Search Results

Search found 12720 results on 509 pages for 'moss2007 security'.

Page 106/509 | < Previous Page | 102 103 104 105 106 107 108 109 110 111 112 113  | Next Page >

  • PAM authentication problem

    - by mdipierro
    I am using this module to authenticate using pam: http://code.google.com/p/web2py/source/browse/gluon/contrib/pam.py I can call authenticate('username','password') and it returns True/ False. It works for any 'username' but 'root'. My guess is that there is a security restriction in PAM that does not allow to check for the root password. I need to be able to check the root password. Is there anything I can change in the pam.conf or somewhere else to remove this restriction?

    Read the article

  • Can resources be extracted from a compiled iPhone app? If yes, how can they be secured?

    - by Charles S.
    Can resources be extracted from a compiled iPhone app that is released to the iTunes store? I'm particularly interested in the security of XML files... if I have copyrighted data in an XML document in my resource directory, how likely is it for someone to extract that information and paste it around the internet? If it's as easy as using a resource editor, how can that data be secured?

    Read the article

  • Whats a valid strategy for a secure image upload from a flash client?

    - by WillyCornbread
    Hi all - I'm creating a flash application that will post images to a url for saving to disk/display later. I was wondering what are some suggested strategies for making this secure enough so that the upload is verified as coming from the application and not just some random form post. Is it reliable enough to check referring location realizing that I don't need bulletproof security, or perhaps setting authentication headers is a better strategy even though it seems unreliable from what I have read. Thanks for any advice - b

    Read the article

  • PHPSecurityScanner & SpikePHPSecAudit - How do I?

    - by 01010011
    Hi, How do I run PHP Security Scanner and SpikePHPSecAudit? I've already extracted them at the root of my website and thought it could be run like phpSecInfo where you just navigate to www.mySite.com/phpsecinfo/index.php Any assistance will be appreciated. ps I am using Windows XP and XAMPP

    Read the article

  • Best way for user authentication on JavaEE 6 using JSF 2.0?

    - by ngeek
    I'm wondering what the current state of art recommendation is regarding user authentication for a web application making use of JSF 2.0 (and if any components do exist) and JEE6 core mechanisms (login/check permissions/logouts) with user information hold in a JPA entity. The Sun tutorial is a bit sparse on this (only handles servlets). This is without making use of a whole other framework, like Spring-Security (acegi), or Seam, but trying to stick hopefully with the new Java EE 6 platform (web profile) if possible. Thanks, Niko

    Read the article

  • How to change granted role temporarily to achieve "view the site as" someone else

    - by Roy Chan
    Hi Gurus, We are using 2.x spring security right now. I am asked to build an admin tool so that the ROLE_ADMIN can change to any user in the site and view the site as that person (each person on the site may see different stuff depending on the role which is dynamically granted base on the database) and of course the admin should be able to switch back to admin without logging in. Is there a build in function, if not how should I do this? Thanks in advance!

    Read the article

  • Authentication and authorization for RESTfull API (java jersery)

    - by abovesun
    Hi, implementing service something similar with tinyurl or bit.ly, I'm would like to expose service as API, I'm using java and jersey as RESTfull service implementation. I'm looking for simplest way for authentification of users who use API, OAuth is first thing coming in mind, but the problem is I don't need this 3 iteration calls with request token query, than access token query with callback url passing. I just need to give user ability to invoke api with no additional security calls to my server.

    Read the article

  • Spring MVC -> Wicket Integration

    - by Jeff
    Hey everyone, I'm working on porting part of an existing Spring MVC application over to Wicket. I used the wicket-spring library to get the initial integration working, but now I'm stuck with the best way to integrate my Spring Security implementation. I was wondering if anyone could give me some advice on the best way to handle this. Thanks in advance for the help.

    Read the article

  • How to restrict code from developers

    - by Kelvin
    My company is planning in hiring outsourcers to work for us, but concerned to give whole existing code to outside world. What is the proper way to deal with security of sharing code in such cases? Is it possible to restrict part of code for developers? So each of them could work on their project without having access to whole repository. P.S. The code we have is very integrated, and its hard to extract "one module", each module can use files from different locations. Thanks in advance

    Read the article

  • Is there a .NET equivalent of WebGoat

    - by PJB
    Looking at this question the OWASP WebGoat project looks like a great way to learn about web security. Although the principles will equally to .NET applications I would prefer to use .NET based application. Does anybody know of a suitable .NET alternative?

    Read the article

  • Recent OpenSLL book

    - by Martin
    Does anyone know of a more recent OpenSLL book then Network Security with OpenSSL: Cryptography for Secure Communications (http://www.opensslbook.com/). It is from 2002 and does not cover OpenSSL version 0.97+. Best would be a book for OpenSSL 1.0.0 but I guess that one is to recent.

    Read the article

  • How to test a site rigorously?

    - by Sarfraz
    Hello, I recently created a big portal site. It's time for putting it to test. How do you guys test a site rigorously? What are the ways and tools for that? Can we sort of mimic hundreds of virtual users visiting the site to see its load handling? The test should be for both security and speed Thanks in advance.

    Read the article

  • Using @Secured Annotation causes IS_FULLY_AUTHENTICATED problem in grails

    - by TripWired
    I'm using Acegi/Spring Security in grails and when i use the annotations like @Secured(['ROLE_ADMIN']) it denies my login even though the user is part of ROLE_ADMIN. In looking through the login is it seems that it's getting an IS_AUTHENTICATED_FULLY role also but I have never added that to a page so i'm not sure how to bypass that. I read somewhere to preauthorize the user, but i'm not sure how to do that with grails.

    Read the article

  • Is there a current OpenSSL book?

    - by Martin
    Does anyone know of a more recent OpenSSL book than "Network Security with OpenSSL: Cryptography for Secure Communications" (http://www.opensslbook.com/)? It is from 2002 and does not cover OpenSSL version 0.97+. Best would be a book for OpenSSL 1.0.0 but I guess that one is too recent.

    Read the article

  • Is it possible to create a FIPS 140-2 compliant server in Perl?

    - by Nayruden
    The question is pretty simple, is it possible to create a FIPS 140-2 compliant server in Perl? Especially, is it possible without modifying any of the C code for the modules? If it's not possible in straight Perl, what would be the easiest way to go about it from a C perspective? I'm basically creating a mini-httpd that only serves up a single file, but due to security restrictions it needs to be served up on SSL under FIPS compliance.

    Read the article

< Previous Page | 102 103 104 105 106 107 108 109 110 111 112 113  | Next Page >