Search Results

Search found 14784 results on 592 pages for 'spring security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 29/592 | < Previous Page | 25 26 27 28 29 30 31 32 33 34 35 36  | Next Page >

  • Linux EC2 Instance Security Consideration

    - by Amzath
    I am going to host a web site in Amazon EC2 instance which would be a Linux instance. My web application will be developed using PHP, Apache and MySql. As I am new to Linux and Amazon EC2 environment, what are key areas in security should I consider to protect my server? This may be very very generic question as the security itself a vast area. But I need to kick start with most imporant points. That way I would be able to track down all those areas one by one.

    Read the article

  • Security and Windows Login

    - by Mimisbrunnr
    I'm not entirely sure this is the right place for the is question but I cannot think of another so here goes. In order to login to the windows machines at my office one must press the almighty CTRL-ALT-DELETE command combo first. I, finding this very frustrating, decided to look into why and found claims from both my sys and Microsoft stating that it's a security feature and that "Because only windows could read the CTRL-ALT-DELETE it helped to ensure that an automated program cannot log in. Now I'm not a master of the windows operating system ( as I generally use *nix ) but I cannot believe that "Only windows can send that signal" bull. It just doesn't sit right. Is there a good reason for the CTRL-ALT-DELETE to login thing? is it something I'm missing? or is it another example of antiquated legacy security measures?

    Read the article

  • VMware Workstation 9 Security Best Practice Guides

    - by slickboy
    Could someone please point me in the direction of where I could find some best practice securiy guides for VMware Workstation 9 please? I've searched the VMware site and to say it's badly organised is an understatement! I've been able to find general setup guides but nothing with a specific focus on security. I'm also wondering is there any best practice guides that I should follow when installing Windows 7 Professional and Windows Server 2008 R2 on VMware Workstation 9? I obviously will be implementing Microsofts recommended security best practices but I'd be very interested in any recommendations for virtualizing these operating systems. Any help is much appreciated.

    Read the article

  • Need help on implementing corporate network security solution and coming up with time lines to test it

    - by abc
    I have to come up with a proposal to implement corporate network security. Once I have done that I also have to come up with estimates on the time / money needed to test (QA) the implementation. What I need help with: What should I keep in mind while coming up with this proposal? I have already considered: Routers, Firewalls, VPN, Wireless, Server System, Web Apps etc. I know I am missing quite a lot. What else should I include? This the most challenging part I feel: How should I estimate the time needed for testing these security implementations? I guess I need to understand how can I test these security implementations first...right? Can you help me?

    Read the article

  • windows 7 security settings for non-admins

    - by Wasi
    I was recently modifying the security settings for my drive C. I did not notice that i was logged in as a user and changed the permissions for users to "read". Later i realized that there was no admin set up on the pc (when switching user). Now with the security settings changed I can't do anything on the computer. I can only read the files that previously existed. And this applies to every drive on my computer. Now the user accounts do not have the privileges to change the permissions. How can i allow users to have full control without having admin on my pc

    Read the article

  • Windows 7 Open File Security Warning

    - by Lucy
    I downloaded something and now, it is show this open file security warning. I have searched but I have only found how to disable security warnings globally. I only want to say NO forever to this warning, but it keeps showing up whenever Windows starts. The "Name" and "From" are: "C:/Users/MyUser/AppData/Local/Temp/Windows-Update.exe" I cannot even find that folder and file! I don't really know what was downloaded, I am helping someone else. (I am not a Windows user, so I am very lost here)

    Read the article

  • Web services, Java EE, Spring, DB integration project ideas - maybe data mining related?

    - by saral jain
    I am a graduate Computer Science student (Data Mining and Machine Learning) and have good exposure to core Java (3 years). I have read up on a bunch of stuff on the following topics: Design patterns, Java EE Web services (SOAP and REST), Spring, and Hibernate Java Concurrency - advanced features like Task and Executors. I would now like to do a project combining this stuff -- over my free time of course -- to get a better understanding of these things and to kind of make an end to end software (to learn the best design principles etc + SVN, maven). Any good project ideas would be really appreciated. I just want to build this stuff to learn, so I don't really mind re-inventing the wheel. Also, anything related to data mining would be an added bonus as it fits with my research but is absolutely not necessary since this project is more to learn to do large scale software development.

    Read the article

  • Improving server security [closed]

    - by Vicenç Gascó
    I've been developing webapps for a while ... and I always had a sysadmin which made the environment perfect to run my apps with no worries. But now I am starting a project on myself, and I need to set up a server, knowing near to nothing about it. All I need to do is just have a Linux, with a webserver (I usually used Apache), PHP and MySQL. I'll also need SSH, SSL to run https:// and FTP to transfer files. I know how to install almost everything (need advice about SSL) with Ubuntu Server, but I am concerned about the security topic ... say: firewall, open/closed ports, php security, etc ... Where can I found a good guide covering this topics? Everything else in the server... I don't need it, and I wanna know how to remove it, to avoid resources consumption. Final note: I'll be running the webapp at amazon-ec2 or rackspace cloud servers. Thanks in advance!!

    Read the article

  • web services, J2EE, spring, DB integration project ideas- maybe data mining related?

    - by sj88
    Hey guys, I am a graduate CS student (Data mining and machine learning) and have a good exposure to core JAVA (3 years). I have read up a bunch of stuff on Design patterns J2EE Web services( soap and rest) spring and hibernate Java Concurrency - advanced features like Task and Executors. I would now like to do a project combining this stuff (over my free time of corse) to get a better understanding of these things and to kind of make an end to end software (to learn the best design principles etc + svn, maven). Any good project ideas would be really appreciated. I just wanna build this stuff to learn so I dont really mind re-inventing the wheel. Also, anything related to data mining would be an added bonus (fits with my research) but absolutly not necesary (since this project is more to learn to do large scale software developement)

    Read the article

  • Implementing Audit Trail- Spring AOP vs.Hibernate Interceptor vs DB Trigger

    - by RN
    I found couple of discussion threads on this- but nothing which brought a comparison of all three mechanism under one thread. So here is my question... I need to audit DB changes- insert\updates\deletes to business objects. I can think of three ways to do this 1) DB Triggers 2) Hibernate interceptors 3) Spring AOP (This question is specific to a Spring\Hibernate\RDBMS- I guess this is neutral to java\c# or hibernate\nhibernate- but if your answer is dependent upon C++ or Java or specific implementation of hibernate- please specify) What are the pros and cons of selecting one of these strategies ? I am not asking for implementation details.-This is a design discussion. I am hoping we can make this as a part of community wiki

    Read the article

  • Spring webflow validation

    - by Richard
    Hi, complete and utter newbie on spring webflow (and indeed, spring mvc). 30 minutes in... got the first page of my flow appearing, which happens to be a captcha, an input field and a submit button. The actual captcha value is stored in session and i need to validate that the input field values matches the value in session. In order to do validation, my model is passed a 'ValidationContext'. Question: i can't seem to access session data from the ValidationContext. How do i do this? Thanks!

    Read the article

  • Can Spring.Net function as PostSharp?

    - by Alex K
    A few months back I've discovered PostSharp, and for a time, it was good. But then legal came back with an answer saying that they don't like the licence of the old versions. Then the department told me that 2.0's price was unacceptably high (for the number of seats we need)... I was extremely disapponted, but not disheartened. Can't be the only such framework, I thought. I kept looking for a replacement, but most of it was either dead, ill maintained (especially in documentation department), for academic use, or all of the above (I'm looking at you Aspect.Net) Then I've discovered Spring.Net, and for a time, it was good. I've been reading the documentation and it went on to paint what seemed to be a supperior picture of an AOP nirvana. No longer was I locked to attributes to mark where I wanted code interception to take place, but it could be configured in XML and changes to it didn't require re-compile. Great. Then I looked at the samples and saw the following, in every single usage scenario: // Create AOP proxy using Spring.NET IoC container. IApplicationContext ctx = ContextRegistry.GetContext(); ICommand command = (ICommand)ctx["myServiceCommand"]; command.Execute(); if (command.IsUndoCapable) { command.UnExecute(); } Why must the first two lines of code exist? It ruins everything. This means I cannot simply provide a user with a set of aspects and attributes or XML configs that they can use by sticking appropriate attributes on the appropriate methods/classes/etc or editing the match pattern in XML. They have to modify their program logic to make this work! Is there a way to make Spring.Net behave as PostSharp in this case? (i.e. user only needs to add attributes/XML config, not edit content of any methods. Alternatively, is there a worthy and functioning alternative to PostSharp? I've seen a few question titled like this on SO, but none of them were actually looking to replace PostSharp, they only wanted to supplement its functionality. I need full replacement.

    Read the article

  • Spring MVC absolute URL problem

    - by Umar
    Background I am developing an application (with Spring MVC) with its base path as: http://localhost:8080/myapplication/ I have a stylesheet /css/style.css that I am trying to refer with absolute path in a JSP as: <link rel="stylesheet" href="/css/style.css" type="text/css" media="screen, projection"> Problem The stylesheet never loads in the browser. When I follow the stylesheet link through browser's view source feature, the link appears to be: http://localhost:8080/css/style.css Which should have had been: http://localhost:8080/myapplication/css/style.css I used to fix this issue with html:rewrite tag while working with Struts. Is there any equivalent tag/technique in Spring MVC? Thanks for your time.

    Read the article

  • WCF fails to deserialize correct(?) response message security headers (Security header is empty)

    - by Soeteman
    I'm communicating with an OC4J webservice, using a WCF client. The client is configured as follows: <basicHttpBinding> <binding name="MyBinding"> <security mode="TransportWithMessageCredential"> <transport clientCredentialType="None" proxyCredentialType="None" realm=""/> <message clientCredentialType="UserName" algorithmSuite="Default"/> </security> </binding> My clientcode looks as follows: ServicePointManager.CertificatePolicy = new AcceptAllCertificatePolicy(); string username = ConfigurationManager.AppSettings["user"]; string password = ConfigurationManager.AppSettings["pass"]; // client instance maken WebserviceClient client = new WebserviceClient(); client.Endpoint.Binding = new BasicHttpBinding("MyBinding"); // credentials toevoegen client.ClientCredentials.UserName.UserName = username; client.ClientCredentials.UserName.Password = password; //uitvoeren request var response = client.Ping(); I've altered the CertificatePolicy to accept all certificates, because I need to insert Charles (ssl proxy) in between client and server to intercept the actual Xml that is sent across te wire. My request looks as follows: <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> <s:Header> <o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> <u:Timestamp u:Id="_0"> <u:Created>2010-04-01T09:47:01.161Z</u:Created> <u:Expires>2010-04-01T09:52:01.161Z</u:Expires> </u:Timestamp> <o:UsernameToken u:Id="uuid-9b39760f-d504-4e53-908d-6125a1827aea-21"> <o:Username>user</o:Username> <o:Password o:Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username- token-profile-1.0#PasswordText">pass</o:Password> </o:UsernameToken> </o:Security> </s:Header> <s:Body> <getPrdStatus xmlns="http://mynamespace.org/wsdl"> <request xmlns="" xmlns:a="http://mynamespace.org/wsdl" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"> <a:IsgrStsRequestTypeUser> <a:prdCode>LEPTO</a:prdCode> <a:sequenceNumber i:nil="true" /> <a:productionType i:nil="true" /> <a:statusDate>2010-04-01T11:47:01.1617641+02:00</a:statusDate> <a:ubn>123456</a:ubn> <a:animalSpeciesCode>RU</a:animalSpeciesCode> </a:IsgrStsRequestTypeUser> </request> </getPrdStatus> </s:Body> </s:Envelope> In return, I receive the following response: <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ns0="http://mynamespace.org/wsdl"> <env:Header> <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" env:mustUnderstand="1" /> </env:Header> <env:Body> <ns0:getPrdStatusResponse> <result> <ns0:IsgrStsResponseTypeUser> <ns0:prdCode>LEPTO</ns0:prdCode> <ns0:color>green</ns0:color> <ns0:stsCode>LEP1</ns0:stsCode> <ns0:sequenceNumber xsi:nil="1" /> <ns0:productionType xsi:nil="1" /> <ns0:IAndRCode>00</ns0:IAndRCode> <ns0:statusDate>2010-04-01T00:00:00.000+02:00</ns0:statusDate> <ns0:description>Gecertificeerd vrij</ns0:description> <ns0:ubn>123456</ns0:ubn> <ns0:animalSpeciesCode>RU</ns0:animalSpeciesCode> <ns0:name>gecertificeerd vrij</ns0:name> <ns0:ranking>17</ns0:ranking> </ns0:IsgrStsResponseTypeUser> </result> </ns0:getPrdStatusResponse> </env:Body> </env:Envelope> Why can't WCF deserialize this response header? I'm getting a "Security header is empty" exception: Server stack trace: at System.ServiceModel.Security.ReceiveSecurityHeader.Process(TimeSpan timeout) at System.ServiceModel.Security.TransportSecurityProtocol.VerifyIncomingMessageCore(Message& message, TimeSpan timeout) at System.ServiceModel.Security.TransportSecurityProtocol.VerifyIncomingMessage(Message& message, TimeSpan timeout) at System.ServiceModel.Security.SecurityProtocol.VerifyIncomingMessage(Message& message, TimeSpan timeout, SecurityProtocolCorrelationState[] correlationStates) at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.ProcessReply(Message reply, SecurityProtocolCorrelationState correlationState, TimeSpan timeout) at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message message, TimeSpan timeout) at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message) Who knows what is going on here? I've already tried Rick Strahl's suggestion and removed the timestamp from the request header. Any help greatly appreciated!

    Read the article

  • Spring-Security with X509?

    - by jschoen
    I am new to spring-security in general and am a bit confused. The project I am trying to integrate this with uses X509 certificates to identify users for signing in to the application. There are no usernames or passwords. We validate the certificates are good, and that they have been given access to our app. The question is how do I integrate spring in to this to get their roles using the X509 certificates? I have seen this: <http> ... <x509 subject-principal-regex="CN=(.*?)," user-service-ref="userService"/> ... </http> But I don't understand how this works. Will it still require something for a password? Or is the subject all it needs?

    Read the article

  • JSF Spring Bean set property

    - by Sebastian
    Hi, i have a JSF web application. I use Beans as Spring Beans (not JSF managed beans). Now i have an URL to application www.xxx.com?parameter=2 I would like to set this parameter into bean on the page load. I now how to do this with spring web flow but with JSF Navigation i cant do this. What do you think about using JSTL c:set... or jsp:setProperty...? Thanks for your help. Kind regards Sebastian

    Read the article

  • spring.net application scope repository object on loadbalanced application

    - by Bert Vandamme
    Hi, We have an application running on a loadbalanced environment, let say webserver A and B. The loadbalancing is on the HTTP level, so the loadbalancer directs each user request to one of both webservers. The scope of the repositories in the application is managed by the spring.net container, and the application relies on data that can be cached by the repository (performance reasons). In this case we can never be sure that the cached data in the repositories on both webservers is the same. Is there mechanism in spring.net that can manage this kind problem? Or is there another common approach for this kind of thing? Any ideas? Thx, Bert

    Read the article

  • Setting session timezone with spring jdbc oracle

    - by user337620
    Hello I have a spring/jdbc/oracle 10g application. The Oracle server database timezone is set to GMT + 2 JVM timezone is GMT + 2 (even though it doesn't matter in my case). I have a stored procedure that performs some date operations. The problem is that session timezone is different(GMT) than database timezone even though I do not set session timezone explicit in my code/configuration. As far as I know the session timezone is by default equal to database timezone. Any idea why is the session timezone different than database timezone or how can I configure it in spring configuration (org.apache.commons.dbcp.BasicDataSource) ? Thank you.

    Read the article

  • Spring Webflow in Grails keeping plenty of hibernate sessions open

    - by Pavel P
    Hi, I have an Internet app running on Grails 1.1.2 and it integrates Spring WebFlow mechanism. The problem is that there are some bots ignoring robots.txt and are entering the flow quite often. Because second step of the flow needs some human intelligence, the bot leaves open flow after the first step. This causes a lot of open flows which leades to a lot of abandoned open hibernate sessions. Do you know some common clean-up mechanism for this kind of unattended flows (plus hibernate sessions) in Grails+Spring WebFlow? Thanks, Pavel

    Read the article

  • Spring JPA and persistence.xml

    - by bmw0128
    I'm trying to set up a Spring JPA Hibernate simple example WAR for deployment to Glassfish. I see some examples use a persistence.xml file, and other examples do not. Some examples use a dataSource, and some do not. So far my understanding is that a dataSource is not needed if I have: <persistence-unit name="educationPU" transaction-type="JTA"> <provider>org.hibernate.ejb.HibernatePersistence</provider> <class>com.coe.jpa.StudentProfile</class> <properties> <property name="hibernate.connection.driver_class" value="com.mysql.jdbc.Driver" /> <property name="hibernate.connection.url" value="jdbc:mysql://localhost:3306/COE" /> <property name="hibernate.connection.username" value="root" /> <property name="show_sql" value="true" /> <property name="dialect" value="org.hibernate.dialect.MySQLDialect" /> </properties> </persistence-unit> I can deploy fine, but my EntityManager is not getting injected by Spring. My applicationContext.xml: <bean id="entityManagerFactory" class="org.springframework.orm.jpa.LocalEntityManagerFactoryBean"> <property name="persistenceUnitName" value="educationPU" /> </bean> <bean id="transactionManager" class="org.springframework.orm.jpa.JpaTransactionManager"> <property name="entityManagerFactory" ref="entityManagerFactory" /> </bean> <bean class="org.springframework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor" /> <tx:annotation-driven transaction-manager="transactionManager" /> <bean id="StudentProfileDAO" class="com.coe.jpa.StudentProfileDAO"> <property name="entityManagerFactory" ref="entityManagerFactory" /> </bean> <bean id="studentService" class="com.coe.services.StudentService"> </bean> My class with the EntityManager: public class StudentService { private String saveMessage; private String showModal; private String modalHeader; private StudentProfile studentProfile; private String lastName; private String firstName; @PersistenceContext(unitName="educationPU") private EntityManager em; @Transactional public String save() { System.out.println("*** em: " + this.em); //em is null this.studentProfile= new StudentProfile(); this.saveMessage = "saved"; this.showModal = "true"; this.modalHeader= "Information Saved"; return "successs"; } My web.xml: <listener> <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> Are there any pieces I am missing to have Spring inject "em" in to StudentService?

    Read the article

  • ETag in Spring (ShallowEtagHeaderFilter)

    - by niklassaers
    Hi guys, I've followed http://static.springsource.org/spring/docs/3.0.2.RELEASE/spring-framework-reference/html/mvc.html#mvc-etag and put ShallowEtagHeaderFilter in my web.xml like this: <filter> <filter-name>etagFilter</filter-name> <filter-class>org.springframework.web.filter.ShallowEtagHeaderFilter</filter-class> </filter> <filter-mapping> <filter-name>etagFilter</filter-name> <servlet-name>myServlet</servlet-name> <!-- I've even tried <url-pattern>/*</url-pattern> --> </filter-mapping> But whenever I load my pages, I don't get any etag headers in my response. Any suggestions as to what might be going on? Is there any kind of ordering my filters should have? (I'm also using OpenSessionInViewFilter and DelegatingFilterProxy Cheers Nik

    Read the article

  • tomcat axis2 shared libs and spring destroy-method problem

    - by EugeneP
    in tomcat\lib there are axis*, axis2* jars. I cannot delete them [sysadmin won't allow to do that]. My web-app invokes web-services. I put Jax-ws jars directly to myapp/web-inf/lib. so inner calls frow a web app servlets use jax-ws libraries. but since "destroy-method" of the bean invokes a web-service, and session is destroyed, then spring makes a service call through tomcat/lib/* = axis2 libraries, and not by using web-inf/lib/jax-ws* How to: a) while not deleting axis2 libs from shared tomcat folder b) make spring use jax-ws libraries to make a web-service call ?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 25 26 27 28 29 30 31 32 33 34 35 36  | Next Page >