Search Results

Search found 149 results on 6 pages for 'expiry'.

Page 4/6 | < Previous Page | 1 2 3 4 5 6  | Next Page >

  • It's not just “Single Sign-on” by Steve Knott (aurionPro SENA)

    - by Greg Jensen
    It is true that Oracle Enterprise Single Sign-on (Oracle ESSO) started out as purely an application single sign-on tool but as we have seen in the previous articles in this series the product has matured into a suite of tools that can do more than just automated single sign-on and can also provide rapidly deployed, cost effective solution to many demanding password management problems. In the last article of this series I would like to discuss three cases where customers faced password scenarios that required more than just single sign-on and how some of the less well known tools in the Oracle ESSO suite “kitbag” helped solve these challenges. Case #1 One of the issues often faced by our customers is how to keep their applications compliant. I had a client who liked the idea of automated single sign-on for most of his applications but had a key requirement to actually increase the security for one specific SOX application. For the SOX application he wanted to secure access by using two-factor authentication with a smartcard. The problem was that the application did not support two-factor authentication. The solution was to use a feature from the Oracle ESSO suite called authentication manager. This feature enables you to have multiple authentication methods for the same user which in this case was a smartcard and the Windows password.  Within authentication manager each authenticator can be configured with a security grade so we gave the smartcard a high grade and the Windows password a normal grade. Security grading in Oracle ESSO can be configured on a per application basis so we set the SOX application to require the higher grade smartcard authenticator. The end result for the user was that they enjoyed automated single sign-on for most of the applications apart from the SOX application. When the SOX application was launched, the user was required by ESSO to present their smartcard before being given access to the application. Case #2 Another example solving compliance issues was in the case of a large energy company who had a number of core billing applications. New regulations required that users change their password regularly and use a complex password. The problem facing the customer was that the core billing applications did not have any native user password change functionality. The customer could not replace the core applications because of the cost and time required to re-develop them. With a reputation for innovation aurionPro SENA were approached to provide a solution to this problem using Oracle ESSO. Oracle ESSO has a password expiry feature that can be triggered periodically based on the timestamp of the users’ last password creation therefore our strategy here was to leverage this feature to provide the password change experience. The trigger can launch an application change password event however in this scenario there was no native change password feature that could be launched therefore a “dummy” change password screen was created that could imitate the missing change password function and connect to the application database on behalf of the user. Oracle ESSO was configured to trigger a change password event every 60 days. After this period if the user launched the application Oracle ESSO would detect the logon screen and invoke the password expiry feature. Oracle ESSO would trigger the “dummy screen,” detect it automatically as the application change password screen and insert a complex password on behalf of the user. After the password event had completed the user was logged on to the application with their new password. All this was provided at a fraction of the cost of re-developing the core applications. Case #3 Recent popular initiatives such as the BYOD and working from home schemes bring with them many challenges in administering “unmanaged machines” and sometimes “unmanageable users.” In a recent case, a client had a dispersed community of casual contractors who worked for the business using their own laptops to access applications. To improve security the around password management the security goal was to provision the passwords directly to these contractors. In a previous article we saw how Oracle ESSO has the capability to provision passwords through Provisioning Gateway but the challenge in this scenario was how to get the Oracle ESSO agent to the casual contractor on an unmanaged machine. The answer was to use another tool in the suite, Oracle ESSO Anywhere. This component can compile the normal Oracle ESSO functionality into a deployment package that can be made available from a website in a similar way to a streamed application. The ESSO Anywhere agent does not actually install into the registry or program files but runs in a folder within the user’s profile therefore no local administrator rights are required for installation. The ESSO Anywhere package can also be configured to stay persistent or disable itself at the end of the user’s session. In this case the user just needed to be told where the website package was located and download the package. Once the download was complete the agent started automatically and the user was provided with single sign-on to their applications without ever knowing the application passwords. Finally, as we have seen in these series Oracle ESSO not only has great utilities in its own tool box but also has direct integration with Oracle Privileged Account Manager, Oracle Identity Manager and Oracle Access Manager. Integrated together with these tools provides a complete and complementary platform to address even the most complex identity and access management requirements. So what next for Oracle ESSO? “Agentless ESSO available in the cloud” – but that will be a subject for a future Oracle ESSO series!                                                                                                                               

    Read the article

  • Calculated Fields - Idiosyncracies

    - by PointsToShare
    © 2011 By: Dov Trietsch. All rights reserved Calculated Fields and some of their Idiosyncrasies Did you try to write a calculate field formula directly into the screen? Good Luck – You’ll need it! Calculated Fields are a sophisticated OOB feature of SharePoint, so you could think that they are best left to the end users – at least to the power users. But they reach their limits before the “Professionals “do, and the tough ones come back to us anyway. Back to business; the simpler the formula, the easier it is. Still, use your favorite editor to write it, then cut it and paste it to the ridiculously small window. What about complex formulae? Write them in steps! Here is a case in point and an idiosyncrasy or two. Our welders need to be certified and recertified every two years. Some of them are certifiable…., but I digress. To be certified you need to pass an eye exam, and two more tests – test A and test B. for each of those you have an expiry date. When renewed, each expiry date is advanced by two years from the date of renewal. My users wanted a visual clue so that when the supervisor looks at the list, she’ll have a KPI symbol telling her if anything expired (Red), is going to expire within the next 90 days (Yellow) or is not to be worried about (green). Not all the dates are filled and any blank date implies a complete lack of certification in the particular requirement. Obviously, I needed to figure the minimal of these 3 dates – a simple enough formula: =MIN([Date_EyeExam], {Date_TestA], [Date_TestB]). Aha! Here is idiosyncrasy #1. When one of the dates is a null, MIN(Date1, Date2) returns the non null date. Null is construed as “Far, far away”. The funny thing is that when you compare it to Today, the null is the lesser one. So a null it is less than today, but not when MIN is calculated. Now, to me the fact that the welder does not have an exam date, is synonymous with his exam being prehistoric, or at least past due. So here is what I did: Solution: Let’s set a blank date to 1/1/1800. How will we do that? Use the IF. IF([Field] rel relValue, TrueValue, FalseValue). rel is any relationship operator <, >, <=, >=, =, <>. If the field is related to the relValue as prescribed, the “IF” returns the TrueValue, otherwise it returns the FalseValue. Thus: =IF([SomeDate]="",1/1/1800,[SomeDate]) will return 1/1/1800 if the date is blank and the date itself if not. So, using this formula, if the welder missed an exam, the returned exam date will be far in the past. It would be nice if we could take such a formula and make it into a reusable function. Alas, here is a calculated field serious shortcoming: You cannot write subs and functions!! Aha, but we can use interim calculated fields! So let’s create 3 calculated fields as follows: 1: c_DateTestA as a calculated field of the date type, with the formula:  IF([Date_TestA]="",1/1/1800,[Date_TestA]) 2: c_DateTestB as a calculated field of the date type, with the formula:  IF([Date_TestB]="",1/1/1800,[Date_TestB]) 3: c_DateEyeExam as a calculated field of the date type, with the formula:  IF([Date_EyeExam]="",1/1/1800,[Date_EyeExam]) And now use these to get c_MinDate. This is again a calculated field of type date with the formula: MIN(c_DateTestA, cDateTestB, c_DateEyeExam) Note that I missed the square parentheses. In “properly named fields – where there are no embedded spaces, we don’t need the square parentheses. I actually strongly recommend using underscores in place of spaces in all the field names in your lists. Among other things, it makes using CAML much simpler. Now, we still need to apply the KPI to this minimal date. I am going to use the available KPI graphics that come with SharePoint and are always available in your 12 hive. "/_layouts/images/kpidefault-2.gif" is the Red KPI "/_layouts/images/kpidefault-1.gif" is the Yellow KPI "/_layouts/images/kpidefault-0.gif" is the Green KPI And here is the nested IF formula that will do the trick: =IF(c_MinDate<=Today,"/_layouts/images/kpidefault-2.gif", IF(cMinDate<Today+90,"/_layouts/images/kpidefault-1.gif","/_layouts/images/kpidefault-0.gif")) Nice! BUT when I tested, it did not work! This is Idiosyncrasy #2: A calculated field based on a calculated field based on a calculated field does not work. You have to stop at two levels! Back to the drawing board: We have to reduce by one level. How? We’ll eliminate the c_DateX items in the formula and replace them with the proper IF formulae. Notice that this needs to be done with precision. You are much better off in doing it in your favorite line editor, than inside the cramped space that SharePoint gives you. So here is the result: MIN(IF([Date_TestA]="",1/1/1800,[ Date_TestA]), IF([Date_TestB]="",1/1/1800,[ Date_TestB]), 1/1/1800), IF([Date_EyeExam]="",1/1/1800,[Date_EyeExam])) Note that I bolded the parentheses and painted them red. They have to match for this formula to work. Now we can leave the KPI formula as is and test again. This time with SUCCESS! Conclusion: build the inner functions first, and then embed them inside the outer formulae. Do this as long as necessary. Use your favorite line editor. Limit yourself to 2 levels. That’s all folks! Almost! As soon as I finished doing all of the above, my users added yet another level of complexity. They added another test, a test that must be passed, but never expires and asked for yet another KPI, this time in Black to denote that any test is not just past due, but altogether missing. I just finished this. Let’s hope it ends here! And OH, the formula  =IF(c_MinDate<=Today,"/_layouts/images/kpidefault-2.gif",IF(cMinDate<Today+90,"/_layouts/images/kpidefault-1.gif","/_layouts/images/kpidefault-0.gif")) Deals with “Today” and this is a subject deserving a discussion of its own!  That’s all folks?! (and this time I mean it)

    Read the article

  • Selective Disable APC caching

    - by Victor
    I installed APC on my VPS and it works great with W3 Cache wordpress plugin. My problem is that there is one database in MySQL which is pinged by client end every few seconds to see if there are new updates. These db contains certain time sensitive information and hence it can't be part of cached data. How can I disable APC for this database/files? or Can I set a very short expiry of certain type of data? Any help is highly appreciated.

    Read the article

  • Visual Query Builder

    - by johnnyArt
    If been using "dbForge Query Builder" lately and I'm gotten used to the ease of building and testing a query, specially for those complex ones with inner joins, aliases and multiple conditionals. The expiry date of the trial is about to come, and while wanting to remain on the legal side for this I'd rather not pay the 50USD it costs (although I must say it's pretty cheap for what it does). So my question would be: Are there any free alternatives to replace this visual query builder? I've failed to find any and fear that my only two options are paying for it, or going to the dark side.

    Read the article

  • Password expiration notice for Active Directory

    - by keithosu
    Are there any tools/apps/scripts out there that will do password expiry notification for Windows 2008 Active Directory credentials? This is needed for our web apps that use Active Directory for LDAP authentication. The problem is those apps do not notify you that your password is going to expire when you login. We have many offsite users who do not have machines bound to the AD. So there is no way to let them know to reset their password. I'd like the user to be notified 30,7 and 1 day before it expires. I'd also like our help desk to get an email for the expiring passwords for the week and recently expired passwords. I've looked at oldcmp.exe from link text and that gets me my reports but it does not do the automation that I'm looking for on the individual users.

    Read the article

  • What is the nameserver in soa used for?

    - by John Lee
    Hey can you tell me what the nameserver in the soa record is for? name ttl class rr name-server email-addr (sn ref ret ex min) example.com. IN SOA **ns.example.com** (this nameserver). hostmaster.example.com. ( 2003080800 ; sn = serial number 172800 ; ref = refresh = 2d 900 ; ret = update retry = 15m 1209600 ; ex = expiry = 2w 3600 ; min = minimum = 1h ) ; the following are also valid using @ and blank @ IN SOA ns.example.com. hostmaster.example.com. ( IN SOA ns.example.com. hostmaster.example.com. ( so if I were to add 5 nameservers, and I put the first nameserver on soa, and this server was not working will the user go to the next nameserver?

    Read the article

  • Configuring favicon with expires header in htaccess

    - by thehuby
    I have implemented Expires headers via mod_expires on my Apache server and have successfully created expires headers for most file types, however I am having trouble with the favicon. I initially tried adding a set of instructions for the .ico files but when checking via YSlow it has no expiry set. When this didn't work I amended it to be a GIF, however this seems to have the same issue. Other gif's on the website have correctly set expires headers (accoridng to YSlow at least). Can anyone shed any light on this situation?

    Read the article

  • How do I schedule a task to run every hour indefinitely on Server 2003

    - by JMK
    I am moving a scheduled task from a Windows 7 machine to a Windows Server 2003 machine. On Windows 7 I can configure my task to run every hour indefinitely by setting up a custom trigger like so: On Windows Server 2003, I assume I need to use the advanced schedule options, and I have got this far: Whether I choose duration or time, my task seems to have an expiry date, how do I get this to run indefinitely? The only thing I can think of at the minute is to setup 24 schedules for my task, one for each hour but there has to be a more elegant way. Thanks

    Read the article

  • Can expire_logs_days be less than 1 day in MySQL?

    - by Scott
    So... yesterday I received an "after the fact email" about a campaign that has started for one of the services that I run. Now the DB server is getting hammered, hard, to the tune of about 300mb/min in binary logging for the replicate. As you could imagine, this is chewing up space at a fairly tremendous rate. My normal 7 day expiry of binary logs just isn't cutting it. I've resorted to truncating logs to just the last for 4 hours with(I'm verifying that replication is up to date with mk-heartbeat): PURGE MASTER LOGS BEFORE DATE_SUB( NOW(), INTERVAL 4 HOUR); I'm just running that from cron every few hours to weather the storm, but it made me question the minimum value for expire_logs_days. I haven't come across a value that is less than 1, but that doesn't mean that it isn't possible. http://dev.mysql.com/doc/refman/5.0/en/server-system-variables.html#sysvar_expire_logs_days gives the type as being numeric, but doesn't indicate if it's expecting integers.

    Read the article

  • Creating a seperate static content site for IIS7 and MVC

    - by JK01
    With reference to this serverfault blog post: A Few Speed Improvements where it talks about how static content for stackexchange is served from a separate cookieless domain... How would someone go about doing this on IIS7.5 for a ASP.NET MVC site? The plan so far: Register domain eg static.com, create a new website in IIS Manually copy the js / css / images folders from MVC as is so that they have the same paths on the new server Enable IIS gzip settings (js/css = high compression, images = none) Set caching with far future expiry dates <clientCache cacheControlCustom="public" /> in the web.config Never set any cookies on the static.com site Combine and minimize js / css Auto deploy changes in static content with WebDeploy Is this plan correct? And how can you use WebDeploy to deploy the whole web app to one server and then only the static items to another? I can see there is a similar question, but for apache: Creating a cookie-free domain to serve static content so it doesn't apply

    Read the article

  • How to dump the Subject Alternative Name (SAN) from an SSL certificate file

    - by LonelyPixel
    I know that I can dump the entire information from a PEM certificate file with this command: openssl x509 -in certfile -noout -text And I've already found another direct parameter to show me only the expiry date of a certificate: openssl x509 -in certfile -noout -enddate But is there also a shortcut to get only the alternative names? Like when a certificate can be used for example.com as well as www.example.com. In the full dump, it's here: Certificate: Data: X509v3 extensions: X509v3 Subject Alternative Name: DNS:www.example.com, DNS:example.com I'd just like to save me the hassle to parse this output and get the domain names only. Is that possible? Otherwise, what would be best practices to parse this output? What can be assumed, what may change? Could I use a regexp like X509v3 Subject Alternative Name:\s*DNS:(\S+)(?:, DNS:(\S+))*?

    Read the article

  • nginx not returning 304 on cached content

    - by Don H
    I'm using nginx as a reverse proxy with an Apache back-end handling some PHP files. The files return the right expiry headers and proxy_cache does a good job of caching them, but I've noticed that the cached content returns a 200 on every refresh, when it might be more efficient to return a 304 on the cached files. The files in question are generated by PHP. The urls do not have .php in them as they've been prettified. Any idea why nginx might not be returning 304 on repeated visits to a cached PHP output? To clarify: It's using proxy_cache for caching dynamic PHP pages (not static html pages generated by PHP). I'm setting expires headers in the PHP file of time + 24 hours. With that in mind, I was hoping nginx would be able to then return 304s on its cached versions during that 24 hour window.

    Read the article

  • cannot delete IPv6 default gateway

    - by NulledPointer
    The commands below should be pretty self-explanatory. Please note that the route for which i get failure is obtained by RA and has very less expiry ( e Flag in UDAe). @vm:~$ ip -6 route 2001:4860:4001:800::1002 via fe80::20c:29ff:fe87:f9e7 dev eth1 proto static metric 1024 2001:4860:4001:800::1003 via fe80::20c:29ff:fe87:f9e7 dev eth1 proto static metric 1024 2001:4860:4001:800::1005 via fe80::20c:29ff:fe87:f9e7 dev eth1 proto static metric 1024 2001:4860:4001:803::100e via fe80::20c:29ff:fe87:f9e7 dev eth1 proto static metric 1024 fd00:ffff:ffff:fff1::/64 dev eth1 proto kernel metric 256 expires 2592300sec fe80::/64 dev eth1 proto kernel metric 256 default via fe80::20c:29ff:fe87:f9e7 dev eth1 proto static metric 1 default via fe80::20c:29ff:fe87:f9e7 dev eth1 proto kernel metric 1024 expires 1776sec @vm:~$ @vm:~$ @vm:~$ @vm:~$ sudo route -6 delete default gw fe80::20c:29ff:fe87:f9e7 @vm:~$ ip -6 route 2001:4860:4001:800::1002 via fe80::20c:29ff:fe87:f9e7 dev eth1 proto static metric 1024 2001:4860:4001:800::1003 via fe80::20c:29ff:fe87:f9e7 dev eth1 proto static metric 1024 2001:4860:4001:800::1005 via fe80::20c:29ff:fe87:f9e7 dev eth1 proto static metric 1024 2001:4860:4001:803::100e via fe80::20c:29ff:fe87:f9e7 dev eth1 proto static metric 1024 fd00:ffff:ffff:fff1::/64 dev eth1 proto kernel metric 256 expires 2592279sec fe80::/64 dev eth1 proto kernel metric 256 default via fe80::20c:29ff:fe87:f9e7 dev eth1 proto kernel metric 1024 expires 1755sec @vm:~$ @vm:~$ @vm:~$ sudo route -6 delete ::/0 gw fe80::20c:29ff:fe87:f9e7 dev eth1 SIOCDELRT: No such process @vm:~$ @vm:~$ @vm:~$ route -n6 Kernel IPv6 routing table Destination Next Hop Flag Met Ref Use If 2001:4860:4001:800::1002/128 fe80::20c:29ff:fe87:f9e7 UG 1024 0 0 eth1 2001:4860:4001:800::1003/128 fe80::20c:29ff:fe87:f9e7 UG 1024 0 0 eth1 2001:4860:4001:800::1005/128 fe80::20c:29ff:fe87:f9e7 UG 1024 0 0 eth1 2001:4860:4001:803::100e/128 fe80::20c:29ff:fe87:f9e7 UG 1024 0 0 eth1 fd00:ffff:ffff:fff1::/64 :: UAe 256 0 0 eth1 fe80::/64 :: U 256 0 0 eth1 ::/0 fe80::20c:29ff:fe87:f9e7 UGDAe 1024 0 0 eth1 ::/0 :: !n -1 1 349 lo ::1/128 :: Un 0 1 3 lo fd00:ffff:ffff:fff1:a00:27ff:fe7f:7245/128 :: Un 0 1 0 lo fd00:ffff:ffff:fff1:fce8:ce07:b9ea:389f/128 :: Un 0 1 0 lo fe80::a00:27ff:fe7f:7245/128 :: Un 0 1 0 lo ff00::/8 :: U 256 0 0 eth1 ::/0 :: !n -1 1 349 lo @vm:~$ UPDATE: Another question is whats the use of link local address as the default route?

    Read the article

  • Select tool to minimize JavaScript and CSS size

    - by Michael Freidgeim
    There are multiple ways and techniques how to combine and minify JS and CSS files.The good number of links can be found in http://stackoverflow.com/questions/882937/asp-net-script-and-css-compression and in http://www.hanselman.com/blog/TheImportanceAndEaseOfMinifyingYourCSSAndJavaScriptAndOptimizingPNGsForYourBlogOrWebsite.aspx There are 2 major approaches- do it during build or at run-time.In our application there are multiple user-controls, each of them required different JS or CSS files, and they loaded dynamically in the different combinations. We decided that loading all JS or CSS files for each page is not a good idea, but for each page we need to load different set of files.Based on this combining files on the build stage does not looks feasible.After Reviewing  different links I’ve decided that squishit should fit to our needs. http://www.codethinked.com/squishit-the-friendly-aspnet-javascript-and-css-squisherDifferent limitations of using SquishIt.We had some browser specific CSS files, that loaded conditionally depending of browser type(i.e IE and all other browsers). We had to put them in separate bundles,For Resources and AXD files we decide to use HttpModule and HttpHandler created by Mads KristensenTo GZIP html we are using wwWebUtils.GZipEncodePage() http://www.west-wind.com/weblog/posts/2007/Feb/05/More-on-GZip-compression-with-ASPNET-Content Just swap the order of which encoding you apply to start by asking for deflate support and then GZip afterwards.Additional tips about SquishIt.Use CDN: https://groups.google.com/group/squishit/browse_thread/thread/99f3b61444da9ad1Support intellisense and generate bundle in codebehind http://tech.kipusoep.nl/2010/07/23/umbraco-45-visual-studio-2010-dotless-jquery-vsdoc-squishit-masterpages/Links about other Libraries that were consideredA few links from http://stackoverflow.com/questions/5288656/which-one-has-better-minification-between-squishit-and-combres2.Net 4.5 will have out-of-the-box tools for JS/CSS combining.http://weblogs.asp.net/scottgu/archive/2011/11/27/new-bundling-and-minification-support-asp-net-4-5-series.aspx . It suggests default bundle of subfolder, but also seems supporting similar to squishit explicitly specified files.http://www.codeproject.com/KB/aspnet/combres2.aspx  config XML file can specify expiry etchttps://github.com/andrewdavey/cassette http://stackoverflow.com/questions/7026029/alternatives-to-cassetteDynamically loaded JS files requireJS http://requirejs.org/docs/start.html  http://www.west-wind.com/weblog/posts/2008/Jul/07/Inclusion-of-JavaScript-FilesPack and minimize your JavaScript code sizeYUI Compressor (from Yahoo)JSMin (by Douglas Crockford)ShrinkSafe (from Dojo library)Packer (by Dean Edwards)RadScriptManager  & RadStyleSheetManager -fromTeleric(not free)Tools to optimize performance:PageSpeed tools family http://code.google.com/intl/ru/speed/page-speed/download.htmlv

    Read the article

  • Whois status "pending delete" with expiration date in November 2011???

    - by Sylver
    A friend of mine is in the process of being scammed by a domain registrar and I am trying to sort out the mess. However I could use a hand understanding some of the details. He paid for 2 years of domain name registration on 6 november 2009. The whois record reads: Domain ID:XXXXXXXXXX Domain Name:XXXXXXXXX.ORG Created On:06-Nov-2009 09:23:12 UTC Last Updated On:17-Dec-2010 00:15:10 UTC Expiration Date:06-Nov-2011 09:23:12 UTC Sponsoring Registrar:OnlineNIC Inc. (R64-LROR) Status:CLIENT TRANSFER PROHIBITED Status:HOLD Status:PENDING DELETE SCHEDULED FOR RELEASE Registrant ID:ONLC-XXXXXXX-X Registrant Name:My friend's name ... Registrant Email:Old email The registrar charged a renewal fee a week ago and is now asking an extra $150 to "reclaim" the domain name, even though the domain name is apparently still in my friend's name and it looks like there is still another 10 months before the expiry date. The expiration date on the WhoIs record looks right (Nov 2011), so I don't understand why the domain status says "PENDING DELETE SCHEDULED FOR RELEASE". Can someone explain me better what the deal is and explain what I need to do get the domain name transfered to a more honest registrar? I already have a registrar for my own domain names, been using them for 10 years without problems, so I know where to transfer the domain names to, I just don't know how to proceed.

    Read the article

  • IIS cache control header settings

    - by a_m0d
    I'm currently working on a website that is accessed over https. We have recently come across a problem where we are unable to view .pdf files or any other type of file that is sent as an attachment (Content-Disposition:attachment). According to Microsoft Knowledge Base this is due to the fact that Cache-Control is set to no-cache. However, we have a requirement that all pages be fully reloaded every time they are visited, so we have disabled caching on all pages (through our ASP code, not through IIS settings). However, I have made a special case of this one page that shows the attachment, and it now returns a header with Cache-Control:private and the expiry set to 1 minute in the future. This works fine when I test it on my local machine, using https. However, when I deploy it to our test server and try it, the response headers still return Cache-Control:no-cache. There is no firewall or anything between me and the server, so IIS itself must be adding these headers and replacing mine. I have no idea why it would do this, and it doesn't really make any sense, but it seems to be the only option at the moment (I haven't yet found any other place in the code that will change the cache headers). Can anyone point me to a possible place where IIS might be setting these header values?

    Read the article

  • Multilingual website without language component in the URL

    - by user359650
    I'm working on a website for Canada which will have French and English versions. For SEO purposes, I would like to avoid using any language tag in URLs because I believe it will have more impact (e.g. example.ca/products better than en.example.ca/products or example.ca/en/products). I believe this is technically possible because the2 languages are sufficiently different that the URLs won't be conflicting with one another (e.g. if you want a "product" page, it will be /products in English, and /produits in French so you know which language the URL is about). Since Google (and most likely others) doesn't rely on the URL (nor HTML tags) to determine the content language I don't see any problems with search engines. To make this possible I've thought about using a cookie distinct from the session cookie (e.g. example.org_language) with long term expiry (e.g. N years) that will memorize the language chosen by the user. That way when people visit the website with a new browser session, they get served the proper language. I have already given up on users being able to switch one page from English to French: when people will chose English or French from the menu they will be redirected to the corresponding version of the home page. Do you foresee any problems with not using a language component in the URL (whether domain or path)? (as long as one makes sure URLS don't conflict).

    Read the article

  • Dealing with Fine-Grained Cache Entries in Coherence

    - by jpurdy
    On occasion we have seen significant memory overhead when using very small cache entries. Consider the case where there is a small key (say a synthetic key stored in a long) and a small value (perhaps a number or short string). With most backing maps, each cache entry will require an instance of Map.Entry, and in the case of a LocalCache backing map (used for expiry and eviction), there is additional metadata stored (such as last access time). Given the size of this data (usually a few dozen bytes) and the granularity of Java memory allocation (often a minimum of 32 bytes per object, depending on the specific JVM implementation), it is easily possible to end up with the case where the cache entry appears to be a couple dozen bytes but ends up occupying several hundred bytes of actual heap, resulting in anywhere from a 5x to 10x increase in stated memory requirements. In most cases, this increase applies to only a few small NamedCaches, and is inconsequential -- but in some cases it might apply to one or more very large NamedCaches, in which case it may dominate memory sizing calculations. Ultimately, the requirement is to avoid the per-entry overhead, which can be done either at the application level by grouping multiple logical entries into single cache entries, or at the backing map level, again by combining multiple entries into a smaller number of larger heap objects. At the application level, it may be possible to combine objects based on parent-child or sibling relationships (basically the same requirements that would apply to using partition affinity). If there is no natural relationship, it may still be possible to combine objects, effectively using a Coherence NamedCache as a "map of maps". This forces the application to first find a collection of objects (by performing a partial hash) and then to look within that collection for the desired object. This is most naturally implemented as a collection of entry processors to avoid pulling unnecessary data back to the client (and also to encapsulate that logic within a service layer). At the backing map level, the NIO storage option keeps keys on heap, and so has limited benefit for this situation. The Elastic Data features of Coherence naturally combine entries into larger heap objects, with the caveat that only data -- and not indexes -- can be stored in Elastic Data.

    Read the article

  • BlackBerry Simulator & BIS Push Service

    - by Submerged
    I am hoping that someone knows if you can use RIMM's push service with BIS WITHOUT a hand held device. I have registered for the push evaluation and I want to program a push server that will send out notifications to BB clients. I got my email this morning containing: Server: Application: XXXXXXXXXXXXXXXXXXX Pwd: xxxXXXXX CPID (Content Provider ID):xxx Start Date (MM/DD/YYYY): X/X/XXXX Expiry Date (MM/DD/YYYY):X/X/XXXX First Name:XXXXXXX Last Name:XXXXX Email:[email protected] Account Type:Plus Source IP:xxx.xxx.xxx.xxx Usage:BIS AND Client: Application Credentials (for use in your client application): Application ID:XXX-xxxxxxxxxxxxxxx Push Port:xxxxx I am hoping someone can tell me where to get started - as an iPhone developer, I have to say, there is much more information. Lastly, if I DO need a device, does that device have to have a dataplan? I wanted to be able to serve my clients from WiFi as well, does the BB push system work only on Cell networks? Thank you

    Read the article

  • How to secure licensekey generation

    - by Jakob Gade
    Scenario, simplified for brevity: A developer creates an application for a customer. The customer sells this app to end-users. The app requires a license key to run, and this key is generated by the customer for each end-user with a simple tool created by the developer. The license key contains an expiry date for the license and is encrypted so the end-user can’t tamper with it. The problem here is that the developer (or anybody who has a copy of the license key generator) can easily create valid license keys. Should this generator fall into the wrong hands, it could spell disaster for the customers business. Ideally, the customer would have to use a password to create new license keys. And this password would be unknown to the developer, and somehow baked into the decryption algorithm in the application so it will fail if an attempt to use an unauthorized key is made. How would you implement a solution for this problem that is both transparent and secure?

    Read the article

  • Is there way to find when self signed certificate will expire for Adobe Air application?

    - by tyler
    Hi, I have to release my Adobe Air application but the build process was "setup" by a different developer. (He made a self signed cert and wrote a batch file to call adt for packaging the application). Adobe mentions that such self signed certificates are valid for 5 years. Now I have no idea when that certificate will expire as I don't know when it was created. Also will my installed application stop working on expiry or only new installations will fail ? Thanks.

    Read the article

  • In PHP, how do I add 3 months to the purchase date retrieved from the iPhone InApp receipt?

    - by Cocoanut
    After I have validated the receipt against the App Store from my PHP server, the App Store sends me back a JSON response with "status" : 0 "receipt" : ( .... ) One of the receipt items is "purchase_date" which contains the following string (example) "2010-02-09 19:17:04 Etc/GMT" I'm trying to establish a subscription service and would like to add 3 months to this date and then write that expiry date into a MySQL table. Is there a string-to-date type function in PHP that can allow me to achieve the adding of 3 months? I have found this example which looks like it adds 1 month to a date: $date = date("Y-m-d");// current date $date = strtotime(date("Y-m-d", strtotime($date)) . " +1 month"); But I'm not sure how I can turn the string passed by the App Store into a PHP recognised date.

    Read the article

  • Storing credit card details

    - by Andrew
    I have a business requirement that forces me to store a customer's full credit card details (number, name, expiry date, CVV2) for a short period of time. Rationale: If a customer calls to order a product and their credit card is declined on the spot you are likely to lose the sale. If you take their details, thank them for the transaction and then find that the card is declined, you can phone them back and they are more likely to find another way of paying for the product. If the credit card is accepted you clear the details from the order. I cannot change this. The existing system stores the credit card details in clear text, and in the new system I am building to replace this I am clearly not going to replicate this! My question, then, is how I can securely store a credit card for a short period of time. I obviously want some kind of encryption, but what's the best way to do this? Environment: C#, WinForms, SQL-Server.

    Read the article

  • Update payment details using Authorize.net

    - by Aditya
    Hello everybody, When i update the existing subscription info using update_recurring method of autorize.net gateway then payment details(means 'credit card number', 'CVV number' and 'expiry date' ) are not being updated. My code snippet is as follows:- def create_card_subscription credit_card = ActiveMerchant::Billing::CreditCard.new( :first_name = params[:payment_details][:name], :last_name = params[:payment_details][:last_name], :number = params[:payment_details][:credit_card_number], :month = params[:expiry_date_month], :year = params[:expiry_date_year], :verification_value = params[:payment_details][:cvv_code] ) if credit_card.valid? gateway = ActiveMerchant::Billing::AuthorizeNetGateway.new(:login = '***', :password = '******') response = gateway.update_recurring( { "subscription.payment.credit_card.card_number" = "4111111111111111", :duration ={:start_date='2010-04-21', :occurrences=1}, :billing_address={:first_name='xyz', :last_name='xyz'}, :subscription_id="**" } ) if response.success? puts response.params.inspect puts "Successfully charged $#{sprintf("%.2f", amount / 100)} to the credit card #{credit_card.display_number}. The Account number is #{response.params['rbAccountId']}" else puts response.message end else #Credit Card information is invalid end render :action="card_payment" end How can it be possible? Thanks in advance, Gaurav Kumar

    Read the article

  • Optimize php-fpm and varnish for a powerfull server

    - by Jim
    My setup is: Intel® Core™ i7-2600 and RAM 16 GB DDR3 RAM varnish+nginx+php-fpm+apc for a not very heavy WordPress blog with W3 Total Cache and CDN My problem is that after 55 hits per second according to blitz.io varnish starts giving out timeouts. CPU usage at this time is hardly 1%. Free memory at all time remains 10GB+. I tried benchmarking php-fpm directly with result of 150hits/s without any timeouts. But after that the CPU usage goes 100% and it stops responding. Can you help me optimize it to handle more? As i understand nginx has nothing to do over here so i dont put its config. php-fpm config listen = /tmp/php5-fpm.sock listen.allowed_clients = 127.0.0.1 user = nginx group = nginx pm = dynamic pm.max_children = 150 pm.start_servers = 7 pm.min_spare_servers = 2 pm.max_spare_servers = 15 pm.max_requests = 500 slowlog = /var/log/php-fpm/www-slow.log php_admin_value[error_log] = /var/log/php-fpm/www-error.log php_admin_flag[log_errors] = on apc extension = apc.so apc.enabled=1 apc.shm_size=512MB apc.num_files_hint=0 apc.user_entries_hint=0 apc.ttl=7200 apc.use_request_time=1 apc.user_ttl=7200 apc.gc_ttl=3600 apc.cache_by_default=1 apc.filters apc.mmap_file_mask=/tmp/apc.XXXXXX apc.file_update_protection=2 apc.enable_cli=0 apc.max_file_size=1M apc.stat=1 apc.stat_ctime=0 apc.canonicalize=0 apc.write_lock=1 apc.report_autofilter=0 apc.rfc1867=0 apc.rfc1867_prefix =upload_ apc.rfc1867_name=APC_UPLOAD_PROGRESS apc.rfc1867_freq=0 apc.rfc1867_ttl=3600 apc.include_once_override=0 apc.lazy_classes=0 apc.lazy_functions=0 apc.coredump_unmap=0 apc.file_md5=0 apc.preload_path Varnish VCL backend default { .host = "127.0.0.1"; .port = "8080"; .connect_timeout = 6s; .first_byte_timeout = 6s; .between_bytes_timeout = 60s; } acl purgehosts { "localhost"; "127.0.0.1"; } # Called after a document has been successfully retrieved from the backend. sub vcl_fetch { # Uncomment to make the default cache "time to live" is 5 minutes, handy # but it may cache stale pages unless purged. (TODO) # By default Varnish will use the headers sent to it by Apache (the backend server) # to figure out the correct TTL. # WP Super Cache sends a TTL of 3 seconds, set in wp-content/cache/.htaccess set beresp.ttl = 24h; # Strip cookies for static files and set a long cache expiry time. if (req.url ~ "\.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|pdf|txt|tar|wav|bmp|rtf|js|flv|swf|html|htm)$") { unset beresp.http.set-cookie; set beresp.ttl = 24h; } # If WordPress cookies found then page is not cacheable if (req.http.Cookie ~"(wp-postpass|wordpress_logged_in|comment_author_)") { # set beresp.cacheable = false;#versions less than 3 #beresp.ttl>0 is cacheable so 0 will not be cached set beresp.ttl = 0s; } else { #set beresp.cacheable = true; set beresp.ttl=24h;#cache for 24hrs } # Varnish determined the object was not cacheable #if ttl is not > 0 seconds then it is cachebale if (!beresp.ttl > 0s) { # set beresp.http.X-Cacheable = "NO:Not Cacheable"; } else if ( req.http.Cookie ~"(wp-postpass|wordpress_logged_in|comment_author_)" ) { # You don't wish to cache content for logged in users set beresp.http.X-Cacheable = "NO:Got Session"; return(hit_for_pass); #previously just pass but changed in v3+ } else if ( beresp.http.Cache-Control ~ "private") { # You are respecting the Cache-Control=private header from the backend set beresp.http.X-Cacheable = "NO:Cache-Control=private"; return(hit_for_pass); } else if ( beresp.ttl < 1s ) { # You are extending the lifetime of the object artificially set beresp.ttl = 300s; set beresp.grace = 300s; set beresp.http.X-Cacheable = "YES:Forced"; } else { # Varnish determined the object was cacheable set beresp.http.X-Cacheable = "YES"; if (beresp.status == 404 || beresp.status >= 500) { set beresp.ttl = 0s; } # Deliver the content return(deliver); } sub vcl_hash { # Each cached page has to be identified by a key that unlocks it. # Add the browser cookie only if a WordPress cookie found. if ( req.http.Cookie ~"(wp-postpass|wordpress_logged_in|comment_author_)" ) { #set req.hash += req.http.Cookie; hash_data(req.http.Cookie); } } # vcl_recv is called whenever a request is received sub vcl_recv { # remove ?ver=xxxxx strings from urls so css and js files are cached. # Watch out when upgrading WordPress, need to restart Varnish or flush cache. set req.url = regsub(req.url, "\?ver=.*$", ""); # Remove "replytocom" from requests to make caching better. set req.url = regsub(req.url, "\?replytocom=.*$", ""); remove req.http.X-Forwarded-For; set req.http.X-Forwarded-For = client.ip; # Exclude this site because it breaks if cached if ( req.http.host == "sr.ituts.gr" ) { return( pass ); } # Serve objects up to 2 minutes past their expiry if the backend is slow to respond. set req.grace = 120s; # Strip cookies for static files: if (req.url ~ "\.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|pdf|txt|tar|wav|bmp|rtf|js|flv|swf|html|htm)$") { unset req.http.Cookie; return(lookup); } # Remove has_js and Google Analytics __* cookies. set req.http.Cookie = regsuball(req.http.Cookie, "(^|;\s*)(__[a-z]+|has_js)=[^;]*", ""); # Remove a ";" prefix, if present. set req.http.Cookie = regsub(req.http.Cookie, "^;\s*", ""); # Remove empty cookies. if (req.http.Cookie ~ "^\s*$") { unset req.http.Cookie; } if (req.request == "PURGE") { if (!client.ip ~ purgehosts) { error 405 "Not allowed."; } #previous version ban() was purge() ban("req.url ~ " + req.url + " && req.http.host == " + req.http.host); error 200 "Purged."; } # Pass anything other than GET and HEAD directly. if (req.request != "GET" && req.request != "HEAD") { return( pass ); } /* We only deal with GET and HEAD by default */ # remove cookies for comments cookie to make caching better. set req.http.cookie = regsub(req.http.cookie, "1231111111111111122222222333333=[^;]+(; )?", ""); # never cache the admin pages, or the server-status page, or your feed? you may want to..i don't if (req.request == "GET" && (req.url ~ "(wp-admin|bb-admin|server-status|feed)")) { return(pipe); } # don't cache authenticated sessions if (req.http.Cookie && req.http.Cookie ~ "(wordpress_|PHPSESSID)") { return(lookup); } # don't cache ajax requests if(req.http.X-Requested-With == "XMLHttpRequest" || req.url ~ "nocache" || req.url ~ "(control.php|wp-comments-post.php|wp-login.php|bb-login.php|bb-reset-password.php|register.php)") { return (pass); } return( lookup ); } Varnish Daemon options DAEMON_OPTS="-a :80 \ -T 127.0.0.1:6082 \ -f /etc/varnish/ituts.vcl \ -u varnish -g varnish \ -S /etc/varnish/secret \ -p thread_pool_add_delay=2 \ -p thread_pools=8 \ -p thread_pool_min=100 \ -p thread_pool_max=1000 \ -p session_linger=50 \ -p session_max=150000 \ -p sess_workspace=262144 \ -s malloc,5G" Im not sure where to start, should i for start optimize php-fpm and then go to varnish or php-fpm is at its max right now so i should start looking for the problem in varnish?

    Read the article

< Previous Page | 1 2 3 4 5 6  | Next Page >