Search Results

Search found 1424 results on 57 pages for 'roles'.

Page 37/57 | < Previous Page | 33 34 35 36 37 38 39 40 41 42 43 44  | Next Page >

  • Best approach for authorisation rules

    - by Maciej
    I'm wonder about best approach of implementation auth. rules in Client-Server app using Business Objects. I've noticed common tactic is: - on DB side: implement one role for application, used for all app's users - definition users right and roles and assign users to proper group - Client side: add to Business Object's getters/setters rights checker allowing write / display data for particular user My concern is if this is really good approach from security perspective. It looks DB sends all information to Client, and then client's logic decide what to display or not. So, potentially advanced user can make query from their box and see/change anything. Isn't it?

    Read the article

  • 401 Unauthorized in Tomcat

    - by Stardust
    Hello, I'm using Tomcat 6.0 as a webserver, and I'm trying to open tomcat manager page, but whenever I enter the username as specified in tomcat-users.xml file, I'm getting an error as: **401 Unauthorized** Here's my tomcat-users.xml file: <tomcat-users> <role rolename="manager"/> <user name="admin" password="" roles="admin,manager" /> </tomcat-users> I restart the tomcat, but it has not helped me. Could someone please tell me what's going on wrong?

    Read the article

  • Spring Security - is Role and ACL security overkill?

    - by HDave
    I have a 3 tier application that requires security authorizations be placed on various domain objects. Whether I use Spring's ACL implementation or roll my own, it seems to me that ACL based security can only be used to authorize (service) methods and cannot be used to authorize URL or web service invocations. I think this because how could a web service call check the ACL before it has hydrated the XML payload? Also, all the examples for web access security in the Spring documentation are securing URL's based on Role. Is it typical to use Spring's roles to secure web presentation and web service calls, while at the same time using ACL's to secure the business methods? Is this overkill?

    Read the article

  • Using WFC authentication service for web application

    - by user200295
    I am using a WFC authentication service I set up with a web application. I have successfully set up and tested the AuthenticationService and RolesService. The web application can successfully call methods like ValidateUser and GetRolesForCurrentUser through the WFC services. I want to integrate the WFC authentication service with my web.config and site.map. Do I need to write a custom provider, or is there some way I can modify the web.config of the web application to use the WFC authentication service as its membership provider? This way I can set what roles have access to what directories based off the WFC authentication service.

    Read the article

  • Converting array to Drupal format

    - by theo
    Hi all, This statement gives me the value I want in Drupal (namely the last user role): global $user; return (end($user->roles)); however I need to convert it to this format: return array( 0 => array('value' => value for value), // You'll usually want to stop here. Provide more values // if you want your 'default value' to be multi-valued: 1 => array('value' => value for value), 2 => ... ); and I've got no idea how to (also, is this format a multidimensional array?)... Any ideas? Thanks for any help, Theo.

    Read the article

  • Getting started with Windows Azure

    - by jonhobbs
    Hi All, I'm going to sound like a complete newbie here but here goes... I've just signed up for a Windows Azure account and was hoping to get a simple hello world aspx page up and running in a browser to see how it all works but I can't seem to find a simple guide to getting a very simple web application running. I've got as far as setting up a "service" and going onto the "deploy" page but it's asking me upload an "application package". I've looked on MSDN but there aren't any simple guides, just reams of documentation talking about "roles" and "development fabric". For somebody that is proficient in HTML/CSS and knows a little abit about asp.net it may just as well be in another language. So, does anybody know how to upload a simple aspx page and then access it in a browser? Jon

    Read the article

  • Routing Users to single Models with Rails

    - by Eric Koslow
    I'm creating a Rails app for students and high schools and I'm having some trouble with my User.rb. I want to have a user model to be used for logging in, but having that user have many roles. The tricky part is that I want users that have a student role to have_one student page, and those that have a role of principal to have_one high_school page. The students and also nested in the high_school so the entire thing becomes a big mess. So my question(s): How do I limit a user to only creating one student / high school to represent them? Also how would I nest this student pages inside the highschool without screwing up the user system? My environment: Rails3 and Ruby 1.9.2dev Thank you!

    Read the article

  • Implementing IPermission

    - by joniba
    Hi there, I'm considering writing a custom IPermission implementation but am not clear as to how it should work. I've already implemented IPrincipal and IIdentity. What I would like to accomplish is to be able to check permissions vis a vis the current IPrincipal's authorizations rather than its roles. Generally, authorizations are read/add-delete/update/none for a given type. So I would like to write something like this: [CustomPermission(SecurityAction.Demand, Type = typeof(Foo), MinimumAuthorization = AuthorizationFlags.Read)] public void SomeMethod(){} Is this possible? I've looked over the code at http://msdn.microsoft.com/en-us/library/system.security.ipermission.aspx. This shows how to implement the interface, but I don't understand how the above pseudo-code would be able to check against the IPrincipal's authorizations for the type. Any help or resource references would be appreciated. Joni

    Read the article

  • How to secure access to SWF file using ASP.NET?

    - by elsharpo
    hi guys, We have a swf file that we want to secure and make available only to authorized users. I embedded the file in an aspx page and that works fine, since ASP.NET handles the aspx page, I can use ASP.NET authorization features and in the web.config restrict the access to roles="AllowedUsers" for example. However smart users could still get to the file by accessing directly for example www.mysite/flash.swf. We want to make that kind of access secure. Any help would be greatly appreciated! Thanks!

    Read the article

  • How to create migration in subdirectory with Rails?

    - by Adrian Serafin
    Hi! I'm writing SaaS model application. My application database consist of two logic parts: application tables - such as user, roles... user defined tables (he can generate them from ui level) that can be different for each application instance All tables are created by rails migrations mechanism. I would like to put user defined tables in another directory: db/migrations - application tables db/migrations/custom - tables generated by user so i can do svn:ignore on db/migrations/custom, and when I do updates of my app on clients servers it would only update application tables migrations. Is there any way to achieve this in rails?

    Read the article

  • How can I use Moose with Test::Class?

    - by rassie
    I'm currently refactoring a test suite built up by a colleague and would like to use Test::Class[::Most] while doing so. As I started I figured out I could really use a couple of Moose roles to decouple code a little bit. However, it seems it's not quite possible -- I'm getting error messages like this one: Prototype mismatch: sub My::Test::Class::Base::blessed: none vs ($) at /usr/lib/perl5/vendor_perl/5.8.8/Sub/Exporter.pm line 896 So the question is: can I use Moose together with Test::Class and if so, how? PS: The code goes like this: package My::Test::Class::Base; use Moose; use Test::Class::Most; with 'My::Cool::Role'; has attr => ( ... );

    Read the article

  • Storing extended IIdentity in HttpContext.Current.User (IPrinciple)

    - by UpTheCreek
    I have created an ExtendedId class which extends GenericIdentity. (This stores Id as well as name) In a httpmodule I stored this extended id in Current.User like so: HttpContext.Current.User = new GenericPrincipal(myExtendedId, roles); Problem is, later, how do I get at my ExtendedId type again? If I try this: ExtendedId eId = (ExtendedId)HttpContext.Current.User.Identity; I get a casting error. I have a feeling I'm doing something stupid here with casting, but I'm a bit foggy this morning.

    Read the article

  • Rails XML Builder - Code refactoring

    - by Vijay Dev
    I have written the following code in my Rails app to generate XML. I am using Aptana IDE to do Rails development and the IDE shows a warning that the code structure is identical in both the blocks. What changes can be done to the code to remove the duplicity in structure? Is there any other way to write the same? xml.roles do @rolesList.each do |r| xml.role(:id => r["role_id"], :name => r["role_name"]) end end xml.levels do @levelsList.each do |lvl| xml.level(:id => lvl["level_id"], :name => lvl["level_name"]) end end

    Read the article

  • Html.BeginForm() not rendering properly

    - by Taskos George
    While searching in stackoverflow the other questions didn't exactly helped in my situation. How it would be possible to debug such an error like the one that the Html.BeginForm does not properly rendered to the page. I use this code @model ExtremeProduction.Models.SelectUserGroupsViewModel @{ ViewBag.Title = "User Groups"; } <h2>Groups for user @Html.DisplayFor(model => model.UserName)</h2> <hr /> @using (Html.BeginForm("UserGroups", "Account", FormMethod.Post, new { encType = "multipart/form-data", id = "userGroupsForm" })) { @Html.AntiForgeryToken() <div class="form-horizontal"> @Html.ValidationSummary(true) <div class="form-group"> <div class="col-md-10"> @Html.HiddenFor(model => model.UserName) </div> </div> <h4>Select Group Assignments</h4> <br /> <hr /> <table> <tr> <th> Select </th> <th> Group </th> </tr> @Html.EditorFor(model => model.Groups) </table> <br /> <hr /> <div class="form-group"> <div class="col-md-offset-2 col-md-10"> <input type="submit" value="Save" class="btn btn-default" /> </div> </div> </div> } <div> @Html.ActionLink("Back to List", "Index") </div> EDIT: Added the Model // Wrapper for SelectGroupEditorViewModel to select user group membership: public class SelectUserGroupsViewModel { public string UserName { get; set; } public string FirstName { get; set; } public string LastName { get; set; } public List<SelectGroupEditorViewModel> Groups { get; set; } public SelectUserGroupsViewModel() { this.Groups = new List<SelectGroupEditorViewModel>(); } public SelectUserGroupsViewModel(ApplicationUser user) : this() { this.UserName = user.UserName; this.FirstName = user.FirstName; this.LastName = user.LastName; var Db = new ApplicationDbContext(); // Add all available groups to the public list: var allGroups = Db.Groups; foreach (var role in allGroups) { // An EditorViewModel will be used by Editor Template: var rvm = new SelectGroupEditorViewModel(role); this.Groups.Add(rvm); } // Set the Selected property to true where user is already a member: foreach (var group in user.Groups) { var checkUserRole = this.Groups.Find(r => r.GroupName == group.Group.Name); checkUserRole.Selected = true; } } } // Used to display a single role group with a checkbox, within a list structure: public class SelectGroupEditorViewModel { public SelectGroupEditorViewModel() { } public SelectGroupEditorViewModel(Group group) { this.GroupName = group.Name; this.GroupId = group.Id; } public bool Selected { get; set; } [Required] public int GroupId { get; set; } public string GroupName { get; set; } } public class Group { public Group() { } public Group(string name) : this() { Roles = new List<ApplicationRoleGroup>(); Name = name; } [Key] [Required] public virtual int Id { get; set; } public virtual string Name { get; set; } public virtual ICollection<ApplicationRoleGroup> Roles { get; set; } } ** EDIT ** And I get this form http://i834.photobucket.com/albums/zz268/gtas/formmine_zpsf6470e02.png I should receive a form like the one that I copied the code like this http://i834.photobucket.com/albums/zz268/gtas/formcopied_zpsdb2f129e.png Any ideas where or how to look the source of evil that makes my life hard for some time now?

    Read the article

  • Using WCF authentication service for web application

    - by user200295
    I am using a WCF authentication service I set up with a web application. I have successfully set up and tested the AuthenticationService and RolesService. The web application can successfully call methods like ValidateUser and GetRolesForCurrentUser through the WCF services. I want to integrate the WCF authentication service with my web.config and site.map. Do I need to write a custom provider, or is there some way I can modify the web.config of the web application to use the WCF authentication service as its membership provider? This way I can set what roles have access to what directories based off the WCF authentication service.

    Read the article

  • Is there an easy to script 2d game world?

    - by Sandro
    For a school project we're developing a game that's a little like Conway's game of life, with different organisms taking up slots in the world and then eating each other. I would like to see this take place in a 2d world. Like being able to take starcraft and have zergling and marines play roles. The problem with starcraft is that the whole algorithm would have to be written inside of the game editor, and starcraft isn't free or open source. So is there another engine that is starcraft/warcraft/AOE-ish that can be scripted from outside of the game and is freely available? (I'm asking a lot here I know)

    Read the article

  • What some good books on software testing/quality?

    - by mjh2007
    I'm looking for a good book on software quality. It would be helpful if the book covered: The software development process (requirements, design, coding, testing, maintenance) Testing roles (who performs each step in the process) Testing methods (white box and black box) Testing levels (unit testing, integration testing, etc) Testing process (Agile, waterfall, spiral) Testing tools (simulators, fixtures, and reporting software) Testing of embedded systems The goal here is to find an easy to read book that summarizes the best practices for ensuring software quality in an embedded system. It seems most texts cover the testing of application software where it is simpler to generate automated test cases or run a debugger. A book that provided solutions for improving quality in a system where the tests must be performed manually and therefore minimized would be ideal.

    Read the article

  • JQuery - Ajax saving sortables in connected lists when sortable item is moved

    - by Ben Sinclair
    I have multiple JQuery sortable lists that connect with each other... They allow you to assign users to certain roles. Basically what I want to do is when a user is dragged from one list to another, I want JQuery to pick up the first list that the user was moved from so that I can send an AJAX request to delete it from that list in my database. I tried the following but every time you move the user over a list and haven't even dropped it within a list, it sends this request which means I'll be sending multiple AJAX requests... Does that make sense? $( ".selector" ).sortable({ out: function(event, ui) { ... } }); From my testing, I can use the following code to just update the list that user has been moved to so I've got the second half covered: $( ".selector" ).sortable({ receive: function(event, ui) { ... } }); Hopefully I am making sense :)

    Read the article

  • Two asp.net applications to use the same membership tables - specifically user login data

    - by Lk
    HI, I have created a asp.net solution with two applications. They bothe use the same database which is setup with .net membership and roles. Application 1 uses the membership for sauthentication to an administration area - this works fine. Application 2 - has a different applicationID to App1. I want to be able to use the existing user account to manage App2's authentication needs. How is this best achieved? Do I just match App2 appliactionID to App1's or is there another way? Many Thanks, Lk

    Read the article

  • How can I use Moose with Test::Class?

    - by rassie
    I'm currently refactoring a test suite built up by a colleague and would like to use Test::Class[::Most] while doing so. As I started I figured out I could really use a couple of Moose roles to decouple code a little bit. However, it seems it's not quite possible -- I'm getting error messages like this one: Prototype mismatch: sub My::Test::Class::Base::blessed: none vs ($) at /usr/lib/perl5/vendor_perl/5.8.8/Sub/Exporter.pm line 896 So the question is: can I use Moose together with Test::Class and if so, how? PS: The code goes like this: package My::Test::Class::Base; use Moose; use Test::Class::Most; with 'My::Cool::Role'; has attr => ( ... );

    Read the article

  • Public-facing SharePoint 2007 portal - authentication question

    - by jdcorr
    I am involved in developing a portal with a public-facing side. For this i created a web application with windows authentication for intranet zone and after that, I created an extension for an internet zone with fba. In the internet extension we have the following requirement: - able to acess to sharepoint backoffice using fba. - have a authentication mecanism for portal visitors, where they can authenticate and acess to a page where they can subscribe the newsletter and define some site appearance (this users can't acess to sharepoint backoffice). My idea is use the aspnet membership provider to authenticate both users and create diferente roles for them. Anyone suggests another approach? Is there any way to ensure that visitors (2 case) do not enter the backoffice portal? Thanks

    Read the article

  • SubSonic IQueryable To String Array

    - by Daniel Draper
    Hey All, I have decided to use SubSonic (v3.0) for the first time and thoroughly enjoy it so far however I seem to have stumbled and I am hoping there is a nice neat solution. I have a users, roles and joining table. SubSonic (ActiveRecord) generated an entity User for my users table. A property of User is UserRoles and is of the type IQueryable this is my joining table. I want to convert the IQueryable column name RoleName to a string array. I have only just started playing with Linq as well and know of ToArray() but seem to be missing something or this isn't the function I want. I could iterate over each item in the UserRoles property but seems a little excessive. I appreciate your help! Cheers.

    Read the article

  • Architecture choice about representation of collections in Business Objects

    - by Rajarshi
    I have made certain choices in my architecture which I request the community to review and comment. I am breaking up the post in smaller sections to make it easier to understand the context and then suggest/comment. I am sorry that the post is long, but is required to explain the context. What am I building A typical business application where there are application users, security roles, business operation/action rights based on roles and several business modules like Stock Receive, Stock Transfer, Sale Order, Sale Invoice, Sale Return, Stock Audit etc. and several reports. The application is a WinForm application since it has a lot of rich and responsive UI requirements and has to operate in disconnected mode (with a local SQL Server), most of the time. What have I done I have built a framework - nothing to boast about, but just a set of libraries that serves the repetative requirements of my application, e.g. authentication, role based authorization, data access, validation, exception handling, logging, change status tracking, presentation model compliance and reasonable loose coupling between components. No, I have not written everything from scratch, you can say I have consolidated many things together like some concepts from CSLA, Martin Fowler for Presentation Model, blocks from Enterprise Library, Unity etc. to build a set of libraries that will help my developers be productive quickly without having to look up Google for many of the technical requirements. I have tried to keep the framework generic so that it can be used in typical business applications and also tried to follow some best practices that will support the same Business Objects to be used in an ASP.NET MVC environment also. My present architecture serves my objectives well, and have built several modules (on WinForm) without much trouble. The architecture also lent itself well to build some usable prototype on ASP.NET MVC with the same set of business objects, without changing a single line of code. My Dilemma I have used Custom Business Objects since that gives me a clearer OOP representation of the problem scope in my solution scope, and helps me visualize my entire solution as collection of objects with data and behavior rather than having a set of relational data (DataSet) and implement behaviours (business logic, validation) etc. separately. With rich databinding support in .NET 2.0 binding Custom Business Objects to UI was a breeze. Now while building my business objects, I am still in a dilemma about representation of collections in business objects. Currently I am using DataSets to represent collections while I have seen many suggestions to implement custom collections. For example, in my vision, a typical Sale Invoice Object will contain 'Sales Invoice Items' as a collection. Now theoritically, I can accept that the each 'Sales Invoice Item' should have its own behavior along with their data (ItemCode, Name, Qty, Price etc.) but typically managing of Sale Invoice Items in a Sale Invoice is handled by the Sale Invoice Object itself, e.g. adding/removing Items from collection. Additionally, we can also put business logic/rules for the Sales Invoice Items like "Qty should not be greater than the ordered qty", "Price should be max 10% above the price in Sale Order" etc. in the Sale Invoice object itself. With that kind of a vision, I felt that most business object child collections can be managed by the parent itself, including add/remove from collection as well and implementing business logic for the collection items, hence the collection items hold nothing but data. Additionally, typical collections are represented in UI in Grids, where ability to support DataBinding becomes very important for any collection. Implementing a custom collection, in that case would also mean, I have to implement robust DataBinding support as well, for the collection, which is of course time consuming. Now, considering child collection behaviors are implemented in the parent and the need for DataBinding of child collections, I chose DataSet to represent any child collection in my business objects. In the above example of Sale Invoice I will have 'Invoice Number', 'Date', 'Customer' etc. as attributes of the 'Sale Invoice' but 'InvoiceItems' as a DataSet. Of course, when I say DataSet, it is not a vanilla dataset but an extended DataSet that supports business rule validation and the same role based security model of my framework to allow/deny any business operation to rows/columns of the DataSet, automatically. This approach has allowed easier collection management and databinding in my business objects and my developers are able to deliver modules rapidly. Questions Do you feel that the approach is reasonable? Do you see any shortcomings of this approach? I am recently thinking of using 'Typed DataSets' as child collections, for easier representation in code, that will allow me to write 'currentInvoice.InvoiceItems' (for the DataTable) and 'invoiceItem.ProductCode' or 'invoiceItem.Qty', instead of 'drow["ProductCode"].ToString()' or '(int)drow["Qty"]' etc. Does this choice have any demerits? Thank you if you have read so far and a salute if you still have the Energy to answer.

    Read the article

  • SQL server 2005 - user rights

    - by Paresh
    I have created one user named "tuser" with create database rights in SQL server 2005. and given the 'db_owner' database role of master and msdb database to "tuser". From this user login when I run the script for create database then it will create new database. But "tuser" don't have access that newly created database generated from script. Any one have any idea?, I want to write the script so "tuser" have access that new created database after creation and can have add user permission of newly created database. I want to give 'db_owner' database roles to "tuser" on that newly created database in the same script which create new database. The script run under 'tuser'.

    Read the article

  • accessing associations within GORM Events

    - by Don
    Hi, My Grails app has a User class and a Role class. The User class has an authorities property which holds the roles assigned to that user, e.g. class User { static hasMany = [authorities: Role] // This method is called automatically after a user is inserted def afterInsert() { this.authorities.size() } } If I create a user and assign them a role, a NullPointerException is thrown from the GORM event method afterInsert(), because authorities is null. If I comment out afterInsert() the user is saved correctly along with the assigned role. Is there some reason why I can't access associations from GORM event methods. Is is possible that this event is fired after the User row is inserted, but before the row is added to the User-Role join table? Thanks, Don

    Read the article

< Previous Page | 33 34 35 36 37 38 39 40 41 42 43 44  | Next Page >