Search Results

Search found 7554 results on 303 pages for 'shared secret'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 204/303 | < Previous Page | 200 201 202 203 204 205 206 207 208 209 210 211  | Next Page >

  • Java XMLRPC request-String

    - by Philip
    Hi, I'm using Apache XML-RPC 3.1.2 to talk to an online-service. They have something special, they need a hash over the whole XML with a secret key for some kind of security, like this: String hash = md5(xmlRequest + secretKey); String requestURL = "http://foo.bar/?authHash=" + hash; So I need the XML-request like this: <?xml version="1.0"?> <methodCall> <methodName>foo.bar</methodName> <params> <param> <value><struct> <member><name>bla</name> <value><int>1</int></value> </member> <member><name>blubb</name> <value><int>2</int></value> </member> </struct></value> </param> </params> </methodCall> But how do I get this String-representation of the XMLRPC-Request with the lib Apache XML-RPC?

    Read the article

  • ASP.Net MVC 2 Error Method not found: 'System .string

    - by Saravanan I M
    I converted my website from asp.net mvc 1.0 to 2.0. After converting that i am getting the following error in actionlink Method not found: 'System.String System.Web.Mvc.Html.LinkExtensions.RouteLink(System.Web.Mvc.HtmlHelper, System.String, System.Web.Routing.RouteValueDictionary, System.Collections.Generic.IDictionary`2<System.String,System.Object>)'. Line 102: <%var Signin = Html.Resource("globalResources, Signin"); %> Line 103: <% if (string.IsNullOrEmpty(Signin)) Signin = "Signin"; %> Line 104: <%= Html.ActionLink<AccountController>(cntrl => cntrl.LogOn(), Signin.ToString(), new { @class = "defaultmaster" })%> Line 105: | Line 106: <%var register = Html.Resource("globalResources, Register"); %> Source File: e:\Muchsocial\Sourcecode\Muchsocial\Views\Shared\Muchsocial.Master Line: 104

    Read the article

  • What are some of the practical cons to using ASMX webservices?

    - by Earlz
    Hello, at my workplace we are about to start a big project. My boss (a programmer, this is a startup) wishes to use ASMX webservices for this purpose. I do not want to start off a new program using deprecated technology and would like to show him this. I dislike WCF at this moment because it has such an extreme learning curve, but I'd rather learn it than use an unsupported technology. The problem I'm having is that I can not find any practical list of cons and downfalls when compared to WCF so that I can convince my boss to not use them. And saying "it's not as powerful" is not an adequate explanation. What exactly can it not do that we may need it to do for a webservice that is not meant to be shared externally? (as in, we don't support third-parties using our webservices unless they are using one of our clients. )

    Read the article

  • Talking to an Authentication Server

    - by Kyle Terry
    I'm building my startup and I'm thinking ahead for shared use of services. So far I want to allow people who have a user account on one app to be able to use the same user account on another app. This means I will have to build an authentication server. I would like some opinions on how to allow an app to talk to the authentication server. Should I use curl? Should I use Python's http libs? All the code will be in Python. All it's going to do is ask the authentication server if the person is allowed to use that app and the auth server will return a JSON user object. All authorization (roles and resources) will be app independent, so this app will not have to handle that. Sorry if this seems a bit newbish; this is the first time I have separated authentication from the actual application.

    Read the article

  • linux thread synchronization

    - by johnnycrash
    I am new to linux and linux threads. I have spent some time googling to try to understand the differences between all the functions available for thread synchronization. I still have some questions. I have found all of these different types of synchronizations, each with a number of functions for locking, unlocking, testing the lock, etc. gcc atomic operations futexes mutexes spinlocks seqlocks rculocks conditions semaphores My current (but probably flawed) understanding is this: semaphores are process wide, involve the filesystem (virtually I assume), and are probably the slowest. Futexes might be the base locking mechanism used by mutexes, spinlocks, seqlocks, and rculocks. Futexes might be faster than the locking mechanisms that are based on them. Spinlocks dont block and thus avoid context swtiches. However they avoid the context switch at the expense of consuming all the cycles on a CPU until the lock is released (spinning). They should only should be used on multi processor systems for obvious reasons. Never sleep in a spinlock. The seq lock just tells you when you finished your work if a writer changed the data the work was based on. You have to go back and repeat the work in this case. Atomic operations are the fastest synch call, and probably are used in all the above locking mechanisms. You do not want to use atomic operations on all the fields in your shared data. You want to use a lock (mutex, futex, spin, seq, rcu) or a single atomic opertation on a lock flag when you are accessing multiple data fields. My questions go like this: Am I right so far with my assumptions? Does anyone know the cpu cycle cost of the various options? I am adding parallelism to the app so we can get better wall time response at the expense of running fewer app instances per box. Performances is the utmost consideration. I don't want to consume cpu with context switching, spinning, or lots of extra cpu cycles to read and write shared memory. I am absolutely concerned with number of cpu cycles consumed. Which (if any) of the locks prevent interruption of a thread by the scheduler or interrupt...or am I just an idiot and all synchonization mechanisms do this. What kinds of interruption are prevented? Can I block all threads or threads just on the locking thread's CPU? This question stems from my fear of interrupting a thread holding a lock for a very commonly used function. I expect that the scheduler might schedule any number of other workers who will likely run into this function and then block because it was locked. A lot of context switching would be wasted until the thread with the lock gets rescheduled and finishes. I can re-write this function to minimize lock time, but still it is so commonly called I would like to use a lock that prevents interruption...across all processors. I am writing user code...so I get software interrupts, not hardware ones...right? I should stay away from any functions (spin/seq locks) that have the word "irq" in them. Which locks are for writing kernel or driver code and which are meant for user mode? Does anyone think using an atomic operation to have multiple threads move through a linked list is nuts? I am thinking to atomicly change the current item pointer to the next item in the list. If the attempt works, then the thread can safely use the data the current item pointed to before it was moved. Other threads would now be moved along the list. futexes? Any reason to use them instead of mutexes? Is there a better way than using a condition to sleep a thread when there is no work? When using gcc atomic ops, specifically the test_and_set, can I get a performance increase by doing a non atomic test first and then using test_and_set to confirm? *I know this will be case specific, so here is the case. There is a large collection of work items, say thousands. Each work item has a flag that is initialized to 0. When a thread has exclusive access to the work item, the flag will be one. There will be lots of worker threads. Any time a thread is looking for work, they can non atomicly test for 1. If they read a 1, we know for certain that the work is unavailable. If they read a zero, they need to perform the atomic test_and_set to confirm. So if the atomic test_and_set is 500 cpu cycles because it is disabling pipelining, causes cpu's to communicate and L2 caches to flush/fill .... and a simple test is 1 cycle .... then as long as I had a better ratio of 500 to 1 when it came to stumbling upon already completed work items....this would be a win.* I hope to use mutexes or spinlocks to sparilngly protect sections of code that I want only one thread on the SYSTEM (not jsut the CPU) to access at a time. I hope to sparingly use gcc atomic ops to select work and minimize use of mutexes and spinlocks. For instance: a flag in a work item can be checked to see if a thread has worked it (0=no, 1=yes or in progress). A simple test_and_set tells the thread if it has work or needs to move on. I hope to use conditions to wake up threads when there is work. Thanks!

    Read the article

  • my windows forms application throws filenotfoundexception when run on another machine

    - by user248785
    Hi, I have created a windows forms application using vs2008. when i copy the bin folder over to another machine and try to run it the applicaiton throws a filenotfoundexception error. Ive looked at the references files used in the project and each file points to either c:\Windows\Microsoft.NET\Framework\v2.0.50727... c:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5... c:\Program Files\Common Files\Microsoft Shared\Visual Basic Power Packs\1.1... i have verified that these directories exist on the other machines that cause the error. the two machines that i have tried it on and that throw there error are Windows XP WITHOUT VS2008 installed and Windows 7 with VS2008 installed I tried on two machine that DID work which are Windows XP with VS2008 and and my development machine Windows 7 with VS2008 Could anyone provide me with some insight on this issue Thanks

    Read the article

  • Direct3D 11 effect files deprecated?

    - by Toji
    I've been playing around with Direct3D 11 a little bit lately and have been frustrated by the lack of documentation on the basics of the API (such as simple geometry rendering). One of the points of confusion brought on by the sparse documentation is the (apparent) move away from the use of effects for shaders. In D3D11 all of the effect (.fx) support has been removed from the D3DX libraries and buried away in a hard to find (sparsely documented, of course) shared source library. None of the included examples use it, preferring instead to compile HLSL files directly. All of this says to me that Microsoft is trying to get people to stop using the effect file format. Is that true? Is there any documentation of any kind that states that? I'm fine doing it either way, but for years now they've been promoting the .fx format so it seems odd that they would suddenly decide to drop it.

    Read the article

  • Thread safe lockfree mutual ByteArray queue

    - by user313421
    A byte stream should be transferred and there is one producer thread and a consumer one. Speed of producer is higher than consumer most of the time, and I need enough buffered data for QoS of my application. I read about my problem and there are solutions like shared buffer, PipeStream .NET class ... This class is going to be instantiated many times on server so I need and optimized solution. Is it good idea to use a Queue of ByteArray ? If yes, I'll use an optimization algorithm to guess the Queue size and each ByteArray capacity and theoretically it fits my case. If no, I what's the best approach ? Please let me know if there's a good lock free thread safe implementation of ByteArray Queue in C# or VB. Thanks in advance

    Read the article

  • Facing Problem with Libxml.rb

    - by Rakesh
    Hi Folks, I downloaded one of the rails app from server and tried running it.I faced an error on migration D:\Radiant\trunkrake db:migrate (in D:/Radiant/trunk) rake aborted! 126: The specified module could not be found. - D:/Radiant/trunk/config/../ven dor/plugins/libxml-ruby/lib/libxml_ruby.so I got the windows version of libxml_ruby.so and tried again. i got the error saying " libxml2.dll " not found.Then i checked the file libxml.rb ..it says the below lines . If running on Windows, then add the current directory to the PATH for the current process so it can find the pre-built libxml2 and iconv2 shared libraries (dlls). Can anybody explain me what actually this mean? Regards Rakesh S

    Read the article

  • Subversion Repository Layout

    - by Tim Long
    Most subversion tools create a default repository layout with /trunk, /branches and /tags. The documentation also recommends not using separate repositories for each project, so that code can be more easily shared. Following that advice has led to me having a repository with the following layout: /trunk /Project1 /Project2 /branches /Project1 /Project2 /tags /Project1 /Project2 and so on, you get the idea. Over time, I've found this structure a bit clumsy and it occurred to me that there's an alternative interpretation of the recommendations, such as: /Project1 /trunk /branches /tags /Project2 /trunk /branches /tags So, which layout do people use, and why? Or - is there another way to do things that I've completely missed?

    Read the article

  • Share pre-initialized GIT repository

    - by Theo.T
    We were sharing a GIT repository via file-sharing system (smb://) and got it badly corrupted (a power cut meanwhile the post-send :P). Being new to GIT, trying to fix it I made it even worse and I lost all the refs (left with the object folder). Since the incident I haven't had the time to look at the problem and have just been keeping committing to my local clone. So my question is : Is there a way to copy the local repository back to the location of the old repository and make it a shared repository in order to keep some track of previous the history ? That's all I could figure out (I'm still a git-noob), any other solutions are more than welcome ! Thanks in advance !

    Read the article

  • asp.net mvc making delete usercontrol information passing on and off

    - by mazhar kaunain baig
    i am creating a generalize deleteusercontrol , my aim is that on the listing page where all the records are listed when the delete is pressed i want to display the acknowledgment on the same page up the list. I had little idea to do that q1) first of all where will i place my deleteusercontrol(in the shared folder?). q2) on and off the deleteusercontrol as the acknowledgment will not be there all the time how would i be doing that on delete press. i don't want to pass any data in the querystring. q3)how would i be passing the records list id and listname to the general deleteusercontrol as it would be same for all the listing

    Read the article

  • Python: undefined reference to `_imp __Py_InitModule4'

    - by Mark
    I'm trying to do a debug build of the Rabbyt library using mingw's gcc to run with my MSVC built python26_d.. I got a lot of undefined references which caused me to create libpython26_d.a, however one of the undefined references remains. Googling gives me: http://www.techlists.org/archives/programming/pythonlist/2003-03/msg01035.shtml But -rdynamic doesn't help. e:\MinGW/bin\gcc.exe -mno-cygwin -mdll -O -Wall -g -IE:\code\python\python\py26\ include -IE:\code\python\python\py26\PC -c rabbyt/rabbyt._rabbyt.c -o build\temp .win32-2.6-pydebug\Debug\rabbyt\rabbyt._rabbyt.o -O3 -fno-strict-aliasing rabbyt/rabbyt._rabbyt.c:1351: warning: '__Pyx_SetItemInt' defined but not used writing build\temp.win32-2.6-pydebug\Debug\rabbyt\_rabbyt_d.def e:\MinGW/bin\gcc.exe -mno-cygwin -shared -g build\temp.win32-2.6-pydebug\Debug\r abbyt\rabbyt._rabbyt.o build\temp.win32-2.6-pydebug\Debug\rabbyt\_rabbyt_d.def - LE:\code\python\python\py26\libs -LE:\code\python\python\py26\PCbuild -lopengl32 -lglu32 -lpython26_d -lmsvcr90 -o build\lib.win32-2.6-pydebug\rabbyt\_rabbyt_d. pyd build\temp.win32-2.6-pydebug\Debug\rabbyt\rabbyt._rabbyt.o: In function `init_ra bbyt': E:/code/python/rabbyt/rabbyt/rabbyt._rabbyt.c:1121: undefined reference to `_imp __Py_InitModule4'

    Read the article

  • Why isn't WH_MOUSE hook global anymore?

    - by Valentin Galea
    I have this global mouse hook setup in a DLL that watches for mouse gestures. Everything works perfectly but with a hook set for WH_MOUSE_LL which is a low-level hook and one that doesn't need to be in an external injectable DLL. Once I switch - to the more suitable one would say - WH_MOUSE mouse hook, everything falls apart. Once I click outside my main application (the one that installs the hook), the hook gets corrupted - ::UnhookWindowsHookEx will fail. I only found this guy saying at experts exchange: "No way, at least under Windows XP + SVP2 WH_MOUSE won't go global, you must use WH_MOUSE_LL instead." I setup the hooks correctly: in a DLL using a shared data section, posting and not sending messages from the hook proceduce. Why has this changed? And why is not documented? Anyone encountered this? Thanks! BTW: I've reverse engineered a bit the popular StrokeIt application and it uses a combination of WH_GETMESSAGE and WH_MOUSE hooks and still works on XP/Vista...

    Read the article

  • Read SharedPreferences when you haven't set the name of the file.

    - by Pentium10
    When you createa a PreferenceScreen on Android, your application creates a default SharedPreferences file for the settings. I want to read this name, or get a reference without specifing the name. Currently I use: SharedPreferences prefs = ctx.getSharedPreferences("prefs", 0); SharedPreferences.Editor ed=prefs.edit(); But this returns another copy of the preference. When I checked the folder in /data/data/myapk/shared_prefs I see two files, one named prefs.xml and the other is my [package name]_preferences.xml (this was created by the PreferenceActivity); How do I get an instance of the shared preference with the usage of the default file name, so I should not mention a name for it?

    Read the article

  • facebook: can't send email from app to user

    - by flybywire
    I can't send email to my app users, even though I have the permissions. I am working with the java library, although I don't think it is related to that. long uid = ...; Collection<Long> uids = new ArrayList<Long>(); uids.add(uid); FacebookXmlRestClient client = new FacebookXmlRestClient(api, secret); boolean sendEmailPerm = client.users_hasAppPermission(Permission.EMAIL,uid); System.out.println("Can send email: "+ sendEmailPerm); Collection<String> sent = client.notifications_sendTextEmail(uids, "subject", "body"); System.out.println("Succesfully sent email to: "+sent); sent = client.notifications_sendFbmlEmail(uids, "subject", "body"); System.out.println("Succesfully sent email to: "+sent); I am trying both with fbml and text email. I can also obtain the user's proxied_email property but when I send email to that address with my regular mail client is doesn't arrive. The output is: Can send email: true Succesfully sent email to: [] Succesfully sent email to: []

    Read the article

  • wx Menu disappears from frame when shown as a popup

    - by Adam Fraser
    I'm trying to create a wx.Menu that will be shared between a popup (called on right-click), and a sub menu accessible from the frame menubar. The following code demonstrates the problem. If you open the "MENUsubmenu" from the menubar the item "asdf" is visible. If you right click on the frame content area, "asdf" will be visible from there as well... however, returning to the menubar, you will find that "MENUsubmenu" is vacant. Why is this happening and how can I fix it? import wx app = wx.PySimpleApp() m = wx.Menu() m.Append(-1, 'asdf') def show_popup(evt): ''' R-click callback ''' f.PopupMenu(m, (evt.X, evt.Y)) f = wx.Frame(None) f.SetMenuBar(wx.MenuBar()) frame_menu = wx.Menu() f.MenuBar.Append(frame_menu, 'MENU') frame_menu.AppendMenu(-1,'submenu', m) f.Show() f.Bind(wx.EVT_RIGHT_DOWN, show_popup) app.MainLoop() Interestingly, appending the menu to MenuBar works, but is not the behavior I want: import wx app = wx.PySimpleApp() m = wx.Menu() m.Append(-1, 'asdf') def show_popup(evt): f.PopupMenu(m, (evt.X, evt.Y)) f = wx.Frame(None) f.SetMenuBar(wx.MenuBar()) f.MenuBar.Append(m, 'MENU') f.Show() f.Bind(wx.EVT_RIGHT_DOWN, show_popup) app.MainLoop()

    Read the article

  • How Easy Is It to Hijack Session Vars on GoDaddy (PHP)

    - by yar
    This article states that If your site is run on a shared Web server, be aware that any session variables can easily be viewed by any other users on the same server. On a larger host like GoDaddy, are there really no protections in place against this? Could it really be that easy? If it is that easy, where are the session vars of the other users on my host so I can check them out? Edit: I didn't believe it, but here's my little program which shows that this is true! I wonder if those are really the same as the value stored in the cookies on the users' machine?

    Read the article

  • Error getting twitter request token using OAuth and PEAR Services_Twitter

    - by Onema
    Hello, I am moving from the basic authentication method using username and password to the OAuth based authentication. I was using an old version of the pear package Services_Twitter, that did not support OAuth. The latest version of this package supports OAuth authentications, it has a few dependencies (HTTP_Request2, HTTP_OAuth). It was very simple to install them and upgrade the package. I did all this my local machine and had no trouble getting the authentication up and running. I committed this code to the test site, but every time the code request a "request token" I get the following error message "Unable to connect to ssl://api.twitter.com:443. Error #0" I have spend 6 hours making sure that all the pear packages where up to date, checking the customer token and token secret, making sure port 443 is not closed... in addition to various other test. I have exhausted my resources and I come to you in hope to find some answers. Thank you PD: One of the things I do not understand is why does the message says that the url is ssl://api.twitter.com:443 rather than https://api.twitter.com/request_token? the former one is the one I am using to get the request token.

    Read the article

  • segfault during fclose()

    - by Hristo
    fclose() is causing a segfault. I have : char buffer[L_tmpnam]; char *pipeName = tmpnam(buffer); FILE *pipeFD = fopen(pipeName, "w"); // open for writing ... ... ... fclose(pipeFD); I don't do any file related stuff in the ... yet so that doesn't affect it. However, my MAIN process communicates with another process through shared memory where pipeName is stored; the other process fopen's this pipe for reading to communicated with MAIN. Any ideas why this is causing a segfault? Thanks, Hristo

    Read the article

  • Optimize code performance when odd/even threads are doing different things in CUDA

    - by Orion Nebula
    Hi all! I have two large vectors, I am trying to do some sort of element multiplication, where an even-numbered element in the first vector is multiplied by the next odd-numbered element in the second vector .... and where the odd-numbered element in the first vector is multiplied by the preceding even-numbered element in the second vector Ex. vector 1 is V1(1) V1(2) V1(3) V1(4) vector 2 is V2(1) V2(2) V2(3) V2(4) V1(1) * V2(2) V1(3) * V2(4) V1(2) * V2(1) V1(4) * V2(3) I have written a Cuda code to do this: (Pds has the elements of the first vector in shared memory, Nds the second Vector) //instead of using %2 .. i check for the first bit to decide if number is odd/even -- faster if ((tx & 0x0001) == 0x0000) Nds[tx+1] = Pds[tx] * Nds[tx+1]; else Nds[tx-1] = Pds[tx] * Nds[tx-1]; __syncthreads(); Is there anyway to further accelerate this code or avoid divergence ? Thanks

    Read the article

  • Async Socket Listener on separate thread - VB.net

    - by TheHockeyGeek
    I am trying to use the code from Microsoft for an Async Socket connection. It appears the listener runs in the main thread locking the GUI. I am new at both socket connections and multi-threading all at the same time. Having a hard time getting my mind wrapped around this all at once. The code used is at http://msdn.microsoft.com/en-us/library/fx6588te.aspx Using this example, how can I move the listener to its own thread? Public Shared Sub Main() ' Data buffer for incoming data. Dim bytes() As Byte = New [Byte](1023) {} ' Establish the local endpoint for the socket. Dim ipHostInfo As IPHostEntry = Dns.GetHostEntry(Dns.GetHostName()) Dim ipAddress As IPAddress = ipHostInfo.AddressList(1) Dim localEndPoint As New IPEndPoint(ipAddress, 11000) ' Create a TCP/IP socket. Dim listener As New Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp) ' Bind the socket to the local endpoint and listen for incoming connections. listener.Bind(localEndPoint) listener.Listen(100)

    Read the article

  • Fetching all uploaded,tagged in and share videos in Facebook by FQL

    - by himanshu
    In my app, i want to fetch all videos of logged in user i.e. videos that are uploaded by user, videos share by user, user tagged in etc. Currently im using "stream" query as: SELECT created_time, post_id, actor_id, type, updated_time, attachment FROM stream WHERE created_time>1075593600 AND type IN (56, 80, 128, 237, 272) AND source_id=me() limit 10000 As you can see i use "type IN" to fetch required videos but this query is not fetching all videos of mine . I have two videos in 2011 one of which is uploaded and other one is shared.But i m not getting these two. Also in developer.facebook it was written that "Each query of the stream table is limited to the previous 30 days or 50 posts, whichever is greater, however you can use time-specific fields such as created_time along with FQL operators (such as < or ) to retrieve a much greater range of posts." So i tried "created time0" i.e.(1970) and other like timestamp of 2001 but still i m not getting all. Please help..its urgent.Thanks

    Read the article

  • Facebook Connect for simple authentication?

    - by Starnzy
    Hi I have an ASP.net website which I want to introduce 'Facebook Connect' functionality into, purely for account login/creation purposes. I want a user to be able to click the 'Login using Facebook' type button, and to then log that user into my website based on a userid lookup from the Facebook response. I have a couple of questions surrounding this: Presumeably I can do all of this using the Facebook API - without the need for an actual pretty public facing 'application' on Facebook? I simply want to utilise the Facebook API for authenticating an account. I'm not interested in creating some app for doing something 'within' facebook itself. I have located some code snippets online and tried using the Facebook Developer Toolkit, calling the getInfo method, and whilst it does come back to my website with a uid, none of the other user information is present within the response, like Email, Name etc. The uid is the only populated field in the response. Here is the code I use: if (ConnectAuthentication.isConnected()) { API api = new API(); api.ApplicationKey = ConnectAuthentication.ApiKey; api.SessionKey = ConnectAuthentication.SessionKey; api.Secret = ConnectAuthentication.SecretKey; api.uid = ConnectAuthentication.UserID; //Display user data captured from the Facebook API. facebook.Schema.user facebookUser = null; try { facebookUser = api.users.getInfo(); User user = new User(); user.FacebookUser = facebookUser; user.IsFacebookUser = true; return user; } catch { return null; } } else { return null; } Can anyone please help with either/both of these queries? Thanks in advance...

    Read the article

  • Help needed in grokking password hashes and salts

    - by javafueled
    I've read a number of SO questions on this topic, but grokking the applied practice of storing a salted hash of a password eludes me. Let's start with some ground rules: a password, "foobar12" (we are not discussing the strength of the password). a language, Java 1.6 for this discussion a database, postgreSQL, MySQL, SQL Server, Oracle Several options are available to storing the password, but I want to think about one (1): Store the password hashed with random salt in the DB, one column Found on SO and elsewhere is the automatic fail of plaintext, MD5/SHA1, and dual-columns. The latter have pros and cons MD5/SHA1 is simple. MessageDigest in Java provides MD5, SHA1 (through SHA512 in modern implementations, certainly 1.6). Additionally, most RDBMSs listed provide methods for MD5 encryption functions on inserts, updates, etc. The problems become evident once one groks "rainbow tables" and MD5 collisions (and I've grokked these concepts). Dual-column solutions rest on the idea that the salt does not need to be secret (grok it). However, a second column introduces a complexity that might not be a luxury if you have a legacy system with one (1) column for the password and the cost of updating the table and the code could be too high. But it is storing the password hashed with a random salt in single DB column that I need to understand better, with practical application. I like this solution for a couple of reasons: a salt is expected and considers legacy boundaries. Here's where I get lost: if the salt is random and hashed with the password, how can the system ever match the password? I have theory on this, and as I type I might be grokking the concept: Given a random salt of 128 bytes and a password of 8 bytes ('foobar12'), it could be programmatically possible to remove the part of the hash that was the salt, by hashing a random 128 byte salt and getting the substring of the original hash that is the hashed password. Then re hashing to match using the hash algorithm...??? So... any takers on helping. :) Am I close?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 200 201 202 203 204 205 206 207 208 209 210 211  | Next Page >