Search Results

Search found 52418 results on 2097 pages for 'free database security ev'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 15/2097 | < Previous Page | 11 12 13 14 15 16 17 18 19 20 21 22  | Next Page >

  • Jersey, Apache HTTPD, and javax.annotation.security usage

    - by Nick Klauer
    So I'm having a heck of a time trying to piece together what I think is a pretty simple implementation. This is very similar to another StackOverflow question only I can't leverage Tomcat to handle role based authentication. I have an Apache httpd server in front of my app that handles authentication and then passes LDAP roles to a Jersey service through Headers. I've created a servlet filter to parse the header and tease out the roles the request came from, which works fine globally to the app, but isn't fine-grained enough to dictate what an Admin could do that a User could not. I'm thinking I could use the javax.annotation.security annotations that JAX-RS supports, but I don't know how to take what I've parsed out using a servlet filter to set or instantiate the SecurityContext necessary for the roles @RolesAllowed.

    Read the article

  • Database independent row level security solution

    - by Filip
    Hi, does anybody knows about Java/C# database independent authorization library. This library should support read, write, delete, insert actions across company organizational structure. Something like this: - user can see all documents - user can enter new document assigned to his unit - user can change all documents assigned to his unit and all subordinate units. - user can delete documents that are assigned to him I should also be able to create custom actions (besides read, write,...) connect them to certain class and assign that "security token" to user (e.g. document.expire). If there aren't any either free or commercial libraries, is there a book that could be useful in implementing this functionality? Thanks.

    Read the article

  • Database security / scaling question

    - by orokusaki
    Typically I use a database such as MySQL or PostGreSQL on the same machine as the application using it, which makes access easy and secure. I'm just now building the first site that will have a separate physical database server (later this year it will). I'm wondering 3 things: (security) What things should I look into for starters pertaining to security of accessing a separate machine's database? (scalability) Are their scalability issues that I should think about pertaining to this (technology agnostic)? (more ServerFaultish but related) If starting the DB out on the same physical server (using a separate VMWare VM) and later moving to a different physical server, are there implicit problems that I'll have to deal with? Isn't another VM still accessed via localhost? If these questions are completely ludicrous, I apologize to you DB experts.

    Read the article

  • User account design and security...

    - by espinet
    Before I begin, I am using Ruby on Rails and the Devise gem for user authentication. Hi, I was doing some research about account security and I found a blog post about the topic awhile ago but I can no longer find it again. I read something about when making a login system you should have 1 model for User, this contains a user's username, encrypted password, and email. You should also have a model for a user's Account. This contains everything else. A User has an Account. I don't know if I'm explaining this correctly since I haven't seen the blog post for several months and I lost my bookmark. Could someone explain how and why I should or shouldn't do this. My application deals with money so I need to cover my bases with security. Thanks.

    Read the article

  • Data-related security Implementation

    - by devdude
    Using Shiro we have a great security framework embedded in our enterprise application running on GF. You define users, roles, permissions and we can control at any fine-grain level if a user can access the application, a certain page or even click a specific button. Is there a recipe or pattern, that allows on top of that, to restrict a user from seeing certain data ? Sample: You have a customer table for 3 factories (part of one company). An admin user can see all customer records, but the user at the local factory must not see any customer data of other factories (for whatever reason). Te security feature should be part of the role definition. Thanks for any input and ideas

    Read the article

  • How to securely communicate with a database using a java applet

    - by WarmWaffles
    I have been writing web applications for quite sometime in PHP with MySQL. I always stored my database connection information into a configuration variable and connected to the database that way. A client wants a java applet for their website to communicate with their database. I'm very hesitant on this because the applet is going to be public and I am not sure how I would go about storing the database connection information. I'm paranoid that someone would decompile my application or find some way to extract my database connection information and use it maliciously. Any suggestions on how to do this securely?

    Read the article

  • Secure database connection. DAL .net architecture best practice

    - by Andrew Florko
    We have several applications that are installed in several departments that interact with database via Intranet. Users tend to use weak passwords or store login/password written on a shits of paper where everybody can see them. I'm worried about login/password leakage & want to minimize consequences. Minimizing database-server attack surface by hiding database-server from Intranet access would be a great idea also. I'm thinking about intermediary data access service method-based security. It seems more flexible than table-based or connection-based database-server one. This approach also allows to hide database-server from public Intranet. What kind of .net technologies and best practices would you suggest? Thank in you in advance!

    Read the article

  • HTML5 Web Database Security

    - by Daniel Dimovski
    Should the HTML5 database be used to store any form of private information? Say we have the following scenario; You're browsing a web-mail client, that uses the web database to store mail drafts after you've written some information you close the web browser. What's to stop me from getting access to this information? If the webpage tries to clean out old information when opened a user-script could easily prevent the website from fully loading and then search through the database. Furthermore the names of databases and tables are easily available through the web-mail client's source. W3C Draft

    Read the article

  • New Whitepaper: Advanced Compression 11gR1 Benchmarks with EBS 12

    - by Steven Chan
    In my opinion, if there's any reason to upgrade an E-Business Suite environment to the 11gR1 or 11gR2 database, it's the Advanced Compression database option.  Oracle Advanced Compression was introduced in Oracle Database 11g, and allows you to compress structured data (numbers, characters) as well as unstructured data (documents, spreadsheets, XML and other files).  It provides enhanced compression for database backups and also includes network compression for faster synchronization with standby databases.In other words, the promise of Advanced Compression is that it can make your E-Business Suite database smaller and faster.  But how well does it actually deliver on that promise?Apps 12 + Advanced Compression Benchmarks now availableThree of my colleagues, Uday Moogala, Lester Gutierrez, and Andy Tremayne, have been benchmarking Oracle E-Business Suite Release 12 with Advanced Compression 11gR1.  They've just released a detailed whitepaper with their benchmarking results and recommendations.This whitepaper is available in two locations:Oracle E-Business Suite Release 12.1 with Oracle Database 11g Advanced Compression (Note 1110648.1) (requires My Oracle Support access)Oracle E-Business Suite Release 12.1 with Oracle Database 11g Advanced Compression (Applications Benchmark website, PDF, 500K)

    Read the article

  • Security considerations for my first eStore.

    - by RPK
    I have a website through which I am going to sell few products. It is hosted on a simple shared-hosting and does not have SSL. On the products page, each product has a Buy Now button created from my PayPal Merchant account. PayPal recommends to use it's Button Factory to create secure buttons and save it inside PayPal itself. I have followed the same advice and the code of any button is secure and does not disclose any information on either a product or it's price. When the user clicks on a Buy Now button, he/she is taken to PayPal site where a page is opened in SSL for the user to fill in the credit card and shipping details. After a successful transaction, the control is passed back to my site. I want to know whether there is still any chance when security could be compromised.

    Read the article

  • Wine Security - Improvement by second user account?

    - by F. K.
    Team, I'm considering installing wine - but still hesitant for security reasons. As far as I found out, malicious code could reach ~/.wine and all my personal data with my user-priviledges - but not farther than that. So - would it be any safer to create a second user account on my machine and install wine there? That way, the second user would only have reading rights to my files. Is there a way to install wine totally confined to that user - so that I can't execute .exe files from my original account? Thanks in advance! PS - I'm running Ubuntu 11.10 64bit if that matters.

    Read the article

  • Security considerations for a default install?

    - by cpedros
    So with an old burned install CD of Feisty Fawn I went through the process of completely formatting the Windows OS and installing Ubuntu on an old XP laptop. I then went through the online upgrade to 10.4 LTS, only installing the gnome desktop environment package in the process. My (admittedly very open) question is that in this state and online, what security considerations do I have to immediately make for the default install? I understand that a lot of this swings on my intended use of the server, but just sitting there online what risks is it exposed to (this obviously goes far beyond the realm of linux, but I am not sure how these risks are accommodated in the default install). For example, I believe there is a firewall installed with Ubuntu but by default it allows all traffic. Any other guidelines would be much appreciated. Thanks

    Read the article

  • how to do database updates in each release

    - by Manoj R
    Our application uses database (mostly Oracle), and database is at the core. Each customer has its own database, with its own copy of application. Now with each new release of our product, we also need to update the database schema. These changes are adding new tables, removing columns, manipulating data etc. How do the people handle this? Are there any standard processes for this? EDIT:- The main issue is the databases are huge with many tables and more of huge amount of data. We provide the scripts and some utilities to manipulate the data. How to handle the failures and false negatives? More of looking for this kind articles. http://thedailywtf.com/Articles/Database-Changes-Done-Right.aspx

    Read the article

  • Amazon SOA: database as a Service

    - by Martin Lee
    There is an interesting interview with Werner Vogels which is partly about how Amazon does Service Oriented Architecture: For us service orientation means encapsulating the data with the business logic that operates on the data, with the only access through a published service interface. No direct database access is allowed from outside the service, and there’s no data sharing among the services. I do not understand that. Why do they need to 'wrap' a database into some layer if it already can be consumed as a service by other service through database adaptors? Does Amazon do that just because they need to expose the database to third parties or because of anything else? Why "no direct database access is allowed"? What are the advantages of such an architectural decision?

    Read the article

  • How to manage security cameras in Ubuntu?

    - by Josh
    I am setting up a server of sorts and chose ubuntu for the OS as my dad has it on a few computers. I am unimpressed with Windows or MAC due to all the add-ons and complexity of it when all I want is something simple. The system will have 3 purposes, storing my wife's photography work (she is a professional photographer) storing music for quick access to our entertainment system (will be running the system through the tv in our living room and thus through our surround sound) and will also serve as a DVR unit for a home security system I am going to put together. My question is what sort of software options are there for the Ubuntu system as far as a DVR with frame by frame playback. It does not need to be fancy but of course a variety of options are a nice touch.

    Read the article

  • Security considerations for default install of Ubuntu

    - by cpedros
    So with an old burned install CD of Feisty Fawn I went through the process of completely formatting the Windows OS and installing Ubuntu on an old XP laptop. I then went through the online upgrade to 10.4 LTS, only installing the gnome desktop environment package in the process. My (admittedly very open) question is that in this state and online, what security considerations do I have to immediately make for the default install? I understand that a lot of this swings on my intended use of the server, but just sitting there online what risks is it exposed to (this obviously goes far beyond the realm of linux, but I am not sure how these risks are accommodated in the default install). For example, I believe there is a firewall installed with Ubuntu but by default it allows all traffic. Any other guidelines would be much appreciated. Thanks

    Read the article

  • Security of keyctl

    - by ftiaronsem
    Hello alltogether Today I set up an ecryptfs directory, which is automatically mounted at login via pam. To do so i followed the guide in the ecryptfs readme ecryptfs-readme To sum up, I now have a key stored in the usser session keyring. The first thing I do not understand is why this key is only showing up via keyctl show and not with the gnome-gui "Passwords and encryption keys". The second thing I am curious about is the security. I assume that my passphrase is somehow stored on the harddisk. But how exactly and how secure is this? Thanks in advance

    Read the article

  • Where can I safely learn about computer security?

    - by Ammar Ahmed
    I find it really hard to find resources about computer security. I asked questions on message boards about key loggers and viruses and I got negative assumption from people assuming the the worse. Also, I don't think that I can trust random message boards. I know that it is a broad topic, but are there any good websites that I can follow and learn from that are targeted to beginner with some samples? I am a developer (or at least want to be one) and I have a CS degree if that helps.

    Read the article

  • When should we use weak entities when modelling a database?

    - by Songo
    This is basically a question about what are weak entities? When should we use them? How should they be modeled? What is the main difference between normal entities and weak entities? Does weak entities correspond to value objects when doing Domain Driven Design? To help keep the question on topic here is an example taken from Wikipedia that people can use to answer these question: In this example OrderItem was modeled as a weak entity, but I can't understand why it can't be modeled as a normal entity. Another question is what if I want to track the order history (i.e. the changes in it status) would that be a normal or weak entity?

    Read the article

  • Single database, multiple system dependency

    - by davenewza
    Consider an environment where we have a single, core database, with many separate systems using this one database. This leads to all of these systems have a common dependency, which ultimately introduces coupling between them. This means that we cannot always evolve systems independently of each other. Structural changes to the database (even if only intended for one, particular system), requires a full sweep test of ALL systems, and may require that other systems be 'patched' and subsequently released. This is especially tricky when you want to have separate teams working on different projects. What is a good 'pattern' to help in avoiding such coupling? I would imagine that a database should be exclusively depended on by one system. If other systems require data for whatever reason, they should request such from an API service of some kind. A drawback of this approach which comes to mind is performance: routing data between high-throughput systems through service calls is much slower than through a database connection.

    Read the article

  • Best C# database communication technique

    - by user65439
    A few days ago I read a reply to a question where people said that the days of writing queries within your c# code are long gone. I'm not sure what the specific person meant with the comment but it got me thinking. At the company I'm currently working at we maintain an assembly containing all the queries to the database (let's call it Queries), this assembly is reference by a QueryService (Retrieve the correct queries) assembly which in turn is referenced by a UnitOfWork assembly (The database connector classes, we have different connector classes for SQL, MySQL etc.). We use these three assemblies to perform operations on our database and all queries/commands are written in our C# code. Is there a better way to communicate with the database and is there a better way to communicate with different database types?

    Read the article

  • security cameras and Ubuntu

    - by Josh
    I am setting up a server of sorts and chose ubuntu for the OS as my dad has it on a few computers. I am unimpressed with Windows or MAC due to all the add-ons and complexity of it when all I want is something simple. The system will have 3 purposes, storing my wife's photography work (she is a professional photographer) storing music for quick access to our entertainment system (will be running the system thru the tv in our living room and thus though our surround sound) and will also serve as a DVR unit for a home security system I am going to put together. My question is what sort of software options are there for the Ubuntu system as far as a DVR with frame by frame playback. It does not need to be fancy but of course a variety of options are a nice touch.

    Read the article

  • Learning about security and finding exploits

    - by Jayraj
    First things first: I have absolutely no interest in learning how to crack systems for personal enrichment, hurting other people or doing anything remotely malicious. I understand the basis of many exploits (XSS, SQL injection, use after free etc.), though I've never performed any myself. I even have some idea about how to guard web applications from common exploits (like the aforementioned XSS and SQL injection) Reading this question about the Internet Explorer zero-day vulnerability from the Security SE piqued my curiosity and made me wonder: how did someone even find out about this exploit? What tools did they use? How did they know what to look for? I'm wary about visiting hacker dens online for fear of getting my own system infected (the Defcon stories make me paranoid). So what's a good, safe place to start learning?

    Read the article

  • Pros/Cons of document based database vs relational database

    - by damian
    I've been trying to see if I can accomplish some requirements with a document based database, in this case CouchDB. Two generic requirements: CRUD of entities with some fields which have unique index on it ecommerce web app like eBay (better description here). And I'm begining to think that a Document-based database isn't the best choice to address these requirements. Furthermore, I can´t imagine a use for a Document based database (maybe my imagination is too little). Can you explain me if I am asking pears to an elm when I try to use a Document based database for this requirements?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 11 12 13 14 15 16 17 18 19 20 21 22  | Next Page >