Search Results

Search found 16101 results on 645 pages for 'owsm webservices ws security ws trust soa secuirty'.

Page 125/645 | < Previous Page | 121 122 123 124 125 126 127 128 129 130 131 132  | Next Page >

• Web service actionscript error

  - by H P

  Hello, I am new to Flex and needed some help setting up Web service client. I have a web service of method: public String printEchoStr(String str); I am facing problem while creating action script to call this service. I am getting error: 1067: Implicit coercion of a value of type String to an unrelated type generated.webservices:PrintEcho. I am not sure if this is the correct way. Thanks, -H <?xml version="1.0" encoding="utf-8"?> <mx:Application xmlns:mx="http://www.adobe.com/2006/mxml" layout="absolute" xmlns:srv="generated.webservices.*" creationComplete="initFunc()"> <mx:Script> <![CDATA[ import generated.webservices.EchoService; import generated.webservices.PrintEchoStrResultEvent; import generated.webservices.PrintEchoResultEvent; import mx.rpc.events.ResultEvent; import mx.rpc.events.FaultEvent; import mx.controls.Alert; import generated.webservices.PrintEchoStr; import generated.webservices.PrintEcho; public var myService:EchoService = new EchoService(); private function initFunc():void{ myService.addprintEchoStrEventListener(argPrintEchoStr); /*-------------- 1067: Implicit coercion of a value of type String to an unrelated type generated.webservices:PrintEcho. at line below ----------------*/ myService.printEchoStr(textAreaPrintEchoStr.text); myService.addEventListener(FaultEvent.FAULT,myServices_faultHandler); } public function argPrintEchoStr(event:PrintEchoStrResultEvent):void{ trace(event.result); } private function myServices_faultHandler(event:FaultEvent):void { Alert.show(event.fault.faultString,"error with WebServices"); } ]]> </mx:Script> <mx:TextArea id ="textAreaPrintEchoStr" x="81" y="125"/> </mx:Application>

  Read the article

• Paypal's "Security header is not valid"

  - by Paypal

  I'm implementing the Express Checkout? I have no problem with the first two steps:SetExpressCheckout and GetExpressCheckout,but met the "Security header is not valid" at DoExpressCheckout. The API credentials are the same! I've fixed it by changing the $environment to live in DoExpressCheckout.(The difference is that it'll use https://api.sandbox.paypal.com/nvp/ instead of https://api-3t.$environment.paypal.com/nvp) But why? Is there something wrong with https://api-3t.$environment.paypal.com/nvp?

  Read the article

• Turn off IIS 7.5 Attach security warning

  - by Miau

  IIS 7 and Visual Studio 2008, every time you attach to w3wp.exe you get an Attach Security Warning, How do you turn this of? It would be cool to know also, how to keep it attached for linger, as this seems to time out after a while Btw: I Added this as a comment to the answer below, the first thing i did was try the msdn article http://msdn.microsoft.com/en-us/library/ms241736.aspx that doesn't work

  Read the article

• Make a Method of the Business Layer secure. best practice / best pattern [.net/c#]

  - by gsharp

  Hi We are using ASP.NET with a lot of AJAX "Page Method" calls. The WebServices defined in the Page invokes methods from our BusinessLayer. To prevent hackers to call the Page Methods, we want to implement some security in the BusinessLayer. We are struggling with two different issues. First one: public List<Employees> GetAllEmployees() { // do stuff } This Method should be called by Authorized Users with the Role "HR". Second one: public Order GetMyOrder(int orderId) { // do sutff } This Method should only be called by the owner of the Order. I know it's easy to implement the security for each method like: public List<Employees> GetAllEmployees() { // check if the user is in Role HR } or public Order GetMyOrder(int orderId) { // check if the order.Owner = user } What I'm looking for is some pattern/best practice to implement this kind of security in a generic way (without coding the the if then else every time) I hope you get what i mean :-) Thanks for you help.

  Read the article

• Make a Method of the Business Layer secure. best practice / best pattern

  - by gsharp

  We are using ASP.NET with a lot of AJAX "Page Method" calls. The WebServices defined in the Page invokes methods from our BusinessLayer. To prevent hackers to call the Page Methods, we want to implement some security in the BusinessLayer. We are struggling with two different issues. First one: public List<Employees> GetAllEmployees() { // do stuff } This Method should be called by Authorized Users with the Role "HR". Second one: public Order GetMyOrder(int orderId) { // do sutff } This Method should only be called by the owner of the Order. I know it's easy to implement the security for each method like: public List<Employees> GetAllEmployees() { // check if the user is in Role HR } or public Order GetMyOrder(int orderId) { // check if the order.Owner = user } What I'm looking for is some pattern/best practice to implement this kind of security in a generic way (without coding the the if then else every time) I hope you get what i mean :-)

  Read the article

• Where to find wsgen tool ?

  - by Java Guy

  Where to find the wsgen tool?

  Read the article

• osCommerce Security Issue

  - by Auxi

  Hi, I am planning to integrate some opensource shopping cart with my site and I am bit worried about it's security. Is it that easy to hack osCommerce based website? Because I am thinking to use osCommerce.. Kindly advise.

  Read the article

• Where can I find a deliberately insecure open source web application?

  - by Phil Laliberte

  As a developer, I've learned that I usually gain a better understanding of best/worst practices through experience. The area of web application security isn't really somewhere where my organization can afford to let developers learn through trial and error. So looking for a hands-on approach to knowledge sharing of best practices in web application security, I was thinking that it would be useful to have an open source application that was deliberately built to be insecure in order to help teach junior developers about application security. Does anyone out there know where to find something like this?

  Read the article

• More info about your jQuery.youtubin post to overcome IE security warning

  - by Bill Rishsew

  We've used the youtubin for jquery on our page and we still get the security warning in IE. Did you do more than simply use the script?

  Read the article

• How to merge several detached signatures from different people into one?

  - by Petr Pudlák

  A group of people wants to publish a file and they all want to digitally sign the file as different recipients of the file will have different chains of trust. For simplicity, it's desired that there is only one detached signature file with all the signatures, so that the recipients don't need to check them one by one: foo.tar.gz foo.tar.gz.sig However, for security reasons, every person needs to perform the signing on their computer, it's not possible to create the combined signature by having multiple private keys on one computer and performing the operation with one command. Is it possible with GPG to somehow merge detached signatures of a file from multiple participants?

  Read the article

• Storing a NTFS Security Descriptor in C

  - by Doori Bar

  My goal is to store a NTFS Security Descriptor in its identical native state. The purpose is to restore it on-demand. I managed to write the code for that purpose, I was wondering if anybody mind to validate a sample of it? (The for loop represents the way I store the native descriptor) This sample only contains the flag for "OWNER", but my intention is to apply the same method for all of the security descriptor flags. I'm just a beginner, would appreciate the heads up. Thanks, Doori Bar #define _WIN32_WINNT 0x0501 #define WINVER 0x0501 #include <stdio.h> #include <windows.h> #include "accctrl.h" #include "aclapi.h" #include "sddl.h" int main (void) { DWORD lasterror; PSECURITY_DESCRIPTOR PSecurityD1, PSecurityD2; HANDLE hFile; PSID owner; LPTSTR ownerstr; BOOL ownerdefault; int ret = 0; unsigned int i; hFile = CreateFile("c:\\boot.ini", GENERIC_READ | ACCESS_SYSTEM_SECURITY, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_FLAG_BACKUP_SEMANTICS, NULL); if (hFile == INVALID_HANDLE_VALUE) { fprintf(stderr,"CreateFile() failed. Error: INVALID_HANDLE_VALUE\n"); return 1; } lasterror = GetSecurityInfo(hFile, SE_FILE_OBJECT, OWNER_SECURITY_INFORMATION , &owner, NULL, NULL, NULL, &PSecurityD1); if (lasterror != ERROR_SUCCESS) { fprintf(stderr,"GetSecurityInfo() failed. Error: %lu;\n", lasterror); ret = 1; goto ret1; } ConvertSidToStringSid(owner,&ownerstr); printf("ownerstr of PSecurityD1: %s\n", ownerstr); /* The for loop represents the way I store the native descriptor */ PSecurityD2 = malloc( GetSecurityDescriptorLength(PSecurityD1) * sizeof(unsigned char) ); for (i=0; i < GetSecurityDescriptorLength(PSecurityD1); i++) ((unsigned char *) PSecurityD2)[i] = ((unsigned char *) PSecurityD1)[i]; if (IsValidSecurityDescriptor(PSecurityD2) == 0) { fprintf(stderr,"IsValidSecurityDescriptor(PSecurityD2) failed.\n"); ret = 2; goto ret2; } if (GetSecurityDescriptorOwner(PSecurityD2,&owner,&ownerdefault) == 0) { fprintf(stderr,"GetSecurityDescriptorOwner() failed."); ret = 2; goto ret2; } ConvertSidToStringSid(owner,&ownerstr); printf("ownerstr of PSecurityD2: %s\n", ownerstr); ret2: free(owner); free(ownerstr); free(PSecurityD1); free(PSecurityD2); ret1: CloseHandle(hFile); return ret; }

  Read the article

• Is Exchange protected from/allow back dated emails?

  - by David

  Does Exchange Server adequately protect against backdating items in a mailbox folder? I want to determine from an auditing perspective what level of risk exists/what trust can be put into Exchange database records. Is there a (mis)feature that allows end point users to modify the sent/recieved date fields on their own messages? Is there a reasonable way short of hand editing the files for an Exchange Server admin to make such a change? And most importantly: Is there any kind of "sequence number" that we could use to audit Exchange records for evidence of date manipulation (ex. msg100 = Dec 15, msg101 = Dec 10, msg102 = Dec 16)

  Read the article

• Identifying program attempting to install certificate on windows

  - by R..

  I'm trying to help a friend using Windows (which I'm not an expert on by any means) who's experiencing malware-like behavior: a dialog box is repeatedly popping up reading: You are about to install a certificate from a certification authority (CA) claiming to represent: CE_UmbrellaCert Warning: If you install this root certificate, Windows will automatically trust any certificate issued by this CA. Installing a certificate with an unconfirmed thumbprint is a security risk. If you click "yes" you acknowledge this risk. AV and anti-malware scanners don't detect anything. My friend hasn't accepted installing the certificate, but whatever program is trying to install it keeps retrying, making the system unusable (constant interruptions). Is there any way to track down which program is making the attempt to install it so this program can be uninstalled/deleted?

  Read the article

• default file/folder security permissions sbs 2003

  - by Floris

  I have lost all file/folder security permissions of a SBS 2003 installation and was wondering is there some command I can run to restore system file/folder permissions to there default values. I lost the permissions when I had boot error and had to restore the primary boot sector from backup primary boot sector and had to tun fixboot to get the system booting again. Many Thanks Floris

  Read the article

• Writable folder by all users on the same pc

  - by Catalin DICU

  I have a desktop .NET WPF application witch uses an embedded database (SQLite). Where to put the database file ? It's the same database for all users. I tried to use CommonAppData but it's not writable by non-admin users. So I tried to use a custom installer action to give write rights to all users to this folder but it fails on domain PCs. The code is: DirectorySecurity security = Directory.GetAccessControl(appDataPath); FileSystemAccessRule rule = new FileSystemAccessRule("Users", FileSystemRights.WriteData, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.InheritOnly, AccessControlType.Allow); security.AddAccessRule(rule); Directory.SetAccessControl(appDataPath, security); Would ".\Users" insead of "Users" work on a domain ? Is this the best approach ? Is there any other folder I could use ?

  Read the article

• Apache Axis web service clients vs plain SOAP requests.

  - by Andy Pryor

  I'm looking for the best way to consume a Java web service that returns rather large and complex objects. I am currently using Apache Axis clients generated from the wsdl, (using eclipse "generate web service client" tool). We have concerns about performance of this. The service proxy objects are not thread safe, and they are rather heavy to instantiate, 2-3 MB on the JVM. The other alternative is making HTTP connections and building a String SOAP requests. I would have to interpret the response, and build objects from the XML. Would this be a better alternative to the heavy axis objects? I searched for good reading on this, if any one had any links I would greatly appreciate it.

  Read the article

• Certificates compartments (certmgr.msc)?

  - by Royi Namir

  After reading a while , Im trying to understand what kind of certificates will be found at : Personal Other People Trusted Root Certicfiation Authorities will personal will contains only private keys ? I'm a bit confused. What about certificates which arent trusted and I manually trust them , where will they be ? Also , Why do I only have the CurrentUser Tab in my computer ? where is the local computer tab ? here is a picture from the internet. I only have the "current user" Node.... Thanks.

  Read the article

• IIS token based security, ssl certificate and https, proxy

  - by davidgshi

  I have developed a new web service. Now, I need to deal with security issue as we are intending to make it a secure service. In order to set up SSL and https, I need to obtain and install an SSL certificate. Who is the certificate authority? Do you know how to go about with this? Are there concise articles on this? Regards. David

  Read the article

• Symfony 1.3: the signin form appears even when i have the security set to false

  - by user248959

  Hi, i have installed sfDoctrineGuardExtraPlugin and when i try to execute an action from sfGuardRegister or sfGuardForgotPassword i get the sfDoctrineGuardUser signin form. I have the security set to false. I don't have that problem with other modules. Any idea? sfDoctrineGuardExtraPlugin 1.3 and sfDoctrineGuardPlugin 4. Javi

  Read the article

• Grails spring security defaultTargetUrl going wrong path

  - by fsi

  Grails 2.4 with Spring security 2 3RC I have this on my Config.groovy grails.plugin.springsecurity.controllerAnnotations.staticRules = [ '/': ['permitAll'], '/index': ['permitAll'], '/index.gsp': ['permitAll'], '/**/js/**': ['permitAll'], '/**/css/**': ['permitAll'], '/**/images/**': ['permitAll'], '/**/favicon.ico': ['permitAll'] ] grails.plugin.springsecurity.successHandler.defaultTargetUrl = "/home/index" But this keeping me redirecting to assets/favicon.ico And my HomeController is like that @Secured(['ROLE_ADMIN', 'ROLE_USER']) def index() { if (SpringSecurityUtils.ifAllGranted('ROLE_ADMIN')) { redirect controller: 'admin', action: 'index' return } } And I modify this in my UrlMapping: "/"(controller: 'home', action:'index') Why it keeps me sending wrong path? Update: using another computer, it redirects me to /asset/grails_logo.png

  Read the article

• Microsoft .NET security model

  - by Thomas

  Hi all, I am looking for informations about the security model of Microsoft .NET If you could explain me how it is design, or give me links to understand it, it would be very kind of you ! Thanks.

  Read the article

• Monitor someone on server

  - by edo

  Im in the unfortunate position of having to give someone who I do not fully trust privileged access to a webserver to finish work that they never completed. They will access the server remotely (ie I will not be able to see their screen). What can be done to a) proactively limit any potential damage and b) accurately log anything they do on the server for analysis afterwards, even if things seem ok? They will be updating a web application. Thanks in advance! --- More informtion: The server is a Ubuntu AWS server.

  Read the article

• Custom Response + HTTP status?

  - by Cristian Boariu

  Hi, I have a rest interface for my project. For one class i have a POST method where you can post an xml and i RETURN a custom response like: <userInvitation>Invalid email</userInvitation> if the email from the xml which was posted, was incorrect + other custom messages i have defined for different situations. For all of these the HTTP STATUS is automatically put on 200 (OK). Is there any way to change it? Ps: I know that i can throw a web application like : throw new WebApplicationException(Response.Status.BAD_REQUEST); but in this case my custom response is no more included. So i just want to return my custom error + 400 as http response. Thanks in advance.

  Read the article

• Limiting what a .net plugin can access

  - by David Hogue

  I have a web application that can load plugins through reflection. It currently uses Assembly.LoadFrom() and Activator.CreateInstance() to get this done. Right now plugins are loaded into the same AppDomain and have access to anything in my app and anything my app could access. What I'm looking for is a way to limit what classes and methods the plugin can access for security purposes. I want to have all of my classes and methods throw an exception when called unless they are whitelisted. I'd be whitelisting basically all the functions in an API class and a few data transfer objects. I also don't want the plugin to be able to access the filesystem or the database on it's own. I think I can do that with trust levels in a separate AppDomain though. Does anyone out there have any good ideas or resources? Is this something that could be done with Code Access Security or the new Security-Transparent Code features in .net 4?

  Read the article

• Beginning PHP for someone interested in Security

  - by MaXX

  I'd like to learn PHP specifically for dealing with security vulnerabilities/exploits. Could someone recommend a book? I don't know if I need to learn HTML/CSS/XML/XHTML etc, do I have to learn those too? I don't really plan on designing websites, could anyone help me with this? :P

  Read the article

< Previous Page | 121 122 123 124 125 126 127 128 129 130 131 132  | Next Page >