Software Engineering Stack Exchange
Software Engineering Stack Exchange

Questions tagged [identity]

47 questions
99
votes
8 answers

Is browser fingerprinting a viable technique for identifying anonymous users?

Is browser fingerprinting a sufficient method for uniquely identifying anonymous users? What if you incorporate biometric data like mouse gestures or typing patterns? The other day I ran into the Panopticlick experiment EFF is running on browser…
SMrF
  • 1,093
  • 2
  • 8
  • 7
36
votes
5 answers

Is it a bad idea to sell Android apps in the Android Market under your real name?

I'm just getting started in Android development and am working on a few small "practice" apps. As an example, one is a live wallpaper. The others are similar in terms of development effort. When these apps are done I would like to list them in the…
Joshua Carmody
  • 798
  • 1
  • 7
  • 16
18
votes
12 answers

What are the pros (and cons) of using “Sign in with Twitter/Facebook” for a new website?

Myself and a friend are looking to launch a little forum site. I’m considering using the “Sign in with Facebook/Twitter” APIs, possibly exclusively (a la e.g. Lanyrd), for user login. I haven’t used either of these before, nor run a site with user…
Paul D. Waite
  • 1,164
  • 14
  • 18
14
votes
1 answer

Separating ASP.NET IdentityUser from my other entities

I have a ProjectName.Core library containing all my business logic and my entities and their behaviour. There's currently no relation whatsoever to Entity Framework or any other DAL because I like to keep those things seperated. The Entity Framework…
Steven Thewissen
  • 271
  • 1
  • 2
  • 5
9
votes
2 answers

Which data should be stored as `Claim`?

In ASP.Net Core, I find Claims authorization is very not-concrete method. We can add anything as ClaimType and ClaimValue pair; groups, firstname, lastname, brithdate, canAccessThisURI, isEditor, etc.. However, this approach (storing anything that…
Mohammed Noureldin
  • 199
  • 1
  • 5
7
votes
4 answers

email address as username, and email address field

I'm designing an entity to represent a log-in object. The unique username value is an email address, that will go onto the username field. Should I add a second field called email to indicate a contact email address for the user considering that it…
Lucas T
  • 753
  • 1
  • 5
  • 9
6
votes
1 answer

When we say a monad 'encapsulates a computation' - is this just saying 'wraps a functional transformation of data'?

When I think of the word 'computation' - my mind jumps to lambda calculus or operations on a state machine representing a CPU. It is quite a broad definition. Now some people talk about monads as 'representing a unit of a computation'. But if we…
hawkeye
  • 4,819
  • 3
  • 24
  • 35
5
votes
1 answer

Should user and service-to-service authentications be separate?

Say I have a system with 5 microservices behind a gateway, and a user signs in through an IDP (OAuth) A user U passes the access token in a request, and the call first reaches the gateway before it enters the services behind, say A, and then A calls…
Jerald Baker
  • 161
  • 4
4
votes
1 answer

Architecture to lock account to mobile device

I'm currently creating a mobile app and have the following issue. I am required to only allow the user to login from a device that is registered to the users account. A user can have up to X number of devices registered at any one time. So when the…
Ankeet Dhanji
  • 53
  • 4
4
votes
1 answer

User management: third party Identity Management vs local user

Context Let's considering a standard web application handling cars. Each car has an owner. So the car structure looks like: cars( id INTEGER PRIMARY KEY, ... owner_id *???* ) For simplicity reasons, I am using an external Identity Management,…
Al-un
  • 141
  • 4
4
votes
3 answers

Why do RESTful services that implement HATEOAS provide a self-relationship link?

I'm learning about HATEOAS and I noticed that every implementation always seems to implement a self-relationship first. For example a common response object might look like { title: "The Wonderful Wizard of Oz", author: "L. Frank Baum" links:…
David says Reinstate Monica
  • 2,739
  • 2
  • 18
  • 24
4
votes
1 answer

Identity propagation using Azure service bus

We currently have a platform with a SOA architecture in which the user's identity is propagated from the web application via middle tier services (REST and SOAP) until we actually query our data storage layer. We use the user's identity to apply…
MvdD
  • 851
  • 6
  • 11
4
votes
1 answer

Use a custom value object or a Guid as an entity identifier in a distributed system?

tl;dr I've been told that in domain-driven design, an identifier for an entity could be a custom value object, i.e. something other than Guid, string, int, etc. Can this really be advisable in a distributed system? Long version I will invent an…
Kazark
  • 1,810
  • 1
  • 17
  • 37
4
votes
3 answers

Is it possible to check a client side application identity from server side?

Assume there is a web service which is visible publicly but it must be just responsive to a specific client application. Is there any mechanism to check client side application identity to prevent disallowed application to access the service? For…
anonim
  • 143
  • 1
  • 6
4
votes
1 answer

Identity Design ASP.NET

I am trying to design a system with the below features, and am currently trying to figure out best way to handle Identity : There will be multiple decoupled parts of the system, with same customers accessing various parts I would like users…
user60812
  • 401
  • 1
  • 3
  • 11
1
2 3 4