Page 3 of 4 FirstFirst 1234 LastLast
Results 21 to 30 of 34

Thread: Extending authentication

  1. #21
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    19

    Default

    Quote Originally Posted by msca
    for example accept pre-auth from only 1 ip address, and deny access from anywhere else?
    Isn't that what firewalls are for?
    Looking for new beta users -> Co-Founder of Acompli. Previously worked at Zimbra (and Yahoo! & VMware) since 2005.

  2. #22
    Join Date
    Aug 2005
    Posts
    228
    Rep Power
    10

    Default

    yeah, you really have to protect the pre-auth key, not much way around it. We could look at adding a config option such that the pre-auth is only allowed from a set set of IPs, but if someone can break into the machine holding the pre-auth key, you probably have bigger things to worry about

  3. #23
    Join Date
    Feb 2006
    Location
    Hungary, Budapest
    Posts
    14
    Rep Power
    9

    Smile ooppps

    hoops you are right

    But the preauth process is using the same port as users do...?
    I cant block that.

    I think iam a bit in shadow, may you plese describe what do you think?

  4. #24
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    19

    Default

    You said block IP's. It's trivial in most firewalls to block an IP address. I think Roland's point is the best. Don't give access to your pre-auth key.
    Looking for new beta users -> Co-Founder of Acompli. Previously worked at Zimbra (and Yahoo! & VMware) since 2005.

  5. #25
    Join Date
    Feb 2007
    Posts
    4
    Rep Power
    8

    Default Adding gzip=off and skin=sky

    This works perfect for me!! thanks! however

    I would like to pass some extra parameters to the login page like skin and turn gzip off for explorer. Is there any workarround?

    thanks

    martin

  6. #26
    Join Date
    Jan 2007
    Posts
    8
    Rep Power
    8

    Default

    hey guys,

    I may be missing the point a little but the preauth shows that you can use SOAP as well as the URL interface but I can't quite see why you need the preauth mechanism if you have access to the SOAP AuthRequest which would return a valid AUTH token as the original scenario was that of a user who would already have logged in with the correct username/password.
    --
    Colin Robinson
    www.in-tuition.net

  7. #27
    Join Date
    May 2007
    Posts
    2
    Rep Power
    8

    Default TimeStamp Issue

    Close but not quite there...

    I'm trying to employ the single sign on method described in the preauth.txt sample, but I need to do it using .Net. I've managed to create the parameter string, but I'm getting errors re: the time stamp being too old.


    How do you calculate the timestamp in millisecond? Sounds like others have just copied and pasted the java code into their applications and its worked. But how is that? Their current timestamp would be different, right? From the example, it looks like the timestamp is hardcoded to 1135280708088, but how is that possible. Maybe I don't understand the concept of the timestamp.

    I'm calculating is as follows:

    timestamp = DateTime.Now.Hour * 60 * 60 * 1000 + DateTime.Now.Minute * 60 * 1000 + DateTime.Now.Second * 1000 + DateTime.Now.Millisecond

    I must be missing something. Help!!!

  8. #28
    Join Date
    Aug 2005
    Posts
    228
    Rep Power
    10

    Default

    Time stamp is the current time in msecs:

    System.currentTimeMillis()

    It is used to prevent an old preauth request (older then 5 minutes, IIRC) from being re-used.
    Bugzilla - Wiki - Downloads - Before posting... Search!

  9. #29
    Join Date
    May 2007
    Posts
    2
    Rep Power
    8

    Default TimeStamp in msecs using VB.net

    Quote Originally Posted by schemers View Post
    Time stamp is the current time in msecs:

    System.currentTimeMillis()

    It is used to prevent an old preauth request (older then 5 minutes, IIRC) from being re-used.
    Sorry, I wasn't very clear. I'm trying to this in VB.net, not Java.net. I've also tried the whole datetime.now.ticks but that appears to give me the number of msecs since 01/01/01.

    Any additional help would be greatly apprecaited as I continue to spin my wheels on this.

    Thanks!

  10. #30
    Join Date
    Aug 2005
    Posts
    228
    Rep Power
    10

    Default

    Not familiar with VB.net, but in Java it is defined as:

    the difference, measured in milliseconds, between the current time and midnight, January 1, 1970 UTC.
    I did a quick search for "utc 1970 vb.net" and found a number of hits. It sounds like .ticks in .NET is defined as:

    In .NET, DateTime.Ticks is the 100-nanosecond intervals that have
    elapsed since 12:00 A.M., January 1, 0001
    So one suggestion was to construct a date object for January 1, 1970, then subtract it from now. This is a C# snippet:

    Al Pascual : Code Snip Collection "c# datetime utc date to javascript millisecond representation "

    Code:
    public double MilliTimeStamp(DateTime TheDate)
            {
                DateTime d1 = new DateTime(1970, 1, 1);
                DateTime d2 = TheDate.ToUniversalTime();
                TimeSpan ts = new TimeSpan(d2.Ticks - d1.Ticks);
    
                return ts.TotalMilliseconds;
            }
    Bugzilla - Wiki - Downloads - Before posting... Search!

Similar Threads

  1. Does Zimbra support IMAP Secure Authentication?
    By zzzzsg in forum Administrators
    Replies: 6
    Last Post: 11-06-2009, 07:19 PM
  2. External Authentication with Active Directory via LDAPS
    By merrill in forum Administrators
    Replies: 1
    Last Post: 10-21-2007, 02:13 PM
  3. External LDAP Authentication Issue
    By xtreme-one in forum Installation
    Replies: 10
    Last Post: 02-16-2007, 07:52 PM
  4. Authentication to external ldap stop working.
    By jahaj in forum Installation
    Replies: 3
    Last Post: 12-05-2006, 03:17 PM
  5. ldap external authentication
    By tdi in forum Administrators
    Replies: 2
    Last Post: 10-21-2006, 05:53 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •