Search Results

Search found 14878 results on 596 pages for 'mod security'.

Page 213/596 | < Previous Page | 209 210 211 212 213 214 215 216 217 218 219 220  | Next Page >

• Error 404 after change filter in web.xml

  - by Falci

  I'm trying to add Spring Security to the project. After adding a block of code in web.xml, all url's give 404. What is wrong? It's a Maven project, Spring MVC, hibernate, postgres. (I do not know what information is relevant to describe the scenario) <?xml version="1.0" encoding="UTF-8"?> <web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"> <!-- The definition of the Root Spring Container shared by all Servlets and Filters --> <context-param> <param-name>contextConfigLocation</param-name> <param-value>/WEB-INF/spring/root-context.xml</param-value> </context-param> <!-- Creates the Spring Container shared by all Servlets and Filters --> <listener> <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> </listener> <!-- Processes application requests --> <servlet> <servlet-name>appServlet</servlet-name> <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> <init-param> <param-name>contextConfigLocation</param-name> <param-value>/WEB-INF/spring/appServlet/servlet-context.xml</param-value> </init-param> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>appServlet</servlet-name> <url-pattern>/</url-pattern> </servlet-mapping> <filter> <filter-name>encodingFilter</filter-name> <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class> <init-param> <param-name>encoding</param-name> <param-value>UTF-8</param-value> </init-param> <init-param> <param-name>forceEncoding</param-name> <param-value>true</param-value> </init-param> </filter> <filter-mapping> <filter-name>encodingFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <!-- After insert this block, all URL's return 404 error --> <filter> <filter-name>springSecurityFilterChain</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> </filter> <filter-mapping> <filter-name>springSecurityFilterChain</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> </web-app> UPDATE: Grave: Exception starting filter springSecurityFilterChain org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean named 'springSecurityFilterChain' is defined at org.springframework.beans.factory.support.DefaultListableBeanFactory.getBeanDefinition(DefaultListableBeanFactory.java:529) at org.springframework.beans.factory.support.AbstractBeanFactory.getMergedLocalBeanDefinition(AbstractBeanFactory.java:1094) at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:276) at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:196) at org.springframework.context.support.AbstractApplicationContext.getBean(AbstractApplicationContext.java:1079) at org.springframework.web.filter.DelegatingFilterProxy.initDelegate(DelegatingFilterProxy.java:217) at org.springframework.web.filter.DelegatingFilterProxy.initFilterBean(DelegatingFilterProxy.java:145) at org.springframework.web.filter.GenericFilterBean.init(GenericFilterBean.java:179) at org.apache.catalina.core.ApplicationFilterConfig.initFilter(ApplicationFilterConfig.java:277) at org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilterConfig.java:258) at org.apache.catalina.core.ApplicationFilterConfig.setFilterDef(ApplicationFilterConfig.java:382) at org.apache.catalina.core.ApplicationFilterConfig.<init>(ApplicationFilterConfig.java:103) at org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:4638) at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5294) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) at org.apache.catalina.startup.HostConfig.checkResources(HostConfig.java:1366) at org.apache.catalina.startup.HostConfig.check(HostConfig.java:1454) at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:295) at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119) at org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(LifecycleBase.java:90) at org.apache.catalina.core.ContainerBase.backgroundProcess(ContainerBase.java:1379) at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1537) at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1547) at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.run(ContainerBase.java:1526) at java.lang.Thread.run(Thread.java:722)

  Read the article

• Why does IE prompt a security warning when viewing an XML file?

  - by Tav

  Opening an XML file in Internet explorer gives a security warning. IE has a nice collapsible tree view for viewing XML, but it's disabled by default and you get this scary error message about a potential security hole. http://www.leonmeijer.nl/archive/2008/04/27/106.aspx But why? How can simply viewing an XML file (not running any embedded macros in it or anything) possibly be a security hole? Sure, I get that running XSLT could potentially do some bad stuff, but we're not talking about executing anything. We're talking about viewing. Why can't IE simply display the XML file as text (plus with the collapsible tree viewer)? So why did they label this as a security hole? Can someone describe how simply viewing an XML document could be used as an attack document?

  Read the article

• Linux: modpost does not build anything

  - by waffleman

  I am having problems getting any kernel modules to build on my machine. Whenever I build a module, modpost always says there are zero modules: MODPOST 0 modules To troubleshoot the problem, I wrote a test module (hello.c): #include <linux/module.h> /* Needed by all modules */ #include <linux/kernel.h> /* Needed for KERN_INFO */ #include <linux/init.h> /* Needed for the macros */ static int __init hello_start(void) { printk(KERN_INFO "Loading hello module...\n"); printk(KERN_INFO "Hello world\n"); return 0; } static void __exit hello_end(void) { printk(KERN_INFO "Goodbye Mr.\n"); } module_init(hello_start); module_exit(hello_end); Here is the Makefile for the module: obj-m = hello.o KVERSION = $(shell uname -r) all: make -C /lib/modules/$(KVERSION)/build M=$(shell pwd) modules clean: make -C /lib/modules/$(KVERSION)/build M=$(shell pwd) clean When I build it on my machine, I get the following output: make -C /lib/modules/2.6.32-27-generic/build M=/home/waffleman/tmp/mod-test modules make[1]: Entering directory `/usr/src/linux-headers-2.6.32-27-generic' CC [M] /home/waffleman/tmp/mod-test/hello.o Building modules, stage 2. MODPOST 0 modules make[1]: Leaving directory `/usr/src/linux-headers-2.6.32-27-generic' When I make the module on another machine, it is successful: make -C /lib/modules/2.6.24-27-generic/build M=/home/somedude/tmp/mod-test modules make[1]: Entering directory `/usr/src/linux-headers-2.6.24-27-generic' CC [M] /home/somedude/tmp/mod-test/hello.o Building modules, stage 2. MODPOST 1 modules CC /home/somedude/tmp/mod-test/hello.mod.o LD [M] /home/somedude/tmp/mod-test/hello.ko make[1]: Leaving directory `/usr/src/linux-headers-2.6.24-27-generic' I looked for any relevant documentation about modpost, but found little. Anyone know how modpost decides what to build? Is there an environment that I am possibly missing? BTW here is what I am running: uname -a Linux waffleman-desktop 2.6.32-27-generic #49-Ubuntu SMP Wed Dec 1 23:52:12 UTC 2010 i686 GNU/Linux

  Read the article

• Can I use Apache 2.0 ErrorDocument and Mod Alias to store error pages outside the DocumentRoot?

  - by Pete

  I'd like to store my nicely designed set of http error documents outside the DocumentRoot. Alias /errors /data/opt/apache-httpd-2.0.63/htdocs/errorpages/ <Directory "/data/opt/apache-httpd-2.0.63/htdocs/errorpages/"> order deny,allow allow from all </Directory> ErrorDocument 500 /errors/500.html ErrorDocument 404 /errors/404.html ErrorDocument 401 /errors/default.html ErrorDocument 403 /errors/default.html ErrorDocument 502 /errors/default.html ErrorDocument 503 /errors/default.html However, when I do this, all I get is "The requested URL /errors/default.html resulted in an error." Is it possible to use mod_alias and the ErrorDocument directive together like this in Apache 2.0?

  Read the article

• Only a Macs can connect to WIFI with WPA-Personal security on.

  - by jfar

  I have an odd issue with a Netgear WIFI router, 4 computers, 2 pc laptops with XP and 7 installed, one macbook pro and one older mac mini. With security off everything can connect to the wifi. With WPA-Security on only the macs can connect to the wifi. I've reset the Netgear router, done everything again from scratch, no deal. The PCs just can't connect.

  Read the article

• chef apt_repository fetching fails

  - by slik

  I am trying to fetch a specific repository to install a php version but I keep getting 404 NOT FOUND. chef recipe code: apt_repository "dotdeb-php54" do uri "http://archives.dotdeb.org" distribution "squeeze" components ["php5/5.4.8"] key "http://www.dotdeb.org/dotdeb.gpg" end Trying to fetch : http://archives.dotdeb.org/dists/squeeze/php5/5.4.8 But get the following error : Err http://archives.dotdeb.org squeeze/php5/5.4.8 amd64 Packages 404 Not Found Hit http://security.ubuntu.com precise-security/main Translation-en Hit http://security.ubuntu.com precise-security/multiverse Translation-en Hit http://security.ubuntu.com precise-security/restricted Translation-en Err http://archives.dotdeb.org squeeze/php5/5.4.8 i386 Packages 404 Not Found Hit http://security.ubuntu.com precise-security/universe Translation-en Ign http://archives.dotdeb.org squeeze/php5/5.4.8 Translation-en STDERR: W: Failed to fetch http://archives.dotdeb.org/dists/squeeze/php5/5.4.8/binary-amd64/Packages 404 Not Found

  Read the article

• Are EC2 security group changes effective immediately for running instances?

  - by Jonik

  I have an EC2 instance running, and it belongs to a security group. If I add a new allowed connection to that security group through AWS Management Console, should that change be effective immediately? Or perhaps only after restart of the instance? In my case, I'm trying to allow access to PostgreSQL's default port (tcp 5432 5432 0.0.0.0/0), and I'm not sure if it's the EC2 firewall or PostgreSQL's settings that are refusing the connection.

  Read the article

• Only Macs can connect to WIFI with WPA-Personal security on.

  - by jfar

  I have an odd issue with a Netgear WIFI router, 4 computers, 2 pc laptops with XP and 7 installed, one MacBook Pro and one older Mac mini. With security off everything can connect to the wifi. With WPA-Security on only the Macs can connect to the wifi. I've reset the Netgear router, done everything again from scratch, no deal. The PCs just can't connect.

  Read the article

• Default /etc/apt/sources.list?

  - by piemesons

  I need default source list for ubuntu 10.04. Can anybody help me? Here is Mine:--- Ubuntu supported packages deb http://archive.ubuntu.com/ubuntu/ lucid main restricted multiverse universe deb http://archive.ubuntu.com/ubuntu/ lucid-backports main restricted universe multiverse deb http://archive.ubuntu.com/ubuntu/ lucid-updates main restricted multiverse universe deb http://security.ubuntu.com/ubuntu lucid-security main restricted universe multiverse deb http://security.ubuntu.com/ubuntu lucid-proposed main restricted universe multiverse deb-src http://archive.ubuntu.com/ubuntu/ lucid main restricted multiverse universe deb-src http://archive.ubuntu.com/ubuntu/ lucid-backports main restricted universe multiverse deb-src http://archive.ubuntu.com/ubuntu/ lucid-updates main restricted multiverse universe deb-src http://security.ubuntu.com/ubuntu lucid-security main restricted universe multiverse deb-src http://security.ubuntu.com/ubuntu lucid-proposed main restricted universe multiverse Canonical Commercial Repository deb http://archive.canonical.com/ubuntu lucid partner deb http://archive.canonical.com/ubuntu lucid-backports partner deb http://archive.canonical.com/ubuntu lucid-updates partner deb http://archive.canonical.com/ubuntu lucid-security partner deb http://archive.canonical.com/ubuntu lucid-proposed partner deb-src http://archive.canonical.com/ubuntu lucid partner deb-src http://archive.canonical.com/ubuntu lucid-backports partner deb-src http://archive.canonical.com/ubuntu lucid-updates partner deb-src http://archive.canonical.com/ubuntu lucid-security partner deb-src http://archive.canonical.com/ubuntu lucid-proposed partner medibuntu deb http://packages.medibuntu.org/ lucid free non-free deb-src http://packages.medibuntu.org/ lucid free non-free PlayOnLinux deb http://deb.playonlinux.com/ lucid main opera deb http://deb.opera.com/opera/ lenny non-free google deb http://dl.google.com/linux/deb/ stable non-free main Dropbox Official Source deb http://linux.dropbox.com/ubuntu karmic main Skype deb http://download.skype.com/linux/repos/debian/ stable non-free This is the error i am getting:-- (sudo apt-get update) Get:9 http://dl.google.com stable/main Packages [1,076B] Err http://ppa.launchpad.net lucid/main Packages 404 Not Found Get:10 http://dl.google.com stable/main Packages [735B] and finally :-- Fetched 9,724B in 3s (2,645B/s) W: Failed to fetch http://ppa.launchpad.net/bisig/ppa/ubuntu/dists/lucid/main/binary-i386/Packages.gz 404 Not Found E: Some index files failed to download, they have been ignored, or old ones used instead.

  Read the article

• PPA causing 404 error?

  - by piemesons

  I need default source list for ubuntu 10.04. Can anybody help me? Here is Mine:--- Ubuntu supported packages deb http://archive.ubuntu.com/ubuntu/ lucid main restricted multiverse universe deb http://archive.ubuntu.com/ubuntu/ lucid-backports main restricted universe multiverse deb http://archive.ubuntu.com/ubuntu/ lucid-updates main restricted multiverse universe deb http://security.ubuntu.com/ubuntu lucid-security main restricted universe multiverse deb http://security.ubuntu.com/ubuntu lucid-proposed main restricted universe multiverse deb-src http://archive.ubuntu.com/ubuntu/ lucid main restricted multiverse universe deb-src http://archive.ubuntu.com/ubuntu/ lucid-backports main restricted universe multiverse deb-src http://archive.ubuntu.com/ubuntu/ lucid-updates main restricted multiverse universe deb-src http://security.ubuntu.com/ubuntu lucid-security main restricted universe multiverse deb-src http://security.ubuntu.com/ubuntu lucid-proposed main restricted universe multiverse Canonical Commercial Repository deb http://archive.canonical.com/ubuntu lucid partner deb http://archive.canonical.com/ubuntu lucid-backports partner deb http://archive.canonical.com/ubuntu lucid-updates partner deb http://archive.canonical.com/ubuntu lucid-security partner deb http://archive.canonical.com/ubuntu lucid-proposed partner deb-src http://archive.canonical.com/ubuntu lucid partner deb-src http://archive.canonical.com/ubuntu lucid-backports partner deb-src http://archive.canonical.com/ubuntu lucid-updates partner deb-src http://archive.canonical.com/ubuntu lucid-security partner deb-src http://archive.canonical.com/ubuntu lucid-proposed partner medibuntu deb http://packages.medibuntu.org/ lucid free non-free deb-src http://packages.medibuntu.org/ lucid free non-free PlayOnLinux deb http://deb.playonlinux.com/ lucid main opera deb http://deb.opera.com/opera/ lenny non-free google deb http://dl.google.com/linux/deb/ stable non-free main Dropbox Official Source deb http://linux.dropbox.com/ubuntu karmic main Skype deb http://download.skype.com/linux/repos/debian/ stable non-free This is the error i am getting:-- (sudo apt-get update) Get:9 http://dl.google.com stable/main Packages [1,076B] Err http://ppa.launchpad.net lucid/main Packages 404 Not Found Get:10 http://dl.google.com stable/main Packages [735B] and finally :-- Fetched 9,724B in 3s (2,645B/s) W: Failed to fetch http://ppa.launchpad.net/bisig/ppa/ubuntu/dists/lucid/main/binary-i386/Packages.gz 404 Not Found E: Some index files failed to download, they have been ignored, or old ones used instead.

  Read the article

• How do I pin a particular MySQL version to avoid unnecessary upgrades?

  - by asparagino

  I'm running a MySQL server, and want to keep it up to date with regular apt-upgrades. I don't want this to cause MySQL to upgrade unless I'm doing it during scheduled downtime! How do I alter my apt-preferences so that this won't happen? I've tried adding this to a file as /etc/apt/preferences.d/pin-mysql Package: mysql-client-5.1 Pin: version 5.1.41-3ubuntu12.7 Pin-Priority: 1001 Package: mysql-client-core-5.1 Pin: version 5.1.41-3ubuntu12.7 Pin-Priority: 1001 Package: mysql-common Pin: version 5.1.41-3ubuntu12.7 Pin-Priority: 1001 Package: mysql-server Pin: version 5.1.41-3ubuntu12.7 Pin-Priority: 1001 Package: mysql-server-5.1 Pin: version 5.1.41-3ubuntu12.7 Pin-Priority: 1001 Package: mysql-server-core-5.1 Pin: version 5.1.41-3ubuntu12.7 Pin-Priority: 1001 That then states the packages are pinned with "apt-cache policy" outputting: ... all package sources here 500 http://security.ubuntu.com/ubuntu/ lucid-security/universe Packages release v=10.04,o=Ubuntu,a=lucid-security,n=lucid,l=Ubuntu,c=universe origin security.ubuntu.com 500 http://security.ubuntu.com/ubuntu/ lucid-security/restricted Packages release v=10.04,o=Ubuntu,a=lucid-security,n=lucid,l=Ubuntu,c=restricted origin security.ubuntu.com ... etc Pinned packages: mysql-server -> 5.1.41-3ubuntu12.7 mysql-server-core-5.1 -> 5.1.41-3ubuntu12.7 mysql-client-core-5.1 -> 5.1.41-3ubuntu12.7 mysql-common -> 5.1.41-3ubuntu12.7 mysql-server-5.1 -> 5.1.41-3ubuntu12.7 mysql-client-5.1 -> 5.1.41-3ubuntu12.7 However... running aptitude safe-upgrade just updated MySQL... what am I doing wrong?

  Read the article

• Lösungen zum Anfassen – die Oracle Demo-Plattform

  - by A&C Redaktion

  Mit der neuen Demo-Plattform möchte Oracle den schnellen Zugang zu vorbereiteten Demo-Umgebungen anbieten. Denn manchmal sagt eine kurze Demonstration mehr, als tausend Erklärungsversuche. Oracle hat daher eine Demo-Plattform eingerichtet, auf der laufend neue Lösungen und Produkte anschaulich vorgeführt werden. Dabei geht es nicht um die theoretischen Möglichkeiten, sondern um ganz praktische Problemfälle – und wie diese bewältigt werden. Das aktuelle Thema ist Database Security am Beispiel der E-Business Suite – ein Thema, das so mancher Partner im Kundengespräch gut gebrauchen kann. In der folgenden Demo-Umgebung können Sie die Datenbank-Sicherheitsfunktionen wie die transparente Verschlüsselung von Applikationsdaten (hier am Beispiel E-Business Suite – es funktioniert aber auch mit SAP oder anderen Anwendungen) und das Rechtekonzept für Anwender und DBAs Ihren Kunden direkt vorstellen. In der Demo können Sie die Funktionalität von Oracle Database Vault, Oracle Advanced Security, Security Option und Oracle Label Security erläutern. Oracle Advanced Security Address Industry and Privacy Regulations with Encryption Protect Application Data with Transparent Data Encryption Encrypt Data on the Network Oracle Database Vault Increase Security For Data Consolidation and Out-Sourced Administration Protect Application Data with Privileged User Controls  Enforce Multi-factor Authorization and Separation of Duty Oracle Label Security Use Security Groups to control data access Assign OLS attributes to application, not necessarily database, users Jede Demo stellt Ihnen einen beispielhaften Demo-Guide zur Verfügung, an dem Sie sich orientieren können. Dies ist der direkte Weg zur Demo-Plattform, auf der Sie für Ihre eigenen Lernzwecke die Demo anschauen können sowie auch einen Zeitraum für Kundenpräsentationen reservieren können. 

  Read the article

• Lösungen zum Anfassen – die Oracle Demo-Plattform

  - by A&C Redaktion

  Mit der neuen Demo-Plattform möchte Oracle den schnellen Zugang zu vorbereiteten Demo-Umgebungen anbieten. Denn manchmal sagt eine kurze Demonstration mehr, als tausend Erklärungsversuche. Oracle hat daher eine Demo-Plattform eingerichtet, auf der laufend neue Lösungen und Produkte anschaulich vorgeführt werden. Dabei geht es nicht um die theoretischen Möglichkeiten, sondern um ganz praktische Problemfälle – und wie diese bewältigt werden. Das aktuelle Thema ist Database Security am Beispiel der E-Business Suite – ein Thema, das so mancher Partner im Kundengespräch gut gebrauchen kann. In der folgenden Demo-Umgebung können Sie die Datenbank-Sicherheitsfunktionen wie die transparente Verschlüsselung von Applikationsdaten (hier am Beispiel E-Business Suite – es funktioniert aber auch mit SAP oder anderen Anwendungen) und das Rechtekonzept für Anwender und DBAs Ihren Kunden direkt vorstellen. In der Demo können Sie die Funktionalität von Oracle Database Vault, Oracle Advanced Security, Security Option und Oracle Label Security erläutern. Oracle Advanced Security Address Industry and Privacy Regulations with Encryption Protect Application Data with Transparent Data Encryption Encrypt Data on the Network Oracle Database Vault Increase Security For Data Consolidation and Out-Sourced Administration Protect Application Data with Privileged User Controls  Enforce Multi-factor Authorization and Separation of Duty Oracle Label Security Use Security Groups to control data access Assign OLS attributes to application, not necessarily database, users Jede Demo stellt Ihnen einen beispielhaften Demo-Guide zur Verfügung, an dem Sie sich orientieren können. Dies ist der direkte Weg zur Demo-Plattform, auf der Sie für Ihre eigenen Lernzwecke die Demo anschauen können sowie auch einen Zeitraum für Kundenpräsentationen reservieren können. 

  Read the article

• 7u45 Caller-Allowable-Codebase and Trusted-Library

  - by costlow

  Java 7 update 45 (October 2013) changed the interactions between JavaScript and Java Applets made through LiveConnect. The 7u45 update is a critical patch update that has also raised the security baseline and users are strongly recommended to upgrade. Versions below the security baseline used to apply the Trusted-Library Manifest attribute to call between sandboxed code and higher-privileged code. The Trusted-Library value was a Boolean true or false. Security changes for the current security baseline (7u45) introduced a different Caller-Allowable-Codebase that indicates precisely where these LiveConnect calls can originate. For example, LiveConnect calls should not necessarily originate from 3rd party components of a web page or other DOM-based browser manipulations (pdf). Additional information about these can be located at “JAR File Manifest Attributes for Security.” The workaround for end-user dialogs is described on the 7u45 release notes, which explains removing the Trusted-Library attribute for LiveConnect calls in favor of Caller-Allowable-Codebase. This provides necessary protections (without warnings) for all users at or above the security baseline. Client installations automatically detect updates to the secure baseline and prompt users to upgrade. Warning dialogs above or below Both of these attributes should work together to support the various versions of client installations. We are aware of the issue that modifying the Manifest to use the newer Caller-Allowable-Codebase causes warnings for users below the security baseline and that not doing it displays a warning for users above. Manifest Attribute 7u45 7u40 and below Only Caller-Allowable-Codebase No dialog Displays prompt Only Trusted-Library Displays prompt No dialog Both Displays prompt (*) No dialog This will be fixed in a future release so that both attributes can co-exist. The current work-around would be to favor using Caller-Allowable-Codebase over the old Trusted-Library call. For users who need to stay below the security baseline System Administrators that schedule software deployments across managed computers may consider applying a Deployment Rule Set as described in Option 1 of “What to do if your applet is blocked or warns of mixed code.” System Administrators may also sign up for email notifications of Critical Patch Updates.

  Read the article

• A Cost Effective Solution to Securing Retail Data

  - by MichaelM-Oracle

  By Mike Wion, Director, Security Solutions, Oracle Consulting Services As so many noticed last holiday season, data breaches, especially those at major retailers, are now a significant risk that requires advance preparation. The need to secure data at all access points is now driven by an expanding privacy and regulatory environment coupled with an increasingly dangerous world of hackers, insider threats, organized crime, and other groups intent on stealing valuable data. This newly released Oracle whitepaper entitled Cost Effective Security Compliance with Oracle Database 12c outlines a powerful story related to a defense in depth, multi-layered, security model that includes preventive, detective, and administrative controls for data security. At Oracle Consulting Services (OCS), we help to alleviate the fears of massive data breach by providing expert services to assist our clients with the planning and deployment of Oracle’s Database Security solutions. With our deep expertise in Oracle Database Security, Oracle Consulting can help clients protect data with the security solutions they need to succeed with architecture/planning, implementation, and expert services; which, in turn, provide faster adoption and return on investment with Oracle solutions. On June 10th at 10:00AM PST , Larry Ellison will present an exclusive webcast entitled “The Future of Database Begins Soon”. In this webcast, Larry will launch the highly anticipated Oracle Database In-Memory technology that will make it possible to perform true real-time, ad-hoc, analytic queries on your organization’s business data as it exists at that moment and receive the results immediately. Imagine real-time analytics available across your existing Oracle applications! Click here to download the whitepaper entitled Cost Effective Security Compliance with Oracle Database 12c.

  Read the article

• Tab Sweep: HTML5 Attributes, MDB, JasperReports, Delphi, Security, JDBCRealm, Joomla, ...

  - by arungupta

  Recent Tips and News on Java, Java EE 6, GlassFish & more : • JMS and MDB in Glassfish for 20 minutes (nik_code) • Installing Java EE 6 SDK with Glassfish on a headless system (jvmhost) • JSF + JPA + JasperReports (iReport) Part 2 (Rama krishnnan E P) • Serving Static Content on WebLogic and GlassFish (cdivilly) • Whats the problem with JSF? A rant on wrong marketing arguments (Über Thomas Asel) • JPA 2.1 will support CDI Injection in EntityListener - in Java EE 7 (Craig Ringer) • Java Delphi integration with Glassfish JMS OpenMQ (J4SOFT) • Java EE Security using JDBCRealm Part1 (acoustic091409) • Adding HTML5 attributes to standard JSF components (Bauke Scholtz) • Configuring SAS 9.1 to Use Java 5 or above on Windows (Java EE Tips) • Inject Java Properties in Java EE Using CDI (Piotr Nowicki) • NoClassDefFoundError in Java EE Applications - Part 2 (Java Code Geeks) • NoClassDefFoundError in Java EE Applications - Part 1 (Java Code Geeks) • EJB 3 application in Glassfish 3x (Anirban Chowdhury) • How To Install Mobile Server 11G With GlassFish Server 3.1 (Oracle Support) • Joomla on GlassFish (Survivant)

  Read the article

• Microsoft Security Removal Tool détecte et éradique Renocide grâce à une mise à jour, le ver serait la quatrième plus grandes menaces actuelles

  Microsoft Security Removal Tool détecte et éradique Renocide Avec une mise à jour, le ver serait la quatrième plus grandes menaces actuelles Microsoft met en garde les utilisateurs de Windows contre le malware Win32/Renocide. Win32/Renocide est une famille de vers qui se propagent via les disques amovibles, les stockages locaux et les réseaux en utilisant les applications de partage de fichiers. Une fois installé, le malware crée des clones de lui-même en utilisant des noms de fichiers différents. Il est qualifié de ver « backdoor » (portes dérobées) et permet à un pirate distant d'exécuter des commandes sur le poste infecté pour télécharger d'autres programmes malveillants. Renoci...

  Read the article

• EPM 11.1.2 - Receive Anonymous Level Security token message in IE8 when trying to access Shared Services or Workspace URL

  - by Ahmed A

  If you get "Receive Anonymous Level Security token" message in IE8 when trying to access Shared Services or Workspace URL.Workaround:a. Go to Start > Run and enter dcomcnfgb. Expand Component Services, Expand Computers and right click on My Computer and select Propertiesc. Click on the Default Properties tab.  Change the Default Authentication Level to Connect.  Click apply and then OK.d. Launch the IE browser again and you will be able to access the URL.

  Read the article

• C# how to get current encoding type used by C# to write/read configuration for config file?

  - by 5YrsLaterDBA

  I am doing connection string encryption. we use our own encryption key with AES algorithm to do this. during the process, we need to convert string to byte array and then convert byte array back to string. I found the encoding play an important role on those conversions. So I need to know the encoding C# is using to get above conversion right. Any idea how to get current encoding programmably? thanks,

  Read the article

• NetFx40_LegacySecurityPolicy in design-time mode

  - by Ilya

  Hi, Is there any way to make legacy design-time code execute with NetFx40_LegacySecurityPolicy switched on? More spicificaly, is there any way to make DevExpress 8.2 winforms designer work in VisualStudio 2010? I got errors due to this issue and found no help about design-time mode, just about run-time: <runtime> <NetFx40_LegacySecurityPolicy enabled="true"/> </runtime> How should I fix problems with winforms designer?

  Read the article

• Getting warning about sensitive information that could be disclosed to 3rd parties - Asp.net MVC 2.0

  - by chobo2

  Hi I never gotten this message before I started to use asp.net mvc 2.0 and jquery 1.4. <title>This request has been blocked because sensitive information could be disclosed to third party web sites when this is used in a GET request. To allow GET requests, set JsonRequestBehavior to AllowGet.</title> <span><H1>Server Error in '/' Application.<hr width=100% size=1 color=silver></H1> <h2> <i>This request has been blocked because sensitive information could be disclosed to third party web sites when this is used in a GET request. To allow GET requests, set JsonRequestBehavior to AllowGet.</i> </h2></span> <font face="Arial, Helvetica, Geneva, SunSans-Regular, sans-serif "> <b> Description: </b>An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. <br><br> <b> Exception Details: </b>System.InvalidOperationException: This request has been blocked because sensitive information could be disclosed to third party web sites when this is used in a GET request. To allow GET requests, set JsonRequestBehavior to AllowGet.<br><br> So it makes me wondering what sensitive data could be disclosed and if so how to get around this? What I was trying to send back was a rendered string of a partial view(http://www.klopfenstein.net/lorenz.aspx/render-partial-view-to-string-in-asp-net-mvc) and a success msg.

  Read the article

• How do you code against CSRF malicious requests?

  - by user355950

  how to Decline malicious requests.... Cross-Site Request Forgery Severity: Medium Test Type: Application Remediation Tasks: Decline malicious requests Reasoning: The same request was sent twice in different sessions and the same response was received. This shows that none of the parameters are dynamic (session identifiers are sent only in cookies) and therefore that the application is vulnerable to this issue.

  Read the article

• SharePoint: You cannot grant limited access permission level

  - by chiccodoro

  In my team, we implemented some UI to set user access rights (assign/revoke permission levels) on a certain SharePoint list. The UI supplies a "undo" feature: If you change the rights over the UI, you can restore the rights the user had before by clicking "undo". Now there is a problem if the user had the "Limited Access" permission level: This permission level is removed when you do a change over the UI. When trying to Undo, the permission level should be added again, which leads to a You cannot grant a user the limited access permission level. I've read that SharePoint grants that right automatically when a user gets access to some entity beneath the site. Still I can revoke the right manually, but then I cannot re-grant it. Is there a proper way I could work around that? My thoughts: Did I get it right that this "limited access" is granted by SharePoint on the site level only? So, do all the lists beneath the site only contain that permission level "accidentally" because they inherit it? Does that permission level have any effect at all on a list, or does it only apply to the site itself? So, would it be save to just remove it from a list and do not add it anymore when the user clicks "undo", since it has no effect anyway? (My UI always works on list / list item level, never on the whole site/web).

  Read the article

• Windows server 2003 default administrator password

  - by Jason Baker

  Sorry if this is an overly simplistic question, but I'm a bit stuck here. :) I need a windows machine for me to do some programming for class. Since I have my Macbook with me everywhere I go, I figured that it would be easiest to install a vm. And since I can get a copy of Windows server 2k3 for free via dreamspark, I thought I'd try to do that. Here's what happened though: I installed windows server (disk one). When the system booted up, vmware automatically installed VMWare tools and prompted me to restart. There was also a prompt to start the installation of disc 2, but I figured it would be better to restart before doing that. When the machine came back up, I was prompted to log in as the administrator. The problem is that I wasn't prompted to make an administrator account or password. Is there a default password I can use? I've tried all the obvious ones (blank, password, etc) and googling, but I didn't come up with anything.

  Read the article

• SQL Server 2008 - Login failed. The login is from an untrusted domain and cannot be used with Window

  - by Tom

  I've just installed SQL Server 2008 Developer edition and I'm trying to connect using SQLCMD.exe, but I get the following error: H:\>sqlcmd.exe -S ".\SQL2008" Msg 18452, Level 14, State 1, Server DEVBOX\SQL2008, Line 1 Login failed. The login is from an untrusted domain and cannot be used with Windows authentication. Has anyone seen this before? Any idea what it means??

  Read the article

< Previous Page | 209 210 211 212 213 214 215 216 217 218 219 220  | Next Page >