Search Results

Search found 14784 results on 592 pages for 'spring security'.

Page 131/592 | < Previous Page | 127 128 129 130 131 132 133 134 135 136 137 138  | Next Page >

  • AutoMapper and SecurityException in IIS

    - by Felipe
    Hi everybody... I'm developing a asp.net mvc application with nhibernate and I would not like to expose my objects mappings with NHibernate, so I created DTO for each entity and I'm trying to convert my Domain objects to DTO and send it to View. So I have in my sollution: ClassLibrary with my Domain (for NHibernate) and DTO objetcs Class library to make a SessionFactory adn Factories in my Project Asp.Net MVC 2 Application So, I download AutoMapper to transform Domain objects in DTO and add a the code to do this in Application_Start of global.asax. When I run in VisualStudio (by pressing F5) it works fine and my dtos are into the view, So when I publish this in IIS, I get a security exception =( in first line of conversion: Mapper.CreateMap(); <--- this line throw exception Mapper.CreateMap(); System.Security.SecurityException: Failed request for the permission of type 'System.Security.Permissions.ReflectionPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'. What can I do to resolve this to work in IIS ? When I will publish it on web server, the error will get too :( Thanks Cheers

    Read the article

  • Questions and considerations to ask client for designing a database

    - by Julia
    Hi guys! so as title says, I would like to hear your advices what are the most important questions to consider and ask end-users before designing database for their application. We are to make database-oriented app, with special attenion to pay on db security (access control, encryption, integrity, backups)... Database will also keep some personal information about people, which is considered sensitive by law regulations, so security must be good. I worked on school projects with databases, but this is first time working "in real world", where this db security has real implications. So I found some advices and questions to ask on internet, but here I always get best ones. All help appreciated! Thank you!

    Read the article

  • WindowsIdentity Token in Legacy ASP

    - by Max Schmeling
    I've created a .Net library at work that is used by all of our developers. The security part of it uses Microsoft AzMan for the security backend. In order to create a security (AzMan) ClientContext I have to pass it a token value (as a uint). This is all fine an dandy until I needed to make a COM wrapper for our common library so some of our legacy pages could take advantage of it without being rewritten for now. I cannot figure out how to get the token value to pass to AzMan from legacy ASP. The COM wrapper is setup to run as a COM Server and runs as a specific user that we use here for all COM objects, therefor the common library can't just pull the identity using .Net. Any ideas?

    Read the article

  • silverlight 4 net tcp binding security

    - by SLfan
    This document talks about how to send username and password from SL4 app to a web service. It assumes that HTTPS will be used for transport. However, I want to use NET TCP because of its speed. Is that possible because another article says net tcp in SL4 does not provide transport level security. If that's incorrect then how do I convert the https implementation to net tcp?

    Read the article

  • Broken images and security warnings in Facebook Connect

    - by Adam
    I'm hoping this is just a bug on Facebook's end that will be fixed soon, but in my Facebook Connect app I'm launching the dialogue FB provides to make a post. This dialogue is launched on a page with an SSL connection. In this dialogue the profile pic for some users comes up with a security warning while others display correctly. I'm already setup to use Facebook's SSL javascript file instead of the HTTP file.

    Read the article

  • Security warnings in Facebook Connect

    - by Adam
    I'm hoping this is just a bug on Facebook's end that will be fixed soon, but in my Facebook Connect app I'm launching the dialogue FB provides to make a post. This dialogue is launched on a page with an SSL connection. In this dialogue the profile pic for some users comes up with a security warning while others display correctly. I'm already setup to use Facebook's SSL javascript file instead of the HTTP file.

    Read the article

  • java.security.AccessControlException: access denied Exception

    - by Nila
    Hi! I'm trying to do a simple program for RMI. But, I'm getting the following exception while running the line Naming.rebind("interfacename",Remoteserverobject); java.security.AccessControlException: access denied (java.net.SocketPermission 127.0.0.1:1099 connect,resolve) How to overcome this problem. Thanks in advance

    Read the article

  • Axis2 custom handler to turn security off

    - by Michael
    I have a WCF service endpoint exposed over wsHttp binding with zero security config. When i call the service from Java I get the following error: org.apache.axis2.AxisFault: Must Understand check failed for header http://www.w3.org/2005/08/addressing : Action at org.apache.axis2.engine.AxisEngine.checkMustUnderstand(AxisEngine.java:102) How do I set the mustunderstand header to false. I would prefer to do this in code than via configuration.

    Read the article

  • Addressing "Access Denied" Exception with WMI Calls

    - by Joe
    I'm getting an exception with a message of "Access Denied" when executing against a WMI request. Some WMI requests appear to require higher security privileges than others. Ultimately my goal is to monitor process launches within the system and log. Regardless if there is a better approach, its now become a vendetta in getting this WMI approach to work. I've attempted the code at Security Tools - WMI Programming Using C#.Net and still receive the exception. If you copy the code found in the blog entry you can reproduce my issue. Another post on a similar topic can be found at link text but again, try the code and you'll the see the same security exception. How do I permit my code to execute these WMI requests? I'm running on Windows 7 Pro and VS 2010 in a new C# command line project.

    Read the article

  • Mixing JQuery Ajax with ASP.NET : is there any security risk

    - by Sayem Ahmed
    I am using jQuery with ASP.NET in a project. Instead of using ASP.NET Ajax, I am using jquery's ajax functions. Is there any security risk if I do that? I mean, since I am using jquery's ajax calls, no view state information will be passed to the server so that it can verify the page's authenticity (though it saves a lot of bandwidth..). I would also like to know what is the best/good practice here.

    Read the article

  • iphone: is there any secure way to establish 2-way SSL from an application

    - by pmilosev
    Hi I need to establish a HTTPS 2-way SSL connection from my iPhone application to the customer's server. However I don't see any secure way to deliver the client side certificates to the application (it's an e-banking app, so security is really an issue). From what I have found so far the only way that the app would be able to access the certificate is to provide it pre-bundeled with the application itself, or expose an URL from which it could be fetched (http://stackoverflow.com/questions/2037172/iphone-app-with-ssl-client-certs). The thing is that neither of this two ways prevent some third party to get the certificate, which if accepted as a risk eliminates the need for 2-way SSL (since anyone can have the client certificate). The whole security protocol should look like this: - HTTPS 2-way SSL to authenticate the application - OTP (token) based user registration (client side key pair generated at this step) - SOAP / WSS XML-Signature (requests signed by the keys generated earlier) Any idea on how to establish the first layer of security (HTTPS) ? regards

    Read the article

  • Create java sandbox based on security policies

    - by argos
    I need to create environment to run potentially untrusted code. Program allowed to connect to preconfigured address:port and nothing else (even read the system time). I have compiled the class whitelist. I'd searched similar questions, but found only template that based on SecurityManager which AFAIK is deprecated. Can anybody give me a simple sample how to run code in sandbox based on security policies and AccessController?

    Read the article

  • IHTMLTxtRange.execCommand("Copy",false,null) fails due to IE settings

    - by srirambalaji-s
    We have a .Net application that is used for editing/rendering customized HTML documents. It is hosted in IE using the AxSHDocVw.AxWebBrowser controls. We proceed with navigating to "about:blank" page initially then we change the Document by writing our custom values into it. The problem we are facing is the call to IHTMLTxtRange.execCommand("Copy",false,null) is failing if we don't enable the IE Security Settings in the Internet Security zone (Scripting-Allow Programmatic Access to Clipboard ). In order to bypass the security setting ,I tried to point to a local html file initially while navigating. But this fails as soon as I modify the Document. I want to use the IHTMLTxtRange.execCommand("Copy",false,null) command so that I can customize our Copy/Paste operations. Is there any other way I can do this. Please share your ideas inorder to overcome this situation. Thanks. Sriram

    Read the article

  • json webservice security

    - by crisgomez
    I have a problem regarding json web service security. I tried to developed a sample web application using json webservice,but the problem is the url was exposed on the client side.So from there,anybody can make a program and call the service for a thousand times. Please take note, that the web service will be using for a registration page, in which checks if the user was exist on the database.So there is no authentication happened on this process. What are the approach to secure the calling of the exposed web service?

    Read the article

  • How to configure grails and shiro to mark cookies secure?

    - by j4y
    I'm using Grails 2.2.4 with the Shiro plugin (v1.1.4) and would like to mark the cookies as secure so the session information won't be sent over http. This is the attribute I want to set: securityManager.sessionManager.sessionIdCookie.secure = true The shiro source says to use the Grails bean property override mechanism, which is grails-app/conf/spring/resources.groovy How can I override just the one setting? // If the legacy 'security.shiro.filter.config' option is set, // use our custom INI-based filter... if (application.config.security.shiro.filter.config) { log.warn "security.shiro.filter.config option is deprecated. Use Grails' bean property override mechanism instead." 'filter-class'('org.apache.shiro.grails.LegacyShiroFilter') 'init-param' { 'param-name'('securityManagerBeanName') 'param-value'('shiroSecurityManager') }

    Read the article

  • Why can't I retrieve the entities I've just persisted?

    - by felipecao
    I've got this web service that basically queries the database and returns all persisted entities. For testing purposes, I've created a TestDataManager that persists 2 example entities after Spring context is loaded (BTW, I'm using JAX-WS, Spring, Hibernate and HSQLDB). My TestDataManager looks like this: @Component public class TestDataManager { @Resource private SessionFactory sf; @PostConstruct @Transactional(readOnly = false, propagation = Propagation.REQUIRES_NEW) public void insertTestData(){ sf.openSession(); sf.openSession().beginTransaction(); sf.openSession().persist(new Site("site one")); sf.openSession().persist(new Site("site two")); sf.openSession().flush(); } } My JAX-WS endpoint looks like this: @WebService public class SmartBrickEndpoint { @Resource private WebServiceContext context; public Set<Site> getSitesForUser(String user){ return getSiteService().findByUser(new User(user)); } private ISiteService getSiteService(){ ServletContext servletContext = (ServletContext) context.getMessageContext().get("javax.xml.ws.servlet.context"); return (ISiteService) BeanRetriever.getBean(servletContext, ISiteService.class); } } This my Service class: @Component @Transactional(readOnly = true) public class SiteService implements ISiteService { @Resource private ISiteDao siteDao; @Override public Set<Site> findByUser(User user) { return siteDao.findByUser(user); } } This is my DAO: @Component @Transactional(readOnly = true) public class SiteDao implements ISiteDao { @Resource private SessionFactory sessionFactory; @Override public Set<Site> findByUser(User user) { Set<Site> sites = new LinkedHashSet<Site>(sessionFactory.getCurrentSession().createCriteria(Site.class).list()); return sites; } } This is my applicationContext.xml: <context:annotation-config /> <context:component-scan base-package="br.unirio.wsimxp.dao"/> <context:component-scan base-package="br.unirio.wsimxp.service"/> <context:component-scan base-package="br.unirio.wsimxp.spring"/> <bean id="applicationDS" class="org.springframework.jdbc.datasource.DriverManagerDataSource"> <property name="driverClassName" value="org.hsqldb.jdbcDriver"/> <property name="url" value="jdbc:hsqldb:file:sites"/> </bean> <bean id="sessionFactory" class="org.springframework.orm.hibernate3.annotation.AnnotationSessionFactoryBean"> <property name="dataSource" ref="applicationDS" /> <property name="configLocation"> <value>classpath:hibernate.cfg.xml</value> </property> <property name="hibernateProperties"> <props> <prop key="hibernate.dialect">org.hibernate.dialect.HSQLDialect</prop> <prop key="hibernate.show_sql">true</prop> <prop key="hibernate.format_sql">true</prop> <prop key="hibernate.connection.release_mode">on_close</prop> <!--<prop key="hibernate.current_session_context_class">thread</prop>--> <prop key="hibernate.query.factory_class">org.hibernate.hql.classic.ClassicQueryTranslatorFactory</prop> <prop key="hibernate.hbm2ddl.auto">create-drop</prop> </props> </property> </bean> <bean id="transactionManager" class="org.springframework.orm.hibernate3.HibernateTransactionManager"> <property name="sessionFactory" ref="sessionFactory" /> </bean> <tx:annotation-driven transaction-manager="transactionManager" /> This is what's going on now: when the app is deployed, TestDataManager#insertTestData kicks-in (due to @PostConstruct) and persist does not raise any exception. I should have 2 entities in the DB by now. Afterwards, I invoke the endpoint by a SOAP client, and the request goes all the way up to the DAO. The Hibernate invocation does not raise any exception, but the returned list is empty. The odd thing is, in TestDataManager, if I switch from sf.openSession() to sf.getCurrentSession(), I get an error message: "No Hibernate Session bound to thread, and configuration does not allow creation of non-transactional one here". What I am doing wrong here? Why is the query "not seeing" the persisted entities? Why do I need to invoke sf.openSession() on TestDataManager although it's annotated with @Transactional? I have done some tests with hibernate.current_session_context_class=thread in application.xml, but then I just switch problems in each class. I'd like not needing to manually invoke sf.openSession() and leave that for Hibernate to take care. Thanks a lot for any help!

    Read the article

  • Untrusted GPGPU code (OpenCL etc) - is it safe? What risks?

    - by Grzegorz Wierzowiecki
    There are many approaches when it goes about running untrusted code on typical CPU : sandboxes, fake-roots, virtualization... What about untrusted code for GPGPU (OpenCL,cuda or already compiled one) ? Assuming that memory on graphics card is cleared before running such third-party untrusted code, are there any security risks? What kind of risks? Any way to prevent them ? (Possible sandboxing on gpgpu or other technique?) P.S. I am more interested in gpu binary code level security rather than hight-level gpgpu programming language security (But those solutions are welcome as well). What I mean is that references to gpu opcodes (a.k.a machine code) are welcome.

    Read the article

  • SharePoint Navigation Custom Link Security Trimming

    - by ifunky
    Hi, We've got our navigation setup so that subsites show in the global navigation but we have a requirement to also put custom links to external sites which is straight forward. The tricky part is that some of the custom links need security trimming which you don't get when you add your own links to the navigation. Just wondering if anyone has got some ideas on how to work around this? Thanks Dan

    Read the article

  • JNDI Issues: Jboss 4.2.2 Spring 2.5 and hibernate ejb

    - by jon077
    I have a strange problem, that is causing me some grief. If the following jar is in my classpath: <dependency> <groupId>org.hibernate</groupId> <artifactId>org.hibernate.ejb</artifactId> <version>3.3.2.GA</version> </dependency> My JNDI lookup for my datasource returns null. Here is the basic code I am using to do the lookup: InitialDirContext ctx = new InitialDirContext(env); DataSource dataSource = (DataSource)ctx.lookup("java:dataContent"); Otherwise, the DataSource returns fine from the context. Unfortunately, I need the jar in order to avoid ClassCastExceptions within Jboss 4.2.2. Any help is appreciated.

    Read the article

< Previous Page | 127 128 129 130 131 132 133 134 135 136 137 138  | Next Page >