Search Results

Search found 29513 results on 1181 pages for 'microsoft security essent'.

Page 188/1181 | < Previous Page | 184 185 186 187 188 189 190 191 192 193 194 195  | Next Page >

• Missing help files for Microsoft.WindowsMobile in Visual Studio 2008 help system

  - by Johann Gerell

  I've just installed the Windows Mobile 6.5.3 DTK, both standard and professional. Before that I had the standard and professional Windows Mobile 6 SDKs. All Windows Mobile help pages are missing in Visual Studio 2008's help system - in particular everything in the Microsoft.WindowsMobile namespace. Microsoft.WindowsMobile.DirectX is there, but it's not part of the Windows Mobile 6 SDK or 6.5.3 DTK. If I open the WM6 docs from the freshly created program group, then it's all fine and dandy, but there doesn't seem to have been a proper integration with VS during installation. Any ideas what's gone wrong and how to fix it?

  Read the article

• wss4j: - Cannot find key for alias: monit

  - by feiroox

  Hi I'm using axis1.4 and wss4j. When I define in client-config.wsdd for WSDoAllSender and WSDoAllReceiver different signaturePropFiles where I have different key stores defined with different certificates, I'm able to have different certificates for sending and receiving. But when I use the same signaturePropFiles' with the same keystore. I get this message when I try to send a message: org.apache.ws.security.components.crypto.CryptoBase -- Cannot find key for alias: [monit] in keystore of type [jks] from provider [SUN version 1.5] with size [2] and aliases: {other, monit} - Error during Signature: ; nested exception is: org.apache.ws.security.WSSecurityException: Signature creation failed; nested exception is: java.lang.Exception: Cannot find key for alias: [monit] org.apache.ws.security.WSSecurityException: Error during Signature: ; nested exception is: org.apache.ws.security.WSSecurityException: Signature creation failed; nested exception is: java.lang.Exception: Cannot find key for alias: [monit] at org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:60) at org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:202) at org.apache.ws.axis.security.WSDoAllSender.invoke(WSDoAllSender.java:168) at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32) at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118) at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83) at org.apache.axis.client.AxisClient.invoke(AxisClient.java:127) at org.apache.axis.client.Call.invokeEngine(Call.java:2784) at org.apache.axis.client.Call.invoke(Call.java:2767) at org.apache.axis.client.Call.invoke(Call.java:2443) at org.apache.axis.client.Call.invoke(Call.java:2366) at org.apache.axis.client.Call.invoke(Call.java:1812) at cz.ing.oopf.model.wsclient.ModelWebServiceSoapBindingStub.getStatus(ModelWebServiceSoapBindingStub.java:213) at cz.ing.oopf.wsgemonitor.monitor.util.MonitorUtil.checkStatus(MonitorUtil.java:18) at cz.ing.oopf.wsgemonitor.monitor.Test02WsMonitor.runTest(Test02WsMonitor.java:23) at cz.ing.oopf.wsgemonitor.Main.main(Main.java:75) Caused by: org.apache.ws.security.WSSecurityException: Signature creation failed; nested exception is: java.lang.Exception: Cannot find key for alias: [monit] at org.apache.ws.security.message.WSSecSignature.computeSignature(WSSecSignature.java:721) at org.apache.ws.security.message.WSSecSignature.build(WSSecSignature.java:780) at org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:57) ... 15 more Caused by: java.lang.Exception: Cannot find key for alias: [monit] at org.apache.ws.security.components.crypto.CryptoBase.getPrivateKey(CryptoBase.java:214) at org.apache.ws.security.message.WSSecSignature.computeSignature(WSSecSignature.java:713) ... 17 more How to have two certificates for wss4j in the same keystore? why it cannot find my certificate there when i have two certificates in one keystore. I have the same password for both certificates regarding PWCallback (CallbackHandler) My properties file: org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin org.apache.ws.security.crypto.merlin.keystore.type=jks org.apache.ws.security.crypto.merlin.keystore.password=keystore org.apache.ws.security.crypto.merlin.keystore.alias=monit org.apache.ws.security.crypto.merlin.alias.password=*** org.apache.ws.security.crypto.merlin.file=key.jks My client-config.wsdd: <deployment xmlns="http://xml.apache.org/axis/wsdd/" xmlns:java="http://xml.apache.org/axis/wsdd/providers/java"> <globalConfiguration> <requestFlow> <handler name="WSSecurity" type="java:org.apache.ws.axis.security.WSDoAllSender"> <parameter name="user" value="monit"/> <parameter name="passwordCallbackClass" value="cz.ing.oopf.common.ws.PWCallback"/> <parameter name="action" value="Signature"/> <parameter name="signaturePropFile" value="monit.properties"/> <parameter name="signatureKeyIdentifier" value="DirectReference" /> <parameter name="mustUnderstand" value="0"/> </handler> <handler type="java:org.apache.axis.handlers.JWSHandler"> <parameter name="scope" value="session"/> </handler> <handler type="java:org.apache.axis.handlers.JWSHandler"> <parameter name="scope" value="request"/> <parameter name="extension" value=".jwr"/> </handler> </requestFlow> <responseFlow> <handler name="DoSecurityReceiver" type="java:org.apache.ws.axis.security.WSDoAllReceiver"> <parameter name="user" value="other"/> <parameter name="passwordCallbackClass" value="cz.ing.oopf.common.ws.PWCallback"/> <parameter name="action" value="Signature"/> <parameter name="signaturePropFile" value="other.properties"/> <parameter name="signatureKeyIdentifier" value="DirectReference" /> </handler> </responseFlow> </globalConfiguration> <transport name="http" pivot="java:org.apache.axis.transport.http.HTTPSender"> </transport> </deployment> Listing from keytool: keytool -keystore monit-key.jks -v -list Enter keystore password: Keystore type: JKS Keystore provider: SUN Your keystore contains 2 entries Alias name: other Creation date: Jul 22, 2009 Entry type: PrivateKeyEntry Certificate chain length: 1 Certificate[1]: .... Alias name: monit Creation date: Oct 19, 2009 Entry type: trustedCertEntry

  Read the article

• Best Non-Microsoft/.NET Development Blogs and Podcasts

  - by Mark Lubin

  I really don't want to rile anyone's feathers and I really enjoy blogs like Joel, Coding Horror, Scott Hanselman, etc. However, what are some good blogs/podcasts that focus on other platforms besides Microsoft based ones or maybe even no particular platform at? In particular I am interested in areas like Python, Ruby, Java, C, but any area besides Microsoft fits the bill. There may be other similar questions to this but I think this one is unique since we might get some answers we wouldn't see otherwise, that is, everyone knows Coding Horror is great. Please try to refrain from religious debates; the content of the blog is more important than the platform they are talking about, I just want to get an idea of what is out there and worth the time.

  Read the article

• Microsoft ODBC driver for Oracle Syntax error or access violation (-2147217900)

  - by Jan

  I have a large VB program that connects to Oracle database. strCn = "Driver={Microsoft ODBC for Oracle};" & _ "SERVER=PSPROD;" Set Cn = New ADODB.Connection Cn.ConnectionString = strCn Cn.CursorLocation = adUseNone Cn.Open There are many users of my program so I have a table that contains each user's login name and their access rights to the various tables. I create a recordset of all users when the program is started and then select USERNAME and GRANTED_ROLE from the record set where USERNAME and PASSWORD are found. I use a "Set role 'GRANTED_ROLE' identified by 'password'" statment and Cn.Execute statement to set up the user's access rights. This is all done in a Module. On a form, I want to call a Stored Procedure that will SELECT, INSERT and UPDATE information into another schema's tables. I am able to call and run the stored procedure when I create a new connection to the database with this code: Dim cmd5040 As ADODB.Command Dim conn5040 As ADODB.Connection Dim param5040 As ADODB.Parameter Set conn5040 = New ADODB.Connection conn5040 = "Driver={Microsoft ODBC for Oracle};" & _ "SERVER=PSPROD; UID=XXXXXXX; PWD=XXXXXXXX" conn5040.Open Set cmd5040 = New ADODB.Command With cmd5040 .ActiveConnection = conn5040 .CommandType = adCmdStoredProc .CommandText = "S4115040_IMPORT_NEWBIDITEMSPES.S4115040_CheckTime" .Parameters.Append .CreateParameter(, adInteger, adParamInputOutput, 5) .Parameters.Append .CreateParameter(, adVarChar, adParamInputOutput, 400) End With cmd5040(0) = 0 cmd5040(1) = "" cmd5040.CommandTimeout = 300 cmd5040.Execute conn5040.Close However, I get the error message "-2147217900 [Microsoft][ODCB driver for Oracle]Syntax error or access violation" when I attempt to use the same connection ('Cn') when the program first started. My code is: Dim cmd5040 As ADODB.Command Dim param5040 As ADODB.Parameter Set cmd5040 = New ADODB.Command With cmd5040 .ActiveConnection = Cn .CommandType = adCmdStoredProc .CommandText = "S4115040_IMPORT_NEWBIDITEMSPES.S4115040_CheckTime" .Parameters.Append .CreateParameter(, adInteger, adParamInputOutput, 5) .Parameters.Append .CreateParameter(, adVarChar, adParamInputOutput, 400) End With cmd5040(0) = 0 cmd5040(1) = "" cmd5040.Execute I have worked with my DBA. She has given me direct grants and direct execute privliges and I am still get the error message. What am I doing wrong? Should I be able to use the original connection to run a stored procedure? Or must I create a second connection?

  Read the article

• Session Id in url and/or cookie? [closed]

  - by Jacco

  Most people advice against rewriting every (internal) url to include the sessionId (both GET and POST). The standard argument against it seems to be:   If an attacker gets hold of the sessionId, they can hijack the session.   With the sessionId in the url, it easily leaks to the attacker (by referer etc.) But what if you put the sessionId in both an (encrypted) cookie and the url. if the sessionId in either the cookie or the url is missing or if they do not match, decline the request. Let's pretend the website in question is free of xss holes, the cookie encryption is strong enough, etc. etc. Then what is the increased risk of rewriting every url to include the sessionId? UPDATE: @Casper That is a very good point. so up to now there are 2 reasons: bad for search engines / SEO if used in public part of the website can cause trouble when users post an url with a session Id on a forum, send it trough email or bookmark the page apart from the:   It increases the security risk, but it is not clear what the increased risk is. some background info: I've a website that offers blog-like service to travellers. I cannot be sure cookies work nor can I require cookies to work. Most computers in internet cafes are old and not (even close to) up-to-date. The user has no control over them and the connection can be very unreliable for some more 'off the beaten path' locations. Binding the session to an IP-address is not possible, some places use load-balancing proxies with multiple IP addresses. (and from China there is The Great Firewall). Upon receiving the first cookie back, I flag cookies as mandatory. However, if the cookie was flagged as mandatory but not there, I ask for their password once more, knowing their session from the url. (Also cookies have a 1 time token in them, but that's not the point of this question). UPDATE 2: The conclusion seems to be that there are no extra *security* issues when you expose you session id trough the URL while also keeping a copy of the session id in an encrypted cookie. Do not hesitate to add additional information about any possible security implications

  Read the article

• Using Microsoft.Office.Interop to save created file with C#

  - by Eyla

  I have the this code that will create excel file and work sheet then insert same values. The problem I'm facing that I'm not able to save the file with name giving ten colse it. I used SaveAs but did not work: wb.SaveAs(@"C:\mymytest.xlsx", missing, missing, missing, missing, missing, XlSaveAsAccessMode.xlExclusive, missing, missing, missing, missing, missing); this line of code would give me this error: Microsoft Office Excel cannot access the file 'C:\A3195000'. There are several possible reasons: • The file name or path does not exist. • The file is being used by another program. • The workbook you are trying to save has the same name as a currently open workbook. please advice to solve this problem. here is my code: private void button1_Click(object sender, EventArgs e) { Microsoft.Office.Interop.Excel.Application xlApp = new Microsoft.Office.Interop.Excel.Application(); if (xlApp == null) { MessageBox.Show("EXCEL could not be started. Check that your office installation and project references are correct."); return; } xlApp.Visible = true; Workbook wb = xlApp.Workbooks.Add(XlWBATemplate.xlWBATWorksheet); Worksheet ws = (Worksheet)wb.Worksheets[1]; if (ws == null) { MessageBox.Show("Worksheet could not be created. Check that your office installation and project references are correct."); } // Select the Excel cells, in the range c1 to c7 in the worksheet. Range aRange = ws.get_Range("C1", "C7"); if (aRange == null) { MessageBox.Show("Could not get a range. Check to be sure you have the correct versions of the office DLLs."); } // Fill the cells in the C1 to C7 range of the worksheet with the number 6. Object[] args = new Object[1]; args[0] = 6; aRange.GetType().InvokeMember("Value", BindingFlags.SetProperty, null, aRange, args); // Change the cells in the C1 to C7 range of the worksheet to the number 8. aRange.Value2 = 8; // object missing = Type.Missing; // wb.SaveAs(@"C:\mymytest.xlsx", missing, missing, missing, missing, //missing, XlSaveAsAccessMode.xlExclusive, missing, missing, missing, missing, //missing); }

  Read the article

• Assembly Microsoft.Xna.Framework.dll does not load

  - by jbsnorro

  When trying to load Microsoft.Xna.Framework.dll from any project, it throws a FileNotFoundException. The specified module could not be found. (Exception from HRESULT: 0x8007007E), with no innerException. Even the simple code like the following throws that exception: static void Main(string[] args) { Assembly.LoadFile(@"C:\Microsoft.Xna.Framework.dll"); } I run XP x64, but I've set the platform in the configuration manager to x86, because I know it shouldn't(doesn't) work on x64 or Any CPU. I've manually added the dll file to GAC, but that didn't solve the problem. I have also tried the M$ Assembly Binding Log Viewer to see if those logs had any useful information, but they didn't. Everything, the loading etc, was a success according to them. Any suggestions? please?

  Read the article

• Authorizing a computer to access a web application

  - by HackedByChinese

  I have a web application, and am tasked with adding secure sign-on to bolster security, akin to what Google has added to Google accounts. Use Case Essentially, when a user logs in, we want to detect if the user has previously authorized this computer. If the computer has not been authorized, the user is sent a one-time password (via email, SMS, or phone call) that they must enter, where the user may choose to remember this computer. In the web application, we will track authorized devices, allowing users to see when/where they logged in from that device last, and deauthorize any devices if they so choose. We require a solution that is very light touch (meaning, requiring no client-side software installation), and works with Safari, Chrome, Firefox, and IE 7+ (unfortunately). We will offer x509 security, which provides adequate security, but we still need a solution for customers that can't or won't use x509. My intention is to store authorization information using cookies (or, potentially, using local storage, degrading to flash cookies, and then normal cookies). At First Blush Track two separate values (local data or cookies): a hash representing a secure sign-on token, as well as a device token. Both values are driven (and recorded) by the web application, and dictated to the client. The SSO token is dependent on the device as well as a sequence number. This effectively allows devices to be deauthorized (all SSO tokens become invalid) and mitigates replay (not effectively, though, which is why I'm asking this question) through the use of a sequence number, and uses a nonce. Problem With this solution, it's possible for someone to just copy the SSO and device tokens and use in another request. While the sequence number will help me detect such an abuse and thus deauthorize the device, the detection and response can only happen after the valid device and malicious request both attempt access, which is ample time for damage to be done. I feel like using HMAC would be better. Track the device, the sequence, create a nonce, timestamp, and hash with a private key, then send the hash plus those values as plain text. Server does the same (in addition to validating the device and sequence) and compares. That seems much easier, and much more reliable.... assuming we can securely negotiate, exchange, and store private keys. Question So then, how can I securely negotiate a private key for authorized device, and then securely store that key? Is it more possible, at least, if I settle for storing the private key using local storage or flash cookies and just say it's "good enough"? Or, is there something I can do to my original draft to mitigate the vulnerability I describe?

  Read the article

• Disassemble Microsoft Visual Studio 2003 compiler output

  - by Carl Norum

  I'm seeing what I think is strange behaviour from object files output by the Microsoft Visual Studio 2003 tools. The file utility tells me: asmfile.obj: 80386 COFF executable not stripped - version 30821 For objects created by the assembler, but for objects coming from C files, I get just: cfile.obj: data Using Microsoft's dumpbin utility and the objdump I got from cygwin, I can disassemble the assembly-built file, but I get no useful results from either utility for the C-built files. I have a couple of questions related to this difference: What is the object file format generated by the MSVC2003 compiler? How can I disassemble that object file? I am particularly interested in getting the disassembly in AT&T syntax - I'm doing a port of a large source base to make it work with GCC, and I would like to use this method as a shortcut for some of the inline assembly routines in the project. Thanks!

  Read the article

• Microsoft Robotics Development Studio simulation project deployment

  - by slibby05

  I am currently working on a project in Microsoft Robotics Development Studio, and I am having a little trouble deploying the solution for general use. My problem is this. I am making a simulation, so I need to deploy the simulation engine along with my project. This is dependent on the Ageia PhysX engine, DirectX, and the Microsoft XNA framework. I understand this, and I understand that the deployment tool for MRDS (dssdeploy) isn't set up to deploy simulations by default. So, if anyone has worked with MRDS before, and has deployed a simulation, I could use some help with this.

  Read the article

• Starting a Blog using Microsoft.Net technologies

  - by manav inder

  I want to start a blog using Microsoft technologies. My primary reason is to get more in-sync with technologies which are very much in demand. It does not matter how steep is the learning curve as long I am willing to devote all the time in the world. There are lot going on like Microsoft WebAPI, Dot net nuke MVC SPA etc. Let me tell you what i know I have very good experience in developing database driven .net application using winforms and wpf. Average experience in asp.net and asp.net mvc. Good in entity framework, ado.net and wcf rest services. Good in IoC/DI.

  Read the article

• Opening Microsoft Word files in c# .net

  - by Dave

  Hi, I'm trying to use the simple code here: http://www.c-sharpcorner.com/UploadFile/Globalking/fileAccessingusingcsharp02242006050207AM/fileAccessingusingcsharp.aspx But I get the following error message when trying to declare a "Word" object. Error 1 The type or namespace name 'Word' could not be found (are you missing a using directive or an assembly reference?) C:\Users..\Documents\Visual Studio 2010\WebSites\Copying1_1\Default.aspx.cs 89 13 C:...\Copying1_1\ Any suggestions? N.b. I went to "add reference" and added "Microsoft Word 12 library", but it doesn't appear in the solution explorer. I also added:"using Microsoft.Office;"

  Read the article

• MemoryStream, XmlTextWriter and Warning 4 CA2202 : Microsoft.Usage

  - by rasx

  The Run Code Analysis command in Visual Studio 2010 Ultimate returns a warning when seeing a certain pattern with MemoryStream and XmlTextWriter. This is the warning: Warning 7 CA2202 : Microsoft.Usage : Object 'ms' can be disposed more than once in method 'KinteWritePages.GetXPathDocument(DbConnection)'. To avoid generating a System.ObjectDisposedException you should not call Dispose more than one time on an object.: Lines: 421 C:\Visual Studio 2010\Projects\Songhay.DataAccess.KinteWritePages\KinteWritePages.cs 421 Songhay.DataAccess.KinteWritePages This is the form: static XPathDocument GetXPathDocument(DbConnection connection) { XPathDocument xpDoc = null; var ms = new MemoryStream(); try { using(XmlTextWriter writer = new XmlTextWriter(ms, Encoding.UTF8)) { using(DbDataReader reader = CommonReader.GetReader(connection, Resources.KinteRssSql)) { writer.WriteStartDocument(); writer.WriteStartElement("data"); do { while(reader.Read()) { writer.WriteStartElement("item"); for(int i = 0; i < reader.FieldCount; i++) { writer.WriteRaw(String.Format("<{0}>{1}</{0}>", reader.GetName(i), reader[i].ToString())); } writer.WriteFullEndElement(); } } while(reader.NextResult()); writer.WriteFullEndElement(); writer.WriteEndDocument(); writer.Flush(); ms.Position = 0; xpDoc = new XPathDocument(ms); } } } finally { ms.Dispose(); } return xpDoc; } The same kind of warning is produced for this form: XPathDocument xpDoc = null; using(var ms = new MemoryStream()) { using(XmlTextWriter writer = new XmlTextWriter(ms, Encoding.UTF8)) { using(DbDataReader reader = CommonReader.GetReader(connection, Resources.KinteRssSql)) { //... } } } return xpDoc; By the way, the following form produces another warning: XPathDocument xpDoc = null; var ms = new MemoryStream(); using(XmlTextWriter writer = new XmlTextWriter(ms, Encoding.UTF8)) { using(DbDataReader reader = CommonReader.GetReader(connection, Resources.KinteRssSql)) { //... } } return xpDoc; The above produces the warning: Warning 7 CA2000 : Microsoft.Reliability : In method 'KinteWritePages.GetXPathDocument(DbConnection)', object 'ms' is not disposed along all exception paths. Call System.IDisposable.Dispose on object 'ms' before all references to it are out of scope. C:\Visual Studio 2010\Projects\Songhay.DataAccess.KinteWritePages\KinteWritePages.cs 383 Songhay.DataAccess.KinteWritePages In addition to the following, what are my options?: Supress warning CA2202. Supress warning CA2000 and hope that Microsoft is disposing of MemoryStream (because Reflector is not showing me the source code). Rewrite my legacy code to recognize the wonderful XDocument and LINQ to XML.

  Read the article

• showSettings callback in Flex?

  - by Jim Robert

  I am pretty new to flex, so forgive me if this is an obvious question. Is there a way to open the Security.showSettings (flash.system.Security) with a callback? or at least to detect if it is currently open or not? My flex application is used for streaming audio, and is normally controlled by javascript, so I keep it hidden for normal use (via absolute positioning it off the page). When I need microphone access I need to make the flash settings dialog visible, which works fine, I move it into view and open the dialog. When the user closes it, I need to move it back off the screen so they don't see an empty flex app sitting there after they change their settings. thanks :)

  Read the article

• Strange behaviour with Microsoft.WindowsCE.Forms

  - by Mohammadreza

  I have a Windows Mobile application in which I want to check the device orientation. Therefore I wrote the following property in one of my forms: internal static Microsoft.WindowsCE.Forms.ScreenOrientation DeviceOriginalOrientation { get; private set; } The strange thing is that after that whenever I open a UserControl, the designer shows this warning even if that UserControl doesn't use the property: Could not load file or assembly 'Microsoft.WindowsCE.Forms, Version=3.5.0.0, Culture=neutral, PublicKeyToken=969db8053d3322ac' or one of its dependencies. The located assembly's manifest definition does not match the assembly reference. (Exception from HRESULT: 0x80131040) Commenting the above property will dismiss the warning and shows the user control again. The application is built successfully and runs without any problems in both cases. Does anybody know why this happens and how can I fix it?

  Read the article

• razor intellisense not working on VS2010 for microsoft.web.helpers

  - by pomarc

  I have VS2010 Premium,.NET4.0, MVC3 Tools Update. I've nugetted microsoft-web-helpers successfully. I cannot get @razor intellisense to recognize the microsoft.web.helpers classes. They do work correctely at runtime, i.e. @Twitter.profile shows a profile, but at design time the statent is seen as an error and no members are shown after "." I've tried to add <add assembly="System.Web.Helpers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> to the <assemblies> element in web.config, but it didn't help. Any idea? thanks.

  Read the article

• Custom certificate as proof of transaction

  - by Andy

  I'm developing a site where a user conducts a given transaction and once completed, the user is issued with a 'secure certificate'. The certificate serves as proof of the transaction and the user is able to upload the certificate at a later stage, to view the details of the transaction. At the moment I'm using a custom XML document with encrypted fields. It works perfect, but I would like a standardized approach, such as an X.509 certificate. I'm no encryption expert, but from what I gather, X.509 is more geared towards SSL issued by a CA. Is it possible to create your own valid valid CRT file? As a test, I created a CRT file with the example provided on WikiPedia. However, when I open the file in Windows I get this warning: Invalid Public Key Security Object File - This file is invalid as the following: Security Certificate. Not having much luck here, so time to ask the experts. What direction should I be heading in? Any guidance would be greatly appreciated.

  Read the article

• How to secure authorization of methods

  - by Kurresmack

  I am building a web site in C# using MVC.Net How can I secure that no unauthorized persons can access my methods? What I mean is that I want to make sure that only admins can create articles on my page. If I put this logic in the method actually adding this to the database, wouldn't I have business logic in my data layer? Is it a good practise to have a seperate security layer that is always in between of the data layer and the business layer to make? The problem is that if I protect at a higher level I will have to have checks on many places and it is more likely that I miss one place and users can bypass security. Thanks!

  Read the article

• Can an Aspect conditionally render parts of a JSP page ?

  - by Scott The Scot

  At present the jsp pages have normal authorize tags to conditionally render links and information etc. The website is on the intranet, and we're using Spring Security 2.0.4. Ive now got a business user who wants to allow all roles to access everything for the first few weeks, then gradually add the security back in as feedback is gathered from the business. Rather than go through every page, removing the authorize tags, only to have to put them back in, is is possible to configure these through an aspect, or is there any other way to externalize this into a config file ? I've found Spring's MethodSecurityInterceptor and the meta data tags, but these wouldn't give me the externalization. I've been on google for the last hour, and am now pretty sure this can't be done, but would love to find out I haven't been asking the right questions. Advice appreciated

  Read the article

• Microsoft Team Foundation Server 2010 release date

  - by Jeff Green

  When is the release date for Microsoft Team Foundation Server 2010?

  Read the article

• Is it possible to put binary image data into html markup and then get the image displayed as usual i

  - by Joern Akkermann

  It's an important security issue and I'm sure this should be possible. A simple example: You run a community portal. Users are registered and upload their pictures. Your application gives security rules whenever a picture is allowed to be displayed. For example users must be friends on each sides by the system, in order that you can view someone else's uploaded pictures. Here comes the problem: it is possible that someone crawls the image directories of your server. But you want to protect your users from such attacks. If it's possible to put the binary data of an image directly into the HTML markup, you can restrict the user access of your image dirs the user and group your web application runs of and pass the image data to your Apache user and group directly in the HTML. The only possible weakness then is the password of the user that your web app runs as. Is there already a possibility?

  Read the article

• Microsoft Project opensource alternatives

  - by dcrodjer

  I have been recommended to use the Microsoft project as a project manager in my course. But being a opensource fan and linux user what will be the best opensource alternative to this. I have seen this question: Open Source Alternative to Microsoft Project?, which suggests to use openproj. Openproj's last version was released 2 years back so I was thinking otherwise. Also following the wiki project management softwares comparison, I found out there are lot of opensource alternatives. Some software in the list with maximum features I found out are: Endevour eGroupWare (web based) Onepoint Project Project.net Project-Open Redmine web2project (web based) Could anyone recommend what is the best (or most popular) alternative. Thanks

  Read the article

• Best Pratice to Implement Secure Remember Me

  - by Yan Cheng CHEOK

  Sometimes, I came across certain web development framework which doesn't provide authentication feature as in Authenication ASP.NET I was wondering what is the security measure needs to be considered, when implementing "Remember Me" login feature, by hand coding? Here are the things I usually did. 1) Store the user name in cookie. The user name are not encrypted. 2) Store a secret key in cookie. The secret key is generated using one way function based on user name. The server will verify secret key against user name, to ensure this user name is not being changed. 3) Use HttpOnly in cookie. http://www.codinghorror.com/blog/2008/08/protecting-your-cookies-httponly.html Any things else I could miss out, which could possible lead a security hole.

  Read the article

• Microsoft Project

  - by David Neeck

  Is Microsoft Project the best tool for managing software development or IT projects or is there an alternative that is better?

  Read the article

• Excel > Microsoft Query > SQL Server > Multiple Parameters

  - by pojomx

  Hi, Im relatively new to sql server and excel/microsoft query, I have a query like this Select ...[data]...B1.b,B2.b,B3.b From TABLEA Inner join ( SELECT ---[data]...sum(...) as b From TABLEB WHERE Date between [startdate] and [enddate] ) as B1 Inner join ( SELECT ---[data]...sum(...) as b From TABLEB WHERE Date between [startdate-1week] and [enddate] ) as B2 Inner join ( SELECT ---[data]...sum(...) as b From TABLEB WHERE Date between [startdate-2weeks] and [enddate] ) as B3 Where Date between [startdate] and [enddate] It works, when i introduce the dates manually, but i need them to be "Dynamic" (introduced from excel) but, when I put the "?" (for parameters) on all the dates, it throws an error. "Invalid Parameter Number" :D How can i make this work, within excel? Im using SQL Server and Microsoft Query Connection Data.

  Read the article

< Previous Page | 184 185 186 187 188 189 190 191 192 193 194 195  | Next Page >