Annexe - OAuth Introduction. Xavier de Rochefort xderoche@labri.fr - labri.fr/~xderoche 15 mai 2014
|
|
- Julian Ward
- 7 years ago
- Views:
Transcription
1 1 Introduction Annexe - OAuth 2.0. Xavier de Rochefort xderoche@labri.fr - labri.fr/~xderoche 15 mai 2014 Alternativement à Flickr, notre serveur pourrait proposer aux utilisateurs l utilisation de leur compte Picasa. Contrairement à Flickr, le service Picasa, comme tous les autres services de Google, utilise la version 2 du protocole OAuth, simplifiant le processus de récupération d un token en déléguant les aspects de sécurité au protocole SSL sur lequel il s appuit. En particulier, il supprime l utilisation le jeton intermédiaire (request token). L utilisateur est directement dirigé vers l interface Google (Figure 1, ➊). Il ne s agit plus d une validation de token intermédiaire, mais d accorder à l application demandeuse le droit de demander un token d accès à l aide d un code de vérification généré après la validation utilisateur. WSRestService GET /auth Envoi URL ou redirection vers... client_id redirect_uri scope: picasaweb.google.com/data/ 1 GET 2 Redirection navigateur utilisateur vers... GET code 3 POST api_key, api_secret code callback token token secret refresh token expires in... Figure 1 Google OAuth Récupération d un token 1
2 2 Adaptation TP7 Afin de pouvoir effectuer des requêtes OAuth 1.0 vers Flickr et 2.0 vers Picasa, nous allons utiliser l API cliente et les modules OAuth 1 et 2 intégrés dans Jersey 2.x. La classe implémentant la récupération d un token d accès OAuth 1.0 de Jersey ayant été conçue pour effectuer la demande de token d accès en utilisant la méthode HTTP POST, elle est incompatible avec l API de Flickr attendant une requête GET. Pour remédier au problème, nous allons utiliser la bibliothèque oauth-signpost pour la phase récupération d un token d accès Flickr. Q2.1 Remplacer les dépendances du TP7 comme suit. <!-- ** Jersey 2.x ** --> <!-- jersey core Servlet 3.x implementation --> <groupid>org.glassfish.jersey.containers</groupid> <artifactid>jersey-container-servlet</artifactid> <groupid>org.glassfish.jersey.core</groupid> <artifactid>jersey-client</artifactid> <groupid>org.glassfish.jersey.security</groupid> <artifactid>oauth1-client</artifactid> <groupid>org.glassfish.jersey.security</groupid> <artifactid>oauth1-signature</artifactid> <groupid>org.glassfish.jersey.media</groupid> <artifactid>jersey-media-json-jackson</artifactid> <groupid>org.glassfish.jersey.media</groupid> <artifactid>jersey-media-multipart</artifactid> <!-- used for OAuth 1.0a handshake --> <groupid>oauth.signpost</groupid> <artifactid>signpost-core</artifactid> <version>1.2</version> <scope>compile</scope> </dependencies> 2
3 Q2.2 Modifier la classe OAuth1Token comme suit. import oauth.signpost.basic.defaultoauthconsumer; import oauth.signpost.basic.defaultoauthprovider; import oauth.signpost.exception.oauthcommunicationexception; import oauth.signpost.exception.oauthexpectationfailedexception; import oauth.signpost.exception.oauthmessagesignerexception; import oauth.signpost.exception.oauthnotauthorizedexception; public class OAuth1Token { private String token; private String secret; private DefaultOAuthConsumer consumer; private DefaultOAuthProvider provider; private String authuri; public OAuth1Token(String appkey, String appsecret, String urlreqtoken, String urlaccesstoken, String urlauthorize, String callbackurl) { consumer = new DefaultOAuthConsumer(appKey, appsecret); provider = new DefaultOAuthProvider(urlReqToken, urlaccesstoken, urlauthorize); try { authuri = provider.retrieverequesttoken(consumer, callbackurl); catch (OAuthMessageSignerException OAuthNotAuthorizedException OAuthExpectationFailedException OAuthCommunicationException e) { e.printstacktrace(); public OAuth1Token(String token, String secret) { this.token = token; this.secret = secret; public OAuth1Token exchangeforaccesstoken(string verifier) { try { provider.retrieveaccesstoken(consumer, verifier); catch (OAuthMessageSignerException OAuthNotAuthorizedException OAuthExpectationFailedException OAuthCommunicationException e) { e.printstacktrace(); return null; return new OAuth1Token(consumer.getToken(), consumer.gettokensecret()); public String gettoken() { return token; public String getsecret() { return secret; public String getvalidateurl() { return authuri; 3
4 Q2.3 Modifier le code de la classe FlickrConsumer par le code suivant. public class FlickrConsumer { final static String ROOT = " final static String ROOT_METHOD = ROOT + "rest/"; final static String RES_REQUEST_TOKEN = ROOT + "oauth/request_token"; final static String RES_ACCESS_TOKEN = ROOT + "oauth/access_token"; final static String RES_AUTHORIZE = ROOT + "oauth/authorize"; final static String RES_UPLOAD = ROOT + "upload/"; private String appkey; private String appsecret; public FlickrConsumer(String appkey, String appsecret) { this.appkey = appkey; this.appsecret = appsecret; public FlickrError geterror() { Client client = ClientBuilder.newClient(); WebTarget service = client.target(root_method); FlickrRsp resp = service.request().get(flickrrsp.class); JAXBElement<?> element = (JAXBElement<?>) resp.getany(); return (FlickrError) element.getvalue(); public FlickrPhotos search(string keywords) { Client client = ClientBuilder.newClient(); WebTarget service = client.target(root_method).queryparam("method", "flickr.photos.search").queryparam("api_key", appkey).queryparam("text", keywords); FlickrRsp resp = service.request().get(flickrrsp.class); if (resp.getstat() == "fail") { // TODO JAXBElement<?> element = (JAXBElement<?>) resp.getany(); return (FlickrPhotos) element.getvalue(); public OAuth1Token getrequesttoken(string callbackurl) { return new OAuth1Token(appKey, appsecret, RES_REQUEST_TOKEN, RES_ACCESS_TOKEN, RES_AUTHORIZE, callbackurl); public OAuth1Token getaccesstoken(oauth1token reqtoken, String verifier) { if (reqtoken == null) return null; return reqtoken.exchangeforaccesstoken(verifier); public String upload(oauth1token accesstoken, InputStream photo, String title) { ConsumerCredentials credentials = new ConsumerCredentials(appKey, appsecret); AccessToken storedtoken = new AccessToken(accessToken.getToken(), accesstoken.getsecret()); 4
5 Feature oauthfeature = OAuth1ClientSupport.builder(credentials).feature().accessToken(storedToken).build(); Client client = ClientBuilder.newBuilder().register(oauthFeature).register(MultiPartFeature.class).build(); WebTarget service = client.target(res_upload); FormDataMultiPart body = new FormDataMultiPart(); body.field("title", title); body.bodypart(new StreamDataBodyPart("photo", photo)); Response resp = service.queryparam("title", title).request().post(entity.entity(body, body.getmediatype())); FlickrRsp rsp = resp.readentity(flickrrsp.class); JAXBElement<?> element = (JAXBElement<?>) rsp.getany(); return (String) element.getvalue(); Q2.4 Le mapping d exception utilise la classe WebApplicationException dans Jersey 2.x. Modifier la classe AlbumNotFoundException comme suit. import javax.ws.rs.webapplicationexception; import javax.ws.rs.core.response; import javax.ws.rs.core.response.status; public class AlbumNotFoundException extends WebApplicationException { private static final long serialversionuid = 1L; public AlbumNotFoundException() { super(status.bad_request); public AlbumNotFoundException(String msg) { super(response.status(status.bad_request). entity(msg).type("text/plain").build()); Q2.5 Déplacer et adapter les tests du TP7 de la classe AppOauth1Test dans la classe FlickrConsumerTest pour en faire des tests unitaires. public class FlickrComsumerTest { private final static String TEST_TOKEN = ""; // TODO private final static String TEST_SECRET = ""; public void testerror() { FlickrError error = new FlickrConsumer(AppParam.APPKEY, AppParam.APPSECRET).getError(); System.out.println("Error "+ error.code + " " + error.msg); public void testupload() { InputStream is = null; try { 5
6 is = new URL(" openstream(); catch (MalformedURLException e) { e.printstacktrace(); return; catch (IOException e) { e.printstacktrace(); return; OAuth1Token accesstoken = new OAuth1Token(TEST_TOKEN, TEST_SECRET); String id = new FlickrConsumer(AppParam.APPKEY, AppParam.APPSECRET).upload(accessToken, is, "The Black Album!"); of access token implies user manipulation. Not suited for automated tests.") public void testgetaccesstoken() { FlickrConsumer consumer = new FlickrConsumer(AppParam.APPKEY, AppParam.APPSECRET); OAuth1Token reqtoken = consumer.getrequesttoken("oob"); InputStreamReader isr = new InputStreamReader(System.in); BufferedReader br = new BufferedReader(isr); System.out.println("Valider le token : " + reqtoken.getvalidateurl()); System.out.println("Entrer code de verification : "); String verifier = null; try { verifier = br.readline(); br.close(); isr.close(); catch (IOException ex) { throw new RuntimeException(ex); OAuth1Token accesstoken = consumer.getaccesstoken(reqtoken, verifier); System.out.println("Token: " + accesstoken.gettoken() + " Secret: " + accesstoken.getsecret()); public void testsearch() { FlickrPhotos photos = new FlickrConsumer(AppParam.APPKEY, AppParam.APPSECRET).search("pink floyd cover the wall"); if (photos.photo == null) System.err.println("0 result"); for (FlickrPhoto p : photos.photo) System.out.println(UriBuilder.fromPath(" p.id, p.secret).tostring()); 6
7 Dans Eclipse, vous pouvez lancer les tests en faisant un click droit sur le nom de la méthode Run as JUnit Test. La commande maven correspondante est mvn -Dtest=org.rest.service.entities.AlbumResourceTest#[nomMethode test]. 3 Client ID Google Q3.1 Utiliser un compte Google existant, activer votre compte Picasa. Ajouter un album et une photo. ou utiliser la console développeur 1 pour créer un projet. Q3.2 Créer un client id pour une application non web. Menu APIs & auth / Credentials. Create new client id. Installed Application. Q3.3 Creér un client id pour une application web. Menu APIs & auth / Credentials. Create new client id. Web Application. Indiquer l URI de callback que vous souhaitez utiliser. ex. Q3.4 Créer le package org.rest.picasa et y ajouter la classe AppParam contenant les 2 clients id et les secrets associés. package org.rest.picasa; public class AppParam { public final static String APPKEY = ""; // TODO add client id + secret for the installed app public final static String APPSECRET = ""; public static String WEBAPPKEY = ""; // TODO add client id + secret for the webapp public static String WEBAPPSECRET = ""; 4 Google OAuth 2.0 Q4.1 Ajouter la dépendance vers le module oauth2-client de Jersey 2.x. <groupid>org.glassfish.jersey.security</groupid> <artifactid>oauth2-client</artifactid> Q4.2 Dans le package org.rest.picasa, ajouter la classe OAuth2Token encapsulant l utilisation de la classe OAuth2CodeGrantFlow du client OAuth2 de Jersey et stocker les informations d un token d accès Google (token, refresh token, expiration, type)
8 package org.rest.picasa; import javax.ws.rs.client.client; import org.glassfish.jersey.client.oauth2.clientidentifier; import org.glassfish.jersey.client.oauth2.oauth2clientsupport; import org.glassfish.jersey.client.oauth2.oauth2codegrantflow; import org.glassfish.jersey.client.oauth2.oauth2codegrantflow.builder; import org.glassfish.jersey.client.oauth2.oauth2flowgooglebuilder; import org.glassfish.jersey.client.oauth2.tokenresult; public class OAuth2Token { private OAuth2CodeGrantFlow flow; private String authuri; private String token; private String refreshtoken; private String type; private int expirationdelay; public OAuth2Token(String token) { this.token = token; public OAuth2Token(ClientIdentifier clientid, String callbackuri, String scope) { Builder<OAuth2FlowGoogleBuilder> builder = OAuth2ClientSupport.googleFlowBuilder(clientId, callbackuri, scope); flow = builder.property(oauth2codegrantflow.phase.authorization, "readonly", "true").property(oauth2codegrantflow.phase.authorization, "redirect_uri", callbackuri).property(oauth2codegrantflow.phase.authorization, "state", "").scope(scope).build(); authuri = flow.start(); public OAuth2CodeGrantFlow getflow() { return flow; public String getvalidateuri() { return authuri; public void doaccesstokenrequest(string code) { TokenResult result = flow.finish(code, ""); // we do not provide state this.token = result.getaccesstoken(); this.refreshtoken = (String) result.getallproperties().get("refresh_token"); this.expirationdelay = (int) result.getallproperties().get("expires_in"); this.type = (String) result.getallproperties().get("token_type"); public String gettoken() { return token; 8
9 public String gettokentype() { return type; public int getexpiration() { return expirationdelay; public String getrefreshtoken() { return refreshtoken; public Client getoauth2client() { return flow.getauthorizedclient(); 9
10 Q4.3 Dans le même package, ajouter la classe PicasaConsumer utilisant OAuth2Token et contenant 2 méthodes permettant ➊ de créer un OAuth2Token ➋ de l initialiser. package org.rest.picasa; import org.glassfish.jersey.client.oauth2.clientidentifier; public class PicasaConsumer { public static String OOB = "urn:ietf:wg:oauth:2.0:oob"; public static String PICASA_SCOPE = " private String api_key; private String secret; public PicasaConsumer(String api_key, String secret) { this.api_key = api_key; this.secret = secret; public OAuth2Token buildtoken(string callbackuri) { ClientIdentifier clientid = new ClientIdentifier(api_key, secret); return new OAuth2Token(clientId, callbackuri, PICASA_SCOPE); public void inittoken(oauth2token token, String code) { token.doaccesstokenrequest(code); Q4.4 Créer le package org.rest.picasa dans le dossier src/test et y ajouter que la classe PicasaConsumerTest contenant un test de récupération d un token Google. public void testgetaccesstoken() { PicasaConsumer consumer = new PicasaConsumer(AppParam.APPKEY, AppParam.APPSECRET); OAuth2Token token = consumer.buildtoken(picasaconsumer.oob); InputStreamReader isr = new InputStreamReader(System.in); BufferedReader br = new BufferedReader(isr); System.out.println(token.getValidateURI()); System.out.println("Entrer code de verification : "); String verifier = null; try { verifier = br.readline(); br.close(); isr.close(); catch (IOException ex) { throw new RuntimeException(ex); consumer.inittoken(token, verifier); System.out.println("Token: " + token.gettoken() + " Refresh token: " + token. getrefreshtoken() + " Expires in: " + token.getexpiration() + " Type: " + token. gettokentype()); 10
11 Q4.5 Lancer le test unitaire et procéder à la récupération d un token. Stocker le token récupéré dans une final static String TEST TOKEN dans la classe de test. Q4.6 Ajouter l annotation ignore au test pour éviter le exécution systématique par of access token implies user manip. Not suited for automated tests.") public void testgetaccesstoken() {... Q4.7 Récupérer votre id utilisateur Picasa et stocker le dans une final static String USERID dans la classe de test. Cliquer sur un de vos albums. Votre id est la suite d entier précédent le nom de l album dans l URL. ex. https ://picasaweb.google.com/ /testalbum Q4.8 À la classe PicasaConsumer, ajouter une méthode récupérant la réponse brute d une requête de demande de liste des albums utilisateur Picasa. public Response getalbums(oauth2token token, String userid) { Feature filterfeature = OAuth2ClientSupport.feature(token.getToken()); Client client = ClientBuilder.newBuilder().register(filterFeature).build(); WebTarget service = client.target(" + userid); return service.request().get(); Q4.9 Ajouter une fonction de test basique à la classe PicasaComsumerTest. public void testlistalbum() { OAuth2Token token = new OAuth2Token(TEST_TOKEN); Response resp = new PicasaConsumer(AppParam.APPKEY, AppParam.APPSECRET).getAlbums(token, USERID); System.out.println(resp.readEntity(String.class)); 11
POB-JAVA Documentation
POB-JAVA Documentation 1 INTRODUCTION... 4 2 INSTALLING POB-JAVA... 5 Installation of the GNUARM compiler... 5 Installing the Java Development Kit... 7 Installing of POB-Java... 8 3 CONFIGURATION... 9
More informationSocial Application Guide
Social Application Guide Version 2.2.0 Mar 2015 This document is intent to use for our following Magento Extensions Or any other cases it might help. Copyright 2015 LitExtension.com. All Rights Reserved
More informationTP1 : Correction. Rappels : Stream, Thread et Socket TCP
Université Paris 7 M1 II Protocoles réseaux TP1 : Correction Rappels : Stream, Thread et Socket TCP Tous les programmes seront écrits en Java. 1. (a) Ecrire une application qui lit des chaines au clavier
More informationCloud Elements ecommerce Hub Provisioning Guide API Version 2.0 BETA
Cloud Elements ecommerce Hub Provisioning Guide API Version 2.0 BETA Page 1 Introduction The ecommerce Hub provides a uniform API to allow applications to use various endpoints such as Shopify. The following
More informationTP : Système de messagerie - Fichiers properties - PrepareStatement
TP : Système de messagerie - Fichiers properties - PrepareStatement exelib.net Une société souhaite mettre en place un système de messagerie entre ses employés. Les travaux de l équipe chargée de l analyse
More informationFairsail REST API: Guide for Developers
Fairsail REST API: Guide for Developers Version 1.02 FS-API-REST-PG-201509--R001.02 Fairsail 2015. All rights reserved. This document contains information proprietary to Fairsail and may not be reproduced,
More informationTP JSP : déployer chaque TP sous forme d'archive war
TP JSP : déployer chaque TP sous forme d'archive war TP1: fichier essai.jsp Bonjour Le Monde JSP Exemple Bonjour Le Monde. Après déploiement regarder dans le répertoire work de l'application
More informationSETTING UP YOUR JAVA DEVELOPER ENVIRONMENT
SETTING UP YOUR JAVA DEVELOPER ENVIRONMENT Summary This tipsheet describes how to set up your local developer environment for integrating with Salesforce. This tipsheet describes how to set up your local
More informationUsing ArcGIS with OAuth 2.0. Aaron Parecki @aaronpk CTO, Esri R&D Center Portland
Using ArcGIS with OAuth 2.0 Aaron Parecki @aaronpk CTO, Esri R&D Center Portland Before OAuth Apps stored the user s password Apps got complete access to a user s account Users couldn t revoke access to
More informationPersonnalisez votre intérieur avec les revêtements imprimés ALYOS design
Plafond tendu à froid ALYOS technology ALYOS technology vous propose un ensemble de solutions techniques pour vos intérieurs. Spécialiste dans le domaine du plafond tendu, nous avons conçu et développé
More informationNuméro de projet CISPR 16-1-4 Amd 2 Ed. 3.0. IEC/TC or SC: CISPR/A CEI/CE ou SC: Date of circulation Date de diffusion 2015-10-30
PRIVATE CIRCULATION GEL/210/11_15_0275 For comment/vote - Action Due Date: 2016/01/08 Submitted for parallel voting in CENELEC Soumis au vote parallèle au CENELEC Also of interest to the following committees
More informationConfiguration Guide. SafeNet Authentication Service. SAS Agent for AD FS
SafeNet Authentication Service Configuration Guide SAS Agent for AD FS Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1
More informationOAuth 2.0 Developers Guide. Ping Identity, Inc. 1001 17th Street, Suite 100, Denver, CO 80202 303.468.2900
OAuth 2.0 Developers Guide Ping Identity, Inc. 1001 17th Street, Suite 100, Denver, CO 80202 303.468.2900 Table of Contents Contents TABLE OF CONTENTS... 2 ABOUT THIS DOCUMENT... 3 GETTING STARTED... 4
More informationLangages Orientés Objet Java
Langages Orientés Objet Java Exceptions Arnaud LANOIX Université Nancy 2 24 octobre 2006 Arnaud LANOIX (Université Nancy 2) Langages Orientés Objet Java 24 octobre 2006 1 / 32 Exemple public class Example
More informationOAuth 2.0. Weina Ma Weina.Ma@uoit.ca
OAuth 2.0 Weina Ma Weina.Ma@uoit.ca Agenda OAuth overview Simple example OAuth protocol workflow Server-side web application flow Client-side web application flow What s the problem As the web grows, more
More informationRemote Method Invocation
1 / 22 Remote Method Invocation Jean-Michel Richer jean-michel.richer@univ-angers.fr http://www.info.univ-angers.fr/pub/richer M2 Informatique 2010-2011 2 / 22 Plan Plan 1 Introduction 2 RMI en détails
More information"Internationalization vs. Localization: The Translation of Videogame Advertising"
Article "Internationalization vs. Localization: The Translation of Videogame Advertising" Raquel de Pedro Ricoy Meta : journal des traducteurs / Meta: Translators' Journal, vol. 52, n 2, 2007, p. 260-275.
More informationEHR OAuth 2.0 Security
Hospital Health Information System EU HIS Contract No. IPA/2012/283-805 EHR OAuth 2.0 Security Final version July 2015 Visibility: Restricted Target Audience: EHR System Architects EHR Developers EPR Systems
More informationBrazil + JDBC Juin 2001, douin@cnam.fr http://jfod.cnam.fr/tp_cdi/douin/
Brazil + JDBC Juin 2001, douin@cnam.fr http://jfod.cnam.fr/tp_cdi/douin/ version du 26 Mai 2003 : JDBC-SQL et Brazil pré-requis : lecture de Tutorial JDBC de Sun Bibliographie Brazil [Bra00]www.sun.com/research/brazil
More informationTP : Configuration de routeurs CISCO
TP : Configuration de routeurs CISCO Sovanna Tan Novembre 2010 révision décembre 2012 1/19 Sovanna Tan TP : Routeurs CISCO Plan 1 Présentation du routeur Cisco 1841 2 Le système d exploitation /19 Sovanna
More informationConfiguration Guide - OneDesk to SalesForce Connector
Configuration Guide - OneDesk to SalesForce Connector Introduction The OneDesk to SalesForce Connector allows users to capture customer feedback and issues in OneDesk without leaving their familiar SalesForce
More informationNote concernant votre accord de souscription au service «Trusted Certificate Service» (TCS)
Note concernant votre accord de souscription au service «Trusted Certificate Service» (TCS) Veuillez vérifier les éléments suivants avant de nous soumettre votre accord : 1. Vous avez bien lu et paraphé
More informationRepris de : https://thomas-leister.de/internet/sharelatex-online-latex-editor-auf-ubuntu-12-04-serverinstallieren/ Version Debian (de base)
Repris de : https://thomas-leister.de/internet/sharelatex-online-latex-editor-auf-ubuntu-12-04-serverinstallieren/ Version Debian (de base) Démarre un shell root $ sudo -s Installation des paquets de base
More informationTraitware Authentication Service Integration Document
Traitware Authentication Service Integration Document February 2015 V1.1 Secure and simplify your digital life. Integrating Traitware Authentication This document covers the steps to integrate Traitware
More informationAxway API Gateway. Version 7.4.1
O A U T H U S E R G U I D E Axway API Gateway Version 7.4.1 3 February 2016 Copyright 2016 Axway All rights reserved. This documentation describes the following Axway software: Axway API Gateway 7.4.1
More informationTP N 10 : Gestion des fichiers Langage JAVA
TP N 10 : Gestion des fichiers Langage JAVA Rappel : Exemple d utilisation de FileReader/FileWriter import java.io.*; public class Copy public static void main(string[] args) throws IOException File inputfile
More informationContents. 2 Alfresco API Version 1.0
The Alfresco API Contents The Alfresco API... 3 How does an application do work on behalf of a user?... 4 Registering your application... 4 Authorization... 4 Refreshing an access token...7 Alfresco CMIS
More informationLicence Informatique Année 2005-2006. Exceptions
Université Paris 7 Java Licence Informatique Année 2005-2006 TD n 8 - Correction Exceptions Exercice 1 La méthode parseint est spécifiée ainsi : public static int parseint(string s) throws NumberFormatException
More informationHow To Use Kiteworks On A Microsoft Webmail Account On A Pc Or Macbook Or Ipad (For A Webmail Password) On A Webcomposer (For An Ipad) On An Ipa Or Ipa (For
GETTING STARTED WITH KITEWORKS DEVELOPER GUIDE Version 1.0 Version 1.0 Copyright 2014 Accellion, Inc. All rights reserved. These products, documents, and materials are protected by copyright law and distributed
More informationSophos Mobile Control Network Access Control interface guide
Sophos Mobile Control Network Access Control interface guide Product version: 3.5 Document date: July 2013 Contents 1 About Sophos Mobile Control... 3 2 About Network Access Control integration... 4 3
More informationSun Management Center Change Manager 1.0.1 Release Notes
Sun Management Center Change Manager 1.0.1 Release Notes Sun Microsystems, Inc. 4150 Network Circle Santa Clara, CA 95054 U.S.A. Part No: 817 0891 10 May 2003 Copyright 2003 Sun Microsystems, Inc. 4150
More informationOracle Fusion Middleware Oracle API Gateway OAuth User Guide 11g Release 2 (11.1.2.4.0)
Oracle Fusion Middleware Oracle API Gateway OAuth User Guide 11g Release 2 (11.1.2.4.0) July 2015 Oracle API Gateway OAuth User Guide, 11g Release 2 (11.1.2.4.0) Copyright 1999, 2015, Oracle and/or its
More informationIntroduction Les failles les plus courantes Les injections SQL. Failles Web. Maxime Arthaud. net7. Jeudi 03 avril 2014.
Maxime Arthaud net7 Jeudi 03 avril 2014 Syllabus Introduction Exemple de Requête Transmission de données 1 Introduction Exemple de Requête Transmission de données 2 3 Exemple de Requête Transmission de
More informationFINAL DRAFT INTERNATIONAL STANDARD
PROJECT IEC 61975 Edition 1.0 2010-05 FINAL DRAFT INTERNATIONAL STANDARD High-voltage direct current (HVDC) installations System tests INTERNATIONAL ELECTROTECHNICAL COMMISSION ICS 29.130.01; 31.080.01
More informationACR Connect Authentication Service Developers Guide
ACR Connect Authentication Service Developers Guide Revision History Date Revised by Version Description 29/01/2015 Sergei Rusinov 1.0 Authentication using NRDR account Background The document describes
More informationI) Add support for OAuth in CAS server
Table of contents I)Add support for OAuth in CAS server...2 II)How to add OAuth client support in CAS server?...3 A)Add dependency...3 B)Add the identity providers needed...3 C)Add the OAuth action in
More informationUSER Guide. ECONOMIX Solution. New Module - Purchases online. Purchases Online. User Guide. 2009 ECONOMIX SYSTÈME INC. Tous droits réservés.
USER Guide New Module - Purchases online ECONOMIX Solution 1 Module PURCHASES ONLINE Module Introduction Economix introduces a new feature called. This feature has been developed to facilitate the ordering
More informationLife Sciences. Volume 5 August 2008. Issue date: August 7, 2008
Life Sciences Volume 5 August 2008 Issue date: August 7, 2008 Info Update is published by the Canadian Standards Association (CSA) eight times a year. It contains important information about new and existing
More informationWeb 2.0 Lecture 9: OAuth and OpenID
Web 2.0 Lecture 9: OAuth and OpenID doc. Ing. Tomáš Vitvar, Ph.D. tomas@vitvar.com @TomasVitvar http://www.vitvar.com Leopold-Franzens Universität Innsbruck and Czech Technical University in Prague Faculty
More informationAndroid and Cloud Computing
Android and Cloud Computing 1 Schedule Reminders on Android and Cloud GCM presentation GCM notions Build a GCM project Write a GCM client (receiver) Write a GCM server (transmitter) 2 Android : reminders?
More informationCloud Elements! Marketing Hub Provisioning and Usage Guide!
Cloud Elements Marketing Hub Provisioning and Usage Guide API Version 2.0 Page 1 Introduction The Cloud Elements Marketing Hub is the first API that unifies marketing automation across the industry s leading
More informationAdeptia Suite 6.2. Application Services Guide. Release Date October 16, 2014
Adeptia Suite 6.2 Application Services Guide Release Date October 16, 2014 343 West Erie, Suite 440 Chicago, IL 60654, USA Phone: (312) 229-1727 x111 Fax: (312) 229-1736 Document Information DOCUMENT INFORMATION
More informationFINAL DRAFT INTERNATIONAL STANDARD
IEC 62047-15 Edition 1.0 2014-12 FINAL DRAFT INTERNATIONAL STANDARD colour inside Semiconductor devices Micro-electromechanical devices Part 15: Test method of bonding strength between PDMS and glass INTERNATIONAL
More informationAuthenticate and authorize API with Apigility. by Enrico Zimuel (@ezimuel) Software Engineer Apigility and ZF2 Team
Authenticate and authorize API with Apigility by Enrico Zimuel (@ezimuel) Software Engineer Apigility and ZF2 Team About me Enrico Zimuel (@ezimuel) Software Engineer since 1996 PHP Engineer at Zend Technologies
More informationOAuth2lib. http://tools.ietf.org/html/ietf-oauth-v2-10 implementation
OAuth2lib http://tools.ietf.org/html/ietf-oauth-v2-10 implementation 15 Julio 2010 OAuth2 - Assertion Profile Library! 3 Documentation! 4 OAuth2 Assertion Flow! 4 OAuth Client! 6 OAuth Client's Architecture:
More informationVeritas Storage Foundation 5.0 Software for SPARC
Veritas Storage Foundation 5.0 Software for SPARC Release Note Supplement Sun Microsystems, Inc. www.sun.com Part No. 819-7074-10 July 2006 Submit comments about this document at: http://www.sun.com/hwdocs/feedback
More informationGSAC CONSIGNE DE NAVIGABILITE définie par la DIRECTION GENERALE DE L AVIATION CIVILE Les examens ou modifications décrits ci-dessous sont impératifs. La non application des exigences contenues dans cette
More informationMashery OAuth 2.0 Implementation Guide
Mashery OAuth 2.0 Implementation Guide June 2012 Revised: 7/18/12 www.mashery.com Mashery, Inc. 717 Market Street, Suite 300 San Francisco, CA 94103 Contents C hapter 1. About this Guide...5 Introduction...
More information#07 Web Security CLIENT/SERVER COMPUTING AND WEB TECHNOLOGIES
1 Major security issues 2 #07 Web Security CLIENT/SERVER COMPUTING AND WEB TECHNOLOGIES Prevent unauthorized users from accessing sensitive data Authentication: identifying users to determine if they are
More informationLogin with Amazon. Developer Guide for Websites
Login with Amazon Developer Guide for Websites Copyright 2014 Amazon Services, LLC or its affiliates. All rights reserved. Amazon and the Amazon logo are trademarks of Amazon.com, Inc. or its affiliates.
More informationProgramming Autodesk PLM 360 Using REST. Doug Redmond Software Engineer, Autodesk
Programming Autodesk PLM 360 Using REST Doug Redmond Software Engineer, Autodesk Introduction This class will show you how to write your own client applications for PLM 360. This is not a class on scripting.
More informationAuthorization and Authentication
CHAPTER 2 Cisco WebEx Social API requests must come through an authorized API consumer or API client and be issued by an authenticated Cisco WebEx Social user. The Cisco WebEx Social API uses the Open
More informationIntroduction au BIM. ESEB 38170 Seyssinet-Pariset Economie de la construction email : contact@eseb.fr
Quel est l objectif? 1 La France n est pas le seul pays impliqué 2 Une démarche obligatoire 3 Une organisation plus efficace 4 Le contexte 5 Risque d erreur INTERVENANTS : - Architecte - Économiste - Contrôleur
More informationBuilding Secure Applications. James Tedrick
Building Secure Applications James Tedrick What We re Covering Today: Accessing ArcGIS Resources ArcGIS Web App Topics covered: Using Token endpoints Using OAuth/SAML User login App login Portal ArcGIS
More informationHEALTH CARE DIRECTIVES ACT
A11 HEALTH CARE DIRECTIVES ACT Advances in medical research and treatments have, in many cases, enabled health care professionals to extend lives. Most of these advancements are welcomed, but some people
More informationOverview of Web Services API
1 CHAPTER The Cisco IP Interoperability and Collaboration System (IPICS) 4.5(x) application programming interface (API) provides a web services-based API that enables the management and control of various
More informationSUN SEEBEYOND egate INTEGRATOR RELEASE NOTES. Release 5.1.1
SUN SEEBEYOND egate INTEGRATOR RELEASE NOTES Release 5.1.1 Copyright 2006 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, California 95054, U.S.A. All rights reserved. Sun Microsystems, Inc.
More informationThursday, February 7, 2013. DOM via PHP
DOM via PHP Plan PHP DOM PHP : Hypertext Preprocessor Langage de script pour création de pages Web dynamiques Un ficher PHP est un ficher HTML avec du code PHP
More informationCreating Custom Web Pages for cagrid Services
Creating Custom Web Pages for cagrid Services Creating Custom Web Pages for cagrid Services Contents Overview Changing the Default Behavior Subclassing the AXIS Servlet Installing and Configuring the Custom
More informationHow To Write A Program In Java (Programming) On A Microsoft Macbook Or Ipad (For Pc) Or Ipa (For Mac) (For Microsoft) (Programmer) (Or Mac) Or Macbook (For
Projet Java Responsables: Ocan Sankur, Guillaume Scerri (LSV, ENS Cachan) Objectives - Apprendre à programmer en Java - Travailler à plusieurs sur un gros projet qui a plusieurs aspects: graphisme, interface
More informationInstallation troubleshooting guide
Installation troubleshooting guide Content ERROR CODE PROBLEMS... 3 Error code 301: Unknown protection system. Verify the installation.... 3 Error code 302: The software cannot be used. The computer date
More informationFiles and input/output streams
Unit 9 Files and input/output streams Summary The concept of file Writing and reading text files Operations on files Input streams: keyboard, file, internet Output streams: file, video Generalized writing
More informationLogin with Amazon. Getting Started Guide for Websites. Version 1.0
Login with Amazon Getting Started Guide for Websites Version 1.0 Login with Amazon: Getting Started Guide for Websites Copyright 2016 Amazon Services, LLC or its affiliates. All rights reserved. Amazon
More informationSalesforce Opportunities Portlet Documentation v2
Salesforce Opportunities Portlet Documentation v2 From ACA IT-Solutions Ilgatlaan 5C 3500 Hasselt liferay@aca-it.be Date 29.04.2014 This document will describe how the Salesforce Opportunities portlet
More information"Templating as a Strategy for Translating Official Documents from Spanish to English"
Article "Templating as a Strategy for Translating Official Documents from Spanish to English" Sylvie Lambert-Tierrafría Meta : journal des traducteurs / Meta: Translators' Journal, vol. 52, n 2, 2007,
More informationSun Integrated Lights Out Manager (ILOM) 3.0 Supplement for the Sun Fire X4150, X4250 and X4450 Servers
Sun Integrated Lights Out Manager (ILOM) 3.0 Supplement for the Sun Fire X4150, X4250 and X4450 Servers Sun Microsystems, Inc. www.sun.com Part No. 820-7842-11 November 2009, Revision A Submit comments
More informationLes fragments. Programmation Mobile Android Master CCI. Une application avec deux fragments. Premier layout : le formulaire
Programmation Mobile Android Master CCI Bertrand Estellon Aix-Marseille Université March 23, 2015 Bertrand Estellon (AMU) Android Master CCI March 23, 2015 1 / 266 Les fragments Un fragment : représente
More informationShort Form Description / Sommaire: Carrying on a prescribed activity without or contrary to a licence
NOTICE OF VIOLATION (Corporation) AVIS DE VIOLATION (Société) Date of Notice / Date de l avis: August 29, 214 AMP Number / Numéro de SAP: 214-AMP-6 Violation committed by / Violation commise par : Canadian
More informationBILL C-665 PROJET DE LOI C-665 C-665 C-665 HOUSE OF COMMONS OF CANADA CHAMBRE DES COMMUNES DU CANADA
C-665 C-665 Second Session, Forty-first Parliament, Deuxième session, quarante et unième législature, HOUSE OF COMMONS OF CANADA CHAMBRE DES COMMUNES DU CANADA BILL C-665 PROJET DE LOI C-665 An Act to
More informationSun StorEdge RAID Manager 6.2.21 Release Notes
Sun StorEdge RAID Manager 6.2.21 Release Notes formicrosoftwindowsnt Sun Microsystems, Inc. 901 San Antonio Road Palo Alto, CA 94303-4900 USA 650 960-1300 Fax 650 969-9131 Part No. 805-6890-11 November
More informationSalesforce Integration User Guide Version 1.1
1 Introduction Occasionally, a question or comment in customer community forum cannot be resolved right away by a community manager and must be escalated to another employee via a CRM system. Vanilla s
More informationForce.com REST API Developer's Guide
Force.com REST API Developer's Guide Version 35.0, Winter 16 @salesforcedocs Last updated: December 10, 2015 Copyright 2000 2015 salesforce.com, inc. All rights reserved. Salesforce is a registered trademark
More informationARE NEW OIL PIPELINES AND TANKER FACILITIES VIABLE IN CANADA?
ARE NEW OIL PIPELINES AND TANKER FACILITIES VIABLE IN CANADA? Research Report June 11, 2013 Innovative Research Group, Inc. www.innovativeresearch.ca Toronto : Calgary : Vancouver Toronto 56 The Esplanade
More informationFrom Delphi to the cloud
From Delphi to the cloud Introduction Increasingly data and services hosted in the cloud become accessible by authenticated REST APIs for client applications, be it web clients, mobile clients and thus
More informationALL YOU NEED INCLUDED IN THE INFINITY PACKAGE
Call us free call: 0805 10 2000 From the UK 0033 130 611 772 Fax: 01 39 73 44 85 PHONEXPAT by Stragex 11 Rue d Ourches - Bat i 78100 ST GERMAIN EN LAYE Stragex sarl capital 8000 RCS Versailles B439166
More informationsite et appel d'offres
Définition des besoins et élaboration de l'avant-projet Publication par le client de l'offre (opération sur le externe) Start: 16/07/02 Finish: 16/07/02 ID: 1 Dur: 0 days site et appel d'offres Milestone
More informationAudit de sécurité avec Backtrack 5
Audit de sécurité avec Backtrack 5 DUMITRESCU Andrei EL RAOUSTI Habib Université de Versailles Saint-Quentin-En-Yvelines 24-05-2012 UVSQ - Audit de sécurité avec Backtrack 5 DUMITRESCU Andrei EL RAOUSTI
More informationSolaris 10 Documentation README
Solaris 10 Documentation README Sun Microsystems, Inc. 4150 Network Circle Santa Clara, CA 95054 U.S.A. Part No: 817 0550 10 January 2005 Copyright 2005 Sun Microsystems, Inc. 4150 Network Circle, Santa
More informationOAuth: Where are we going?
OAuth: Where are we going? What is OAuth? OAuth and CSRF Redirection Token Reuse OAuth Grant Types 1 OAuth v1 and v2 "OAuth 2.0 at the hand of a developer with deep understanding of web security will likely
More informationArchived Content. Contenu archivé
ARCHIVED - Archiving Content ARCHIVÉE - Contenu archivé Archived Content Contenu archivé Information identified as archived is provided for reference, research or recordkeeping purposes. It is not subject
More informationReSTful OSGi Web Applications Tutorial. Khawaja Shams & Jeff Norris
ReSTful OSGi Web Applications Tutorial Khawaja Shams & Jeff Norris California Institute of Technology, Jet Propulsion Laboratory AGENDA Who are we and how did we get here? Overview of key technologies
More informationSalesforce Mobile Push Notifications Implementation Guide
Salesforce.com: Summer 14 Salesforce Mobile Push Notifications Implementation Guide Last updated: May 6, 2014 Copyright 2000 2014 salesforce.com, inc. All rights reserved. Salesforce.com is a registered
More informationThe new French regulation on gaming: Anything new in terms of payment?
[Prénom Nwww.ulys.net The new French regulation on gaming: Anything new in terms of payment? Etienne Wery Attorney at law at Brussels and Paris Bars Senior lecturer at university etienne.wery@ulys.net
More informationIn-Home Caregivers Teleconference with Canadian Bar Association September 17, 2015
In-Home Caregivers Teleconference with Canadian Bar Association September 17, 2015 QUESTIONS FOR ESDC Temporary Foreign Worker Program -- Mr. Steve WEST *Answers have been updated following the conference
More informationEnterprise Access Control Patterns For REST and Web APIs
Enterprise Access Control Patterns For REST and Web APIs Francois Lascelles Layer 7 Technologies Session ID: STAR-402 Session Classification: intermediate Today s enterprise API drivers IAAS/PAAS distributed
More informationCloud Elements! Events Management BETA! API Version 2.0
Cloud Elements Events Management BETA API Version 2.0 Event Management Version 1.0 Event Management Cloud Elements Event Management provides a uniform mechanism for subscribing to events from Endpoints
More information"Simultaneous Consecutive Interpreting: A New Technique Put to the Test"
Article "Simultaneous Consecutive Interpreting: A New Technique Put to the Test" Miriam Hamidi et Franz Pöchhacker Meta : journal des traducteurs / Meta: Translators' Journal, vol. 52, n 2, 2007, p. 276-289.
More informationSUBJECT CANADA CUSTOMS INVOICE REQUIREMENTS. This Memorandum explains the customs invoice requirements for commercial goods imported into Canada.
MEMORANDUM D1-4-1 Ottawa, July 10, 2000 SUBJECT CANADA CUSTOMS INVOICE REQUIREMENTS This Memorandum explains the customs invoice requirements for commercial goods imported into Canada. Legislation For
More information2 RENSEIGNEMENTS CONCERNANT L ASSURÉ SI CELUI-CI N EST PAS LE REQUÉRANT INFORMATION CONCERNING THE INSURED PERSON IF OTHER THAN THE APPLICANT
SÉCURITÉ SOCIALE SOCIAL SECURITY ACCORD DU 9 FÉVRIER 1979 ENTRE LA FRANCE ET LE CANADA AGREEMENT OF FEBRUARY 9, 1979 BETWEEN FRANCE AND CANADA Formulaire FORM SE 401-06 INSTRUCTION D UNE DEMANDE DE PENSION
More informationCopyright Pivotal Software Inc, 2013-2015 1 of 10
Table of Contents Table of Contents Getting Started with Pivotal Single Sign-On Adding Users to a Single Sign-On Service Plan Administering Pivotal Single Sign-On Choosing an Application Type 1 2 5 7 10
More informationDell One Identity Cloud Access Manager 8.0.1 - How to Develop OpenID Connect Apps
Dell One Identity Cloud Access Manager 8.0.1 - How to Develop OpenID Connect Apps May 2015 This guide includes: What is OAuth v2.0? What is OpenID Connect? Example: Providing OpenID Connect SSO to a Salesforce.com
More informationRevised May 24, 2006 MANITOBA TO HOST 2006 WESTERN PREMIERS CONFERENCE, NORTH AMERICAN LEADERS SUMMIT
Revised May 24, 2006 MANITOBA TO HOST 2006 WESTERN PREMIERS CONFERENCE, NORTH AMERICAN LEADERS SUMMIT Premiers from eastern Canada, governors from the western United States and Mexico, and ambassadors
More informationChulalongkorn University International School of Engineering Department of Computer Engineering 2140105 Computer Programming Lab.
Chulalongkorn University Name International School of Engineering Student ID Department of Computer Engineering Station No. 2140105 Computer Programming Lab. Date Lab 2 Using Java API documents, command
More informationIdentity Management with Spring Security. Dave Syer, VMware, SpringOne 2011
Identity Management with Spring Security Dave Syer, VMware, SpringOne 2011 Overview What is Identity Management? Is it anything to do with Security? Some existing and emerging standards Relevant features
More informationFinancial Audit of Indian Economic Development Fund, Loan Guarantee Program Year Ended March 31, 1998
Departmental Audit and Evaluation Branch orporate Services Department of Indian Affairs and Northern Development Prepared by: Guy Tousignant, Audit and Review Officer and André ôté, Senior Evaluation Manager
More informationCalcul parallèle avec R
Calcul parallèle avec R ANF R Vincent Miele CNRS 07/10/2015 Pour chaque exercice, il est nécessaire d ouvrir une fenètre de visualisation des processes (Terminal + top sous Linux et Mac OS X, Gestionnaire
More informationGlobe Export. A passion for seaweed. Globe Export. www.algues.fr. Globe Export
A passion for seaweed Zi de Dioulan - BP 37-29140 Rosporden - France Tel : 00 33 2 98 66 90 84 - Fax : 00 33 2 98 66 90 89 C est après avoir découvert les algues marines un beau jour de 1986, que je me
More informationSunFDDI 6.0 on the Sun Enterprise 10000 Server
SunFDDI 6.0 on the Sun Enterprise 10000 Server Sun Microsystems, Inc. 901 San Antonio Road Palo Alto, CA 94303-4900 USA 650 960-1300 Fax 650 969-9131 Part No.: 806-3610-11 November 1999, Revision A Send
More informationNUNAVUT HOUSING CORPORATION - BOARD MEMBER RECRUITMENT
NUNAVUT HOUSING CORPORATION - BOARD MEMBER RECRUITMENT The is seeking Northern Residents interested in being on our Board of Directors We are seeking individuals with vision, passion, and leadership skills
More informationIvory Coast (Côte d Ivoire) Tourist visa Application for citizens of Tahiti living in Alberta
Ivory Coast (Côte d Ivoire) Tourist visa Application for citizens of Tahiti living in Alberta Please enter your contact information Name: Email: Tel: Mobile: The latest date you need your passport returned
More information