Search Results

Search found 15648 results on 626 pages for 'wcf security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 154/626 | < Previous Page | 150 151 152 153 154 155 156 157 158 159 160 161  | Next Page >

  • Microsoft Unveils Xbox SmartGlass

    SmartGlass won't be available to consumers until the fall, and if the reviews of the feature's capability are any indication, it's going to feel like a very long wait. SmartGlass lets you switch from watching something on your TV to watching it on your tablet or smartphone, and vice versa. But that's only the beginning. SmartGlass also lets developers turn smartphones and tablets into Xbox 360 controllers. Thus, if you're playing a sports-based game with your friends, you can enter your strategic plays into your smartphone, so he can't tell what your team is about to do. Or, with a baseball ga...

    Read the article

  • Protecting the integrity of a game state while minimizing amount of data sent

    - by espais
    I'm developing a game in PHP/jQuery, and naturally have to be wary of any sort of data coming from the client. At present, I have tables of data representing the map (2D roguelike), monsters, items, and player(s). Initially, my thought was to simply package it all in a JSON object and send it every game tick, however when actually looking at the data I realized that's quite a large packet to be sending. So, my question is what is a good approach for minimizing data sent to the client? Obviously I would need to figure out some way of validating whatever it sends back. Initially we'd hoped to do some minimal verification on the client-side, but each time we thought of one thing we could do it is immediately invalidated with tools like Firebug. Kind of an open question I realize, but we want to get this right before we move on with our implementation so we don't have to shoehorn in bugfixes later on.

    Read the article

  • Is the php method md5() secure? Can it be used for passwords? [migrated]

    - by awiebe
    So executing a php script causes the form values to be sent to the server, and then they are processed. If you want to store a password in your db than you want it to be a cryptographic hash(so your client side is secure, can you generate an md5 using php securely( without submitting the user:password pair in the clear), or is there an alternative standard method of doing this, without having the unecrypted pasword leaving the clients machine? Sorry if this is a stupid question I'm kind of new at this. I think this can be done somehow using https, and on that note if a site's login page does not use https, does that mean that while the databse storage is secure, the transportation is not?

    Read the article

  • How can robots beat CAPTCHAs?

    - by totymedli
    I have a website e-mail form. I use a custom CAPTCHA to prevent spam from robots. Despite this, I still get spam. Why? How do robots beat the CAPTCHA? Do they use some kind of advanced OCR or just get the solution from where it is stored? How can I prevent this? Should I change to another type of CAPTCHA? I am sure the e-mails are coming from the form, because it is sent from my email-sender that serves the form messages. Also the letter style is the same. For the record, I am using PHP + MySQL, but I'm not searching for a solution to this problem. I was interested in the general situation how the robots beat these technologies. I just told this situation as an example, so you can understand better what I'm asking about.

    Read the article

  • The server principal '<domain>\User' already exists. But it doesn’t

    - by simonsabin
    Interesting little situation occurred today, the person I was working with was trying to add a login to a server and was getting the following error. “The server principal '<domain>\User' already exists” They were using a command like this and couldn’t figure out why they were getting the error above because when they looked at the logins setup on the system the login definitely didn’t exist. CREATE LOGIN [<domain>\<user>] FROM WINDOWS WITH DEFAULT_DATABASE = [master] The...(read more)

    Read the article

  • secure offline PC storage accessible through javascript

    - by turbo2oh
    I'm attempting to build a browser-based HTML5 application that has the ability to store data locally on a PC (not mobile device) when offline. This data is sensitive and must be secure. Of course the trick is trying to find a way to be able to access the secure data with Javascript. I've ruled out browser local storage since its not secure. Could this be accomplished with a local database? If so, where could the DB credentials be stored? Javascript obviously doesn't seem like a good option to store them since its user-readable.

    Read the article

  • Good quality Secure Software Development Training [closed]

    - by Patrick
    Just had my annual appraisal and found out my company is willing to pay for training and exams etc! Woohoo (they kept that one quiet). I'm interested in doing a course on secure development techniques. Has anyone got any suggestions for good quality distance learning courses in secure development (I could probably get a couple of days off to attend a conference/ course if required)? We're mostly an MS .Net house but I have no particular allegiance to MS or any other programming language (though, obviously, C++ is the best language in the world). I have 12 years development experience working in (what are now) PCI:DSS environments, including designing and developing a key management system and I have some knowledge of basic attacks (XSS, injection etc). I would prefer a hard course I struggle with to a basic course I learn 3 things from (but hopefully get something right at my level). A quick google found these two course which look good: http://www.sans.org/course/secure-coding-net-developing-defensible-applications https://www.isc2.org/csslpedu/default.aspx I don't really know how to choose between them, and finding other courses isn't going to make that job any easier, so I thought I'd ask those who know. EDIT : Hmm, care to share the reason for your down vote, will help me learn how to use the site better...

    Read the article

  • Can a whitespace regex character be used to perform a javascript injection? [migrated]

    - by webose
    if I want to validate the input of a <textarea>, and want it to contain, for example, only numerical values, but even want to give users the possibility to insert new lines, I can selected wanted characters with a javascript regex that includes even the whitespace characters. /[0-9\s]/ The question is: do a whitecharacter can be used to perform injections, XSS,even if I think this last option is impossible, or any other type of attack ? thanks

    Read the article

  • Is having sensitive data in a PHP script secure? [closed]

    - by tkbx
    Possible Duplicate: What attributes of PHP make it insecure? I've heard that PHP is somewhat secure because Apache won't allow the download of raw PHP. Is this reliable, though? For example, if you wanted to password protect something, but didn't want to create a database, would something like $pass = "123454321"; be safe? Bottom line, is it safe to assume that nobody has access to the actual .php file?

    Read the article

  • Windows 8: Paradigm Shift

    You've probably heard a lot about the loss of the Start button in Windows 8. While it isn't completely lost - you can still get to it via a convoluted path - its disappearance is merely a sign of the rethinking that went into the operating system's creation. Window 8's designers made certain assumptions while building the new system: Users will interact with the operating system predominantly through a touch interface. Users will do their computing on mobile devices, and may in fact use several different devices for the same purposes. They may even want to get work done on devices they do n...

    Read the article

  • Is the using of dirname(__FILE__) a good practice?

    - by webose
    looking at the code of Joomla I see that in the first line of the index, it defines the base path of installation with the dirname(FILE) is this a font of possible risk for the site, I mean if a non controlled error message show the internal path of the Joomla directory, because of, for example a failed include, can it be used to perform some kind of attack to the site ? If yes, is it convenient to use this function ? Any idea is welcome. Thanks

    Read the article

  • Silverlight client never calls WCF Service

    - by Doug Nelson
    Hi all, This one has me completed stumped. I have developed a silverlight application that calls back to WCF services ( it's a silverlight - basicHttpBinding) The site works perfectly fine from my development machine, but when it is deployed to the developement server. The application is delivered with the XAP just fine, but it never attempts to talk to the service. I have a service call in the bootstrapper so it should be calling this when the client starts up. The services are healthy. They can be browsed to and show the standard WCF service display. We have been through the bindings many times and everything seems to be ok. I have added an extensive amount of error handling for displaying any errors, but on this dev server, no service calls and no errors are being raised. Fiddler shows the page being loaded up, but my client never issues a call to the service. The service is in the same folder as the default.aspx which hosts the Silverlight client. This is a Silverlight 3.0 app. Anybody ever seen anything similar?

    Read the article

  • Making an AJAX WCF Web Service request during an Async Postback

    - by nekno
    I want to provide status updates during a long-running task on an ASP.NET WebForms page with AJAX. Is there a way to get the ScriptManager to execute and process a script for a web service request during an async postback? I have a script on the page that makes a web service request. It runs on page load and periodically using setInterval(). It's running correctly before the async postback is initiated, but it stops running during the async postback, and doesn't run again until after the async postback completes. I have an UpdatePanel with a button to trigger an async postback, which executes the long-running task. I also have an instance of an AJAX WCF Web service that is working correctly to fetch data and present it on the page but, like I said, it doesn't fetch and present the data until after the async postback completes. During the async postback, the long-running task sends updates from the page to the web service. The problem is that I can debug and step through the web service and see that the status updates are correctly set, but the updates aren't retrieved by the client script until the async postback completes. It seems the Script Manager is busy executing the async postback, so it doesn't run my other JavaScript via setInterval() until the postback completes. Is there a way to get the Script Manager, or otherwise, to run the script to fetch data from the WCF web service during the async postback? I've tried various methods of using the PageRequestManager to run the script on the client-side BeginRequest event for the async postback, but it runs the script, then stops processing the code that should be running via setInterval() while the page request executes.

    Read the article

  • Making a concurrent AJAX WCF Web Service request during an Async Postback

    - by nekno
    I want to provide status updates during a long-running task on an ASP.NET WebForms page with AJAX. Is there a way to get the ScriptManager to execute and process a script for a web service request concurrently with an async postback? I have a script on the page that makes a web service request. It runs on page load and periodically using setInterval(). It's running correctly before the async postback is initiated, but it stops running during the async postback, and doesn't run again until after the async postback completes. I have an UpdatePanel with a button to trigger an async postback, which executes the long-running task. I also have an instance of an AJAX WCF Web service that is working correctly to fetch data and present it on the page but, like I said, it doesn't fetch and present the data until after the async postback completes. During the async postback, the long-running task sends updates from the page to the web service. The problem is that I can debug and step through the web service and see that the status updates are correctly set, but the updates aren't retrieved by the client script until the async postback completes. It seems the Script Manager is busy executing the async postback, so it doesn't run my other JavaScript via setInterval() until the postback completes. Is there a way to get the Script Manager, or otherwise, to run the script to fetch data from the WCF web service during the async postback? I've tried various methods of using the PageRequestManager to run the script on the client-side BeginRequest event for the async postback, but it runs the script, then stops processing the code that should be running via setInterval() while the page request executes.

    Read the article

  • Classic ASP to WCF using the Service Moniker

    - by Jab
    I am trying to consume a WCF logging service from classic ASP without deploy a Com wrapper. I found a method of doing so here. Here is the vb script, simplified. Dim addr addr = "service:mexAddress=""net.pipe://localhost/Services/Logging/LoggingManager/Mex""," _ & "address=""net.pipe://localhost/Services/Logging/LoggingManager/classic/""," _ & "contract=""ILoggingManagerClassic"", contractNamespace=""http://Services.Logging.Classic/""," _ & "binding=""NetNamedPipeBinding_ILoggingManagerClassic"", bindingNamespace=""http://Services.Logging.Classic/""" set objErrorLogger = GetObject(addr) Dim strError : strError = objErrorLogger.LogError("blahblah") This works on Server 2008, but fails with this error on Server 2003. Failed to do mex retrieval:Metadata contains a reference that cannot be resolved: net.pipe://localhost/Services/Logging/LoggingManager/Mex.. Only when running through ASP does it fail, a sample VBS file on the same machine using the same code works fine. I think it may be permission related, but don't know where to begin. Anyone have any ideas? EDIT - let me clarify that the WCF host is a windows service running as NETWORK SERVICE. If this belongs on server fault, a moderator can move it. I have an account there as well.

    Read the article

  • wcf 4.0 service on IIS7

    - by Jan
    I am currently developing a service with wcf 4.0 (visual studio 2010 RC). When I try my service on the Visual Studio Development Server, it all works perfect. However, when I tree to run my service on IIS7 on a windows 7 machine, the service doesn't work anymore. (I already changed the framework version on my application pool). When I call an operation on the service, like the default operation GetData when I create a service, I get an error. I used the WCF test client to connect to the service. When I call the operation on the service, the Visual Studio Just-In-Time debugger shows the following message: An unhandled win32 exception occured in w3wp.exe The Just-In-Time debugger was launched without necessary security permissions. To debug this proces, the JIT debugger must be run as an administrator. Would you like to debug the proces? As far as I know, I am running Visual Studio as an administrator and this is probably the process that starts the JIT debugger. The only option I have is to debug the W3WP process, which is probably not the right thing to do. What can I do the make the Service to run on IIS7?

    Read the article

  • WCF REST with jQuery AJAX - removing/working around same origin policy

    - by csauve
    So I'm trying to create a C# WCF REST service that is called by jQuery. I've discovered that jQuery requires that AJAX calls are made under the same origin policy. I have a few questions for how I might proceed. I am already aware of; 1. The hacky solution of JSONP with a server callback 2. The way too much server overhead of having a cross-domain proxy. 3. Using Flash in the browser to make the call and setting up crossdomain.xml at my WCF server root. I'd rather not use these because; 1. I don't want to use JSON, or at least I don't want to be restricted to using it 2. I would like to separate the server that serves static pages from the one that serves application state. 3. Flash in this day in age is out of the question. What I'm thinking: is there anything like Flash's crossdomain.xml file that works for jQuery? Is this "same-origin" policy a part of jQuery or is it a restriction in specific browsers? If it's just a part of jQuery, maybe I'll try digging in the code to work around it.

    Read the article

  • How to Store State in Silverlight WCF RIA Services

    - by peter
    Hi All, I am developing a silverlight 3 application using WCF RIA services. I am using the AuthenticationBase class to handle my authentication. As I understand it under the hood this uses the ASP .NET authentication libraries. When I log into the site the authentication service handles login state so that if I close the site and open it straight away I am still logged in according to the server. When the webpage is refreshed or closed and reloaded I can call the method, WebContextBase.Current.Authentication.LoadUser() And it goes back to the authentication service (running on the server) and figures out whether I am still logged into the site. If a timeout has occured the answer will be no. If that is the case I can show a login dialog. The problem I want to solve is that the authentication service consumes the password, and there is no way I can ever retrieve that password again. If the user logs into the site I want to store the password on the server, and return a token to the client side to match up with that password. I have some other services on the server side that need that password. So where should I store that password on the server? How can that be done? How does the WCF authentication store state?

    Read the article

  • WCF webHttpBinding with jQuery AJAX - removing/working around same origin policy

    - by csauve
    So I'm trying to create a C# WCF REST service that is called by jQuery. I've discovered that jQuery requires that AJAX calls are made under the same origin policy. I have a few questions for how I might proceed. I am already aware of; 1. The hacky solution of JSONP with a server callback 2. The way too much server overhead of having a cross-domain proxy. 3. Using Flash in the browser to make the call and setting up crossdomain.xml at my WCF server root. I'd rather not use these because; 1. I don't want to use JSON, or at least I don't want to be restricted to using it 2. I would like to separate the server that serves static pages from the one that serves application state. 3. Flash in this day in age is out of the question. What I'm thinking: is there anything like Flash's crossdomain.xml file that works for jQuery? Is this "same-origin" policy a part of jQuery or is it a restriction in specific browsers? If it's just a part of jQuery, maybe I'll try digging in the code to work around it.

    Read the article

  • WCF + Azure = Nightmare!

    - by lsb
    Hi! I've spent the prior week trying to get a secure form of WCF to work on Azure, but all to no avail! My use case is pretty simple. I want to call a WCF endpoint in the cloud and pass messages to be queued for a Worker Role. Beyond that I want to limit access to pre-authrorized users, authenticated via username & password. I've tried to get this working with Transport, TransportWithMessageCredential and Message security but nothing seems to work. Indeed, I've worked through every example and snippet that I could find, most recently the "Service using binary HTTP binding with transport security and message credentials and Silverlight client" example on the http://code.msdn.microsoft.com/wcfazure page. I'm pretty sure that I'm being knocked down by small bugs and beta changes but the end result is that I'm totally stuck. This is a critical path item for me so any suggestions would be greatly appreciated. A complete working example or a walkthrough would be even better!

    Read the article

  • asp.net, wcf authentication and caching

    - by andrew
    I need to place my app business logic into a WCF service. The service shouldn't be dependent on ASP.NET and there is a lot of data regarding the authenticated user which is frequently used in the business logic hence it's supposed to be cached (probably using a distributed cache). As for authentication - I'm going to use two level authentication: Front-End - forms authentication back-end (WCF Service) - message username authentication. For both authentications the same custom membership provider is supposed to be used. To cache the authenticated user data, I'm going to implement two service methods: 1) Authenticate - will retrieve the needed data and place it into the cache(where username will be used as a key) 2) SignOut - will remove the data from the cache Question 1. Is correct to perform authentication that way (in two places) ? Question 2. Is this caching strategy worth using or should I look at using aspnet compatible service and asp.net session ? Maybe, these questions are too general. But, anyway I'd like to get any suggestions or recommendations. Any Idea

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 150 151 152 153 154 155 156 157 158 159 160 161  | Next Page >