Search Results

Search found 59864 results on 2395 pages for 'application security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 195/2395 | < Previous Page | 191 192 193 194 195 196 197 198 199 200 201 202  | Next Page >

  • Failed to launch simulated application: iPhone Simulator failed to find the process ID of com.iAndAp

    - by Nicsoft
    Hello, I'm having this annoyning problem giving this message in the console: Failed to launch simulated application: iPhone Simulator failed to find the process ID of com.iAndApp.BlockPop. When trying to Build and Run, the application builds fine. The simulator starts but doesn't start the application. However, it manages to do something since the icon for the app is installed in the simulator. I have been searching to find the answer and tried a couple of things, none that worked. This happens for both new and old projects. I.e. when I create a new project I will receive the same error message. I've tried several projects of which all get the same error, so it's not related to the code (and successful builds proves it). Among other things I have updated to xCode 3.2.2. in order to try to solve the problem. Using Mac OSX 10.6.3. Here are the logs: 1. 2010-05-30 17.20.39 SpringBoard[15713] Unable to create CFServerConnection. Telephony state may be incorrect. 2010-05-30 17.20.40 SpringBoard[15713] Unable to create CFServerConnection. Telephony state may be incorrect. 2010-05-30 17.20.40 SpringBoard[15713] Unable to create CFServerConnection. Telephony state may be incorrect. 2010-05-30 17.20.40 SpringBoard[15713] Unable to create CFServerConnection. Telephony state may be incorrect. 2010-05-30 17.20.40 SpringBoard[15713] Can't find the translation dictionary, loadTranslationDictionaries 2010-05-30 17.20.40 SpringBoard[15713] Unable to create CFServerConnection. Telephony state may be incorrect. 2010-05-30 17.20.40 SpringBoard[15713] Unable to create CFServerConnection. Telephony state may be incorrect. 2010-05-30 17.20.41 SpringBoard[15713] Launchd returned an unexpected type or didn't return a value for job label UIKitApplication:com.iAndApp.BlockPop[0x8abd] with job key PID 2010-05-30 17.20.41 SpringBoard[15713] Unable to create CFServerConnection. Telephony state may be incorrect. 2010-05-30 17.21.10 Xcode[15496] Error launching simulated application: Error Domain=DTiPhoneSimulatorErrorDomain Code=1 UserInfo=0x200edcc00 "iPhone Simulator failed to find the process ID of com.iAndApp.BlockPop." 2. Form system.log May 30 17:20:39 Niklas-Johanssons-Mac-mini mobile_installationd[15712]: a0bc84e0 init_simulator_paths: No simulator root specified. Falling back to environment variable. May 30 17:20:39: --- last message repeated 5 times --- May 30 17:20:39 Niklas-Johanssons-Mac-mini mobile_installationd[15712]: b0081000 init_simulator_paths: No simulator root specified. Falling back to environment variable. May 30 17:20:39: --- last message repeated 1 time --- May 30 17:20:39 Niklas-Johanssons-Mac-mini mobile_installationd[15712]: b0081000 load_application_info: Could not load signer identity from /Users/Niklas/Library/Application Support/iPhone Simulator/3.0/Applications/1CD7E4BA-14D3-45A5-A05E-E552C04BCD4D/BlockPopLite.app/BlockPopLite May 30 17:20:39 Niklas-Johanssons-Mac-mini mobile_installationd[15712]: b0081000 load_application_info: Could not load signer identity from /Users/Niklas/Library/Application Support/iPhone Simulator/3.0/Applications/62585F19-5FAD-4548-89DF-C9AE621FCCD7/SysSound.app/SysSound May 30 17:20:39 Niklas-Johanssons-Mac-mini mobile_installationd[15712]: b0081000 load_application_info: Could not load signer identity from /Users/Niklas/Library/Application Support/iPhone Simulator/3.0/Applications/81AA51A5-7BFC-442F-BFF8-91E9C6EF13CD/BlockPop.app/BlockPop May 30 17:20:39 Niklas-Johanssons-Mac-mini mobile_installationd[15712]: b0103000 load_application_info: Could not load signer identity from /Users/Niklas/Library/Application Support/iPhone Simulator/3.0/Applications/A2DCBF96-8F15-4527-BDF1-BD90B34D401C/BlockPop.app/BlockPop May 30 17:20:39 Niklas-Johanssons-Mac-mini mobile_installationd[15712]: b0081000 init_simulator_paths: No simulator root specified. Falling back to environment variable. May 30 17:20:39: --- last message repeated 1 time --- May 30 17:20:39 Niklas-Johanssons-Mac-mini SpringBoard[15713]: Unable to create CFServerConnection. Telephony state may be incorrect. May 30 17:20:40 Niklas-Johanssons-Mac-mini mobile_installationd[15712]: b0081000 init_simulator_paths: No simulator root specified. Falling back to environment variable. May 30 17:20:40: --- last message repeated 1 time --- May 30 17:20:40 Niklas-Johanssons-Mac-mini SpringBoard[15713]: Unable to create CFServerConnection. Telephony state may be incorrect. May 30 17:20:40: --- last message repeated 2 times --- May 30 17:20:40 Niklas-Johanssons-Mac-mini SpringBoard[15713]: Can't find the translation dictionary, loadTranslationDictionaries May 30 17:20:40 Niklas-Johanssons-Mac-mini mobile_installationd[15712]: b0081000 init_simulator_paths: No simulator root specified. Falling back to environment variable. May 30 17:20:40: --- last message repeated 3 times --- May 30 17:20:40 Niklas-Johanssons-Mac-mini SpringBoard[15713]: Unable to create CFServerConnection. Telephony state may be incorrect. May 30 17:20:41: --- last message repeated 1 time --- May 30 17:20:41 Niklas-Johanssons-Mac-mini SpringBoard[15713]: Launchd returned an unexpected type or didn't return a value for job label UIKitApplication:com.iAndApp.BlockPop[0x8abd] with job key PID May 30 17:20:41 Niklas-Johanssons-Mac-mini SpringBoard[15713]: Unable to create CFServerConnection. Telephony state may be incorrect. May 30 17:21:10 Niklas-Johanssons-Mac-mini Xcode[15496]: Error launching simulated application: Error Domain=DTiPhoneSimulatorErrorDomain Code=1 UserInfo=0x200edcc00 "iPhone Simulator failed to find the process ID of com.iAndApp.BlockPop." Where do I start? I am really stuck and would be most greatful for any help!

    Read the article

  • wss4j: - Cannot find key for alias: monit

    - by feiroox
    Hi I'm using axis1.4 and wss4j. When I define in client-config.wsdd for WSDoAllSender and WSDoAllReceiver different signaturePropFiles where I have different key stores defined with different certificates, I'm able to have different certificates for sending and receiving. But when I use the same signaturePropFiles' with the same keystore. I get this message when I try to send a message: org.apache.ws.security.components.crypto.CryptoBase -- Cannot find key for alias: [monit] in keystore of type [jks] from provider [SUN version 1.5] with size [2] and aliases: {other, monit} - Error during Signature: ; nested exception is: org.apache.ws.security.WSSecurityException: Signature creation failed; nested exception is: java.lang.Exception: Cannot find key for alias: [monit] org.apache.ws.security.WSSecurityException: Error during Signature: ; nested exception is: org.apache.ws.security.WSSecurityException: Signature creation failed; nested exception is: java.lang.Exception: Cannot find key for alias: [monit] at org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:60) at org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:202) at org.apache.ws.axis.security.WSDoAllSender.invoke(WSDoAllSender.java:168) at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32) at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118) at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83) at org.apache.axis.client.AxisClient.invoke(AxisClient.java:127) at org.apache.axis.client.Call.invokeEngine(Call.java:2784) at org.apache.axis.client.Call.invoke(Call.java:2767) at org.apache.axis.client.Call.invoke(Call.java:2443) at org.apache.axis.client.Call.invoke(Call.java:2366) at org.apache.axis.client.Call.invoke(Call.java:1812) at cz.ing.oopf.model.wsclient.ModelWebServiceSoapBindingStub.getStatus(ModelWebServiceSoapBindingStub.java:213) at cz.ing.oopf.wsgemonitor.monitor.util.MonitorUtil.checkStatus(MonitorUtil.java:18) at cz.ing.oopf.wsgemonitor.monitor.Test02WsMonitor.runTest(Test02WsMonitor.java:23) at cz.ing.oopf.wsgemonitor.Main.main(Main.java:75) Caused by: org.apache.ws.security.WSSecurityException: Signature creation failed; nested exception is: java.lang.Exception: Cannot find key for alias: [monit] at org.apache.ws.security.message.WSSecSignature.computeSignature(WSSecSignature.java:721) at org.apache.ws.security.message.WSSecSignature.build(WSSecSignature.java:780) at org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:57) ... 15 more Caused by: java.lang.Exception: Cannot find key for alias: [monit] at org.apache.ws.security.components.crypto.CryptoBase.getPrivateKey(CryptoBase.java:214) at org.apache.ws.security.message.WSSecSignature.computeSignature(WSSecSignature.java:713) ... 17 more How to have two certificates for wss4j in the same keystore? why it cannot find my certificate there when i have two certificates in one keystore. I have the same password for both certificates regarding PWCallback (CallbackHandler) My properties file: org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin org.apache.ws.security.crypto.merlin.keystore.type=jks org.apache.ws.security.crypto.merlin.keystore.password=keystore org.apache.ws.security.crypto.merlin.keystore.alias=monit org.apache.ws.security.crypto.merlin.alias.password=*** org.apache.ws.security.crypto.merlin.file=key.jks My client-config.wsdd: <deployment xmlns="http://xml.apache.org/axis/wsdd/" xmlns:java="http://xml.apache.org/axis/wsdd/providers/java"> <globalConfiguration> <requestFlow> <handler name="WSSecurity" type="java:org.apache.ws.axis.security.WSDoAllSender"> <parameter name="user" value="monit"/> <parameter name="passwordCallbackClass" value="cz.ing.oopf.common.ws.PWCallback"/> <parameter name="action" value="Signature"/> <parameter name="signaturePropFile" value="monit.properties"/> <parameter name="signatureKeyIdentifier" value="DirectReference" /> <parameter name="mustUnderstand" value="0"/> </handler> <handler type="java:org.apache.axis.handlers.JWSHandler"> <parameter name="scope" value="session"/> </handler> <handler type="java:org.apache.axis.handlers.JWSHandler"> <parameter name="scope" value="request"/> <parameter name="extension" value=".jwr"/> </handler> </requestFlow> <responseFlow> <handler name="DoSecurityReceiver" type="java:org.apache.ws.axis.security.WSDoAllReceiver"> <parameter name="user" value="other"/> <parameter name="passwordCallbackClass" value="cz.ing.oopf.common.ws.PWCallback"/> <parameter name="action" value="Signature"/> <parameter name="signaturePropFile" value="other.properties"/> <parameter name="signatureKeyIdentifier" value="DirectReference" /> </handler> </responseFlow> </globalConfiguration> <transport name="http" pivot="java:org.apache.axis.transport.http.HTTPSender"> </transport> </deployment> Listing from keytool: keytool -keystore monit-key.jks -v -list Enter keystore password: Keystore type: JKS Keystore provider: SUN Your keystore contains 2 entries Alias name: other Creation date: Jul 22, 2009 Entry type: PrivateKeyEntry Certificate chain length: 1 Certificate[1]: .... Alias name: monit Creation date: Oct 19, 2009 Entry type: trustedCertEntry

    Read the article

  • Session Id in url and/or cookie? [closed]

    - by Jacco
    Most people advice against rewriting every (internal) url to include the sessionId (both GET and POST). The standard argument against it seems to be:   If an attacker gets hold of the sessionId, they can hijack the session.   With the sessionId in the url, it easily leaks to the attacker (by referer etc.) But what if you put the sessionId in both an (encrypted) cookie and the url. if the sessionId in either the cookie or the url is missing or if they do not match, decline the request. Let's pretend the website in question is free of xss holes, the cookie encryption is strong enough, etc. etc. Then what is the increased risk of rewriting every url to include the sessionId? UPDATE: @Casper That is a very good point. so up to now there are 2 reasons: bad for search engines / SEO if used in public part of the website can cause trouble when users post an url with a session Id on a forum, send it trough email or bookmark the page apart from the:   It increases the security risk, but it is not clear what the increased risk is. some background info: I've a website that offers blog-like service to travellers. I cannot be sure cookies work nor can I require cookies to work. Most computers in internet cafes are old and not (even close to) up-to-date. The user has no control over them and the connection can be very unreliable for some more 'off the beaten path' locations. Binding the session to an IP-address is not possible, some places use load-balancing proxies with multiple IP addresses. (and from China there is The Great Firewall). Upon receiving the first cookie back, I flag cookies as mandatory. However, if the cookie was flagged as mandatory but not there, I ask for their password once more, knowing their session from the url. (Also cookies have a 1 time token in them, but that's not the point of this question). UPDATE 2: The conclusion seems to be that there are no extra *security* issues when you expose you session id trough the URL while also keeping a copy of the session id in an encrypted cookie. Do not hesitate to add additional information about any possible security implications

    Read the article

  • Warning while downloading setup.exe builded by visual setup project

    - by nosbor
    I've built installer for my(c#, wpf) application by visual setup project. I share my project over internet by web site. But when I download the file I receive warning(actually looks like terrible error or virus) that the application(setup.exe) can harm my computer and apocalypse will come in near future if I will run it. Yes my installer is not signed by MS certificate, but I saw that other installers of others application also don't have cert but the warning is not shown(for instance installer of notepad++). Do you have any suggestions or solution of my problem?

    Read the article

  • JSF2 and Richfaces 3.3.3 application on tomcat 6.0 crashes with a StackOverflowError

    - by Vivek Madapura V
    Hi, I am using JSF 2 and richfaces 3.3.3 for an application hosted on tomcat 6.0.20. The application crashes as soon as a request is made via the browser (Mozilla and IE). My web.xml looks like this: <?xml version="1.0" encoding="UTF-8"?> <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5"> <display-name>TestJSF</display-name> <welcome-file-list> <welcome-file>pages/login.xhtml</welcome-file> </welcome-file-list> <servlet> <servlet-name>Faces Servlet</servlet-name> <servlet-class>javax.faces.webapp.FacesServlet</servlet-class> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>Faces Servlet</servlet-name> <url-pattern>/faces/*</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>Faces Servlet</servlet-name> <url-pattern>*.xhtml</url-pattern> </servlet-mapping> <context-param> <description>State saving method: 'client' or 'server' (=default). See JSF Specification 2.5.2</description> <param-name>javax.faces.STATE_SAVING_METHOD</param-name> <param-value>server</param-value> </context-param> <context-param> <param-name>javax.faces.DISABLE_FACELET_JSF_VIEWHANDLER</param-name> <param-value>true</param-value> </context-param> <context-param> <param-name>org.richfaces.SKIN</param-name> <param-value>blueSky</param-value> </context-param> <context-param> <param-name>org.richfaces.CONTROL_SKINNING</param-name> <param-value>enable</param-value> </context-param> <context-param> <param-name>javax.faces.DEFAULT_SUFFIX</param-name> <param-value>.xhtml</param-value> </context-param> <context-param> <param-name>javax.faces.FACELETS_SKIP_COMMENTS</param-name> <param-value>true</param-value> </context-param> <listener> <listener-class>com.sun.faces.config.ConfigureListener</listener-class> </listener> <filter> <display-name>RichFaces Filter</display-name> <filter-name>richfaces</filter-name> <filter-class>org.ajax4jsf.Filter</filter-class> </filter> <filter-mapping> <filter-name>richfaces</filter-name> <servlet-name>Faces Servlet</servlet-name> <dispatcher>REQUEST</dispatcher> <dispatcher>FORWARD</dispatcher> <dispatcher>INCLUDE</dispatcher> </filter-mapping> </web-app> The exception is javax.servlet.ServletException: Servlet execution threw an exception org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:530) com.sun.faces.context.ExternalContextImpl.dispatch(ExternalContextImpl.java:542) com.sun.faces.application.view.JspViewHandlingStrategy.executePageToBuildView(JspViewHandlingStrategy.java:359) com.sun.faces.application.view.JspViewHandlingStrategy.buildView(JspViewHandlingStrategy.java:150) com.sun.faces.application.view.JspViewHandlingStrategy.renderView(JspViewHandlingStrategy.java:190) com.sun.faces.application.view.MultiViewHandler.renderView(MultiViewHandler.java:127) org.ajax4jsf.application.ViewHandlerWrapper.renderView(ViewHandlerWrapper.java:100) org.ajax4jsf.application.AjaxViewHandler.renderView(AjaxViewHandler.java:176) com.sun.faces.lifecycle.RenderResponsePhase.execute(RenderResponsePhase.java:117) com.sun.faces.lifecycle.Phase.doPhase(Phase.java:97) com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:135) javax.faces.webapp.FacesServlet.service(FacesServlet.java:309) The stack trace is recursively logged with this until the StackOverflowError occurrs. If I remove all the configurations related to Richfaces, the application works like charm. Any advice is much appreciated.

    Read the article

  • log in as a proxy for a certain user

    - by Samuel
    We have a requirement, wherein the administrative user needs to proxy in as a certain user in an environment where several users (Role: User) are managed by an administrator (Role: Admin). e.g If we have the following users in the database (admin, user1, user2, user3), we would want the admin to proxy as 'user2' and use the system in certain scenarios. Authentication in our web application is based username / password credentials, what mechanisms are available for the admin to proxy as 'user2' when he doesn't have the password for 'user2'. How can the application track such access for audit purposes to mention that 'admin' had proxied for 'user2' and performed certain actions. I am looking for suggestions on supporting this in our j2ee (jboss seam) web application.

    Read the article

  • showSettings callback in Flex?

    - by Jim Robert
    I am pretty new to flex, so forgive me if this is an obvious question. Is there a way to open the Security.showSettings (flash.system.Security) with a callback? or at least to detect if it is currently open or not? My flex application is used for streaming audio, and is normally controlled by javascript, so I keep it hidden for normal use (via absolute positioning it off the page). When I need microphone access I need to make the flash settings dialog visible, which works fine, I move it into view and open the dialog. When the user closes it, I need to move it back off the screen so they don't see an empty flex app sitting there after they change their settings. thanks :)

    Read the article

  • JavaFX FXML communication between Application and Controller classes

    - by likethesky
    I am trying to get and destroy an external process I've created via ProcessBuilder in my FXML application close, but it's not working. This is based on the helpful advice Sergey Grinev gave me here. I have tried running with/without the "// myController.setApp(this);" and with "// super.stop();" at top of subclass and at bottom (see commented out/in for that line in MyApp), but no combination works. This probably isn't related to FXML or JavaFX, though I imagine this is a common pattern for developing apps on JavaFX. I suppose I'm asking for a Java best practice for closing dependent processes in a UI-based app like this one (in this case: FXML / JavaFX based), where there is a controller class and an application class. Can you explain what I'm doing wrong? Or better: advise what I should be doing instead? Thanks. In my Application I do this: public class MyApp extends Application { @Override public void start(Stage primaryStage) throws Exception { FXMLLoader fxmlLoader = new FXMLLoader(); Scene scene = (Scene)FXMLLoader.load(getClass().getResource("MyApp.fxml")); MyAppController myController = (MyAppController)fxmlLoader.getController(); primaryStage.setScene(scene); primaryStage.show(); // myController.setApp(this); } @Override public void stop() throws Exception { // super.stop(); // this is called on fx app close, you may call it in an action handler too if (MyAppController.getScriptProcess() != null) { MyAppController.getScriptProcess().destroy(); } super.stop(); } public static void main(String[] args) { launch(args); } } In my Controller I do this: public class MyAppController implements Initializable { private Application app; private static Process scriptProcess; public void setApp(Application a) { app = a; } public static Process getScriptProcess() { return scriptProcess; } } The result when I run with the "commented-out setApp()" not commented out (that is, left in the start method), is the following, immediately upon launch (the main Scene flashes, then disappears, then this dialog appears: "JavaFX Launcher Error: Exception while running Application" And it gives an, "Exception in Application start method" in the console as well. The result when I leave out the "commented-out code" in my MyApp above (that is, remove the "setApp()" from the start method), is that my app does indeed close, but gives this error when it closes: Exception in thread "JavaFX Application Thread" java.lang.RuntimeException: java.lang.reflect.InvocationTargetException at javafx.fxml.FXMLLoader$ControllerMethodEventHandler.handle(FXMLLoader.java:1440) at com.sun.javafx.event.CompositeEventHandler.dispatchBubblingEvent(CompositeEventHandler.java:69) at com.sun.javafx.event.EventHandlerManager.dispatchBubblingEvent(EventHandlerManager.java:217) at com.sun.javafx.event.EventHandlerManager.dispatchBubblingEvent(EventHandlerManager.java:170) at com.sun.javafx.event.CompositeEventDispatcher.dispatchBubblingEvent(CompositeEventDispatcher.java:38) at com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(BasicEventDispatcher.java:37) at com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(EventDispatchChainImpl.java:92) at com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(BasicEventDispatcher.java:35) at com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(EventDispatchChainImpl.java:92) at com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(BasicEventDispatcher.java:35) at com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(EventDispatchChainImpl.java:92) at com.sun.javafx.event.EventUtil.fireEventImpl(EventUtil.java:53) at com.sun.javafx.event.EventUtil.fireEvent(EventUtil.java:28) at javafx.event.Event.fireEvent(Event.java:171) at javafx.scene.Node.fireEvent(Node.java:6863) at javafx.scene.control.Button.fire(Button.java:179) at com.sun.javafx.scene.control.behavior.ButtonBehavior.mouseReleased(ButtonBehavior.java:193) at com.sun.javafx.scene.control.skin.SkinBase$4.handle(SkinBase.java:336) at com.sun.javafx.scene.control.skin.SkinBase$4.handle(SkinBase.java:329) at com.sun.javafx.event.CompositeEventHandler.dispatchBubblingEvent(CompositeEventHandler.java:64) at com.sun.javafx.event.EventHandlerManager.dispatchBubblingEvent(EventHandlerManager.java:217) at com.sun.javafx.event.EventHandlerManager.dispatchBubblingEvent(EventHandlerManager.java:170) at com.sun.javafx.event.CompositeEventDispatcher.dispatchBubblingEvent(CompositeEventDispatcher.java:38) at com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(BasicEventDispatcher.java:37) at com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(EventDispatchChainImpl.java:92) at com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(BasicEventDispatcher.java:35) at com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(EventDispatchChainImpl.java:92) at com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(BasicEventDispatcher.java:35) at com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(EventDispatchChainImpl.java:92) at com.sun.javafx.event.BasicEventDispatcher.dispatchEvent(BasicEventDispatcher.java:35) at com.sun.javafx.event.EventDispatchChainImpl.dispatchEvent(EventDispatchChainImpl.java:92) at com.sun.javafx.event.EventUtil.fireEventImpl(EventUtil.java:53) at com.sun.javafx.event.EventUtil.fireEvent(EventUtil.java:33) at javafx.event.Event.fireEvent(Event.java:171) at javafx.scene.Scene$MouseHandler.process(Scene.java:3324) at javafx.scene.Scene$MouseHandler.process(Scene.java:3164) at javafx.scene.Scene$MouseHandler.access$1900(Scene.java:3119) at javafx.scene.Scene.impl_processMouseEvent(Scene.java:1559) at javafx.scene.Scene$ScenePeerListener.mouseEvent(Scene.java:2261) at com.sun.javafx.tk.quantum.GlassViewEventHandler.handleMouseEvent(GlassViewEventHandler.java:228) at com.sun.glass.ui.View.handleMouseEvent(View.java:528) at com.sun.glass.ui.View.notifyMouse(View.java:922) at com.sun.glass.ui.gtk.GtkApplication._runLoop(Native Method) at com.sun.glass.ui.gtk.GtkApplication$3$1.run(GtkApplication.java:82) at java.lang.Thread.run(Thread.java:722) Caused by: java.lang.reflect.InvocationTargetException at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:601) at javafx.fxml.FXMLLoader$ControllerMethodEventHandler.handle(FXMLLoader.java:1435) ... 44 more Caused by: java.lang.NullPointerException at mypackage.MyController.handleCancel(MyController.java:300) ... 49 more Clean up...

    Read the article

  • Centralized Credentials Service For Various Apps

    - by Vlad
    We are researching the possibility to build a centralized credentials storage for internal applications. These apps (vb6, vb.net, web apps in asp.net, etc) are using various instances of SQL servers and iSeries. We want to implement a central credentials facility that would act as a security broker. Basically it should work like this: Client app supplies AppID (I am Sales Application) and EnvironmentID (I am running in QA environment) and in return will get either a connection object (preferred) or encrypted connection string that will allow said application to connect to resources it needs. There will be cases when application needs to connect to two (or more) database resources (i.e. to SQL and iSeries). What are looking at DP API at the moment, but I am not convinced that DP API is the solution as it tied in with machine key. In our case using machine key isn't feasible, so I want to know if there are other approaches available.

    Read the article

  • Securing against dynamic linking in .NET

    - by Henri
    I want to deploy an application with a license attached. However, I want to prevent that my dll can be easily referenced in visual studio. What are the usual ways of doing this? I was thinking about ngen-ing the application to prevent this, however, then the code becomes architecture dependent. Im not targetting any other architecture/platform besides windows, however, ngen-ing the application after making a release build seems like a workaround to me. Are there any other techniques to achieve this?

    Read the article

  • Custom certificate as proof of transaction

    - by Andy
    I'm developing a site where a user conducts a given transaction and once completed, the user is issued with a 'secure certificate'. The certificate serves as proof of the transaction and the user is able to upload the certificate at a later stage, to view the details of the transaction. At the moment I'm using a custom XML document with encrypted fields. It works perfect, but I would like a standardized approach, such as an X.509 certificate. I'm no encryption expert, but from what I gather, X.509 is more geared towards SSL issued by a CA. Is it possible to create your own valid valid CRT file? As a test, I created a CRT file with the example provided on WikiPedia. However, when I open the file in Windows I get this warning: Invalid Public Key Security Object File - This file is invalid as the following: Security Certificate. Not having much luck here, so time to ask the experts. What direction should I be heading in? Any guidance would be greatly appreciated.

    Read the article

  • How to secure authorization of methods

    - by Kurresmack
    I am building a web site in C# using MVC.Net How can I secure that no unauthorized persons can access my methods? What I mean is that I want to make sure that only admins can create articles on my page. If I put this logic in the method actually adding this to the database, wouldn't I have business logic in my data layer? Is it a good practise to have a seperate security layer that is always in between of the data layer and the business layer to make? The problem is that if I protect at a higher level I will have to have checks on many places and it is more likely that I miss one place and users can bypass security. Thanks!

    Read the article

  • Can an Aspect conditionally render parts of a JSP page ?

    - by Scott The Scot
    At present the jsp pages have normal authorize tags to conditionally render links and information etc. The website is on the intranet, and we're using Spring Security 2.0.4. Ive now got a business user who wants to allow all roles to access everything for the first few weeks, then gradually add the security back in as feedback is gathered from the business. Rather than go through every page, removing the authorize tags, only to have to put them back in, is is possible to configure these through an aspect, or is there any other way to externalize this into a config file ? I've found Spring's MethodSecurityInterceptor and the meta data tags, but these wouldn't give me the externalization. I've been on google for the last hour, and am now pretty sure this can't be done, but would love to find out I haven't been asking the right questions. Advice appreciated

    Read the article

  • Prevent query string manipulation by adding a hash?

    - by saille
    To protect a web application from query string manipulation, I was considering adding a query string parameter to every url which stores a SHA1 hash of all the other query string parameters & values, then validating against the hash on every request. Does this method provide strong protection against user manipulation of query string values? Are there any other downsides/side-effects to doing this? I am not particularly concerned about the 'ugly' urls for this private web application. Url's will still be 'bookmarkable' as the hash will always be the same for the same query string arguments. This is an ASP.NET application.

    Read the article

  • Is it possible to put binary image data into html markup and then get the image displayed as usual i

    - by Joern Akkermann
    It's an important security issue and I'm sure this should be possible. A simple example: You run a community portal. Users are registered and upload their pictures. Your application gives security rules whenever a picture is allowed to be displayed. For example users must be friends on each sides by the system, in order that you can view someone else's uploaded pictures. Here comes the problem: it is possible that someone crawls the image directories of your server. But you want to protect your users from such attacks. If it's possible to put the binary data of an image directly into the HTML markup, you can restrict the user access of your image dirs the user and group your web application runs of and pass the image data to your Apache user and group directly in the HTML. The only possible weakness then is the password of the user that your web app runs as. Is there already a possibility?

    Read the article

  • Best Pratice to Implement Secure Remember Me

    - by Yan Cheng CHEOK
    Sometimes, I came across certain web development framework which doesn't provide authentication feature as in Authenication ASP.NET I was wondering what is the security measure needs to be considered, when implementing "Remember Me" login feature, by hand coding? Here are the things I usually did. 1) Store the user name in cookie. The user name are not encrypted. 2) Store a secret key in cookie. The secret key is generated using one way function based on user name. The server will verify secret key against user name, to ensure this user name is not being changed. 3) Use HttpOnly in cookie. http://www.codinghorror.com/blog/2008/08/protecting-your-cookies-httponly.html Any things else I could miss out, which could possible lead a security hole.

    Read the article

  • How to implement a good system for login/out into a webapp

    - by Brandon Wang
    I am one of the developers at PassPad, a secure password generator and username storage system. We're still working on it, but I have a few questions on the best way to implement a secure login/out system. Right now, what we plan on doing is to have the login system save a cookie with the username and a session key, and that's all that serves as authentication. The server verifies the two to match. Upon login/out a new key is created. This is a security-related webapp and while we don't actually store any information that might make the user queasy, because it is security-oriented it makes it a necessity for us to at least appear secure in a way that the user would be happy with. Is there a better way to implement a login/out system in PHP? Preferably it won't take too much coding time or server resources. Is there anything else I need to implement, like brute-force protection, etc? How would I go about that?

    Read the article

  • Accessing FacesContext from Web Service

    - by scriptmonster
    I'm developing a Web Service which will be called by clients which are written by me. In the web service I need to use application-wide objects which eases the load of application on the system. I have implemented my application-wide objects as shown in this question. I can use my object in a jsf page with no problem as follows. MyObject mo = (MyObject) FacesContext.getCurrentInstance().getExternalContext().getApplicationMap().get("MyObjectsName"); But when it comes to use it in a Web Service Request FacesContext.getCurrentInstance() returns null. Is there any way to use the FacesContext in a web service.

    Read the article

  • Are there Python ORMs out there that support multiple independent databases concurrently in use?

    - by sdt
    I'm writing an application in Python where I wish to use sqlite as the backing store for documents edited by the app, with documents generally living in memory, but being saved to disk-based databases when the application saves. Ideally I'd like to use something like an ORM to make access to the data from my Python application code simple. Unfortunately it seems like the majority of Python ORMs, including SQLAlchemy, SQLObject, Django, and Storm, associate the database connection (or engine or whatever) with the classes representing table data, rather than instances of those classes. This restricts these ORMs to working with a single database connection across all instances. Since I'd like to support having multiple documents open simultaneously, this isn't going to work for me. Are there any ORMs out there that support this usage model in Python? Bazaar seems to support this, but it's quite out of date, and at first glance appears to have some other shortcomings. Thanks for any suggestions!

    Read the article

  • What are the weaknesses of this user authentication method?

    - by byronh
    I'm developing my own PHP framework. It seems all the security articles I have read use vastly different methods for user authentication than I do so I could use some help in finding security holes. Some information that might be useful before I start. I use mod_rewrite for my MVC url's. Passwords are sha1 and md5 encrypted with 24 character salt unique to each user. mysql_real_escape_string and/or variable typecasting on everything going in, and htmlspecialchars on everything coming out. Step-by step process: Top of every page: session_start(); session_regenerate_id(); If user logs in via login form, generate new random token to put in user's MySQL row. Hash is generated based on user's salt (from when they first registered) and the new token. Store the hash and plaintext username in session variables, and duplicate in cookies if 'Remember me' is checked. On every page, check for cookies. If cookies set, copy their values into session variables. Then compare $_SESSION['name'] and $_SESSION['hash'] against MySQL database. Destroy all cookies and session variables if they don't match so they have to log in again. If login is valid, some of the user's information from the MySQL database is stored in an array for easy access. So far, I've assumed that this array is clean so when limiting user access I refer to user.rank and deny access if it's below what's required for that page. I've tried to test all the common attacks like XSS and CSRF, but maybe I'm just not good enough at hacking my own site! My system seems way too simple for it to actually be secure (the security code is only 100 lines long). What am I missing? I've also spent alot of time searching for the vulnerabilities with mysql_real_escape string but I haven't found any information that is up-to-date (everything is from several years ago at least and has apparently been fixed). All I know is that the problem was something to do with encoding. If that problem still exists today, how can I avoid it? Any help will be much appreciated.

    Read the article

  • How to secure authiorization of methods

    - by Kurresmack
    I am building a web site in C# using MVC.Net How can I secure that no unauthorized persons can access my methods? What I mean is that I want to make sure that only admins can create articles on my page. If I put this logic in the method actually adding this to the database, wouldn't I have business logic in my data layer? Is it a good practise to have a seperate security layer that is always in between of the data layer and the business layer to make? The problem is that if I protect at a higher level I will have to have checks on many places and it is more likely that I miss one place and users can bypass security. Thanks!

    Read the article

  • Using WCF HttpBindings on a LAN

    - by dcw
    We have a WCF-based client server that operates over a LAN. We've been getting along ok by using the NetTcpBinding, chosen because we couldn't get either HttpBinding to work between hosts. (Within a single host works fine, but is not useful for the production environment.) We're now back at the point where we want to explore using either BasicHttpBinding or WsHttpBinding, but we simply can't see the server from the client: even putting in the path to the endpoint into IE fails to see the server. Is there something simple we've overlooked? We're not specifying any security settings (or anything else, for that matter). Should we be doing so (e.g. explicitly setting security settings to None)?

    Read the article

  • Dealing with passwords securely

    - by Krt_Malta
    Hi I have a Java web service and a Java web client making use of this service. One of the functions is to create a new user account. My two concerns are: How will I send the user's password securely from the client. How will I store the user's password securely on the server. How can I achieve these? I know the theory basically behind security, security algorithms etc but can anyone give me some advice on how I should go about in coding? Could anyone point me to some good (and if possible not complicated) examples to follow since I found some examples on the Internet very contorted? Thanks a lot and regards, Krt_Malta

    Read the article

  • Is it possible for a XSS attack to obtain HttpOnly cookies?

    - by Dan Herbert
    Reading this blog post about HttpOnly cookies made me start thinking, is it possible for an HttpOnly cookie to be obtained through any form of XSS? Jeff mentions that it "raises the bar considerably" but makes it sound like it doesn't completely protect against XSS. Aside from the fact that not all browser support this feature properly, how could a hacker obtain a user's cookies if they are HttpOnly? I can't think of any way to make an HttpOnly cookie send itself to another site or be read by script, so it seems like this is a safe security feature, but I'm always amazed at how easily some people can work around many security layers. In the environment I work in, we use IE exclusively so other browsers aren't a concern. I'm looking specifically for other ways that this could become an issue that don't rely on browser specific flaws.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 191 192 193 194 195 196 197 198 199 200 201 202  | Next Page >