Search Results

Search found 40429 results on 1618 pages for 'change password'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 267/1618 | < Previous Page | 263 264 265 266 267 268 269 270 271 272 273 274  | Next Page >

  • How do I mount a CIFS share via FSTAB and give full RW to Guest

    - by Kendor
    I want to create a Public folder that has full RW access. The problem with my configuration is that Windows users have no issues as guests (they can RW and Delete), my Ubuntu client can't do the same. We can only write and read, but not create or delete. Here is the my smb.conf from my server: [global] workgroup = WORKGROUP netbios name = FILESERVER server string = TurnKey FileServer os level = 20 security = user map to guest = Bad Password passdb backend = tdbsam null passwords = yes admin users = root encrypt passwords = true obey pam restrictions = yes pam password change = yes unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . add user script = /usr/sbin/useradd -m '%u' -g users -G users delete user script = /usr/sbin/userdel -r '%u' add group script = /usr/sbin/groupadd '%g' delete group script = /usr/sbin/groupdel '%g' add user to group script = /usr/sbin/usermod -G '%g' '%u' guest account = nobody syslog = 0 log file = /var/log/samba/samba.log max log size = 1000 wins support = yes dns proxy = no socket options = TCP_NODELAY panic action = /usr/share/samba/panic-action %d [homes] comment = Home Directory browseable = no read only = no valid users = %S [storage] create mask = 0777 directory mask = 0777 browseable = yes comment = Public Share writeable = yes public = yes path = /srv/storage The following FSTAB entry doesn't yield full R/W access to the share. //192.168.0.5/storage /media/myname/TK-Public/ cifs rw 0 0 This doesn't work either //192.168.0.5/storage /media/myname/TK-Public/ cifs rw,guest,iocharset=utf8,file_mode=0777,dir_mode=0777,noperm 0 0 Using the following location in Nemo/Nautilus w/o the Share being mounted does work: smb://192.168.0.5/storage/ Extra info. I just noticed that if I copy a file to the share after mounting, my Ubuntu client immediately make "nobody" be the owner, and the group "no group" has read and write, with everyone else as read-only. What am I doing wrong?

    Read the article

  • Python Web Applications: What is the way and the method to handle Registrations, Login-Logouts and Cookies? [on hold]

    - by Phil
    I am working on a simple Python web application for learning purposes. I have chosen a very minimalistic and simple framework. I have done a significant amount of research but I couldn't find a source clearly explaining what I need, which is as follows: I would like to learn more about: User registration User Log-ins User Log-outs User auto-logins I have successfully handled items 1 and 3 due to their simple nature. However, I am confused with item 2 (log-ins) and item 4 (auto-logins). When a user enters username and password, and after hashing with salts and matching it in the DB; What information should I store in the cookies in order to keep the user logged in during the session? Do I keep username+password but encrypt them? Both or just password? Do I keep username and a generated key matching their password? If I want the user to be able to auto-login (when they leave and come back to the web page), what information then is kept in the cookies? I don't want to use modules or libraries that handle these things automatically. I want to learn basics and why something is the way it is. I would also like to point out that I do not mind reading anything you might offer on the topic that explains hows and whys. Possibly with algorithm diagrams to show the process. Some information: I know about setting headers, cookies, encryption (up to some level, obviously not an expert!), request objects, SQLAlchemy etc. I don't want any data kept in a single web application server's store. I want multiple app-servers to be handle a user, and whatever needs to be kept on the server to be done with a Postgres/MySQL via SQLAlchemy (I think, this is called stateless?) Thank you.

    Read the article

  • Samba issue with sharing directories on NTFS/FAT32 (Mounted Drives) ???

    - by Microkernel
    Hi guys, I have some strange problems with Samba server. I am using samba Version 3.5.4 on Ubuntu 10.10. I have two windows-xp machines, one on VirtualBox on Ubuntu and another office laptop. Windows machine on VBox has no issues in accessing the shared folders, but the laptop is not able to access all the shared content. The issue faced on laptop is = Shared folders on Ext3 drives have no issues in accessing, but the contents shared on NTFS and FAT32 drives (mounted ones) are not accessible. When I try to open the shared folder, it asks for user name and password, but doesn't accept when I provide it. (even if I provide admin login details!!!). I changed workgroup value to the domain_name in office laptop, but still the problem persists... Here is the smdb.conf I am using... [global] workgroup = XXX.XXX.ORG server string = %h server (Samba, Ubuntu) map to guest = Bad User obey pam restrictions = Yes pam password change = Yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . unix password sync = Yes syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 dns proxy = No usershare allow guests = Yes panic action = /usr/share/samba/panic-action %d guest ok = Yes [homes] comment = Home Directories [printers] comment = All Printers path = /var/spool/samba read only = No create mask = 0700 printable = Yes browseable = No [print$] comment = Samba server's CD-ROM path = /cdrom force user = nobody force group = nobody locking = No Workgroup Was defined as "HOMENET" before, changed it to domain name on the office laptop thinking it was the problem, but for no avail Thanks in advance Regards, Microkernel

    Read the article

  • htaccess and htpasswd trouble

    - by hjpotter92
    This is the first time that I have ever tried working with .htpasswd and .htaccess files, so please point out my childish works. I have my apache document root set to /www/ on my debian server. Inside it, there's a folder named Logs/ which I want to restrict access using a htpasswd. I created my htpasswd file using the shell's htpasswd command. And this is the result: > user:<encoded password here> > hjp:<encoded password here> > hjpotter92:<encoded password here> I put this file named .htaccess inside /www/. The Logs/ has following htaccess file in it: > AuthName "Restricted Area" > AuthType Basic > AuthUserFile /www/.htpasswd > AuthGroupFile /dev/null > require valid-user This was again created using an online tool(I forgot its name/link, and can't search the browser-history now). The problem, as it might've already struck you is that I am experiencing no change on my Logs folder access. The folder is still accessible to everyone. I am running apache as root user(if that matters/helps). Please help/guide me. I've tried reading some htaccess guides and have followed some of older SO questions, but still haven't figured out a way to restrict access to Logs folder with a password.

    Read the article

  • Windows recv method usage

    - by vandamon taigi
    I'm making a multiplayer game and I have an issue with the recv function ( or the send one , not sure ). Server side code : char* UserName = new char[256]; ZeroMemory(UserName,256); recv(sConnect,UserName,256,0); // works char* Password = new char[256]; ZeroMemory(Password,256); recv(sConnect,Password,256,0); // works users[ ++usercount ] = new Client(UserName,Password,sConnect); if( users[usercount] ->GetLogInSuccesful() ) send(sConnect,"0x0001",6,0); // debugging shows it gets here and sends the data. Client side code : send(server->getsConnect(),User,256,0); // works send(server->getsConnect(),Pass,256,0); // works char* Response = new char[6]; ZeroMemory(Response,6); recv(server->getsConnect(),Response,6,0); // gets stuck here. Any ideea why does it get stuck on that recv ? I also tried by making response [256] or such.

    Read the article

  • Can I set up samba so it automatically allows all the local usernames and passwords?

    - by dialer
    I have set up samba like this (this is the complete smb.conf): [global] log file = /var/log/samba/log log level = 2 security = user [homes] browsable = false read only = no valid users = %S I'd like to enable every user on server to access their home directories, but for some unknown reason only my 'administrator' account can do so. (I have done that with ftp before, but now smb is also needed). When I try to smbclient -L localhost -U [user], I get NT_STATUS_LOGON_FAILURE, except with the administrator (which is the user created during the ubuntu installation, not root). The samba log file says NT_STATUS_NO_SUCH_USER: [2012/04/04 20:26:02.081454, 2] smbd/reply.c:554(reply_special) netbios connect: name1=LOCALHOST 0x20 name2=DIALER-X 0x0 [2012/04/04 20:26:02.081733, 2] smbd/reply.c:565(reply_special) netbios connect: local=localhost remote=dialer-x, name type = 0 [2012/04/04 20:26:02.087200, 2] auth/auth.c:314(check_ntlm_password) check_ntlm_password: Authentication for user [public] - [public] FAILED with error NT_STATUS_NO_SUCH_USER I suspect that I have to manually create samba users, but the man pages state that If the client has passed a username/password pair and that username/password pair is validated by the UNIX system's password programs, the connection is made as that username. To me that sounds like as long as the provided username/password is a valid login on the server, it should work. Am I missing something totally obvious? I don't want / can't afford to manually update the samba users and passwords to match the server's. 11.10

    Read the article

  • MySQL can only log in as root, even after creating new users with their own database

    - by ionFish
    Problem: I just set up a Debian Wheezy installation for testing, and installed the LAMP packages and PMA. I can log in as root with my pre-defined password, create/edit/delete both databases and users. The problem comes when I create a new user 'something', set a password for it, and grant it all privileges on a table 'something' (same as the username). Upon connecting, it denies access to the user. Details: Host: localhost using MySQL 5.5.24-8 Creating user: CREATE USER 'something'@'%' IDENTIFIED BY '***';GRANT USAGE ON *.* TO 'something'@'%' IDENTIFIED BY '***' WITH MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0;CREATE DATABASE IF NOT EXISTSsomething;GRANT ALL PRIVILEGES ONsomething.* TO 'something'@'%'; Checking privileges: GRANT USAGE ON *.* TO 'something'@'%' IDENTIFIED BY PASSWORD '*92F9DAF5F5129554509489FDB6A433510223C799'; Result: Access denied for user 'something'@'localhost' (using password: YES) More Info: I use this same exact procedure for the Squeeze distribution, and it works perfectly. Is there a chance it's because of Wheezy, or something else? I need to continue using Wheezy because of the updated packages (for this test server -- the others work fine), so 'just use Squeeze' is not an option. Note: I HAVE tried flush privileges; to no avail.

    Read the article

  • We are moving to two servers from one server due to performance issues. How do we monitor the value of this change?

    - by MikeN
    We are moving to two servers from one server due to performance issues. We are moving our MySQL DB to its own dedicated server and will keep the original machine as the front end machine running nginx/apache (Django backend.) How do we monitor the value of this change? It is possible our whole site could actually get slower since the MySQL queries will be going out over a secure remote connection instead of locally?

    Read the article

  • Asp.Net Login control (Visual Web Dev)

    - by craig
    This is the code when you take the Login control from the toolbox. <%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs" Inherits="_Default" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head runat="server"> <title></title> </head> <body> <form id="form1" runat="server"> <div> <asp:Login ID="Login1" runat="server" onauthenticate="Login1_Authenticate" BackColor="#F7F7DE" BorderColor="#CCCC99" BorderStyle="Solid" BorderWidth="1px" Font-Names="Verdana" Font-Size="10pt"> <LayoutTemplate> <table border="0" cellpadding="1" cellspacing="0" style="border-collapse:collapse;"> <tr> <td> <table border="0" cellpadding="0"> <tr> <td align="center" colspan="2"> Log In</td> </tr> <tr> <td align="right"> <asp:Label ID="UserNameLabel" runat="server" AssociatedControlID="UserName">User Name:</asp:Label> </td> <td> <asp:TextBox ID="UserName" runat="server" ></asp:TextBox> <asp:RequiredFieldValidator ID="UserNameRequired" runat="server" ControlToValidate="UserName" ErrorMessage="User Name is required." ToolTip="User Name is required." ValidationGroup="Login1">*</asp:RequiredFieldValidator> </td> </tr> <tr> <td align="right"> <asp:Label ID="PasswordLabel" runat="server" AssociatedControlID="Password">Password:</asp:Label> </td> <td> <asp:TextBox ID="Password" runat="server" TextMode="Password"></asp:TextBox> <asp:RequiredFieldValidator ID="PasswordRequired" runat="server" ControlToValidate="Password" ErrorMessage="Password is required." ToolTip="Password is required." ValidationGroup="Login1">*</asp:RequiredFieldValidator> </td> </tr> <tr> <td colspan="2"> <asp:CheckBox ID="RememberMe" runat="server" Text="Remember me next time." /> </td> </tr> <tr> <td align="center" colspan="2" style="color:Red;"> <asp:Literal ID="FailureText" runat="server" EnableViewState="False"></asp:Literal> </td> </tr> <tr> <td align="right" colspan="2"> <asp:Button ID="LoginButton" runat="server" CommandName="Login" Text="Log In" ValidationGroup="Login1" onclick="LoginButton_Click" /> </td> </tr> </table> </td> </tr> </table> </LayoutTemplate> <TitleTextStyle BackColor="#6B696B" Font-Bold="True" ForeColor="#FFFFFF" /> </asp:Login> </div> </form> </body> </html> Part of my aspx.cs protected void LoginButton_Click(object sender, EventArgs e) { String sUserName = UserName.Text; String sPassword = Password.Text; Error 1 The name 'UserName' does not exist in the current context Error 2 The name 'Password' does not exist in the current context Error 3 'ASP.default_aspx' does not contain a definition for 'Login1_Authenticate' and no extension method 'Login1_Authenticate' accepting a first argument of type 'ASP.default_aspx' could be found (are you missing a using directive or an assembly reference?) What am I doing wrong?

    Read the article

  • My PHP login no longer works

    - by Matt Clayton
    This page worked like a charm for years... enter the correspondng user id and password and you would be redirected to your directory. Now suddenly, all attempts to log in - valid or otherwise - result in the page remaining static... no message, no redirect, nothing. Nothing in the code has changed, it just plain doesn't work anymore. Could this be the result of some kind of change on the server side? Yeah, I know it's not super secure, but it was good enough for our purposes. I'm certainly open to better suggestions. I just need it to work... and keep working. Please be gentle! I know almost nothing of programming. Here is the page code: <meta http-equiv="Content-Type" content="text/html;charset=utf-8" > <link href="ilium.css" rel="stylesheet" media="screen"> <title>Ilium: Client Login</title> </head> <body bgcolor="#bfbfcc" background="img/loginbg.gif"> <?php /* init vars */ $userExists = false; $userIndex = -1; $authenicated = false; /*********************************************** * edit this to add new users/password * * - add user/pass/directory to the array * * below: must be in same array index to work * ***********************************************/ $user = array('foo', 'bar'); $pass = array('foo', 'bar'); $directory = array('foo', 'bar'); // run user/pass check if data passed if (isset($username) && isset($password)) { // check if user name exists for ($i = 0; $i < count($user); $i++) { if ($user[$i] == $username) { $userExists = true; $userIndex = $i; break; } } // so user exists, now test password if ($userExists) { $message = $message . "Username Valid<br>\n"; if ($pass[$userIndex] == $password) { $authenicated = true; $link = "/incoming/clients050203/" . $directory[$userIndex] . "/"; $message = $message . "Password Valid - Redirecting to your folder...<br>\n"; } else { $message = $message . "Incorrect Password<br>\n"; } } else { $message = $message . "Incorrect User Name<br>\n"; } } ?> <?php // user has been authenicated - move them to the correct directory if ($authenicated) { echo "<META HTTP-EQUIV=Refresh CONTENT=\"0; URL=" . $link . "\">"; } ?> <img src="img/spacer.gif" alt="" width="1" height="112" border="0"> <form action="login.php" method="post"> <table width="496"> <tr> <td width="100"></td> <td colspan="4" width="469"><img src="img/please.gif" alt="" width="469" height="19" border="0"></td> </tr> <tr> <td width="100"><img src="img/spacer.gif" alt="" width="100" height="1" border="0"></td> <td width="227"> <img src="img/spacer.gif" alt="" width="227" height="1" border="0"><br> </td> <td align="right" valign="top" width="84"><input type="text" name="username" size="12"><br></td> <td width="43"><img src="img/spacer.gif" alt="" width="43" height="1" border="0"><br> <br> </td> <td align="right" valign="top" width="109"><input type="password" name="password" size="16"> <p><br> </p> </td> </tr> <tr> <td width="100"></td> <td valign="top" width="227"><div class="messages"><?=$message?></div></td> <td width="84"><br> </td> <td width="43"><br> </td> <td align="right" width="109"><input type="image" src="img/enter.gif" ALT="enter"><br> <br> <br> <br> <br> </td> </tr> </table> </form> </body> </html>

    Read the article

  • How can my CGI program access non-browseable files?

    - by Zerobu
    I was wondering if it was possible to read a text file that was located in a directory called "/home/user/files" I wanted to read it from my cgi-bin which is located in /home/user/cgi-bi/ Below is my code, #!/usr/bin/perl use strict; use CGI; #Virtual Directory #Steffan Harris eval { use constant PASSWORD => 'perl'; use constant UPLOAD_DIR => '/home/sharris2/files'; sub mapToFile { print chdir UPLOAD_DIR; } #This function will list all files in a directory. sub listDirectoryFiles { chdir UPLOAD_DIR; my @files = <*>; mapToFile; print<<LIST; <h2>Current Files</h2> <ul> LIST if(!$files[0]) { print" </ul>\n<em>No files in directory</em>"; } foreach(@files) { print" <li>$_</li>"; } print " </ul>\n"; } #This function generates a 404 Not Found error sub generate404 { print<<RESPONSE; Status: 404 Not Found Content-Type: text/html <html> <head><title>404 Not Found</title></head> <body> <p> <h1>404 - Not Found</h1> </p> The requested URL <b>$ENV{"HTTP_HOST"}$ENV{"REQUEST_URI"}</b> was not found on the server. </body> </html> RESPONSE exit; } #This function checks the path info to see if it matches a file in the UPLOAD_DIR directory, If it does not, then it returns a 404 error sub checkExsistence { if($ENV{"PATH_INFO"}) { chdir UPLOAD_DIR; my @files = <*>; if(!$files[0] and $ENV{"PATH_INFO"} eq "/") { return; } foreach(@files) { if($ENV{"PATH_INFO"} eq "/".$_ || $ENV{"PATH_INFO"} eq "/") { print "yes"; return; } } generate404; } } sub checkPassword { my ($password, $cgi); $cgi = new CGI; $password = $cgi->param('passwd'); unless($password eq PASSWORD) { print<<RESPONSE; Status: 200 OK Content-Type: text/html <html> <head> <title>Incorrect Password</title> </head> <body> <h1>Invalid password entered.</h1> <h3><a href="/~sharris2/cgi-bin/files/">Go Back</a></h3> </body> RESPONSE exit; } } sub upLoadFile { checkPassword; my ($uploadfile, $cgi); $cgi = new CGI; $uploadfile = $cgi->upload('uploadfile'); chdir UPLOAD_DIR; $uploadfile or die "Did not receive a file to upload"; open my $FILE, '>', UPLOAD_DIR."/$uploadfile" or die "$!"; while(<$uploadfile>) { print $FILE $_; } } #Start of main part of program my $cgi = new CGI; if(!$ENV{"PATH_INFO"}) { print $cgi->redirect('/~sharris2/cgi-bin/files/'); } checkExsistence; if($ENV{"REQUEST_METHOD"} eq "POST") { upLoadFile; } print <<"HEADERS"; Status: 200 OK Content-Type: text/html HEADERS print <<"HTML"; <html> <head> <title>Virtual Directory</title> </head> <body> HTML listDirectoryFiles; print<<HTML; <h2>Upload a new file</h2> <form method = "POST" enctype = "multipart/form-data" action = "/~sharris2/cgi-bin/files/" /> File:<input type = "file" name="uploadfile"/> <p>Password: <input type = "password" name ="passwd"/></p> <p><input type = "submit" value= "Submit File" /></p> </form> </body> </html> HTML };

    Read the article

  • layout is not included in all pages in asp.net mvc4 application

    - by Ahmed
    I am developing an asp.net mvc4 application with Bootstrap 3 and i've _Layout.cshtml in "Shared" folder , in Views, i've two pages, "Index and "Register" and i've included Layout in both of these Views but It seems that Layout is included in only "Index and not in "Register" View. Following are my Index and Register Views @{ ViewBag.Title = "Index"; Layout = "~/Views/Shared/_Layout.cshtml"; } <h2 align="center" class="bg-info">Login</h2> <form class="form-horizontal" role="form"> <div class="form-group"> <label for="inputEmail3" class="col-sm-2 control-label"><strong>UserName : </strong></label> <div class="col-sm-10"> <input type="email" class="form-control" id="inputEmail3" placeholder="UserName"> </div> </div> <div class="form-group"> <label for="inputPassword3" class="col-sm-2 control-label"><strong>Password</strong></label> <div class="col-sm-10"> <input type="password" class="form-control" id="inputPassword3" placeholder="Password"> </div> </div> <div class="form-group"> <div class="col-sm-offset-2 col-sm-10"> <div class="checkbox"> <label> <input type="checkbox"> Remember me </label> </div> </div> </div> <div class="form-group"> <div class="col-sm-offset-2 col-sm-10"> <button type="submit" class="btn btn-primary">Sign in</button> </div> </div> <h2 align="center" class="bg-info">SignIn With Other Services</h2> </form> <form class="form-horizontal" role="form" method="post" action="/Home/FacebookLogin"> <div class="form-group"> <div class="col-sm-offset-2 col-sm-10"> <button type="submit" class="btn btn-primary">SignIn with Facebook</button> </div> </div> </form> <h2 align="center" class="bg-info">Don't Have an Account?</h2> <form class="form-horizontal" role="form" method="post" action="/Home/Register"> <div class="form-group"> <div class="col-sm-offset-2 col-sm-10"> <button type="submit" class="btn btn-primary">Register</button> </div> </div> </form> ![@{ ViewBag.Title = "Register"; Layout = "~/Views/Shared/_Layout.cshtml"; } <h2 align="center" class="bg-info">Register</h2> <form class="form-horizontal" role="form"> <div class="form-group"> <label for="inputEmail3" class="col-sm-2 control-label"><strong>UserName : </strong></label> <div class="col-sm-10"> <input type="email" class="form-control" id="uname" name="uname" placeholder="UserName"> <input type="button" class="btn btn-primary" id="check" value="Check Availability" > <h4 class="bg-warning"></h4> </div> </div> <div class="form-group"> <label for="inputPassword3" class="col-sm-2 control-label"><strong>Password</strong></label> <div class="col-sm-10"> <input type="password" class="form-control" id="upass" name="upass" placeholder="Password"> </div> </div> <div class="form-group"> <label for="inputPassword3" class="col-sm-2 control-label"><strong>Retype Password</strong></label> <div class="col-sm-10"> <input type="password" class="form-control" id="retype" placeholder="Password"> </div> </div> <div class="form-group"> <div class="col-sm-offset-2 col-sm-10"> <button type="submit" class="btn btn-primary">Register</button> </div> </div> </form>]

    Read the article

  • How to run some commands after booting from ArchLinux disk? Or how to change some settings in .iso before booting?

    - by Alexander Ovchinnikov
    How to install Arch Linux with traditional installer with only ssh-access to server? There is nice guide: https://wiki.archlinux.org/index.php/Install_from_SSH I try test this on my home vps: Start VPS with any linux bootable cd and login to remote server (vps) wget http://mirrors.kernel.org/archlinux/iso/latest/archlinux-2010.05-netinstall-x86_64.iso dd if=archlinux-2010.05-netinstall-x86_64.iso of=/dev/sda reboot ... I see, it works but without ssh connection... I need make script, which will send this commands after reboot: aif -p partial-configure-network (and write some information about my server ip etc.) /etc/rc.d/sshd start (need to start sshd) echo "sshd: ALL" /etc/hosts.allow (to allow me login to server, by default deny all) passwd (by default its empty, can't login via ssh with empty password) Can I edit .iso or may be /dev/sda? May be I need write script, which will start after system boot and do this things or may be I can set this settings by default and system will start with correct settings (i think its possible at least in 2. and 3.). Thank you!

    Read the article

  • struts2-json-plugin not retrieving json data from action class for Struts-JQuery-Plugin grid

    - by thebravedave
    Hello, Im having an issue getting json working with the struts-jquery-plugin-2.1.0 I have included the struts2-json-plugin-2.1.8.1 in my classpath as well. Im sure that I have my struts-jquery-plugin configured correctly because the grid loads, but doesnt load the data its supposed to get from the action class that has been json'ized. The documentation with the json plugin and the struts-jquery plugin leaves ALOT of gaps that I cant even find with examples/tutorials, so I come to the community at stackoverflow. My action class has a property called gridModel thats a List with a basic POJO called Customer. Customer is a pojo with one property, id. I have a factory that supplies the populated List to the actions List property which i mentioned called gridModel. Heres how i set up my struts.xml file: <constant name="struts.devMode" value="true"/> <constant name="struts.objectFactory" value="guice"/> <package name="org.webhop.ywdc" namespace="/" extends="struts-default,json-default"> <result-types> <result-type name="json" class="com.googlecode.jsonplugin.JSONResult"> </result-type> </result-types> <action name="login" class="org.webhop.ywdc.LoginAction" > <result type="json"></result> <result name="success" type="dispatcher">/pages/uiTags/Success.jsp</result> <result name="error" type="redirect">/pages/uiTags/Login.jsp</result> <interceptor-ref name="cookie"> <param name="cookiesName">JSESSIONID</param> </interceptor-ref> </action> <action name="logout" class="org.webhop.ywdc.LogoutAction" > <result name="success" type="redirect">/pages/uiTags/Login.jsp</result> </action> </package> In the struts.xml file i set the and in my action i listed in the action configuration. Heres my jsp page that the action loads: <%@ taglib prefix="s" uri="/struts-tags" % <%@ taglib prefix="sj" uri="/struts-jquery-tags"% <%@ taglib prefix="sjg" uri="/struts-jquery-grid-tags"% <%@ page language="java" contentType="text/html" import="java.util.*"% Welcome, you have logged in! <s:url id="remoteurl" action="login"/> <sjg:grid id="gridtable" caption="Customer Examples" dataType="json" href="%{remoteurl}" pager="false" gridModel="gridModel" > <sjg:gridColumn name="id" key="true" index="id" title="ID" formatter="integer" sortable="false"/> </sjg:grid> Welcome, you have logged in. <br /> <b>Session Time: </b><%=new Date(session.getLastAccessedTime())%> <h2>Password:<s:property value="password"/></h2> <h2>userId:<s:property value="userId"/></h2> <br /> <a href="<%= request.getContextPath() %>/logout.action">Logout</a><br /><br /> ID: <s:property value="id"/> session id: <s:property value="JSESSIONID"/> </body> Im not really sure how to tell what json the json plugin is creating from the action class. If i did know how i could tell if it wasnt formed properly. As far as I know if I specificy in my action configuration in struts.xml, that the grid, which is set to read json and knows to look for "gridModel" will then automatically load the json to the grid, but its not. Heres my action class: public class LoginAction extends ActionSupport { public String JSESSIONID; public int id; private String userId; private String password; public Members member; public List<Customer> gridModel; public String execute() { Cookie cookie = new Cookie("ywdcsid", password); cookie.setMaxAge(3600); HttpServletResponse response = ServletActionContext.getResponse(); response.addCookie(cookie); HttpServletRequest request = ServletActionContext.getRequest(); Cookie[] ckey = request.getCookies(); for(Cookie c: ckey) { System.out.println(c.getName() + "/cookie_name + " + c.getValue() + "/cookie_value"); } Map requestParameters = ActionContext.getContext().getParameters();//getParameters(); String[] testString = (String[])requestParameters.get("password"); String passwordString = testString[0]; String[] usernameArray = (String[])requestParameters.get("userId"); String usernameString = usernameArray[0]; Injector injector = Guice.createInjector(new GuiceModule()); HibernateConnection connection = injector.getInstance(HibernateConnection.class); AuthenticationServices currentService = injector.getInstance(AuthenticationServices.class); currentService.setConnection(connection); currentService.setInjector(injector); member = currentService.getMemberByUsernamePassword(usernameString, passwordString); userId = member.getUsername(); password = member.getPassword(); CustomerFactory customerFactory = new CustomerFactory(); gridModel = customerFactory.getCustomers(); if(member == null) { return ERROR; } else { id = member.getId(); Map session = ActionContext.getContext().getSession(); session.put(usernameString, member); return SUCCESS; } } public String logout() throws Exception { Map session = ActionContext.getContext().getSession(); session.remove("logged-in"); return SUCCESS; } public List<Customer> getGridModel() { return gridModel; } public void setGridModel(List<Customer> gridModel) { this.gridModel = gridModel; } public String getPassword() { return password; } public void setPassword(String password) { this.password = password; } public String getUserId() { return userId; } public void setUserId(String userId) { this.userId = userId; } public String getJSESSIONID() { return JSESSIONID; } public void setJSESSIONID(String jsessionid) { JSESSIONID = jsessionid; } } Please help me with this problem. You will make my week, as this is a major bottleneck for me :( thanks so much, thebravedave

    Read the article

  • Hibernate Exception, what wrong ? [[Exception in thread "main" org.hibernate.InvalidMappingException

    - by user195970
    I use netbean 6.7.1 to write "hello world" witch hibernate, but I get some errors, plz help me, thank you very much. my exception init: deps-module-jar: deps-ear-jar: deps-jar: Copying 1 file to F:\Documents and Settings\My Dropbox\DropboxNetBeanProjects\loginspring\build\web\WEB-INF\classes compile-single: run-main: Oct 25, 2009 2:44:05 AM org.hibernate.cfg.Environment <clinit> INFO: Hibernate 3.2.5 Oct 25, 2009 2:44:05 AM org.hibernate.cfg.Environment <clinit> INFO: hibernate.properties not found Oct 25, 2009 2:44:05 AM org.hibernate.cfg.Environment buildBytecodeProvider INFO: Bytecode provider name : cglib Oct 25, 2009 2:44:05 AM org.hibernate.cfg.Environment <clinit> INFO: using JDK 1.4 java.sql.Timestamp handling Oct 25, 2009 2:44:05 AM org.hibernate.cfg.Configuration configure INFO: configuring from resource: /hibernate.cfg.xml Oct 25, 2009 2:44:05 AM org.hibernate.cfg.Configuration getConfigurationInputStream INFO: Configuration resource: /hibernate.cfg.xml Oct 25, 2009 2:44:06 AM org.hibernate.cfg.Configuration addResource INFO: Reading mappings from resource : hibernate/Tbluser.hbm.xml Oct 25, 2009 2:44:06 AM org.hibernate.util.XMLHelper$ErrorLogger error SEVERE: Error parsing XML: XML InputStream(1) Document is invalid: no grammar found. Oct 25, 2009 2:44:06 AM org.hibernate.util.XMLHelper$ErrorLogger error SEVERE: Error parsing XML: XML InputStream(1) Document root element "hibernate-mapping", must match DOCTYPE root "null". Exception in thread "main" org.hibernate.InvalidMappingException: Could not parse mapping document from resource hibernate/Tbluser.hbm.xml at org.hibernate.cfg.Configuration.addResource(Configuration.java:569) at org.hibernate.cfg.Configuration.parseMappingElement(Configuration.java:1587) at org.hibernate.cfg.Configuration.parseSessionFactory(Configuration.java:1555) at org.hibernate.cfg.Configuration.doConfigure(Configuration.java:1534) at org.hibernate.cfg.Configuration.doConfigure(Configuration.java:1508) at org.hibernate.cfg.Configuration.configure(Configuration.java:1428) at org.hibernate.cfg.Configuration.configure(Configuration.java:1414) at hibernate.CreateTest.main(CreateTest.java:22) Caused by: org.hibernate.InvalidMappingException: Could not parse mapping document from invalid mapping at org.hibernate.cfg.Configuration.addInputStream(Configuration.java:502) at org.hibernate.cfg.Configuration.addResource(Configuration.java:566) ... 7 more Caused by: org.xml.sax.SAXParseException: Document is invalid: no grammar found. at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(ErrorHandlerWrapper.java:195) at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.error(ErrorHandlerWrapper.java:131) at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:384) at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:318) at com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.scanStartElement(XMLNSDocumentScannerImpl.java:250) at com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl$NSContentDriver.scanRootElementHook(XMLNSDocumentScannerImpl.java:626) at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDriver.next(XMLDocumentFragmentScannerImpl.java:3095) at com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl$PrologDriver.next(XMLDocumentScannerImpl.java:921) at com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(XMLDocumentScannerImpl.java:648) at com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.next(XMLNSDocumentScannerImpl.java:140) at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:510) at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:807) at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:737) at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:107) at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(AbstractSAXParser.java:1205) at com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(SAXParserImpl.java:522) at org.dom4j.io.SAXReader.read(SAXReader.java:465) at org.hibernate.cfg.Configuration.addInputStream(Configuration.java:499) ... 8 more Java Result: 1 BUILD SUCCESSFUL (total time: 1 second) hibernate.cfg.xml <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE hibernate-configuration PUBLIC "-//Hibernate/Hibernate Configuration DTD 3.0//EN" "http://hibernate.sourceforge.net/hibernate-configuration-3.0.dtd"> <hibernate-configuration> <session-factory> <property name="hibernate.dialect">org.hibernate.dialect.MySQLDialect</property> <property name="hibernate.connection.driver_class">com.mysql.jdbc.Driver</property> <property name="hibernate.connection.url">jdbc:mysql://localhost:3306/hibernate</property> <property name="hibernate.connection.username">root</property> </session-factory> </hibernate-configuration> Tbluser.hbm.xml <?xml version="1.0"?> <!DOCTYPE hibernate-mapping PUBLIC "-//Hibernate/Hibernate Mapping DTD 3.0//EN" "http://hibernate.sourceforge.net/hibernate-mapping-3.0.dtd"> <!-- Generated Oct 25, 2009 2:37:30 AM by Hibernate Tools 3.2.1.GA --> <hibernate-mapping> <class name="hibernate.Tbluser" table="tbluser" catalog="hibernate"> <id name="userId" type="java.lang.Integer"> <column name="userID" /> <generator class="identity" /> </id> <property name="username" type="string"> <column name="username" length="50" /> </property> <property name="password" type="string"> <column name="password" length="50" /> </property> <property name="email" type="string"> <column name="email" length="50" /> </property> <property name="phone" type="string"> <column name="phone" length="50" /> </property> <property name="groupId" type="java.lang.Integer"> <column name="groupID" /> </property> </class> </hibernate-mapping> Tbluser.java package hibernate; // Generated Oct 25, 2009 2:37:30 AM by Hibernate Tools 3.2.1.GA /** * Tbluser generated by hbm2java */ public class Tbluser implements java.io.Serializable { private Integer userId; private String username; private String password; private String email; private String phone; private Integer groupId; public Tbluser() { } public Tbluser(String username, String password, String email, String phone, Integer groupId) { this.username = username; this.password = password; this.email = email; this.phone = phone; this.groupId = groupId; } public Integer getUserId() { return this.userId; } public void setUserId(Integer userId) { this.userId = userId; } public String getUsername() { return this.username; } public void setUsername(String username) { this.username = username; } public String getPassword() { return this.password; } public void setPassword(String password) { this.password = password; } public String getEmail() { return this.email; } public void setEmail(String email) { this.email = email; } public String getPhone() { return this.phone; } public void setPhone(String phone) { this.phone = phone; } public Integer getGroupId() { return this.groupId; } public void setGroupId(Integer groupId) { this.groupId = groupId; } }

    Read the article

  • How and where to implement basic authentication in Kibana 3

    - by Jabb
    I have put my elasticsearch server behind a Apache reverse proxy that provides basic authentication. Authenticating to Apache directly from the browser works fine. However, when I use Kibana 3 to access the server, I receive authentication errors. Obviously because no auth headers are sent along with Kibana's Ajax calls. I added the below to elastic-angular-client.js in the Kibana vendor directory to implement authentication quick and dirty. But for some reason it does not work. $http.defaults.headers.common.Authorization = 'Basic ' + Base64Encode('user:Password'); What is the best approach and place to implement basic authentication in Kibana? /*! elastic.js - v1.1.1 - 2013-05-24 * https://github.com/fullscale/elastic.js * Copyright (c) 2013 FullScale Labs, LLC; Licensed MIT */ /*jshint browser:true */ /*global angular:true */ 'use strict'; /* Angular.js service wrapping the elastic.js API. This module can simply be injected into your angular controllers. */ angular.module('elasticjs.service', []) .factory('ejsResource', ['$http', function ($http) { return function (config) { var // use existing ejs object if it exists ejs = window.ejs || {}, /* results are returned as a promise */ promiseThen = function (httpPromise, successcb, errorcb) { return httpPromise.then(function (response) { (successcb || angular.noop)(response.data); return response.data; }, function (response) { (errorcb || angular.noop)(response.data); return response.data; }); }; // check if we have a config object // if not, we have the server url so // we convert it to a config object if (config !== Object(config)) { config = {server: config}; } // set url to empty string if it was not specified if (config.server == null) { config.server = ''; } /* implement the elastic.js client interface for angular */ ejs.client = { server: function (s) { if (s == null) { return config.server; } config.server = s; return this; }, post: function (path, data, successcb, errorcb) { $http.defaults.headers.common.Authorization = 'Basic ' + Base64Encode('user:Password'); console.log($http.defaults.headers); path = config.server + path; var reqConfig = {url: path, data: data, method: 'POST'}; return promiseThen($http(angular.extend(reqConfig, config)), successcb, errorcb); }, get: function (path, data, successcb, errorcb) { $http.defaults.headers.common.Authorization = 'Basic ' + Base64Encode('user:Password'); path = config.server + path; // no body on get request, data will be request params var reqConfig = {url: path, params: data, method: 'GET'}; return promiseThen($http(angular.extend(reqConfig, config)), successcb, errorcb); }, put: function (path, data, successcb, errorcb) { $http.defaults.headers.common.Authorization = 'Basic ' + Base64Encode('user:Password'); path = config.server + path; var reqConfig = {url: path, data: data, method: 'PUT'}; return promiseThen($http(angular.extend(reqConfig, config)), successcb, errorcb); }, del: function (path, data, successcb, errorcb) { $http.defaults.headers.common.Authorization = 'Basic ' + Base64Encode('user:Password'); path = config.server + path; var reqConfig = {url: path, data: data, method: 'DELETE'}; return promiseThen($http(angular.extend(reqConfig, config)), successcb, errorcb); }, head: function (path, data, successcb, errorcb) { $http.defaults.headers.common.Authorization = 'Basic ' + Base64Encode('user:Password'); path = config.server + path; // no body on HEAD request, data will be request params var reqConfig = {url: path, params: data, method: 'HEAD'}; return $http(angular.extend(reqConfig, config)) .then(function (response) { (successcb || angular.noop)(response.headers()); return response.headers(); }, function (response) { (errorcb || angular.noop)(undefined); return undefined; }); } }; return ejs; }; }]); UPDATE 1: I implemented Matts suggestion. However, the server returns a weird response. It seems that the authorization header is not working. Could it have to do with the fact, that I am running Kibana on port 81 and elasticsearch on 8181? OPTIONS /solar_vendor/_search HTTP/1.1 Host: 46.252.46.173:8181 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3 Accept-Encoding: gzip, deflate Origin: http://46.252.46.173:81 Access-Control-Request-Method: POST Access-Control-Request-Headers: authorization,content-type Connection: keep-alive Pragma: no-cache Cache-Control: no-cache This is the response HTTP/1.1 401 Authorization Required Date: Fri, 08 Nov 2013 23:47:02 GMT WWW-Authenticate: Basic realm="Username/Password" Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 346 Connection: close Content-Type: text/html; charset=iso-8859-1 UPDATE 2: Updated all instances with the modified headers in these Kibana files root@localhost:/var/www/kibana# grep -r 'ejsResource(' . ./src/app/controllers/dash.js: $scope.ejs = ejsResource({server: config.elasticsearch, headers: {'Access-Control-Request-Headers': 'Accept, Origin, Authorization', 'Authorization': 'Basic XXXXXXXXXXXXXXXXXXXXXXXXXXXXX=='}}); ./src/app/services/querySrv.js: var ejs = ejsResource({server: config.elasticsearch, headers: {'Access-Control-Request-Headers': 'Accept, Origin, Authorization', 'Authorization': 'Basic XXXXXXXXXXXXXXXXXXXXXXXXXXXXX=='}}); ./src/app/services/filterSrv.js: var ejs = ejsResource({server: config.elasticsearch, headers: {'Access-Control-Request-Headers': 'Accept, Origin, Authorization', 'Authorization': 'Basic XXXXXXXXXXXXXXXXXXXXXXXXXXXXX=='}}); ./src/app/services/dashboard.js: var ejs = ejsResource({server: config.elasticsearch, headers: {'Access-Control-Request-Headers': 'Accept, Origin, Authorization', 'Authorization': 'Basic XXXXXXXXXXXXXXXXXXXXXXXXXXXXX=='}}); And modified my vhost conf for the reverse proxy like this <VirtualHost *:8181> ProxyRequests Off ProxyPass / http://127.0.0.1:9200/ ProxyPassReverse / https://127.0.0.1:9200/ <Location /> Order deny,allow Allow from all AuthType Basic AuthName “Username/Password” AuthUserFile /var/www/cake2.2.4/.htpasswd Require valid-user Header always set Access-Control-Allow-Methods "GET, POST, DELETE, OPTIONS, PUT" Header always set Access-Control-Allow-Headers "Content-Type, X-Requested-With, X-HTTP-Method-Override, Origin, Accept, Authorization" Header always set Access-Control-Allow-Credentials "true" Header always set Cache-Control "max-age=0" Header always set Access-Control-Allow-Origin * </Location> ErrorLog ${APACHE_LOG_DIR}/error.log </VirtualHost> Apache sends back the new response headers but the request header still seems to be wrong somewhere. Authentication just doesn't work. Request Headers OPTIONS /solar_vendor/_search HTTP/1.1 Host: 46.252.26.173:8181 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3 Accept-Encoding: gzip, deflate Origin: http://46.252.26.173:81 Access-Control-Request-Method: POST Access-Control-Request-Headers: authorization,content-type Connection: keep-alive Pragma: no-cache Cache-Control: no-cache Response Headers HTTP/1.1 401 Authorization Required Date: Sat, 09 Nov 2013 08:48:48 GMT Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS, PUT Access-Control-Allow-Headers: Content-Type, X-Requested-With, X-HTTP-Method-Override, Origin, Accept, Authorization Access-Control-Allow-Credentials: true Cache-Control: max-age=0 Access-Control-Allow-Origin: * WWW-Authenticate: Basic realm="Username/Password" Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 346 Connection: close Content-Type: text/html; charset=iso-8859-1 SOLUTION: After doing some more research, I found out that this is definitely a configuration issue with regard to CORS. There are quite a few posts available regarding that topic but it appears that in order to solve my problem, it would be necessary to to make some very granular configurations on apache and also make sure that the right stuff is sent from the browser. So I reconsidered the strategy and found a much simpler solution. Just modify the vhost reverse proxy config to move the elastisearch server AND kibana on the same http port. This also adds even better security to Kibana. This is what I did: <VirtualHost *:8181> ProxyRequests Off ProxyPass /bigdatadesk/ http://127.0.0.1:81/bigdatadesk/src/ ProxyPassReverse /bigdatadesk/ http://127.0.0.1:81/bigdatadesk/src/ ProxyPass / http://127.0.0.1:9200/ ProxyPassReverse / https://127.0.0.1:9200/ <Location /> Order deny,allow Allow from all AuthType Basic AuthName “Username/Password” AuthUserFile /var/www/.htpasswd Require valid-user </Location> ErrorLog ${APACHE_LOG_DIR}/error.log </VirtualHost>

    Read the article

  • A problem with the asp.net create user control

    - by Sir Psycho
    Hi, I've customised the asp.net login control and it seems to create new accounts fine, but if I duplicate the user id thats already registered or enter an email thats already used, the error messages arn't displaying. Its driving me crazy. The page just refreshes without showing an error. I've included the as instructed on the MSDN site but nothing. http://msdn.microsoft.com/en-us/library/ms178342.aspx <asp:CreateUserWizard ErrorMessageStyle-BorderColor="Azure" ID="CreateUserWizard1" runat="server" ContinueDestinationPageUrl="~/home.aspx"> <WizardSteps> <asp:CreateUserWizardStep ID="CreateUserWizardStep1" runat="server"> <ContentTemplate> <asp:Literal ID="ErrorMessage" runat="server"></asp:Literal> <div class="fieldLine"> <asp:Label ID="lblFirstName" runat="server" Text="First Name:" AssociatedControlID="tbxFirstName"></asp:Label> <asp:Label ID="lblLastName" runat="server" Text="Last Name:" AssociatedControlID="tbxLastName"></asp:Label> </div> <div class="fieldLine"> <asp:TextBox ID="tbxFirstName" runat="server"></asp:TextBox> <asp:TextBox ID="tbxLastName" runat="server"></asp:TextBox> </div> <asp:Label ID="lblEmail" runat="server" Text="Email:" AssociatedControlID="Email"></asp:Label> <asp:TextBox ID="Email" runat="server" CssClass="wideInput"></asp:TextBox><br /> <asp:RequiredFieldValidator ID="RequiredFieldValidator1" runat="server" CssClass="aspValidator" Display="Dynamic" ControlToValidate="Email" ErrorMessage="Required"></asp:RequiredFieldValidator> <asp:RegularExpressionValidator ID="RegularExpressionValidator1" runat="server" Display="Dynamic" CssClass="aspValidator" ControlToValidate="Email" SetFocusOnError="true" ValidationExpression="^(?:[a-zA-Z0-9_'^&amp;/+-])+(?:\.(?:[a-zA-Z0-9_'^&amp;/+-])+)*@(?:(?:\[?(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\.){3}(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\]?)|(?:[a-zA-Z0-9-]+\.)+(?:[a-zA-Z]){2,}\.?)$" ErrorMessage="Email address not valid"></asp:RegularExpressionValidator> <asp:Label ID="lblEmailConfirm" runat="server" Text="Confirm Email Address:" AssociatedControlID="tbxEmailConfirm"></asp:Label> <asp:TextBox ID="tbxEmailConfirm" runat="server" CssClass="wideInput"></asp:TextBox><br /> <asp:RequiredFieldValidator ID="RequiredFieldValidator2" runat="server" CssClass="aspValidator" Display="Dynamic" ControlToValidate="tbxEmailConfirm" ErrorMessage="Required"></asp:RequiredFieldValidator> <asp:RegularExpressionValidator ID="RegularExpressionValidator2" runat="server" Display="Dynamic" CssClass="aspValidator" ControlToValidate="tbxEmailConfirm" SetFocusOnError="true" ValidationExpression="^(?:[a-zA-Z0-9_'^&amp;/+-])+(?:\.(?:[a-zA-Z0-9_'^&amp;/+-])+)*@(?:(?:\[?(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\.){3}(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\]?)|(?:[a-zA-Z0-9-]+\.)+(?:[a-zA-Z]){2,}\.?)$" ErrorMessage="Email address not valid"></asp:RegularExpressionValidator> <asp:CompareValidator ID="CompareValidator1" runat="server" Display="Dynamic" SetFocusOnError="true" CssClass="aspValidator" ControlToCompare="Email" ControlToValidate="tbxEmailConfirm" ErrorMessage="Email address' do not match"></asp:CompareValidator> <asp:Label ID="lblUsername" runat="server" Text="Username:" AssociatedControlID="UserName"></asp:Label> <asp:TextBox ID="UserName" runat="server" MaxLength="12"></asp:TextBox><br /> <asp:CustomValidator ID="CustomValidatorUserName" runat="server" Display="Dynamic" SetFocusOnError="true" CssClass="aspValidator" ValidateEmptyText="true" ControlToValidate="UserName" ErrorMessage="Username can be between 6 and 12 characters." ClientValidationFunction="ValidateLength" OnServerValidate="ValidateUserName"></asp:CustomValidator> <div class="fieldLine"> <asp:Label ID="lblPassword" runat="server" Text="Password:" AssociatedControlID="Password"></asp:Label> <asp:Label ID="lblPasswordConfirm" runat="server" Text="Confirm Password:" AssociatedControlID="ConfirmPassword" CssClass="confirmPassword"></asp:Label> </div> <div class="fieldLine"> <asp:TextBox ID="Password" runat="server" TextMode="Password"></asp:TextBox> <asp:TextBox ID="ConfirmPassword" runat="server" TextMode="Password"></asp:TextBox><br /> <asp:CustomValidator ID="CustomValidatorPassword" runat="server" Display="Dynamic" SetFocusOnError="true" CssClass="aspValidator" ControlToValidate="Password" ValidateEmptyText="true" ErrorMessage="Password can be between 6 and 12 characters" ClientValidationFunction="ValidateLength" OnServerValidate="ValidatePassword"></asp:CustomValidator> <asp:CustomValidator ID="CustomValidatorConfirmPassword" runat="server" Display="Dynamic" SetFocusOnError="true" CssClass="aspValidator" ControlToValidate="ConfirmPassword" ValidateEmptyText="true" ErrorMessage="Password can be between 6 and 12 characters" ClientValidationFunction="ValidateLength" OnServerValidate="ValidatePassword"></asp:CustomValidator> <asp:CompareValidator ID="CompareValidator2" runat="server" Enabled="false" Display="Dynamic" SetFocusOnError="true" CssClass="aspValidator" ControlToCompare="Password" ControlToValidate="ConfirmPassword" ErrorMessage="Passwords do not match"></asp:CompareValidator> </div> <asp:Label ID="lblCaptch" runat="server" Text="Captcha:" AssociatedControlID="imgCaptcha"></asp:Label> <div class="borderBlue" style="width:200px;"> <asp:Image ID="imgCaptcha" runat="server" ImageUrl="~/JpegImage.aspx" /><br /> </div> <asp:TextBox ID="tbxCaptcha" runat="server" CssClass="captchaText"></asp:TextBox> <asp:RequiredFieldValidator ControlToValidate="tbxCaptcha" CssClass="aspValidator" ID="RequiredFieldValidator3" runat="server" ErrorMessage="Required"></asp:RequiredFieldValidator> <asp:CustomValidator ID="CustomValidator1" ControlToValidate="tbxCaptcha" runat="server" OnServerValidate="ValidateCaptcha" ErrorMessage="Captcha incorrect"></asp:CustomValidator> </ContentTemplate> <CustomNavigationTemplate> <div style="float:left;"> <asp:Button ID="CreateUser" runat="server" Text="Register Now!" CausesValidation="true" CommandName="CreateUser" OnCommand="CreateUserClick" CssClass="registerButton" /> </div> </CustomNavigationTemplate> </asp:CreateUserWizardStep> <asp:CompleteWizardStep ID="CompleteWizardStep1" runat="server"> <ContentTemplate> <table border="0" style="font-size: 100%; font-family: Verdana" id="TABLE1" > <tr> <td align="center" colspan="2" style="font-weight: bold; color: white; background-color: #5d7b9d; height: 18px;"> Complete</td> </tr> <tr> <td> Your account has been successfully created.<br /> </td> </tr> <tr> <td align="right" colspan="2"> <asp:Button ID="Button1" PostBackUrl="~/home.aspx" runat="server" Text="Button" /> </td> </tr> </table> </ContentTemplate> </asp:CompleteWizardStep> </WizardSteps> </asp:CreateUserWizard>

    Read the article

  • Android Simple way for User Color Selections

    - by miannelle
    How can you change application colors on the fly? I am currently using the following to change the background: LinearLayout mScreen = (LinearLayout) findViewById(R.id.main); mScreen.setBackgroundColor( mycolor ); I tried to use Style's to change the text using: @color/white The problem is that Spinners/Buttons and Spinner-Popup-Lists all change to white text as well, making them unreadable. I have over 20 Classes in my app that all need to be able to change color combination's.

    Read the article

  • A New Threat To Web Applications: Connection String Parameter Pollution (CSPP)

    - by eric.maurice
    Hi, this is Shaomin Wang. I am a security analyst in Oracle's Security Alerts Group. My primary responsibility is to evaluate the security vulnerabilities reported externally by security researchers on Oracle Fusion Middleware and to ensure timely resolution through the Critical Patch Update. Today, I am going to talk about a serious type of attack: Connection String Parameter Pollution (CSPP). Earlier this year, at the Black Hat DC 2010 Conference, two Spanish security researchers, Jose Palazon and Chema Alonso, unveiled a new class of security vulnerabilities, which target insecure dynamic connections between web applications and databases. The attack called Connection String Parameter Pollution (CSPP) exploits specifically the semicolon delimited database connection strings that are constructed dynamically based on the user inputs from web applications. CSPP, if carried out successfully, can be used to steal user identities and hijack web credentials. CSPP is a high risk attack because of the relative ease with which it can be carried out (low access complexity) and the potential results it can have (high impact). In today's blog, we are going to first look at what connection strings are and then review the different ways connection string injections can be leveraged by malicious hackers. We will then discuss how CSPP differs from traditional connection string injection, and the measures organizations can take to prevent this kind of attacks. In web applications, a connection string is a set of values that specifies information to connect to backend data repositories, in most cases, databases. The connection string is passed to a provider or driver to initiate a connection. Vendors or manufacturers write their own providers for different databases. Since there are many different providers and each provider has multiple ways to make a connection, there are many different ways to write a connection string. Here are some examples of connection strings from Oracle Data Provider for .Net/ODP.Net: Oracle Data Provider for .Net / ODP.Net; Manufacturer: Oracle; Type: .NET Framework Class Library: - Using TNS Data Source = orcl; User ID = myUsername; Password = myPassword; - Using integrated security Data Source = orcl; Integrated Security = SSPI; - Using the Easy Connect Naming Method Data Source = username/password@//myserver:1521/my.server.com - Specifying Pooling parameters Data Source=myOracleDB; User Id=myUsername; Password=myPassword; Min Pool Size=10; Connection Lifetime=120; Connection Timeout=60; Incr Pool Size=5; Decr Pool Size=2; There are many variations of the connection strings, but the majority of connection strings are key value pairs delimited by semicolons. Attacks on connection strings are not new (see for example, this SANS White Paper on Securing SQL Connection String). Connection strings are vulnerable to injection attacks when dynamic string concatenation is used to build connection strings based on user input. When the user input is not validated or filtered, and malicious text or characters are not properly escaped, an attacker can potentially access sensitive data or resources. For a number of years now, vendors, including Oracle, have created connection string builder class tools to help developers generate valid connection strings and potentially prevent this kind of vulnerability. Unfortunately, not all application developers use these utilities because they are not aware of the danger posed by this kind of attacks. So how are Connection String parameter Pollution (CSPP) attacks different from traditional Connection String Injection attacks? First, let's look at what parameter pollution attacks are. Parameter pollution is a technique, which typically involves appending repeating parameters to the request strings to attack the receiving end. Much of the public attention around parameter pollution was initiated as a result of a presentation on HTTP Parameter Pollution attacks by Stefano Di Paola and Luca Carettoni delivered at the 2009 Appsec OWASP Conference in Poland. In HTTP Parameter Pollution attacks, an attacker submits additional parameters in HTTP GET/POST to a web application, and if these parameters have the same name as an existing parameter, the web application may react in different ways depends on how the web application and web server deal with multiple parameters with the same name. When applied to connections strings, the rule for the majority of database providers is the "last one wins" algorithm. If a KEYWORD=VALUE pair occurs more than once in the connection string, the value associated with the LAST occurrence is used. This opens the door to some serious attacks. By way of example, in a web application, a user enters username and password; a subsequent connection string is generated to connect to the back end database. Data Source = myDataSource; Initial Catalog = db; Integrated Security = no; User ID = myUsername; Password = XXX; In the password field, if the attacker enters "xxx; Integrated Security = true", the connection string becomes, Data Source = myDataSource; Initial Catalog = db; Integrated Security = no; User ID = myUsername; Password = XXX; Intergrated Security = true; Under the "last one wins" principle, the web application will then try to connect to the database using the operating system account under which the application is running to bypass normal authentication. CSPP poses serious risks for unprepared organizations. It can be particularly dangerous if an Enterprise Systems Management web front-end is compromised, because attackers can then gain access to control panels to configure databases, systems accounts, etc. Fortunately, organizations can take steps to prevent this kind of attacks. CSPP falls into the Injection category of attacks like Cross Site Scripting or SQL Injection, which are made possible when inputs from users are not properly escaped or sanitized. Escaping is a technique used to ensure that characters (mostly from user inputs) are treated as data, not as characters, that is relevant to the interpreter's parser. Software developers need to become aware of the danger of these attacks and learn about the defenses mechanism they need to introduce in their code. As well, software vendors need to provide templates or classes to facilitate coding and eliminate developers' guesswork for protecting against such vulnerabilities. Oracle has introduced the OracleConnectionStringBuilder class in Oracle Data Provider for .NET. Using this class, developers can employ a configuration file to provide the connection string and/or dynamically set the values through key/value pairs. It makes creating connection strings less error-prone and easier to manager, and ultimately using the OracleConnectionStringBuilder class provides better security against injection into connection strings. For More Information: - The OracleConnectionStringBuilder is located at http://download.oracle.com/docs/cd/B28359_01/win.111/b28375/OracleConnectionStringBuilderClass.htm - Oracle has developed a publicly available course on preventing SQL Injections. The Server Technologies Curriculum course "Defending Against SQL Injection Attacks!" is located at http://st-curriculum.oracle.com/tutorial/SQLInjection/index.htm - The OWASP web site also provides a number of useful resources. It is located at http://www.owasp.org/index.php/Main_Page

    Read the article

  • Removing hard-coded values and defensive design vs YAGNI

    - by Ben Scott
    First a bit of background. I'm coding a lookup from Age - Rate. There are 7 age brackets so the lookup table is 3 columns (From|To|Rate) with 7 rows. The values rarely change - they are legislated rates (first and third columns) that have stayed the same for 3 years. I figured that the easiest way to store this table without hard-coding it is in the database in a global configuration table, as a single text value containing a CSV (so "65,69,0.05,70,74,0.06" is how the 65-69 and 70-74 tiers would be stored). Relatively easy to parse then use. Then I realised that to implement this I would have to create a new table, a repository to wrap around it, data layer tests for the repo, unit tests around the code that unflattens the CSV into the table, and tests around the lookup itself. The only benefit of all this work is avoiding hard-coding the lookup table. When talking to the users (who currently use the lookup table directly - by looking at a hard copy) the opinion is pretty much that "the rates never change." Obviously that isn't actually correct - the rates were only created three years ago and in the past things that "never change" have had a habit of changing - so for me to defensively program this I definitely shouldn't store the lookup table in the application. Except when I think YAGNI. The feature I am implementing doesn't specify that the rates will change. If the rates do change, they will still change so rarely that maintenance isn't even a consideration, and the feature isn't actually critical enough that anything would be affected if there was a delay between the rate change and the updated application. I've pretty much decided that nothing of value will be lost if I hard-code the lookup, and I'm not too concerned about my approach to this particular feature. My question is, as a professional have I properly justified that decision? Hard-coding values is bad design, but going to the trouble of removing the values from the application seems to violate the YAGNI principle. EDIT To clarify the question, I'm not concerned about the actual implementation. I'm concerned that I can either do a quick, bad thing, and justify it by saying YAGNI, or I can take a more defensive, high-effort approach, that even in the best case ultimately has low benefits. As a professional programmer does my decision to implement a design that I know is flawed simply come down to a cost/benefit analysis?

    Read the article

  • ODEE Green Field (Windows) Part 4 - Documaker

    - by AndyL-Oracle
    Welcome back! We're about nearing completion of our installation of Oracle Documaker Enterprise Edition ("ODEE") in a green field. In my previous post, I covered the installation of SOA Suite for WebLogic. Before that, I covered the installation of WebLogic, and Oracle 11g database - all of which constitute the prerequisites for installing ODEE. Naturally, if your environment already has a WebLogic server and Oracle database, then you can skip all those components and go straight for the heart of the installation of ODEE. The ODEE installation is comprised of two procedures, the first covers the installation, which is running the installer and answering some questions. This will lay down the files necessary to install into the tiers (e.g. database schemas, WebLogic domains, etcetera). The second procedure is to deploy the configuration files into the various components (e.g. deploy the database schemas, WebLogic domains, SOA composites, etcetera). I will segment my posts accordingly! Let's get started, shall we? Unpack the installation files into a temporary directory location. This should extract a zip file. Extract that zip file into the temporary directory location. Navigate to and execute the installer in Disk1/setup.exe. You may have to allow the program to run if User Account Control is enabled. Once the dialog below is displayed, click Next. Select your ODEE Home - inside this directory is where all the files will be deployed. For ease of support, I recommend using the default, however you can put this wherever you want. Click Next. Select the database type, database connection type – note that the database name should match the value used for the connection type (e.g. if using SID, then the name should be IDMAKER; if using ServiceName, the name should be “idmaker.us.oracle.com”). Verify whether or not you want to enable advanced compression. Note: if you are not licensed for Oracle 11g Advanced Compression option do not use this option! Terrible, terrible calamities will befall you if you do! Click Next. Enter the Documaker Admin user name (default "dmkr_admin" is recommended for support purposes) and set the password. Update the System name and ID (must be unique) if you want/need to - since this is a green field install you should be able to use the default System ID. The only time you'd change this is if you were, for some reason, installing a new ODEE system into an existing schema that already had a system. Click Next. Enter the Assembly Line user name (default "dmkr_asline" is recommended) and set the password. Update the Assembly Line name and ID (must be unique) if you want/need to - it's quite possible that at some point you will create another assembly line, in which case you have several methods of doing so. One is to re-run the installer, and in this case you would pick a different assembly line ID and name. Click Next. Note: you can set the DB folder if needed (typically you don’t – see ODEE Installation Guide for specifics. Select the appropriate Application Server type - in this case, our green field install is going to use WebLogic - set the username to weblogic (this is required) and specify your chosen password. This credential will be used to access the application server console/control panel. Keep in mind that there are specific criteria on password choices that are required by WebLogic, but are not enforced by the installer (e.g. must contain a number, must be of a certain length, etcetera). Choose a strong password. Set the connection information for the JMS server. Note that for the 12.3.x version, the installer creates a separate JVM (WebLogic managed server) that hosts the JMS server, whereas prior editions place the JMS server on the AdminServer.  You may also specify a separate URL to the JMS server in case you intend to move the JMS resources to a separate/different server (e.g. back to AdminServer). You'll need to provide a login principal and credentials - for simplicity I usually make this the same as the WebLogic domain user, however this is not a secure practice! Make your JMS principal different from the WebLogic principal and choose a strong password, then click Next. Specify the Hot Folder(s) (comma-delimited if more than one) - this is the directory/directories that is/are monitored by ODEE for jobs to process. Click Next. If you will be setting up an SMTP server for ODEE to send emails, you may configure the connection details here. The details required are simple: hostname, port, user/password, and the sender's address (e.g. emails will appear to be sent by the address shown here so if the recipient clicks "reply", this is where it will go). Click Next. If you will be using Oracle WebCenter:Content (formerly known as Oracle UCM) you can enable this option and set the endpoints/credentials here. If you aren't sure, select False - you can always go back and enable this later. I'm almost 76% certain there will be a post sometime in the future that details how to configure ODEE + WCC:C! Click Next. If you will be using Oracle UMS for sending MMS/text messages, you can enable and set the endpoints/credentials here. As with UCM, if you're not sure, don't enable it - you can always set it later. Click Next. On this screen you can change the endpoints for the Documaker Web Service (DWS), and the endpoints for approval processing in Documaker Interactive. The deployment process for ODEE will create 3 managed WebLogic servers for hosting various Documaker components (JMS, Interactive, DWS, Dashboard, Documaker Administrator, etcetera) and it will set the ports used for each of these services. In this screen you can change these values if you know how you want to deploy these managed servers - but for now we'll just accept the defaults. Click Next. Verify the installation details and click Install. You can save the installation into a response file if you need to (which might be useful if you want to rerun this installation in an unattended fashion). Allow the installation to progress... Click Next. You can save the response file if needed (e.g. in case you forgot to save it earlier!) Click Finish. That's it, you're done with the initial installation. Have a look around the ODEE_HOME that you just installed (remember we selected c:\oracle\odee_1?) and look at the files that are laid down. Don't change anything just yet! Stay tuned for the next segment where we complete and verify the installation. 

    Read the article

  • Been doing .NET for several years and am thinking about a platform change. Where do people suggest I go?

    - by rsteckly
    Hi, I've been programming in .NET for several years now and am thinking maybe its time to do a platform switch. Any suggestions about which platform would be the best to learn? I've been thinking about going back to C++ development or just focusing on T-SQL within the Microsoft stack. I'm thinking of switching because: a) I feel that the .NET platform is increasingly becoming commodified--meaning that its more about learning a GUI and certain things to click around than really understanding programming. I'm concerned that this will lend itself to making developers on that stack increasingly paid less. b) It's very frustrating to spend your entire day essentially debugging something that should work but doesn't. Usually, Microsoft releases something that suggests anyone can just click here and there and poof there's your application. Most of the time it doesn't work and winds up sucking so much more time than it was supposed to save. c) I recently led a team in a small startup to build a WPF application. We were really hit hard with people complaining about having to download the runtime. Our code was also not portable to any other platform. Added to which, the ram usage and slowness to load of the app was remarkable for its size. I researched it and we could not find a way to optimize it. d) I'm a little concerned about being wedded to the Windows platform. What are the pros and cons of adding another platform and which platform do people suggest? Thanks!

    Read the article

  • How does 301 redirection work across the network? & should I use it if there is a chance we made need to change the resource back to the original URL?

    - by Faust
    I've built a CMS that makes it fairly easy for my client to relocate pages in their site hierarchy. This site has all human-readable and intuitive URLs, so moving a page necessarily means that its URL changes. I am storing records of each resource's past URLs in the data store so that requests for bygone URLs are re-routed to their appropriate successors. I'm warning my clients not to re-arrange the site willy-nilly (for numerous reasons). But nevertheless I suspect there's a chance page moves could get reversed from time to time. So I'm trying to figure out whether 301 or 302 or 307 redirects should be used when serving up pages to requests for out-of-date URLs. I understand the value of using 301 for search engine optimization. But my concern is with this system possibly inadvertently making some pages unavailable to some users QUESTIONS: That is, if the clients move a page at location/URL A to a new location B, then users get the redirect for A to B, and then the clients move the page back to A again, how long can I expect any of those users to keep getting their requests for A redirected to B -- in this case sending them to my friendly 404 page? Is it until an item in their browser history is cleared? Is the redirect somehow cached in routers throughout the internet? How does this work? How long can I expect the 301 redirect to linger out there ?

    Read the article

  • Game 30% done on HTML5. Maybe it was a bad idea. Should I change to Unity3d? [on hold]

    - by Dokkat
    I'm creating a 3d game on HTML5. It's 30% complete and the hard part is already coded. The server is on node.js.Now I'm realizing that maybe it was not a wise choice. This is because I realized: Three.js still has many bugs. I don't see the same thing on every machine. Each browser, OS, can give different results. I'm afraid my clients will have a great stress installing my game properly. I have tons of sprites and models on my game. I wonder if my clients will have to load all them again everytime they want to play? I wonder if a Node.js server will be fast enough to handle it, and I'm afraid it won't be scalable. What would you advise me? Should I continue and finish the game on HTML5 or is it better to remake it on something else, like Unity3d for the client and (what?) for the server?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 263 264 265 266 267 268 269 270 271 272 273 274  | Next Page >