Search Results

Search found 24760 results on 991 pages for 'dealing with users'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 20/991 | < Previous Page | 16 17 18 19 20 21 22 23 24 25 26 27  | Next Page >

  • Google App Engine - Dealing with concurrency issues of storing an object

    - by Spines
    My User object that I want to create and store in the datastore has an email, and a username. How do I make sure when creating my User object that another User object doesn't also have either the same email or the same username? If I just do a query to see if any other users have already used the username or the email, then there could be a race condition. UPDATE: The solution I'm currently considering is to use the MemCache to implement a locking mechanism. I would acquire 2 locks before trying to store the User object in the datastore. First a lock that locks based on email, then another that locks based on username. Since creating new User objects only happens at user registration time, and it's even rarer that two people try to use either the same username or the same email, I think it's okay to take the performance hit of locking. I'm thinking of using the MemCache locking code that is here: http://appengine-cookbook.appspot.com/recipe/mutex-using-memcache-api/ What do you guys think?

    Read the article

  • Useful design patterns when dealing with spring 3 controllers

    - by Mat Banik
    Recently I was overlooking my controllers and they are bit of mess. I'd like to organize they way I set returning views Do more elegant mesageSource massaging back to the users and account for i18n Security checking, what user can access an what they can't Consistent way of calling the service layer And somehow bring consistency to the debugging lines. Do better job with error handling and serving it to the user. I'm already on mission to do security logging with AOP :) I'm just looking for patterns I could implement to help me to do all of the above. Or just some general advice in case no patterns apply, or advice on something I didn't mention but is common practice.

    Read the article

  • Auth-Type :- Reject in RADIUS users file matches inner tunnel request but sends Access-Accept

    - by mgorven
    I have WPA2 802.11x EAP authentication setup using FreeRADIUS 2.1.8 on Ubuntu 10.04.4 talking to OpenLDAP, and can successfully authenticate using PEAP/MSCHAPv2, TTLS/MSCHAPv2 and TTLS/PAP (both via the AP and using eapol_test). I am now trying to restrict access to specific SSIDs based on the LDAP groups which the user belongs to. I have configured group membership checking in /etc/freeradius/modules/ldap like so: groupname_attribute = cn groupmembership_filter = "(|(&(objectClass=posixGroup)(memberUid=%{User-Name}))(&(objectClass=posixGroup)(uniquemember=%{User-Name})))" and I have configured extraction of the SSID from Called-Station-Id into Called-Station-SSID based on the Mac Auth wiki page. In /etc/freeradius/eap.conf I have enabled copying attributes from the outer tunnel into the inner tunnel, and usage of the inner tunnel response in the outer tunnel (for both PEAP and TTLS). I had the same behaviour before changing these options however. copy_request_to_tunnel = yes use_tunneled_reply = yes I'm running eapol_test like this to test the setup: eapol_test -c peap-mschapv2.conf -a 172.16.0.16 -s testing123 -N 30:s:01-23-45-67-89-01:Example-EAP with the following peap-mschapv2.conf file: network={ ssid="Example-EAP" key_mgmt=WPA-EAP eap=PEAP identity="mgorven" anonymous_identity="anonymous" password="foobar" phase2="autheap=MSCHAPV2" } With the following in /etc/freeradius/users: DEFAULT Ldap-Group == "employees" and running freeradius-Xx, I can see that the LDAP group retrieval works, and that the SSID is extracted. Debug: [ldap] performing search in dc=example,dc=com, with filter (&(cn=employees)(|(&(objectClass=posixGroup)(memberUid=mgorven))(&(objectClass=posixGroup)(uniquemember=mgorven)))) Debug: rlm_ldap::ldap_groupcmp: User found in group employees ... Info: expand: %{7} -> Example-EAP Next I try to only allow access to users in the employees group (regardless of SSID), so I put the following in /etc/freeradius/users: DEFAULT Ldap-Group == "employees" DEFAULT Auth-Type := Reject But this immediately rejects the Access-Request in the outer tunnel because the anonymous user is not in the employees group. So I modify it to only match inner tunnel requests like so: DEFAULT Ldap-Group == "employees" DEFAULT FreeRADIUS-Proxied-To == "127.0.0.1" Auth-Type := Reject, Reply-Message = "User does not belong to any groups which may access this SSID." Now users which are in the employees group are authenticated, but so are users which are not in the employees group. I see the reject entry being matched, and the Reply-Message is set, but the client receives an Access-Accept. Debug: rlm_ldap::ldap_groupcmp: Group employees not found or user is not a member. Info: [files] users: Matched entry DEFAULT at line 209 Info: ++[files] returns ok ... Auth: Login OK: [mgorven] (from client test port 0 cli 02-00-00-00-00-01 via TLS tunnel) Info: WARNING: Empty section. Using default return values. ... Info: [peap] Got tunneled reply code 2 Auth-Type := Reject Reply-Message = "User does not belong to any groups which may access this SSID." ... Info: [peap] Got tunneled reply RADIUS code 2 Auth-Type := Reject Reply-Message = "User does not belong to any groups which may access this SSID." ... Info: [peap] Tunneled authentication was successful. Info: [peap] SUCCESS Info: [peap] Saving tunneled attributes for later ... Sending Access-Accept of id 11 to 172.16.2.44 port 60746 Reply-Message = "User does not belong to any groups which may access this SSID." User-Name = "mgorven" and eapol_test reports: RADIUS message: code=2 (Access-Accept) identifier=11 length=233 Attribute 18 (Reply-Message) length=64 Value: 'User does not belong to any groups which may access this SSID.' Attribute 1 (User-Name) length=9 Value: 'mgorven' ... SUCCESS Why isn't the request being rejected, and is this the right way to implement this?

    Read the article

  • Lockdown users on Windows Server 2012

    - by el.severo
    I set up a Active Directory on a server machine with Windows Server 2012 and I'd like to create some users with limitations like Windows Steady State does in Windows XP (locally). Seen already the Windows SteadyState Handbook (with Windows Server 2008), but I'd like to know if anyone has tried this before, the limitations are the following: 1. Prevent locked or roaming user profiles that cannot be found on the computer from logging on 2. Do not cache copies of locked or roaming user profiles for users who have previously logged on to this computer 3. Do not allow Windows to compute and store passwords using LAN Manager Hash values 4. Do not store usernames or passwords used to log on to the Windows Live ID or the domain 5. Prevent users from creating folders and files on drive C:\ 6. Lock profile to prevent the user from making permanent changes 7. Remove the Control Panel, Printer and Network Settings from the Classic Start menu 8. Remove the Favorites icon 9. Remove the My Network Places icon 10. Remove the Frequently Used Program list 11. Remove the Shared documents folder from My Computer 12. Remove control Panel icon 13. Remove the Set Program Access and Defaults icon 14. Remove the Network Connection(Connect To)icon 15. Remove the Printers and Faxes icon 16. Remove the Run icon 17. Prevent access to Windows Explorer features: Folder Options, Customize Toolbar, and the Notification Area 18. Prevent access to the taskbar 19. Prevent access to the command prompt 20. Prevent access to the registry editor 21. Prevent access to the Task Manager 22. Prevent access to Microsoft Management Console utilities 23. Prevent users from adding or removing printers 24. Prevent users from locking the computer 25. Prevent password changes (also requires the Control Panel icon to be removed) 26. Disable System Tools and other management programs 27. Prevent users from saving files to the desktop 28. Hide A Drive 29. Hide B Drive 30. Hide C Drive 31. Prevent changes to Internet Explorer registry settings 32. Empty the Temporary Internet Files folder when Internet Explorer is closed 33. Remove Internet Options 34. Remove General tab in Internet Options 35. Remove Security tab in Internet Options 36. Remove Privacy tab in Internet Options 37. Remove Content tab in Internet Options 38. Remove Connections tab in Internet Options 39. Remove Programs tab in Internet Options 40. Remove Advanced tab in Internet Options 41. Set a home page (Internet Explorer) 42. Restrict the possibility to change desktop image 43. Restrict the possibility to change wallpaper 44. Restrict usb flash drives Any suggestions for this? UPDATE: As @Dan suggested me I'd like to specify that would be applied to a educational scenario where students can login from a computer and want to add some restrictions to them.

    Read the article

  • Rails : soap4r - Error while running wsdl2ruby.rb

    - by Mathieu
    when I execute Mathieu$ /Users/Mathieu/.gem/ruby/1.8/bin/wsdl2ruby.rb path --wsdl https://www.arello.com/webservice/verify.cfc?wsdl --type client --force I get at depth 0 - 20: unable to get local issuer certificate F, [2010-05-06T10:41:11.040288 #35933] FATAL -- app: Detected an exception. Stopping ... SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (OpenSSL::SSL::SSLError) /Users/Mathieu/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/httpclient/session.rb:247:in connect' /Users/Mathieu/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/httpclient/session.rb:247:inssl_connect' /Users/Mathieu/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/httpclient/session.rb:639:in connect' /Users/Mathieu/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/httpclient/timeout.rb:128:intimeout' /Users/Mathieu/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/httpclient/session.rb:631:in connect' /Users/Mathieu/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/httpclient/session.rb:522:inquery' /Users/Mathieu/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/httpclient/session.rb:147:in query' /Users/Mathieu/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/httpclient.rb:953:indo_get_block' /Users/Mathieu/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/httpclient.rb:765:in do_request' /Users/Mathieu/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/httpclient.rb:848:inprotect_keep_alive_disconnected' /Users/Mathieu/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/httpclient.rb:764:in do_request' /Users/Mathieu/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/httpclient.rb:833:infollow_redirect' /Users/Mathieu/.gem/ruby/1.8/gems/httpclient-2.1.5.2/lib/httpclient.rb:519:in get_content' /Users/Mathieu/.gem/ruby/1.8/gems/soap4r-1.5.8/lib/wsdl/xmlSchema/importer.rb:73:infetch' /Users/Mathieu/.gem/ruby/1.8/gems/soap4r-1.5.8/lib/wsdl/xmlSchema/importer.rb:36:in import' /Users/Mathieu/.gem/ruby/1.8/gems/soap4r-1.5.8/lib/wsdl/importer.rb:18:inimport' /Users/Mathieu/.gem/ruby/1.8/gems/soap4r-1.5.8/lib/wsdl/soap/wsdl2ruby.rb:206:in import' /Users/Mathieu/.gem/ruby/1.8/gems/soap4r-1.5.8/lib/wsdl/soap/wsdl2ruby.rb:36:inrun' /Users/Mathieu/.gem/ruby/1.8/gems/soap4r-1.5.8/bin/wsdl2ruby.rb:46:in run' /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/1.8/logger.rb:659:instart' /Users/Mathieu/.gem/ruby/1.8/gems/soap4r-1.5.8/bin/wsdl2ruby.rb:137 /Users/Mathieu/.gem/ruby/1.8/bin/wsdl2ruby.rb:19:in `load' /Users/Mathieu/.gem/ruby/1.8/bin/wsdl2ruby.rb:19 I, [2010-05-06T10:41:11.040855 #35933] INFO -- app: End of app. (status: -1)

    Read the article

  • user creating/saving

    - by Xaver
    i want to write 2 program: 1) programm saves all local users to the file. 2) loads file find that users not found on local machine and create user. for searching all users which create on local machine i use next code: foreach (ManagementObject user in userSearcher.Get()) { if ((bool)user["LocalAccount"]) { string UserName = (string)user["FullName"]; } } How can i save the settings of user by name and create user?

    Read the article

  • Membership Provider users in different tables

    - by Mike
    I have an existing database with users and administrators in different tables. I am rewriting an existing website in ASP.net and need to decide - should I merge the two tables into one users table and just have one provider, OR leave the tables separated and have two different providers. Administrators, they need the ability to create, edit and delete users. I am thinking that the membership/profile provider way of editing users (i.e. System.Web.Profile.ProfileBase pro = System.Web.Profile.ProfileBase.Create("User1"); pro.Initialize("User1", true); txtEmail.Text = pro["SecondaryEmail"].ToString(); is the best way to edit users because the provider handles it? You cannot use this if you have two separate providers? (because they are both looking at different tables). Or should I make a whole lot of methods to edit the users for the administrators? UPDATE: Making a custom membership provider look at both tables is fine, but then what about the profile provider? The profile provider GetPropertyValues and SetPropertyValues would be going on the same set of properties for users and admins. Mike

    Read the article

  • need advice on Zend framework Application architecture, or say approach dealing with modules

    - by simple
    Let me start with the things that I did and how am I using some things to get results I have set up modular structure as: application/ /configs /layouts /models /modules /users /profile /frontend /backend /controllers /views .... I write a plugin that does addes changes with FrontController-setModuleControllerDirectoryName() FrontController-addModuleDirectory() and It is all good I have a changed all the directories according weather admin page is requested in the url or not (it is some thing like /admin/some/some) Let's say I have a single layout for anything that is related to Profile viewing , in this case the "Profile" module. The Profile layout is divided into three parts In the layout I was pulling out the Profile/PhotoController 's index action with a action() $this->action('index', 'photo', 'profile'); Then I have faced few issues 1. Can get passed Params inside the Photo Controller when calling ( profile/profile/index); 2. found out that helper Action() is evil cause it starts another dispatching loop =) --- and now I am thinking that my approach on plugging in controllers modules into layout also evil =). anyhow how Should I deal with plugging in some controllers (another module controllers) into the layout ?

    Read the article

  • Dealing with SQLException with spring,hibernate & Postgres

    - by mad
    Hi im working on a project using HibernateDaoSUpport from my Daos from Spring & spring-ws & hibernate & postgres who will be used in a national application (means a lot of users) Actually, every exception from hibernate is automatically transformed into some specific Spring dataAccesException. I have a table with a keyword on the dabatase & a unique constraint on the keywords : no duplicate keywords is allowed. I have found twows ways to deal with with that in the Insert Dao: 1- Check for the duplicate manually (with a select) prior to doing your insert. I means that the spring transaction will have a SERIALIZABLE isolation level. The obvious drawback is that we have now 2 queries for a simple insert.Advantage: independent of the database 2-let the insert gone & catch the SqlException & convert it to a userfriendly message & errorcode to the final consumer of our webservices. Solution 2: Spring has developped a way to translate specific exeptions into customized exceptions. see http://www.oracle.com/technology/pub/articles/marx_spring.html In my case i would have a ConstraintViolationException. Ideally i would like to write a custom SQLExceptionTranslator to map the duplicate word constraint in the database with a DuplicateWordException. But i can have many unique constraints on the same table. So i have to get the message of the SQLEXceptions in order to find the name of the constraint declared in the create table "uq_duplicate-constraint" for example. Now i have a strong dependency with the database. Thanks in advance for your answers & excuse me for my poor english (it is not my mother tongue)

    Read the article

  • ActionController::RoutingError (No route matches {:action=>"show", :controller=>"users", :id=>nil}):

    - by Matt Bishop
    I have been trying to fix this routing error for a long time. I would appreciate any assistance! This error is preventing me from being able to authenticate. Here is what I am getting in my Heroku logs. app/controllers/authentications_controller.rb:12:in `create' ActionController::RoutingError (No route matches {:action=>"show", :controller=>"users", :id=>nil}) Here is the routes.rb file: Company::Application.routes.draw do resources :profile_individual resources :careers match 'careers' => 'careers#index' match 'about' => 'about#index' constraints(:subdomain => /^$|www/) do devise_for :users resources :authentications, :identities #, :beta_invitations resources :users do resources :invitations, :controller => 'UserInvitation' do post :upload, :on => :collection get :email_template, :on => :collection get :plaintext_template, :on => :collection get :facebook_invitation, :on => :collection end member do get :summary get :recruits get :friends_events get :events_near_me get :recent_activity get :impact get :campaigns end end resources :password_resets do get 'password_reset' => 'password_resets#show', :as => 'password_reset' end resources :events, :only => [:new, :index, :create] resources :organizations, :only => [:index, :create] resources :orders do post :ipn, :on => :member resource :payment do member do post :relay_response get :receipt end end resource :paypal_integration do member do get :authorize get :cancel post :finalize end end end match '/users/:id/impact/money/:d' => 'users#impact_money_graph', :constraints => {:d => /\d+{4}_\d+{2}-\d+{2}/}, :as => :user_impact_money match '/users/:id/impact/money' => 'users#impact_money_graph', :as => :user_impact_money match '/users/:id/impact/recruits/:d' => 'users#impact_recruits_graph', :constraints => {:d => /\d+{4}_\d+{2}-\d+{2}/}, :as => :user_impact_recruits match '/users/:id/impact/recruits' => 'users#impact_recruits_graph', :as => :user_impact_recruits match '/auth/failure' => 'authentications#failure' match '/auth/:provider/callback' => 'authentications#create' match '/auth/:provider/callback' => 'authentications#show', :controller => 'users', :as => :login match '/logout' => 'authentications#destroy', :as => :logout match '/login' => 'authentications#new', :as => :login match "/join_team/:id" => "team_members#join", :as => :join_team match "/rsvp/:id" => "rsvps#show", :as => :rsvp match "/signup" => 'authentications#signup', :as => :signup match "/beacon/:id.gif" => "email_beacons#show", :as => :email_beacon root :to => "homes#show" match '/corporate_giving' => "homes#corporate_giving" end constraints(Subdomain) do resource :organization, :path => "/", :only => [:edit, :update] do member do get :org_photos_videos get :org_recent_activity end end resources :events, :except => [:index] do post :publish, :on => :member resource :supporter_invite resource :team_management do post :mailer, :on => :member end resource :team_member do post :invite, :on => :member end resource :rsvp do put :make_order, :on => :collection get :make_order, :on => :collection end resources :invites do post :upload, :on => :collection end resources :ticket_tiers, :team_members end match "/events" => redirect("/") root :to => "organizations#show" end namespace :admin do resources :stats resources :organizations resources :campaigns do resources :rewards resources :contents put :header, :action => 'header_update' end resources :users do member do post :grant_access post :revoke_access end end resources :nonprofits do member do put :approve put :revoke end end end resources :campaigns do get :find_charities, :on => :collection get :how_many_charities, :on => :collection member do post :join get :join post :header, :action => 'header_creation' put :header, :action => 'header_update' end resources :rewards resources :contents resource :donations do resource :paypal_integration, :controller => 'donations' do member do get :authorize get :cancel post :finalize end end end end match '/campaigns/:id/graph/:d' => 'campaigns#graph', :constraints => {:d => /\d+{4}_\d+ {2}-\d+{2}/}, :as => :graph_campaign match '/campaigns/:id/graph' => 'campaigns#graph', :as => :graph_campaign resources :business_campaigns, :controller => 'campaigns' resources :businesses do put :logo, :on => :collection, :action => 'upload_logo' member do get :summary get :recruits get :friends_events get :events_near_me get :recent_activity get :impact get :campaigns end end resources :nonprofit_campaigns, :controller => 'campaigns' resources :nonprofits do put :logo, :on => :collection, :action => 'upload_logo' member do get :summary get :recruits get :friends_events get :events_near_me get :recent_activity get :impact get :campaigns get :supporting_campaigns end end resources :publicities match '/campaigns/:campaign_id/rewards/:id' => 'campaigns#reward', :via => :get match "/robots.txt" => "application#robots_txt" match "/beta_invitations" => redirect('/') resource :sitemap resources :referrals end Here is my authentications_controller.rb file class AuthenticationsController < ApplicationController skip_before_filter :require_beta_access before_filter :redirect_to_profile_if_logged_in, :only => [:create, :new] layout :resolve_layout def create omniauth = request.env["omniauth.auth"] authentication = Authentication.find_by_provider_and_uid(omniauth['provider'], omniauth['uid']) if authentication && authentication.user.present? sign_in(:user, authentication.user) redirect_to session[:redirect_to] || user_path(current_user, :subdomain => nil) elsif current_user current_user.authentications.create!(:provider => omniauth['provider'], :uid => omniauth['uid']) redirect_to session[:redirect_to] || user_path(current_user, :subdomain => nil) else user = User.new user.apply_omniauth(omniauth) logger.debug "=======================auth=============================" logger.debug session[:referrer_token] logger.debug "========================================================" if session[:referrer_token] publicity = Publicity.find_by_token(session[:referrer_token]) user.invited_by = publicity user.recruited_by = publicity end if user.save sign_in(user) unless session[:redirect_to] session[:referrer_token] = nil end redirect_to session[:redirect_to] || user_path(current_user, :subdomain => nil) #redirect_to session[:redirect_to] || campaigns_url(:tc => request.env['omniauth.params']['tc']) #tc is for AB testing else session[:omniauth] = omniauth.except('extra') redirect_to signup_path end end end def failure flash[:error] = "Please check your email and password and try again" redirect_to login_path end def destroy reset_session redirect_to root_path end def signup # end private def redirect_to_profile_if_logged_in redirect_to user_path(current_user.permalink) if current_user end def resolve_layout case action_name when "new", "signup" "authentication" else "selfcontained" end end end I am adding my appplication_controller.rb too: class ApplicationController < ActionController::Base #Wrote by George for beta users -before_filter :require_beta_access before_filter :save_referrer_token protect_from_forgery helper_method :organization_admin?, :team_member?, :profile_url, :current_profile def set_headers # Set our headers here end def save_referrer_token #session.delete(:referrer_token) if params[:ref] publicity = Publicity.find_by_token(params[:ref]) logger.debug "========================================================" logger.debug current_profile.nil? logger.debug publicity.creator logger.debug current_profile logger.debug current_profile != publicity.creator session[:referrer_token] = params[:ref] if current_profile.nil? or publicity.creator != current_profile logger.debug session[:referrer_token] logger.debug "========================================================" end end def robots_txt robots = File.read(Rails.root + "public/robots.#{Rails.env}.txt") render :text => robots, :layout => false, :content_type => "text/plain" end def load_organization @organization = Organization.find_by_permalink(request.subdomain) raise ActiveRecord::RecordNotFound if @organization.nil? end def require_user unless current_user session[:redirect_to] = request.url redirect_to login_url(:host => request.domain) end end def require_beta_access if !current_user redirect_to root_url(:host => request.domain) elsif !current_user.beta_access? redirect_to new_beta_invitation_url(:host => request.domain) end end def require_organization_admin unless organization_admin? redirect_to root_url(:subdomain => @organization.permalink) end end def team_member? if current_user && @event.team_memberships.where(:user_id => current_user.id).count != 0 true end end def organization_admin? if current_user && current_user.beta_access? && @organization && @organization.memberships.where(:user_id => current_user.id, :role => 'admin').count != 0 true end end def profile_url(profile, opt = nil) if profile == current_user user_url(profile, :host => opt[:host]) elsif profile.is_a? BusinessProfile business_url(profile) elsif profile.is_a? NonprofitProfile nonprofit_url(profile) end end def set_current_profile(profile) session[:current_profile] = profile end def current_user @current_user ||= User.find_by_auth_token!(cookies[:auth_token]) if cookies[:auth_token] end def current_profile #if session session[:current_profile] || current_user #else # nil #end end IGIVEMORE_HTML5_OPTIOINS = { :style => 'z-index: 0;',:width => '290', :height => '200', :frameborder => '0', :url_params => {:wmode=>"opaque"} } def campaign_header_body(camp, opt = IGIVEMORE_HTML5_OPTIOINS) if camp.header_type == Campaign::HEADER_YOUTUBE youtube_html5(camp.header_url, opt).html_safe elsif camp.header_type == Campaign::HEADER_IMAGE "<img src=\"#{camp.header_url}\" width=\"#{opt[:width]}\" height=\"#{opt[:height]}\"/>'".html_safe else "Unsupported Type!!" end end def youtube_html5(url, opt) begin video = YouTubeIt::Client.new.video_by(url) video.embed_html5(opt).gsub(/http:\/\//,"https://") rescue => e "<div style='color:red; width:290px; height:100px; padding-top:100px'>Given Video URL has problem.</div>" end end end

    Read the article

  • php cookies block access to directories

    - by user342391
    I have a mysql database of users that can login to my site and view content. I would like to block a couple of directories from certain users. What is the best way to do this. Currently when a user logs in a cookie is created with their customer id and the customer is is used to display their content. How would I block entire directories from my users???

    Read the article

  • Dealing with rapid tapping on Buttons

    - by Eric Burke
    I have a Button with an OnClickListener. For illustrative purposes, consider a button that shows a modal dialog: public class SomeActivity ... { protected void onCreate(Bundle state) { super.onCreate(state); findViewById(R.id.ok_button).setOnClickListener( new View.OnClickListener() { public void onClick(View v) { // This should block input new AlertDialog.Builder(SomeActivity.this) .setCancelable(true) .show(); } }); } Under normal usage, the alert dialog appears and blocks further input. Users must dismiss the dialog before they can tap the button again. But sometimes the button's OnClickListener is called twice before the dialog appears. You can duplicate this fairly easily by tapping really fast on the button. I generally have to try several times before it happens, but sooner or later I'll trigger multiple onClick(...) calls before the dialog blocks input. I see this behavior in Android 2.1 on the Motorola Droid phone. We've received 4 crash reports in the Market, indicating this occasionally happens to people. Depending on what our OnClickListeners do, this causes all sorts of havoc. How can we guarantee that blocking dialogs actually block input after the first tap?

    Read the article

  • Replacing objects, handling clones, dealing with write logs

    - by Alix
    Hi everyone, I'm dealing with a problem I can't figure out how to solve, and I'd love to hear some suggestions. [NOTE: I realise I'm asking several questions; however, answers need to take into account all of the issues, so I cannot split this into several questions] Here's the deal: I'm implementing a system that underlies user applications and that protect shared objects from concurrent accesses. The application programmer (whose application will run on top of my system) defines such shared objects like this: public class MyAtomicObject { // These are just examples of fields you may want to have in your class. public virtual int x { get; set; } public virtual List<int> list { get; set; } public virtual MyClassA objA { get; set; } public virtual MyClassB objB { get; set; } } As you can see they declare the fields of their class as auto-generated properties (auto-generated means they don't need to implement get and set). This is so that I can go in and extend their class and implement each get and set myself in order to handle possible concurrent accesses, etc. This is all well and good, but now it starts to get ugly: the application threads run transactions, like this: The thread signals it's starting a transaction. This means we now need to monitor its accesses to the fields of the atomic objects. The thread runs its code, possibly accessing fields for reading or writing. If there are accesses for writing, we'll hide them from the other transactions (other threads), and only make them visible in step 3. This is because the transaction may fail and have to roll back (undo) its updates, and in that case we don't want other threads to see its "dirty" data. The thread signals it wants to commit the transaction. If the commit is successful, the updates it made will now become visible to everyone else. Otherwise, the transaction will abort, the updates will remain invisible, and no one will ever know the transaction was there. So basically the concept of transaction is a series of accesses that appear to have happened atomically, that is, all at the same time, in the same instant, which would be the moment of successful commit. (This is as opposed to its updates becoming visible as it makes them) In order to hide the write accesses in step 2, I clone the accessed field (let's say it's the field list) and put it in the transaction's write log. After that, any time the transaction accesses list, it will actually be accessing the clone in its write log, and not the global copy everyone else sees. Like this, any changes it makes will be done to the (invisible) clone, not to the global copy. If in step 3 the commit is successful, the transaction should replace the global copy with the updated list it has in its write log, and then the changes become visible for everyone else at once. It would be something like this: myAtomicObject.list = updatedCloneOfListInTheWriteLog; Problem #1: possible references to the list. Let's say someone puts a reference to the global list in a dictionary. When I do... myAtomicObject.list = updatedCloneOfListInTheWriteLog; ...I'm just replacing the reference in the field list, but not the real object (I'm not overwriting the data), so in the dictionary we'll still have a reference to the old version of the list. A possible solution would be to overwrite the data (in the case of a list, empty the global list and add all the elements of the clone). More generically, I would need to copy the fields of one list to the other. I can do this with reflection, but that's not very pretty. Is there any other way to do it? Problem #2: even if problem #1 is solved, I still have a similar problem with the clone: the application programmer doesn't know I'm giving him a clone and not the global copy. What if he puts the clone in a dictionary? Then at commit there will be some references to the global copy and some to the clone, when in truth they should all point to the same object. I thought about providing a wrapper object that contains both the cloned list and a pointer to the global copy, but the programmer doesn't know about this wrapper, so they're not going to use the pointer at all. The wrapper would be like this: public class Wrapper<T> : T { // This would be the pointer to the global copy. The local data is contained in whatever fields the wrapper inherits from T. private T thisPtr; } I do need this wrapper for comparisons: if I have a dictionary that has an entry with the global copy as key, if I look it up with the clone, like this: dictionary[updatedCloneOfListInTheWriteLog] I need it to return the entry, that is, to think that updatedCloneOfListInTheWriteLog and the global copy are the same thing. For this, I can just override Equals, GetHashCode, operator== and operator!=, no problem. However I still don't know how to solve the case in which the programmer unknowingly inserts a reference to the clone in a dictionary. Problem #3: the wrapper must extend the class of the object it wraps (if it's wrapping MyClassA, it must extend MyClassA) so that it's accepted wherever an object of that class (MyClass) would be accepted. However, that class (MyClassA) may be final. This is pretty horrible :$. Any suggestions? I don't need to use a wrapper, anything you can think of is fine. What I cannot change is the write log (I need to have a write log) and the fact that the programmer doesn't know about the clone. I hope I've made some sense. Feel free to ask for more info if something needs some clearing up. Thanks so much!

    Read the article

  • Dealing with image upload on server

    - by user1073320
    I have got a the following problem: I have got multi-step form where in one step user upload image to server and then few steps further supplies other information, when this information is invalid no data should be commited - also the image should be deleted. I was thinking about PHP session, but I've read here PHP - Store Images in SESSION data? that it is inefficient way. Every time you proceed step in the form the image is reloaded (in the session) and as somebody mentioned "You will want it to only be as big as it needs to be and you need to delete it as soon as you don't need it because large pieces of information in the session will slow down the session startup." - here i got a question: will it slow down the stratup the session of user who upload file or sessions of all users? I have to mention that I'm looking for solution that doesn't rely on operating system scripts (cron or etc) - I have no permission to run such scripts. The perfect solution for me would be: saving image on disk (for example in some folder named after session id) then after the latest step of form move this image or delete depending on form validation. If user unexpectedly destroy the session (for example closing the browser) of course the folder with image should be deleted. In nutshell I need somethig like callback to event "destroying session".

    Read the article

  • Rails dealing with blank params at controller level

    - by stephenmurdoch
    I have a User model: class User < ActiveRecord::Base has_secure_password # validation lets users update accounts without entering password validates :password, presence: { on: :create }, allow_blank: { on: :update } validates :password_confirmation, presence: { if: :password_digest_changed? } end I also have a password_reset_controller: def update # this is emailed to the user by the create action - not shown @user=User.find_by_password_reset_token!(params[:id]) if @user.update_attributes(params[:user]) # user is signed in if password and confirmation pass validations sign_in @user redirect_to root_url, :notice => "Password has been reset." else flash.now[:error] = "Something went wrong, please try again." render :edit end end Can you see the problem here? A user can submit a blank a password/confirmation and rails will sign them in, because the User model allows blank on update. It's not a security concern, since an attacker would still need access to a user's email account before they could get anywhere near this action, but my problem is that a user submitting 6 blank chars would be signed in, and their password would not be changed for them, which could lead to confusion later on. So, I've come up with the following solution, and I'd like to check if there's a better way of doing it, before I push to production: def update @user=User.find_by_password_reset_token!(params[:id]) # if user submits blank password, add an error, and render edit action if params[:user][:password].blank? @user.errors.add(:password_digest, "can't be blank.") render :edit elsif @user.update_attributes(params[:user]) sign_in @user redirect_to root_url, :notice => "Password has been reset." else flash.now[:error] = "Something went wrong, please try again." render :edit end end Should I be checking for nil as well as blank? Are there any rails patterns or idiomatic ruby techniques for solving this? [Fwiw, I've got required: true on the html inputs, but want this handled server side too.]

    Read the article

  • Dealing with Struts2 float conversion type

    - by Daniel Calderon Mori
    I have a question regarding float type conversion in Struts2. I have a form that contains a serie of normal input elements. A serie of textfields with an add button by the side of each one is included in the window. Clicking on one of this buttons has the effect of adding an input type "hidden" inside the form with the value of its correspondent textfield. That value will often be a float number that, this is very important, uses the point format (example: 1.34). The inputs created look like this: <input class="hidden_material" type="hidden" name="form[0].cantidad_formulacion" value='1.34'"> <input class="hidden_material" type="hidden" name="form[1].cantidad_formulacion" value='1.54'"> Anyway, the whole proccess is made correctly until the data is used by the server after the form submission. The numbers are present as if the point wouldn't have been placed in the number (using the example above, as 134). If a comma is used (as in 1,34), there wouldn't be a problem. But that will not be the case with the users of the system. How could I solve this problem?

    Read the article

  • Windows Keys Extender – tool for XP/Vista users to using hotkeys Win+[Left|Right|Up|Down]

    - by outcoldman
    In Windows 7, I really liked an opportunity to change the position of the windows by pressing hotkeys Win + (Left | Right | Up | Bottom): Win + Left - window attached to the left side Win + Right - window attached to the right side Win + Up - window is maximized Win + Bottom - window in the normal state I’m talking about this: This is really useful hotkeys and really comfortable work with windows. But not all can use Windows 7 right now. When Windows7 was in beta and RC states I really wanted to use this features right now in current Windows version (I had Vista). So I spent my time and wrote this tool. In addition, the tool has functional which can change position of windows (It is useful for laptops, you can move windows with hotkeys). And of course this tool can move windows between monitors. Hot keys can be customized. Interface in English. Now I don’t want to add new functionality, because now I’m using Windows 7 with all functions that this tool have. I wrote this tool on C# with .NET 3.5. You can use this source code for knowing how to work with hotkeys with C#. At first I placed source code on Google Code and then placed it on CodePlex too. So you can download it from one of them. I would be glad if someone will use it. :)

    Read the article

  • Multiple Users use Script to Access Remote Server via Passwordless SSH

    - by jinanwow
    I am currently setting up a linux box that is tied into Active Directory. This box will allow users to SSH into it with their AD username and password to gather information (Box A). The issue is I am trying to create a function in /etc/bash.bashrc so the users has to do is type "get_info" for example, the function will SSH into a remote machine (Box B) run a command and output the information back to the user. The issue with this is, I have generated a rsa key on Box A, added it to the Box B authorized_keys and it works fine. The issue I am running into is, how do I set this up one time for the current users and any new user who logs into Box A. Is there a better approach than what I am currently doing. Essentially I just need to connect to the remote box, run a command, output the information back to the user and that is it. How can I allow new users to connect via a script to the remote box without having to generate RSA keys for them. The get_info fuction will be supplied a value 'get_info 012345' and returns the results.

    Read the article

  • Attention users running SQL Server 2008 & 2008 R2!

    - by AaronBertrand
    In April and May, Microsoft released cumulative updates for SQL Server 2008 and 2008 R2 (I blogged about them here and here ). They are: CU #11 for 2008 SP3 (10.00.5840) ( KB #2834048 ) CU #12 for 2008 R2 SP1 (10.50.2874) ( KB #2828727 ) CU #6 for 2008 R2 SP2 (10.50.4279) ( KB #2830140 ) Sometime after that, looks like the next day, both downloads were pulled, allegedly due to an index corruption issue (if you believe the commentary on the Release Services blog post for CU #6 ) or due to an issue...(read more)

    Read the article

  • SQLAuthority News – 2 Security Updates for SQL Server 2000 SP 4 Users

    - by pinaldave
    If you are using SQL Server 2000 still today my very first recommendation to you is to upgrade to SQL Server 2012. SQL Server 2000 is now 12 years old product and since then many new enhancements as well features which are relevant to current growth and progress in Informational Industry. Now is the time to catch up with the latest trends. Here is one more point for you to notice if this helps you consider to upgrade to the latest version. One can’t upgrade directly from SQL Server 2000 to SQL Server 2012. You need to first upgrade to either SQL Server 2005/2008/R2 and then further plan to upgrade to SQL Server 2012. There is no direct upgrade path for SQL Server 2000 to SQL Server 2012. I strongly believe this is the time to upgrade to the latest version. Well, also there is a rule that to let something continue if it is not broken and working fine. If you are following that rule and still using SQL Server 2000 I strongly suggest that you upgrade your SQL Server 2000 SP4 and update it with latest Security updates. Here are two important SQL Server Security Updates. Security Update for SQL Server 2000 Service Pack 4 (KB983811) Security Update for SQL Server 2000 Service Pack 4 (KB983812) As we are talking about SQL Server 2000 let me ask you a quick question – how many of you are still using SQL Server 2000 or earlier version in a production system on at least one server? Reference: Pinal Dave (http://blog.sqlauthority.com) Filed under: PostADay, SQL, SQL Authority, SQL Download, SQL Query, SQL Security, SQL Server, SQL Tips and Tricks, T SQL, Technology

    Read the article

  • How to scope access to a service to set of users, using OpenLDAP, and only OUs

    - by JDS
    Okay, here goes. Solving this will solve several problems for me (as I can reapply this knowledge to several extant, similar problems), but luckily I have a very specific, concise problem to describe. Enough preamble. Our hosting partner is setting up VPN access for us and is connecting it to our LDAP server. They are using Cisco VPN, the docs on setting this up are here: http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808c3c45.shtml#maintask1 Specifically, note the screenshot in (5), under "ASDM" Now, I do NOT want to provide access to all of our users. I only want to provide access to our IT group. But I do not see a configuration option for LDAP groups on that web reference for the Cisco VPN. We are using: OpenLDAP 2.4 Static groups (i.e. "Group has the following members...") Single user OU, "ou=users,dc=mycompany,dc=com" Is it possible to provide an alias of some kind in OpenLDAP that creates another OU, "itusers", say, and lets me alias the members of that OU somehow? Something like: "cn=Jeff Silverman,ou=itusers,dc=mycompany,dc=com" is an alias for "cn=Jeff Silverman,ou=users,dc=mycompany,dc=com" And is NOT a separate, unique user account. Alternatively, should I just create a separate OU and manage it separately? It is a pain, but only 12-15 users will have to be managed that way, with two separate user accounts. But I hate this option - messy, unmanageable, unscalable. You know what I mean. I am open to any options. I've searched and read all over but I can't quite find an directly analagous example. I can't possibly be the only one who's had this problem! Thanks!

    Read the article

  • Google Announcing New Gmail Interface For Apple iPAD Users

    - by Suganya
    A great news to all the iPAD customers. In addition to their new Apple’s product, iPAD consumers also get an additional bonus of new Gmail Interface along with the iPAD. The iPAD’s large multi touch screen allows us to now check Gmail in jus fraction of second The new Gmail interface for iPAD has two pane with the E-Mail header on the left side and the actual conversation on the right side. Though this new pane slightly reminds us about the Microsoft’s Outlook version, the look and feel of Google’s makes us feel that its new to the market. In addition to this Gmail feature, all the other Google web app features are also incorporated in the new iPAD. This new Gmail Interface looks cool and I am sure that Google would be soon delivering its next new astonishing Interface for us. Awaiting Google’s next market hit CC Image Credit :Joseph Scott Join us on Facebook to read all our stories right inside your Facebook news feed.

    Read the article

  • SVN and WebSVN with different users access restriction on multiple repositories on linux

    - by user55658
    and first of all sorry for my english. I've installed an ubuntu server 10.04.1 with apache2, subversion, svn_dav and websvn. (and others services of course, like php5, mysql 5.1, etc). I've configured my svn with multiple repositories, and each one with differents groups and users, like: /var/myrepos/repo1 group: mygroup1 /var/myrepos/repo2 group: mygroup2 /var/myrepos/repo3 user: johndoe With an easy access on svn_dav, works perfectly, ie: http://myserver/svnrepo1 accesibly only for users on mygroup1 with theirs users of linux and passwords of svn. Also works for the other repos with their users and groups. But when i tried with websvn, shows all repos without take care than if user on mygroup1 can view repo2 (that's i dont want do). You can login as any user on mygroup1, mygroup2, or johndoe, and you login into all repositories. I'll try to find a solution and I'll post the news, if anyone can helpme with this I'll preciated so much!!! Thanks for all I show my files: /etc/apache2/mods-available/dav_svn.conf <Location /svnrepo1> DAV svn SVNPath /var/myrepos/repo1 AuthType Basic AuthName "Repositorio Subversion de MD" AuthUserFile /etc/apache2/dav_svn.passwd Require valid-user </Location> <Location /websvn/> Options FollowSymLinks order allow,deny allow from all AuthType Basic AuthName "Subversion Repository" AuthUserFile /etc/apache2/dav_svn.passwd Require valid-user </Location>

    Read the article

  • SQL Server v.Next (Denali) : More on contained databases and "contained users"

    - by AaronBertrand
    One of the reasons for contained databases (see my previous post ) is to allow for a more seamless transition when moving a database from one server to another. One of the biggest complications in doing so is making sure that all of the logins are in place on the new server. Contained databases help solve this issue by creating a new type of user: a database-level user with a password. I want to stress that this is not the same concept as a user without a login , which serves a completely different...(read more)

    Read the article

  • I am looking for a script where users can create groups cms/social interaction site

    - by Paul
    I am trying to find a Content Mangement/social interaction script that requires a person to be a part of a group. Specifically: My daughter is a cheerleader and there are a number of cheer groups she is involved in and also has friends in many others. A lot of them could use some kind of website where they can share information between their team members and coach. The coach being the controller of the group and who can join etc. "Group Leader"? One can only join the group if invited or given a password or some such security. There would be multipel groups or in this case multiple cheer squads who were registered as groups and the cheerleaders a part of their group. The coach or group leader would have control of the group calender and they may have their own calendars and be messaging between them and/or other social interactions. IN a perfect world they could modify their own pages individualy. Communication could go globally or only to the group and a "friends or buddy" system. I think you get the idea. I really like OCportal and what it does and can do but it does not have the group funcitionality I am looking for. Perhaps I am just going to need to see about getting aprogrammer to write an add on for me if ther is nothing like this out there. But if you know of any I would appreciate being pointed in that direction.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 16 17 18 19 20 21 22 23 24 25 26 27  | Next Page >