Search Results

Search found 32953 results on 1319 pages for 'access secret'.

Page 39/1319 | < Previous Page | 35 36 37 38 39 40 41 42 43 44 45 46  | Next Page >

  • When a new user is created on Centos 6, it takes a while (30 mins) before he can access his group folder

    - by Diepseun
    I created a new user and made it part of a certain group which has full access (777) to a folder. Checked the user in Samba, password the same as his Windows (XP) password, rebooted his desktop but he didn't have access to the folder. Checked the Samba group and config file and the user was defined as a member of the group. It didn't make sense and I then did something else for a while. When I tried again, without doing anything further about it, the user had access to the folder. I did restart the Samba server after my original changes. Thanks in advance.

    Read the article

  • How to Add the Windows Calculator to the Quick Access Toolbar in Microsoft Excel 2013

    - by Lori Kaufman
    Do you use the Windows Calculator to perform quick calculations while building spreadsheets in Excel? You can save time by adding the Calculator to the Quick Access Toolbar in Excel so you don’t have to leave the program to access the Calculator. To do this, click the down arrow on the right side of the Quick Access Toolbar and select More Commands from the drop-down menu. On the Quick Access Toolbar screen on the Excel Options dialog box, select Commands Not in the Ribbon from the Choose commands from drop-down list. Scroll down in the long list and select Calculator. Click Add to add the Calculator to the Quick Access Toolbar. Click OK to accept the change and close the Excel Options dialog box. You’ll see a Calculator icon on the Quick Access Toolbar. When you move your mouse over the icon, a hint displays saying “Custom.” Despite the label, when you click the icon, the Windows Calculator opens. The same procedure works for adding the Windows Calculator to Excel 2010, as well.     

    Read the article

  • How can I discourage the use of Access?

    - by Greg Buehler
    Lets pretend that a very large company (revenue numbers with more than 8 figures) is looking to do a refresh on a software system, particularly the dashboard used by employees. This system was originally put together in the early 1990's to handle inventory tracking and storage across a variety of facilities (10+). Since this large company is now in the process of implementing some of these inventory processes with SAP they are in need of a major refresh. The existing system: Microsoft Access project performs dashboard duties Unique shipping/receiving configurations at different facilities require unique forms and queries within the Access project Uses 3rd party libraries referenced by Access to directly interface with at control system (read: motors, conveyors, and counters) Individual SQL Server 2000 instances (some traces of pre-update SQL Server 6.0 documents) at each facility The Issue: This system started as a home brewed inventory tracking scheme with a single internal sponsor who is still in charge of the technical direction. The original sponsor prescribing the desired deliverables that are being called for in the current RFP. The RFP describes a system based around a single Access project. Any suggestion that Access is ill suited for a project of this scope are shot down under the reasoning that "it works for the scope now". Are there any case studies, notices, or statements that can be used to disuade this potential customer from repeating their mistake? Does Microsoft make any statements directly about when it is highly recommended to ditch Access?

    Read the article

  • Role based access to resources for a RESTful service

    - by mutex
    I'm still wrapping my head around REST, but I wonder if someone can help with any suggestions or approaches to role based access control for a RESTful service, particularly from the point of view of securing the data and how the URLs might look. It's probably best to consider an example: Say I have a REST service for Customers, and want to split the users of this REST service into Admin, Editor and Reader roles: Admins can change all attributes of a Customer resource Editors can change only some Readers can only view them. Access control rights are assigned to the Customers entities individually. So for example a user of the service might have admin rights to Customers 1,2 and 3 but Editor access to 4,5 and Reader access to 7,8,9. Now consider the user calling the service. What is a good way to seperate the list of Customers for the current User? GET /Customer - this might get a list of all customers that the current user has Admin\Editor\Reader access to. But then on each Customer the consumer would need an indication of what role they have. Or would it be "better" having something like GET /Customer/Admin - return all customers the current user has Admin access to. Just looking for some high level pointers or reading on a decent way to secure\filter the resources based on roles of the current user.

    Read the article

  • How to Disable Access to the Registry in Windows 7

    - by Mysticgeek
    If you don’t know what your doing in the Registry, you can mess up your computer pretty good. Today we show you how to prevent users from accessing the Registry and making any changes to it. Using Local Group Policy Editor Note: This method uses Group Policy Editor which is not available in Home versions of Windows. First type gpedit.msc into the Search box in the Start menu. When Group Policy Editor opens, navigate to User Configuration \ Administrative Templates then select System. Under Setting in the right panel double-click on Prevent access to registry editing tools. Select the radio button next to Enabled, click OK, then close out of Group Policy Editor. Now if a user tries to access the Registry… They will get the following message advising they cannot access it.   Using Registry Enabler & Disabler 3 If you’re using Home or Starter version of Windows 7, you can use a neat utility called Registry Enabler & Disabler (link below). This app works on XP and Vista as well. There is no installation involved so you can run it from a flash drive, disable the registry, then take the flash drive with you while a the user is on the machine.   Again, if the user tries to access the Registry they will get the following error… Using one of these options will stop users from gaining access to the Registry or running any registry hacks. Of course if you have a shared computer, you may want to set up other users with a Standard Account, as they won’t be able to make changes to the Registry anyway. Download Registry Enabler & Disabler 3 Similar Articles Productive Geek Tips Disable Notification Balloons in XPDisable/Enable Lock Workstation Functionality (Windows + L)Disable Windows Mobility Center in Windows 7 or VistaRegistry Hack to Disable Writing to USB DrivesSpeed Up Disk Access by Disabling Last Access Updating in Windows XP TouchFreeze Alternative in AutoHotkey The Icy Undertow Desktop Windows Home Server – Backup to LAN The Clear & Clean Desktop Use This Bookmarklet to Easily Get Albums Use AutoHotkey to Assign a Hotkey to a Specific Window Latest Software Reviews Tinyhacker Random Tips Acronis Online Backup DVDFab 6 Revo Uninstaller Pro Registry Mechanic 9 for Windows Fun with 47 charts and graphs Tomorrow is Mother’s Day Check the Average Speed of YouTube Videos You’ve Watched OutlookStatView Scans and Displays General Usage Statistics How to Add Exceptions to the Windows Firewall Office 2010 reviewed in depth by Ed Bott

    Read the article

  • Dlink DWA-556 Access point fails to start on 2.6.35-25 while 2.6.35-24 works. How can I do this with >2.6.35-24?

    - by Azendale
    I'm using hostapd to run an access point with a Dlink DWA-556 wireless N card. However, I can no longer get it to start when I use kernels greater than 2.6.35-24. Here's a log where I ran the uname -a&&hostapd -c <configfile> on the different kernel versions. Linux erikbandersen 2.6.35-24-generic #42-Ubuntu SMP Thu Dec 2 02:41:37 UTC 2010 x86_64 GNU/Linux Configuration file: hostapd.conf ctrl_interface_group=0 Opening raw packet socket for ifindex 248 BSS count 1, BSSID mask ff:ff:ff:ff:ff:ff (0 bits) SIOCGIWRANGE: WE(compiled)=22 WE(source)=21 enc_capa=0xf nl80211: Added 802.11b mode based on 802.11g information HT40: control channel: 2 secondary channel: 6 RATE[0] rate=10 flags=0x2 RATE[1] rate=20 flags=0x6 RATE[2] rate=55 flags=0x6 RATE[3] rate=110 flags=0x6 RATE[4] rate=60 flags=0x0 RATE[5] rate=90 flags=0x0 RATE[6] rate=120 flags=0x0 RATE[7] rate=180 flags=0x0 RATE[8] rate=240 flags=0x0 RATE[9] rate=360 flags=0x0 RATE[10] rate=480 flags=0x0 RATE[11] rate=540 flags=0x0 Passive scanning not supported Mode: IEEE 802.11g Channel: 2 Frequency: 2417 MHz Flushing old station entries Deauthenticate all stations Using interface wlan1 with hwaddr 1c:bd:b9:d5:e8:3c and ssid 'erikbandersen.com/freewifi' wlan1: Setup of interface done. MGMT (TX callback) ACK Malformed netlink message: len=436 left=256 plen=420 256 extra bytes in the end of netlink message MGMT (TX callback) ACK mgmt::proberesp cb MGMT (TX callback) ACK mgmt::proberesp cb MGMT (TX callback) ACK mgmt::proberesp cb mgmt::auth authentication: STA=3c:4a:92:0e:41:2f auth_alg=0 auth_transaction=1 status_code=0 wep=0 New STA wlan1: STA 3c:4a:92:0e:41:2f IEEE 802.11: authentication OK (open system) wlan1: STA 3c:4a:92:0e:41:2f MLME: MLME-AUTHENTICATE.indication(3c:4a:92:0e:41:2f, OPEN_SYSTEM) wlan1: STA 3c:4a:92:0e:41:2f MLME: MLME-DELETEKEYS.request(3c:4a:92:0e:41:2f) authentication reply: STA=3c:4a:92:0e:41:2f auth_alg=0 auth_transaction=2 resp=0 (IE len=0) MGMT (TX callback) ACK mgmt::auth cb wlan1: STA 3c:4a:92:0e:41:2f IEEE 802.11: authenticated mgmt::assoc_req association request: STA=3c:4a:92:0e:41:2f capab_info=0x421 listen_interval=10 Validating WMM IE: OUI 00:50:f2 OUI type 2 OUI sub-type 0 version 1 QoS info 0x0 HT: STA 3c:4a:92:0e:41:2f HT Capabilities Info: 0x102c handle_assoc STA 3c:4a:92:0e:41:2f - no greenfield, num of non-gf stations 1 handle_assoc STA 3c:4a:92:0e:41:2f - 20 MHz HT, num of 20MHz HT STAs 1 hostapd_ht_operation_update current operation mode=0x0 hostapd_ht_operation_update new operation mode=0x7 changes=2 new AID 1 wlan1: STA 3c:4a:92:0e:41:2f IEEE 802.11: association OK (aid 1) MGMT (TX callback) ACK mgmt::assoc_resp cb wlan1: STA 3c:4a:92:0e:41:2f IEEE 802.11: associated (aid 1) wlan1: STA 3c:4a:92:0e:41:2f MLME: MLME-ASSOCIATE.indication(3c:4a:92:0e:41:2f) wlan1: STA 3c:4a:92:0e:41:2f MLME: MLME-DELETEKEYS.request(3c:4a:92:0e:41:2f) wlan1: STA 3c:4a:92:0e:41:2f RADIUS: starting accounting session 4DAC8224-00000000 MGMT (TX callback) ACK mgmt::action cb MGMT (TX callback) ACK mgmt::proberesp cb MGMT (TX callback) ACK mgmt::proberesp cb MGMT (TX callback) ACK mgmt::proberesp cb MGMT (TX callback) ACK mgmt::proberesp cb MGMT (TX callback) ACK mgmt::proberesp cb Signal 2 received - terminating wlan1: STA 3c:4a:92:0e:41:2f MLME: MLME-DEAUTHENTICATE.indication(3c:4a:92:0e:41:2f, 1) wlan1: STA 3c:4a:92:0e:41:2f MLME: MLME-DELETEKEYS.request(3c:4a:92:0e:41:2f) Removing station 3c:4a:92:0e:41:2f hostapd_ht_operation_update current operation mode=0x7 hostapd_ht_operation_update new operation mode=0x0 changes=2 Flushing old station entries Deauthenticate all stations . Linux erikbandersen 2.6.35-25-generic #44-Ubuntu SMP Fri Jan 21 17:40:44 UTC 2011 x86_64 GNU/Linux Configuration file: hostapd.conf ctrl_interface_group=0 Opening raw packet socket for ifindex 248 BSS count 1, BSSID mask ff:ff:ff:ff:ff:ff (0 bits) SIOCGIWRANGE: WE(compiled)=22 WE(source)=21 enc_capa=0xf nl80211: Added 802.11b mode based on 802.11g information Allowed channel: mode=1 chan=1 freq=2412 MHz max_tx_power=27 dBm Allowed channel: mode=1 chan=2 freq=2417 MHz max_tx_power=27 dBm Allowed channel: mode=1 chan=3 freq=2422 MHz max_tx_power=27 dBm Allowed channel: mode=1 chan=4 freq=2427 MHz max_tx_power=27 dBm Allowed channel: mode=1 chan=5 freq=2432 MHz max_tx_power=27 dBm Allowed channel: mode=1 chan=6 freq=2437 MHz max_tx_power=27 dBm Allowed channel: mode=1 chan=7 freq=2442 MHz max_tx_power=27 dBm Allowed channel: mode=1 chan=8 freq=2447 MHz max_tx_power=27 dBm Allowed channel: mode=1 chan=9 freq=2452 MHz max_tx_power=27 dBm Allowed channel: mode=1 chan=10 freq=2457 MHz max_tx_power=27 dBm Allowed channel: mode=1 chan=11 freq=2462 MHz max_tx_power=27 dBm Allowed channel: mode=0 chan=1 freq=2412 MHz max_tx_power=27 dBm Allowed channel: mode=0 chan=2 freq=2417 MHz max_tx_power=27 dBm Allowed channel: mode=0 chan=3 freq=2422 MHz max_tx_power=27 dBm Allowed channel: mode=0 chan=4 freq=2427 MHz max_tx_power=27 dBm Allowed channel: mode=0 chan=5 freq=2432 MHz max_tx_power=27 dBm Allowed channel: mode=0 chan=6 freq=2437 MHz max_tx_power=27 dBm Allowed channel: mode=0 chan=7 freq=2442 MHz max_tx_power=27 dBm Allowed channel: mode=0 chan=8 freq=2447 MHz max_tx_power=27 dBm Allowed channel: mode=0 chan=9 freq=2452 MHz max_tx_power=27 dBm Allowed channel: mode=0 chan=10 freq=2457 MHz max_tx_power=27 dBm Allowed channel: mode=0 chan=11 freq=2462 MHz max_tx_power=27 dBm HT40: control channel: 2 secondary channel: 6 RATE[0] rate=10 flags=0x2 RATE[1] rate=20 flags=0x6 RATE[2] rate=55 flags=0x6 RATE[3] rate=110 flags=0x6 RATE[4] rate=60 flags=0x0 RATE[5] rate=90 flags=0x0 RATE[6] rate=120 flags=0x0 RATE[7] rate=180 flags=0x0 RATE[8] rate=240 flags=0x0 RATE[9] rate=360 flags=0x0 RATE[10] rate=480 flags=0x0 RATE[11] rate=540 flags=0x0 Passive scanning not supported Mode: IEEE 802.11g Channel: 2 Frequency: 2417 MHz Could not set channel for kernel driver wlan1: Unable to setup interface. My wireless card is listed as 02:00.0 Network controller: Atheros Communications Inc. AR5008 Wireless Network Adapter (rev 01) by lspci. Am I doing it wrong and there's a new way of doing it? I'm holding off upgrading to Natty because of this. What changed between the versions that would cause this? Should I report it as a bug?

    Read the article

  • OpenWorld 2013 Presentation Links

    - by Darin Pendergraft
    We have had a lot of requests for OpenWorld 2013 presentations that were delivered by the IDM team this year in San Francisco.  To make things easier, I have uploaded all of the presentations to SlideShare.  Here is a list of available presentations: ID Title CON8808 Enabling Business Growth in the new Economy CON8810 Who Should have Access to What CON8811 Converged Identity Governance for Speeding Up Business and Reducing Cost CON8813 Securing Privileged Accounts with an integrated IDM Solution CON8817 API Management - Enable your Infrastructure for Secure Mobile and Cloud Use CON8819 Context and Risk Aware Access Control Any Device AnyWhere CON8823 Access management for the Internet of Things CON8828 Justifying and Planning a Successful Identity Management Upgrade CON8833 Access at Scale for Hundreds of Millions of Users CON8834 Bring Your Own Identity CON8836 Leveraging the Cloud to Simplify Your Identity Management Implementation CON8837 Leverage Authorization to Monetize Content and Media Subscriptions CON8896 Securely Enabling Mobile Access for Business Transformation CON8902 Developing Secure Mobile Applications CON9024 Next-Generation Optimized Directory - Oracle Unified Directory CON9573 Managing the OIM platform with Oracle Enterprise Manager

    Read the article

  • Can I use netgroup at an NIS Client (Redhat) to restrict access to it?

    - by sdmythos_gr
    Our company has a central NIS configuration that we are using to access our teams servers (Redhat)... The current configuration allows all valid NIS authenticated users to connect to our servers. We cannot update or change something on the NIS Master Server... so... Is there a way to use netgroups or some other configuration to allow our team members to authenticate using the NIS server but still restrict access to all other users? Thanks!

    Read the article

  • Which application may I use to open an old Microsoft access database?

    - by skyeagle
    I have an old Microsoft access database (circa 2002 or so), which I need to extract data from. I don't have Microsoft Office available - the trial version I downloaded expired a week ago or so. I am looking for an open source solution or something similar that will allow me to open the database and extract the data - so I can throw away the database. BTW, can I use OpenOffice to access the data in the .mdb file? (I don't think the option is available IIRC)

    Read the article

  • Cisco ASA 5505 allowing inbound ICMPv6

    - by Astron
    I am trying to allow inbound unsolicited ICMPv6 requests from an external link-local address to my outside (external) interfaces link-local address. I can ping (echo-request) the external address and receive a pong (echo-reply) but ICMPv6 messages initiated on the far side are dropped. I am running 9.0(1) in order to use some of the newer features. Does the Cisco ASA not allow unsolicited inbound requests from a link-local address? Should it matter if all ICMPv6 is allowed? Statements being denied: %ASA-3-313008: Denied IPv6-ICMP type=129, code=0 from fe80::XXXX:XXXX:XXXX:XXXX on interface outside %ASA-3-313008: Denied IPv6-ICMP type=131, code=0 from fe80::XXXX:XXXX:XXXX:XXXX on interface outside %ASA-3-313008: Denied IPv6-ICMP type=131, code=0 from fe80::XXXX:XXXX:XXXX:XXXX on interface outside %ASA-3-313008: Denied IPv6-ICMP type=136, code=0 from fe80::XXXX:XXXX:XXXX:XXXX on interface outside %ASA-3-313008: Denied IPv6-ICMP type=136, code=0 from fe80::XXXX:XXXX:XXXX:XXXX on interface outside %ASA-3-313008: Denied IPv6-ICMP type=136, code=0 from fe80::XXXX:XXXX:XXXX:XXXX on interface outside I created both an inbound ACL and ICMP permit statements: access-list OUTSIDE-IN extended permit icmp6 any any access-list OUTSIDE-IN extended permit icmp6 any any membership-report access-list OUTSIDE-IN extended permit icmp6 any any membership-report 0 access-list OUTSIDE-IN extended permit icmp6 any any echo-reply 0 access-list OUTSIDE-IN extended permit icmp6 any any echo-reply access-list OUTSIDE-IN extended permit icmp6 any interface outside membership-report access-list OUTSIDE-IN extended permit icmp6 any interface outside membership-report 0 access-list OUTSIDE-IN extended permit icmp6 any6 any6 echo-reply access-list OUTSIDE-IN extended permit icmp6 any6 any6 membership-report access-list OUTSIDE-IN extended permit icmp6 any6 any6 echo-reply 0 access-list OUTSIDE-IN extended permit icmp6 any6 any6 membership-report 0 snip access-group OUTSIDE-IN in interface outside ipv6 icmp permit any inside ipv6 icmp permit any membership-report outside ipv6 icmp permit any echo-reply outside ipv6 icmp permit any router-advertisement outside ipv6 icmp permit any neighbor-solicitation outside ipv6 icmp permit any neighbor-advertisement outside ipv6 icmp permit any outside

    Read the article

  • How to properly deny Railo directory access through Apache

    - by Sn3akyP3t3
    I've been battle tested on this and failed to achieve my goal which is to deny all access to all directories except the Public directory and only allow access to all all other directories with specific IP addresses. To get Railo+Apache+Tomcat installed I pretty much followed this script: https://github.com/talltroym/Railo-Ubuntu-Installer-Script then verified settings with this tutorial: http://blog.nictunney.com/2012/03/railo-tomcat-and-apache-on-amazon-ec2.html From the installation script these mods are enabled: sudo a2enmod ssl sudo a2enmod proxy sudo a2enmod proxy_http sudo a2enmod rewrite sudo a2ensite default-ssl Outside of the script I copied the sites-available to sites-enabled then reloaded Apache. I have a directory created for Railo cmfl located at /var/www/Railo/ Navigating the browser to http ://Server_IP_Address/Railo forces ssl and relocates to https ://Server_IP_Address/Railo which shows off index.cfm. Not providing index.cfm and omitting https indicates that the DirectoryIndex directive and RewriteCond of Apache appears to be working for the sites-enabled VirtualHost. The problem I'm encountering is that I cannot seem to deny access to all directories except Public. My directory structure is rather simple and looks like this: Railo error Public NotPublic Sandbox These are my sites-enabled configurations: <VirtualHost *:80> ServerAdmin webmaster@localhost DocumentRoot /var/www #Default Deny All to prevent walking backwards in file system Alias /Railo/ "/var/www/Railo/" <Directory ~ ".*/Railo/(?!Public).*"> Order Deny,Allow Deny from All </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog ${APACHE_LOG_DIR}/access.log combined Alias /doc/ "/usr/share/doc/" <Directory "/usr/share/doc/"> Options Indexes MultiViews FollowSymLinks AllowOverride None Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 </Directory> DirectoryIndex index.cfm index.cfml default.cfm default.cfml index.htm index.html index.cfc RewriteEngine on RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R] </VirtualHost> and <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerAdmin webmaster@localhost DocumentRoot /var/www Alias /Railo/ "/var/www/Railo/" <Directory ~ "/var/www/Railo/(?!Public).*"> Order Deny,Allow Deny from All </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined Alias /doc/ "/usr/share/doc/" <Directory "/usr/share/doc/"> Options Indexes MultiViews FollowSymLinks AllowOverride None Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 </Directory> # SSL Engine Switch: # Enable/Disable SSL for this virtual host. SSLEngine on # A self-signed (snakeoil) certificate can be created by installing # the ssl-cert package. See # /usr/share/doc/apache2.2-common/README.Debian.gz for more info. # If both key and certificate are stored in the same file, only the # SSLCertificateFile directive is needed. SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key # Server Certificate Chain: # Point SSLCertificateChainFile at a file containing the # concatenation of PEM encoded CA certificates which form the # certificate chain for the server certificate. Alternatively # the referenced file can be the same as SSLCertificateFile # when the CA certificates are directly appended to the server # certificate for convinience. #SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt # Certificate Authority (CA): # Set the CA certificate verification path where to find CA # certificates for client authentication or alternatively one # huge file containing all of them (file must be PEM encoded) # Note: Inside SSLCACertificatePath you need hash symlinks # to point to the certificate files. Use the provided # Makefile to update the hash symlinks after changes. #SSLCACertificatePath /etc/ssl/certs/ #SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt # Certificate Revocation Lists (CRL): # Set the CA revocation path where to find CA CRLs for client # authentication or alternatively one huge file containing all # of them (file must be PEM encoded) # Note: Inside SSLCARevocationPath you need hash symlinks # to point to the certificate files. Use the provided # Makefile to update the hash symlinks after changes. #SSLCARevocationPath /etc/apache2/ssl.crl/ #SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl # Client Authentication (Type): # Client certificate verification type and depth. Types are # none, optional, require and optional_no_ca. Depth is a # number which specifies how deeply to verify the certificate # issuer chain before deciding the certificate is not valid. #SSLVerifyClient require #SSLVerifyDepth 10 # Access Control: # With SSLRequire you can do per-directory access control based # on arbitrary complex boolean expressions containing server # variable checks and other lookup directives. The syntax is a # mixture between C and Perl. See the mod_ssl documentation # for more details. #<Location /> #SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \ # and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \ # and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \ # and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \ # and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \ # or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/ #</Location> # SSL Engine Options: # Set various options for the SSL engine. # o FakeBasicAuth: # Translate the client X.509 into a Basic Authorisation. This means that # the standard Auth/DBMAuth methods can be used for access control. The # user name is the `one line' version of the client's X.509 certificate. # Note that no password is obtained from the user. Every entry in the user # file needs this password: `xxj31ZMTZzkVA'. # o ExportCertData: # This exports two additional environment variables: SSL_CLIENT_CERT and # SSL_SERVER_CERT. These contain the PEM-encoded certificates of the # server (always existing) and the client (only existing when client # authentication is used). This can be used to import the certificates # into CGI scripts. # o StdEnvVars: # This exports the standard SSL/TLS related `SSL_*' environment variables. # Per default this exportation is switched off for performance reasons, # because the extraction step is an expensive operation and is usually # useless for serving static content. So one usually enables the # exportation for CGI and SSI requests only. # o StrictRequire: # This denies access when "SSLRequireSSL" or "SSLRequire" applied even # under a "Satisfy any" situation, i.e. when it applies access is denied # and no other module can change it. # o OptRenegotiate: # This enables optimized SSL connection renegotiation handling when SSL # directives are used in per-directory context. #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> # SSL Protocol Adjustments: # The safe and default but still SSL/TLS standard compliant shutdown # approach is that mod_ssl sends the close notify alert but doesn't wait for # the close notify alert from client. When you need a different shutdown # approach you can use one of the following variables: # o ssl-unclean-shutdown: # This forces an unclean shutdown when the connection is closed, i.e. no # SSL close notify alert is send or allowed to received. This violates # the SSL/TLS standard but is needed for some brain-dead browsers. Use # this when you receive I/O errors because of the standard approach where # mod_ssl sends the close notify alert. # o ssl-accurate-shutdown: # This forces an accurate shutdown when the connection is closed, i.e. a # SSL close notify alert is send and mod_ssl waits for the close notify # alert of the client. This is 100% SSL/TLS standard compliant, but in # practice often causes hanging connections with brain-dead browsers. Use # this only for browsers where you know that their SSL implementation # works correctly. # Notice: Most problems of broken clients are also related to the HTTP # keep-alive facility, so you usually additionally want to disable # keep-alive for those clients, too. Use variable "nokeepalive" for this. # Similarly, one has to force some clients to use HTTP/1.0 to workaround # their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and # "force-response-1.0" for this. BrowserMatch "MSIE [2-6]" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 # MSIE 7 and newer should be able to use keepalive BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown DirectoryIndex index.cfm index.cfml default.cfm default.cfml index.htm index.html #Proxy .cfm and cfc requests to Railo ProxyPassMatch ^/(.+.cf[cm])(/.*)?$ http://127.0.0.1:8888/$1 ProxyPassReverse / http://127.0.0.1:8888/ #Deny access to admin except for local clients <Location /railo-context/admin/> Order deny,allow Deny from all # Allow from <Omitted> # Allow from <Omitted> Allow from 127.0.0.1 </Location> </VirtualHost> </IfModule> The apache2.conf includes the following: # Include the virtual host configurations: Include sites-enabled/ <IfModule !mod_jk.c> LoadModule jk_module /usr/lib/apache2/modules/mod_jk.so </IfModule> <IfModule mod_jk.c> JkMount /*.cfm ajp13 JkMount /*.cfc ajp13 JkMount /*.do ajp13 JkMount /*.jsp ajp13 JkMount /*.cfchart ajp13 JkMount /*.cfm/* ajp13 JkMount /*.cfml/* ajp13 # Flex Gateway Mappings # JkMount /flex2gateway/* ajp13 # JkMount /flashservices/gateway/* ajp13 # JkMount /messagebroker/* ajp13 JkMountCopy all JkLogFile /var/log/apache2/mod_jk.log </IfModule> I believe I understand most of this except the jk_module inclusion which I've noticed has an error that shows up in the logs that I can't sort out: [warn] No JkShmFile defined in httpd.conf. Using default /etc/apache2/logs/jk-runtime-status I've checked my Regular expression against the paths of the directories with RegexBuddy just to be sure that I wasn't correct. The problem doesn't appear to be Regex related although I may have something incorrect in the Directory directive. The Location directive seems to be working correctly for blocking out Railo admin site access.

    Read the article

  • Intermittent 403 errors when using allow to limit access to url with both explicit IP and SetEnvIf

    - by rbieber
    We are running Apache 2.2.22 on a Solaris 10 environment. We have a specific URL that we want to limit access to by IP. We recently implemented a CDN and now have the added complexity that the IP's that a request are shown to be coming from are actually the CDN servers and not the ultimate end user. In the case that we need to back the CDN out, we want to handle the case where either the CDN is forwarding the request, or the ultimate client is sending the request directly. The CDN sends the end user IP address in an HTTP header (for this scenario that header is called "User-IP"). Here is the configuration that we have put in place: SetEnvIf User-IP (\d+\.\d+\.\d+\.\d+) REAL_USER_IP=$1 SetEnvIf REAL_USER_IP "(10\.1\.2\.3|192\.168\..+)" access_allowed=1 <Location /uri/> Order deny,allow Allow from 10.1.2.3 192.168. allow from env=access_allowed Deny from all </Location> This seems to work fine for a time, however at some point the web server starts serving 403 errors to the end user - so for some reason it is restricting access. The odd thing is that a bounce of the web server seems to resolve the issue, but only for a time - then the behavior comes back. It might be worthwhile to note as well that this URL is delegated to a JBoss server via mod_jk. The denial of access is, however; confirmed to be at the Apache layer and the issue only seems to happen after the server has been running for some time.

    Read the article

  • How do Oracle Forms compare to Microsoft Access as a "front-end"?

    - by webworm
    I recently started a project where I was set to build an ADP based application in Access 2003. The font end GUI was going to be in Access while all the data resided in MS SQL Server. I say "was", because the powers that be have decided that Oracle Forms might be a better choice than Access and SQL Server. The place where I am doing this work is an Oracle shop where they use Oracle 10g. They also use Oracle Forms quite a bit internally. As for me I am always up for learning anything new. I have always been a rather "eclectic" developer (I work with .NET WinForms, ASP.NET, Java, C#, Python, and Access) so I would not mind moving to Oracle Forms as long as it could do the same things as MS Access (hopefully even more as VBA is rather limited). So my question is this. How does Oracle Forms (10g) compare to MS Access for developing a GUI application? Access uses VBA for it's language, what does Oracle Forms use? I know the Forms app is a Java applet. Does that means you can write Oracle Forms using Java?

    Read the article

  • Replace letters in a secret text

    - by kame
    Hello! I want to change every letter in a text to after next following letter. But this program doesnt work. Does anyone know why. Thanks in advance. There is also a minor problem with y and z. import string letters = string.ascii_lowercase text=("g fmnc wms bgblr rpylqjyrc gr zw fylb. rfyrq ufyr amknsrcpq ypc dmp. bmgle gr gl zw fylb gq glcddgagclr ylb rfyr'q ufw rfgq rcvr gq qm jmle. sqgle qrpgle.kyicrpylq() gq pcamkkclbcb. lmu ynnjw ml rfc spj. ") for x in range(1,24): text.replace(letters[x],letters[x+2]) print(text)

    Read the article

  • Use .htaccess to block *All* access to specific folders.

    - by Urda
    I am not sure how to do this, but I want to block all access to a specific set of folders on my web server. Say secret01 and secret 02... homeDir |- data |- www | |- .htaccess (file) | |- images | |- js | |- secret01 | |- secret02 | |... |... What rule(s) do I need to add to my root .htaccess file to do this? I want all access from the web blocked from going into these folders, period. Only way one could get to them would be over SFTP or SSH. So what rule am I looking for? I am preferably looking for a one-liner so I can add more folders or move it to another site down the road. I really would prefer if the rule could be placed in the .htaccess root file so I don't have to jump all over the place to lock and unlock folders.

    Read the article

  • What is a way to access .accdb files for reading and writing?

    - by JPJedi
    I have an Microsoft Access Database (.accdb) that stores information needed in an application. Is there a way to distribute my application with the access database without having the user have access installed or get the user to go and download and install the office runtime? The windows form application that uses the access database is developed in VB.net in Visual Studio 2008.

    Read the article

  • What is New in ASP.NET 4.0 Code Access Security

    - by HosamKamel
    ASP.NET Code Access Security (CAS) is a feature that helps protect server applications on hosting multiple Web sites, ASP.NET lets you assign a configurable trust level that corresponds to a predefined set of permissions. ASP.NET has predefined ASP.NET Trust Levels and Policy Files that you can assign to applications, you also can assign custom trust level and policy files. Most web hosting companies run ASP.NET applications in Medium Trust to prevent that one website affect or harm another site etc. As .NET Framework's Code Access Security model has evolved, ASP.NET 4.0 Code Access Security also has introduced several changes and improvements.   A Full post addresses the new changes in ASP.NET 4.0 is published at Asp.Net QA Team Here http://weblogs.asp.net/asptest/archive/2010/04/23/what-is-new-in-asp-net-4-0-code-access-security.aspx

    Read the article

  • T-SQL Equivalents for Microsoft Access VBA Functions

    If you need to migrate your Access application to SQL Server, don't count on The SQL Server Upsize Wizard in Microsoft Access to automatically convert your VBA functions. If you want to push the complex query processing done by your Access queries to the back end, you'll have to rewrite them in T-SQL.

    Read the article

  • How to Access a Windows Desktop From Your Tablet or Phone

    - by Chris Hoffman
    iPads and Android tablets can’t run Windows apps locally, but they can access a Windows desktops remotely — even with a physical keyboard. In a pinch, the same tricks can be used to access a Windows desktop from a smartphone. Microsoft recently launched their own official Remote Desktop app for iOS and Android devices. Microsoft’s official apps are primarily useful for businesses — if you’re a typical home user, you’ll want to use a different remote desktop solution. Microsoft’s Remote Desktop App Microsoft now offers official Remote Desktop apps for iPad and iPhone as well as Android tablets and smartphones. The apps use Microsoft’s RDP protocol to connect to remote Windows systems. They’re essentially just new clients for the Remote Desktop feature that has been included in Windows for more than a decade. There are big problems with these apps if you’re an average home user. Microsoft’s Remote Desktop server is not available on standard or Home versions of Windows, only Professional and Enterprise editions. If you do have the appropriate edition of Windows, you’ll have to set up port-forwarding and a dynamic DNS service if you want to access your Windows desktop from outside your local network. You could also set up a VPN — either way you’ll need to do some footwork. This app is a gift to businesses who are already using Remote Desktop and enthusiasts who have the more expensive versions of Windows and don’t mind the configuration process. To set this up, follow our guide to setting up Remote Desktop for Internet access and connect using the Remote Desktop app instead of traditional Remote Desktop clients. TeamViewer If you have the standard edition of Windows or you just don’t want to mess around with port-forwarding and dynamic DNS configuration, you’ll want to skip Remote Desktop and use something else. We like TeamViewer for this. Just as it’s a great way to remotely troubleshoot your relatives’ computers, it’s also a great way to remotely access your own computer. It doesn’t have the same limitations Microsoft’s Remote Desktop system has — it’s completely free for personal use, runs on any edition of Windows, and is easy to set up. There’s no messing around with port-forwarding or dynamic DNS configuration. To get started, just download and run the TeamViewer program on your computer. You can get started with it immediately, but you’ll want to set up unattended access to connect remotely without using the codes displayed on your screen. To connect, just install the TeamViewer mobile app and log in with the details the TeamViewer window displays. TeamViewer also offers software that runs on Mac and Linux, so you can remote-control other types of computers from your tablet. Other Options Microsoft’s Remote Desktop app and TeamViewer aren’t the only options, of course. There are a variety of different apps and services built for this. Splashtop is another fairly popular remote desktop solution that some people report as being faster. Unfortunately, it’s not entirely free — the iPad and iPhone app costs $20 at regular price. To use it over the Internet, you’ll have to purchase an additional “Anywhere Access Pack.” If you’re frustrated with TeamViewer’s speed and you don’t mind spending money, you may want to try Splashtop instead. As always, you could use any VNC server along with a VNC client app. VNC is the do-it-yourself solution — it’s an open protocol. Unlike Microsoft’s RDP protocol, you can install a VNC server of your own, configure it how you like, and use any mobile VNC client app. This is more flexible because you can install a VNC server on any edition of Windows or even non-Windows operating systems, but it otherwise has all the same issues — you have to worry about port-forwarding, setting up dynamic DNS, and securing your VNC server. Keep an eye on Chrome Remote Desktop. Chrome already offers a built-in remote desktop feature that allows you to remotely control your PC from another Windows, Mac, Linux, or Chrome OS device. Google is rumored to be building an Android app for Chrome Remote Desktop, which would allow you to easily access a computer running Chrome from Android tablets. Google’s solution is much more user-friendly for average people than Microsoft’s Remote Desktop solution, which is clearly geared towards businesses. Chrome Remote Desktop just requires signing in with a Google account. Remote desktop solutions like Microsoft’s Remote Desktop app and TeamViewer are also available for Windows tablets. On Windows RT devices like the Surface RT and Surface 2, they allow you to use the full Windows desktop that’s unavailable on your tablet.     

    Read the article

  • Anonymous Access and Sharepoint Web Services

    - by Stacy Vicknair
    A month or so ago I was working on a feature for a project that required a level of anonymity on the Sharepoint site in order to function. At the same time I was also working on another feature that required access to the Sharepoint search.asmx web service. I found out, the hard way, that the Sharepoint Web Services do not operate in an expected way while the IIS site is under anonymous access. Even though these web services expect requests with certain permissions (in theory) they never attempt to request those credentials when the web service is contacted. As a result the services return a 401 Unauthorized response. The fix for my situation was to restrict anonymous access to the area that needed it (in this case the control in question had support for being used in an ASP.NET app that I could throw in a virtual directory). After that I removed anonymous access from IIS for the site itself and the QueryService requests were working once more. Here’s a related article with a bit more depth about a similar experience: http://chrisdomino.com/Blog/Post/401-Reasons-Why-SharePoint-Web-Services-Don-t-Work-Anonymously?Length=4 Technorati Tags: Sharepoint,QueryService,WSS,IIS,Anonymous Access

    Read the article

  • Google I/O 2012 - OAuth 2.0 for Identity and Data Access

    Google I/O 2012 - OAuth 2.0 for Identity and Data Access Ryan Boyd Users like to keep their data in one place on the web where it's easily accessible. Whether it's YouTube videos, Google Drive files, Google contacts or one of many other types of data, users need a way to securely grant applications access to their data. OAuth is the key web standard for delegated data access and OAuth 2.0 is the next-generation version with additional security features. This session will cover the latest advances in how OAuth can be used for data access, but will also dive into how you can lower the barrier to entry for your application by allowing users to login using their Google accounts. You will learn, through an example written in Python, how to use OAuth 2.0 to incorporate user identity into your web application. Best practices for desktop applications, mobile applications and server-to-server use cases will also be discussed. From: GoogleDevelopers Views: 11 1 ratings Time: 58:56 More in Science & Technology

    Read the article

< Previous Page | 35 36 37 38 39 40 41 42 43 44 45 46  | Next Page >