Search Results

Search found 12541 results on 502 pages for 'secure the world'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 40/502 | < Previous Page | 36 37 38 39 40 41 42 43 44 45 46 47  | Next Page >

  • Real world examples of tree structures

    - by Arec Barrwin
    I'm looking for some examples of tree structures that are used in commercial/free software projects, modern or old. I can see examples on wikipedia, but I am looking for more concrete examples and how they're used. For example primary keys in databases are (from what I've read) stored in BST structure or a variation of the BST (feel free to correct me on this) My question isn't limited Binary Search Trees (BSTs), it can include any variation such as red-black, AVL and so on.

    Read the article

  • Where to place web.xml outside WAR file for secure redirect?

    - by Silverhalide
    I am running Tomcat 7 and am deploying a bunch of applications delivered to me by a third party as WAR files. I'd like to force some of those apps to always use SSL. (All the "SSL" apps are in one service; other apps outside this discussion are in another service.) I've figured out how to use conf\web.xml to redirect apps from HTTP to HTTPS, but that applies to all applications hosted by Tomcat. I've also figured out how to put web.xml in an unpacked app's web-inf directory; that does the trick for that specific app, but runs the risk of being overwritten if our vendor gives us a new war file to deploy. I've also tried placing the web.xml file in various places under conf\service\host, or under appbase, but none seem to work. Is it possible to redirect some apps to SSL without forcing all apps to redirect, or to put the web.xml file inside the extracted WAR file? Here's my server.xml: <Service name="secure"> <Connector port="80" connectionTimeout="20000" redirectPort="443" URIEncoding="UTF-8" enableLookups="false" compression="on" protocol="org.apache.coyote.http11.Http11Protocol" compressableMimeType="text/html,text/xml,text/plain,text/javascript,application/json,text/css"/> <Connector port="443" URIEncoding="UTF-8" enableLookups="false" compression="on" protocol="org.apache.coyote.http11.Http11Protocol" compressableMimeType="text/html,text/xml,text/plain,text/javascript,application/json,text/css" scheme="https" secure="true" SSLEnabled="true" sslProtocol="TLS" keystoreFile="..." keystorePass="..." keystoreType="PKCS12" truststoreFile="..." truststorePass="..." truststoreType="JKS" clientAuth="false" ciphers="SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_AES_128_CBC_SHA"/> <Engine name="secure" defaultHost="localhost"> <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/> <Host name="localhost" appBase="webapps" unpackWARs="false" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false"> </Host> </Engine> </Service> <Service name="mutual-secure"> ... </Service> The content of the web.xml files I'm playing with is: <web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" version="3.0" metadata-complete="true"> <security-constraint> <web-resource-collection> <web-resource-name>All applications</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <user-data-constraint> <description>Redirect all requests to HTTPS</description> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint> </web-app> (For conf\web.xml the security-constraint is added just before the end of the existing file, rather than create a new file.) My webapps directory (currently) contains only the WAR files.

    Read the article

  • Does HTML5 make Javascript gaming safer (more secure)?

    - by Sean Madigan
    I know that Javascript is an incredibly unsecure way of programming a persistent game, where for instance you are doing battle calculations in an RPG and then award XP through linking to a PHP page when they win that adds XP to a database (since the player could make their own javascript to always win or just look at the PHP page that you get sent to when you win and just go there anyway). So with that said, I'm wondering if HTML5 makes multiplayer/persistent games any safer in this regard, since I know it still uses Javascript. Or am I still doomed to rely entirely on server-side scripting for doing any calculations that award the player?

    Read the article

  • ASP .NET MVC Secure all resources

    - by Tim
    How to enable Authentication on whole controller and disable only for certain action methods. I want authentication for all resources. If I write something like that: [Authorize] public class HomeController : BaseController { //This is public [UnAuthorized] public ActionResult Index() { ViewData["Message"] = "Welcome to ASP.NET MVC!"; return View(); } //This is private resource public ActionResult PrivateResource() { return View(); } } Then anyone can access this resource. Do you have any ideas how to make it better way?

    Read the article

  • Real world examples of Rx

    - by theburningmonk
    I've been playing around with the Reactive Extension for a little while now, but mostly limited to handling/composing user driven events within a WPF frontend. It's such a powerful, new way of doing async programming, and I'm curious as to what other people are doing with it, and where do you think it might be able to improve the way we're currently doing things?

    Read the article

  • PHP REMOTE_ADDR and secure sessions

    - by Christopher McCann
    One of the ways I have used to make securer sessions in the past is to also record the clients IP address and user agent at the handshake. Each time the client moves a page and calls session_start() I also check that the IP address and user agent stored is still the same to prevent hiijacking. But if someone is connecting from say a company network then all the users will probably have the same external static IP address and they could also really easily be using the same user agent. Is there other metrics I can use which are local only to the physical machine? Thanks

    Read the article

  • What are some arguments to support the position that the Dojo JavasScript library is secure, accessi

    - by LES2
    We have developed a small web application for a client. We decided on the Dojo framework to develop the app (requirements included were full i18n and a11y). Originally, the web app we developed was to be a "prototype", but we made the prototype production quality anyway, just in case. It turns out that the app we developed (or a variant of it) is going to production (many months hence), but it's so awesome that the enterprise architecture group is a little afraid. 508c compliant is a concern, as is security for this group. I now need to justify the use of Dojo to this architecture group, explicitly making the case that Dojo does not pose a security risk and that Dojo will not hurt accessibility (and that Dojo is there to help meet core requirements). Note: the web app currently requires JavaScript to be turned on and a stylesheet to work. We use a relatively minor subset of Dojo: of course, dojo core, and dijit.form.Form, ValidationTextBox and a few others. We do use dojox.grid.DataGrid (but no drag N drop or editable cells, which are not fully a11y). I have done some research of my own, of course, but I any information or advice you have would be most helpful. Regards, LES2

    Read the article

  • Amazon S3 as secure backup without multiple invoices

    - by Tom Viner
    I'm storing copies of database backups on Amazon S3 using the Python Boto library. But I worry that if my web server was hacked, those backups could be deleted using the credentials I need to do the upload. Ok, so I know you can grant permissions to another Amazon email address, so I can imagine doing that after an upload then removing the original user's write access BUT in this scenario I now end up with 2 accounts and 2 sets of invoices to give to accounts every month. Is there a solution to this that doesn't require a new Amazon account for each web server I run?

    Read the article

  • World Economic Crisis. IT prospects

    - by Andrew Florko
    There was alike question in 2008, 2 years passed. Please, share your expectations about IT market and employment in the next year or two (or so far you can predict). IMHO Russia (my native country) fully met Crisis in spring, 2008. Stock markets shrank 3(!) times during half a year. Many developers were fired those days but I suppose just because business was shocked and freezed some projects. Developers expected +20% salary growth per year in 2004-2007 (Developer salary in Moscow was about 2-3K$ in early 2008). Then there was 30% (very subjective) salary cut-off in 2008 and salaries were frozen till 2009. Now things are slowly coming back to 2008. Looking in the future I expect pessimistic scenario and another crash. Our economic depends more and more on oil & gas every year. IT that serves industry will be shrinked because we can't compete to China in real production. Due to high currency board (rubble is strong compared to dollar) we can't rely on offshore programming. Our officials are concerned on innovative economic breakthrough but it's an ordinary budget money assignemtn in practice. I don't believe in innovations either because who require innovations if you have debts and tomorrow is vapor?

    Read the article

  • Secure automated SSH/SFTP after reboot

    - by mozillalives
    I need to give a daemon ssh access to a particular server. Currently I have it setup to use ssh keys and a keychain, but the trouble with this method is if a reboot occurs. Unless I'm missing something, I would need to login after a system reboot and add the key to the keychain. Is there a way I could avoid/automate this? I'm considering using expect if I can't find any other way.

    Read the article

  • OpenGL ES and real world development

    - by Mark
    Hi Guys, I'm trying to learn OpenGL ES quickly (I know, I know, but these are the pressures that have been thrusted upon me) and I have been read around a fair bit, which lots of success at rendering basic models, some basic lighting and 'some' texturing success too. But this is CONSTANTLY the point at which all OpenGL ES tutorials end, they never say more of what a real life app may need. So I have a few questions that Im hoping arent too difficult. How do people get 3d models from their favorite 3d modeling tool into the iPhone/iPad application? I have seen a couple of blog posts where people have written some python scripts for tools like Blender which create .h files that you can use, is this what people seem to do everytime? Or do the "big" tooling suites (3DS, Maya, etc...) have exporting features? Say I have my model in a nice .h file, all the vertexes, texture points, etc.. are lined up, how to I make my model (say of a basic person) walk? Or to be more general, how do you animate "part" of a model (legs only, turn head, etc...)? Do they need to be a massive mash-up of many different tiny models, or can you pre-bake animations these days "into" models (somehow) Truely great 3D games for the iPhone are (im sure) unbelievably complex, but how do people (game dev firms) seem to manage that designer/developer workflow? Surely not all the animations, textures, etc... are done programatically. I hope these are not stupid questions, and in actual fact, my app that Im trying to investigate how to make is really quite simple, just a basic 3D model that I want to be able to pan/tilt around using touch. Has anyone ever done/seen anything like this that I might be able to read up on? Thanks for any help you can give, I appreciate all types of response big or small :) Cheers, Mark

    Read the article

  • Making AJAX calls secure

    - by iamdadude
    What happens if a user looks at my JavaScript file, copies the content of a function and sends a request to my server using AJAX? And is there a way to properly protect against this from happening?

    Read the article

  • How to secure images with Rails?

    - by NotDan
    I have a gallery in my rails app that needs to only allow certain images to be shown to specific, logged in users. I am using Paperclip for image processing now, but it saves all images in a public folder available to anyone. Note that I don't have to use Paperclip if there is a better way, and I already have the login system in place. I just need a way to place the images in a non-public location, but still be able to serve them as needed. Is it possible to only allow these images to be served to authenticated users?

    Read the article

  • Symfony: Routing 'secure' and 'login' actions to another application

    - by Darmen
    Hello, Suppose we have 3 apps - appMain, app1 and app2. Applications 1 and 2 are protected, they have is_secure: true and everything works fine with sfDoctrineGuard plugin. A behavior I want to achieve is when a user is not authenticated, current application to forward him to another one, say appMain with defined module and action. Is that possible? Or can someone tell me where to dig about security mechanisms in symfony?

    Read the article

  • How secure is .htaccess protected pages

    - by Steven smethurst
    Are there any known flaws with htaccess protected pages? I know they are acceptable to brute force attacks as there is no limit to the amount of times someone can attempt to login. And a user can uploaded and execute a file on the server all bets are off... Anything other .htaccess flaws?

    Read the article

  • How to "upgrade" the database in real world?

    - by Tattat
    My company have develop a web application using php + mysql. The system can display a product's original price and discount price to the user. If you haven't logined, you get the original price, if you loginned , you get the discount price. It is pretty easy to understand. But my company want more features in the system, it want to display different prices base on different user. For example, user A is a golden parnter, he can get 50% off. User B is a silver parnter, only have 30 % off. But this logic is not prepare in the original system, so I need to add some attribute in the database, at least a user type in this example. Is there any recommendation on how to merge current database to my new version of database. Also, all the data should preserver, and the server should works 24/7. (within stop the database) Is it possible to do so? Also , any recommend for future maintaince advice? Thz u.

    Read the article

  • Best Practices For Secure APIs?

    - by Ferrett Steinmetz
    Let's say I have a website that has a lot of information on our products. I'd like some of our customers (including us!) to be able to look up our products for various methods, including: 1) Pulling data from AJAX calls that return data in cool, JavaScripty-ways 2) Creating iPhone applications that use that data; 3) Having other web applications use that data for their own end. Normally, I'd just create an API and be done with it. However, this data is in fact mildly confidential - which is to say that we don't want our competitors to be able to look up all our products every morning and then automatically set their prices to undercut us. And we also want to be able to look at who might be abusing the system, so if someone's making ten million complex calls to our API a day and bogging down our server, we can cut them off. My next logical step would be then to create a developers' key to restrict access - which would work fine for web apps, but not so much for any AJAX calls. (As I see it, they'd need to provide the key in the JavaScript, which is in plaintext and easily seen, and hence there's actually no security at all. Particularly if we'd be using our own developers' keys on our site to make these AJAX calls.) So my question: after looking around at Oauth and OpenID for some time, I'm not sure there is a solution that would handle all three of the above. Is there some sort of canonical "best practices" for developers' keys, or can Oauth and OpenID handle AJAX calls easily in some fashion I have yet to grok, or am I missing something entirely?

    Read the article

  • How to secure connection strings in VS?

    - by salvationishere
    I see several others have posted this question, however, none of the solutions I've tried have fixed this yet. I have a 32-bit XP running VS 2008 and I am trying to encrypt my connection string in my web.config file. But I am getting the error: The configuration section '...' was not found. Failed! The command I give it: C:\Program Files\Microsoft Visual Studio 9.0\VCAspnet_regiis.exe -pe "system.we b/AdventureWorksConnectionString2" -app "/Documents and Settings/Admin/My Docume nts/Visual Studio 2008/Projects/AddFileToSQL2" Also, how does -app map virtual directory? In other words the path above is the directory right below c:. Is this the correct path to use? And AddFileToSQL2 is the name of my project, although it is part of the AddFileToSQL solution. I have this folder web shared with all of the permissions. And the relevant part of my web.config file: <add name="AdventureWorksConnectionString2" connectionString="Data Source=SIDEKICK;Initial Catalog=AdventureWorks;Persist Security Info=true; User ID=AdventureWorks;Password=sqlMagic" providerName="System.Data.SqlClient" />

    Read the article

  • iPhone Simulating App Update at home before going out in the big bad world

    - by Aran Mulholland
    this is a follow on from this question and the link given it seems that when an app is updated all of the files in the documents directory are copied into the updated apps documents directory and also anything in Library/Preferences. Whats the best way to simulate this for testing purposes? Just copy the files in ApplicationSupport/iPhone Simulator etc? or has anyone developped any funky techniques for testing this.

    Read the article

  • Vectors for a 2D/3D World in Java

    - by jax
    I reading about Mathematics in Games and am wondering what is the best way to represent a Vector location in Java. I know there is a Vector class but I don't think this is what I need. There is also a Matrix class which looks like it may be what I want (a 1 dimensional matrix maybe). In particular, if I were to create a location Vector such as: v(x,y,z) where x,y and z are the coordinates in 3D space, what would be the best way to represent this in Java. It would be nice if I could also add, subtract and find the dot-product of Vectors. ideas?

    Read the article

  • Cross domain secure cookie usage?

    - by asdasda
    I have a website that came with a SSL site for HTTPS but its on a different server. Example being my website: http://example.com my SSL site: http://myhostingcompany.com/~myuseraccount/ So I can do transactions over HTTPS and we have user accounts and everything but it is located on a different domain. The cookie domain is set for that one. Is there a way I can check on my actual site to see if a cookie is set for the other one? And possibly grab its data and auth a user? I think this violates a major principle of security and can't be done for good reasons, but am i wrong? is this possible?

    Read the article

  • Notepad++ regular expression find and replace $_REQUEST with $_GET but a more secure

    - by David
    What I am doing is replacing, in a large program, all $_REQUEST['var'] and mysql_escape_string($_REQUEST['var']) with either the 1st or 2nd line below the dotted line. Now, I have figured out this much of the regular expression but I would like to make it simpler. Instead of having to run the top one first then the 2nd one I would like to just run one all together. I tried this but it did not work. (mysql_escape_string\()*$_REQUEST\[\'([^']*)\'\]\)(\)*) So below is what works but again have to do it twice. $_REQUEST\[\'([^']*)\'\] mysql_escape_string\($_REQUEST\[\'([^']*)\'\]\) (isset($_GET['\1'])?mysql_real_escape_string($_GET['\1']):false) (isset($_POST['\1'])?mysql_real_escape_string($_POST['\1']):false) ============================ Update: Yeah, after some research I figured out that Notepad++ does not support most regular expressions. I guess one additional step can not hurt a person. It's just laziness. *NOTE: BUT if anyone wants to try feel free to comment. At least it is just 2 steps and not 20.

    Read the article

  • MVC Pages that require the user to be logged in

    - by keithjgrant
    I'm working on a little MVC framework and I'm wondering what the "best way" is to structure things so secure pages/controllers always ensure the user is logged in (and thus automatically redirects to a login page--or elsewhere--if not). Obviously, there are a lot of ways to do it, but I'm wondering what solution(s) are the most common or are considered the best practice. Some ideas I had: Explicitly call user->isLoggedIn() at the beginning of your controller action method? (Seems far too easy to forget and leave an important page unsecure on accident) Make your controller extend a secureController that always checks for login in the constructor? Do this check in the model when secure information is requested? (Seems like redundant calls would be made) Something else entirely? Note: I'm working in PHP, though the question is not language-dependent.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 36 37 38 39 40 41 42 43 44 45 46 47  | Next Page >