Search Results

Search found 59864 results on 2395 pages for 'application security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 220/2395 | < Previous Page | 216 217 218 219 220 221 222 223 224 225 226 227  | Next Page >

  • PHPSecurityScanner & SpikePHPSecAudit - How do I?

    - by 01010011
    Hi, How do I run PHP Security Scanner and SpikePHPSecAudit? I've already extracted them at the root of my website and thought it could be run like phpSecInfo where you just navigate to www.mySite.com/phpsecinfo/index.php Any assistance will be appreciated. ps I am using Windows XP and XAMPP

    Read the article

  • Linux - preventing an application from failing due to lack of disk space [migrated]

    - by Jernej
    Due to an unpredicted scenario I am currently in need of finding a solution to the fact that an application (which I do not wish to kill) is slowly hogging the entire disk space. To give more context I have an application in Python that uses multiprocessing.Pool to start 5 threads. Each thread writes some data to its own file. The program is running on Linux and I do not have root access to the machine. The program is CPU intensive and has been running for months. It still has a few days to write all the data. 40% of the data in the files is redundant and can be removed after a quick test. The system on which the program is running only has 30GB of remaining disk space and at the current rate of work it will surely be hogged before the program finishes. Given the above points I see the following solutions with respective problems Given that the process number i is writing to file_i, is it safe to move file_i to an external location? Will the OS simply create a new instance of file_i and write to it? I assume moving the file would remove it and the process would end up writing to a "dead" file? Is there a "command line" way to stop 4 of the 5 spawned workers and wait until one of them finishes and then resume their work? (I am sure one single worker thread would avoid hogging the disk) Suppose I use CTRL+Z to freeze the main process. Will this stop all the other processes spawned by multiprocessing.Pool? If yes, can I then safely edit the files as to remove the redundant lines? Given the three options that I see, would any of them work in this context? If not, is there a better way to handle this problem? I would really like to avoid the scenario in which the program crashes just few days before its finish.

    Read the article

  • 2008 Datacenter Word Automation issue

    - by Brad
    We have an application that uses word automation. It works fine under Windows XP, but does not work on our Windows Server 2008 64-bit virtual machine running on VMware ESX unless it is running as the domain administrator. Under any other account (including a local admin), Word starts, uses a lot of CPU for 40 seconds when opening a document, and then just hangs. Our application does not access anything not on the local machine, and this machine is not being used for anything else (not a domain controller, etc). I know others have posted similar issues, with the solution of creating a Desktop folder somewhere under the windows directory. We did this, and it did not solve the problem (Word did not get as far as it did before we did this though). Please don't turn this into a thread about why I am trying to do this, whether I should do this, or whether I need to. For argument sake, I don't need to do this, but understanding what privilege a local admin does not have that is needed to do this is a legitimate concern.

    Read the article

  • How to change granted role temporarily to achieve "view the site as" someone else

    - by Roy Chan
    Hi Gurus, We are using 2.x spring security right now. I am asked to build an admin tool so that the ROLE_ADMIN can change to any user in the site and view the site as that person (each person on the site may see different stuff depending on the role which is dynamically granted base on the database) and of course the admin should be able to switch back to admin without logging in. Is there a build in function, if not how should I do this? Thanks in advance!

    Read the article

  • Best way for user authentication on JavaEE 6 using JSF 2.0?

    - by ngeek
    I'm wondering what the current state of art recommendation is regarding user authentication for a web application making use of JSF 2.0 (and if any components do exist) and JEE6 core mechanisms (login/check permissions/logouts) with user information hold in a JPA entity. The Sun tutorial is a bit sparse on this (only handles servlets). This is without making use of a whole other framework, like Spring-Security (acegi), or Seam, but trying to stick hopefully with the new Java EE 6 platform (web profile) if possible. Thanks, Niko

    Read the article

  • Authentication and authorization for RESTfull API (java jersery)

    - by abovesun
    Hi, implementing service something similar with tinyurl or bit.ly, I'm would like to expose service as API, I'm using java and jersey as RESTfull service implementation. I'm looking for simplest way for authentification of users who use API, OAuth is first thing coming in mind, but the problem is I don't need this 3 iteration calls with request token query, than access token query with callback url passing. I just need to give user ability to invoke api with no additional security calls to my server.

    Read the article

  • Websphere exception handling

    - by Benjamin
    Hi all, From a security standpoint, what is the best solution to handle application errors with Websphere? I've been thinking of creating a class that is called every time an application error is generated, log the error and display a generic error message to the users. In PHP this can be achieved using the set_exception_handler() function. Is there something similar for websphere that could be configured in the web.xml? I've found codes like this on the internet: <error-page> <error-code>500</error-code> <location>/servlet/ExceptionHandlerServlet</location> </error-page> But that would only work with "500" HTTP error codes. I really want something generic that catches everything. Something like a class that implements a certain interface which can have access to all information about the error. Thanks for your time.

    Read the article

  • GF 3.0.1 + Virtual Server: www.myhost.com:8080/projectname-war => www.myhost.com. How?

    - by Harry Pham
    EDIT I need to change www.myhost.com:8080/myproject-war to www.myhost.com. Here is what I've been trying: I configurate the Virtual Server: server. I have still have default Network Listeners to be http-listener-1 and http-listner-2. I change the Default Web Module to ScholarActive#ScholarActive-war.war (The only option in the drop down list, since I only deploy 1 application). For the docroot, I try this ${com.sun.aas.instanceRoot}/applications/ScholarActive/ScholarActive-war_war or this ${com.sun.aas.instanceRoot}/applications/ScholarActive/ Both does not work. What does docroot need to point to, for this to work? what I try to do is: when I type localhost:8080/ScholarActive-war, then my application load, I want to make so that if I type locahost:8080, it will load the app as well, then what left is changed the port to 80. But no luck. Any Idea?

    Read the article

  • session is lost after successful login?

    - by sword101
    greetings all um using spring security 3.0.2,all the application pages are secured to see them you must be authenticated um using https protocol i have a strange problem that after successful login and got to the requested page when try to open any link to other pages in the application the session is invalidated or lost or what happened i don't know and the user become anonymous,and redirected to the login page and i got this from debugging: No HttpSession currently exists No SecurityContext was available from the HttpSession: null. A new one will be created. after reviewing the coe many times,nothing in the code is invalidating the session,any ideas why something like this might happen?

    Read the article

  • Restrict access to a specific URL, running on IIS7 / ASP.NET

    - by frankadelic
    I am deploying a public ASP.NET website on an IIS7 web farm. The application runs on 3 web servers and is behind a firewall. We want to create a single page on the website that is accessible only to internal users. It is primarily used for diagnostics, trigger cache expiry, etc. /admin/somepage.aspx What is the best way to control access to this page? We need to: Prevent all external (public) users from accessing the URL. Permit specific internal users to access the page, only from certain IPs or networks. Should this access control be done at the (a) network level, (b) application level, etc.?

    Read the article

  • Encrypting peer-to-peer application with iptables and stunnel

    - by Jonathan Oliver
    I'm running legacy applications in which I do not have access to the source code. These components talk to each other using plaintext on a particular port. I would like to be able to secure the communications between the two or more nodes using something like stunnel to facilitate peer-to-peer communication rather than using a more traditional (and centralized) VPN package like OpenVPN, etc. Ideally, the traffic flow would go like this: app@hostA:1234 tries to open a TCP connection to app@hostB:1234. iptables captures and redirects the traffic on port 1234 to stunnel running on hostA at port 5678. stunnel@hostA negotiates and establishes a connection with stunnel@hostB:4567. stunnel@hostB forwards any decrypted traffic to app@hostB:1234. In essence, I'm trying to set this up to where any outbound traffic (generated on the local machine) to port N forwards through stunnel to port N+1, and the receiving side receives on port N+1, decrypts, and forwards to the local application at port N. I'm not particularly concerned about losing the hostA origin IP address/machine identity when stunnel@hostB forwards to app@hostB because the communications payload contains identifying information. The other trick in this is that normally with stunnel you have a client/server architecture. But this application is much more P2P because nodes can come and go dynamically and hard-coding some kind of "connection = hostN:port" in the stunnel configuration won't work.

    Read the article

  • Spring MVC -> Wicket Integration

    - by Jeff
    Hey everyone, I'm working on porting part of an existing Spring MVC application over to Wicket. I used the wicket-spring library to get the initial integration working, but now I'm stuck with the best way to integrate my Spring Security implementation. I was wondering if anyone could give me some advice on the best way to handle this. Thanks in advance for the help.

    Read the article

  • Is there a .NET equivalent of WebGoat

    - by PJB
    Looking at this question the OWASP WebGoat project looks like a great way to learn about web security. Although the principles will equally to .NET applications I would prefer to use .NET based application. Does anybody know of a suitable .NET alternative?

    Read the article

  • ColdFusion static key/value list?

    - by richardtallent
    I have a database table that is a dictionary of defined terms -- key, value. I want to load the dictionary in the application scope from the database, and keep it there for performance (it doesn't change). I gather this is probably some sort of "struct," but I'm extremely new to ColdFusion (helping out another team). Then, I'd like to do some simple string replacement on some strings being output to the browser, looping through the defined terms and replacing the terms with some HTML to define the terms (a hover or a link, details to be worked out later, not important). Can anyone point me in the right direction of: How to define the stucture (if that is what I need for a key/value pair list) How to query at the application start-up and reuse the list properly The best way to do the string replacement

    Read the article

  • How to restrict code from developers

    - by Kelvin
    My company is planning in hiring outsourcers to work for us, but concerned to give whole existing code to outside world. What is the proper way to deal with security of sharing code in such cases? Is it possible to restrict part of code for developers? So each of them could work on their project without having access to whole repository. P.S. The code we have is very integrated, and its hard to extract "one module", each module can use files from different locations. Thanks in advance

    Read the article

  • Recent OpenSLL book

    - by Martin
    Does anyone know of a more recent OpenSLL book then Network Security with OpenSSL: Cryptography for Secure Communications (http://www.opensslbook.com/). It is from 2002 and does not cover OpenSSL version 0.97+. Best would be a book for OpenSSL 1.0.0 but I guess that one is to recent.

    Read the article

  • Using @Secured Annotation causes IS_FULLY_AUTHENTICATED problem in grails

    - by TripWired
    I'm using Acegi/Spring Security in grails and when i use the annotations like @Secured(['ROLE_ADMIN']) it denies my login even though the user is part of ROLE_ADMIN. In looking through the login is it seems that it's getting an IS_AUTHENTICATED_FULLY role also but I have never added that to a page so i'm not sure how to bypass that. I read somewhere to preauthorize the user, but i'm not sure how to do that with grails.

    Read the article

  • Work flow for authentication and API use with Twitter on OAuth

    - by Gustavo Carreno
    I'm a bit confused about all this OAuth bruhaha in the sense that all the examples I can find are for web applications and none of them for desktop applications. I understand the Web application work flow, but that includes some redirections between the web app and twitter. How does one do this in an desktop application? How does the redirects work? Should I have to include a Web Browser object? Is there a way to go around this? Could anyone point me to resources instead of a full blown solution please? Thanks

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 216 217 218 219 220 221 222 223 224 225 226 227  | Next Page >