Search Results

Search found 28693 results on 1148 pages for 'oracle advanced security'.

Page 394/1148 | < Previous Page | 390 391 392 393 394 395 396 397 398 399 400 401  | Next Page >

• Security Token/Cross Domain Cookie in Classic ASP?

  - by jlrolin

  I have an interesting conundrum. We have a site that is a completely separate domain, we'll say http://www.x.com and our own site that is http://www.y.com. The y.com site is actually a classic ASP site, and we aren't converting it to .NET at this time. The problem is that there is a link on x.com that redirects to y.com from a members area. We want to "authenticate" the user to make sure they are a member from the other site. If they are, they are directed to a members area on y.com. If not, they have to provide login information on y.com. Cookies obviously don't work due to the cross domain security, but is there a way around this? I've also looked at a service for tokens, but I'm not sure exactly how that works in Classic ASP. Any ideas or suggestions?

  Read the article

• Oracle aggregate function to return a random value for a group?

  - by tpdi

  The standard SQL aggregate function max() will return the highest value in a group; min() will return the lowest. Is there an aggregate function in Oracle to return a random value from a group? Or some technique to achieve this? E.g., given the table foo: group_id value 1 1 1 5 1 9 2 2 2 4 2 8 The SQL query select group_id, max(value), min(value), some_aggregate_random_func(value) from foo group by group_id; might produce: group_id max(value), min(value), some_aggregate_random_func(value) 1 9 1 1 2 8 2 4 with, obviously, the last column being any random value in that group.

  Read the article

• Oracle/c#: How do i use bind variables with select statements to return multiple records?

  - by twiga

  I have a question regarding Oracle bind variables and select statements. What I would like to achieve is do a select on a number different values for the primary key. I would like to pass these values via an array using bind values. select * from tb_customers where cust_id = :1 int[] cust_id = { 11, 23, 31, 44 , 51 }; I then bind a DataReader to get the values into a table. The problem is that the resulting table only contains a single record (for cust_id=51). Thus it seems that each statement is executed independently (as it should), but I would like the results to be available as a collective (single table). A workaround is to create a temporary table, insert all the values of cust_id and then do a join against tb_customers. The problem with this approach is that I would require temporary tables for every different type of primary key, as I would like to use this against a number of tables (some even have combined primary keys). Is there anything I am missing?

  Read the article

• upload an m4a file in flex, saving it as a blob in oracle, and retrieving metadata info from it

  - by Angus

  Hi, I currently have a FileUpload.mxml component that uploads a .m4a to an oracle database, retrieves metadata from the file and saves the metadata info in the database. to acheive this I use FileReference() and set up, amoung others, the dispatcher.addEventListener(DataEvent.UPLOAD_COMPLETE_DATA, completeHandler); So the file is posted to a php file which saves it as a blob. Once the blob is saved, the script sends a message back to flex to dispatch the upload_complete_data event. In the complete handler, the metadata is then retreived by reading the value back from the database into a custom made meta data reader. The metadata info is then saved via flex. This seems a little long winded. Has anyone else successfully achieved this using a different way?

  Read the article

• About SQL Server security

  - by Felipe Fiali

  I have an ASP.NET application which runs under the Classic .NET AppPool in IIS. I have a report to render from my website. The problem is SQL Server keeps telling me that it failed to create a connection to the datasource, because login failed for user IUSR. After adding that user directly to the databse I could get the report to work, but I'm concerned about security. By doing that, am I opening my specified databases to all websites hosted on IIS? Or is that account identity-specific?

  Read the article

• What is the impact/limitation of oracle select with large number of bind variables?

  - by Igal Serban

  We had our oracle server chocking during processing a select statement with close to 3500(!!) bind variables. This select is, obviously, build dynamically by code that we can't change. During the execution of this select the db server went to 100% cpu usage and our system almost halted. We know how to reproduce this problem. So we can prevent this specific condition. But I am wondering if there is a way to protect the db ( by configuration) from this type of problems.

  Read the article

• Using a password to generate two distinct hashes without reducing password security

  - by Nevins

  Hi there, I'm in the process of designing a web application that will require the storage of GPG keys in an encrypted format in a database. I'm planning on storing the user's password in a bCrypt hash in the database. What I would like to be able to do is to use that bCrypt to authenticate the user then use the combination of the stored bCrypt hash and another hash of the password to encrypt and decrypt the GPG keys. My question is whether I can do this without reducing the security of the password? I was thinking I may be able to use something like an HMAC-SHA256 of a static string using the password and a salt as the secret key. Is there a better way to do this that I haven't thought of? Thanks

  Read the article

• Is web.config more secure than a class?

  - by o-logn

  I was reading a tutorial on ASP.NET and third party API's and it mentioned that the API KEY and SECRET KEY should be stored in the web.config file, for security on production servers, instead of in the classes that use them. However, I'm not quite sure what's more secure about a web.config file than a class? I understand the convenience of storing it in a config file, but I don't see the security benefit?

  Read the article

• Oracle (Old?) Joins - A tool/script for conversion?

  - by Grasper

  I have been porting oracle selects, and I have been running across a lot of queries like so: SELECT e.last_name, d.department_name FROM employees e, departments d WHERE e.department_id(+) = d.department_id; ...and: SELECT last_name, d.department_id FROM employees e, departments d WHERE e.department_id = d.department_id(+); Are there any guides/tutorials for converting all of the variants of the (+) syntax? What is that syntax even called (so I can scour google)? Even better.. Is there a tool/script that will do this conversion for me (Preferred Free)? An optimizer of some sort? I have around 500 of these queries to port.. When was this standard phased out? Any info is appreciated.

  Read the article

• Security sandbox violation when connecting to Socket from flex

  - by KensoDev

  Hi, I am using a Socket (not xmlSocket) connection between flex applications and the server pushing messages. Now, when I connect from the local machine to the server everything is working file and running, connection is succesful and I get data back and forth. When I upload the application (flex) to the server and run it from there, I get a security sandBox violation message. Note: 1. I do have a crossdomain file with * wildcard both on port and on domain. 2. I created a Securiy.allowDomain("*") as well. Another thing. I also created another listener on that same server, listening to connections for port 843 (default) and this service just waited for a connection send policy file to the client and that's it. That did not solve the problem as well... That's next? What should I do to fix the problem? Appreciate your help. Avi

  Read the article

• Java Security filter together with thickbox pop-ups

  - by user197127

  Hi, I have a java application that uses a security filter to protect certain resources. If there is no user logged on, it will keep in session the request path and redirect to a logon page. After a successful logon, user is redirected to the original requested page. I have now added some thickbox (ajax bases pop-up) popups to the application. Unfortunately, when I get now a popup that is "secure" the filter redirects to a logon page (which is not a popup) and makes the whole application messy. Anyone with ideas on how to solve this? Thanks

  Read the article

• ASP .Net User Roles - ordering for a drop down.

  - by ilivewithian

  We are using the standard aspnet security features, we have need to set the order of the roles, purely for display purposes. We could just have a sequence number onto the end of the aspnet_roles table, but that feels kinds of hacky to me. Also if in future versions of asp the security get changed we will be in trouble. Is there a better way to do this that won't make me loose sleep each time a new version is pushed out?

  Read the article

• php: security question

  - by Syom

  in my cms i have index.php, where client must enter username and password. if they are correct, he'll moove to admin.php, where the cms is. but now hacker can enter to cms/admin.php, so my security now is awful. i know, that i can use $_SESSION variable. index.php - i can give some value to $_SESSION['error']: $_SESSION['error'] = TRUE, and in admin.php just verify it admin.php if($_SESSION['error'] == TRUE) { my script here... } else header("Location: index.php"); but i want to rich this effect without SESSION. could you give me an idea, how can i do it? thanks

  Read the article

• Is there a way to give a subquery an alias in Oracle 10g SQL?

  - by Matt Pascoe

  Is there a way to give a subquery in Oracle 11g an alias like: select * from (select client_ref_id, request from some_table where message_type = 1) abc, (select client_ref_id, response from some_table where message_type = 2) defg where abc.client_ref_id = def.client_ref_id; Otherwise is there a way to join the two subqueries based on the client_ref_id. I realize there is a self join, but on the database I am running on a self join can take up to 5 min to complete (there is some extra logic in the actual query I am running but I have determined the self join is what is causing the issue). The individual subqueries only take a few seconds to complete by them selves. The self join query looks something like: select st.request, st1.request from some_table st, some_table st1 where st.client_ref_id = st1.client_ref_id;

  Read the article

• Planning and Budgeting Cloud Service - Partner Webcast

  - by Mike.Hallett(at)Oracle-BI&EPM

  Normal 0 false false false EN-GB X-NONE X-NONE MicrosoftInternetExplorer4 Please join us for a 90 minutes live Partner Webcast which will overview the upcoming Oracle Planning and Budgeting Cloud Service (PBCS) offering on Tuesday, 26th November, 2013 at 5:00 pm CET / 4:00 pm UK. Look out for the joining URL and instruction in my November Newsletter coming soon. As a reminder, there was also a Partner Webcast recorded in August 2103 about PBCS which included a demo. Replay link here. Topics include: Latest news from Product Management; live demo; overview of assets and collaterals; Q&A session Oracle Planning and Budgeting Cloud Service (PBCS) offers organizations the market-leading Oracle Hyperion Planning and Budgeting solution delivered via Oracle’s public cloud service. /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0cm 5.4pt 0cm 5.4pt; mso-para-margin-top:0cm; mso-para-margin-right:0cm; mso-para-margin-bottom:10.0pt; mso-para-margin-left:0cm; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi; mso-fareast-language:EN-US;}

  Read the article

• Oracle (Old?) Joins - A tool for conversion?

  - by Grasper

  I have been porting oracle selects, and I have been running across a lot of queries like so: SELECT e.last_name, d.department_name FROM employees e, departments d WHERE e.department_id(+) = d.department_id; ...and: SELECT last_name, d.department_id FROM employees e, departments d WHERE e.department_id = d.department_id(+); Are there any guides/tutorials for converting all of the variants of the (+) syntax? What is that syntax even called (so I can scour google)? Even better.. Is there a tool that will do this conversion for me? When was this standard phased out? Any info is appreciated.

  Read the article

• php error message "Notice: Undefined index: aid"

  - by iaagty

  I'm looking for a complete list of security guidelines for programming and deploying PHP web sites and applications on an Apache (Linux) server. Basically, a "security check list" to run through before finishing a project. I.e., Cross Site Scripting Cross Site Request Forgery Sanitize form data that goes into database Disable register globals and error reporting in custom php.ini Upload files below web root ...(the list goes on) I did some searching on the internet and in this forum, but couldn't find a comprehensive, succinct, and complete list of guidelines. Thanks in advance.

  Read the article

• How do I do proximity search in Oracle right?

  - by hko19

  Oracle's NEAR operator for full text search returns a score based on the proximity of two or more query terms. For example: near((dog, bite), 6) matches if 'dog' and 'bite' occurs within 6 words. What if I'd like it to match if either 'dog' or 'cat' or any other type of animal occurs within 6 words of the word 'bite'? I tried: near(((dog OR cat OR animal), bite), 6) but I got: NEAR operand not a phrase, equivalence or another NEAR expression Rather than expanding all possible combination into multiple NEAR and 'or' them together, what is the proper way to write such query?

  Read the article

• Security when writing a PHP webservice?

  - by chustar

  I am writing a web service in PHP for the first time and had ran into some security problems. 1) I am planning to hash passwords using md5() before I write them to the database (or to authenticate the user) but I realize that to do that, I would have to transmit the password in plaintext to the server and hash it there. Because of this I thought of md5()ing it with javascript client side and then rehashing on the server but then if javascript is disabled, then the user can't login, right? 2) I have heard that anything that when the action is readonly, you should use GET but if it modifies the database, you should use POST. Isn't post just as transparent as GET, just not in the address bar?

  Read the article

• Are SqlCipher open cursors a security concern?

  - by user1178479

  I'm using SqlCipher with content providers. Right now, when I want to lock the app I just clear out the cached password. However, the app can continue to work with any open cursors. This means that re-opening the app grants access to the sensitive data. I fix this issue on the surface by redirecting to a login screen if the app doesn't have passwords. However, I'm concerned if there are any security issues with these open cursors or if I should just continue to block UI access and not worry? SqlCipher's docs say that it reads/writes encrypted pages on the fly, as opposed to decrypting the entire DB, this makes me think that open cursors are still secure. The main concern here is that someone loses their phone and then a knowledgeable individual can use these open cursors to extract sensitive data.

  Read the article

• Security in HTTP Adapters

  - by Debopam

  I just started using IBM Worklight 5.0. I have been going through the HTTP Adapters recently and have successfully been able to Run as "Invoke Worklight Procedure". But I am stuck with the Adapter execution in the App. To my knowledge I think this is some kind of security issue where the client request to Worklight Server is unauthorized (401). Can any tell me or refer to some blog/website where there are steps to overcome this problem? I already got some of the websites but at this moment I am really confused on how to use them.

  Read the article

• Crackers - How do they do it, how do we fight back?

  - by zedo

  As someone who is interested in learning more about the security side of technology, I ask you all the following questions: How is it that crackers crack software? What techniques are used to do so? I would imagine that the cracking methods depend upon the language the software is written in, right? Aside from using something like cloud-based security for SaaS ((software as a service) which isn't always an option), what choices does one have to prevent their software from being compromised?

  Read the article

• DRY vs Security and Maintainability with MVC and View Models

  - by Mystere Man

  I like to strive for DRY, and obviously it's not always possible. However, I have to scratch my head over a concept that seems pretty common in MVC, that of the "View Model". The View Model is designed to only pass the minimum amount of information to the view, for both security, maintainability, and testing concerns. I get that. It makes sense. However, from a DRY perspective, a View Model is simply duplicating data you already have. The View Model may be temporary, and used only as a DTO, but you're basically maintaing two different versions of the same model which seems to violate the DRY principal. Do View Models violate DRY? Are they a necessary evil? Do they do more good than bad?

  Read the article

• ssl security information on internet explorer 6

  - by user309984

  Hi all, I dont want that my webpage show security information about this page contains both secure and nonsecure... this only happen in ie6, i am testing with the program ietester. I know that the problem is in file mootools-1.11-uncompressed.js in this line if(!$("ie_ready")){var C=(window.location.protocol=="https:")?"://0":"javascript:void(0);";document.write('<\/script');$("ie_ready").onreadystatechange=function(){if(this.readyState=="complete"){A();}};}}else{window.addListener("load",A);document.addListener("DOMContentLoaded",A); i already try change the ://0 by https://0 and javascript: and javascript:false and # but the problem continues, when i remove this line from the mootools file the warning doesnt show but the code that i have to show some calendar doesnt work also, because i have something like /* and this doesnt work if i remove that line, can anyone help me??

  Read the article

• Installing Security Certifcates for all users on a Windows XP machine

  - by scott-thornton

  Hi, I am required to install two security certifcates on user's PC's to allow them to connect to a certain Australian Government website to perform searchs. I can perform this manually (via Certifcate Import Wizard) when the user has logged into the machine, however when a different user logs in, the certifcates need to be re-installed for that user as well. Q1. Can certifcates ( the file extension is .p12) be installed in such a way that any user using the PC can use the certifcates? Q2. Can the installation of the certifcates be automated ( via SMS? ) to install both certifcates and enter the requried password? Thanks,

  Read the article

< Previous Page | 390 391 392 393 394 395 396 397 398 399 400 401  | Next Page >