Search Results

Search found 120608 results on 4825 pages for 'code access security'.

Page 40/4825 | < Previous Page | 36 37 38 39 40 41 42 43 44 45 46 47 | Next Page >

Give Access to a Subdirectory Without Giving Access to Parent Directories

- by allquixotic

I have a scenario involving a Windows file server where the "owner" wants to dole out permissions to a group of users of the following sort: \\server\dir1\dir2\dir3: Read & Execute and Write \\server\dir1\dir2: No permissions. \\server\dir1: No permissions. \\server: Read & Execute To my understanding, it is not possible to do this because Read & Execute permission must be granted to all the parent directories in a directory chain in order for the operating system to be able to "see" the child directories and get to them. Without this permission, you can't even obtain the security context token when trying to access the nested directory, even if you have full access to the subdirectory. We are looking for ways to get around this, without moving the data from \\server\dir1\dir2\dir3 to \\server\dir4. One workaround I thought of, but which I am not sure if it will work, is creating some sort of link or junction \\server\dir4 which is a reference to \\server\dir1\dir2\dir3. I am not sure which of the available options (if any) would work for this purpose if the user does not have Read & Execute permission on \\server\dir1\dir2 or \\server\dir1, but as far as I know, the options are these: NTFS Symbolic Link, Junction, Hard Link. So the questions: Are any of these methods suitable to accomplish my goal? Are there any other methods of linking or indirectly referencing a directory, which I haven't listed above, which might be suitable? Are there any direct solutions that don't involve granting Read & Execute to \\server\dir1 or \\server\dir2 but still allowing access to \\server\dir1\dir2\dir3?

Read the article
Using Excel as front end to Access database (with VBA)

- by Alex

I am building a small application for a friend and they'd like to be able to use Excel as the front end. (the UI will basically be userforms in Excel). They have a bunch of data in Excel that they would like to be able to query but I do not want to use excel as a database as I don't think it is fit for that purpose and am considering using Access. [BTW, I know Access has its shortcomings but there is zero budget available and Access already on friend's PC] To summarise, I am considering dumping a bunch of data into Access and then using Excel as a front end to query the database and display results in a userform style environment. Questions: How easy is it to link to Access from Excel using ADO / DAO? Is it quite limited in terms of functionality or can I get creative? Do I pay a performance penalty (vs.using forms in Access as the UI)? Assuming that the database will always be updated using ADO / DAO commands from within Excel VBA, does that mean I can have multiple Excel users using that one single Access database and not run into any concurrency issues etc.? Any other things I should be aware of? I have strong Excel VBA skills and think I can overcome Access VBA quite quickly but never really done Excel / Access link before. I could shoehorn the data into Excel and use as a quasi-database but that just seems more pain than it is worth (and not a robust long term solution) Any advice appreciated. Alex

Read the article
Takeaways From CSO Roundtable New York

- by Naresh Persaud

Thanks to everyone who attended the Chief Security Officer Roundtable in New York last week. We were lucky to have Dennis Brixus, CSO of McGraw-Hill as a guest speaker. In addition, Jeff Henley, provided a board level perspective on security. Amit Jasuja discussed Oracle's security formula. A few takeaways from Jeff's talk that were interesting: Security is a board level issue. The challenge at the board level is that boards have short attention span. The CSO needs to be vigilant in educating the board on the strategic importance of security. Every CSO needs to think about cost. The CSO has to look at the economics of security and demonstrate fiduciary responsibility. We have to think of security as a business enabler. Security is the enabler that helps us expand into new markets and connect better with our customers and partners. While the CSO can't prevent every threat, we have to expect the CSO to have a plan. Oracle security-formula View more PowerPoint from OracleIDM

Read the article
Data Source Security Part 1

- by Steve Felts

I’ve written a couple of articles on how to store data source security credentials using the Oracle wallet. I plan to write a few articles on the various types of security available to WebLogic Server (WLS) data sources. There are more options than you might think! There have been several enhancements in this area in WLS 10.3.6. There are a couple of more enhancements planned for release WLS 12.1.2 that I will include here for completeness. This isn’t intended as a teaser. If you call your Oracle support person, you can get them now as minor patches to WLS 10.3.6. The current security documentation is scattered in a few places, has a few incorrect statements, and is missing a few topics. It also seems that the knowledge of how to apply some of these features isn’t written down. The goal of these articles is to talk about WLS data source security in a unified way and to introduce some approaches to using the available features. Introduction to WebLogic Data Source Security Options By default, you define a single database user and password for a data source. You can store it in the data source descriptor or make use of the Oracle wallet. This is a very simple and efficient approach to security. All of the connections in the connection pool are owned by this user and there is no special processing when a connection is given out. That is, it’s a homogeneous connection pool and any request can get any connection from a security perspective (there are other aspects like affinity). Regardless of the end user of the application, all connections in the pool use the same security credentials to access the DBMS. No additional information is needed when you get a connection because it’s all available from the data source descriptor (or wallet). java.sql.Connection conn = mydatasource.getConnection(); Note: You can enter the password as a name-value pair in the Properties field (this not permitted for production environments) or you can enter it in the Password field of the data source descriptor. The value in the Password field overrides any password value defined in the Properties passed to the JDBC Driver when creating physical database connections. It is recommended that you use the Password attribute in place of the password property in the properties string because the Password value is encrypted in the configuration file (stored as the password-encrypted attribute in the jdbc-driver-params tag in the module file) and is hidden in the administration console. The Properties and Password fields are located on the administration console Data Source creation wizard or Data Source Configuration tab. The JDBC API can also be used to programmatically specify a database user name and password as in the following. java.sql.Connection conn = mydatasource.getConnection(“user”, “password”); According to the JDBC specification, it’s supposed to take a database user and associated password but different vendors implement this differently. WLS, by default, treats this as an application server user and password. The pair is authenticated to see if it’s a valid user and that user is used for WLS security permission checks. By default, the user is then mapped to a database user and password using the data source credential mapper, so this API sort of follows the specification but database credentials are one-step removed from the application code. More details and the rationale are described later. While the default approach is simple, it does mean that only one database user is doing all of the work. You can’t figure out who actually did the update and you can’t restrict SQL operations by who is running the operation, at least at the database level. Any type of per-user logic will need to be in the application code instead of having the database do it. There are various WLS data source features that can be configured to provide some per-user information about the operations to the database. WebLogic Data Source Security Options This table describes the features available for WebLogic data sources to configure database security credentials and a brief description. It also captures information about the compatibility of these features with one another. Feature Description Can be used with Can’t be used with User authentication (default) Default getConnection(user, password) behavior – validate the input and use the user/password in the descriptor. Set client identifier Proxy Session, Identity pooling, Use database credentials Use database credentials Instead of using the credential mapper, use the supplied user and password directly. Set client identifier, Proxy session, Identity pooling User authentication, Multi Data Source Set Client Identifier Set a client identifier property associated with the connection (Oracle and DB2 only). Everything Proxy Session Set a light-weight proxy user associated with the connection (Oracle-only). Set client identifier, Use database credentials Identity pooling, User authentication Identity pooling Heterogeneous pool of connections owned by specified users. Set client identifier, Use database credentials Proxy session, User authentication, Labeling, Multi-datasource, Active GridLink Note that all of these features are available with both XA and non-XA drivers. Currently, the Proxy Session and Use Database Credentials options are on the Oracle tab of the Data Source Configuration tab of the administration console (even though the Use Database Credentials feature is not just for Oracle databases – oops). The rest of the features are on the Identity tab of the Data Source Configuration tab in the administration console (plan on seeing them all in one place in the future). The subsequent articles will describe these features in more detail. Keep referring back to this table to see the big picture.

Read the article
Code Access Security and Sharepoint WebParts

- by Gordon Carpenter-Thompson

I've got a vague handle on how Code Access Security works in Sharepoint. I have developed a custom webpart and setup a CAS policy in my Manifest <CodeAccessSecurity> <PolicyItem> <PermissionSet class="NamedPermissionSet" version="1" Description="Permission set for Okana"> <IPermission class="Microsoft.SharePoint.Security.SharePointPermission, Microsoft.SharePoint.Security, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" version="1" ObjectModel="True" Impersonate="True" /> <IPermission class="SecurityPermission" version="1" Flags="Assertion, Execution, ControlThread, ControlPrincipal, RemotingConfiguration" /> <IPermission class="AspNetHostingPermission" version="1" Level="Medium" /> <IPermission class="DnsPermission" version="1" Unrestricted="true" /> <IPermission class="EventLogPermission" version="1" Unrestricted="true"> <Machine name="localhost" access="Administer" /> </IPermission> <IPermission class="EnvironmentPermission" version="1" Unrestricted="true" /> <IPermission class="System.Configuration.ConfigurationPermission, System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" version="1" Unrestricted="true"/> <IPermission class="System.Net.WebPermission, System, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Unrestricted="true" /> <IPermission class="System.Net.WebPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" Unrestricted="true" /> <IPermission class="System.Security.Permissions.FileIOPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Unrestricted="true" PathDiscovery="*AllFiles*" /> <IPermission class="IsolatedStorageFilePermission" version="1" Allowed="AssemblyIsolationByUser" UserQuota="9223372036854775807" /> <IPermission class="PrintingPermission" version="1" Level="DefaultPrinting" /> <IPermission class="PerformanceCounterPermission" version="1"> <Machine name="localhost"> <Category name="Enterprise Library Caching Counters" access="Write"/> <Category name="Enterprise Library Cryptography Counters" access="Write"/> <Category name="Enterprise Library Data Counters" access="Write"/> <Category name="Enterprise Library Exception Handling Counters" access="Write"/> <Category name="Enterprise Library Logging Counters" access="Write"/> <Category name="Enterprise Library Security Counters" access="Write"/> </Machine> </IPermission> <IPermission class="ReflectionPermission" version="1" Unrestricted="true"/> <IPermission class="SecurityPermission" version="1" Flags="SerializationFormatter, UnmanagedCode, Infrastructure, Assertion, Execution, ControlThread, ControlPrincipal, RemotingConfiguration, ControlAppDomain,ControlDomainPolicy" /> <IPermission class="SharePointPermission" version="1" ObjectModel="True" /> <IPermission class="SmtpPermission" version="1" Access="Connect" /> <IPermission class="SqlClientPermission" version="1" Unrestricted="true"/> <IPermission class="WebPartPermission" version="1" Connections="True" /> <IPermission class="WebPermission" version="1"> <ConnectAccess> <URI uri="$OriginHost$"/> </ConnectAccess> </IPermission> </PermissionSet> <Assemblies> .... </Assemblies> This is correctly converted into a wss_custom_wss_minimaltrust.config when it is deployed onto the Sharepoint server and mostly works. To get the WebPart working fully, however I find that I need to modify the wss_custom_wss_minimaltrust.config by hand after deployment and set Unrestricted="true" on the permissions set <PermissionSet class="NamedPermissionSet" version="1" Description="Permission set for MyApp" Name="mywebparts.wsp-86d8cae1-7db2-4057-8c17-dc551adb17a2-1"> to <PermissionSet class="NamedPermissionSet" version="1" Description="Permission set for MyApp" Name="mywebparts.wsp-86d8cae1-7db2-4057-8c17-dc551adb17a2-1" Unrestricted="true"> It's all because I'm loading a User Control from the webpart. I don't believe there is a way to enable that using CAS but am willing to be proven wrong. Is there a way to set something in the manifest so I don't need to make this fix by hand? Thanks

Read the article
Invalid or expired security context token in WCF web service

- by Damian

All, I have a WCF web service (let's called service "B") hosted under IIS using a service account (VM, Windows 2003 SP2). The service exposes an endpoint that use WSHttpBinding with the default values except for maxReceivedMessageSize, maxBufferPoolSize, maxBufferSize and some of the time outs that have been increased. The web service has been load tested using Visual Studio Load Test framework with around 800 concurrent users and successfully passed all tests with no exceptions being thrown. The proxy in the unit test has been created from configuration. There is a sharepoint application that use the Office Sharepoint Server Search service to call web services "A" and "B". The application will get data from service "A" to create a request that will be sent to service "B". The response coming from service "B" is indexed for search. The proxy is created programmatically using the ChannelFactory. When service "A" takes less than 10 minutes, the calls to service "B" are successfull. But when service "A" takes more time (~20 minutes) the calls to service "B" throw the following exception: Exception Message: An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail Inner Exception Message: The message could not be processed. This is most likely because the action 'namespace/OperationName' is incorrect or because the message contains an invalid or expired security context token or because there is a mismatch between bindings. The security context token would be invalid if the service aborted the channel due to inactivity. To prevent the service from aborting idle sessions prematurely increase the Receive timeout on the service endpoint's binding. The binding settings are the same, the time in both client server and web service server are synchronize with the Windows Time service, same time zone. When i look at the server where web service "B" is hosted i can see the following security errors being logged: Source: Security Category: Logon/Logoff Event ID: 537 User NT AUTHORITY\SYSTEM Logon Failure: Reason: An error occurred during logon Logon Type: 3 Logon Process: Kerberos Authentication Package: Kerberos Status code: 0xC000006D Substatus code: 0xC0000133 After reading some of the blogs online, the Status code means STATUS_LOGON_FAILURE and the substatus code means STATUS_TIME_DIFFERENCE_AT_DC. but i already checked both server and client clocks and they are syncronized. I also noticed that the security token seems to be cached somewhere in the client server because they have another process that calls the web service "B" using the same service account and successfully gets data the first time is called. Then they start the proccess to update the office sharepoint server search service indexes and it fails. Then if they called the first proccess again it will fail too. Has anyone experienced this type of problems or have any ideas? Regards, --Damian

Read the article
Open an Access database and run one of its Macros from Excel

- by sqlnoob

From Excel, I need to open an Access database and run one of the database's macros. I'm using Excel and Access 2007. Here is my code in Excel: Sub accessMacro() Dim appAccess As New Access.Application Set appAccess = Access.Application appAccess.OpenCurrentDatabase "C:\blah.mdb" appAccess.Visible = True appAccess.DoCmd.RunMacro "RunQueries.RunQueries" appAccess.CloseCurrentDatabase End Sub In the Access Database, there is a procedure named RunQueries in a module named RunQueries. Each time I run this, I get the following error: Runtime error '2485': Microsoft Access Office can't find the object 'RunQueries.' I have also tried: appAccess.DoCmd.RunMacro "RunQueries" and I get the same errors message. Any idea how to do this? By the way, I could go into a long explanation about why I need to do this, but let me just say that I've already argued against it, and I have to do it this way (meaning, I have to use Excel as a frontend to open several Access dbs and run their macros).

Read the article
Configuring a Context specific Tomcat Security Realm

- by Andy Mc

I am trying to get a context specific security Realm in Tomcat 6.0, but when I start Tomcat I get the following error: 09-Dec-2010 16:12:40 org.apache.catalina.startup.ContextConfig validateSecurityRoles INFO: WARNING: Security role name myrole used in an <auth-constraint> without being defined in a <security-role> I have created the following context.xml file: <Context debug="0" reloadable="true"> <Resource name="MyUserDatabase" type="org.apache.catalina.UserDatabase" description="User database that can be updated and saved" factory="org.apache.catalina.users.MemoryUserDatabaseFactory" pathname="conf/my-users.xml" /> <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="MyUserDatabase"/> </Context> Created a file: my-users.xml which I have placed under WEB-INF/conf which contains the following: <tomcat-users> <role rolename="myrole"/> <user username="test" password="changeit" roles="myrole" /> </tomcat-users> Added the following lines to my web.xml file: <web-app ...> ... <security-constraint> <web-resource-collection> <web-resource-name>Entire Application</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>myrole</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> </login-config> ... </web-app> But seem to get the error wherever I put conf/my-users.xml. Do I have to specify an explicit PATH in the pathname or is it relative to somewhere? Ideally I would like to have it packaged up as part of my WAR file. Any ideas?

Read the article
ISA Server 2006 SP1 :: Allow unauthenticated users (non domain users) access to external (internet)

- by Klaptrap

Now that we have applied an internal to external rule blocking all users access to the internet, other than those users in a whitelist, we have the obvious issue of non authenticated users, not on our domain, i.e.; domain-less guests not being able to access the internet. Other than configuring each machine to use our alternative gateway - which would require a member of IT to be onsite everytime a guest arrives - can this be done through ISA adn AD?

Read the article
ISA Server 2006 SP1 :: Allow unauthenticated users (non domain users) access to external (internet)

- by Klaptrap

Now that we have applied an internal to external rule blocking all users access to the internet, other than those users in a whitelist, we have the obvious issue of non authenticated users, not on our domain, i.e.; domain-less guests not being able to access the internet. Other than configuring each machine to use our alternative gateway - which would require a member of IT to be onsite everytime a guest arrives - can this be done through ISA adn AD?

Read the article
Unable to Set Up Remote Access on Windows Home Server

- by Matt Hanson

When trying to turn on Remote Access on my Windows Home Server (HP MediaSmart Ex485, MediaSmart Server 3.0, Power Pack 3), I am not able to continue through the wizard as this first check fails: "Verifying that your remote Web site is available locally" Everything else on the server works fine, including being able to: Ping server RDP to server Access all shares as expected Browse to both http://servername and http://servername:55000 I have noticed though that I am unable to browse to http://servername:56000 as I should be able to do. I've performed a server recovery to reset the installation to factory defaults, with no such luck.

Read the article
Windows Server 2003 Standard - how to access other pc's remotely

- by studiohack

I'm a novice in the world of servers, and I'm about to install Windows Server 2003 Standard on a server box I have...However, I'm curious if there is a way to access the other PC's in my network remotely via the server (Windows XP Home and Windows 7 Home Premium)? Like say, I'm at a friend's house, and I want to access my Win7 machine via the server, how do I do it? Is it possible? Thanks!

Read the article
Grant Sharepoint Access to all employees

- by Satish

What's the easiest way to grant access to all the employees of our company to sharepoint portal. There are some general sites which all employees have read access. So Do I have to create an AD group for all employees and add to the site or is there some better way to manage this?

Read the article
MS Access split database queries

- by Lance Roberts

When the frontend of a MS Access db queries a MS Access backend on another machine over the network, does it pull in the whole table/database/file, or does it have some way of extracting just what it needs from the backend, thereby lessening network load.

Read the article
ms access 2007 error messages

- by Arnold

Good Day to Everyone!! Just wanna ask if there is a setting in MS Access 2007 to ignore all error messages, when i ran my application in MS Access 07 there are annoying messages that pop-ups. All I want is to ignore all those message without changing my code.. Thanks

Read the article
Forefront UAG vs. Server 2012 Direct Access

- by Matt Bear

So I'm working on bringing my company into the 21'st century, with virtual servers, active directory, ADFS, SSO etc. Its a huuuuge project, with a future goal of ISO 27001 cerification. The current question is, does the Direct Access role offered by Server 2012 perform the same role as Forefront Unified Access Gateway 2010 does? I'm sure there are many differences, but my primary concerns are Sharepoint publishing, ADFS proxy, reverse proxy, remote connection, and o365 syncronization.

Read the article
TFS 2010 remote access

- by jbloomer

Does anyone know if remote access to TFS 2010 is the same as for existing versions of TFS? The latest documentation I have found is Chapter 17 – Providing Internet Access to Team Foundation Server.

Read the article
What to use for Shell Access?

- by Aristotle

I just purchased a virtual dedicated server-plan that comes with shell access. It's been a while since I've actually used shell access remotely, so I'm a bit behind the times. Years ago I used PuTTY, but I'm curious if there are any better options that I should consider for establishing that connection, and managing my server remotely. I figured this question would be most appropriately asked here since it is regarding tools.

Read the article
Git push write access for deployment denied

- by Stepchik

I have strange issue when try git push. Git clone and commit works fine. W access for my_project DENIED to deploy_my_project_ My gitolite.conf repo my_project R = deploy_my_project_111 RW+ = my_name I wonder why git push takes wrong user (deploy_project_111) with read access. This error is float. Twice i had to change rsa key(rsa keys is unchangeble) and restart computer. May be my computer do something wrong.

Read the article
Dell "Remote Access Configuration Utility" keeps prompting

- by Dan

One of our servers can never reboot without pausing at the BIOS prompt asking to "F1 to continue, F2 to enter setup utility". I have gone into Setup and there is nothing there to stop it prompting for this; I have gone into the Remote Access Configuration Utility (CTRL+E) and have setup some values hoping that because it was setup it would not keep asking, but nope, nothing obvious like "Disable Remote Access Configuration". This is the screen we see: Does anyone know what we can do to let our machine boot cleanly??

Read the article
Access report prints slow

- by BoundforPNG

I have an access report that comes up in a few seconds in the preview mode. When I try to print it takes about 45 seconds to print. Any ideas why this might be? This is done in Access 2003. Thanks, Paul

Read the article
Creating a very detailed report using Excel and/or Access

- by AgainstClint

I have a database/spreadsheet of information that I need to make a very detailed report from. My knowledge on Access is quite limited so I started doing a mock up of the Report layout in Excel and made this: So from there, I need the information from the data base to be placed in the properly labeled cells. There are over 2500+ entries in the spreadsheet/database, so if creating a report that looks pretty spot on to the one above in access is doable, that might be an easier route.

Read the article
Is there a rule to define a primary key on a sql-Server table for access with MS-Access?

- by Ice

Defining some Tables in SQL-Server which will be accessed via ODBC from MS-Access. I'm not sure about it, put i read somewhere that a primary key must bee named with 'aaaaaPK_ColumnName'. The 5 'a' should manage that the PK is listed first in the dialog for all key's in MS-Access. What do you think about that?

Read the article
Unix Server Protection from Physical Access?

- by Isabella Wilcox

I'm working to license our software to some buyer. Our software will be ran from an unix server that is physically controlled by the buyer. Is there any way to prevent the buyer who have physical access to your server to access contents on the drive? We want to protect our intellectual property because if the buyer steals our software, we won't have enough legal resources to pursue a claim internationally.

Read the article
Exchange 2010 remote access

- by evesirim

Does anyone know how to configure more addresses for remote access to Outlook on our SBS 2008? Currently you can go to either 'https://remote.site.co.uk/remote' to acces the remote web workspace or 'https://remote.site.co.uk/owa' to go straight to remote exchange access. I would like to set it up so that by going to 'https://remote.site.co.uk/exchange' it takes you to same place that '/owa' would. Does anybody know if this is possible, and if so how? Many thanks

Read the article

< Previous Page | 36 37 38 39 40 41 42 43 44 45 46 47 | Next Page >