to do this or a package I can use for this? Thank you in advance!
If you're in an exclusively windows enviroment, you can use the NTLM protocol with the help of this package: https://packagist.org/packages/jakub-klapka/laravel-windows-auth
But it comes with a few cavorts ...
Only works with Windows.
The site needs to be hosted using IIS on a windows server.
The server must be on the same domain as the user.
Works with Internet Explorer or Edge. Supposedly you can do this with Chrome and FF but I haven't ever had success.
I haven't tried with Office365 and Azure AD but theoretically it could work. But again, I believe this is only possible if you're a 100% Microsoft shop. Personally, I'd say SSO through O365 is a much better long-term strategy. Support for NTLM seams to be waning, especially as things move into the cloud and IE/Edge continues to looses market share.
Hope that helps!
I'm not sure if this is even possible. I need to be able to get the users windows username. We are all on an intranet, so I don't have to worry about cross platform issues.
Does Aurelia have windows authentication?
Aurelia runs completely in the browser, so it doesn't have any way to support windows auth (unless the browser supports it). But there's no reason you can't send the user's username via an API call.
We have created an app on Yammer which is currently private.
We want to make it available and accessible to networks outside us. Please suggest if there is a way to get it authenticated by outside network or do we have to go by the process of submitting the app to Yammer support for global access.
If that is the case, please help us know how much time does it require to get reviewed and approved as it is almost a week and we have not heard back from Yammer support.
You need to submit the app to Yammer's App Directory for approval. Depending on your app you may also be able to allow users to configure their own Client ID, but this is really only a usable approach for developers or system admins. End users wouldn't understand how to do that.
I have a google calendar that I have marked as shared. it stores all appointments for the day.
I have a webpage. from the webpage, the user enters a date and I use the google api (javascript) to pull back all info from my shared calendar for that date and present it to the user.
I also want the user to be able to make appointments during free times on any given day.
problem is, I must be signed in to my google account. if I am NOT signed in, I get a little popup asking for my userid/password.
how do I get rid of that? I had hoped that making the calendar shared and specifying the client ID and api key (assigned via Google's API Console) would have been enough.
I've run across this: http://cornempire.net/2012/01/08/part-2-oauth2-and-configuring-your-application-with-google/ which explains doing this via Oath and refresh tokens in PHP.
unfortunately, I'm doing this in javascript and MUST do it from the client side. is that possible?
I think you should look into using a service acccount for this.
http://code.google.com/p/google-api-php-client/wiki/OAuth2#Service_Accounts
By using a service account you wont have to worry about people loging in. They will have access to the calender for the service account.
Update: I have searched for examples of how to do this in Javascript and have been unable to find any. After considering this issue for a while now i have come to the conculsiton that even if you could use a service account via javascript for security reasons its probably not a good idea.
Unfortuantly this leaves me to beleave that the anwser to your question is No. You cant do this client sided. If you use normal OAuth2 its still going to prompt you for the autentication. You need to try and reconsider a server sidded option. PHP for example
We are developing multiple apps for our client which all can be used using same credentials(credentials of there company portal).
So we want to implement something like single sign on, such that user need not to login each app.
I have already gone through these links
http://msdn.microsoft.com/en-us/library/live/hh826544.aspx
http://stackoverflow.com/questions/5598411/single-sign-on-choices-to-use-with-windows-phone-7
Here is what i need exactly:
step 1.) When user login to one app(say App1), the portal will return a token, ineed to store this token somewhere, such that only authorized apps can access this.
Step 2.) when any other app(of same group) launches it will check on the location for the token and if token exists, it will not demand for credentials.
Step.3) When user logs out from any app, it will remove the token from shared location.
We have already implemented this in IOS using keychain(possibly wrong term as i am not ios developer).This keychain provides a common space for the apps signed with same certificate.
As per my knowledge uptill windows phone 7.5 there is no possibility. Does windows Phone 8 has something for this.
If not i am open to any kind of suggestions to serve the purpose.
P.S. : Security is our major concern, So when you suggest please let us know you think there could be any security concers though hack or phone loss.
Thanks a lot..
I hope to be corrected but this won't work. Apps are isolated and can't share things like data packets and such.
i am not a windows app guy.
but a trick can work.
caution:
following can raise security concerns if API token expiration time limit is not properly considered.
use firesharp / any XMPP service (suitable for windows client) to send api tokens to other devices like notification message.
handle the notification in such a way that token is not displayed.
and also remember, there is no such think as log out in API authorization.
you will have to restrict access with token expiration time limit.