Search Results

Search found 5865 results on 235 pages for 'resource throttling'.

Page 37/235 | < Previous Page | 33 34 35 36 37 38 39 40 41 42 43 44  | Next Page >

  • What is the proper name for this design pattern in Python?

    - by James
    In Python, is the proper name for the PersonXXX class below PersonProxy, PersonInterface, etc? import rest class PersonXXX(object): def __init__(self,db_url): self.resource = rest.Resource(db_url) def create(self,person): self.resource.post(person.data()) def get(self): pass def update(self): pass def delete(self): pass class Person(object): def __init__(self,name, age): self.name = name self.age = age def data(self): return dict(name=self.name,age=self.age)

    Read the article

  • Mixing Forms and Token Authentication in a single ASP.NET Application (the Details)

    - by Your DisplayName here!
    The scenario described in my last post works because of the design around HTTP modules in ASP.NET. Authentication related modules (like Forms authentication and WIF WS-Fed/Sessions) typically subscribe to three events in the pipeline – AuthenticateRequest/PostAuthenticateRequest for pre-processing and EndRequest for post-processing (like making redirects to a login page). In the pre-processing stage it is the modules’ job to determine the identity of the client based on incoming HTTP details (like a header, cookie, form post) and set HttpContext.User and Thread.CurrentPrincipal. The actual page (in the ExecuteHandler event) “sees” the identity that the last module has set. So in our case there are three modules in effect: FormsAuthenticationModule (AuthenticateRequest, EndRequest) WSFederationAuthenticationModule (AuthenticateRequest, PostAuthenticateRequest, EndRequest) SessionAuthenticationModule (AuthenticateRequest, PostAuthenticateRequest) So let’s have a look at the different scenario we have when mixing Forms auth and WS-Federation. Anoymous request to unprotected resource This is the easiest case. Since there is no WIF session cookie or a FormsAuth cookie, these modules do nothing. The WSFed module creates an anonymous ClaimsPrincipal and calls the registered ClaimsAuthenticationManager (if any) to transform it. The result (by default an anonymous ClaimsPrincipal) gets set. Anonymous request to FormsAuth protected resource This is the scenario where an anonymous user tries to access a FormsAuth protected resource for the first time. The principal is anonymous and before the page gets rendered, the Authorize attribute kicks in. The attribute determines that the user needs authentication and therefor sets a 401 status code and ends the request. Now execution jumps to the EndRequest event, where the FormsAuth module takes over. The module then converts the 401 to a redirect (302) to the forms login page. If authentication is successful, the login page sets the FormsAuth cookie.   FormsAuth authenticated request to a FormsAuth protected resource Now a FormsAuth cookie is present, which gets validated by the FormsAuth module. This cookie gets turned into a GenericPrincipal/FormsIdentity combination. The WS-Fed module turns the principal into a ClaimsPrincipal and calls the registered ClaimsAuthenticationManager. The outcome of that gets set on the context. Anonymous request to STS protected resource This time the anonymous user tries to access an STS protected resource (a controller decorated with the RequireTokenAuthentication attribute). The attribute determines that the user needs STS authentication by checking the authentication type on the current principal. If this is not Federation, the redirect to the STS will be made. After successful authentication at the STS, the STS posts the token back to the application (using WS-Federation syntax). Postback from STS authentication After the postback, the WS-Fed module finds the token response and validates the contained token. If successful, the token gets transformed by the ClaimsAuthenticationManager, and the outcome is a) stored in a session cookie, and b) set on the context. STS authenticated request to an STS protected resource This time the WIF Session authentication module kicks in because it can find the previously issued session cookie. The module re-hydrates the ClaimsPrincipal from the cookie and sets it.     FormsAuth and STS authenticated request to a protected resource This is kind of an odd case – e.g. the user first authenticated using Forms and after that using the STS. This time the FormsAuth module does its work, and then afterwards the session module stomps over the context with the session principal. In other words, the STS identity wins.   What about roles? A common way to set roles in ASP.NET is to use the role manager feature. There is a corresponding HTTP module for that (RoleManagerModule) that handles PostAuthenticateRequest. Does this collide with the above combinations? No it doesn’t! When the WS-Fed module turns existing principals into a ClaimsPrincipal (like it did with the FormsIdentity), it also checks for RolePrincipal (which is the principal type created by role manager), and turns the roles in role claims. Nice! But as you can see in the last scenario above, this might result in unnecessary work, so I would rather recommend consolidating all role work (and other claims transformations) into the ClaimsAuthenticationManager. In there you can check for the authentication type of the incoming principal and act accordingly. HTH

    Read the article

  • Time/resource allocation on a Stylish vs. Functional user interface

    - by jasonk
    When developing applications how much focus/time do you place on an application’s style vs. functionality. Battleship gray apps drive me insane. On the other hand maximizing a business application’s "style" can tax time and financial resources. Applications need to be appealing to resell or meet basic customer expectations, but defining a healthy medium can be difficult. What would you say are reasonable "standards" for allocating develop time/resources should be dedicated to stylizing a business application?

    Read the article

  • is there anyway to know if your supposedly fully dedicated server is really a virtually resource-sha

    - by siran
    Hi, sometimes I feel my server not responding as smoothly as I would expect (i have a Intel(R) Xeon(TM) CPU 2.80GHz Quad Core), given that for example, the 'top' commands reports a low load < 0.5, CPU are almost completely idle ... I maybe have internet connectivity issues, so I don't really know if it's me or if it's the server itself. Is there anykind of benchmarking script (or something analogous) I could run and see the actual performance of the server ?

    Read the article

  • Should I use a resource loader for a SPA, or front-load everything?

    - by Shango
    I've been getting into Backbone.js lately and I'm enjoying it so far. All the examples tend to be simple to-do lists, so it's been a little difficult extrapolating code organization and file structure for a larger/more robust single page application. I've come to a crossroad: Should I use something like Yepnope.js to load models and views as I need them or, Combine and minify into fewer files and front-load it all. Some combination of both? Any advice would be appreciated!

    Read the article

  • How to revert-back from SSL to non-SSL in Tomcat 6 ?

    - by mohamida
    I'm using jsf 2 + jaas + ssl + tomcat 6.0.26 I have in my web site 2 paths: /faces/protected/* which uses SSL /faces/unprotected/* which don't uses SSL. I've put this in my web.xml: <login-config> <auth-method>FORM</auth-method> <form-login-config> <form-login-page>/faces/login.jsp</form-login-page> <form-error-page>/faces/error.jsp</form-error-page> </form-login-config> </login-config> <security-constraint> <web-resource-collection> <web-resource-name>Secure Resource</web-resource-name> <description/> <url-pattern>/faces/unprotected/*</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> <http-method>HEAD</http-method> <http-method>PUT</http-method> <http-method>OPTIONS</http-method> <http-method>TRACE</http-method> <http-method>DELETE</http-method> </web-resource-collection> <auth-constraint> <role-name>C</role-name> </auth-constraint> </security-constraint> <security-constraint> <web-resource-collection> <web-resource-name>Secure Resource</web-resource-name> <description /> <url-pattern>/faces/protected/*</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> <http-method>HEAD</http-method> <http-method>PUT</http-method> <http-method>OPTIONS</http-method> <http-method>TRACE</http-method> <http-method>DELETE</http-method> </web-resource-collection> <auth-constraint> <role-name>C</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint> <security-role> <description> Role Client </description> <role-name>C</role-name> </security-role> and this is my server.xml: <Connector port="8080" protocol="HTTP/1.1" maxThreads="400" maxKeepAliveRequests="1" acceptCount="100" connectionTimeout="3000" redirectPort="8443" compression="on" compressionMinSize="2048" noCompressionUserAgents="gozilla, traviata" compressableMimeType="text/javascript,text/css,text/html, text/xml,text/plain,application/x-javascript,application/javascript,application/xhtml+xml" /> <Connector port="8443" protocol="org.apache.coyote.http11.Http11AprProtocol" SSLEnabled="true" maxThreads="400" scheme="https" secure="true" clientAuth="optional" sslProtocol="TLS" SSLCertificateFile="path/to/crt" SSLCertificateKeyFile="path/to/pem"/> when i enter to protected paths, it switches to HTTPS (port 8443), but when i enter to path /faces/unprotected/somthing... it stays using HTTPS. what i want is when i enter to unprotected paths, it revert-back to non-SSL communications ( otherwise, i have to re-login again when i set the exact adress in my browser). What's wrong with my configurations ? Is there a way so i can do such a thing ?

    Read the article

  • Basic Team Foundation Server 2010 Question - System Resource Usage?

    - by user127954
    Guys / Gals i have a real basic Team Foundation Server 2010 question. For those of you who have played around with tfs 2010 is it a lot more light weight than tfs2008 is? I remember installing all the pieces needed for TFS 2008 one one machine at work. I remember it being a pain to install (i know 2010 is supposed to be much better) We wanted to play around with it a little bit to see if it met our needs. Well it brought that machine to a screeching halt. I'm needing a source control repository for home and i thought why not just install tfs 2010 so i can get familiar with it and maybe in the future i can make a better sell to my organization and FINALLY get them to move off of Source Safe but my concern is i only have one server at home (granted i already have SQL Server installed) and don't want to buy a machine just for this purpose. I'd also like to get more familiar with CI too. Anyways, if team is going to be to heavy i'll just use subversion but i'd like to use TFS if possible. Any help would be appreciated. thanks, Ncage

    Read the article

  • Android: Why my user Interface does not get drawn when I Inflate the resource layout file?

    - by Einiosaurus
    First of all, I'm a newbie on Android programming, so please be detailed in your answers. I have a layout main.xml file with format similar to <?xml version="1.0" encoding="utf-8"?> <LinearLayout xmlns:android = "http://schemas.android.com/apk/res/android" android:orientation = "vertical" android:layout_width = "fill_parent" android:layout_height = "fill_parent"> <LinearLayout xmlns:android = "http://schemas.android.com/apk/res/android" android:orientation = "horizontal"   android:layout_width = "fill_parent" android:layout_height = "fill_parent"> <EditText android:id="@+id/a" android:layout_width="fill_parent" android:layout_height="wrap_content" /> <TextView android:id="@+id/xSquared" android:layout_width = "fill_parent" android:layout_height = "wrap_content" android:text = "@string/equationPart1" /> </LinearLayout> <LinearLayout ... </LinearLayout> </LinearLayout> In my Java source file, I inflate the UI using command: setContentView(R.layout.main); public void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.main); } However, when I run the emulator, the UI does not show up like what I expect. Instead, it just display a simple EditText text box. I wonder what is going wrong. Is it because I put a layout inside another layout? I don't think there is any problem with that right?

    Read the article

  • RSpec: Can't convert Image to String when using Nested Resource.

    - by darrint
    I'm having trouble with and RSpec view test. I'm using nested resources and the model with a belongs_to association. Here's what I have so far: describe "/images/edit.html.erb" do include ImagesHelper before(:each) do @image_pool = stub_model(ImagePool, :new_record => false, :base_path => '/') assigns[:image] = @image = stub_model(Image, :new_record? => false, :source_name => "value for source_name", :image_pool => @image_pool) end it "renders the edit image form" do render response.should have_tag("form[action=#{image_path(@image)}][method=post]") do with_tag('input#image_source_name[name=?]', "image[source_name]") end end end The error I'm receiving: ActionView::TemplateError in '/images/edit.html.erb renders the edit image form' can't convert Image into String On line #3 of app/views/images/edit.html.erb 1: <h1>Editing image</h1> 2: 3: <% form_for(@image) do |f| %> 4: <%= f.error_messages %> 5: 6: <p> app/views/images/edit.html.erb:3 /opt/dtcm/railstest/lib/ruby/gems/1.9.1/gems/rspec-rails-1.3.2/lib/spec/rails/extensions/action_view/base.rb:27:in `render_with_mock_proxy' /opt/dtcm/railstest/lib/ruby/gems/1.9.1/gems/rspec-rails-1.3.2/lib/spec/rails/example/view_example_group.rb:170:in `render' Looking at the rails code where the exception occurs is not very revealing. Any ideas on how I can narrow down what is going on here? One thing I tried was calling form_for directly from the example and I got a different error griping about lack of 'polymorphic_path' defined on Spec::Rails::Example::ViewExampleGroup::Subclass_4:0xblah. Not sure if that actually means anything.

    Read the article

  • Java resource management: please help to understand Findbugs results.

    - by java.is.for.desktop
    Hello, everyone! Findbugs bugs me about a method which opens two Closeable instances, but I can't understand why. Source public static void sourceXmlToBeautifiedXml(File input, File output) throws TransformerException, IOException, JAXBException { FileReader fileReader = new FileReader(input); FileWriter fileWriter = new FileWriter(output); try { // may throw something sourceXmlToBeautifiedXml(fileReader, fileWriter); } finally { try { fileReader.close(); } finally { fileWriter.close(); } } } Findbugs analysis Findbugs tells me Method [...] may fail to clean up java.io.Reader [...] and points to the line with FileReader fileReader = ... Question Who is wrong: me or Findbugs?

    Read the article

  • Design: How to model / where to store relational data between classes

    - by Walker
    I'm trying to figure out the best design here, and I can see multiple approaches, but none that seems "right." There are three relevant classes here: Base, TradingPost, and Resource. Each Base has a TradingPost which can offer various Resources depending on the Base's tech level. Where is the right place to store the minimum tech level a base must possess to offer any given resource? A database seems like overkill. Putting it in each subclass of Resource seems wrong--that's not an intrinsic property of the Resource. Do I have a mediating class, and if so, how does it work? It's important that I not be duplicating code; that I have one place where I set the required tech level for a given item. Essentially, where does this data belong? P.S. Feel free to change the title; I struggled to come up with one that fits.

    Read the article

  • Why can't I find DataTemplates in merged resource dictionaries?

    - by dthrasher
    In my MainWindow.xaml, I have the following reference to a ResourceDictionary: <Window.Resources> <ResourceDictionary> <ResourceDictionary.MergedDictionaries> <ResourceDictionary Source="MainSkin.xaml" /> </ResourceDictionary.MergedDictionaries> </ResourceDictionary> </Window.Resources> In MainSkin.xaml, I define a datatemplate: <DataTemplate x:Key="TagTemplate"> ... </DataTemplate> Deeper within my application, I attempt to use this data template: <ContentControl DataContext="{Binding Tag}" ContentTemplate="{StaticResource TagTemplate}"/> The code compiles successfully, but when I attempt to load a Page or UserControl that contains this StaticResource, I get an exception saying that the TagTemplate can't be found. What am I doing wrong?

    Read the article

  • Should I skip authorization, with CanCan, of an action that instantiates a resource?

    - by irkenInvader
    I am writing a web app to pick random lists of cards from larger, complete sets of cards. I have a Card model and a CardSet model. Both models have a full RESTful set of 7 actions (:index, :new, :show, etc). The CardSetsController has an extra action for creating random sets: :random. # app/models/card_set.rb class CardSet < ActiveRecord::Base belongs_to :creator, :class_name => "User" has_many :memberships has_many :cards, :through => :memberships # app/models/card.rb class Card < ActiveRecord::Base belongs_to :creator, :class_name => "User" has_many :memberships has_many :card_sets, :through => :memberships I have added Devise for authentication and CanCan for authorizations. I have users with an 'editor' role. Editors are allowed to create new CardSets. Guest users (Users who have not logged in) can only use the :index and :show actions. These authorizations are working as designed. Editors can currently use both the :random and the :new actions without any problems. Guest users, as expected, cannot. # app/controllers/card_sets_controller.rb class CardSetsController < ApplicationController before_filter :authenticate_user!, :except => [:show, :index] load_and_authorize_resource I want to allow guest users to use the :random action, but not the :new action. In other words, they can see new random sets, but not save them. The "Save" button on the :random action's view is hidden (as designed) from the guest users. The problem is, the first thing the :random action does is build a new instance of the CardSet model to fill out the view. When cancan tries to load_and_authorize_resource a new CardSet, it throws a CanCan::AccessDenied exception. Therefore, the view never loads and the guest user is served a "You need to sign in or sign up before continuing" message. # app/controllers/card_sets_controllers.rb def random @card_set = CardSet.new( :name => "New Set of 10", :set_type => "Set of 10" ) I realize that I can tell load_and_authorize_resource to skip the :random action by passing :except => :random to the call, but that just feels "wrong" for some reason. What's the "right" way to do this? Should I create the new random set without instantiating a new CardSet? Should I go ahead and add the exception?

    Read the article

  • How to do smart resource planning for short Agile/Sprint cycles?

    - by Chanakya
    We use scrum technique to plan for short development lifecycle. It is very common that sometimes tasks gets moved or reallocated or deferred from the current sprint for multiple reasons. In that case there is a chance of resources getting freed up from the planned work. It may get difficult to allocate new tasks to them during sprint as mostly all projects are tied up at that point with planned work. What is the best way to plan resources in these situations?

    Read the article

  • How to expose a function that takes two input files as a REST resource?

    - by dafmetal
    I need to expose a function, let's say compute that takes two input files: a plan file and a system file. The compute function uses to system file to see whether the plan in the plan file can be executed or not. It produces an output file containing the result of this check including recommendations for the plan. I need to expose this functionality in a REST architecture and have no influence on the compute function itself (it is being developed by another organization). I can control the interface through which it is accessed. What would be a recommended way to expose this functionality in a REST architecture?

    Read the article

  • Can I stop ASP.NET from returning 'The resource cannot be found.'?

    - by mackenir
    I have installed an HttpModule into my web app that will handle all requests with a given file extension. I want ASP.NET to handle all requests with the extension, regardless of whether there is an underlying file on disk. So, when I added the extension to the 'Application Extension Mappings', I unchecked the 'Verify that file exists' checkbox. However, this just transfers the file check to ASP.NET rather IIS, so I just get a different error page when requesting URLs with the file extension. Is there a way to preempt this ASP.NET file checking and intercept the requests?

    Read the article

  • Cross-Origin Resource Sharing (CORS) - am I missing something here?

    - by David Semeria
    I was reading about CORS (https://developer.mozilla.org/en/HTTP_access_control) and I think the implementation is both simple and effective. However, unless I'm missing something, I think there's a big part missing from the spec. As I understand, it's the foreign site that decides, based on the origin of the request (and optionally including credentials), whether to allow access to its resources. This is fine. But what if malicious code on the page wants to POST a user's sensitive information to a foreign site? The foreign site is obviously going to authenticate the request. Hence, again if I'm not missing something, CORS actually makes it easier to steal sensitive information. I think it would have made much more sense if the original site could also supply an immutable list of servers its page is allowed to access. So the expanded sequence would be: 1) Supply a page with list of acceptable CORS servers (abc.com, xyz.com, etc) 2) Page wants to make an XHR request to abc.com - the browser allows this because it's in the allowed list and authentication proceeds as normal 3) Page wants to make an XHR request to malicious.com - request rejected locally (ie by the browser) because the server is not in the list. I know that malicious code could still use JSONP to do its dirty work, but I would have thought that a complete implementation of CORS would imply the closing of the script tag multi-site loophole. I also checked out the official CORS spec (http://www.w3.org/TR/cors) and could not find any mention of this issue.

    Read the article

< Previous Page | 33 34 35 36 37 38 39 40 41 42 43 44  | Next Page >