Search Results

Search found 14784 results on 592 pages for 'spring security'.

Page 378/592 | < Previous Page | 374 375 376 377 378 379 380 381 382 383 384 385  | Next Page >

• Cisco pix command - whats this command mean?

  - by jason clark

  Hi, Anyone know what the following means? I have these two lines in our cisco PIX configuration file but have no references to these IP's anywhere else in the config and cant find a device on the network with them. global (inet) 10 213.228.xxx.xx global (inet) 20 213.228.xxx.xx thanks, Jason (BTW: I've xxx'ed out the remainder of the ip for security :-0 )

  Read the article

• Aspect oriented Programming?

  - by Jaswant Agarwal

  How can we apply attributes to class fucntion using AOP in C#? UPDATE: I am slightly not clear in what context AOP should be used? As we can use AOP for logging purpose, security(Authentication), please suggest some other scenarios where we can take benefit of AOP Is AOP can be use to share data among different running threads in application process?

  Read the article

• What makes a bad programming language bad?

  - by sub

  We have all seen things like the typing system of JavaScript (There is a funny post including a truth table somewhere around here). I consider this one of the main things that makes a programming language bad. Other things that spring to mind: Bad Error messages (Either obfuscated so you can't figure out whats wrong, not existing or simply too long and red) The language wasn't planned and just grew uncontrolled in all directions (PHP?) The language encourages bad programm(er/ing) habits such as: Global variables everywhere, bad variable names Inconsistent naming conventions inside the language I can't come up with any more at the moment and would be very happy to read what you think about this. What shouldn't be missing in a language created to be as bad (from the perspectives of the programmer, the company that hires to programmer, the team leader and the customer) as possible? (I ask this because I'm designing a bad, experimental language at the moment)

  Read the article

• WCF Service Issue

  - by Om

  Hi, I am facing issue of the WCF Services on staging server. The same service is running perfectly in my local pc. But when i configured the same on staging server it is giving issue saying that: "The communication object, System.ServiceModel.Channels.ServiceChannel, cannot be used for communication, because it is in Faulted state." Is it related to security or anything else? How can i fix the issue? Regards, Om

  Read the article

• Use of Hibernate 3.0 with EJB 3.0 & JPA

  - by SOA Nerd

  Where I'm working the guys that are sitting across from me are working on a project. This is a JavaEE app which uses Struts, Spring, EJB 3.0, JPA, and Hibernate 3.0. They are using EJB 3.0 entity beans with annotations. I've been asking them why Hibernate 3.0 is in this mix and noone can seem to tell me. It feels like they've included Hibernate 3.0 because they were told to but are not using it for anything that they can't get from EJB 3.0 entity beans/JPA. They're using CMP and accessing all of the database functions via EJBs. Can Hibernate give you anything in this setup that can't be provided by EJB 3.0/JPA?

  Read the article

• Best practices to store CreditCard information into DataBase

  - by Garis Suero

  In my country the online payments are not an old thing, the first time i saw a web application taking payments directly to a local bank account was last year. So, Im a newbie coding web payment system. My question is, what are the best practices to store creditcard information into the database... I have many ideas: encrypting the creditcard, database security restriction, etc. What have you done?

  Read the article

• Should you do validation checks that go outside the possiblility of normal user activity?

  - by Scarface

  Hey guys I have been thinking about form security a lot lately. I have been told time and time again to check if form input is a number if you are expecting a number or escape it in case (unless you use proper mysqli formatting) to avoid injection. 1.After the safety checks are done, should I do additional logic checks? For example, if the user is sending a friend request to them-self for example even if my user interface will not show the form if the user is looking at their own page.

  Read the article

• OLEDB connection to Access database using DSN

  - by somu

  i want oledb connection using Dsn. I used the following code 'Dsn Create dbRegBase.RegisterDatabase("GEMINI", "Microsoft Access Driver (*.mdb)", True,DBQ=D:\Gemini\GEMINI\database\paints_01_2008-2009.mdb Description=Greenchip Technologies ODBC Database File Path OemToAnsi=No UID=admin PWD=XXXXXX conection code Provider=Microsoft.Jet.OLEDB.4.0;DBQ ='GEMINI';Persist Security Info=False;Jet OleDB:Database Password = XXXXXX But Error come error name is "Could not find installable ISAM" what i do . please tell me.

  Read the article

• Access to Windows 7 log from a remote machine [closed]

  - by robob

  I'm trying to access with EventViewer (from a Windows XP Prof) to a remote machine with Windows 7 (Seven). Before I started the Service "RemoteRegistry" I received an "Access Denied". After started the service I can connet to the machine Log (in EventViewer app) but when i clik on any log as "Application" or "Security" I receive a "privilege" error. Could someone help me, please?

  Read the article

• How to run an application as root without asking for an admin password?

  - by kvaruni

  I am writing a program in Objective-C (XCode 3.2, on Snow Leopard) that is capable of either selectively blocking certain sites for a duration or only allow certain sites (and thus block all others) for a duration. The reasoning behind this program is rather simple. I tend to get distracted when I have full internet access, but I do need internet access during my working hours to get to a number of work-related websites. Clearly, this is not a permanent block, but only helps me to focus whenever I find myself wandering a bit too much. At the moment, I am using a Unix script that is called via AppleScript to obtain Administrator permissions. It then activates a number of ipfw rules and clears those after a specific duration to restore full internet access. Simple and effective, but since I am running as a standard user, it gets cumbersome to enter my administrator password each and every time I want to go "offline". Furthermore, this is a great opportunity to learn to work with XCode and Objective-C. At the moment, everything works as expected, minus the actual blocking. I can add a number of sites in a list, specify whether or not I want to block or allow these websites and I can "start" the blocking by specifying a time until which I want to stay "offline". However, I find it hard to obtain clear information on how I can run a privileged Unix command from Objective-C. Ideally, I would like to be able to store information with respect to the Administrator account into the Keychain to use these later on, so that I can simply move into "offline" mode with the convenience of clicking a button. Even more ideally, there might be some class in Objective-C with which I can block access to some/all websites for this particular user without needing to rely on privileged Unix commands. A third possibility is in starting this program with root permissions and the reducing the permissions until I need them, but since this is a GUI application that is nested in the menu bar of OS X, the results are rather awkward and getting it to run each and every time with root permission is no easy task. Anyone who can offer me some pointers or advice? Please, no security-warnings, I am fully aware that what I want to do is a potential security threat.

  Read the article

• Why can't I get my Azure, WCF, REST, SSL project working? What am I doing wrong?

  - by Mark E

  I'm trying to get SSL, WCF and REST under Azure, but the page won't even load. Here are the steps I followed: 1) I mapped the www.mydomain.com CNAME to my azuresite.cloudapp.net 2) I procured an SSL certificate for www.mydomain.com and properly installed it at my azuresite.cloudapp.net hosted service project 3) I deployed my WCF REST service to Azure and started it. Below is my web.config configuration. The http (non-https) binding version worked correctly. My service URL, http: //www.mydomain .com/service.svc/sessions worked just fine. When I deployed the project with the web.config below, enabling SSL, https: //www.mydomain .com/service.svc/sessions does not even pull up at all. What am I doing wrong? <system.serviceModel> <services> <service name="Service"> <!-- non-https worked just fine --> <!-- <endpoint address="" binding="webHttpBinding" contract="IService" behaviorConfiguration="RestFriendly"> </endpoint> --> <!-- This does not work, what am I doing wrong? --> <endpoint address="" binding="webHttpBinding" bindingConfiguration="TransportSecurity" contract="IService" behaviorConfiguration="RestFriendly"> </endpoint> </service> </services> <behaviors> <endpointBehaviors> <behavior name="RestFriendly"> <webHttp></webHttp> </behavior> </endpointBehaviors> </behaviors> <bindings> <webHttpBinding> <binding name="TransportSecurity"> <security mode="Transport"> <transport clientCredentialType="None"/> </security> </binding> </webHttpBinding> </bindings> </system.serviceModel>

  Read the article

• Should We Mask Passwords?

  - by Abi Noda

  From Jacob Nielson's "Stop Password Masking": Usability suffers when users type in passwords and the only feedback they get is a row of bullets. Typically, masking passwords doesn't even increase security, but it does cost you business due to login failures. What do you guys think?

  Read the article

• Why is C# suddenly so popular?

  - by leeand00

  Why is C# suddenly so popular? There's been like a repeat explosion in the blogs lately about it; It reminds me of the earlier part of this decade when all of those frameworks for Java came out like Spring, JSF, Hibernate, Struts, Struts2, Tapestry etc... I've actually been thinking about learning C#, and it seems to contain a lot of qualities that it has gotten from Java (aside from it being completely cross-platform) But, it almost seems like a step backwards to me...its not totally multi-platform, a language that's run by a corporation rather than a community... (But, knowing this isn't the case, I've come here to find out why it isn't...) P.S. And yes, I am aware of the Mono project so that you can run it on Linux, but isn't it always behind the curve? A new version of Java would be supported on all the platforms.

  Read the article

• MVC 2 AntiForgeryToken - Why symmetric encryption + IPrinciple?

  - by Brad R

  We recently updated our solution to MVC 2, and this has updated the way that the AntiForgeryToken works. Unfortunately this does not fit with our AJAX framework any more. The problem is that MVC 2 now uses symmetric encryption to encode some properties about the user, including the user's Name property (from IPrincipal). We are able to securely register a new user using AJAX, after which subsequent AJAX calls will be invalid as the anti forgery token will change when the user has been granted a new principal. There are also other cases when this may happen, such as a user updating their name etc. My main question is why does MVC 2 even bother using symmetric encryption? Any then why does it care about the user name property on the principal? If my understanding is correct then any random shared secret will do. The basic principle is that the user will be sent a cookie with some specific data (HttpOnly!). This cookie is then required to match a form variable sent back with each request that may have side effects (POST's usually). Since this is only meant to protect from cross site attacks it is easy to craft up a response that would easily pass the test, but only if you had full access to the cookie. Since a cross site attacker is not going to have access to your user cookies you are protected. By using symmetric encryption, what is the advantage in checking the contents of the cookie? That is, if I already have sent an HttpOnly cookie the attacker cannot override it (unless a browser has a major security issue), so why do I then need to check it again? After having a think about it it appears to be one of those 'added layer of security' cases - but if your first line of defence has fallen (HttpOnly) then the attacker is going to get past the second layer anyway as they have full access to the users cookie collection, and could just impersonate them directly, instead of using an indirect XSS/CSRF attack. Of course I could be missing a major issue, but I haven't found it yet. If there are some obvious or subtle issues at play here then I would like to be aware of them.

  Read the article

• Using java classes in Grails

  - by RN

  I have a Java\Spring\Hibernate application - complete with domain classes which are basically Hibernate POJOs There is a piece of functionality that I think can be written well in Grails. I wish to reuse the domain classes that I have created in the main Java app What is the best way to do so ? Should I write new domain classes extending the Java classes ? this sounds tacky Or Can I 'generate' controllers off the Java domain classes ? What are the best practices around reusing Java domain objects in Grails\Groovy I am sure there must be others writing some pieces in grails\groovy If you know about a tutorial which talks about such an integration- that would be awesome !!! PS: I am quite a newbie in grails-groovy so may be missing the obvious. Thanks !!!

  Read the article

• Grails and PermGen issue with g:link and g:render

  - by Alexi Groove

  I've been running grails for sometime without any issues but recently after an upgrade to Grails 1.1.1, I've encountered the dreaded PermGen errors. Prior to the upgrade, no such issue. The error seems to be happening when the <g:link> and <g:render> tags are used in a GSP although I'm not sure it's indicative that this is the issue but more of the fact that it ran out of space when these tags were being rendered. Typically, everyone who encounters PermGen errors recommend increasing your java environment options -- but what maybe the source of the issue? Is it a Grails 1.1/hibernate/spring problem? The error: 2010-04-20 05:37:03,962 INFO [STDOUT] 05:37:03,961 ERROR [GroovyPagesServlet] Error processing GSP: Error executing tag <g:render>: org.codehaus.groovy.grails.web.taglib.exceptions.GrailsTagException: Error executing tag <g:link>: java.lang.OutOfMemoryError: PermGen space org.codehaus.groovy.grails.web.taglib.exceptions.GrailsTagException: Error executing tag <g:render>: org.codehaus.groovy.grails.web.taglib.exceptions.GrailsTagException: Error executing tag <g:link>: java.lang.OutOfMemoryError: PermGen space

  Read the article

• Jetty 6 to Jetty 7 upgrade: what happened to system property "jetty.lib"? (-Djetty.lib=my/lib/dir)

  - by StaxMan

  Looks like Jetty team wanted to do some spring cleaning between versions 6 and 7, and it looks as if one useful system property, "jetty.lib" either does not exist, does not work, or just has changed in an unspecified way so as to make my jetty 6 set up work easily with Jetty 7. I tried searching through Jetty 7 docs, but about the only reference I saw was that "some commonly used properties (such as "jetty.home") still work as they used to". So, what am I missing? I really would want to avoid messing with things within Jetty distribution dirs (otherwise I could -- and maybe I have to? -- just use JETTY_BASE/lib/ext), and that's what "jetty.lib" was useful for.

  Read the article

• struts 2 bean is not created

  - by Dewfy

  Hello colleagues! At first some precondition to my question, I'm using struts2 + tiles2 + toplink. NO spring at all. The simplest scenario - is to display list of entities on the page. To optimize resolving JPA's EntityManager I would like to create helper (JPAResourceBean) that implements lazy load of entity manager. For this purposes I'm going to use struts2's bean declaration: <bean name="myfactory" class="my.model.JPAResourceBean" scope="session" optional="false"/> Why bean is not instantiated neither in session? (I'm using s:property just for debug) ... <s:property value="#session.myfactory" default="buka.1"/> ... nor in plain bean list: ... <s:property value="#myfactory" default="buka.2"/> ... May be the second part of question is - how to resolve this bean from java code?

  Read the article

• Automated regression tests for java applets?

  - by Roy Tang

  We're working on a project with a number of applets that has to work across a large range of OS (WIndows, Mac, Linux), browsers (IE, FF, Safari, etc) and Java versions (1.5+), and it often happens that a fix we apply will cause some sort of security exception an another platform or some other error. Is there any way for us to prepare automated tests to immediately catch those problems in different platforms? I think it's not necessary to check that the gui parts are appearing as intended, but just to detect whether unexpected exceptions are occuring.

  Read the article

• .NET Impersonate and file upload issues

  - by Jagd

  I have a webpage that allows a user to upload a file to a network share. When I run the webpage locally (within VS 2008) and try to upload the file, it works! However, when I deploy the website to the webserver and try to upload the file through the webpage, it doesn't work! The error being returned to me on the webserver says "Access to the path '\05prd1\emp\test.txt' is denied. So, obviously, this is a permissions issue. The network share is configured to allow full access both to me (NT authentication) and to the NETWORK SERVICE (which is .NET's default account and what we have set in our IIS application pool as the default user for this website). I have tried this with and without impersonation upon the webserver and neither way works, yet both ways work on my local machine (in other words, with and without impersonation works on my local machine). The code that does the file upload is below. Please note that the code below includes impersonation, but like I said above, I've tried it with and without impersonation and it's made no difference. if (fuCourses.PostedFile != null && fuCourses.PostedFile.ContentLength > 0) { System.Security.Principal.WindowsImpersonationContext impCtx; impCtx = ((System.Security.Principal.WindowsIdentity)User.Identity).Impersonate(); try { lblMsg.Visible = true; // The courses file to be uploaded HttpPostedFile file = fuCourses.PostedFile; string fName = file.FileName; string uploadPath = "\\\\05prd1\\emp\\"; // Get the file name if (fName.Contains("\\")) { fName = fName.Substring( fName.LastIndexOf("\\") + 1); } // Delete the courses file if it is already on \\05prd1\emp FileInfo fi = new FileInfo(uploadPath + fName); if (fi != null && fi.Exists) { fi.Delete(); } // Open new file stream on \\05prd1\emp and read bytes into it from file upload FileStream fs = File.Create(uploadPath + fName, file.ContentLength); using (Stream stream = file.InputStream) { byte[] b = new byte[4096]; int read; while ((read = stream.Read(b, 0, b.Length)) > 0) { fs.Write(b, 0, read); } } fs.Close(); lblMsg.Text = "File Successfully Uploaded"; lblMsg.ForeColor = System.Drawing.Color.Green; } catch (Exception ex) { lblMsg.Text = ex.Message; lblMsg.ForeColor = System.Drawing.Color.Red; } finally { impCtx.Undo(); } } Any help on this would be very appreciated!

  Read the article

• Verify a X.509 certificate with Java ME and Bouncy Castle

  - by Dino

  Hi, Can anybody point me to an example of verifying a X.509 certificate with Bouncy Castle under Java ME? I can see how to easily do this in Java SE code with java.security.cert.Certificate.verify(), but I could not find an equivalent method in the lightweight BC API. Thanks in advance! Cheers Dino

  Read the article

• Connected host failed to respond (internal NAT address)

  - by MostRandom

  I'm writing my first C# web application that connects to an XML based service. It requires that I present a certificate and feed the XML stream. It seems to authenticate properly but then it gives the following error: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 10.1.10.4:3128 The funny thing is that I'm not on a proxy or anything like that. I'm connecting directly to the internet. At one point I we did use a proxy that with internal NAT address. So my question is: Does Visual Studio have some sort of default proxy setting that I need to change? This IP is no longer used for anything, so I know that I don't need to use any proxy authentication code. using System; using System.Data; using System.Configuration; using System.Collections; using System.Web; using System.Net; using System.Security.Cryptography.X509Certificates; using System.Web.Security; using System.Web.UI; using System.Web.UI.WebControls; using System.Web.UI.WebControls.WebParts; using System.Web.UI.HtmlControls; namespace WebApplication1 { public partial class _Default : System.Web.UI.Page { protected void Page_Load(object sender, EventArgs e) { Uri requestURI = new Uri("*site omitted*"); //Create the Request Object HttpWebRequest pageRequest = (HttpWebRequest)WebRequest.Create(requestURI); //After installing the cert on the server export a client cert to the working directory as Deluxe.cer string certFile = "*certificate omitted*"; X509Certificate cert = X509Certificate.CreateFromCertFile(certFile); //Pull in your Data, if it is from an external xml as below or create an xml string with variables if a dynamic post is required. string xmlPath = "*XML omitted*"; System.Xml.XmlDocument passXML = new System.Xml.XmlDocument(); passXML.Load(xmlPath); //XML String with the data needed to pass string postData = passXML.OuterXml; //Set the Request Object parameters pageRequest.ContentType = "application/x-www-form-urlencoded"; pageRequest.Method = "POST"; pageRequest.AllowWriteStreamBuffering = false; pageRequest.AllowAutoRedirect = false; pageRequest.ClientCertificates.Add(cert); postData = "xml_data=" + Server.UrlEncode(postData); pageRequest.ContentLength = postData.Length; //Create the Post Stream Object System.IO.StreamWriter postStream = new System.IO.StreamWriter(pageRequest.GetRequestStream()); //Write the data to the post stream postStream.Write(postData); postStream.Flush(); postStream.Close(); //Set the Response Object HttpWebResponse postResponse = (HttpWebResponse)pageRequest.GetResponse();

  Read the article

• Difference between Apache Tapestry and Apache Wicket

  - by Stephan Schmidt

  Apache Wicket ( http://wicket.apache.org/ ) and Apache Tapestry ( http://wicket.apache.org/ ) are both component oriented web frameworks - contrary to action based frameworks like Stripes - by the Apache Foundation. Both allow you to build your application from components in Java. They both look very similar to me. What are the differences between those two frameworks? Has someone experience in both? Specifically: How is their performance, how much can state handling be customized, can they be used stateless? What is the difference in their component model? What would you choose for which applications? How do they integrate with Guice, Spring, JSR 299? Edit: I have read the documentation for both and I have used both. The questions cannot be answered sufficently from reading the documentation, but from the experience from using these for some time, e.g. how to use Wicket in a stateless mode for high performance sites. Thanks.

  Read the article

• WebService doesn't read web.config

  - by phenevo

  Hi, I've got 3 connectionstrings in web.config, and I used theirs like this: using (SqlConnection connection = new SqlConnection(ConfigurationManager.ConnectionStrings["SomeName"].ConnectionString)) Every metgod is called by winforms application. One of webmethods doesn't work properly because it reads only one connectionString: data source=.\\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|aspnetdb.mdf;User Instance=true It's not a connectionString from my web.config . I invoke every method in the same way. How it's impossible ??

  Read the article

• ASP.NET Repeater Causing JQuery Image Slider

  - by Bry4n

  I have a jquery Image slider in a content page that worked fine. Once I converted it into a asp repeater the first image of the repeater would display twice, then run normally. Any idea on why the repeater is causing this? I think I discovered that the first image link <ItemTemplate> <a href='<%#Eval("Url")%>'> <img src='<%#Eval("Image")%>' alt="Spring Break 2011" rel='<h3><%#Eval("Title")%></h3><%#Eval("Caption")%>'/></a> </ItemTemplate> I have to place class="show" in the first item only. Does anyone know how to implement this during the first time it goes through. Hmm

  Read the article

< Previous Page | 374 375 376 377 378 379 380 381 382 383 384 385  | Next Page >