Search Results

Search found 14784 results on 592 pages for 'spring security'.

Page 139/592 | < Previous Page | 135 136 137 138 139 140 141 142 143 144 145 146  | Next Page >

  • WCF Authentication on the Internet - HELP

    - by Eddie
    I have a WCF service using the basicHTTP binding. The service will be targeted to be deployed in production in a DMZ environment on a Windows Server 2008 64 bit running IIS 7.0 and is not in an Active Directory domain. The service will be accessed by a business partner over the Internet with SSL protection. Originally, I had built the service to use x.509 Message authentication with wsHTTPBinding and after a lot of problems I punted and decided to back up and use basicHTTP with UserName authentication. Result: same exact, obscure error message as I received with certificate mode. The service works perfectly inside our domain with the exact same authentication but as soon as I move it to the DMZ I get an error reading: "An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail". The inner exception message is: "An error occurred when verifying security for the message." The services' web config with binding configuration is as follows: <services> <service behaviorConfiguration="HSSanoviaFacade.Service1Behavior" name="HSSanoviaFacade.HSSanoviaFacade"> <endpoint address="" binding="basicHttpBinding" contract="HSSanoviaFacade.IHSSanoviaFacade" bindingConfiguration="basicHttp"> <identity> <dns value="localhost" /> </identity> </endpoint> <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" /> <host> <baseAddresses> <add baseAddress="https://FULLY QUALIFIED HOST NAME CHANGED TO PROTECT/> </baseAddresses> </host> </service> </services> <bindings> <basicHttpBinding> <binding name="basicHttp"> <security mode="TransportWithMessageCredential"> <message clientCredentialType="UserName" /> </security> </binding> </basicHttpBinding> </bindings> <behaviors> <serviceBehaviors> <behavior name="HSSanoviaFacade.Service1Behavior"> <serviceMetadata httpsGetEnabled="True" /> <serviceDebug includeExceptionDetailInFaults="True" /> </behavior> </serviceBehaviors> </behaviors> The test client's configuration that gets the error: <bindings> <basicHttpBinding> <binding name="BasicHttpBinding_IHSSanoviaFacade" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true"> <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" /> <security mode="TransportWithMessageCredential"> <transport clientCredentialType="None" proxyCredentialType="None" realm="" /> <message clientCredentialType="UserName" algorithmSuite="Default" /> </security> </binding> </basicHttpBinding> </bindings> <client> <endpoint address="https://HOST NAME CHANGED TO PROTECT" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_IHSSanoviaFacade" contract="MembersService.IHSSanoviaFacade" name="BasicHttpBinding_IHSSanoviaFacade" /> </client> As mentioned earlier, the service works perfectly on the domain and the production IIS box is not on a domain. I have been tweaking and pulling my hair out for 2 weeks now and nothing seems to work. If anyone can help I would appreciate it. Even a recommendation for a work around for authentication. I'd rather not use a custom authentication scheme but use built-in SOAP capabilities. The credentials pass in thru the proxy i.e. proxy.ClientCredentials.UserName.UserName and proxy.ClientCredentials.UserName.Password are valid accounts on both the internal domain in the test environment and as a machine account on the DMZ IIS box.

    Read the article

  • Hibernate: update on parent-child relationship causes duplicate children

    - by TimmyJ
    I have a parent child relationship in which the parent has a collection of children (a set to be specific). The child collection is setup with cascade="all-delete-orphan". When I initially save the parent element everything works as expected. However, when I update the parent and save again, all the children are re-saved. This behavior leads me to believe that the parent is losing its reference to the collection of children, and therefore when persisting all the children are re-saved. It seems the only way to fix this is to not use the setter method of this child collection, but unfortunately this setter is called implicitly in my application (Spring MVC is used to bind a multi-select form element to this collection, and the setter is called by spring on the form submission). Overwriting this setter to not lose the reference (ie, do a colleciton.clear() and collection.addAll(newCollection) rather than collection = newCollection) is apparently a hibernate no-no, as is pointed out here: https://forum.hibernate.org/viewtopic.php?t=956859 Does anyone know how to circumvent this problem? I've posted some of my code below. The parent hibernate configuration: <hibernate-mapping package="org.fstrf.masterpk.domain"> <class name="ReportCriteriaBean" table="masterPkReportCriteria"> <id name="id" column="id"> <generator class="org.hibernate.id.IncrementGenerator" /> </id> <set name="treatmentArms" table="masterPkTreatmentArms" sort="org.fstrf.masterpk.domain.RxCodeComparator" lazy="false" cascade="all-delete-orphan" inverse="true"> <key column="runid"/> <one-to-many class="TreatmentArm"/> </set> </class> </hibernate-mapping> The parent object: public class ReportCriteriaBean{ private Integer id; private Set<TreatmentArm> treatmentArms; public Integer getId() { return id; } public void setId(Integer id) { this.id = id; } public Set<TreatmentArm> getTreatmentArms() { return treatmentArms; } public void setTreatmentArms(Set<TreatmentArm> treatmentArms) { this.treatmentArms = treatmentArms; if(this.treatmentArms != null){ for(TreatmentArm treatmentArm : this.treatmentArms){ treatmentArm.setReportCriteriaBean(this); } } } The child hibernate configuration: <hibernate-mapping package="org.fstrf.masterpk.domain"> <class name="TreatmentArm" table="masterPkTreatmentArms"> <id name="id" column="id"> <generator class="org.hibernate.id.IncrementGenerator" /> </id> <many-to-one name="reportCriteriaBean" class="ReportCriteriaBean" column="runId" not-null="true" /> <property name="rxCode" column="rxCode" not-null="true"/> </class> </hibernate-mapping> The child object: public class TreatmentArm { private Integer id; private ReportCriteriaBean reportCriteriaBean; private String rxCode; public Integer getId() { return id; } public void setId(Integer id) { this.id = id; } public ReportCriteriaBean getReportCriteriaBean() { return reportCriteriaBean; } public void setReportCriteriaBean(ReportCriteriaBean reportCriteriaBean) { this.reportCriteriaBean = reportCriteriaBean; } public String getRxCode() { return rxCode; } public void setRxCode(String rxCode) { this.rxCode = rxCode; } }

    Read the article

  • What are the principles of developing web-applications with action-based java frameworks?

    - by Roman
    Background I'm going to develop a new web-application with java. It's not very big or very complex and I have enough time until it'll "officially" start. I have some JSF/Facelets development background (about half a year). And I also have some expirience with JSP+JSTL. In self-educational purpose (and also in order to find the best solution) I want to prototype the new project with one of action-based frameworks. Actually, I will choose between Spring MVC and Stripes. Problem In order to get correct impression about action-based frameworks (in comparison with JSF) I want to be sure that I use them correctly (in bigger or lesser extent). So, here I list some most-frequent tasks (at least for me) and describe how I solve them with JSF. I want to know how they should be solved with action-based framework (or separately with Spring MVC and Stripes if there is any difference for concrete task). Rendering content: I can apply ready-to-use component from standard jsf libraries (core and html) or from 3rd-party libs (like RichFaces). I can combine simple components and I can easily create my own components which are based on standard components. Rendering data (primitive or reference types) in the correct format: Each component allow to specify a converter for transforming data in both ways (to render and to send to the server). Converter is, as usual, a simple class with 2 small methods. Site navigation: I specify a set of navigation-cases in faces-config.xml. Then I specify action-attribute of a link (or a button) which should match one or more of navigation cases. The best match is choosen by JSF. Implementing flow (multiform wizards for example): I'm using JSF 1.2 so I use Apache Orchestra for the flow (conversation) scope. Form processing: I have a pretty standard java-bean (backing bean in JSF terms) with some scope. I 'map' form fields on this bean properties. If everything goes well (no exceptions and validation is passed) then all these properties are set with values from the form fields. Then I can call one method (specified in button's action attribute) to execute some logic and return string which should much one of my navigation cases to go to the next screen. Forms validation: I can create custom validator (or choose from existing) and add it to almost each component. 3rd-party libraries have sets of custom ajax-validators. Standard validators work only after page is submitted. Actually, I don't like how validation in JSF works. Too much magic there. Many standard components (or maybe all of them) have predefined validation and it's impossible to disable it (Maybe not always, but I met many problems with it). Ajax support: many 3rd-party libraries (MyFaces, IceFaces, OpenFaces, AnotherPrefixFaces...) have strong ajax support and it works pretty well. Until you meet a problem. Too much magic there as well. It's very difficult to make it work if it doesn't work but you've done right as it's described in the manual. User-friendly URLs: people say that there are some libraries for that exist. And it can be done with filters as well. But I've never tried. It seems too complex for the first look. Thanks in advance for explaning how these items (or some of them) can be done with action-based framework.

    Read the article

  • WCF net.tcp bindings, message formats and security questions

    - by RemotecUk
    Hi, sorry for the stupid questions but there are just some things about WCF I cant get my head around. Would be greatful for some advice on the following.... At a very basic level is it correct that WCF uses either Binary (Net.Tcp), HTTP or MSMQ to transfer my message on the wire? However is it true that in all cases, regardless of how the data is transferred the message itself in in the SOAP format with headers and a body? So its a sort of XML message that is transmitted in either HTTP/S or in a binary format. Is Net.Tcp a good choice for my client server app - its similar to a messenger app in that the clients are all remote users on the other side of the firewall to my server. Most things I am reading are telling to use WS* and HTTP. Is Net.Tcp secured by standard and without certificates? - that is - people cannot listen on the wire and decode the data thats going to and from. Is it possible to send a username and password using net.tcp and without an installed certificate? If so I presume I can hook this up to my membership provider and authenticate access to each method on my service contract implementation. I presume that with username and password security, the proxy is initialised with the username and password and that this information is is sent with every request. Then my membership provider will be invoked for each method call and do whatever it needs to do to get the authorisation for the method. Sorry for the dump of questions but would be great to know if Im thinking the right way about how WCF works. Thanks.

    Read the article

  • SQL Exception: "Impersonate Session Security Context" cannot be called in this batch because a simul

    - by kasey
    When opening a connection to SQL Server 2005 from our web app, we occasionally see this error: "Impersonate Session Security Context" cannot be called in this batch because a simultaneous batch has called it. We use MARS and connection pooling. The exception originates from the following piece of code: protected SqlConnection Open() { SqlConnection connection = new SqlConnection(); connection.ConnectionString = m_ConnectionString; if (connection != null) { try { connection.Open(); if (m_ExecuteAsUserName != null) { string sql = Format("EXECUTE AS LOGIN = {0};", m_ExecuteAsUserName); ExecuteCommand(connection, sql); } } catch (Exception exception) { connection.Close(); connection = null; } } return connection; } I found an MS Connect article which suggests that the error is caused when a previous command has not yet terminated before the EXECUTE AS LOGIN command is sent. Yet how can this be if the connection has only just been opened? Could this be something to do with connection pooling interacting strangely with MARS? UPDATE: For the short-term we have implemented a workaround by clearing out the connection pool whenever this happens, to get rid of the bad connection, as it otherwise keeps getting handed back to various users. (Not too bad as this only happens a couple of times a day.) But if anyone has any further ideas, we are still looking out for a real solution...

    Read the article

  • SECURITY Flaws in this design for User authentication.

    - by Shao
    SECURITY Flaws in this design for User authentication. From: http://wiki.pylonshq.com/display/pylonscookbook/Simple+Homegrown+Authentication Note: a. Project follows the MVC pattern. b. Only a user with a valid username and password is allowed submit something. Design: a. Have a base controller from which all controllers are derived from. b. Before any of the actions in the derived controllers are called the system calls a before action in the base controller. c. In each controller user hardcodes the actions that need to be verified in an array. d. The before action first looks in the array that has the actions that are protected and sees if a user is logged in or not by peaking into the session. If a user is present then user is allowed to submit otherwise user is redirected to login page. What do you think?

    Read the article

  • Speed vs security vs compatibility over methods to do string concatenation in Python

    - by Cawas
    Similar questions have been brought (good speed comparison there) on this same subject. Hopefully this question is different and updated to Python 2.6 and 3.0. So far I believe the faster and most compatible method (among different Python versions) is the plain simple + sign: text = "whatever" + " you " + SAY But I keep hearing and reading it's not secure and / or advisable. I'm not even sure how many methods are there to manipulate strings! I could count only about 4: There's interpolation and all its sub-options such as % and format and then there's the simple ones, join and +. Finally, the new approach to string formatting, which is with format, is certainly not good for backwards compatibility at same time making % not good for forward compatibility. But should it be used for every string manipulation, including every concatenation, whenever we restrict ourselves to 3.x only? Well, maybe this is more of a wiki than a question, but I do wish to have an answer on which is the proper usage of each string manipulation method. And which one could be generally used with each focus in mind (best all around for compatibility, for speed and for security). Thanks.

    Read the article

  • java.security.AccessControlException : access denied (java.util.PropertyPermission http.agent read)

    - by Stefano Borini
    I have a non-signed java applet interacting with the same host. Every time I click on an element in my page, the applet (which is a third part applet I have no control on) should load data from a URL. I say should, because for some files, I get java.security.AccessControlException : access denied (java.util.PropertyPermission http.agent read) and some other files are correctly loaded. All files are correctly readable and downloadable from the web server, and they are very simple text files. I also found that, in some cases, files that previously returned the error are now loaded and continue to load, so it seems a cache is involved somehow. Does any of you have an idea of what's going on here ? The behavior seems to be absolutely random, and I have no way of performing debug on this thing. Note: I used this applet to perform many other "single shot" file access, and it never gave me any problem. The only apparent difference I have is that now I do it "on-demand" via a javascript event. What could be the cause, in the java of the applet or anywhere else ?

    Read the article

  • Group / User based security. Table / SQL question

    - by Brett
    Hi, I'm setting up a group / user based security system. I have 4 tables as follows: user groups group_user_mappings acl where acl is the mapping between an item_id and either a group or a user. The way I've done the acl table, I have 3 columns of note (actually 4th one as an auto-id, but that is irrelevant) col 1 item_id (item to access) col 3 user_id (user that is allowed to access) col 3 group_id (group that is allowed to access) So for example item1, peter, , item2, , group1 item3, jane, , so either the acl will give access to a user or a group. Any one line in the ACL table with either have an item - user mapping, or an item group. If I want to have a query that returns all objects a user has access to, I think I need to have a SQL query with a UNION, because I need 2 separate queries that join like.. item - acl - group - user AND item - acl - user This I guess will work OK. Is this how its normally done? Am I doing this the right way? Seems a little messy. I was thinking I could get around it by creating a single user group for each person, so I only ever deal with groups in my SQL, but this seems a little messy as well..

    Read the article

  • Security Exception when using Custom ASP.NET Healthmonitoring event in medium trust

    - by Elementenfresser
    Hi, I'm using custom healthmonitoring events in ASP.NET We recently moved to a new server with default High Trust Permissions. Literature says that healthmonitoring and custom events should work under Medium or higher trust (http://msdn.microsoft.com/en-us/library/bb398933.aspx). Problem is - it doesn't. In less than full trust I get a SecurityException saying The application attempted to perform an operation not allowed by the security policy It works in Full trust or when I remove the inheritance of System.Web.Management.WebErrorEvent. Any suggestions anyone? Here is the super simple code behind with a custom event defined: public partial class Default : System.Web.UI.Page { protected void Page_Load(object sender, EventArgs e) { try { CallCustomEvent(); } catch (Exception ex) { Response.Write(ex.Message); throw ex; } } /// <summary> /// this metho is never called due to lacking permissions... /// </summary> private void CallCustomEvent() { try { //do something useful here } catch (Exception) { //code to instantiate the forbidden inheritance... WebBaseEvent.Raise(new CustomEvent()); } } } /// <summary> /// custom error inheriting WebErrorEvent which is not allowed in high trust? can't believe that... /// </summary> public class CustomEvent : WebErrorEvent { public CustomEvent() : base("test", HttpContext.Current.Request, 100001, new ApplicationException("dummy")) { } } and the Web Config excerpt for high trust: <system.web> <trust level="High" originUrl="" />

    Read the article

  • Using jQuery with Windows 8 Metro JavaScript App causes security error

    - by patridge
    Since it sounded like jQuery was an option for Metro JavaScript apps, I was starting to look forward to Windows 8 dev. I installed Visual Studio 2012 Express RC and started a new project (both empty and grid templates have the same problem). I made a local copy of jQuery 1.7.2 and added it as a script reference. <!-- SomeTestApp references --> <link href="/css/default.css" rel="stylesheet" /> <script src="/js/jquery-1.7.2.js"></script> <script src="/js/default.js"></script> Unfortunately, as soon as I ran the resulting app it tosses out a console error: HTML1701: Unable to add dynamic content ' a' A script attempted to inject dynamic content, or elements previously modified dynamically, that might be unsafe. For example, using the innerHTML property to add script or malformed HTML will generate this exception. Use the toStaticHTML method to filter dynamic content, or explicitly create elements and attributes with a method such as createElement. For more information, see http://go.microsoft.com/fwlink/?LinkID=247104. I slapped a breakpoint in a non-minified version of jQuery and found the offending line: div.innerHTML = " <link/><table></table><a href='/a' style='top:1px;float:left;opacity:.55;'>a</a><input type='checkbox'/>"; Apparently, the security model for Metro apps forbids creating elements this way. This error doesn't cause any immediate issues for the user, but given its location, I am worried it will cause capability-discovery tests in jQuery to fail that shouldn't. I definitely want jQuery $.Deferred for making just about everything easier. I would prefer to be able to use the selector engine and event handling systems, but I would live without them if I had to. How does one get the latest jQuery to play nicely with Metro development?

    Read the article

  • Security header is not valid - using curl php

    - by toni
    Hi all, Im implementing the Express Checkout, Paypal API using PHP. I have no problem with the first step:SetExpressCheckout. I a have awk=success. But in method GetExpressCheckout I get "Security header is not valid". I try to figure out the problem and i think found out maybe it was the curl not working well.. What i did i copy the whole URL: https://api-3t.sandbox.paypal.com/nvp?USER=sanbox_1276609583_biz_api1.gmail.com&PWD=1276609589&SIGNATURE=AYVosblmD7khKkvvb.bNxvFT0OQ2A8GopwByEuC.CfMHt65VaUmvAEy-&VERSION=62.0&token=EC-3YG18670X88588437&METHOD=GetExpressCheckoutDetails and paste it to the browser. This will result to: TOKEN=EC%2d3YG18670X88588437&CHECKOUTSTATUS=PaymentActionNotInitiated&TIMESTAMP=2010%2d06%2d16T07%3a40%3a12Z&CORRELATIONID=e1a1e469bf066&ACK=Success&VERSION=62%2e0&BUILD=1356926... But when that url executed in the function I made it will not work. Below is my function: function mycurl($url,$querystr){ $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_VERBOSE, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $querystr); curl_setopt($ch, CURLOPT_RETURNTRANSFER,1); $response = curl_exec($ch); curl_close ($ch); return $response; } I hope somebody can help on this. thanks so much. Note: - I Used the sandbox for this. I created a sandbox account, I have a Business account to represent a merchant, and a Personal account to represent a buyer. And I used this: endpoint url: api-3t.sandbox.paypal.com/nvp sandbox url: www.sandbox.paypal.com/cgi-bin/webscr This should not be the issue.

    Read the article

  • problem of setting audit rules: Syscall name unknown: stime

    - by zhaojing
    I am setting audit rules in /etc/audit/audit.rules. As the requirement : The audit system should be configured to audit all administrative, privileged, and security actions. So I add one line into /etc/audit/auditd.rules: -a exit,always -S stime -S acct -S reboot -S swapon However, after I restart audit.d by service auditd restart: There is error comeout: Stopping auditd: [ OK ] Starting auditd: [ OK ] Syscall name unknown: stime There was an error in line 14 of /etc/audit/audit.rules It seems stime can't be recognized. Could anybody help me to find out what is wrong with my added rule? Thanks a lot!

    Read the article

  • "Something wicked happened" error in apt-get

    - by Dragon
    Everytime I try to install through terminal I get this" I am not able to install or update and I can't find working answer for this here. Here is my apt-get update result: Hit http://ppa.launchpad.net raring Release.gpg Hit http://deb.opera.com stable Release.gpg Hit http://ppa.launchpad.net raring Release.gpg Hit http://deb.opera.com stable Release Hit http://ppa.launchpad.net raring Release Hit http://deb.opera.com stable/non-free i386 Packages Hit http://ppa.launchpad.net raring Release Hit http://ppa.launchpad.net raring/main i386 Packages Hit http://ppa.launchpad.net raring/main i386 Packages Ign http://deb.opera.com stable/non-free Translation-en_US Ign http://deb.opera.com stable/non-free Translation-en Ign http://ppa.launchpad.net raring/main Translation-en_US Ign http://ppa.launchpad.net raring/main Translation-en Ign http://ppa.launchpad.net raring/main Translation-en_US Ign http://ppa.launchpad.net raring/main Translation-en Err http://archive.ubuntu.com raring Release.gpg Something wicked happened resolving 'archive.ubuntu.com:http' (-11 - System error) Err http://extras.ubuntu.com raring Release.gpg Something wicked happened resolving 'extras.ubuntu.com:http' (-11 - System error) Err http://dl.google.com stable Release.gpg Something wicked happened resolving 'dl.google.com:http' (-11 - System error) Ign https://private-ppa.launchpad.net quantal Release.gpg Err http://archive.ubuntu.com raring-updates Release.gpg Something wicked happened resolving 'archive.ubuntu.com:http' (-11 - System error) Get:1 http://archive.ubuntu.com raring-security Release.gpg [933 B] Get:2 http://archive.ubuntu.com raring-proposed Release.gpg [933 B] Get:3 http://archive.ubuntu.com raring-backports Release.gpg [933 B] Hit http://archive.ubuntu.com raring Release Get:4 http://archive.ubuntu.com raring-updates Release [40.8 kB] Get:5 http://archive.ubuntu.com raring-security Release [40.8 kB] Ign http://extras.ubuntu.com raring Release Ign http://dl.google.com stable Release Ign https://private-ppa.launchpad.net quantal Release Get:6 http://archive.ubuntu.com raring-proposed Release [40.8 kB] Hit http://archive.ubuntu.com raring-backports Release Ign http://archive.ubuntu.com raring/main Sources/DiffIndex Ign http://archive.ubuntu.com raring/restricted Sources/DiffIndex Ign http://archive.ubuntu.com raring/universe Sources/DiffIndex Ign http://archive.ubuntu.com raring/multiverse Sources/DiffIndex Ign http://archive.ubuntu.com raring/main i386 Packages/DiffIndex Ign http://archive.ubuntu.com raring/restricted i386 Packages/DiffIndex Ign http://archive.ubuntu.com raring/universe i386 Packages/DiffIndex Ign http://archive.ubuntu.com raring/multiverse i386 Packages/DiffIndex Hit http://archive.ubuntu.com raring/main Translation-en Hit http://archive.ubuntu.com raring/multiverse Translation-en Hit http://archive.ubuntu.com raring/restricted Translation-en Ign http://dl.google.com stable/main i386 Packages/DiffIndex Hit http://archive.ubuntu.com raring/universe Translation-en Ign http://archive.ubuntu.com raring-updates/main Sources/DiffIndex Ign http://archive.ubuntu.com raring-updates/restricted Sources/DiffIndex Ign http://archive.ubuntu.com raring-updates/universe Sources/DiffIndex Ign https://private-ppa.launchpad.net quantal/main i386 Packages/DiffIndex Ign http://archive.ubuntu.com raring-updates/multiverse Sources/DiffIndex Ign http://archive.ubuntu.com raring-updates/main i386 Packages/DiffIndex Hit http://dl.google.com stable/main i386 Packages Ign http://archive.ubuntu.com raring-updates/restricted i386 Packages/DiffIndex Ign http://archive.ubuntu.com raring-updates/universe i386 Packages/DiffIndex Ign http://archive.ubuntu.com raring-updates/multiverse i386 Packages/DiffIndex Hit http://archive.ubuntu.com raring-updates/main Translation-en Hit http://archive.ubuntu.com raring-updates/multiverse Translation-en Hit http://archive.ubuntu.com raring-updates/restricted Translation-en Hit http://archive.ubuntu.com raring-updates/universe Translation-en Get:7 http://archive.ubuntu.com raring-security/main Sources [24.7 kB] Get:8 http://archive.ubuntu.com raring-security/restricted Sources [14 B] Get:9 http://archive.ubuntu.com raring-security/universe Sources [4,802 B] Get:10 http://archive.ubuntu.com raring-security/multiverse Sources [690 B] Hit https://private-ppa.launchpad.net quantal/main i386 Packages Ign http://dl.google.com stable/main Translation-en_US Get:11 http://archive.ubuntu.com raring-security/main i386 Packages [67.9 kB] Ign http://dl.google.com stable/main Translation-en Get:12 http://archive.ubuntu.com raring-security/restricted i386 Packages [14 B] Get:13 http://archive.ubuntu.com raring-security/universe i386 Packages [19.2 kB] Get:14 http://archive.ubuntu.com raring-security/multiverse i386 Packages [1,403 B] Hit http://archive.ubuntu.com raring-security/main Translation-en Ign http://extras.ubuntu.com raring/main Sources/DiffIndex Hit http://archive.ubuntu.com raring-security/multiverse Translation-en Hit http://archive.ubuntu.com raring-security/restricted Translation-en Hit http://archive.ubuntu.com raring-security/universe Translation-en Get:15 http://archive.ubuntu.com raring-proposed/universe i386 Packages [18.0 kB] Get:16 http://archive.ubuntu.com raring-proposed/main i386 Packages [29.9 kB] Get:17 http://archive.ubuntu.com raring-proposed/multiverse i386 Packages [14 B] Get:18 http://archive.ubuntu.com raring-proposed/restricted i386 Packages [14 B] Hit http://archive.ubuntu.com raring-proposed/main Translation-en Hit http://archive.ubuntu.com raring-proposed/multiverse Translation-en Hit http://archive.ubuntu.com raring-proposed/restricted Translation-en Hit http://archive.ubuntu.com raring-proposed/universe Translation-en Hit http://archive.ubuntu.com raring-backports/multiverse i386 Packages Hit http://archive.ubuntu.com raring-backports/main i386 Packages Hit http://archive.ubuntu.com raring-backports/restricted i386 Packages Hit http://archive.ubuntu.com raring-backports/universe i386 Packages Hit http://archive.ubuntu.com raring-backports/main Translation-en Ign https://private-ppa.launchpad.net quantal/main Translation-en_US Hit http://archive.ubuntu.com raring-backports/multiverse Translation-en Hit http://archive.ubuntu.com raring-backports/restricted Translation-en Hit http://archive.ubuntu.com raring-backports/universe Translation-en Hit http://archive.ubuntu.com raring/main Sources Ign https://private-ppa.launchpad.net quantal/main Translation-en Hit http://archive.ubuntu.com raring/restricted Sources Hit http://archive.ubuntu.com raring/universe Sources Hit http://archive.ubuntu.com raring/multiverse Sources Hit http://archive.ubuntu.com raring/main i386 Packages Hit http://archive.ubuntu.com raring/restricted i386 Packages Hit http://archive.ubuntu.com raring/universe i386 Packages Hit http://archive.ubuntu.com raring/multiverse i386 Packages Get:19 http://archive.ubuntu.com raring-updates/main Sources [37.0 kB] Get:20 http://archive.ubuntu.com raring-updates/restricted Sources [14 B] Get:21 http://archive.ubuntu.com raring-updates/universe Sources [49.8 kB] Ign http://extras.ubuntu.com raring/main i386 Packages/DiffIndex Get:22 http://archive.ubuntu.com raring-updates/multiverse Sources [690 B] Get:23 http://archive.ubuntu.com raring-updates/main i386 Packages [93.5 kB] Get:24 http://archive.ubuntu.com raring-updates/restricted i386 Packages [14 B] Get:25 http://archive.ubuntu.com raring-updates/universe i386 Packages [94.2 kB] Get:26 http://archive.ubuntu.com raring-updates/multiverse i386 Packages [1,403 B] Ign http://archive.ubuntu.com raring/main Translation-en_US Ign http://archive.ubuntu.com raring/multiverse Translation-en_US Ign http://archive.ubuntu.com raring/restricted Translation-en_US Ign http://archive.ubuntu.com raring/universe Translation-en_US Ign http://archive.ubuntu.com raring-updates/main Translation-en_US Ign http://archive.ubuntu.com raring-updates/multiverse Translation-en_US Ign http://archive.ubuntu.com raring-updates/restricted Translation-en_US Ign http://archive.ubuntu.com raring-updates/universe Translation-en_US Ign http://archive.ubuntu.com raring-security/main Translation-en_US Ign http://archive.ubuntu.com raring-security/multiverse Translation-en_US Ign http://archive.ubuntu.com raring-security/restricted Translation-en_US Ign http://archive.ubuntu.com raring-security/universe Translation-en_US Ign http://archive.ubuntu.com raring-proposed/main Translation-en_US Ign http://archive.ubuntu.com raring-proposed/multiverse Translation-en_US Ign http://archive.ubuntu.com raring-proposed/restricted Translation-en_US Ign http://archive.ubuntu.com raring-proposed/universe Translation-en_US Ign http://archive.ubuntu.com raring-backports/main Translation-en_US Ign http://archive.ubuntu.com raring-backports/multiverse Translation-en_US Ign http://archive.ubuntu.com raring-backports/restricted Translation-en_US Ign http://archive.ubuntu.com raring-backports/universe Translation-en_US Err http://extras.ubuntu.com raring/main Translation-en_US Something wicked happened resolving 'extras.ubuntu.com:http' (-11 - System error) Err http://extras.ubuntu.com raring/main Translation-en Something wicked happened resolving 'extras.ubuntu.com:http' (-11 - System error) Err http://extras.ubuntu.com raring/main Sources Something wicked happened resolving 'extras.ubuntu.com:http' (-11 - System error) Err http://extras.ubuntu.com raring/main i386 Packages Something wicked happened resolving 'extras.ubuntu.com:http' (-11 - System error) Fetched 568 kB in 8min 0s (1,181 B/s) W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/raring/Release.gpg Something wicked happened resolving 'archive.ubuntu.com:http' (-11 - System error) W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/raring-updates/Release.gpg Something wicked happened resolving 'archive.ubuntu.com:http' (-11 - System error) W: Failed to fetch http://extras.ubuntu.com/ubuntu/dists/raring/Release.gpg Something wicked happened resolving 'extras.ubuntu.com:http' (-11 - System error) W: Failed to fetch http://dl.google.com/linux/chrome/deb/dists/stable/Release.gpg Something wicked happened resolving 'dl.google.com:http' (-11 - System error) W: Failed to fetch http://extras.ubuntu.com/ubuntu/dists/raring/main/i18n/Translation-en_US Something wicked happened resolving 'extras.ubuntu.com:http' (-11 - System error) W: Failed to fetch http://extras.ubuntu.com/ubuntu/dists/raring/main/i18n/Translation-en Something wicked happened resolving 'extras.ubuntu.com:http' (-11 - System error) W: Failed to fetch http://extras.ubuntu.com/ubuntu/dists/raring/main/source/Sources Something wicked happened resolving 'extras.ubuntu.com:http' (-11 - System error) W: Failed to fetch http://extras.ubuntu.com/ubuntu/dists/raring/main/binary-i386/Packages Something wicked happened resolving 'extras.ubuntu.com:http' (-11 - System error) E: Some index files failed to download. They have been ignored, or old ones used instead.

    Read the article

  • How to disable SSLCompression on Apache httpd 2.2.15?

    - by Stefan Lasiewski
    I read about the CRIME attack against TLS Compression (CRIME is a successor to the BEAST attack against ssl & tls), and I want to protect my webservers against this attack by disabling SSL Compression, which was added to Apache 2.2.22 (See Bug 53219). I am running Scientific Linux 6.1, which ships with httpd-2.2.15. Security fixes for upstream versions of httpd 2.2 should be backported to this version. # rpm -q httpd httpd-2.2.15-15.sl6.1.x86_64 # httpd -V Server version: Apache/2.2.15 (Unix) Server built: Feb 14 2012 09:47:14 Server's Module Magic Number: 20051115:24 Server loaded: APR 1.3.9, APR-Util 1.3.9 Compiled using: APR 1.3.9, APR-Util 1.3.9 I tried SSLCompression off in my configuration, but that results in the following error message: # /etc/init.d/httpd restart Stopping httpd: [ OK ] Starting httpd: Syntax error on line 147 of /etc/httpd/httpd.conf: Invalid command 'SSLCompression', perhaps misspelled or defined by a module not included in the server configuration [FAILED] Is it possible to disable SSLCompression with this version of Apache Webserver?

    Read the article

  • Look Inside WebLogic Server Embedded LDAP with an LDAP Explorer

    - by james.bayer
    Today a question came up on our internal WebLogic Server mailing lists about an issue deleting a Group from WebLogic Server.  The group had a special character in the name. The WLS console refused to delete the group with the message a java.net.MalformedURLException and another message saying “Errors must be corrected before proceeding.” as shown below. The group aa:bb is the one with the issue.  Click to enlarge. WebLogic Server includes an embedded LDAP server that can be used for managing users and groups for “reasonably small environments (10,000 or fewer users)”.  For organizations scaling larger or using more high-end features, I recommend looking at one of Oracle’s very popular enterprise directory services products like Oracle Internet Directory or Oracle Directory Server Enterprise Edition.  You can configure multiple authenicators in WebLogic Server so that you can use multiple directories at the same time. I am not sure WebLogic Server supports special characters in group names for the Embedded LDAP server, but in this case both the console and WLST reported the same issue deleting the group with the special character in the name.  Here’s the WLST output: wls:/hotspot_domain/serverConfig/SecurityConfiguration/hotspot_domain/Realms/myrealm/AuthenticationProviders/DefaultAuthenticator> cmo.removeGroup('aa:bb') Traceback (innermost last): File "<console>", line 1, in ? weblogic.security.providers.authentication.LDAPAtnDelegateException: [Security:090296]invalid URL ldap:///ou=people,ou=myrealm,dc=hotspot_domain??sub?(&(objectclass=person)(wlsMemberOf=cn=aa:bb,ou=groups,ou=myrealm,dc=hotspot_domain)) at weblogic.security.providers.authentication.LDAPAtnGroupMembersNameList.advance(LDAPAtnGroupMembersNameList.java:254) at weblogic.security.providers.authentication.LDAPAtnGroupMembersNameList.<init>(LDAPAtnGroupMembersNameList.java:119) at weblogic.security.providers.authentication.LDAPAtnDelegate.listGroupMembers(LDAPAtnDelegate.java:1392) at weblogic.security.providers.authentication.LDAPAtnDelegate.removeGroup(LDAPAtnDelegate.java:1989) at weblogic.security.providers.authentication.DefaultAuthenticatorImpl.removeGroup(DefaultAuthenticatorImpl.java:242) at weblogic.security.providers.authentication.DefaultAuthenticatorMBeanImpl.removeGroup(DefaultAuthenticatorMBeanImpl.java:407) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at weblogic.management.jmx.modelmbean.WLSModelMBean.invoke(WLSModelMBean.java:437) at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:836) at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:761) at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$16.run(WLSMBeanServerInterceptorBase.java:449) at java.security.AccessController.doPrivileged(Native Method) at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:447) at weblogic.management.mbeanservers.internal.JMXContextInterceptor.invoke(JMXContextInterceptor.java:263) at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$16.run(WLSMBeanServerInterceptorBase.java:449) at java.security.AccessController.doPrivileged(Native Method) at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:447) at weblogic.management.mbeanservers.internal.SecurityInterceptor.invoke(SecurityInterceptor.java:444) at weblogic.management.jmx.mbeanserver.WLSMBeanServer.invoke(WLSMBeanServer.java:323) at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$11$1.run(JMXConnectorSubjectForwarder.java:663) at java.security.AccessController.doPrivileged(Native Method) at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$11.run(JMXConnectorSubjectForwarder.java:661) at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363) at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder.invoke(JMXConnectorSubjectForwarder.java:654) at javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1427) at javax.management.remote.rmi.RMIConnectionImpl.access$200(RMIConnectionImpl.java:72) at javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1265) at java.security.AccessController.doPrivileged(Native Method) at javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(RMIConnectionImpl.java:1367) at javax.management.remote.rmi.RMIConnectionImpl.invoke(RMIConnectionImpl.java:788) at javax.management.remote.rmi.RMIConnectionImpl_WLSkel.invoke(Unknown Source) at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:667) at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:522) at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363) at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146) at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:518) at weblogic.rmi.internal.wls.WLSExecuteRequest.run(WLSExecuteRequest.java:118) at weblogic.work.ExecuteThread.execute(ExecuteThread.java:207) at weblogic.work.ExecuteThread.run(ExecuteThread.java:176) Caused by: java.net.MalformedURLException at netscape.ldap.LDAPUrl.readNextConstruct(LDAPUrl.java:651) at netscape.ldap.LDAPUrl.parseUrl(LDAPUrl.java:277) at netscape.ldap.LDAPUrl.<init>(LDAPUrl.java:114) at weblogic.security.providers.authentication.LDAPAtnGroupMembersNameList.advance(LDAPAtnGroupMembersNameList.java:224) ... 41 more It’s fairly clear that in order to work that the : character needs to be URL encoded to %3A or similar.  But all is not lost, there is another way.  You can configure an LDAP Explorer like JXplorer to WebLogic Server Embedded LDAP and browse/edit the entries. Follow the instructions here, being sure to change the authentication credentials to the Embedded LDAP server to some value you know, as by default they are some unknown value.  You’ll need to reboot the WebLogic Server Admin Server after making this change. Now configure JXplorer to connect as described in the documentation.  I’ve circled the important inputs.  In this example, my domain name is “hotspot_domain” which listens on the localhost listen address and port 7001.  The cn=Admin user name is a constant identifier for the Administrator of the embedded LDAP and that does not change, but you need to know what it is so you can enter it into the tool you use. Once you connect successfully, you can explore the entries and in this case delete the group that is no longer desired.

    Read the article

  • Most basic, low power home surveillance system

    - by cbp
    I am thinking of setting up a simple but effective surveillance system for my house that is: Very low powered (preferably no PCs left running out of stand-by mode) Cheap. When motion (or sound) is detected, I would like it to: Send an email/phone alert to me Record and upload video to the web (in case they steal the camera) So I imagine a system where I leave a netbook PC in stand-by mode and have it woken up by a motion detector. This initiates software to send alerts and periodically upload recorded video to the web. The software part is easy for me, but I'm not really a gadget-man so I'd like some advice on using a motion sensor of some sort to wake up the PC. Does anyone have some good advice? I know there are a couple of questions dealing with this topic already (see here: http://superuser.com/questions/3054/looking-for-a-moderately-priced-home-surveillance-setup, and here: http://superuser.com/questions/2929/can-you-suggest-a-great-home-security-setup-anti-burglars-e-t-c) - I am seeking more specific information with this question.

    Read the article

  • Why does apt-get fail to resolve the mirror?

    - by Jake Kubisiak
    I know this has been covered before, but I can't seem to resolve my issue. Here is my output. jake@KUBIE-SERVER:~$ sudo apt-get update Err http://us.archive.ubuntu.com precise InRelease Err http://us.archive.ubuntu.com precise-updates InRelease Err http://us.archive.ubuntu.com precise-backports InRelease Err http://security.ubuntu.com precise-security InRelease Err http://archive.canonical.com precise InRelease Err http://ppa.launchpad.net precise InRelease Err http://archive.canonical.com precise Release.gpg Temporary failure resolving 'archive.canonical.com' Err http://ppa.launchpad.net precise Release.gpg Temporary failure resolving 'ppa.launchpad.net' Err http://security.ubuntu.com precise-security Release.gpg Temporary failure resolving 'security.ubuntu.com' Err http://us.archive.ubuntu.com precise Release.gpg Temporary failure resolving 'us.archive.ubuntu.com' Err http://us.archive.ubuntu.com precise-updates Release.gpg Temporary failure resolving 'us.archive.ubuntu.com' Err http://us.archive.ubuntu.com precise-backports Release.gpg Temporary failure resolving 'us.archive.ubuntu.com' Reading package lists... Done W: Failed to fetch http://us.archive.ubuntu.com/ubuntu/dists/precise/InRelease W: Failed to fetch http://us.archive.ubuntu.com/ubuntu/dists/precise- updates/InRelease W: Failed to fetch http://us.archive.ubuntu.com/ubuntu/dists/precise- backports/InRelease W: Failed to fetch http://security.ubuntu.com/ubuntu/dists/precise-security/InRelease W: Failed to fetch http://archive.canonical.com/ubuntu/dists/precise/InRelease W: Failed to fetch http://ppa.launchpad.net/webupd8team/java/ubuntu/dists/precise/InRelease W: Failed to fetch http://us.archive.ubuntu.com/ubuntu/dists/precise/Release.gpg Temporary failure resolving 'us.archive.ubuntu.com' W: Failed to fetch http://us.archive.ubuntu.com/ubuntu/dists/precise- updates/Release.gpg Temporary failure resolving 'us.archive.ubuntu.com' W: Failed to fetch http://us.archive.ubuntu.com/ubuntu/dists/precise- backports/Release.gpg Temporary failure resolving 'us.archive.ubuntu.com' W: Failed to fetch http://security.ubuntu.com/ubuntu/dists/precise- security/Release.gpg Temporary failure resolving 'security.ubuntu.com' W: Failed to fetch http://archive.canonical.com/ubuntu/dists/precise/Release.gpg Temporary failure resolving 'archive.canonical.com' W: Failed to fetch http://ppa.launchpad.net/webupd8team/java/ubuntu/dists/precise/Release.gpg Temporary failure resolving 'ppa.launchpad.net' W: Some index files failed to download. They have been ignored, or old ones used instead. Any help is greatly appreciated.

    Read the article

  • Is it a bad idea to run an asp.net app pool with the same identity as IIS's anon user?

    - by Andrew Bullock
    Subject says it all really, Thinking on security terms, I want to give each site on my server its own user account, so that they can't access each other's data. I also want to use integrated authentication for sql so i dont have any passwords knocking about in connection strings. Is it a bad idea to use the same account for the app pool identity and the anon user account for iis (im interested in answers for both v6 and 7)? Edit: ive seen this post describing how IIS7 allows you to automatically use the same account, but the question of whether its a good idea or not remains ;) If so, why? Thanks

    Read the article

  • Server Administration

    - by Kassem
    Hi everyone, My client asked me for a job description of a system administration because I might be assigned this position along with the other guy I'm working with. To be honest, I do not know much about a System Administrator's job but I'm willing to learn. Questions: What are the security requirements of a server? * What are the key responsibilities in a system admin's job description? What are some of the day to day tasks of a system admin? What is the average monthly salary of a system admin? Note: I will be working inside a Windows environment. But your replies do not necessarily need to be constricted to a Windows environment. (*) Other software I know will be required are: Windows Server 2008 IIS 7.0 MS SQL Server .NET 4.0 Runtime Let me know if there are other things I should be aware of as well. Thanks!

    Read the article

  • Did Firefox running in OSX get hacked

    - by z-buffer
    When I try to do a google search in Firefox, I can't click on any of the links. They're just regular black text, not hyperlinks. I even tried safe mode and disabling all the plugins. I was running Firefox 12. I installed the current version over it and it's the same thing. Other browsers have not been affected. This is what it looks like. Edit: My firewall was turned off and I had several things running which are potential security holes. I turned on my firewall and closed all unnecessary ports. I also turned off Home Sharing. Then I restarted my computer. After that, Firefox works normally again. What do you think happened?

    Read the article

  • Can not create a linked server between SQL Server 2008 on a desktop and my laptop

    - by norlando
    I'm having an issue getting the linked server to connect between a desktop and my laptop. Both have SQL server 2008 and the link is coming from the desktop to my laptop. Also, both computers have Windows 7. I don't have any issues creating the linked server from my laptop to the desktop. The error I'm getting is "Login failed for user '[UserName]'. (Microsoft SQL Server, Error: 18456)." I let the user name out for security reasons. The user is an sa on both SQL servers and an admin on both computers. Does anyone have an idea what could be stopping me from creating the linked server from the desktop to my laptop?

    Read the article

  • I just got a linode VPS a week ago and I've been flagged for SSH scanning

    - by meder
    I got a 32-bit Debian VPS from http://linode.com and I really haven't done any sort of advanced configuration for securing it ( port 22; password enabled ). It seems somehow there is ssh scanning going on from my IP, I'm being flagged as this is against the TOS. I've been SSHing only from my home Comcast ISP which I run Linux on. Is this a common thing when getting a new vps? Are there any standard security configuration tips? I'm quite confused as to how my machine has been accused of this ssh scanning.

    Read the article

  • How to protect my VPS from winlogon RDP spam requests

    - by Valentin Kuzub
    I got some hackers constantly hitting my RDP and generating thousands of audit failures in event log. Password is pretty elaborate so I dont think bruteforcing will get them anywhere. I am using VPS and I am pretty much a noob in Windows Server security (am a programmer myself and its my webserver for my site). Which is a recommended approach to deal with this? I would rather block IPs after some amount of failures for example. Sorry if question is not appropriate.

    Read the article

  • Local Password Management

    - by ultimazombie88
    In our office (and I am sure many others) we access various websites and tend to share one account with our team. For example, we share credentials to Ebay and change them every few weeks to maintain some sense of security. However, we know this does not allow for any type of accountability for major changes. After some discussion we want to try to manage how we distribute credentials for sites that may not offer child accounts. Is there any smart and safe way to do this? If so how do you do it?

    Read the article

< Previous Page | 135 136 137 138 139 140 141 142 143 144 145 146  | Next Page >