Search Results

Search found 12720 results on 509 pages for 'moss2007 security'.

Page 246/509 | < Previous Page | 242 243 244 245 246 247 248 249 250 251 252 253  | Next Page >

• Are there any concerns with using a static read-only unit of work so that it behaves like a cache?

  - by Rowan Freeman

  Related question: How do I cache data that rarely changes? I'm making an ASP.NET MVC4 application. On every request the security details about the user will need to be checked with the area/controller/action that they are accessing to see if they are allowed to view it. The security information is stored in the database. For example: User Permission UserPermission Action ActionPermission A "Permission" is a token that is applied to an MVC action to indicate that the token is required in order to access the action. Once a user is given the permission (via the UserPermission table) then they have the token and can therefore access the action. I've been looking in to how to cache this data (since it rarely changes) so that I'm only querying in-memory data and not hitting a database (which is a considerable performance hit at the moment). I've tried storing things in lists, using a caching provider but I either run in to problems or performance doesn't improve. One problem that I constantly run in to is that I'm using lazy loading and dynamic proxies with EntityFramework. This means that even if I ToList() everything and store them somewhere static, the relationships are never populated. For example, User.Permissions is an ICollection but it's always null. I don't want to Include() everything because I'm trying to keep things simple and generic (and easy to modify). One thing I know is that an EntityFramework DbContext is a unit of work that acts with 1st-level caching. That is, for the duration of the unit of work, everything that is accessed is cached in memory. I want to create a read-only DbContext that will exist indefinitely and will only be used to read about permission data. Upon testing this it worked perfectly; my page load times went from 200ms+ to 20ms. I can easily force the data to refresh at certain intervals or simply leave it to refresh when the application pool is recycled. Basically it will behave like a cache. Note that the rest of the application will interact with other contexts that exist per request as normal. Is there any disadvantage to this approach? Could I be doing something different?

  Read the article

• Oracle E-Business Suite 12.2.4 is Available for Download!

  - by Brian Kerr - EBS Support Engineer -Oracle

  This Release Update Pack (RUP) for the EBS 12.2 release codeline includes new features as well as statutory and regulatory updates, and error corrections for stability, performance, and security.  This is a consolidated suite-wide patch set. Release 12.2.4 is cumulative and includes new updates as well as updates made available in one-off patches for prior 12.2 releases. The details for downloading and applying the Oracle E-Business Suite 12.2.4 Release Update Pack can be found in the Oracle E-Business Suite Release 12.2.4 Readme (Doc ID 1617458.1).

  Read the article

• Week in Geek: Forced Facebook E-mail Changes are Altering Address Books, Causing Lost Mail

  - by Asian Angel

  Our first edition of WIG for July is filled with news link goodness covering topics such as why Microsoft killed the Start Button in Windows 8, how to outsmart websites trying to get you to pay top dollar, OS X Mountain Lion will check daily for security updates, and more. How to Banish Duplicate Photos with VisiPic How to Make Your Laptop Choose a Wired Connection Instead of Wireless HTG Explains: What Is Two-Factor Authentication and Should I Be Using It?

  Read the article

• How to restart colord

  - by Blair Zajac

  A tiff security update came out today for 12.04 and colord is still running with the older shared library # lsof -n | grep DEL | grep /lib colord 3454 colord DEL REG 252,1 3673529 /usr/lib/x86_64-linux-gnu/libtiff.so.4.3.4 Besides restarting the whole system, given there's no /etc/init.d/colord, how do I restart it so it picks up the new libtiff.so.

  Read the article

• As the current draft stands, what is the most significant change the "National Strategy for Trusted Identities in Cyberspace" will provoke?

  - by mfg

  A current draft of the "National Strategy for Trusted Identities in Cyberspace" has been posted by the Department of Homeland Security. This question is not asking about privacy or constitutionality, but about how this act will impact developers' business models and development strategies. When the post was made I was reminded of Jeff's November blog post regarding an internet driver's license. Whether that is a perfect model or not, both approaches are attempting to handle a shared problem (of both developers and end users): How do we establish an online identity? The question I ask here is, with respect to the various burdens that would be imposed on developers and users, what are some of the major, foreseeable implementation issues that will arise from the current U.S. Government's proposed solution? For a quick primer on the setup, jump to page 12 for infrastructure components, here are two stand-outs: An Identity Provider (IDP) is responsible for the processes associated with enrolling a subject, and establishing and maintaining the digital identity associated with an individual or NPE. These processes include identity vetting and proofing, as well as revocation, suspension, and recovery of the digital identity. The IDP is responsible for issuing a credential, the information object or device used during a transaction to provide evidence of the subject’s identity; it may also provide linkage to authority, roles, rights, privileges, and other attributes. The credential can be stored on an identity medium, which is a device or object (physical or virtual) used for storing one or more credentials, claims, or attributes related to a subject. Identity media are widely available in many formats, such as smart cards, security chips embedded in PCs, cell phones, software based certificates, and USB devices. Selection of the appropriate credential is implementation specific and dependent on the risk tolerance of the participating entities. Here are the first considered actionable components of the draft: Action 1: Designate a Federal Agency to Lead the Public/Private Sector Efforts Associated with Achieving the Goals of the Strategy Action 2: Develop a Shared, Comprehensive Public/Private Sector Implementation Plan Action 3:Accelerate the Expansion of Federal Services, Pilots, and Policies that Align with the Identity Ecosystem Action 4:Work Among the Public/Private Sectors to Implement Enhanced Privacy Protections Action 5:Coordinate the Development and Refinement of Risk Models and Interoperability Standards Action 6: Address the Liability Concerns of Service Providers and Individuals Action 7: Perform Outreach and Awareness Across all Stakeholders Action 8: Continue Collaborating in International Efforts Action 9: Identify Other Means to Drive Adoption of the Identity Ecosystem across the Nation

  Read the article

• Using only password to authenticate user (no "username" field)

  - by Guy

  I am creating a client access system, to allow manage invoices, make payments, access information about their products and information/functionality alike. Supposedly there are less than 1000 clients. Would there be any security threat to use only password (UUID v4 strings) to authenticate user? My thoughts: There is virtually no probability of collision or success with brute-force attack. http://en.wikipedia.org/wiki/UUID#Random%5FUUID%5Fprobability%5Fof%5Fduplicates User friendly (one click go) It is not intended to be remembered

  Read the article

• Débat Java : Quelles sont les limites du framework Web Apache Wicket ? Confrontez vos points de vue

  Bonjour Bien qu'appréciant beaucoup wicket, il n'en est pas moins que ce framework présente des limites. C'est d'ailleurs l'intitulé d'un post sur "Tom's Quest" : les limites de Wicket. Les points évoqués sont (le détail sur le blog):Le markup n'est pas toujours prévisualisable Wicket ne tient pas la charge Tester une application Wicket est difficile Les URLs générées sont moches Spring Security s'intègre mal à Wicket Wicket n'est pas un framework managé Wicket n'est pas outillé L'intégrable avec des frameworks JavaScript est difficile A noter que l'auteur ne fait pas que lister d'...

  Read the article

• Update: Symantec buys encryption specialist PGP for $300 million

  <b>Info World:</b> "Symantec will acquire encryption specialist PGP and endpoint security vendor GuardianEdge Technologies for $300 million and $70 million respectively, the company said on Thursday."

  Read the article

• Keeping Pace with Data Encryption Laws

  States are passing more and more data security laws, the US Senate and the House have bills meandering through Congress, securing personal information and encrypting that data is no longer optional.

  Read the article

• Fixing a NoClassDefFoundError

  - by Chris Okyen

  I have some code: package ftc; import java.util.Scanner; public class Fer_To_Cel { public static void main(String[] argv) { // Scanner object to get the temp in degrees Farenheit Scanner keyboard = new Scanner(System.in); boolean isInt = true; // temporarily put as true in case the user enters a valid int the first time int degreesF = 0; // initialy set to 0 do { try { // Input the temperature text. System.out.print("\nPlease enter a temperature (integer number, no fractional part) in degrees Farenheit: "); degreesF = Integer.parseInt(keyboard.next()); // Get user input and Assign the far. temperature variable, which is casted from String to int. } // Let the user know in a user friendly notice that the value entered wasnt an int ( give int value range ) , and then give error log catch(java.lang.Exception e) { System.out.println("Sorry but you entered a non-int value ( needs to be between ( including ) -2,147,483,648 and 2,147,483,647 ).. \n"); e.printStackTrace(); isInt = false; } } while(!isInt); System.out.println(""); // print a new line. final int degreesC = (5*(degreesF-32)/9); // convert the degrees from F to C and store the resulting expression in degreesC // Print out a newline, then print what X degrees F is in Celcius. System.out.println("\n" + degreesF + " degrees Farenheit is " + degreesC + " degrees Celcius"); } } And The following error: C:\Program Files\Java\jdk1.7.0_06\bin>java Fer_To_Cel Exception in thread "main" java.lang.NoClassDefFoundError: Fer_To_Cel (wrong name: ftc/Fer_To_Cel) at java.lang.ClassLoader.defineClass1(Native Method) at java.lang.ClassLoader.defineClass(ClassLoader.java:791) at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:14 at java.net.URLClassLoader.defineClass(URLClassLoader.java:449) at java.net.URLClassLoader.access$100(URLClassLoader.java:71) at java.net.URLClassLoader$1.run(URLClassLoader.java:361) at java.net.URLClassLoader$1.run(URLClassLoader.java:355) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:354) at java.lang.ClassLoader.loadClass(ClassLoader.java:423) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308) at java.lang.ClassLoader.loadClass(ClassLoader.java:356) at sun.launcher.LauncherHelper.checkAndLoadMain(LauncherHelper.java:480) The code compiled without compile errors, but presented errors during execution. Which leads me to two questions. I know Errors can be termed Compiler, Runtime and Logic Errors, but the NoClassDefFoundError inherits java.lang.LinkageError. Does that make it a Linker error, being niether of the three types of errors I listed, If I am right this is the answer. For someone else who obtains the singular .java file and compiles it, would this be the only way to solve this problem? Or can I (should I ) do/have done something to fix this problem? Basically, based on a basis of programming, is this a fault of me as the writer? Could this be done once on, my half and be distributed and not needed be done again?

  Read the article

• Botnets Keep Spam Volume High: Google

  <b>eSecurityPlanet:</b> "Botnets cranked out more spam and larger individual files containing spam in the first quarter of this year, according to the latest report from Postini, Google's e-mail filtering and security service."

  Read the article

• CVE-2010-2761 Code Injection Vulnerability in Perl

  - by Umang_D

  CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2010-2761 Improper Control of Generation of Code ('Code Injection') vulnerability 4.3 Perl Solaris 9 Contact Support Solaris 10 SPARC : 146032-05 x86 : 146033-05 This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

  Read the article

• Download the Hummingbirds Theme for Windows 7

  - by Asian Angel

  Are you looking for a new nature theme for your desktop? Then make your desktop hum with perfection using the Hummingbirds Theme for Windows 7. The theme comes with eleven images featuring the wonderful photographic work of Desiree Skatvold. Download the Hummingbirds Theme [Windows 7 Personalization Gallery] HTG Explains: Is UPnP a Security Risk? How to Monitor and Control Your Children’s Computer Usage on Windows 8 What Happened to Solitaire and Minesweeper in Windows 8?

  Read the article

• Argument list too long and copying to Samba Share

  - by Copy Run Start

  Ubuntu 12.04 LTS 64 bit. I'm trying to make a scheduled task copy from a directory with thousands of files to a samba share (while skipping duplicates). I mapped my Samba share through the GUI. The command I tried: cp /home/security/Brick/* ~/.gvfs/"cam on atm-bak-01.local/Brick" -n I found this but I don't know how to change the syntax to what I need. find -maxdepth 1 -name '*.prj' -exec mv -t ../prjshp {} + Any hints are greatly appreciated.

  Read the article

• Microsoft Issues Five 'Critical' Patches

  In a busy 'Patch Tuesday', Microsoft fixed 25 security flaws--mostly in Windows--with its latest patch drop, even fixing a nasty zero-day in the Help system.

  Read the article

• When does Information become Data? (i.e. Information wants to be free) [closed]

  - by James P. Wright

  I hear Programmers often talk about how Information Wants To Be Free which I mostly agree with, but the thing that people don't often pay attention to is that Information and Data are not the same thing. Should Data also be free? Does that mean all of you should have full access to my Social Security Number and other personal "information"? Where is the limit? If there is a limit, why do people throw this phrase around like it fits every circumstance (like this one)

  Read the article

• Interim Patches for CVE-2011-4313 released through MOS

  - by Alan

  As reported on the article on the Sun Security Blog, interim patches are available for Solaris 8,9 and 10 directly from MOS without the need to log a Service Request. There is also Interim Relief available for Solaris 11, but at this point in time that will still require a Service Request. As seen from running "named -V", these patches implement the same fix as ISC by taking Bind to the version:BIND 9.6-ESV-R5-P1.

  Read the article

• Flash Player Critical Fix on Deck

  With Microsoft and Google already having already released fixes for critical security bugs this week, Adobe is getting ready to join the party as it readies an important patch for its Adobe Flash Player software.

  Read the article

• How to Lock Down IE 10 by Disabling Flash in Windows 8

  - by Taylor Gibb

  Microsoft now includes Flash along with their Internet Explorer browser in Windows 8. Flash has been known as a big culprit when it comes to security vulnerabilities in the past, so here’s how to disable it. Note: We have outlined two methods for achieving the same goal, there is no need to do both. HTG Explains: What Is RSS and How Can I Benefit From Using It? HTG Explains: Why You Only Have to Wipe a Disk Once to Erase It HTG Explains: Learn How Websites Are Tracking You Online

  Read the article

• This Week on the Green Data Center Management Front

  Among the big news this week in green data center management: Singapore pledges to cut carbon emissions by 16 percent by 2020, and for the second year in a row, data security is the primary concern and driver of IT asset disposition compliance efforts.

  Read the article

• Critical Patch Updates During EBS 11i Exception to Sustaining Support Period

  - by Elke Phelps (Oracle Development)

  As previously blogged in the EBS 11i and 12.1 Support Timeline Changes entry, two important changes to the Oracle Lifetime Support policies were announced at Oracle OpenWorld 2012 - San Francisco.  These changes affect E-Business Suite Releases 11i and 12.1. Critical Patch Updates for EBS 11i during the Exception to Sustaining Support Period You may be wondering about the availability of Critical Patch Updates (CPU) for EBS 11i during the Exception to Sustaining Support period.  The following details the E-Business Suite Critical Patch Update support policy for EBS 11i during the Exception to Sustaining Support period: Oracle will continue to provide CPUs containing critical security fixes for E-Business Suite 11i.  CPUs will be packaged and released as as cumulative patches for both ATG RUP 6 and ATG RUP 7. As always, we try to minimize the number of patches and dependencies required for uptake of a CPU; however, there have been quite a few changes to the 11i baseline since its release.  For dependency reasons the 11i CPUs may require a higher number of files in order to bring them up to a consistent, stable, and well tested level. EBS 11i customer will continue to receive CPUs up to and including the October 2014 CPU. Where can I learn more? There are two interlocking policies that affect the E-Business Suite:  Oracle's Lifetime Support policies for each EBS release (timelines which were updated by this announcement), and the Error Correction Support policies (which state the minimum baselines for new patches). For more information about how these policies interact, see: Understanding Support Windows for E-Business Suite Releases What about E-Business Suite technology stack components? Things get more complicated when one considers individual techstack components such as Oracle Forms or the Oracle Database.  To learn more about the interlocking EBS+techstack component support windows, see these two articles: On Apps Tier Patching and Support: A Primer for E-Business Suite Users On Database Patching and Support: A Primer for E-Business Suite Users Where can I learn more about Critical Patch Updates?The Critical Patch Update Advisory is the starting point for relevant information. It includes a list of products affected, pointers to obtain the patches, a summary of the security vulnerabilities, and links to other important documents.  Related Articles EBS 11i and 12.1 Support Timeline Changes Frequently Asked Questions about Latest EBS Support Changes Extended Support Fees Waived for E-Business Suite 11i and 12.0

  Read the article

• What is the canonical resource on multi-tenancy web applications using ruby + rails

  - by AlexC

  What is the canonical resource on multi-tenancy web applications using ruby + rails. There are a number of ways to develop rails apps using cloud capabilities with real elastic properties but there seems to be a lack of clarity with how to achieve multitenancy, specifically at the model / data level. Is there a canonical resource on options to developing multitenancy rails applications with the required characteristics of data seperation, security, concurrency and contention required by an enterprise level cloud application.

  Read the article

• Oracle Magazine, September/October 2008

  Oracle Magazine September/October features articles on Oracle Universal Content Management, identity management, security, Merrill Lynch and Oracle, ODP.NET, best PL/SQL practices, task flows, Oracle SQL Developer 1.5, Oracle Flashback technology, trigger maintenance and much more.

  Read the article

• New Date for Implementation of Sun Hands-On Course Requirement

  - by Harold Green

  As announced on the Oracle Certification website, Java Architect, Java Developer, Solaris System Administrator and Solaris Security Administrator certification tracks will include a new mandatory course attendance requirement. Because of unforeseen disaster and subsequent recovery efforts underway in Japan, Oracle has extended the start date of this new requirement to October 1, 2011. Candidates may earn their certifications using the current track requirements (found on the Oracle Certification website) through September 30, 2011.

  Read the article

• Multiple Denial of Service (DoS) vulnerabilities in Apache Tomcat

  - by chandan

  CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-4858 Resource Management Errors vulnerability 5.0 Apache Tomcat Solaris 11 11/11 SRU 4 Solaris 10 SPARC: 122911-29 X86: 122912-29 Solaris 9 Contact Support CVE-2012-0022 Numeric Errors vulnerability 5.0 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

  Read the article

< Previous Page | 242 243 244 245 246 247 248 249 250 251 252 253  | Next Page >