Search Results

Search found 13853 results on 555 pages for 'soa security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 348/555 | < Previous Page | 344 345 346 347 348 349 350 351 352 353 354 355  | Next Page >

  • Using OpenID as the only authentication method

    - by iconiK
    I have read the other questions and they mostly talk about the security of doing so. That's not entirely my concern, mostly because the website is question is a browser-based game. However, the larger issue is the user - not every user is literate enough to understand OpenID. Sure RPX makes this pretty easy, which is what I'll use, but what if the user does not have an account at Google or Facebook or whatever, or does not trust the system to log in with an existing account? They'd have to get an account at another provide - I'm sure most will know how to do it, let alone be bothered to do it. There is also the problem of how to manage it in the application. A user might want to use multiple identities with a single account, so it's not as simple as username + password to deal with. How do I store the OpenID identities of a user in the database? Using OpenID gives me a benefit too: RPX can provide extensive profile information, so I can just prefill the profile form and ask the user to edit as required. I currently have this: UserID Email ------ --------------- 86000 [email protected] 86001 [email protected] UserOpenID OpenID ---------- ------ 86000 16733 86001 16839 86002 19361 OpenID Provider Identifier ------ -------- ---------------- 16733 Yahoo https:\\me.yahoo.com\bob#d36bd 16839 Yahoo https:\\me.yahoo.com\bigbobby#x75af 19361 Yahoo https:\\me.yahoo.com\alice#c19fd Is that the right way to store OpenID identifiers in the database? How would I match the identifier RPX gave me with one in the database to log in the user (if the identifier is known). So here are concrete questions: How would I make it accessible to users not having an OpenID or not wanting to use one? (security concerns over say, logging in with their Google account for example) How do I store the identifier in the database? (I'm not sure if the tables above are right) What measures do I need to take in order to prevent someone from logging in as another user and happily doing anything with their account? (as I understand RPX sends the identifier via HTTP, so what anyone would have to do is to just somehow grab it then enter it in the "OpenID" field) What else do I need to be aware of when using OpenID?

    Read the article

  • Incorrect XML produced by SUDS

    - by Ben
    Hi, I am trying to talk to a SOAP web service using SUDS and Python. After lots of messing around learning Python (yes I am new to this) and working out how to use SUDS I have come across a problem. The signature of the web method I am calling, according to suds, is (FWTCaseCreate){ ClassificationEventCode = None Priority = None Title = None Description = None Queue = None DueDate = None AssociatedObject = (FWTObjectBriefDetails){ ObjectID = (FWTObjectID){ ObjectType = None ObjectReference[] = <empty> } ObjectDescription = None Details = None Category = None } Form = (FWTCaseForm){ FormField[] = <empty> FormName = None FormKey = None } Internal = None InteractionID = None XCoord = None YCoord = None } So I use SUDS to create the classes that I want and send it to the method. However I get an error. So I turned logging on and I can see that the XML that is being sent is not correct which is causing a deserialize error. The SOAP package looks like the following <?xml version="1.0" encoding="UTF-8"?> <SOAP-ENV:Envelope xmlns:ns0="http://www.lagan.com/wsdl/FLTypes" xmlns:ns1="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"> <SOAP-ENV:Header> <wsse:Security> <wsse:BinarySecurityToken>eaadf1ddff99a8</wsse:BinarySecurityToken> </wsse:Security> </SOAP-ENV:Header> <ns1:Body> <ns0:FWTCaseCreate> <ClassificationEventCode> <ClassificationEventCode>2000023</ClassificationEventCode> <Priority>1</Priority> <Title>testing</Title> <Description>testing</Description> <Queue/> <Internal>True</Internal> <XCoord>356570</XCoord> <YCoord>168708</YCoord> </ClassificationEventCode> </ns0:FWTCaseCreate> </ns1:Body> As you can see there is a 'ClassificationEventCode' element around all the other elements, this should not be there. If I cut and paste this xml into SOAPUI and first remove this element and then post it directly to the web service it works successfully. Does anyone have any ideas why this is happening? I guess SUDS thinks that it should be there based on the WSDL. Thanks.

    Read the article

  • How do I repair the corrupted files found by sfc /scannow? "Windows Resource Protection found corrupt files but was unable to fix some of them."

    - by galacticninja
    After running chkdsk C: /F /R and finding out that my hard disk has 24 KB in bad sectors (log is posted below), I decided to run Windows 7's System File Checker utility (sfc /scannow). SFC showed the ff. message after I ran it: "Windows Resource Protection found corrupt files but was unable to fix some of them. Details are included in the CBS.Log windir\Logs\CBS\CBS.log." Since the CBS.log file is too large, I ran findstr /c:"[SR]" %windir%\Logs\CBS\CBS.log >"%userprofile%\Desktop\sfcdetails.txt" (as per Microsoft's KB 928228 article) to only get the log text pertaining to the corrupt files. (log is also posted below) How do I troubleshoot and repair the corrupted files mentioned by sfc /scannow? My OS is Windows 7, 64-bit. chkdsk log Checking file system on C: The type of the file system is NTFS. A disk check has been scheduled. Windows will now check the disk. CHKDSK is verifying files (stage 1 of 5)... 936192 file records processed. File verification completed. 25238 large file records processed. 0 bad file records processed. 4 EA records processed. 44 reparse records processed. CHKDSK is verifying indexes (stage 2 of 5)... 1051640 index entries processed. Index verification completed. 0 unindexed files scanned. 0 unindexed files recovered. CHKDSK is verifying security descriptors (stage 3 of 5)... 936192 file SDs/SIDs processed. Cleaning up 24 unused index entries from index $SII of file 0x9. Cleaning up 24 unused index entries from index $SDH of file 0x9. Cleaning up 24 unused security descriptors. Security descriptor verification completed. 57725 data files processed. CHKDSK is verifying Usn Journal... 36994248 USN bytes processed. Usn Journal verification completed. CHKDSK is verifying file data (stage 4 of 5)... 936176 files processed. File data verification completed. CHKDSK is verifying free space (stage 5 of 5)... 306238 free clusters processed. Free space verification is complete. Adding 1 bad clusters to the Bad Clusters File. Correcting errors in the Volume Bitmap. Windows has made corrections to the file system. 488282111 KB total disk space. 485595420 KB in 766458 files. 401856 KB in 57726 indexes. 24 KB in bad sectors. 1059863 KB in use by the system. 65536 KB occupied by the log file. 1224948 KB available on disk. 4096 bytes in each allocation unit. 122070527 total allocation units on disk. 306237 allocation units available on disk. Internal Info: 00 49 0e 00 81 93 0c 00 34 01 17 00 00 00 00 00 .I......4....... 6b 29 00 00 2c 00 00 00 00 00 00 00 00 00 00 00 k)..,........... 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ sfc /scannow log (through findstr /c:"[SR]" %windir%\Logs\CBS\CBS.log >"%userprofile%\Desktop\sfcdetails.txt") Note: The full log is at http://pastebin.com/raw.php?i=gTEGZmWj . I've only quoted parts of the full log below (mostly from the last part), as the full log won't fit within the character limit for questions. I've added it to serve as a preview. ... 2013-12-28 19:37:50, Info CSI00000542 [SR] Beginning Verify and Repair transaction 2013-12-28 19:37:55, Info CSI00000544 [SR] Verify complete 2013-12-28 19:37:56, Info CSI00000545 [SR] Verifying 95 (0x000000000000005f) components 2013-12-28 19:37:56, Info CSI00000546 [SR] Beginning Verify and Repair transaction 2013-12-28 19:38:03, Info CSI00000548 [SR] Verify complete 2013-12-28 19:38:03, Info CSI00000549 [SR] Repairing 43 (0x000000000000002b) components 2013-12-28 19:38:03, Info CSI0000054a [SR] Beginning Verify and Repair transaction ... 2013-12-28 19:38:15, Info CSI00000730 [SR] Could not reproject corrupted file [ml:520{260},l:84{42}]"\??\C:\Windows\System32\migwiz\dlmanifests"\[l:62{31}]"GroupPolicy-Admin-Gpedit-DL.man"; source file in store is also corrupted 2013-12-28 19:38:15, Info CSI00000733 [SR] Could not reproject corrupted file [ml:520{260},l:84{42}]"\??\C:\Windows\System32\migwiz\dlmanifests"\[l:30{15}]"frs-core-DL.man"; source file in store is also corrupted 2013-12-28 19:38:15, Info CSI00000736 [SR] Could not reproject corrupted file [ml:520{260},l:84{42}]"\??\C:\Windows\System32\migwiz\dlmanifests"\[l:26{13}]"gpmgmt-DL.man"; source file in store is also corrupted 2013-12-28 19:38:15, Info CSI00000739 [SR] Could not reproject corrupted file [ml:520{260},l:84{42}]"\??\C:\Windows\System32\migwiz\dlmanifests"\[l:74{37}]"MediaServer-ASPAdmin-Migration-DL.man"; source file in store is also corrupted 2013-12-28 19:38:15, Info CSI0000073c [SR] Could not reproject corrupted file [ml:520{260},l:84{42}]"\??\C:\Windows\System32\migwiz\dlmanifests"\[l:36{18}]"Ldap-Client-DL.man"; source file in store is also corrupted 2013-12-28 19:38:15, Info CSI0000073f [SR] Could not reproject corrupted file [ml:520{260},l:84{42}]"\??\C:\Windows\System32\migwiz\dlmanifests"\[l:38{19}]"iSNS_Service-DL.man"; source file in store is also corrupted 2013-12-28 19:38:15, Info CSI00000742 [SR] Could not reproject corrupted file [ml:520{260},l:84{42}]"\??\C:\Windows\System32\migwiz\dlmanifests"\[l:76{38}]"MediaServer-Multicast-Migration-DL.man"; source file in store is also corrupted 2013-12-28 19:38:15, Info CSI00000745 [SR] Could not reproject corrupted file [ml:520{260},l:84{42}]"\??\C:\Windows\System32\migwiz\dlmanifests"\[l:78{39}]"Kerberos-Key-Distribution-Center-DL.man"; source file in store is also corrupted 2013-12-28 19:38:15, Info CSI00000748 [SR] Could not reproject corrupted file [ml:520{260},l:84{42}]"\??\C:\Windows\System32\migwiz\dlmanifests"\[l:86{43}]"GroupPolicy-CSE-SoftwareInstallation-DL.man"; source file in store is also corrupted 2013-12-28 19:38:15, Info CSI0000074b [SR] Could not reproject corrupted file [ml:520{260},l:84{42}]"\??\C:\Windows\System32\migwiz\dlmanifests"\[l:28{14}]"ieframe-dl.man"; source file in store is also corrupted 2013-12-28 19:38:15, Info CSI0000074e [SR] Could not reproject corrupted file [ml:520{260},l:84{42}]"\??\C:\Windows\System32\migwiz\dlmanifests"\[l:76{38}]"GroupPolicy-Admin-Gpedit-Snapin-DL.man"; source file in store is also corrupted 2013-12-28 19:38:15, Info CSI00000751 [SR] Could not reproject corrupted file [ml:520{260},l:84{42}]"\??\C:\Windows\System32\migwiz\dlmanifests"\[l:32{16}]"IPSec-Svc-DL.man"; source file in store is also corrupted 2013-12-28 19:38:15, Info CSI00000754 [SR] Could not reproject corrupted file [ml:520{260},l:84{42}]"\??\C:\Windows\System32\migwiz\dlmanifests"\[l:22{11}]"HTTP-DL.man"; source file in store is also corrupted 2013-12-28 19:38:15, Info CSI00000757 [SR] Could not reproject corrupted file [ml:520{260},l:84{42}]"\??\C:\Windows\System32\migwiz\dlmanifests"\[l:56{28}]"MediaServer-Migration-DL.man"; source file in store is also corrupted 2013-12-28 19:38:15, Info CSI0000075a [SR] Could not reproject corrupted file [ml:520{260},l:84{42}]"\??\C:\Windows\System32\migwiz\dlmanifests"\[l:26{13}]"GPBase-DL.man"; source file in store is also corrupted 2013-12-28 19:38:15, Info CSI0000075d [SR] Could not reproject corrupted file [ml:520{260},l:84{42}]"\??\C:\Windows\System32\migwiz\dlmanifests"\[l:38{19}]"IasMigPlugin-DL.man"; source file in store is also corrupted 2013-12-28 19:38:15, Info CSI00000760 [SR] Could not reproject corrupted file [ml:520{260},l:84{42}]"\??\C:\Windows\System32\migwiz\dlmanifests"\[l:50{25}]"International-Core-DL.man"; source file in store is also corrupted 2013-12-28 19:38:16, Info CSI00000762 [SR] Cannot repair member file [l:24{12}]"wbemdisp.dll" of Microsoft-Windows-WMI-Scripting, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch 2013-12-28 19:38:16, Info CSI00000763 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery" 2013-12-28 19:38:16, Info CSI00000766 [SR] Could not reproject corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\SysWOW64\wbem"\[l:24{12}]"wbemdisp.dll"; source file in store is also corrupted 2013-12-28 19:38:16, Info CSI00000768 [SR] Cannot repair member file [l:56{28}]"Microsoft.MediaCenter.UI.dll" of Microsoft.MediaCenter.UI, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_MSIL (8), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch 2013-12-28 19:38:16, Info CSI00000769 [SR] This component was referenced by [l:176{88}]"Microsoft-Windows-MediaCenter-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.MediaCenter" 2013-12-28 19:38:16, Info CSI0000076c [SR] Could not reproject corrupted file [ml:520{260},l:40{20}]"\??\C:\Windows\ehome"\[l:56{28}]"Microsoft.MediaCenter.UI.dll"; source file in store is also corrupted 2013-12-28 19:38:16, Info CSI0000076e [SR] Cannot repair member file [l:24{12}]"ReAgentc.exe" of Microsoft-Windows-WinRE-RecoveryTools, Version = 6.1.7601.17514, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch 2013-12-28 19:38:16, Info CSI0000076f [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery" 2013-12-28 19:38:16, Info CSI00000772 [SR] Could not reproject corrupted file [ml:48{24},l:46{23}]"\??\C:\Windows\SysWOW64"\[l:24{12}]"ReAgentc.exe"; source file in store is also corrupted 2013-12-28 19:38:16, Info CSI00000774 [SR] Cannot repair member file [l:82{41}]"System.Management.Automation.dll-Help.xml" of Microsoft-Windows-PowerShell-PreLoc.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch 2013-12-28 19:38:16, Info CSI00000775 [SR] This component was referenced by [l:266{133}]"Microsoft-Windows-Client-Features-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Microsoft-Windows-Client-Features-Language-Pack" 2013-12-28 19:38:16, Info CSI00000778 [SR] Could not reproject corrupted file [ml:520{260},l:104{52}]"\??\C:\Windows\System32\WindowsPowerShell\v1.0\en-US"\[l:82{41}]"System.Management.Automation.dll-Help.xml"; source file in store is also corrupted 2013-12-28 19:38:16, Info CSI0000077a [SR] Cannot repair member file [l:18{9}]"hlink.dll" of Microsoft-Windows-HLink, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_INTEL (0), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch 2013-12-28 19:38:16, Info CSI0000077b [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery" 2013-12-28 19:38:16, Info CSI0000077e [SR] Could not reproject corrupted file [ml:48{24},l:46{23}]"\??\C:\Windows\SysWOW64"\[l:18{9}]"hlink.dll"; source file in store is also corrupted 2013-12-28 19:38:16, Info CSI00000780 [SR] Repair complete 2013-12-28 19:38:16, Info CSI00000781 [SR] Committing transaction 2013-12-28 19:38:19, Info CSI00000785 [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction have been successfully repaired

    Read the article

  • Can I use OAuth for a SOAP web service?

    - by Olaseni
    The standard HTTP Authentication for SOAP passed the password etc in cleartext,and I'm looking for an alternative, possibly a key based mechanism to authenticate web services in lieu of the password. OAuth is gaining a lot of popularity; would it be appropriate, and how would I implement it? Or perhaps there are other methods I should use. The project itself is relatively simple, with just a one or two methods to be exposed, but security is of the utmost importance.

    Read the article

  • DNS zone file SPF configuration to support sending mail from multiple servers and gmail

    - by Tauren
    I want to configure SPF on a domain to allow mail to be sent from: the x.com website server (x.com and www.x.com - both at same IP) it's MX servers (smtp.x.com, mx.x.com, mail.x.com) another server that isn't listed as an MX server (somehost.x.com) via gmail using an account that has authenticated use of [email protected] Will this zone file work? If not, what are the problems with it? $ttl 38400 @ IN SOA ns1.x.com. hostmaster.x.com. ( 201003092 ; serial 8H ; refresh 15M ; retry 1W ; expire 1H ) ; minimum @ NS ns1.x.com. @ NS ns2.x.com. @ MX 10 mx.x.com. @ MX 20 smtp.x.com. @ MX 30 mailhost.x.com. ; SPF records @ IN TXT "v=spf1 a mx a:somehost.x.com include:_spf.google.com ~all" mx IN TXT "v=spf1 a -all" smtp IN TXT "v=spf1 a -all" mailhost IN TXT "v=spf1 a -all" Questions: Is _spf.google.com the right thing to include for gmail.com, or is it only for Google Hosted Apps? If only for Google Apps, what should I include to send from gmail.com? If mail shouldn't be sent from anywhere else, is it safe to use -all instead of ~all? Does it make sense to add specific SPF records for each of the mail servers? Any other problems with the zone file? I want to confirm these things before making changes to my zone file. The file has SPF configured basically the same now, just without google.com and somehost, but I want to make sure I won't break things when I change it.

    Read the article

  • Open Source Alternative to ASP.NET membership

    - by Tony Lenzi
    I'm currently supporting a Python web app with increasingly complicated user/role/permission management requirements. Currently, we are rolling our own user, groups, permissions, etc. code and supporting database. I'd like to find something like ASP.NET membership that can help manage user authentication and authorization, rather than risk security issues in continuing to create an increasingly complicated custom solution. Are there any similar projects out there worth taking a look at?

    Read the article

  • dnssec zonesigner ignoring out-of-zone data

    - by jordi12100
    I am trying to configure DNSSec with BIND9 on CentOS 6.4 running DirectAdmin control panel. I am using this tutorial to make it work: https://www.dnssec-tools.org/wiki/index.php/Zonesigner But I can't get it work... When I run this command: zonesigner --genkeys jordikroon.nl.db jordikroon.nl.db.signed I get this error: jordikroon.nl.db:17: ignoring out-of-zone data (jordikroon.nl) jordikroon.nl.db:18: ignoring out-of-zone data (jordikroon.nl) jordikroon.nl.db:22: ignoring out-of-zone data (jordikroon.nl) jordikroon.nl.db:29: ignoring out-of-zone data (jordikroon.nl) jordikroon.nl.db:33: ignoring out-of-zone data (jordikroon.nl) zone jordikroon.nl.db/IN: has no NS records zone jordikroon.nl.db/IN: not loaded due to errors. I can't find anything on the web about this error. This is my zone db file: $TTL 14400 @ IN SOA ns1.ghservers.org. hostmaster.jordikroon.nl. ( 2013090703 14400 3600 1209600 86400 ) jordikroon.nl. 14400 IN NS ns1.ghservers.org. jordikroon.nl. 14400 IN NS ns2.ghservers.org. cp 14400 IN A 85.17.32.228 ftp 14400 IN A 85.17.32.228 jordikroon.nl. 14400 IN A 85.17.32.228 localhost 14400 IN A 127.0.0.1 mail 14400 IN A 85.17.32.228 pop 14400 IN A 85.17.32.228 smtp 14400 IN A 85.17.32.228 www 14400 IN A 85.17.32.228 jordikroon.nl. 14400 IN MX 10 mail jordikroon.nl. 14400 IN TXT "v=spf1 a mx ip4:85.17.32.228 ~all" localhost 14400 IN AAAA ::1 How do I have to fix this? All IN keywords are being ignored. Any help is welcome:-)

    Read the article

  • UnsatisfiedLinkError on Websphere Application Server 6.1 Data Source

    - by user338154
    Hi, I am unable to start the installed App on my WAS instance. I believe the root cause is an UnsatisfiedLinkError which is shown as follows: Caused by: java.lang.UnsatisfiedLinkError: no ocijdbc10 in java.library.path at java.lang.ClassLoader.loadLibrary(ClassLoader.java:1682) at java.lang.Runtime.loadLibrary0(Runtime.java:822) at java.lang.System.loadLibrary(System.java:993) at oracle.jdbc.driver.T2CConnection$1.run(T2CConnection.java:3147) at java.security.AccessController.doPrivileged(Native Method) at oracle.jdbc.driver.T2CConnection.loadNativeLibrary(T2CConnection.java:3143) at oracle.jdbc.driver.T2CConnection.logon(T2CConnection.java:221) at oracle.jdbc.driver.PhysicalConnection.(PhysicalConnection.java:441) at oracle.jdbc.driver.T2CConnection.(T2CConnection.java:132) at oracle.jdbc.driver.T2CDriverExtension.getConnection(T2CDriverExtension.java:78) at oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:801) at oracle.jdbc.pool.OracleDataSource.getPhysicalConnection(OracleDataSource.java:297) at oracle.jdbc.xa.client.OracleXADataSource.getPooledConnection(OracleXADataSource.java:515) at oracle.jdbc.xa.client.OracleXADataSource.getXAConnection(OracleXADataSource.java:159) at oracle.jdbc.xa.client.OracleXADataSource.getXAConnection(OracleXADataSource.java:133) at com.ibm.ws.rsadapter.spi.InternalGenericDataStoreHelper$1.run(InternalGenericDataStoreHelper.java:935) at com.ibm.ws.security.util.AccessController.doPrivileged(AccessController.java:118) at com.ibm.ws.rsadapter.spi.InternalGenericDataStoreHelper.getPooledConnection(InternalGenericDataStoreHelper.java:972) at com.ibm.ws.rsadapter.spi.WSRdbDataSource.getPooledConnection(WSRdbDataSource.java:1625) at com.ibm.ws.rsadapter.spi.WSManagedConnectionFactoryImpl.createManagedConnection(WSManagedConnectionFactoryImpl.java:1220) at com.ibm.ejs.j2c.FreePool.createManagedConnectionWithMCWrapper(FreePool.java:1988) at com.ibm.ejs.j2c.FreePool.createOrWaitForConnection(FreePool.java:1660) at com.ibm.ejs.j2c.PoolManager.reserve(PoolManager.java:2341) at com.ibm.ejs.j2c.ConnectionManager.allocateMCWrapper(ConnectionManager.java:932) at com.ibm.ejs.j2c.ConnectionManager.allocateConnection(ConnectionManager.java:608) at com.ibm.ws.rsadapter.jdbc.WSJdbcDataSource.getConnection(WSJdbcDataSource.java:449) at com.ibm.ws.rsadapter.jdbc.WSJdbcDataSource.getConnection(WSJdbcDataSource.java:418) at org.apache.ojb.broker.accesslayer.ConnectionFactoryAbstractImpl.newConnectionFromDataSource(Unknown Source) at org.apache.ojb.broker.accesslayer.ConnectionFactoryAbstractImpl.lookupConnection(Unknown Source) at org.apache.ojb.broker.accesslayer.ConnectionFactoryManagedImpl.lookupConnection(Unknown Source) at org.apache.ojb.broker.accesslayer.ConnectionManagerImpl.getConnection(Unknown Source) at org.apache.ojb.broker.accesslayer.StatementManager.getPreparedStatement(Unknown Source) at org.apache.ojb.broker.accesslayer.JdbcAccessImpl.executeQuery(Unknown Source) at org.apache.ojb.broker.accesslayer.RsQueryObject.performQuery(Unknown Source) at org.apache.ojb.broker.accesslayer.RsIterator.(Unknown Source) at org.apache.ojb.broker.core.RsIteratorFactoryImpl.createRsIterator(Unknown Source) at org.apache.ojb.broker.core.PersistenceBrokerImpl.getRsIteratorFromQuery(Unknown Source) at org.apache.ojb.broker.core.PersistenceBrokerImpl.getIteratorFromQuery(Unknown Source) at org.apache.ojb.broker.core.QueryReferenceBroker.getCollectionByQuery(Unknown Source) at org.apache.ojb.broker.core.QueryReferenceBroker.getCollectionByQuery(Unknown Source) at org.apache.ojb.broker.core.QueryReferenceBroker.getCollectionByQuery(Unknown Source) at org.apache.ojb.broker.core.PersistenceBrokerImpl.getCollectionByQuery(Unknown Source) at org.apache.ojb.broker.core.DelegatingPersistenceBroker.getCollectionByQuery(Unknown Source) at org.apache.ojb.broker.core.DelegatingPersistenceBroker.getCollectionByQuery(Unknown Source) at com.ascential.xmeta.persistence.orm.impl.ojb.OjbPersistentEObjectPersistenceRegistry.loadPackageCache(OjbPersistentEObjectPersistenceRegistry.java:371) ... 115 more My LD_LIBRARY_PATH variable for the 'was' user is /opt/oracle/product/10.2.0/lib What else should I be checking to fix this error? Please help. Thanks

    Read the article

  • MaxReceivedMessageSize adjusted, but still getting the QuotaExceedException with WCF

    - by djerry
    Hey guys, First of all, i have read the "millions" of post on this site and some blogs/forum post on other websites, and no answer is solving my problem. I'm my app, there's a possibility to import a txt or csv file with data. In the case of the error, the file contains 444 rows (file is 14,5 kB). When i try to send it to the server to process it, i get an QuotaExceedException, telling me to increase MaxReceivedMessageSize. So i changed it to a much higher value, but i'm still getting the same exception. I'm using the same exact items for client and server in system.servicemodel in my config file. Config snippet : <system.serviceModel> <bindings> <netTcpBinding> <binding name="NetTcpBinding_IMonitoringSystemService" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions" hostNameComparisonMode="StrongWildcard" listenBacklog="10" maxBufferPoolSize="2147483647" maxBufferSize="2147483647" maxConnections="500" maxReceivedMessageSize="2147483647"> <readerQuotas maxDepth="32" maxStringContentLength="100000" maxArrayLength="100000" maxBytesPerRead="100000" maxNameTableCharCount="100000" /> <reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false" /> <security mode="Message"> <transport clientCredentialType="Windows" protectionLevel="EncryptAndSign"> <extendedProtectionPolicy policyEnforcement="Never" /> </transport> <message clientCredentialType="Windows" /> </security> </binding> </netTcpBinding> </bindings> <client> <endpoint address="net.tcp://localhost:8000/Monitoring%20Server" binding="netTcpBinding" bindingConfiguration="NetTcpBinding_IMonitoringSystemService" contract="IMonitoringSystemService" > <!--name="NetTcpBinding_IMonitoringSystemService"--> <identity> <userPrincipalName value="DJERRYY\djerry" /> </identity> </endpoint> </client> </system.serviceModel> Can i use this sample for client and server config? And what should i not use in that case. Thanks in advance.

    Read the article

  • Cisco pix command - whats this command mean?

    - by jason clark
    Hi, Anyone know what the following means? I have these two lines in our cisco PIX configuration file but have no references to these IP's anywhere else in the config and cant find a device on the network with them. global (inet) 10 213.228.xxx.xx global (inet) 20 213.228.xxx.xx thanks, Jason (BTW: I've xxx'ed out the remainder of the ip for security :-0 )

    Read the article

  • Aspect oriented Programming?

    - by Jaswant Agarwal
    How can we apply attributes to class fucntion using AOP in C#? UPDATE: I am slightly not clear in what context AOP should be used? As we can use AOP for logging purpose, security(Authentication), please suggest some other scenarios where we can take benefit of AOP Is AOP can be use to share data among different running threads in application process?

    Read the article

  • WCF Service Issue

    - by Om
    Hi, I am facing issue of the WCF Services on staging server. The same service is running perfectly in my local pc. But when i configured the same on staging server it is giving issue saying that: "The communication object, System.ServiceModel.Channels.ServiceChannel, cannot be used for communication, because it is in Faulted state." Is it related to security or anything else? How can i fix the issue? Regards, Om

    Read the article

  • Should you do validation checks that go outside the possiblility of normal user activity?

    - by Scarface
    Hey guys I have been thinking about form security a lot lately. I have been told time and time again to check if form input is a number if you are expecting a number or escape it in case (unless you use proper mysqli formatting) to avoid injection. 1.After the safety checks are done, should I do additional logic checks? For example, if the user is sending a friend request to them-self for example even if my user interface will not show the form if the user is looking at their own page.

    Read the article

  • Best practices to store CreditCard information into DataBase

    - by Garis Suero
    In my country the online payments are not an old thing, the first time i saw a web application taking payments directly to a local bank account was last year. So, Im a newbie coding web payment system. My question is, what are the best practices to store creditcard information into the database... I have many ideas: encrypting the creditcard, database security restriction, etc. What have you done?

    Read the article

  • OLEDB connection to Access database using DSN

    - by somu
    i want oledb connection using Dsn. I used the following code 'Dsn Create dbRegBase.RegisterDatabase("GEMINI", "Microsoft Access Driver (*.mdb)", True,DBQ=D:\Gemini\GEMINI\database\paints_01_2008-2009.mdb Description=Greenchip Technologies ODBC Database File Path OemToAnsi=No UID=admin PWD=XXXXXX conection code Provider=Microsoft.Jet.OLEDB.4.0;DBQ ='GEMINI';Persist Security Info=False;Jet OleDB:Database Password = XXXXXX But Error come error name is "Could not find installable ISAM" what i do . please tell me.

    Read the article

  • Access to Windows 7 log from a remote machine [closed]

    - by robob
    I'm trying to access with EventViewer (from a Windows XP Prof) to a remote machine with Windows 7 (Seven). Before I started the Service "RemoteRegistry" I received an "Access Denied". After started the service I can connet to the machine Log (in EventViewer app) but when i clik on any log as "Application" or "Security" I receive a "privilege" error. Could someone help me, please?

    Read the article

  • How to run an application as root without asking for an admin password?

    - by kvaruni
    I am writing a program in Objective-C (XCode 3.2, on Snow Leopard) that is capable of either selectively blocking certain sites for a duration or only allow certain sites (and thus block all others) for a duration. The reasoning behind this program is rather simple. I tend to get distracted when I have full internet access, but I do need internet access during my working hours to get to a number of work-related websites. Clearly, this is not a permanent block, but only helps me to focus whenever I find myself wandering a bit too much. At the moment, I am using a Unix script that is called via AppleScript to obtain Administrator permissions. It then activates a number of ipfw rules and clears those after a specific duration to restore full internet access. Simple and effective, but since I am running as a standard user, it gets cumbersome to enter my administrator password each and every time I want to go "offline". Furthermore, this is a great opportunity to learn to work with XCode and Objective-C. At the moment, everything works as expected, minus the actual blocking. I can add a number of sites in a list, specify whether or not I want to block or allow these websites and I can "start" the blocking by specifying a time until which I want to stay "offline". However, I find it hard to obtain clear information on how I can run a privileged Unix command from Objective-C. Ideally, I would like to be able to store information with respect to the Administrator account into the Keychain to use these later on, so that I can simply move into "offline" mode with the convenience of clicking a button. Even more ideally, there might be some class in Objective-C with which I can block access to some/all websites for this particular user without needing to rely on privileged Unix commands. A third possibility is in starting this program with root permissions and the reducing the permissions until I need them, but since this is a GUI application that is nested in the menu bar of OS X, the results are rather awkward and getting it to run each and every time with root permission is no easy task. Anyone who can offer me some pointers or advice? Please, no security-warnings, I am fully aware that what I want to do is a potential security threat.

    Read the article

  • Should We Mask Passwords?

    - by Abi Noda
    From Jacob Nielson's "Stop Password Masking": Usability suffers when users type in passwords and the only feedback they get is a row of bullets. Typically, masking passwords doesn't even increase security, but it does cost you business due to login failures. What do you guys think?

    Read the article

  • Spring redirecting back to referrer

    - by Eqbal
    I have some resources in my application that require redirection to another resource (form) if some context information is not set. After the context gets set (requires two user steps), I need to redirect back to the requested resource. How do I achieve that. I am using annotation based controllers in Spring 3. Is org.springframework.security.web.savedrequest.HttpSessionRequestCache of any use.

    Read the article

  • Why can't I get my Azure, WCF, REST, SSL project working? What am I doing wrong?

    - by Mark E
    I'm trying to get SSL, WCF and REST under Azure, but the page won't even load. Here are the steps I followed: 1) I mapped the www.mydomain.com CNAME to my azuresite.cloudapp.net 2) I procured an SSL certificate for www.mydomain.com and properly installed it at my azuresite.cloudapp.net hosted service project 3) I deployed my WCF REST service to Azure and started it. Below is my web.config configuration. The http (non-https) binding version worked correctly. My service URL, http: //www.mydomain .com/service.svc/sessions worked just fine. When I deployed the project with the web.config below, enabling SSL, https: //www.mydomain .com/service.svc/sessions does not even pull up at all. What am I doing wrong? <system.serviceModel> <services> <service name="Service"> <!-- non-https worked just fine --> <!-- <endpoint address="" binding="webHttpBinding" contract="IService" behaviorConfiguration="RestFriendly"> </endpoint> --> <!-- This does not work, what am I doing wrong? --> <endpoint address="" binding="webHttpBinding" bindingConfiguration="TransportSecurity" contract="IService" behaviorConfiguration="RestFriendly"> </endpoint> </service> </services> <behaviors> <endpointBehaviors> <behavior name="RestFriendly"> <webHttp></webHttp> </behavior> </endpointBehaviors> </behaviors> <bindings> <webHttpBinding> <binding name="TransportSecurity"> <security mode="Transport"> <transport clientCredentialType="None"/> </security> </binding> </webHttpBinding> </bindings> </system.serviceModel>

    Read the article

  • BIND9 DNS Problems - Not resolving

    - by clone1018
    I host a BIND9 DNS server for my VirtualMin users to use. And It only resolves for 75% of the people. It has been WELL over 1 week now. Here is a sample. $ttl 38400 @ IN SOA axxim.net. root.axxim.net. ( 1274031391 10800 3600 604800 38400 ) @ IN NS axxim.net. day7tech.com. IN A 96.226.216.37 www.day7tech.com. IN A 96.226.216.37 ftp.day7tech.com. IN A 96.226.216.37 m.day7tech.com. IN A 96.226.216.37 localhost.day7tech.com. IN A 127.0.0.1 webmail.day7tech.com. IN A 96.226.216.37 admin.day7tech.com. IN A 96.226.216.37 mail.day7tech.com. IN A 96.226.216.37 day7tech.com. IN MX 5 mail.day7tech.com.

    Read the article

  • MVC 2 AntiForgeryToken - Why symmetric encryption + IPrinciple?

    - by Brad R
    We recently updated our solution to MVC 2, and this has updated the way that the AntiForgeryToken works. Unfortunately this does not fit with our AJAX framework any more. The problem is that MVC 2 now uses symmetric encryption to encode some properties about the user, including the user's Name property (from IPrincipal). We are able to securely register a new user using AJAX, after which subsequent AJAX calls will be invalid as the anti forgery token will change when the user has been granted a new principal. There are also other cases when this may happen, such as a user updating their name etc. My main question is why does MVC 2 even bother using symmetric encryption? Any then why does it care about the user name property on the principal? If my understanding is correct then any random shared secret will do. The basic principle is that the user will be sent a cookie with some specific data (HttpOnly!). This cookie is then required to match a form variable sent back with each request that may have side effects (POST's usually). Since this is only meant to protect from cross site attacks it is easy to craft up a response that would easily pass the test, but only if you had full access to the cookie. Since a cross site attacker is not going to have access to your user cookies you are protected. By using symmetric encryption, what is the advantage in checking the contents of the cookie? That is, if I already have sent an HttpOnly cookie the attacker cannot override it (unless a browser has a major security issue), so why do I then need to check it again? After having a think about it it appears to be one of those 'added layer of security' cases - but if your first line of defence has fallen (HttpOnly) then the attacker is going to get past the second layer anyway as they have full access to the users cookie collection, and could just impersonate them directly, instead of using an indirect XSS/CSRF attack. Of course I could be missing a major issue, but I haven't found it yet. If there are some obvious or subtle issues at play here then I would like to be aware of them.

    Read the article

  • Automated regression tests for java applets?

    - by Roy Tang
    We're working on a project with a number of applets that has to work across a large range of OS (WIndows, Mac, Linux), browsers (IE, FF, Safari, etc) and Java versions (1.5+), and it often happens that a fix we apply will cause some sort of security exception an another platform or some other error. Is there any way for us to prepare automated tests to immediately catch those problems in different platforms? I think it's not necessary to check that the gui parts are appearing as intended, but just to detect whether unexpected exceptions are occuring.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 344 345 346 347 348 349 350 351 352 353 354 355  | Next Page >