Search Results

Search found 14784 results on 592 pages for 'spring security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 124/592 | < Previous Page | 120 121 122 123 124 125 126 127 128 129 130 131  | Next Page >

  • Ajax and sophisticated graphics in Java web-app

    - by EugeneP
    In my opinion WWW will sooner or later come to full-blown AJAX web-sites, so that we wouldn't have page reloads every time you click somewhere. Now I want you to ask this. What tools and frameworks can one use to make a Java Web-application running on Tomcat have AJAX functionality like "in-place, with no page reloading" table sorting by clicking on its column header, multi-tabs that enable opening at once the new screen to the user without reloading a page, saving data in the database without reloading a page, and other similar things that we do not usually see on web pages. That's all should probably be based on AJAX. But how to integrate this AJAX functionality with existing java web-frameworks, let's say Spring MVC? Or maybe there are other frameworks that better suit such needs but that can be integrated with core Spring?

    Read the article

  • Injecting EntityManager Vs. EntityManagerFactory

    - by SB
    A long question, please bear with me. We are using Spring+JPA for a web application. My team is debating over injecting EntityManagerFactory in the GenericDAO(a DAO based on Generics something on the lines provided by APPFUSE, we do not use JpaDaosupport for some reason) over injecting an EntityManager. We are using "application managed persistence". The arguments against injecting a EntityManagerFactory is that its too heavy and so is not required, the EntityManager does what we need. Also, as Spring would create a new instance of a DAO for every web request(I doubt this) there are not going to be any concurrency issues as in the same EntityManager instance is shared by two threads. The argument for injecting EFM is that its a good practice over all its always good to have a handle to a factory. I am not sure which is the best approach, can someone please enlighten me? SB

    Read the article

  • Testing for security vulnerabilities on web applications

    - by Moak
    A lot of companies use CMS software that updates on the regular, often they are security fixes, implying that the previous version have security vulnerabilities. But most clients never upgrade this, or even the CMS has been modified so that an update would break the site. Are there sites that document these exploits, and instruct how to test for them? Or does this information not even get published? (in order not to have people try to exploit them) Also is there a generic php/js based check list to prevent hack attempts? I know about SQL injections and XSS, but I'm sure that there are more threats out there. Peace

    Read the article

  • How to preserve object identity across different VMs

    - by wheleph
    To be specific let me illustrate the question with Spring http-remoting example. Suppose we have such implementation of a simple interface: public SearchServiceImpl implements SearchService { public SearchJdo processSearch(SearchJdo search) { search.name = "a funky name"; return search; } } SearchJdo is itself a simple POJO. Now when we call the method from a client through http-remoting we'll get: public class HTTPClient { public static void main(final String[] arguments) { final ApplicationContext context = new ClassPathXmlApplicationContext( "spring-http-client-config.xml"); final SearchService searchService = (SearchService) context.getBean("searchService"); SearchJdo search = new SearchJdo(); search.name = "myName"; // this method actually returns the same object it gets as an argument SearchJdo search2 = searchService.processSearch(search); System.out.println(search == search2); // prints "false" } } The problem is that the search objects are different because of serializaton although from logical prospective they are the same. The question is whether there are some technique that allows to support or emulate object identity across VMs.

    Read the article

  • download mail attachment with Java

    - by Don
    Hi, I had a look in the reference doc, and Spring seems to have pretty good support for sending mail. However, I need to login to a mail account, read the messages, and download any attachments. Is downloading mail attachments supported by the Spring mail API? I know you can do this with the Java Mail API, but in the past I've found that very verbose and unpleasant to work with. EDIT: I've received several replies pointing towards tutorials that describe how to send mail with attachments, but what I'm asking about is how to read attachments from received mail. Cheers, Don

    Read the article

  • Which technology should I choose for 3d globe web application

    - by uther-lightbringer
    Hello, i would like to ask you for an advice. I'm currently developing application in Spring consisting of Spring CRUD application as backend, SpringMVC application as tool for management and third part is where my problem lies as I need have application that renders 3d globe which is fed by data from backend from a data set selected by user (user may switch those at will). It has to be web application (though I would prefer not to implement this in flash/flex), composed of two main parts - main part is classic web GUI where user makes his choices and second part is 3d globe which renders the globe with selected set of data visualised. My question is, what do you think is the best option to implement this? Would be SpringMVC framework usable for this kind of application? I will be gratefull for any leads or directions, thank you.

    Read the article

  • lazyinializationexception with transactional annotation in messageconvert

    - by Karl
    Hi, I have a Rest-Service exposed through spring-mvc. I have a particular method which is correctly mapped and called through a http-call. My spring application contains the hibernatetransactionmanager and transactions are configured through @Transactional-annotations. I annotated the method with @Transactional. @Transactional(readOnly = true) @Override @RequestMapping(value = "/start", method = RequestMethod.GET) @ResponseBody public List start(....) Whenever I call the http-method I get org.hibernate.LazyInitializationException from my org.springframework.http.converter.json.MappingJacksonHttpMessageConverter which is bound in my application context. Is the @Transactional annotation valid for the MessageConverter as well?

    Read the article

  • Service Broker error message: Dialog security is unavailable for this conversation because there is

    - by yanigisawa
    I am getting this error in my sys.transmission_queue table whenever I attempt to send a SQL Service Broker message between two different SQL Server servers. (i.e. the databases are on two different physical machines) Dialog security is unavailable for this conversation because there is no security certificate bound to the database principal (Id: 5). Either create a certificate for the principal, or specify ENCRYPTION = OFF when beginning the conversation When this error refers to "database principal" what is it referring to? (the "master" database? dbo user?) I've used the CREATE CERTIFICATE command, backed up the certificate and created a same named certificate on the other server with the backup .cer file from the first server, but I keep getting this message. Any help would be appreciated in getting me pointed in the right direction. I must be missing something obvious. FYI, in my development environment, both the initiating and target databases were on the same physical server, and same SQL instance, and everything was working fine.

    Read the article

  • Keeping messages in queue in case of receiver crash

    - by John Doe
    Hi, We've a Spring JMS message listener container for receiving messages asynchronously. Using DefaultMessageListenerContainer and in sessionTransacted mode. I understand being in sessionTransacted mode means in case of an exception the message will be put back into the queue. But how can I make sure the message won't be deleted from the queue even if the receiver (which is picked the message) crashes or just the machine running it looses power? At first I thought CLIENT_ACKNOWLEDGE acknowledge mode should save me, but apparently it's not the case, Spring calls .acknowledge() no matter what. So here's my question, how can I guarantee the delivery? Using a custom MessageListenerContainer? Using a transaction manager?

    Read the article

  • Android programming: Authentication and data exchange with Java EE

    - by Konsumierer
    I am having a Java application running in a Tomcat server using Spring, Hibernate, etc. and a two web interfaces, one implemented in Tapestry 5 and the other one using Flex with BlazeDS and Spring-BlazeDS. In my first android application I would now like to log in to the server and retrieve some data. I´m wondering how I could achieve this in a secure way. First of all I need to know which technology is the best to retrieve data from the server and how can I restrict the access to users only that have been successfully authenticated. With what I read until now I would try to implement a HTTPServlet on the server and make server calls via HTTP Client. In the servlet I could probably use the HTTPSession to check if the request comes from an authenticated user. And the data I would try to send serialized (JSON). Unfortunately, I´ve never done those things and maybe I´m on the wrong way and there are more comfortable solutions.

    Read the article

  • implementing security with session variables, how it is insecure

    - by haansi
    I am doing web based projects in dotnet. Currently I am implementing security using session variables. I keep current user id and user type in session and authenticate user from these session variables (say Session["UserId"],Session["UserName"] and Session["UserType"]). Please help me understand how this could be insecure. I've heard that such security can be broken and applications can be hacked very easily, like it is possible to get session id and directly connect to that session id etc. Please guide me on this.

    Read the article

  • Secure WS client with UsernameToken(SOAP security header)

    - by user79163
    Hi, I'm trying to secure my WS client to be able to call the WS. My code looks like this: SendSmsService smsService = new SendSmsService(); SendSms sendSMS = smsService.getSendSms(); BindingProvider stub = (BindingProvider)sendSMS; //Override endpoint with local copy of wsdl. String URL ="";//here is the wsdl url Map<String,Object> requestContext = stub.getRequestContext(); requestContext.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, URL); //Set usernametoken URL fileURL = loader.getResource("client-config.xml"); File file = new File(fileURL.getFile()); FileInputStream clientConfig = null; try { clientConfig = new FileInputStream(file); } catch (FileNotFoundException e) { e.printStackTrace(); } XWSSecurityConfiguration config = null; try { config = SecurityConfigurationFactory.newXWSSecurityConfiguration(clientConfig); } catch (Exception e) { e.printStackTrace(); log.warn("Exception: "+e.getMessage()); } requestContext.put(XWSSecurityConfiguration.MESSAGE_SECURITY_CONFIGURATION, config); //Invoke the web service String requestId = null; try { requestId = sendSMS.sendSms(addresses, senderName, charging, message, receiptRequest); } catch (PolicyException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (ServiceException e) { // TODO Auto-generated catch block e.printStackTrace(); } and the config file looks like this: <xwss:JAXRPCSecurity xmlns:xwss="http://java.sun.com/xml/ns/xwss/config" optimize="true"> <xwss:Service> <xwss:SecurityConfiguration dumpMessages="true" xmlns:xwss="http://java.sun.com/xml/ns/xwss/config"> <xwss:UsernameToken name="username" password="password> </xwss:SecurityConfiguration> </xwss:Service> <xwss:SecurityEnvironmentHandler> util.SecurityEnvironmentHandler </xwss:SecurityEnvironmentHandler> </xwss:JAXRPCSecurity> The SecurityEnviromentHandler is a dummy class that implements javax.security.auth.callback.CallbackHandler. Authentication must be in compliance with Oasis Web Services Security Username Token Profile 1.0. But I'm constantly getting "Security header not valid" error. Where am I going wrong, can anyone tell me. I used wsimport(JAX_WS 2.1 to generate classes for my client) Note:Only thing I know about this WS is WSDL URL and user&pass for authentication

    Read the article

  • Business web application platform structure

    - by VoodooRider
    Hi, I would like to develop a web application in java/spring/hibernate serving as a business platform that I could connect plugins to (i.e. CRM plugin, ware plugin, sales plugin). Those plugins could be dependent of other plugins in a tree manner. The parent project would be packaged as war having all the basic configuration and looks (spring configs, css, scripts), ready to go user and group management, security settings, etc. All together I would like it to behave and look a bit like Joomla, but built using different tools for different purposes. And I have a few questions concerning that project: Do you know of any open source projects offering such a platform ready to go? If not is maven applicable for managing those plugins? What is the best way to package and deploy those plugins? And the last but not least, basically is this the right way to go or is a dead end and it would be better to create a separate web app for those business needs?

    Read the article

  • Expose jar resources over web

    - by Heavy Bytes
    I have a web-service (with Spring-WS). I have a jar with several schemas (schema1.xsd, schema2.xsd and schema3.xsd) which I include in my web service. Is there a way to expose the schemas from the jar through a servlet somehow in my web-service wep app? My Spring MessageDispatcherServlet is mapped to /ws/ I would like my schemas to be exposed to /schemas/schema1.xsd /schemas/schema2.xsd and so on. I have an idea how to do it with a servlet, but it's too verbose and there has to be a nicer way. The way I am thinking is have a servlet filter and everything that hits /schemas/ check if it is in my list of allowed resources and display it. This has to be a server agnostic solution. (For instance http://tuckey.org/urlrewrite/ will not work). Thanks.

    Read the article

  • Checking validation errors in XMLHttpRequest

    - by egaga
    $.post(actionUrl, serializedForm, function(response) { ... } I need to check whether validation of form succeeded, or not (I don't need to know the exact validation errors). The validation is done by Spring, and I wouldn't like to interfere the process, because there's some annoying dependencies. What would be the best approach? Is there a Spring error object in response, or is it accessible only in server side? I would also like to know if there's is any proper documentation about response in jQuery site? How can I traverse or manipulate it?

    Read the article

  • Applet in client-server infrastructure

    - by Andrey
    Hello! I have a general question concerning client-server design. We have a Java server with Spring, a GWT client program and some HTTP-servlets for our site. At the moment we also want to develop an applet which would communicate with that server in such a way GWT-client and site requests do. Is it a good idea to communicate with the server from applet by RMI? I.e. to create some Remote services, register them with Spring and call them from applet? Thanks in advance!

    Read the article

  • Do AOP violate layered architecture for enterprise apps?

    - by redzedi
    The question(as stated in the title) comes to me as recently i was looking at Spring MVC 3.1 with annotation support and also considering DDD for an upcoming project. In the new Spring any POJO with its business methods can be annotated to act as controller, all the concerns that i would have addressed within a Controller class can be expressed exclusively through the annotations. So, technically i can take any class and wire it to act as controller , the java code is free from any controller specific code, hence the java code could deal with things like checking security , starting txn etc. So will such a class belong to Presentation or Application layer ?? Taking that argument even further , we can pull out things like security, txn mgmt and express them through annotations , thus the java code is now that of the domain object. Will that mean we have fused together the 2 layers? Please clarify

    Read the article

  • Best memory settings for eclipse 4.2 (STS 3.1) on Windows 7 64 bit?

    - by jorrebor
    I apoligize in advance if this question is indeed too subjective as SO warns me. My workstation has 8 gb of ram and runs windows 7 64 bit. I use the Spring tool Suite (3.1) but as soon as i am starting to open and modify the spring config (.xml) files, STS becomes incredibly slow. I already tried switching off "build automatically" and to increase memory settings but no luck. How should i change my .ini ? this is what i have set now: -vm C:/Program Files/Java/jdk1.7.0_07/bin/javaw.exe -startup plugins/org.eclipse.equinox.launcher_1.3.0.v20120522-1813.jar --launcher.library plugins/org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20120522-1813 -product org.springsource.sts.ide --launcher.defaultAction openFile --launcher.XXMaxPermSize 4096M -vmargs -Dosgi.requiredJavaVersion=1.5 -Xms512m -Xmx2048m -XX:MaxPermSize=512m My collageu running the same project in IntelliJ, has no problems. Thank you!

    Read the article

  • Reset JPA generated value between tests

    - by Rythmic
    I'm running spring + hibernate + JUnit with springJunit4runner and transactional set to default rollback I'm using in-memory derbydb as Database. Hibernate is used as a JPA Provider and I am successfully testing CRUD kinds of stuff. However, I have a problem with JPA and the behaviour of @GeneratedValue If I run one of my tests in isolation, two entitys are persisted with id 1 and 2. If i run the whole test suite the ids are instead 6 and 7. Spring does rollbacks just fine so there are only these two entitys in the database after addition and of course zero before. But behaviour of @GeneratedValue doesn't allow me to reliable findById unless I would return the Id from the dao.add(Entity e) //method I don't feel like doing that for the sake of testing, or is it a good practise to return the entity that was persisted so I should be doing it anyway?

    Read the article

  • how to remove security settings from a connection string in vb.net

    - by teju
    hi i am trying to add data to the database that was created by some one but when am trying to insert or delete or update the exception is raising and entire project is not working properly and the error i am facing is "A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: SQL Network Interfaces, error: 26 - Error Locating Server/Instance Specified)" so now what should i do to resolve this error and my connection string is written as Dim CON As New SqlConnection("Integrated Security=SSPI; Persist Security Info=False;Initial Catalog=DIGITALGAMES; Data Source=TEJUS-PC\SQLEXPRESS") is there any problem with my connection string ??

    Read the article

  • Create files on C:\ root gives error 0x80070522

    - by Bryan
    One of our customers has just found a problem when trying to create a file on the root of the C:\ Drive, on a Windows 7 Professional PC. I know they shouln't be keeping files here, but there is a valid reason in this case, so I've relaxed the security on the root of C:\ by giving the group 'users' modify permission. Before I relaxed the security, the user was receiving 'access denied', but now they are receiving the message: An unexpected error is keeping you from creating the file. If you continue to recieve this error, you can use the error code to search for help with this problem. Error 0x80070522: A required priviledge is not held by the client. Googling for this suggests that it is caused by UAC, but how can I get round this when the user doesn't have admin rights on their PC?

    Read the article

  • How to run Firefox in Protected Mode? (i.e. at low integrity level)

    - by Ian Boyd
    i noticed that Firefox, unlike Chrome and Internet Explorer, doesn't run in the Low Mandatory Level (aka Protected Mode, Low Integrity) Google Chrome: Microsoft Internet Explorer: Mozilla Firefox: Following Microsoft's instructions, i can manually force Firefox into Low Integrity Mode by using: icacls firefox.exe /setintegritylevel Low But Firefox doesn't react well to not running with enough rights: i like the security of knowing that my browser is running with less rights than i have. Is there a way to run Firefox into low rights mode? Is Mozilla planning on adding "protected mode" sometime? Has someone found a workaround to Firefox not handling low rights mode? Update From a July 2007 interview with Mike Schroepfer, VP of Engineering at the Mozilla Foundation: ...we also believe in defense in depth and are investigating protected mode along with many other techniques to improve security for future releases. After a year and a half it doesn't seem like it is a priority.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 120 121 122 123 124 125 126 127 128 129 130 131  | Next Page >