Search Results

Search found 25786 results on 1032 pages for 'oracle adf security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 158/1032 | < Previous Page | 154 155 156 157 158 159 160 161 162 163 164 165  | Next Page >

  • DIA2012

    - by Chris Kawalek
    If you've read this blog before, you probably know that Oracle desktop virtualization is used to demonstrate Oracle Applications at many different trade shows. This week, the Oracle desktop team is at DIA2012 in Philadelphia, PA. The DIA conference is a large event, hosting about 7,000 professionals in the pharmaceutical, bio technology, and medical device fields. Healthcare and associated fields are leveraging desktop virtualization because the model is a natural fit due to their high security requirements. Keeping all the data on the server and not distributing it on laptops or PCs that could be stolen makes a lot of sense when you're talking about patient records and other sensitive information. We're proud to be supporting the Oracle Health Sciences team at DIA2012 by hosting all of the Oracle healthcare related demos on a central server, and providing simple, smart card based access using our Sun Ray Clients. And remember that you're not limited to using just Sun Ray Clients--you can also use the Oracle Virtual Desktop Client and freely move your session from your iPad, your Windows or Linux PC, your Mac, or Sun Ray Clients. It's a truly mobile solution for an industry that requires mobile, secure access in order to remain compliant. Here are some pics from the show: We also have an informative PDF on Oracle desktop virtualization and Oracle healthcare that you can have a look at.  (Many thanks to Adam Workman for the pics!) -Chris  For more information, please go to the Oracle Virtualization web page, or  follow us at :  Twitter   Facebook YouTube Newsletter

    Read the article

  • Join the SOA and BPM Customer Insight Series

    - by Dain C. Hansen
    Summer is here! So put on your shades, kick back by the pool and watch the latest SOA and BPM customer insight series from Oracle. You’ll hear directly from some of Oracle’s most well respected customers across a range of deployments, industries, and use cases. You’ve heard us tell you the advantages of Oracle SOA and Oracle BPM. But this time, listen to what our customers are saying: See Rain Fletcher, VP of Application Development and Architecture at Choice Hotels, describe how they successfully made the transition from a complex legacy environment into a faster time-to-market shared services infrastructure as they implemented their event-driven Google API project. Listen to the County of San Joaquin, California discuss how they transformed to a services-oriented architecture and business process management platform to gain efficiency and greater visibility of mission critical information important to citizen public safety. Hear from Eaton, a global power management company, review innovative strategies for a successful application integration implementation, specifically the advantages of transitioning from TIBCO to using Oracle SOA and Oracle Fusion Applications.  Learn how Nets Denmark A/S implemented Oracle Unified Business Process Management Suite in just five months. Review the implementation overview from start to production, including integration with legacy systems. And finally, listen to Farmers Insurance share their SOA reference architecture as well as a timeline for how their services were deployed as well as the benefits for moving to an Oracle SOA-based application infrastructure.  Don’t miss the webcast series. Catch the first one on June 21st at 10AM PST with Rain Fletcher from Choice Hotels, and Bruce Tierney, Director Oracle SOA Suite. Register today!

    Read the article

  • .NET Security Part 4

    - by Simon Cooper
    Finally, in this series, I am going to cover some of the security issues that can trip you up when using sandboxed appdomains. DISCLAIMER: I am not a security expert, and this is by no means an exhaustive list. If you actually are writing security-critical code, then get a proper security audit of your code by a professional. The examples below are just illustrations of the sort of things that can go wrong. 1. AppDomainSetup.ApplicationBase The most obvious one is the issue covered in the MSDN documentation on creating a sandbox, in step 3 – the sandboxed appdomain has the same ApplicationBase as the controlling appdomain. So let’s explore what happens when they are the same, and an exception is thrown. In the sandboxed assembly, Sandboxed.dll (IPlugin is an interface in a partially-trusted assembly, with a single MethodToDoThings on it): public class UntrustedPlugin : MarshalByRefObject, IPlugin { // implements IPlugin.MethodToDoThings() public void MethodToDoThings() { throw new EvilException(); } } [Serializable] internal class EvilException : Exception { public override string ToString() { // show we have read access to C:\Windows // read the first 5 directories Console.WriteLine("Pwned! Mwuahahah!"); foreach (var d in Directory.EnumerateDirectories(@"C:\Windows").Take(5)) { Console.WriteLine(d.FullName); } return base.ToString(); } } And in the controlling assembly: // what can possibly go wrong? AppDomainSetup appDomainSetup = new AppDomainSetup { ApplicationBase = AppDomain.CurrentDomain.SetupInformation.ApplicationBase } // only grant permissions to execute // and to read the application base, nothing else PermissionSet restrictedPerms = new PermissionSet(PermissionState.None); restrictedPerms.AddPermission( new SecurityPermission(SecurityPermissionFlag.Execution)); restrictedPerms.AddPermission( new FileIOPermission(FileIOPermissionAccess.Read, appDomainSetup.ApplicationBase); restrictedPerms.AddPermission( new FileIOPermission(FileIOPermissionAccess.pathDiscovery, appDomainSetup.ApplicationBase); // create the sandbox AppDomain sandbox = AppDomain.CreateDomain("Sandbox", null, appDomainSetup, restrictedPerms); // execute UntrustedPlugin in the sandbox // don't crash the application if the sandbox throws an exception IPlugin o = (IPlugin)sandbox.CreateInstanceFromAndUnwrap("Sandboxed.dll", "UntrustedPlugin"); try { o.MethodToDoThings() } catch (Exception e) { Console.WriteLine(e.ToString()); } And the result? Oops. We’ve allowed a class that should be sandboxed to execute code with fully-trusted permissions! How did this happen? Well, the key is the exact meaning of the ApplicationBase property: The application base directory is where the assembly manager begins probing for assemblies. When EvilException is thrown, it propagates from the sandboxed appdomain into the controlling assembly’s appdomain (as it’s marked as Serializable). When the exception is deserialized, the CLR finds and loads the sandboxed dll into the fully-trusted appdomain. Since the controlling appdomain’s ApplicationBase directory contains the sandboxed assembly, the CLR finds and loads the assembly into a full-trust appdomain, and the evil code is executed. So the problem isn’t exactly that the sandboxed appdomain’s ApplicationBase is the same as the controlling appdomain’s, it’s that the sandboxed dll was in such a place that the controlling appdomain could find it as part of the standard assembly resolution mechanism. The sandbox then forced the assembly to load in the controlling appdomain by throwing a serializable exception that propagated outside the sandbox. The easiest fix for this is to keep the sandbox ApplicationBase well away from the ApplicationBase of the controlling appdomain, and don’t allow the sandbox permissions to access the controlling appdomain’s ApplicationBase directory. If you do this, then the sandboxed assembly can’t be accidentally loaded into the fully-trusted appdomain, and the code can’t be executed. If the plugin does try to induce the controlling appdomain to load an assembly it shouldn’t, a SerializationException will be thrown when it tries to load the assembly to deserialize the exception, and no damage will be done. 2. Loading the sandboxed dll into the application appdomain As an extension of the previous point, you shouldn’t directly reference types or methods in the sandboxed dll from your application code. That loads the assembly into the fully-trusted appdomain, and from there code in the assembly could be executed. Instead, pull out methods you want the sandboxed dll to have into an interface or class in a partially-trusted assembly you control, and execute methods via that instead (similar to the example above with the IPlugin interface). If you need to have a look at the assembly before executing it in the sandbox, either examine the assembly using reflection from within the sandbox, or load the assembly into the Reflection-only context in the application’s appdomain. The code in assemblies in the reflection-only context can’t be executed, it can only be reflected upon, thus protecting your appdomain from malicious code. 3. Incorrectly asserting permissions You should only assert permissions when you are absolutely sure they’re safe. For example, this method allows a caller read-access to any file they call this method with, including your documents, any network shares, the C:\Windows directory, etc: [SecuritySafeCritical] public static string GetFileText(string filePath) { new FileIOPermission(FileIOPermissionAccess.Read, filePath).Assert(); return File.ReadAllText(filePath); } Be careful when asserting permissions, and ensure you’re not providing a loophole sandboxed dlls can use to gain access to things they shouldn’t be able to. Conclusion Hopefully, that’s given you an idea of some of the ways it’s possible to get past the .NET security system. As I said before, this post is not exhaustive, and you certainly shouldn’t base any security-critical applications on the contents of this blog post. What this series should help with is understanding the possibilities of the security system, and what all the security attributes and classes mean and what they are used for, if you were to use the security system in the future.

    Read the article

  • Security precautions and techniques for a User-submitted Code Demo Area

    - by Jack W-H
    Hey folks Maybe this isn't really feasible. But basically, I've been developing a snippet-sharing website and I would like it to have a 'live demo area'. For example, you're browsing some snippets and click the Demo button. A new window pops up which executes the web code. I understand there are a gazillion security risks involved in doing this - XSS, tags, nasty malware/drive by downloads, pr0n, etc. etc. etc. The community would be able to flag submissions that are blatantly naughty but obviously some would go undetected (and, in many cases, someone would have to fall victim to discover whatever nasty thing was submitted). So I need to know: What should I do - security wise - to make sure that users can submit code, but that nothing malicious can be run - or executed offsite, etc? For your information my site is powered by PHP using CodeIgniter. Jack

    Read the article

  • Don't Miss All the OEPE Action at OOW and JavaOne

    - by Juan Camilo Ruiz
    This year at Oracle Open World the OEPE team will be participating in various activities along the week. Here is the summary of all them: mark your calendars and secure your spot, we'll be showing all the new and exciting that we have been working on. Sessions: Mon 1 Oct, 2012 Time Title Location 10:45 AM - 11:45 AM General Session: The Future of Development for Oracle Fusion—From Desktop to Mobile to Cloud Marriott Marquis - Salon 8 4:45 PM - 5:45 PM General Session: Building Mobile Applications with Oracle Cloud Moscone West - 2002/2004 3:15 PM - 4:15 PM End-to-End Oracle ADF Development in Eclipse Marriott Marquis - Golden Gate C3 Wed 3 Oct, 2012 Time Title Location 3:30 PM - 4:30 PM Oracle Developer Cloud Services Marriott Marquis - Salon 7 Hands-On Lab: Thur 4 Oct, 2012 Time Title Location 12:45 PM - 1:45 PM Oracle ADF for Java EE Developers with Oracle Enterprise Pack for Eclipse Marriott Marquis - Salon 3/4 Also you can see live demos throughout the week at our demo booths over in JavaOne and Moscone Center Demos Demo Location Cloud Developer Moscone North, Upper Lobby - N-002 Oracle Eclipse Projects Hilton San Francisco, Grand Ballroom - HHJ-008 Oracle Enterprise Pack for Eclipse Moscone South, Right - S-208 Also the OEPE team will be at the first ADF Developer Meetup at OOW, on Wednesday from 4.30 p.m - 5.30 p.m  at the OTN Lounge. Let's have a beer and let us know what you think about the product. See you in San Francisco! 

    Read the article

  • Spring 3 - Custom Security

    - by Eqbal
    I am in the process of converting a legacy application from proprietary technology to a Spring based web app, leaving the backend system as is. The login service is provided by the backend system through a function call that takes in some parameter (username, password plus some others) and provides an output that includes the authroizations for the user and other properties like firstname, lastname etc. What do I need to do to weave this into Spring 3.0 security module. Looks like I need to provide a custom AuthenticationProvider implementation (is this where I call the backend function?). Do I also need a custom User and UserDetailsService implementation which needs loadUserByName(String userName)? Any pointers on good documentation for this? The reference that came with the download is okay, but doesn't help too much in terms of implementing custom security.

    Read the article

  • The Unintended Consequences of Sound Security Policy

    - by Tanu Sood
    v\:* {behavior:url(#default#VML);} o\:* {behavior:url(#default#VML);} w\:* {behavior:url(#default#VML);} .shape {behavior:url(#default#VML);} Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:10.0pt; font-family:"Calibri","sans-serif"; mso-bidi-font-family:"Times New Roman";} Author: Kevin Moulton, CISSP, CISM Meet the Author: Kevin Moulton, Senior Sales Consulting Manager, Oracle Kevin Moulton, CISSP, CISM, has been in the security space for more than 25 years, and with Oracle for 7 years. He manages the East Enterprise Security Sales Consulting Team. He is also a Distinguished Toastmaster. Follow Kevin on Twitter at twitter.com/kevin_moulton, where he sometimes tweets about security, but might also tweet about running, beer, food, baseball, football, good books, or whatever else grabs his attention. Kevin will be a regular contributor to this blog so stay tuned for more posts from him. When I speak to a room of IT administrators, I like to begin by asking them if they have implemented a complex password policy. Generally, they all nod their heads enthusiastically. I ask them if that password policy requires long passwords. More nodding. I ask if that policy requires upper and lower case letters – faster nodding – numbers – even faster – special characters – enthusiastic nodding all around! I then ask them if their policy also includes a requirement for users to regularly change their passwords. Now we have smiles with the nodding! I ask them if the users have different IDs and passwords on the many systems that they have access to. Of course! I then ask them if, when they walk around the building, they see something like this: Thanks to Jake Ludington for the nice example. Can these administrators be faulted for their policies? Probably not but, in the end, end-users will find a way to get their job done efficiently. Post-It Notes to the rescue! I was visiting a business in New York City one day which was a perfect example of this problem. First I walked up to the security desk and told them where I was headed. They asked me if they should call upstairs to have someone escort me. Is that my call? Is that policy? I said that I knew where I was going, so they let me go. Having the conference room number handy, I wandered around the place in a search of my destination. As I walked around, unescorted, I noticed the post-it note problem in abundance. Had I been so inclined, I could have logged in on almost any machine and into any number of systems. When I reached my intended conference room, I mentioned my post-it note observation to the two gentlemen with whom I was meeting. One of them said, “You mean like this,” and he produced a post it note full of login IDs and passwords from his breast pocket! I gave him kudos for not hanging the list on his monitor. We then talked for the rest of the meeting about the difficulties faced by the employees due to the security policies. These policies, although well-intended, made life very difficult for the end-users. Most users had access to 8 to 12 systems, and the passwords for each expired at a different times. The post-it note solution was understandable. Who could remember even half of them? What could this customer have done differently? I am a fan of using a provisioning system, such as Oracle Identity Manager, to manage all of the target systems. With OIM, and email could be automatically sent to all users when it was time to change their password. The end-users would follow a link to change their password on a web page, and then OIM would propagate that password out to all of the systems that the user had access to, even if the login IDs were different. Another option would be an Enterprise Single-Sign On Solution. With Oracle eSSO, all of a user’s credentials would be stored in a central, encrypted credential store. The end-user would only have to login to their machine each morning and then, as they moved to each new system, Oracle eSSO would supply the credentials. Good-bye post-it notes! 3M may be disappointed, but your end users will thank you. I hear people say that this post-it note problem is not a big deal, because the only people who would see the passwords are fellow employees. Do you really know who is walking around your building? What are the password policies in your business? How do the end-users respond?

    Read the article

  • TFS Security and Documents Folder

    - by pm_2
    I'm getting an issue with TFS where the documents folder is marked with a red cross. As far as I can tell, this seems to be a security issue, however, I am set-up as project admin on the relevant projects. I’ve come to the conclusion that it’s a security issue from running the TFS Project Admin tool (available here). When I run this, it tells me that I don’t have sufficient access rights to open the project. I’ve checked, and I’m not included in any groups that are denied access. Please can anyone shed any light as to why I may not have sufficient access to these projects?

    Read the article

  • Spring security oauth2 provider to secure non-spring api

    - by user1241320
    I'm trying to set up an oauth 2.0 provider that should "secure" our restful api using spring-security-oauth. Being a 'spring fan' i thought it could be the quicker solution. main point is this restful thingie is not a spring based webapp. boss says the oauth provider should be a separate application, but i'm starting to doubt that. (got this impression by reading spring-security-oauth) i'm also new here so haven't really got my hands into this other (jersey-powered) restul api (core of our business). any help/hint will be much appreciated.

    Read the article

  • Enablement 2.0 Get Specialized!

    - by mseika
    Enablement 2.0 Get Specialized! The Oracle PartnerNetwork Specialized program is releasing new certifications on our latest products, and partners are invited to be the first candidates to get certified. Oracle's Certified Exams go through a rigorous review process called a "beta period". Here are a few advantages of taking a Beta Exam: Certification exams taken during the beta period count towards company Specializations. Most new Certified Specialist Exams have no training requirement. Beta Exams Vouchers are available in limited quantity, so request a voucher today by contacting the Partner Enablement Team and act fast to reserve your test from the list below. FREE Certification Testing Are you attending OPN Exchange @ OpenWorld? Then join us at OPN Specialist Test Fest! October 1st - 4th 2012, Marriott Marquis Hotel Pre-register now! Beta testing period will end on October, 6th, 2012 for the following exams: Oracle E-Business Suite R12 Project Essentials (1Z1-511) Beta testing period will end on October, 13th, 2012 for the following exams: Oracle Hyperion Data Relationship Management Essentials (1Z1-588) Beta testing period will end on November, 17th, 2012 for the following exams: Oracle Global Trade Management 6 Essentials (1Z1-589) Exams Coming Soon in Beta Oracle Fusion Distributed Order Orchestration Essentials Exam (1Z1-469) Take the exam(s) now at a near-by Pearson VUE testing center! Contact Us Please direct any inquiries you may have to the Oracle Partner Enablement team at [email protected] For More Information Oracle Certification Program Beta Exams OPN Certified Specialist Exam Study Guides OPN Certified Specialist FAQ

    Read the article

  • Enablement 2.0 Get Specialized!

    - by mseika
    Enablement 2.0 Get Specialized! The Oracle PartnerNetwork Specialized program is releasing new certifications on our latest products, and partners are invited to be the first candidates to get certified. Oracle's Certified Exams go through a rigorous review process called a "beta period". Here are a few advantages of taking a Beta Exam: Certification exams taken during the beta period count towards company Specializations. Most new Certified Specialist Exams have no training requirement. Beta Exams Vouchers are available in limited quantity, so request a voucher today by contacting the Partner Enablement Team and act fast to reserve your test from the list below. FREE Certification Testing Are you attending OPN Exchange @ OpenWorld? Then join us at OPN Specialist Test Fest! October 1st - 4th 2012, Marriott Marquis Hotel Pre-register now! Beta testing period will end on October, 6th, 2012 for the following exams: Oracle E-Business Suite R12 Project Essentials (1Z1-511) Beta testing period will end on October, 13th, 2012 for the following exams: Oracle Hyperion Data Relationship Management Essentials (1Z1-588) Beta testing period will end on November, 17th, 2012 for the following exams: Oracle Global Trade Management 6 Essentials (1Z1-589) Exams Coming Soon in Beta Oracle Fusion Distributed Order Orchestration Essentials Exam (1Z1-469) Take the exam(s) now at a near-by Pearson VUE testing center! Contact Us Please direct any inquiries you may have to the Oracle Partner Enablement team at [email protected] For More Information Oracle Certification Program Beta Exams OPN Certified Specialist Exam Study Guides OPN Certified Specialist FAQ

    Read the article

  • Enablement 2.0 Get Specialized!

    - by mseika
    Enablement 2.0 Get Specialized! The Oracle PartnerNetwork Specialized program is releasing new certifications on our latest products, and partners are invited to be the first candidates to get certified. Oracle's Certified Exams go through a rigorous review process called a "beta period". Here are a few advantages of taking a Beta Exam: Certification exams taken during the beta period count towards company Specializations. Most new Certified Specialist Exams have no training requirement. Beta Exams Vouchers are available in limited quantity, so request a voucher today by contacting the Partner Enablement Team and act fast to reserve your test from the list below. FREE Certification Testing Are you attending OPN Exchange @ OpenWorld? Then join us at OPN Specialist Test Fest! October 1st - 4th 2012, Marriott Marquis Hotel Pre-register now! Beta testing period will end on October, 6th, 2012 for the following exams: Oracle E-Business Suite R12 Project Essentials (1Z1-511) Beta testing period will end on October, 13th, 2012 for the following exams: Oracle Hyperion Data Relationship Management Essentials (1Z1-588) Beta testing period will end on November, 17th, 2012 for the following exams: Oracle Global Trade Management 6 Essentials (1Z1-589) Exams Coming Soon in Beta Oracle Fusion Distributed Order Orchestration Essentials Exam (1Z1-469) Take the exam(s) now at a near-by Pearson VUE testing center! Contact Us Please direct any inquiries you may have to the Oracle Partner Enablement team at [email protected] For More Information Oracle Certification Program Beta Exams OPN Certified Specialist Exam Study Guides OPN Certified Specialist FAQ

    Read the article

  • Enablement 2.0 Get Specialized!

    - by mseika
    Enablement 2.0 Get Specialized! The Oracle PartnerNetwork Specialized program is releasing new certifications on our latest products, and partners are invited to be the first candidates to get certified. Oracle's Certified Exams go through a rigorous review process called a "beta period". Here are a few advantages of taking a Beta Exam: Certification exams taken during the beta period count towards company Specializations. Most new Certified Specialist Exams have no training requirement. Beta Exams Vouchers are available in limited quantity, so request a voucher today by contacting the Partner Enablement Team and act fast to reserve your test from the list below. FREE Certification Testing Are you attending OPN Exchange @ OpenWorld? Then join us at OPN Specialist Test Fest! October 1st - 4th 2012, Marriott Marquis Hotel Pre-register now! Beta testing period will end on October, 6th, 2012 for the following exams: Oracle E-Business Suite R12 Project Essentials (1Z1-511) Beta testing period will end on October, 13th, 2012 for the following exams: Oracle Hyperion Data Relationship Management Essentials (1Z1-588) Beta testing period will end on November, 17th, 2012 for the following exams: Oracle Global Trade Management 6 Essentials (1Z1-589) Exams Coming Soon in Beta Oracle Fusion Distributed Order Orchestration Essentials Exam (1Z1-469) Take the exam(s) now at a near-by Pearson VUE testing center! Contact Us Please direct any inquiries you may have to the Oracle Partner Enablement team at [email protected] For More Information Oracle Certification Program Beta Exams OPN Certified Specialist Exam Study Guides OPN Certified Specialist FAQ

    Read the article

  • Platinum Services – The Highest Level of Service in the Industry

    - by cwarticki
    Oracle Platinum Services provides remote fault monitoring with faster response times and patch deployment services to qualified Oracle Premier Support customers – at no additional cost. We know that disruptions in IT systems availability can seriously impact business performance. That’s why we engineer our hardware and software to work together. Oracle engineered systems are pre-integrated to reduce the cost and complexity of IT infrastructures while increasing productivity and performance. And now, customers who choose the extreme performance of Oracle engineered systems have the power to access the added support they need – Oracle Platinum Services – to further optimize for high availability at no additional cost.  In addition to receiving the complete support essentials with Oracle Premier Support, qualifying Oracle Platinum Services customers also receive: •     24/7 Oracle remote fault monitoring •    Industry-leading response and restore times o   5-Minute Fault Notification o   15-Minute Restoration or Escalation to Development o   30-Minute Joint Debugging with Development •    Update and patch deployment Visit us online to learn more about how to get Oracle Platinum Services

    Read the article

  • GWT HTML widget security risks

    - by h2g2java
    In GWT javadoc, we are advised If you only need a simple label (text, but not HTML), then the Label widget is more appropriate, as it disallows the use of HTML, which can lead to potential security issues if not used properly. I would like to be educated/reminded about the security susceptibilities? It would be nice to list the description of the mechanisms of those risks. Are the susceptibilities equally potent on GAE vs Amazon vs my home linux server? Are they equally potent across the browser brands? Thank you.

    Read the article

  • Control Menu Items based on Privileges of Logged In User with spring security

    - by Nirmal
    Hi All... Based on this link I have incorporated the spring security core module with my grails project... I am using the Requestmap concept by storing each role, user and requestmap inside the database only... Now my requirement is to provide the menu items based on the users assigned roles... For e.g.: If my "User" Main Menu have following Items : Dashboard Import User Manage User And if I have assigned a roles of Dashboard and Import User to the user with a username "auditor" then, only following Menu items should be displayed on the screen : User (Main Menu) - Dashboard (sub menu) - Import User (sub menu) I have explored the Spring Security ACL plugin for the same, but it's using the Domain classes to get it working... So, wanted to know the convenient way to do so... Thanks in advance...

    Read the article

  • Sand, Sun and Partner Fun

    - by Kristin Rose
    Last Memorial Day weekend marked the unofficial start of summer and a time to remember those who fight for our freedom each day. It was a weekend complete with BBQ’s, beach time, and of course plenty of sunshine. Here at OPN, the start of summer marks an exciting time no doubt; a time where we finalize and fine tune some Oracle OpenWorld partner events, like this year’s Oracle PartnerNetwork Exchange @ OpenWorld program! Oracle is launching the new Oracle PartnerNetwork Exchange program to offer a new look and feel for partners attending OpenWorld. Get your bathing suits ready because this week long event will feature new deep dive content that will have you swimming in networking opportunities, including an Oracle Partner keynote with Oracle executives like Judson Althoff, SVP of WWA&C. For those who have already registered, be sure to bring your sunscreen as you take part in some exclusive, first degree exposure to Oracle’s top experts, providing a unique and unified partner experience.For those partners wanting to make a real splash, don’t forget that you will be able to complete OPN Certification testing onsite at Oracle OpenWorld. To learn more about the many opportunities and ways to engage with Oracle and other partners, watch the below video hosted by Lydia Smyers, GVP of WWA&C.Wishing you sun and fun,The OPN Communications Team

    Read the article

  • Using OAuth along with spring security, grails

    - by GroovyUser
    I have grails app which runs on the spring security plugin. It works with no problem. I wish I could give the users the way to connect with Facebook and social networking site. So I decided to use Spring Security OAuth plugin. I have configured the plugin. Now I want user can access both via normal local account and also the OAuth authentication. More precisely I have a controller like this: @Secured(['IS_AUTHENTICATED_FULLY']) def test() { render "Home page!!!" } Now I want this controller to be accessed with OAuth authentication too. Is that possible to do so?

    Read the article

  • Understanding CGI and SQL security from the ground up

    - by Steve
    This question is for learning purposes. Suppose I am writing a simple SQL admin console using CGI and Python. At http://something.com/admin, this admin console should allow me to modify a SQL database (i.e., create and modify tables, and create and modify records) using an ordinary form. In the least secure case, anybody can access http://something.com/admin and modify the database. You can password protect http://something.com/admin. But once you start using the admin console, information is still transmitted in plain text. So then you use HTTPS to secure the transmitted data. Questions: To describe to a learner, how would you incrementally add security to the least secure environment in order to make it most secure? How would you modify/augment my three (possibly erroneous) steps above? What basic tools in Python make your steps possible? Optional: Now that I understand the process, how do sophisticated libraries and frameworks inherently achieve this level of security?

    Read the article

  • Enablement 2.0 Get Specialized!

    - by mseika
    Enablement 2.0 Get Specialized! The Oracle PartnerNetwork Specialized program is releasing new certifications on our latest products, and partners are invited to be the first candidates to get certified. Oracle's Certified Exams go through a rigorous review process called a "beta period". Here are a few advantages of taking a Beta Exam: Certification exams taken during the beta period count towards company Specializations. Most new Certified Specialist Exams have no training requirement. Beta Exams Vouchers are available in limited quantity, so request a voucher today by contacting the Partner Enablement Team and act fast to reserve your test from the list below. FREE Certification Testing Are you attending OPN Exchange @ OpenWorld? Then join us at OPN Specialist Test Fest! October 1st - 4th 2012, Marriott Marquis Hotel Pre-register now! Beta testing period will end on October, 6th, 2012 for the following exams: Oracle E-Business Suite R12 Project Essentials (1Z1-511) Beta testing period will end on October, 13th, 2012 for the following exams: Oracle Hyperion Data Relationship Management Essentials (1Z1-588) Beta testing period will end on November, 17th, 2012 for the following exams: Oracle Global Trade Management 6 Essentials (1Z1-589) Exams Coming Soon in Beta Oracle Fusion Distributed Order Orchestration Essentials Exam (1Z1-469) Take the exam(s) now at a near-by Pearson VUE testing center! Contact Us Please direct any inquiries you may have to the Oracle Partner Enablement team at [email protected] For More Information Oracle Certification Program Beta Exams OPN Certified Specialist Exam Study Guides OPN Certified Specialist FAQ

    Read the article

  • links for 2011-01-13

    - by Bob Rhubart
    Webcast: Oracle WebCenter Suite: Giving Users a Modern Experience Speakers: Vince Casarez (VP Enterprise 2.0 Product Management, Oracle),  Erin Smith (Consulting Practice Manager – Portals, Oracle), Robert Wessa (Consulting Technical Director – Enterprise 2.0 Infrastructure, Oracle)  (tags: oracle otn webcenter webcast enterprise2.0) Oracle & StickyMinds.com Webcast: Load Testing Techniques for Enterprise Applications Mughees Minhas, Senior Director of Product Management, Oracle Server Technologies, answers your questions about the latest techniques for effectively and efficiently testing enterprise application performance. Thursday, January 20, 2011. 10am PT / 1pm ET. (tags: oracle otn stickymings webcast) Bay Area Coherence Special Interest Group (BACSIG) Jan 20, 5:30pm - 8:00pm PT. Presentations: Coherence 3.6 Clustering Features (Rob Lee), Efficient Management and Update of Coherence Clusters to Reduce Down Time ( Rao Bhethanabotla), How To Build a Coherence Practice (Christer Fahlgren). (tags: oracle, otn coherence bacsig) Podcast Show Notes: William Ulrich and Neal McWhorter on Business Architecture (ArchBeat) A four-part interview with the authors of  "Business Architecture: The Art and Practice of Business Transformation"  (tags: oracle otn podcast businessarchitecture) John Brunswick: Overlapping Social Networks in your Enterprise? Strategies to Understand and Govern "Overall it is important to consider if tacit knowledge being captured by the social systems is able to be retained and somehow summarized into an overall organizational directory." - John Brunswick (tags: oracle otn enterprise2.0 socialnetworking) Coherence - How to develop a custom push replication publisher (Middlewarepedia) Cosmin Todur describes "a way of developing a custom push replication publisher that publishes data to a database via JDBC."  (tags: oracle coherence grid) Aino Andriessen: Oracle Diagnostics Logging (ODL) for application development "Logging is a very important aspect of application development as it offers run-time access to the behaviour and data of the application. It’s important for debugging purposes but also to investigate exception situations on production." -- Aino Andriessen (tags: oracle odl java jdeveloper weblogic) Security issues when upgrading a Web Catalog from 10g to 11g Oracle BI By Bakboord "I blogged about upgrading from Oracle BI EE 10g to Oracle BI EE 11g R1 earlier. Although this is a very straight forward process, you could end up with some security issues." -- Daan Bakboord (tags: oracle businessintelligence obiee) Angelo Santagata: SOA Composite Sensors : Good Practice "A good best practice is that for any composites you create, consider publishing a composite sensor value using a primary key of some sort , e.g. orderId, that way if you need to manipulate/query composites you can easily look up the instanceId using the sensorid." - Angelo Santagata (tags: oracle soa sca) Javier Ductor: WebCenter Spaces 11g PS2 Task Flow Customization "Previously, I wrote about Spaces Template Customization. In order to adapt Spaces to customers prototype, it was necessary to change template and skin, as well as the members task flow. In this entry, I describe how to customize this task flow." - Javier Ductor (tags: oracle otn enterprise2.0 webcenter) RonBatra's blog: Cloud Computing Series: VI: Industry Directions "When someone says their 'Product/Solution is in the Cloud,' ask them basic questions to seperate the spin from the reality. I would start with 'tell me what that means' and see which way the conversation goes." - Oracle ACE Director Ron Batra (tags: oracle otn oracleace cloud) First JSRs Proposed for Java EE 7 (The Java Source) With the approval of Java SE 7 and Java SE 8 JSRs last month, attention is now shifting towards the Java EE platform. (tags: oracle java jsr javaee)

    Read the article

  • Healthcare and Distributed Data Don't Mix

    - by [email protected]
    How many times have you heard the story?  Hard disk goes missing, USB thumb drive goes missing, laptop goes missing...Not a week goes by that we don't hear about our data going missing...  Healthcare data is a big one, but we hear about credit card data, pricing info, corporate intellectual property...  When I have spoken at Security and IT conferences part of my message is "Why do you give your users data to lose in the first place?"  I don't suggest they can't have access to it...in fact I work for the company that provides the premiere data security and desktop solutions that DO provide access.  Access isn't the issue.  'Keeping the data' is the issue.We are all human - we all make mistakes... I fault no one for having their car stolen or that they dropped a USB thumb drive. (well, except the thieves - I can certainly find some fault there)  Where I find fault is in policy (or lack thereof sometimes) that allows users to carry around private, and important, data with them.  Mr. Director of IT - It is your fault, not theirs.  Ms. CSO - Look in the mirror.It isn't like one can't find a network to access the data from.  You are on a network right now.  How many Wireless ones (wifi, mifi, cellular...) are there around you, right now?  Allowing employees to remove data from the confines of (wait for it... ) THE DATA CENTER is just plain indefensible when it isn't required.  The argument that the laptop had a password and the hard disk was encrypted is ridiculous.  An encrypted drive tells thieves that before they sell the stolen unit for $75, they should crack the encryption and ascertain what the REAL value of the laptop is... credit card info, Identity info, pricing lists, banking transactions... a veritable treasure trove of info people give away on an 'encrypted disk'.What started this latest rant on lack of data control was an article in Government Health IT that was forwarded to me by Denny Olson, an Oracle Principal Sales Consultant in Minnesota.  The full article is here, but the point was that a couple laptops went missing in a couple different cases, and.. well... no one knows where the data is, and yes - they were loaded with patient info.  What were you thinking?Obviously you can't steal data form a Sun Ray appliance... since it has no data, nor any storage to keep the data on, and Secure Global Desktop allows access from Macs, Linux and Windows client devices...  but in all cases, there is no keeping the data unless you explicitly allow for it in your policy.   Since you can get at the data securely from any network, why would you want to take personal responsibility for it?  Both Sun Rays and Secure Global Desktop are widely used in Healthcare... but clearly not widely enough.We need to do a better job of getting the message out -  Healthcare (or insert your business type here) and distributed data don't mix. Then add Hot Desking and 'follow me printing' and you have something that Clinicians (and CSOs) love.Thanks for putting up my blood pressure, Denny.

    Read the article

  • Making files generally available on Linux system (when security is relatively unimportant)?

    - by Ole Thomsen Buus
    Hi, I am using Ubuntu 9.10 on a stationary PC. I have a secondary 1 TB harddrive with a single big logical partition (currently formatted as ext4). It is mounted as /usr3 with options user, exec in /etc/fstab. I am doing highspeed imaging experiments. Well, only 260fps, but that still creates many individual files since each frames is saved as one png-file. The stationary is not used by anyone other than me which is why the default security model posed by ubuntu is not necessary. What is the best way to make the entire contents of /usr3 generally available on all systems. In case I need to move the harddrive to another Ubuntu 9.x or 10.x machine? When grabbing image with the firewire camera I use a selfmade grabbing software-utility (console based) in sudo-mode. This creates all files with root as owner and group. I am logged in as user otb and usually I do the following when having to make files generally available to otb: sudo chown otb -R * sudo chgrp otb -R * sudo chmod a=rwx -R * This takes some time since the disk now contains individual ~200000 files. After this, how would linux behave if I moved the harddrive to another system where the user otb is also available? Would the files still be accessible without sudo use?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 154 155 156 157 158 159 160 161 162 163 164 165  | Next Page >