Search Results

Search found 90170 results on 3607 pages for 'user presence'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 118/3607 | < Previous Page | 114 115 116 117 118 119 120 121 122 123 124 125  | Next Page >

  • How to force a login for an administrator when using Remote Desktop Connection and fast user switching enabled?

    - by brett rogers
    Scenario: I am at work. I want to remote desktop into my machine at home. Problem is, my 5-year-old daughter is playing games on Starfall.com (or something similar) on her (non-admin) account. When I attempt to connect I see this message: Another user is currently logged on to this computer. If you continue, this user has to disconnect from this computer. Do you want to continue? I click Yes and then see Please wait for 'UserName' to respond This presents my daughter with an Allow/Disallow dialog on whether to let me connect. She clicks Disallow (or No or whatever it says) and then I see 'UserName' has denied your request Question: How can I force my account to log in and disconnect her session? Additional Info: My account is an administrator account. My daughter's account is a non-administrator account. Home machine is Windows 7 Pro with fast user switching enabled. Turning off fast user switching is not an option (Kyle pointed out in his answer that turning it off would allow the admin to force another user off). I would keep fast user switching's ability to change accounts without closing the previous account's session over being able to force myself to connect.

    Read the article

  • Why is OpenSSH not using the user specified in ssh_config?

    - by Jordan Evens
    I'm using OpenSSH from a Windows machine to connect to a Linux Mint 9 box. My Windows user name doesn't match the ssh target's user name, so I'm trying to specify the user to use for login using ssh_config. I know OpenSSH can see the ssh_config file since I'm specifying the identify file in it. The section specific to the host in ssh_config is: Host hostname HostName hostname IdentityFile ~/.ssh/id_dsa User username Compression yes If I do ssh username@hostname it works. Trying using ssh_config only gives: F:\>ssh -v hostname OpenSSH_5.6p1, OpenSSL 0.9.8o 01 Jun 2010 debug1: Connecting to hostname [XX.XX.XX.XX] port 22. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug1: identity file /cygdrive/f/progs/OpenSSH/home/.ssh/id_rsa type -1 debug1: identity file /cygdrive/f/progs/OpenSSH/home/.ssh/id_rsa-cert type -1 debug1: identity file /cygdrive/f/progs/OpenSSH/home/.ssh/id_dsa type 2 debug1: identity file /cygdrive/f/progs/OpenSSH/home/.ssh/id_dsa-cert type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3p1 Debia n-3ubuntu5 debug1: match: OpenSSH_5.3p1 Debian-3ubuntu5 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.6 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host 'hostname' is known and matches the RSA host key. debug1: Found key in /cygdrive/f/progs/OpenSSH/home/.ssh/known_hosts:1 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey debug1: Next authentication method: publickey debug1: Trying private key: /cygdrive/f/progs/OpenSSH/home/.ssh/id_rsa debug1: Offering DSA public key: /cygdrive/f/progs/OpenSSH/home/.ssh/id_dsa debug1: Authentications that can continue: publickey debug1: No more authentication methods to try. Permission denied (publickey). I was under the impression that (as outlined in this question: How to make ssh log in as the right user?) specifying User username in ssh_config should work. Why isn't OpenSSH using the username specified in ssh_config?

    Read the article

  • Adding an Admin user to an ASP.NET MVC 4 application using a single drop-in file

    - by Jon Galloway
    I'm working on an ASP.NET MVC 4 tutorial and wanted to set it up so just dropping a file in App_Start would create a user named "Owner" and assign them to the "Administrator" role (more explanation at the end if you're interested). There are reasons why this wouldn't fit into most application scenarios: It's not efficient, as it checks for (and creates, if necessary) the user every time the app starts up The username, password, and role name are hardcoded in the app (although they could be pulled from config) Automatically creating an administrative account in code (without user interaction) could lead to obvious security issues if the user isn't informed However, with some modifications it might be more broadly useful - e.g. creating a test user with limited privileges, ensuring a required account isn't accidentally deleted, or - as in my case - setting up an account for demonstration or tutorial purposes. Challenge #1: Running on startup without requiring the user to install or configure anything I wanted to see if this could be done just by having the user drop a file into the App_Start folder and go. No copying code into Global.asax.cs, no installing addition NuGet packages, etc. That may not be the best approach - perhaps a NuGet package with a dependency on WebActivator would be better - but I wanted to see if this was possible and see if it offered the best experience. Fortunately ASP.NET 4 and later provide a PreApplicationStartMethod attribute which allows you to register a method which will run when the application starts up. You drop this attribute in your application and give it two parameters: a method name and the type that contains it. I created a static class named PreApplicationTasks with a static method named, then dropped this attribute in it: [assembly: PreApplicationStartMethod(typeof(PreApplicationTasks), "Initializer")] That's it. One small gotcha: the namespace can be a problem with assembly attributes. I decided my class didn't need a namespace. Challenge #2: Only one PreApplicationStartMethod per assembly In .NET 4, the PreApplicationStartMethod is marked as AllMultiple=false, so you can only have one PreApplicationStartMethod per assembly. This was fixed in .NET 4.5, as noted by Jon Skeet, so you can have as many PreApplicationStartMethods as you want (allowing you to keep your users waiting for the application to start indefinitely!). The WebActivator NuGet package solves the multiple instance problem if you're in .NET 4 - it registers as a PreApplicationStartMethod, then calls any methods you've indicated using [assembly: WebActivator.PreApplicationStartMethod(type, method)]. David Ebbo blogged about that here:  Light up your NuGets with startup code and WebActivator. In my scenario (bootstrapping a beginner level tutorial) I decided not to worry about this and stick with PreApplicationStartMethod. Challenge #3: PreApplicationStartMethod kicks in before configuration has been read This is by design, as Phil explains. It allows you to make changes that need to happen very early in the pipeline, well before Application_Start. That's fine in some cases, but it caused me problems when trying to add users, since the Membership Provider configuration hadn't yet been read - I got an exception stating that "Default Membership Provider could not be found." The solution here is to run code that requires configuration in a PostApplicationStart method. But how to do that? Challenge #4: Getting PostApplicationStartMethod without requiring WebActivator The WebActivator NuGet package, among other things, provides a PostApplicationStartMethod attribute. That's generally how I'd recommend running code that needs to happen after Application_Start: [assembly: WebActivator.PostApplicationStartMethod(typeof(TestLibrary.MyStartupCode), "CallMeAfterAppStart")] This works well, but I wanted to see if this would be possible without WebActivator. Hmm. Well, wait a minute - WebActivator works in .NET 4, so clearly it's registering and calling PostApplicationStartup tasks somehow. Off to the source code! Sure enough, there's even a handy comment in ActivationManager.cs which shows where PostApplicationStartup tasks are being registered: public static void Run() { if (!_hasInited) { RunPreStartMethods(); // Register our module to handle any Post Start methods. But outside of ASP.NET, just run them now if (HostingEnvironment.IsHosted) { Microsoft.Web.Infrastructure.DynamicModuleHelper.DynamicModuleUtility.RegisterModule(typeof(StartMethodCallingModule)); } else { RunPostStartMethods(); } _hasInited = true; } } Excellent. Hey, that DynamicModuleUtility seems familiar... Sure enough, K. Scott Allen mentioned it on his blog last year. This is really slick - a PreApplicationStartMethod can register a new HttpModule in code. Modules are run right after application startup, so that's a perfect time to do any startup stuff that requires configuration to be read. As K. Scott says, it's this easy: using System; using System.Web; using Microsoft.Web.Infrastructure.DynamicModuleHelper; [assembly:PreApplicationStartMethod(typeof(MyAppStart), "Start")] public class CoolModule : IHttpModule { // implementation not important // imagine something cool here } public static class MyAppStart { public static void Start() { DynamicModuleUtility.RegisterModule(typeof(CoolModule)); } } Challenge #5: Cooperating with SimpleMembership The ASP.NET MVC Internet template includes SimpleMembership. SimpleMembership is a big improvement over traditional ASP.NET Membership. For one thing, rather than forcing a database schema, it can work with your database schema. In the MVC 4 Internet template case, it uses Entity Framework Code First to define the user model. SimpleMembership bootstrap includes a call to InitializeDatabaseConnection, and I want to play nice with that. There's a new [InitializeSimpleMembership] attribute on the AccountController, which calls \Filters\InitializeSimpleMembershipAttribute.cs::OnActionExecuting(). That comment in that method that says "Ensure ASP.NET Simple Membership is initialized only once per app start" which sounds like good advice. I figured the best thing would be to call that directly: new Mvc4SampleApplication.Filters.InitializeSimpleMembershipAttribute().OnActionExecuting(null); I'm not 100% happy with this - in fact, it's my least favorite part of this solution. There are two problems - first, directly calling a method on a filter, while legal, seems odd. Worse, though, the Filter lives in the application's namespace, which means that this code no longer works well as a generic drop-in. The simplest workaround would be to duplicate the relevant SimpleMembership initialization code into my startup code, but I'd rather not. I'm interested in your suggestions here. Challenge #6: Module Init methods are called more than once When debugging, I noticed (and remembered) that the Init method may be called more than once per page request - it's run once per instance in the app pool, and an individual page request can cause multiple resource requests to the server. While SimpleMembership does have internal checks to prevent duplicate user or role entries, I'd rather not cause or handle those exceptions. So here's the standard single-use lock in the Module's init method: void IHttpModule.Init(HttpApplication context) { lock (lockObject) { if (!initialized) { //Do stuff } initialized = true; } } Putting it all together With all of that out of the way, here's the code I came up with: using Mvc4SampleApplication.Filters; using System.Web; using System.Web.Security; using WebMatrix.WebData; [assembly: PreApplicationStartMethod(typeof(PreApplicationTasks), "Initializer")] public static class PreApplicationTasks { public static void Initializer() { Microsoft.Web.Infrastructure.DynamicModuleHelper.DynamicModuleUtility .RegisterModule(typeof(UserInitializationModule)); } } public class UserInitializationModule : IHttpModule { private static bool initialized; private static object lockObject = new object(); private const string _username = "Owner"; private const string _password = "p@ssword123"; private const string _role = "Administrator"; void IHttpModule.Init(HttpApplication context) { lock (lockObject) { if (!initialized) { new InitializeSimpleMembershipAttribute().OnActionExecuting(null); if (!WebSecurity.UserExists(_username)) WebSecurity.CreateUserAndAccount(_username, _password); if (!Roles.RoleExists(_role)) Roles.CreateRole(_role); if (!Roles.IsUserInRole(_username, _role)) Roles.AddUserToRole(_username, _role); } initialized = true; } } void IHttpModule.Dispose() { } } The Verdict: Is this a good thing? Maybe. I think you'll agree that the journey was undoubtedly worthwhile, as it took us through some of the finer points of hooking into application startup, integrating with membership, and understanding why the WebActivator NuGet package is so useful Will I use this in the tutorial? I'm leaning towards no - I think a NuGet package with a dependency on WebActivator might work better: It's a little more clear what's going on Installing a NuGet package might be a little less error prone than copying a file A novice user could uninstall the package when complete It's a good introduction to NuGet, which is a good thing for beginners to see This code either requires either duplicating a little code from that filter or modifying the file to use the namespace Honestly I'm undecided at this point, but I'm glad that I can weigh the options. If you're interested: Why are you doing this? I'm updating the MVC Music Store tutorial to ASP.NET MVC 4, taking advantage of a lot of new ASP.NET MVC 4 features and trying to simplify areas that are giving people trouble. One change that addresses both needs us using the new OAuth support for membership as much as possible - it's a great new feature from an application perspective, and we get a fair amount of beginners struggling with setting up membership on a variety of database and development setups, which is a distraction from the focus of the tutorial - learning ASP.NET MVC. Side note: Thanks to some great help from Rick Anderson, we had a draft of the tutorial that was looking pretty good earlier this summer, but there were enough changes in ASP.NET MVC 4 all the way up to RTM that there's still some work to be done. It's high priority and should be out very soon. The one issue I ran into with OAuth is that we still need an Administrative user who can edit the store's inventory. I thought about a number of solutions for that - making the first user to register the admin, or the first user to use the username "Administrator" is assigned to the Administrator role - but they both ended up requiring extra code; also, I worried that people would use that code without understanding it or thinking about whether it was a good fit.

    Read the article

  • Crypted_password is null when using Authlogic to save a user

    - by kareem
    i'm getting a strange error on my production install when i try and create a new user using AL: ActiveRecord::StatementInvalid: Mysql::Error: Column 'crypted_password' cannot be null: INSERT INTO users especially strange b/c it works as expected on my local box. RUnning Rails 2.3.2 and ruby 1.8.7 on both boxes. user.rb: class User < ActiveRecord::Base before_create :set_username acts_as_authentic do |c| c.require_password_confirmation = false c.login_field = "email" c.validates_length_of_password_field_options = {:minimum => 4} c.validate_login_field = false #don't validate email field with additional validations end end Here's output from my production console: >> u = User.new => #<User id: nil, username: nil, email: nil, crypted_password: nil, password_salt: nil, persistence_token: nil, single_access_token: nil, perishable_token: nil, login_count: 0, failed_login_count: 0, last_request_at: nil, current_login_at: nil, last_login_at: nil, current_login_ip: nil, last_login_ip: nil, created_at: nil, updated_at: nil, is_admin: 0, first_name: nil, last_name: nil> >> u.full_name = 'john smith' => "john smith" >> u.password = 'test' => "test" >> u.email = '[email protected]' => "[email protected]" >> u.valid? => true >> u.save ActiveRecord::StatementInvalid: Mysql::Error: Column 'crypted_password' cannot be null: INSERT INTO `users` (`single_access_token`, `last_request_at`, `created_at`, `crypted_password`, `perishable_token`, `updated_at`, `username`, `failed_login_count`, `current_login_ip`, `password_salt`, `current_login_at`, `is_admin`, `persistence_token`, `login_count`, `last_name`, `last_login_ip`, `last_login_at`, `email`, `first_name`) VALUES('B-XSXwhO7hkbtISIOyEq', NULL, '2009-07-31 01:10:44', NULL, 'FK3mYS2Tp5Tzeq5IXE1z', '2009-07-31 01:10:44', 'john', 0, NULL, NULL, NULL, 0, '2c76b645f761eb3509353290e93874cecdb68a63caa165812ab1b126d63660757090ecf69995caef9e78f93d070b524e2542b3fec4ee050726088c2a9fdb0c9f', 0, 'smith', NULL, NULL, '[email protected]', 'john') from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/connection_adapters/abstract_adapter.rb:212:in `log' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/connection_adapters/mysql_adapter.rb:320:in `execute' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/connection_adapters/abstract/database_statements.rb: 259:in `insert_sql' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/connection_adapters/mysql_adapter.rb:330:in `insert_sql' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/connection_adapters/abstract/database_statements.rb: 44:in `insert_without_query_dirty' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/connection_adapters/abstract/query_cache.rb:18:in `insert' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/base.rb:2902:in `create_without_timestamps' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/timestamp.rb:29:in `create_without_callbacks' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/callbacks.rb:266:in `create' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/base.rb:2868:in `create_or_update_without_callbacks' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/callbacks.rb:250:in `create_or_update' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/base.rb:2539:in `save_without_validation' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/validations.rb:1009:in `save_without_dirty' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/dirty.rb:79:in `save_without_transactions' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/transactions.rb:229:in `send' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/transactions.rb:229:in `with_transaction_returning_status' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/connection_adapters/abstract/database_statements.rb: 136:in `transaction' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/transactions.rb:182:in `transaction' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/transactions.rb:228:in `with_transaction_returning_status' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/transactions.rb:196:in `save' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/transactions.rb:208:in `rollback_active_record_state!' from /usr/lib/ruby/gems/1.8/gems/activerecord-2.3.2/lib/ active_record/transactions.rb:196:in `save' No idea why this is happening, and especially why this saves a new user on dev but not on production. Any help is much appreciated, thanks! edit: using Apache & Passenger 2.2.4

    Read the article

  • Autocomplete jQuery on User Controller within Repeater .NET

    - by TheDPQ
    I have a Multiview search feature on a Web User Controller that is called within a Repeater, OHMY!! I have some training sessions being listed out on a page, each calling an employeeSearch Web User Controller so people can search for employees to add to the training session. I have the Employee Names and Employee IDs listed out in JS on the page and using the jQuery autocomplete i have them search for the employee and populate a hidden field in the User controller. Once the process is done they have the option of adding yet another employee. So i had Autocompelte 'work' in all the employee search boxes, but one i do the initial search (postback) autocomplete won't work again. Then i updated $().ready(function() to pageLoad() so it works correctly on multiple searches but only in the LAST item of the repeater (jQuery is loaded on the User Controller) FYI: I have the JS string set as EMPLOYEENAME|ID and jQuery displays the Employee Name and if they select it throws the ID in a ASP:HIDDEN FIELD <script type="text/javascript"> format_item = function(item, position, length) { var str = item.toString().split("|", 2); return str[0]; } function pageLoad() { $("#<%=tb_EmployeeName.ClientID %>").autocomplete(EmployeeList, { minChars: 0, width: 500, matchContains: true, autoFill: false, scrollHeight: 300, scroll: true, formatItem: format_item, formatMatch: format_item, formatResult: format_item }); $("#<%=tb_EmployeeName.ClientID %>").result(function(event, data, formatted) { var str = data.toString().split("|", 2); $("#<%=hf_EmployeeID.ClientID %>").val(str[1]); }); }; </script> I can already guess that by repeating pageLoad within the User Controll i override the previous pageLoad. THE QUESTION: Is there a way around this, a way to have all the jQuery appear in a single pageLoad or to somehow have a single jquery call to handle all my search boxes? I can't move the jQuery into the page calling all the controllers because i have no way of referencing the specific *tb_EmployeeName* textbox AND *hf_EmployeeID* hidden field. Thank you so much for any help or insight you can give me into this problem. This is the Multiview that on the User Controller <asp:MultiView ID="mv_EmployeeArea" runat="server" ActiveViewIndex="0"> <asp:View ID="vw_Search" runat="server"> <asp:Panel ID="eSearch" runat="server"> <b>Signup Employee Search</b> (<i>Last Name, First Name</i>)<br /> <asp:TextBox ID="tb_EmployeeName" class="EmployeeSearch" runat="server"></asp:TextBox> <asp:HiddenField ID="hf_EmployeeID" runat="server" /> <asp:Button ID="btn_Search" runat="server" Text="Search" /> </asp:Panel> </asp:View> <asp:View ID="vw_Confirm" runat="server"> <b>Signup Confirmation</b> <asp:FormView ID="fv_EmployeeInfo" runat="server"> <ItemTemplate> <%#(Eval("LastName"))%>, <%#(Eval("FirstName"))%><br /> </ItemTemplate> </asp:FormView> <asp:Button ID="btn_Confirm" runat="server" Text="Signup this employee" /> &nbsp; <asp:Button ID="btn_Reset3" runat="server" Text="Reset" /> </asp:View> <asp:View ID="vw_ThankYou" runat="server"> <b>Thank You</b><br /> The employee has been signed up and an email confirmation has been sent out.<br /><br /> <asp:Button ID="btn_Reset" runat="server" Text="Reset" /> </asp:View> </asp:MultiView> UPDATE: I never did find an answer but i had to do a demo so i hacked together something that 'works', but feels sort of cheesy. I am still very much needed of a better question or better understanding.

    Read the article

  • Add User to Database not working

    - by user1850189
    I'm really new to ASP.net and I am currently trying to create a registration page on a site. I was successful in adding a user to the database but I decided to add another feature into the code to check what userID's were available. For example, if a user deleted their account their userID would become available for use again. I'm trying to find the min value and the max value and add or subtract 1 depending on whether it is min or max. I can run the code I have written for this with no errors but the user is not added to the database. Can anyone help me figure out what I'm missing from my code to do this? EDIT Code adds a user to database but it adds the new user at -1 instead. I don't seem to be able to see where the issue is. If (aDataReader2.Read() = False) Then aConnection1 = New OleDbConnection(aConnectionString) aConnection1.Open() aQuery = "Insert Into UserDetails " aQuery = aQuery & "Values ('" & userID & "','" & userFName & "','" & userLName & "','" & userEmail & "','" & userUsername & "','" & userPassword & "')" aCommand = New OleDbCommand(aQuery, aConnection1) aCommand.ExecuteNonQuery() aConnection1.Close() ElseIf (min = 1) Then aConnection2 = New OleDbConnection(aConnectionString) aConnection2.Open() aCommand = New OleDbCommand(aQuery3, aConnection2) aDataReader2 = aCommand.ExecuteReader() userID = max + 1 aQuery = "Insert Into UserDetails " aQuery = aQuery & "Values ('" & userID & "','" & userFName & "','" & userLName & "','" & userEmail & "','" & userUsername & "','" & userPassword & "')" aCommand = New OleDbCommand(aQuery, aConnection2) aCommand.ExecuteNonQuery() aConnection2.Close() Else aConnection3 = New OleDbConnection(aConnectionString) aConnection3.Open() aCommand = New OleDbCommand(aQuery2, aConnection3) aDataReader2 = aCommand.ExecuteReader userID = min - 1 aQuery = "Insert Into UserDetails " aQuery = aQuery & "Values ('" & userID & "','" & userFName & "','" & userLName & "','" & userEmail & "','" & userUsername & "','" & userPassword & "')" aCommand = New OleDbCommand(aQuery, aConnection3) aCommand.ExecuteNonQuery() aConnection3.Close() lblResults.Text = "User Account successfully created" btnCreateUser.Enabled = False End If Here's the code I used to get the max and min values from the database. I'm getting a value of 0 for both of them - when min should be 1 and max should be 5 Dim minID As Integer Dim maxID As Integer aQuery2 = "Select Min(UserID) AS '" & [minID] & "' From UserDetails" aQuery3 = "Select Max(UserID) AS ' " & [maxID] & "' From UserDetails"

    Read the article

  • In Linux, what's the best way to delegate administration responsibilities, like for Apache, a database, or some other application?

    - by Andrew Banks
    In Linux, what's the best way to delegate administration responsibilities for Apache and other "applications"? File permissions? Sudo? A mix of both? Something else? At work we have two tiers of "administrators" Operating system administrators. These are your run-of-the-mill "server administrators." They are responsible for just the operating system. Application administrators. The people who build the web site. This includes not only writing the SQL, PHP, and HTML, but also setting up and running Apache and PostgreSQL or MySQL. The aforementioned OS admins will install this stuff, but it's mainly up to the app admins to edit all the config files, start and stop processes when needed, and so on. I am one of the app admins. This is different than what I am used to. I used to just write code. The sysadmin took care not only of the OS but also installing, setting up, and keeping up the server software. But he left. Now I'm in charge of setting up Apache and the database. The new sysadmins say they just handle the operating system. It's no problem. I welcome learning new stuff. But there is a learning curve, even for the OS admins. Apache, by default, seems to be set up for administration by root directly. All the config files and scripts are 644 and owned by root:root. I'm not given the root password, naturally, so the OS admins must somehow give my ordinary OS user account all the rights necessary to edit Apache's config files, start and stop it, read its log files, and so on. Right now they're using a mix of: (1) giving me certain sudo rights, (2) adding me to certain groups, and (3) changing the file permissions of various directories, to make them writable by one of the groups I'm in. This never goes smoothly. There's always a back-and-forth between me and the sysadmins. They say it's ready. Then I try certain things, and half of them I still can't do. So they make some more changes. Then finally I seem to be independent and can administer Apache and the database without pestering them anymore. It's the sheer complication and amount of changes that make me uncomfortable. Even though it finally works, more or less, it seems hackneyed. I feel like we're doing it wrong. It seems like the makers of the software would have anticipated this scenario (someone other than root administering it) and have a clean two- or three-step program to delegate responsibility to me. But it feels like we are really chewing up the filesystem and making it far and away from the default set-up. Any suggestions? Are we doing it the recommended way? P.S. For PostgreSQL it seems a little better. Its files are owned by a system user named postgres. So giving me the right to run sudo su - postgres gives me just about everything. I'm just now getting into MySQL, but it seems to be set up similarly. But it seems a little weird doing all my work as another user.

    Read the article

  • make an http post from server using user credentials - integrated security

    - by opensas
    I'm trying to make a post, from an asp classic server side page, using the user credentials... I'm using msxml2.ServerXMLHTTP to programatically make the post I've tried with several configurations in the IIS 5.1 site, but there's no way I can make IIS run with a specified account... I made a little asp page that runs whoami to verify what account the iis process i using... with IIS 5.1, using integrated security the process uses: my_machine\IWAM_my_machine I disable integrated security, and leave a domain account as anonymous access, and I get the same (¿?) to test the user I do the following private function whoami() dim shell, cmd set shell = createObject("wscript.shell") set cmd = shell.exec( server.mapPath( "whoami.exe" ) ) whoami = cmd.stdOut.readAll() set shell = nothing: set cmd = nothing end function is it because I'm issuing a shell command? I'd like to make http post calls, to another site that works with integrated security... So I need some way to pass the credentials, or at least to run with a specified account, and then configure the remote site to thrust that account... I thought that just setting the site to work with integrated security would be enough... How can I achieve such a thing? ps: with IIS6,happens the same but if I change the pool canfiguration I get the following info from whoami NT AUTHORITY\NETWORK SERVICE NT AUTHORITY\LOCAL SERVICE NT AUTHORITY\SYSTEM if I set a domain account, I get a "service unavailable" message... edit: found this http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/275269ee-1b9f-4869-8d72-c9006b5bd659.mspx?mfr=true it says what I supossed, "If an authenticated user makes a request, the thread token is based on the authenticated account of the user", but somehow I doesn't seem to work like that... what could I possibly be missing? edit: well the whoami thing is obviously fooling me, I tried with the following function private function whoami_db( serverName, dbName ) dim conn, data set conn = server.createObject("adodb.connection") conn.open "Provider=SQLOLEDB.1;Integrated Security=SSPI;" & _ "Initial Catalog=" & dbName & ";Data Source=" & serverName set data = conn.execute( "select suser_sname() as user_name" ) whoami_db = data("user_name") data.close: conn.close set data = nothing: set conn = nothing end function and everything seemed to be working fine... but how can I make msxml2.ServerXMLHTTP work with the user credentials???

    Read the article

  • One-to-many relationship with JDO in Google App Engine

    - by Marvin
    I've followed the GAE docs on setting up one-to-many relationship in JDO but I'm still having trouble in retrieving the collection data back. I have no problem getting the other non-collection fields back. Here are my classes: @PersistenceCapable public class User{ @PrimaryKey @Persistent(valueStrategy = IdGeneratorStrategy.IDENTITY) private Key key; @Persistent private String uniqueId; @Persistent private String email; @Persistent private List<Address> addresses = new ArrayList<Address>() ; ... } @PersistenceCapable public class Phone{ @PrimaryKey @Persistent(valueStrategy = IdGeneratorStrategy.IDENTITY) private Key key; @Persistent private String number; ... } public class UserDaoImpl implements UserDao { public void insertUser(User user) { if(user.getKey() == null) { com.google.appengine.api.datastore.Key key = KeyFactory.createKey(User.class.getSimpleName(), user.getEmail()); user.setKey(key); } PersistenceManager pm = PersistenceManagerWrapper.getPersistenceManager(); notNull(user); try { pm.makePersistent(user); } finally { pm.close(); } } @SuppressWarnings("unchecked") public User getUser(String uniqueId) { PersistenceManager pm = PersistenceManagerWrapper.getPersistenceManager(); Query query = pm.newQuery(User.class); query.setFilter("uniqueId == uniqueIdParam"); query.declareParameters("String uniqueIdParam"); User user = null; try { List<User> users = (List<User>)(query.execute(uniqueId)); //TODO abstract this if(users.size() > 0) user = users.get(0); } finally { pm.close(); } return user; } } public class UserDaoImplTest { @Test public void getUserTest() { User user = createTestUser(); assertNotNull("The user object should not be null", user); userDao.insertUser(user); User returnedUser = userDao.getUser(TEST_USER_ID); assertNotNull("The returnedUser object should not be null", returnedUser); Assert.assertPropertyEqualsExcludeProperties("User Object", user, returnedUser, ""); } } When I run the test, all the properties for User is populated but the list of Phone if I get is empty.

    Read the article

  • Grouping php array items based on user and created time

    - by Jim
    This is an array of objects showing a user uploading photos: Array ( [12] => stdClass Object ( [type] => photo [created] => 2010-05-14 23:36:41 [user] => stdClass Object ( [id] => 760 [username] => mrsmith ) [photo] => stdClass Object ( [id] => 4181 ) ) [44] => stdClass Object ( [type] => photo [created] => 2010-05-14 23:37:15 [user] => stdClass Object ( [id] => 760 [username] => mrsmith ) [photo] => stdClass Object ( [id] => 4180 ) ) ) However instead of showing: mr smith uploaded one photo mr smith uploaded one photo I'd like to display: mr smith uploaded two photos by grouping similar items, grouping by user ID and them having added them within, let's say 15 minutes of each other. So I'd like to get the array in this sort of shape: Array ( [12] => stdClass Object ( [type] => photo [created] => 2010-05-14 23:36:41 [user] => stdClass Object ( [id] => 760 [username] => mrsmith ) [photos] => Array ( [0] => stdClass Object ( [id] => 4181 ) [1] => stdClass Object ( [id] => 4180 ) ) ) ) preserving the first item of the group and it's created time, and supplementing it with any other groupable photos and then unsetting any items that were grouped (so the final array doesn't have key 44 anymore as it was grouped in with 12). The array contains other actions than just photos, hence the original keys of 12 and 44. I just can't figure out a way to do this efficiently. I used to use MySQL and PHP to do this but am trying to just use pure PHP for caching reasons. Can anyone shed any insights? I thought about going through each item and seeing if I can group it with the previous one in the array but the previous one might not necessarily be relevant or even a photo. I've got total brain freeze :(

    Read the article

  • ASP.Net MVC - Models and User Controls

    - by cdotlister
    Hi guys, I have a View with a Master Page. The user control makes use of a Model: <%@ Control Language="C#" Inherits="System.Web.Mvc.ViewUserControl<BudgieMoneySite.Models.SiteUserLoginModel>" %> This user control is shown on all screens (Part of the Master Page). If the user is logged in, it shows a certain text, and if the user isn't logged in, it offers a login box. That is working OK. Now, I am adding my first functional screen. So I created a new view... and, well, i generated the basic view code for me when I selected the controller method, and said 'Create View'. My Controller has this code: public ActionResult Transactions() { List<AccountTransactionDetails> trans = GetTransactions(); return View(trans); } private List<AccountTransactionDetails> GetTransactions() { List<AccountTransactionDto> trans = Services.TransactionServices.GetTransactions(); List<AccountTransactionDetails> reply = new List<AccountTransactionDetails>(); foreach(var t in trans) { AccountTransactionDetails a = new AccountTransactionDetails(); foreach (var line in a.Transactions) { AccountTransactionLine l = new AccountTransactionLine(); l.Amount = line.Amount; l.SubCategory = line.SubCategory; l.SubCategoryId = line.SubCategoryId; a.Transactions.Add(l); } reply.Add(a); } return reply; } So, my view was generated with this: <%@ Page Language="C#" MasterPageFile="~/Views/Shared/Site.Master" Inherits="System.Web.Mvc.ViewPage<System.Collections.Generic.List<BudgieMoneySite.Models.AccountTransactionDetails>>" %> Found <%=Model.Count() % Transactions. All I want to show for now is the number of records I will be displaying. When I run it, I get an error: "The model item passed into the dictionary is of type 'System.Collections.Generic.List`1[BudgieMoneySite.Models.AccountTransactionDetails]', but this dictionary requires a model item of type 'BudgieMoneySite.Models.SiteUserLoginModel'." It looks like the user control is being rendered first, and as the Model from the controller is my List<, it's breaking! What am I doing wrong?

    Read the article

  • Why am I getting a warning that windows is logging on with a temporary profile to run a task scheduler task?

    - by Dan C
    I am having a strange problem with the Windows Server 2008 Task Scheduler. I have to run a small command-line application every few minutes. This application just executes a quick web service call on the localhost and adds an entry to a log file; so it should not need anything special in terms of permissions. First, I created a new user account "my_scheduler" just for the task. This account is a member of the Users group (not sure what other settings I should turn on/off) and set it's password to not expire. I then create a task to run the application every few minutes. I set it to "Run whether user is logged on or not" and turned on "Do not store password. The task will only have access to local resources" (I did this since it's not hitting anything on the network. I did not turn on "Run with highest privileges" since it does not seem to need them. I set the schedule to "After triggered, repeat every 30 minutes for a duration of 1 day" and "Allow task to be run on demand" (no other settings enabled). However, I notice that in the Event Log, I see a bunch of these warnings whenever the task is run: "Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off." Even though I get the warning, the task is executing (I see the log entries appearing). Another (possibly related) issue is that I also see that it's starting multiple copies of the task (within a few seconds of each other) even though it should only start one. This is also a big problem. Any idea how I can fix this? Thanks in advance, Dan

    Read the article

  • Key-Based SSH Permission denied (publickey) Ubuntu 12-04

    - by user125176
    I have configured sshd to accept key-based ssh logins with LogLevel on DEBUG, and uploaded my public key to ~/.ssh.authorized_keys, where permissions are set as: 700 ~/.ssh 600 ~/.ssh/authorized_keys From root, I can su - USERNAME. From the client I get Permission denied (publicly). From the server Here's how it is telling me that it "Could not open authorized keys '/home/USERNAME/.ssh/authorized_keys': Permission denied". Client protocol version 2.0; client software version OpenSSH_5.2 match: OpenSSH_5.2 pat OpenSSH* Enabling compatibility mode for protocol 2.0 Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1 permanently_set_uid: 105/65534 [preauth] list_hostkey_types: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256 [preauth] SSH2_MSG_KEXINIT sent [preauth] SSH2_MSG_KEXINIT received [preauth] kex: client->server aes128-ctr hmac-md5 none [preauth] kex: server->client aes128-ctr hmac-md5 none [preauth] SSH2_MSG_KEX_DH_GEX_REQUEST received [preauth] SSH2_MSG_KEX_DH_GEX_GROUP sent [preauth] expecting SSH2_MSG_KEX_DH_GEX_INIT [preauth] SSH2_MSG_KEX_DH_GEX_REPLY sent [preauth] SSH2_MSG_NEWKEYS sent [preauth] expecting SSH2_MSG_NEWKEYS [preauth] SSH2_MSG_NEWKEYS received [preauth] KEX done [preauth] userauth-request for user USERNAME service ssh-connection method none [preauth] attempt 0 failures 0 [preauth] PAM: initializing for "USERNAME" PAM: setting PAM_RHOST to "USERHOSTNAME" PAM: setting PAM_TTY to "ssh" userauth_send_banner: sent [preauth] userauth-request for user USERNAME service ssh-connection method publickey [preauth] attempt 1 failures 0 [preauth] test whether pkalg/pkblob are acceptable [preauth] Checking blacklist file /usr/share/ssh/blacklist.RSA-4096 Checking blacklist file /etc/ssh/blacklist.RSA-4096 temporarily_use_uid: 1001/1002 (e=0/0) trying public key file /home/USERNAME/.ssh/authorized_keys Could not open authorized keys '/home/USERNAME/.ssh/authorized_keys': Permission denied restore_uid: 0/0 temporarily_use_uid: 1001/1002 (e=0/0) trying public key file /home/USERNAME/.ssh/authorized_keys2 Could not open authorized keys '/home/USERNAME/.ssh/authorized_keys2': Permission denied restore_uid: 0/0 Failed publickey for USERNAME from IPADDRESS port 57523 ssh2 Connection closed by IPADDRESS [preauth] do_cleanup [preauth] monitor_read_log: child log fd closed do_cleanup PAM: cleanup

    Read the article

  • What is the advantage of not running as root? [closed]

    - by Shmuel Brill
    Possible Duplicate: What's wrong with always being root? All modern brands of Linux highly discourage (or disable) one from running as root instead of a normal user. I do not understand why. As a "normal" user, one could Download a rouge program from the internet. Run it (After all, one isn't root, what can it do). It installs itself in .bashrc or .xinitrc It writes a rouge "sudo" and "su" and adds . to the path Not noticing that . is in path, one runs sudo. The rouge program now has root password and can do anything it wants in the system. Even if 3-6 doesn't happen, the program could still Be part of a botnet. Read all files in the home directory and send them back (mine for SS#, Credit Card numbers, bank account numbers, etc). Send spam. Run a backdoor server to allow an attacker a chance to connect to the machine to determine vulnerabilities. It seems that the whole "permissions" thing (root/non-root) is just to prevent amateur crackers from getting into the system, so the question is: Is there a point in avoiding running as root, and is there a way to protect oneself if one wants to run unsafe code?

    Read the article

  • Is it ever good to share a userid?

    - by Ladlestein
    On Un*x, Is it ever a good idea to have one userid that many different people log into when they do stuff? Often I'm installing software or something on a Linux or BSD system. I've developed software for 24 years now, so I know how to make the machine do what I want, but I've never had responsibility for maintaining a multi-user installation where anyone really cared about security. So my opinions feel untested. Now I'm at a company where there's a server that many people log into with a single userid and do stuff. I'm installing some software on it. It's not really a public-facing server, and is only accessible via VPN, but it's used by many people nonetheless, to run tests on custom software, things like that. It's a staging server. I'm thinking that at the very least, using a single user obscures an audit trail, and that's bad. And it's just inelegant, because people don't have their own spaces on the server. But then again, with more userids, maybe there's a greater chance that one can be compromised, allowing attackers to gain access. ?

    Read the article

  • REMOTE_USER not getting set?

    - by landed
    I am trying to setup LDAP Authentication in Joomla using a plugin called JMapMyLDAP (in fact 4 plugins each doing a different job). I need to pull a part of a string out of the server variable REMOTE_USER and this should be visible (we see here http://timplummer.com.au/4-how-to-integrate-joomla-3-with-active-directory-using-ldap.html) in phpinfo(); The issue is that REMOTE_USER is not set or at least not appearing. A few things to note (if you don't mind) here- conceptually I am not really understanding authentication as a whole subject it appears to be vast despite my years working in websites. Yes I used asp and built php pages to check a user is who they say they are with a token(/session?) that was given to just them and then they are identified when a stateless request is made to the server. Thats my level of understanding. This sounds different to the basic authentication in apache where a password sits in a file and a username and the user needs to login to a basic form to get access to the folder/docs this is via an .htaccess file. Ok so with the LDAP to work I need to get REMOTE_USER this sounds very reasonable as how else do we know is making the request. Thank you.

    Read the article

  • Linq-to-Sql IIS7 Login failed for user ‘DOMAIN\MACHINENAME$’

    - by cfdev9
    I am encountering unexpected behaviour using Linq-to-sql DataContext. When I run my application locally it works as expected however after deploying to a test server which runs IIS7, I get an error Login failed for user ‘DOMAIN\MACHINENAME$’ when attempting to open objects from the DataContext. This code explains the error, which breaks on the very last line with the error "System.Data.SqlClient.SqlException: Login failed for user". var connStr ="Data Source=server;Initial Catalog=Test;User Id=testuser;Password=password"; //Test 1 var conn1 = new System.Data.SqlClient.SqlConnection(connStr); var cmdString = "SELECT COUNT(*) FROM Table1"; var cmd = new System.Data.SqlClient.SqlCommand(cmdString, conn1); conn1.Open(); var count1 = cmd.ExecuteScalar(); conn1.Close(); //Test 2 var conn2 = new System.Data.SqlClient.SqlConnection(connStr); var context = new TestDataContext(conn2); var count2 = context.Table1s.Count(); The connection string is not even using integrated security, so why is Linq-to-sql trying to connect as a specific user? If I change the server name in the connection string I get a different error so its using atleast part of the connection string, but apparently ignoring the UserId and Password. Very confused.

    Read the article

  • How to Send user to two different web pages when login

    - by Pradeep
    protected static Boolean Authentication(string username, string password) { string sqlstring; sqlstring = "Select Username, Password, UserType from Userprofile WHERE Username='" + username + "' and Password ='" + password + "'"; // create a connection with sqldatabase System.Data.SqlClient.SqlConnection con = new System.Data.SqlClient.SqlConnection( "Data Source=PRADEEP-LAPTOP\\SQLEXPRESS;Initial Catalog=BookStore;Integrated Security=True"); // create a sql command which will user connection string and your select statement string System.Data.SqlClient.SqlCommand comm = new System.Data.SqlClient.SqlCommand(sqlstring, con); // create a sqldatabase reader which will execute the above command to get the values from sqldatabase System.Data.SqlClient.SqlDataReader reader; // open a connection with sqldatabase con.Open(); // execute sql command and store a return values in reade reader = comm.ExecuteReader(); // check if reader hase any value then return true otherwise return false if (reader.Read()) return true; else return false; } Boolean blnresult; blnresult = Authentication(Login2.UserName, Login2.Password); if (blnresult == true) { Session["User_ID"] = getIDFromName(Login2.UserName); Session["Check"] = true; Session["Username"] = Login2.UserName; Response.Redirect("Index.aspx"); } so a user like Staff or even Administrators loging to same Index.aspx. i want to change it to different web pages. how to change sites for each user types. i have seperate user types. and i have taken UserType in the Authentication function.

    Read the article

  • Non-deprecated code for detecting whether a SharePoint User has a specific Permission Level

    - by ccomet
    In our application, we have some forms which need to show some data specifically if the current user has a specific permission level. These users belong to an SPGroup which includes users who should not see this data, so in this particular case I cannot filter based off of group membership. My current solution has been to use web.CurrentUser.Roles and use a simple check on whether it contains a permission level of the correct name. Roles is of the deprecated SPRole class, so I am bombarded with warning messages despite the fact it technically works. It suggests that I use SPRoleAssignment or SPRoleDefinition (the recommendation seems arbitrary since some lines recommend one while others recommend the other even though it is being used for the same thing). However, I cannot seem to find any method to directly retrieve an SPRoleAssignment or SPRoleDefinition object from an SPUser or SPPrincipal object, nor can I retrieve either object corresponding specifically to the current user of the SPWeb object. How can I update these methods to use non-deprecated code? I've found other cases of determining user permissions, but I haven't found one that will work from a starting point of the current web or the current user. It's not urgent, but it certainly is helpful to avoid having to sift through all of those warnings just to reach the more important warnings.

    Read the article

  • Relative path from an ASP.NET user control NavigateUrl

    - by Daniel Ballinger
    I have a user control that contains a GridView. The GridView has both a HyperLinkField column and a template column that contains a HyperLink control. The ASP.NET project is structured as follows, with the Default.aspx page in each case using the user control. Application Root Controls UserControl with GridView SystemAdminFolder Default.aspx Edit.aspx OrganisationAdminFolder Default.aspx Edit.aspx StandardUserFolder Default.aspx Edit.aspx Note: The folders are being used to ensure the user has the correct role. I need to be able to set the DataNavigateUrlFormatString for the HyperLinkField and the NavigateUrl for the HyperLink to resolve to the Edit.aspx page in the corresponding folder. If I set the navigate URL to "Edit.aspx" the URL in the browser appears as 'http://Application Root/Controls/Edit.aspx' regardless of the originating directory. I can't use the Web application root operator (~/) as the path needs to be relative to the current page, not the application root. How can I use the same user control in multiple folders and resolve the URL to another page in the same folder? Note: The question is strongly based off a similar question by azhar2000s on the asp.net forums that matches my problem.

    Read the article

  • TypeError: coercing to Unicode: need string or buffer, User found

    - by Clemens
    hi, i have to crawl last.fm for users (university exercise). I'm new to python and get following error: Traceback (most recent call last): File "crawler.py", line 23, in <module> for f in user_.get_friends(limit='200'): File "/opt/local/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/site-packages/pylast.py", line 2717, in get_friends for node in _collect_nodes(limit, self, "user.getFriends", False): File "/opt/local/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/site-packages/pylast.py", line 3409, in _collect_nodes doc = sender._request(method_name, cacheable, params) File "/opt/local/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/site-packages/pylast.py", line 969, in _request return _Request(self.network, method_name, params).execute(cacheable) File "/opt/local/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/site-packages/pylast.py", line 721, in __init__ self.sign_it() File "/opt/local/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/site-packages/pylast.py", line 727, in sign_it self.params['api_sig'] = self._get_signature() File "/opt/local/Library/Frameworks/Python.framework/Versions/2.6/lib/python2.6/site-packages/pylast.py", line 740, in _get_signature string += self.params[name] TypeError: coercing to Unicode: need string or buffer, User found i use the pylast lib for crawling. what i want to do: i want to get a users friends and the friends of the users friends. the error occurs, when i have a for loop in another for loop. here's the code: network = pylast.get_lastfm_network(api_key = API_KEY, api_secret = API_SECRET, username = username, password_hash = password_hash) user = network.get_user("vidarnelson") friends = user.get_friends(limit='200') i = 1 for friend in friends: user_ = network.get_user(friend) print '#%d %s' % (i, friend) i = i + 1 for f in user_.get_friends(limit='200'): print f any advice? thanks in advance. regards!

    Read the article

  • User roles - why not store in session?

    - by Phil
    I'm porting an ASP.NET application to MVC and need to store two items relating to an authenitcated user: a list of roles and a list of visible item IDs, to determine what the user can or cannot see. We've used WSE with a web service in the past and this made things unbelievably complex and impossible to debug properly. Now we're ditching the web service I was looking foward to drastically simplifying the solution simply to store these things in the session. A colleague suggested using the roles and membership providers but on looking into this I've found a number of problems: a) It suffers from similar but different problems to WSE in that it has to be used in a very constrained way maing it tricky even to write tests; b) The only caching option for the RolesProvider is based on cookies which we've rejected on security grounds; c) It introduces no end of complications and extra unwanted baggage; All we want to do, in a nutshell, is store two string variables in a user's session or something equivalent in a secure way and refer to them when we need to. What seems to be a ten minute job has so far taken several days of investigation and to compound the problem we have now discovered that session IDs can apparently be faked, see http://blogs.sans.org/appsecstreetfighter/2009/06/14/session-attacks-and-aspnet-part-1/ I'm left thinking there is no easy way to do this very simple job, but I find that impossible to believe. Could anyone: a) provide simple information on how to make ASP.NET MVC sessions secure as I always believed they were? b) suggest another simple way to store these two string variables for a logged in user's roles etc. without having to replace one complex nightmare with another as described above? Thank you.

    Read the article

  • User must have accepted TOS - Facebook Graph API error when posting photos to group page

    - by user370309
    Hi all, I've been struggling to upload an image from the user's computer and posted to our group page using the Facebook Graph API. I was able to send a post request to facebook with the image however, I'm getting this error back: ERROR: (#200) User must have accepted TOS. To some extent, I don't believe that I need the user to authorize himself as the photo is being uploaded to our group page. This below, is the code i'm using: if($albumId != null) { $args = array( 'message' = $description ); $args[basename($photoPath)] = '@' . realpath($photoPath); $ch = curl_init(); $url = 'https://graph.facebook.com/'.$albumId.'/photos?'.$token; curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_HEADER, false); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $args); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); $data = curl_exec($ch); $photoId = json_decode($data, true); if(isset($photoId['error'])) die('ERROR: '.$photoId['error']['message']); $temp = explode('.', sprintf('%f', $photoId['id'])); $photoId = $temp[0]; return $photoId; } Can somebody tell me if I need to request extra permissions from the user or what i'm doing wrong? Thanks very much!

    Read the article

  • "User Friendly" .net compatible Regex/Text matching tools?

    - by Binary Worrier
    Currently in our software we provide a hook where we call a DLL built by our clients to parse information out of documents we are processing (the DLL takes in some text (or a file) and returns a list of name/value pairs). e.g. We're given a Word doc or Text file to Archive. We do various things to the file, and call a DLL that will return "pertinent" information about the file. Among other things we store that "pertinent" data for posterity. What is considered "pertinent" depends on the client and the type of the document, we don't care, we get it and store it. I've been asked to develop a user friendly "something" that will allow a non-programmer user to "configure" how to get this data from a plain text document (<humor>The user story ends with the helpful suggestion/query "We could use regex for this?"</humor>) It's safe to assume that a list of regex's isn't going to cut this, I've written some of these parsers for customers, the regex's to do these would be hedious and some of them can't be done by regex's. Also one of the requirements above is "user friendly" which negates anything that has users seeing or editing regex expressions. As you can guess, I don't have a fortune of time to do this, and am wondering is there anything out there that I can plug in to our app that has a nice front end and does exactly what I need? :) No? Whadda mean no! . . . sigh Ok then failing that, anything out there that "visually" builds regex's and/or other pattern matching expressions, and then allows one to run those expressions against some text? The MS BRE will do what I want, but I need something prettier that looks less like code. Thanks guys,

    Read the article

  • (rsErrorOpeningConnection) Could not obtain information about Windows NT group/user

    - by ChelleATL
    I am trying to deploy a report to the Reporting Services Server but keep running up against this error: An error occurred during client rendering. An error has occurred during report processing. (rsProcessingAborted) Cannot create a connection to data source 'dataSource1'. (rsErrorOpeningConnection) Could not obtain information about Windows NT group/user 'DOMAIN\useradmin', error code 0x5. Here’s my situation: Everything is being ran using DOMAIN\useradmin and the report is using a remote database. Reporting Services and SQL Server are both ran under DOMAIN\useradmin. DOMAIN\useradmin is a windows AD login and is part of the server machine Administrators group. My test report is using a data source model that in turn is using a data source that is connection to a database on a different SQL Server. The data source is using “Credentials stored securely in the report server” with the options “Use as Windows credentials when connecting to the data source” and “Impersonate the authenticated user after a connection has been made to the data source.” I am using the credentials of DOMAIN\useradmin that is the db owner of the remote database. DOMAIN\useradmin is assigned the roles, System Administrator, System User and Browser, Content Manager, My Reports, Publisher, Report Builder. So if everything is being run under an über AD account, why I am getting this Could not obtain information about Windows NT group/user 'DOMAIN\useradmin' error? Under normal circumstances , an AD login with Publisher permissions will developing reports using a datasource model created by DOMAIN\useradmin but using one of the remote database’s users which is mapped from yet another AD login. I ran the following statements and non errors were returned: use master go xp_grantlogin 'DOMAIN\useradmin' go xp_logininfo 'DOMAIN\useradmin' go

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 114 115 116 117 118 119 120 121 122 123 124 125  | Next Page >