Search Results

Search found 120608 results on 4825 pages for 'code access security'.

Page 24/4825 | < Previous Page | 20 21 22 23 24 25 26 27 28 29 30 31  | Next Page >

• How to propagate spring security login to EJBs?

  - by tangens

  Context I have a J2EE application running on a JBoss 4.2.3 application server. The application is reachabe through a web interface. The authentication is done with basic authentication. Inside of the EJBs I ask the security context of the bean for the principal (the name of the logged in user) and do some authorization checks if this user is allowed to access this method of the EJB. The EJBs life inside a different ear than the servlets handling the web frontend, so I can't access the spring application context directly. Required change I want to switch to Spring Security for handling the user login. Question How can I propagate the spring login information to the JBoss security context so I can still use my EJBs without having to rewrite them? Ideas and links I already found a page talking about "Propagating Identity from Spring Security to the EJB Layer", but unfortunatelly it refers to an older version of Spring Security (Acegi) and I'm not familiar enough with Spring Security to make this work with the actual version (3.0.2).

  Read the article

• What should every programmer know about security ?

  - by M.H

  I am an IT student and I am now in the 3rd year in university,until now we are studing a lot of subjects related to computer in general (Programming,Algorithms,Computer architecture,maths....etc). But there is a whole world called security we are very far from it ,I mean here security in general(Computers Security,Interner Security,Networks Security,hacking,cracking...etc). I am very sure that nobody can learn every thing about security but sure there is a "minimum" knowledge every programmer or IT student should know about it and my question is what is this minimum knowledge ? can you suggest some E-books or courses or any thing can help to start with this road ?

  Read the article

• How to keep unreachable code?

  - by Gabriel

  I'd like to write a function that would have some optional code to execute or not depending on user settings. The function is cpu-intensive and having ifs in it would be slow since the branch predictor is not that good. My idea is making a copy in memory of the function and replace NOPs with jumps when I don't want to execute some code. My working example goes like this: int Test() { int x = 2; for (int i=0 ; i<10 ; i++) { x *= 2; __asm {NOP}; // to skip it replace this __asm {NOP}; // by JMP 2 (after the goto) x *= 2; // Op to skip or not x *= 2; } return x; } In my test's main, I copy this function into a newly allocated executable memory and replace the NOPs by a JMP 2 so that the following x *= 2 is not executed. The problem is that I would have to change the JMP operand every time I change the code to be skipped. An alternative that would fix this problem would be: __asm {NOP}; // to skip it replace this __asm {NOP}; // by JMP 2 (after the goto) goto dont_do_it; x *= 2; // Op to skip or not dont_do_it: x *= 2; This way, as a goto uses 2 bytes of binary, I would be able to replace the NOPs by a fixed JMP of alway 2 in order to skip the goto. Unfortunately, in full optimization mode, the goto and the x*=2 are removed because they are unreachable at compilation time. Hence the need to keep that dead code.

  Read the article

• Access Denied using TakeOwn.exe

  - by Magnus

  I have got this file that I can't delete. It happened after a system crash, so the CHKDSK kicked in upon next reboot. After that, I can't delete the file. THis is on Windows Home Server, and the file is one of those hidden Thumbs.db, and my WHS reports a "File conflict" on the file, the reason: Access Denied" What I have tried so far, running as an Administrator: Delete: Access Denied TakeOwn.exe : Access Denied Attrib.exe -s -h : Access Denied Icacls.exe : Access Denied Re-boot in to safe mode and tried the above: Access Denied I have used the CHKDSK /f again, rebooted since some suggestions is that the file has been corrupted, but that didn't change anything. Any suggestions ?

  Read the article

• What is the difference between safety and security?

  - by Lernkurve

  Question What is the difference between safety and security in the context of information management or computer science? Elaboration This could be the canonical answer for people searching for it. Let me know if superuser.com is the wrong site for this question. I have, of course, googled it and haven't found an answer that seemed short and to the point. Wikipedia wasn't very helpful either: safety, information security.

  Read the article

• Automatically Applying Security Updates for AWS Elastic Beanstalk

  - by Eric Anderson

  I've been a fan of Heroku since it's earliest days. But I like the fact that AWS Elastic Beanstalk gives you more control over the characteristics of the instances. One thing I love about Heroku is the fact that I can deploy an app and not worry about managing it. I am assuming Heroku is ensuring all OS security updates are timely applied. I just need to make sure my app is secure. My initial research on Beanstalk shows that although it builds and configures the instances for you, after that it moves to a more manual management process. Security updates won't automatically be applied to the instances. It seems there are two areas of concerns: New AMI releases - As new AMI releases hit it seems we would want to run the latest (presumably most secure). But my research seems to indicate you need to manually launch a new setup to see the latest AMI version and then create a new environment to use that new version. Is there a better automated way of rotating your instances into new AMI releases? In between releases there will be security updates released for packages. Seems we want to upgrade those as well. My research seems to indicate people install commands to occasionally run a yum update. But since new instances are created/destroyed based on usage it seems that the new instances would not always have the updates (i.e. the time between the instance creation and the first yum update). So occasionally you will have instances that aren't patched. And you are also going to have instances constantly patching themselves until the new AMI release is applied. My other concern is that perhaps these security updates haven't gone through Amazon's own review (like the AMI releases do) and it might break my app to automatically update them. I know Dreamhost once had a 12 hour outage because they were applying debian updates completely automatically without any review. I want to make sure the same thing doesn't happen to me. So my question is does Amazon provide a way to offer fully managed PaaS like Heroku? Or is AWS Elastic Beanstalk really more of just a install script and after that you are on your own (other than the monitoring and deployment tools they provide)?

  Read the article

• Use SECEDIT to export "Security Options" from one computer and import on another

  - by Andy Arismendi

  Can I use secedit.exe to export out the "Security Options" from the local security policy and then import them on another machine? I'm trying to do this on Windows Server 2008. Update I just tried with: secedit /export /db C:\andy.db /cfg C:\andy.inf /areas SECURITYPOLICY /log C:\andy.log But it didn't work with error: Warning 2: The system cannot find the file specified. Error opening C:\andy.db. Where do I get the DB file from?

  Read the article

• Security update in command line on Ubuntu

  - by Luc

  Hello, I can find anything on google that could help me to use aptitude to only install security update using command line on Ubuntu. I tried this: https://help.ubuntu.com/community/AutomaticSecurityUpdates but it installed everything and not only the security updates !!!! Thanks a lot for your help, Luc

  Read the article

• Microsoft Security Essentials howto auto download definition updates

  - by chris.nullptr

  I use Microsoft Security Essentials as my antivirus on my Win7 box. New virus definitions to Security Essentials are installed using Windows Update. However, the updates are marked as optional by default, as opposed to important which means that they don't get installed automatically. I have to select the updates from the list of optional updates and install them manually. Is there a way to change this behavior so that new definitions are marked as important and installed automatically?

  Read the article

• Microsoft Security Essentials for a business

  - by Systech

  This is 2 questions really - Am I allowed to install Microsoft Security Essentials 1.0 in a business of 200 - 300 users? Is Microsoft Security Essentials 1.0 adequate protection (real-time scanning, updates etc)?

  Read the article

• Access Denied on a Drive where All Users list have been deleted in Security Tab

  - by darkstar13

  Hi All, (System is Windows 7 x64) I wanted to restrict access of other people in a certain drive of my computer (Harddisk 1 is partitioned to C & D; I want to restrict Drive D). What I did was go to the Security Tab (under Drive Properties) and remove the All Users entry. My account is an administrator account. I left only Systems and Administrator on the list. However, when I tried to access drive D, I got an Access Denied error, and Security Tab is already missing. I tried to edit Local Group Policy; it does not work. Take Ownership is not available for the Drive as well, but I see it enabled if I select files / folders. Please help. Thanks. Also, I am wondering why, as an Administrator, have my access to that drive denied.

  Read the article

• Question about CSF Security Over Plesk

  - by user39110

  Hi, i have vps and i use parallels plesk. I want to give more security to my vps in this case i thinking to install csf security suite. How about that idea or can you suggest another software or trick ?

  Read the article

• Microsoft Security Essentials Not Monitoring

  - by nateify

  When I boot into Windows Vista, Microsoft Security Essentials is set to run when the system starts. When I open the program, it says Microsoft Security Essentials isn't monitoring your computer because the program's service stopped. It tells me that it can't update definitions or enable real time protection unless I do it manually (every time I boot). Is there a way I can fix this so I always have real time protection and updating?

  Read the article

• Moving file security from one server to another (asp.net sites, IIS)

  - by Imageree

  I am running windows server with asp.net websites and sql server 2008 and IIS 6. It is working fine. Now I need to move my asp.net websites to another windows server and I have hard time setting correct file security for the new server. Is there any way to compare or move or see difference file security between two servers?

  Read the article

• Downloading Microsoft Security Essentials via https

  - by Marcel

  I want to download Microsoft Security Essentials on my brand new Windows 7 home PC. The official site presented to me is http://windows.microsoft.com/de-CH/windows/products/security-essentials, as I am located in Switzerland. The link to the actual package then is http://go.microsoft.com/fwlink/?LinkID=231276 Obviously, the download is not secured with https. Why? Would this not be the first thing Microsoft should do? They could deliver the certificate already with the OS to make it really secure...

  Read the article

• Is free security software as good as paid security software?

  - by Tester101

  I mostly use free security solutions to protect my home PC, but I wonder if I would get better protection from a paid solution. I prefer the free software, since I can have multiple applications protecting against different threats. With paid software I feel like I have to choose just one, and hope it can protect against everything. Is it worth it to pay for security when there are free options?

  Read the article

• Hiding subfolders from users with Windows Server security

  - by Frans

  Using Windows Server 2008. I would like to allow all users to map to a common network drive and be able to browse it. But, I only want them to be able to see the subfolders they actually have access rights to. Is this doable? Example I have a share with two folders on it; \\domain\share\FolderA \\domain\share\FolderB With three different security groups, I would like to map a network drive for all three to \\domain\share. However, for group1, I want them to only be able to see FolderA, group2 should only see FolderB and group3 should see both. I am not just talking about denying access to the actual folder, which is easy enough, I don't want the user to even be able to see that the folder exists. In other words, when group 1 logs in and do "dir n:\" they should see N:\FolderA When group 2 logs in, they should see N:\FolderB and when group 3 logs in they should see N:\Folder A N:\Folder B My half-baked solution If I completely block access to the root then I can't map a drive to it. I can give everyone the traverse right which then allows the user to map a drive. However, if a member of group1 or group2 tries to go to "N:\" they get an access denied error. If they go to N:\FolderA (for group1) then it works. So, that sort of works, but it would be nicer if the user could actually browse to N:\ and just only see the subfolders they have access to. I am pretty sure I have seen this done but not sure how to do it myself. Any advice would be greatly appreciated.

  Read the article

• Access Denied of a folder on a Drive

  - by kanchan bor gohain

  I wanted to restrict access of other people in a certain drive of my computer. What I did was go to the Security Tab (under Drive Properties) and remove the All Users entry. My account is an administrator account. I left only Systems and Administrator on the list. However, when I tried to access drive D, I got an Access Denied error, and Security Tab is already missing.i resolved the problem using safe mode way but i got another problem, I'd used command prompt to hide(attrib) a folder in drive D but i can't access it, though i can access all other files. I used cmd to unhide but access denied

  Read the article

• How to create an Intellij and Eclipse compatible code style and code formatting configuration (for j

  - by user141634

  Few weeks ago I tried Intellij and I found it really awesome. Now, at my project there's two programmers (including me) using Intellij and few other programmers gonna still be using Eclipse. Since this project is already very large and it gonna be growing a lot, we need to use compatible Code Style and Code Formatting between Intellij and Eclipse. We do not want to have problems when one user edit one file and reformat it before save. With Eclipse "alone" we used to have some exported configuration, and before anybody starts to work, the first step is just to import this configuration. We already tried to use External Code Formatter, but it didn't work on Intellij 9. So, I have a bunch of questions here: 1 - Is there any way to import eclipse formatting configuration on Intellij 9? 2 - Anybody could share their experience managing this kind of situation? Do you guys have any other suggestion to manage this situation?

  Read the article

• Example of code generator you made from scratch?

  - by rosscj2533

  What are some examples of code generators you have used? I think it's a cool idea, but I have trouble thinking of things they can do besides make a class based on an object's attributes/database schema (as described in The Pragmatic Programmer). What language did you write them in and what language did they output? Edit: Thanks for the responses so far. What I am really looking for is examples of code generators made from scratch for some certain purpose. I mentioned it in the title, but didn't make it very clear in my question. How did you go about making a code generator on your own and what specificly did it achieve?

  Read the article

• Code Trivia #6

  - by João Angelo

  It’s time for yet another code trivia and it’s business as usual. What will the following program output to the console? using System; using System.Drawing; using System.Threading; class Program { [ThreadStatic] static Point Mark = new Point(1, 1); static void Main() { Thread.CurrentThread.Name = "A"; MoveMarkUp(); var helperThread = new Thread(MoveMarkUp) { Name = "B" }; helperThread.Start(); helperThread.Join(); } static void MoveMarkUp() { Mark.Y++; Console.WriteLine("{0}:{1}", Thread.CurrentThread.Name, Mark); } }

  Read the article

• Is it customary for software companies to forbid code authors from taking credit for their work? do code authors have a say?

  - by J Smith

  The company I work for has decided that the source code for a set of tools they make available to customers is also going to be made available to those customers. Since I am the author of that source code, and since many source code files have my name written in them as part of class declaration documentation comments, I've been asked to remove author information from the source code files, even though the license headers at the beginning of each source file make it clear that the company is the owner of the code. Since I'm relatively new to this industry I was wondering whether it's considered typical for companies that decide to make their source code available to third parties to not allow the code authors to take some amount of credit for their work, even when it's clear that the code author is not the owner of the code. Am I right in assuming that I don't have a say on the matter?

  Read the article

• An adequate message authentication code for REST

  - by Andras Zoltan

  My REST service currently uses SCRAM authentication to issue tokens for callers and users. We have the ability to revoke caller privileges and ban IPs, as well as impose quotas to any type of request. One thing that I haven't implemented, however, is MAC for requests. As I've thought about it more, for some requests I think this is needed, because otherwise tokens can be stolen and before we identify this and deactivate the associated caller account, some damage could be done to our user accounts. In many systems the MAC is generated from the body or query string of the request, however this is difficult to implement as I'm using the ASP.Net Web API and don't want to read the body twice. Equally importantly I want to keep it simple for callers to access the service. So what I'm thinking is to have a MAC calculated on: the url, possibly minus query string the verb the request ip (potentially is a barrier on some mobile devices though) utc date and time when the client issues the request. For the last one I would have the client send that string in a request header, of course - and I can use it to decide whether the request is 'fresh' enough. My thinking is that whilst this doesn't prevent message body tampering it does prevent using a model request to use as a template for different requests later on by a malicious third party. I believe only the most aggressive man in the middle attack would be able to subvert this, and I don't think our services offer any information or ability that is valuable enough to warrant that. The services will use SSL as well, for sensitive stuff. And if I do this, then I'll be using HMAC-SHA-256 and issuing private keys for HMAC appropriately. Does this sound enough? Have I missed anything? I don't think I'm a beginner when it comes to security, but when working on it I always. am shrouded in doubt, so I appreciate having this community to call upon!

  Read the article

• xampp - can access control panel, cannot access projects/sites on local network

  - by Peter O.

  I've configured xampp and firewall so I can access desktop pc's localhost over my local network through desktop pc's IP. But I'm not able to access auctual projects: I can access: http://192.168.x.x/xampp or http://192.168.x.x/phpMyAdmin But I cannot access: http://192.168.x.x/myWebsite/ I get an error: Server error We're sorry! The server encountered an internal error and was unable to complete your request. Please try again later. error 500

  Read the article

• Building an ASP.Net 4.5 Web forms application - part 4

  - by nikolaosk

  ?his is the fourth post in a series of posts on how to design and implement an ASP.Net 4.5 Web Forms store that sells posters on line.There are 3 more posts in this series of posts.Please make sure you read them first.You can find the first post here. You can find the second post here. You can find the third post here.  In this new post we will build on the previous posts and we will demonstrate how to display the posters per category.We will add a ListView control on the PosterList.aspx and will bind data from the database. We will use the various templates.Then we will write code in the PosterList.aspx.cs to fetch data from the database.1) Launch Visual Studio and open your solution where your project lives2) Open the PosterList.aspx page. We will add some markup in this page. Have a look at the code below  <section class="posters-featured">                    <ul>                         <asp:ListView ID="posterList" runat="server"                            DataKeyNames="PosterID"                            GroupItemCount="3" ItemType="PostersOnLine.DAL.Poster" SelectMethod="GetPosters">                            <EmptyDataTemplate>                                      <table id="Table1" runat="server">                                            <tr>                                                  <td>We have no data.</td>                                            </tr>                                     </table>                              </EmptyDataTemplate>                              <EmptyItemTemplate>                                     <td id="Td1" runat="server" />                              </EmptyItemTemplate>                              <GroupTemplate>                                    <tr ID="itemPlaceholderContainer" runat="server">                                          <td ID="itemPlaceholder" runat="server"></td>                                    </tr>                              </GroupTemplate>                              <ItemTemplate>                                    <td id="Td2" runat="server">                                          <table>                                                <tr>                                                      <td>&nbsp;</td>                                                      <td>                                                <a href="PosterDetails.aspx?posterID=<%#:Item.PosterID%>">                                                    <img src="<%#:Item.PosterImgpath%>"                                                        width="100" height="75" border="1"/></a>                                             </td>                                            <td>                                                <a href="PosterDetails.aspx?posterID=<%#:Item.PosterID%>">                                                    <span class="PosterName">                                                        <%#:Item.PosterName%>                                                    </span>                                                </a>                                                            <br />                                                <span class="PosterPrice">                                                               <b>Price: </b><%#:String.Format("{0:c}", Item.PosterPrice)%>                                                </span>                                                <br />                                                        </td>                                                </tr>                                          </table>                                    </td>                              </ItemTemplate>                              <LayoutTemplate>                                    <table id="Table2" runat="server">                                          <tr id="Tr1" runat="server">                                                <td id="Td3" runat="server">                                                      <table ID="groupPlaceholderContainer" runat="server">                                                            <tr ID="groupPlaceholder" runat="server"></tr>                                                      </table>                                                </td>                                          </tr>                                          <tr id="Tr2" runat="server"><td id="Td4" runat="server"></td></tr>                                    </table>                              </LayoutTemplate>                        </asp:ListView>                    </ul>               </section>  3) We have a ListView control on the page called PosterList. I set the ItemType property to the Poster class and then the SelectMethod to the GetPosters method.  I will create this method later on.   (ItemType="PostersOnLine.DAL.Poster" SelectMethod="GetPosters")Then in the code below  I have the data-binding expression Item  available and the control becomes strongly typed.So when the user clicks on the link of the poster's category the relevant information will be displayed (photo,name and price)                                            <td>                                                <a href="PosterDetails.aspx?posterID=<%#:Item.PosterID%>">                                                    <img src="<%#:Item.PosterImgpath%>"                                                        width="100" height="75" border="1"/></a>                                             </td>4)  Now we need to write the simple method to populate the ListView control.It is called GetPosters method.The code follows   public IQueryable<Poster> GetPosters([QueryString("id")] int? PosterCatID)        {            PosterContext ctx = new PosterContext();            IQueryable<Poster> query = ctx.Posters;            if (PosterCatID.HasValue && PosterCatID > 0)            {                query = query.Where(p=>p.PosterCategoryID==PosterCatID);            }            return query;                    } This is a very simple method that returns information about posters related to the PosterCatID passed to it.I bind the value from the query string to the PosterCatID parameter at run time.This is all possible due to the QueryStringAttribute class that lives inside the System.Web.ModelBinding and gets the value of the query string variable id.5) I run my application and then click on the "Midfilders" link. Have a look at the picture below to see the results.  In the Site.css file I added some new CSS rules to make everything more presentable. .posters-featured {    width:840px;    background-color:#efefef;}.posters-featured   a:link, a:visited,    a:active, a:hover {        color: #000033;    }.posters-featured    a:hover {        background-color: #85c465;    }  6) I run the application again and this time I do not choose any category, I simply navigate to the PosterList.aspx page. I see all the posters since no query string was passed as a parameter.Have a look at the picture below   ?ake sure you place breakpoints in the code so you can see what is really going on.In the next post I will show you how to display poster details.Hope it helps!!!

  Read the article

< Previous Page | 20 21 22 23 24 25 26 27 28 29 30 31  | Next Page >