Search Results

Search found 13454 results on 539 pages for 'ws security'.

Page 186/539 | < Previous Page | 182 183 184 185 186 187 188 189 190 191 192 193 | Next Page >

Is there a unique computer identifier that can be used reliably even in a virtual machine?

- by SaUce

I'm writing a small client program to be run on a terminal server. I'm looking for a way to make sure that it will only run on this server and in case it is removed from the server it will not function. I understand that there is no perfect way of securing it to make it impossible to ran on other platforms, but I want to make it hard enough to prevent 95% of people to try anything. The other 5% who can hack it is not my concern. I was looking at different Unique Identifiers like Processor ID, Windows Product ID, Computer GUID and other UIs. Because the terminal server is a virtual machine, I cannot locate anything that is completely unique to this machine. Any ideas on what I should look into to make this 95% secure. I do not have time or the need to make it as secure as possible because it will defeat the purpose of the application itself. I do not want to user MAC address. Even though it is unique to each machine it can be easily spoofed. As far as Microsoft Product ID, because our system team clones VM servers and we use corporate volume key, I found already two servers that I have access to that have same Product ID Number. I have no Idea how many others out there that have same Product ID By 95% and 5% I just simply wanted to illustrate how far i want to go with securing this software. I do not have precise statistics on how many people can do what. I believe I might need to change my approach and instead of trying to identify the machine, I will be better off by identifying the user and create group based permission for access to this software.

Read the article
Best Way To Store Users Passwords Using PHP?

- by PeAk

What is the best way to store users passwords in a MySQL database using PHP. For example, md5 or is there something better? examples would be much appreciated.

Read the article
Linux File Permissions & Access Control Query

- by Jason

Hi, Lets say I am user: bob & group: users. There is this file: -rw----r-- 1 root users 4 May 8 22:34 testfile First question, why can't bob read the file as it's readable by others? Is it simply that if you are denied by group, then you are auto-blacklisted for others? I always assumed that the final 3 bits too precedence over user/group permission bits, guess I was wrong... Second question, how is this implemented? I suppose it's linked to the first query, but how does this work in relation to Access Control, is it related to how ACLs work / are queried? Just trying to understand how these 9 permission bits are actually implemented/used in Linux. Thanks alot.

Read the article
how can i hide the main form when it log out! ??

- by Azka

when i click onto login button, login page appears and when i enter the user id and password it proceeds to main form.. but.. when i log out, the main form appears and the controls transfer back to the log in page.. ... i need to hide that main form when it log outs.. ?? is it clear now??

Read the article
Expanded securityadmin

- by user80652

I'm aware that sysadmin is documented as the server role necessary for creating logins (SQL/Windows-integrated); nevertheless, I'm tasked to find out if there's any other server role (built-in or otherwise) that can be used. To be specific, I'm looking to setup one or two logins with access to create logins, create [database] users, assign users to [database] roles. Potentially reset passwords, but most of the logins are Windows-integrated and it's not necessary. Cannot have access to data at all, nor can these logins have rights to update tables nor create/update roles. Seems my only options so far are to set these 2 logins with securityadmin server role and for the specific databases, configure with db_securityadmin and db_accessadmin... but this configuration doesn't allow for creating logins.

Read the article
php Mail function; Is this way of using it safe?

- by Camran

I have a classifieds website, and inside each classified, there is a small form. This form is for users to be able to tip their "friends": <form action="/bincgi/tip.php" method="post" name="tipForm" id="tipForm"> Tip: <input name="email2" id="email2" type="text" size="30 /> <input type="submit" value="Skicka Tips"/> <input type="hidden" value="<?php echo $ad_id;?>" name="ad_id2" id="ad_id2" /> <input type="hidden" value="<?php echo $headline;?>" name="headline2" id="headline2" /> </form> The form is then submitted to a tip.php page, and here is my Q, is this below code safe, ie is it good enough or do I need to make some sanitations and more safety details? $to = filter_var($_POST['email2'], FILTER_SANITIZE_EMAIL); $ad_id = $_POST['ad_id2']; $headline = $_POST['headline2']; $subject = 'You got a tip'; $message ='Hi. You got a tip: '.$headline.'.\n'; $headers = 'From: [email protected]\r\n'; mail($to, $subject, $message, $headers); I haven't tested the above yet.

Read the article
What statistics app should I use for my website?

- by Camran

I have my own server (with root access). I need statistics of users who visit my website etc etc... I have looked at an app called Webalyzer... Is this a good choice? I run apache2 on a Ubuntu 9 system... If you know of any good statistics apps for servers please let me know. And a follow-up question: All statistics are saved in log-files right? So how large would these log-files become then? Possibility to split them would be good, dont know if this is possible with Webalyzer though...

Read the article
SpringSecurity VS SpringWebSecurity

- by abc

SpringSecurity VS SpringWebSecurity .. please explain..

Read the article
What's the best way to store sensative data in MySQL?

- by embedded

I'm managing the MySQL database from PHP scripts. the communication between server and client is secured via SSL. I store user account data which is sensitive. Is there a way to encrypt this data when entered into the DB? What is the best way to protect this sensitive data? Thanks

Read the article
Interrupted Upgrade from 11.10 to 12.04

- by Tamil

My upgrade using alternative iso from 11.10 to 12.04 got interrupted and I had to hard restart my machine. Now I feel that everything is recovered except my already installed packages like vim. How do I backup my home folder for fresh installation of ubuntu? Following are the errors I'm facing I couldn't mark any package for re-installation in synaptic or remove and install too. output of sudo apt-get install vim Building dependency tree Reading state information... Done Package vim is not available, but is referred to by another package. This may mean that the package is missing, has been obsoleted, or is only available from another source E: Package 'vim' has no installation candidate If I try installing it from synaptic I get apache2.2-common: Package apache2.2-common has no available version, but exists in the database. This typically means that the package was mentioned in a dependency and never uploaded, has been obsoleted or is not available with the contents of sources.list my sources.list file # added by the release upgrader # deb cdrom:[Ubuntu 12.04.1 LTS _Precise Pangolin_ - Release amd64 (20120822.4)]/ precise main restricted # added by the release upgrader # # deb cdrom:[Ubuntu 12.04.1 LTS _Precise Pangolin_ - Release amd64 (20120822.4)]/ precise main restricted # deb cdrom:[Ubuntu 11.04 _Natty Narwhal_ - Release amd64 (20110427.1)]/ natty main restricted # See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to # newer versions of the distribution. deb http://archive.ubuntu.com/ubuntu precise main restricted deb-src http://archive.ubuntu.com/ubuntu precise main restricted ## Major bug fix updates produced after the final release of the ## distribution. deb http://archive.ubuntu.com/ubuntu precise-updates main restricted deb-src http://archive.ubuntu.com/ubuntu precise-updates main restricted ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team. Also, please note that software in universe WILL NOT receive any ## review or updates from the Ubuntu security team. deb http://archive.ubuntu.com/ubuntu precise universe deb-src http://archive.ubuntu.com/ubuntu precise universe deb http://archive.ubuntu.com/ubuntu precise-updates universe deb-src http://archive.ubuntu.com/ubuntu precise-updates universe ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team, and may not be under a free licence. Please satisfy yourself as to ## your rights to use the software. Also, please note that software in ## multiverse WILL NOT receive any review or updates from the Ubuntu ## security team. deb http://archive.ubuntu.com/ubuntu precise multiverse deb-src http://archive.ubuntu.com/ubuntu precise multiverse deb http://archive.ubuntu.com/ubuntu precise-updates multiverse deb-src http://archive.ubuntu.com/ubuntu precise-updates multiverse ## Uncomment the following two lines to add software from the 'backports' ## repository. ## N.B. software from this repository may not have been tested as ## extensively as that contained in the main release, although it includes ## newer versions of some applications which may provide useful features. ## Also, please note that software in backports WILL NOT receive any review ## or updates from the Ubuntu security team. # deb http://us.archive.ubuntu.com/ubuntu/ natty-backports main restricted universe multiverse # deb-src http://us.archive.ubuntu.com/ubuntu/ natty-backports main restricted universe multiverse deb http://archive.ubuntu.com/ubuntu precise-security main restricted deb-src http://archive.ubuntu.com/ubuntu precise-security main restricted deb http://archive.ubuntu.com/ubuntu precise-security universe deb-src http://archive.ubuntu.com/ubuntu precise-security universe deb http://archive.ubuntu.com/ubuntu precise-security multiverse deb-src http://archive.ubuntu.com/ubuntu precise-security multiverse ## Uncomment the following two lines to add software from Canonical's ## 'partner' repository. ## This software is not part of Ubuntu, but is offered by Canonical and the ## respective vendors as a service to Ubuntu users. deb http://archive.canonical.com/ubuntu precise partner # deb-src http://archive.canonical.com/ubuntu natty partner ## This software is not part of Ubuntu, but is offered by third-party ## developers who want to ship their latest software. deb http://extras.ubuntu.com/ubuntu precise main deb-src http://extras.ubuntu.com/ubuntu precise main # deb http://tamil.3758_gmail.com:[email protected]/free unstable main # disabled on upgrade to oneiric # deb http://debian.datastax.com/natty oneiric main # disabled on upgrade to oneiric sudo apt-get update Err http://archive.ubuntu.com precise InRelease Err http://archive.canonical.com precise InRelease Err http://archive.ubuntu.com precise-updates InRelease Err http://archive.ubuntu.com precise-security InRelease Err http://extras.ubuntu.com precise InRelease Err http://archive.canonical.com precise Release.gpg Unable to connect to 172.16.140.249:3142: Err http://archive.ubuntu.com precise Release.gpg Unable to connect to 172.16.140.249:3142: Err http://archive.ubuntu.com precise-updates Release.gpg Unable to connect to 172.16.140.249:3142: Err http://extras.ubuntu.com precise Release.gpg Unable to connect to 172.16.140.249:3142: Err http://archive.ubuntu.com precise-security Release.gpg Unable to connect to 172.16.140.249:3142: W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/precise/InRelease

Read the article
How to install Oracle Weblogic Server using OS-specific Package installer?(Windows)

- by PratikS -- Oracle

Note: OS-specific Package installer As the name suggests the installer is platform specific. It is meant for installation with a 32bit JVM only. Both SUN and JROCKIT 32 bit JDKs come bundled with "OS-specific Package installer", so no need to install the JDK in advance. There are three different ways of installing Oracle Weblogic Server: Graphical mode Console mode Silent mode For Windows: 1) Graphical mode:Installer: wls_<version>_win32.exe (E.g. wls1036_win32.exe)Steps to Install:1) Log in to the Windows system.2) Go to the directory that contains the installation program.3) Double-click the installation file.(wls1036_win32.exe)As soon as you double-click on the installation file you wold see the following screens: Once the installation preparation is complete you will see the welcome screen: Click Next If there are existing Middleware Home Directories it will list all of them. You may either select an existing Middleware Home Directory or create a new one. Note: It is always recommended to have one Middleware Home Directory per installation, so I'll select "Create a new Middleware Home" Click Next If you want to register for Security updates enter your My Oracle Support credentials or else un-check the box, it will prompt to bypass click Yes and then click Next. Click Next Again Click Next Click Next to All Users to access the Oracle Weblogic Server Installation. Click Next ( Make sure the more then 1289.8 MB of space is available in the Middleware Home) Wait for the installation to complete. Click Done. And the installation is complete. 2) Console mode: Log in to the target Windows system. Open a command prompt window. Go to the directory that contains the installation program. Launch the installation by entering the name of the installation program. C:\Documents and Settings\username>d:D:\>cd D:\WLS-InstallerD:\WLS-Installer>dir Volume in drive D is Data Volume Serial Number is 123A-4567 Directory of D:\WLS-Installer07/04/2012 08:02 AM <DIR> .07/04/2012 08:02 AM <DIR> ..07/04/2012 08:02 AM 859,548,533 wls1036_win32.exe 1 File(s) 859,548,533 bytes 2 Dir(s) 34,745,683,968 bytes freeD:\WLS-Installer>wls1036_win32.exe -mode=console A new prompt will open and you may continue with the installation as follows: Extracting .................................................................................................... Done<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->Welcome:--------This installer will guide you through the installation of WebLogic 10.3.6.0.Type "Next" or enter to proceed to the next prompt. If you want to change dataentered previously, type "Previous". You may quit the installer at any time bytyping "Exit".Enter [Exit][Next]>Next<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->Choose Middleware Home Directory:--------------------------------- ->1¦* Create a new Middleware Home 2¦D:\WLS\bea816 3¦D:\WLS\bea923 4¦D:\WLS\bea1033 5¦D:\WLS\bea1032 Enter index number to select OR [Exit][Previous][Next]>Next<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->Choose Middleware Home Directory:--------------------------------- "Middleware Home" = [Enter new value or use default "C:\Oracle\Middleware"]Enter new Middleware Home OR [Exit][Previous][Next]> D:\WLS1036<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->Choose Middleware Home Directory:--------------------------------- "Middleware Home" = [D:\WLS1036]Use above value or select another option: 1 - Enter new Middleware Home 2 - Change to default [C:\Oracle\Middleware]Enter option number to select OR [Exit][Previous][Next]>Next<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->Register for Security Updates:------------------------------Provide your email address for security updates and to initiate configuration manager. 1¦Email:[] 2¦Support Password:[] 3¦Receive Security Update:[Yes]Enter index number to select OR [Exit][Previous][Next]> 3<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->Register for Security Updates:------------------------------Provide your email address for security updates and to initiate configuration manager. "Receive Security Update:" = [Enter new value or use default "Yes"]Enter [Yes][No]? No<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->Register for Security Updates:------------------------------Provide your email address for security updates and to initiate configuration manager. "Receive Security Update:" = [Enter new value or use default "Yes"] ** Do you wish to bypass initiation of the configuration manager and ** remain uninformed of critical security issues in your configuration?Enter [Yes][No]? Yes<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->Register for Security Updates:------------------------------Provide your email address for security updates and to initiate configuration manager. 1¦Email:[] 2¦Support Password:[] 3¦Receive Security Update:[No]Enter index number to select OR [Exit][Previous][Next]>Next<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->Register for Security Updates:------------------------------Provide your email address for security updates and to initiate configuration manager. 1¦Email:[] 2¦Support Password:[] 3¦Receive Security Update:[No]Enter index number to select OR [Exit][Previous][Next]>Next<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->Choose Install Type:--------------------Select the type of installation you wish to perform. ->1¦Typical ¦ Install the following product(s) and component(s): ¦ - WebLogic Server ¦ - Oracle Coherence 2¦Custom ¦ Choose software products and components to install and perform optional ¦configuration.Enter index number to select OR [Exit][Previous][Next]>Next<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->Choose Product Installation Directories:----------------------------------------Middleware Home Directory: [D:\WLS1036]Product Installation Directories: 1¦WebLogic Server: [D:\WLS1036\wlserver_10.3] 2¦Oracle Coherence: [D:\WLS1036\coherence_3.7]Enter index number to select OR [Exit][Previous][Next]>Next<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->Choose Shortcut Location:------------------------- *The installer creates shortcuts to Oracle components, samples, and tools. *As a user with administrative privileges, you can specify where these *shortcuts are created. ->1¦"All Users" Start Menu folder (recommended) ¦For some installations, this setting may limit the automatic creation of ¦server shortcuts for users without administrative privileges. Refer to the ¦documentation for more information. 2¦Local user's Start Menu folder ¦Select this option if you need to ensure that other profiles registered on ¦this machine will not have access to these shortcuts.Enter index number to select OR [Exit][Previous][Next]>Next<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->Choose Shortcut Location:------------------------- *Are you sure you wish to create the shortcuts in the selected location? * *"All Users" Start Menu folder (recommended) *For some installations, this setting may limit the automatic creation of *server shortcuts for users without administrative privileges. Refer to the *documentation for more information. ->1¦Yes. 2¦No, Go back to the previous screen and make another choice.Enter index number to select OR [Exit][Previous][Next]>Next<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->The following Products and JDKs will be installed:-------------------------------------------------- WebLogic Platform 10.3.6.0 +----WebLogic Server ¦ +----Core Application Server ¦ +----Administration Console ¦ +----Configuration Wizard and Upgrade Framework ¦ +----Web 2.0 HTTP Pub-Sub Server ¦ +----WebLogic SCA ¦ +----WebLogic JDBC Drivers ¦ +----Third Party JDBC Drivers ¦ +----WebLogic Server Clients ¦ +----WebLogic Web Server Plugins ¦ +----UDDI and Xquery Support ¦ +----Evaluation Database +----Oracle Coherence ¦ +----Coherence Product Files +----JDKs +----SUN SDK 1.6.0_29 +----Oracle JRockit 1.6.0_29 SDK *Estimated size of installation: 1,289.8 MBEnter [Exit][Previous][Next]>Next<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->Installing files..0% 25% 50% 75% 100%[------------|------------|------------|------------][***************************************************]<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->Installing JDK....0% 25% 50% 75% 100%[------------|------------|------------|------------][***************************************************]Performing String Substitutions...<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->Configuring OCM...0% 25% 50% 75% 100%[------------|------------|------------|------------][***************************************************]Creating Domains...<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->Installation CompleteCongratulations! Installation is complete.Press [Enter] to continue or type [Exit]>...Finish installation. Press any key to close this window... Note: All the inputs are in Bold 3) Silent mode: Coming soon...

Read the article
Deploying Application with mvc in shared hosting server

- by ankita-13-3

We have created an MVC web application in asp.net 3.5, it runs absolutely fine locally but when we deploy it on godaddy hosting server (shared hosting), it shows an error which is related to trust level problem. We contacted godaddy support and they say, that we only support medium trust level application. So how to convert my application in medium trust level. Do I need to make changes to web.config file. It shows the following error : Security Exception Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file. Exception Details: System.Security.SecurityException: Request failed. Source Error: An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below. Stack Trace: [SecurityException: Request failed.] System.Security.CodeAccessSecurityEngine.ThrowSecurityException(Assembly asm, PermissionSet granted, PermissionSet refused, RuntimeMethodHandle rmh, SecurityAction action, Object demand, IPermission permThatFailed) +150 System.Security.CodeAccessSecurityEngine.ThrowSecurityException(Object assemblyOrString, PermissionSet granted, PermissionSet refused, RuntimeMethodHandle rmh, SecurityAction action, Object demand, IPermission permThatFailed) +100 System.Security.CodeAccessSecurityEngine.CheckSetHelper(PermissionSet grants, PermissionSet refused, PermissionSet demands, RuntimeMethodHandle rmh, Object assemblyOrString, SecurityAction action, Boolean throwException) +284 System.Security.PermissionSetTriple.CheckSetDemand(PermissionSet demandSet, PermissionSet& alteredDemandset, RuntimeMethodHandle rmh) +69 System.Security.PermissionListSet.CheckSetDemand(PermissionSet pset, RuntimeMethodHandle rmh) +150 System.Security.PermissionListSet.DemandFlagsOrGrantSet(Int32 flags, PermissionSet grantSet) +30 System.Threading.CompressedStack.DemandFlagsOrGrantSet(Int32 flags, PermissionSet grantSet) +40 System.Security.CodeAccessSecurityEngine.ReflectionTargetDemandHelper(Int32 permission, PermissionSet targetGrant, CompressedStack securityContext) +123 System.Security.CodeAccessSecurityEngine.ReflectionTargetDemandHelper(Int32 permission, PermissionSet targetGrant, Resolver accessContext) +41 Look forward to your help. Regards Ankita Software Developer Shakti Informatics Pvt. Ltd. Web Template Hub

Read the article
Is 'Old-School' the Wrong Way to Describe Reliable Security?

- by rickramsey

source The Hotel Toronto apparently knows how to secure its environment. "Built directly into the bedrock in 1913, the vault features an incredible 4-foot thick steel door that weighs 40 tonnes, yet can nonetheless be moved with a single finger. During construction, the gargantuan door was hauled up Yonge Street from the harbour by a team of 18 horses. " 1913. Those were the days. Sysadmins had to be strong as bulls and willing to shovel horse maneur. At least nowadays you don't have to be that strong. And, if you happen to be trying to secure your Oracle Linux environment, you may be able to avoid the shoveling, as well. Provided you know the tricks of the trade contained in these two recently published articles. Tips for Hardening an Oracle Linux Server General strategies for hardening an Oracle Linux server. Oracle Linux comes "secure by default," but the actions you take when deploying the server can increase or decrease its security. How to minimize active services, lock down network services, and many other tips. By Ginny Henningsen, James Morris and Lenz Grimmer. Tips for Securing an Oracle Linux Environment System logging with logwatch and process accounting with psacct can help detect intrusion attempts and determine whether a system has been compromised. So can using the RPM package manager to verifying the integrity of installed software. These and other tools are described in this second article, which takes a wider perspective and gives you tips for securing your entire Oracle Linux environment. Also by the crack team of Ginny Henningsen, James Morris and Lenz Grimmer. - Rick Website Newsletter Facebook Twitter

Read the article
Advice on selecting programming languages to concentrate on? (2nd year IT security student)

- by Tyler J Fisher

I'm in the process of considering which programming languages I should devote the majority of my coding studies to. I'm a 2nd year CS student, majoring in IT security. What I want to do/work with: Intelligence gathering Relational databases Virus design Snort network IPS Current coding experience (what I'm going to keep): Java - intermediate HTML5 - intermediate SQL (MySQL, Oracle 11g) - basic BASH - basic I'm going to need to learn (at least) one of the following languages in order to be successful in my field. Languages to add (at least 1): Ruby (+Metasploit) C++ (virus design, low-level driver interaction, computationally intensive applications) Python (import ALL the things) My dilemma: If I diversify too broadly, I won't be able to focus on, and improve in a specific niche. Does anyone have any advice as to how I should select a language? What I'm considering + why I'm leaning towards Ruby because of Metasploit support, despite lower efficiency when compared to Python. Any suggestions based on real-world experience? Should I focus on Ruby, Python, or C++? Both Ruby, and Python have been regarded as syntactically similar to Java which my degree is based around. I'm going to be studying C++ in two years as a component of my malicious code class. Thanks, Tyler

Read the article
Security Issue in LinkedIn – View any 3rd profile without a premium account.

- by Shaurya Anand

Originally posted on: http://geekswithblogs.net/shauryaanand/archive/2013/06/25/153230.aspxI discovered this accidently when my wife forwarded a contact on LinkedIn from her tablet, using the mobile interface of the website. On opening the contact on my desktop, I was surprised to see, I need to upgrade my account to view the contact. Doing some research along with my wife, I found this simple security vulnerability from LinkedIn that can let anyone view a contact’s full profile even when you have a “not upgraded” LinkedIn account and that the contact is a “3rd + Everyone Else”. Here’s an example of what I am talking about. I just made a random search on LinkedIn for a contact whose name starts with Sacha. Do note, this is just a walkthrough and I am not publicizing any Sacha. I check the “3rd + Everyone Else” and find a “LinkedIn Member”. On clicking this person’s profile to view, I am presented with the following page, asking me to upgrade. Make a note of this page’s web address and you get the profile id from it. For example, for this contact, the page address is: http://www.linkedin.com/profile/view?id=868XXX35 The Profile Id for this contact is 868XXX35. Now, open following page where the Profile Id is the same as the one we grabbed a moment earlier. https://touch.www.linkedin.com/?#profile/868XXX35 The mobile page exposes this contact information and you even get the possibility to connect to this person without an introduction mail (InMail). I hope someone from LinkedIn sees and issues a fix for this. I am pretty sure, it’s something that they don’t want the user to do without purchasing an upgrade package.

Read the article
How to manage security of these self hosted web apis, to ensure that the request coming for accessing data is authenticated?

- by Husrat Mehmood

Let's pretend I am going to work on an enterprise application. Say I have 11 modules in the application and I would have to develop Dashboards for every role in the organization for whom I are going to develop application. We Decided to use Asp.Net Web Api and return json data from our apis. We are going to include 11 Self hosted web apis projects in our application (one self hosted web api) for every module. All 11 modules are connected to one Sql server 2012 Database. Then once api is ready we would have to create Business Dashboards (Based upon roles in Organization). So Now my web api client is Asp.Net Mvc application.Asp.Net mvc will consume those web apis. Here is the part for whom all explanation is done. How should I manage Security of all 11 self hosted web apis? How should I only authenticated request is coming? If I authenticate user by login and password and then redirect user to appropriate Dashboard designed for the role that user have and load data by consuming web apis. How should I ensure that the request coming for accessing data is authenticated?

Read the article
what are some good interview questions for a position that consists of reviewing code for security vulnerabilities?

- by John Smith

The position is an entry-level position that consists of reading C++ code and identifying lines of code that are vulnerable to buffer overflows, out-of-bounds reads, uncontrolled format strings, and a bunch of other CWE's. We don't expect the average candidate to be knowledgeable in the area of software security nor do we expect him or her to be an expert computer programmer; we just expect them to be able to read the code and correctly identify vulnerabilities. I guess I could ask them the typical interview questions: reverse a string, print a list of prime numbers, etc, but I'm not sure that their ability to write code under pressure (or lack thereof) tells me anything about their ability to read code. Should I instead focus on testing their knowledge of C++? Ask them if they understand what a pointer is and how bitwise operators work? My only concern about asking that kind of question is that I might unfairly weed out people who don't happen to have the knowledge but have the ability to acquire it. After all, it's not like they will be writing a single line of code, and it's not like we are looking only for people who already know C++, since we are willing to train the right candidate. (It is true that I could ask those questions only to those candidates who claim to know C++, but I'd like to give the same "test" to everyone.) Should I just focus on trying to get an idea of their level of intelligence? In other words, should I get them to talk and pay attention to the way they articulate their thoughts, and so on?

Read the article
Ubuntu 12.04 - syslog showing "SGI XFS with ACLs, security attributes, realtime, large block/inode numbers, no debug enabled"

- by Tom G

I have been seeing these random logs in syslog on our production system. There is no XFS setup. Fstab only shows local partitions, only EXT3 . There is nothing in crontabs either. The only file system related package I have installed is 'nfs-kernel-server' Kernel version is 3.2.0-31-generic . kernel: [601730.795990] SGI XFS with ACLs, security attributes, realtime, large block/inode numbers, no debug enabled kernel: [601730.798710] SGI XFS Quota Management subsystem kernel: [601730.828493] JFS: nTxBlock = 8192, nTxLock = 65536 kernel: [601730.897024] NTFS driver 2.1.30 [Flags: R/O MODULE]. kernel: [601730.964412] QNX4 filesystem 0.2.3 registered. kernel: [601731.035679] Btrfs loaded os-prober: debug: running /usr/lib/os-probes/mounted/10freedos on mounted /dev/vda1 10freedos: debug: /dev/vda1 is not a FAT partition: exiting os-prober: debug: running /usr/lib/os-probes/mounted/10qnx on mounted /dev/vda1 10qnx: debug: /dev/vda1 is not a QNX4 partition: exiting os-prober: debug: running /usr/lib/os-probes/mounted/20macosx on mounted /dev/vda1 macosx-prober: debug: /dev/vda1 is not an HFS+ partition: exiting os-prober: debug: running /usr/lib/os-probes/mounted/20microsoft on mounted /dev/vda1 20microsoft: debug: /dev/vda1 is not a MS partition: exiting os-prober: debug: running /usr/lib/os-probes/mounted/30utility on mounted /dev/vda1 30utility: debug: /dev/vda1 is not a FAT partition: exiting os-prober: debug: running /usr/lib/os-probes/mounted/40lsb on mounted /dev/vda1 debug: running /usr/lib/os-probes/mounted/70hurd on mounted /dev/vda1 debug: running /usr/lib/os-probes/mounted/80minix on mounted /dev/vda1 debug: running /usr/lib/os-probes/mounted/83haiku on mounted /dev/vda1 83haiku: debug: /dev/vda1 is not a BeFS partition: exiting os-prober: debug: running /usr/lib/os-probes/mounted/90bsd-distro on mounted /dev/vda1 83haikuos-prober: debug: running /usr/lib/os-probes/mounted/90linux-distro on mounted /dev/vda1 os-prober: debug: running /usr/lib/os-probes/mounted/90solaris on mounted /dev/vda1 os-prober: debug: /dev/vda2: is active swap Why would this randomly show up? This also spawns multiple "jfsCommit" processes.

Read the article
WCF, Rampart, ADFS2 and SAML Interop issue

- by user317647

Hi, I'm working on establishing interoperability between .NET WCF 3.5 and Axis2/Rampart using ADFS2 as the STS and using SAML authentication. Initially I used Axis 1.4.1/Rampart 1.4 but in an attempt to rule out issues relating to WS-* standards compatbility have also created a duplicate environment running Axis 1.5.1/Rampart 1.5. Both envionment use Eclipse 3.5.1 (Galileo)/Tomcat 5.5 for the Java service side. My objective is: WCF-ADFS2-SAML token-Axis2/Rampart Using Kerberos authentication to obtain a SAML token from ADFS2 and propagating this to Rampart. Much progress has been made so far, but the error I'm now getting on Rampart is as follows (on both versions 1.4 & 1.5): [ERROR] General security error (SAML token security failure) org.apache.axis2.AxisFault: General security error (SAML token security failure) Caused by: org.apache.ws.security.WSSecurityException: General security error (SAML token security failure) at org.apache.ws.security.saml.SAMLUtil.getSAMLKeyInfo(SAMLUtil.java:169) at org.apache.ws.security.saml.SAMLUtil.getSAMLKeyInfo(SAMLUtil.java:73) at org.apache.ws.security.processor.DerivedKeyTokenProcessor.extractSecret(DerivedKeyTokenProcessor.java:170) at org.apache.ws.security.processor.DerivedKeyTokenProcessor.handleToken(DerivedKeyTokenProcessor.java:74) at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:326) at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:243) at org.apache.rampart.RampartEngine.process(RampartEngine.java:144) After building source versions for Rampart (just 1.4 so far) I've traced this problem to the following source code: SAMUtil.java Element e = samlSubj.getKeyInfo(); X509Certificate[] certs = null; try { KeyInfo ki = new KeyInfo(e, null); if (ki.containsX509Data()) { X509Data data = ki.itemX509Data(0); XMLX509Certificate certElem = null; if (data != null && data.containsCertificate()) { certElem = data.itemCertificate(0); } if (certElem != null) { X509Certificate cert = certElem.getX509Certificate(); certs = new X509Certificate[1]; certs[0] = cert; return new SAMLKeyInfo(assertion, certs); } } The line ki.containsX509Data() above return false and fails. The value from the Element e is as follows: CN=Root Agency -147027885241304943914470421251724308948 JMYzUkmrT13JoYj2pGN5o/vxpGq8bKFXI1m18iEFu+5rF0wA4MYURGIEWE9/zg1apgjElQHus5qb4ZRCzg7IHyENCGq7um2w1SXxPzstoMsZ7oZ83Uq08lDdNV51QGzCCOdCi+YizKT7AJ1B6gaplxMnFEJ8TlnzFBCavMxSCho= The attempt to obtain the X509 data above is failing even when it appears in the message? (IssuerSerial). All references I've seen so far indicate that the style of X509 reference is supported by Rampart and WSS4J (default?!). This key reference is the certificate that ADFS2 has used to encrypt the message. Any help at all would be greatly appreciated! Thanks Jason

Read the article
Tomcat 6: Access Control Exception?

- by iftrue

I'm trying to setup a tomcat6 server, and I'm trying to match another setup someone else established. However, my deployment (default Ubuntu install) uses a policy.d/ directory structure, and the established server just uses a catalina.policy file. I've tried setting every entry in policy.d to match the given catalina.policy, but I still get the following stacktrace on boot (from localhost log). I have two questions, then. First, how do I get tomcat to use a single poilcy file, rather than the directory structure presented by policy.d/? Secondly, why, when I specify all files to use the same policy, do I still get the stack trace below? Stack trace: SEVERE: Servlet /myapp threw load() exception java.security.AccessControlException: access denied (java.lang.RuntimePermission accessClassInPackage.org.apache.jasper) at java.security.AccessControlContext.checkPermission(AccessControlContext.java:342) at java.security.AccessController.checkPermission(AccessController.java:553) at java.lang.SecurityManager.checkPermission(SecurityManager.java:549) at java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1529) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:291) at java.lang.ClassLoader.loadClass(ClassLoader.java:264) at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1314) at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1245) at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:332) at org.apache.jasper.servlet.JspServlet.init(JspServlet.java:100) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:616) at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:244) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.Subject.doAsPrivileged(Subject.java:537) at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:276) at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162) at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:115) at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1166) at org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:992) at org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:4058) at org.apache.catalina.core.StandardContext.start(StandardContext.java:4367) at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791) at org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:123) at org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:145) at java.security.AccessController.doPrivileged(Native Method) at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:769) at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:525) at org.apache.catalina.startup.HostConfig.deployDirectory(HostConfig.java:978) at org.apache.catalina.startup.HostConfig.deployDirectories(HostConfig.java:941) at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:499) at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1201) at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:318) at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:117) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053) at org.apache.catalina.core.StandardHost.start(StandardHost.java:719) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045) at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443) at org.apache.catalina.core.StandardService.start(StandardService.java:516) at org.apache.catalina.core.StandardServer.start(StandardServer.java:710) at org.apache.catalina.startup.Catalina.start(Catalina.java:578) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:616) at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:616) at org.apache.commons.daemon.support.DaemonLoader.start(DaemonLoader.java:177) Policy.d grant codeBase "file:${java.home}/lib/-" { permission java.security.AllPermission; }; // These permissions apply to all shared system extensions grant codeBase "file:${java.home}/jre/lib/ext/-" { permission java.security.AllPermission; }; // These permissions apply to javac when ${java.home] points at $JAVA_HOME/jre grant codeBase "file:${java.home}/../lib/-" { permission java.security.AllPermission; }; // These permissions apply to all shared system extensions when // ${java.home} points at $JAVA_HOME/jre grant codeBase "file:${java.home}/lib/ext/-" { permission java.security.AllPermission; }; // ========== CATALINA CODE PERMISSIONS ======================================= // These permissions apply to the daemon code grant codeBase "file:${catalina.home}/bin/commons-daemon.jar" { permission java.security.AllPermission; }; // These permissions apply to the logging API grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" { permission java.util.PropertyPermission "java.util.logging.config.class", "read"; permission java.util.PropertyPermission "java.util.logging.config.file", "read"; permission java.io.FilePermission "${java.home}${file.separator}lib${file.separator}logging.properties", "read"; permission java.lang.RuntimePermission "shutdownHooks"; permission java.io.FilePermission "${catalina.base}${file.separator}conf${file.separator}logging.properties", "read"; permission java.util.PropertyPermission "catalina.base", "read"; permission java.util.logging.LoggingPermission "control"; permission java.io.FilePermission "${catalina.base}${file.separator}logs", "read, write"; permission java.io.FilePermission "${catalina.base}${file.separator}logs${file.separator}*", "read, write"; permission java.lang.RuntimePermission "getClassLoader"; // To enable per context logging configuration, permit read access to the appropriate file. // Be sure that the logging configuration is secure before enabling such access // eg for the examples web application: // permission java.io.FilePermission "${catalina.base}${file.separator}webapps${file.separator}examples${file.separator}WEB-INF${file.separator}classes${file.separator}logging.properties", "read"; }; // These permissions apply to the server startup code grant codeBase "file:${catalina.home}/bin/bootstrap.jar" { permission java.security.AllPermission; }; // These permissions apply to the servlet API classes // and those that are shared across all class loaders // located in the "lib" directory grant codeBase "file:${catalina.home}/lib/-" { permission java.security.AllPermission; }; // ========== WEB APPLICATION PERMISSIONS ===================================== // These permissions are granted by default to all web applications // In addition, a web application will be given a read FilePermission // and JndiPermission for all files and directories in its document root. grant { // Required for JNDI lookup of named JDBC DataSource's and // javamail named MimePart DataSource used to send mail permission java.util.PropertyPermission "java.home", "read"; permission java.util.PropertyPermission "java.naming.*", "read"; permission java.util.PropertyPermission "javax.sql.*", "read"; // OS Specific properties to allow read access permission java.util.PropertyPermission "os.name", "read"; permission java.util.PropertyPermission "os.version", "read"; permission java.util.PropertyPermission "os.arch", "read"; permission java.util.PropertyPermission "file.separator", "read"; permission java.util.PropertyPermission "path.separator", "read"; permission java.util.PropertyPermission "line.separator", "read"; // JVM properties to allow read access permission java.util.PropertyPermission "java.version", "read"; permission java.util.PropertyPermission "java.vendor", "read"; permission java.util.PropertyPermission "java.vendor.url", "read"; permission java.util.PropertyPermission "java.class.version", "read"; permission java.util.PropertyPermission "java.specification.version", "read"; permission java.util.PropertyPermission "java.specification.vendor", "read"; permission java.util.PropertyPermission "java.specification.name", "read"; permission java.util.PropertyPermission "java.vm.specification.version", "read"; permission java.util.PropertyPermission "java.vm.specification.vendor", "read"; permission java.util.PropertyPermission "java.vm.specification.name", "read"; permission java.util.PropertyPermission "java.vm.version", "read"; permission java.util.PropertyPermission "java.vm.vendor", "read"; permission java.util.PropertyPermission "java.vm.name", "read"; // Required for OpenJMX permission java.lang.RuntimePermission "getAttribute"; // Allow read of JAXP compliant XML parser debug permission java.util.PropertyPermission "jaxp.debug", "read"; // Precompiled JSPs need access to this package. permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.runtime"; permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.runtime.*"; // Precompiled JSPs need access to this system property. permission java.util.PropertyPermission "org.apache.jasper.runtime.BodyContentImpl.LIMIT_BUFFER", "read"; };

Read the article
Ubuntu 12.04 + Eclipse 64 bits key binding error

- by user110933

The text is quite extense so, this is just a part of it: !SESSION 2012-11-23 10:15:52.442 ----------------------------------------------- eclipse.buildId=I20120608-1200 java.version=1.7.0_09 java.vendor=Oracle Corporation BootLoader constants: OS=linux, ARCH=x86_64, WS=gtk, NL=en_US Command-line arguments: -os linux -ws gtk -arch x86_64 !ENTRY org.eclipse.jface 2 0 2012-11-23 10:16:06.408 !MESSAGE Keybinding conflicts occurred. They may interfere with normal accelerator operation. !SUBENTRY 1 org.eclipse.jface 2 0 2012-11-23 10:16:06.408 !MESSAGE A conflict occurred for ALT+SHIFT+R: Binding(ALT+SHIFT+R, ParameterizedCommand(Command(oracle.eclipse.tools.common.services.ui.refactor.rename.command,Rename, Rename the selected text., Category(org.eclipse.jdt.ui.category.refactoring,Refactor - Java,Java Refactoring Actions,true), oracle.eclipse.tools.common.services.ui.refactor.internal.ArtifactRefactoringCommandHandler, ,,true),null), org.eclipse.ui.defaultAcceleratorConfiguration, org.eclipse.ui.contexts.window,,,system) Binding(ALT+SHIFT+R, ParameterizedCommand(Command(org.eclipse.jdt.ui.edit.text.java.rename.element,Rename - Refactoring , Rename the selected element, Category(org.eclipse.jdt.ui.category.refactoring,Refactor - Java,Java Refactoring Actions,true), , ,,true),null), org.eclipse.ui.defaultAcceleratorConfiguration, org.eclipse.ui.contexts.window,,,system) !ENTRY org.eclipse.ui.workbench 4 0 2012-11-23 10:16:10.409 !MESSAGE An unexpected exception was thrown. !STACK 0 java.lang.NullPointerException at org.eclipse.ui.internal.WorkbenchWindow.putToolbarLabel(WorkbenchWindow.java:1697) at org.eclipse.ui.internal.menus.MenuAdditionCacheEntry.createToolBarAdditionContribution(MenuAdditionCacheEntry.java:208) at org.eclipse.ui.internal.menus.MenuAdditionCacheEntry.createContributionItems(MenuAdditionCacheEntry.java:177) at org.eclipse.ui.internal.menus.TrimContributionManager.update(TrimContributionManager.java:224) at org.eclipse.ui.internal.WorkbenchWindow.updateLayoutDataForContents(WorkbenchWindow.java:3874) at org.eclipse.ui.internal.WorkbenchWindow.setCoolBarVisible(WorkbenchWindow.java:3675) at org.eclipse.ui.internal.ViewIntroAdapterPart.setBarVisibility(ViewIntroAdapterPart.java:203) at org.eclipse.ui.internal.ViewIntroAdapterPart.dispose(ViewIntroAdapterPart.java:106) at org.eclipse.ui.internal.WorkbenchPartReference.doDisposePart(WorkbenchPartReference.java:737) at org.eclipse.ui.internal.ViewReference.doDisposePart(ViewReference.java:107) at org.eclipse.ui.internal.WorkbenchPartReference.dispose(WorkbenchPartReference.java:684) at org.eclipse.ui.internal.WorkbenchPage.disposePart(WorkbenchPage.java:1801) at org.eclipse.ui.internal.WorkbenchPage.partRemoved(WorkbenchPage.java:1793) at org.eclipse.ui.internal.ViewFactory.releaseView(ViewFactory.java:257) at org.eclipse.ui.internal.Perspective.dispose(Perspective.java:292) at org.eclipse.ui.internal.WorkbenchPage.dispose(WorkbenchPage.java:1872) at org.eclipse.ui.internal.WorkbenchWindow.closeAllPages(WorkbenchWindow.java:894) at org.eclipse.ui.internal.WorkbenchWindow.hardClose(WorkbenchWindow.java:1729) at org.eclipse.ui.internal.WorkbenchWindow.busyClose(WorkbenchWindow.java:730) at org.eclipse.ui.internal.WorkbenchWindow.access$0(WorkbenchWindow.java:715) at org.eclipse.ui.internal.WorkbenchWindow$6.run(WorkbenchWindow.java:867) at org.eclipse.swt.custom.BusyIndicator.showWhile(BusyIndicator.java:70) at org.eclipse.ui.internal.WorkbenchWindow.close(WorkbenchWindow.java:865) at org.eclipse.jface.window.WindowManager.close(WindowManager.java:109) at org.eclipse.ui.internal.Workbench$18.run(Workbench.java:1114) at org.eclipse.core.runtime.SafeRunner.run(SafeRunner.java:42) at org.eclipse.ui.internal.Workbench.busyClose(Workbench.java:1111) at org.eclipse.ui.internal.Workbench.access$15(Workbench.java:1040) at org.eclipse.ui.internal.Workbench$25.run(Workbench.java:1284) at org.eclipse.swt.custom.BusyIndicator.showWhile(BusyIndicator.java:70) at org.eclipse.ui.internal.Workbench.close(Workbench.java:1282) at org.eclipse.ui.internal.Workbench.close(Workbench.java:1254) at org.eclipse.ui.internal.WorkbenchWindow.busyClose(WorkbenchWindow.java:727) at org.eclipse.ui.internal.WorkbenchWindow.access$0(WorkbenchWindow.java:715) at org.eclipse.ui.internal.WorkbenchWindow$6.run(WorkbenchWindow.java:867) at org.eclipse.swt.custom.BusyIndicator.showWhile(BusyIndicator.java:70) at org.eclipse.ui.internal.WorkbenchWindow.close(WorkbenchWindow.java:865) at org.eclipse.jface.window.Window.handleShellCloseEvent(Window.java:741) at org.eclipse.jface.window.Window$3.shellClosed(Window.java:687) at org.eclipse.swt.widgets.TypedListener.handleEvent(TypedListener.java:98) at org.eclipse.swt.widgets.EventTable.sendEvent(EventTable.java:84) at org.eclipse.swt.widgets.Widget.sendEvent(Widget.java:1276) at org.eclipse.swt.widgets.Widget.sendEvent(Widget.java:1300) at org.eclipse.swt.widgets.Widget.sendEvent(Widget.java:1285) at org.eclipse.swt.widgets.Shell.closeWidget(Shell.java:617) at org.eclipse.swt.widgets.Shell.gtk_delete_event(Shell.java:1191) at org.eclipse.swt.widgets.Widget.windowProc(Widget.java:1750) at org.eclipse.swt.widgets.Control.windowProc(Control.java:5116) at org.eclipse.swt.widgets.Display.windowProc(Display.java:4369) at org.eclipse.swt.internal.gtk.OS._gtk_main_do_event(Native Method) at org.eclipse.swt.internal.gtk.OS.gtk_main_do_event(OS.java:8295) at org.eclipse.swt.widgets.Display.eventProc(Display.java:1192) at org.eclipse.swt.internal.gtk.OS._g_main_context_iteration(Native Method) at org.eclipse.swt.internal.gtk.OS.g_main_context_iteration(OS.java:2332) at org.eclipse.swt.widgets.Display.readAndDispatch(Display.java:3177) at org.eclipse.ui.internal.Workbench.runEventLoop(Workbench.java:2701) at org.eclipse.ui.internal.Workbench.runUI(Workbench.java:2665) at org.eclipse.ui.internal.Workbench.access$4(Workbench.java:2499) at org.eclipse.ui.internal.Workbench$7.run(Workbench.java:679) at org.eclipse.core.databinding.observable.Realm.runWithDefault(Realm.java:332) at org.eclipse.ui.internal.Workbench.createAndRunWorkbench(Workbench.java:668) at org.eclipse.ui.PlatformUI.createAndRunWorkbench(PlatformUI.java:149) at org.eclipse.ui.internal.ide.application.IDEApplication.start(IDEApplication.java:124) at org.eclipse.equinox.internal.app.EclipseAppHandle.run(EclipseAppHandle.java:196) at org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.runApplication(EclipseAppLauncher.java:110) at org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.start(EclipseAppLauncher.java:79) at org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStarter.java:353) at org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStarter.java:180) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:601) at org.eclipse.equinox.launcher.Main.invokeFramework(Main.java:629) at org.eclipse.equinox.launcher.Main.basicRun(Main.java:584) at org.eclipse.equinox.launcher.Main.run(Main.java:1438) at org.eclipse.equinox.launcher.Main.main(Main.java:1414) !SESSION 2012-11-23 10:36:07.863 ----------------------------------------------- eclipse.buildId=I20120608-1200 java.version=1.7.0_09 java.vendor=Oracle Corporation BootLoader constants: OS=linux, ARCH=x86_64, WS=gtk, NL=en_US Command-line arguments: -os linux -ws gtk -arch x86_64 !ENTRY org.eclipse.jface 2 0 2012-11-23 10:36:13.181 !MESSAGE Keybinding conflicts occurred. They may interfere with normal accelerator operation. !SUBENTRY 1 org.eclipse.jface 2 0 2012-11-23 10:36:13.181 !MESSAGE A conflict occurred for ALT+SHIFT+R: Binding(ALT+SHIFT+R, ParameterizedCommand(Command(oracle.eclipse.tools.common.services.ui.refactor.rename.command,Rename, Rename the selected text., Category(org.eclipse.jdt.ui.category.refactoring,Refactor - Java,Java Refactoring Actions,true), oracle.eclipse.tools.common.services.ui.refactor.internal.ArtifactRefactoringCommandHandler, ,,true),null), org.eclipse.ui.defaultAcceleratorConfiguration, org.eclipse.ui.contexts.window,,,system) Binding(ALT+SHIFT+R, ParameterizedCommand(Command(org.eclipse.jdt.ui.edit.text.java.rename.element,Rename - Refactoring , Rename the selected element, Category(org.eclipse.jdt.ui.category.refactoring,Refactor - Java,Java Refactoring Actions,true), , ,,true),null), org.eclipse.ui.defaultAcceleratorConfiguration, org.eclipse.ui.contexts.window,,,system) !ENTRY org.eclipse.osgi 2 1 2012-11-23 10:39:04.681 !MESSAGE NLS unused message: CacheManager_CannotLoadNonUrlLocation in: org.eclipse.equinox.internal.p2.repository.messages !SESSION 2012-11-23 15:14:12.933 ----------------------------------------------- eclipse.buildId=I20120608-1200 java.version=1.7.0_09 java.vendor=Oracle Corporation BootLoader constants: OS=linux, ARCH=x86_64, WS=gtk, NL=en_US Command-line arguments: -os linux -ws gtk -arch x86_64 !ENTRY org.eclipse.jface 2 0 2012-11-23 15:14:23.380 !MESSAGE Keybinding conflicts occurred. They may interfere with normal accelerator operation. !SUBENTRY 1 org.eclipse.jface 2 0 2012-11-23 15:14:23.380 !MESSAGE A conflict occurred for ALT+SHIFT+R: Binding(ALT+SHIFT+R, ParameterizedCommand(Command(oracle.eclipse.tools.common.services.ui.refactor.rename.command,Rename, Rename the selected text., Category(org.eclipse.jdt.ui.category.refactoring,Refactor - Java,Java Refactoring Actions,true), oracle.eclipse.tools.common.services.ui.refactor.internal.ArtifactRefactoringCommandHandler, ,,true),null), org.eclipse.ui.defaultAcceleratorConfiguration, org.eclipse.ui.contexts.window,,,system) Binding(ALT+SHIFT+R, ParameterizedCommand(Command(org.eclipse.jdt.ui.edit.text.java.rename.element,Rename - Refactoring , Rename the selected element, Category(org.eclipse.jdt.ui.category.refactoring,Refactor - Java,Java Refactoring Actions,true), , ,,true),null), org.eclipse.ui.defaultAcceleratorConfiguration, org.eclipse.ui.contexts.window,,,system) !ENTRY org.springframework.ide.eclipse.uaa 4 2 2012-11-23 15:14:32.800 !MESSAGE Problems occurred when invoking code from plug-in: "org.springframework.ide.eclipse.uaa". !STACK 0 java.lang.NullPointerException at org.springframework.ide.eclipse.internal.uaa.monitor.CommandUsageMonitor.startMonitoring(CommandUsageMonitor.java:61) at org.springframework.ide.eclipse.uaa.UaaPlugin$1$1.run(UaaPlugin.java:91) at org.eclipse.core.runtime.SafeRunner.run(SafeRunner.java:42) at org.springframework.ide.eclipse.uaa.UaaPlugin$1.run(UaaPlugin.java:85) at org.eclipse.core.internal.jobs.Worker.run(Worker.java:54) !SESSION 2012-11-23 15:15:21.833 ----------------------------------------------- eclipse.buildId=I20120608-1200 java.version=1.7.0_09 java.vendor=Oracle Corporation BootLoader constants: OS=linux, ARCH=x86_64, WS=gtk, NL=en_US Command-line arguments: -os linux -ws gtk -arch x86_64 !ENTRY org.eclipse.jface 2 0 2012-11-23 15:15:27.283 !MESSAGE Keybinding conflicts occurred. They may interfere with normal accelerator operation. !SUBENTRY 1 org.eclipse.jface 2 0 2012-11-23 15:15:27.283 !MESSAGE A conflict occurred for ALT+SHIFT+R: Binding(ALT+SHIFT+R, ParameterizedCommand(Command(oracle.eclipse.tools.common.services.ui.refactor.rename.command,Rename, Rename the selected text., Category(org.eclipse.jdt.ui.category.refactoring,Refactor - Java,Java Refactoring Actions,true), oracle.eclipse.tools.common.services.ui.refactor.internal.ArtifactRefactoringCommandHandler, ,,true),null), org.eclipse.ui.defaultAcceleratorConfiguration, org.eclipse.ui.contexts.window,,,system) Binding(ALT+SHIFT+R, ParameterizedCommand(Command(org.eclipse.jdt.ui.edit.text.java.rename.element,Rename - Refactoring , Rename the selected element, Category(org.eclipse.jdt.ui.category.refactoring,Refactor - Java,Java Refactoring Actions,true), , ,,true),null), org.eclipse.ui.defaultAcceleratorConfiguration, org.eclipse.ui.contexts.window,,,system) !ENTRY org.eclipse.jface 2 0 2012-11-23 15:18:41.265 !MESSAGE Keybinding conflicts occurred. They may interfere with normal accelerator operation. !SUBENTRY 1 org.eclipse.jface 2 0 2012-11-23 15:18:41.265 !MESSAGE A conflict occurred for ALT+SHIFT+E: Binding(ALT+SHIFT+E, ParameterizedCommand(Command(oracle.eclipse.tools.common.services.ui.refactor.rename.command,Rename, Rename the selected text., Category(org.eclipse.jdt.ui.category.refactoring,Refactor - Java,Java Refactoring Actions,true), oracle.eclipse.tools.common.services.ui.refactor.internal.ArtifactRefactoringCommandHandler, ,,true),null), org.eclipse.ui.emacsAcceleratorConfiguration, org.eclipse.ui.contexts.window,,,user) Binding(ALT+SHIFT+E, ParameterizedCommand(Command(org.eclipse.jdt.ui.edit.text.java.rename.element,Rename - Refactoring , Rename the selected element, Category(org.eclipse.jdt.ui.category.refactoring,Refactor - Java,Java Refactoring Actions,true), , ,,true),null), org.eclipse.ui.emacsAcceleratorConfiguration, org.eclipse.ui.contexts.window,,,user) Binding(ALT+SHIFT+E, ParameterizedCommand(Command(org.eclipse.wst.jsdt.ui.edit.text.java.rename.element,Rename - Refactoring , Rename the selected element, Category(org.eclipse.wst.jsdt.ui.category.refactoring,Refactor - JavaScript,JavaScript Refactoring Actions,true), , ,,true),null), org.eclipse.ui.emacsAcceleratorConfiguration, org.eclipse.ui.contexts.window,,,user) !SESSION 2012-11-23 15:18:56.267 ----------------------------------------------- eclipse.buildId=I20120608-1200 java.version=1.7.0_09 java.vendor=Oracle Corporation BootLoader constants: OS=linux, ARCH=x86_64, WS=gtk, NL=en_US Command-line arguments: -os linux -ws gtk -arch x86_64 !ENTRY org.eclipse.jface 2 0 2012-11-23 15:19:01.605 !MESSAGE Keybinding conflicts occurred. They may interfere with normal accelerator operation. !SUBENTRY 1 org.eclipse.jface 2 0 2012-11-23 15:19:01.605 !MESSAGE A conflict occurred for ALT+SHIFT+E: Binding(ALT+SHIFT+E, ParameterizedCommand(Command(org.eclipse.wst.jsdt.ui.edit.text.java.rename.element,Rename - Refactoring , Rename the selected element, Category(org.eclipse.wst.jsdt.ui.category.refactoring,Refactor - JavaScript,JavaScript Refactoring Actions,true), , ,,true),null), org.eclipse.ui.emacsAcceleratorConfiguration, org.eclipse.ui.contexts.window,,,user) Binding(ALT+SHIFT+E, ParameterizedCommand(Command(org.eclipse.jdt.ui.edit.text.java.rename.element,Rename - Refactoring , Rename the selected element, Category(org.eclipse.jdt.ui.category.refactoring,Refactor - Java,Java Refactoring Actions,true), , ,,true),null), org.eclipse.ui.emacsAcceleratorConfiguration, org.eclipse.ui.contexts.window,,,user) Binding(ALT+SHIFT+E, ParameterizedCommand(Command(oracle.eclipse.tools.common.services.ui.refactor.rename.command,Rename, Rename the selected text., Category(org.eclipse.jdt.ui.category.refactoring,Refactor - Java,Java Refactoring Actions,true), oracle.eclipse.tools.common.services.ui.refactor.internal.ArtifactRefactoringCommandHandler, ,,true),null), org.eclipse.ui.emacsAcceleratorConfiguration, org.eclipse.ui.contexts.window,,,user)

Read the article
W: Duplicate sources.list entry http://archive.ubuntu.com/ubuntu/ precise-updates/main i386 Packages

- by Harbhag

I keep getting this warning whenever I try to run sudo apt-get update W: Duplicate sources.list entry http://archive.ubuntu.com/ubuntu/ precise-updates/main i386 Packages (/var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_precise-updates_main_binary-i386_Packages) W: You may want to run apt-get update to correct these problems Below is the output from /etc/apt/sources.list file deb http://archive.ubuntu.com/ubuntu precise main restricted deb-src http://archive.ubuntu.com/ubuntu precise main restricted deb http://archive.ubuntu.com/ubuntu precise-updates main restricted deb-src http://archive.ubuntu.com/ubuntu precise-updates main restricted deb http://archive.ubuntu.com/ubuntu precise universe deb-src http://archive.ubuntu.com/ubuntu precise universe deb http://archive.ubuntu.com/ubuntu precise-updates universe deb-src http://archive.ubuntu.com/ubuntu precise-updates universe deb http://archive.ubuntu.com/ubuntu precise multiverse deb-src http://archive.ubuntu.com/ubuntu precise multiverse deb http://archive.ubuntu.com/ubuntu precise-updates multiverse deb-src http://archive.ubuntu.com/ubuntu precise-updates multiverse deb http://archive.ubuntu.com/ubuntu precise-security main restricted deb-src http://archive.ubuntu.com/ubuntu precise-security main restricted deb http://archive.ubuntu.com/ubuntu precise-security universe deb-src http://archive.ubuntu.com/ubuntu precise-security universe deb http://archive.ubuntu.com/ubuntu precise-security multiverse deb-src http://archive.ubuntu.com/ubuntu precise-security multiverse

Read the article
Access Control Service: Protocol and Token Transition

- by Your DisplayName here!

ACS v2 supports a number of protocols (WS-Federation, WS-Trust, OpenId, OAuth 2 / WRAP) and a number of token types (SWT, SAML 1.1/2.0) – see Vittorio’s Infographic here. Some protocols are designed for active client (WS-Trust, OAuth / WRAP) and some are designed for passive clients (WS-Federation, OpenID). One of the most obvious advantages of ACS is that it allows to transition between various protocols and token types. Once example would be using WS-Federation/SAML between your application and ACS to sign in with a Google account. Google is using OpenId and non-SAML tokens, but ACS transitions into WS-Federation and sends back a SAML token. This way you application only needs to understand a single protocol whereas ACS acts as a protocol bridge (see my ACS2 sample here). Another example would be transformation of a SAML token to a SWT. This is achieved by using the WRAP endpoint – you send a SAML token (from a registered identity provider) to ACS, and ACS turns it into a SWT token for the requested relying party, e.g. (using the WrapClient from Thinktecture.IdentityModel): [TestMethod] public void GetClaimsSamlToSwt() { // get saml token from idp var samlToken = Helper.GetSamlIdentityTokenForAcs(); // send to ACS for SWT converion var swtToken = Helper.GetSimpleWebToken(samlToken); var client = new HttpClient(Constants.BaseUri); client.SetAccessToken(swtToken, WebClientTokenSchemes.OAuth); // call REST service with SWT var response = client.Get("wcf/client"); Assert.AreEqual<HttpStatusCode>(HttpStatusCode.OK, response.StatusCode); } There are more protocol transitions possible – but they are not so obvious. A popular example would be how to call a REST/SOAP service using e.g. a LiveId login. In the next post I will show you how to approach that scenario.

Read the article
How to fix Duplicate sources.list entry?

- by Harbhag

I keep getting this warning whenever I try to run sudo apt-get update. W: Duplicate sources.list entry http://archive.ubuntu.com/ubuntu/ precise-updates/main i386 Packages (/var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_precise-updates_main_binary-i386_Packages) W: You may want to run apt-get update to correct these problems Below is the output from /etc/apt/sources.list file: deb http://archive.ubuntu.com/ubuntu precise main restricted deb-src http://archive.ubuntu.com/ubuntu precise main restricted deb http://archive.ubuntu.com/ubuntu precise-updates main restricted deb-src http://archive.ubuntu.com/ubuntu precise-updates main restricted deb http://archive.ubuntu.com/ubuntu precise universe deb-src http://archive.ubuntu.com/ubuntu precise universe deb http://archive.ubuntu.com/ubuntu precise-updates universe deb-src http://archive.ubuntu.com/ubuntu precise-updates universe deb http://archive.ubuntu.com/ubuntu precise multiverse deb-src http://archive.ubuntu.com/ubuntu precise multiverse deb http://archive.ubuntu.com/ubuntu precise-updates multiverse deb-src http://archive.ubuntu.com/ubuntu precise-updates multiverse deb http://archive.ubuntu.com/ubuntu precise-security main restricted deb-src http://archive.ubuntu.com/ubuntu precise-security main restricted deb http://archive.ubuntu.com/ubuntu precise-security universe deb-src http://archive.ubuntu.com/ubuntu precise-security universe deb http://archive.ubuntu.com/ubuntu precise-security multiverse deb-src http://archive.ubuntu.com/ubuntu precise-security multiverse How do I fix it?

Read the article
Best Practices Generating WebService Proxies for Oracle Sales Cloud (Fusion CRM)

- by asantaga

I've recently been building a REST Service wrapper for Oracle Sales Cloud and initially all was going well, however as soon as I added all of my Web Service proxies I started to get weird errors.. My project structure looks like this What I found out was if I only had the InteractionsService & OpportunityService WebService Proxies then all worked ok, but as soon as I added the LocationsService Proxy, I would start to see strange JAXB errors. Example of the error message Exception in thread "main" javax.xml.ws.WebServiceException: Unable to create JAXBContextat com.sun.xml.ws.model.AbstractSEIModelImpl.createJAXBContext(AbstractSEIModelImpl.java:164)at com.sun.xml.ws.model.AbstractSEIModelImpl.postProcess(AbstractSEIModelImpl.java:94)at com.sun.xml.ws.model.RuntimeModeler.buildRuntimeModel(RuntimeModeler.java:281)at com.sun.xml.ws.client.WSServiceDelegate.buildRuntimeModel(WSServiceDelegate.java:762)at weblogic.wsee.jaxws.spi.WLSProvider$ServiceDelegate.buildRuntimeModel(WLSProvider.java:982)at com.sun.xml.ws.client.WSServiceDelegate.createSEIPortInfo(WSServiceDelegate.java:746)at com.sun.xml.ws.client.WSServiceDelegate.addSEI(WSServiceDelegate.java:737)at com.sun.xml.ws.client.WSServiceDelegate.getPort(WSServiceDelegate.java:361)at weblogic.wsee.jaxws.spi.WLSProvider$ServiceDelegate.internalGetPort(WLSProvider.java:934)at weblogic.wsee.jaxws.spi.WLSProvider$ServiceDelegate$PortClientInstanceFactory.createClientInstance(WLSProvider.java:1039)...... Looking further down I see the error message is related to JAXB not being able to find an objectFactory for one of its types Caused by: java.security.PrivilegedActionException: com.sun.xml.bind.v2.runtime.IllegalAnnotationsException: 6 counts of IllegalAnnotationExceptionsThere's no ObjectFactory with an @XmlElementDecl for the element {http://xmlns.oracle.com/apps/crmCommon/activities/activitiesService/}AssigneeRsrcOrgIdthis problem is related to the following location:at protected javax.xml.bind.JAXBElement com.oracle.xmlns.apps.crmcommon.activities.activitiesservice.ActivityAssignee.assigneeRsrcOrgId at com.oracle.xmlns.apps.crmcommon.activities.activitiesservice.ActivityAssignee This is very strange... My first thoughts are that when I generated the WebService Proxy I entered the package name as "oracle.demo.pts.fusionproxy.servicename" and left the generated types as blank. This way all the generated types get put into the same package hierarchy and when deployed they get merged... Sounds resaonable and appears to work but not in this case.. To resolve this I regenerate the proxy but this time setting : Package name : To the name of my package eg. oracle.demo.pts.fusionproxy.interactionsRoot Package for Generated Types : Package where the types will be generated to, e.g. oracle.demo.pts.fusionproxy.SalesParty.types When I ran the application now, it all works , awesome eh???? Alas no, there is a serious side effect. The problem now is that to help coding I've created a collection of helper classes , these helper classes take parameters which use some of the "generic" datatypes, like FindCriteria. e.g. This wont work any more public static FindCriteria createCustomFindCriteria(FindCriteria pFc,String pAttributes) Here lies a gremlin of a problem.. I cant use this method anymore, this is because the FindCriteria datatype is now being defined two, or more times, in the generated code for my project. If you leave the Root Package for types blank it will get generated to com.oracle.xmlns, and if you populate it then it gets generated to your custom package.. The two datatypes look the same, sound the same (and if this were a duck would sound the same), but THEY ARE NOT THE SAME... Speaking to development, they recommend you should not be entering anything in the Root Packages section, so the mystery thickens why does it work.. Well after spending sometime with some colleagues of mine in development we've identified the issue.. Alas different parts of Oracle Fusion Development have multiple schemas with the same namespace, when the WebService generator generates its classes its not seeing the other schemas properly and not generating the Object Factories correctly... Thankfully I've found a workaround Solution Overview When generating the proxies leave the Root Package for Generated Types BLANK When you have finished generating your proxies, use the JAXB tool XJC and generate Java classes for all datatypes Create a project within your JDeveloper11g workspace and import the java classes into this project Final bit.. within the project dependencies ensure that the JAXB/XJC generated classes are "FIRST" in the classpath Solution Details Generate the WebServices SOAP proxies When generating the proxies your generation dialog should look like this Ensure the "unwrap" parameters is selected, if it isn't then that's ok, it simply means when issuing a "get" you need to extract out the Element Generate the JAXB Classes using XJC XJC provides a command line switch called -wsdl, this (although is experimental/beta) , accepts a HTTP WSDL and will generate the relevant classes. You can put these into a single batch/shell script xjc -wsdl https://fusionservername:443/appCmmnCompInteractions/InteractionService?wsdlxjc -wsdl https://fusionservername443/opptyMgmtOpportunities/OpportunityService?wsdl Create Project in JDeveloper to store the XJC "generated" JAXB classes Within the project folder create a filesystem folder called "src" and copy the generated files into this folder. JDeveloper11g should then see the classes and display them, if it doesnt try clicking the "refresh" button In your main project ensure that the JDeveloper XJC project is selected as a dependancy and IMPORTANT make sure it is at the top of the list. This ensures that the classes are at the front of the classpath And voilà.. Hopefully you wont see any JAXB generation errors and you can use common datatypes interchangeably in your project, (e.g. FindCriteria etc)

Read the article

Search Results

Search found 13454 results on 539 pages for 'ws security'.

Page 186/539 | < Previous Page | 182 183 184 185 186 187 188 189 190 191 192 193 | Next Page >

- by SaUce

- by PeAk

- by Jason

- by Azka

- by user80652

- by Camran

- by Camran

- by abc

- by embedded

- by Tamil

- by PratikS -- Oracle

- by ankita-13-3

- by rickramsey

- by Tyler J Fisher

- by Shaurya Anand

- by Husrat Mehmood

- by John Smith

- by Tom G

- by user317647

- by iftrue

- by user110933

- by Harbhag

- by Your DisplayName here!

- by Harbhag

- by asantaga

< Previous Page | 182 183 184 185 186 187 188 189 190 191 192 193 | Next Page >