Search Results

Search found 20283 results on 812 pages for 'security context'.

Page 210/812 | < Previous Page | 206 207 208 209 210 211 212 213 214 215 216 217 | Next Page >

Which is the best internet security + Antivirus solution for Windows?

- by metal gear solid

Which is the best internet security + Antivirus solution for Windows? free/opensource or commercial it doesn't matter I need best solution. Is Kaspersky best ? or any other? http://www.kaspersky.com/kaspersky_internet_security Award-winning technologies in Kaspersky Internet Security 2010 protect you from cybercrime and a wide range of IT threats: * Viruses, Trojans, worms and other malware, spyware and adware * Rootkits, bootkits and other complex threats * Identity theft by keyloggers, screen capture malware or phishing scams * Botnets and various illegal methods of taking control of your PC or Netbook * Zero-day attacks, new fast emerging and unknown threats * Drive-by download infections, network attacks and intrusions * Unwanted, offensive web content and spam

Read the article
How to install Oracle Weblogic Server using OS-specific Package installer?(Linux/Solaris)

- by PratikS -- Oracle

Note: OS-specific Package installer As the name suggests the installer is platform specific. It is meant for installation with a 32bit JVM only. Both SUN and JROCKIT 32 bit JDKs come bundled with "OS-specific Package installer", so no need to install the JDK in advance. There are three different ways of installing Oracle Weblogic Server: Graphical mode Console mode Silent mode For Linux/Solaris: Steps to install OS-specific Package .bin installer(for Linux/Solaris) are almost same as windows except for the way we launch the installation.Installer: wls_<version>_<linux/solaris>32.bin (E.g. wls1036_linux32.bin/wls1036_solaris32.bin) 1) Graphical mode: Log in to the target UNIX system. Go to the directory that contains the installation program.(Make sure GUI is enabled or else it will default to console mode) Launch the installation by entering the following commands: [weblogic@pratik ~]$ pwd/home/oracle[weblogic@pratik ~]$ cd WLSInstallers/[weblogic@pratik WLSInstallers]$ ls -ltrtotal 851512-rw-rw-r-- 1 oracle oracle 871091023 Dec 22 2011 wls1036_linux32.bin[weblogic@pratik WLSInstallers]$ chmod a+x wls1036_linux32.bin[weblogic@pratik WLSInstallers]$ ls -ltrtotal 851512-rwxrwxr-x 1 oracle oracle 871091023 Dec 22 2011 wls1036_linux32.bin[weblogic@pratik WLSInstallers]$ ./wls1036_linux32.bin As soon as you run ./wls1036_linux32.bin with GUI enabled you would see the following screen: Rest of the screens and steps are similar to that of Graphical mode installation on windows, refer: How to install Oracle Weblogic Server using OS-specific Package installer?(Windows) 2) Console mode: Log in to the target UNIX system. Go to the directory that contains the installation program. Launch the installation by entering the following commands: [weblogic@pratik ~]$ pwd/home/oracle[weblogic@pratik ~]$ cd WLSInstallers/[weblogic@pratik WLSInstallers]$ ls -ltrtotal 851512-rw-rw-r-- 1 weblogic weblogic 871091023 Dec 22 2011 wls1036_linux32.bin[weblogic@pratik WLSInstallers]$ chmod a+x wls1036_linux32.bin[weblogic@pratik WLSInstallers]$ ls -ltrtotal 851512-rwxrwxr-x 1 weblogic weblogic 871091023 Dec 22 2011 wls1036_linux32.bin [weblogic@pratik WLSInstallers]$ ./wls1036_linux32.bin -mode=consoleExtracting 0%....................................................................................................100%<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->Welcome:--------This installer will guide you through the installation of WebLogic 10.3.6.0.Type "Next" or enter to proceed to the next prompt. If you want to change data entered previously, type "Previous". You may quit the installer at any time by typing "Exit".Enter [Exit][Next]> Next<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->Choose Middleware Home Directory:--------------------------------- ->1|* Create a new Middleware Home 2|/home/oracle/wls_12cEnter index number to select OR [Exit][Previous][Next]> Next<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->Choose Middleware Home Directory:--------------------------------- "Middleware Home" = [Enter new value or use default"/home/oracle/Oracle/Middleware"]Enter new Middleware Home OR [Exit][Previous][Next]> /home/oracle/WLS1036<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->Choose Middleware Home Directory:--------------------------------- "Middleware Home" = [/home/oracle/WLS1036]Use above value or select another option: 1 - Enter new Middleware Home 2 - Change to default [/home/oracle/Oracle/Middleware]Enter option number to select OR [Exit][Previous][Next]> Next<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->Register for Security Updates:------------------------------Provide your email address for security updates and to initiate configuration manager. 1|Email:[] 2|Support Password:[] 3|Receive Security Update:[Yes]Enter index number to select OR [Exit][Previous][Next]> 3<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->Register for Security Updates:------------------------------Provide your email address for security updates and to initiate configuration manager. "Receive Security Update:" = [Enter new value or use default "Yes"]Enter [Yes][No]? No<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->Register for Security Updates:------------------------------Provide your email address for security updates and to initiate configuration manager. "Receive Security Update:" = [Enter new value or use default "Yes"] ** Do you wish to bypass initiation of the configuration manager and ** remain uninformed of critical security issues in your configuration?Enter [Yes][No]? Yes<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->Register for Security Updates:------------------------------Provide your email address for security updates and to initiate configuration manager. 1|Email:[] 2|Support Password:[] 3|Receive Security Update:[No]Enter index number to select OR [Exit][Previous][Next]>Next<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->Register for Security Updates:------------------------------Provide your email address for security updates and to initiate configuration manager. 1|Email:[] 2|Support Password:[] 3|Receive Security Update:[No]Enter index number to select OR [Exit][Previous][Next]> Next<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->Choose Install Type:--------------------Select the type of installation you wish to perform. ->1|Typical | Install the following product(s) and component(s): | - WebLogic Server | - Oracle Coherence 2|Custom | Choose software products and components to install and perform optional |configuration.Enter index number to select OR [Exit][Previous][Next]> Next<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->Choose Product Installation Directories:----------------------------------------Middleware Home Directory: [/home/oracle/WLS1036]Product Installation Directories: 1|WebLogic Server: [/home/oracle/WLS1036/wlserver_10.3] 2|Oracle Coherence: [/home/oracle/WLS1036/coherence_3.7]Enter index number to select OR [Exit][Previous][Next]> Next<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->The following Products and JDKs will be installed:-------------------------------------------------- WebLogic Platform 10.3.6.0 |_____WebLogic Server | |_____Core Application Server | |_____Administration Console | |_____Configuration Wizard and Upgrade Framework | |_____Web 2.0 HTTP Pub-Sub Server | |_____WebLogic SCA | |_____WebLogic JDBC Drivers | |_____Third Party JDBC Drivers | |_____WebLogic Server Clients | |_____WebLogic Web Server Plugins | |_____UDDI and Xquery Support | |_____Evaluation Database |_____Oracle Coherence | |_____Coherence Product Files |_____JDKs |_____SUN SDK 1.6.0_29 |_____Oracle JRockit 1.6.0_29 SDK *Estimated size of installation: 1,276.0 MBEnter [Exit][Previous][Next]> Next<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->Installing files..0% 25% 50% 75% 100%[------------|------------|------------|------------][***************************************************]<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->Installing JDK....0% 25% 50% 75% 100%[------------|------------|------------|------------][***************************************************]Performing String Substitutions...<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->Configuring OCM...0% 25% 50% 75% 100%[------------|------------|------------|------------][***************************************************]Creating Domains...<-------------------- Oracle Installer - WebLogic 10.3.6.0 ------------------->Installation CompleteCongratulations! Installation is complete.Press [Enter] to continue or type [Exit]> [weblogic@pratik ~]$ Note: All the inputs are in Bold 3) Silent mode: 1) Log in to the target Unix system. 2) Create a silent.xml file that defines the configuration settings normally entered by a user during an interactive installation process, such as graphical-mode or console-mode installation. <?xml version="1.0" encoding="UTF-8"?><bea-installer> <input-fields> <data-value name="BEAHOME" value="/home/oracle/WLS1036" /> <data-value name="WLS_INSTALL_DIR" value="/home/oracle/WLS1036/wlserver_10.3" /> <data-value name="COMPONENT_PATHS" value="WebLogic Server|Oracle Coherence" /> </input-fields></bea-installer>  3) Place the silent.xml file in the same directory as where the WebLogic Server Package installer is located. 4) Go to the directory that contains the installation program. 5) Start the installer as follows: [weblogic@pratik WLSInstallers]$ chmod a+x wls1036_linux32.bin[weblogic@pratik WLSInstallers]$ ls -ltrtotal 851516-rwxrwxr-x 1 weblogic weblogic 871091023 Dec 22 2011 wls1036_linux32.bin-rw-rw-r-- 1 weblogic weblogic 331 Jul 5 03:48 silent.xml[weblogic@pratik WLSInstallers]$ cat silent.xml<?xml version="1.0" encoding="UTF-8"?><bea-installer> <input-fields> <data-value name="BEAHOME" value="/home/oracle/WLS1036" /> <data-value name="WLS_INSTALL_DIR" value="/home/oracle/WLS1036/wlserver_10.3" /> <data-value name="COMPONENT_PATHS" value="WebLogic Server|Oracle Coherence" /> </input-fields></bea-installer>[weblogic@pratik WLSInstallers]$ ./wls1036_linux32.bin -mode=silenlent.xml -log=/home/oracle/WLSInstallers/install.logExtracting 0%....................................................................................................100%[weblogic@pratik WLSInstallers]$ -log=/home/oracle/WLSInstallers/install.log creates a installation log(install.log) under "/home/oracle/WLSInstallers/", when installation completes you will see the following printed in the log file: 2012-07-05 03:59:36,788 INFO [WizardController] com.bea.plateng.wizard.silent.tasks.LogTask - The installation was successfull! For other configurable values in silent.xml refer: Values for the Sample silent.xml File for WebLogic Server Important links to Refer: Running the Installation Program in Graphical Mode Running the Installation Program in Console Mode Running the Installation Program in Silent Mode

Read the article
Pain Comes Instantly

- by user701213

When I look back at recent blog entries – many of which are not all that current (more on where my available writing time is going later) – I am struck by how many of them focus on public policy or legislative issues instead of, say, the latest nefarious cyberattack or exploit (or everyone’s favorite new pastime: coining terms for the Coming Cyberpocalypse: “digital Pearl Harbor” is so 1941). Speaking of which, I personally hope evil hackers from Malefactoria will someday hack into my bathroom scale – which in a future time will be connected to the Internet because, gosh, wouldn’t it be great to have absolutely everything in your life Internet-enabled? – and recalibrate it so I’m 10 pounds thinner. The horror. In part, my focus on public policy is due to an admitted limitation of my skill set. I enjoy reading technical articles about exploits and cybersecurity trends, but writing a blog entry on those topics would take more research than I have time for and, quite honestly, doesn’t play to my strengths. The first rule of writing is “write what you know.” The bigger contributing factor to my recent paucity of blog entries is that more and more of my waking hours are spent engaging in “thrust and parry” activity involving emerging regulations of some sort or other. I’ve opined in earlier blogs about what constitutes good and reasonable public policy so nobody can accuse me of being reflexively anti-regulation. That said, you have so many cycles in the day, and most of us would rather spend it slaying actual dragons than participating in focus groups on whether dragons are really a problem, whether lassoing them (with organic, sustainable and recyclable lassos) is preferable to slaying them – after all, dragons are people, too - and whether we need lasso compliance auditors to make sure lassos are being used correctly and humanely. (A point that seems to evade many rule makers: slaying dragons actually accomplishes something, whereas talking about “approved dragon slaying procedures and requirements” wastes the time of those who are competent to dispatch actual dragons and who were doing so very well without the input of “dragon-slaying theorists.”) Unfortunately for so many of us who would just get on with doing our day jobs, cybersecurity is rapidly devolving into the “focus groups on dragon dispatching” realm, which actual dragons slayers have little choice but to participate in. The general trend in cybersecurity is that powers-that-be – which encompasses groups other than just legislators – are often increasingly concerned and therefore feel they need to Do Something About Cybersecurity. Many seem to believe that if only we had the right amount of regulation and oversight, there would be no data breaches: a breach simply must mean Someone Is At Fault and Needs Supervision. (Leaving aside the fact that we have lots of home invasions despite a) guard dogs b) liberal carry permits c) alarm systems d) etc.) Also note that many well-managed and security-aware organizations, like the US Department of Defense, still get hacked. More specifically, many powers-that-be feel they must direct industry in a multiplicity of ways, up to and including how we actually build and deploy information technology systems. The more prescriptive the requirement, the more regulators or overseers a) can be seen to be doing something b) feel as if they are doing something regardless of whether they are actually doing something useful or cost effective. Note: an unfortunate concomitant of Doing Something is that often the cure is worse than the ailment. That is, doing what overseers want creates unfortunate byproducts that they either didn’t foresee or worse, don’t care about. After all, the logic goes, we Did Something. Prescriptive practice in the IT industry is problematic for a number of reasons. For a start, prescriptive guidance is really only appropriate if: • It is cost effective• It is “current” (meaning, the guidance doesn’t require the use of the technical equivalent of buggy whips long after horse-drawn transportation has become passé)*• It is practical (that is, pragmatic, proven and effective in the real world, not theoretical and unproven)• It solves the right problem With the above in mind, heading up the list of “you must be joking” regulations are recent disturbing developments in the Payment Card Industry (PCI) world. I’d like to give PCI kahunas the benefit of the doubt about their intentions, except that efforts by Oracle among others to make them aware of “unfortunate side effects of your requirements” – which is as tactful I can be for reasons that I believe will become obvious below - have gone, to-date, unanswered and more importantly, unchanged. A little background on PCI before I get too wound up. In 2008, the Payment Card Industry (PCI) Security Standards Council (SSC) introduced the Payment Application Data Security Standard (PA-DSS). That standard requires vendors of payment applications to ensure that their products implement specific requirements and undergo security assessment procedures. In order to have an application listed as a Validated Payment Application (VPA) and available for use by merchants, software vendors are required to execute the PCI Payment Application Vendor Release Agreement (VRA). (Are you still with me through all the acronyms?) Beginning in August 2010, the VRA imposed new obligations on vendors that are extraordinary and extraordinarily bad, short-sighted and unworkable. Specifically, PCI requires vendors to disclose (dare we say “tell all?”) to PCI any known security vulnerabilities and associated security breaches involving VPAs. ASAP. Think about the impact of that. PCI is asking a vendor to disclose to them: • Specific details of security vulnerabilities • Including exploit information or technical details of the vulnerability • Whether or not there is any mitigation available (as in a patch) PCI, in turn, has the right to blab about any and all of the above – specifically, to distribute all the gory details of what is disclosed - to the PCI SSC, qualified security assessors (QSAs), and any affiliate or agent or adviser of those entities, who are in turn permitted to share it with their respective affiliates, agents, employees, contractors, merchants, processors, service providers and other business partners. This assorted crew can’t be more than, oh, hundreds of thousands of entities. Does anybody believe that several hundred thousand people can keep a secret? Or that several hundred thousand people are all equally trustworthy? Or that not one of the people getting all that information would blab vulnerability details to a bad guy, even by accident? Or be a bad guy who uses the information to break into systems? (Wait, was that the Easter Bunny that just hopped by? Bringing world peace, no doubt.) Sarcasm aside, common sense tells us that telling lots of people a secret is guaranteed to “unsecret” the secret. Notably, being provided details of a vulnerability (without a patch) is of little or no use to companies running the affected application. Few users have the technological sophistication to create a workaround, and even if they do, most workarounds break some other functionality in the application or surrounding environment. Also, given the differences among corporate implementations of any application, it is highly unlikely that a single workaround is going to work for all corporate users. So until a patch is developed by the vendor, users remain at risk of exploit: even more so if the details of vulnerability have been widely shared. Sharing that information widely before a patch is available therefore does not help users, and instead helps only those wanting to exploit known security bugs. There’s a shocker for you. Furthermore, we already know that insider information about security vulnerabilities inevitably leaks, which is why most vendors closely hold such information and limit dissemination until a patch is available (and frequently limit dissemination of technical details even with the release of a patch). That’s the industry norm, not that PCI seems to realize or acknowledge that. Why would anybody release a bunch of highly technical exploit information to a cast of thousands, whose only “vetting” is that they are members of a PCI consortium? Oracle has had personal experience with this problem, which is one reason why information on security vulnerabilities at Oracle is “need to know” (we use our own row level access control to limit access to security bugs in our bug database, and thus less than 1% of development has access to this information), and we don’t provide some customers with more information than others or with vulnerability information and/or patches earlier than others. Failure to remember “insider information always leaks” creates problems in the general case, and has created problems for us specifically. A number of years ago, one of the UK intelligence agencies had information about a non-public security vulnerability in an Oracle product that they circulated among other UK and Commonwealth defense and intelligence entities. Nobody, it should be pointed out, bothered to report the problem to Oracle, even though only Oracle could produce a patch. The vulnerability was finally reported to Oracle by (drum roll) a US-based commercial company, to whom the information had leaked. (Note: every time I tell this story, the MI-whatever agency that created the problem gets a bit shirty with us. I know they meant well and have improved their vulnerability handling/sharing processes but, dudes, next time you find an Oracle vulnerability, try reporting it to us first before blabbing to lots of people who can’t actually fix the problem. Thank you!) Getting back to PCI: clearly, these new disclosure obligations increase the risk of exploitation of a vulnerability in a VPA and thus, of misappropriation of payment card data and customer information that a VPA processes, stores or transmits. It stands to reason that VRA’s current requirement for the widespread distribution of security vulnerability exploit details -- at any time, but particularly before a vendor can issue a patch or a workaround -- is very poor public policy. It effectively publicizes information of great value to potential attackers while not providing compensating benefits - actually, any benefits - to payment card merchants or consumers. In fact, it magnifies the risk to payment card merchants and consumers. The risk is most prominent in the time before a patch has been released, since customers often have little option but to continue using an application or system despite the risks. However, the risk is not limited to the time before a patch is issued: customers often need days, or weeks, to apply patches to systems, based upon the complexity of the issue and dependence on surrounding programs. Rather than decreasing the available window of exploit, this requirement increases the available window of exploit, both as to time available to exploit a vulnerability and the ease with which it can be exploited. Also, why would hackers focus on finding new vulnerabilities to exploit if they can get “EZHack” handed to them in such a manner: a) a vulnerability b) in a payment application c) with exploit code: the “Hacking Trifecta!“ It’s fair to say that this is probably the exact opposite of what PCI – or any of us – would want. Established industry practice concerning vulnerability handling avoids the risks created by the VRA’s vulnerability disclosure requirements. Specifically, the norm is not to release information about a security bug until the associated patch (or a pretty darn good workaround) has been issued. Once a patch is available, the notice to the user community is a high-level communication discussing the product at issue, the level of risk associated with the vulnerability, and how to apply the patch. The notices do not include either the specific customers affected by the vulnerability or forensic reports with maps of the exploit (both of which are required by the current VRA). In this way, customers have the tools they need to prioritize patching and to help prevent an attack, and the information released does not increase the risk of exploit. Furthermore, many vendors already use industry standards for vulnerability description: Common Vulnerability Enumeration (CVE) and Common Vulnerability Scoring System (CVSS). CVE helps ensure that customers know which particular issues a patch addresses and CVSS helps customers determine how severe a vulnerability is on a relative scale. Industry already provides the tools customers need to know what the patch contains and how bad the problem is that the patch remediates. So, what’s a poor vendor to do? Oracle is reaching out to other vendors subject to PCI and attempting to enlist then in a broad effort to engage PCI in rethinking (that is, eradicating) these requirements. I would therefore urge all who care about this issue, but especially those in the vendor community whose applications are subject to PCI and who may not have know they were being asked to tell-all to PCI and put their customers at risk, to do one of the following: • Contact PCI with your concerns• Contact Oracle (we are looking for vendors to sign our statement of concern)• And make sure you tell your customers that you have to rat them out to PCI if there is a breach involving the payment application I like to be charitable and say “PCI meant well” but in as important a public policy issue as what you disclose about vulnerabilities, to whom and when, meaning well isn’t enough. We need to do well. PCI, as regards this particular issue, has not done well, and has compounded the error by thus far being nonresponsive to those of us who have labored mightily to try to explain why they might want to rethink telling the entire planet about security problems with no solutions. By Way of Explanation… Non-related to PCI whatsoever, and the explanation for why I have not been blogging a lot recently, I have been working on Other Writing Venues with my sister Diane (who has also worked in the tech sector, inflicting upgrades on unsuspecting and largely ungrateful end users). I am pleased to note that we have recently (self-)published the first in the Miss Information Technology Murder Mystery series, Outsourcing Murder. The genre might best be described as “chick lit meets geek scene.” Our sisterly nom de plume is Maddi Davidson and (shameless plug follows): you can order the paper version of the book on Amazon, or the Kindle or Nook versions on www.amazon.com or www.bn.com, respectively. From our book jacket: Emma Jones, a 20-something IT consultant, is working on an outsourcing project at Tahiti Tacos, a restaurant chain offering Polynexican cuisine: refried poi, anyone? Emma despises her boss Padmanabh, a brilliant but arrogant partner in GD Consulting. When Emma discovers His-Royal-Padness’s body (verdict: death by cricket bat), she becomes a suspect.With her overprotective family and her best friend Stacey providing endless support and advice, Emma stumbles her way through an investigation of Padmanabh’s murder, bolstered by fusion food feeding frenzies, endless cups of frou-frou coffee and serious surfing sessions. While Stacey knows a PI who owes her a favor, landlady Magda urges Emma to tart up her underwear drawer before the next cute cop with a search warrant arrives. Emma’s mother offers to fix her up with a PhD student at Berkeley and showers her with self-defense gizmos while her old lover Keoni beckons from Hawai’i. And everyone, even Shaun the barista, knows a good lawyer. Book 2, Denial of Service, is coming out this summer. * Given the rate of change in technology, today’s “thou shalts” are easily next year’s “buggy whip guidance.”

Read the article
Servlet Mapping Help - Possible to Avoid Referencing Context Name?

- by AJ

Hi all, I am working on a Spring application and trying to get my URL mapping correct. What I would like to have work is the following: http://localhost:8080/idptest -> doesn't work But instead, I have to reference the context name in my URL in order to resolve the mapping: http://localhost:8080/<context_name>/idptest -> works How can I avoid the requirement of referencing the context name in my URL without using a rewrite/proxy engine e.g. Apache? Here is the servlet definition and mapping from my web.xml: <servlet> <servlet-name>idptest</servlet-name> <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> <init-param> <param-name>contextConfigLocation</param-name> <param-value>/WEB-INF/conf/idptest.xml</param-value> </init-param> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>idptest</servlet-name> <url-pattern>/</url-pattern> </servlet-mapping> Here's the outline of my controller (showing annotations for request mappings): @Controller @RequestMapping("/idptest") public class MyController { @RequestMapping(method=RequestMethod.GET) public String setupForm(Model model){ MyObject someObject = new MyObject(); model.addAttribute("someObject", someObject); return "myform"; } @RequestMapping(method = RequestMethod.POST) public String processSubmit(@ModelAttribute("someObject") MyObject someObject) throws Exception { // POST logic... } } Thanks!

Read the article
non static method cannot be referenced from a static context.

- by David

First some code: import java.util.*; ... class TicTacToe { ... public static void main (String[]arg) { Random Random = new Random() ; toerunner () ; // this leads to a path of methods that eventualy gets us to the rest of the code } ... public void CompTurn (int type, boolean debug) { ... boolean done = true ; int a = 0 ; while (!done) { a = Random.nextInt(10) ; if (debug) { int i = 0 ; while (i<20) { System.out.print (a+", ") ; i++; }} if (possibles[a]==1) done = true ; } this.board[a] = 2 ; } ... } //to close the class Here is the error message: TicTacToe.java:85: non-static method nextInt(int) cannot be referenced from a static context a = Random.nextInt(10) ; ^ What exactly went wrong? What does that error message "non static method cannot be referenced from a static context" mean?

Read the article
How to add a service to the type descriptor context of a property grid in .Net?

- by Jules

I have an app that allows the user to choose an image, at design time, either as a straight image, or from an image list. All cool so far, except that this is not happening from the visual studio property browser, its happening from a property grid that is a part of a type editor. My problem is, both the image picker (actually resource picker), and the imagelist type converter rely on some design-time services to get the job done. In the case of imagelist, its the IReferenceService and in the case of the resource picker its a service called _DTE. In the first instance of an edit from the visual studio property browser, I could get a reference to these services but (1) how can I add them to the type descriptor context of my property grid? It would be better, for future proofing, if I could just copy a reference to all of the services in the type descriptor context. (2) Where does the property browser get these services from in the first place? ETA: I still don't know how to do it, but I now know it is possible. (1) Sub-class control and add a property whose type is an array of buttons. (2) Add it to a form. (3) Select the new control on the design service and edit the new property in the property browser. (4) The collection editor dialog pops-up (5) Add a button (6) Edit image and image list - the type editor and type converter, respectively, behave as they should.

Read the article
Command line mode only -- successful login only brings me back to login screen

- by seth

whenever I log in the screen goes black, I see a glimpse of terminal-esque text, and then it brings me back to the log in screen (Ubuntu 12.04). I can enter and log in via the command line. The guest account works find. I think this happened because I edited some Xorg related file trying to make an external monitor work with my laptop. I copy pasted from a forum post so I dont recall the file or what i put in the file. Can't find the forum post again and my bash history wasn't recorded from that session. I tried reinstalling Xorg and ubuntu-desktop, nvidia, resetting any configs I could find... I'm really at a loss of what to do. Here's my /.xsession-errors: /usr/sbin/lightdm-session: 11: /home/seth/.profile: -s: not found Backend : gconf Integration : true Profile : unity Adding plugins Initializing core options...done Initializing composite options...done Initializing opengl options...done Initializing decor options...done Initializing vpswitch options...done Initializing snap options...done Initializing mousepoll options...done Initializing resize options...done Initializing place options...done Initializing move options...done Initializing wall options...done Initializing grid options...done I/O warning : failed to load external entity "/home/seth/.compiz/session/108fa6ea48f8a973b9133850948930576700000017740033" Initializing session options...done Initializing gnomecompat options...done ** Message: applet now removed from the notification area Initializing animation options...done Initializing fade options...done Initializing unitymtgrabhandles options...done Initializing workarounds options...done Initializing scale options...done compiz (expo) - Warn: failed to bind image to texture Initializing expo options...done Initializing ezoom options...done ** Message: using fallback from indicator to GtkStatusIcon (compiz:1846): GConf-CRITICAL **: gconf_client_add_dir: assertion `gconf_valid_key (dirname, NULL)' failed Initializing unityshell options...done Nautilus-Share-Message: Called "net usershare info" but it failed: 'net usershare' returned error 255: net usershare: cannot open usershare directory /var/lib/samba/usershares. Error No such file or directory Please ask your system administrator to enable user sharing. Setting Update "main_menu_key" Setting Update "run_key" Setting Update "launcher_hide_mode" Setting Update "edge_responsiveness" Setting Update "launcher_capture_mouse" ** Message: moving back from GtkStatusIcon to indicator compiz (decor) - Warn: failed to bind pixmap to texture ** (zeitgeist-datahub:2128): WARNING **: zeitgeist-datahub.vala:227: Unable to get name "org.gnome.zeitgeist.datahub" on the bus! failed to create drawable compiz (core) - Warn: glXCreatePixmap failed compiz (core) - Warn: Couldn't bind background pixmap 0x1e00001 to texture compiz (decor) - Warn: failed to bind pixmap to texture ** Message: No keyring secrets found for Sonic.net_356/802-11-wireless-security; asking user. compiz (decor) - Warn: failed to bind pixmap to texture compiz (decor) - Warn: failed to bind pixmap to texture ** Message: No keyring secrets found for Sonic.net_356/802-11-wireless-security; asking user. ** Message: No keyring secrets found for Sonic.net_356/802-11-wireless-security; asking user. ** Message: No keyring secrets found for Sonic.net_356/802-11-wireless-security; asking user. ** Message: No keyring secrets found for Sonic.net_356/802-11-wireless-security; asking user. ** Message: No keyring secrets found for Sonic.net_356/802-11-wireless-security; asking user. ** Message: No keyring secrets found for Sonic.net_356/802-11-wireless-security; asking user. ** Message: No keyring secrets found for Sonic.net_356/802-11-wireless-security; asking user. ** Message: No keyring secrets found for Sonic.net_356/802-11-wireless-security; asking user. ** Message: No keyring secrets found for Sonic.net_356/802-11-wireless-security; asking user. ** Message: No keyring secrets found for Sonic.net_356/802-11-wireless-security; asking user. ** Message: No keyring secrets found for Sonic.net_356/802-11-wireless-security; asking user. ** Message: No keyring secrets found for Sonic.net_356/802-11-wireless-security; asking user. [2348:2352:12678840568:ERROR:gpu_watchdog_thread.cc(231)] The GPU process hung. Terminating after 10000 ms. [2256:2283:14450711755:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:14450726175:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:14450746028:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:14464521342:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:14464541249:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:14690775186:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:14690795231:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:14704543843:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:14704566717:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:14766138587:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:14857232694:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:14930901403:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:14930965542:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:14944566814:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:14944592215:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:15170929788:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:15170947382:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:15184585015:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:15184605475:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:15366189036:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:15410983381:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:15411569689:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:15431632431:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:15431674438:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:15457304356:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:15656020938:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:15656042383:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:15674651268:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:15674671786:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:16052544301:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:16057387653:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:16157122849:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:16157123851:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:16157125473:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:16157126544:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 [2256:2283:16157129682:ERROR:ssl_client_socket_nss.cc(1542)] handshake with server mail.google.com:443 failed; NSS error code -5938, net_error -107 If anyone can help me out, I'd be forever grateful

Read the article
A New Threat To Web Applications: Connection String Parameter Pollution (CSPP)

- by eric.maurice

Hi, this is Shaomin Wang. I am a security analyst in Oracle's Security Alerts Group. My primary responsibility is to evaluate the security vulnerabilities reported externally by security researchers on Oracle Fusion Middleware and to ensure timely resolution through the Critical Patch Update. Today, I am going to talk about a serious type of attack: Connection String Parameter Pollution (CSPP). Earlier this year, at the Black Hat DC 2010 Conference, two Spanish security researchers, Jose Palazon and Chema Alonso, unveiled a new class of security vulnerabilities, which target insecure dynamic connections between web applications and databases. The attack called Connection String Parameter Pollution (CSPP) exploits specifically the semicolon delimited database connection strings that are constructed dynamically based on the user inputs from web applications. CSPP, if carried out successfully, can be used to steal user identities and hijack web credentials. CSPP is a high risk attack because of the relative ease with which it can be carried out (low access complexity) and the potential results it can have (high impact). In today's blog, we are going to first look at what connection strings are and then review the different ways connection string injections can be leveraged by malicious hackers. We will then discuss how CSPP differs from traditional connection string injection, and the measures organizations can take to prevent this kind of attacks. In web applications, a connection string is a set of values that specifies information to connect to backend data repositories, in most cases, databases. The connection string is passed to a provider or driver to initiate a connection. Vendors or manufacturers write their own providers for different databases. Since there are many different providers and each provider has multiple ways to make a connection, there are many different ways to write a connection string. Here are some examples of connection strings from Oracle Data Provider for .Net/ODP.Net: Oracle Data Provider for .Net / ODP.Net; Manufacturer: Oracle; Type: .NET Framework Class Library: - Using TNS Data Source = orcl; User ID = myUsername; Password = myPassword; - Using integrated security Data Source = orcl; Integrated Security = SSPI; - Using the Easy Connect Naming Method Data Source = username/password@//myserver:1521/my.server.com - Specifying Pooling parameters Data Source=myOracleDB; User Id=myUsername; Password=myPassword; Min Pool Size=10; Connection Lifetime=120; Connection Timeout=60; Incr Pool Size=5; Decr Pool Size=2; There are many variations of the connection strings, but the majority of connection strings are key value pairs delimited by semicolons. Attacks on connection strings are not new (see for example, this SANS White Paper on Securing SQL Connection String). Connection strings are vulnerable to injection attacks when dynamic string concatenation is used to build connection strings based on user input. When the user input is not validated or filtered, and malicious text or characters are not properly escaped, an attacker can potentially access sensitive data or resources. For a number of years now, vendors, including Oracle, have created connection string builder class tools to help developers generate valid connection strings and potentially prevent this kind of vulnerability. Unfortunately, not all application developers use these utilities because they are not aware of the danger posed by this kind of attacks. So how are Connection String parameter Pollution (CSPP) attacks different from traditional Connection String Injection attacks? First, let's look at what parameter pollution attacks are. Parameter pollution is a technique, which typically involves appending repeating parameters to the request strings to attack the receiving end. Much of the public attention around parameter pollution was initiated as a result of a presentation on HTTP Parameter Pollution attacks by Stefano Di Paola and Luca Carettoni delivered at the 2009 Appsec OWASP Conference in Poland. In HTTP Parameter Pollution attacks, an attacker submits additional parameters in HTTP GET/POST to a web application, and if these parameters have the same name as an existing parameter, the web application may react in different ways depends on how the web application and web server deal with multiple parameters with the same name. When applied to connections strings, the rule for the majority of database providers is the "last one wins" algorithm. If a KEYWORD=VALUE pair occurs more than once in the connection string, the value associated with the LAST occurrence is used. This opens the door to some serious attacks. By way of example, in a web application, a user enters username and password; a subsequent connection string is generated to connect to the back end database. Data Source = myDataSource; Initial Catalog = db; Integrated Security = no; User ID = myUsername; Password = XXX; In the password field, if the attacker enters "xxx; Integrated Security = true", the connection string becomes, Data Source = myDataSource; Initial Catalog = db; Integrated Security = no; User ID = myUsername; Password = XXX; Intergrated Security = true; Under the "last one wins" principle, the web application will then try to connect to the database using the operating system account under which the application is running to bypass normal authentication. CSPP poses serious risks for unprepared organizations. It can be particularly dangerous if an Enterprise Systems Management web front-end is compromised, because attackers can then gain access to control panels to configure databases, systems accounts, etc. Fortunately, organizations can take steps to prevent this kind of attacks. CSPP falls into the Injection category of attacks like Cross Site Scripting or SQL Injection, which are made possible when inputs from users are not properly escaped or sanitized. Escaping is a technique used to ensure that characters (mostly from user inputs) are treated as data, not as characters, that is relevant to the interpreter's parser. Software developers need to become aware of the danger of these attacks and learn about the defenses mechanism they need to introduce in their code. As well, software vendors need to provide templates or classes to facilitate coding and eliminate developers' guesswork for protecting against such vulnerabilities. Oracle has introduced the OracleConnectionStringBuilder class in Oracle Data Provider for .NET. Using this class, developers can employ a configuration file to provide the connection string and/or dynamically set the values through key/value pairs. It makes creating connection strings less error-prone and easier to manager, and ultimately using the OracleConnectionStringBuilder class provides better security against injection into connection strings. For More Information: - The OracleConnectionStringBuilder is located at http://download.oracle.com/docs/cd/B28359_01/win.111/b28375/OracleConnectionStringBuilderClass.htm - Oracle has developed a publicly available course on preventing SQL Injections. The Server Technologies Curriculum course "Defending Against SQL Injection Attacks!" is located at http://st-curriculum.oracle.com/tutorial/SQLInjection/index.htm - The OWASP web site also provides a number of useful resources. It is located at http://www.owasp.org/index.php/Main_Page

Read the article
django/python: is one view that handles two sibling models a good idea?

- by clime

I am using django multi-table inheritance: Video and Image are models derived from Media. I have implemented two views: video_list and image_list, which are just proxies to media_list. media_list returns images or videos (based on input parameter model) for a certain object, which can be of type Event, Member, or Crag. The view alters its behaviour based on input parameter action (better name would be mode), which can be of value "edit" or "view". The problem is that I need to ask whether the input parameter model contains Video or Image in media_list so that I can do the right thing. Similar condition is also in helper method media_edit_list that is called from the view. I don't particularly like it but the only alternative I can think of is to have separate (but almost the same) logic for video_list and image_list and then probably also separate helper methods for videos and images: video_edit_list, image_edit_list, video_view_list, image_view_list. So four functions instead of just two. That I like even less because the video functions would be very similar to the respective image functions. What do you recommend? Here is extract of relevant parts: http://pastebin.com/07t4bdza. I'll also paste the code here: #urls url(r'^media/images/(?P<rel_model_tag>(event|member|crag))/(?P<rel_object_id>\d+)/(?P<action>(view|edit))/$', views.image_list, name='image-list') url(r'^media/videos/(?P<rel_model_tag>(event|member|crag))/(?P<rel_object_id>\d+)/(?P<action>(view|edit))/$', views.video_list, name='video-list') #views def image_list(request, rel_model_tag, rel_object_id, mode): return media_list(request, Image, rel_model_tag, rel_object_id, mode) def video_list(request, rel_model_tag, rel_object_id, mode): return media_list(request, Video, rel_model_tag, rel_object_id, mode) def media_list(request, model, rel_model_tag, rel_object_id, mode): rel_model = tag_to_model(rel_model_tag) rel_object = get_object_or_404(rel_model, pk=rel_object_id) if model == Image: star_media = rel_object.star_image else: star_media = rel_object.star_video filter_params = {} if rel_model == Event: filter_params['event'] = rel_object_id elif rel_model == Member: filter_params['members'] = rel_object_id elif rel_model == Crag: filter_params['crag'] = rel_object_id media_list = model.objects.filter(~Q(id=star_media.id)).filter(**filter_params).order_by('date_added').all() context = { 'media_list': media_list, 'star_media': star_media, } if mode == 'edit': return media_edit_list(request, model, rel_model_tag, rel_object_id, context) return media_view_list(request, model, rel_model_tag, rel_object_id, context) def media_view_list(request, model, rel_model_tag, rel_object_id, context): if request.is_ajax(): context['base_template'] = 'boxes/base-lite.html' return render(request, 'media/list-items.html', context) def media_edit_list(request, model, rel_model_tag, rel_object_id, context): if model == Image: get_media_edit_record = get_image_edit_record else: get_media_edit_record = get_video_edit_record media_list = [get_media_edit_record(media, rel_model_tag, rel_object_id) for media in context['media_list']] if context['star_media']: star_media = get_media_edit_record(context['star_media'], rel_model_tag, rel_object_id) else: star_media = None json = simplejson.dumps({ 'star_media': star_media, 'media_list': media_list, }) return HttpResponse(json, content_type=json_response_mimetype(request)) def get_image_edit_record(image, rel_model_tag, rel_object_id): record = { 'url': image.image.url, 'name': image.title or image.filename, 'type': mimetypes.guess_type(image.image.path)[0] or 'image/png', 'thumbnailUrl': image.thumbnail_2.url, 'size': image.image.size, 'id': image.id, 'media_id': image.media_ptr.id, 'starUrl':reverse('image-star', kwargs={'image_id': image.id, 'rel_model_tag': rel_model_tag, 'rel_object_id': rel_object_id}), } return record def get_video_edit_record(video, rel_model_tag, rel_object_id): record = { 'url': video.embed_url, 'name': video.title or video.url, 'type': None, 'thumbnailUrl': video.thumbnail_2.url, 'size': None, 'id': video.id, 'media_id': video.media_ptr.id, 'starUrl': reverse('video-star', kwargs={'video_id': video.id, 'rel_model_tag': rel_model_tag, 'rel_object_id': rel_object_id}), } return record # models class Media(models.Model, WebModel): title = models.CharField('title', max_length=128, default='', db_index=True, blank=True) event = models.ForeignKey(Event, null=True, default=None, blank=True) crag = models.ForeignKey(Crag, null=True, default=None, blank=True) members = models.ManyToManyField(Member, blank=True) added_by = models.ForeignKey(Member, related_name='added_images') date_added = models.DateTimeField('date added', auto_now_add=True, null=True, default=None, editable=False) class Image(Media): image = ProcessedImageField(upload_to='uploads', processors=[ResizeToFit(width=1024, height=1024, upscale=False)], format='JPEG', options={'quality': 75}) thumbnail_1 = ImageSpecField(source='image', processors=[SmartResize(width=178, height=134)], format='JPEG', options={'quality': 75}) thumbnail_2 = ImageSpecField(source='image', #processors=[SmartResize(width=256, height=192)], processors=[ResizeToFit(height=164)], format='JPEG', options={'quality': 75}) class Video(Media): url = models.URLField('url', max_length=256, default='') embed_url = models.URLField('embed url', max_length=256, default='', blank=True) author = models.CharField('author', max_length=64, default='', blank=True) thumbnail = ProcessedImageField(upload_to='uploads', processors=[ResizeToFit(width=1024, height=1024, upscale=False)], format='JPEG', options={'quality': 75}, null=True, default=None, blank=True) thumbnail_1 = ImageSpecField(source='thumbnail', processors=[SmartResize(width=178, height=134)], format='JPEG', options={'quality': 75}) thumbnail_2 = ImageSpecField(source='thumbnail', #processors=[SmartResize(width=256, height=192)], processors=[ResizeToFit(height=164)], format='JPEG', options={'quality': 75}) class Crag(models.Model, WebModel): name = models.CharField('name', max_length=64, default='', db_index=True) normalized_name = models.CharField('normalized name', max_length=64, default='', editable=False) type = models.IntegerField('crag type', null=True, default=None, choices=crag_types) description = models.TextField('description', default='', blank=True) country = models.ForeignKey('country', null=True, default=None) #TODO: make this not null when db enables it latitude = models.FloatField('latitude', null=True, default=None) longitude = models.FloatField('longitude', null=True, default=None) location_index = FixedCharField('location index', length=24, default='', editable=False, db_index=True) # handled by db, used for marker clustering added_by = models.ForeignKey('member', null=True, default=None) #route_count = models.IntegerField('route count', null=True, default=None, editable=False) date_created = models.DateTimeField('date created', auto_now_add=True, null=True, default=None, editable=False) last_modified = models.DateTimeField('last modified', auto_now=True, null=True, default=None, editable=False) star_image = models.ForeignKey('Image', null=True, default=None, related_name='star_crags', on_delete=models.SET_NULL) star_video = models.ForeignKey('Video', null=True, default=None, related_name='star_crags', on_delete=models.SET_NULL)

Read the article
Applying ServiceKnownTypeAttribute to WCF service with Spring

- by avidgoffer

I am trying to apply the ServiceKnownTypeAttribute to my WCF Service but keep getting the error below my config. Does anyone have any ideas? <object id="HHGEstimating" type="Spring.ServiceModel.ServiceExporter, Spring.Services"> <property name="TargetName" value="HHGEstimatingHelper"/> <property name="Name" value="HHGEstimating"/> <property name="Namespace" value="http://www.igcsoftware.com/HHGEstimating"/> <property name="TypeAttributes"> <list> <ref local="wcfErrorBehavior"/> <ref local="wcfSilverlightFaultBehavior"/> <object type="System.ServiceModel.ServiceKnownTypeAttribute, System.ServiceModel"> <constructor-arg name="type" value="IGCSoftware.HHG.Business.UserControl.AtlasUser, IGCSoftware.HHG.Business"/> </object> </list> </property> Error thrown by a dependency of object 'HHGEstimating' defined in 'assembly [IGCSoftware.HHG.WebService, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null], resource [IGCSoftware.HHG.WebService.Resources.Spring.objects.xml] line 46' : '1' constructor arguments specified but no matching constructor found in object 'System.ServiceModel.ServiceKnownTypeAttribute#25A5628' (hint: specify argument indexes, names, or types to avoid ambiguities). while resolving 'TypeAttributes[2]' to 'System.ServiceModel.ServiceKnownTypeAttribute#25A5628' defined in 'assembly [IGCSoftware.HHG.WebService, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null], resource [IGCSoftware.HHG.WebService.Resources.Spring.objects.xml] line 46' Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. Exception Details: Spring.Objects.Factory.ObjectCreationException: Error thrown by a dependency of object 'HHGEstimating' defined in 'assembly [IGCSoftware.HHG.WebService, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null], resource [IGCSoftware.HHG.WebService.Resources.Spring.objects.xml] line 46' : '1' constructor arguments specified but no matching constructor found in object 'System.ServiceModel.ServiceKnownTypeAttribute#25A5628' (hint: specify argument indexes, names, or types to avoid ambiguities). while resolving 'TypeAttributes[2]' to 'System.ServiceModel.ServiceKnownTypeAttribute#25A5628' defined in 'assembly [IGCSoftware.HHG.WebService, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null], resource [IGCSoftware.HHG.WebService.Resources.Spring.objects.xml] line 46' Source Error: An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below. Stack Trace: [ObjectCreationException: Error thrown by a dependency of object 'HHGEstimating' defined in 'assembly [IGCSoftware.HHG.WebService, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null], resource [IGCSoftware.HHG.WebService.Resources.Spring.objects.xml] line 46' : '1' constructor arguments specified but no matching constructor found in object 'System.ServiceModel.ServiceKnownTypeAttribute#25A5628' (hint: specify argument indexes, names, or types to avoid ambiguities). while resolving 'TypeAttributes[2]' to 'System.ServiceModel.ServiceKnownTypeAttribute#25A5628' defined in 'assembly [IGCSoftware.HHG.WebService, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null], resource [IGCSoftware.HHG.WebService.Resources.Spring.objects.xml] line 46'] Spring.Objects.Factory.Support.ObjectDefinitionValueResolver.ResolveInnerObjectDefinition(String name, String innerObjectName, String argumentName, IObjectDefinition definition, Boolean singletonOwner) in l:\projects\spring-net\trunk\src\Spring\Spring.Core\Objects\Factory\Support\ObjectDefinitionValueResolver.cs:300 Spring.Objects.Factory.Support.ObjectDefinitionValueResolver.ResolvePropertyValue(String name, IObjectDefinition definition, String argumentName, Object argumentValue) in l:\projects\spring-net\trunk\src\Spring\Spring.Core\Objects\Factory\Support\ObjectDefinitionValueResolver.cs:150 Spring.Objects.Factory.Support.ObjectDefinitionValueResolver.ResolveValueIfNecessary(String name, IObjectDefinition definition, String argumentName, Object argumentValue) in l:\projects\spring-net\trunk\src\Spring\Spring.Core\Objects\Factory\Support\ObjectDefinitionValueResolver.cs:112 Spring.Objects.Factory.Config.ManagedList.Resolve(String objectName, IObjectDefinition definition, String propertyName, ManagedCollectionElementResolver resolver) in l:\projects\spring-net\trunk\src\Spring\Spring.Core\Objects\Factory\Config\ManagedList.cs:126 Spring.Objects.Factory.Support.ObjectDefinitionValueResolver.ResolvePropertyValue(String name, IObjectDefinition definition, String argumentName, Object argumentValue) in l:\projects\spring-net\trunk\src\Spring\Spring.Core\Objects\Factory\Support\ObjectDefinitionValueResolver.cs:201 Spring.Objects.Factory.Support.ObjectDefinitionValueResolver.ResolveValueIfNecessary(String name, IObjectDefinition definition, String argumentName, Object argumentValue) in l:\projects\spring-net\trunk\src\Spring\Spring.Core\Objects\Factory\Support\ObjectDefinitionValueResolver.cs:112 Spring.Objects.Factory.Support.AbstractAutowireCapableObjectFactory.ApplyPropertyValues(String name, RootObjectDefinition definition, IObjectWrapper wrapper, IPropertyValues properties) in l:\projects\spring-net\trunk\src\Spring\Spring.Core\Objects\Factory\Support\AbstractAutowireCapableObjectFactory.cs:373 Spring.Objects.Factory.Support.AbstractAutowireCapableObjectFactory.PopulateObject(String name, RootObjectDefinition definition, IObjectWrapper wrapper) in l:\projects\spring-net\trunk\src\Spring\Spring.Core\Objects\Factory\Support\AbstractAutowireCapableObjectFactory.cs:563 Spring.Objects.Factory.Support.AbstractAutowireCapableObjectFactory.ConfigureObject(String name, RootObjectDefinition definition, IObjectWrapper wrapper) in l:\projects\spring-net\trunk\src\Spring\Spring.Core\Objects\Factory\Support\AbstractAutowireCapableObjectFactory.cs:1844 Spring.Objects.Factory.Support.AbstractAutowireCapableObjectFactory.InstantiateObject(String name, RootObjectDefinition definition, Object[] arguments, Boolean allowEagerCaching, Boolean suppressConfigure) in l:\projects\spring-net\trunk\src\Spring\Spring.Core\Objects\Factory\Support\AbstractAutowireCapableObjectFactory.cs:918 Spring.Objects.Factory.Support.AbstractObjectFactory.CreateAndCacheSingletonInstance(String objectName, RootObjectDefinition objectDefinition, Object[] arguments) in l:\projects\spring-net\trunk\src\Spring\Spring.Core\Objects\Factory\Support\AbstractObjectFactory.cs:2120 Spring.Objects.Factory.Support.AbstractObjectFactory.GetObjectInternal(String name, Type requiredType, Object[] arguments, Boolean suppressConfigure) in l:\projects\spring-net\trunk\src\Spring\Spring.Core\Objects\Factory\Support\AbstractObjectFactory.cs:2046 Spring.Objects.Factory.Support.DefaultListableObjectFactory.PreInstantiateSingletons() in l:\projects\spring-net\trunk\src\Spring\Spring.Core\Objects\Factory\Support\DefaultListableObjectFactory.cs:505 Spring.Context.Support.AbstractApplicationContext.Refresh() in l:\projects\spring-net\trunk\src\Spring\Spring.Core\Context\Support\AbstractApplicationContext.cs:911 _dynamic_Spring.Context.Support.XmlApplicationContext..ctor(Object[] ) +197 Spring.Reflection.Dynamic.SafeConstructor.Invoke(Object[] arguments) in l:\projects\spring-net\trunk\src\Spring\Spring.Core\Reflection\Dynamic\DynamicConstructor.cs:116 Spring.Context.Support.RootContextInstantiator.InvokeContextConstructor(ConstructorInfo ctor) in l:\projects\spring-net\trunk\src\Spring\Spring.Core\Context\Support\ContextHandler.cs:550 Spring.Context.Support.ContextInstantiator.InstantiateContext() in l:\projects\spring-net\trunk\src\Spring\Spring.Core\Context\Support\ContextHandler.cs:494 Spring.Context.Support.ContextHandler.InstantiateContext(IApplicationContext parentContext, Object configContext, String contextName, Type contextType, Boolean caseSensitive, String[] resources) in l:\projects\spring-net\trunk\src\Spring\Spring.Core\Context\Support\ContextHandler.cs:330 Spring.Context.Support.ContextHandler.Create(Object parent, Object configContext, XmlNode section) in l:\projects\spring-net\trunk\src\Spring\Spring.Core\Context\Support\ContextHandler.cs:280 [ConfigurationErrorsException: Error creating context 'spring.root': Error thrown by a dependency of object 'HHGEstimating' defined in 'assembly [IGCSoftware.HHG.WebService, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null], resource [IGCSoftware.HHG.WebService.Resources.Spring.objects.xml] line 46' : '1' constructor arguments specified but no matching constructor found in object 'System.ServiceModel.ServiceKnownTypeAttribute#25A5628' (hint: specify argument indexes, names, or types to avoid ambiguities). while resolving 'TypeAttributes[2]' to 'System.ServiceModel.ServiceKnownTypeAttribute#25A5628' defined in 'assembly [IGCSoftware.HHG.WebService, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null], resource [IGCSoftware.HHG.WebService.Resources.Spring.objects.xml] line 46'] System.Configuration.BaseConfigurationRecord.EvaluateOne(String[] keys, SectionInput input, Boolean isTrusted, FactoryRecord factoryRecord, SectionRecord sectionRecord, Object parentResult) +202 System.Configuration.BaseConfigurationRecord.Evaluate(FactoryRecord factoryRecord, SectionRecord sectionRecord, Object parentResult, Boolean getLkg, Boolean getRuntimeObject, Object& result, Object& resultRuntimeObject) +1061 System.Configuration.BaseConfigurationRecord.GetSectionRecursive(String configKey, Boolean getLkg, Boolean checkPermission, Boolean getRuntimeObject, Boolean requestIsHere, Object& result, Object& resultRuntimeObject) +1431 System.Configuration.BaseConfigurationRecord.GetSection(String configKey, Boolean getLkg, Boolean checkPermission) +56 System.Configuration.BaseConfigurationRecord.GetSection(String configKey) +8 System.Web.Configuration.HttpConfigurationSystem.GetApplicationSection(String sectionName) +45 System.Web.Configuration.HttpConfigurationSystem.GetSection(String sectionName) +49 System.Web.Configuration.HttpConfigurationSystem.System.Configuration.Internal.IInternalConfigSystem.GetSection(String configKey) +6 System.Configuration.ConfigurationManager.GetSection(String sectionName) +78 Spring.Util.ConfigurationUtils.GetSection(String sectionName) in l:\projects\spring-net\trunk\src\Spring\Spring.Core\Util\ConfigurationUtils.cs:69 Spring.Context.Support.ContextRegistry.InitializeContextIfNeeded() in l:\projects\spring-net\trunk\src\Spring\Spring.Core\Context\Support\ContextRegistry.cs:340 Spring.Context.Support.ContextRegistry.GetContext() in l:\projects\spring-net\trunk\src\Spring\Spring.Core\Context\Support\ContextRegistry.cs:206 Spring.ServiceModel.Activation.ServiceHostFactory.CreateServiceHost(String reference, Uri[] baseAddresses) in l:\projects\spring-net\trunk\src\Spring\Spring.Services\ServiceModel\Activation\ServiceHostFactory.cs:66 System.ServiceModel.HostingManager.CreateService(String normalizedVirtualPath) +11687036 System.ServiceModel.HostingManager.ActivateService(String normalizedVirtualPath) +42 System.ServiceModel.HostingManager.EnsureServiceAvailable(String normalizedVirtualPath) +479 [ServiceActivationException: The service '/HHGEstimating.svc' cannot be activated due to an exception during compilation. The exception message is: Error creating context 'spring.root': Error thrown by a dependency of object 'HHGEstimating' defined in 'assembly [IGCSoftware.HHG.WebService, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null], resource [IGCSoftware.HHG.WebService.Resources.Spring.objects.xml] line 46' : '1' constructor arguments specified but no matching constructor found in object 'System.ServiceModel.ServiceKnownTypeAttribute#25A5628' (hint: specify argument indexes, names, or types to avoid ambiguities). while resolving 'TypeAttributes[2]' to 'System.ServiceModel.ServiceKnownTypeAttribute#25A5628' defined in 'assembly [IGCSoftware.HHG.WebService, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null], resource [IGCSoftware.HHG.WebService.Resources.Spring.objects.xml] line 46'.] System.ServiceModel.AsyncResult.End(IAsyncResult result) +11592858 System.ServiceModel.Activation.HostedHttpRequestAsyncResult.End(IAsyncResult result) +194 System.ServiceModel.Activation.HostedHttpRequestAsyncResult.ExecuteSynchronous(HttpApplication context, Boolean flowContext) +176 System.ServiceModel.Activation.HttpModule.ProcessRequest(Object sender, EventArgs e) +275 System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +68 System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +75

Read the article
django: failing tests from django.contrib.auth

- by gruszczy

When I run my django test I get following errors, that are outside of my test suite: ====================================================================== ERROR: test_known_user (django.contrib.auth.tests.remote_user.RemoteUserCustomTest) ---------------------------------------------------------------------- Traceback (most recent call last): File "/usr/lib/pymodules/python2.6/django/contrib/auth/tests/remote_user.py", line 160, in test_known_user super(RemoteUserCustomTest, self).test_known_user() File "/usr/lib/pymodules/python2.6/django/contrib/auth/tests/remote_user.py", line 67, in test_known_user self.assertEqual(response.context['user'].username, 'knownuser') TypeError: 'NoneType' object is unsubscriptable ====================================================================== ERROR: test_last_login (django.contrib.auth.tests.remote_user.RemoteUserCustomTest) ---------------------------------------------------------------------- Traceback (most recent call last): File "/usr/lib/pymodules/python2.6/django/contrib/auth/tests/remote_user.py", line 87, in test_last_login self.assertNotEqual(default_login, response.context['user'].last_login) TypeError: 'NoneType' object is unsubscriptable ====================================================================== ERROR: test_no_remote_user (django.contrib.auth.tests.remote_user.RemoteUserCustomTest) ---------------------------------------------------------------------- Traceback (most recent call last): File "/usr/lib/pymodules/python2.6/django/contrib/auth/tests/remote_user.py", line 33, in test_no_remote_user self.assert_(isinstance(response.context['user'], AnonymousUser)) TypeError: 'NoneType' object is unsubscriptable ====================================================================== ERROR: test_unknown_user (django.contrib.auth.tests.remote_user.RemoteUserCustomTest) ---------------------------------------------------------------------- Traceback (most recent call last): File "/usr/lib/pymodules/python2.6/django/contrib/auth/tests/remote_user.py", line 168, in test_unknown_user super(RemoteUserCustomTest, self).test_unknown_user() File "/usr/lib/pymodules/python2.6/django/contrib/auth/tests/remote_user.py", line 51, in test_unknown_user self.assertEqual(response.context['user'].username, 'newuser') TypeError: 'NoneType' object is unsubscriptable ====================================================================== ERROR: test_known_user (django.contrib.auth.tests.remote_user.RemoteUserNoCreateTest) ---------------------------------------------------------------------- Traceback (most recent call last): File "/usr/lib/pymodules/python2.6/django/contrib/auth/tests/remote_user.py", line 67, in test_known_user self.assertEqual(response.context['user'].username, 'knownuser') TypeError: 'NoneType' object is unsubscriptable ====================================================================== ERROR: test_last_login (django.contrib.auth.tests.remote_user.RemoteUserNoCreateTest) ---------------------------------------------------------------------- Traceback (most recent call last): File "/usr/lib/pymodules/python2.6/django/contrib/auth/tests/remote_user.py", line 87, in test_last_login self.assertNotEqual(default_login, response.context['user'].last_login) TypeError: 'NoneType' object is unsubscriptable ====================================================================== ERROR: test_no_remote_user (django.contrib.auth.tests.remote_user.RemoteUserNoCreateTest) ---------------------------------------------------------------------- Traceback (most recent call last): File "/usr/lib/pymodules/python2.6/django/contrib/auth/tests/remote_user.py", line 33, in test_no_remote_user self.assert_(isinstance(response.context['user'], AnonymousUser)) TypeError: 'NoneType' object is unsubscriptable ====================================================================== ERROR: test_unknown_user (django.contrib.auth.tests.remote_user.RemoteUserNoCreateTest) ---------------------------------------------------------------------- Traceback (most recent call last): File "/usr/lib/pymodules/python2.6/django/contrib/auth/tests/remote_user.py", line 118, in test_unknown_user self.assert_(isinstance(response.context['user'], AnonymousUser)) TypeError: 'NoneType' object is unsubscriptable ====================================================================== ERROR: test_known_user (django.contrib.auth.tests.remote_user.RemoteUserTest) ---------------------------------------------------------------------- Traceback (most recent call last): File "/usr/lib/pymodules/python2.6/django/contrib/auth/tests/remote_user.py", line 67, in test_known_user self.assertEqual(response.context['user'].username, 'knownuser') TypeError: 'NoneType' object is unsubscriptable ====================================================================== ERROR: test_last_login (django.contrib.auth.tests.remote_user.RemoteUserTest) ---------------------------------------------------------------------- Traceback (most recent call last): File "/usr/lib/pymodules/python2.6/django/contrib/auth/tests/remote_user.py", line 87, in test_last_login self.assertNotEqual(default_login, response.context['user'].last_login) TypeError: 'NoneType' object is unsubscriptable ====================================================================== ERROR: test_no_remote_user (django.contrib.auth.tests.remote_user.RemoteUserTest) ---------------------------------------------------------------------- Traceback (most recent call last): File "/usr/lib/pymodules/python2.6/django/contrib/auth/tests/remote_user.py", line 33, in test_no_remote_user self.assert_(isinstance(response.context['user'], AnonymousUser)) TypeError: 'NoneType' object is unsubscriptable ====================================================================== ERROR: test_unknown_user (django.contrib.auth.tests.remote_user.RemoteUserTest) ---------------------------------------------------------------------- Traceback (most recent call last): File "/usr/lib/pymodules/python2.6/django/contrib/auth/tests/remote_user.py", line 51, in test_unknown_user self.assertEqual(response.context['user'].username, 'newuser') TypeError: 'NoneType' object is unsubscriptable ====================================================================== FAIL: test_current_site_in_context_after_login (django.contrib.auth.tests.views.LoginTest) ---------------------------------------------------------------------- Traceback (most recent call last): File "/usr/lib/pymodules/python2.6/django/contrib/auth/tests/views.py", line 190, in test_current_site_in_context_after_login self.assertEquals(response.status_code, 200) AssertionError: 302 != 200 Could anyone explain me, what am I doing wrong or what I should set to get those tests pass?

Read the article
httpModules not working on iis7

- by roncansan

Hi, I have the following module public class LowerCaseRequest : IHttpModule { public void Init(HttpApplication context) { context.BeginRequest += new EventHandler(this.OnBeginRequest); } public void Dispose() { } public void OnBeginRequest(Object s, EventArgs e) { HttpApplication app = (HttpApplication)s; if (app.Context.Request.Url.ToString().ToLower().EndsWith(".aspx")) { if (app.Context.Request.Url.ToString() != app.Context.Request.Url.ToString().ToLower()) { HttpResponse response = app.Context.Response; response.StatusCode = (int)HttpStatusCode.MovedPermanently; response.Status = "301 Moved Permanently"; response.RedirectLocation = app.Context.Request.Url.ToString().ToLower(); response.SuppressContent = true; response.End(); } if (!app.Context.Request.Url.ToString().StartsWith(@"http://zeeprico.com")) { HttpResponse response = app.Context.Response; response.StatusCode = (int)HttpStatusCode.MovedPermanently; response.Status = "301 Moved Permanently"; response.RedirectLocation = app.Context.Request.Url.ToString().ToLower().Replace(@"http://zeeprico.com", @"http://www.zeeprico.com"); response.SuppressContent = true; response.End(); } } } } the web.config looks like <system.web> <httpModules> <remove name="WindowsAuthentication" /> <remove name="PassportAuthentication" /> <remove name="AnonymousIdentification" /> <remove name="UrlAuthorization" /> <remove name="FileAuthorization" /> <add name="LowerCaseRequest" type="LowerCaseRequest" /> <add name="UrlRewriter" type="Intelligencia.UrlRewriter.RewriterHttpModule, Intelligencia.UrlRewriter" /> <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> </httpModules> </system.web> It works grate on my PC running XP and IIS 5.1 but on my webserver running IIS7 and WS 2008 dosn't works, please help I don't know how to work this out. Thanks

Read the article
Is there such a thing as a "fully qualified" username within context of Windows Authentication?

- by Ben Aston

My web-app is hosted on mydomain, with the following URI associated with the domain: blah.net. I can login to using either of the following usernames: mydomain\ben [email protected] What are the names of each of these types of login (and are there any differences), within the context of Windows Authentication?

Read the article
Authlogic and functional tests - Authlogic::Session::Activation::NotActivatedError: You must activat

- by adam

Im getting the errors below despite following the documentation. In test_helper.rb ENV["RAILS_ENV"] = "test" require File.expand_path(File.dirname(__FILE__) + "/../config/environment") require "authlogic/test_case" require 'test_help' require 'shoulda' require File.dirname(__FILE__) + "/factories" In my functional test require 'test_helper' class SentencesControllerTest < ActionController::TestCase setup do :activate_authlogic end context "logged in" do setup do @user = Factory(:user) UserSession.create(@user.id) end context "on GET to :new" do setup do get :new end should "present form with text field" do assert_select('form#new_sentence') do assert_select('textarea#sentence_text') end end end end #context logged in. end in environments.rb config.gem "authlogic" Im not sure why it isnt working. Can anyone help out on this? Authlogic::Session::Activation::NotActivatedError: You must activate the Authlogic::Session::Base.controller with a controller object before creating objects authlogic (2.1.3) lib/authlogic/session/activation.rb:47:in `initialize' authlogic (2.1.3) lib/authlogic/session/klass.rb:64:in `initialize' authlogic (2.1.3) lib/authlogic/session/scopes.rb:79:in `initialize' authlogic (2.1.3) lib/authlogic/session/existence.rb:29:in `new' authlogic (2.1.3) lib/authlogic/session/existence.rb:29:in `create' test/functional/sentences_controller_test.rb:11:in `__bind_1270172858_922804' shoulda (2.10.3) lib/shoulda/context.rb:380:in `call' shoulda (2.10.3) lib/shoulda/context.rb:380:in `run_current_setup_blocks' shoulda (2.10.3) lib/shoulda/context.rb:379:in `each' shoulda (2.10.3) lib/shoulda/context.rb:379:in `run_current_setup_blocks' shoulda (2.10.3) lib/shoulda/context.rb:371:in `run_all_setup_blocks' shoulda (2.10.3) lib/shoulda/context.rb:375:in `run_parent_setup_blocks' shoulda (2.10.3) lib/shoulda/context.rb:359:in `test: logged in on GET to :new should present form with text field. ' /opt/rubymine/rb/testing/patch/testunit/test/unit/ui/testrunnermediator.rb:36:in `run_suite' /opt/rubymine/rb/testing/patch/testunit/test/unit/ui/teamcity/testrunner.rb:215:in `start_mediator' /opt/rubymine/rb/testing/patch/testunit/test/unit/ui/teamcity/testrunner.rb:191:in `start'

Read the article
Why are public static final array a security hole?

- by kunjaan

Effective java says: // Potential security hole! public static final Thing[] VALUES = { ... }; Can somebody tell me what is the security hole?

Read the article
What should I do when the managed object context fails to save?

- by dontWatchMyProfile

Example: I have an Cat entity with an catAge attribute. In the data modeler, I configured catAge as int with a max of 100. Then I do this: [newManagedObject setValue:[NSNumber numberWithInt:125] forKey:@"catAge"]; // Save the context. NSError *error = nil; if (![context save:&error]) { NSLog(@"Unresolved error %@, %@", error, [error userInfo]); } I'm getting an error in the console, like this: 2010-06-12 11:40:41.947 CatTest[2250:207] Unresolved error Error Domain=NSCocoaErrorDomain Code=1610 UserInfo=0x10164d0 "Operation could not be completed. (Cocoa error 1610.)", { NSLocalizedDescription = "Operation could not be completed. (Cocoa error 1610.)"; NSValidationErrorKey = catAge; NSValidationErrorObject = <NSManagedObject: 0x10099f0> (entity: Cat; id: 0x1006a90 <x-coredata:///Cat/t3BCBC34B-8405-4F16-B591-BE804B6811562> ; data: { catAge = 125; catName = "No Name"; }); NSValidationErrorPredicate = SELF <= 100; NSValidationErrorValue = 125; } Well, so I have an validation error. But the odd thing is, that it seems the MOC is broken after this. If I just tap "add" to add another invalid Cat object and save that, I'm getting this: 2010-06-12 11:45:13.857 CatTest[2250:207] Unresolved error Error Domain=NSCocoaErrorDomain Code=1560 UserInfo=0x1232170 "Operation could not be completed. (Cocoa error 1560.)", { NSDetailedErrors = ( Error Domain=NSCocoaErrorDomain Code=1610 UserInfo=0x1215f00 "Operation could not be completed. (Cocoa error 1610.)", Error Domain=NSCocoaErrorDomain Code=1610 UserInfo=0x1209fc0 "Operation could not be completed. (Cocoa error 1610.)" ); } That seems to report two errors now. BUT: When I try to delete now an valid, existing object from the table view (using the default core data template in a navigation-based app), then the app crashes! All I get in the console is: 2010-06-12 11:47:18.931 CatTest[2250:207] Unresolved error Error Domain=NSCocoaErrorDomain Code=1560 UserInfo=0x123eb30 "Operation could not be completed. (Cocoa error 1560.)", { NSDetailedErrors = ( Error Domain=NSCocoaErrorDomain Code=1610 UserInfo=0x1217010 "Operation could not be completed. (Cocoa error 1610.)", Error Domain=NSCocoaErrorDomain Code=1610 UserInfo=0x123ea80 "Operation could not be completed. (Cocoa error 1610.)" ); } ...so no idea where or why it crashes, but it does. So the question is, what are the neccessary steps to take when there's an validation error?

Read the article
Configuring jdbc-pool (tomcat 7)

- by john

i'm having some problems with tomcat 7 for configuring jdbc-pool : i`ve tried to follow this example: http://www.tomcatexpert.com/blog/2010/04/01/configuring-jdbc-pool-high-concurrency so i have: conf/server.xml <GlobalNamingResources> <Resource type="javax.sql.DataSource" name="jdbc/DB" factory="org.apache.tomcat.jdbc.pool.DataSourceFactory" driverClassName="com.mysql.jdbc.Driver" url="jdbc:mysql://localhost:3306/mydb" username="user" password="password" /> </GlobalNamingResources> conf/context.xml <Context> <ResourceLink type="javax.sql.DataSource" name="jdbc/LocalDB" global="jdbc/DB" /> <Context> and when i try to do this: Context initContext = new InitialContext(); Context envContext = (Context)initContext.lookup("java:/comp/env"); DataSource datasource = (DataSource)envContext.lookup("jdbc/LocalDB"); Connection con = datasource.getConnection(); i keep getting this error: javax.naming.NameNotFoundException: Name jdbc is not bound in this Context at org.apache.naming.NamingContext.lookup(NamingContext.java:803) at org.apache.naming.NamingContext.lookup(NamingContext.java:159) pls help tnx

Read the article
Linq to SQL - How to inner join tables from different Data Context?

- by jinsungy

I have two tables from two different Data Contexts. Although both tables are from the same database, two separate datacontexts exist. Error msg: "The query contains references to items defined on a different data context." How can I get around this? Any help is appreciated. Thanks.

Read the article
Creating a UIImage from a rotated UIImageView...

- by Magic Bullet Dave

I have a UIImageView with an image in it. I have rotated the image prior to display by setting the transform property of the UIImageView to CGAffineTransformMakeRotation(angle) where angle is the angle in radians. I want to be able to create another UIImage that corresponds to the rotated version that I can see in my view. I am almost there, by rotating the image context I get a rotated image: - (UIImage *) rotatedImageFromImageView: (UIImageView *) imageView { UIImage *rotatedImage; // Get image width, height of the bonuding rectangle CGRect boundingRect = [self getBoundingRectAfterRotation: imageView.bounds byAngle:angle]; // Create a graphics context the size of the boundinf rectangle UIGraphicsBeginImageContext(boundingRect.size); CGContextRef context = UIGraphicsGetCurrentContext(); // Rotate and translate the context CGAffineTransform ourTransform = CGAffineTransformIdentity; ourTransform = CGAffineTransformConcat(ourTransform, CGAffineTransformMakeRotation(angle)); CGContextConcatCTM(context, ourTransform); // Draw the image into the context CGContextDrawImage(context, CGRectMake(0, 0, imageView.image.size.width, imageView.image.size.height), imageView.image.CGImage); // Get an image from the context rotatedImage = [UIImage imageWithCGImage: CGBitmapContextCreateImage(context)]; // Clean up UIGraphicsEndImageContext(); return rotatedImage; } However the image is not rotated about its centre. I have tried all kinds of transforms concatenated with my rotate to get it to rotate around the centre but to no avail. Am I missing a trick? Is this even possible since I am rotating the context not the image? Getting desperate to make this work now, so any help would be appreciated. Dave

Read the article
How can I setup a Right Click context menu in Silverlight?

- by Aaron Fischer

I want to create a right click context menu for my textboxes to provide the typical copy/paste functionality. Any ideas on how to go about this?

Read the article
Usage of SP_OACreate, SP_OAMethod etc.. is a security risk ?

- by TonyP

I am told that usage of SP_OACreate , SP_OAMethod in SQL Server 2000 is of a security risk. I am using Strong Name in the assembly and is stored in GAC on the SQL Server Machine. What are the security implications/compromise ?

Read the article
Updated MVC 4 to 5.2.0 via Nuget Site compiles but wont run

- by hjavaher

I had the bright idea of updating my perfectly working ASP.Net MVC 4 application to the MVC 5 via nuget, Everything compiles just fine but when I try to run the application I get the following yellow screen of death. Has anyone gotten this or know how to solve it? I've searched for it and couldn't find any solutions. Please let me know if there is any farther information that would help you that I can give you. Attempt by security transparent method 'WebMatrix.WebData.PreApplicationStartCode.Start()' to access security critical method 'System.Web.WebPages.Razor.WebPageRazorHost.AddGlobalImport(System.String)' failed. Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. Exception Details: System.MethodAccessException: Attempt by security transparent method 'WebMatrix.WebData.PreApplicationStartCode.Start()' to access security critical method 'System.Web.WebPages.Razor.WebPageRazorHost.AddGlobalImport(System.String)' failed. Source Error: An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below. Stack Trace: [MethodAccessException: Attempt by security transparent method 'WebMatrix.WebData.PreApplicationStartCode.Start()' to access security critical method 'System.Web.WebPages.Razor.WebPageRazorHost.AddGlobalImport(System.String)' failed.] WebMatrix.WebData.PreApplicationStartCode.Start() +112 [InvalidOperationException: The pre-application start initialization method Start on type WebMatrix.WebData.PreApplicationStartCode threw an exception with the following error message: Attempt by security transparent method 'WebMatrix.WebData.PreApplicationStartCode.Start()' to access security critical method 'System.Web.WebPages.Razor.WebPageRazorHost.AddGlobalImport(System.String)' failed..] System.Web.Compilation.BuildManager.InvokePreStartInitMethodsCore(ICollection`1 methods, Func`1 setHostingEnvironmentCultures) +556 System.Web.Compilation.BuildManager.InvokePreStartInitMethods(ICollection`1 methods) +132 System.Web.Compilation.BuildManager.CallPreStartInitMethods(String preStartInitListPath, Boolean& isRefAssemblyLoaded) +102 System.Web.Compilation.BuildManager.ExecutePreAppStart() +153 System.Web.Hosting.HostingEnvironment.Initialize(ApplicationManager appManager, IApplicationHost appHost, IConfigMapPathFactory configMapPathFactory, HostingEnvironmentParameters hostingParameters, PolicyLevel policyLevel, Exception appDomainCreationException) +516 [HttpException (0x80004005): The pre-application start initialization method Start on type WebMatrix.WebData.PreApplicationStartCode threw an exception with the following error message: Attempt by security transparent method 'WebMatrix.WebData.PreApplicationStartCode.Start()' to access security critical method 'System.Web.WebPages.Razor.WebPageRazorHost.AddGlobalImport(System.String)' failed..] System.Web.HttpRuntime.FirstRequestInit(HttpContext context) +9885060 System.Web.HttpRuntime.EnsureFirstRequestInit(HttpContext context) +101 System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context) +254

Read the article
Hudson fails to use unix user/group to do authentication

- by Kane

I'm trying to use unix user/group database as security realm of hudson. The linux server is using NIS for user management. My account could login the hudson server via ssh. And the hudson server is running by user 'hudson' that is also a member of group 'shadow', so hudson could read /etc/shadow. And I tested the configuration using 'test' button, hudson tells me it works well. But I can't use my unix account and password to login the hudson sever. And I found below java exception in the log of hudson, Jan 12, 2011 8:23:42 AM hudson.security.AuthenticationProcessingFilter2 onUnsuccessfulAuthentication INFO: Login attempt failed org.acegisecurity.BadCredentialsException: pam_authenticate failed : Authentication failure; nested exception is org.jvnet.libpam.PAMException: pam_authenticate failed : Authentication failure at hudson.security.PAMSecurityRealm$PAMAuthenticationProvider.authenticate(PAMSecurityRealm.java:100) at org.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:195) at org.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:45) at org.acegisecurity.ui.webapp.AuthenticationProcessingFilter.attemptAuthentication(AuthenticationProcessingFilter.java:71) at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:252) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:173) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249) at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:66) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164) at winstone.FilterConfiguration.execute(FilterConfiguration.java:195) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:368) at winstone.RequestDispatcher.forward(RequestDispatcher.java:333) at winstone.RequestHandlerThread.processRequest(RequestHandlerThread.java:244) at winstone.RequestHandlerThread.run(RequestHandlerThread.java:150) at java.lang.Thread.run(Thread.java:595) Caused by: org.jvnet.libpam.PAMException: pam_authenticate failed : Authentication failure at org.jvnet.libpam.PAM.check(PAM.java:105) at org.jvnet.libpam.PAM.authenticate(PAM.java:123) at hudson.security.PAMSecurityRealm$PAMAuthenticationProvider.authenticate(PAMSecurityRealm.java:90) ... 18 more

Read the article
InstallExecuteSequence cache interferes with custom action operation

- by Dima G

I need to upgrade a product that could be installed in per-user context to a new version that is always in per-machine context. The requirements are: Whether the old version was installed in a Per-User (no matter who) or Per-Machine context should be completely seamless to an administrator user that performs the upgrade. The MSI upgrade should succeed without the need to know the password of the user that originally installed the previous version of the product in a Per-User context. The installation should be performed from a single .msi file (no setup.exe is allowed). The installation should be able to run in a silent (non-UI) mode. No reboots are allowed during installation. My strategy is to find in the beginning of the installation whether the product is already installed in per-user context, and if so, to transform the registry keys manually to Per-Machine context (I checked: no additional changes such as file system changes etc. are needed except this transform). I figured out how to move all appropriate keys in the registry from the user settings to the machine settings (pre-loaded appropriate user hive in case it didn't appear in HKEY_USERS) and created custom action that does it - and it does work when I run it as a stand-alone executable before running the MSI. The problem, however, is that when Windows Installer runs InstallExecuteSequence it first creates a 'cached product context' for all products. So when my custom action runs in the course of InstallExecuteSequence, this cache has already been created. Thus FindRelatedProducts action that determines if older product with same upgrade code exists looks on that cache and ignores the changes that my custom action applied. If before running the MSI the previous product was in per-user context, FindRelatedProducts will look at the cache and not apply the upgrade and remove the previous version, because the new product is in per-machine context, even though the previous product version is already configured to per-machine context in the registry by that time by my custom action. What can be done to solve this problem without violating the requirements stated above?

Read the article
Session state provider and global.asax not interacting properly?

- by yodaj007

I'm experimenting with creating a crude, proof-of-concept session state store provider in ASP.Net. But I've got a problem and I'm not sure what to do about it. The website works properly when using the InProc provider. The Session_Start in global.asax is called on session creation as it should. But not if I implement my own provider. The Session_Start method from global.asax isn't being called at all if a new session is being created (that is, I delete the session state file). Am I missing something important here? public class TestSessionProvider : SessionStateStoreProviderBase { private const string ROOT = "c:\\projects\\sessions\\"; private const int TIMEOUT_MINUTES = 30; public string ApplicationName { get { return HostingEnvironment.ApplicationVirtualPath; } } private string GetFilename(string id) { string filename = String.Format("{0}_{1}.session", ApplicationName, id); char[] invalids = Path.GetInvalidPathChars(); for (int i = 0; i < invalids.Length; i++) { filename = filename.Replace(invalids[i], '_'); } return Path.Combine(ROOT, Path.GetFileName(filename)); } public override void Initialize(string name, NameValueCollection config) { if (config == null) throw new ArgumentNullException("config"); if (String.IsNullOrEmpty(name)) name = "Sporkalicious"; base.Initialize(name, config); } public override SessionStateStoreData CreateNewStoreData(HttpContext context, int timeout) { SessionStateItemCollection items = new SessionStateItemCollection(); HttpStaticObjectsCollection objects = SessionStateUtility.GetSessionStaticObjects(context); return new SessionStateStoreData(items, objects, TIMEOUT_MINUTES); } /// <summary> /// The CreateUninitializedItem method is used with cookieless sessions when the regenerateExpiredSessionId /// attribute is set to true, which causes SessionStateModule to generate a new SessionID value when an /// expired session ID is encountered. /// </summary> /// <param name="context"></param> /// <param name="id"></param> /// <param name="timeout"></param> public override void CreateUninitializedItem(HttpContext context, string id, int timeout) { FileStream fs = File.Open(GetFilename(id), FileMode.CreateNew, FileAccess.Write, FileShare.None); BinaryWriter writer = new BinaryWriter(fs); SessionStateItemCollection coll = new SessionStateItemCollection(); coll.Serialize(writer); fs.Flush(); fs.Close(); } public override SessionStateStoreData GetItem(HttpContext context, string id, out bool locked, out TimeSpan lockAge, out object lockId, out SessionStateActions actions) { return GetItemExclusive(context, id, out locked, out lockAge, out lockId, out actions); } public override SessionStateStoreData GetItemExclusive(HttpContext context, string id, out bool locked, out TimeSpan lockAge, out object lockId, out SessionStateActions actions) { locked = false; lockAge = TimeSpan.FromDays(1); lockId = 0; actions = SessionStateActions.None; if (!File.Exists(GetFilename(id))) { return null; } FileStream fs = File.Open(GetFilename(id), FileMode.Open, FileAccess.ReadWrite, FileShare.Read); BinaryReader reader = new BinaryReader(fs); SessionStateItemCollection coll = SessionStateItemCollection.Deserialize(reader); fs.Close(); return new SessionStateStoreData(coll, new HttpStaticObjectsCollection(), TIMEOUT_MINUTES); } public override void ReleaseItemExclusive(HttpContext context, string id, object lockId) { } public override void RemoveItem(HttpContext context, string id, object lockId, SessionStateStoreData item) { File.Delete(GetFilename(id)); } public override void ResetItemTimeout(HttpContext context, string id) { } public override void SetAndReleaseItemExclusive(HttpContext context, string id, SessionStateStoreData item, object lockId, bool newItem) { if (!File.Exists(GetFilename(id))) { CreateUninitializedItem(context, id, 10); } FileStream fs = File.Open(GetFilename(id), FileMode.Truncate, FileAccess.Write, FileShare.None); BinaryWriter writer = new BinaryWriter(fs); SessionStateItemCollection coll = (SessionStateItemCollection)item.Items; coll.Serialize(writer); fs.Flush(); fs.Close(); } public override bool SetItemExpireCallback(SessionStateItemExpireCallback expireCallback) { return false; } public override void InitializeRequest(HttpContext context){} public override void EndRequest(HttpContext context){} public override void Dispose(){} }

Read the article

Search Results

Search found 20283 results on 812 pages for 'security context'.

Page 210/812 | < Previous Page | 206 207 208 209 210 211 212 213 214 215 216 217 | Next Page >

- by metal gear solid

- by PratikS -- Oracle

- by user701213

- by AJ

- by David

- by Jules

- by seth

- by eric.maurice

- by clime

- by avidgoffer

- by gruszczy

- by roncansan

- by Ben Aston

- by adam

- by kunjaan

- by dontWatchMyProfile

- by john

- by jinsungy

- by Magic Bullet Dave

- by Aaron Fischer

- by TonyP

- by hjavaher

- by Kane

- by Dima G

- by yodaj007

< Previous Page | 206 207 208 209 210 211 212 213 214 215 216 217 | Next Page >