Search Results

Search found 25758 results on 1031 pages for 'oracle security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 380/1031 | < Previous Page | 376 377 378 379 380 381 382 383 384 385 386 387  | Next Page >

  • Flash security popup is unclickable on a layered window

    - by sjlewis
    I have a layered (TransparencyKey is set) winform w/ a WebBrowser control on it that navigates to a page that contains flash (swf). Everything works okay except that when flash shows a security popup, none of the buttons on the popup respond to mouse click, so I can't click Allow/Deny. Right-click works but only shows the context menu that is normal to flash. I tried overriding WndProc on the WebBrowser control, as suggested here, but it still does not respond to mouse click. If I comment out the TransparencyKey setting, even w/o the WndProc override, the buttons respond. I thought this'd be a container issue so I decided to host the swf file on the form, using the example here, but this, too, had the same problem w/ layered window. So, is there another way that can get around this problem? What is it w/ layered window that renders the buttons on the flash popup unclickable? What is it w/ flash...?

    Read the article

  • Objective-C Plugin Architecture Security (Mac, not iphone)

    - by Tom Dalling
    I'm possibly writing a plugin system for a Cocoa application (Mac, not iphone). A common approach is the make each plugin a bundle, then inject the bundle into the main application. I'm concerned with the security implications of doing this, as the bundle will have complete access to the Objective-C runtime. I am especially concerned with a plugin having access to the code that handles registration and serial keys. Another plugin system we are considering is based on distributed notifications. Basically, each plugin will be a separate process, and they will communicate via distributed notifications only. Is there a way to load bundles securely (e.g. sandboxing)? If not, do you see any problems with using distributed notifications? Are there any other plugin architectures that would be better?

    Read the article

  • outputting html in runtime in asp.net

    - by madness800
    Hi all, I'm building a website at the moment, I've some html fragment that is being stored into the database, I've been reading around that inserting HTML at runtime poses security risks by using the InnerHTML property of any html tag with runat server on it. So, my question is there any alternative way to safely display the html code and won't pose security risks and is it best to assume any textboxes on any given page is dangerous and process the text in the textboxes with Server.HtmlEncode before I store it to database? Cheers

    Read the article

  • ie6 p3p 'file download security warning'

    - by cometta
    i have a page inside iframe, so i set the header to "P3P","CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"" after that my page inside iframe able to load properly and i able to authenticate user with 'form' post . but on ie6, when i post 'form' inside iframe, i get ie6 message 'file download security warning on javascript file' . those javascript files are put on 'head' of pages inside iframe. how comes ie6 suddenly pop up dialog asking to download those files? anyone know which p3p parameter cause this problem?

    Read the article

  • Need a Security Scenario for asp.net webservice

    - by Karamafrooz
    I have developed a .Net 3.5 windows forms application. I also want to design a website that has a webservice with multiple Webmethods to query the database on the host machine. I want the webservice to be called ONLY through my winapp and my website! And I don't want any other people to be able to call and use my webservice but only some people who have access to the windows application that I have developed. I need a good security scenario for this! I truly appreciate anyone who can help me because this is my first experience of developing a webservice and I really need it to be as secure as I mentioned!

    Read the article

  • Making sure a web page is not cached, across all browsers.

    - by Edward Wilde
    Our investigations have shown us that not all browsers respect the http cache directives in a uniform manner. For security reasons we do not want certain pages in our application to cached, ever, by the web browser. This must work for at least the following browsers: Internet Explorer versions 6-8 FireFox versions 1.5 - 3.0 Safari version 3 Opera 9 Our requirement came from a security test. After logging out from our website you could press the back button and view cached pages.

    Read the article

  • FrameworkFolders support for WebCenter Portal

    - by Justin Paul-Oracle
    Oracle WebCenter Content Server includes components that provide a hierarchical folder interface, similar to a conventional file system, for organizing and managing some or all of the content in the repository. We used Contribution Folders (folders_g) which is being replaced by the new Folders (FrameworkFolders) component. The newer FrameworkFolders component fixes a number of limitations that folders_g had and adds a ton of new features. If you have played with the WebCenter Content mobile app, you will notice that it uses FrameworkFolders too. WebCenter Portal requires the use of the folders_g component. Given the fact that folders_g and FrameworkFolders component do not go well together and must never be enabled together on any system, you could never use the new features if you planned to use integrate Content with Portal. I still remember presenting a demo with a colleague for a client and he was showing off the mobile capabilities in Portal (which are pretty impressive by the way) and was getting all the glory; while I was sitting back wanting to show off the Content app but could not (no FrameworkFolders). Not any more; Oracle has released bundle patches for both WebCenter Content and Portal in April 2014 which bring home the support for FrameworkFolders. These patches will bring these products to version 11.1.1.8.3. You can enable support for FrameworkFolders on new Content and Portal installations where the folders_g component has never been enabled using the following patches: Download and apply the WebCenter Content MLR03 patch 18088049. Download and apply the WebCenter Portal BP3 patch 18085041. Download and apply the WebCenterConfigure component patch 18387955. Before applying this patch on the Content Server ensure that WebCenter Content MLR03 patch 18088049 has already been applied. You can find detailed instructions on how to enable FrameworkFolders support in the Oracle® Fusion Middleware Installation Guide for Oracle WebCenter Portal 11g Release 1 (11.1.1.8.3). There may be another bundle patches release (version 11.1.1.8.4) for many FMW products (including WebCenter Portal) in July 2014 which could further enhance the FrameworkFolders support.

    Read the article

  • How do you insert 9 MB file into a Blob Field Using Oracle.DataAccess?

    - by discwiz
    Trying to insert a large audio file into an Oracle 10g database and keep getting this error: ORA-01460: unimplemented or unreasonable conversion requested The byte array length of the audio file is 2702577. The procedure works with smaller array lengths, but not the larger ones. Here is my code and Thanks! Dim oracleConnection As New OracleClient.OracleConnection Dim Cmd As New OracleClient.OracleCommand Dim oracleDataAdapter As New OracleDataAdapter oracleConnection.ConnectionString = System.Configuration.ConfigurationManager.AppSettings("MasterConnectionODT") Cmd.Connection = oracleConnection Cmd.CommandText = "Audio.ADD_AUDIO" Cmd.CommandType = CommandType.StoredProcedure Dim aParam As New OracleClient.OracleParameter aParam.ParameterName = "I_FACILITY_ID_C" aParam.OracleType = OracleType.Char aParam.Value = FacID aParam.Direction = ParameterDirection.Input Cmd.Parameters.Add(aParam) aParam = New OracleParameter aParam.ParameterName = "I_TARP_ID_N" aParam.OracleType = OracleType.Number aParam.Value = TarpID aParam.Direction = ParameterDirection.Input Cmd.Parameters.Add(aParam) aParam = New OracleParameter aParam.ParameterName = "I_AUDIO_BLOB" aParam.OracleType = OracleType.Blob aParam.Value = Audio aParam.Direction = ParameterDirection.Input Cmd.Parameters.Add(aParam) Using oracleConnection oracleConnection.Open() Cmd.ExecuteNonQuery() End Using

    Read the article

  • serving files using django - is this a security vulnerability

    - by Tom Tom
    I'm using the following code to serve uploaded files from a login secured view in a django app. Do you think that there is a security vulnerability in this code? I'm a bit concerned about that the user could place arbitrary strings in the url after the upload/ and this is directly mapped to the local filesystem. Actually I don't think that it is a vulnerability issue, since the access to the filesystem is restricted to the files in the folder defined with the UPLOAD_LOCATION setting. UPLOAD_LOCATION = is set to a not publicly available folder on the webserver url(r'^upload/(?P<file_url>[/,.,\s,_,\-,\w]+)', 'aeon_infrastructure.views.serve_upload_files', name='project_detail'), @login_required def serve_upload_files(request, file_url): import os.path import mimetypes mimetypes.init() try: file_path = settings.UPLOAD_LOCATION + '/' + file_url fsock = open(file_path,"r") file_name = os.path.basename(file_path) file_size = os.path.getsize(file_path) print "file size is: " + str(file_size) mime_type_guess = mimetypes.guess_type(file_name) if mime_type_guess is not None: response = HttpResponse(fsock, mimetype=mime_type_guess[0]) response['Content-Disposition'] = 'attachment; filename=' + file_name #response.write(file) except IOError: response = HttpResponseNotFound() return response

    Read the article

  • How to send a Timestamp field to Oracle stored proc. from Java despite the DB config?

    - by Alfabravo
    I'm making a request from a java webapp to an Oracle' stored procedure which happens to have a Timestamp IN parameter. In the testing environment, it works sending: SimpleDateFormat dateFormat = new SimpleDateFormat("dd-MMM-yyyy hh:mm:ss a"); input.setTimestampField(dateFormat.format(new Date())); But in the production environment, it raises an exception ORA-01830: date format picture ends before converting entire input string. I know the testing environment should be a replica of the production site, but it is not in my hands to set them properly. And I need to send the Timestamp field despite the way they setup the database. Any ideas? Thanks in advance.

    Read the article

  • How would a php or java client authenticate if I'm using WCF w/ forms auth?

    - by Toran Billups
    I have a generic proof of concept WCF service that is using forms authentication to secure access. All works great when my client is .NET (vb code below) Dim client As SupplierServiceClient = New SupplierServiceClient() client.ClientCredentials.UserName.UserName = "[email protected]" client.ClientCredentials.UserName.Password = "password" Dim SupplierList As List(Of Supplier) = client.GetSuppliers() but as I want this to interop w/ anyone who can do SOAP 1.1/1.2 - how would a PHP or Java client connect? My WCF web.config is listed below (fyi) <system.serviceModel> <services> <service name="SampleApplicationWCF.Library.SupplierService" behaviorConfiguration="NorthwindBehavior"> <endpoint address="" name="wsHttpSupplierService" contract="SampleApplicationWCF.Library.ISupplierService" binding="wsHttpBinding" bindingConfiguration="wsHttp"/> <endpoint address="https://server/SampleApplicationWCF/SupplierService.svc/Basic" name="basicHttpSupplierService" contract="SampleApplicationWCF.Library.ISupplierService" binding="basicHttpBinding" bindingConfiguration="basicHttp"/> <endpoint contract="IMetadataExchange" binding="mexHttpBinding" address="mex"/> </service> </services> <bindings> <wsHttpBinding> <binding name="wsHttp"> <security mode="TransportWithMessageCredential"> <transport/> <message clientCredentialType="UserName" negotiateServiceCredential="false" establishSecurityContext="true"/> </security> </binding> </wsHttpBinding> <basicHttpBinding> <binding name="basicHttp"> <security mode="TransportWithMessageCredential"> <transport/> <message clientCredentialType="UserName"/> </security> </binding> </basicHttpBinding> </bindings> <behaviors> <serviceBehaviors> <behavior name="NorthwindBehavior"> <serviceMetadata httpGetEnabled="true"/> <serviceAuthorization principalPermissionMode="UseAspNetRoles"/> <serviceCredentials> <userNameAuthentication userNamePasswordValidationMode="MembershipProvider"/> </serviceCredentials> </behavior> </serviceBehaviors> </behaviors> </system.serviceModel>

    Read the article

  • Oracle Professional Developer, Ver. 6.0.33 for MS-DOS

    - by Frank Developer
    Hi, I'm trying to install this fossil in DOS 6.22, which is running in Microsoft Virtual PC 2007. I'm hoping that some of you veteran Oracle developers have any recollection of in what order do these diskette images need to be loaded, since I don't have any documentation available for 6.0.33. A friend emailed me the following 720K diskette images: INSTALLE.IMG RDBMS1.IMG RDBMS2.IMG RDBMS3.IMG RSF.IMG SQLLDR1.IMG SQLLDR2.IMG UTIL1.IMG UTIL2.IMG UTIL3.IMG Within Virtual PC, I capture a diskette image, one at a time, into Drive A: VPC's floppy disk emulation supports FAT12, so the supported diskette formats can be: 720K or 1.44MB. If anyone happens to have documentation for this legacy version, I would greatly appreciate a copy of it! Thank You.

    Read the article

  • Oracle - Is there any effects of not having a primary key on a table ?

    - by Sathya
    We use sequence numbers for primary keys on the tables. There are some tables where we dont really use the primary key for any querying purpose. But, we have Indexes on other columns. These are non-unique indexes. The queries use these non-primary key columns in the WHERE conditions. So, I dont really see any benefit of having a primary key on such tables. My experience with SQL 2000 was that, it used to replicate tables which had some primary key. Otherwise it would not. I am using Oracle 10gR2. I would like to know if there are any such side-effects of having tables that dont have primary key.

    Read the article

  • Oracle: Use of notational parameters which calling functions in insert statements not allowed ?

    - by Sathya
    Why does Oracle 10 R2 not allow use of notational parameters while calling functions in insert statements ? In my app, I'm calling a function in an insert statement. If use notational method of parameter passing, I get an ORA-00907: Missing right parenthesis error message INSERT INTO foo (a, b, c) VALUES (c, F1(P1=>'1', P2=>'2', P3 => '3'), e) Changing the same to position based parameter passing, and the same code gets compiled with no errors. INSERT INTO foo (a, b, c) VALUES (c, F1('1','2','3'), e) Why is this so ?

    Read the article

  • Security Token/Cross Domain Cookie in Classic ASP?

    - by jlrolin
    I have an interesting conundrum. We have a site that is a completely separate domain, we'll say http://www.x.com and our own site that is http://www.y.com. The y.com site is actually a classic ASP site, and we aren't converting it to .NET at this time. The problem is that there is a link on x.com that redirects to y.com from a members area. We want to "authenticate" the user to make sure they are a member from the other site. If they are, they are directed to a members area on y.com. If not, they have to provide login information on y.com. Cookies obviously don't work due to the cross domain security, but is there a way around this? I've also looked at a service for tokens, but I'm not sure exactly how that works in Classic ASP. Any ideas or suggestions?

    Read the article

  • Oracle aggregate function to return a random value for a group?

    - by tpdi
    The standard SQL aggregate function max() will return the highest value in a group; min() will return the lowest. Is there an aggregate function in Oracle to return a random value from a group? Or some technique to achieve this? E.g., given the table foo: group_id value 1 1 1 5 1 9 2 2 2 4 2 8 The SQL query select group_id, max(value), min(value), some_aggregate_random_func(value) from foo group by group_id; might produce: group_id max(value), min(value), some_aggregate_random_func(value) 1 9 1 1 2 8 2 4 with, obviously, the last column being any random value in that group.

    Read the article

  • Oracle/c#: How do i use bind variables with select statements to return multiple records?

    - by twiga
    I have a question regarding Oracle bind variables and select statements. What I would like to achieve is do a select on a number different values for the primary key. I would like to pass these values via an array using bind values. select * from tb_customers where cust_id = :1 int[] cust_id = { 11, 23, 31, 44 , 51 }; I then bind a DataReader to get the values into a table. The problem is that the resulting table only contains a single record (for cust_id=51). Thus it seems that each statement is executed independently (as it should), but I would like the results to be available as a collective (single table). A workaround is to create a temporary table, insert all the values of cust_id and then do a join against tb_customers. The problem with this approach is that I would require temporary tables for every different type of primary key, as I would like to use this against a number of tables (some even have combined primary keys). Is there anything I am missing?

    Read the article

  • upload an m4a file in flex, saving it as a blob in oracle, and retrieving metadata info from it

    - by Angus
    Hi, I currently have a FileUpload.mxml component that uploads a .m4a to an oracle database, retrieves metadata from the file and saves the metadata info in the database. to acheive this I use FileReference() and set up, amoung others, the dispatcher.addEventListener(DataEvent.UPLOAD_COMPLETE_DATA, completeHandler); So the file is posted to a php file which saves it as a blob. Once the blob is saved, the script sends a message back to flex to dispatch the upload_complete_data event. In the complete handler, the metadata is then retreived by reading the value back from the database into a custom made meta data reader. The metadata info is then saved via flex. This seems a little long winded. Has anyone else successfully achieved this using a different way?

    Read the article

  • What is the impact/limitation of oracle select with large number of bind variables?

    - by Igal Serban
    We had our oracle server chocking during processing a select statement with close to 3500(!!) bind variables. This select is, obviously, build dynamically by code that we can't change. During the execution of this select the db server went to 100% cpu usage and our system almost halted. We know how to reproduce this problem. So we can prevent this specific condition. But I am wondering if there is a way to protect the db ( by configuration) from this type of problems.

    Read the article

  • About SQL Server security

    - by Felipe Fiali
    I have an ASP.NET application which runs under the Classic .NET AppPool in IIS. I have a report to render from my website. The problem is SQL Server keeps telling me that it failed to create a connection to the datasource, because login failed for user IUSR. After adding that user directly to the databse I could get the report to work, but I'm concerned about security. By doing that, am I opening my specified databases to all websites hosted on IIS? Or is that account identity-specific?

    Read the article

  • Is web.config more secure than a class?

    - by o-logn
    I was reading a tutorial on ASP.NET and third party API's and it mentioned that the API KEY and SECRET KEY should be stored in the web.config file, for security on production servers, instead of in the classes that use them. However, I'm not quite sure what's more secure about a web.config file than a class? I understand the convenience of storing it in a config file, but I don't see the security benefit?

    Read the article

  • Oracle (Old?) Joins - A tool/script for conversion?

    - by Grasper
    I have been porting oracle selects, and I have been running across a lot of queries like so: SELECT e.last_name, d.department_name FROM employees e, departments d WHERE e.department_id(+) = d.department_id; ...and: SELECT last_name, d.department_id FROM employees e, departments d WHERE e.department_id = d.department_id(+); Are there any guides/tutorials for converting all of the variants of the (+) syntax? What is that syntax even called (so I can scour google)? Even better.. Is there a tool/script that will do this conversion for me (Preferred Free)? An optimizer of some sort? I have around 500 of these queries to port.. When was this standard phased out? Any info is appreciated.

    Read the article

  • Using a password to generate two distinct hashes without reducing password security

    - by Nevins
    Hi there, I'm in the process of designing a web application that will require the storage of GPG keys in an encrypted format in a database. I'm planning on storing the user's password in a bCrypt hash in the database. What I would like to be able to do is to use that bCrypt to authenticate the user then use the combination of the stored bCrypt hash and another hash of the password to encrypt and decrypt the GPG keys. My question is whether I can do this without reducing the security of the password? I was thinking I may be able to use something like an HMAC-SHA256 of a static string using the password and a salt as the secret key. Is there a better way to do this that I haven't thought of? Thanks

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 376 377 378 379 380 381 382 383 384 385 386 387  | Next Page >