Search Results

Search found 15350 results on 614 pages for 'integrated security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 262/614 | < Previous Page | 258 259 260 261 262 263 264 265 266 267 268 269  | Next Page >

  • Database permissions and ORMs

    - by Jonn
    I've been using .NET's Entity Framework a lot lately and have absolutely no wish to go back to using Stored Procedures. Been shocked though that the company I'm building this project for had a policy where applications were only given accounts that only had permissions to access stored procedures! Apparently, they believe that there's a security risk involved in allowing applications to access the tables/views directly. I don't get this. My first question is, can someone enlighten me as to what kind of security risk applications having direct access to the database may pose? AND If that's the case, are there any other ORM solutions that can provide a workaround to this (I can't think of any logical possibility atm) that would allow me to circumvent the restrictions on the user account to be assigned to me? OR is my understanding that I'd need direct permissions for the tables and views wrong?

    Read the article

  • issues regarding UAC prompt

    - by peter
    I want to implement a UAC prompt for an application in visualc++ the operating system is 32bit x7460(2processor) Windowsserver 2008 the exe is myproject.exe through manifest.. Here for testing i wl build the application in Windows XP OS and copy the exe in to system containg the Windowsserver 2008 machine and replace it So what i did is i added a manifest like this name of that is myproject.exe.manifest My project has 3 folders like Headerfile,Resourcefile and Source file.I added this manifest(myproject.exe.manifest) in the Sourcefile folder containing other cpp and c code <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"> <assemblyIdentity version="4.0" processorArchitecture="X7460" name="myproject" type="win32"/> <description>myproject Problem</description> <!-- Identify the application security requirements. --> <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2"> <security> <requestedPrivileges> <requestedExecutionLevel level="requireAdministrator" uiAccess="false"/> </requestedPrivileges> </security> </trustInfo> </assembly> then i added this line of code in Resourcefile(.rc).Means one header file is there(Myproject.h).I added the line of code there #define MANIFEST_RESOURCE_ID 1 MANIFEST_RESOURCE_ID RT_MANIFEST "myproject.exe.manifest" Finally i did the following step Under Project, select Properties. 3. In Properties, select Manifest Tool, and then select Input and Output. 4. Add in the name of your application manifest file under Additional manifest files. 5. Rebuild your application. But i am getting lot of Syntax errors Is there any problems in the way which i followed.If i commented the line #define MANIFEST_RESOURCE_ID 1 MANIFEST_RESOURCE_ID RT_MANIFEST "myproject.exe.manifest" which added in Myproject.h for adding values in .rc file there willnot any error other than this general error c1010070: Failed to load and parse the manifest. The system cannot find the file specified. .\myproject.exe.manifest How to enable UAC prompt through programming

    Read the article

  • Two differents FOSUser in application

    - by Jérôme Boé
    I face a problem with FOSUserBundle. In my Symfony2 application, I want to implement two differents User. I have one entity User, for basic user, and one entity UserPro with more informations. My problem is that I want to configure my bundle with this two entities: fos_user: db_driver:     orm firewall_name: main user_class:    Btp\UserBundle\Entity\User fos_userpro: db_driver:     orm firewall_name: pro user_class:    Btp\UserProBundle\Entity\UserPro And so, use fos_user and fos_userpro as provider in my security.yml. I'm no sure it's be possible. I obtain an error : There is no extension able to load the configuration for "fos_userpro" (in /..../app/config/config.yml). Looked for namespace "fos_userpro", found "framework", "security", ... And when I take a look in FOSUserBundle files, I feel that fos_user is not a configuration variable and is directly written in strings. Thanks.

    Read the article

  • Should I use WPF or Windows Forms Application for my project in C#?

    - by RAJ K
    I am developing a Client-Server based application in which client application will access server database to store billing information. It will also have report generation facility. Windows Forms is good in document printing & I don't see such facility or controls in WPF. If I am wrong then please correct me. I want database security, which DB should I use, SQL Server, MySQL or Oracle. I would like to use free DB but security is my priority. Please suggest how I can implement a Client-Server architecture with multiple clients in C#? Thank you Geeks!!!

    Read the article

  • SharePoint SLK and T-SQL xp_cmdshell safety

    - by Mitchell Skurnik
    I am looking into a TSQL command called "xp_cmdshell" to use to monitor a change to a the SLK (SharePoint Learning Kit) database and then execute a batch or PowerShell script that will trigger some events that I need. (It is bad practice to modify SharePoint's database directly, so I will be using its API) I have been reading on various blogs and MSDN that there are some security concerns with this approach. The sites suggest that you limit security so the command can be executed by only a specific user role. What other tips/suggestions would you recommend with using "xp_cmdshell"? Or should I go about this another way and create a script or console application that constantly checks if a change has been made? I am running Server 2008 with SQL 2008.

    Read the article

  • How to deploy and secure an ASP.NET web app to be available to internal and outside users?

    - by Swoop
    My company has several web applications written in ASP.NET. We need to make these applications available to Intranet users as well as authenticated external users. Most of the features are the same for the two groups, though there are some extra features available to the Internal users. The two different sets of users would use a slightly different security setup... our internal people will be authenticated using LDAP against Exchange, whereas the external users will have accounts in SQL Server. What is the best approach for deploying our web apps? Should we deploy 2 copies to different servers, one configured for an Intranet and one for outside users? Or is there a better way to share the code between the 2 servers, yet have the flexibility to use different web.config settings for security??

    Read the article

  • Do you leave Windows Automatic Updates enabled on your production IIS server?

    - by Nobody
    If you were running a 24/7 website on Windows Server 2003 (IIS6). Would you leave the Windows automatic update feature enabled or would you turn it off? When enabled, you always get the latest security patches and bug fixes automatically as soon as they're available, which is the most secure choice. However, the machine will sometimes get automatically rebooted to apply the updates leading to a couple of minutes of downtime in the middle of the night. Also, I've seen rare occasions where the machine does not restart correctly resulting in further downtime. If auto updates are off, when do you apply the patches? I guess you have to use a load balancer with multiple web servers and rotate them out of the production site, apply patches manually, and put them back in. This can be logistically inconvenient when the load balancer is managed by a hosting company. You will also have machines in production that don't always have the latest security patches and you have to routinely spend time deciding which patches to apply and when.

    Read the article

  • Loading external Swf - sandbox violation

    - by Yamen Al-Haj
    Hello Mates , I need a help ... an urgent one !!! i tried so hard to figured it out .. but i couldn't .. so I appreciate your help so much .. I'm developing an Air App using flash ... the app loads an external SWF file dynamically through an xml ... the SWF file has a movieclip that has a listener (ON click ) function mouseDownHandler(event:MouseEvent):void { navigateToURL(new URLRequest(clickURL)); } everything is working fine until i click on this movieclip ... it displays the below message SecurityError: Error #2121: Security sandbox violation: navigateToURL: http://www.mydomain.com/maskot/avatar.swf cannot access YAHOO.COM for example. This may be worked around by calling Security.allowDomain. any help !!! because i really have a deadline ! Thank you so much !

    Read the article

  • Is there a major downside to using .htaccess files in your svn/git repository?

    - by Rob
    If our .htaccess files are purely for mod rewrites, is there a security / development downside to committing .htaccess files alongside other files in your repository? For various reasons (our SEO optimisers like to add pretty urls as new promotions occur, etc) we need a fair few rewrite rules inside these files. Would I be better off pushing the routing into php-land and dealing with it there? Or is reading from a .htaccess via apache fine? The .htaccess files are not exposed via the web server, so that's not a security risk.

    Read the article

  • converting from int to hex

    - by Catherine
    I want to convert some ints to hex,but i'm getting something like this : "?|???plL4?h??N{" from 12345. Why? int t = 12345; System.Security.Cryptography.MD5CryptoServiceProvider ano = new System.Security.Cryptography.MD5CryptoServiceProvider(); byte[] d_ano = System.Text.Encoding.ASCII.GetBytes(t.ToString()); byte[] d_d_ano = ano.ComputeHash(d_ano); string st_data1 = System.Text.Encoding.ASCII.GetString(d_d_ano); string st_data = st_data1.ToString(); I'm using it in window form,not in console.

    Read the article

  • Query about the service or technology behind gmail service

    - by user1726908
    I am a final year computer science student. I am studying in hyderabad, andhra pradesh, india. I have come to know that the gmail is a cloud service. I am very much interested in learning more about cloud computing. This technology has been puzzling,tickling,increasing my curiosity and i just want to learn as much as i can about it. And through experience, i have learnt that practically doing can improve our knowledge and thirst to learn more. Thus, I would like to know "what are the security measures which you have taken to keep the cloud service like gmail secure and authentic? What is the architecture of the service? What are the technologies used in building it? What are the different levels of security applied in general for building a private cloud?"

    Read the article

  • Content Types in browsers, can we use the Mime??

    - by SoLoGHoST
    Ok, I am wondering which mime types are dangerous in browsers? That is to say setting the Content Type to that mime type?? Which mime types, if any would pose a security risk?? I am noticing that many forum software, when uploading files, use the application/octet-stream for any files other than images and place that into the Content Type of the header. I am wondering why don't they place the actual mime-type instead into the Content Type? Are there security risks involved with this? So far I have used text/css, text/plain, audio/mpeg, and many others and haven't noticed any difference between application/octet-stream and these others. Does anyone out there know the exact difference, and what makes application/octet-stream any better, or any worse...to use for the Content Type?? Thank You :)

    Read the article

  • How to compile and run H2 TriggerSample

    - by user1877838
    I copied TriggerSample.java to this directory. Then: javac -cp h2-1.3.168.jar TriggerSample.java creates TriggerSample$MyTrigger.class ... and ... TriggerSample.class Then: java TriggerSample says: Exception in thread "main" java.lang.NoClassDefFoundError: TriggerSample (wrong name: org/h2/samples/TriggerSample) at java.lang.ClassLoader.defineClass1(Native Method) at java.lang.ClassLoader.defineClassCond(ClassLoader.java:631) at java.lang.ClassLoader.defineClass(ClassLoader.java:615) at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:141) at java.net.URLClassLoader.defineClass(URLClassLoader.java:283) at java.net.URLClassLoader.access$000(URLClassLoader.java:58) at java.net.URLClassLoader$1.run(URLClassLoader.java:197) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:190) at java.lang.ClassLoader.loadClass(ClassLoader.java:306) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301) at java.lang.ClassLoader.loadClass(ClassLoader.java:247) also no go with: java org.h2.samples.TriggerSample java org/h2/samples/TriggerSample How exactly to run that example from the command line?

    Read the article

  • Where Should Using Statements Be Located [closed]

    - by Bobby Ortiz - DotNetBob
    Possible Duplicate: What is the difference between these two declarations? I recently started working on a project with using statement located inside the NameSpace block. namespace MyApp.Web { using System; using System.Web.Security; using System.Web; public class MyClass { I usually put my using statements above the namespace block. using System; using System.Web.Security; using System.Web; namespace MyApp.Web { public class MyClass { I don't think it matters, but I am currious if someone else had a recommendation and could they explain why one way is better than another. Note: I always have one class per file.

    Read the article

  • Do AOP violate layered architecture for enterprise apps?

    - by redzedi
    The question(as stated in the title) comes to me as recently i was looking at Spring MVC 3.1 with annotation support and also considering DDD for an upcoming project. In the new Spring any POJO with its business methods can be annotated to act as controller, all the concerns that i would have addressed within a Controller class can be expressed exclusively through the annotations. So, technically i can take any class and wire it to act as controller , the java code is free from any controller specific code, hence the java code could deal with things like checking security , starting txn etc. So will such a class belong to Presentation or Application layer ?? Taking that argument even further , we can pull out things like security, txn mgmt and express them through annotations , thus the java code is now that of the domain object. Will that mean we have fused together the 2 layers? Please clarify

    Read the article

  • Python built-in id() not consistent:

    - by Dannellyz
    Hoping someone can explain the following discrepancy: >>> s1 = "Cyber security" >>> s2 = "Cyber security" >>> id(s1) == id(s1) True >>> id(s1) == id(s2) False >>> s1 = "cyber" >>> s2 = "cyber" >>> id(s1) == id(s2) True >>> s2 = "cyber " >>> s2 = "cyber " >>> id(s1) == id(s2) False Why does the space make the id() False, yet different variables with no spaces are True?

    Read the article

  • @OrderBy: Sorting references

    - by Sven Moschel
    We have the following entity structure: @Entity public class SecurityRole { private List<Account> accounts; // ManyToMany } @Entity public class Account { private Employee owner; // OneToOne } @Entity public class Employee { private String lastName; } A security role can have many accounts. A account always has an employee. On the GUI we show the security roles in an mastertable. In the detail table we show the accounts of the role. To display the employee information we show "account.getOwner().getLastName()"; How can we use the @OrderBy annotation with this model? Is this possible? The problem is that the Account entity has no employee information that we can sort.

    Read the article

  • Forms Authentication Across Applications Stopped Working

    - by colleski
    Hi, I have a .net 1.1 ASP application (domain.com) which has a .net 2 virtual directory (domain.com/v2) beneath it, both applications run within their own app pool on the same machine running IIS 6. The web.config files for both apps are setup for Forms Authentication as described here - http://msdn.microsoft.com/en-us/library/eb0zx8fc(v=VS.80).aspx. Users would be directed to the domain.com/v2/login.aspx page which would authenticate for both applications, this configuration has been working fine for the last few years until installing one of the recent Windows 2003 security updates today. Now after authenticating under /v2 users keep getting redirected back to domain.com/v2/Login.aspx as domain.com doesnt see them as authenticated anymore. Any ideas as to which security update would have caused this and if its possible to rollback? I've looked at a few suggestions on this (e.g. Cross app on subdomain form authentication not working) and other sites but no luck so far Any help would be appreciated. Thanks

    Read the article

  • Does ini_set('session.save_path', 'custom path'); effect the session garbage cleaner?

    - by newbtophp
    Hi! Does ini_set('session.save_path', 'custom path'); effect the session garbage cleaner? As I'm setting a custom directory for the sessions, because I've read from various php security guides, that setting a custom directory on shared hosting for sessions; can improve session security. But the problem is I've read somewhere that PHP does/handles the session garbage cleaning only when the session_save_path is the default and not modified (ie. using a custom directory)? - is this true, if so is their a solution for this?. (take into consideration I'm using shared hosting). Appreciate all help!

    Read the article

  • how does selenium webdriver upload files to the browser?

    - by justspamjustin
    I am a javascript/java developer and I have been trying to figure out how the selenium webdriver automation framework uploads files from the file system. It is impossible to set a file input via javascript because it is a security violation. Yet somehow webdriver is able to do this with the following command: driver.setFileDetector(new LocalFileDetector()); WebElement upload = driver.findElement(By.id("myfile")); upload.sendKeys("/Users/sso/the/local/path/to/darkbulb.jpg"); driver.findElement(By.id("submit")).click(); So they are setting the value by sending keys to it? I don't get it. I have looked through the source code found here: http://code.google.com/p/selenium/source/checkout I am still not able to find where they do this. Edit: My question is not how to do this with selenium, but how did the selenium developers make this possible? How did they get around the security restrictions in javascript? How are they uploading the file?

    Read the article

  • How to configure IIS7 to Redirect member of An active Directory group to static page

    - by user1759075
    On IIS, we have disabled Anonymous authentication and enabled Windows Authentication What we need is to only allow users who are members of an Active Directory security group to access the Access Point at all. All other users should be directed to a static web page that will give them instructions on how to request access. By adding the security group to the website permissions, and removing the \Users group, we have almost achieved this. Users in the group are allowed through, those not in the group are asked for a (Windows) username and password. Instead of requesting the username and password, we want IIS to redirect them to the static page. Please advise me on how can this be done.

    Read the article

  • Advanced Registry Monitoring

    - by RyanTimmons91
    I'm attempting to create a small utility to watch for the creation (or modification) of a specific registry key, and to kill the process responsible for causing that registry modification. I have had success in watching the changes to the registry via a class called 'RegistryMonitor', however it does not give you any information on what process initiated the registry call, through some googling I found that a library called 'EasyHook' should be able to do what I want, but all the documentation states that its designed for a per-application hook. The program itself is a temporary security patch, until our vendors come out with an official security update. As best I can tell there isn't a way to do exactly what I want to accomplish from C#, which is the only language I can comfortable write, test and execute software in. Any help on this would be appreciated I'm considering watching the registry changes via the program I already have, then if the change is discovered (the pc is already infected) running RKill and locking down the PC to prevent the issue from getting any worse

    Read the article

  • Error 1045 MySQL during setup

    - by user1364513
    Could anyone explaine me the error 1045 during MySQL setup I ll be preciated. I'm getting this error after reinstalling. I 'm going to install on windows 7. On the last stage of installation i.e apply security settings I'm getting the following message:"The security settings could not be applied. Error Number 1045. Access denied for user 'root' @ 'loaclhost'(usinf password: NO)". I know another way how to fix it that is reinstalling of operating system, but I can't do it please help how can I solve it?. I'll be preciated. Thanks!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 258 259 260 261 262 263 264 265 266 267 268 269  | Next Page >