Search Results

Search found 34060 results on 1363 pages for 'webpage access'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 307/1363 | < Previous Page | 303 304 305 306 307 308 309 310 311 312 313 314  | Next Page >

  • Isolated storage misunderstand

    - by Costa
    Hi this is a discussion between me and me to understand isolated storage issue. can you help me to convince me about isolated storage!! This is a code written in windows form app (reader) that read the isolated storage of another win form app (writer) which is signed. where is the security if the reader can read the writer's file, I thought only signed code can access the file! If all .Net applications born equal and have all permissions to access Isolated storage, where is the security then? If I can install and run Exe from isolated storage, why I don't install a virus and run it, I am trusted to access this area. but the virus or what ever will not be trusted to access the rest of file system, it only can access the memory, and this is dangerous enough. I cannot see any difference between using app data folder to save the state and using isolated storage except a long nasty path!! I want to try give low trust to Reader code and retest, but they said "Isolated storage is actually created for giving low trusted application the right to save its state". Reader code: private void button1_Click(object sender, EventArgs e) { String path = @"C:\Documents and Settings\All Users\Application Data\IsolatedStorage\efv5cmbz.ewt\2ehuny0c.qvv\StrongName.5v3airc2lkv0onfrhsm2h3uiio35oarw\AssemFiles\toto12\ABC.txt"; StreamReader reader = new StreamReader(path); var test = reader.ReadLine(); reader.Close(); } Writer: private void button1_Click(object sender, EventArgs e) { IsolatedStorageFile isolatedFile = IsolatedStorageFile.GetMachineStoreForAssembly(); isolatedFile.CreateDirectory("toto12"); IsolatedStorageFileStream isolatedStorage = new IsolatedStorageFileStream(@"toto12\ABC.txt", System.IO.FileMode.Create, isolatedFile); StreamWriter writer = new StreamWriter(isolatedStorage); writer.WriteLine("Ana 2akol we ashrab kai a3eesh wa akbora"); writer.Close(); writer.Dispose(); }

    Read the article

  • Accessing the project system from a Visual Studio MEF Editor extension

    - by Daniel Plaisted
    I'm writing a Visual Studio editor extension using the VS 2010 SDK RC. I'd like to be able to figure out what the references of the current project are. How do I get access to the project corresponding to the current editor? The documentation on editor extensions doesn't seem to include information on how to access non-editor parts of Visual Studio. I did some searching and it looks like in VS2008 you could write add-ins that would access the project system, but I'm trying to get at this functionality from a MEF editor extension.

    Read the article

  • Web/HTML: how do referrer work technically?

    - by NoozNooz42
    I don't understand how comes webserver and trackers like Google Analytics are able to track referrals. Is it part of HTTP? Is it some (un)specified behavior of the browsers? Apparently everytime you click on a link on a webpage, the original webpage is passed along the request. What is the exact mechanism behind that? Is it specified by some spec? I've read a few docs and I've played with my own Tomcat server and my own Google Analytics account, but I don't understand how the "magic" happens. Bonus (totally related) question: if, on my own website (served by Tomcat), I put a link to another site, does the other site see my website as the "referrer" without me doing anything special in Tomcat?

    Read the article

  • Error while trying to deploy blackberry application (Linker Error: 'VerifyError')

    - by Irwin
    Device: Curve 8520 OS: 4.6.1 JDE: 5.0.25 JDK: 1.6 Signed app? Yes. Hello, I'm trying to deploy a blackberry app (called 'ConstituenC') that works fine in the simulator. It uses restricted APIs, so I obtained a key from RIM and applied it via the Java Development Environment. When I attempt to run on my phone (BB Curve, 8520. OS: 4.6.1), it shows an error saying "'ConstituentC' attempts to access a secure API." The following is shown in the BB Event Log: Java Exception: Error starting ConstituentC: Module 'ConstituentC' attempts to access a secure API. Error starting ConstituentC: Module 'ConstituentC' attempts to access a secure API. Linker error: 'VerifyError' for ConstituentC Module 'ConstituentC' attempts to access a secure API module 9621 cannot reference net.rim.blackberry.api.mail.Store CMM: ConstituentC (9621) invalid sig for 0x424252 VM:LINK ConstituentC Any ideas on how this could be resolved?

    Read the article

  • Triggering shouldStartLoadWithRequest with multiple window.location.href calls

    - by AlBeebe
    Im trying to pass multiple things from a webpage inside a UIWebView back to my iPhone app via the shouldStartLoadWithRequest method of the UIWebView. Basically my webpage calls window.location.href = "command://foo=bar" and i am able to intercept that in my app no problem. Now if i create a loop and do multiple window.location.href calls at once, then shouldStartLoadWithRequest only appears to get called on once and the call it gets is the very last firing of window.location.href at the end of the loop. The same thing happens with the webview for Android, only the last window.location.href gets processed.

    Read the article

  • Preventing Doctrine from Dropping / Recreating Database When using build --all

    - by Levi Hackwith
    The problem: I have a database that's running on a shared server. I do not have permission to drop/ create a database via the command line doctrine SQLSTATE[42000]: Syntax error or access violation: 1044 Access denied for user 'opnsrce'@'173.236.128.0/255.255.128.0' to database 'dev'. Failing Query: "DROP DATABASE dev" doctrine Creating "all" environment "doctrine" database doctrine SQLSTATE[42000]: Syntax error or access violation: 1044 Access denied for user 'opnsrce'@'173.236.128.0/255.255.128.0' to database 'dev'. Failing Query: "CREATE DATABASE dev" This error occurs when I run /dh/cgi-system/php5.cgi symfony doctrine:build --all --no-confirmation The Question: How do I run build-all while simultaneously telling doctrine to not drop / create the database (it already exists)?

    Read the article

  • Using Google AppEngine app as a OAuth provider

    - by Alistair
    Hi, I'm using the Google AppEngine 1.3.4 SDK which offers to allow your application to act as a OAuth service provider (http://code.google.com/appengine/docs/python/oauth/). Setting up a standard application on my localhost and using the following: Request URL /_ah/OAuthGetRequestToken Authorize URL /_ah/OAuthAuthorizeToken Access Token URL /_ah/OAuthGetAccessToken The client application just gets sent to a page requesting to grant OAuth access even though no user is logged in. Clicking 'Grant access' results in a message saying 'OAuth access granted' with no tokens or anything exchange. Can't see how this could work when it's not even prompting for a login. As this functionality is quite new I can't find much out there. I've created a OAuth provider before in Rails and know that you need a Consumer Key and Secret, something that seems to be lacking in GAE? Any ideas on how to get OAuth working in a sample GAE project are most welcome.

    Read the article

  • Broken pipe error in rails with memcached

    - by abronte
    I keep running into this error MemCacheError (Broken pipe): Broken pipe on my Rails app and I can't figure out why. When I access memcached via Rails.cache in my controller, the first 1 or 2 read/writes always seems to throw the broken pipe error. But when I access memcached by creating a new object, ActiveSupport::Cache::MemCacheStore.new, I don't seem to get this error. I also access memcached in another ruby process, and the first read always has this error regardless of the way I access memcached. I did implement a work around just by retrying the read but id rather have a better long term solution. Currently the only time I see this problem is after I restart memcached. I'm using Rails 2.3.5 and memcached 1.4.4 (I've also tried this with memcached 1.2.2).

    Read the article

  • Accessing SQL Server using an IP Address and Port Number ... Help!

    - by Mike
    I need to access an SQL Server that is on a machine behind a firewall and you access this machine using an ip address like 95.95.95.33:6930 (not the real ip address) ... But, you get my point that by accessing 95.95.95.33 on port 6930, the firewall routes the requests to that particular machine ... My question is ... How do you construct a connection string to access the machine at address 95.95.95.33:6930 and then further access the SQL Server on port 1433 or maybe a different port like 8484 ??? Thanks Mike

    Read the article

  • .NET Impersonate and file upload issues

    - by Jagd
    I have a webpage that allows a user to upload a file to a network share. When I run the webpage locally (within VS 2008) and try to upload the file, it works! However, when I deploy the website to the webserver and try to upload the file through the webpage, it doesn't work! The error being returned to me on the webserver says "Access to the path '\05prd1\emp\test.txt' is denied. So, obviously, this is a permissions issue. The network share is configured to allow full access both to me (NT authentication) and to the NETWORK SERVICE (which is .NET's default account and what we have set in our IIS application pool as the default user for this website). I have tried this with and without impersonation upon the webserver and neither way works, yet both ways work on my local machine (in other words, with and without impersonation works on my local machine). The code that does the file upload is below. Please note that the code below includes impersonation, but like I said above, I've tried it with and without impersonation and it's made no difference. if (fuCourses.PostedFile != null && fuCourses.PostedFile.ContentLength > 0) { System.Security.Principal.WindowsImpersonationContext impCtx; impCtx = ((System.Security.Principal.WindowsIdentity)User.Identity).Impersonate(); try { lblMsg.Visible = true; // The courses file to be uploaded HttpPostedFile file = fuCourses.PostedFile; string fName = file.FileName; string uploadPath = "\\\\05prd1\\emp\\"; // Get the file name if (fName.Contains("\\")) { fName = fName.Substring( fName.LastIndexOf("\\") + 1); } // Delete the courses file if it is already on \\05prd1\emp FileInfo fi = new FileInfo(uploadPath + fName); if (fi != null && fi.Exists) { fi.Delete(); } // Open new file stream on \\05prd1\emp and read bytes into it from file upload FileStream fs = File.Create(uploadPath + fName, file.ContentLength); using (Stream stream = file.InputStream) { byte[] b = new byte[4096]; int read; while ((read = stream.Read(b, 0, b.Length)) > 0) { fs.Write(b, 0, read); } } fs.Close(); lblMsg.Text = "File Successfully Uploaded"; lblMsg.ForeColor = System.Drawing.Color.Green; } catch (Exception ex) { lblMsg.Text = ex.Message; lblMsg.ForeColor = System.Drawing.Color.Red; } finally { impCtx.Undo(); } } Any help on this would be very appreciated!

    Read the article

  • How to control respond_to based on variable in Rails controller?

    - by smotchkkiss
    The dilemma I'm using a before_filter in my controller that restricts access to admins. However, I want to allow access public access to some methods based on request format. See the index method to understand what I'm talking about. items_controller.rb class ItemsController < ApplicationController before_filter :superuser_required layout 'superuser' def index @items = Item.all respond_to do |format| format.html format.js # I want public to have access to this end end def show @item = Item.find(params[:id]) respond_to do |format| format.html end end def new @item = Item.new respond_to do |format| format.html end end # remaining controller methods # ... def superuser_required redirect_to login_path unless current_user.superuser? end end

    Read the article

  • .Net System.Net.HttpWebRequest & Authentication Cookies

    - by James
    I would like to know if the following is possible: As part of the PageLoad of an ASP.Net page request: Use HttpWebRequest (POST) to make a request to a forms authentication webpage of a different web application Examine the response to see if the authentication succeeded (identifiable if an authentication cookie has been set) If it fails, then finish the ASP.Net page request, which will display a message saying "couldn't auto-login" or some such thing If success, then instead of completing the ASP.Net page lifecycle, use "Response.Write" to send the response from the HttpWebRequest back to the browser (thus essentially displaying the webpage from the HttpWebRequest) If the above is possible, then, is there also a way to transfer the authentication cookie from the HttpWebResponse to the requesting browser? My gut feeling is probably not - but if this is the case, then how do proxy servers handle such things? Is that not essentially what they are doing? Thanks for any help

    Read the article

  • acessing network shared folder with a username and password string in vb.net

    - by Irene
    i am using the following code to read the details from a network folder which is restricted for only one user shell("net use q: \\serveryname\foldername /user:admin pwrd", AppWinStyle.Hide, True, 10000) Process.Start(path) shell("net use q: /delete") when i run this to open any pdf or jpg or any other files except word/excel/powerpoint, everything is working fine. but the problem comes only when i access a word file. in the step one, i am giving permission to access the word file. in the step two, word file is open. in the third, i am deleting the q drive. the problem is the word file is still open. so i am getting a dos window, saying that "some connections of still connected or searching some folders, do you want to force disconnect" please help.... how to access a word file (editable files) providing user name and password from the code and at the same time he shoud not have access to any other folders directly.

    Read the article

  • Cookie won't unset

    - by Jordan Satok
    OK, I'm stumped, and have been staring at this for hours. I'm setting a cookie at /access/login.php with the following code: setcookie('username', $username, time() + 604800, '/'); When I try to logout, which is located at /access/logout.php (and rewritten to /access/logout), the cookie won't seem to unset. I've tried the following: setcookie('username', false, time()-3600, '/'); setcookie('username', '', time()-3600, '/'); setcookie('username', '', 1, '/'); I've also tried to directly hit /access/logout.php, but it's not working. Nothing shows up in the php logs. Any suggestions? I'm not sure if I'm missing something, or what's going on, but it's been hours of staring at this code and trying to debug.

    Read the article

  • .NET Impersonate not working!

    - by Jagd
    I have a webpage that allows a user to upload a file to a network share. When I run the webpage locally (within VS 2008) and try to upload the file, it works! However, when I deploy the website to the webserver and try to upload the file through the webpage, it doesn't work! The error being returned to me on the webserver says "Access to the path '\05prd1\emp\test.txt' is denied. So, obviously, this is a permissions issue. The network share is configured to allow full access both to me (NT authentication) and to the NETWORK SERVICE (which is .NET's default account and what we have set in our IIS application pool as the default user for this website). I have tried this with and without authentication, and neither one works on the webserver, yet both ways works on my local machine. The code that does the file upload is below. Please note that the code below includes impersonation, but like I said above, I've tried it with and without impersonation and it's made no difference. if (fuCourses.PostedFile != null && fuCourses.PostedFile.ContentLength > 0) { System.Security.Principal.WindowsImpersonationContext impCtx; impCtx = ((System.Security.Principal.WindowsIdentity)User.Identity).Impersonate(); try { lblMsg.Visible = true; // The courses file to be uploaded HttpPostedFile file = fuCourses.PostedFile; string fName = file.FileName; string uploadPath = "\\\\05prd1\\emp\\"; // Get the file name if (fName.Contains("\\")) { fName = fName.Substring( fName.LastIndexOf("\\") + 1); } // Delete the courses file if it is already on \\05prd1\emp FileInfo fi = new FileInfo(uploadPath + fName); if (fi != null && fi.Exists) { fi.Delete(); } // Open new file stream on \\05prd1\emp and read bytes into it from file upload FileStream fs = File.Create(uploadPath + fName, file.ContentLength); using (Stream stream = file.InputStream) { byte[] b = new byte[4096]; int read; while ((read = stream.Read(b, 0, b.Length)) > 0) { fs.Write(b, 0, read); } } fs.Close(); lblMsg.Text = "File Successfully Uploaded"; lblMsg.ForeColor = System.Drawing.Color.Green; } catch (Exception ex) { lblMsg.Text = ex.Message; lblMsg.ForeColor = System.Drawing.Color.Red; } finally { impCtx.Undo(); } } Any help on this would be very appreciated!

    Read the article

  • Spring Security 3.0 - Intercept-URL - All pages require authentication but one

    - by gav
    Hi All, I want any user to be able to submit their name to a volunteer form but only administrators to be able to view any other URL. Unfortunately I don't seem to be able to get this correct. My resources.xml are as follows; <?xml version="1.0" encoding="UTF-8"?> <beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd"> <http realm = "BumBumTrain Personnel list requires you to login" auto-config="true" use-expressions="true"> <http-basic/> <intercept-url pattern="/person/volunteer*" access=""/> <intercept-url pattern="/**" access="isAuthenticated()" /> </http> <authentication-manager alias="authenticationManager"> <authentication-provider> <user-service> <user name="admin" password="admin" authorities="ROLE_ADMIN"/> </user-service> </authentication-provider> </authentication-manager> </beans:beans> Specifically I am trying to achieve the access settings I described via; <intercept-url pattern="/person/volunteer*" access=""/> <intercept-url pattern="/**" access="isAuthenticated()" /> Could someone please describe how to use intercept-url to achieve the outcome I've described? Thanks Gav

    Read the article

  • Starting a VC++ .exe from MSAccess

    - by Pieter_Jack
    For a complex calculating problem we use an VC++ module (.exe). For the users we have build an ms Access application as userinterface. After input dthe calculating module should start and do its job. The result is again imported in Ms Access. However we work wit dBase files (.dbf) as datafiles. The calculating unit works fine by its own, but when access is running it wo'nt do its job. It will start-up when called from the Access module, but then generates errors or at least does not write correct results to a datatable. We cannot find the reason for this beheavior. Can anyone give us a tip?

    Read the article

  • Using MySQL in Pydev Eclipse

    - by Hossein
    Hi, I am trying to access a MySQL database with python through Pydev Eclipse. I have installed the necessary files to access MysQL from python and I can access the database only when I write code in Python IDLE environment and run it from command prompt. However I am not able to run my applications from Pydev. when I use this "import MysqlDB" i get an error, but in IDLE no errors and my code runs very smoothly. Does anyone know were the problem is? Thanks

    Read the article

  • Updated MVC 4 to 5.2.0 via Nuget Site compiles but wont run

    - by hjavaher
    I had the bright idea of updating my perfectly working ASP.Net MVC 4 application to the MVC 5 via nuget, Everything compiles just fine but when I try to run the application I get the following yellow screen of death. Has anyone gotten this or know how to solve it? I've searched for it and couldn't find any solutions. Please let me know if there is any farther information that would help you that I can give you. Attempt by security transparent method 'WebMatrix.WebData.PreApplicationStartCode.Start()' to access security critical method 'System.Web.WebPages.Razor.WebPageRazorHost.AddGlobalImport(System.String)' failed. Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. Exception Details: System.MethodAccessException: Attempt by security transparent method 'WebMatrix.WebData.PreApplicationStartCode.Start()' to access security critical method 'System.Web.WebPages.Razor.WebPageRazorHost.AddGlobalImport(System.String)' failed. Source Error: An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below. Stack Trace: [MethodAccessException: Attempt by security transparent method 'WebMatrix.WebData.PreApplicationStartCode.Start()' to access security critical method 'System.Web.WebPages.Razor.WebPageRazorHost.AddGlobalImport(System.String)' failed.] WebMatrix.WebData.PreApplicationStartCode.Start() +112 [InvalidOperationException: The pre-application start initialization method Start on type WebMatrix.WebData.PreApplicationStartCode threw an exception with the following error message: Attempt by security transparent method 'WebMatrix.WebData.PreApplicationStartCode.Start()' to access security critical method 'System.Web.WebPages.Razor.WebPageRazorHost.AddGlobalImport(System.String)' failed..] System.Web.Compilation.BuildManager.InvokePreStartInitMethodsCore(ICollection`1 methods, Func`1 setHostingEnvironmentCultures) +556 System.Web.Compilation.BuildManager.InvokePreStartInitMethods(ICollection`1 methods) +132 System.Web.Compilation.BuildManager.CallPreStartInitMethods(String preStartInitListPath, Boolean& isRefAssemblyLoaded) +102 System.Web.Compilation.BuildManager.ExecutePreAppStart() +153 System.Web.Hosting.HostingEnvironment.Initialize(ApplicationManager appManager, IApplicationHost appHost, IConfigMapPathFactory configMapPathFactory, HostingEnvironmentParameters hostingParameters, PolicyLevel policyLevel, Exception appDomainCreationException) +516 [HttpException (0x80004005): The pre-application start initialization method Start on type WebMatrix.WebData.PreApplicationStartCode threw an exception with the following error message: Attempt by security transparent method 'WebMatrix.WebData.PreApplicationStartCode.Start()' to access security critical method 'System.Web.WebPages.Razor.WebPageRazorHost.AddGlobalImport(System.String)' failed..] System.Web.HttpRuntime.FirstRequestInit(HttpContext context) +9885060 System.Web.HttpRuntime.EnsureFirstRequestInit(HttpContext context) +101 System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context) +254

    Read the article

  • Connection string in app.config in a class library

    - by Copeleto
    I am creating solution and inside I have three projects: A WCF Service Library Project A DataAccess Project (Class Library) A Web site for hosting WCF service The implementation of the service is on the project # 1, but in order to access the DataBase I use a second project that implements the data access using a class library project. That problem is in order to get data access I need to configure a connection string, but that connection string must be configurable in a production environment, I meant in production I am going to deploy the site, which is a very simple project that contains only a reference WCF Service Library Project then a guy from database department will configure the connection string. In development I have an app.config on the data access project but when I do the release that app.config is embedded on the dll. Any ideas how can we achieve our purpose

    Read the article

  • Design suggestion for expression tree evaluation with time-series data

    - by Lirik
    I have a (C#) genetic program that uses financial time-series data and it's currently working but I want to re-design the architecture to be more robust. My main goals are: sequentially present the time-series data to the expression trees. allow expression trees to access previous data rows when needed. to optimize performance of the data access while evaluating the expression trees. keep a common interface so various types of data can be used. Here are the possible approaches I've thought about: I can evaluate the expression tree by passing in a data row into the root node and let each child node use the same data row. I can evaluate the expression tree by passing in the data row index and letting each node get the data row from a shared DataSet (currently I'm passing the row index and going to multiple synchronized arrays to get the data). Hybrid: an immutable data set is accessible by all of the expression trees and each expression tree is evaluated by passing in a data row. The benefit of the first approach is that the data row is being passed into the expression tree and there is no further query done on the data set (which should increase performance in a multithreaded environment). The drawback is that the expression tree does not have access to the rest of the data (in case some of the functions need to do calculations using previous data rows). The benefit of the second approach is that the expression trees can access any data up to the latest data row, but unless I specify what that row is, I'll have to iterate through the rows and figure out which one is the last one. The benefit of the hybrid is that it should generally perform better and still provide access to the earlier data. It supports two basic "views" of data: the latest row and the previous rows. Do you guys know of any design patterns or do you have any tips that can help me build this type of system? Should I use a DataSet to hold and present the data, or are there more efficient ways to present rows of data while maintaining a simple interface? FYI: All of my code is written in C#.

    Read the article

  • Temporarily impersonate and enable privileges?

    - by Luke
    We maintain a DLL that does a lot of system-related things; traversing the file system, registry, etc. The callers of this DLL may or may not be using impersonation. In order to better support all possible scenarios I'm trying to modify it to be smarter. I'll use the example of deleting a file. Currently we just call DeleteFile(), and if that fails that's the end of that. I've come up with the following: BOOL TryReallyHardToDeleteFile(LPCTSTR lpFileName) { // 1. caller without privilege BOOL bSuccess = DeleteFile(lpFileName); DWORD dwError = GetLastError(); if(!bSuccess && dwError == ERROR_ACCESS_DENIED) { // failed with access denied; try with privilege DWORD dwOldRestorePrivilege = 0; BOOL bHasRestorePrivilege = SetPrivilege(SE_RESTORE_NAME, SE_PRIVILEGE_ENABLED, &dwOldRestorePrivilege); if(bHasRestorePrivilege) { // 2. caller with privilege bSuccess = DeleteFile(lpFileName); dwError = GetLastError(); SetPrivilege(SE_RESTORE_NAME, dwOldRestorePrivilege, NULL); } if(!bSuccess && dwError == ERROR_ACCESS_DENIED) { // failed with access denied; if caller is impersonating then try as process HANDLE hToken = NULL; if(OpenThreadToken(GetCurrentThread(), TOKEN_QUERY | TOKEN_IMPERSONATE, TRUE, &hToken)) { if(RevertToSelf()) { // 3. process without privilege bSuccess = DeleteFile(lpFileName); dwError = GetLastError(); if(!bSuccess && dwError == ERROR_ACCESS_DENIED) { // failed with access denied; try with privilege bHasRestorePrivilege = SetPrivilege(SE_RESTORE_NAME, SE_PRIVILEGE_ENABLED, &dwOldRestorePrivilege); if(bHasRestorePrivilege) { // 4. process with privilege bSuccess = DeleteFile(lpFileName); dwError = GetLastError(); SetPrivilege(SE_RESTORE_NAME, dwOldRestorePrivilege, NULL); } } SetThreadToken(NULL, hToken); } CloseHandle(hToken); hToken = NULL; } } } if(!bSuccess) { SetLastError(dwError); } return bSuccess; } So first it tries as the caller. If that fails with access denied, it temporarily enables privileges in the caller's token and tries again. If that fails with access denied and the caller is impersonating, it temporarily unimpersonates and tries again. If that fails with access denied, it temporarily enables privileges in the process token and tries again. I think this should handle pretty much any situation, but I was wondering if there was a better way to achieve this? There are a lot of operations that we would potentially want to use this method (i.e. pretty much any operation that accesses securable objects).

    Read the article

  • REST, caching, and authorizing with multiple user roles

    - by keithjgrant
    We have a system with multiple different levels of access--sometimes even for the same user as they switch between multiple roles. We're beginning a discussion on moving over to a RESTful implementation of things. I'm just starting to get my feet wet with the whole REST thing. So how do I go about limiting access to the correct records when they access a resource, particularly when taking caching into consideration? If user A access example.com/employees they would receive a different response than user B; user A may even receive a different response as he switches to a different role. To help facilitate caching, should the id of the role be somehow incorporated into the uri? Maybe something like example.com/employees/123 (which violates the rules of REST), or as some sort of subordinate resource like example.com/employees/role/123 (which seems silly, since role/### is going to be appended to URIs all over the place). I can help but think I'm missing something here.

    Read the article

  • Creating a Facebook session for getting page info

    - by Marty Haught
    I am trying to get info on a page that my user is admin for. This user has granted my fb_connect app offline access. I have saved the session_key that allows offline access (it has the user's id in it). I am able to publish to this fan page with this session key. But when I try to access the page's info I get an SessionExpired error. This doesn't make sense. Look at the code and output below: p is is a 'profile' object that holds the three pieces of relevant fb data (user_id, session_key and page id) fb_session = Facebooker::Session.create = # fb_session.secure_with!(p.fb_session_key, p.fb_user_id, 0) = nil fb_session.user.has_permission?("offline_access") = true fb_session.user.has_permission?("publish_stream") = true fb_session.user.has_permission?("read_stream") = true pages = fb_session.fql_query("select fan_count from page where page_id = #{p.fb_page_id}") Facebooker::Session::SessionExpired: Session key invalid or no longer valid ... pages = fb_session.pages(:fields = {:page_ids = p.fb_page_id}) Facebooker::Session::SessionExpired: Session key invalid or no longer valid ... pages = Facebooker::Session.create.fql_query("select fan_count from page where page_id = #{p.fb_page_id}") = [#] Perhaps I'm not creating the session right or maybe offline access doesn't give me access to the user's page even though I have permissions to push to it. As you can see when I just use an anon session I'm able to get the fan count, which I'm guessing is publicly available. Does anyone have an idea on this?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 303 304 305 306 307 308 309 310 311 312 313 314  | Next Page >