Search Results

Search found 15415 results on 617 pages for 'security groups'.

Page 277/617 | < Previous Page | 273 274 275 276 277 278 279 280 281 282 283 284  | Next Page >

• Database permissions and ORMs

  - by Jonn

  I've been using .NET's Entity Framework a lot lately and have absolutely no wish to go back to using Stored Procedures. Been shocked though that the company I'm building this project for had a policy where applications were only given accounts that only had permissions to access stored procedures! Apparently, they believe that there's a security risk involved in allowing applications to access the tables/views directly. I don't get this. My first question is, can someone enlighten me as to what kind of security risk applications having direct access to the database may pose? AND If that's the case, are there any other ORM solutions that can provide a workaround to this (I can't think of any logical possibility atm) that would allow me to circumvent the restrictions on the user account to be assigned to me? OR is my understanding that I'd need direct permissions for the tables and views wrong?

  Read the article

• issues regarding UAC prompt

  - by peter

  I want to implement a UAC prompt for an application in visualc++ the operating system is 32bit x7460(2processor) Windowsserver 2008 the exe is myproject.exe through manifest.. Here for testing i wl build the application in Windows XP OS and copy the exe in to system containg the Windowsserver 2008 machine and replace it So what i did is i added a manifest like this name of that is myproject.exe.manifest My project has 3 folders like Headerfile,Resourcefile and Source file.I added this manifest(myproject.exe.manifest) in the Sourcefile folder containing other cpp and c code <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"> <assemblyIdentity version="4.0" processorArchitecture="X7460" name="myproject" type="win32"/> <description>myproject Problem</description> <!-- Identify the application security requirements. --> <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2"> <security> <requestedPrivileges> <requestedExecutionLevel level="requireAdministrator" uiAccess="false"/> </requestedPrivileges> </security> </trustInfo> </assembly> then i added this line of code in Resourcefile(.rc).Means one header file is there(Myproject.h).I added the line of code there #define MANIFEST_RESOURCE_ID 1 MANIFEST_RESOURCE_ID RT_MANIFEST "myproject.exe.manifest" Finally i did the following step Under Project, select Properties. 3. In Properties, select Manifest Tool, and then select Input and Output. 4. Add in the name of your application manifest file under Additional manifest files. 5. Rebuild your application. But i am getting lot of Syntax errors Is there any problems in the way which i followed.If i commented the line #define MANIFEST_RESOURCE_ID 1 MANIFEST_RESOURCE_ID RT_MANIFEST "myproject.exe.manifest" which added in Myproject.h for adding values in .rc file there willnot any error other than this general error c1010070: Failed to load and parse the manifest. The system cannot find the file specified. .\myproject.exe.manifest How to enable UAC prompt through programming

  Read the article

• Two differents FOSUser in application

  - by Jérôme Boé

  I face a problem with FOSUserBundle. In my Symfony2 application, I want to implement two differents User. I have one entity User, for basic user, and one entity UserPro with more informations. My problem is that I want to configure my bundle with this two entities: fos_user: db_driver:     orm firewall_name: main user_class:    Btp\UserBundle\Entity\User fos_userpro: db_driver:     orm firewall_name: pro user_class:    Btp\UserProBundle\Entity\UserPro And so, use fos_user and fos_userpro as provider in my security.yml. I'm no sure it's be possible. I obtain an error : There is no extension able to load the configuration for "fos_userpro" (in /..../app/config/config.yml). Looked for namespace "fos_userpro", found "framework", "security", ... And when I take a look in FOSUserBundle files, I feel that fos_user is not a configuration variable and is directly written in strings. Thanks.

  Read the article

• Should I use WPF or Windows Forms Application for my project in C#?

  - by RAJ K

  I am developing a Client-Server based application in which client application will access server database to store billing information. It will also have report generation facility. Windows Forms is good in document printing & I don't see such facility or controls in WPF. If I am wrong then please correct me. I want database security, which DB should I use, SQL Server, MySQL or Oracle. I would like to use free DB but security is my priority. Please suggest how I can implement a Client-Server architecture with multiple clients in C#? Thank you Geeks!!!

  Read the article

• SharePoint SLK and T-SQL xp_cmdshell safety

  - by Mitchell Skurnik

  I am looking into a TSQL command called "xp_cmdshell" to use to monitor a change to a the SLK (SharePoint Learning Kit) database and then execute a batch or PowerShell script that will trigger some events that I need. (It is bad practice to modify SharePoint's database directly, so I will be using its API) I have been reading on various blogs and MSDN that there are some security concerns with this approach. The sites suggest that you limit security so the command can be executed by only a specific user role. What other tips/suggestions would you recommend with using "xp_cmdshell"? Or should I go about this another way and create a script or console application that constantly checks if a change has been made? I am running Server 2008 with SQL 2008.

  Read the article

• How to deploy and secure an ASP.NET web app to be available to internal and outside users?

  - by Swoop

  My company has several web applications written in ASP.NET. We need to make these applications available to Intranet users as well as authenticated external users. Most of the features are the same for the two groups, though there are some extra features available to the Internal users. The two different sets of users would use a slightly different security setup... our internal people will be authenticated using LDAP against Exchange, whereas the external users will have accounts in SQL Server. What is the best approach for deploying our web apps? Should we deploy 2 copies to different servers, one configured for an Intranet and one for outside users? Or is there a better way to share the code between the 2 servers, yet have the flexibility to use different web.config settings for security??

  Read the article

• Do you leave Windows Automatic Updates enabled on your production IIS server?

  - by Nobody

  If you were running a 24/7 website on Windows Server 2003 (IIS6). Would you leave the Windows automatic update feature enabled or would you turn it off? When enabled, you always get the latest security patches and bug fixes automatically as soon as they're available, which is the most secure choice. However, the machine will sometimes get automatically rebooted to apply the updates leading to a couple of minutes of downtime in the middle of the night. Also, I've seen rare occasions where the machine does not restart correctly resulting in further downtime. If auto updates are off, when do you apply the patches? I guess you have to use a load balancer with multiple web servers and rotate them out of the production site, apply patches manually, and put them back in. This can be logistically inconvenient when the load balancer is managed by a hosting company. You will also have machines in production that don't always have the latest security patches and you have to routinely spend time deciding which patches to apply and when.

  Read the article

• Loading external Swf - sandbox violation

  - by Yamen Al-Haj

  Hello Mates , I need a help ... an urgent one !!! i tried so hard to figured it out .. but i couldn't .. so I appreciate your help so much .. I'm developing an Air App using flash ... the app loads an external SWF file dynamically through an xml ... the SWF file has a movieclip that has a listener (ON click ) function mouseDownHandler(event:MouseEvent):void { navigateToURL(new URLRequest(clickURL)); } everything is working fine until i click on this movieclip ... it displays the below message SecurityError: Error #2121: Security sandbox violation: navigateToURL: http://www.mydomain.com/maskot/avatar.swf cannot access YAHOO.COM for example. This may be worked around by calling Security.allowDomain. any help !!! because i really have a deadline ! Thank you so much !

  Read the article

• Is there a major downside to using .htaccess files in your svn/git repository?

  - by Rob

  If our .htaccess files are purely for mod rewrites, is there a security / development downside to committing .htaccess files alongside other files in your repository? For various reasons (our SEO optimisers like to add pretty urls as new promotions occur, etc) we need a fair few rewrite rules inside these files. Would I be better off pushing the routing into php-land and dealing with it there? Or is reading from a .htaccess via apache fine? The .htaccess files are not exposed via the web server, so that's not a security risk.

  Read the article

• converting from int to hex

  - by Catherine

  I want to convert some ints to hex,but i'm getting something like this : "?|???plL4?h??N{" from 12345. Why? int t = 12345; System.Security.Cryptography.MD5CryptoServiceProvider ano = new System.Security.Cryptography.MD5CryptoServiceProvider(); byte[] d_ano = System.Text.Encoding.ASCII.GetBytes(t.ToString()); byte[] d_d_ano = ano.ComputeHash(d_ano); string st_data1 = System.Text.Encoding.ASCII.GetString(d_d_ano); string st_data = st_data1.ToString(); I'm using it in window form,not in console.

  Read the article

• windows 2000 domain controller

  - by Chris

  in active directory 2000 server i have 5 groups of users and every user has different policies. The problem is that a different desktop loads for only one specific user no matter what changes i make in administrative templates. If i copy this user profile and paste it to another group with a different name windows workaround loads as it should but some policies are not applied. Does anybody know a way to solve this problem instead of creating a new group and user from scratch?

  Read the article

• Query about the service or technology behind gmail service

  - by user1726908

  I am a final year computer science student. I am studying in hyderabad, andhra pradesh, india. I have come to know that the gmail is a cloud service. I am very much interested in learning more about cloud computing. This technology has been puzzling,tickling,increasing my curiosity and i just want to learn as much as i can about it. And through experience, i have learnt that practically doing can improve our knowledge and thirst to learn more. Thus, I would like to know "what are the security measures which you have taken to keep the cloud service like gmail secure and authentic? What is the architecture of the service? What are the technologies used in building it? What are the different levels of security applied in general for building a private cloud?"

  Read the article

• Content Types in browsers, can we use the Mime??

  - by SoLoGHoST

  Ok, I am wondering which mime types are dangerous in browsers? That is to say setting the Content Type to that mime type?? Which mime types, if any would pose a security risk?? I am noticing that many forum software, when uploading files, use the application/octet-stream for any files other than images and place that into the Content Type of the header. I am wondering why don't they place the actual mime-type instead into the Content Type? Are there security risks involved with this? So far I have used text/css, text/plain, audio/mpeg, and many others and haven't noticed any difference between application/octet-stream and these others. Does anyone out there know the exact difference, and what makes application/octet-stream any better, or any worse...to use for the Content Type?? Thank You :)

  Read the article

• Refreshing user's group membership in active directory without log-off/log-on

  - by Serge

  So, when user logs in to their workstation, they receive SIDs of groups they are members of, and this is used for the length of the session, until logging off. Is there a way to refresh membership SIDs information without actually having to log off and log on again? I've added myself to a group, but can't log off without interrupting running process that requires these permissions. Don't want to have to go through these steps again...

  Read the article

• How to compile and run H2 TriggerSample

  - by user1877838

  I copied TriggerSample.java to this directory. Then: javac -cp h2-1.3.168.jar TriggerSample.java creates TriggerSample$MyTrigger.class ... and ... TriggerSample.class Then: java TriggerSample says: Exception in thread "main" java.lang.NoClassDefFoundError: TriggerSample (wrong name: org/h2/samples/TriggerSample) at java.lang.ClassLoader.defineClass1(Native Method) at java.lang.ClassLoader.defineClassCond(ClassLoader.java:631) at java.lang.ClassLoader.defineClass(ClassLoader.java:615) at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:141) at java.net.URLClassLoader.defineClass(URLClassLoader.java:283) at java.net.URLClassLoader.access$000(URLClassLoader.java:58) at java.net.URLClassLoader$1.run(URLClassLoader.java:197) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:190) at java.lang.ClassLoader.loadClass(ClassLoader.java:306) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301) at java.lang.ClassLoader.loadClass(ClassLoader.java:247) also no go with: java org.h2.samples.TriggerSample java org/h2/samples/TriggerSample How exactly to run that example from the command line?

  Read the article

• Where Should Using Statements Be Located [closed]

  - by Bobby Ortiz - DotNetBob

  Possible Duplicate: What is the difference between these two declarations? I recently started working on a project with using statement located inside the NameSpace block. namespace MyApp.Web { using System; using System.Web.Security; using System.Web; public class MyClass { I usually put my using statements above the namespace block. using System; using System.Web.Security; using System.Web; namespace MyApp.Web { public class MyClass { I don't think it matters, but I am currious if someone else had a recommendation and could they explain why one way is better than another. Note: I always have one class per file.

  Read the article

• Do AOP violate layered architecture for enterprise apps?

  - by redzedi

  The question(as stated in the title) comes to me as recently i was looking at Spring MVC 3.1 with annotation support and also considering DDD for an upcoming project. In the new Spring any POJO with its business methods can be annotated to act as controller, all the concerns that i would have addressed within a Controller class can be expressed exclusively through the annotations. So, technically i can take any class and wire it to act as controller , the java code is free from any controller specific code, hence the java code could deal with things like checking security , starting txn etc. So will such a class belong to Presentation or Application layer ?? Taking that argument even further , we can pull out things like security, txn mgmt and express them through annotations , thus the java code is now that of the domain object. Will that mean we have fused together the 2 layers? Please clarify

  Read the article

• Python built-in id() not consistent:

  - by Dannellyz

  Hoping someone can explain the following discrepancy: >>> s1 = "Cyber security" >>> s2 = "Cyber security" >>> id(s1) == id(s1) True >>> id(s1) == id(s2) False >>> s1 = "cyber" >>> s2 = "cyber" >>> id(s1) == id(s2) True >>> s2 = "cyber " >>> s2 = "cyber " >>> id(s1) == id(s2) False Why does the space make the id() False, yet different variables with no spaces are True?

  Read the article

• @OrderBy: Sorting references

  - by Sven Moschel

  We have the following entity structure: @Entity public class SecurityRole { private List<Account> accounts; // ManyToMany } @Entity public class Account { private Employee owner; // OneToOne } @Entity public class Employee { private String lastName; } A security role can have many accounts. A account always has an employee. On the GUI we show the security roles in an mastertable. In the detail table we show the accounts of the role. To display the employee information we show "account.getOwner().getLastName()"; How can we use the @OrderBy annotation with this model? Is this possible? The problem is that the Account entity has no employee information that we can sort.

  Read the article

• Cannot access windows share folder

  - by haroldmoma

  In my windows domain, there's been happening a problem with the access to some of our shared folders: There appears a "the account is disabled" problem whe trying to access those. When looking at the the Active Directory Groups and Users snap-in, there's no user blocked nor disabled and the users trying to access the shared folders don't have any problem logging in on their respective computers. Needless to say, they have proper permissions on the network shares to be accessed. What might be the problem?

  Read the article

• Windows GPO default mapped drives

  - by SteB

  Is there a way, using Windows GPO, to set up a list of "default" mapped drives that can be applied to a group of users? I runs small network and would like to make sure that certain groups of users (like Sales or Support) have the same network shares mapped to the same drive letters irrespective of which PC they log onto. This would make the setup of new users easier and allow the centralised administration of the network locations shared. Any links to examples and/or step-by-step guides would be greatly appreciated.

  Read the article

• Openvpn multiple subnet invisble to each other

  - by VimManiac

  I want to setup openvpn in such a way that i can place clients in different groups and give each group a private subnet (push the addresses to clients when they connect to the openvpn server) where they are visible to each other but not to the clients on other subnets. How do i proceed? Thanks.

  Read the article

• How to get the size of a RSA key in Java

  - by Tom Brito

  Given an java.security.interfaces.RSAKey, how do I get it's size?

  Read the article

• Amazon EC2, still cant ping or "http" it

  - by DarkFire21

  I am new at Amazon Cloud technologies. I ve set up an Amazon Linux instance created my keys and assigned elastic IP. Also, I opened all TCP, UDP, ICMP ports(ok, it's very dangerous, but I am using it for test purposes). I ve also installed Apache server and enabled it. But still cant ping or access my instance via IP. Any ideas? EDIT: Please see a screenshot of the security groups settings. All ports are open... Check this out

  Read the article

• Forms Authentication Across Applications Stopped Working

  - by colleski

  Hi, I have a .net 1.1 ASP application (domain.com) which has a .net 2 virtual directory (domain.com/v2) beneath it, both applications run within their own app pool on the same machine running IIS 6. The web.config files for both apps are setup for Forms Authentication as described here - http://msdn.microsoft.com/en-us/library/eb0zx8fc(v=VS.80).aspx. Users would be directed to the domain.com/v2/login.aspx page which would authenticate for both applications, this configuration has been working fine for the last few years until installing one of the recent Windows 2003 security updates today. Now after authenticating under /v2 users keep getting redirected back to domain.com/v2/Login.aspx as domain.com doesnt see them as authenticated anymore. Any ideas as to which security update would have caused this and if its possible to rollback? I've looked at a few suggestions on this (e.g. Cross app on subdomain form authentication not working) and other sites but no luck so far Any help would be appreciated. Thanks

  Read the article

< Previous Page | 273 274 275 276 277 278 279 280 281 282 283 284  | Next Page >