Search Results

Search found 14267 results on 571 pages for 'security certificate'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 26/571 | < Previous Page | 22 23 24 25 26 27 28 29 30 31 32 33  | Next Page >

  • Why can`t we treat SSL Certs like Pgp keys instead of trusting CAs?

    - by yarun can
    I am dumb and stupid and I do not know all the technical aspects of SSL and server/client side implications and implementations. However I understand them good enough from user point of view to use SSL and encyrption daily. I was thinking that how silly it is to trust some unknown/known CAs when it comes to our our certificates for our servers. There had been many cases of misconduct, misuse, compromises and theft of certificates/ca keys from those places. On top of those known issues we also have to pay these guys regularly. I am wondering why can not we use/treat web server certificates like we use our pgp keys? So I sign a SSL certificate and send to a central server. And then each user accessing my site checks the validity and the keys from some central server (like pgp key servers). Is this a stupid idea? If so what could be a better idea than current system of issuing valid certificates. I am looking for a better than more secure idea. Naturally this is not a solution to an existing problem, rather it will be a hypothetical solution for some future implementation of a currently messed up web of trust on the internet due to recent news about NSA and their criminal buddies around the world. thanks

    Read the article

  • .NET Declarative Security: Why is SecurityAction.Deny impossible to work with?

    - by rally25rs
    I've been messing with this for about a day and a half now sifting through .NET reflector and MSDN docs, and can't figure anything out... As it stands in the .NET framework, you can demand that the current Principal belong to a role to be able to execute a method by marking a method like this: [PrincipalPermission(SecurityAction.Demand, Role = "CanEdit")] public void Save() { ... } I am working with an existing security model that already has a "ReadOnly" role defined, so I need to do exactly the opposite of above... block the Save() method if a user is in the "ReadOnly" role. No problem, right? just flip the SecurityAction to .Deny: [PrincipalPermission(SecurityAction.Deny, Role = "ReadOnly")] public void Save() { ... } Well, it turns out that this does nothing at all. The method still runs fine. It seems that the PrincipalPermissionAttribute defines: public override IPermission CreatePermission() But when the attribute is set to SecurityAction.Deny, this method is never called, so no IPermission object is ever created. Does anyone know of a way to get .Deny to work? I've been trying to make a custom secutiry attribute, but even that doesn't work. I tried to get tricky and do: public class MyPermissionAttribute : CodeAccessSecurityAttribute { private SecurityAction securityAction; public MyPermissionAttribute(SecurityAction action) : base(SecurityAction.Demand) { if (action != SecurityAction.Demand && action != SecurityAction.Deny) throw new ArgumentException("Unsupported SecurityAction. Only Demand and Deny are supported."); this.securityAction = action; } public override IPermission CreatePermission() { // do something based on the SecurityAction... } } Notice my attribute constructor always passes SecurityAction.Demand, which is the one action that would work previously. However, even in this case, the CreatePermission() method is still only called when the attribute is set to .Demand, and not .Deny! Maybe the runtime is actually checking the attribute instead of the SecurityAction passed to the CodeAccessSecurityAttribute constructor? I'm not sure what else to try here... anyone have any ideas? You wouldn't think it would be that hard to deny method access based on a role, instead of only demanding it. It really disturbed me that the default PrincipalPermission appears from within an IDE like it would be just fine doing a .Deny, and there is like a 1-liner in the MSDN docs that hint that it won't work. You would think the PrincipalPermissionAttribute constructor would throw an exception immediately if anything other that .Demand is specified, since that could create a big security hole! I never would have realized that .Deny does nothing at all if I hadn't been unit testing! Again, all this stems from having to deal with an existing security model that has a "ReadOnly" role that needs to be denied access, instead of doing it the other way around, where I cna just grant access to a role. Thanks for any help! Quick followup: I can actually make my custom attribute work by doing this: public class MyPermissionAttribute : CodeAccessSecurityAttribute { public SecurityAction SecurityAction { get; set; } public MyPermissionAttribute(SecurityAction action) : base(action) { } public override IPermission CreatePermission() { switch(this.SecurityAction) { ... } // check Demand or Deny } } And decorating the method: [MyPermission(SecurityAction.Demand, SecurityAction = SecurityAction.Deny, Role = "ReadOnly")] public void Save() { ... } But that is terribly ugly, since I'm specifying both Demand and Deny in the same attribute. But it does work... Another interesting note: My custom class extends CodeAccessSecurityAttribute, which in turn only extends SecurityAttribute. If I cnage my custom class to directly extend SecurityAttribute, then nothing at all works. So it seems the runtime is definately looking for only CodeAccessSecurityAttribute instances in the metadata, and does something funny with the SecurityAction specified, even if a custom constructor overrides it.

    Read the article

  • WCF newbie - how to install and use a SSL certificate?

    - by Shaul
    This should be a snap for anyone who's done it before... I'm trying to set up a self-hosted WCF service using NetTcpBinding. I got a trial SSL certificate from Thawte and successfully installed that in my IIS store, and I think I've got it correctly set up in the service - at least it doesn't exception out on me! Now, I'm trying to connect the client (this is still all on my dev machine), and it's giving me an error, "Message = "The X.509 certificate CN=ssl.mydomain.com, OU=For Test Purposes Only. No assurances., OU=IT, O=My Company, L=My Town, S=None, C=IL chain building failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider." Ooookeeeey... now what? Client code (I want to do this in code, not app.config): var baseAddress = "localhost"; var factory = new DuplexChannelFactory<IMyWCFService>(new InstanceContext(SiteServer.Instance)); factory.Endpoint.Address = new EndpointAddress("net.tcp://{0}:8000/".Fmt(baseAddress)); var binding = new NetTcpBinding(SecurityMode.Message); binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName; factory.Endpoint.Binding = binding; var u = factory.Credentials.UserName; u.UserName = userName; u.Password = password; return factory.CreateChannel()

    Read the article

  • Spring Security - Persistent Remember Me Issue

    - by Taylor L
    I've been trying to track down why Spring Security isn't creating the Spring Security remember me cookie (SPRING_SECURITY_REMEMBER_ME_COOKIE). At first glance, the logs make it seem like the login is failing, but the login is actually successful in the sense that if I navigate to a page that requires authentication I am not redirected back to the login page. However, the logs appear to be saying the login credentials are invalid. I'm using Spring 3.0.1, Spring Security 3.0.1, and Google App Engine 1.3.1. Any ideas as to what is going on? Mar 16, 2010 10:05:56 AM org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices onLoginSuccess FINE: Creating new persistent login for user [email protected] Mar 16, 2010 10:10:07 AM org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices loginFail FINE: Interactive login attempt was unsuccessful. Mar 16, 2010 10:10:07 AM org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices cancelCookie FINE: Cancelling cookie Below is the relevant portion of the applicationContext-security.xml. <http auto-config="false"> <intercept-url pattern="/css/**" filters="none" /> <intercept-url pattern="/img/**" filters="none" /> <intercept-url pattern="/js/**" filters="none" /> <intercept-url pattern="/app/admin/**" filters="none" /> <intercept-url pattern="/app/login/**" filters="none" /> <intercept-url pattern="/app/register/**" filters="none" /> <intercept-url pattern="/app/error/**" filters="none" /> <intercept-url pattern="/" filters="none" /> <intercept-url pattern="/**" access="ROLE_USER" /> <logout logout-success-url="/" /> <form-login login-page="/app/login" default-target-url="/" authentication-failure-url="/app/login?login_error=1" /> <session-management invalid-session-url="/app/login" /> <remember-me services-ref="rememberMeServices" key="myKey" /> </http> <authentication-manager alias="authenticationManager"> <authentication-provider user-service-ref="userDetailsService"> <password-encoder hash="sha-256" base64="true"> <salt-source user-property="username" /> </password-encoder> </authentication-provider> </authentication-manager> <beans:bean id="userDetailsService" class="com.my.service.auth.UserDetailsServiceImpl" /> <beans:bean id="rememberMeServices" class="org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices"> <beans:property name="userDetailsService" ref="userDetailsService" /> <beans:property name="tokenRepository" ref="persistentTokenRepository" /> <beans:property name="key" value="myKey" /> </beans:bean> <beans:bean id="persistentTokenRepository" class="com.my.service.auth.PersistentTokenRepositoryImpl" />

    Read the article

  • Internet Explorer blocked this website from displaying content with security certificate errors

    - by Tabrez
    I have a security certificate linked to a CDN's server. The main website is https:www.connect4fitness.com When I pull the site up in firefox or chrome, everything works fine. But in IE I get the following error: "Internet Explorer blocked this website from displaying content with security certificate errors." On IE 9 it shows the button "Display Content" and you can get past the error by clicking on the button. On older versions on I the error message is much more cryptic and is confusing users. Please note that I don't have the option of asking end users to add the site to Trusted Sources as some folks use the site from their work computers and do not have that access. Also, some people don't bother to call once they hit the error. I have looked at the content and all my links are "https" only. I had one namespace link and I got rid of it. Any idea about how I can find what is triggering this message?

    Read the article

  • Starfield Wildcard SSL Certificate Not Trusted in All Browsers

    - by Austen Cameron
    I am at a loss as to what else I might try in order to debug this issue with a Starfield Wildcard SSL Certificate. The problem is that in certain browsers (Safari or the most-updated chrome you can get for OS X 10.5.8 for example) the certificate comes up as untrusted, even on the root domain. My server setup / background info: General LAMP setup - CentOS 6.3 - on a Godaddy VPS Starfield Technologies Wildcard SSL certificate Installed using the instructions from godaddy's support pages ssl.conf lines are basically as follows: SSLCertificateFile /path/to/cert/mysite.com.cert SSLCertificateKeyFile /path/to/cert/mysite.key SSLCertificateChainFile /path/to/cert/sf_bundle.crt Everything seemingly worked fine until the other night when I noticed the problem in OS X, I assume it's more browser version related, but have only been able to replicate it on that particular machine. What I have tried: Updating sf_bundle.crt from godaddy's cert repository and Starfield's repository versions Following This ServerFault answer from Jim Phares - changing the ChainFile line to sf_intermediate.crt from Starfield's repository Using http://www.sslshopper.com/ssl-checker.html on my url It says the domain is correctly listed on the certificate but comes up with an error that reads The certificate is not trusted in all web browsers. You may need to install an Intermediate/chain certificate to link it to a trusted root certificate. What might I try next to remedy the untrusted certificate issue? Let me know if there is any other information needed that might help debugging this issue. Thanks in advance!

    Read the article

  • Cannot update, apt-get cannot fetch index files

    - by Evan
    I have a fresh install of Ubuntu 11.10 from the iso 'ubuntu-11.10-desktop-amd64.iso'. I installed this in VMWare Fusion 4.1.1 running on OSX 10.7.3. When setting up the VM, I allowed easy install to take care of creating my user and installing VMWare tools. No problems during installation, everything seems to be working great. The problem is that apt-get will NOT update, so I can't do software updates or install any software with apt-get install. I have been searching high and low, and have found several threads covering similar issues. How to fix a ruined package catalog? is one, Update manager generates 404 error while attempting update. Will not update is another, Ubuntu 11.10 Update issue (failed to fetch...) is a third I have tried changing my software source download location to "Main Server" rather than "Server for United States", to no avail. Same errors. Tried sudo apt-get clean, sudo apt-get autoclean, Have done a sudo rm /var/lib/apt/lists/*, still having the exact same problem. As I said, this is a brand new installation as of yesterday evening. Since I know it will be needed, here is my output from a sudo apt-get update: evan@ubuntu:~$ sudo apt-get update Ign http://archive.ubuntu.com oneiric InRelease Ign http://archive.ubuntu.com oneiric-updates InRelease Ign http://archive.ubuntu.com oneiric-backports InRelease Ign http://archive.ubuntu.com oneiric-security InRelease Ign http://archive.ubuntu.com oneiric Release.gpg Ign http://archive.ubuntu.com oneiric-updates Release.gpg Ign http://archive.ubuntu.com oneiric-backports Release.gpg Ign http://archive.ubuntu.com oneiric-security Release.gpg Ign http://archive.ubuntu.com oneiric Release Ign http://archive.ubuntu.com oneiric-updates Release Ign http://archive.ubuntu.com oneiric-backports Release Ign http://archive.ubuntu.com oneiric-security Release Ign http://archive.ubuntu.com oneiric/main TranslationIndex Ign http://archive.ubuntu.com oneiric/multiverse TranslationIndex Ign http://archive.ubuntu.com oneiric/restricted TranslationIndex Ign http://archive.ubuntu.com oneiric/universe TranslationIndex Ign http://archive.ubuntu.com oneiric-updates/main TranslationIndex Ign http://archive.ubuntu.com oneiric-updates/multiverse TranslationIndex Ign http://archive.ubuntu.com oneiric-updates/restricted TranslationIndex Ign http://archive.ubuntu.com oneiric-updates/universe TranslationIndex Ign http://archive.ubuntu.com oneiric-backports/main TranslationIndex Ign http://archive.ubuntu.com oneiric-backports/multiverse TranslationIndex Ign http://archive.ubuntu.com oneiric-backports/restricted TranslationIndex Ign http://archive.ubuntu.com oneiric-backports/universe TranslationIndex Ign http://archive.ubuntu.com oneiric-security/main TranslationIndex Ign http://archive.ubuntu.com oneiric-security/multiverse TranslationIndex Ign http://archive.ubuntu.com oneiric-security/restricted TranslationIndex Ign http://archive.ubuntu.com oneiric-security/universe TranslationIndex Err http://archive.ubuntu.com oneiric/main Sources 404 Not Found Err http://archive.ubuntu.com oneiric/restricted Sources 404 Not Found Err http://archive.ubuntu.com oneiric/universe Sources 404 Not Found Err http://archive.ubuntu.com oneiric/multiverse Sources 404 Not Found Err http://archive.ubuntu.com oneiric/main amd64 Packages 404 Not Found Err http://archive.ubuntu.com oneiric/restricted amd64 Packages 404 Not Found Err http://archive.ubuntu.com oneiric/universe amd64 Packages 404 Not Found Err http://archive.ubuntu.com oneiric/multiverse amd64 Packages 404 Not Found Err http://archive.ubuntu.com oneiric/main i386 Packages 404 Not Found Err http://archive.ubuntu.com oneiric/restricted i386 Packages 404 Not Found Err http://archive.ubuntu.com oneiric/universe i386 Packages 404 Not Found Err http://archive.ubuntu.com oneiric/multiverse i386 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-updates/main Sources 404 Not Found Err http://archive.ubuntu.com oneiric-updates/restricted Sources 404 Not Found Err http://archive.ubuntu.com oneiric-updates/universe Sources 404 Not Found Err http://archive.ubuntu.com oneiric-updates/multiverse Sources 404 Not Found Err http://archive.ubuntu.com oneiric-updates/main amd64 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-updates/restricted amd64 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-updates/universe amd64 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-updates/multiverse amd64 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-updates/main i386 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-updates/restricted i386 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-updates/universe i386 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-updates/multiverse i386 Packages 404 Not Found Ign http://extras.ubuntu.com oneiric InRelease Err http://archive.ubuntu.com oneiric-backports/main Sources 404 Not Found Err http://archive.ubuntu.com oneiric-backports/restricted Sources 404 Not Found Err http://archive.ubuntu.com oneiric-backports/universe Sources 404 Not Found Err http://archive.ubuntu.com oneiric-backports/multiverse Sources 404 Not Found Err http://archive.ubuntu.com oneiric-backports/main amd64 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-backports/restricted amd64 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-backports/universe amd64 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-backports/multiverse amd64 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-backports/main i386 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-backports/restricted i386 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-backports/universe i386 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-backports/multiverse i386 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-security/main Sources 404 Not Found Err http://archive.ubuntu.com oneiric-security/restricted Sources 404 Not Found Err http://archive.ubuntu.com oneiric-security/universe Sources 404 Not Found Err http://archive.ubuntu.com oneiric-security/multiverse Sources 404 Not Found Err http://archive.ubuntu.com oneiric-security/main amd64 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-security/restricted amd64 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-security/universe amd64 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-security/multiverse amd64 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-security/main i386 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-security/restricted i386 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-security/universe i386 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-security/multiverse i386 Packages 404 Not Found Ign http://archive.ubuntu.com oneiric/main Translation-en_US Ign http://archive.ubuntu.com oneiric/main Translation-en Ign http://archive.ubuntu.com oneiric/multiverse Translation-en_US Ign http://archive.ubuntu.com oneiric/multiverse Translation-en Ign http://archive.ubuntu.com oneiric/restricted Translation-en_US Ign http://archive.ubuntu.com oneiric/restricted Translation-en Ign http://archive.ubuntu.com oneiric/universe Translation-en_US Ign http://archive.ubuntu.com oneiric/universe Translation-en Ign http://archive.ubuntu.com oneiric-updates/main Translation-en_US Ign http://archive.ubuntu.com oneiric-updates/main Translation-en Ign http://archive.ubuntu.com oneiric-updates/multiverse Translation-en_US Ign http://archive.ubuntu.com oneiric-updates/multiverse Translation-en Ign http://archive.ubuntu.com oneiric-updates/restricted Translation-en_US Ign http://archive.ubuntu.com oneiric-updates/restricted Translation-en Ign http://archive.ubuntu.com oneiric-updates/universe Translation-en_US Ign http://archive.ubuntu.com oneiric-updates/universe Translation-en Ign http://archive.ubuntu.com oneiric-backports/main Translation-en_US Ign http://archive.ubuntu.com oneiric-backports/main Translation-en Ign http://archive.ubuntu.com oneiric-backports/multiverse Translation-en_US Ign http://archive.ubuntu.com oneiric-backports/multiverse Translation-en Ign http://archive.ubuntu.com oneiric-backports/restricted Translation-en_US Ign http://archive.ubuntu.com oneiric-backports/restricted Translation-en Ign http://archive.ubuntu.com oneiric-backports/universe Translation-en_US Ign http://archive.ubuntu.com oneiric-backports/universe Translation-en Ign http://archive.ubuntu.com oneiric-security/main Translation-en_US Ign http://archive.ubuntu.com oneiric-security/main Translation-en Ign http://archive.ubuntu.com oneiric-security/multiverse Translation-en_US Ign http://archive.ubuntu.com oneiric-security/multiverse Translation-en Ign http://archive.ubuntu.com oneiric-security/restricted Translation-en_US Ign http://archive.ubuntu.com oneiric-security/restricted Translation-en Ign http://archive.ubuntu.com oneiric-security/universe Translation-en_US Ign http://archive.ubuntu.com oneiric-security/universe Translation-en Hit http://extras.ubuntu.com oneiric Release.gpg Hit http://extras.ubuntu.com oneiric Release Hit http://extras.ubuntu.com oneiric/main Sources Hit http://extras.ubuntu.com oneiric/main amd64 Packages Hit http://extras.ubuntu.com oneiric/main i386 Packages Ign http://extras.ubuntu.com oneiric/main TranslationIndex Ign http://extras.ubuntu.com oneiric/main Translation-en_US Ign http://extras.ubuntu.com oneiric/main Translation-en W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric/main/source/Sources 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric/restricted/source/Sources 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric/universe/source/Sources 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric/multiverse/source/Sources 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric/main/binary-amd64/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric/restricted/binary-amd64/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric/universe/binary-amd64/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric/multiverse/binary-amd64/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric/main/binary-i386/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric/restricted/binary-i386/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric/universe/binary-i386/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric/multiverse/binary-i386/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-updates/main/source/Sources 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-updates/restricted/source/Sources 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-updates/universe/source/Sources 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-updates/multiverse/source/Sources 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-updates/main/binary-amd64/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-updates/restricted/binary-amd64/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-updates/universe/binary-amd64/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-updates/multiverse/binary-amd64/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-updates/main/binary-i386/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-updates/restricted/binary-i386/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-updates/universe/binary-i386/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-updates/multiverse/binary-i386/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-backports/main/source/Sources 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-backports/restricted/source/Sources 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-backports/universe/source/Sources 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-backports/multiverse/source/Sources 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-backports/main/binary-amd64/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-backports/restricted/binary-amd64/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-backports/universe/binary-amd64/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-backports/multiverse/binary-amd64/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-backports/main/binary-i386/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-backports/restricted/binary-i386/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-backports/universe/binary-i386/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-backports/multiverse/binary-i386/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-security/main/source/Sources 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-security/restricted/source/Sources 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-security/universe/source/Sources 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-security/multiverse/source/Sources 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-security/main/binary-amd64/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-security/restricted/binary-amd64/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-security/universe/binary-amd64/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-security/multiverse/binary-amd64/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-security/main/binary-i386/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-security/restricted/binary-i386/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-security/universe/binary-i386/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-security/multiverse/binary-i386/Packages 404 Not Found E: Some index files failed to download. They have been ignored, or old ones used instead. Here is my /etc/apt/source.list: evan@ubuntu:~$ cat /etc/apt/sources.list # deb cdrom:[Ubuntu 11.10 _Oneiric Ocelot_ - Release amd64 (20111012)]/ dists/oneiric/main/binary-i386/ # deb cdrom:[Ubuntu 11.10 _Oneiric Ocelot_ - Release amd64 (20111012)]/ oneiric main restricted # See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to # newer versions of the distribution. deb http://archive.ubuntu.com/ubuntu oneiric main restricted deb-src http://archive.ubuntu.com/ubuntu oneiric main restricted ## Major bug fix updates produced after the final release of the ## distribution. deb http://archive.ubuntu.com/ubuntu oneiric-updates main restricted deb-src http://archive.ubuntu.com/ubuntu oneiric-updates main restricted ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team. Also, please note that software in universe WILL NOT receive any ## review or updates from the Ubuntu security team. deb http://archive.ubuntu.com/ubuntu oneiric universe deb-src http://archive.ubuntu.com/ubuntu oneiric universe deb http://archive.ubuntu.com/ubuntu oneiric-updates universe deb-src http://archive.ubuntu.com/ubuntu oneiric-updates universe ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team, and may not be under a free licence. Please satisfy yourself as to ## your rights to use the software. Also, please note that software in ## multiverse WILL NOT receive any review or updates from the Ubuntu ## security team. deb http://archive.ubuntu.com/ubuntu oneiric multiverse deb-src http://archive.ubuntu.com/ubuntu oneiric multiverse deb http://archive.ubuntu.com/ubuntu oneiric-updates multiverse deb-src http://archive.ubuntu.com/ubuntu oneiric-updates multiverse ## N.B. software from this repository may not have been tested as ## extensively as that contained in the main release, although it includes ## newer versions of some applications which may provide useful features. ## Also, please note that software in backports WILL NOT receive any review ## or updates from the Ubuntu security team. deb http://archive.ubuntu.com/ubuntu oneiric-backports main restricted universe multiverse deb-src http://archive.ubuntu.com/ubuntu oneiric-backports main restricted universe multiverse deb http://archive.ubuntu.com/ubuntu oneiric-security main restricted deb-src http://archive.ubuntu.com/ubuntu oneiric-security main restricted deb http://archive.ubuntu.com/ubuntu oneiric-security universe deb-src http://archive.ubuntu.com/ubuntu oneiric-security universe deb http://archive.ubuntu.com/ubuntu oneiric-security multiverse deb-src http://archive.ubuntu.com/ubuntu oneiric-security multiverse ## Uncomment the following two lines to add software from Canonical's ## 'partner' repository. ## This software is not part of Ubuntu, but is offered by Canonical and the ## respective vendors as a service to Ubuntu users. # deb http://archive.canonical.com/ubuntu oneiric partner # deb-src http://archive.canonical.com/ubuntu oneiric partner ## This software is not part of Ubuntu, but is offered by third-party ## developers who want to ship their latest software. deb http://extras.ubuntu.com/ubuntu oneiric main deb-src http://extras.ubuntu.com/ubuntu oneiric main And here is my output from lsb_release -a: evan@ubuntu:~$ lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 11.10 Release: 11.10 Codename: oneiric If anyone could help me out here, that would be wonderful!

    Read the article

  • Spring security ldap: no declaration can be found for element 'ldap-authentication-provider'

    - by wuntee
    Following the spring-security documentation: http://static.springsource.org/spring-security/site/docs/3.0.x/reference/ldap.html I am trying to set up ldap authentication (very simple - just need to know if a user is authenticated or not, no authorities mapping needed) and have put this in my applicationContext-security.xml file <beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd"> ... <ldap-server url="ldap://adapps.company.com:389/dc=company,dc=com" /> <ldap-authentication-provider user-search-filter="(samaccountname={0})" user-search-base="dc=company,dc=com"/> The problem I run into is that it doesnt seem like ldap-authentication-provider; I fell like i may be missing some configuration isn the beans definition. The error I get when trying to run the application is: SEVERE: Exception sending context initialized event to listener instance of class org.springframework.web.context.ContextLoaderListener org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException: Line 27 in XML document from ServletContext resource [/WEB-INF/rvaContext-security.xml] is invalid; nested exception is org.xml.sax.SAXParseException: cvc-complex-type.2.4.c: The matching wildcard is strict, but no declaration can be found for element 'ldap-authentication-provider'. at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:396) at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:334) at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:302) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:143) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:178) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:149) at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:124) at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:93) at org.springframework.context.support.AbstractRefreshableApplicationContext.refreshBeanFactory(AbstractRefreshableApplicationContext.java:130) at org.springframework.context.support.AbstractApplicationContext.obtainFreshBeanFactory(AbstractApplicationContext.java:465) at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:395) at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:272) at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:196) at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:47) at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3972) at org.apache.catalina.core.StandardContext.start(StandardContext.java:4467) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045) at org.apache.catalina.core.StandardHost.start(StandardHost.java:722) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045) at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443) at org.apache.catalina.core.StandardService.start(StandardService.java:516) at org.apache.catalina.core.StandardServer.start(StandardServer.java:710) at org.apache.catalina.startup.Catalina.start(Catalina.java:593) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:592) at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414) Caused by: org.xml.sax.SAXParseException: cvc-complex-type.2.4.c: The matching wildcard is strict, but no declaration can be found for element 'ldap-authentication-provider'. at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(ErrorHandlerWrapper.java:236) at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.error(ErrorHandlerWrapper.java:172) at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:382) at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:316) at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator$XSIErrorReporter.reportError(XMLSchemaValidator.java:429) at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.reportSchemaError(XMLSchemaValidator.java:3185) at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.handleStartElement(XMLSchemaValidator.java:1955) at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.emptyElement(XMLSchemaValidator.java:725) at com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.scanStartElement(XMLNSDocumentScannerImpl.java:322) at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatcher.dispatch(XMLDocumentFragmentScannerImpl.java:1693) at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:368) at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:834) at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:764) at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:148) at com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.java:250) at com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(DocumentBuilderImpl.java:292) at org.springframework.beans.factory.xml.DefaultDocumentLoader.loadDocument(DefaultDocumentLoader.java:75) at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:388) ... 28 more Can anyone see what im missing? Also, is that all I need to add to the security bean in order to authenticate against ldap?

    Read the article

  • Security permissions for remote shared folders

    - by Tomas Lycken
    I have two servers running Windows Server 2003, and I want copy files from one server (A), programmatically with a windows service running under the Local System account, to a shared folder on the other (B). I keep getting "access denied" errors, and I can't figure out what security settings I need to set to open the shared folder for writing. This is what I've done on the recieving end: On A, right-click on the folder to share, choose the tab "Sharing" and select "Share this folder". Set a share name. Click "Permissions", add the group "Everyone" and give it full control. I tried choosing the "Security" tab to give some permissions there as well, but the "Add" dialog only finds local users, despite the fact that B shows up in the "Workgroup computers" dialog. After further inspection, this is the case also for the "Permissions" dialog under the "Sharing" tab (are they the same?).

    Read the article

  • XAMPP vs WAMP security and other on Windows XP

    - by typoknig
    Not long ago I found WAMP and thought it was a God send because it had all the things I wanted/needed (Apache, PHP, MySQL, and phpMyAdmin) all built into one installer. One thing about WAMP has been making me mad is an error I get in phpMyAdmin about the advanced features not working. I have tried to fix that error long enough on that error for long enough. http://stackoverflow.com/questions/2688385/problem-with-phpmyadmin-advanced-features I now read that most people prefer XAMPP over WAMP, but I am a bit concerned that XAMPP might have some extra security holes with Mercury and Perl, two thing that I don't really need or want right now. Are my security concerns justified or not? Is there any other reasons to go with XAMPP over WAMP or vice versa?

    Read the article

  • Security Resources

    - by dr.pooter
    What types of sites do you visit, on a regular basis, to stay current on information security issues? Some examples from my list include: http://isc.sans.org/ http://www.kaspersky.com/viruswatch3 http://www.schneier.com/blog/ http://blog.fireeye.com/research/ As well as following the security heavyweights on twitter. I'm curious to hear what resources you recommend for daily monitoring. Anything specific to particular operating systems or other software. Are mailing lists still considered valuable. My goal would be to trim the cruft of all the things I'm currently subscribed to and focus on the essentials.

    Read the article

  • Windows Security Center Service is missing

    - by TheTub
    I am trying to fix a Windows 7 machine here that has been infected with all kinds of Malware. I have removed all of them as far as I can see but I am stumped by one last task. One little bugger managed to remove the Windows Security Center service from the list of Windows services. So I cannot start it or set to automatically start. At the moment I cannot get the Windows firewall to turn on or any anti-virus software. The security center shows the following image when I try: Does anyone know how to add this back to the list of services so I may set it to start. I don't have a backup of the registry for this computer (it's not mine). Many thanks TT

    Read the article

  • Oracle OpenWorld 2012: Focus On Database Security

    - by Troy Kitch
    Oracle OpenWorld 2012 is going to be the place to learn about Oracle Database Security solutions including Oracle Advanced Security with transparent data encryption, Database Vault, Audit Vault and Database Firewall, Label Security, and more. We've put together this Focus On Database Security document so you'll know when and where to attend the key database security sessions, and not miss a thing. 

    Read the article

  • How to set x509 Certificate private key access rights for AppPoolIdentity

    - by ChrisD
    If your website uses the AppPoolIdentity and requires access to the private key of an x509Certficate, you’ll need to grant the read permissions to the iis application pool.   To grant permissions to the AppPoolIdentity: Run Certificates.MMC (or Start->run->mmc.exe, Add Certificate Snap-In for LocalMachine) Select the certificate (Personal node on the certificate tree) , right click and Manage Permissions. Add a new user to the permissions list. Enter "IIS AppPool\AppPoolName" on the local machine". Replace "AppPoolName" with the name of your application pool.

    Read the article

  • Access Denied on a Drive where All Users list have been deleted in Security Tab

    - by darkstar13
    Hi All, (System is Windows 7 x64) I wanted to restrict access of other people in a certain drive of my computer (Harddisk 1 is partitioned to C & D; I want to restrict Drive D). What I did was go to the Security Tab (under Drive Properties) and remove the All Users entry. My account is an administrator account. I left only Systems and Administrator on the list. However, when I tried to access drive D, I got an Access Denied error, and Security Tab is already missing. I tried to edit Local Group Policy; it does not work. Take Ownership is not available for the Drive as well, but I see it enabled if I select files / folders. Please help. Thanks. Also, I am wondering why, as an Administrator, have my access to that drive denied.

    Read the article

  • 2012 Independent Oracle Users Group Survey: Closing the Security Gap

    - by jgelhaus
    What Security Gaps Do You Have? The latest survey report from the Independent Oracle Users Group (IOUG) uncovers trends in IT security among IOUG members and offers recommendations for securing data stored in enterprise databases. According to the report, “despite growing threats and enterprise data security risks, organizations that do implement appropriate detective, preventive, and administrative controls are seeing significant results.” Download a free copy of the 2012 IOUG Data Security Survey Report and find out what your business can do to close the security gap. 

    Read the article

  • Linux EC2 Instance Security Consideration

    - by Amzath
    I am going to host a web site in Amazon EC2 instance which would be a Linux instance. My web application will be developed using PHP, Apache and MySql. As I am new to Linux and Amazon EC2 environment, what are key areas in security should I consider to protect my server? This may be very very generic question as the security itself a vast area. But I need to kick start with most imporant points. That way I would be able to track down all those areas one by one.

    Read the article

  • UNIX-Security Advise

    - by Phoibe
    Hello, I want to build a quite secure UNIX-Server. Mechanisms I already implemented: SNORT + fwsnort for banning psad to block network-scanning attempts Portknocking to start+open SSH (key-based login - no password) hourly update of IP-Tables-Rules from a Security-Subscription Fail2Ban ClamAV & Rootkithunter + Logwatch What service-independent security mechanism would you add to this? What mechanism are you using? The server will run Apache&Postfix. For Apache hiding the server-information ofc. and nothing I can think of for Postfix. Thanks

    Read the article

  • Security and Windows Login

    - by Mimisbrunnr
    I'm not entirely sure this is the right place for the is question but I cannot think of another so here goes. In order to login to the windows machines at my office one must press the almighty CTRL-ALT-DELETE command combo first. I, finding this very frustrating, decided to look into why and found claims from both my sys and Microsoft stating that it's a security feature and that "Because only windows could read the CTRL-ALT-DELETE it helped to ensure that an automated program cannot log in. Now I'm not a master of the windows operating system ( as I generally use *nix ) but I cannot believe that "Only windows can send that signal" bull. It just doesn't sit right. Is there a good reason for the CTRL-ALT-DELETE to login thing? is it something I'm missing? or is it another example of antiquated legacy security measures?

    Read the article

  • VMware Workstation 9 Security Best Practice Guides

    - by slickboy
    Could someone please point me in the direction of where I could find some best practice securiy guides for VMware Workstation 9 please? I've searched the VMware site and to say it's badly organised is an understatement! I've been able to find general setup guides but nothing with a specific focus on security. I'm also wondering is there any best practice guides that I should follow when installing Windows 7 Professional and Windows Server 2008 R2 on VMware Workstation 9? I obviously will be implementing Microsofts recommended security best practices but I'd be very interested in any recommendations for virtualizing these operating systems. Any help is much appreciated.

    Read the article

  • Need help on implementing corporate network security solution and coming up with time lines to test it

    - by abc
    I have to come up with a proposal to implement corporate network security. Once I have done that I also have to come up with estimates on the time / money needed to test (QA) the implementation. What I need help with: What should I keep in mind while coming up with this proposal? I have already considered: Routers, Firewalls, VPN, Wireless, Server System, Web Apps etc. I know I am missing quite a lot. What else should I include? This the most challenging part I feel: How should I estimate the time needed for testing these security implementations? I guess I need to understand how can I test these security implementations first...right? Can you help me?

    Read the article

  • windows 7 security settings for non-admins

    - by Wasi
    I was recently modifying the security settings for my drive C. I did not notice that i was logged in as a user and changed the permissions for users to "read". Later i realized that there was no admin set up on the pc (when switching user). Now with the security settings changed I can't do anything on the computer. I can only read the files that previously existed. And this applies to every drive on my computer. Now the user accounts do not have the privileges to change the permissions. How can i allow users to have full control without having admin on my pc

    Read the article

  • Windows 7 Open File Security Warning

    - by Lucy
    I downloaded something and now, it is show this open file security warning. I have searched but I have only found how to disable security warnings globally. I only want to say NO forever to this warning, but it keeps showing up whenever Windows starts. The "Name" and "From" are: "C:/Users/MyUser/AppData/Local/Temp/Windows-Update.exe" I cannot even find that folder and file! I don't really know what was downloaded, I am helping someone else. (I am not a Windows user, so I am very lost here)

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 22 23 24 25 26 27 28 29 30 31 32 33  | Next Page >