Search Results

Search found 14784 results on 592 pages for 'spring security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 198/592 | < Previous Page | 194 195 196 197 198 199 200 201 202 203 204 205  | Next Page >

  • Dependency Injection mechanism

    - by abc
    The advantage of inversion of control is that it decouples objects from specific lookup mechanisms and implementations of the objects it depends on. As a result, more flexibility is obtained for production applications as well as for testing. what does it mean actually ?

    Read the article

  • Use DLL and have it be as trusted as my own application is

    - by Binary255
    Hi, I am using a port of GNU GetOpts, to be specific I am using the one at: http://getopt.codeplex.com I have added the DLL as a reference. But when I run my application I receive an exception: System.IO.FileLoadException was unhandled Message="Could not load file or assembly 'Gnu.Getopt, Version=0.9.1.24287, Culture=neutral, PublicKeyToken=d014b4ccdc53511a' or one of its dependencies. Failed to grant permission to execute. (Exception from HRESULT: 0x80131418)" If it is possible I would like my application to say, "trust this DLL as much as you trust me". Is there a way to do that so I won't have to fiddle with security settings? And if there is not. What is the cleanest way to get the DLL working?

    Read the article

  • Sharing beans from contextListener -- dispatcher servlet

    - by Ernest
    Hello! ok, i have another question now. I have a bunch of beans loaded succesfully in applicationContext.xml, which loads from web.xml: contextConfigLocation applicationContext.xml org.springframework.web.context.ContextLoaderListener Here are is the bean defined in applicationContext.xml that i want to share: it loads other beans (DAOs) which are initialized with hibernet. I need to acces catalogFacadeTarget from the dispatcherServlet, declared in web.xml: dispatcher org.springframework.web.servlet.DispatcherServlet 1 <servlet-mapping> <servlet-name>dispatcher</servlet-name> <url-pattern>*.htm</url-pattern> </servlet-mapping> and configured dispatcher-servlet.xml like this: welcome There! in the property called catalogFacadeImpl. If you need the entire applicationCOntext.xml, web.xml, and dispatcher-servlet.xml please let me know. From what i read, i should be able to share beans if i declared them in the contextConfigLocation configuration file. Thank you very much in advance.

    Read the article

  • Autocompletion in Eclipse for Roo project

    - by niklassaers
    Hi guys, I've got a Roo project where I've made a couple of entities, and when I load up the project in Eclipse it loads up fine, but if I i.e. make an instance MyEntity entity and then write entity. I don't get any of my properties (i.e. getMyField) in the autocompletion list. If I write entity.getMyField() it compiles fine, that is taken care of by the aspects. How do I enable autocompletion for functions generated by the aspects? Cheers Nik

    Read the article

  • resttemplate getForObject map responsetype

    - by Zack Macomber
    I'm invoking a rest service that returns JSON like this: { "some.key" : "some value", "another.key" : "another value" } I would like to think that I can invoke this service with a java.util.Map as the response type but that's not working for me. I get this exception: org.springframework.web.client.RestClientException: Could not extract response: no suitable HttpMessageConverter found for response type [interface java.util.Map] Should I just specify String as the response type and convert the JSON to a Map?

    Read the article

  • How can I monitor if a cookie is being sent to a domain other than the one it originated from?

    - by Brendan Salt
    I am trying to write a program that will verify that all cookies sent out from the machine are in fact going to the domain they came from. This is part of a larger security project to detect cookie based malicious attacks (such as XSS). The main snag for this project is actually detecting the out-going cookies. Can someone point me in the right direction for monitoring out-going HTTP traffic for cookie information? Other information about the project: This is a windows application written in C and numerous scripting languages. Thanks so much for the help.

    Read the article

  • IIS reveals internal IP address in content-location field - fix

    - by saille
    Referring: http://support.microsoft.com/kb/q218180/, there is a known issue in IIS4/5/6 whereby it will reveal the internal IP of a web server in the content-location field of the HTTP header. We have IIS 6. I have tried the fix suggested, but it has not worked. The website is configured to send all requests to ASP.NET, and I am wondering if this is why the fix, which addresses IIS configuration, has not worked for us. If this is the case, how would we fix this in ASP.NET? We need to fix this issue in order to pass a security audit.

    Read the article

  • jpa @version optimistic locking

    - by cometta
    I loaded same entity record on 2 separate browser window then press submit (hibernate template.merge), version number incremented for both browser window, but never caught any problem with optimistic lock.. so how to test this? my save() look like this hibernatetemplate().merge(..); setJPAObject(null); //reset after save

    Read the article

  • Building two different versions a given war with maven profiles and filtering from eclipse

    - by balteo
    I am trying to use maven profiles and filtering in order to produce two different versions of a given web archive (war): A first one for local deployment to my local machine on localhost A second one for remote deployment to cloudfoundry There are a number of properties that differ according to whether the app is deployed to my local machine or to cloudfoundry. Of course the difficult bit is that I am trying to do all this from STS/Eclipse and deploy from Eclipse to my local tomcat and to cloudfoundry... Can anyone please provide advice, tips or suggestions?

    Read the article

  • Why Shouldn't I Programmatically Submit Username/Password to Facebook/Twitter/Amazon/etc?

    - by viatropos
    I wish there was a central, fully customizable, open source, universal login system that allowed you to login and manage all of your online accounts (maybe there is?)... I just found RPXNow today after starting to build a Sinatra app to login to Google, Facebook, Twitter, Amazon, OpenID, and EventBrite, and it looks like it might save some time. But I keep wondering, not being an authentication guru, why couldn't I just have a sleek login page saying "Enter username and password, and check your login service", and then in the background either scrape the login page from say EventBrite and programmatically submit the form with Mechanize, or use an API if there was one? It would be so much cleaner and such a better user experience if they didn't have to go through popups and redirects and they could use any previously existing accounts. My question is: What are the reasons why I shouldn't do something like that? I don't know much about the serious details of cookies/sessions/security, so if you could be descriptive or point me to some helpful links that would be awesome. Thanks!

    Read the article

  • Is there any benefit to encrypting twice using pgp?

    - by ojblass
    I am asking from a "more secure" perspective. I can imagine a scenario with two required private keys needed for decryption scenarios that may make this an attractive model. This is to settle an argument. My vote is that it is not adding any additional security other than having to compromise two different private keys. I think that if it was any more secure than encrypting it one million times would be the best way to secure informaiton and I don't buy it. So I guess my question becomes is a two locking mechanism equivalent to another one locking mechanism with a single key? Update: Forgive me if the answer is obvious but my bread goes dead as I read books on the topic.

    Read the article

  • Best Tomcat6 JNDI + Hibernate configuration for session/transaction support

    - by EugeneP
    I use tomcat6 as a servlet container, and need to integrate Hibernate 3.2 into the project. I found a document how to configure SessionFactory lookup through JNDI, though it does not work as expected. Quote: Hibernate works in any environment that uses JTA, in fact, we recommend to use JTA whenever possible as it is the standard Java transaction interface. End of quote. In hibernate config I indicate current_session_context_class = jta and now I get an error "No TransactionManagerLookup specified". The problem is that Tomcat does not support JTA, and to get it worked, if I understand it correctly, you need to add JOTM or other library to Tomcat. But according to quote it is recommended to use JTA. What can you recommend in this situation?

    Read the article

  • Using a Session Scoped Bean

    - by jboyd
    The following code is returning null: private MyAppUser getMyAppUser(HttpSession session) { MyAppUser myAppUser = (MyAppUser) session.getAttribute("myAppUserManager"); return myAppUser; } Despite the fact that I have the following in my context: <bean id="myAppUserManager" class="com.myapp.profile.MyAppUser" scope="session"/> This doesn't make any sense to me, the "myAppUser" bean is a bean that absolutely can never be null, and I need to be able to reference it from controllers, I don't need it in services or repositories, just controllers, but it doesn't seem to be getting stored in the session, the use case is extremely simple, but I haven't been able to get to the bottom of what's wrong, or come up with a good workaround

    Read the article

  • using internationalization on list data

    - by singh
    i am using Struts2 in application. <s:iterator value="listObject"> <s:component template="abc.vm"> <s:param name="text" value="listValue" /> <s:param name="prefix" value="listIndex" /> </s:component> </s:iterator> listValue is a values of list. i am using iterator to traverse the list. now on listValue, i want to put here internationalization concept.so that all the list value can be display based on Locale which store in a list. please suggest!

    Read the article

  • Are there cross-platform tools to write XSS attacks directly to the database?

    - by Joachim Sauer
    I've recently found this blog entry on a tool that writes XSS attacks directly to the database. It looks like a terribly good way to scan an application for weaknesses in my applications. I've tried to run it on Mono, since my development platform is Linux. Unfortunately it crashes with a System.ArgumentNullException deep inside Microsoft.Practices.EnterpriseLibrary and I seem to be unable to find sufficient information about the software (it seems to be a single-shot project, with no homepage and no further development). Is anyone aware of a similar tool? Preferably it should be: cross-platform (Java, Python, .NET/Mono, even cross-platform C is ok) open source (I really like being able to audit my security tools) able to talk to a wide range of DB products (the big ones are most important: MySQL, Oracle, SQL Server, ...)

    Read the article

  • Trying to use a grails domain class from the shell

    - by ?????
    I'm new to Grails. I'm trying to experiement with my grails domains from the shell, and I can't get it to work. These domains work fine from the scaffold code when I run the app. Given this domain class class IncomingCall { String caller_id Date call_time int call_length static constraints = { } } I try to create an "IncomingCall" and save it from the shell. No matter what I do, I always get "Null"; the object isn't created. And if I try to create the object and then do a save, I get the "No hibernate session bound to thread" error (see below). groovy:000> new IncomingCall(caller_id:'555-1212', call_time: new Date(), call_length:10).save() ERROR org.hibernate.HibernateException: No Hibernate Session bound to thread, and configuration does not allow creation of non-transactional one here at org.springframework.orm.hibernate3.SpringSessionContext.currentSession (SpringSessionContext.java:63) at org.hibernate.impl.SessionFactoryImpl.getCurrentSession (SessionFactoryImpl.java:574) at groovysh_evaluate.run (groovysh_evaluate:3) ... groovy:000> How can I make this work from the shell?

    Read the article

  • Rss Feed Java MVC

    - by GigaPr
    Hi, i would like to create some RSS Feeds for my website. I managed to crate the XML file but How do i display it in a nice format like http://newsrss.bbc.co.uk/rss/newsonline_uk_edition/front_page/rss.xml and how do i crate the little icon in the url box? by the way my XML file looks like <?xml version='1.0' encoding='UTF-8'?> <rss version="2.0"> <channel> <title>title</title> <description>desciption</description> <link>LINK</link> <dateCreated>2010-05-31 00:00:00.0</dateCreated> <language>Italian</language> <item> <title>pojpoj</title> <description>pojpojpoj</description> <link>ojpojpoj</link> <dateCreated>2010-06-03 00:00:00.0</dateCreated> <pubDate>2010-06-03 00:00:00.0</pubDate> </item> <item> <title>dfojp</title> <description>pojpojpoj</description> <link>pojpoj</link> <dateCreated>2010-06-03 00:00:00.0</dateCreated> <pubDate>2010-06-03 00:00:00.0</pubDate> </item> </channel> </rss> Thanks

    Read the article

  • Error: java.lang.ClassCastException

    - by theJava
    Updating the entire post. public Login authenticate(Login login) { String query = "SELECT email, id FROM Login WHERE email=? AND password=?"; Object[] parameters = { login.getEmail(), login.getPassword() }; List resultsList = getHibernateTemplate().find(query,parameters); if ( resultsList.size() == 1 ) { results = (Login)resultsList.get(0); System.out.println(results); } else { System.out.println("Error dude.... "); // error no entity or mutiple entities } return results; } I now return Login Objects. private void checkLogin() { form.commit(); Login newUser = new Login(); newUser = ilogin.authenticate(loginbean); System.out.println("Its Null Value" + newUser); if (newUser == null) { getWindow().showNotification("Login failed", LOGIN_ERROR_MSG, Notification.TYPE_WARNING_MESSAGE); } else { System.out.println(newUser); getApplication().setUser(newUser); } } When there is no matching email, i get there is no such user and also this statement does get printed out. System.out.println("Its Null Value" + newUser); But when there is a email and password matching. I get weird error. Caused by: java.lang.ClassCastException: [Ljava.lang.Object; cannot be cast to com.intermedix.domain.Login at com.intermedix.services.LoginService.authenticate(LoginService.java:30) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:301) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149) at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:106) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204) at $Proxy32.authenticate(Unknown Source) at com.intermedix.ui.LoginDailog.checkLogin(LoginDailog.java:106) at com.intermedix.ui.LoginDailog.access$0(LoginDailog.java:102) at com.intermedix.ui.LoginDailog$1.buttonClick(LoginDailog.java:52) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at com.vaadin.event.ListenerMethod.receiveEvent(ListenerMethod.java:487) ... 26 more

    Read the article

  • Detecting if a browser is using Private Browsing mode

    - by Steve
    I'm building an extranet for a company paranoid about security. They want to make sure that (among other things) their users are browsing the site with the Private Browsing mode switched on in their web browser so that no cookies or history is kept. I found only this http://jeremiahgrossman.blogspot.com/2009/03/detecting-private-browsing-mode.html and http://serverfault.com/questions/18966/force-safari-to-operate-in-private-mode-and-detect-that-state-from-a-webserver The ideal solution would use no or minimal javascript. Would attempting to set a unique cookie work for all browsers and platforms? Anyone done this before? thanks!

    Read the article

  • Use Tomcat with Java SecurityManager?

    - by pauline
    I'm writing a web application that is supposed to run on Tomcat on Ubuntu. On Ubuntu, Tomcat is per default configured to run with the Java SecurityManager. Besides my own web application, there will only be some well known third party web applications related to my own, like the BIRT report engine. If one of the web applications fails or gets compromised, it may take down all the others without harm, because they all belong together. What I don't wont to happen is that a compromised web app compromises the system itself, like calling rm -r / Do I need to use the java security manager to achieve this? Or is it only necessary to protect one web app from the other? I'd really like to prevent the effort to create .policy files for all the 3rd party web applications I intend to use.

    Read the article

  • What is the sense of permiting the user to use no passwords longer than xx chars?

    - by reox
    Its more like a usability question or maybe database, or even maybe security (consider injection attacks) but what is the sense of permiting the user's password to a be not longer than xx chars? It does not make any sense to me, because longer passwords are mostly considered better and even harder to crack, and some users use password safes, so the password length should not matter. I understand that passwords with more than 20 chars are hardly to remember, but if you use diceware or password safe you dont have any problem with that. I really cant understand why there are sites that say "your password need to be between 5 and 8 chars"... also should the password saved as hash, so the length of the field in the database is fixed, so where is the problem? i think that most of the sites where the password is has to be a fixed length are not even using any hashing method...

    Read the article

  • hibernate createSQL how to cache it?

    - by cometta
    If i use Criteria statement, i able to use cache easily. but when i using custom CREATESQL, like below, how do i cache it? Query query = getHibernateTemplate().getSessionFactory().getCurrentSession().createSQLQuery( " select company_keysupplier.ddiv as ddiv, company_division.name as DIVISION, company_keysupplier.ddep as ddep,company_department.name as DEPARTMENT"+ " from company_keysupplier "+ " left join company_division on "+ " (company_keysupplier.ddiv= company_division.division_code and company_keysupplier.survey_num=company_division.survey_num) "+ " left join company_department on "+ " (company_keysupplier.ddep= company_department.department_code and company_keysupplier.survey_num=company_department.survey_num) "+ " where company_keysupplier.sdiv = :sdiv and company_keysupplier.sdep = :sdep and company_keysupplier.survey_num= :surveyNum " + " order by company_division.name, company_keysupplier.ddep " ) .addScalar("ddiv") .addScalar("ddep") .addScalar("DIVISION") .addScalar("DEPARTMENT") .setResultTransformer(Transformers.aliasToBean(IssKeysupplier.class)); query.setString("sdiv", sdiv); query.setString("sdep", sdepartment); query.setBigInteger("surveyNum", survey_num); //i tried query.setCachable(true) fail...... List result= (List<IssKeysupplier>)query.list(); return result;

    Read the article

  • When do you trust the data / variables

    - by Wizzard
    We all know that all user data, GET/POST/Cookie etc etc needs to be validated for security. But when do you stop, once it's converted into a local variable? eg if (isValidxxx($_GET['foo']) == false) { throw InvalidArgumentException('Please enter a valid foo!'); } $foo = $_GET['foo']; fooProcessor($foo); function fooProcessor($foo) { if (isValidxxx($foo) == false) { throw Invalid...... } //other stuff } To me thats over the top. But what if you load the value from the database... I hope I make sense :)

    Read the article

  • How to make a thread try to reconnect to the Database x times using JDBCTemplate

    - by gillJ
    Hi, I have a single thread trying to connect to a database using JDBCTemplate as follows: JDBCTemplate jdbcTemplate = new JdbcTemplate(dataSource); try{ jdbcTemplate.execute(new CallableStatementCreator() { @Override public CallableStatement createCallableStatement(Connection con) throws SQLException { return con.prepareCall(query); } }, new CallableStatementCallback() { @Override public Object doInCallableStatement(CallableStatement cs) throws SQLException { cs.setString(1, subscriberID); cs.execute(); return null; } }); } catch (DataAccessException dae) { throw new CougarFrameworkException( "Problem removing subscriber from events queue: " + subscriberID, dae); } I want to make sure that if the above code throws DataAccessException or SQLException, the thread waits a few seconds and tries to re-connect, say 5 more times and then gives up. How can I achieve this? Also, if during execution the database goes down and comes up again, how can i ensure that my program recovers from this and continues running instead of throwing an exception and exiting?

    Read the article

  • How to make an Asp.net MVC 2 website have a Private Beta Mode.

    - by Mark Kitz
    I am creating an ASP.Net MVC website that I am launching soon in private beta. What I am using. ASP.NET MVC 2 ASP.NET Sql Membership Provider Authorization Attributes on ActionMethods. ex. [EditorsOnly] What I am trying to accomplish: During the private Beta period of my website, I want no anonymous users to access my site. Only Beta Testers of my site should be able to login and use my site as normal. After the private beta period people can access it using the security structure I already have set up. I am hoping I do not have to recompile but can have a setting in the webconfig to switch between Private Beta mode to Normal mode. Thanks for your suggestions.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 194 195 196 197 198 199 200 201 202 203 204 205  | Next Page >