Search Results

Search found 7554 results on 303 pages for 'shared secret'.

Page 152/303 | < Previous Page | 148 149 150 151 152 153 154 155 156 157 158 159 | Next Page >

Web Site in solution where "Rebuild Solution" compile succeeds cannot launch debugger

- by fordareh

I have a solution that includes a Web Site (created using the web site template not the web app project template - converting isn't an option, btw). When I rebuild all, the compile succeeds, but strangely displays 3 errors, all of which are "Could not get dependencies for project reference 'PROJNAME'". When I try to launch the debugger, I get the "There were build errors." dialogue. Two questions: If I choose the 'Yes' option in the debug error dialogue to run the last successful build, will it run on the code that my Rebuild All just compiled? How do I resolve this issue? I checked this post and am disheartened by my prospects. What is strange, though, is that I added these same projects to a separate web site solution that compiled/debugged fine, removed the test web site and re-added the target website I would like to debug, and it failed in the same manner. Is there a secret web site .proj file for .NET web sites? http://stackoverflow.com/questions/863379/could-not-get-dependencies-for-project-reference

Read the article
[Rails] OAuth with Digg API

- by Karl

I'm attempting to get Rails to play nice with the Digg API's OAuth. I'm using the oauth gem (ruby one, not the rails one). My code looks approximately like this: @consumer = OAuth::Consumer.new(API_KEY, API_SECRET, :scheme => :header, :http_method => :post, :oauth_callback => "http://locahost:3000", :request_token_url => 'http://services.digg.com/1.0/endpoint?method=oauth.getRequestToken', :access_token_url => 'http://services.digg.com/1.0/endpoint?method=oauth.getAccessToken', :authorize_url => 'http://digg.com/oauth/authorize') @request_token = @consumer.get_request_token session[:request_token] = @request_token.token session[:request_token_secret] = @request_token.secret redirect_to @request_token.authorize_url Which is by-the-book in terms of what the gem documentation gave me. However, Digg spits a "400 Bad Request" error back at me when @consumer.get_request_token is called. I can't figure out what I'm doing wrong. Any ideas?

Read the article
Twitter Oauth Strategy with Warden + Devise Authentication Gems for Ruby

- by Michael Waxman

Devise, the authentication gem for Ruby based on Warden (another auth gem) does not support Twitter Oauth as an authentication strategy, BUT Warden does. There is a way to use the Warden Twitter Oauth strategy within Devise, but I cannot figure it out. I'm using the following block in the devise config file: config.warden do |manager| manager.oauth(:twitter) do |twitter| twitter.consumer_secret = <SECRET> twitter.consumer_key = <KEY> twitter.options :site => 'http://twitter.com' end manager.default_strategies.unshift :twitter_oauth end But I keep on getting all sorts of error messages. Does anyone know how to make this work? I'm assuming there is more to do here (configuring a new link/route to talk to Warden, maybe adding attributes to the Devise User model, etc.), but I can't figure out what they are. Please help.

Read the article
Email Verification plugin for rails?

- by Larry K

Hi, I'd like to verify a user's email address by sending them a verify-email-message. Do you know of a good Rails plugin that they've used or seen? Since I didn't see anything good via Google, at this point, my thought is: Add a verified boolean field to the user model. Default false. After user is added (unverified), combine email with a salt (a secret), and create the sha1 hash of the email/salt combo. The result is the verification. Send a welcoming / verification email to the user. Email includes a url that has the email address and verification as GET args to a verify action on my server. The verify action recomputes the verification using the supplied email and checks that the new verification matches the one in the url. If it does, then the User rec for the email is marked 'verified' Also will provide action to re-send the verification email. Any comments on the above? Thanks, Larry

Read the article
What's the significance of Oct 12 1999?

- by Portman

In the SignOut method of System.Web.Security.FormsAuthentication, the ASP.NET team chose to expire the FormsAuth cookie by setting the expiration date to "Oct 12 1999". HttpCookie cookie = new HttpCookie(FormsCookieName, str); cookie.HttpOnly = true; cookie.Path = _FormsCookiePath; cookie.Expires = new DateTime(0x7cf, 10, 12); What's the significance of October 12th, 1999? Is it an inside joke, or is there some valid reason to set your cookie expiration to that particular date? Edit: The theories below are interesting, but they are just guesses. Since Phil, Scott, and other members of the ASP.NET team are on StackOverflow, I thought it would be fun to offer a bounty. Hopefully someone can track down the original developer and get an authoritative answer. Awarded: To Scott Hanselman for escalating this one all the way to ScottGu. I was really hoping for some sort of super-secret, Illuminati-esque meaning, but looks like it was just the old "one year ago" trick.

Read the article
Facebook connect JavaScript with PHP

- by skidding

I'm using the JavaScript method to sync/login (with the popup) with Facebook Connect on my site, it seems to work. However, after I get logged in, I want to continue in backend, with the PHP library. I see the cookies are set by the JavaScript lib, but I don't know how to use them with the PHP api. I used $fb = new Facebook($api_key, $secret); $uid = $fb->get_loggedin_user(); but not user data is getting passed. How can I get the user data in PHP after I logged in in frontend? As far as I'm concerned, I would have gone PHP all the way, but I didn't manage to make the auth work, meaning that in never redirected me back to my site :). Thanks!

Read the article
Restful authentication between two GAE apps.

- by user259349

Hello everyone, i am trying to write a restful google app engine application (python) that accepts requests only from another GAE that i wrote. I dont like any of the ways that i thought of to get this done, please advice if you know of something better than: Get SSL setup, and simply add the credentials on the request that my consuming app will send. I dont like it cause SSL will slow things down. Security by obsecurity. Add a random number in my request that is in Xmod0, where X is a secret number that both applications know. I just,,,, dont like this. Check the HTTP header to see where is the request coming from. This option is the one that i hate the least, not alot of processing, and spoofing an HTTP request is not really worth it, for my application's data. Is there any other clean solution for this?

Read the article
How to setup default attributes in a ruby model

- by webdestroya

I have a model User and when I create one, I want to pragmatically setup some API keys and what not, specifically: @user.apikey = Digest::MD5.hexdigest(BCrypt::Password.create("jibberish").to_s) I want to be able to run User.create!(:email=>"[email protected]") and have it create a user with a randomly generated API key, and secret. I currently am doing this in the controller, but when I tried to add a default user to the seeds.rb file, I am getting an SQL error (saying my apikey is null). I tried overriding the save definition, but that seemed to cause problems when I updated the model, because it would override the values. I tried overriding the initialize definition, but that is returning a nil:NilClass and breaking things. Is there a better way to do this?

Read the article
Setting Sql server security rights for multiple situations

- by DanDan

We have an application which uses an instance of Sql Server locally for its backend storage. The administrator windows login has had its sysadmin right revoked, and instead two sql logins have been created; one for the application with a secret password and one read only login we let users view the raw data with. This was working fine until we moved on FileStreams, which requires intergrated windows authentication. So now the sql server logins must be replaced. As a result, I am now reviewing all of our logins but I am not sure how it is possible. It seems that the application needs full read/write access, yet I still need to lock down writing to the tables so the user cannot login into the database and delete data randomly. Does anyone have any tips for setting multiple levels of security using intergrated windows logins, or can you direct me to any further reading? Some answers can also be found on serverfault: http://serverfault.com/questions/138763/setting-sql-server-security-rights-for-multiple-situations

Read the article
Optimizing encrypted column search

- by Sung Meister

I have a table called,tblClient with an encrypted column called SSN. Due to company policy, we encrypted SSN using a symmetric key (chosen over asymmetric key due to performance reasons) using a password. Here is a partial LIKE search on SSN declare @SSN varchar(11) set @SSN = '111-22-%' open symmetric key SSN_KEY decrypt by password = 'secret' select Client_ID from tblClient (nolock) where convert(nvarchar(11), DECRYPTBYKEY(SSN)) like @SSN close symmetric key SSN_KEY Before encryption, searching thru 150,000 records took less than 1 second. but with the mix of decryption, the same search takes around 5 seconds. What strategy can I apply to try to optimize searching thru encrypted column?

Read the article
Rails session cookie not getting set

- by bwizzy

I have a rails app that is a CMS that uses dynamic subdomains for each site. For some reason when I deployed to production the session cookie is not getting set. I'm thinking this is leading to the "Invalid Authenticity Token" errors that are being thrown everywhere. I have my production.rb setup so that I can share sessions across subdomains. What could be going wrong that the cookie isn't being set at all? #production.rb config.action_controller.session[:domain] = '.domain.com' #environment.rb config.action_controller.session = { :session_key => '_app_session', :secret => '.... nums and chars .....' }

Read the article
How to add Points and Markers Dynamically to Google Maps from JSF

- by Omer

I have an app in J2EE with a couple of projects. Got my .war project that communicates with a EJB business project which has access to some Data. I have an entity which has some information about places, and I want to show a collection of those places in a single map on a JSF page. I have a Collection of coordinates to be assigned as points on a polyline in Google maps, and I've got this collection as a return of a java function of the jsf page, but I dont know how to get this collection from jsf and then how to make the map work I'll be very greatful if someone can give me some jsf code as an example. (and if someone knows how to set the autoReshape attribute for maps in jsf using javascript, please tell me the secret!!!!) Thanks a lot.

Read the article
create manually parameter ReturnUrl

- by user276640

i have view like 'home/details/5', it can be access by anonymous user. but there is button, which can be pressed only by registered users. no problem, i can look into Request.IsAuthenticated , and if anonymous i show button login instead of secret button but the problem- when press login i can lose address and parameters of page. how can i create login button and pass a parameter ReturnUrl ? something like <%= Html.ActionLink("enter to buy", "LogOn", "Account", new { ReturnUrl = path to view with route value })%> i see only stupid solution <%= Html.ActionLink("enter to buy", "LogOn", "Account", new { ReturnUrl = "home/details/" + ViewContext.RouteData.Values["id"] })%> but i don't like to hard code names of controller

Read the article
Facebook RESTful API require_login() callback

- by skidding

Hi, I'm trying to authenticate a user through the RESTful API (not Connect) but I can't since the callback system does not work for me. I have a local app that creates the Facebook API object with my key and secret, then calls the Facebook API require_login() method; I am sent to Facebook login, I login, and then I am sent to http://www.facebook.com/login.php?auth_token=<...>, where there's another login with just a field for password (not username), I write it again, and after that I am redirected to normal Facebook home. What am I doing wrong? I have set the callback URL in the Facebook app proprieties. Does it have anything to do with the fact that it's localhost? Thanks!

Read the article
States having nonassignable invention exceptions similar to California Code Section 2870

- by Ashley Tate

Standard employment agreements stipulate that the employing company owns all inventions and discoveries produced during the period of employment. California code section 2870 exempts inventions produced outside of work and without use of company facilities by California employees: 2870. (a) Any provision in an employment agreement which provides that an employee shall assign, or offer to assign, any of his or her rights in an invention to his or her employer shall not apply to an invention that the employee developed entirely on his or her own time without using the employer's equipment, supplies, facilities, or trade secret information... Do the legal codes of any other states include a similar provision?

Read the article
oAuth provider with Django-piston

- by Martin Eve

Hi, I'm working with django-piston to attempt to create an API that supports oAuth. I started out using the tutorial at: http://blog.carduner.net/2010/01/26/django-piston-and-oauth/ I added a consumer to piston's admin interface with key and secret both set to "abcd" for test purposes. The urls are successfully wired-up and the oAuth provider is called. However, running my get request token tests with tripit (python get_request_token.py "http://127.0.0.1:8000/api" abcd abcd), I receive the following error: Invalid signature. Expected signature base string: GET&http%3A%2F%2F127.0.0.1%3A8000%2Fapi%2Foauth%2Frequest_token%2F&oauth_consumer_key%3Dabcd%26oauth_nonce%3D0c0bdded5b1afb8eddf94f7ccc672658%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1275135410%26oauth_version%3D1.0 The problem seems to lie inside the _check_signature method of Piston's oauth.py, where valid_sig = signature_method.check_signature(oauth_request, consumer, token, signature) is returning false. I can't, however, work out how to get the signature validated. Any ideas?

Read the article
Facebook Graph and PHP API

- by Wes

I've been working at this for a few hours, but the poor documentation is of no help. All I want to do is grab the data that exists at https://graph.facebook.com/cocacola/ as an example, and I cant even do that. I'm using the latest php API from facebook. This is my code, which returns nothing: <?php require '../src/facebook.php'; // Create our Application instance. $facebook = new Facebook(array( 'appId' => '254752073152', 'secret' => '904270b68a2cc3d54485323652da4d14', 'cookie' => true, )); $coke = $facebook->api('/cocacola'); echo '<pre>'; print_r($coke); echo '</pre>'; Any idea?

Read the article
Using Google AppEngine app as a OAuth provider

- by Alistair

Hi, I'm using the Google AppEngine 1.3.4 SDK which offers to allow your application to act as a OAuth service provider (http://code.google.com/appengine/docs/python/oauth/). Setting up a standard application on my localhost and using the following: Request URL /_ah/OAuthGetRequestToken Authorize URL /_ah/OAuthAuthorizeToken Access Token URL /_ah/OAuthGetAccessToken The client application just gets sent to a page requesting to grant OAuth access even though no user is logged in. Clicking 'Grant access' results in a message saying 'OAuth access granted' with no tokens or anything exchange. Can't see how this could work when it's not even prompting for a login. As this functionality is quite new I can't find much out there. I've created a OAuth provider before in Rails and know that you need a Consumer Key and Secret, something that seems to be lacking in GAE? Any ideas on how to get OAuth working in a sample GAE project are most welcome.

Read the article
AES Encryption. From Python (pyCrypto) to .NET

- by Why

I am currently trying to port a legacy Python app over to .NET which contains AES encrpytion using from what I can tell pyCrpyto. I have very limited Python and Crypto experience. The code uses the snippet from the following page. http://www.djangosnippets.org/snippets/1095/ So far I believe I have managed to work out that it that it calls Crypto.Cipher with AES and the first 32 character of our secret key as the password, but no mode or IV. It also puts a prefix on the encrpyed text when it is added to database. What I can't work out is how I can decrypt the existing ecrypted database records in .NET. I have been looking at RijndaelManaged but it requires an IV and can't see any reference to one in python. Can anyone point me in the dirrection to what method could be used in .NET to get the desired result.

Read the article
Function to hide sloppy phone numbers..

- by Frank Malina

I need to hide phone numbers (and maybe other contact details) in user generated content to protect my users from anonymous web. Input is very random, therefore I'd be looking to replace anything that looks like a phone number (e.g.: string of 3 or more numbers) with just dots, and also perhaps remove some exotic notations of e-mail addresses. What is the best way to do this? Nice and slick, reusable. Give away your secret regexes. Write in any language. Except perhaps COBOL :) function privacy($str){ // protect phone numbers // protect e-mail addresses // protect web addresses }

Read the article
ASP.NET UserControl Inheritence

- by Craig

I have a UserControl that is working fine. It is declared like this. public partial class DynamicList : System.Web.UI.UserControl { protected static BaseListController m_GenericListController = null; public DynamicList() { m_GenericListController = new GenericListController(this); } } Now I want to override this control so I can change some of the properties. I have created a class like this. public partial class JobRunningList : DynamicList { public JobRunningList() { m_GenericListController = new JobListController(this); (m_GenericListController as GenericListController).ModuleId = 14; } } It appears that the controls in the DynamicList are not getting created though when I use the JobRunningList control now causing predictably bad results. The DynamicList UserControl has a ListView on it and a few other controls. It appears these are not created when using the JobRunningList. Is there any secret to this?

Read the article
Trouble making OAuth signed requests

- by behrk2

Hello, I am able to successfully make non-authenticated and protected calls to the Netflix API. I am having a little trouble making signed requests to the catalog, however. Using the OAuth Test page, it is clear to me that my Base String is correct. My request URL is also correct, except for the oauth_signature. The oauth_signature is the only thing that differs. If I understand correctly, the only difference between a protected call and a signed call is that there are no tokens involved, and that I am appending on call parameters (such as term). So, I am using the exact same code that I use for my protected calls that I am for my signed calls, except my signature key ONLY contains my shared secret (with an ampersand sign on the end of it). It does not use the access token. Am I missing something here? Where else can I be going wrong? Thanks!

Read the article
Tuple struct constructor complains about private fields

- by Grubermensch

I am working on a basic shell interpreter to familiarize myself with Rust. While working on the table for storing suspended jobs in the shell, I have gotten stuck at the following compiler error message: tsh.rs:8:18: 8:31 error: cannot invoke tuple struct constructor with private fields tsh.rs:8 let mut jobs = job::JobsList(vec![]); ^~~~~~~~~~~~~ It's unclear to me what is being seen as private here. As you can see below, both of the structs are tagged with pub in my module file. So, what's the secret sauce? tsh.rs use std::io; mod job; fn main() { // Initialize jobs list let mut jobs = job::JobsList(vec![]); loop { /*** Shell runtime loop ***/ } } job.rs use std::fmt; pub struct Job { jid: int, pid: int, cmd: String } impl fmt::Show for Job { /*** Formatter ***/ } pub struct JobsList(Vec<Job>); impl fmt::Show for JobsList { /*** Formatter ***/ }

Read the article
oauth process for twitter. the difference between client and web application

- by Radek

I managed to make the oauth process work for PIN kind of verification. My twitter application is client type. When enter authorize url into web browser and grant the application access then I have to enter pin in my ruby application. Can I finish the process of getting access token without the pin thing? My current code is like. What changes do I need to do to make it work without pin? gem 'oauth' require 'oauth/consumer' consumer_key = 'w855B2MEJWQr0SoNDrnBKA' consumer_secret ='yLK3Nk1xCWX30p07Id1ahxlXULOkucq5Rve28pNVwE' consumer=OAuth::Consumer.new consumer_key, consumer_secret, {:site=>"http://twitter.com"} request_token = consumer.get_request_token puts request_token.authorize_url puts "Hit enter when you have completed authorization." pin = STDIN.readline.chomp access_token = request_token.get_access_token(:oauth_verifier => pin) puts puts access_token.token puts access_token.secret

Read the article
Text rendering still blurry : Best font for WPF application?

- by Holli

I know this is a very subjective question but as text rendering in WPF is still an issue I have to make the best out of it. In WPF Application text tend to become blurry that is no secret. Also there are countless website about this topic and how you get around this problem. But I wonder ... text blurriness seems to affect some fonts more that others. So I am still looking for the best font available to get around this issue. So far I am still using Arial and it doesn't look good. But I am sure some other font are more suitable for the task at hand.

Read the article

< Previous Page | 148 149 150 151 152 153 154 155 156 157 158 159 | Next Page >