Search Results

Search found 4919 results on 197 pages for 'membership provider'.

Page 31/197 | < Previous Page | 27 28 29 30 31 32 33 34 35 36 37 38  | Next Page >

  • Provider claiming "all web servers in the cloud are automatically kept in sync" - should I be skeptical?

    - by RobMasters
    I'm no expert in cloud computing - I've spent a fair bit of time researching it and various providers but am yet to get any hands-on experience with it. From what I've read about AWS and auto-scaling EC2 instances though, it seems as though each instance should be completely decoupled from all other instances. i.e. If content is uploaded to the web server's local filesystem from a custom CMS backend then that content won't be available if subsequently requested from a different web server in the auto-scaling group. Is that right? I met with a representative of our existing hosting provider recently and he was claiming that it isn't a problem that our legacy CMS system is highly dependent on having a local filesystem. He said that all web servers, regardless of how many, would be kept as exact duplicates so I shouldn't notice any difference compared to our existing setup of a single dedicated server. This smells a little too much like bull fecal-matter to me...should I be skeptical about this? I'm a little worried because my (non-technical) boss who ultimately makes the decisions is all for signing up to this cloud solution because it won't require any extra work. I'm sure that they must at least be able to provide this, otherwise they wouldn't be attempting to sell it to us. But at what cost? It sounds as though each web server will always need to be checking the other web server(s) for new static content, which to me sounds like unwanted overhead that'll slow things down. I'd really appreciate it if somebody could clear this up to me. I'm all for switching to AWS and using S3+CloudFront for all static content, but that isn't looking very likely to happen at the moment.

    Read the article

  • Moving StarterSTS to the (Azure) Cloud

    - by Your DisplayName here!
    Quite some people asked me about an Azure version of StarterSTS. While I kinda knew what I had to do to make the move, I couldn’t find the time. Until recently. This blog post briefly documents the necessary changes and design decisions for the next version of StarterSTS which will work both on-premise and on Azure. Provider Fortunately StarterSTS is already based on the idea of “providers”. Authentication, roles and claims generation is based on the standard ASP.NET provider infrastructure. This makes the migration to different data stores less painful. In my case I simply moved the ASP.NET provider database to SQL Azure and still use the standard SQL Server based membership, roles and profile provider. In addition StarterSTS has its own providers to abstract resource access for certificates, relying party registration, client certificate registration and delegation. So I only had to provide new implementations. Signing and SSL keys now go in the Azure certificate store and user mappings (client certificates and delegation settings) have been moved to Azure table storage. The one thing I didn’t anticipate when I originally wrote StarterSTS was the need to also encapsulate configuration. Currently configuration is “locked” to the standard .NET configuration system. The new version will have a pluggable SettingsProvider with versions for .NET configuration as well as Azure service configuration. If you want to externalize these settings into e.g. a database, it is now just a matter of supplying a corresponding provider. Moving between the on-premise and Azure version will be just a matter of using different providers. URL Handling Another thing that’s substantially different on Azure (and load balanced scenarios in general) is the handling of URLs. In farm scenarios, the standard APIs like ASP.NET’s Request.Url return the current (internal) machine name, but you typically need the address of the external facing load balancer. There’s a hotfix for WCF 3.5 (included in v4) that fixes this for WCF metadata. This was accomplished by using the HTTP Host header to generate URLs instead of the local machine name. I now use the same approach for generating WS-Federation metadata as well as information card files. New Features I introduced a cache provider. Since we now have slightly more expensive lookups (e.g. relying party data from table storage), it makes sense to cache certain data in the front end. The default implementation uses the ASP.NET web cache and can be easily extended to use products like memcached or AppFabric Caching. Starting with the relying party provider, I now also provide a read/write interface. This allows building management interfaces on top of this provider. I also include a (very) simple web page that allows working with the relying party provider data. I guess I will use the same approach for other providers in the future as well. I am also doing some work on the tracing and health monitoring area. Especially important for the Azure version. Stay tuned.

    Read the article

  • Unity and Object Creation

    - by William
    I am using unity as my IoC container. I am trying to implement a type of IProviderRepository. The concrete implementation has a constructor that accepts a type of IRepository. When I remove the constructor parameter from the concrete implementation everything works fine. I am sure the container is wired correctly. When I try to create the concrete object with the constructor I receive the following error: "The current build operation (build key Build Key[EMRGen.Infrastructure.Data.IRepository1[EMRGen.Model.Provider.Provider], null]) failed: The current type, EMRGen.Infrastructure.Data.IRepository1[EMRGen.Model.Provider.Provider], is an interface and cannot be constructed. Are you missing a type mapping? (Strategy type BuildPlanStrategy, index 3)". Is it possible to achieve the above mention functionality with Unity? Namely have Unity infer a concrete type from the Interface and also inject the constructor of the concrete type with the appropriate concrete object based on constructor parameters. Below is sample of my types defined in Unity and a skeleton class listing for what I want to achieve. IProviderRepository is implemented by ProviderRepository which has a constructor that expects a type of IRepository. <typeAlias alias="ProviderRepositoryInterface" type="EMRGen.Model.Provider.IProviderRepository, EMRGen.Model" /> <typeAlias alias="ProviderRepositoryConcrete" type="EMRGen.Infrastructure.Repositories.Providers.ProviderRepository, EMRGen.Infrastructure.Repositories" /> <typeAlias alias="ProviderGenericRepositoryInterface" type="EMRGen.Infrastructure.Data.IRepository`1[[EMRGen.Model.Provider.IProvider, EMRGen.Model]], EMRGen.Infrastructure" /> <typeAlias alias="ProviderGenericRepositoryConcrete" type="EMRGen.Infrastructure.Repositories.EntityFramework.ApplicationRepository`1[[EMRGen.Model.Provider.Provider, EMRGen.Model]], EMRGen.Infrastructure.Repositories" /> <!-- Provider Mapping--> <typeAlias alias="ProviderInterface" type="EMRGen.Model.Provider.IProvider, EMRGen.Model" /> <typeAlias alias="ProviderConcrete" type="EMRGen.Model.Provider.Doctor, EMRGen.Model" /> //Illustrate the call being made inside my class public class PrescriptionService { PrescriptionService() { IUnityContainer uc = UnitySingleton.Instance.Container; UnityServiceLocator unityServiceLocator = new UnityServiceLocator(uc); ServiceLocator.SetLocatorProvider(() => unityServiceLocator); IProviderRepository pRepository = ServiceLocator.Current.GetInstance<IProviderRepository>(); } } public class GenericRepository<IProvider> : IRepository<IProvider> { } public class ProviderRepository : IProviderRepository { private IRepository<IProvider> _genericProviderRepository; //Explict public default constructor public ProviderRepository(IRepository<IProvider> genericProviderRepository) { _genericProviderRepository = genericProviderRepository; } }

    Read the article

  • How to pass binary data between two apps using Content Provider?

    - by Viktor
    I need to pass some binary data between two android apps using Content Provider (sharedUserId is not an option). I would prefer not to pass the data (a savegame stored as a file, small in size < 20k) as a file (ie. overriding openFile()) since this would necessitate some complicated temp-file scheme to cope with concurrency with several content provider accesses and a running game. I would like to read the file into memory under a mutex lock and then pass the binary array in the simplest way possible. How do I do this? It seems creating a file in memory is not a possibility due to the return type of openFile(). query() needs to return a Cursor. Using MatrixCursor is not possible since it applies toString() to all stored objects when reading it. What do I need to do? Implement a custom Cursor? This class has 30 abstract methods. Do I read the file, put it in a SQLite db and return the cursor? The complexity of this seemingly simple task is mindboggling.

    Read the article

  • Is Google the only OpenID provider that requires "identifier_select"?

    - by Skrat
    I am developing an OpenID consumer in PHP and am using the fantastic LightOpenID library (http://gitorious.org/lightopenid). Basing my code off of that found in the example client script I have successfully created a consumer. However, I've run across a snag: Google requires the openid.identity and openid.claimed_id to be set to "http://specs.openid.net/auth/2.0/identifier_select" (see here). If I do that it works but other providers (i.e. AOL) don't. Here are my questions: Is Google a corner case –– is it the only OpenID provider where identifier_select is required, contrary to the OpenID specs? Is there a shortcoming in the LightOpenID library? Is my understanding of how OpenID works incorrect? If Google is not the only provider that requires identifier_select are there a finite number of them which I'll just hardcode in, or is there someway to determine this through the OpenID spec? I'm new to the internals of OpenID so I wouldn't be surprised if this is a dumb question. I haven't been able to find any info on this subject after scouring the Internet.

    Read the article

  • How do I update the memberOf attributes of existing objects after adding the OpenLDAP Reverse Group Membership Maintenance overlay?

    - by mss
    This is a follow-up to this question: I added the memberof overlay to an existing OpenLDAP 2.4 server. Now I want to update the existing user objects. For new group memberships, the memberOf attribute is updated correctly. But I have a bunch of existing groups which aren't updated automatically. I could remove all users from their groups and re-add them to make sure these entries are in sync. Since this is a Univention Corporate Server which does a lot of magic when you modify the LDAP, I don't want to risk breaking my directory. Is there a way to trick the overlay to update these operational attributes?

    Read the article

  • inbound/outbound url routing in asp.net MVC

    - by Stephane
    The routing I need is quite simple, I must be missing something there. As code example I put the simpler situation where I can reproduce my behavior. You have this ActionMethod : public ActionResult Index(string provider) { ViewData["Message"] = provider; return View("Index"); } And you have this route : routes.MapRoute( null, "{controller}/{action}/{provider}", new { controller = "Home", action = "Index", provider = "Default" } ); // Parameter defaults You can call /Home/Index/Custom and provider will take the value "Custom" What Route would I need if I want the url /?provider=Custom to map the provider to the parameter. I thought that would just work, because the default controller and the default action would be used, and the provider from the querystring would be used instead of the default one. but the querystring is just ignored here. That's a problem in my situation as I have a form using HTTP GET method. The form action has to be Html.BeginForm(c=c.Index(null)) which is resolved as / and the value of my form are added in the querystring. (the provider being a dropdown in the form) So the url built by the form is /?abc=value&cde=value...

    Read the article

  • Is it possible to convert a 40-character SHA1 hash to a 20-character SHA1 hash?

    - by ewitch
    My problem is a bit hairy, and I may be asking the wrong questions, so please bear with me... I have a legacy MySQL database which stores the user passwords & salts for a membership system. Both of these values have been hashed using the Ruby framework - roughly like this: hashedsalt = Digest::SHA1.hexdigest("--#{Time.now.to_s}--#{login}--") hashedpassword = Digest::SHA1.hexdigest("#{hashedsalt}:#{password}") So both values are stored as 40-character strings (varchar(40)) in MySQL. Now I need to import all of these users into the ASP.NET membership framework for a new web site, which uses a SQL Server database. It is my understanding that the the way I have ASP.NET membership configured, the user passwords and salts are also stored in the membership database (in table aspnet_Membership) as SHA1 hashes, which are then Base64 encoded (see here for details) and stored as nvarchar(128) data. But from the length of the Base64 encoded strings that are stored (28 characters) it seems that the SHA1 hashes that ASP.NET membership generates are only 20 characters long, rather than 40. From some other reading I have been doing I am thinking this has to do with the number of bits per character/character set/encoding or something related. So is there some way to convert the 40-character SHA1 hashes to 20-character hashes which I can then transfer to the new ASP.NET membership data table? I'm pretty familiar with ASP.NET membership by now but I feel like I'm just missing this one piece. However, it may also be known that SHA1 in Ruby and SHA1 in .NET are incompatible, so I'm fighting a losing battle... Thanks in advance for any insight.

    Read the article

  • About Data Objects and DAO Design when using Hibernate

    - by X. Ma
    I'm hesitating between two designs of a database project using Hibernate. Design #1. (1) Create a general data provider interface, including a set of DAO interfaces and general data container classes. It hides the underneath implementation. A data provider implementation could access data in database, or an XML file, or a service, or something else. The user of a data provider does not to know about it. (2) Create a database library with Hibernate. This library implements the data provider interface in (1). The bad thing about Design #1 is that in order to hide the implementation details, I need to create two sets of data container classes. One in the general data provider interface - let's call them DPI-Objects, the other set is used in the database library, exclusively for entity/attribute mapping in Hibernate - let's call them H-Objects. In the DAO implementation, I need to read data from database to create H-Objects (via Hibernate) and then convert H-Objects into DPI-Objects. Design #2. Do not create a general data provider interface. Expose H-Objects directly to components that use the database lib. So the user of the database library needs to be aware of Hibernate. I like design #1 more, but I don't want to create two sets of data container classes. Is that the right way to hide H-Objects and other Hibernate implementation details from the user who uses the database-based data provider? Are there any drawbacks of Design #2? I will not implement other data provider in the new future, so should I just forget about the data provider interface and use Design #2? What do you think about this? Thanks for your time!

    Read the article

  • Working with extra fields in an Inline form - save_model, save_formset, can't make sense of the diff

    - by magicrebirth
    Suppose I am in the usual situation where there're extra fields in the many2many relationship: class Person(models.Model): name = models.CharField(max_length=128) class Group(models.Model): name = models.CharField(max_length=128) members = models.ManyToManyField(Person, through='Membership') class Membership(models.Model): person = models.ForeignKey(Person) group = models.ForeignKey(Group) date_joined = models.DateField() invite_reason = models.CharField(max_length=64) # other models which are unrelated to the ones above.. class Trip(models.Model): placeVisited = models.ForeignKey(Place) visitor = models.ForeignKey(Person) pleasuretrip = models.Boolean() class Place(models.Model): name = models.CharField(max_length=128) I want to add some extra fields in the Membership form that gets displayed through the Inline. These fields basically are a shortcut to the instantiation of another model (Trip). Trip can have its own admin views, but these shortcuts are needed because when my project partners are entering 'Membership' data in the system they happen to have also the 'Trip' information handy (and also because some of the info in Membership can just be copied over to Trip etc. etc.). So all I want to have is two extra fields in the Membership Inline - placeVisited and pleasuretrip - which together with the Person instance will let me instantiate the Trip model in the background... I found out I can easily add extra fields to the inline view by defining my own form. But once the data have been entered, how and when to reference to them in order to perform the save operations I need to do? class MyForm(forms.ModelForm): place = forms.ModelChoiceField(required=False, queryset=Place.objects.all(), label="place",) pleasuretrip = forms.BooleanField(required=False, label="...") class MembershipInline(admin.TabularInline): model = Membership form = MyForm def save_model(self, request, obj, form, change): place = form.place pleasuretrip = form.pleasuretrip person = form.person .... # now I can create Trip instances with those data .... obj.save() class GroupAdmin(admin.ModelAdmin): model = Group .... inlines = (MembershipInline,) This doesn't seem to work... I'm also a bit puzzled by the save_formset method... maybe is that the one I should be using? Many thanks in advance for the help!!!!

    Read the article

  • fetching gps location in blackberry

    - by SWATI
    in my application i try to fetch users location but it always 0.0 for both latitude and longitude.I have seen blackberry forum but couldn't find what am i doing wrong??? code : package com.MyChamberApp; import javax.microedition.location.Criteria; import javax.microedition.location.Location; import javax.microedition.location.LocationListener; import javax.microedition.location.LocationProvider; public class GPS_Location { static double longi; static double lati; public GPS_Location() { } public void location() { new LocationTracker(); } class LocationTracker { private LocationProvider provider; Criteria cr; public LocationTracker() { resetGPS(); } public void resetGPS() { try { cr = new Criteria(); cr.setPreferredPowerConsumption(Criteria.POWER_USAGE_HIGH); cr.setPreferredResponseTime(120000); cr.setCostAllowed(true); provider = LocationProvider.getInstance(cr); provider.getLocation(120); if (provider != null) { provider.setLocationListener(new MyLocationListener(), 1,1,1); } } catch (Exception e) {} } public void run(){} private class MyLocationListener implements LocationListener { public void providerStateChanged(LocationProvider provider,int newState) { if (newState == LocationProvider.TEMPORARILY_UNAVAILABLE) { provider.reset(); resetGPS(); } if (newState == LocationProvider.OUT_OF_SERVICE) { provider.reset(); resetGPS(); } } public void locationUpdated(LocationProvider provider,Location location) { if (location != null && location.isValid()) { try { lati = location.getQualifiedCoordinates().getLatitude(); longi = location.getQualifiedCoordinates().getLongitude(); } catch (Exception e) {} } } } } } i have tried this code on curve8300,bold9000 It works well on simulator but does not fetches value on device till i manually do not refresh my gps. thanks in advance!!!!!!!!!!!!!!!!

    Read the article

  • How do I temporarily reference a new web host using my existing domain name?

    - by Alex Angas
    On provider A I have an existing web hosting account running my site. On provider B I have my domain name registered pointing to the web hosting on provider A. I've just purchased a web hosting account with provider B and want to move my site there. Is there a way to temporarily use my domain name to point to provider B while I set up the site (e.g. just from my computer)? I tried to change the HOSTS file (Windows) and while pings resolved to what I set, HTTP requests don't.

    Read the article

  • Moving between sites using SAML

    - by System Down
    I'm tasked with developing an SSO system, and was guided towards using the SAML spec. After some research I think understand the interaction between a Service Provider and an ID Provider and how a user's identity is confirmed. But what happens when I redirect the user to another Service Provider? How do I ascertain the user's identity there? Do I send his SAML assertion tokens along with the redirect request? Or does the second Service Provider need to contact the ID Provider all over again?

    Read the article

  • Getting an 'Microsoft.ACE.OLEDB.12.0' provider is not registered on the local machine error when I tried hosting on Azure Servers

    - by user1864888
    I am hosting a web application which uses OLEDB 12 to read an Excel file, but getting the error "'Microsoft.ACE.OLEDB.12.0' provider is not registered on the local machine". Wonder if I should use lower version of OLEDB or Azure does not support OLEDB services at all. Before rewriting the program, just wanted to see if anyone knows a better alternative. I am using Visual Studio 2010 for my development. Thanks in Advance.

    Read the article

  • Troubles with my open id provider. How to debug ?

    - by Stefano Borini
    I have my own openid provider on my website, with phpmyid. It worked flawlessly until now, but apparently now it's not working anymore. I am unable to login anywhere I tried. How can I debug what's going on, to understand where's the problem ? I can add more details if required, but if I can figure it out by myself without having to paste stuff it would be better.

    Read the article

  • how do you load a file into a content provider to use the zoom functions???

    - by user357032
    I used the tutorial on this website but i dont really understand how to get the file that i wont to be loaded into it. Does anyone know what i have to do to get a file in my res folder to show up in the webview through the content provider or even another way to do it? http://www.techjini.com/blog/2009/01/10/android-tip-1-contentprovider-accessing-local-file-system-from-webview-showing-image-in-webview-using-content/

    Read the article

  • Using ninject/autofac for a given scenario

    - by sandesh247
    I have some providers, say - <Providers> <Provider Type="Providers.IM" Name="Im"/> <Provider Type="Providers.Web" Name="Web"/> ... </Provider> Each of these providers can give me a session : <Sessions> <Session Name="GoogleIM" Provider="Im" URL="..." /> <Session Name="YahooIM" Provider="Im" URL="..." /> <Session Name="YahooWeb" Provider="Web" URL="..." /> ... </Session> Currently, I instantiate "named" sessions by looking at the provider, instantiating the type, and injecting the URL (manually). I could use a session factory, which would probably have to understand the url and return a proper session. Is there a way to handle this more elegantly/simply with ninject/autofac?

    Read the article

  • Regarding Visual C# MenuItem: Where does the NullReference come from?

    - by Thomas
    Hi All. I have a problem creating MenuItems for a TreeView dynamically: here is the (simplified)code i'm using. public class CTM : TreeNode, IComparable, IComparable<CTM> { public CTM(CTMProvider provider) { this.provider = provider; this.manager = provider.manager; this.IEEEAddress = provider.IEEEAddress; this.endpoint = provider.state._conn.RemoteEndPoint; this.Text = String.Format("CTM: {0} {0}", IEEEAddress, ((System.Net.IPEndPoint)endpoint).ToString()); try { MenuItem meni = System.EventHandler(this.provider.Disconnect)); this.ContextMenu.MenuItems.Add(meni); } catch { Trace.TraceError("Could not create menu item!"); } } } This code always triggers the catch clause with a NullReferenceException. Any Ideas?

    Read the article

  • vb.net .aspxauth

    - by Morgan
    I am working with a large site trying to implement web parts for particular users in a particular subdirectory but I can't get the .ASPXAUTH cookie to be recognized. I've read dozens of tutorials and MS class library pages that tell me how it should work to no avail. I am brand new to Web parts, so I'm sorry if I'm unclear. The idea is that logged in users can travel the site, but then when they go to their dashboard, they are programmatically authenticated using Membership and FormsAuthentication to pull up their Personalization. When I step through the code, I can see the cookie being set, and that it exists on the following page, but Membership.GetUser() and User.Identity are both empty. I know the user exists because I created it programmatically using Membership.CreateUser() and I can see it when I do Membership.GetAllUsers() and it's online when i use Membership.GetUser(username) but the Personalization doesn't work. Right now, I'm just trying to get the proof of concept going. I've tried creating the ticket and cookie myself, and also using SetAuthCookie() (code follows). I really just need a clue as to what to look for. Here's the "login" page... If Membership.ValidateUser(testusername, testpassword) Then -- Works FormsAuthentication.SetAuthCookie(testusername, true) Response.Redirect("webpartsdemo1.aspx", False) End If And the next page (webpartsdemo1.aspx) Dim cookey As String = ".ASPXAUTH" lblContent.Text &= "<br><br>" & Request.Cookies(cookey).Name & " Details" lblContent.Text &= "<br>path = " & Request.Cookies(cookey).Path lblContent.Text &= "<br>domain = " & Request.Cookies(cookey).Domain lblContent.Text &= "<br>expires = " & Request.Cookies(cookey).Expires lblContent.Text &= "<br>Secure only? " & Request.Cookies(cookey).Secure lblContent.Text &= "<br>HTTP only? = " & Request.Cookies(cookey).HttpOnly lblContent.Text &= "<br>Has subkeys? " & Request.Cookies(cookey).HasKeys lblContent.Text &= "<br/><br/>request authenticated? " & Request.IsAuthenticated.ToString lblContent.Text &= " Getting user<br/>Current User: " Dim muGidget As MembershipUser If Request.IsAuthenticated Then muGidget = Membership.GetUser lblContent.Text &= Membership.GetUser().UserName Else lblContent.Text &= "none found" End If Output: .ASPXAUTH Details path = / domain = expires = 12:00:00 AM Secure only? False HTTP only? = False Has subkeys? False request authenticated? False Getting user Current User: none found Sorry to go on so long. Thanks for any help you can provide.

    Read the article

  • how to refactor user-permission system?

    - by John
    Sorry for lengthy question. I can't tell if this should be a programming question or a project management question. Any advice will help. I inherited a reasonably large web project (1 year old) from a solo freelancer who architected it then abandoned it. The project was a mess, but I cleaned up what I could, and now the system is more maintainable. I need suggestions on how to extend the user-permission system. As it is now, the database has a t_user table with the column t_user.membership_type. Currently, there are 4 membership types with the following properties: 3 of the membership types are almost functionally the same, except for the different monthly fees each must pay 1 of the membership type is a "fake-user" type which has limited access ( different business logic also applies) With regards to the fake-user type, if you look in the system's business logic files, you will see a lot of hard-coded IF statements that do something like if (fake-user) { // do something } else { // a paid member of type 1,2 or 3 // proceed normally } My client asked me to add 3 more membership types to the system, each of them with unique features to be implemented this month, and substantive "to-be-determined" features next month. My first reaction is that I need to refactor the user-permission system. But it concerns me that I don't have enough information on the "to-be-determined" membership type features for next month. Refactoring the user-permission system will take a substantive amount of time. I don't want to refactor something and throw it out the following month. I get substantive feature requests on a monthly basis that come out of the blue. There is no project road map. I've asked my client to provide me with a roadmap of what they intend to do with the new membership types, but their answer is along the lines of "We just want to do [feature here] this month. We'll think of something new next month." So questions that come to mind are: 1) Is it dangerous for me to refactor the user permission system not knowing what membership type features exist beyond a month from now? 2) Should I refactor the user permission system regardless? Or just continue adding IF statements as needed in all my controller files? Or can you recommend a different approach to user permission systems? Maybe role-based ? 3) Should this project have a road map? For a 1 year old project like mine, how far into the future should this roadmap project? 4) Any general advice on the best way to add 3 new membership types?

    Read the article

  • How to point subdomain to a nameserver?

    - by vonconrad
    I've got an old crusty WHM/cPanel server which I'm trying to get rid of. I've got a new setup on shared hosting which is much cheaper in the long run. The problem is that there are a bunch of websites on the server whose domains I don't have access to. They're currently pointing to name servers of my domain (ns.mydomain.com), but the new provider has their own name servers (ns.provider.com) which I have to use instead. My initial idea was to set up a CNAME to point my name server to my provider's: ns.mydomain.com CNAME ns.provider.com, but I read in this question that this would be a bad idea. The accepted answer suggests using an A record instead, and I want to make sure how this would work. Assuming ns.provider.com has an IP address of 123.123.123.123, is it just a matter of doing ns.mydomain.com A 123.123.123.123? Is there any way the provider could block those requests as the name server domain technically doesn't belong to them?

    Read the article

  • Using the OAM Mobile & Social SDK to secure native mobile apps - Part 2 : OAM Mobile & Social Server configuration

    - by kanishkmahajan
    Objective  In the second part of this blog post I'll now cover configuration of OAM to secure our sample native apps developed using the iOS SDK. First, here are some key server side concepts: Application Profiles: An application profile is a logical representation of your application within OAM server. It could be a web (html/javascript) or native (iOS or Android) application. Applications may have different requirements for AuthN/AuthZ, and therefore each application that interacts with OAM Mobile & Social REST services must be uniquely defined. Service Providers: Service providers represent the back end services that are accessed by applications. With OAM Mobile & Social these services are in the areas of authentication, authorization and user profile access. A Service Provider then defines a type or class of service for authentication, authorization or user profiles. For example, the JWTAuthentication provider performs authentication and returns JWT (JSON Web Tokens) to the application. In contrast, the OAMAuthentication also provides authentication but uses OAM SSO tokens Service Profiles:  A Service Profile is a logical envelope that defines a service endpoint URL for a service provider for the OAM Mobile & Social Service. You can create multiple service profiles for a service provider to define token capabilities and service endpoints. Each service provider instance requires atleast one corresponding service profile.The  OAM Mobile & Social Service includes a pre-configured service profile for each pre-configured service provider. Service Domains: Service domains bind together application profiles and service profiles with an optional security handler. So now let's configure the OAM server. Additional details are in the OAM Documentation and this post simply provides an outline of configuration tasks required to configure OAM for securing native apps.  Configuration  Create The Application Profile Log on to the Oracle Access Management console and from System Configuration -> Mobile and Social -> Mobile Services, select "Create" under Application Profiles. You would do this  step twice - once for each of the native apps - AvitekInventory and AvitekScheduler. Enter the parameters for the new Application profile: Name:  The application name. In this example we use 'InventoryApp' for the AvitekInventory app and 'SchedulerApp' for the AvitekScheduler app. The application name configured here must match the application name in the settings for the deployed iOS application. BaseSecret: Enter a password here. This does not need to match any existing password. It is used as an encryption key between the client and the OAM server.  Mobile Configuration: Enable this checkbox for any mobile applications. This enables the SDK to collect and send Mobile specific attributes to the OAM server.  Webview: Controls the type of browser that the iOS application will use. The embedded browser (default) will render the browser within the application. External will use the system standalone browser. External can sometimes be preferable for debugging URLScheme: The URL scheme associated with the iOS apps that is also used as a custom URL scheme to register O/S handlers that will take control when OAM transfers control to device. For the AvitekInventory and the AvitekScheduler apps I used osa:// and client:// respectively. You set this scheme in Xcode while developing your iOS Apps under Info->URL Types.  Bundle Identifier : The fully qualified name of your iOS application. You typically set this when you create a new Xcode project or under General->Identity in Xcode. For the AvitekInventory and AvitekScheduler apps these were com.us.oracle.AvitekInventory and com.us.oracle.AvitekScheduler respectively.  Create The Service Domain Select create under Service domains. Create a name for your domain (AvitekDomain is what I've used). The name configured must match the service domain set in the iOS application settings. Under "Application Profile Selection" click the browse button. Choose the application profiles that you created in the previous step one by one. Set the InventoryApp as the SSO agent (with an automatic priority of 1) and the SchedulerApp as the SSO client. This associates these applications with this service domain and configures them in a 'circle of trust'.  Advance to the next page of the wizard to configure the services for this domain. For this example we will use the following services:  Authentication:   This will use the JWT (JSON Web Token) format authentication provider. The iOS application upon successful authentication will receive a signed JWT token from OAM Mobile & Social service. This token will be used in subsequent calls to OAM. Use 'MobileOAMAuthentication' here. Authorization:  The authorization provider. The SDK makes calls to this provider endpoint to obtain authorization decisions on resource requests. Use 'OAMAuthorization' here. User Profile Service:  This is the service that provides user profile services (attribute lookup, attribute modification). It can be any directory configured as a data source in OAM.  And that's it! We're done configuring our native apps. In the next section, let's look at some additional features that were mentioned in the earlier post that are automated by the SDK for the app developer i.e. these are areas that require no additional coding by the app developer when developing with the SDK as they only require server side configuration: Additional Configuration  Offline Authentication Select this option in the service domain configuration to allow users to log in and authenticate to the application locally. Clear the box to block users from authenticating locally. Strong Authentication By simply selecting the OAAMSecurityHandlerPlugin while configuring mobile related Service Domains, the OAM Mobile&Social service allows sophisticated device and client application registration logic as well as the advanced risk and fraud analysis logic found in OAAM to be applied to mobile authentication. Let's look at some scenarios where the OAAMSecurityHandlerPlugin gets used. First, when we configure OAM and OAAM to integrate together using the TAP scheme, then that integration kicks off by selecting the OAAMSecurityHandlerPlugin in the mobile service domain. This is how the mobile device is now prompted for KBA,OTP etc depending on the TAP scheme integration and the OAM users registered in the OAAM database. Second, when we configured the service domain, there were claim attributes there that are already pre-configured in OAM Mobile&Social service and we simply accepted the default values- these are the set of attributes that will be fetched from the device and passed to the server during registration/authentication as device profile attributes. When a mobile application requests a token through the Mobile Client SDK, the SDK logic will send the Device Profile attributes as a part of an HTTP request. This set of Device Profile attributes enhances security by creating an audit trail for devices that assists device identification. When the OAAM Security Plug-in is used, a particular combination of Device Profile attribute values is treated as a device finger print, known as the Digital Finger Print in the OAAM Administration Console. Each finger print is assigned a unique fingerprint number. Each OAAM session is associated with a finger print and the finger print makes it possible to log (and audit) the devices that are performing authentication and token acquisition. Finally, if the jail broken option is selected while configuring an application profile, the SDK detects a device is jail broken based on configured policy and if the OAAM handler is configured the plug-in can allow or block access to client device depending on the OAAM policy as well as detect blacklisted, lost or stolen devices and send a wipeout command that deletes all the mobile &social relevant data and blocks the device from future access. 1024x768 Social Logins Finally, let's complete this post by adding configuration to configure social logins for mobile applications. Although the Avitek sample apps do not demonstrate social logins this would be an ideal exercise for you based on the sample code provided in the earlier post. I'll cover the server side configuration here (with Facebook as an example) and you can retrofit the code to accommodate social logins by following the steps outlined in "Invoking Authentication Services" and add code in LoginViewController and maybe create a new delegate - AvitekRPDelegate based on the description in the previous post. So, here all you will need to do is configure an application profile for social login, configure a new service domain that uses the social login application profile, register the app on Facebook and finally configure the Facebook OAuth provider in OAM with those settings. Navigate to Mobile and Social, click on "Internet Identity Services" and create a new application profile. Here are the relevant parameters for the new application profile (-also we're not registering the social user in OAM with this configuration below, however that is a key feature as well): Name:  The application name. This must match the name of the of mobile application profile created for your application under Mobile Services. We used InventoryApp for this example. SharedSecret: Enter a password here. This does not need to match any existing password. It is used as an encryption key between the client and the OAM Mobile and Social service.  Mobile Application Return URL: After the Relying Party (social) login, the OAM Mobile & Social service will redirect to the iOS application using this URI. This is defined under Info->URL type and we used 'osa', so we define this here as 'osa://' Login Type: Choose to allow only internet identity authentication for this exercise. Authentication Service Endpoint : Make sure that /internetidentityauthentication is selected. Login to http://developers.facebook.com using your Facebook account and click on Apps and register the app as InventoryApp. Note that the consumer key and API secret gets generated automatically by the Facebook OAuth server. Navigate back to OAM and under Mobile and Social, click on "Internet Identity Services" and edit the Facebook OAuth Provider. Add the consumer key and API secret from the Facebook developers site to the Facebook OAuth Provider: Navigate to Mobile Services. Click on New to create a new service domain. In this example we call the domain "AvitekDomainRP". The type should be 'Mobile Application' and the application credential type 'User Token'. Add the application "InventoryApp" to the domain. Advance the next page of the wizard. Select the  default service profiles but ensure that the Authentication Service is set to 'InternetIdentityAuthentication'. Finish the creation of the service domain.

    Read the article

  • makecert gives "Fail to acquire a security provider from the issuer's certificate" - why?

    - by mark
    Dear ladies and sirs. Observe this simple batch file: makecert -n "CN=MyCA" -sr localmachine -ss root -a sha1 -cy authority -r -sv MyCA.pvk MyCA.cer del MyCA.pvk del MyCA.cer makecert -n "CN=il-mark-lt" -sr localmachine -ss my -cy end -pe -sky exchange -a sha1 -is root -ir localmachine -in MyCA However, the last makecert fails with the following error message: Error: Fail to acquire a security provider from the issuer's certificate How do I troubleshoot it? Any ideas? BTW, the first makecert succeeds. Of course, I delete it again, before running the commands again. Thanks. EDIT1 I understood the reasons for the failure. The second command expects the file MyCA.pvk to exist, but I do not want to keep it around. So, what can I do?

    Read the article

  • Using AppFabric session state provider, does each session get its own region?

    - by goombaloon
    I've been playing around with AppFabric Beta 2's session state provider. It appears that each new session get its own region (named "Default_Region_XXXX" (where XXXX is an apparent random sequence of numbers). If I understand regions correctly, it appears that each region is tied to a single cluster host, leaving a single point of failure. Why is each session being given it own region? Also, do sessions eventually timeout and clean themselves up in the cache or is that behavior just inherited from the cache settings? I'm wondering (if in a production application scenario), if one would use a separate named cache for session state apart from other application caches? Thanks.

    Read the article

< Previous Page | 27 28 29 30 31 32 33 34 35 36 37 38  | Next Page >