Search Results

Search found 25503 results on 1021 pages for 'browser security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 23/1021 | < Previous Page | 19 20 21 22 23 24 25 26 27 28 29 30  | Next Page >

  • ASP.NET Membership for high security scenarios?

    - by Joachim Kerschbaumer
    Hi there, Is the asp.net membership system used over wcf (transport security turned on) enough for high security internet scenarios with thousands of clients spread all over the internet? I'm just evaluating possible solutions and wanted to know if this might fit in this category. If not, what would be the best method to provide high security access over wcf for internet scenarios?

    Read the article

  • Send HTTP Post with default browser with C#

    - by Paul
    Hello, I am wondering if it is possible to send POST data with the default browser of a computer in C#. Here is the situation. My client would like the ability to have their C# application open their browser and send client information to a webform. This webform would be behind a login screen. The assumption from the application side is that once the client data is sent to the login screen, the login screen would pass that information onto the webform to prepopulate it. This would be done over HTTPS and the client would like this to be done with a POST and not a GET as client information would be sent as plain text. I have found some wonderful solutions that do POSTS and handle the requests. As an example http://geekswithblogs.net/rakker/archive/2006/04/21/76044.aspx So the TL;DR version of this would be 1) Open Browser 2) Open some URL with POST data Thanks for your help, Paul

    Read the article

  • need a web browser in my desktop application

    - by javadahut
    part of the specification of this desktop application is to have a mini browser built in, so that you can enter URL, and navigate the site as you would on a normal browser. Access to the browser page's DOM is required, should let me programmatically change the rendering view of a page, should be cross-platform, renders javascript JDIC seems outdated and I've heard Mozswing doesn't run on Mac.... Jxbrowser license costs a grand and up. Is Java the wrong platform to be creating such app? Are there any other solutions out there for building an application like this ? Thank you.

    Read the article

  • Help with 2-part question on ASP.NET MVC and Custom Security Design

    - by JustAProgrammer
    I'm using ASP.NET MVC and I am trying to separate a lot of my logic. Eventually, this application will be pretty big. It's basically a SaaS app that I need to allow for different kinds of clients to access. I have a two part question; the first deals with my general design and the second deals with how to utilize in ASP.NET MVC Primarily, there will initially be an ASP.NET MVC "client" front-end and there will be a set of web-services for third parties to interact with (perhaps mobile, etc). I realize I could have the ASP.NET MVC app interact just through the Web Service but I think that is unnecessary overhead. So, I am creating an API that will essentially be a DLL that the Web App and the Web Services will utilize. The API consists of the main set of business logic and Data Transfer Objects, etc. (So, this includes methods like CreateCustomer, EditProduct, etc for example) Also, my permissions requirements are a little complicated. I can't really use a straight Roles system as I need to have some fine-grained permissions (but all permissions are positive rights). So, I don't think I can really use the ASP.NET Roles/Membership system or if I can it seems like I'd be doing more work than rolling my own. I've used Membership before and for this one I think I'd rather roll my own. Both the Web App and Web Services will need to keep security as a concern. So, my design is kind of like this: Each method in the API will need to verify the security of the caller In the Web App, each "page" ("action" in MVC speak) will also check the user's permissions (So, don't present the user with the "Add Customer" button if the user does not have that right but also whenever the API receives AddCustomer(), check the security too) I think the Web Service really needs the checking in the DLL because it may not always be used in some kind of pre-authenticated context (like using Session/Cookies in a Web App); also having the security checks in the API means I don't really HAVE TO check it in other places if I'm on a mobile (say iPhone) and don't want to do all kinds of checking on the client However, in the Web App I think there will be some duplication of work since the Web App checks the user's security before presenting the user with options, which is ok, but I was thinking of a way to avoid this duplication by allowing the Web App to tell the API not check the security; while the Web Service would always want security to be verified Is this a good method? If not, what's better? If so, what's a good way of implementing this. I was thinking of doing this: In the API, I would have two functions for each action: // Here, "Credential" objects are just something I made up public void AddCustomer(string customerName, Credential credential , bool checkSecurity) { if(checkSecurity) { if(Has_Rights_To_Add_Customer(credential)) // made up for clarity { AddCustomer(customerName); } else // throw an exception or somehow present an error } else AddCustomer(customerName); } public void AddCustomer(string customerName) { // actual logic to add the customer into the DB or whatever // Would it be good for this method to verify that the caller is the Web App // through some method? } So, is this a good design or should I do something differently? My next question is that clearly it doesn't seem like I can really use [Authorize ...] for determining if a user has the permissions to do something. In fact, one action might depend on a variety of permissions and the View might hide or show certain options depending on the permission. What's the best way to do this? Should I have some kind of PermissionSet object that the user carries around throughout the Web App in Session or whatever and the MVC Action method would check if that user can use that Action and then the View will have some ViewData or whatever where it checks the various permissions to do Hide/Show?

    Read the article

  • What trick will give most reliable/compatible sound alarm in a browser window for most browsers

    - by Dirk Paessler
    I want to be able to play an alarm sound using Javascript in a browser window, preferably with the requirement for any browser plugins (Quicktime/Flash). I have been experimenting with the tag and the new Audio object in Javascript, but results are mixed: As you can see, there is no variant that works on all browsers. Do I miss a trick that is more cross-browser compatible? This is my code: // mp3 with Audio object var snd = new Audio("/sounds/beep.mp3");snd.play(); // wav with Audio object var snd = new Audio("/sounds/beep.wav");snd.play(); // mp3 with EMBED tag $("#alarmsound").empty().append ('<embed src="/sounds/beep.mp3" autostart="true" loop="false" '+ 'volume="100" hidden="true" width="1" height="1" />'); // wav with EMBED tag $("#alarmsound").empty().append ('<embed src="/sounds/beep.wav" autostart="true" loop="false" '+ 'volume="100" hidden="true" width="1" height="1" />'); }

    Read the article

  • Compatibility of x-www-browser

    - by rohit.arondekar
    I want to open html files from a shell script. I know that Ubuntu has a command x-www-browser that will open the default browser on the system. I also found via some Googling that the command is part of the debian system. I was wondering if the command is available on non debian based distros. If it isn't is there a standard way of opening an html file in the default browser on a linux OS via command line? Note that I'm using Bash.

    Read the article

  • Which Java modules get Spring Security

    - by HDave
    I have a classic Java SOA application, with a web UI module, web services module, a service module (Java API), a domain module and a persistence module. In a sense, each of these modules has their own public API. My understanding of Spring Security is that I can use web filters to handle the security of the web gui and web services, and method level security (via annotations) for the service module. My question is this: should I bother to add method level security to the domain module and the persistence module or is that considered overkill?

    Read the article

  • Spring Security 3 - Login is not working

    - by newbie
    I use Spring Security with Spring Framework 3 and when I tyr to login from homepage I get following error: 2010-04-26 12:16:39,525 [tomcat-http--2] WARN org.springframework.web.servlet.PageNotFound - No mapping found for HTTP request with URI [/AppName/app/j_spring_security_check] in DispatcherServlet with name 'Spring MVC Dispatcher Servlet' Spring Security is initialized as loggings tell and there are no errors. So what could be reason for this error? I have understood that j_spring_security_check is default url for Spring Security login chekeing servlet.

    Read the article

  • Pull image of rendered HTML from a specific browser

    - by Geo Ego
    I am working on an app that will be able to pull an image of rendered HTML from a specific browser. I would like the user to be able to select a specific browser to render an HTML file in, and capture the rendered output in an image file. I am starting with IE8, and I'm not sure where to begin to get the actual rendered output. I can easily open the file in that browser with Process.Start(), but I don't know how to return the rendered output. I have looked a little bit at sinking events, but I don't understand how that works or if that's the right way to go. I would just like some direction, and perhaps some resources to send me on the right path.

    Read the article

  • how to implement ws-security 1.1 in php5

    - by Sam Segers
    I'm trying to call a webservice with Soap in PHP5, for this, I need to use WS-Security 1.1. (In java and .NET this is all generated automatically.) Are there any frameworks available to generate the security headers easily in PHP? Or do I have to add the entire header myself ? Specifications of WS-Security 1.1: http://oasis-open.org/committees/download.php/16790/wss-1.1-spec-os-SOAPMessageSecurity.pdf

    Read the article

  • Spring Security 3.0- Customise basic http Authentication Dialog

    - by gav
    Rather than reading; A user name and password are being requested by http://localhost:8080. The site says: "Spring Security Application" I want to change the prompt, or at least change what the "site says". Does anyone know how to do this via resources.xml? In my Grails App Spring configuration, my current version is as follows; <?xml version="1.0" encoding="UTF-8"?> <beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd"> <http auto-config="true" use-expressions="true"> <http-basic/> <intercept-url pattern="/**" access="isAuthenticated()" /> </http> <authentication-manager alias="authenticationManager"> <authentication-provider> <user-service> <user name="admin" password="admin" authorities="ROLE_ADMIN"/> </user-service> </authentication-provider> </authentication-manager> </beans:beans>

    Read the article

  • Is there any Opensource Browser for touchscreen device ?

    - by Wallah
    I need internet browser on my device which has 4.3 Inch screen with 480x272 resolution, I am using embedded Qt 4.6.2 on embedded linux. Micro-controller has ARM9 with 450 Mhz. Requirements for browser are - Touch Screen Support, Panning ( No Scroll bars) - Single touch Zooming ( No Multi Touch Available). - Fit to screen width support ( No Horizontal Scrolling). - Acid 3 Standard Compliable. - Page loading should be like, display all visible text first and then load and show Images Gradually. Is there any browser which is near to this requirements.

    Read the article

  • How to detect default printer properties from browser?

    - by Annan
    Regardless of if this is a good idea or not, is it possible to detect printer attributes from the browser? The idea is that you want to print out a brochure that's selling something. Depending on different things such as if the printer is black&white/colour, high/low resolution, laser/inkjet, printing to a file, etc, you want to print out the page differently. For example you might choose different text colours or fonts, different image sizes, etc. My initial thoughts are: ActiveX, Flash, Java, Silverlight, browser plugins. Kudos if it's possible in javascript. I'm interested in all ways to do this, cross browser or not. Please no reasons about why this shouldn't be done ^_^

    Read the article

  • Browser application & local file system access

    - by Beyond HTML
    I want to enhance my browser-based web application with functionality that enables management of local files and folders. E.g. folder tree structures should be synchronized between local workstation and server via HTTP(S). I am aware of security-related limitations in browser-based applications. However, there are some techniques that "work around" these issues: Signed Java applets (full trust) .NET Windows Forms browser controls (no joke, that works. Just the configuration is horrible) ActiveX My question is: What do you use/suggest, both technology and implementation practice? Key requirement is that the installation process is as simple as possible. Thanks for your opinions!

    Read the article

  • Browser Compatablitiy, Support, Modern Browsers and older Versions.

    - by smoop
    This is a question to all web-developers working in the industry more than a few years. Today the server guy at my work told me that his browser didnt render a google font I used on a site properly, so I checked his browser - it was firefox 3.5. (google font Raleway).. This made me think.. I know for some of our sites its a requirement to support IE6 (larger corperate sites) but for the rest (personal sites) should I be looking at developing for all incrments of firefox, chrome, IE and safari???? Does your company still support IE6? Does your company support previous versions of modern browsers or just the latest ones? and finally, has anyone else had this problem with FF 3.5 and Google Hosted font Raleway..(the font displays extra extra thing so the font is almost unreadable) If anyones interested I found a working solution to my font problem here: http://www.jshsolutions.net/google-webfonts-cross-browser-fix-howto/ Sam

    Read the article

  • Application security issues to consider

    - by user279521
    I am working on the design of a high security application (involving financial information, personal information etc). I need to identify what security measures (application level) will be implemented. The application will involve sending data to and from a database, user login, import export to csv, txt files, and print function. What security features do I need to consider for such an application. (SQL injection for starters) ?

    Read the article

  • Run java with highest security setting

    - by Ankiov Spetsnaz
    I'm currently writing an in house coding challenge web application and I am wondering if there is any other security precaution I would need to have other than below java option at runtime. java -Djava.security.manager=default Basically, challenges would be more of single threaded math and algorithm focused. So I would need to enable basic data structure objects and disable any file, sockets, threading or any thing that might be not so important. Based on my quick search turning on security manager as above seems to be a solution but since this is a security related I would like to be sure before it goes alive. Is there anything else I could do more?

    Read the article

  • Spring Security Taglibs control statement

    - by Blake
    Is there a way to implement control statement with Spring Security taglibs? Currently we can only check if a user has a role... <security:authorize access="hasRole('ROLE_ADMIN')"> // display something </security:authorize> How about else?

    Read the article

  • Started a Forum Board (with phpBB), but Now Rethinking Choice of Board App - Security

    - by nicorellius
    The main reason I even started participating on Superuser.com is because a friend ripped me a new one for using phpBB. He said, "check out StackExchange, they have their act together!" I did, and it's true. So now, after learning phpBB and implementing the board (it's still new and in its infancy), I feel slightly regretful. I would love to use the Stack Exchange tool, but the cost will eventually be the main deterrent. The attractive thing about phpBB is that it's free and open. However, I have heard that it lacks security. Has anyone had this experience, that phpBB is not secure, such that they changed board software? And, I wonder if Stack Exchange is going to introduce a cheaper option for low traffic users? Does this question belong on meta?

    Read the article

  • Memory Pressure Protection Feature for TCP Stack - Provided by Microsoft Security Update KB967723

    - by Angry_IT_Guru
    We've been having a lot of funky issues with some of our web based applications that allow clients to submit lot of image files to our servers. Lots of ports are used in the process. http://www.microsoft.com/technet/security/bulletin/MS09-048.mspx - released in Sept-2009. support.microsoft.com/kb/974288 - Memory Pressure Protection description. Evidently, after applying KB967723, our clients receive funky error messages as if connections cannot be made to the server or connections have been closed. There doesn't appear to be a pattern and sometimes it works and other times is doesn't. Typically we've noticed it when server is under load. I'm curious what others think about this MPP and any issues that you may have experienced from it. I understand its purpose, but I think it may have broken a lot of apps in the process. It doesn't look like Microsoft made this "feature" public to everyone.

    Read the article

  • Beginners security question

    - by Reg H
    Hi everyone, I'm still pretty new to web development, and have a question about security. Every day I look at the "Latest Visitors" in my CPanel, and today there were some strange entries (one is pasted below). Not knowing any better, it looks to me like there is some site that's referring users to my site, for some reason. Can someone explain what these really are, and if it's something to be concerned about? Thanks! Host: 77.68.38.175 /?p=http://teen-37.net/myid.jpg? Http Code: 404 Date: Feb 17 08:13:58 Http Version: HTTP/1.1 Size in Bytes: - Referer: - Agent: libwww-perl/5.805 * /?p=../../../../../../../../../../../../../../../proc/self/environ%00 Http Code: 404 Date: Feb 17 08:13:59 Http Version: HTTP/1.1 Size in Bytes: - Referer: - Agent: libwww-perl/5.805

    Read the article

  • Encrypted passwords for better security on server

    - by Ke
    Hi, I use wordpress and other CMS's and all these have plain text passwords in their config files e.g. in wp-config.php I wonder is this the normal way an administrator would protect security? I realise its possible to move the wp-config outside of the root web directory, but still if the server itself is compromised, its possible to find the wp-config file and the password inside, then the system is comprimised. Is there a way to encrypt all passwords on the system, so that in the web applications config files it uses the encrypted pass and not just plain text? Is there a sensible way of keeping plain-text passwords off the server? PS i use linux vps ubuntu servers Cheers Ke

    Read the article

  • Chrome Saved Passwords security issue

    - by Nalaka526
    If I save a password in Google chrome someone else can easily see the password from Setting -> Advance Settings -> Manage saved passwords -> Show (in required password field) and use it from another computer. Isn't it causing a security issue? I guess it is much secure if it display only the entry and all dots or something for the password (not the actual password). Is there any acceptable idea of showing the password to anyone this easily? Note: Firefox is also showing the actual passwords, I Didn't check in IE.

    Read the article

  • security issue of Linux sudo command?

    - by George2
    Hello everyone, 1. I am using Red Hat Enterprise 5 Linux box. I find if a user is in /etc/sudoers file, then if the user run command with sudo, the user will run this command with root privilege (without knowing root password, the user runs sudo only need to input the user's own password in order to run a command with sudo). Is that correct understanding? 2. If yes, then is it a security hole? Since users other than root could run with root privilege? thanks in advance, George

    Read the article

  • How to fix Browser Blue Screen of Death?

    - by WilliamKF
    I am running Windows XP SP3 and Firefox v3.6.2 and Internet Explorer and have an issue with Firefox and IE causing the Blue Screen of Death. If I run in Windows safe mode, it does not occur, but running normally, it seems my firefox profile is going bad and results in certain web pages causing the BSOD. IE is also getting BSOD on some pages. For example, presently, if I visit ebay.com in Firefox, it gets BSOD. It also fails when visiting http://www.google.com/ig?hl=en&source=iglk. IT removed my Firefox profile and that seemed to fix the issue for a while. However, now it has started occurring again. I turned off all firefox extensions and it still occurs. I'd like to fix my system so this does not occur. The IT folks don't seem to be able to solve this, so I am trying to fix it on my own. The BSOD is about something like (from memory) DRIVER_IRQL_NOT_LESS_OR_EQUAL. Why would safe mode avoid the issue and what does that tell us about the probable cause? I don't want to have to keep deleting my profile, so I'd like to find out the cause of the corruption.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 19 20 21 22 23 24 25 26 27 28 29 30  | Next Page >