Search Results

Search found 9490 results on 380 pages for 'session hijacking'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 121/380 | < Previous Page | 117 118 119 120 121 122 123 124 125 126 127 128  | Next Page >

  • Social Media Stations for Partners

    - by Oracle OpenWorld Blog Team
    By Stephanie Spada One of our exciting additions to this year’s Oracle Partner Network Exchange @ OpenWorld are Social Media Stations.  Partners have the opportunity to get customized, face-to-face expert advice on how they can better engage their customers and find new prospects online using social media tools.When: Sunday, September 30Time: 3:00 p.m.–5:00 p.m.Where: Moscone South, Esplanade levelWhen: Monday, October 1Time:  9:30 a.m.–6:00 p.m.Where: Moscone South, OPN Lounge, Exhibitor levelEach customized social media consultation will take only 25 minutes. Here’s how it works:·    Partners check in with a Social Media Rally coordinator who will assess needs and make the right connections for each session·    Partners go to the Photo Station, where a headshot will be taken that can be used on social profiles, Websites or for articles and posts across the Web·    Partners meet with the One-2-One consultants who will walk them through how they’re using social media today and what next steps could beSocial media channels/methods discussed can include Google+, Google Alerts, Google Analytics, Facebook, LinkedIn, Search Engine Optimization, Twitter, and more.  With so many choices, partners can decide how to focus their time.To get the most out of the Social Media Stations, partners should:·    Wear appropriate attire for the headshot photo·    Bring log-in information for social platforms they want to discuss·    Come prepared with questions for the One-2-One consultation so session time can be maximizedFor questions, or to schedule a session ahead of time, partners should send an email to: [email protected].

    Read the article

  • How do I daemonify my daemon?

    - by jonobacon
    As part of the Ubuntu Accomplishments system I have a daemon that runs as well as a client that connects to it. The daemon is written in Python (using Twisted) and provides a dbus service and a means of processing requests from the clients. Right now the daemon is just a program I run before I run the client and it sets up the dbus service and provides an API that can be used by the clients. I want to transform this into something that can be installed and run as a system service for the user's session (e.g. starting on boot) and providing a means to start and stop it etc. The problem is, I am not sure what I need to do to properly daemonify it so it can run as this service. I wanted to ask if others can provide some guidance. Some things I need to ask: How can I treat it as a service that is run for the current user service (not a system service right now)? How do I ensure I can start, stop, and restart this session service? When packaging this, how do I ensure that it installs it as a service for the user's session and is started on login etc? In responding, if you can point me to specific examples or solutions I need to implement, that would be helpful. :-) Thanks! Jono

    Read the article

  • Angular JS - shop data disapears after using external payment script

    - by rZaaaa
    Im building a shopping cart in angular JS. till now all goes good but now i am at the checkout phase of y project. The problem is that im using external payment gateways such as ideal etc. when i checkout using for example Ideal the page redirects to the login page of the bank. All i have is a return url When i get to the return url al angular data is gone... I dont know how to do this properly. Also when i checkout and from the back page hit BACK again. the data is also gone and i have to do all the steps again, fill cart etc. So i gues i have to do something with sessions but what is the best way with angular JS how can i do this? The php backend is a slim framework. In the php version of my website i use the session generate id for the "lost" carts. is a user comes back, this session would be the same so i can retrieve his data (other session variables) ...

    Read the article

  • Using FiddlerCore to capture HTTP Requests with .NET

    - by Rick Strahl
    Over the last few weeks I’ve been working on my Web load testing utility West Wind WebSurge. One of the key components of a load testing tool is the ability to capture URLs effectively so that you can play them back later under load. One of the options in WebSurge for capturing URLs is to use its built-in capture tool which acts as an HTTP proxy to capture any HTTP and HTTPS traffic from most Windows HTTP clients, including Web Browsers as well as standalone Windows applications and services. To make this happen, I used Eric Lawrence’s awesome FiddlerCore library, which provides most of the functionality of his desktop Fiddler application, all rolled into an easy to use library that you can plug into your own applications. FiddlerCore makes it almost too easy to capture HTTP content! For WebSurge I needed to capture all HTTP traffic in order to capture the full HTTP request – URL, headers and any content posted by the client. The result of what I ended up creating is this semi-generic capture form: In this post I’m going to demonstrate how easy it is to use FiddlerCore to build this HTTP Capture Form.  If you want to jump right in here are the links to get Telerik’s Fiddler Core and the code for the demo provided here. FiddlerCore Download FiddlerCore on NuGet Show me the Code (WebSurge Integration code from GitHub) Download the WinForms Sample Form West Wind Web Surge (example implementation in live app) Note that FiddlerCore is bound by a license for commercial usage – see license.txt in the FiddlerCore distribution for details. Integrating FiddlerCore FiddlerCore is a library that simply plugs into your application. You can download it from the Telerik site and manually add the assemblies to your project, or you can simply install the NuGet package via:       PM> Install-Package FiddlerCore The library consists of the FiddlerCore.dll as well as a couple of support libraries (CertMaker.dll and BCMakeCert.dll) that are used for installing SSL certificates. I’ll have more on SSL captures and certificate installation later in this post. But first let’s see how easy it is to use FiddlerCore to capture HTTP content by looking at how to build the above capture form. Capturing HTTP Content Once the library is installed it’s super easy to hook up Fiddler functionality. Fiddler includes a number of static class methods on the FiddlerApplication object that can be called to hook up callback events as well as actual start monitoring HTTP URLs. In the following code directly lifted from WebSurge, I configure a few filter options on Form level object, from the user inputs shown on the form by assigning it to a capture options object. In the live application these settings are persisted configuration values, but in the demo they are one time values initialized and set on the form. Once these options are set, I hook up the AfterSessionComplete event to capture every URL that passes through the proxy after the request is completed and start up the Proxy service:void Start() { if (tbIgnoreResources.Checked) CaptureConfiguration.IgnoreResources = true; else CaptureConfiguration.IgnoreResources = false; string strProcId = txtProcessId.Text; if (strProcId.Contains('-')) strProcId = strProcId.Substring(strProcId.IndexOf('-') + 1).Trim(); strProcId = strProcId.Trim(); int procId = 0; if (!string.IsNullOrEmpty(strProcId)) { if (!int.TryParse(strProcId, out procId)) procId = 0; } CaptureConfiguration.ProcessId = procId; CaptureConfiguration.CaptureDomain = txtCaptureDomain.Text; FiddlerApplication.AfterSessionComplete += FiddlerApplication_AfterSessionComplete; FiddlerApplication.Startup(8888, true, true, true); } The key lines for FiddlerCore are just the last two lines of code that include the event hookup code as well as the Startup() method call. Here I only hook up to the AfterSessionComplete event but there are a number of other events that hook various stages of the HTTP request cycle you can also hook into. Other events include BeforeRequest, BeforeResponse, RequestHeadersAvailable, ResponseHeadersAvailable and so on. In my case I want to capture the request data and I actually have several options to capture this data. AfterSessionComplete is the last event that fires in the request sequence and it’s the most common choice to capture all request and response data. I could have used several other events, but AfterSessionComplete is one place where you can look both at the request and response data, so this will be the most common place to hook into if you’re capturing content. The implementation of AfterSessionComplete is responsible for capturing all HTTP request headers and it looks something like this:private void FiddlerApplication_AfterSessionComplete(Session sess) { // Ignore HTTPS connect requests if (sess.RequestMethod == "CONNECT") return; if (CaptureConfiguration.ProcessId > 0) { if (sess.LocalProcessID != 0 && sess.LocalProcessID != CaptureConfiguration.ProcessId) return; } if (!string.IsNullOrEmpty(CaptureConfiguration.CaptureDomain)) { if (sess.hostname.ToLower() != CaptureConfiguration.CaptureDomain.Trim().ToLower()) return; } if (CaptureConfiguration.IgnoreResources) { string url = sess.fullUrl.ToLower(); var extensions = CaptureConfiguration.ExtensionFilterExclusions; foreach (var ext in extensions) { if (url.Contains(ext)) return; } var filters = CaptureConfiguration.UrlFilterExclusions; foreach (var urlFilter in filters) { if (url.Contains(urlFilter)) return; } } if (sess == null || sess.oRequest == null || sess.oRequest.headers == null) return; string headers = sess.oRequest.headers.ToString(); var reqBody = sess.GetRequestBodyAsString(); // if you wanted to capture the response //string respHeaders = session.oResponse.headers.ToString(); //var respBody = session.GetResponseBodyAsString(); // replace the HTTP line to inject full URL string firstLine = sess.RequestMethod + " " + sess.fullUrl + " " + sess.oRequest.headers.HTTPVersion; int at = headers.IndexOf("\r\n"); if (at < 0) return; headers = firstLine + "\r\n" + headers.Substring(at + 1); string output = headers + "\r\n" + (!string.IsNullOrEmpty(reqBody) ? reqBody + "\r\n" : string.Empty) + Separator + "\r\n\r\n"; BeginInvoke(new Action<string>((text) => { txtCapture.AppendText(text); UpdateButtonStatus(); }), output); } The code starts by filtering out some requests based on the CaptureOptions I set before the capture is started. These options/filters are applied when requests actually come in. This is very useful to help narrow down the requests that are captured for playback based on options the user picked. I find it useful to limit requests to a certain domain for captures, as well as filtering out some request types like static resources – images, css, scripts etc. This is of course optional, but I think it’s a common scenario and WebSurge makes good use of this feature. AfterSessionComplete like other FiddlerCore events, provides a Session object parameter which contains all the request and response details. There are oRequest and oResponse objects to hold their respective data. In my case I’m interested in the raw request headers and body only, as you can see in the commented code you can also retrieve the response headers and body. Here the code captures the request headers and body and simply appends the output to the textbox on the screen. Note that the Fiddler events are asynchronous, so in order to display the content in the UI they have to be marshaled back the UI thread with BeginInvoke, which here simply takes the generated headers and appends it to the existing textbox test on the form. As each request is processed, the headers are captured and appended to the bottom of the textbox resulting in a Session HTTP capture in the format that Web Surge internally supports, which is basically raw request headers with a customized 1st HTTP Header line that includes the full URL rather than a server relative URL. When the capture is done the user can either copy the raw HTTP session to the clipboard, or directly save it to file. This raw capture format is the same format WebSurge and also Fiddler use to import/export request data. While this code is application specific, it demonstrates the kind of logic that you can easily apply to the request capture process, which is one of the reasonsof why FiddlerCore is so powerful. You get to choose what content you want to look up as part of your own application logic and you can then decide how to capture or use that data as part of your application. The actual captured data in this case is only a string. The user can edit the data by hand or in the the case of WebSurge, save it to disk and automatically open the captured session as a new load test. Stopping the FiddlerCore Proxy Finally to stop capturing requests you simply disconnect the event handler and call the FiddlerApplication.ShutDown() method:void Stop() { FiddlerApplication.AfterSessionComplete -= FiddlerApplication_AfterSessionComplete; if (FiddlerApplication.IsStarted()) FiddlerApplication.Shutdown(); } As you can see, adding HTTP capture functionality to an application is very straight forward. FiddlerCore offers tons of features I’m not even touching on here – I suspect basic captures are the most common scenario, but a lot of different things can be done with FiddlerCore’s simple API interface. Sky’s the limit! The source code for this sample capture form (WinForms) is provided as part of this article. Adding Fiddler Certificates with FiddlerCore One of the sticking points in West Wind WebSurge has been that if you wanted to capture HTTPS/SSL traffic, you needed to have the full version of Fiddler and have HTTPS decryption enabled. Essentially you had to use Fiddler to configure HTTPS decryption and the associated installation of the Fiddler local client certificate that is used for local decryption of incoming SSL traffic. While this works just fine, requiring to have Fiddler installed and then using a separate application to configure the SSL functionality isn’t ideal. Fortunately FiddlerCore actually includes the tools to register the Fiddler Certificate directly using FiddlerCore. Why does Fiddler need a Certificate in the first Place? Fiddler and FiddlerCore are essentially HTTP proxies which means they inject themselves into the HTTP conversation by re-routing HTTP traffic to a special HTTP port (8888 by default for Fiddler) and then forward the HTTP data to the original client. Fiddler injects itself as the system proxy in using the WinInet Windows settings  which are the same settings that Internet Explorer uses and that are configured in the Windows and Internet Explorer Internet Settings dialog. Most HTTP clients running on Windows pick up and apply these system level Proxy settings before establishing new HTTP connections and that’s why most clients automatically work once Fiddler – or FiddlerCore/WebSurge are running. For plain HTTP requests this just works – Fiddler intercepts the HTTP requests on the proxy port and then forwards them to the original port (80 for HTTP and 443 for SSL typically but it could be any port). For SSL however, this is not quite as simple – Fiddler can easily act as an HTTPS/SSL client to capture inbound requests from the server, but when it forwards the request to the client it has to also act as an SSL server and provide a certificate that the client trusts. This won’t be the original certificate from the remote site, but rather a custom local certificate that effectively simulates an SSL connection between the proxy and the client. If there is no custom certificate configured for Fiddler the SSL request fails with a certificate validation error. The key for this to work is that a custom certificate has to be installed that the HTTPS client trusts on the local machine. For a much more detailed description of the process you can check out Eric Lawrence’s blog post on Certificates. If you’re using the desktop version of Fiddler you can install a local certificate into the Windows certificate store. Fiddler proper does this from the Options menu: This operation does several things: It installs the Fiddler Root Certificate It sets trust to this Root Certificate A new client certificate is generated for each HTTPS site monitored Certificate Installation with FiddlerCore You can also provide this same functionality using FiddlerCore which includes a CertMaker class. Using CertMaker is straight forward to use and it provides an easy way to create some simple helpers that can install and uninstall a Fiddler Root certificate:public static bool InstallCertificate() { if (!CertMaker.rootCertExists()) { if (!CertMaker.createRootCert()) return false; if (!CertMaker.trustRootCert()) return false; } return true; } public static bool UninstallCertificate() { if (CertMaker.rootCertExists()) { if (!CertMaker.removeFiddlerGeneratedCerts(true)) return false; } return true; } InstallCertificate() works by first checking whether the root certificate is already installed and if it isn’t goes ahead and creates a new one. The process of creating the certificate is a two step process – first the actual certificate is created and then it’s moved into the certificate store to become trusted. I’m not sure why you’d ever split these operations up since a cert created without trust isn’t going to be of much value, but there are two distinct steps. When you trigger the trustRootCert() method, a message box will pop up on the desktop that lets you know that you’re about to trust a local private certificate. This is a security feature to ensure that you really want to trust the Fiddler root since you are essentially installing a man in the middle certificate. It’s quite safe to use this generated root certificate, because it’s been specifically generated for your machine and thus is not usable from external sources, the only way to use this certificate in a trusted way is from the local machine. IOW, unless somebody has physical access to your machine, there’s no useful way to hijack this certificate and use it for nefarious purposes (see Eric’s post for more details). Once the Root certificate has been installed, FiddlerCore/Fiddler create new certificates for each site that is connected to with HTTPS. You can end up with quite a few temporary certificates in your certificate store. To uninstall you can either use Fiddler and simply uncheck the Decrypt HTTPS traffic option followed by the remove Fiddler certificates button, or you can use FiddlerCore’s CertMaker.removeFiddlerGeneratedCerts() which removes the root cert and any of the intermediary certificates Fiddler created. Keep in mind that when you uninstall you uninstall the certificate for both FiddlerCore and Fiddler, so use UninstallCertificate() with care and realize that you might affect the Fiddler application’s operation by doing so as well. When to check for an installed Certificate Note that the check to see if the root certificate exists is pretty fast, while the actual process of installing the certificate is a relatively slow operation that even on a fast machine takes a few seconds. Further the trust operation pops up a message box so you probably don’t want to install the certificate repeatedly. Since the check for the root certificate is fast, you can easily put a call to InstallCertificate() in any capture startup code – in which case the certificate installation only triggers when a certificate is in fact not installed. Personally I like to make certificate installation explicit – just like Fiddler does, so in WebSurge I use a small drop down option on the menu to install or uninstall the SSL certificate:   This code calls the InstallCertificate and UnInstallCertificate functions respectively – the experience with this is similar to what you get in Fiddler with the extra dialog box popping up to prompt confirmation for installation of the root certificate. Once the cert is installed you can then capture SSL requests. There’s a gotcha however… Gotcha: FiddlerCore Certificates don’t stick by Default When I originally tried to use the Fiddler certificate installation I ran into an odd problem. I was able to install the certificate and immediately after installation was able to capture HTTPS requests. Then I would exit the application and come back in and try the same HTTPS capture again and it would fail due to a missing certificate. CertMaker.rootCertExists() would return false after every restart and if re-installed the certificate a new certificate would get added to the certificate store resulting in a bunch of duplicated root certificates with different keys. What the heck? CertMaker and BcMakeCert create non-sticky CertificatesI turns out that FiddlerCore by default uses different components from what the full version of Fiddler uses. Fiddler uses a Windows utility called MakeCert.exe to create the Fiddler Root certificate. FiddlerCore however installs the CertMaker.dll and BCMakeCert.dll assemblies, which use a different crypto library (Bouncy Castle) for certificate creation than MakeCert.exe which uses the Windows Crypto API. The assemblies provide support for non-windows operation for Fiddler under Mono, as well as support for some non-Windows certificate platforms like iOS and Android for decryption. The bottom line is that the FiddlerCore provided bouncy castle assemblies are not sticky by default as the certificates created with them are not cached as they are in Fiddler proper. To get certificates to ‘stick’ you have to explicitly cache the certificates in Fiddler’s internal preferences. A cache aware version of InstallCertificate looks something like this:public static bool InstallCertificate() { if (!CertMaker.rootCertExists()) { if (!CertMaker.createRootCert()) return false; if (!CertMaker.trustRootCert()) return false; App.Configuration.UrlCapture.Cert = FiddlerApplication.Prefs.GetStringPref("fiddler.certmaker.bc.cert", null); App.Configuration.UrlCapture.Key = FiddlerApplication.Prefs.GetStringPref("fiddler.certmaker.bc.key", null); } return true; } public static bool UninstallCertificate() { if (CertMaker.rootCertExists()) { if (!CertMaker.removeFiddlerGeneratedCerts(true)) return false; } App.Configuration.UrlCapture.Cert = null; App.Configuration.UrlCapture.Key = null; return true; } In this code I store the Fiddler cert and private key in an application configuration settings that’s stored with the application settings (App.Configuration.UrlCapture object). These settings automatically persist when WebSurge is shut down. The values are read out of Fiddler’s internal preferences store which is set after a new certificate has been created. Likewise I clear out the configuration settings when the certificate is uninstalled. In order for these setting to be used you have to also load the configuration settings into the Fiddler preferences *before* a call to rootCertExists() is made. I do this in the capture form’s constructor:public FiddlerCapture(StressTestForm form) { InitializeComponent(); CaptureConfiguration = App.Configuration.UrlCapture; MainForm = form; if (!string.IsNullOrEmpty(App.Configuration.UrlCapture.Cert)) { FiddlerApplication.Prefs.SetStringPref("fiddler.certmaker.bc.key", App.Configuration.UrlCapture.Key); FiddlerApplication.Prefs.SetStringPref("fiddler.certmaker.bc.cert", App.Configuration.UrlCapture.Cert); }} This is kind of a drag to do and not documented anywhere that I could find, so hopefully this will save you some grief if you want to work with the stock certificate logic that installs with FiddlerCore. MakeCert provides sticky Certificates and the same functionality as Fiddler But there’s actually an easier way. If you want to skip the above Fiddler preference configuration code in your application you can choose to distribute MakeCert.exe instead of certmaker.dll and bcmakecert.dll. When you use MakeCert.exe, the certificates settings are stored in Windows so they are available without any custom configuration inside of your application. It’s easier to integrate and as long as you run on Windows and you don’t need to support iOS or Android devices is simply easier to deal with. To integrate into your project, you can remove the reference to CertMaker.dll (and the BcMakeCert.dll assembly) from your project. Instead copy MakeCert.exe into your output folder. To make sure MakeCert.exe gets pushed out, include MakeCert.exe in your project and set the Build Action to None, and Copy to Output Directory to Copy if newer. Note that the CertMaker.dll reference in the project has been removed and on disk the files for Certmaker.dll, as well as the BCMakeCert.dll files on disk. Keep in mind that these DLLs are resources of the FiddlerCore NuGet package, so updating the package may end up pushing those files back into your project. Once MakeCert.exe is distributed FiddlerCore checks for it first before using the assemblies so as long as MakeCert.exe exists it’ll be used for certificate creation (at least on Windows). Summary FiddlerCore is a pretty sweet tool, and it’s absolutely awesome that we get to plug in most of the functionality of Fiddler right into our own applications. A few years back I tried to build this sort of functionality myself for an app and ended up giving up because it’s a big job to get HTTP right – especially if you need to support SSL. FiddlerCore now provides that functionality as a turnkey solution that can be plugged into your own apps easily. The only downside is FiddlerCore’s documentation for more advanced features like certificate installation which is pretty sketchy. While for the most part FiddlerCore’s feature set is easy to work with without any documentation, advanced features are often not intuitive to gleam by just using Intellisense or the FiddlerCore help file reference (which is not terribly useful). While Eric Lawrence is very responsive on his forum and on Twitter, there simply isn’t much useful documentation on Fiddler/FiddlerCore available online. If you run into trouble the forum is probably the first place to look and then ask a question if you can’t find the answer. The best documentation you can find is Eric’s Fiddler Book which covers a ton of functionality of Fiddler and FiddlerCore. The book is a great reference to Fiddler’s feature set as well as providing great insights into the HTTP protocol. The second half of the book that gets into the innards of HTTP is an excellent read for anybody who wants to know more about some of the more arcane aspects and special behaviors of HTTP – it’s well worth the read. While the book has tons of information in a very readable format, it’s unfortunately not a great reference as it’s hard to find things in the book and because it’s not available online you can’t electronically search for the great content in it. But it’s hard to complain about any of this given the obvious effort and love that’s gone into this awesome product for all of these years. A mighty big thanks to Eric Lawrence  for having created this useful tool that so many of us use all the time, and also to Telerik for picking up Fiddler/FiddlerCore and providing Eric the resources to support and improve this wonderful tool full time and keeping it free for all. Kudos! Resources FiddlerCore Download FiddlerCore NuGet Fiddler Capture Sample Form Fiddler Capture Form in West Wind WebSurge (GitHub) Eric Lawrence’s Fiddler Book© Rick Strahl, West Wind Technologies, 2005-2014Posted in .NET  HTTP   Tweet !function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0];if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src="//platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs"); (function() { var po = document.createElement('script'); po.type = 'text/javascript'; po.async = true; po.src = 'https://apis.google.com/js/plusone.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(po, s); })();

    Read the article

  • Facebook Oauth Logout

    - by Derek Troy-West
    I have an application that integrates with Facebook using Oauth 2. I can authorize with FB and query their REST and Graph APIs perfectly well, but when I authorize an active browser session is created with FB. I can then log-out of my application just fine, but the session with FB persists, so if anyone else uses the browser they will see the previous users FB account (unless the previous user manually logs out of FB also). The steps I take to authorize are: Call [LINK: graph.facebook.com/oauth/authorize?client_id...] This step opens a Facebook login/connect window if the user's browser doesn't already have an active FB session. Once they log-in to facebook they redirect to my site with a code I can exchange for an oauth token. Call [LINK: graph.facebook.com/oauth/access_token?client_id..] with the code from (1) Now I have an Oauth Token, and the user's browser is logged into my site, and into FB. I call a bunch of APIs to do stuff: i.e. [LINK: graph.facebook.com/me?access_token=..] Lets say my user wants to log out of my site. The FB terms and conditions demand that I perform Single Sign Off, so when the user logs out of my site, they also are logged out of Facebook. There are arguments that this is a bit daft, but I'm happy to comply if there is any way of actually achieving that. I have seen suggestions that: A. I use the Javascript API to logout: FB.Connect.logout(). Well I tried using that, but it didn't work, and I'm not sure exactly how it could, as I don't use the Javascript API in any way on my site. The session isn't maintained or created by the Javascript API so I'm not sure how it's supposed to expire it either. B. Use [LINK: facebook.com/logout.php]. This was suggested by an admin in the Facebook forums some time ago. The example given related to the old way of getting FB sessions (non-oauth) so I don't think I can apply it in my case. C. Use the old REST api expireSession or revokeAuthorization. I tried both of these and while they do expire the Oauth token they don't invalidate the session that the browser is currently using so it has no effect, the user is not logged out of Facebook. I'm really at a bit of a loose end, the Facebook documentation is patchy, ambiguous and pretty poor. The support on the forums is non-existant, at the moment I can't even log in to the facebook forum, and aside from that, their own FB Connect integration doesn't even work on the forum itself. Doesn't inspire much confidence. Ta for any help you can offer. Derek ps. Had to change HTTPS to LINK, not enough karma to post links which is probably fair enough.

    Read the article

  • How to resovle javax.mail.AuthenticationFailedException issue?

    - by jl
    Hi, I am doing a sendMail Servlet with JavaMail. I have javax.mail.AuthenticationFailedException on my output. Can anyone please help me out? Thanks. sendMailServlet code: try { String host = "smtp.gmail.com"; String from = "[email protected]"; String pass = "pass"; Properties props = System.getProperties(); props.put("mail.smtp.starttls.enable", "true"); props.put("mail.smtp.host", host); props.put("mail.smtp.user", from); props.put("mail.smtp.password", pass); props.put("mail.smtp.port", "587"); props.put("mail.smtp.auth", "true"); props.put("mail.debug", "true"); Session session = Session.getDefaultInstance(props, null); MimeMessage message = new MimeMessage(session); Address fromAddress = new InternetAddress(from); Address toAddress = new InternetAddress("[email protected]"); message.setFrom(fromAddress); message.setRecipient(Message.RecipientType.TO, toAddress); message.setSubject("Testing JavaMail"); message.setText("Welcome to JavaMail"); Transport transport = session.getTransport("smtp"); transport.connect(host, from, pass); message.saveChanges(); Transport.send(message); transport.close(); }catch(Exception ex){ out.println("<html><head></head><body>"); out.println("ERROR: " + ex); out.println("</body></html>"); } Output on GlassFish 2.1: DEBUG SMTP: trying to connect to host "smtp.gmail.com", port 587, isSSL false 220 mx.google.com ESMTP 36sm10907668yxh.13 DEBUG SMTP: connected to host "smtp.gmail.com", port: 587 EHLO platform-4cfaca 250-mx.google.com at your service, [203.126.159.130] 250-SIZE 35651584 250-8BITMIME 250-STARTTLS 250-ENHANCEDSTATUSCODES 250 PIPELINING DEBUG SMTP: Found extension "SIZE", arg "35651584" DEBUG SMTP: Found extension "8BITMIME", arg "" DEBUG SMTP: Found extension "STARTTLS", arg "" DEBUG SMTP: Found extension "ENHANCEDSTATUSCODES", arg "" DEBUG SMTP: Found extension "PIPELINING", arg "" STARTTLS 220 2.0.0 Ready to start TLS EHLO platform-4cfaca 250-mx.google.com at your service, [203.126.159.130] 250-SIZE 35651584 250-8BITMIME 250-AUTH LOGIN PLAIN 250-ENHANCEDSTATUSCODES 250 PIPELINING DEBUG SMTP: Found extension "SIZE", arg "35651584" DEBUG SMTP: Found extension "8BITMIME", arg "" DEBUG SMTP: Found extension "AUTH", arg "LOGIN PLAIN" DEBUG SMTP: Found extension "ENHANCEDSTATUSCODES", arg "" DEBUG SMTP: Found extension "PIPELINING", arg "" DEBUG SMTP: Attempt to authenticate AUTH LOGIN 334 VXNlcm5hbWU6 aWpveWNlbGVvbmdAZ21haWwuY29t 334 UGFzc3dvcmQ6 MTIzNDU2Nzhf 235 2.7.0 Accepted DEBUG: getProvider() returning javax.mail.Provider[TRANSPORT,smtp,com.sun.mail.smtp.SMTPTransport,Sun Microsystems, Inc] DEBUG SMTP: useEhlo true, useAuth true

    Read the article

  • javamail:username password not accepted

    - by bobby
    i get this error when i try to send a mail using javamail api,im sure that the code is correct and username and password are 100% correct,and the gmail account which im connecting is an older account(bcoz they say it takes time for it to work with new account) DEBUG SMTP RCVD: 535-5.7.1 Username and Password not accepted. Learn more at 535 5.7.1 http://mail.google.com/support/bin/answer.py?answer=14257 x35sm3011668 wfh.6 javax.mail.SendFailedException: Sending failed; nested exception is: javax.mail.AuthenticationFailedException at javax.mail.Transport.send0(Transport.java:218) at javax.mail.Transport.send(Transport.java:80) at Main.(Main.java:41) at Main.main(Main.java:51) and this is my code: import javax.mail.*; import javax.mail.internet.*; import java.util.*; public class Main { String d_email = "[email protected]", d_password = "pass", d_host = "smtp.gmail.com", d_port = "465", m_to = "[email protected]", m_subject = "Testing", m_text = "testing email."; public Main() { Properties props = new Properties(); props.put("mail.smtp.user", d_email); props.put("mail.smtp.host", d_host); props.put("mail.smtp.port", d_port); props.put("mail.smtp.starttls.enable","true"); props.put("mail.smtp.auth", "true"); props.put("mail.smtp.debug", "true"); props.put("mail.smtp.socketFactory.port", d_port); props.put("mail.smtp.socketFactory.class", "javax.net.ssl.SSLSocketFactory"); props.put("mail.smtp.socketFactory.fallback", "false"); SecurityManager security = System.getSecurityManager(); try { Authenticator auth = new SMTPAuthenticator(); Session session = Session.getInstance(props, auth); session.setDebug(true); MimeMessage msg = new MimeMessage(session); msg.setText(m_text); msg.setSubject(m_subject); msg.setFrom(new InternetAddress(d_email)); msg.addRecipient(Message.RecipientType.TO, new InternetAddress(m_to)); Transport.send(msg); } catch (Exception mex) { mex.printStackTrace(); } } public static void main(String[] args) { Main blah = new Main(); } private class SMTPAuthenticator extends javax.mail.Authenticator { public PasswordAuthentication getPasswordAuthentication() { return new PasswordAuthentication(d_email, d_password); } } }

    Read the article

  • Can I query DOM Document with xpath expression from multiple threads safely?

    - by Dan
    I plan to use dom4j DOM Document as a static cache in an application where multiples threads can query the document. Taking into the account that the document itself will never change, is it safe to query it from multiple threads? I wrote the following code to test it, but I am not sure that it actually does prove that operation is safe? package test.concurrent_dom; import org.dom4j.Document; import org.dom4j.DocumentException; import org.dom4j.DocumentHelper; import org.dom4j.Element; import org.dom4j.Node; /** * Hello world! * */ public class App extends Thread { private static final String xml = "<Session>" + "<child1 attribute1=\"attribute1value\" attribute2=\"attribute2value\">" + "ChildText1</child1>" + "<child2 attribute1=\"attribute1value\" attribute2=\"attribute2value\">" + "ChildText2</child2>" + "<child3 attribute1=\"attribute1value\" attribute2=\"attribute2value\">" + "ChildText3</child3>" + "</Session>"; private static Document document; private static Element root; public static void main( String[] args ) throws DocumentException { document = DocumentHelper.parseText(xml); root = document.getRootElement(); Thread t1 = new Thread(){ public void run(){ while(true){ try { sleep(3); } catch (InterruptedException e) { e.printStackTrace(); } Node n1 = root.selectSingleNode("/Session/child1"); if(!n1.getText().equals("ChildText1")){ System.out.println("WRONG!"); } } } }; Thread t2 = new Thread(){ public void run(){ while(true){ try { sleep(3); } catch (InterruptedException e) { e.printStackTrace(); } Node n1 = root.selectSingleNode("/Session/child2"); if(!n1.getText().equals("ChildText2")){ System.out.println("WRONG!"); } } } }; Thread t3 = new Thread(){ public void run(){ while(true){ try { sleep(3); } catch (InterruptedException e) { e.printStackTrace(); } Node n1 = root.selectSingleNode("/Session/child3"); if(!n1.getText().equals("ChildText3")){ System.out.println("WRONG!"); } } } }; t1.start(); t2.start(); t3.start(); System.out.println( "Hello World!" ); } }

    Read the article

  • Problem with eager load polymorphic associations using Linq and NHibernate

    - by Voislav
    Is it possible to eagerly load polymorphic association using Linq and NH? For example: Company is base class, Department is inherited from Company, and Company has association Employees to the User (one-to-many) and also association to the Country (many-to-one). Here is mapping part related to inherited class (without User and Country classes): <class name="Company" discriminator-value="Company"> <id name="Id" type="int" unsaved-value="0" access="nosetter.camelcase-underscore"> <generator class="native"></generator> </id> <discriminator column="OrganizationUnit" type="string" length="10" not-null="true"/> <property name="Name" type="string" length="50" not-null="true"/> <many-to-one name="Country" class="Country" column="CountryId" not-null ="false" foreign-key="FK_Company_CountryId" access="field.camelcase-underscore" /> <set name="Departments" inverse="true" lazy="true" access="field.camelcase-underscore"> <key column="DepartmentParentId" not-null="false" foreign-key="FK_Department_DepartmentParentId"></key> <one-to-many class="Department"></one-to-many> </set> <set name="Employees" inverse="true" lazy="true" access="field.camelcase-underscore"> <key column="CompanyId" not-null="false" foreign-key="FK_User_CompanyId"></key> <one-to-many class="User"></one-to-many> </set> <subclass name="Department" extends="Company" discriminator-value="Department"> <many-to-one name="DepartmentParent" class="Company" column="DepartmentParentId" not-null ="false" foreign-key="FK_Department_DepartmentParentId" access="field.camelcase-underscore" /> </subclass> </class> I do not have problem to eagerly load any of the association on the Company: Session.Query<Company>().Where(c => c.Name == "Main Company").Fetch(c => c.Country).Single(); Session.Query<Company>().Where(c => c.Name == "Main Company").FetchMany(c => c.Employees).Single(); Also, I could eagerly load not-polymorphic association on the department: Session.Query<Department>().Where(d => d.Name == "Department 1").Fetch(d => d.DepartmentParent).Single(); But I get NullReferenceException when I try to eagerly load any of the polymorphic association (from the Department): Assert.Throws<NullReferenceException>(() => Session.Query<Department>().Where(d => d.Name == "Department 1").Fetch(d => d.Country).Single()); Assert.Throws<NullReferenceException>(() => Session.Query<Department>().Where(d => d.Name == "Department 1").FetchMany(d => d.Employees).Single()); Am I doing something wrong or this is not supported yet?

    Read the article

  • HTTPS on all pages where user is logged on

    - by Tom Gullen
    I know this is considered best practise to prevent cookie hijacking. I would like to adopt this approach, but ran across a problem on our forum where the users post images which either aren't posted with URL's over HTTPS or the url itself doesn't support HTTPS. This throws up a lot of ugly browser warnings. I see I have two options: Disable HTTPS for the forum Force all user posted content to start with // in the url so it selects the right protocol, if it doesn't support HTTPS so be it Do I have any other options? How do other sites deal with this?

    Read the article

  • When does the .NET FormAuthentication ticket get checked and how do I tap into this event?

    - by Mustafakidd
    Hello everyone - We are attempting to integrate an ASP.NET MVC site with our client's SSO system using PingFederate. I would like to use the built in FormsAuthentication framework to do this. The way I've gone about it so far is: Set up my Web.config so that my FormsAuthentication LoginURL goes to my site's "BeginAuthentication" action on a "Security" controller. From this action, I set up some session variables (what URL was being accessed, for example, since Ping won't send this info back to me), and then redirect to our client's login page on an external site (www.client.com/Login for example). From here, the authentication takes place and a cookie is generated on the same domain as the one that our application is running on which contains the unique identifier of the authenticated user, I've set it up so that once this happens, the Ping server will redirect to my "EndAuthentication" action on my "Security" controller. In this action, I call my membership class's "ValidateUser" method which takes this unique identifier from the cookie and loads in the user on our application that this ID refers to. I save that logged in user in our Session (Session["LoggedInAs"], for example) and expire the cookie that contains the id of the authenticated user that the SSO system provided for me. All of this works well. The issue I'm wondering about is what happens after our user has already authenticated and manually goes back to our client's login page (www.client.com/login) and logs in as another user. If they do that, then the flow from #2 above to number 3 happens as normal - but since there already exists an authenticated user on our site, it seems as though the FormsAuthentication system doesn't bother kicking off anything so I don't get a chance to check for the cookie I'm looking for to login as this new user. What I'd like to do is, somewhere in my Global.asax file (probably FormsAuthenticate_OnAuthenticate), check to see if the cookie that the SSO system sends to me exists, and if so, sign out of the application using FormsAuthentication.SignOut(). Another issue that seems to be related is that if I let my Session expire, the FormsAuthentication still seems to think I am authenticated and it lets me access a page even though no currently logged in user exists in my Session, so the page doesn't render correctly. Should I tap into the Session_End event and do FormsAuthentication.SignOut() here as well? Basically, I want to know when the authentication ticket created by System.Web.Security.FormsAuthentication.SetAuthCookie(..) gets checked in the flow of a request so that I can determine whether I need to SignOut() and force revalidation or not. Thanks for any help. Sorry for the length of this message, trying to be as detailed as possible. Mustafa

    Read the article

  • Trying to send email in Java using gmail always results in username and password not accepted.

    - by Thaeos
    When I call the send method (after setting studentAddress), I get this: javax.mail.AuthenticationFailedException: 535-5.7.1 Username and Password not accepted. Learn more at 535 5.7.1 http://mail.google.com/support/bin/answer.py?answer=14257 y15sm906936wfd.10 I'm pretty sure the code is correct, and 100% positive that the username and password details I'm entering are correct. So is this something wrong with gmail or what? This is my code: import java.util.*; import javax.mail.*; import javax.mail.internet.*; public class SendEmail { private String host = "smtp.gmail.com"; private String emailLogin = "[email protected]"; private String pass = "xxx"; private String studentAddress; private String to; private Properties props = System.getProperties(); public SendEmail() { props.put("mail.smtps.auth", "true"); props.put("mail.smtps.starttls.enable", "true"); props.put("mail.smtp.host", host); props.put("mail.smtp.user", emailLogin); props.put("mail.smtp.password", pass); props.put("mail.smtp.port", "587"); to = "[email protected]"; } public void setStudentAddress(String newAddress) { studentAddress = newAddress; } public void send() { Session session = Session.getDefaultInstance(props, null); MimeMessage message = new MimeMessage(session); try { message.setFrom(new InternetAddress(emailLogin)); InternetAddress[] studentAddressList = {new InternetAddress(studentAddress)}; message.setReplyTo(studentAddressList); message.setRecipient(Message.RecipientType.TO, new InternetAddress(to)); message.setSubject("Test Email"); message.setText("This is a test email!"); Transport transport = session.getTransport("smtps"); transport.connect(host, emailLogin, pass); transport.sendMessage(message, message.getAllRecipients()); transport.close(); } catch (MessagingException me) { System.out.println("There has been an email error!"); me.printStackTrace(); } } } Any ideas...

    Read the article

  • org.hibernate.TransientObjectException during Criteria.list()

    - by rancidfishbreath
    I have seen posts all over the internet that talk about how to fix the TransientObjectExceptions during save/update/delete but I am having this problem when calling list on my Criteria. I have two objects A and B. A has a field named b which is of type B. In my mapping b is mapped as a many-to-one. This all runs in a larger persistence framework (the framework is kind of like Core Data) and so I don't use any cascades in my hibernate mappings since cascades are handled at a higher level. This is the interesting code surrounding my criteria: A a = new A(); B b = new B(); a.setB(b); session.save("B", b); // Actually handled by the higher level session.save("A", a); // framework, this is just for clarity // transaction committed and session closed ... // new session opened Criteria criteria = session.createCriteria(A.class); criteria.add(Restrictions.eq("b", b)); List<?> objects = criteria.list(); Basically I am looking for all objects of type A such that A.b equals a particular instance of b (I actually tried restructuring a query so that I was passing in the id of b just to make sure that b wasn't causing me problems). Here is the stack trace that occurs when I call criteria.list(): org.hibernate.TransientObjectException: object references an unsaved transient instance - save the transient instance before flushing: B at org.hibernate.engine.ForeignKeys.getEntityIdentifierIfNotUnsaved(ForeignKeys.java:244) at org.hibernate.type.EntityType.getIdentifier(EntityType.java:449) at org.hibernate.type.ManyToOneType.nullSafeSet(ManyToOneType.java:141) at org.hibernate.loader.Loader.bindPositionalParameters(Loader.java:1769) at org.hibernate.loader.Loader.bindParameterValues(Loader.java:1740) at org.hibernate.loader.Loader.prepareQueryStatement(Loader.java:1612) at org.hibernate.loader.Loader.doQuery(Loader.java:717) at org.hibernate.loader.Loader.doQueryAndInitializeNonLazyCollections(Loader.java:270) at org.hibernate.loader.Loader.doList(Loader.java:2294) at org.hibernate.loader.Loader.listIgnoreQueryCache(Loader.java:2172) at org.hibernate.loader.Loader.list(Loader.java:2167) at org.hibernate.loader.criteria.CriteriaLoader.list(CriteriaLoader.java:119) at org.hibernate.impl.SessionImpl.list(SessionImpl.java:1706) at org.hibernate.impl.CriteriaImpl.list(CriteriaImpl.java:347) Here is my mapping: <class entity-name="A" lazy="false"> <tuplizer entity-mode="dynamic-map" class="MyTuplizer" /> <id type="long" column="id"> <generator class="native" /> </id> <many-to-one name="b" entity-name="B" column="b_id" lazy="false" /> </class> <class entity-name="B" lazy="false"> <tuplizer entity-mode="dynamic-map" class="MyTuplizer" /> <id type="long" column="id"> <generator class="native" /> </id> </class> Can anyone help me figure out why I would be getting a TransientObjectException during a fetch? Preferably I would like to find a solution that does not rely on cascades since they tend to mask problems that occur in the higher level framework.

    Read the article

  • facebook login problem

    - by khoyendra
    This is the code which is use for login in facebook but it is go to the finaly block and show my facebook link in browser. i am show from which it go to the finaly block in program. how to login without open browser this example is yack from http://code.google.com/p/facebook-java-api/wiki/Examples try{ MDC.put(ipAddress, req.getRemoteAddr()); HttpServletRequest request = (HttpServletRequest) req; HttpServletResponse response = (HttpServletResponse) res; HttpSession session = request.getSession(true); IFacebookRestClient<Document> userClient = getUserClient(session); if (userClient == null) { logger.debug("User session doesn't have a Facebook API client setup yet. Creating one and storing it in the user's session."); userClient = new FacebookXmlRestClient(api_key, secret); session.setAttribute(FACEBOOK_USER_CLIENT, userClient); } logger.trace("Creating a FacebookWebappHelper, which copies fb_ request param data into the userClient"); FacebookWebappHelper<Document> facebook = new FacebookWebappHelper<Document>(request, response, api_key, secret, userClient); String nextPage = request.getRequestURI(); nextPage = nextPage.substring(nextPage.indexOf("/", 1) + 1); //cut out the first /, the context path and the 2nd / logger.trace(nextPage); boolean redirectOccurred = facebook.requireLogin(nextPage); if (redirectOccurred) { return; //from this pt. send to finaly block and open my facebook page } redirectOccurred = facebook.requireFrame(nextPage); if (redirectOccurred) { return; } long facebookUserID; try { facebookUserID = userClient.users_getLoggedInUser(); } catch (FacebookException ex) { response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Error while fetching user's facebook ID"); logger.error("Error while getting cached (supplied by request params) value " + "of the user's facebook ID or while fetching it from the Facebook service " + "if the cached value was not present for some reason. Cached value = {}", userClient.getCacheUserId()); return; } MDC.put(facebookUserId, String.valueOf(facebookUserID)); chain.doFilter(request, response); } finally { MDC.remove(ipAddress); MDC.remove(facebookUserId); }

    Read the article

  • ASP NET MVC (loading data from database)

    - by rah.deex
    hi experts, its me again... i have some code like this.. using System; using System.Collections.Generic; using System.Linq; using System.Web; namespace MvcGridSample.Models { public class CustomerService { private List<SVC> Customers { get { List<SVC> customers; if (HttpContext.Current.Session["Customers"] != null) { customers = (List<SVC>) HttpContext.Current.Session["Customers"]; } else { //Create customer data store and save in session customers = new List<SVC>(); InitCustomerData(customers); HttpContext.Current.Session["Customers"] = customers; } return customers; } } public SVC GetByID(int customerID) { return this.Customers.AsQueryable().First(customer => customer.seq_ == customerID); } public IQueryable<SVC> GetQueryable() { return this.Customers.AsQueryable(); } public void Add(SVC customer) { this.Customers.Add(customer); } public void Update(SVC customer) { } public void Delete(int customerID) { this.Customers.RemoveAll(customer => customer.seq_ == customerID); } private void InitCustomerData(List<SVC> customers) { customers.Add(new SVC { ID = 1, FirstName = "John", LastName = "Doe", Phone = "1111111111", Email = "[email protected]", OrdersPlaced = 5, DateOfLastOrder = DateTime.Parse("5/3/2007") }); customers.Add(new SVC { ID = 2, FirstName = "Jane", LastName = "Doe", Phone = "2222222222", Email = "[email protected]", OrdersPlaced = 3, DateOfLastOrder = DateTime.Parse("4/5/2008") }); customers.Add(new SVC { ID = 3, FirstName = "John", LastName = "Smith", Phone = "3333333333", Email = "[email protected]", OrdersPlaced = 25, DateOfLastOrder = DateTime.Parse("4/5/2000") }); customers.Add(new SVC { ID = 4, FirstName = "Eddie", LastName = "Murphy", Phone = "4444444444", Email = "[email protected]", OrdersPlaced = 1, DateOfLastOrder = DateTime.Parse("4/5/2003") }); customers.Add(new SVC { ID = 5, FirstName = "Ziggie", LastName = "Ziggler", Phone = null, Email = "[email protected]", OrdersPlaced = 0, DateOfLastOrder = null }); customers.Add(new SVC { ID = 6, FirstName = "Michael", LastName = "J", Phone = "666666666", Email = "[email protected]", OrdersPlaced = 5, DateOfLastOrder = DateTime.Parse("12/3/2007") }); } } } those codes is an example that i've got from the internet.. in that case, the data is created and saved in session before its shown.. the things that i want to ask is how if i want to load the data from table? i'am a newbie here.. please help :) thank b4 for advance..

    Read the article

  • Hotmail SMTP not working with javamail

    - by yashdosi
    I am trying to write a simple Java program to send emails from my hotmail account using JavaMail API. Here is my code : import java.util.Properties; import javax.mail.Message; import javax.mail.MessagingException; import javax.mail.PasswordAuthentication; import javax.mail.Session; import javax.mail.Transport; import javax.mail.internet.InternetAddress; import javax.mail.internet.MimeMessage; public class HotMailSend { public static void main(String args[]) { final String username = HOTMAIL.username; final String password = HOTMAIL.password; Properties props = new Properties(); props.setProperty("mail.smtp.auth", "true"); props.setProperty("mail.smtp.starttls.enable", "true"); props.setProperty("mail.smtp.host", "smtp.live.com"); props.setProperty("mail.smtp.port", "587"); Session session = Session.getInstance(props, new javax.mail.Authenticator() { protected PasswordAuthentication getPasswordAuthentication() { return new PasswordAuthentication(username, password); } }); try { Message message = new MimeMessage(session); message.setFrom(new InternetAddress(HOTMAIL.username)); message.setRecipients(Message.RecipientType.TO, InternetAddress.parse(GMAIL.username)); message.setSubject("Testing Subject"); message.setText("Hey Buddy..!!!," + "\n\n No spam to my email, please!"); Transport.send(message); System.out.println("Done"); } catch (MessagingException e) { throw new RuntimeException(e); } } } And here is the error I am getting : Exception in thread "main" java.lang.RuntimeException: javax.mail.MessagingException: Can't send command to SMTP host; nested exception is: java.net.SocketException: Connection closed by remote host at HotMailSend.main(HotMailSend.java:45) Caused by: javax.mail.MessagingException: Can't send command to SMTP host; nested exception is: java.net.SocketException: Connection closed by remote host at com.sun.mail.smtp.SMTPTransport.sendCommand(SMTPTransport.java:2163) at com.sun.mail.smtp.SMTPTransport.sendCommand(SMTPTransport.java:2150) at com.sun.mail.smtp.SMTPTransport.close(SMTPTransport.java:1220) at javax.mail.Transport.send0(Transport.java:197) at javax.mail.Transport.send(Transport.java:124) at HotMailSend.main(HotMailSend.java:40) Caused by: java.net.SocketException: Connection closed by remote host at com.sun.net.ssl.internal.ssl.SSLSocketImpl.checkWrite(SSLSocketImpl.java:1307) at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:43) at com.sun.mail.util.TraceOutputStream.write(TraceOutputStream.java:114) at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65) at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123) at com.sun.mail.smtp.SMTPTransport.sendCommand(SMTPTransport.java:2161) ... 5 more

    Read the article

  • Php algorithm - How to achieve that without eval

    - by Marcelo
    I have a class that keeps data stores/access data by using words.separated.by.dots keys and it behaves like the following: $object = new MyArray() $object->setParam('user.name','marcelo'); $object->setParam('user.email','[email protected]'); $object->getParams(); /* array( 'user' => array( 'name' => 'marcelo', 'email' => '[email protected]' ) ); */ It is working, but the method unsetParam() was horribly implemented. That happened because i didn't know how to achieve that without eval() function. Although it is working, I found that it was a really challenging algorithm and that you might find fun trying to achieve that without eval(). class MyArray { /** * @param string $key * @return Mura_Session_Abstract */ public function unsetParam($key) { $params = $this->getParams(); $tmp = $params; $keys = explode('.', $key); foreach ($keys as $key) { if (!isset($tmp[$key])) { return $this; } $tmp = $tmp[$key]; } // bad code! $eval = "unset(\$params['" . implode("']['", $keys) . "']);"; eval($eval); $this->setParams($params); return $this; } } The test method: public function testCanUnsetNestedParam() { $params = array( '1' => array( '1' => array( '1' => array( '1' => 'one', '2' => 'two', '3' => 'three', ), '2' => array( '1' => 'one', '2' => 'two', '3' => 'three', ), ) ), '2' => 'something' ); $session = $this->newSession(); $session->setParams($params); unset($params['1']['1']['1']); $session->unsetParam('1.1.1'); $this->assertEquals($params, $session->getParams()); $this->assertEquals($params['1']['1']['2'], $session->getParam('1.1.2')); }

    Read the article

  • List of eCommerce sites that use end-to-end SSL?

    - by Jon Schneider
    My development team is considering implementing an eCommerce site using end-to-end SSL -- that is, every page on the site is accessed via an https:// URL -- rather than the more traditional "mixed mode" where most pages are accessed via http:// and only "secure" pages such as login and credit card entry are redirected to https://. Pros of doing such a "pure SSL" approach include avoidance of some session-hijacking attacks such as Firesheep; cons include performance considerations. My question is: Is anyone aware of a list of eCommerce websites (especially USA-based sites), or even specific websites, that use this end-to-end SSL approach? I'm especially interested in "regular" eCommerce sites rather than banks or other "financial" sites.

    Read the article

  • How do I change a child's parent in NHibernate when cascade is delete-all-orphan?

    - by Daniel T.
    I have two entities in a bi-directional one-to-many relationship: public class Storage { public IList<Box> Boxes { get; set; } } public class Box { public Storage CurrentStorage { get; set; } } And the mapping: <class name="Storage"> <bag name="Boxes" cascade="all-delete-orphan" inverse="true"> <key column="Storage_Id" /> <one-to-many class="Box" /> </bag> </class> <class name="Box"> <many-to-one name="CurrentStorage" column="Storage_Id" /> </class> A Storage can have many Boxes, but a Box can only belong to one Storage. I have them mapped so that the one-to-many has a cascade of all-delete-orphan. My problem arises when I try to change a Box's Storage. Assuming I already ran this code: var storage1 = new Storage(); var storage2 = new Storage(); storage1.Boxes.Add(new Box()); Session.Create(storage1); Session.Create(storage2); The following code will give me an exception: // get the first and only box in the DB var existingBox = Database.GetBox().First(); // remove the box from storage1 existingBox.CurrentStorage.Boxes.Remove(existingBox); // add the box to storage2 after it's been removed from storage1 var storage2 = Database.GetStorage().Second(); storage2.Boxes.Add(existingBox); Session.Flush(); // commit changes to DB I get the following exception: NHibernate.ObjectDeletedException : deleted object would be re-saved by cascade (remove deleted object from associations) This exception occurs because I have the cascade set to all-delete-orphan. The first Storage detected that I removed the Box from its collection and marks it for deletion. However, when I added it to the second Storage (in the same session), it attempts to save the box again and the ObjectDeletedException is thrown. My question is, how do I get the Box to change its parent Storage without encountering this exception? I know one possible solution is to change the cascade to just all, but then I lose the ability to have NHibernate automatically delete a Box by simply removing it from a Storage and not re-associating it with another one. Or is this the only way to do it and I have to manually call Session.Delete on the box in order to remove it?

    Read the article

  • How to access controller dynamic properties within a base controller's constructor in Grails?

    - by 4h34d
    Basically, I want to be able to assign objects created within filters to members in a base controller from which every controller extends. Any possible way to do that? Here's how I tried, but haven't got to make it work. What I'm trying to achieve is to have all my controllers extend a base controller. The base controller's constructor would be used to assign values to its members, those values being pulled from the session map. Example below. File grails-app/controllers/HomeController.groovy: class HomeController extends BaseController { def index = { render username } } File grails-app/controllers/BaseController.groovy: abstract class BaseController { public String username public BaseController() { username = session.username } } When running the app, the output shown is: 2010-06-15 18:17:16,671 [main] ERROR [localhost].[/webapp] - Exception sending context initialized event to listener instance of class org.codehaus.groovy.grails.web.context.GrailsContextLoaderListener org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'pluginManager' defined in ServletContext resource [/WEB-INF/applicationContext.xml]: Invocation of init method failed; nested exception is java.lang.RuntimeException: Unable to locate constructor with Class parameter for class org.codehaus.groovy.grails.commons.DefaultGrailsControllerClass ... Caused by: java.lang.RuntimeException: Unable to locate constructor with Class parameter for class org.codehaus.groovy.grails.commons.DefaultGrailsControllerClass ... Caused by: java.lang.reflect.InvocationTargetException ... Caused by: org.codehaus.groovy.grails.exceptions.NewInstanceCreationException: Could not create a new instance of class [com.my.package.controller.HomeController]! ... Caused by: groovy.lang.MissingPropertyException: No such property: session for class: com.my.package.controller.HomeController at com.my.package.controller.BaseController.<init>(BaseController.groovy:16) at com.my.package.controller.HomeController.<init>(HomeController.groovy) ... 2010-06-15 18:17:16,687 [main] ERROR core.StandardContext - Error listenerStart 2010-06-15 18:17:16,687 [main] ERROR core.StandardContext - Context [/webapp] startup failed due to previous errors And the app won't run. This is just an example as in my case I wouldn't want to assign a username to a string value, but rather a few objects pulled from the session map. The objects pulled from the session map are being set within filters. The alternative I see is being able to access the controller's instance within the filter's execution. Is that possible? Please help! Thanks a bunch!

    Read the article

  • web service filling gridview awfully slow, as is paging/sorting

    - by nat
    Hi I am making a page which calls a web service to fill a gridview this is returning alot of data, and is horribly slow. i ran the svcutil.exe on the wsdl page and it generated me the class and config so i have a load of strongly typed objects coming back from each request to the many service functions. i am then using LINQ to loop around the objects grabbing the necessary information as i go, but for each row in the grid i need to loop around an object, and grab another list of objects (from the same request) and loop around each of them.. 1 to many parent object child one.. all of this then gets dropped into a custom datatable a row at a time.. hope that makes sense.... im not sure there is any way to speed up the initial load. but surely i should be able to page/sort alot faster than it is doing. as at the moment, it appears to be taking as long to page/sort as it is to load initially. i thought if when i first loaded i put the datasource of the grid in the session, that i could whip it out of the session to deal with paging/sorting and the like. basically it is doing the below protected void Page_Load(object sender, EventArgs e) { //init the datatable //grab the filter vars (if there are any) WebServiceObj WS = WSClient.Method(args); //fill the datatable (around and around we go) foreach (ParentObject po in WS.ReturnedObj) { var COs = from ChildObject c in WS.AnotherReturnedObj where c.whatever.equals(...) ...etc foreach(ChildObject c in COs){ myDataTable.Rows.Add(tlo.this, tlo.that, c.thisthing, c.thatthing, etc......); } } grdListing.DataSource = myDataTable; Session["dt"] = myDataTable; grdListing.DataBind(); } protected void Listing_PageIndexChanging(object sender, GridViewPageEventArgs e) { grdListing.PageIndex = e.NewPageIndex; grdListing.DataSource = Session["dt"] as DataTable; grdListing.DataBind(); } protected void Listing_Sorting(object sender, GridViewSortEventArgs e) { DataTable dt = Session["dt"] as DataTable; DataView dv = new DataView(dt); string sortDirection = " ASC"; if (e.SortDirection == SortDirection.Descending) sortDirection = " DESC"; dv.Sort = e.SortExpression + sortDirection; grdListing.DataSource = dv.ToTable(); grdListing.DataBind(); } am i doing this totally wrongly? or is the slowness just coming from the amount of data being bound in/return from the Web Service.. there are maybe 15 columns(ish) and a whole load of rows.. with more being added to the data the webservice is querying from all the time any suggestions / tips happily received thanks

    Read the article

  • How to create an entity with a composite primary key containing a generated value.

    - by David
    Using Hibernate + annotations, I'm trying to do the following: Two entities, Entity1 and Entity2. Entity1 contains a simple generated value primary key. Entity2 primary key is composed by a simple generated value + the id of entity one (with a many to one relationship) Unfortunately, I can't make it work. Here is an excerpt of the code: @Entity public class Entity1 { @Id @GeneratedValue private Long id; private String name; ... } @Entity public class Entity2 { @EmbeddedId private Entity2PK pk = new Entity2PK(); private String miscData; ... } @Embeddable public class Entity2PK implements Serializable { @GeneratedValue private Long id; @ManyToOne private Entity1 entity; } void test() { Entity1 e1 = new Entity1(); e1.setName("nameE1"); Entity2 e2 = new Entity2(); e2.setEntity1(e1); e2.setMiscData("test"); Transaction transaction = session.getTransaction(); try { transaction.begin(); session.save(e1); session.save(e2); transaction.commit(); } catch (Exception e) { transaction.rollback(); } finally { session.close(); } } When I run the test method I get the following errors: Hibernate: insert into Entity1 (id, name) values (null, ?) Hibernate: call identity() Hibernate: insert into Entity2 (miscData, entity_id, id) values (?, ?, ?) 07-Jun-2010 10:51:11 org.hibernate.util.JDBCExceptionReporter logExceptions WARNING: SQL Error: 0, SQLState: null 07-Jun-2010 10:51:11 org.hibernate.util.JDBCExceptionReporter logExceptions SEVERE: failed batch 07-Jun-2010 10:51:11 org.hibernate.event.def.AbstractFlushingEventListener performExecutions SEVERE: Could not synchronize database state with session org.hibernate.exception.GenericJDBCException: Could not execute JDBC batch update at org.hibernate.exception.SQLStateConverter.handledNonSpecificException(SQLStateConverter.java:103) at org.hibernate.exception.SQLStateConverter.convert(SQLStateConverter.java:91) at org.hibernate.exception.JDBCExceptionHelper.convert(JDBCExceptionHelper.java:43) at org.hibernate.jdbc.AbstractBatcher.executeBatch(AbstractBatcher.java:254) at org.hibernate.engine.ActionQueue.executeActions(ActionQueue.java:266) at org.hibernate.engine.ActionQueue.executeActions(ActionQueue.java:167) at org.hibernate.event.def.AbstractFlushingEventListener.performExecutions(AbstractFlushingEventListener.java:298) at org.hibernate.event.def.DefaultFlushEventListener.onFlush(DefaultFlushEventListener.java:27) at org.hibernate.impl.SessionImpl.flush(SessionImpl.java:1001) at org.hibernate.impl.SessionImpl.managedFlush(SessionImpl.java:339) at org.hibernate.transaction.JDBCTransaction.commit(JDBCTransaction.java:106) at test.App.main(App.java:32) Caused by: java.sql.BatchUpdateException: failed batch at org.hsqldb.jdbc.jdbcStatement.executeBatch(Unknown Source) at org.hsqldb.jdbc.jdbcPreparedStatement.executeBatch(Unknown Source) at org.hibernate.jdbc.BatchingBatcher.doExecuteBatch(BatchingBatcher.java:48) at org.hibernate.jdbc.AbstractBatcher.executeBatch(AbstractBatcher.java:247) ... 8 more Note that I use HSQLDB. Any ideas about what is wrong ?

    Read the article

  • Security review of an authenticated Diffie Hellman variant

    - by mtraut
    EDIT I'm still hoping for some advice on this, i tried to clarify my intentions... When i came upon device pairing in my mobile communication framework i studied a lot of papers on this topic and and also got some input from previous questions here. But, i didn't find a ready to implement protocol solution - so i invented a derivate and as i'm no crypto geek i'm not sure about the security caveats of the final solution: The main questions are Is SHA256 sufficient as a commit function? Is the addition of the shared secret as an authentication info in the commit string safe? What is the overall security of the 1024 bit group DH I assume at most 2^-24 bit probability of succesful MITM attack (because of 24 bit challenge). Is this plausible? What may be the most promising attack (besides ripping the device out off my numb, cold hands) This is the algorithm sketch For first time pairing, a solution proposed in "Key agreement in peer-to-peer wireless networks" (DH-SC) is implemented. I based it on a commitment derived from: A fix "UUID" for the communicating entity/role (128 bit, sent at protocol start, before commitment) The public DH key (192 bit private key, based on the 1024 bit Oakley group) A 24 bit random challenge Commit is computed using SHA256 c = sha256( UUID || DH pub || Chall) Both parties exchange this commitment, open and transfer the plain content of the above values. The 24 bit random is displayed to the user for manual authentication DH session key (128 bytes, see above) is computed When the user opts for persistent pairing, the session key is stored with the remote UUID as a shared secret Next time devices connect, commit is computed by additionally hashing the previous DH session key before the random challenge. For sure it is not transfered when opening. c = sha256( UUID || DH pub || DH sess || Chall) Now the user is not bothered authenticating when the local party can derive the same commitment using his own, stored previous DH session key. After succesful connection the new DH session key becomes the new shared secret. As this does not exactly fit the protocols i found so far (and as such their security proofs), i'd be very interested to get an opinion from some more crypto enabled guys here. BTW. i did read about the "EKE" protocol, but i'm not sure what the extra security level is.

    Read the article

  • Inconsistent email formatting with inline css created using Javamail

    - by user1816183
    Okay, so I have a program that sends an email when it is finished running. I use inline css to format the email. This was working up until yesterday however now I am seeing different formats depending on which email account I view the email in. It coincides with an upgrade from Selenium 2.35.0 to 2.37.0 however I don't think this is my issue since I rolled back to 2.35.0 and it still happens. package tests; import java.util.Properties; import javax.mail.Message; import javax.mail.Session; import javax.mail.Transport; import javax.mail.internet.InternetAddress; import javax.mail.internet.MimeMessage; public class TESTTEST { public static void main(String[] args) throws Exception { Properties props = new Properties(); props.put("mail.smtp.host","xxx.xxx.xxx.xxx"); Session session = Session.getInstance(props); String emailFrom="[email protected]"; String emailTo1="[email protected]"; MimeMessage message = new MimeMessage(session); message.setSubject("Testing HTML Email"); message.setFrom(new InternetAddress(emailFrom)); String htmlBody = "<STYLE>body {font-family:sans-serif,arial,helvetica,sans-serif;font-size:9pt;}" +"TABLE {border-collapse:collapse;border:1px solid black;}" +"TH {background-color:grey;color:white;padding:5px;border:1px solid black;font-size:9pt;}" +"TD {padding:5px;border:1px solid black;font-size:9pt;}" +"H3 {font-size:12pt;}" +".PASSED {background-color:#00FF00}" +".FAILED {background-color:#FF0000}" +".SKIPPED {background-color:#DEDEDE}" +".ITALIC {font-style:italic}" +"</STYLE>" + "<TABLE><TR><TD CLASS=PASSED>FAIL</TD><TD STYLE=background-color:#FF0000>FAIL</TD></TR></TABLE>"; message.setContent(htmlBody, "text/html; charset=ISO-8859-1"); message.addRecipient(Message.RecipientType.TO,new InternetAddress(emailTo1)); Transport.send(message,message.getRecipients(Message.RecipientType.TO)); System.out.println(htmlBody); System.out.println("Email Sent"); } } When I view the email in Hotmail/Outlook.com, it looks fine In Gmail In Lotus Notes Anybody able to help?

    Read the article

  • HTML format using Java mail in android

    - by TheDevMan
    I am trying to implement an HTML format mail using the Java mail in android. I would like to get results like this: When I look at the html format sent from lookout in my GMAIL. I don't see any link, but just has this format: [image: Lookout_logo] [image: Signal_flare_icon] Your battery level is really low, so we located your device with Signal Flare. I was trying the following: Properties props = System.getProperties(); props.put("mail.smtp.starttls.enable", "true"); // added this line props.put("mail.smtp.host", host); props.put("mail.smtp.user", from); props.put("mail.smtp.password", pass); props.put("mail.smtp.port", "587"); props.put("mail.smtp.auth", "true"); javax.mail.Session session = javax.mail.Session.getDefaultInstance(props, null); MimeMessage message = new MimeMessage(session); message.setFrom(new InternetAddress(from)); InternetAddress[] toAddress = new InternetAddress[to.length]; // To get the array of addresses for( int i=0; i < to.length; i++ ) { // changed from a while loop toAddress[i] = new InternetAddress(to[i]); } message.setRecipients(Message.RecipientType.BCC, toAddress); message.setSubject(sub); //message.setText(body); body = "<!DOCTYPE html><html><body><img src=\"http://en.wikipedia.org/wiki/Krka_National_Park#mediaviewer/File:Krk_waterfalls.jpg\">"; message.setContent(body, "text/html; charset=utf-8"); Transport transport = session.getTransport("smtp"); transport.connect(host, from, pass); transport.sendMessage(message, message.getAllRecipients()); transport.close(); When I look at the html format sent with the above code. I get the following: <!DOCTYPE html><html><body><img src="http://en.wikipedia.org/wiki/Krka_National_Park#mediaviewer/File:Krk_waterfalls.jpg> How to make sure the user will not be able to see any html code or URL link like the mail sent by LOOKOUT? Thanks!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 117 118 119 120 121 122 123 124 125 126 127 128  | Next Page >