Search Results

Search found 10956 results on 439 pages for 'zend session'.

Page 401/439 | < Previous Page | 397 398 399 400 401 402 403 404 405 406 407 408  | Next Page >

• How do I structure my tests with Python unittest module?

  - by persepolis

  I'm trying to build a test framework for automated webtesting in selenium and unittest, and I want to structure my tests into distinct scripts. So I've organised it as following: base.py - This will contain, for now, the base selenium test case class for setting up a session. import unittest from selenium import webdriver # Base Selenium Test class from which all test cases inherit. class BaseSeleniumTest(unittest.TestCase): def setUp(self): self.browser = webdriver.Firefox() def tearDown(self): self.browser.close() main.py - I want this to be the overall test suite from which all the individual tests are run. import unittest import test_example if __name__ == "__main__": SeTestSuite = test_example.TitleSpelling() unittest.TextTestRunner(verbosity=2).run(SeTestSuite) test_example.py - An example test case, it might be nice to make these run on their own too. from base import BaseSeleniumTest # Test the spelling of the title class TitleSpelling(BaseSeleniumTest): def test_a(self): self.assertTrue(False) def test_b(self): self.assertTrue(True) The problem is that when I run main.py I get the following error: Traceback (most recent call last): File "H:\Python\testframework\main.py", line 5, in <module> SeTestSuite = test_example.TitleSpelling() File "C:\Python27\lib\unittest\case.py", line 191, in __init__ (self.__class__, methodName)) ValueError: no such test method in <class 'test_example.TitleSpelling'>: runTest I suspect this is due to the very special way in which unittest runs and I must have missed a trick on how the docs expect me to structure my tests. Any pointers?

  Read the article

• Using block around a static/singleton resource reference

  - by byte

  This is interesting (to me anyway), and I'd like to see if anyone has a good answer and explanation for this behavior. Say you have a singleton database object (or static database object), and you have it stored in a class Foo. public class Foo { public static SqlConnection DBConn = new SqlConnection(ConfigurationManager.ConnectionStrings["BAR"].ConnectionString); } Then, lets say that you are cognizant of the usefulness of calling and disposing your connection (pretend for this example that its a one-time use for purposes of illustration). So you decide to use a 'using' block to take care of the Dispose() call. using (SqlConnection conn = Foo.DBConn) { conn.Open(); using (SqlCommand cmd = new SqlCommand()) { cmd.Connection = conn; cmd.CommandType = System.Data.CommandType.StoredProcedure; cmd.CommandText = "SP_YOUR_PROC"; cmd.ExecuteNonQuery(); } conn.Close(); } This fails, with an error stating that the "ConnectionString property is not initialized". It's not an issue with pulling the connection string from the app.config/web.config. When you investigate in a debug session you see that Foo.DBConn is not null, but contains empty properties. Why is this?

  Read the article

• Use a foreign key mapping to get data from the other table using Python and SQLAlchemy.

  - by Az

  Hmm, the title was harder to formulate than I thought. Basically, I've got these simple classes mapped to tables, using SQLAlchemy. I know they're missing a few items but those aren't essential for highlighting the problem. class Customer(object): def __init__(self, uid, name, email): self.uid = uid self.name = name self.email = email def __repr__(self): return str(self) def __str__(self): return "Cust: %s, Name: %s (Email: %s)" %(self.uid, self.name, self.email) The above is basically a simple customer with an id, name and an email address. class Order(object): def __init__(self, item_id, item_name, customer): self.item_id = item_id self.item_name = item_name self.customer = None def __repr__(self): return str(self) def __str__(self): return "Item ID %s: %s, has been ordered by customer no. %s" %(self.item_id, self.item_name, self.customer) This is the Orders class that just holds the order information: an id, a name and a reference to a customer. It's initialised to None to indicate that this item doesn't have a customer yet. The code's job will assign the item a customer. The following code maps these classes to respective database tables. # SQLAlchemy database transmutation engine = create_engine('sqlite:///:memory:', echo=False) metadata = MetaData() customers_table = Table('customers', metadata, Column('uid', Integer, primary_key=True), Column('name', String), Column('email', String) ) orders_table = Table('orders', metadata, Column('item_id', Integer, primary_key=True), Column('item_name', String), Column('customer', Integer, ForeignKey('customers.uid')) ) metadata.create_all(engine) mapper(Customer, customers_table) mapper(Orders, orders_table) Now if I do something like: for order in session.query(Order): print order I can get a list of orders in this form: Item ID 1001: MX4000 Laser Mouse, has been ordered by customer no. 12 What I want to do is find out customer 12's name and email address (which is why I used the ForeignKey into the Customer table). How would I go about it?

  Read the article

• Rss: Bookmark is not working correctly.

  - by shruti

  I'm working on project RSS generation in MVC.Net. in taht i want to make bookmark. for that i have write the code on controller. first there is one aspx page from which subscription page gets open. public ActionResult ViewBlog() { if (Session[SessionVariables.username] == null) { return RedirectToAction("Login", "Home"); } else { return View(classObj.fetchAllBlogs()); } } and coding for subscription is: public ActionResult Rss() { string bcontent = classObj.showBlog(); DateTime postdate = classObj.showPostDate(); List<SyndicationItem> items = new SyndicationItem[] { new SyndicationItem("RSS Blog",bcontent+postdate,null), }.ToList(); RssResult r = new RssResult(); SyndicationFeed feed = new SyndicationFeed("Admin: Blog Posts", "RSS Feed",Request.Url , items); return new RssResult(feed); Developer", "The latest news on ASP.NET, C# and ASP.NET MVC "); } but problem is that when usr clicks on bookmark then intested of opening ViewBlog.aspx it opens the same page. i want to open ViewBlog.aspx. I think the problem is in: SyndicationFeed feed = new SyndicationFeed("Admin: Blog Posts", "RSS Feed",Request.Url , items); Plz help ...!

  Read the article

• Flash Player: Any remedy for the stale video image data problem (in a reused NetStream object)?

  - by amn

  Has anyone experienced stale stills of a previous playback for a reused NetStream object? If so, what are the workarounds for this, except re-creating the object (which eats performance and time)? It is hard to reuse NetStream objects because of a (in my opinion) fundamental issue with NetStream objects - when you 'close' a playing stream and at a later point issue a 'play' call on it again with a different name, the stream appears to still contain a stale image lingering from previous playback, and this is of course displayed in the Video object for a moment - the moment I assume it takes for new stream data to become available from server. Because of this behavior, to improve my users' visual experience, I simply discard a NetStream object after a playback session, and assign a new NetStream object to the same variable, set it up, and play something else. It appears to work - no stale image - but what bugs me is that it's a work around and costs performance (construction and setting up the object again - event listeners and 'client' delegates and more memory usage - NetStream objects are not garbage collected immediately, it takes some time). It would be really nice to REALLY be able to reuse a stream. I am thinking of something akin to Video.clear method, but for the NetStream class. Am I missing something?

  Read the article

• HMAC URLs instead of login?

  - by Tres

  In implementing my site (a Rails site if it makes any difference), one of my design priorities is to relieve the user of the need to create yet another username and password while still providing useful per-user functionality. The way I am planning to do this is: User enters information on the site. Information is associated with the user via server-side session. User completes entering information, server sends an access URL via e-mail to the user roughly in the form of: http://siteurl/<user identifier>/<signature: HMAC(secret + salt + user identifier)> User clicks URL, site looks up user ID and salt and computes the HMAC with the server-stored secret and authenticates if the computed HMAC and signature match. My question is: is this a reasonably secure way to accomplish what I'm looking to do? Are there common attacks that would render it useless? Is there a compelling reason to abandon my desire to avoid a username/password? Is there a must-read book or article on the subject? Note that I'm not dealing with credit card numbers or anything exceedingly private, but I would still like to keep the information reasonably secure.

  Read the article

• S3 file Uploading from Mac app though PHP?

  - by Ilija Tovilo

  I have asked this question before, but it was deleted due too little information. I'll try to be more concrete this time. I have an Objective-C mac application, which should allow users to upload files to S3-storage. The s3 storage is mine, the users don't have an Amazon account. Until now, the files were uploaded directly to the amazon servers. After thinking some more about it, it wasn't really a great concept, regarding security and flexibility. I want to add a server in between. The user should authenticate with my server, the server would open a session if the authentication was successful, and the file-sharing could begin. Now my question. I want to upload the files to S3. One option would be to make a POST-request and wait until the server would receive the file. Problems here are, that there would be a delay, when the file is being uploaded from my server to the S3 servers, and it would double the uploading time. Best would be, if I could validate the request, and then redirecting it, so the client uploads it directly to the s3-storage. Not sure if this is possible somehow. Uploading directly to S3 doesn't seem to be very smart. After looking into other apps like Droplr and Dropmark, it looks like they don't do this. Btw. I did this using Little Snitch. They have their api on their own web-server, and that's it. Could someone clear things up for me? EDIT How should I transmit my files to S3? Is there a way to "forward" it, or do I have to upload it to my server and then upload it from there to S3? Like I said, other apps can do this efficiently and without the need of communicating with S3 directly.

  Read the article

• jquery with php loading file

  - by Marcus Solv

  I'm trying to use jquery with a simple php code: $('#some').click(function() { <?php require_once('some1.php?name="some' + index + '"'); ?> }); It shows no error, so I don't know what is wrong. In some1 I have: <?php //Start session session_start(); //Include database connection details require_once('../sql/config.php'); //Connect to mysql server $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); if(!$link) { die('Failed to connect to server: ' . mysql_error()); } //Select database $db = mysql_select_db(DB_DATABASE); if(!$db) { die("Unable to select database"); } //Function to sanitize values received from the form. Prevents SQL injection function clean($str) { $str = @trim($str); if(get_magic_quotes_gpc()) { $str = stripslashes($str); } return mysql_real_escape_string($str); } //Sanitize the POST values $name = clean($_GET['name']); ?> It's not complete because I want to make a sql command (insert). I want when I click in #some to execute that file (create a entry in the table that isn't define yet).

  Read the article

• Batch insert mode with hibernate and oracle: seems to be dropping back to slow mode silently

  - by Chris

  I'm trying to get a batch insert working with Hibernate into Oracle, according to what i've read here: http://docs.jboss.org/hibernate/core/3.3/reference/en/html/batch.html , but with my benchmarking it doesn't seem any faster than before. Can anyone suggest a way to prove whether hibernate is using batch mode or not? I hear that there are numerous reasons why it may silently drop into normal mode (eg associations and generated ids) so is there some way to find out why it has gone non-batch? My hibernate.cfg.xml contains this line which i believe is all i need to enable batch mode: <property name="jdbc.batch_size">50</property> My insert code looks like this: List<LogEntry> entries = ..a list of 100 LogEntry data classes... Session sess = sessionFactory.getCurrentSession(); for(LogEntry e : entries) { sess.save(e); } sess.flush(); sess.clear(); My 'logentry' class has no associations, the only interesting field is the id: @Entity @Table(name="log_entries") public class LogEntry { @Id @GeneratedValue public Long id; ..other fields - strings and ints... However, since it is oracle, i believe the @GeneratedValue will use the sequence generator. And i believe that only the 'identity' generator will stop bulk inserts. So if anyone can explain why it isn't running in batch mode, or how i can find out for sure if it is or isn't in batch mode, or find out why hibernate is silently dropping back to slow mode, i'd be most grateful. Thanks

  Read the article

• I need help solving a rather weird error in a WCF service.

  - by Moulde

  Hi.. I have a solution that contains three projects. A main project with my MVC app, a silverlight application and a (silverlight enabled) WCF service project. In my silverlight project i have made a Service Reference to my WCF service. And i pretty much got that working. In my WCF service i have a method that returns an Book object, which got some random fields like title, date etc. In the book class, i have a ICollection field that contains a list of events. The book class is generated using entity framework 4.0, and Lazy Loading is enabled. If i in my getBook(int id) method return a book with the events field not initialized, it works as a charm. But if i initialize the field, i'm getting this error. The server did not provide a meaningful reply; this might be caused by a contract mismatch, a premature session shutdown or an internal server error. I have a few ideas why that is happening, and while writing this i just got another one. The wcf service somehow threw away the reference to the event class. That would be very weird since i have a reference between my main mvc app (with the models) and my WCF service. Since i have enabled lazy loading in EF 4.0, i suspect that it may be the thing generating the error. But i'm not sure why that would be, because i'm not in any way accessing that field. I could understand that i may not be able to access the events field after i recive the object in my silverlight application since the connection between the book object and the entity framework is like broken. Did i mention that Lazy Loading is enabled on my EF instance? And there is no inner exception in the thrown exception. Thanks in advance. Malte Baden Hansen

  Read the article

• Facebook Android SDK. Error validating access token

  - by Mj1992

  I am trying to access user information from facebook sdk.But I keep getting this error. {"error":{"message":"Error validating access token: The session has been invalidated because the user has changed the password.","type":"OAuthException","code":190,"error_subcode":460}} Here is the call which returns me the error in the response parameter of the oncomplete function. mAsyncRunner.request("me", new RequestListener() { @Override public void onComplete(String response, Object state) { Log.d("Profile", response); String json = response; //<-- error in response try { JSONObject profile = new JSONObject(json); MainActivity.this.userid = profile.getString("id"); new GetUserProfilePic().execute(); runOnUiThread(new Runnable() { @Override public void run() { Toast.makeText(getApplicationContext(), "Name: " + MainActivity.this.userid, Toast.LENGTH_LONG).show(); } }); } catch (JSONException e) { e.printStackTrace(); Log.e("jsonexception",e.getMessage()); facebook.extendAccessTokenIfNeeded(MainActivity.this, null); GetUserInfo(); } } @Override public void onIOException(IOException e, Object state) { } @Override public void onFileNotFoundException(FileNotFoundException e, Object state) { } @Override public void onMalformedURLException(MalformedURLException e, Object state) { } @Override public void onFacebookError(FacebookError e, Object state) { } }); Sometimes I get the correct response also.I think this is due to the access token expiration if I am right. So can you guys tell me how to extend the access token although I've used this facebook.extendAccessTokenIfNeeded(this, null); in the onResume method of the activity. How to solve this?

  Read the article

• Domain validates but won't save

  - by marko

  I have the following setup. Class, say, Car that has a CarPart (belongsTo=[car:Car]). When I'm creating a Car I also want to create som default CarParts, so I do def car = new Car(bla bla bla) def part = new CarPart(car:car) Now, when I do car.validate() or part.validate() it seems fine. But when I do if(car.save && part.save() I get this exception: 2012-03-24 14:02:21,943 [http-8080-4] ERROR util.JDBCExceptionReporter - Batch entry 0 insert into car_part (version, car_id, id) values ('0', '297', '298') was aborted. Call getNextException to see the cause. 2012-03-24 14:02:21,943 [http-8080-4] ERROR util.JDBCExceptionReporter - ERROR: value too long for type character varying(6) 2012-03-24 14:02:21,943 [http-8080-4] ERROR events.PatchedDefaultFlushEventListener - Could not synchronize database state with session org.hibernate.exception.DataException: Could not execute JDBC batch update Stacktrace follows: java.sql.BatchUpdateException: Batch entry 0 insert into car_part (version, deal_id, id) values ('0', '297', '298') was aborted. Call getNextException to see the cause. at org.postgresql.jdbc2.AbstractJdbc2Statement$BatchResultHandler.handleError(AbstractJdbc2Statement.java:2621) at org.postgresql.core.v3.QueryExecutorImpl.processResults(QueryExecutorImpl.java:1837) at org.postgresql.core.v3.QueryExecutorImpl.execute(QueryExecutorImpl.java:407) at org.postgresql.jdbc2.AbstractJdbc2Statement.executeBatch(AbstractJdbc2Statement.java:2754) at $Proxy20.flush(Unknown Source) at ristretto.DealController$_closure5.doCall(DealController.groovy:109) at ristretto.DealController$_closure5.doCall(DealController.groovy) at java.lang.Thread.run(Thread.java:722) Any ideas?

  Read the article

• What prevents a user from adding controls to an ASP.NET page client side?

  - by Curtis White

  This goes back to my other question which I thought was sufficiently answers but upon reflect am not sure that it was (sorry). Backgrounder: I am generating a form dynamically. I am pulling from the database the controls. I must associate each control with a database ID which is not the user's session id. I do this currently by storing my ID in the ID for the web control with some other stuff to make it unique/clear what I am doing. On the post back, I iterate through all the controls on my web page checking for my special identifier, ie, MyGeneratedTextBox_ID_Unique. This process enables for 2 important steps, identifying the control was one I generated and also getting the ID for this input field. And, all of this works but I'm still concerned about the security of it. I do not see a security issue with showing the actual database ID's in this case, although agree it is not desirable. However, I am concerned of the following possibilities: If a user could add a nefarious control to my collection and use that for a SQL injection attack. More academic, but if a user could somehow store data for fields they do not have access too by changing the id's. I agree this is a "hack" of a way to do it. But my question is, is it a security risk and is there an 'easy' way to do it in a less hack way? I assume that only the controls that are created/instantiated on the page are added to the controls list.. thus all controls must be created server side and thus the security issue is address but just wanted to validate. Thanks again. PS: I could see adding a property for each control and encrypting the viewstate would be a little more secure.

  Read the article

• SpringFramework3.0: How to create interceptors that only apply to requests that map to certain contr

  - by Fusion2004

  In it's simplest form, I want an interceptor that checks session data to see if a user is logged in, and if not redirects them to the login page. Obviously, I wouldn't want this interceptor to be used on say the welcome page or the login page itself. I've seen a design that uses a listing of every url to one of two interceptors, one doing nothing and the other being the actual interceptor you want implemented, but this design seems very clunky and limits the ease of extensibility of the application. It makes sense to me that there should be an annotation-based way of using interceptors, but this doesn't seem to exist. My friend has the idea of actually modifying the handler class so that during each request it checks the Controller it is mapping the request to for a new annotation we would create (ex @Interceptor("loginInterceptor") ). A major point of my thinking is the extensibility, because I'd like to later implement similar interceptors for role-based authentication and/or administration authentication. Does it sound like my friend's approach would work for this? Or what is a proper way of going about doing this?

  Read the article

• Django | passing form values

  - by MMRUser

  I want to create a user sign up process that requires two different forms with the same data one (1st form) is for filling out the data and other one (2nd form) is for displaying the filled data as a summery (before actually saving the data) so then user can view what he/she has filled up... my problem is that how do I pass 1st form's data in to the 2nd one .. I have used the basic Django form manipulation mechanism and passed the form field values to the next form using Django template tags.. if request.method == 'POST': form = Users(request.POST) if form.is_valid(): cd = form.cleaned_data try: name = cd['fullName'] email = cd['emailAdd'] password1 = cd['password'] password2 = cd['password2'] phoneNumber = cd['phoneNumber'] return render_to_response('signup2.html', {'name': name, 'email': email, 'password1': password1, 'password2': password2, 'phone': phone, 'pt': phoneType}) except Exception, ex: return HttpResponse("Error %s" % str(ex)) and from the second from I just displayed those field values using tags and also used hidden fields in order to submit the form with values, like this: <label for="">Email:</label> {{ email }} <input type="hidden" id="" name="email" class="width250" value="{{ email }}" readonly /> It works nicely from the out look, but the real problem is that if someone view the source of the html he can simply get the password even hackers can get through this easily. So how do I avoid this issue.. and I don't want to use Django session since this is just a simple sign up process and no other interactions involved. Thanks.

  Read the article

• Keep the images downloaded in the listview during scrolling

  - by Paveliko

  I'm developing my first app and have been reading a LOT here. I've been trying to find a solution for the following issue for over a week with no luck. I have an Adapter that extends ArrayAdapter to show image and 3 lines of text in each row. Inside the getView I assign relevant information for the TextViews and use ImageLoader class to download image and assign it to the ImageView. Everything works great! I have 4.5 rows visible on my screen (out of total of 20). When I scroll down for the first time the images continue to download and be assigned in right order to the list. BUT when I scroll back the list looses all the images and start redrawing them again (0.5-1 sec per image) in correct order. From what I've been reading it's the standard list performance but I want to change it. I want that, once the image was downloaded, it will be "sticked" to the list for the whole session of the current window. Just like in Contacts list or in the Market. It is only 20 images (6-9kb each). Hope I managed to explain myself.

  Read the article

• How to call stored procedure by hibernate?

  - by user367097

  Hi I have an oracle stored procedure GET_VENDOR_STATUS_COUNT(DOCUMENT_ID IN NUMBER , NOT_INVITED OUT NUMBER,INVITE_WITHDRAWN OUT NUMBER,... rest all parameters are OUT parameters. In hbm file I have written - <sql-query name="getVendorStatus" callable="true"> <return-scalar column="NOT_INVITED" type="string"/> <return-scalar column="INVITE_WITHDRAWN" type="string"/> <return-scalar column="INVITED" type="string"/> <return-scalar column="DISQUALIFIED" type="string"/> <return-scalar column="RESPONSE_AWAITED" type="string"/> <return-scalar column="RESPONSE_IN_PROGRESS" type="string"/> <return-scalar column="RESPONSE_RECEIVED" type="string"/> { call GET_VENDOR_STATUS_COUNT(:DOCUMENT_ID , :NOT_INVITED ,:INVITE_WITHDRAWN ,:INVITED ,:DISQUALIFIED ,:RESPONSE_AWAITED ,:RESPONSE_IN_PROGRESS ,:RESPONSE_RECEIVED ) } </sql-query> In java I have written - session.getNamedQuery("getVendorStatus").setParameter("DOCUMENT_ID", "DOCUMENT_ID").setParameter("NOT_INVITED", "NOT_INVITED") ... continue till all the parametes . I am getting the sql exception 18:29:33,056 WARN [JDBCExceptionReporter] SQL Error: 1006, SQLState: 72000 18:29:33,056 ERROR [JDBCExceptionReporter] ORA-01006: bind variable does not exist Please let me know what is the exact process of calling a stored procedure from hibernate. I do not want to use JDBC callable statement.

  Read the article

• Need method to seek next/previous records id without cycling through all records.

  - by dqhendricks

  I am using MySQL and PHP. I have a MySQL blog post result set with id fields, and publish_date fields. I display one blog post per page, and the script knows which blog post to display based on $_GET['id'], which correlates to each blog entry's id field. I would like to reference them by id in the url, because I would like each blog post to have a perminant url. I would like to order the blog posts by publish date (descending). Now, on each page there will be next and previous links, which contain the $_GET['id'] value for the next and previous blog posts. How can I figure out what the id of the next and previous blog posts (determined by it's publish_date order) without cycling through each mysql result row? I can't mysql_data_seek(), because I do not know the row index of the current blog post id. I do not want to store a row index in a GET variable because the urls would no longer be perminant. I obviously cannot store the row index in a SESSION variable because then direct links to specific blog posts would have broken next and previous links. Any suggestions would be greatly appreciated.

  Read the article

• Avoid slowdowns while using off-site database

  - by Anders Holmström

  The basic layout of my problem is this: Website (ASP.NET/C#) hosted at a dedicated hosting company (location 1) Company database (SQL Server) with records of relevant data (location 2). Location 1 & 2 connected through VPN. Customer visiting the website and wanting to pull data from the company database. No possibility of changing the server locations or layout (i.e. moving the website to an in-office server isn't possible). What I want to do is figure out the best way to handle the data acces in this case, minimizing the need for time-expensive database calls over the VPN. The first idea I'm getting is this: When a user enters the section of the website needing the DB data, you pull all the needed tables from the database into a in-memory dataset. All subsequent views/updates to the data is done on this dataset. When the user leaves (logout, session timeout, browser closed etc) the dataset gets sent to the SQL server. I'm not sure if this is a realistic solution, and it obviously has some problems. If two web visitors are performing updates on the same data, the one finishing up last will have their changes overwriting the first ones. There's also no way of knowing you have the latest data (i.e. if a customer pulls som info on their projects and we update this info while they are viewing them, they won't see these changes PLUS the above overwriting issue will arise). The other solution would be to somehow aggregate database calls and make sure they only happen when you need them, e.g. during data updates but not during data views. But then again the longer a pause between these refreshing DB calls, the bigger a chance that the data view is out of date as per the problem described above. Any input on the above or some fresh ideas would be most welcome.

  Read the article

• Cross-Application User Authentication

  - by Chris Lieb

  We have a webapp written in .NET that uses NTLM for SSO. We are writing a new webapp in Java that will tightly integrate with the original application. Unfortunately, Java has no support for performing the server portion of NTLM authentication and the only library that I can find requires too much setup to be allowed by IT. To work around this, I came up with a remote authentication scheme to work across applications and would like your opinions on it. It does not need to be extremely secure, but at the same time not easily be broken. User is authenticated into .NET application using NTLM User clicks link that leaves .NET application .NET application generates random number and stores it in the user table along with the user's full username (domain\username) Insecure token is formed as random number:username Insecure token is run through secure cipher (likely AES-256) using pre-shared key stored within the application to produce a secure token The secure token is passed as part of the query string to the Java application The Java application decrypts the secure key using the same pre-shared key stored within its own code to get the insecure token The random number and username are split apart The username is used to retrieve the user's information from the user table and the stored random number is checked against the one pulled from the insecure token If the numbers match, the username is put into the session for the user and they are now authenticated If the numbers do not match, the user is redirected to the .NET application's home page The random number is removed from the database

  Read the article

• Cocoa memory management - object going nil on me

  - by SirRatty

  Hi all, Mac OS X 10.6, Cocoa project, with retain/release gc I've got a function which: iterates over a specific directory, scans it for subfolders (included nested ones), builds an NSMutableArray of strings (one string per found subfolder path), and returns that array. e.g. (error handling removed for brevity). NSMutableArray * ListAllSubFoldersForFolderPath(NSString *folderPath) { NSMutableArray *a = [NSMutableArray arrayWithCapacity:100]; NSString *itemName = nil; NSFileManager *fm = [NSFileManager defaultManager]; NSDirectoryEnumerator *e = [fm enumeratorAtPath:folderPath]; while (itemName = [e nextObject]) { NSString *fullPath = [folderPath stringByAppendingPathComponent:itemName]; BOOL isDirectory; if ([fm fileExistsAtPath:fullPath isDirectory:&isDirectory]) { if (isDirectory is_eq YES) { [a addObject: fullPath]; } } } return a; } The calling function takes the array just once per session, keeps it around for later processing: static NSMutableArray *gFolderPaths = nil; ... gFolderPaths = ListAllSubFoldersForFolderPath(myPath); [gFolderPaths retain]; All appears good at this stage. [gFolderPaths count] returns the correct number of paths found, and [gFolderPaths description] prints out all the correct path names. The problem: When I go to use gFolderPaths later (say, the next run through my event loop) my assertion code (and gdb in Xcode) tells me that it is nil. I am not modifying gFolderPaths in any way after that initial grab, so I am presuming that my memory management is screwed and that gFolderPaths is being released by the runtime. My assumptions/presumptions I do not have to retain each string as I add it to the mutable array because that is done automatically, but I do have to retain the the array once it is handed over to me from the function, because I won't be using it immediately. Is this correct? Any help is appreciated.

  Read the article

• How do I execute queries upon DB connection in Rails?

  - by sycobuny

  I have certain initializing functions that I use to set up audit logging on the DB server side (ie, not rails) in PostgreSQL. At least one has to be issued (setting the current user) before inserting data into or updating any of the audited tables, or else the whole query will fail spectacularly. I can easily call these every time before running any save operation in the code, but DRY makes me think I should have the code repeated in as few places as possible, particularly since this diverges greatly from the ideal of database agnosticism. Currently I'm attempting to override ActiveRecord::Base.establish_connection in an initializer to set it up so that the queries are run as soon as I connect automatically, but it doesn't behave as I expect it to. Here is the code in the initializer: class ActiveRecord::Base # extend the class methods, not the instance methods class << self alias :old_establish_connection :establish_connection # hide the default def establish_connection(*args) ret = old_establish_connection(*args) # call the default # set up necessary session variables for audit logging # call these after calling default, to make sure conn is established 1st db = self.class.connection db.execute("SELECT SV.set('current_user', 'test@localhost')") db.execute("SELECT SV.set('audit_notes', NULL)") # end "empty variable" err ret # return the default's original value end end end puts "Loaded custom establish_connection into ActiveRecord::Base" sycobuny:~/rails$ ruby script/server = Booting WEBrick = Rails 2.3.5 application starting on http://0.0.0.0:3000 Loaded custom establish_connection into ActiveRecord::Base This doesn't give me any errors, and unfortunately I can't check what the method looks like internally (I was using ActiveRecord::Base.method(:establish_connection), but apparently that creates a new Method object each time it's called, which is seemingly worthless cause I can't check object_id for any worthwhile information and I also can't reverse the compilation). However, the code never seems to get called, because any attempt to run a save or an update on a database object fails as I predicted earlier. If this isn't a proper way to execute code immediately on connection to the database, then what is?

  Read the article

• Loading GWT Messages from a Database

  - by Lars Tackmann

  In GWT one typically loads i18n strings using a interface like this: public interface StatusMessage extends Messages { String error(String username); : } which then loads the actual strings from a StatusMessage.property file: error=User: {0} does not have access to resource This is a great solution, however my client is unbendable in his demand for putting the i18n strings in a database so they can be changed at runtime (though its not a requirement that they be changed realtime). One solution is to create a async service which takes a message ID and user locale and returns a string. I have implemented this and find it terribly ugly (and it introduces a huge amount of extra communication with the server, plus it makes property placeholder replacement rather complicated). So my question is this, can I in some nice way implement a custom message provider that loads the messages from the backend in one big swoop (for the current user session). If it can also hook into the default GWT message mechanism, then I would be completely happy (i.e. so I can create a interface like above and keep using the the nice {0}, {1}... property replacement format). Other suggestions for clean database driven messages in GWT are also welcome.

  Read the article

• Log in to subdomain via main domain

  - by Mattias

  I have a website, available through multiple domainnames. like www.domain1.com .... www.domain5.com All my customers have their own subdomain. like: customer1.domain1.com customer2.domain1.com .... customer351.domain4.com Currently i dont use SSL, each customer log in their own account via their sub domain. I want to change this, and make all customers log in on a central log in page, that would use SSL, for example. https://login.domain1.com And somehow redirect each user to the correct sub domain adress. (Sub domain that don't use SSL) How do I do this, and maintain security? One idea i had: Login - add random value somewhere in the database, Redirect to subdomain, with querystring the randomvalue. And after that the session takes care of it, Each value can be used once only.. But how secure is that? I guess someone would ask the question "why?" to me. Because SSL costs money. And unfortunately i dont have a lot of it. :D Thanks for your time!

  Read the article

• Asp.Net 2 integrated sites How to Logout second site programatically.

  - by NBrowne

  Hi , I am working with an asp.net 2.0 site (call it site 1) which has an iframe in it which loads up another site (site2) which is also an asp.net site which is developed by our team. When you log onto site 1 then behind the scenes site 2 is also logged in so that when you click the iframe tab then this displays site 2 with the user logged in (to prevent the user from having to log in twice). The problem i have is that when a user logs out of site 1 then we call some cleanup methods to perform FormsAuthentication.SignOut and clean session variables etc but at the moment no cleanup is called when the user on site 2. So the issue is that if the user opens up Site 2 from within a browser then website 2 opens with the user still logged in which is undesired. Can anyone give me some guidance as to the best approach for this?? One possible approach i though of was just that on click of logout button i could do a call to a custom page on Site 2 which would do the logout. Code below HttpWebRequest request; request = ((HttpWebRequest)(WebRequest.Create("www.mywebsite.com/Site2Logout.aspx"))); request.Method = "POST"; HttpCookie cookie = HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName]; Cookie authenticationCookie = new Cookie( FormsAuthentication.FormsCookieName, cookie.Value, cookie.Path, HttpContext.Current.Request.Url.Authority); request .CookieContainer = new CookieContainer(); request .CookieContainer.Add(authenticationCookie); response.GetResponse(); Problem i am having with this code is that when i run it and debug on Site 2 and check to see if the user is Authenticated they are not which i dont understand because if i open browser and browse to Site 2 i am Still authenticated. Any ideas , different direction to take etc ??? Please let me know if you need any more info or if i something i have said dosent make sense. Thanks

  Read the article

< Previous Page | 397 398 399 400 401 402 403 404 405 406 407 408  | Next Page >