Search Results

Search found 15648 results on 626 pages for 'wcf security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 115/626 | < Previous Page | 111 112 113 114 115 116 117 118 119 120 121 122  | Next Page >

  • Instance management with Dependency injection (DI)

    - by Sven
    Hello I'm trying to understand how DI exactly works. I'm currently using Windsor as DI container. I use this to load my services dynamically in code without direct reference. But I have change behaviour and want to know a bit more on the instance mgmt using DI. I have a web app projct, here is a WCF service using PerCall as instancemode. This means, new instance/call. In this WCF I call a service (loaded via DI) and this service calls another service (again loaded via DI). The WCF is a new instance in the appdomain, but what about the services. They are also new instances? Is this DI container shared among all WCF instances and are the services in this container also single instances? Can anyone clarify?

    Read the article

  • Is there a way to load a different cacerts than the one specified in the java_home/jre/lib/security

    - by feniix
    I have a single installation of java in a system that runs 2 or 3 applications. All the applications use the same runtime. Is there a way to specify a different keystores for the ca certs than the one in java_home/jre/lib/security. That is, is there an option to specify an "extra" keystore that is loaded and added to the certs loaded from java_home/jre/lib/security/cacerts? What I want to avoid is having to re-import our local ca every time I upgrade the jdk in the box.

    Read the article

  • WCF: Is it safe to override the Client's Dispose method using a partial class?

    - by pdiddy
    I'd like to override the Dispose method of generated proxy (ClientBase) because of the fact that disposing of a proxy calls Close and can throw an exception when the channel is faulted. The only way I came up was to create a partial class to my generated proxy, make it inherit from IDisposable: public partial class MyServiceProxy : IDisposable { #region IDisposable Members public void Dispose() { if (State != System.ServiceModel.CommunicationState.Faulted) Close(); else Abort(); } #endregion } I did some test and my Dispose method is indeed called. Do you see any issue with this strategy? Also, I don't like the fact that I'll have to create this partial class for every generated proxy. It be nice if I was able to make my proxy inherit from a base class...

    Read the article

  • CakePHP: Why does adding 'Security' component break my app?

    - by Steve
    I have a strange problem -- of my own making -- that's cropped up, and is driving me crazy. At some point, I inadvertently destroyed a file in the app/tmp directory...I'm not sure which file. But now my app breaks when I include the "Security" component, and works just fine when it's not included. I'm thinking it might be related to the Security.salt value somehow, or possibly to the saved session info, but I don't really have a deep enough knowledge of CakePHP to figure it out. Can anyone offer any insight here?

    Read the article

  • In search of a packaged .Net security solution for web-forms.

    - by Chuck Conway
    We are looking for a security solution for asp.net that has security down to the control level. This is not a necessity but, it would be nice. At the very least it needs to extend-able to allow for control level permissions. The solution should have an administration panel of some sort. It also needs to support roles, groups, and individual permissions. We haven't seen anything like this in the marketplace -- we are in the process of rolling our own solution. We'd rather use an off the shelf solution.

    Read the article

  • Important Security Issue: Is it possible to put binary image data into html markup code and then get

    - by Joern Akkermann
    Hi, it's an important security issue and I'm sure this should be possible. A simple example: You run a community portal. Users are registered and upload their pictures. Your application gives security rules wenever a picture is allowed to be displayed. For example users must be friends on each sides by the system, in order that you can view someone elses uploaded pictures. Here comes the problem: it is possible that someone crawls the image directories of your server. But you want to protect your users from such attacks. If it's possible to put the binary data of an image directly into the html markup, you can restrict the user access of your image dirs the user and group your web application runs of and pass the image data to your apache user and group directly in the html. The only possible weakness then is the password of the user that your web app runs as. Is there already a possibility? Yours, Joern.

    Read the article

  • Is man-in-the-middle attack a security threat during SSH authentication using keys?

    - by JP19
    Hi, I am no expert in network security, so pardon if this question is not very smart :). I am automating logins to some machines using ssh. I am currently avoiding host-key warnings using StrictHostKeyChecking no. I naively understand that someone can impersonate as the server and I risk losing my password to him if that were the case. However, if I am using only public/private Key based authentication ( using PasswordAuthentication no ), can the intruder still cause harm? So basically, with ssh -o "StrictHostKeyChecking no" -o "PasswordAuthentication no" : 1) Can the intruder decipher my private key? 2) Are there any other security threats? regards, JP

    Read the article

  • Debug Deserialization on Silverlight Client

    - by Andrew Garrison
    I'm working on a Silverlight client that interacts with a WCF web service. The Silverlight client and the WCF web service are using the same class library for their data entities that they are passing back and forth over the wire. I just added a new entity, and it's not being correctly deserialized on the Silverlight client. My question is, how can I debug the System.ServiceModel.ClientBase as it is deserializing an entity that it received from a WCF web service?

    Read the article

  • Make a connection to a HTTPS server from Java and ignore the validity of the security certificate

    - by justinhj
    I've been testing some that works with a bunch of https servers with different keys, some of which are invalid and all of them are not in the local key store for my JVM. I am really only testing things out, so I don't care about the security at this stage. Is there a good way to make POST calls to the server and tell Java not to worry about the security certificates? My google searches for this have brought up some code examples that make a class to do the validation, that always works, but I cannot get it to connect to any of the servers.

    Read the article

  • How to name multiple versioned ServiceContracts in the same WCF service?

    - by Tor Hovland
    When you have to introduce a breaking change in a ServiceContract, a best practice is to keep the old one and create a new one, and use some version identifier in the namespace. If I understand this correctly, I should be able to do the following: [ServiceContract(Namespace = "http://foo.com/2010/01/14")] public interface IVersionedService { [OperationContract] string WriteGreeting(Person person); } [ServiceContract(Name = "IVersionedService", Namespace = "http://foo.com/2010/02/21")] public interface IVersionedService2 { [OperationContract(Name = "WriteGreeting")] Greeting WriteGreeting2(Person2 person); } With this I can create a service that supports both versions. This actually works, and it looks fine when testing from soapUI. However, when I create a client in Visual Studio using "Add Service Reference", VS disregards the namespaces and simply sees two interfaces with the same name. In order to differentiate them, VS adds "1" to the name of one of them. I end up with proxies called ServiceReference.VersionedServiceClient and ServiceReference.VersionedService1Client Now it's not easy for anybody to see which is the newer version. Should I give the interfaces different names? E.g IVersionedService1 IVersionedService2 or IVersionedService/2010/01/14 IVersionedService/2010/02/21 Doesn't this defeat the purpose of the namespace? Should I put them in different service classes and get a unique URL for each version?

    Read the article

  • How to handle security constraints using GWT 2.1's RequestFactory?

    - by Marc
    I am currently developing a GWT 2.1 application that is to be deployed on Google App Engine. I would like to realise the server communication using the new RequestFactory. Now my question is how to handle fine-grained security issues in this context? Some server actions (of those declared in the RequestContext stubs) shall be restricted to certain users (possibly depending on the parameters of the remote call). If a call is unauthorised, I would like the client to show a login page (so that one may log in as a different user, for example). From the Expenses example, I know how to implement an automatic redirection to a login page, but in this example, the security model is quite simple: A client is allowed to access the servlet if and only if a user is logged in. Shall I raise a custom UnAuthorizedException in my server-side service? Where should I intercept this exception? (Can I do this in a servlet filter like the GaeAuthFilter of the Expenses example?)

    Read the article

  • How can I compose a WCF contract out of multiple interfaces?

    - by mafutrct
    I've got multiple interfaces. All of them should be inherited and exposed by a single contract interface. interface A { void X(); } interface B { void Y(); } interface C: A, B {} // this is the public contract How is this possible? I can't add ServiceContract to A and B because that would lead to multiple endpoints. And I don't want to new-override every method in C.

    Read the article

  • Where can I learn about security and online privacy?

    - by user278457
    I'd really like to start including shopping cart functionality in my projects. At first im content relying on paypal links, but I really want to be learning about specific security threats and how to combat them. Eventually I want to feel comfortable receiving and sending customer credit card details for ecommerce. Obviously this is a common thing on the net but most tutorials and resources are content to say "it's every web developers responsibility to consider security, but we're not going to cover that here/today/ever." so, my question is, where is a good place to learn? And once I've learned, how do I stay abreast of new vulnerabilities as the web evolves?

    Read the article

  • How can a client try to reconnect to a server after a first failed try with WCF?

    - by djerry
    Hey guys, I'm using a client - server app. When a client starts, he gets a login-screen. When the server is not up yet, the call to the server will throw an exception which i catch (EndpointNotFoundException). I show a messagebox telling the user the server is offline. When he tries to reconnect again, it will throw another exception (CommunicationObjectFaultedException), even though the server is online. When a new client starts then, he can connect to the server. But the client who attempted before, still gets the error. My question now is how can the first client login after a failed first try without having to start his program again. So i want to clear the communicationchannel of its faulted state or something like that. Thanks in advance.

    Read the article

  • What is a 'better' approach to query/save from server: DTO or Wcf Data Services?

    - by bonefisher
    From my perspective, the Data Services and their query approach is useful when querying simple object graphs from your server-side domain model. But when you want to query complex dependencies I couldn't create anything good out of it. The classic DTO approach is fine-grained and can handle everything, but the downside is that you have to create Dto classes for every type of server-request which is time consuming and you have to synchronize the Dto type with your domain entity/business logic.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 111 112 113 114 115 116 117 118 119 120 121 122  | Next Page >