Search Results

Search found 11227 results on 450 pages for 'login attempts'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 361/450 | < Previous Page | 357 358 359 360 361 362 363 364 365 366 367 368  | Next Page >

  • How to change enum definition without impacting clients using it in C#

    - by Rohit
    I have the following enum defined. I have used underscores as this enum is used in logging and i don't want to incur the overhead of reflection by using custom attribute.We use very heavy logging. Now requirement is to change "LoginFailed_InvalidAttempt1" to "LoginFailed Attempt1". If i change this enum, i will have to change its value across application. I can replace underscore by a space inside logging SP. Is there any way by which i can change this without affecting whole application.Please suggest. public enum ActionType { None, Created, Modified, Activated, Inactivated, Deleted, Login, Logout, ChangePassword, ResetPassword, InvalidPassword, LoginFailed_LockedAccount, LoginFailed_InActiveAccount, LoginFailed_ExpiredAccount, ForgotPassword, LoginFailed_LockedAccount_InvalidAttempts, LoginFailed_InvalidAttempt1, LoginFailed_InvalidAttempt2, LoginFailed_InvalidAttempt3, ForgotPassword_InvalidAttempt1, ForgotPassword_InvalidAttempt2, ForgotPassword_InvalidAttempt3, SessionTimeOut, ForgotPassword_LockedAccount, LockedAccount, ReLogin, ChangePassword_Due_To_Expiration, ChangePassword_AutoExpired }

    Read the article

  • What can cause forms authentication to forget you are logged in?

    - by metanaito
    I have an asp.net web site that uses forms authentication. When users check the "remember me" it will remember the user if they close the browser and come back. I have the timeout set for a day or so. Recently I've noticed that I can be browsing the site and suddenly it forgets I'm logged in. It does not happen after 20 minutes as I can be actively browsing. My question is, what can cause this to happen? If the server recycles the app or app pool will the login be lost? On my local I can restart my machine and when I come back I'm still logged in.

    Read the article

  • Aren't passwords written in inputbox vulnerable through a stack trace ?

    - by loursonwinny
    Hello, I am not a guru of the stack tracing, at all. I even don't know how to get some. Anyway, I am wondering if entering a password entered in an inputbox is safe. Can't it be retrieved by getting a stack trace ? A password entered that way will be found in many places : Caption property of the TEdit Result of the function which creates the inputbox probably, a variable that stores the Result of the InputBox Command etc... If the answer is "yes, it is a vulnerability", then my world collapses :p. What can be done to avoid that vulnerability hole ? NOTE : The InputBox is an example but it can be with a "homebrewed" login prompt. InputBox is a Delphi command but I haven't tagged the question with the Delphi tag because I suppose that the question concerns any language. Thanks for reading

    Read the article

  • Why does Perl complain "Can't modify constant item in scalar assignment"?

    - by joe
    I have this Perl subroutine that is causing a problem: sub new { my $class = shift; my $ldap_obj = Net::LDAP->new( 'test.company.com' ) or die "$@"; my $self = { _ldap = $ldap_obj, _dn ='dc=users,dc=ldap,dc=company,dc=com', _dn_login = 'dc=login,dc=ldap,dc=company,dc=com', _description ='company', }; # Print all the values just for clarification. bless $self, $class; return $self; } what is wrong on this code : i got this error Can't modify constant item in scalar assignment at Core.pm line 12, near "$ldap_obj,"

    Read the article

  • How to secure images with Rails?

    - by NotDan
    I have a gallery in my rails app that needs to only allow certain images to be shown to specific, logged in users. I am using Paperclip for image processing now, but it saves all images in a public folder available to anyone. Note that I don't have to use Paperclip if there is a better way, and I already have the login system in place. I just need a way to place the images in a non-public location, but still be able to serve them as needed. Is it possible to only allow these images to be served to authenticated users?

    Read the article

  • facebook app development

    - by musoNic80
    I have always developed my projects using MAMP locally and once done simply uploaded everything to a live server. However, I'm wanting to integrate some FB functionality in my current project and I believe I'm correct in saying that it is not possible to fully test FB integration locally. My problem is I don't want to release the project I'm working on until it's finished (or at least nearly finished!) by placing it on a live server. I don't even want people to see a login screen or anything. Is there a way I can upload everything to my domain for testing purposes but prevent anyone apart from me from accessing the site?

    Read the article

  • Form authentication works on dev server but not on IIS

    - by Ilknur
    Hi, We have a similar problem. We have a web application running under default appdomain. It was working fine until a week before...Suddenly it has encountered a problem. Below message is taken from event logs. Event code: 4005 Event message: Forms authentication failed for the request. Reason: The ticket supplied has expired. Application uses FormsAuthentication and gets the roles from aspnetdb.. After the error, when user logins to the page, it does not redirects to the default.aspx. Again login.aspx comes up. On the other hand application works fine on development server(localhost), but not on www(IIS 6.0). Does any one has an idea? Thanks, Ilknur

    Read the article

  • C# Sending cookie in an HttpWebRequest which is redirected

    - by Nir
    I'm looking for a way to work with an API which requires login, and then redirects to another URL. The thing is that so far I've only come up with a way to make 2 Http Requests for each action I want to do: first, get cookie with AllowRedirect=false, then get the actual URI and do a second request with the cookie: HttpWebRequest request = (HttpWebRequest)WebRequest.Create(sUrl); request.AllowAutoRedirect = false; HttpWebResponse response = (HttpWebResponse)request.GetResponse(); string redirectedUrl = response.Headers["Location"]; if (!String.IsNullOrEmpty(redirectedUrl)) { redirectedUrl = "http://www.ApiUrlComesHere.com/" + redirectedUrl; HttpWebRequest authenticatedRequest = (HttpWebRequest)WebRequest.Create(redirectedUrl); authenticatedRequest.Headers["Cookie"] = response.Headers["Set-Cookie"]; response = (HttpWebResponse)request.GetResponse(); } It seems terribly inefficient. Is there another way? Thanks!

    Read the article

  • Getting 403 error when using CSRF filter with tomcat 6.0.32

    - by sps
    This is my filer config in web.xml <filter> <filter-name>CSRFPreventionFilter</filter-name> <filter-class>org.apache.catalina.filters.CsrfPreventionFilter</filter-class> <init-param> <param-name>entryPoints</param-name> <param-value>/login<param-value> </init-param> </filter> <filter-mapping> <filter-name>CSRFPreventionFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter> Am I missing something? Are any code-changes necessary to enable csrf protection in tomcat

    Read the article

  • Security when writing a PHP webservice?

    - by chustar
    I am writing a web service in PHP for the first time and had ran into some security problems. 1) I am planning to hash passwords using md5() before I write them to the database (or to authenticate the user) but I realize that to do that, I would have to transmit the password in plaintext to the server and hash it there. Because of this I thought of md5()ing it with javascript client side and then rehashing on the server but then if javascript is disabled, then the user can't login, right? 2) I have heard that anything that when the action is readonly, you should use GET but if it modifies the database, you should use POST. Isn't post just as transparent as GET, just not in the address bar?

    Read the article

  • Web Scraper via Web Service API?

    - by 001
    How would I go about doing the following... I want to build a web service for my application to grab a piece of data from an external website, that requires the user to login. The website has no public API , hence the reason for the scrapper. Is there a library to perform the following functions? or what do I do? automate fill-in form, auto click Automate submit button check which URL the user has landed on, and redirect user to URL Grab data from label. EDIT: what im asking for is there a web service, library etc to make it easier to perform screen scrapping/automation functions???

    Read the article

  • Log Shipped but Won't Update

    - by MooCow
    I'm currently taking the MS SQL 2K5 Admin course at a local college and ran into a problem with the Log Shipping part. My setup is the following: Windows 7 x64 SQL 2005 SP3 2 SQL server instances on the same machine Log Shipping settings: Performed full then log back up of Primary Manually restore on Secondary in STANDBY MODE Insert a new record into the table Set up Log Shipping on Primary using SQL Authenication login to connect to the Secondary Set up timers and copy destination on Secondary Monitoring instance not being used I set up a shared folder for WORKGROUP so both instances on the machine can read & write to it. I can see transaction logs generated and copied as defined by the Transaction Shipping wizard. However, the specified table on the Secondary instance is not updating.

    Read the article

  • One account, multiple users, multiple shopping cart in a web application

    - by lemotdit
    I received a somewhat unusual request (imo) for a transactional web site. I have to implement the possibility of having multiple shopping cart for the same user. Those really are shopping carts, not order templates. I.E: A store with several departments ordering under the same account, but with a different person placing orders for a specific department only. Having more than one user per account is not an option since it would involve 'too much' management from the stores owner and the admins. Anyone had to deal with this before? The option so far is to have names for shopping cart, and a dropdown list or something alike after login to choose the cart with some kind of 'busy flag' to lock the cart if it's in use in another session.

    Read the article

  • iOS : is it possible to open previous viewController after crashing and re-launch app?

    - by Nitin Gohel
    How to achieve this stuff below? Please give me some guidance for it. I describe my issue below. When I tap home button and remove app from tray and while I am opening app I get the login screen. I know how to use NSUserDefaults well. But my issue is that when I navigate 3rd or 4th viewController and I press Home Button and remove app from tray, Then whenever I open app than I want to open with last open viewController. Also same when my app is Crashing and I am opening it again then I want to open app with last open viewController state. So I just want to know that is that possible or not? If yes, then please guide me how to achieve this stuff. Thank you

    Read the article

  • Beginner Design pattern question (Web Services involved)

    - by zombie
    Hi all ! I am a noob to web services world. I need to develop a login validator module and expose it as a service. I want it to be service independent, i.e I should have the option of exposing it as a SOAP service or REST service in the future. What pattern should I follow ? Sorry if I am unclear in my requirements, I can clarify as per need. Thanks !! Edit : I am using Eclipse as an IDE and Jersey libraries. I am not into any framework, simply using the MVC pattern. I find a lot of difference between SOAP ann REST methods, so I want my methods to be implementation independent - i.e I should be easily able to use my method through a SOAP or REST service call as per need. What should I do for maximum flexibility ?

    Read the article

  • Are SqlCipher open cursors a security concern?

    - by user1178479
    I'm using SqlCipher with content providers. Right now, when I want to lock the app I just clear out the cached password. However, the app can continue to work with any open cursors. This means that re-opening the app grants access to the sensitive data. I fix this issue on the surface by redirecting to a login screen if the app doesn't have passwords. However, I'm concerned if there are any security issues with these open cursors or if I should just continue to block UI access and not worry? SqlCipher's docs say that it reads/writes encrypted pages on the fly, as opposed to decrypting the entire DB, this makes me think that open cursors are still secure. The main concern here is that someone loses their phone and then a knowledgeable individual can use these open cursors to extract sensitive data.

    Read the article

  • Unrecognized authentication type when doing an Auth to Exchange from Rails

    - by blakeage
    I'm getting this error when trying to authenticate with Exchange Server from Ruby on Rails: 504 5.7.4 Unrecognized authentication type config.action_mailer.raise_delivery_errors = true config.action_mailer.perform_deliveries = true config.action_mailer.delivery_method = :smtp config.action_mailer.smtp_settings = { :address => "x.x.x.x", :port => 25, :user_name => "xxdomain\xxuser", :password => "xxxxxx", :authentication => :login, :enable_starttls_auto => true } I've tried all sorts of combinations of configuration settings, including changing the settings to use "plain" authentication, adding the domain, setting enable_starttls_auto to true, false, and removing it entirely, removing the port. Nothing has worked. Any ideas?

    Read the article

  • any ways saving user information without db

    - by hguser
    Hi: I have a application which require login,but the number of user who use the application is no more than 40. And In the application,I get some data from the sql server database where I juse have read permission,also I can not create a table in the db for user validate. ALso I do not think it is a good idea to create a user table in other database on another machine.(for example,I can create a user table in the mysql another machine,but is it desireable just for user validating)? Now I just save the user info in a .properties file,any other good idea? BTW,the programe language used in my application is java.

    Read the article

  • Resetting root password on Fedora Core 3 - serial cable access only

    - by Sensible Eddie
    A little background: We have an old rackmount server running a customised version of Fedora, manufactured by a company called Navaho. The server is a TeamCAT, running some proprietary rubbish called Freedom2. We have to keep it going - the alternative is extraordinarily expensive, and the business is not likely to be running much longer to justify changing things. Through one means or another, it has fallen upon me to try and resolve our lack of root access. The previous admin has fallen under the proverbial bus, and nobody has any clue. We have no access to the root account for this server. ssh is running on the server, and there is one account admin that we can login with, however it has no permission to do anything (ironic...) The only other way into the server is with a null-modem serial cable. This works... up to a point. I can see the BIOS, I can see the post BIOS screen, and then I see "Starting grub", followed by another screen with about four lines of Linux information, but then it stops at that point. The server continues booting, and all services come online after around two minutes, but the serial terminal displays no more information. I understand it is possible to put Linux into "single user mode" to reset a root password, but I have no idea how to do this beyond trying to interrupt it at the grub stage listed above. When I have tried it just froze. It was almost like grub had appeared (since the server did not continue booting) but I couldn't see it on the serial terminal. Which made me think maybe the grub screen has some different serial settings? I don't know... it's the first time I've ever used serial for access! A friend of mine suggested trying to use a Fedora boot CD. We could boot from USB, so something along this approach is possible but again we still can only see what's going on with the serial terminal, so it might not be achievable. Does anyone have any suggestions for things I can try? I appreciate this is a bit of a long shot, but any assistance would be invaluable. *UPDATE 1 - 28/8/12 * - we will be making some attempts on this today and will post further details later!

    Read the article

  • PHP read a cookie that is on another domain

    - by pnm123
    Hello, I have two domains. One domain contains the login script. It creates a cookie when logged in. Another domain have a URL shortener. So, on the 2nd domain that have the URL Shortener script have a file called session.php. Usually I was using $_COOKIE['sessionid'] to get the session id and match it using database. How can I get the session id now? I have tried few ways but none of them have solve my problem. Thank you, pnm123

    Read the article

  • Nginx and Django on Dotcloud

    - by jmetz
    I currently have a dotcloud app that uses django to serve everything. It works great, however, we recently had our site redone in angular.js, and I don't want to use django to serve the actual html pages (I want to just use nginx for that), but I want django to serve some links for the API we built for the angular code to use. Is it possible for me, in the same app, to configure nginx to serve some static files for particular urls, and have it send other urls for django to serve? I want nginx to serve my index.html page is a request comes in to wwww.example.com, but if a request for example.com/api/login/ comes in, I want that to be handled by django. Is this possible?

    Read the article

  • What is wrong in this json string?

    - by bala3569
    My json string looks like this, {"id" : "38","heading" : "Can you also figure out how to get me back the 10 hours I sp.....","description" : "Im having a very similar problem with the Login control - again it always generates a default style containing border -collapse -only in this case .....","img_url" : "~/EventImages/ EventImages1274014884460.jpg","catogory" : "News","doe" : "15-05-2010 "} But get the error, unterminated string literal.... EDIT: I used this but it didn't work, var newjson = cfreturn( """" & ToString( HfJsonValue ).ReplaceAll( "(['""\\\/\n\r\t]{1})", "\\$1" ) & """" ) ; var jsonObj = eval('(' + newjson + ')'); Error: missing ) after argument list Source Code: var newjson = cfreturn( """" & ToString( HfJsonValue ).ReplaceAll( "(['""\\\/\n\r\t]{1})", "\\$1" ) & """" ) ;

    Read the article

  • Building Admin Areas in Rails - General Questions

    - by Carb
    What is the typical format/structure for creating an administrative area in a Rails application? Specifically I am stumped in the vicinity of these topics: How do you deal with situations where a model's resources are available to both the public and the Admin? i.e. A User model where anyone can create users, login, etc but only the admin can view users, delete/update them, etc. What is the proper convention for routing? How does one structure controllers? Are duplicate controllers considered OK? i.e. An admin version and the non-admin version? Thank you!

    Read the article

  • Using the MySql ASP.NET membership provider with existing users

    - by ScottBelchak
    I have been tasked with migrating an existing mature ASP.NET 2.0 web site to NHibernate, Mono and MySQL or postgres. I am somewhat confused as how the membership provider salts the passwords. If I make the switch and use the MySQL membership provider (outlined in this question) or AspSqlProvider, will the existing users be able to login? I guess it would be easier for me to ask: How the hell do I get access to the encryption key used by the ASP.NET membership provider that salts the passwords so that I can use the same one in a third party provider?

    Read the article

  • PHP with SQL Injection

    - by Scott S
    For our first assignment in a System Security class, we have to hack into the professors "cheaply organized" sql database. I know the only user is "admin" and the select statement generated in the php is: select user_id from user where user_username = 'admin' AND user_password = md5('noob') I am having a number of problems attempting to bypass the password part of this statement as the professor has some javascript embedded in the page to sanitize the username and password of any non-alphanumeric values. This can be bypassed by turning off javascript :P but any values sent still get cleaned by the operating system (some build of Debian 32-bit). I've seen the code for the login request and it does not escape any characters. How do I bypass the operating systems escape sequences?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 357 358 359 360 361 362 363 364 365 366 367 368  | Next Page >