A High Level Comparison Between Oracle and SQL Server - Part IV
The concluding part of the Oracle / SQL Server comparison looks at error logging, security, installation and finally querying the databases.
Search Results
Search found 16101 results on 645 pages for 'owsm webservices ws security ws trust soa secuirty'.
Page 274/645 | < Previous Page | 270 271 272 273 274 275 276 277 278 279 280 281 | Next Page >
-
-
Web Apps vs Web Services: 302s and 401s are not always good Friends
- by Your DisplayName here!
It is not very uncommon to have web sites that have web UX and services content. The UX part maybe uses WS-Federation (or some other redirect based mechanism). That means whenever an authorization error occurs (401 status code), this is picked by the corresponding redirect module and turned into a redirect (302) to the login page. All is good. But in services, when you emit a 401, you typically want that status code to travel back to the client agent, so it can do error handling. These two approaches conflict. If you think (like me) that you should separate UX and services into separate apps, you don’t need to read on. Just do it ;) If you need to mix both mechanisms in a single app – here’s how I solved it for a project. I sub classed the redirect module – this was in my case the WIF WS-Federation HTTP module and modified the OnAuthorizationFailed method. In there I check for a special HttpContext item, and if that is present, I suppress the redirect. Otherwise everything works as normal: class ServiceAwareWSFederationAuthenticationModule : WSFederationAuthenticationModule { protected override void OnAuthorizationFailed(AuthorizationFailedEventArgs e) { base.OnAuthorizationFailed(e); var isService = HttpContext.Current.Items[AdvertiseWcfInHttpPipelineBehavior.DefaultLabel]; if (isService != null) { e.RedirectToIdentityProvider = false; } } } Now the question is, how do you smuggle that value into the HttpContext. If it is a MVC based web service, that’s easy of course. In the case of WCF, one approach that worked for me was to set it in a service behavior (dispatch message inspector to be exact): public void BeforeSendReply( ref Message reply, object correlationState) { if (HttpContext.Current != null) { HttpContext.Current.Items[DefaultLabel] = true; } } HTHRead the article
-
Unable to run java file from command like Ubuntu
- by KodeSeeker
I'm a newbie to Ubuntu and Im looking to run Java code from the command line. Ive checked that path as well. The interesting thing is the code compiles but fails to run ie. user@ubuntu:~/py-scripts$ javac Main.java' works well. but when I do . `user@ubuntu:~/py-scripts$ java Main I get the following error Exception in thread "main" java.lang.UnsupportedClassVersionError: Main : Unsupported major.minor version 51.0 at java.lang.ClassLoader.defineClass1(Native Method) at java.lang.ClassLoader.defineClass(ClassLoader.java:634) at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142) at java.net.URLClassLoader.defineClass(URLClassLoader.java:277) at java.net.URLClassLoader.access$000(URLClassLoader.java:73) at java.net.URLClassLoader$1.run(URLClassLoader.java:212) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:205) at java.lang.ClassLoader.loadClass(ClassLoader.java:321) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:294) at java.lang.ClassLoader.loadClass(ClassLoader.java:266) Could not find the main class: Main. Program will exit.'Read the article
-
In a SSL web application, what would be the vulnerabilities of using session based authentication?
- by Thomas C. G. de Vilhena
I'm not sure the term even exists, so let me explain what I mean by "session based authentication" through some pseudo-code: void PerformLogin(string userName, string password) { if(AreValidCredentials(userName, password)) { Session.Set("IsAuthenticated", true); } else { Message.Show("Invalid credentials!"); } } So the above method simply verifies the provided credentials are valid and then sets a session flag to indicate that the session user is authenticated. Under plain HTTP that is obviously unsafe, because anyone could hijack the session cookie/querystring and breach security. However, under HTTPS the session cookie/querystring is protected because client-server communication is encrypted, so I believe this authentication approach would be safe, wouldn't it? I'm asking this because I want to know how authentication tickets can improve web applications security. Thanks in advance!Read the article
-
ArchBeat Link-o-Rama for 2012-06-28
- by Bob Rhubart
Oracle Magazine Technologist of the Year Awards to honor architects at #OOW12 Seven of the ten categories in this year's Oracle Magazine Technologist of the Year Awards are designated to celebrate architects. The winners will be honored at Oracle OpenWorld -- and showered with adulation from their colleagues. Nominations for these awards close on Tuesday July 17, so make sure you submit your nominations right away. Oracle E-Business Suite 12 Certified on Additional Linux Platforms (Oracle E-Business Suite Technology) Oracle E-Business Suite Release 12 (12.1.1 and higher) is now certified on the following additional Linux x86/x86-64 operating systems: Oracle Linux 6 (32-bit), Red Hat Enterprise Linux 6 (32-bit), Red Hat Enterprise Linux 6 (64-bit), and Novell SUSE Linux Enterprise Server (SLES) version 11 (64-bit). FairScheduling Conventions in Hadoop (The Data Warehouse Insider)"If you're going to have several concurrent users and leverage the more interactive aspects of the Hadoop environment (e.g. Pig and Hive scripting), the FairScheduler is definitely the way to go," says Dan McClary. Learn how in his technical post. SOA Learning Library (SOA & BPM Partner Community Blog) The Oracle Learning Library offers a vast collection of e-learning resources covering a mind-boggling array of products and topics. And it's all free—if you have an Oracle.com membership. And if you don't, that's free, too. Could this be any easier? Oracle Fusion Middleware Security: LibOVD: when and how | Andre Correa Fusion Middleware A-Team blogger Andre Correa offers some background on LibOVD and shares technical tips for its use. Virtual Developer Day: Oracle Fusion Development Yes, it's called "Developer Day," but there's plenty for architects, too. This free event includes hands-on labs, live Q&A with product experts, and a dizzying amount of technical information about Oracle ADF and Fusion Development -- all without having to pack a bag or worry about getting stuck in a seat between two professional wrestlers. Tuesday, July 10, 2012 9:00 a.m. PT – 1:00 p.m. PT 11:00 a.m. CT – 3:00 p.m. CT 12:00 p.m. ET – 4:00 p.m. ET 1:00 p.m. BRT – 5:00 p.m. BRT Thought for the Day "Computers allow you to make more mistakes faster than any other invention in human history with the possible exception of handguns and tequila." — Mitch Ratcliffe Source: SoftwareQuotes.comRead the article
-
RedShift Networks Launches UC Threat Management
New technology uses deep packet analysis to detect and repel security threats at the application layer.Read the article
-
ArchBeat Facebook Friday: Top 10 Shared Links - May 23-29, 2014
- by OTN ArchBeat
Among the 5,144 fans of the OTN ArchBeat Facebook Page the following Top 10 items were the most popular over the last seven days, May 23-29, 2014. GlassFish/Java EE Community Open Forum Today! | Reza Rahman Have questions about Glassfish? Java EE/GlassFish evangelist Reza Rahman has answers, and you can pick his brain tomorrow during an online forum organized by the London Glassfish User Group and C2B2. The event is free, but you must register in order to participate. Click the link for more information. Twitter Tuesday - Top 10 @ArchBeat Tweets - May 20-26, 2014 The top 10 @OTNArchBeat tweets for the week of May 20-26, 2014. Topics covered include ADF, Cloud, GoldenGate, KScope14, OBIEE, ODI, WebLogic, WebCenter, and more. FrameworkFolders Support has come to Oracle WebCenter Portal | JayJay Zheng Interested in working with Framework Folders in Oracle WebCenter Portal? Oracle ACE JayJay Zheng reviews the essentials. Video: Programming Best Practices - ADF Business Components | Frank Nimphius Frank Nimphius discusses best practices and recommendations for ADF Business Components in the latest video from ADF Architecture TV. Video: Kscope 2014 Preview: Data Modeling and Moving Meditation with Kent Graziano For your mind and your body! Oracle ACE Director Kent Graziano previews his Kscope 2014 data modeling presentations and the early morning Chi Gung sessions he will once again lead for Kscope attendees. OAG and OES Integration for Web API Security: skin and guts | Andre Correa A-Team architect Andre Correa's post examines a strategy for web API security that uses OAG (Oracle API Gateway) and OES (Oracle Entitlements Server). Getting Started with Coherence*Web in WebLogic Server 12.1.2 | Tim Middleton Solution architect Tim Middleton shows you how to configure Coherence*Web in WebLogic Server 12.1.2 and deploy a basic web application. SOA and Business Processes: You are the Process! Part of the 13-part "Industrial SOA" article series, this article looks at best practices for modeling and managing effective business processes. Authentication in Oracle Identity Federation/ IdP | Damien Carru Damien Carru discuss authentication when OIF acts as an IdP and how the server can be configured to use specific OAM Authentication Schemes to challenge the user. Caveats on Using WebLogic Server with JDK7 | JayJay Zheng Quick tech tips from Oracle ACE JayJay Zheng.Read the article
-
eSTEP TechCast: Oracle Solaris 11 Express
- by user797911
Get an insight on how Oracle Solaris 11 Express has raised the bar on the innovation introduced in Oracle Solaris 10. Learn about the new integrated features such as: network based package management tools improvements to built-in virtualization new virtualised network architecture security enhancements file system evolution Learn how Oracle Solaris 11 Express provides greatly decreased planned system downtime, performs a completely safe system upgrade, achieves an unprecedented level of flexibility for application consolidation, and provides the highest levels of security in your datacenter. Date and time: Thursday, 7. July 2011, 13:00 - 14:00 CEST Speaker: Joost Pronk van Hoogeveen Target audience: Tech Presales Webcast Coordinates: You will find the coordinates in the eSTEP portal under the Events tab. Use your email-adress and PIN: eSTEP_2011 to get access. We are happy to get your comments and feedback.Read the article
-
I'm back
- by Rob Addis
I haven’t posted much for a while but after 3 years as a Solution Architect I’m back to my old role designing and developing SOA Frameworks and Management Platforms. So you may be hearing a bit more from me in the future.Read the article
-
Possible problems in a team of programmers [on hold]
- by John
I am a "one man team" ASP.NET C#, SQL, HTML, JQuery programmer that wants to split workload with two other guys. Since I never actually thought of possible issue in a team of programmer, there are actually quite a few that came to my mind. delegating tasks (who works on what which is also very much related to security). I found Team Foundation Service could be helpful with this problem and started reading about it. Are there any alternatives? security (do now want for original code to be reused outside the project) How to prevent programmers from having access to all parts of code, and how to prevent them from using that code outside of project? Is trust or contract the only way?Read the article
-
SQL SERVER – ERROR: FIX using Compatibility Level – Database diagram support objects cannot be installed because this database does not have a valid owner – Part 2
- by pinaldave
Earlier I wrote a blog post about how to resolve the error with database diagram. Today I faced the same error when I was dealing with a database which is upgraded from SQL Server 2005 to SQL Server 2008 R2. When I was searching for the solution online I ended up on my own earlier solution SQL SERVER – ERROR: FIX – Database diagram support objects cannot be installed because this database does not have a valid owner. I really found it interesting that I ended up on my own solution. However, the solution to the problem this time was a bit different. Let us see how we can resolve the same. Error: Database diagram support objects cannot be installed because this database does not have a valid owner. To continue, first use the Files page of the Database Properties dialog box or the ALTER AUTHORIZATION statement to set the database owner to a valid login, then add the database diagram support objects. Workaround / Fix / Solution : Follow the steps listed below and it should for sure solve your problem. (NOTE: Please try this for the databases upgraded from previous version. For everybody else you should just follow the steps mentioned here.) Select your database >> Right Click >> Select Properties Go to the Options In the Dropdown at right labeled “Compatibility Level” choose “SQL Server 2005(90)” Select FILE in left side of page In the OWNER box, select button which has three dots (…) in it Now select user ‘sa’ or NT AUTHORITY\SYSTEM and click OK. This will solve your problem. However, there is one very important note you must consider. When you change any database owner, there are always security related implications. I suggest you check your security policies before changing authorization. I did this to quickly solve my problem on my development server. If you are on production server, you may open yourself to potential security compromise. Reference: Pinal Dave (http://blog.sqlauthority.com) Filed under: PostADay, SQL, SQL Authority, SQL Error Messages, SQL Query, SQL Server, SQL Tips and Tricks, T SQLRead the article
-
How to record streaming camera video and auto-erase old data before drive fills up?
- by nLinked
I'm interested in making my own home CCTV system using Ubuntu. I want to get network cameras similar to this: http://cgi.ebay.co.uk/ws/eBayISAPI.dll?ViewItem&item=260745150596 I want a way to dump or record the live stream to a large hard drive, but have Ubuntu automatically delete the oldest parts of the video while the drive fills, so it can continue recording new data continuously. How can this auto-delete while recording be accomplished? I've searched and searched.Read the article
-
12.04 tablet cursor jumps around when clicking
- by Larry
After updating to 12.04 i had to re-install wizardpen-driver (https://help.ubuntu.com/community/TabletSetupWizardpen) to use my Trust tablet. But now when I change the Coordinate Transformation Matrix to anything else but the identity matrix, moving the pen moves the cursor normally, but when I click (or press with the pen) the cursor jumps to the edge of the screen, seemingly depending on how I edit the matrix. I know the tablet isn't broken since this behaviour doesn't occur if I leave the matrix as an identity matrix, and the tablet works perfectly on Windows. -LRead the article
-
Realize the Benefits of Oracle Fusion Architecture Today; Get on the Path to Oracle Fusion Applicati
Vijay Tella, Vice President and Chief Strategy Officer, Oracle Fusion Middleware, discusses with Cliff the relationship between Oracle Fusion Architecture and Service Oriented Architecture (SOA). They also discuss how Oracle is enabling Fusion Architecture with integration between Oracle Fusion Middleware and the Oracle E-Business Suite, PeopleSoft Enterprise, and JD Edwards Enterprise One suites of applications.Read the article
-
Trim on encrypted SSD--Urandom first?
- by cb474
My understanding (I'm not sure I'm getting this all right) is that if one uses Trim on an encrypted SSD, it defeats some of the security benefits, because the drive will write zeros to empty space (as files are deleted). See: http://www.askubuntu.com/questions/115823/trim-on-an-encrypted-ssd And: http://asalor.blogspot.com/2011/08/trim-dm-crypt-problems.html My question is: From the perspective of the performance of the SSD and the functioning of Trim, would it therefore be better to simply zero out the SSD, before setting up an encrypted system, rather than writing random data to the drive, with urandom, as one usually does? Would this basically leave one with the same level of security anyway? And more importantly, would it better enable the Trim functionality to work as intended, with the encrypted SSD?Read the article
-
Remove scrollbar from iframe [migrated]
- by Faith In Unseen Things
Using this code <iframe frameborder="0" style="height: 185px; overflow:scroll; width: 100%" src="http://www.cbox.ws/box/?boxid=439&boxtag=7868&sec=main" marginheight="1" marginwidth="1" name="cboxmain" id="cboxmain" seamless="seamless" scrolling="no" frameborder="0" allowtransparency="true"></iframe> This is how it appears (the shoutbox on homepage of www.talkjesus.com) How do I remove the horizontal scrollbar and modify the css of the vertical scrollbar? Thank you.Read the article
-
How to use PAM to restrict HTTP access for some users?
- by MaxB
I've read that PAM can be used to restrict HTTP access for some users, but I can't figure out how to do it in Ubuntu 12.04. The /etc/security/time.conf man page contains this example: All users except for root are denied access to console-login at all times: login ; tty* & !ttyp* ; !root ; !Al0000-2400 For this to work, /etc/pam.d/login needs to have a line account requisite pam_time.so This example works, and I tried to adapt it to limit HTTP access from the console. I added http ; tty* & !ttyp* ; !root ; !Al0000-2400 to /etc/security/time.conf, and created /etc/pam.d/http with account requisite pam_time.so This doesn't work. I can still use wget as non-root from the console.Read the article
-
Les brevets Novell rachetés par une alliance entre Microsoft, Apple, Oracle et EMC d'après l'autorité antitrust Allemande
Les brevets Novell rachetés par une alliance entre Microsoft, Apple, Oracle et EMC Selon un document publié par l'autorité fédérale anti-trust Allemande Mise à jour du 17/12/2010 par Idelways Après le rachat de Novell par Attachmate (lire ci-avant) et l'acquisition comme partie de cette transaction de 882 brevets par le « CPTN Holdings », présenté en tant que "consortium de sociétés technologiques mené par Microsoft", l'identité des partenaires de Microsoft dans ce rachat vient d'être révélée. Ou plutôt dénichée. Il s'agirait d'Oracle, Apple et EMC (spécialiste des infrastructures et des solution...Read the article
-
Oracle Magazine, January/February 2008
Oracle Magazine January/February features articles on Oracle Database 11g, SOA, Northwestern University, Oracle database replay, Oracle Business Intelligence and Oracle Identity Management, Oracle Real Application Clusters, tuning by tracing, Oracle Application Express, Oracle Data Guard, Oracle Secure Enterprise Search, Oracle Information Rights Management, and much more.Read the article
-
what do I need to do to get started with a website? [closed]
- by omar
I am a student and I have made websites for some companies before but now I would like to make a generic website for myself but dont know how to get started as I never had to deal with hosting or bandwidth before. I am looking to make a website that will provide users with information about me. In the future I might add things such as ordering or buying products but for now the idea is to provide information only. I was told not to go for any webhoster outside of Canada as I might risk the confidential integrity of my users or myself. I have no idea where to get started or what I need. I now also have to deal with possible security issues or security holes I may leave in my website creation... So my question here is: What is a good and reliable webhosting company that can be trusted to some degree?Read the article
-
Information Networking Institute 20th Anniversary
Security and mobility to be discussed at Carnegie Mellon's INI event Carnegie Mellon University - CarnegieMellon - United States - Education - Colleges and UniversitiesRead the article
-
Symantec: China Leads World in Targeted Malware
The security software developer's latest report pinpoints China as the leading source of malware tailored to hoodwink execs in specific industries.Read the article
-
Friday Spotlight: Oracle Secure Global Desktop and amitego VISULOX
- by Chris Kawalek
Happy Friday! Our spotlight this week is a screencast about a fantastic solution that takes the security model of Oracle Secure Global Desktop and adds even more features. If you work in environments where you need to have a video record of users' interactions with applications, or need to ensure that two users can remotely work on the same session (a worker entering data in a form from one workstation and a manager typing an authorization code from another, for example), amitego VISULOX can do this and a lot more. It's built on top of Oracle Secure Global Desktop, so you get all of the great features there, plus additional unique security related features provided by VISULOX. Click the thumbnail below to watch the screencast. We'll see you next week! -ChrisRead the article
-
How to manage a Closed Source High-Risk Project?
- by abel
I am currently planning to develop a J2EE website and wish to bring in 1 developer and 1 web designer to assist me. The project is a financial app with a niche market. I plan to keep the source closed . However, I fear that my would-be employees could easily copy the codebase and use it /sell it to a third party especially when they switch jobs. The app development will take 4-6months and perhaps more and I may have to bring in people after the app goes live. How do I keep the source to myself. Are there techniques companies use to guard their source. I foresee disabling pendrives and dvd writers on my development machines, but uploading data or attaching the code in one's mail would still be possible. My question is incomplete. But programmers who have been in my situation, please advice. How should I go about this? Building a team, maintaining code-secrecy,etc. I am looking forward to sign a secrecy contract with the employees if needed too. (Please add relevant tags) Update Thank you for all the answers. I certainly won't be disabling all USB ports and DVD writers now. But I think I should be logging activity(How exactly should I do that?) I am wary of scalpers who would join and then run off with the existing code. I haven't met any, but I have been advised to be wary of them. I would include a secrecy clause, but given this is a startup with almost no funding and in a highly competitive business niche with bigger players in the field, I doubt I would be able to detect or pursue any scalpers. How do I hire people I trust, when I don't know them personally. Their resume will be helpful but otherwise trust will develop only with time. But finally even if they do run away with the code, it is service that matters after the sale is made. So I am not really worried for the long term.Read the article
-
Software Research Promises Faster Apps
A new memory management approach improves parallelism on multi-core systems and reduces the overhead from security checks.Read the article
