Search Results

Search found 3942 results on 158 pages for 'logged'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 133/158 | < Previous Page | 129 130 131 132 133 134 135 136 137 138 139 140  | Next Page >

  • Output reformatted text within a file included in a JSP

    - by javanix
    I have a few HTML files that I'd like to include via tags in my webapp. Within some of the files, I have pseudo-dynamic code - specially formatted bits of text that, at runtime, I'd like to be resolved to their respective bits of data in a MySQL table. For instance, the HTML file might include a line that says: Welcome, [username]. I want this resolved to (via a logged-in user's data): Welcome, [email protected]. This would be simple to do in a JSP file, but requirements dictate that the files will be created by people who know basic HTML, but not JSP. Simple text-tags like this should be easy enough for me to explain to them, however. I have the code set up to do resolutions like that for strings, but can anyone think of a way to do it across files? I don't actually need to modify the file on disk - just load the content, modify it, and output it w/in the containing JSP file. I've been playing around with trying to load the files into strings via the apache readFileToString, but I can't figure out how to load files from a specific folder within the webapp's content directory without hardcoding it in and having to worry about it breaking if I deploy to a different system in the future.

    Read the article

  • PDO prepare silently fails

    - by Wabbitseason
    I'm experimenting with PHP's session_set_save_handler and I'd like to use a PDO connection to store session data. I have this function as a callback for write actions: function _write($id, $data) { logger('_WRITE ' . $id . ' ' . $data); try { $access = time(); $sql = 'REPLACE INTO sessions SET id=:id, access=:access, data=:data'; logger('This is the last line in this function that appears in the log.'); $stmt = $GLOBALS['db']->prepare($sql); logger('This never gets logged! :('); $stmt->bindParam(':id', $id, PDO::PARAM_STR); $stmt->bindParam(':access', $access, PDO::PARAM_INT); $stmt->bindParam(':data', $data, PDO::PARAM_STR); $stmt->execute(); $stmt->closeCursor(); return true; } catch (PDOException $e) { logger('This is never executed.'); logger($e->getTraceAsString()); } } The first two log messages always show up, but the third one right after $stmt = $GLOBALS['db']->prepare($sql) never makes it to the log file and there's no trace of an exception either. The sessions db table remains empty. The log message from the _close callback is always present. Here's how I connect to the database: $db = new PDO('mysql:host=' . DBHOST . ';dbname=' . DBNAME, DBUSER, DBPASS); $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); I have PHP 5.2.10. I tried to simply run $GLOBALS['db']->exec($sql) with a "manually prepared" $sql content, but it still failed silently. The query itself is all right I was able to execute it via the db console.

    Read the article

  • User Control not loading based on location

    - by mwright
    I have an ASP.net MVC solution that uses nested master pages to load content. On the first Master page I load a header, then have the Content Placeholder, and then load a footer. This master page is referenced by another master page which adds some additional information based on the user being logged in or not. When I load a page that references these master pages, the header loads, but the footer does not. If I move the footer up above the Content Place Holder it loads into the page. Any ideas why this might be the case? The code for the master page that contains the footer is as follows: <%@ Master Language="C#" Inherits="System.Web.Mvc.ViewMasterPage" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" > <head runat="server"> <title> <asp:ContentPlaceHolder ID="TitleContent" runat="server" /> </title> </head> <body> <div class="header"> <% Html.RenderPartial("Header"); %> </div> <div> <asp:ContentPlaceHolder ID="MainContent" runat="server"> </asp:ContentPlaceHolder> </div> <div class="footer"> <% Html.RenderPartial("Footer"); %> </div> </body> </html>

    Read the article

  • Network Authentication when running exe from WMI

    - by Andy
    Hi, I have a C# exe that needs to be run using WMI and access a network share. However, when I access the share I get an UnauthorizedAccessException. If I run the exe directly the share is accessible. I am using the same user account in both cases. There are two parts to my application, a GUI client that runs on a local PC and a backend process that runs on a remote PC. When the client needs to connect to the backend it first launches the remote process using WMI (code reproduced below). The remote process does a number of things including accessing a network share using Directory.GetDirectories() and reports back to the client. When the remote process is launched automatically by the client using WMI, it cannot access the network share. However, if I connect to the remote machine using Remote Desktop and manually launch the backend process, access to the network share succeeds. The user specifed in the WMI call and the user logged in for the Remote Desktop session are the same, so the permissions should be the same, shouldn't they? I see in the MSDN entry for Directory.Exists() it states "The Exists method does not perform network authentication. If you query an existing network share without being pre-authenticated, the Exists method will return false." I assume this is related? How can I ensure the user is authenticated correctly in a WMI session? ConnectionOptions opts = new ConnectionOptions(); opts.Username = username; opts.Password = password; ManagementPath path = new ManagementPath(string.Format("\\\\{0}\\root\\cimv2:Win32_Process", remoteHost)); ManagementScope scope = new ManagementScope(path, opts); scope.Connect(); ObjectGetOptions getOpts = new ObjectGetOptions(); using (ManagementClass mngClass = new ManagementClass(scope, path, getOpts)) { ManagementBaseObject inParams = mngClass.GetMethodParameters("Create"); inParams["CommandLine"] = commandLine; ManagementBaseObject outParams = mngClass.InvokeMethod("Create", inParams, null); }

    Read the article

  • Can't install do_mysql gem?

    - by maccy1
    I'm trying to install the do_mysql on my Snow Leopord system Macbook Pro 13", but I keep getting this error: n216-160:~ myself$ sudo gem1.9 install do_mysql Password: Building native extensions. This could take a while... ERROR: Error installing do_mysql: ERROR: Failed to build gem native extension. /opt/local/bin/ruby1.9 extconf.rb checking for mysql_query() in -lmysqlclient... no *** extconf.rb failed *** Could not create Makefile due to some reason, probably lack of necessary libraries and/or headers. Check the mkmf.log file for more details. You may need configuration options. Provided configuration options: --with-opt-dir --without-opt-dir --with-opt-include --without-opt-include=${opt-dir}/include --with-opt-lib --without-opt-lib=${opt-dir}/lib --with-make-prog --without-make-prog --srcdir=. --curdir --ruby=/opt/local/bin/ruby1.9 --with-mysql-config --without-mysql-config --with-mysql-dir --without-mysql-dir --with-mysql-include --without-mysql-include=${mysql-dir}/include --with-mysql-lib --without-mysql-lib=${mysql-dir}/lib --with-mysqlclientlib --without-mysqlclientlib Gem files will remain installed in /opt/local/lib/ruby1.9/gems/1.9.1/gems/do_mysql-0.10.0 for inspection. Results logged to /opt/local/lib/ruby1.9/gems/1.9.1/gems/do_mysql-0.10.0/ext/do_mysql_ext/gem_make.out n216-160:~ myself$ I have no idea why. I also reinstalled my verison of MySQL with the MySQL 5.4.3 beta, 64-bit as others suggested but no dice. Does anyone have any idea what is wrong?

    Read the article

  • A way to enable a LaunchDaemon to output sound?

    - by Varun Mehta
    I have a small Foundation application that checks a website and plays a sound if it sees a certain value. This application successfully plays a sound when I run it as my user from the Terminal. I've configured this app to run as a LaunchDaemon, with the following plist: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Label</key> <string>org.myorg.appidentifier</string> <key>ProgramArguments</key> <array> <string>/Users/varunm/path/to/cli/application</string> </array> <key>KeepAlive</key> <true/> <key>RunAtLoad</key> <true/> </dict> </plist> When I have this service launched I can see it successfully read in and log values from the website, but it never generates any sound. The sound files are located in the same directory as the binary, and I use the following code: NSSound *soundToPlay = [[NSSound alloc] initWithContentsOfFile:@"sound.wav" byReference:NO]; [soundToPlay setDelegate:stopper]; [soundToPlay play]; while (g_keepRunning) { [[NSRunLoop currentRunLoop] runUntilDate:[NSDate dateWithTimeIntervalSinceNow:1.0]]; } [soundToPlay setCurrentTime:0.0]; Is there any way to get my LaunchDaemon application to play sound? This machine gets run by different people, and sometimes has no one logged in, which is why I have to configure it as a LaunchDaemon.

    Read the article

  • E-Commerce Security: Only Credit Card Fields Encrypted?!

    - by bizarreunprofessionalanddangerous
    I'd like your opinions on how a major bricks-and-mortar company is running the security for its shopping Web site. After a recent update, when you are logged into your shopping account, the session is now not secured. No 'https', no browser 'lock'. All the personal contact info, shopping history -- and if I'm not mistaken submit and change password -- are being sent unencrypted. There is a small frame around the credit card fields that is https. There's a little notice: "Our website is secure. Our website uses frames and because of this the secure icon will not appear in your browser" On top of this the most prominent login fields for the site are broken, and haven't gotten fixed for a week or longer (giving the distinct impression they have no clue what's going on and can't be trusted with anything). Now is it just me -- or is this simply incomprehensible for a billion dollar company, significant shopping site, in the year 2010. No lock. "We use frames" (maybe they forget "Best viewed in IE4"). Customers complaining, as you can see from their FAQ "explaining" why you aren't seeing https. I'm getting nowhere trying to convince customer service that they REALLY need to do something about this, and am about to head for the CEO. But I just want to make sure this is as BIZARRE and unprofessional and dangerous a situation as I think it is. (I'm trying to visualize what their Web technical team consists of. I'm getting A) some customer service reps who were given a 3 hour training course on Web site maintenance, B) a 14 year old boy in his bedroom masquerading as a major technical services company, C) a guy in a hut in a jungle with an e-commerce book from 1996.)

    Read the article

  • Using the Search API with Sharepoint Foundation 2010 - 0 results

    - by MB
    I am a sharepoint newbee and am having trouble getting any search results to return using the search API in Sharepoint 2010 Foundation. Here are the steps I have taken so far. The Service Sharepoint Foundation Search v4 is running and logged in as Local Service Under Team Site - Site Settings - Search and Offline Availability, Indexing Site Content is enabled. Running the PowerShell script Get-SPSearchServiceInstance returns TypeName : SharePoint Foundation Search Description : Search index file on the search server Id : 91e01ce1-016e-44e0-a938-035d37613b70 Server : SPServer Name=V-SP2010 Service : SPSearchService Name=SPSearch4 IndexLocation : C:\Program Files\Common Files\Microsoft Shared\Web Server Exten sions\14\Data\Applications ProxyType : Default Status : Online When I do a search using the search textbox on the team site I get a results as I would expect. Now, when I try to duplicate the search results using the Search API I either receive an error or 0 results. Here is some sample code: using Microsoft.SharePoint.Search.Query; using (var site = new SPSite(_sharepointUrl, token)) { // FullTextSqlQuery fullTextSqlQuery = new FullTextSqlQuery(site) { QueryText = String.Format("SELECT Title, SiteName, Path FROM Scope() WHERE \"scope\"='All Sites' AND CONTAINS('\"{0}\"')", searchPhrase), //QueryText = String.Format("SELECT Title, SiteName, Path FROM Scope()", searchPhrase), TrimDuplicates = true, StartRow = 0, RowLimit = 200, ResultTypes = ResultType.RelevantResults //IgnoreAllNoiseQuery = false }; ResultTableCollection resultTableCollection = fullTextSqlQuery.Execute(); ResultTable result = resultTableCollection[ResultType.RelevantResults]; DataTable tbl = new DataTable(); tbl.Load(result, LoadOption.OverwriteChanges); } When the scope is set to All Sites I retrieve an error about the search scope not being available. Other search just return 0 results. Any ideas about what I am doing wrong?

    Read the article

  • How can I test a CRON job with PHP?

    - by alex
    This is the first time I've ever used a CRON. I'm using it to parse external data that is automatically FTP'd to a subdirectory on our site. I have created a controller and model which handles the data. I can access the URL fine in my browser and it works (however I will be restricting this soon). My problem is, how can I test if it's working? I've added this to my controller for a quick and dirty log $file = 'test.txt'; $contents = ''; if (file_exists($file)) { $contents = file_get_contents($file); } $contents .= date('m-d-Y') . ' --- ' . PHP_SAPI . "\n\n"; file_put_contents($file, $contents); But so far only got requests logged from myself from the browser, despite having my CRON running ever minute. 03-18-2010 --- cgi-fcgi 03-18-2010 --- cgi-fcgi I've set it up using cPanel with the command index.php properties/update/ the 2nd portion is what I use to access the page in my browser. So how can I test this is working properly, and have I stuffed anything up? Note: I'm using Kohana 3. Many thanks

    Read the article

  • Is there stl and utf8 friendly C++ Wrapper for ICU, or other powerful unicode library

    - by artyom
    Hello, I need a good Unicode library for C++. I need Transformations in Unicode sensitive way. For example sort all strings in case insensitive way and get their first characters for index. Convert to upper and to lower various Unicode strings. Split text in reasonable position -- words that would work for Chinese and Japanese as well. Formatting numbers, dates in locale sensitive way (should be thread safe). Transparent support of utf8 (primary internal representation). As far as I know the best library is ICU. However, I can't find normal developer friendly API documentation with examples. Also as far as I see, it is not too friendly with modern C++ design, work with STL and so on. Like this std::string msg; unistring umsg.from_utf8(msg); unistring::word_iterator wi; for(wi=umsg.words().begin(),n=0;wi!=usmg.words().wi_end(),n<10;++wi,++n) ; msg=umsg.substr(umsg.words().begin(),wi).to_utf8(); cout<<_("Five 10 words are ")<<msg; Does anybody know good STL friendly ICU wrapper released under Open Source license preferred permissive like MIT or Boost, but others LGPLv2 compatible are ok as well. Is there another high quality library similar to ICU? Platform: UNIX/POSIX, Windows support is not required. Thanks, Artyom Edit: Unfortunatly I wasn't logged in so I can't make asnver accepted... I had attached the ansver by myself.

    Read the article

  • backbone.js Model.get() returns undefined, scope using coffeescript + coffee toaster?

    - by benipsen
    I'm writing an app using coffeescript with coffee toaster (an awesome NPM module for stitching) that builds my app.js file. Lots of my application classes and templates require info about the current user so I have an instance of class User (extends Backbone.Model) stored as a property of my main Application class (extends Backbone.Router). As part of the initialization routine I grab the user from the server (which takes care of authentication, roles, account switching etc.). Here's that coffeescript: @user = new models.User @user.fetch() console.log(@user) console.log(@user.get('email')) The first logging statement outputs the correct Backbone.Model attributes object in the console just as it should: User _changing: false _escapedAttributes: Object _pending: Object _previousAttributes: Object _silent: Object attributes: Object account: Object created_on: "1983-12-13 00:00:00" email: "[email protected]" icon: "0" id: "1" last_login: "2012-06-07 02:31:38" name: "Ben Ipsen" roles: Object __proto__: Object changed: Object cid: "c0" id: "1" __proto__: ctor app.js:228 However, the second returns undefined despite the model attributes clearly being there in the console when logged. And just to make things even more interesting, typing "window.app.user.get('email')" into the console manually returns the expected value of "[email protected]"... ? Just for reference, here's how the initialize method compiles into my app.js file: Application.prototype.initialize = function() { var isMobile; isMobile = navigator.userAgent.match(/(iPhone|iPod|iPad|Android|BlackBerry)/); this.helpers = new views.DOMHelpers().initialize().setup_viewport(isMobile); this.user = new models.User(); this.user.fetch(); console.log(this.user); console.log(this.user.get('email')); return this; }; I initialize the Application controller in my static HTML like so: jQuery(document).ready(function(){ window.app = new controllers.Application(); }); Suggestions please and thank you!

    Read the article

  • Deleting a resource in a Cucumber (Capybara) step doesn't work

    - by Josiah Kiehl
    Here is my Scenario: Scenario: Delete a match Given pojo is logged in And there is a match with the following: | game_id | 1 | | name | Game del Pojo | | date_and_time | 2010-02-23 17:52:00 | | players | 2 | | teams | 2 | | comment | This is an awesome comment | | user_id | 1 | And I am on the show match 1 page And show me the page When I follow "Delete" And I follow "Yes, delete it" Then there should not be a match with the following: | game_id | 1 | | name | Game del Pojo | | date_and_time | 2010-02-23 17:52:00 | | players | 2 | | teams | 2 | | comment | This is an awesome comment | | user_id | 1 | If I walk through these steps manually, they work. When I click the confirmation: Yes, delete it, then the match is deleted. Cucumber, however, fails to delete the record and the last step fails. And I follow "Yes, delete it" # features/step_definitions/web_steps.rb:32 Then there should not be a match with the following: # features/step_definitions/match_steps.rb:8 | game_id | 1 | | name | Game del Pojo | | date_and_time | 2010-02-23 17:52:00 | | players | 2 | | teams | 2 | | comment | This is an awesome comment | | user_id | 1 | <nil> expected but was <#<Match id: 1, name: "Game del Pojo", date_and_time: "2010-02-23 17:52:00", teams: 2, created_at: "2010-03-02 23:06:33", updated_at: "2010-03-02 23:06:33", comment: "This is an awesome comment", players: 2, game_id: 1, user_id: 1>>. (Test::Unit::AssertionFailedError) /usr/lib/ruby/1.8/test/unit/assertions.rb:48:in `assert_block' /usr/lib/ruby/1.8/test/unit/assertions.rb:495:in `_wrap_assertion' /usr/lib/ruby/1.8/test/unit/assertions.rb:46:in `assert_block' /usr/lib/ruby/1.8/test/unit/assertions.rb:83:in `assert_equal' /usr/lib/ruby/1.8/test/unit/assertions.rb:172:in `assert_nil' ./features/step_definitions/match_steps.rb:22:in `/^there should (not)? be a match with the following:$/' features/matches.feature:124:in `Then there should not be a match with the following:' Any clue how to debug this? Thanks!

    Read the article

  • How to detect the error raised on a particular codeline?

    - by infant programmer
    [Please edit the title if you find its not good enough] I have code which triggers XSL-transformation: objMemoryStream = new MemoryStream(); xslTransform = new XslCompiledTransform(); xpathXmlOrig = new XPathDocument("E:\\xslt error\\Simulation_of_error\\input.xml"); xslSettings = new XsltSettings(); xslSettings.EnableScript = true; xslTransform.Load(strXmlQueryTransformPath, xslSettings, new XmlUrlResolver()); xslTransform.Transform(xpathXmlOrig, null, objMemoryStream); objMemoryStream.Position = 0; StreamReader objStreamReader = new StreamReader(objMemoryStream); The method xslTransform.Load(strXmlQueryTransformPath, xslSettings, new XmlUrlResolver()); is a victim, which fails some times due to some time-out issue. I want to detect the failure of this codeline and execute again until it successfully executes! I tried using "TRY CATCH and WHILE methods": bool flag = true; do { try { xslTransform.Load(strXmlQueryTransformPath, xslSettings, new XmlUrlResolver()); flag = false; } catch { flag = true; } } while (flag); but the problem is "error is getting logged in the log file", Well. The whole code is under one more try statement, which I suspect is writing to log. Which is what I don't want... I don't want end user to know about the failure of this codeline. Is there anyway to get it done?

    Read the article

  • What are some good ways to store performance statistics in a database for querying later?

    - by Nathan
    Goal: Store arbitrary performance statistics of stuff that you care about (how many customers are currently logged on, how many widgets are being processed, etc.) in a database so that you can understand what how your servers are doing over time. Assumptions: A database is already available, and you already know how to gather the information you want and are capable of putting it in the database however you like. Some Ideal Attributes of a Solution Causes no noticeable performance hit on the server being monitored Has a very high precision of measurement Does not store useless or redundant information Is easy to query (lends itself to gathering/displaying useful information) Lends itself to being graphed easily Is accurate Is elegant Primary Questions 1) What is a good design/method/scheme for triggering the storing of statistics? 2) What is a good database design for how to actually store the data? Example answers...that are sort of vague and lame... 1) I could, once per [fixed time interval], store a row of data with all the performance measurements I care about in each column of one big flat table indexed by timestamp and/or server. 2) I could have a daemon monitoring performance stuff I care about, and add a row whenever something changes (instead of at fixed time intervals) to a flat table as in #1. 3) I could trigger either as in #2, but I could store information about each aspect of performance that I'm measuring in separate tables, opening up the possibility of adding tons of rows for often-changing items, and few rows for seldom-changing items. Etc. In the end, I will implement something, even if it's some super-braindead approach I make up myself, but I'm betting there are some really smart people out there willing to share their experiences and bright ideas!

    Read the article

  • Facebook Open Graph - post to all approved users feeds.

    - by simnom
    Hi, I'm struggling to get to grips with posting a feed item to all the members of an approved application. Within the application settings for the user it is stating that the application has permission to post to the wall but I can only achieve this if that user is currently logged in to facebook. Obviously I would like this to function so that any items I uploaded are posted to all the members of the application at any one time. I am using the Facebook PHP SDK from http://github.com/facebook/php-sdk/ and currrently my code is as follows: require 'src/facebook.php'; //Generates access token for this transaction $accessToken = file_get_contents("https://graph.facebook.com/oauth/access_token?type=client_cred&client_id=MyAppId&client_secret=MySecret"); //Gets the full user details as an object $contents = json_decode(file_get_contents("https://graph.facebook.com/SomeUserId?scope=publish_stream&" . $accessToken)); print_r($contents); if ($facebook->api('/' . $contents->id . '/feed', 'POST', array( 'title' => 'New and Improved, etc - 12/03/2010', 'link' => 'http://www.ib3.co.uk/news/2010/03/12/new-and-improved--etc', 'picture' => 'http://www.ib3.co.uk/userfiles/image/etc-booking.jpg', 'scope' => 'publish_stream' ) )==TRUE) { echo "message posted"; } else { echo "message failed"; } The output from $contents shows the expected user details but nothing relating to the permissions for my application. Am I missing a trick here? Then using the $facebook-api() function I am receiving a #200 - Permissions error. The application does not have permission to perform this action. This is driving me a little potty as I suspect I'm missing something straightforward with the authorisation but what? Many thanks in advance for an assistance offered.

    Read the article

  • Problem running python/matplotlib in background after ending ssh session.

    - by Jamie
    Hi there, I have to VPN and then ssh from home to my work server and want to run a python script in the background, then log out of the ssh session. My script makes several histogram plots using matplotlib, and as long as I keep the connection open everything is fine, but if I log out I keep getting an error message in the log file I created for the script. File "/Home/eud/jmcohen/.local/lib/python2.5/site-packages/matplotlib/pyplot.py", line 2058, in loglog ax = gca() File "/Home/eud/jmcohen/.local/lib/python2.5/site-packages/matplotlib/pyplot.py", line 582, in gca ax = gcf().gca(**kwargs) File "/Home/eud/jmcohen/.local/lib/python2.5/site-packages/matplotlib/pyplot.py", line 276, in gcf return figure() File "/Home/eud/jmcohen/.local/lib/python2.5/site-packages/matplotlib/pyplot.py", line 254, in figure **kwargs) File "/Home/eud/jmcohen/.local/lib/python2.5/site-packages/matplotlib/backends/backend_tkagg.py", line 90, in new_figure_manager window = Tk.Tk() File "/Home/eud/jmcohen/.local/lib/python2.5/lib-tk/Tkinter.py", line 1647, in __init__ self.tk = _tkinter.create(screenName, baseName, className, interactive, wantobjects, useTk, sync, use) _tkinter.TclError: couldn't connect to display "localhost:10.0" I'm assuming that it doesn't know where to create the figures I want since I close my X11 ssh session. If I'm logged in while the script is running I don't see any figures popping up (although that's because I don't have the show() command in my script), and I thought that python uses tkinter to display figures. The way that I'm creating the figures is, loglog() hist(list,x) ylabel('y') xlabel('x') savefig('%s_hist.ps' %source.name) close() The script requires some initial input, so the way I'm running it in the background is python scriptToRun.py << start>& logfile.log& Is there a way around this, or do I just have to stay ssh'd into my machine? Thanks.

    Read the article

  • How to write custom (odd) authentication plugins for Wordpress, Joomla and MediaWiki?

    - by Bart van Heukelom
    On our network (a group of related websites - not a LAN) we have a common authentication system which works like this: On a network site ("consumer") the user clicks on a login link This redirects the user to a login page on our auth system ("RAS"). Upon successful login the user is directed back to the consumer site. Extra data is passed in the query string. This extra data does not include any information about the user yet. The consumer site's backend contacts RAS, with this extra data, to get the information about the logged in user (id, name, email, preferences, etc.). So as you can see, the consumer site knows nothing about the authentication method. It doesn't know if it's by username/password, fingerprint, smartcard, or winning a game of poker. This is the main problem I'm encountering when trying to find out how I could write custom authentication plugins for these packages, acting as consumer sites: Wordpress Joomla MediaWiki For example Joomla offers a pretty simple auth plugin system, but it depends on a username/password entered on the Joomla site. Any hints on where to start?

    Read the article

  • How to handle authenticated user access to resources in document oriented system?

    - by Jeremy Raymond
    I'm developing a document oriented application and need to manage user access to the documents. I have a module that handles user authentication, and another module that handles document CRUD operations on the data store. Once a user is authenticated I need to enforce what operations the user can and cannot perform to documents based upon the user's permissions. The best option I could think of to integrate these two pieces together would be to create another module that duplicates the data API but that also takes the authenticated user as a parameter. The module would delegate the authorization check to the auth module and delegate the document operation to the data access module. Something like: -module(auth_data_access). % User is authenticated (logged into the system) % save_doc validates if user is allowed to save the given document and if so % saves it returning ok, else returns {error, permission_denied} save_doc(Doc, User) -> case auth:save_allowed(Doc, User) of ok -> data_access:save_doc(Doc); denied -> {error, permission_denied} end end. Is there a better way I can handle this?

    Read the article

  • wcf trying to set up tracing to debug, not writing to log file

    - by joey j
    here's my web.config, running a WCF service in an application on IIS7, but nothing is being written to the specified file. permission on the file has been granted for everyone. </listeners> I can add a service reference just fine. I then try to call the service from a windows app and, after a few minutes, get an error on the machine running the windows app "Client is unable to finish the security negotiation within the configured timeout (00:00:00). The current negotiation leg is 1 (00:00:00)." but absolutely nothing is written to the trace log file specified in config. Is there something else I need to do to enable tracing? thanks for your help EDIT: "sources" section now matches the section recommended here: http://msdn.microsoft.com/en-us/library/aa702726.aspx I've added the "diagnostics and the event viewer shows: "Message Logging has been turned on. Sensitive information may be logged in the clear, even if it was encrypted on the wire: for example, message bodies. Process Name: w3wp Process ID: 1784 " but the log file is still empty

    Read the article

  • Session hijacking prevention...how far will my script get me? additional prevention procedures?

    - by Yusaf Khaliq
    When the user logs in the current session vairables are set $_SESSION['user']['timeout'] = time(); $_SESSION['user']['ip'] = $_SERVER['REMOTE_ADDR']; $_SESSION['user']['agent'] = $_SERVER['HTTP_USER_AGENT']; In my common.php page (required on ALL php pages) i have used the below script, which resets a 15 minute timer each time the user is active furhtermore checks the IP address and checks the user_agent, if they do not match that as of when they first logged in/when the session was first set, the session is unset furthermore with inactivity of up to 15 minutes the session is also unset. ... is what i have done a good method for preventing session hijacking furthermore is it secure and or is it enough? If not what more can be done? if(!empty($_SESSION['user'])){ if ($_SESSION['user']['timeout'] + 15 * 60 < time()) { unset($_SESSION['user']); } else { $_SESSION['user']['timeout'] = time(); if($_SESSION['user']['ip'] != $_SERVER['REMOTE_ADDR']){ unset($_SESSION['user']); } if($_SESSION['user']['agent'] != $_SERVER['HTTP_USER_AGENT']){ unset($_SESSION['user']); } } }

    Read the article

  • Access/Download server files, not in site root, with PHP

    - by user271619
    Usually I save documents (images, mpegs, excel, word docs, etc...) for my friends or family on my website's root, inside a directory called /files/ or something similar. Nothing too uncommon. But, I have been playing with user session control, and allowing users to upload files to the dedicated /files/ directory. (the file names are saved in a db, with that user's ID) But, that means other people could try to guess and locate other people's files. I do randomize the file names, upon upload. And I stop the apache from displaying the /files/ directory content. However, I'd like to start saving the files outside of the website's root. This way it can't be accessible via the browser. I don't have any code to show, but I didn't want to even start on this endeavor if it's not able to be accomplished. I did find this snippet that shows how to display an image, from outside your website root: $file = $_GET['file']; $fileDir = '/path/to/files/'; if (file_exists($fileDir . $file)) { // Note: You should probably do some more checks // on the filetype, size, etc. $contents = file_get_contents($fileDir . $file); // Note: You should probably implement some kind // of check on filetype header('Content-type: image/jpeg'); echo $contents; } ? Maybe I can use this for any file type, but has anyone heard of a better way to allow users (logged in) to access their files from online, but not letting other users has similar access?

    Read the article

  • Is a GWT app running on Google App Engine protected from CSRF

    - by gerdemb
    I'm developing a GWT app running on the Google App Engine and wondering if I need to worry about Cross-site request forgery or is that automatically taken care of for me? For every RPC request that requires authentication, I have the following code: public class BookServiceImpl extends RemoteServiceServlet implements BookService { public void deleteInventory(Key<Inventory> inventoryKey) throws NotLoggedInException, InvalidStateException, NotFoundException { DAO dao = new DAO(); // This will throw NotLoggedInException if user is not logged in User user = dao.getCurrentUser(); // Do deletion here } } public final class DAO extends DAOBase { public User getCurrentUser() throws NotLoggedInException { currentUser = UserServiceFactory.getUserService().getCurrentUser(); if(currentUser == null) { throw new NotLoggedInException(); } return currentUser; } I couldn't find any documentation on how the UserService checks authentication. Is it enough to rely on the code above or do I need to to more? I'm a beginner at this, but from what I understand to avoid CSRF attacks some of the strategies are: adding an authentication token in the request payload instead of just checking a cookie checking the HTTP Referer header I can see that I have cookies set from Google with what look like SID values, but I can't tell from the serialized Java objects in the payloads if tokens are being passed or not. I also don't know if the Referer header is being used or not. So, am I worrying about a non-issue? If not, what is the best strategy here? This is a common enough problem, that there must be standard solutions out there...

    Read the article

  • Little help with some (simple) Javascript code

    - by lerac
    I'm a newb when it comes to javascript. Perhaps somebody could help me with this. I assume it is not very complicated. This is what I would like: <SCRIPT type=text/javascript> var StandardURL = "http://site/Lists/test/AllItems.aspx"; </script> <SCRIPT type=text/javascript> var FilterURL = "http://site/Lists/test//AllItems.aspx?FilterField1=Judge&FilterValue1="; </script> var DynamicURL = FilterURL + DynamicUserInf (no space between it should be like one url link), dynamicuserinf contains different value depending on the user that is logged in no need to worry what is in it. It already contains a value befor this runs Get current URL in [var CurrentURL] <script language="JavaScript" type="text/javascript"> if (CurrentURL == StandardURL) { location.href= (DynamicURL);} </script> ElSE do nothing (i assume this is not neccarry with only one if statement) Hopefully not much of a mess.

    Read the article

  • VirtualHosting doesn't work. Logs me in through previous session

    - by Pablo
    When I log in with one browser session, I have to log in, but when I open another session it has automatically logged me in (as if I've picked up session 1), this does not happen if I use http://192.168.0.9:9070 It forces me to log in each time. So I know the application is working, it's just the proxy server that seems to apply the loging to each session (from http://icerap.limeo.com). # ************************************************************************ # Start of My stuff <<<------------------------------------------------------ # ************************************************************************ #<Proxy *> #Order Deny,Allow #Deny from all #Allow from 192.168.0 #</Proxy> # blog <VirtualHost *:80> ServerName icerap.limeo.com ProxyPass / http://192.168.0.9:9070/ ProxyPassReverse / http://192.168.0.9:9070/ </VirtualHost> # www <VirtualHost *:80> ServerName helpdesk.limeo.com ProxyPass / http://192.168.0.9:9055/ ProxyPassReverse / http://192.168.0.9:9055/ </VirtualHost> # blog <VirtualHost *:80> ServerName IceCake.limeo.com ProxyPass / http://192.168.0.9:9000/ ProxyPassReverse / http://192.168.0.9:9000/ </VirtualHost> # End of Limeo stuff <<<------------------------------------------------------ # ************************************************************************

    Read the article

  • Login page shows blank

    - by user481913
    The login page on a project i'm currently fixing up shows blank. i tried echoing some words to find out where the fault lied. I found out that commenting out the below piece of code made it to display. elseif( isset($_POST['do_login'] ) ){//Login user $email = (isset($_POST['login']) && is_string($_POST['login']) && strlen($_POST['login'])<100)?$_POST['login'] : null; $password = (isset($_POST['password']) && is_string($_POST['password']) && strlen($_POST['password'])<100)?$_POST['password'] : null; $remember = isset($_POST['chkremember']) ? true : false; $result = $auth->login($email, $password, $remember); switch($result){ case 1: $msg = 'You have successfully logged in.' break; case 2: $msg = 'Your account has not yet been confirmed. <br/> Please check the e-mail message sent by us and click the confirmation code to validate this account. <a href="user_login.php?view=resend&resend_email='.$email.'">resend activation e-mail</a>'; break; case 3: $msg = 'Your account is not enabled!'; break; case 4: $msg = 'Account with given login credentials does not exist!'; break; } } Can anyone help me figiure out what's wrong with this piece of code?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 129 130 131 132 133 134 135 136 137 138 139 140  | Next Page >