Search Results

Search found 22139 results on 886 pages for 'security testing'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 248/886 | < Previous Page | 244 245 246 247 248 249 250 251 252 253 254 255  | Next Page >

  • How do I make this ASP.NET MVC controller more testable?

    - by Ragesh
    I have a controller that overrides OnActionExecuting and does something like this: protected override void OnActionExecuting(ActionExecutingContext filterContext) { base.OnActionExecuting(filterContext); string tenantDomain = filterContext.RouteData.Values["tenantDomain"] as string; if (!string.IsNullOrWhiteSpace(tenantDomain)) { using (var tx = BeginTransaction()) { this.Tenant = repo.FindOne(t => t.Domain == tenantDomain); } } } Tenant is a protected property with a private setter. The class itself is an abstract base controller that my real controllers derive from. I have code in other controllers that looks a lot like this: if (Tenant == null) { // Do something } else { // Do something else } How do I test this code? What I need to do is to somehow set the Tenant property, but I can't because: It's a protected property, and It has a private setter Changing the visibility of Tenant doesn't "feel" right. What are my alternatives to unit test my derived controllers?

    Read the article

  • Visual Studio 2008 Unit test does not pick up code changes unless I build the entire solution

    - by Orion Edwards
    Here's the scenario: Change my code: Change my unit test for that code With the cursor inside the unit test class/method, invoke VS2008's "Run tests in current context" command The visual studio "Output" window indicates that the code dll and the test dll both successfully build (in that order) The problem is however, that the unit test does not use the latest version of the dll which it has just built. Instead, it uses the previously built dll (which doesn't have the updated code in it), so the test fails. When adding a new method, this results in a MethodNotImplementedException, and when adding a class, it results in a TypeLoadException, both because the unit test thinks the new code is there, and it isn't!. If I'm just updating an existing method, then the test just fails due to incorrect results. I can 'work around' the problem by doing this Change my code: Change my unit test for that code Invoke VS2008's 'Build Solution' command With the cursor inside the unit test class/method, invoke VS2008's "Run tests in current context" command The problem is that doing a full build solution (even though nothing has changed) takes upwards of 30 seconds, as I have approx 50 C# projects, and VS2008 is not smart enough to realize that only 2 of them need to be looked at. Having to wait 30 seconds just to change 1 line of code and re-run a unit test is abysmal. Is there anything I can do to fix this? None of my code is in the GAC or anything funny like that, it's just ordinary old dll's (buiding against .NET 3.5SP1 on a win7/64bit machine) Please help!

    Read the article

  • Common utility functions for Perl .t tests

    - by zedoo
    Hi I am getting started with Test::More, already have a few .t test scripts. Now I'd like to define a function that will only be used for the tests, but accross different .t files. Where's the best place to put such a function? Define another .t without any tests and require it where needed? (As a sidenote I use the module structure created by Module::Starter)

    Read the article

  • what kind of credentials/prerequisites do you need to be a professional penetration tester ?

    - by dfafa
    does it take more than knowing Bt4 ? are there any one that just runs a scanner and no real labor involved ? would you be expected to be able to code your own exploits without having to dl from milw0rm and discover entry into a system by yourself, in other words, do you have to think outside the box even when there's so many tools that makes the job a lot easier ? would you ever be expected to be able to write your own scanners, exploits and etc ? i am also curious how people are able to write long pages of hex address, that magically causes some type of memory overflow...how are people guessing at the hex values for game hacks for instance ? are certification important ? what about formal school education ? I am a CS major.

    Read the article

  • Run PHPUnit Tests in Certain Order

    - by dragonmantank
    Is there a way to get the tests inside of a TestCase to run in a certain order? For example, I want to seperate the lifecycle of an object from creation to use to destruction but need to make sure that the object is set up first before I run the other tests.

    Read the article

  • How do I tell which account is trying to access an ASP.NET web service?

    - by Andrew Lewis
    I'm getting a 401 (access denied) calling a method on an internal web service. I'm calling it from an ASP.NET page on our company intranet. I've checked all the configuration and it should be using integrated security with an account that has access to that service, but I'm trying to figure out how to confirm which account it's connecting under. Unfortunately I can't debug the code on the production network. In our dev environment everything is working fine. I know there has to be a difference in the settings, but I'm at a loss with where to start. Any recommendations?

    Read the article

  • Jmeter- HTTP Cache Manager, Unable to cache everything what it is being cached by Browser

    - by chinmay brahma
    I used HTTP Chache Manager to Cache files which are being cached in browser. I am successful of doing it for some of the pages. Number of files being cached in Jmeter is equal to Number of files being cached by browser. But in some cases : I found number files being cached is lesser than the files being cached by browser. Using Jmeter I found only 5 files are being cached but in real browser 12 files are getting cached. Thanks in advance

    Read the article

  • How to test my GAE site for performance

    - by Sergey Basharov
    I am building a GAE site that uses AJAX/JSON for almost all its tasks including building the UI elements, all interactions and client-server requests. What is a good way to test it for highloads so that I could have some statistics about how much resources 1000 average users per some period of time would take. I think I can create some Python functions for this purpose. What can you advise? Thanks.

    Read the article

  • How can I start a TCP server in the background during a Perl unit test?

    - by John
    I am trying to write a unit test for a client server application. To test the client, in my unit test, I want to first start my tcp server (which itself is another perl file). I tried to start the TCP server by forking: if (! fork()) { system ("$^X server.pl") == 0 or die "couldn't start server" } So when I call make test after perl Makefile.PL, this test starts and I can see the server starting but after that the unit test just hangs there. So I guess I need to start this server in background and I tried the & at the end to force it to start in background and then test to continue. But, I still couldn't succeed. What am I doing wrong? Thanks.

    Read the article

  • How can I unit test a PHP class method that executes a command-line program?

    - by acoulton
    For a PHP application I'm developing, I need to read the current git revision SHA which of course I can get easily by using shell_exec or backticks to execute the git command line client. I have obviously put this call into a method of its very own, so that I can easily isolate and mock this for the rest of my unit tests. So my class looks a bit like this: class Task_Bundle { public function execute() { // Do things $revision = $this->git_sha(); // Do more things } protected function git_sha() { return `git rev-parse --short HEAD`; } } Of course, although I can test most of the class by mocking git_sha, I'm struggling to see how to test the actual git_sha() method because I don't see a way to create a known state for it. I don't think there's any real value in a unit test that also calls git rev-parse to compare the results? I was wondering about at least asserting that the command had been run, but I can't see any way to get a history of shell commands executed by PHP - even if I specify that PHP should use BASH rather than SH the history list comes up empty, I presume because the separate backticks executions are separate terminal sessions. I'd love to hear any suggestions for how I might test this, or is it OK to just leave that method untested and be careful with it when the app is being maintained in future?

    Read the article

  • using a Singleton to pass credentials in a multi-tenant application a code smell?

    - by Hans Gruber
    Currently working on a multi-tenant application that employs Shared DB/Shared Schema approach. IOW, we enforce tenant data segregation by defining a TenantID column on all tables. By convention, all SQL reads/writes must include a Where TenantID = '?' clause. Not an ideal solution, but hindsight is 20/20. Anyway, since virtually every page/workflow in our app must display tenant specific data, I made the (poor) decision at the project's outset to employ a Singleton to encapsulate the current user credentials (i.e. TenantID and UserID). My thinking at the time was that I didn't want to add a TenantID parameter to each and every method signature in my Data layer. Here's what the basic pseudo-code looks like: public class UserIdentity { public UserIdentity(int tenantID, int userID) { TenantID = tenantID; UserID = userID; } public int TenantID { get; private set; } public int UserID { get; private set; } } public class AuthenticationModule : IHttpModule { public void Init(HttpApplication context) { context.AuthenticateRequest += new EventHandler(context_AuthenticateRequest); } private void context_AuthenticateRequest(object sender, EventArgs e) { var userIdentity = _authenticationService.AuthenticateUser(sender); if (userIdentity == null) { //authentication failed, so redirect to login page, etc } else { //put the userIdentity into the HttpContext object so that //its only valid for the lifetime of a single request HttpContext.Current.Items["UserIdentity"] = userIdentity; } } } public static class CurrentUser { public static UserIdentity Instance { get { return HttpContext.Current.Items["UserIdentity"]; } } } public class WidgetRepository: IWidgetRepository{ public IEnumerable<Widget> ListWidgets(){ var tenantId = CurrentUser.Instance.TenantID; //call sproc with tenantId parameter } } As you can see, there are several code smells here. This is a singleton, so it's already not unit test friendly. On top of that you have a very tight-coupling between CurrentUser and the HttpContext object. By extension, this also means that I have a reference to System.Web in my Data layer (shudder). I want to pay down some technical debt this sprint by getting rid of this singleton for the reasons mentioned above. I have a few thoughts on what an better implementation might be, but if anyone has any guidance or lessons learned they could share, I would be much obliged.

    Read the article

  • How to test the performance of a user's PC in/for Flash?

    - by Jan P.
    Hey, I'm a developer on nice space MMO using Flash. On new PCs performance is quite good, but some features shouldn't be enabled on older PCs because the framerate drops to shit if we do. Flash wasn't made for this, but hey, pushing boundaries is fun. An example is fullscreen mode. Of course every user can manually enable it, but "advertising" it to a user with and oldie PC would be a bad idea - but for the Alienware crowd it would be dumb not to. So I want to find out how "capable" a user's PC is to decide if I should enable or disable some features for him. Any ideas? Thanks, Sujan

    Read the article

  • Running single test class or group with Surefire and TestNG

    - by Slartibartfast
    I want to run single test class from command line using Maven and TestNG Things that doesn't work: mvn -Dtest=ClassName test I have defined groups in pom.xml, and this class isn't in one of those groups. So it got excluded on those grounds. mvn -Dgroups=skipped-group test mvn -Dsurefire.groups=skipped-group test when config is <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-surefire-plugin</artifactId> <version>2.7.1</version> <configuration> <groups>functest</groups> </configuration> </plugin> Parameters work fine in there are no groups defined in pom.xml. Similarly, when surefire is configured with <configuration> <includes> <include>**/*UnitTest.java</include> </includes> </configuration> I can add another test with -Dtest parameter, but cannot add group. In any combination, I can narrow down tests to be executed with groups, but not expand them. What's wrong with my configuration? Is there a way to run a single test or group outside of those defined in pom.xml? Tried on Ubuntu 10.04 with Maven 2.2.1, TestNG 5.14.6 and Surefire 2.7.1

    Read the article

  • What is a good programming language for testers who are not great programmers?

    - by Brian T Hannan
    We would like to create some simple automated tests that will be created and maintained by testers. Right now we have a tester who can code in any language, but in the future we might want any tester with a limited knowledge of programming to be able to add or modify the tests. What is a good programming language for testers who are not great programmers, or programmers at all? Someone suggested LUA, but I looked into LUA and it might be more complicated that another language would be. Preferably, the language will be interpreted and not be compiled. Let me know what you think.

    Read the article

  • DDSteps date question.

    - by Srini
    DDStep Date Question: Currently trying to pass just the date from excel. But getting the below error while doing it. Failed to convert property value of type [java.lang.String] to required type [java.util.Date] for property ...no matching editors or conversion strategy found spring for date conversion I even tried to add customEditorConfigurer in the ddsteps-context file. Still getting error. But in their pet store example looks like it works fine. Any help is appreciated. <entry key="java.util.Date"> <bean class="org.springframework.beans.propertyeditors.CustomDateEditor"> <constructor-arg> <bean class="java.text.SimpleDateFormat"> <constructor-arg value="yyyy-MM-dd" /> </bean> </constructor-arg> <constructor-arg value="false" /> </bean> </entry>

    Read the article

  • Reason to use more cookies than just a session hash for authentication?

    - by dierre
    I usually hang out in a community using vBulletin as its bulletin board. I was looking at what this software saves as cookie in my browser. As you can see it saves 6 cookies. Amongst them, what I consider to be important for authentification are: ngivbsessionhash: hash of the current session ngivbpassword: hash of the password ngivbuserid: user's id Those are my assumptions of course. I don't know for sure if ngilastactivity and ngilastvisit are used for the same reason. My question is: why use all these cookie for authentication? My guess would be that maybe generating a session hash would be to easy so using the hashedpassword and userid adds security but what about cookie spoofing? I'm basically leaving on the client all fundamental informations. What do you think?

    Read the article

  • Automating site interaction

    - by Leocer
    I'm working with a CMS and need to import data to it using typical html forms. The data itself is in csv files with one page per row. Such is the CMS that importing directly to db isn't possible due to the complexity of the design. It's pretty important that i "fake" usual user interaction because the CMS does a lot of background work that's crucial for the import. Basically, for each row in the csv file, I need to copy a csv column to a html textfield, or select a checkbox, or click a certain button. One major issue is mapping the data in the csv to actions in the CMS. So if one column contains the string 'foobar' is really means "set the firstName dropdown widget to 'foobar'". Is there a tool to automate this? I´ve been looking at AutoHotKey, Selendium, Web-Harvester and many other tools but I'm not convinced they are the correct tools. The main problem is being able to interact with the html pages in a easy way.

    Read the article

  • Reliably detect caller domain over cURL request?

    - by Utkanos
    OK so server-side security is not my forte. Basically, I'm building a service which users may use (via an SDK) only on the domain they stipulated when they signed up. The SDK calls my web service over cURL in PHP. Would I be right in thinking I cannot reliably detect the caller domain, i.e. enforce that it is the same domain they stipulated when signing up? cURL of course sends this over headers, but headers can always (?) be faked. Is there a better course of action to enforce domain for this sort of thing? (NB I'm already using an API key, too - it's just I wanted to restrict domain, too) Thanks in advance

    Read the article

  • How do I set up a test duplicate of a Django and Postgresql based web application?

    - by cojadate
    Not sure if this is an excessively broad and newbie-ish question for Stack Overflow but here goes: I paid someone else to build a web application for me and now I want to tweak certain aspects of it myself. I learn best by trial and error – changing stuff and seeing what happens. Obviously that's not a great way to treat a live site, so I need to duplicate the site on some kind of test server which I can play with without fear of the consequences. Unfortunately the closest I've come to programming has been creating ActionScript-based websites. I've never touched a database. So I really don't know where to start with setting up a test server. I would really appreciate any advice about where to start. I am completely ignorant and lost here. The web application is built in python/django using a Postgresql database. I use Mac OS X 10.6 if that makes any difference.

    Read the article

  • Html encoding in MVC input

    - by fearofawhackplanet
    I'm working through NerdDinner and I'm a bit confused about the following section... First they've added a form for creating a new dinner, with a bunch of textboxes delcared like: <%= Html.TextArea("Description") %> They then show two ways of binding form input to the model: [AcceptVerbs(HttpVerbs.Post)] public ActionResult Create() { Dinner dinner = new Dinner(); UpdateModel(dinner); ... } or: [AcceptVerbs(HttpVerbs.Post)] public ActionResult Create(Dinner dinner) { ... } Ok, great, that all looks really easy so far. Then a bit later on they say: It is important to always be paranoid about security when accepting any user input, and this is also true when binding objects to form input. You should be careful to always HTML encode any user-entered values to avoid HTML and JavaScript injection attacks Huh? MVC is managing the data binding for us. Where/how are you supposed to do the HTML encoding?

    Read the article

  • How can I unit test my custom validation attribute

    - by MightyAtom
    I have a custom asp.net mvc class validation attribute. My question is how can I unit test it? It would be one thing to test that the class has the attribute but this would not actually test that the logic inside it. This is what I want to test. [Serializable] [EligabilityStudentDebtsAttribute(ErrorMessage = "You must answer yes or no to all questions")] public class Eligability { [BooleanRequiredToBeTrue(ErrorMessage = "You must agree to the statements listed")] public bool StatementAgree { get; set; } [Required(ErrorMessage = "Please choose an option")] public bool? Income { get; set; } .....removed for brevity } [AttributeUsage(AttributeTargets.Class)] public class EligabilityStudentDebtsAttribute : ValidationAttribute { // If AnyDebts is true then // StudentDebts must be true or false public override bool IsValid(object value) { Eligability elig = (Eligability)value; bool ok = true; if (elig.AnyDebts == true) { if (elig.StudentDebts == null) { ok = false; } } return ok; } } I have tried to write a test as follows but this does not work: [TestMethod] public void Eligability_model_StudentDebts_is_required_if_AnyDebts_is_true() { // Arrange var eligability = new Eligability(); var controller = new ApplicationController(); // Act controller.ModelState.Clear(); controller.ValidateModel(eligability); var actionResult = controller.Section2(eligability,null,string.Empty); // Assert Assert.IsInstanceOfType(actionResult, typeof(ViewResult)); Assert.AreEqual(string.Empty, ((ViewResult)actionResult).ViewName); Assert.AreEqual(eligability, ((ViewResult)actionResult).ViewData.Model); Assert.IsFalse(((ViewResult)actionResult).ViewData.ModelState.IsValid); } The ModelStateDictionary does not contain the key for this custom attribute. It only contains the attributes for the standard validation attributes. Why is this? What is the best way to test these custom attributes? Thanks

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 244 245 246 247 248 249 250 251 252 253 254 255  | Next Page >