Authentication is the process of ascertaining that somebody really is who they claim to be. Authorization refers to rules that determine who is allowed to do what. E.g. Adam may be authorized to create and delete databases, while Usama is only authorised to read. The two concepts are completely orthogonal and independent, but both are … Read more
How to handle authentication in a RESTful Client-Server architecture is a matter of debate. Commonly, it can be achieved, in the SOA over HTTP world via: HTTP basic auth over HTTPS; Cookies and session management; Token in HTTP headers (e.g. OAuth 2.0 + JWT); Query Authentication with additional signature parameters. You’ll have to adapt, or … Read more
The problem is having wrong mod on the file. Easily solved by executing – chmod 400 mykey.pem Taken from AWS instructions – Your key file must not be publicly viewable for SSH to work. Use this command if needed: chmod 400 mykey.pem 400 protects it by making it read only and only for the owner.
Use the operating system user postgres to create your database – as long as you haven’t set up a database role with the necessary privileges that corresponds to your operating system user of the same name (h9uest in your case): sudo -u postgres -i As recommended here or here. Then try again. Type exit when … Read more
If you enabled two-factor authentication in your GitHub account you won’t be able to push via HTTPS using your accounts password. Instead you need to generate a personal access token. This can be done in the application settings of your GitHub account. Using this token as your password should allow you to push to your … Read more
OpenID is about authentication (ie. proving who you are), OAuth is about authorisation (ie. to grant access to functionality/data/etc.. without having to deal with the original authentication). OAuth could be used in external partner sites to allow access to protected data without them having to re-authenticate a user. The blog post “OpenID versus OAuth from … Read more