Search Results

Search found 16101 results on 645 pages for 'owsm webservices ws security ws trust soa secuirty'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 28/645 | < Previous Page | 24 25 26 27 28 29 30 31 32 33 34 35  | Next Page >

  • Data-Driven SOA with Oracle Data Integrator

    - by Irem Radzik
    v\:* {behavior:url(#default#VML);} o\:* {behavior:url(#default#VML);} w\:* {behavior:url(#default#VML);} .shape {behavior:url(#default#VML);} Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:10.0pt; font-family:"Cambria","serif"; mso-fareast-font-family:"MS Mincho";} By Mike Eisterer, Data integration is more than simply moving data in bulk or in real-time, it is also about unifying information for improved business agility and integrating it in today’s service-oriented architectures. SOA enables organizations to easily define services which may then be discovered and leveraged by varying consumers. These consumers may be applications, customer facing portals, or complex business rules which are assembling services to automate process. Data as a foundational service provider is a key component of today’s successful SOA implementations. Oracle offers the broadest and most integrated portfolio of products to help you define, organize, orchestrate and consume data services. If you are attending Oracle OpenWorld next week, you will have ample opportunity to see the latest Oracle Data Integrator live in action and work with it yourself in two offered Hands-on Labs. Visit the hands-on lab to gain experience firsthand: Oracle Data Integrator and Oracle SOA Suite: Hands-on- Lab (HOL10480) Wed Oct 3rd 11:45AM Marriott Marquis- Salon 1/2 To learn more about Oracle Data Integrator, please visit our Introduction Hands-on LAB: Introduction to Oracle Data Integrator (HOL10481) Mon Oct 1st 3:15PM, Marriott Marquis- Salon 1/2 If you are not able to attend OpenWorld, please check out our latest resources for Data Integration.

    Read the article

  • SOA, Governance, and Drugs

    Why is IT governance important in service oriented architecture (SOA)? IT Governance provides a framework for making appropriate decisions based on company guidelines and accepted standards. This framework also outlines each stakeholder’s responsibilities and authority when making important architectural or design decisions. Furthermore, this framework of governance defines parameters and constraints that are used to give context and perspective when making decisions. The use of governance as it applies to SOA ensures that specific design principles and patterns are used when developing and maintaining services. When governance is consistently applied systems the following benefits are achieved according to Anne Thomas Manes in 2010. Governance makes sure that services conform to standard interface patterns, common data modeling practices, and promotes the incorporation of existing system functionality by building on top of other available services across a system. Governance defines development standards based on proven design principles and patterns that promote reuse and composition. Governance provides developers a set of proven design principles, standards and practices that promote the reduction in system based component dependencies.  By following these guidelines, individual components will be easier to maintain. For me personally, I am a fan of IT governance, and feel that it valuable part of any corporate IT department. However, depending on how it is implemented can really affect the value of using IT governance.  Companies need to find a way to ensure that governance does not become extreme in its policies and procedures. I know for me personally, I would really dislike working under a completely totalitarian or laissez-faire version of governance. Developers need to be able to be creative in their designs and too much governance can really impede the design process and prevent the most optimal design from being developed. On the other hand, with no governance enforced, no standards will be followed and accepted design patterns will be ignored. I have personally had to spend a lot of time working on this particular scenario and I have found that the concept of code reuse and composition is almost nonexistent.  Based on this, too much time and money is wasted on redeveloping existing aspects of an application that already exist within the system as a whole. I think moving forward we will see a staggered form of IT governance, regardless if it is for SOA or IT in general.  Depending on the size of a company and the size of its IT department,  I can see IT governance as a layered approach in that the top layer will be defined by enterprise architects that focus on abstract concepts pertaining to high level design, general  guidelines, acceptable best practices, and recommended design patterns.  The next layer will be defined by solution architects or department managers that further expand on abstracted guidelines defined by the enterprise architects. This layer will contain further definitions as to when various design patterns, coding standards, and best practices are to be applied based on the context of the solutions that are being developed by the department. The final layer will be defined by the system designer or a solutions architect assed to a project in that they will define what design patterns will be used in a solution, naming conventions, as well as outline how a system will function based on the best practices defined by the previous layers. This layered approach allows for IT departments to be flexible in that system designers have creative leeway in designing solutions to meet the needs of the business, but they must operate within the confines of the abstracted IT governance guidelines.  A real world example of this can be seen in the United States as it pertains to governance of the people in that the US government defines rules and regulations in the abstract and then the state governments take these guidelines and applies them based on the will of the people in each individual state. Furthermore, the county or city governments are the ones that actually enforce these rules based on how they are interpreted by local community.  To further define my example, the United States government defines that marijuana is illegal. Each individual state has the option to determine this regulation as it wishes in that the state of Florida determines that all uses of the drug are illegal, but the state of California legally allows the use of marijuana for medicinal purposes only. Based on these accepted practices each local government enforces these rules in that a police officer will arrest anyone in the state of Florida for having this drug on them if they walk down the street, but in California if a person has a medical prescription for the drug they will not get arrested.  REFERENCESThomas Manes, Anne. (2010). Understanding SOA Governance: http://www.soamag.com/I40/0610-2.php

    Read the article

  • Remote server security: handling compiler tools

    - by Gonzolas
    Hello! I was wondering wether to remove compiler tools (gcc, make, ...) from a remote production server, mainly for security purposes. Background: The server runs a web application on Linux. Consider Apache jailed. Otherwise, only OpenSSHd faces the public network. Of course there is no compiler stuff within the jail, so this is about the actual OS outside of any jails. Here's my personal PRO/CON list (regarding removal) so far: PRO: I had been reading some suggestions to remove compiler tools in order inhibit custom building of trojans etc. from within the host if an attacker attains unpriviliged user permissions. CON: I can't live without Perl/Python and a trojan/whatever could be written in a scripting language like that, anyway, so why bother about removing gcc et al. at all. There is a need to build new Linux kernels as well as some security tools from source directly on the server, because the server runs in 64-bits mode and (to my understanding) I can't (cross-)compile locally/elsewhere due to lack of another 64-bits hardware system. OK, so here are my questions for you: (a) Is my PRO/CON assessment correct? (b) Do you know of other PROs / CONs to removing all compiler tools? Do they weigh in more? (c) Which binaries should I consider dangerous if the given PRO statement holds? Only gcc, or also make, or what else? Should I remove the enitre software packages them come with? (d) Is it OK to just move those binaries to a root-only accessible directory when they are not needed? Or is there a gain in security if I "scp them in" every time? Thank you!

    Read the article

  • How to prevent getting infected by rogue security applications

    - by Ieyasu Sawada
    My computer never got infected with a virus before, because I'm using Web of Trust browser plugin, sandboxie and Avast Free antivirus. But today, it got infected with a rogue security application called antivirus.net. I have already removed it using MBAM, SAS, and Kaspersky Virus Removal Tool. And by the way, I was using MSE when my laptop got infected. Seems like the rogue application just killed off the MSE process. And I never even got a warning. I was using the wi-fi from our school, which I think is the cause since most of the computers in our laboratory has rogue applications on it. My question is, how do I prevent this from happening again? It took me about 6 hours to disinfect my computer and I don't want it to happen again. Please enlighten me if these rogue applications really just pop out of nowhere. Note I'm not dumb enough to agree with installing rogue security applications. It just came out of nowhere. I'm happy with MSE, well not after it let antivirus.net penetrate my computer. I've done a little bit of research and it says that it needs the permission of the user to actually install it in the computer: http://www.net-security.org/malware_news.php?id=1245 http://en.wikipedia.org/wiki/Rogue_security_software Is it possible that other computers in our school network have agreed to install those? Or maybe the network admin?

    Read the article

  • Google chrome not accepting any security certificates

    - by Jerry
    I've recently developed a problem with Google Chrome that's really annoying. I'm using Firefox at the moment with no problems whatsoever and it's the same with IE, so it's safe to say this problem is specific to Chrome. The problem is that it's not accepting security certificates from certain sites. I suppose the best place to start would be google itself. I can't search. The google search page will load but when I type some search term into the search box and hit 'search' I get the message: "You attempted to reach www.google.com, but the server presented an invalid certificate. You cannot proceed because the website operator has requested heightened security for this domain." No matter what the search term is, this is the result. Also when I try to log in to facebook - same message. Youtube works and many other sites that I know present security certs so I'm baffled. I've searched and there are other people who have had similar issues but I can't find a solution anywhere. The most common answer I'm picking up for this is to "check your system time" but I can safely say that it's not my system time. If anyone knows what is going on, I'd very much appreciate being informed. It's not super urgent as I can use Firefox to access those places Chrome won't, but it IS super annoying because I can usually sort out issues like this in no time.

    Read the article

  • Need inputs in architecting SOA which handles multiple versions of schema

    - by user555400
    Hi, I am working on an assignment where building SOA for an existing application. I am trying to get input from you guys on which is better approach for the SOA application: Here is the requirement: We want to develop SOA application that helps other vendors to integrate with our system. I also understand for some clients we need to bring new fields to support the integration. Solution Needed: Looking for either one SOA application which can handle all the clients to do the integration with our system. Question Is it possible to do so? Because we might have different contracts possibly bringing new fields coming into the contracts. (or) Develop a another SOA service if the service contract changes and have a front gate SOA service to divert the call to the appropriate SOA services based on the version [Probably mentioned in the SOAP header]. If anyone of you guys have handled this type of requirement and know how to handle this problem, that would help me. Thanks, Nazim

    Read the article

  • Outbound traffic being blocked for MIP/VIPped servers (Juniper SSG5)

    - by Mark S. Rasmussen
    As we've been having some problems with sporadic packet loss, I've been preparing a replacement router (also an SSG5) for our current Juniper SSG5. I've setup the new SSG5 identically to the old one. We have a /29 IP range with a single IP setup as a MIP map to a server and two others being used for VIP maps. Each VIP/MIP is accompanied by relevant policies. Long story short - we tried connected the new SSG5 and some things were not working as they should. No problem, I just reconnected the old one. However, some things are still broken, even when I reconnected the old one. I fear I may have inadvertently changed some settings while browsing through old settings in my attempt to reconfigure the new SSG5 unit. All inbound traffic seems to work as expected. However, the 192.168.2.202 server can't initiate any outbound connections. It works perfectly on the local network, but any pings or DNS lookups to external IP's fail. The MIP & VIP map to it works perfectly - I can access it through HTTP and RDP without issues. Any tips on what to debug, or where I've messed up my config? I've attached the full config here (with anonymized IPs): set clock timezone 1 set vrouter trust-vr sharable set vrouter "untrust-vr" exit set vrouter "trust-vr" unset auto-route-export exit set service "MyVOIP_UDP4569" protocol udp src-port 0-65535 dst-port 4569-4569 set service "MyVOIP_TCP22" protocol tcp src-port 0-65535 dst-port 22-22 set service "MyRDP" protocol tcp src-port 0-65535 dst-port 3389-3389 set service "MyRsync" protocol tcp src-port 0-65535 dst-port 873-873 set service "NZ_FTP" protocol tcp src-port 0-65535 dst-port 40000-41000 set service "NZ_FTP" + tcp src-port 0-65535 dst-port 21-21 set service "PPTP-VPN" protocol 47 src-port 2048-2048 dst-port 2048-2048 set service "PPTP-VPN" + tcp src-port 1024-65535 dst-port 1723-1723 set service "NZ_FMS_1935" protocol tcp src-port 0-65535 dst-port 1935-1935 set service "NZ_FMS_1935" + udp src-port 0-65535 dst-port 1935-1935 set service "NZ_FMS_8080" protocol tcp src-port 0-65535 dst-port 8080-8080 set service "CrashPlan Server" protocol tcp src-port 0-65535 dst-port 4280-4280 set service "CrashPlan Console" protocol tcp src-port 0-65535 dst-port 4282-4282 unset alg sip enable set auth-server "Local" id 0 set auth-server "Local" server-name "Local" set auth default auth server "Local" set auth radius accounting port 1646 set admin auth timeout 10 set admin auth server "Local" set admin format dos set vip multi-port set zone "Trust" vrouter "trust-vr" set zone "Untrust" vrouter "trust-vr" set zone "DMZ" vrouter "trust-vr" set zone "VLAN" vrouter "trust-vr" set zone "Untrust-Tun" vrouter "trust-vr" set zone "Trust" tcp-rst set zone "Untrust" block unset zone "Untrust" tcp-rst set zone "DMZ" tcp-rst set zone "VLAN" block unset zone "VLAN" tcp-rst set zone "Untrust" screen tear-drop set zone "Untrust" screen syn-flood set zone "Untrust" screen ping-death set zone "Untrust" screen ip-filter-src set zone "Untrust" screen land set zone "V1-Untrust" screen tear-drop set zone "V1-Untrust" screen syn-flood set zone "V1-Untrust" screen ping-death set zone "V1-Untrust" screen ip-filter-src set zone "V1-Untrust" screen land set interface ethernet0/0 phy full 100mb set interface ethernet0/3 phy full 100mb set interface ethernet0/4 phy full 100mb set interface ethernet0/5 phy full 100mb set interface ethernet0/6 phy full 100mb set interface "ethernet0/0" zone "Untrust" set interface "ethernet0/1" zone "Null" set interface "bgroup0" zone "Trust" set interface "bgroup1" zone "Trust" set interface "bgroup2" zone "Trust" set interface bgroup2 port ethernet0/2 set interface bgroup0 port ethernet0/3 set interface bgroup0 port ethernet0/4 set interface bgroup1 port ethernet0/5 set interface bgroup1 port ethernet0/6 unset interface vlan1 ip set interface ethernet0/0 ip 212.242.193.18/29 set interface ethernet0/0 route set interface bgroup0 ip 192.168.1.1/24 set interface bgroup0 nat set interface bgroup1 ip 192.168.2.1/24 set interface bgroup1 nat set interface bgroup2 ip 192.168.3.1/24 set interface bgroup2 nat set interface ethernet0/0 gateway 212.242.193.17 unset interface vlan1 bypass-others-ipsec unset interface vlan1 bypass-non-ip set interface ethernet0/0 ip manageable set interface bgroup0 ip manageable set interface bgroup1 ip manageable set interface bgroup2 ip manageable set interface bgroup0 manage mtrace unset interface bgroup1 manage ssh unset interface bgroup1 manage telnet unset interface bgroup1 manage snmp unset interface bgroup1 manage ssl unset interface bgroup1 manage web unset interface bgroup2 manage ssh unset interface bgroup2 manage telnet unset interface bgroup2 manage snmp unset interface bgroup2 manage ssl unset interface bgroup2 manage web set interface ethernet0/0 vip 212.242.193.19 2048 "PPTP-VPN" 192.168.1.131 set interface ethernet0/0 vip 212.242.193.19 + 4280 "CrashPlan Server" 192.168.1.131 set interface ethernet0/0 vip 212.242.193.19 + 4282 "CrashPlan Console" 192.168.1.131 set interface ethernet0/0 vip 212.242.193.22 22 "MyVOIP_TCP22" 192.168.2.127 set interface ethernet0/0 vip 212.242.193.22 + 4569 "MyVOIP_UDP4569" 192.168.2.127 set interface ethernet0/0 vip 212.242.193.22 + 3389 "MyRDP" 192.168.2.202 set interface ethernet0/0 vip 212.242.193.22 + 873 "MyRsync" 192.168.2.201 set interface ethernet0/0 vip 212.242.193.22 + 80 "HTTP" 192.168.2.202 set interface ethernet0/0 vip 212.242.193.22 + 2048 "PPTP-VPN" 192.168.2.201 set interface ethernet0/0 vip 212.242.193.22 + 8080 "NZ_FMS_8080" 192.168.2.216 set interface ethernet0/0 vip 212.242.193.22 + 1935 "NZ_FMS_1935" 192.168.2.216 set interface bgroup0 dhcp server service set interface bgroup1 dhcp server service set interface bgroup2 dhcp server service set interface bgroup0 dhcp server auto set interface bgroup1 dhcp server auto set interface bgroup2 dhcp server auto set interface bgroup0 dhcp server option domainname iplan set interface bgroup0 dhcp server option dns1 192.168.1.131 set interface bgroup1 dhcp server option domainname nzlan set interface bgroup1 dhcp server option dns1 192.168.2.202 set interface bgroup2 dhcp server option dns1 8.8.8.8 set interface bgroup2 dhcp server option wins1 8.8.4.4 set interface bgroup0 dhcp server ip 192.168.1.2 to 192.168.1.116 set interface bgroup1 dhcp server ip 192.168.2.2 to 192.168.2.116 set interface bgroup2 dhcp server ip 192.168.3.2 to 192.168.3.126 unset interface bgroup0 dhcp server config next-server-ip unset interface bgroup1 dhcp server config next-server-ip unset interface bgroup2 dhcp server config next-server-ip set interface "ethernet0/0" mip 212.242.193.21 host 192.168.2.202 netmask 255.255.255.255 vr "trust-vr" set interface "serial0/0" modem settings "USR" init "AT&F" set interface "serial0/0" modem settings "USR" active set interface "serial0/0" modem speed 115200 set interface "serial0/0" modem retry 3 set interface "serial0/0" modem interval 10 set interface "serial0/0" modem idle-time 10 set pak-poll p1queue pak-threshold 96 set pak-poll p2queue pak-threshold 32 set flow tcp-mss unset flow tcp-syn-check set dns host dns1 0.0.0.0 set dns host dns2 0.0.0.0 set dns host dns3 0.0.0.0 set address "Trust" "192.168.1.0/24" 192.168.1.0 255.255.255.0 set address "Trust" "192.168.2.0/24" 192.168.2.0 255.255.255.0 set address "Trust" "192.168.3.0/24" 192.168.3.0 255.255.255.0 set ike respond-bad-spi 1 unset ike ikeid-enumeration unset ike dos-protection unset ipsec access-session enable set ipsec access-session maximum 5000 set ipsec access-session upper-threshold 0 set ipsec access-session lower-threshold 0 set ipsec access-session dead-p2-sa-timeout 0 unset ipsec access-session log-error unset ipsec access-session info-exch-connected unset ipsec access-session use-error-log set l2tp default ppp-auth chap set url protocol websense exit set policy id 1 from "Trust" to "Untrust" "Any" "Any" "ANY" permit traffic set policy id 1 exit set policy id 2 from "Untrust" to "Trust" "Any" "VIP(212.242.193.19)" "PPTP-VPN" permit traffic set policy id 2 exit set policy id 3 from "Untrust" to "Trust" "Any" "VIP(212.242.193.22)" "HTTP" permit traffic priority 0 set policy id 3 set service "MyRDP" set service "MyRsync" set service "MyVOIP_TCP22" set service "MyVOIP_UDP4569" exit set policy id 6 from "Trust" to "Trust" "192.168.1.0/24" "192.168.2.0/24" "ANY" deny set policy id 6 exit set policy id 7 from "Trust" to "Trust" "192.168.2.0/24" "192.168.1.0/24" "ANY" deny set policy id 7 exit set policy id 8 from "Trust" to "Trust" "192.168.3.0/24" "192.168.1.0/24" "ANY" deny set policy id 8 exit set policy id 9 from "Trust" to "Trust" "192.168.3.0/24" "192.168.2.0/24" "ANY" deny set policy id 9 exit set policy id 10 from "Untrust" to "Trust" "Any" "MIP(212.242.193.21)" "NZ_FTP" permit set policy id 10 exit set policy id 11 from "Untrust" to "Trust" "Any" "VIP(212.242.193.22)" "PPTP-VPN" permit set policy id 11 exit set policy id 12 from "Untrust" to "Trust" "Any" "VIP(212.242.193.22)" "NZ_FMS_1935" permit set policy id 12 set service "NZ_FMS_8080" exit set policy id 13 from "Untrust" to "Trust" "Any" "VIP(212.242.193.19)" "CrashPlan Console" permit set policy id 13 set service "CrashPlan Server" exit set nsmgmt bulkcli reboot-timeout 60 set ssh version v2 set config lock timeout 5 set snmp port listen 161 set snmp port trap 162 set vrouter "untrust-vr" exit set vrouter "trust-vr" unset add-default-route exit set vrouter "untrust-vr" exit set vrouter "trust-vr" exit

    Read the article

  • Windows Console .exe won't run if it's downloaded from the internet

    - by Jason Kester
    I have a nightly job on Windows Server 2003 that automatically updates itself by downloading its .exe from Amazon S3. I've noticed that when it performs the download and tries to run the newly downloaded .exe, it is immediately kicked back to the command line without actually running anything. I can verify this by sticking the new version of the code directly on the server and watching it execute successfully, then uploading it to the "update" server, running the bootstrapper then running the .exe and observing it fail to execute. I can only assume that this is due to Windows protecting me from running code from outside its trusted zone. How does a fella go about configuring it to allow code from this particular external location to execute? Thanks!

    Read the article

  • .NET Declarative Security: Why is SecurityAction.Deny impossible to work with?

    - by rally25rs
    I've been messing with this for about a day and a half now sifting through .NET reflector and MSDN docs, and can't figure anything out... As it stands in the .NET framework, you can demand that the current Principal belong to a role to be able to execute a method by marking a method like this: [PrincipalPermission(SecurityAction.Demand, Role = "CanEdit")] public void Save() { ... } I am working with an existing security model that already has a "ReadOnly" role defined, so I need to do exactly the opposite of above... block the Save() method if a user is in the "ReadOnly" role. No problem, right? just flip the SecurityAction to .Deny: [PrincipalPermission(SecurityAction.Deny, Role = "ReadOnly")] public void Save() { ... } Well, it turns out that this does nothing at all. The method still runs fine. It seems that the PrincipalPermissionAttribute defines: public override IPermission CreatePermission() But when the attribute is set to SecurityAction.Deny, this method is never called, so no IPermission object is ever created. Does anyone know of a way to get .Deny to work? I've been trying to make a custom secutiry attribute, but even that doesn't work. I tried to get tricky and do: public class MyPermissionAttribute : CodeAccessSecurityAttribute { private SecurityAction securityAction; public MyPermissionAttribute(SecurityAction action) : base(SecurityAction.Demand) { if (action != SecurityAction.Demand && action != SecurityAction.Deny) throw new ArgumentException("Unsupported SecurityAction. Only Demand and Deny are supported."); this.securityAction = action; } public override IPermission CreatePermission() { // do something based on the SecurityAction... } } Notice my attribute constructor always passes SecurityAction.Demand, which is the one action that would work previously. However, even in this case, the CreatePermission() method is still only called when the attribute is set to .Demand, and not .Deny! Maybe the runtime is actually checking the attribute instead of the SecurityAction passed to the CodeAccessSecurityAttribute constructor? I'm not sure what else to try here... anyone have any ideas? You wouldn't think it would be that hard to deny method access based on a role, instead of only demanding it. It really disturbed me that the default PrincipalPermission appears from within an IDE like it would be just fine doing a .Deny, and there is like a 1-liner in the MSDN docs that hint that it won't work. You would think the PrincipalPermissionAttribute constructor would throw an exception immediately if anything other that .Demand is specified, since that could create a big security hole! I never would have realized that .Deny does nothing at all if I hadn't been unit testing! Again, all this stems from having to deal with an existing security model that has a "ReadOnly" role that needs to be denied access, instead of doing it the other way around, where I cna just grant access to a role. Thanks for any help! Quick followup: I can actually make my custom attribute work by doing this: public class MyPermissionAttribute : CodeAccessSecurityAttribute { public SecurityAction SecurityAction { get; set; } public MyPermissionAttribute(SecurityAction action) : base(action) { } public override IPermission CreatePermission() { switch(this.SecurityAction) { ... } // check Demand or Deny } } And decorating the method: [MyPermission(SecurityAction.Demand, SecurityAction = SecurityAction.Deny, Role = "ReadOnly")] public void Save() { ... } But that is terribly ugly, since I'm specifying both Demand and Deny in the same attribute. But it does work... Another interesting note: My custom class extends CodeAccessSecurityAttribute, which in turn only extends SecurityAttribute. If I cnage my custom class to directly extend SecurityAttribute, then nothing at all works. So it seems the runtime is definately looking for only CodeAccessSecurityAttribute instances in the metadata, and does something funny with the SecurityAction specified, even if a custom constructor overrides it.

    Read the article

  • Spring Security - Persistent Remember Me Issue

    - by Taylor L
    I've been trying to track down why Spring Security isn't creating the Spring Security remember me cookie (SPRING_SECURITY_REMEMBER_ME_COOKIE). At first glance, the logs make it seem like the login is failing, but the login is actually successful in the sense that if I navigate to a page that requires authentication I am not redirected back to the login page. However, the logs appear to be saying the login credentials are invalid. I'm using Spring 3.0.1, Spring Security 3.0.1, and Google App Engine 1.3.1. Any ideas as to what is going on? Mar 16, 2010 10:05:56 AM org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices onLoginSuccess FINE: Creating new persistent login for user [email protected] Mar 16, 2010 10:10:07 AM org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices loginFail FINE: Interactive login attempt was unsuccessful. Mar 16, 2010 10:10:07 AM org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices cancelCookie FINE: Cancelling cookie Below is the relevant portion of the applicationContext-security.xml. <http auto-config="false"> <intercept-url pattern="/css/**" filters="none" /> <intercept-url pattern="/img/**" filters="none" /> <intercept-url pattern="/js/**" filters="none" /> <intercept-url pattern="/app/admin/**" filters="none" /> <intercept-url pattern="/app/login/**" filters="none" /> <intercept-url pattern="/app/register/**" filters="none" /> <intercept-url pattern="/app/error/**" filters="none" /> <intercept-url pattern="/" filters="none" /> <intercept-url pattern="/**" access="ROLE_USER" /> <logout logout-success-url="/" /> <form-login login-page="/app/login" default-target-url="/" authentication-failure-url="/app/login?login_error=1" /> <session-management invalid-session-url="/app/login" /> <remember-me services-ref="rememberMeServices" key="myKey" /> </http> <authentication-manager alias="authenticationManager"> <authentication-provider user-service-ref="userDetailsService"> <password-encoder hash="sha-256" base64="true"> <salt-source user-property="username" /> </password-encoder> </authentication-provider> </authentication-manager> <beans:bean id="userDetailsService" class="com.my.service.auth.UserDetailsServiceImpl" /> <beans:bean id="rememberMeServices" class="org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices"> <beans:property name="userDetailsService" ref="userDetailsService" /> <beans:property name="tokenRepository" ref="persistentTokenRepository" /> <beans:property name="key" value="myKey" /> </beans:bean> <beans:bean id="persistentTokenRepository" class="com.my.service.auth.PersistentTokenRepositoryImpl" />

    Read the article

  • Adobe Flash player Secuirty Pop-Up question

    - by kapildalwani
    I am building a Audio Recording tool using Flash and Wowza. I dont want to start the recording until the use clicks the Allow Button is the Security Pop-up question represented here http://www.macromedia.com/support/documentation/en/flashplayer/help/help05.html In Audio I dont get this until I attach the stream to it. In Video can get thsi question when I attach the camera to Video. I want to avoid making a connection until the user clicks Accept and this doesn't happen until I make the connection request in Audio. I am able to display the http://www.macromedia.com/support/documentation/en/flashplayer/help/help09.html pop-up using SecurityManager Is there a way I can call the pop-up from my code. http://www.macromedia.com/support/documentation/en/flashplayer/help/help05.html

    Read the article

  • Integration Patterns with Azure Service Bus Relay, Part 2: Anonymous full-trust .NET consumer

    - by Elton Stoneman
    This is the second in the IPASBR series, see also: Integration Patterns with Azure Service Bus Relay, Part 1: Exposing the on-premise service Part 2 is nice and easy. From Part 1 we exposed our service over the Azure Service Bus Relay using the netTcpRelayBinding and verified we could set up our network to listen for relayed messages. Assuming we want to consume that service in .NET from an environment which is fairly unrestricted for us, but quite restricted for attackers, we can use netTcpRelay and shared secret authentication. Pattern applicability This is a good fit for scenarios where: the consumer can run .NET in full trust the environment does not restrict use of external DLLs the runtime environment is secure enough to keep shared secrets the service does not need to know who is consuming it the service does not need to know who the end-user is So for example, the consumer is an ASP.NET website sitting in a cloud VM or Azure worker role, where we can keep the shared secret in web.config and we don't need to flow any identity through to the on-premise service. The service doesn't care who the consumer or end-user is - say it's a reference data service that provides a list of vehicle manufacturers. Provided you can authenticate with ACS and have access to Service Bus endpoint, you can use the service and it doesn't care who you are. In this post, we’ll consume the service from Part 1 in ASP.NET using netTcpRelay. The code for Part 2 (+ Part 1) is on GitHub here: IPASBR Part 2 Authenticating and authorizing with ACS In this scenario the consumer is a server in a controlled environment, so we can use a shared secret to authenticate with ACS, assuming that there is governance around the environment and the codebase which will prevent the identity being compromised. From the provider's side, we will create a dedicated service identity for this consumer, so we can lock down their permissions. The provider controls the identity, so the consumer's rights can be revoked. We'll add a new service identity for the namespace in ACS , just as we did for the serviceProvider identity in Part 1. I've named the identity fullTrustConsumer. We then need to add a rule to map the incoming identity claim to an outgoing authorization claim that allows the identity to send messages to Service Bus (see Part 1 for a walkthrough creating Service Idenitities): Issuer: Access Control Service Input claim type: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier Input claim value: fullTrustConsumer Output claim type: net.windows.servicebus.action Output claim value: Send This sets up a service identity which can send messages into Service Bus, but cannot register itself as a listener, or manage the namespace. Adding a Service Reference The Part 2 sample client code is ready to go, but if you want to replicate the steps, you’re going to add a WSDL reference, add a reference to Microsoft.ServiceBus and sort out the ServiceModel config. In Part 1 we exposed metadata for our service, so we can browse to the WSDL locally at: http://localhost/Sixeyed.Ipasbr.Services/FormatService.svc?wsdl If you add a Service Reference to that in a new project you'll get a confused config section with a customBinding, and a set of unrecognized policy assertions in the namespace http://schemas.microsoft.com/netservices/2009/05/servicebus/connect. If you NuGet the ASB package (“windowsazure.servicebus”) first and add the service reference - you'll get the same messy config. Either way, the WSDL should have downloaded and you should have the proxy code generated. You can delete the customBinding entries and copy your config from the service's web.config (this is already done in the sample project in Sixeyed.Ipasbr.NetTcpClient), specifying details for the client:     <client>       <endpoint address="sb://sixeyed-ipasbr.servicebus.windows.net/net"                 behaviorConfiguration="SharedSecret"                 binding="netTcpRelayBinding"                 contract="FormatService.IFormatService" />     </client>     <behaviors>       <endpointBehaviors>         <behavior name="SharedSecret">           <transportClientEndpointBehavior credentialType="SharedSecret">             <clientCredentials>               <sharedSecret issuerName="fullTrustConsumer"                             issuerSecret="E3feJSMuyGGXksJi2g2bRY5/Bpd2ll5Eb+1FgQrXIqo="/>             </clientCredentials>           </transportClientEndpointBehavior>         </behavior>       </endpointBehaviors>     </behaviors>   The proxy is straight WCF territory, and the same client can run against Azure Service Bus through any relay binding, or directly to the local network service using any WCF binding - the contract is exactly the same. The code is simple, standard WCF stuff: using (var client = new FormatService.FormatServiceClient()) { outputString = client.ReverseString(inputString); } Running the sample First, update Solution Items\AzureConnectionDetails.xml with your service bus namespace, and your service identity credentials for the netTcpClient and the provider:   <!-- ACS credentials for the full trust consumer (Part2): -->   <netTcpClient identityName="fullTrustConsumer"                 symmetricKey="E3feJSMuyGGXksJi2g2bRY5/Bpd2ll5Eb+1FgQrXIqo="/> Then rebuild the solution and verify the unit tests work. If they’re green, your service is listening through Azure. Check out the client by navigating to http://localhost:53835/Sixeyed.Ipasbr.NetTcpClient. Enter a string and hit Go! - your string will be reversed by your on-premise service, routed through Azure: Using shared secret client credentials in this way means ACS is the identity provider for your service, and the claim which allows Send access to Service Bus is consumed by Service Bus. None of the authentication details make it through to your service, so your service is not aware who the consumer is (MSDN calls this "anonymous authentication").

    Read the article

  • EclipseLink Moxy Provider for JAX-RS and JAX-WS

    - by arungupta
    EclipseLink MOXy is a JAXB provider bundled in GlassFish 3.1.2. In addition to JAXB RI, it provides XPath Based Mapping, better support for JPA entities, native JSON binding and many other features. Learn more about MOXy and JAXB examples on their wiki. Blaise blogged about how MOXy can be leveraged to create a JAX-WS service.You just need to provide data-binding attribute in sun-jaxws.xml and then all the XPath-based mapping can be specified on JAXB beans. MOXy can also be used as JAX-RS JSON provider on server-side and client-side. How are you using MOXy in your applications ?

    Read the article

  • Trust External Surround Soundcard SC-5500p not working

    - by Ederico
    I got the following external sound card to make some awesome noise with my speaker set. It should be plug and play, but it so happens that when I plug it in and hook everything up, there's no sound at all. The speaker set I have works if I plug it in the laptop directly (or rather, if I plug the front speakers cable as I can't plug anything else). http://www.trust.com/products/product.aspx?artnr=14134 Would anyone know how I can workaround this problem and make full use of this external sound card on my Ubuntu 12.04 system?

    Read the article

  • javascript button click casuing Internet Explorer secuirty exception...

    - by hp
    Hello, I have a application that allows a user to choose some parameters for a powerpoint report, run the report, then allow the user to "save" or "open" the powerpoint file. I got all of that working OK. When you click on "run" report, it pops open a window which generates the report, stores it in session, then closes the window. I have a button on the main page that will export the report. So, now, when the pop up window that generates the report is finished, i use "window.opener" to call a javascript method on the main page, that will do a javascript click of the button. when this button is pressed, Internet Explorer gives me the following message : "To help protect your security, Internet Explorer blocked this site from downloading files to your computer.." Do you guys know of any tricks around this?

    Read the article

  • Cannot update, apt-get cannot fetch index files

    - by Evan
    I have a fresh install of Ubuntu 11.10 from the iso 'ubuntu-11.10-desktop-amd64.iso'. I installed this in VMWare Fusion 4.1.1 running on OSX 10.7.3. When setting up the VM, I allowed easy install to take care of creating my user and installing VMWare tools. No problems during installation, everything seems to be working great. The problem is that apt-get will NOT update, so I can't do software updates or install any software with apt-get install. I have been searching high and low, and have found several threads covering similar issues. How to fix a ruined package catalog? is one, Update manager generates 404 error while attempting update. Will not update is another, Ubuntu 11.10 Update issue (failed to fetch...) is a third I have tried changing my software source download location to "Main Server" rather than "Server for United States", to no avail. Same errors. Tried sudo apt-get clean, sudo apt-get autoclean, Have done a sudo rm /var/lib/apt/lists/*, still having the exact same problem. As I said, this is a brand new installation as of yesterday evening. Since I know it will be needed, here is my output from a sudo apt-get update: evan@ubuntu:~$ sudo apt-get update Ign http://archive.ubuntu.com oneiric InRelease Ign http://archive.ubuntu.com oneiric-updates InRelease Ign http://archive.ubuntu.com oneiric-backports InRelease Ign http://archive.ubuntu.com oneiric-security InRelease Ign http://archive.ubuntu.com oneiric Release.gpg Ign http://archive.ubuntu.com oneiric-updates Release.gpg Ign http://archive.ubuntu.com oneiric-backports Release.gpg Ign http://archive.ubuntu.com oneiric-security Release.gpg Ign http://archive.ubuntu.com oneiric Release Ign http://archive.ubuntu.com oneiric-updates Release Ign http://archive.ubuntu.com oneiric-backports Release Ign http://archive.ubuntu.com oneiric-security Release Ign http://archive.ubuntu.com oneiric/main TranslationIndex Ign http://archive.ubuntu.com oneiric/multiverse TranslationIndex Ign http://archive.ubuntu.com oneiric/restricted TranslationIndex Ign http://archive.ubuntu.com oneiric/universe TranslationIndex Ign http://archive.ubuntu.com oneiric-updates/main TranslationIndex Ign http://archive.ubuntu.com oneiric-updates/multiverse TranslationIndex Ign http://archive.ubuntu.com oneiric-updates/restricted TranslationIndex Ign http://archive.ubuntu.com oneiric-updates/universe TranslationIndex Ign http://archive.ubuntu.com oneiric-backports/main TranslationIndex Ign http://archive.ubuntu.com oneiric-backports/multiverse TranslationIndex Ign http://archive.ubuntu.com oneiric-backports/restricted TranslationIndex Ign http://archive.ubuntu.com oneiric-backports/universe TranslationIndex Ign http://archive.ubuntu.com oneiric-security/main TranslationIndex Ign http://archive.ubuntu.com oneiric-security/multiverse TranslationIndex Ign http://archive.ubuntu.com oneiric-security/restricted TranslationIndex Ign http://archive.ubuntu.com oneiric-security/universe TranslationIndex Err http://archive.ubuntu.com oneiric/main Sources 404 Not Found Err http://archive.ubuntu.com oneiric/restricted Sources 404 Not Found Err http://archive.ubuntu.com oneiric/universe Sources 404 Not Found Err http://archive.ubuntu.com oneiric/multiverse Sources 404 Not Found Err http://archive.ubuntu.com oneiric/main amd64 Packages 404 Not Found Err http://archive.ubuntu.com oneiric/restricted amd64 Packages 404 Not Found Err http://archive.ubuntu.com oneiric/universe amd64 Packages 404 Not Found Err http://archive.ubuntu.com oneiric/multiverse amd64 Packages 404 Not Found Err http://archive.ubuntu.com oneiric/main i386 Packages 404 Not Found Err http://archive.ubuntu.com oneiric/restricted i386 Packages 404 Not Found Err http://archive.ubuntu.com oneiric/universe i386 Packages 404 Not Found Err http://archive.ubuntu.com oneiric/multiverse i386 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-updates/main Sources 404 Not Found Err http://archive.ubuntu.com oneiric-updates/restricted Sources 404 Not Found Err http://archive.ubuntu.com oneiric-updates/universe Sources 404 Not Found Err http://archive.ubuntu.com oneiric-updates/multiverse Sources 404 Not Found Err http://archive.ubuntu.com oneiric-updates/main amd64 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-updates/restricted amd64 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-updates/universe amd64 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-updates/multiverse amd64 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-updates/main i386 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-updates/restricted i386 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-updates/universe i386 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-updates/multiverse i386 Packages 404 Not Found Ign http://extras.ubuntu.com oneiric InRelease Err http://archive.ubuntu.com oneiric-backports/main Sources 404 Not Found Err http://archive.ubuntu.com oneiric-backports/restricted Sources 404 Not Found Err http://archive.ubuntu.com oneiric-backports/universe Sources 404 Not Found Err http://archive.ubuntu.com oneiric-backports/multiverse Sources 404 Not Found Err http://archive.ubuntu.com oneiric-backports/main amd64 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-backports/restricted amd64 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-backports/universe amd64 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-backports/multiverse amd64 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-backports/main i386 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-backports/restricted i386 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-backports/universe i386 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-backports/multiverse i386 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-security/main Sources 404 Not Found Err http://archive.ubuntu.com oneiric-security/restricted Sources 404 Not Found Err http://archive.ubuntu.com oneiric-security/universe Sources 404 Not Found Err http://archive.ubuntu.com oneiric-security/multiverse Sources 404 Not Found Err http://archive.ubuntu.com oneiric-security/main amd64 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-security/restricted amd64 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-security/universe amd64 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-security/multiverse amd64 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-security/main i386 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-security/restricted i386 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-security/universe i386 Packages 404 Not Found Err http://archive.ubuntu.com oneiric-security/multiverse i386 Packages 404 Not Found Ign http://archive.ubuntu.com oneiric/main Translation-en_US Ign http://archive.ubuntu.com oneiric/main Translation-en Ign http://archive.ubuntu.com oneiric/multiverse Translation-en_US Ign http://archive.ubuntu.com oneiric/multiverse Translation-en Ign http://archive.ubuntu.com oneiric/restricted Translation-en_US Ign http://archive.ubuntu.com oneiric/restricted Translation-en Ign http://archive.ubuntu.com oneiric/universe Translation-en_US Ign http://archive.ubuntu.com oneiric/universe Translation-en Ign http://archive.ubuntu.com oneiric-updates/main Translation-en_US Ign http://archive.ubuntu.com oneiric-updates/main Translation-en Ign http://archive.ubuntu.com oneiric-updates/multiverse Translation-en_US Ign http://archive.ubuntu.com oneiric-updates/multiverse Translation-en Ign http://archive.ubuntu.com oneiric-updates/restricted Translation-en_US Ign http://archive.ubuntu.com oneiric-updates/restricted Translation-en Ign http://archive.ubuntu.com oneiric-updates/universe Translation-en_US Ign http://archive.ubuntu.com oneiric-updates/universe Translation-en Ign http://archive.ubuntu.com oneiric-backports/main Translation-en_US Ign http://archive.ubuntu.com oneiric-backports/main Translation-en Ign http://archive.ubuntu.com oneiric-backports/multiverse Translation-en_US Ign http://archive.ubuntu.com oneiric-backports/multiverse Translation-en Ign http://archive.ubuntu.com oneiric-backports/restricted Translation-en_US Ign http://archive.ubuntu.com oneiric-backports/restricted Translation-en Ign http://archive.ubuntu.com oneiric-backports/universe Translation-en_US Ign http://archive.ubuntu.com oneiric-backports/universe Translation-en Ign http://archive.ubuntu.com oneiric-security/main Translation-en_US Ign http://archive.ubuntu.com oneiric-security/main Translation-en Ign http://archive.ubuntu.com oneiric-security/multiverse Translation-en_US Ign http://archive.ubuntu.com oneiric-security/multiverse Translation-en Ign http://archive.ubuntu.com oneiric-security/restricted Translation-en_US Ign http://archive.ubuntu.com oneiric-security/restricted Translation-en Ign http://archive.ubuntu.com oneiric-security/universe Translation-en_US Ign http://archive.ubuntu.com oneiric-security/universe Translation-en Hit http://extras.ubuntu.com oneiric Release.gpg Hit http://extras.ubuntu.com oneiric Release Hit http://extras.ubuntu.com oneiric/main Sources Hit http://extras.ubuntu.com oneiric/main amd64 Packages Hit http://extras.ubuntu.com oneiric/main i386 Packages Ign http://extras.ubuntu.com oneiric/main TranslationIndex Ign http://extras.ubuntu.com oneiric/main Translation-en_US Ign http://extras.ubuntu.com oneiric/main Translation-en W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric/main/source/Sources 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric/restricted/source/Sources 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric/universe/source/Sources 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric/multiverse/source/Sources 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric/main/binary-amd64/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric/restricted/binary-amd64/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric/universe/binary-amd64/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric/multiverse/binary-amd64/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric/main/binary-i386/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric/restricted/binary-i386/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric/universe/binary-i386/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric/multiverse/binary-i386/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-updates/main/source/Sources 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-updates/restricted/source/Sources 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-updates/universe/source/Sources 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-updates/multiverse/source/Sources 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-updates/main/binary-amd64/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-updates/restricted/binary-amd64/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-updates/universe/binary-amd64/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-updates/multiverse/binary-amd64/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-updates/main/binary-i386/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-updates/restricted/binary-i386/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-updates/universe/binary-i386/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-updates/multiverse/binary-i386/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-backports/main/source/Sources 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-backports/restricted/source/Sources 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-backports/universe/source/Sources 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-backports/multiverse/source/Sources 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-backports/main/binary-amd64/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-backports/restricted/binary-amd64/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-backports/universe/binary-amd64/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-backports/multiverse/binary-amd64/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-backports/main/binary-i386/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-backports/restricted/binary-i386/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-backports/universe/binary-i386/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-backports/multiverse/binary-i386/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-security/main/source/Sources 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-security/restricted/source/Sources 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-security/universe/source/Sources 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-security/multiverse/source/Sources 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-security/main/binary-amd64/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-security/restricted/binary-amd64/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-security/universe/binary-amd64/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-security/multiverse/binary-amd64/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-security/main/binary-i386/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-security/restricted/binary-i386/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-security/universe/binary-i386/Packages 404 Not Found W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/oneiric-security/multiverse/binary-i386/Packages 404 Not Found E: Some index files failed to download. They have been ignored, or old ones used instead. Here is my /etc/apt/source.list: evan@ubuntu:~$ cat /etc/apt/sources.list # deb cdrom:[Ubuntu 11.10 _Oneiric Ocelot_ - Release amd64 (20111012)]/ dists/oneiric/main/binary-i386/ # deb cdrom:[Ubuntu 11.10 _Oneiric Ocelot_ - Release amd64 (20111012)]/ oneiric main restricted # See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to # newer versions of the distribution. deb http://archive.ubuntu.com/ubuntu oneiric main restricted deb-src http://archive.ubuntu.com/ubuntu oneiric main restricted ## Major bug fix updates produced after the final release of the ## distribution. deb http://archive.ubuntu.com/ubuntu oneiric-updates main restricted deb-src http://archive.ubuntu.com/ubuntu oneiric-updates main restricted ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team. Also, please note that software in universe WILL NOT receive any ## review or updates from the Ubuntu security team. deb http://archive.ubuntu.com/ubuntu oneiric universe deb-src http://archive.ubuntu.com/ubuntu oneiric universe deb http://archive.ubuntu.com/ubuntu oneiric-updates universe deb-src http://archive.ubuntu.com/ubuntu oneiric-updates universe ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team, and may not be under a free licence. Please satisfy yourself as to ## your rights to use the software. Also, please note that software in ## multiverse WILL NOT receive any review or updates from the Ubuntu ## security team. deb http://archive.ubuntu.com/ubuntu oneiric multiverse deb-src http://archive.ubuntu.com/ubuntu oneiric multiverse deb http://archive.ubuntu.com/ubuntu oneiric-updates multiverse deb-src http://archive.ubuntu.com/ubuntu oneiric-updates multiverse ## N.B. software from this repository may not have been tested as ## extensively as that contained in the main release, although it includes ## newer versions of some applications which may provide useful features. ## Also, please note that software in backports WILL NOT receive any review ## or updates from the Ubuntu security team. deb http://archive.ubuntu.com/ubuntu oneiric-backports main restricted universe multiverse deb-src http://archive.ubuntu.com/ubuntu oneiric-backports main restricted universe multiverse deb http://archive.ubuntu.com/ubuntu oneiric-security main restricted deb-src http://archive.ubuntu.com/ubuntu oneiric-security main restricted deb http://archive.ubuntu.com/ubuntu oneiric-security universe deb-src http://archive.ubuntu.com/ubuntu oneiric-security universe deb http://archive.ubuntu.com/ubuntu oneiric-security multiverse deb-src http://archive.ubuntu.com/ubuntu oneiric-security multiverse ## Uncomment the following two lines to add software from Canonical's ## 'partner' repository. ## This software is not part of Ubuntu, but is offered by Canonical and the ## respective vendors as a service to Ubuntu users. # deb http://archive.canonical.com/ubuntu oneiric partner # deb-src http://archive.canonical.com/ubuntu oneiric partner ## This software is not part of Ubuntu, but is offered by third-party ## developers who want to ship their latest software. deb http://extras.ubuntu.com/ubuntu oneiric main deb-src http://extras.ubuntu.com/ubuntu oneiric main And here is my output from lsb_release -a: evan@ubuntu:~$ lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 11.10 Release: 11.10 Codename: oneiric If anyone could help me out here, that would be wonderful!

    Read the article

  • Spring security ldap: no declaration can be found for element 'ldap-authentication-provider'

    - by wuntee
    Following the spring-security documentation: http://static.springsource.org/spring-security/site/docs/3.0.x/reference/ldap.html I am trying to set up ldap authentication (very simple - just need to know if a user is authenticated or not, no authorities mapping needed) and have put this in my applicationContext-security.xml file <beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd"> ... <ldap-server url="ldap://adapps.company.com:389/dc=company,dc=com" /> <ldap-authentication-provider user-search-filter="(samaccountname={0})" user-search-base="dc=company,dc=com"/> The problem I run into is that it doesnt seem like ldap-authentication-provider; I fell like i may be missing some configuration isn the beans definition. The error I get when trying to run the application is: SEVERE: Exception sending context initialized event to listener instance of class org.springframework.web.context.ContextLoaderListener org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException: Line 27 in XML document from ServletContext resource [/WEB-INF/rvaContext-security.xml] is invalid; nested exception is org.xml.sax.SAXParseException: cvc-complex-type.2.4.c: The matching wildcard is strict, but no declaration can be found for element 'ldap-authentication-provider'. at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:396) at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:334) at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:302) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:143) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:178) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:149) at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:124) at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:93) at org.springframework.context.support.AbstractRefreshableApplicationContext.refreshBeanFactory(AbstractRefreshableApplicationContext.java:130) at org.springframework.context.support.AbstractApplicationContext.obtainFreshBeanFactory(AbstractApplicationContext.java:465) at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:395) at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:272) at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:196) at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:47) at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3972) at org.apache.catalina.core.StandardContext.start(StandardContext.java:4467) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045) at org.apache.catalina.core.StandardHost.start(StandardHost.java:722) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045) at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443) at org.apache.catalina.core.StandardService.start(StandardService.java:516) at org.apache.catalina.core.StandardServer.start(StandardServer.java:710) at org.apache.catalina.startup.Catalina.start(Catalina.java:593) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:592) at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414) Caused by: org.xml.sax.SAXParseException: cvc-complex-type.2.4.c: The matching wildcard is strict, but no declaration can be found for element 'ldap-authentication-provider'. at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(ErrorHandlerWrapper.java:236) at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.error(ErrorHandlerWrapper.java:172) at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:382) at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:316) at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator$XSIErrorReporter.reportError(XMLSchemaValidator.java:429) at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.reportSchemaError(XMLSchemaValidator.java:3185) at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.handleStartElement(XMLSchemaValidator.java:1955) at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.emptyElement(XMLSchemaValidator.java:725) at com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.scanStartElement(XMLNSDocumentScannerImpl.java:322) at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatcher.dispatch(XMLDocumentFragmentScannerImpl.java:1693) at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:368) at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:834) at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:764) at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:148) at com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.java:250) at com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(DocumentBuilderImpl.java:292) at org.springframework.beans.factory.xml.DefaultDocumentLoader.loadDocument(DefaultDocumentLoader.java:75) at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:388) ... 28 more Can anyone see what im missing? Also, is that all I need to add to the security bean in order to authenticate against ldap?

    Read the article

  • How do I set the timeout for a JAX-WS webservice client?

    - by ninesided
    I've used JAXWS-RI 2.1 to create an interface for my web service, based on a WSDL. I can interact with the web service no problems, but haven't been able to specify a timeout for sending requests to the web service. If for some reason it does not respond the client just seems to spin it's wheels forever. Hunting around has revealed that I should probably be trying to do something like this: ((BindingProvider)myInterface).getRequestContext().put("com.sun.xml.ws.request.timeout", 10000); ((BindingProvider)myInterface).getRequestContext().put("com.sun.xml.ws.connect.timeout", 10000); I also discovered that, depending on which version of JAXWS-RI you have, you may need to set these properties instead: ((BindingProvider)myInterface).getRequestContext().put("com.sun.xml.internal.ws.request.timeout", 10000); ((BindingProvider)myInterface).getRequestContext().put("com.sun.xml.internal.ws.connect.timeout", 10000); The problem I have is that, regardless of which of the above is correct, I don't know where I can do this. All I've got is a Service subclass that implements the auto-generated interface to the webservice and at the point that this is getting instanciated, if the WSDL is non-responsive then it's already too late to set the properties: MyWebServiceSoap soap; MyWebService service = new MyWebService("http://www.google.com"); soap = service.getMyWebServiceSoap(); soap.sendRequestToMyWebService(); Can anyone point me in the right direction?!

    Read the article

  • How do I fix my "Stream closed" error in spring-ws?

    - by mcherm
    I have working code using the spring-ws library to respond to soap requests. I moved this code to a different project (I'm merging projects) and now it is failing. I would like to figure out the reason for the failure. The symptom I get is this: when the HTTP request arrives, spring begins handling the call. Then I get the following exception: org.springframework.ws.soap.saaj.SaajSoapEnvelopeException: Could not access envelope: java.io.IOException: Stream closed; nested exception is javax.xml.soap.SOAPException: java.io.IOException: Stream closed at org.springframework.ws.soap.saaj.SaajSoapMessage.getEnvelope(SaajSoapMessage.java:109) <<more lines that don't matter>> Caused by: java.io.IOException: Stream closed at java.io.PushbackInputStream.ensureOpen(PushbackInputStream.java:57) at java.io.PushbackInputStream.read(PushbackInputStream.java:116) at org.apache.xerces.impl.XMLEntityManager$RewindableInputStream.read(Unknown Source) at org.apache.xerces.impl.XMLEntityManager.setupCurrentEntity(Unknown Source) at org.apache.xerces.impl.XMLVersionDetector.determineDocVersion(Unknown Source) at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source) at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source) at org.apache.xerces.parsers.XMLParser.parse(Unknown Source) at org.apache.xerces.parsers.AbstractSAXParser.parse(Unknown Source) at org.apache.xerces.jaxp.SAXParserImpl$JAXPSAXParser.parse(Unknown Source) at org.apache.xerces.jaxp.SAXParserImpl.parse(Unknown Source) at org.apache.axis.encoding.DeserializationContext.parse(DeserializationContext.java:227) at org.apache.axis.SOAPPart.getAsSOAPEnvelope(SOAPPart.java:696) ... 30 more Examining it in a debugger, it appears that spring successfully handles HTTP headers, but then when it begins to process the contents of the SOAP message itself, it chokes when reading the very first character of the body. Some googling for the error message suggests that the problem is that a PushbackInputStream which is apparently used for reading from the socket is read twice or perhaps has close() called and then is read afterward. It is happening inside of spring-ws, not my code, and since it worked fine before I moved the code to a new project it must have something to do with versions of spring, or something it uses like axis or xerces. But I can't find any differences in versions of these! Has anyone encountered this error before? Or do you have any suggestions of approaches I could take in troubleshooting this?

    Read the article

  • JAX-WS client with AXIS server; namespace problem?

    - by Jarno
    I'm having a problem related to JAX-WS and AXIS. JAX-WS (2.1.7) as a client, Axis (1.4.x) as server. Everything works OK, but the response can't be read to Java. Response: <?xml version="1.0" encoding="UTF-8"?> <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <soapenv:Body> <ns1:myserviceResponse soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" xmlns:ns1="http://my/service"> <ns1:myserviceReturn xsi:type="xsd:string">responsestring</ns1:myserviceReturn> </ns1:myserviceResponse> </soapenv:Body> </soapenv:Envelope> The problem is that if "ns1:"-namespace declaration is removed from myserviceReturn, JAX-WS is able to return else than null. Does anyone have a clue how to force JAX-WS to ignore namespaces, how to modify SOAP response manually to exclude "ns1", or other ideas for this kind of problem? Any help is appreciated!!!

    Read the article

  • Security permissions for remote shared folders

    - by Tomas Lycken
    I have two servers running Windows Server 2003, and I want copy files from one server (A), programmatically with a windows service running under the Local System account, to a shared folder on the other (B). I keep getting "access denied" errors, and I can't figure out what security settings I need to set to open the shared folder for writing. This is what I've done on the recieving end: On A, right-click on the folder to share, choose the tab "Sharing" and select "Share this folder". Set a share name. Click "Permissions", add the group "Everyone" and give it full control. I tried choosing the "Security" tab to give some permissions there as well, but the "Add" dialog only finds local users, despite the fact that B shows up in the "Workgroup computers" dialog. After further inspection, this is the case also for the "Permissions" dialog under the "Sharing" tab (are they the same?).

    Read the article

  • XAMPP vs WAMP security and other on Windows XP

    - by typoknig
    Not long ago I found WAMP and thought it was a God send because it had all the things I wanted/needed (Apache, PHP, MySQL, and phpMyAdmin) all built into one installer. One thing about WAMP has been making me mad is an error I get in phpMyAdmin about the advanced features not working. I have tried to fix that error long enough on that error for long enough. http://stackoverflow.com/questions/2688385/problem-with-phpmyadmin-advanced-features I now read that most people prefer XAMPP over WAMP, but I am a bit concerned that XAMPP might have some extra security holes with Mercury and Perl, two thing that I don't really need or want right now. Are my security concerns justified or not? Is there any other reasons to go with XAMPP over WAMP or vice versa?

    Read the article

  • Security Resources

    - by dr.pooter
    What types of sites do you visit, on a regular basis, to stay current on information security issues? Some examples from my list include: http://isc.sans.org/ http://www.kaspersky.com/viruswatch3 http://www.schneier.com/blog/ http://blog.fireeye.com/research/ As well as following the security heavyweights on twitter. I'm curious to hear what resources you recommend for daily monitoring. Anything specific to particular operating systems or other software. Are mailing lists still considered valuable. My goal would be to trim the cruft of all the things I'm currently subscribed to and focus on the essentials.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 24 25 26 27 28 29 30 31 32 33 34 35  | Next Page >