Search Results

Search found 16554 results on 663 pages for 'programmers identity'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 133/663 | < Previous Page | 129 130 131 132 133 134 135 136 137 138 139 140  | Next Page >

  • Where to Perform Authentication in REST API Server?

    - by David V
    I am working on a set of REST APIs that needs to be secured so that only authenticated calls will be performed. There will be multiple web apps to service these APIs. Is there a best-practice approach as to where the authentication should occur? I have thought of two possible places. Have each web app perform the authentication by using a shared authentication service. This seems to be in line with tools like Spring Security, which is configured at the web app level. Protect each web app with a "gateway" for security. In this approach, the web app never receives unauthenticated calls. This seems to be the approach of Apache HTTP Server Authentication. With this approach, would you use Apache or nginx to protect it, or something else in between Apache/nginx and your web app? For additional reference, the authentication is similar to services like AWS that have a non-secret identifier combined with a shared secret key. I am also considering using HMAC. Also, we are writing the web services in Java using Spring. Update: To clarify, each request needs to be authenticated with the identifier and secret key. This is similar to how AWS REST requests work.

    Read the article

  • As a solo programmer, of what use can Gerrit be?

    - by s.d
    Disclaimer: I'm aware of the questions How do I review my own code? and What advantages do continuous integration tools offer on a solo project?. I do feel that this question aims at a different set of answers though, as it is about a specific software, and not about general musings about the use of this or that practice or tech stack. I'm a solo programmer for an Eclipse RCP-based project. To be able to control myself and the quality of my software, I'm in the process of setting up a CSI stack. In this, I follow the Eclipse Common Build Infrastructure guidelines, with the exception that I will use Jenkins rather than Hudson. Sticking to these guidelines will hopefully help me in getting used to the Eclipse way of doing things, and I hope to be able to contribute some code to Eclipse in the future. However, CBI includes Gerrit, a code review software. While I think it's really helpful for teams, and I will employ it as soon as the team grows to at least two developers, I'm wondering how I could use it while I'm still solo. Question: Is there a use case for Gerrit that takes into account solo developers? Notes: I can imagine reviewing code myself after a certain amount of time to gain a little distance to it. This does complicate the workflow though, as code will only be built once it's been passed through code review. This might prove to be a "trap" as I might be tempted to quickly push bad code through Gerrit just to get it built. I'm very interested in hearing how other solo devs have made use of Gerrit.

    Read the article

  • Can I remove all-caps and shorten the disclaimer on my License?

    - by stefano palazzo
    I am using the MIT License for a particular piece of code. Now, this license has a big disclaimer in all-caps: THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF... ... I've seen a normally capitalised disclaimer on the zlib license (notice that it is above the license text), and even software with no disclaimer at all (which implies, i take it, that there is indeed a guarantee?), but i'd like some sourced advice by a trusted party. I just haven't found any. GNU's License notice for other files comes with this disclaimer: This file is offered as-is, without any warranty. Short and simple. My question therefore: Are there any trusted sources indicating that a short rather than long, and a normally spelled rather than capitalised disclaimer (or even one or the other) are safely usable in all of the jurisdictions I should be concerned with? If the answer turns out to be yes: Why not simply use the short license notice that the fsf proposes for readme-files and short help documents instead of the MIT License? Is there any evidence suggesting this short 'license' will not hold up? For the purposes of this question, the software is released in the European Union, should it make any difference.

    Read the article

  • Dependency Injection/IoC container practices when writing frameworks

    - by Dave Hillier
    I've used various IoC containers (Castle.Windsor, Autofac, MEF, etc) for .Net in a number of projects. I have found they tend to encourage a number of bad practices. Are there any established practices for IoC container use, particularly when providing a platform/framework? My aim as a framework writer is to make code as simple and as easy to use as possible. I'd rather write one line of code to construct an object than ten or even just two. For example, a couple of code smells that I've noticed and don't have good suggestions to: Large number of parameters (5) for constructors. Creating services tends to be complex; all of the dependencies are injected via the constructor - despite the fact that the components are rarely optional (except for maybe in testing). Lack of private and internal classes; this one may be a specific limitation of using C# and Silverlight, but I'm interested in how it is solved. It's difficult to tell what a frameworks interface is if all the classes are public; it allows me access to private parts that I probably shouldnt touch. Coupling the object lifecycle to the IoC container. It is often difficult to manually construct the dependencies required to create objects. Object lifecycle is too often managed by the IoC framework. I've seen projects where most classes are registered as Singletons. You get a lack of explicit control and are also forced to manage the internals (it relates to the above point, all classes are public and you have to inject them). For example, .Net framework has many static methods. such as, DateTime.UtcNow. Many times I have seen this wrapped and injected as a construction parameter. Depending on concrete implementation makes my code hard to test. Injecting a dependency makes my code hard to use - particularly if the class has many parameters. How do I provide both a testable interface, as well as one that is easy to use? What are the best practices?

    Read the article

  • Are C++ templates just a kind of glorified macros?

    - by Gulshan
    From different comparisons among C++ templates and C#/Java generics like this one- http://stackoverflow.com/questions/31693/what-are-the-differences-between-generics-in-c-and-java-and-templates-in-c/31929#31929 I have a got a perception that, C++ templates are implemented by some kind of preprocessing, not compiling. In other words, they are just a kind of C macros. Is this right? Then I felt that, if C++ templates are implemented by preprocessing, dynamic linking(.dll) cannot be used. A quick google search also supports this. And lastly, how can we use macros in C to deliver C++ templates like functionalities? Another thing came in my mind about templates similar to some kind of preprocessor that, there can be integers passed as arguments to some templates. And it even supports kind of recursion. But the recursion is not in the assembly/machine code. So, am I wrong calling templates glorified macros? Unlike normal macros, it has some superior abilities. But isn't it a kind of preprocessing?

    Read the article

  • Is there a language where collections can be used as objects without altering the behavior?

    - by Dokkat
    Is there a language where collections can be used as objects without altering the behavior? As an example, first, imagine those functions work: function capitalize(str) //suppose this *modifies* a string object capitalizing it function greet(person): print("Hello, " + person) capitalize("pedro") >> "Pedro" greet("Pedro") >> "Hello, Pedro" Now, suppose we define a standard collection with some strings: people = ["ed","steve","john"] Then, this will call toUpper() on each object on that list people.toUpper() >> ["Ed","Steve","John"] And this will call greet once for EACH people on the list, instead of sending the list as argument greet(people) >> "Hello, Ed" >> "Hello, Steve" >> "Hello, John"

    Read the article

  • What can I do with the twitter API?

    - by aditya menon
    I've tried googling for this but could not find concrete developer examples. When building mundane daily web applications like Classified websites, Job boards or Intranet targeted Document Management Systems, how can the twitter API help me do more things. May I please have some examples on how developers have used twitter to make their apps better? Other than the obvious use for promotional and search engine optimization purpose (yay there's a new job post on our site), what can I do with it? Also, am I late to the party? I hear a lot of upset on the internet about how twitter is apparently slowly betraying developers (I don't understand the specifics), so should I even look at the system or consider alternatives?

    Read the article

  • DDD Model Design and Repository Persistence Performance Considerations

    - by agarhy
    So I have been reading about DDD for some time and trying to figure out the best approach on several issues. I tend to agree that I should design my model in a persistent agnostic manner. And that repositories should load and persist my models in valid states. But are these approaches realistic practically? I mean its normal for a model to hold a reference to a collection of another type. Persisting that model should mean persist the entire collection. Fine. But do I really need to load the entire collection every time I load the model? Probably not. So I can have specialized repositories. Some that load maybe a subset of the object graph via DTOs and others that load the entire object graph. But when do I use which? If I have DTOs, what's stopping client code from directly calling them and completely bypassing the model? I can have mappers and factories to create my models from DTOs maybe? But depending on the design of my models that might not always work. Or it might not allow my models to be created in a valid state. What's the correct approach here?

    Read the article

  • Intellectual Property for in house development

    - by Kyle Rogers
    My company is a sub contractor on a major government contract. Over the past 5 years we've been developing in house applications to help support our company and streamline our work. Apparently in 2008 our president of the company at that time signed a continuation of services contract with the company we subcontract with on this project. In the contract amendment various things were discussed such as intellectual property and the creation of new and existing tools. The contract states that all the subcontractor's tools/scripts/etc... become the intellectual property of the main contractor holder. Basically all tools that were created in support of the project which we work on are no longer ours exclusively and they have rights to them. My company really doesn't do software development specifically but because of this contract these tools helped tremendously with our daily tasking. Does my company have any sort of recourse or actions to help keep our tools? My team of developers were completely unaware of any of these negotiations and until recently were kept in the dark about the agreements that were made. Do we as developers have any rights to the software? Since our company is not a software development shop, we have created all these tools without any sort of agreements or contracts within the company stating that we give our company full rights to our creations? I was reading an article by Joel Spolsky on this topic and was just wonder if there is any advice out there to help assist us? Thank you Joel Spolsky's Article

    Read the article

  • How to turn on/off code modules?

    - by Safran Ali
    I am trying to run multiple sites using single code base and code base consist of the following module (i.e. classes) User module Q & A module Faq module and each class works on MVC pattern i.e. it consist of Entity class Helper class (i.e. static class) View (i.e. pages and controls) and let's say I have 2 sites site1.com and site2.com. And I am trying to achieve following functionality site1.com can have User, Q & A and Faq module up and running site2.com can have User and Q & A module live while Faq module is switched off but it can be turned-on if needed, so my query here is what is the best way to achieve such functionality Do I introduce a flag bit that I check on every page and control belonging to that module? It's more like CMS where you can turn on/off different features. I am trying to get my head around it, please provide me with an example or point out if I am taking the wrong approach.

    Read the article

  • Python class representation under the hood

    - by decentralised
    OK, here is a simple Python class: class AddSomething(object): __metaclass__ = MyMetaClass x = 10 def __init__(self, a): self.a = a def add(self, a, b): return a + b We have specified a metaclass, and that means we could write something like this: class MyMetaClass(type): def __init__(cls, name, bases, cdict): # do something with the class Now, the cdict holds a representation of AddSomething: AddSomething = type('AddSomething', (object,), {'x' : 10, '__init__': __init__, 'add': add}) So my question is simple, are all Python classes represented in this second format internally? If not, how are they represented? EDIT - Python 2.7

    Read the article

  • What is the value in hiding the details through abstractions? Isn't there value in transparency?

    - by user606723
    Background I am not a big fan of abstraction. I will admit that one can benefit from adaptability, portability and re-usability of interfaces etc. There is real benefit there, and I don't wish to question that, so let's ignore it. There is the other major "benefit" of abstraction, which is to hide implementation logic and details from users of this abstraction. The argument is that you don't need to know the details, and that one should concentrate on their own logic at this point. Makes sense in theory. However, whenever I've been maintaining large enterprise applications, I always need to know more details. It becomes a huge hassle digging deeper and deeper into the abstraction at every turn just to find out exactly what something does; i.e. having to do "open declaration" about 12 times before finding the stored procedure used. This 'hide the details' mentality seems to just get in the way. I'm always wishing for more transparent interfaces and less abstraction. I can read high level source code and know what it does, but I'll never know how it does it, when how it does it, is what I really need to know. What's going on here? Has every system I've ever worked on just been badly designed (from this perspective at least)? My philosophy When I develop software, I feel like I try to follow a philosophy I feel is closely related to the ArchLinux philosophy: Arch Linux retains the inherent complexities of a GNU/Linux system, while keeping them well organized and transparent. Arch Linux developers and users believe that trying to hide the complexities of a system actually results in an even more complex system, and is therefore to be avoided. And therefore, I never try to hide complexity of my software behind abstraction layers. I try to abuse abstraction, not become a slave to it. Question at heart Is there real value in hiding the details? Aren't we sacrificing transparency? Isn't this transparency valuable?

    Read the article

  • How can I read data from a generated pointcloud, but from an other perspective of the camera? [migrated]

    - by Vlad Lata
    Basically what I'm trying to do is as follows: I have a software that generates and shows a pointcloud by analyzing Time-of-Flight data (Z-Data). This software has a GUI that delivers this pointcloud on a grid, and you can watch it and adjust the camera to change the perspective, or apply filtering to it and so on. Since the Z-data was recorder through a stereoscopic system, I want to obtain a perspective transformation. My idea was to simply change the position of the camera in the GUI and than add a button that sais (ex. New Perspective) that calls a function that would measure the distances from the existing pointcloud to the camera I'm viewing it from. Of course this would generate some occluded areas, but I want this to happen. And now the main question is: How can I do that? Are there any functions in OpenGL that measure the distance from an object to a camera, or is it even possible to do something like his? Or has someone some other idea? P.S. The software uses the qt sdk and opengl

    Read the article

  • Is the term "web portal" obselete?

    - by John Hamelink
    Firstly, sorry if this is the wrong place: I've looked at all the programming-related boards and this one seems like the best fit - correct me if I'm wrong. My boss uses the term "portal" for the project I work on all the time. To me, the word makes me think of Yahoo in the late 90s. Does the word "portal" have old-school connotations, or is it just me? Do you think it's ok to use it, and not drag our client's perception of the product down into the middle-ages? Or again, am I just being weird?

    Read the article

  • Does it make sense to develop open source python library for database inspection?

    - by gruszczy
    Some time ago I came up with an idea for a library for database inspection. I started developing it and got some very basic functionality, just to check if that's possible. Recently however, I get second thoughts, whether such project would really be useful. I am actually planning to develop following software suite: library for python, that would provide easy interface to inspect database structure, desktop application in PyQt that would use the interface to provide graphical database inspection, web application in Django that would use the interface to provide database inspection through the browser. Do you think such suite would be useful for other developers/database administrators/analysts? I know, that there is pgadmin for PostgreSQL and some tool for sqlite3 and that there is Java tool called DBInspect. Usually I would be against creating new tool and rather join existing project, but I am not Java programmer (and I would rather stick to python or C, which I like) and none of these projects provide a library for database inspection. Anyway I would like to hear some opinions from fellow developers, whether such project make sense or I should try to spend my free time on developing something else.

    Read the article

  • Generic and type safe I/O model in any language

    - by Eduardo León
    I am looking for an I/O model, in any programming language, that is generic and type safe. By genericity, I mean there should not be separate functions for performing the same operations on different devices (read_file, read_socket, read_terminal). Instead, a single read operation works on all read-able devices, a single write operation works on all write-able devices, and so on. By type safety, I mean operations that do not make sense should not even be expressible in first place. Using the read operation on a non-read-able device ought to cause a type error at compile time, similarly for using the write operation on a non-write-able device, and so on. Is there any generic and type safe I/O model?

    Read the article

  • Are Language Comparisons Meaningful?

    - by Prasoon Saurav
    Dr Bjarne Stroustrup in his book D&E says Several reviewers asked me to compare C++ to other languages. This I have decided against doing. Thereby, I have reaffirmed a long-standing and strongly held view: "Language comparisons are rarely meaningful and even less often fair" . A good comparison of major programming languages requires more effort than most people are willing to spend, experience in a wide range of application areas, a rigid maintenance of a detached and impartial point of view, and a sense of fairness. I do not have the time, and as the designer of C++, my impartiality would never be fully credible. -- The Design and Evolution of C++(Bjarne Stroustrup) Do you people agree with his this statement "Language comparisons are rarely meaningful and even less often fair"? Personally I think that comparing a language X with Y makes sense because it gives many more reasons to love/despise X/Y :-P What do you people think?

    Read the article

  • Voice echo in UDP based voice transmission [closed]

    - by Meherzad
    I have coded a java application for voice transmission between to ip in LAN. Here the code. public static Boolean flag= true; public static Boolean recFlag=true; DatagramSocket UDPSocket=null; AudioFormat format = null; TargetDataLine microphone=null; byte[] buffer=null; DatagramPacket UDPPacket=null; public void startChat(String ipAddress){ try{ buffer = new byte[1000]; UDPSocket=new DatagramSocket(1987); Thread th=new Thread(new Listener()); th.start(); microphone = AudioSystem.getTargetDataLine(format); format= new AudioFormat(8000.0f, 16, 1, true, true); UDPPacket = new DatagramPacket(buffer, buffer.length, InetAddress.getByName(ipAddress), 1988); microphone.open(format); microphone.start(); while (flag) { microphone.read(buffer, 0, buffer.length); UDPSocket.send(UDPPacket); } } catch(Exception e){ System.out.println(" ssss "+e.getMessage()); } } public class Listener extends Thread{ byte[] buff=new byte[1000]; DatagramSocket UDPSocket1=null; DatagramPacket recPacket=null; DataLine.Info info = new DataLine.Info(SourceDataLine.class, format); SourceDataLine line=null; @Override public void run(){ try{ UDPSocket1=new DatagramSocket(1988); format= new AudioFormat(8000.0f, 16, 1, true, true); line = (SourceDataLine) AudioSystem.getLine(info); line.open(format); line.start(); } catch(Exception e){ System.out.println("list "+ e.getMessage()); } recPacket=new DatagramPacket(buff, buff.length); while(recFlag){ try{ UDPSocket1.receive(recPacket); buff = (byte[])recPacket.getData(); line.write(buff, 0, buff.length); } catch(Exception e){ System.out.println("errr "+e.getMessage()); } } line.drain(); line.close(); } } Main problem which I am facing that I am getting only echo of my own voice. I am unable to hear voice from the other end only I am hearing is my own voice. Please suggest any solution.

    Read the article

  • Do employers hiring for Software jobs care about the classes you took in CS masters program?

    - by Joey Green
    I'm torn between two classes right now for next semester( Software Design and Advanced Computer Graphics ). I would enjoy Advanced Computer Graphics more, but I feel the software design class would help me when approaching anything I ever build for the rest of my career. I feel though I could just buy the book( I already have both books actually ) of the Software Design class and go through it, if I wanted. But think it would be a bit tougher to pick up the Advanced Computer Graphics class on my own. So do employers look at the graduate classes you've taken to decide if you would be a good fit or not? I think more importantly what I'm wanting to know is if I wanted to work for a high-end software company like Apple or Google would a company like that be more impressed by someone that took software engineering classes or hardcore CS classes?

    Read the article

  • How can I become more agile?

    - by dough
    The definition of an agile approach I've adopted is: working to reduce feedback loops, everywhere. I'd describe my Personal Development Process (PDP) as "not very agile" or "not agile enough"! I've adopted TDD, automated building, and time-boxing (using the Pomodoro Technique) as part of my PDP. I find these practices really help me get feedback, review my direction, and catch yak shaving earlier! However, what still escapes me is the ability to reduce feedback time in the ultimate feedback loop; regularly getting working software in front of the end user. Aside from team-oriented practices, what can I do to personally become more agile?

    Read the article

  • Why and when should I make a class 'static'? What is the purpose of 'static' keyword on classes?

    - by Saeed Neamati
    The static keyword on a member in many languages mean that you shouldn't create an instance of that class to be able to have access to that member. However, I don't see any justification to make an entire class static. Why and when should I make a class static? What benefits do I get from making a class static? I mean, after declaring a static class, one should still declare all members which he/she wants to have access to without instantiation, as static too. This means that for example, Math class could be declared normal (not static), without affecting how developers code. In other words, making a class static or normal is kind of transparent to developers.

    Read the article

  • Securing Back End API for Mobile Applications

    - by El Guapo
    I have an application that I am writing for both iOS and Android; this application will be served by a ReSTFUL API running on a cluster of servers on "the internets". I am curious how the rest of the world is going about securing their APIs so only specific applications running on iOS or Android can use these APIs. I could go the same route as other OAuth providers by providing a key/secret combination (2-legged OAuth), however, what do I do if I ever have to change these keys??? Do I create a new key/secret for every person that downloads the app??? The application is a social-based game that will allow the user to interact with other "participants" in the game based on location, achievements, etc. The API will provide the following functions: -Questions, Quests, etc -Profile Management -User Interaction -Possible Social Interaction Once the app gains traction I plan on opening up the API ala Facebook, Twitter, etc. Which is easy enough, I plan on implementing an OAuth Server and whatnot. However, I want to make sure, during this phase, that only people who are using the application can access and use the API.

    Read the article

  • Good approach for hundreds of comsumers and big files

    - by ????? ???????
    I have several files (nearly 1GB each) with data. Data is a string line. I need to process each of these files with several hundreds of consumers. Each of these consumers does some processing that differs from others. Consumers do not write anywhere concurrently. They only need input string. After processing they update their local buffers. Consumers can easily be executed in parallel. Important: With one specific file each consumer has to process all lines (without skipping) in correct order (as they appear in file). The order of processing different files doesn't matter. Processing of a single line by one consumer is comparably fast. I expect less than 50 microseconds on Corei5. So now I'm looking for the good approach to this problem. This is going to be be a part of a .NET project, so please let's stick with .NET only (C# is preferable). I know about TPL and DataFlow. I guess that the most relevant would be BroadcastBlock. But i think that the problem here is that with each line I'll have to wait for all consumers to finish in order to post the new one. I guess that it would be not very efficient. I think that ideally situation would be something like this: One thread reads from file and writes to the buffer. Each consumer, when it is ready, reads the line from the buffer concurrently and processes it. The entry from the buffer shouldn't be deleted as one consumer reads it. It can be deleted only when all consumers have processed it. TPL schedules consumer threads itself. If one consumer outperforms the others, it shouldn't wait and can read more recent entries from the buffer. Am i right with this kind of approach? Whether yes or not, how can i implement the good solution? A bit was already discussed on StackOverflow: link

    Read the article

  • Can You Have "Empty" Abstract/Classes?

    - by ShrimpCrackers
    Of course you can, I'm just wondering if it's rational to design in such a way. I'm making a breakout clone and was doing some class design. I wanted to use inheritance, even though I don't have to, to apply what I've learned in C++. I was thinking about class design and came up with something like this: GameObject - base class (consists of data members like x and y offsets, and a vector of SDL_Surface* MovableObject : GameObject - abstract class + derived class of GameObject (one method void move() = 0; ) NonMovableObject : GameObject - empty class...no methods or data members other than constructor and destructor(at least for now?). Later I was planning to derive a class from NonMovableObject, like Tileset : NonMovableObject. I was just wondering if "empty" abstract classes or just empty classes are often used...I notice that the way I'm doing this, I'm just creating the class NonMovableObject just for sake of categorization. I know I'm overthinking things just to make a breakout clone, but my focus is less on the game and more on using inheritance and designing some sort of game framework.

    Read the article

  • How should I store and secure self-signed certificates?

    - by Anthony Mastrean
    I'm fairly certain I shouldn't commit certificates into source control. Even if the repository is private and only authenticated coworkers (for example) have access to it. That would allow for accidental exposure (thumb drives, leaked credentials, whatever). But, how should I store and secure certificates? I don't suppose I should just plop them on the network file server, for some of the same reasons I wouldn't put them into source control, right? Is there some kind of secure certificate store that I can run? Does the Java "keystore" do that generally or is it specific for like weblogic servers or something?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 129 130 131 132 133 134 135 136 137 138 139 140  | Next Page >