Search Results

Search found 22139 results on 886 pages for 'security testing'.

Page 42/886 | < Previous Page | 38 39 40 41 42 43 44 45 46 47 48 49  | Next Page >

  • Installing a personal security certificate for Windows Server 2008 Terminal Services user

    - by Rick
    We use StoneEdge Order Manager, which runs under Microsoft Access, on several Windows computers as well as through Terminal Services on Windows Server 2008. Terminal Services users are unable to process credit cards using the First Data Global Gateway on the server. We have followed the necessary setup instructions provided under the user account, which involves adding a certificate in the Internet Options control panel. The Windows XP desktops require this to be done, or a generic 'unable to connect' message is shown when attempting to charge a card. On the server, this message is shown regardless of whether the certificate has been installed. Is there anything else that needs to be done that is specific to Windows Server that is not mentioned in the workstation instructions? Setup Instructions

    Read the article

  • How should I track approval workflow when users at every security level can create a request?

    - by Eric Belair
    I am writing a new application that allows users to enter requests. Once a request is entered, it must follow an approval workflow to be finally approved by a user the highest security level. So, let's say a user at Security Level 1 enters a request. This request must be approved by his superior - a user at Security Level 2. Once the Security Level 2 user approves it, it must be approved by a user at Security Level 3. Once the Security Level 3 user approves it, it is considered fully approved. However, users at any of the three Security Levels can enter requests. So, if a Security Level 3 user enters a request, it is automatically considered "fully approved". And, if a Security Level 2 user enters a request, it must only be approved by a Security Level 3 user. I'm currently storing each approval status in a Database Log Table, like so: STATUS_ID (PK) REQUEST_ID STATUS STATUS_DATE -------------- ------------- ---------------- ----------------------- 1 1 USER_SUBMIT 2012-09-01 00:00:00.000 2 1 APPROVED_LEVEL2 2012-09-01 01:00:00.000 3 1 APPROVED_LEVEL3 2012-09-01 02:00:00.000 4 2 USER_SUBMIT 2012-09-01 02:30:00.000 5 2 APPROVED_LEVEL2 2012-09-01 02:45:00.000 My question is, which is a better design: Record all three statuses for every request ...or... Record only the statuses needed according to the Security Level of the user submitting the request In Case 2, the data might look like this for two requests - one submitted by Security Level 2 User and another submitted by Security Level 3 user: STATUS_ID (PK) REQUEST_ID STATUS STATUS_DATE -------------- ------------- ---------------- ----------------------- 1 3 APPROVED_LEVEL2 2012-09-01 01:00:00.000 2 3 APPROVED_LEVEL3 2012-09-01 02:00:00.000 3 4 APPROVED_LEVEL3 2012-09-01 02:00:00.000

    Read the article

  • Entry level security engineering positions

    - by Jake
    This is a question that has been bothering me for some time now. I have asked people and have always got mixed replies. It also has to do with how I will start my career. So here goes: Can an entry level software engineer directly get a job in a security engineering position? I am a graduate student in software engineering with a lot of course work in security as well, including web application, network and mobile security. I want to know if in the current industry, can an entry level engineer take the risk to prepare towards finding a security related position, or is it always necessary for a year or 2 development experience before one should think about finding a security position. Thank you.

    Read the article

  • Suggestions for cleaning up the mess after removing the "system tool" virus?

    - by Ross
    Hi! Last night I got infected with the "System Tool" virus. For those who don't know it disallows the user from executing any software, changes the desktop, stops all security software from running, and continually requests that you buy a Trojan security software. It took me a few hours but I finally managed to remove the software. To do this I went into my Ubuntu partition and searched out files that had been created around the time that I got infected and deleted the executable. Then I went back into my W7 partition and ran an MBAM full scan, an MSE full scan, an AVG bootable USB scan, and ran a ClamAV scan from my Ubuntu partition (Together these found 3 more infected executables). I also ran a Ccleaner full sweep and the registry cleaner just in case. I think I have found all of the problems but am still concerned that there might be a payload leftover from the virus that I didn't find. Do you have any suggestions of what else I can do to be sure. Just FYI I use W7 64 bit and MSE as my primary antivirus. I was using chrome when I got infected and it seems that it was due to a slightly out of date Java installation (MSE gave me a warning that the website had used a Java exploit and then my desktop changed to the classic "System Tools" desktop) Thank you very much for your help.

    Read the article

  • What is the way to go to fake my database layer in a unit test?

    - by Michel
    Hi, i have a question about unit testing. say i have a controller with one create method which puts a new customer in the database: //code a bit shortened public actionresult Create(Formcollection formcollection){ client c = nwe client(); c.Name = formcollection["name"]; ClientService.Save(c); { Clientservice would call a datalayer object and save it in the database. What i do now is create a database testscript and set my database in a know condition before testing. So when i test this method in the unit test, i know that there must be one more client in the database, and what it's name is. In short: ClientController cc = new ClientController(); cc.Create(new FormCollection (){name="John"}); //i know i had 10 clients before assert.areEqual(11, ClientService.GetNumberOfClients()); //the last inserted one is John assert.areEqual("John", ClientService.GetAllClients()[10].Name); So i've read that unit testing should not be hitting the database, i've setup an IOC for the database classes, but then what? I can create a fake database class, and make it do nothing. But then ofcourse my assertions will not work because if i say GetNumberOfClients() it will alwasy return X because it has no interaction with the fake database class used in the Create Method. I can also create a List of Clients in the fake database class, but as there will be two different instance created (one in the controller action and one in the unit test), they will have no interaction. What is the way to make this unit test work without a database?

    Read the article

  • tapestry 4 session expired

    - by cometta
    is below caused by user session expired? if yes, how to exend session on tapestry 4 ? or any other way to solve this problem? Unable to process client request: Unable to forward to local resource '/app?service=page&page=Home&id=692': java.lang.NullPointerException: Property 'webRequest' of <OuterProxy for tapestry.globals.RequestGlobals(org.apache.tapestry.services.RequestGlobals)> is null. Apr 22, 2010 5:14:43 PM org.apache.catalina.core.ApplicationContext log SEVERE: app: ServletException javax.servlet.ServletException: java.lang.NullPointerException: Property 'webRequest' of <OuterProxy for tapestry.globals.RequestGlobals(org.apache.tapestry.services.RequestGlobals)> is null. at org.apache.tapestry.services.impl.WebRequestServicerPipelineBridge.service(WebRequestServicerPipelineBridge.java:65) at $ServletRequestServicer_128043b52ea.service($ServletRequestServicer_128043b52ea.java) at org.apache.tapestry.request.DecodedRequestInjector.service(DecodedRequestInjector.java:55) at $ServletRequestServicerFilter_128043b52e6.service($ServletRequestServicerFilter_128043b52e6.java) at $ServletRequestServicer_128043b52ec.service($ServletRequestServicer_128043b52ec.java) at org.apache.tapestry.multipart.MultipartDecoderFilter.service(MultipartDecoderFilter.java:52) at $ServletRequestServicerFilter_128043b52e4.service($ServletRequestServicerFilter_128043b52e4.java) at $ServletRequestServicer_128043b52ec.service($ServletRequestServicer_128043b52ec.java) at org.apache.tapestry.services.impl.SetupRequestEncoding.service(SetupRequestEncoding.java:53) at $ServletRequestServicerFilter_128043b52e8.service($ServletRequestServicerFilter_128043b52e8.java) at $ServletRequestServicer_128043b52ec.service($ServletRequestServicer_128043b52ec.java) at $ServletRequestServicer_128043b52de.service($ServletRequestServicer_128043b52de.java) at org.apache.tapestry.ApplicationServlet.doService(ApplicationServlet.java:126) at org.apache.tapestry.ApplicationServlet.doPost(ApplicationServlet.java:171) at javax.servlet.http.HttpServlet.service(HttpServlet.java:637) at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:378) at org.springframework.security.intercept.web.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:109) at org.springframework.security.intercept.web.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) at org.springframework.security.ui.SessionFixationProtectionFilter.doFilterHttp(SessionFixationProtectionFilter.java:67) at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) at org.springframework.security.ui.ntlm.NtlmProcessingFilter.doFilterHttp(NtlmProcessingFilter.java:358) at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) at org.springframework.security.ui.ExceptionTranslationFilter.doFilterHttp(ExceptionTranslationFilter.java:101) at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) at org.springframework.security.context.HttpSessionContextIntegrationFilter.doFilterHttp(HttpSessionContextIntegrationFilter.java:235) at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) at org.springframework.security.concurrent.ConcurrentSessionFilter.doFilterHttp(ConcurrentSessionFilter.java:99) at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) at org.springframework.security.util.FilterChainProxy.doFilter(FilterChainProxy.java:175) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:236) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) at java.lang.Thread.run(Thread.java:619)

    Read the article

  • WebClient security error when accessing the world of warcraft armoury

    - by user348446
    Hello World, I am trying to piece together a solution to a problem. Basically I am using Silverlight 4 with C# 4.0 to access the world of warcraft armoury. If anyone has done this - please oh please provide the working .net 4.0 code. The code I am attempting to run is (e.Error contains a securtiy error): private void button10_Click(object sender, RoutedEventArgs e) { string url = @"http://eu.wowarmory.com/guild-info.xml?r=Eonar&n=Gifted and Talented"; WebClient wc = new WebClient(); // HOW DO I ADD A USER AGENT STRING (RESPONSE MAY VARY (I.E. HTML VS XML) IF PAGE THINKS CALL IS NOT CAPABABLE OF SUPPORTING XML TRANSFORMATIONS) //wc.ResponseHeaders["User-Agent"] = "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)"; wc.DownloadStringCompleted += new DownloadStringCompletedEventHandler(wc_DownloadStringCompleted); wc.DownloadStringAsync(new Uri(url)); } void wc_DownloadStringCompleted(object sender, DownloadStringCompletedEventArgs e) { if (e.Error == null) { string result = e.Result; XDocument ArmouryXML = XDocument.Parse(result); ShowGuildies(ArmouryXML); } else { MessageBox.Show("Something is complaining about security but not sure what!"); } } Notes: C# 4.0 The armoury is an XML file - but i believe it reverts to html should the request not be from a browser that supports XML transformation. But i don't think I am getting this far. The armoury has a cross domain policy file on it - this may be the cause of the error (not sure! I have uploaded to a production server I am testing it locally using IIS website I am going insane! Websites have made the suggestion that this problem can be overcome by creating a WebProxy - but I haven't the first clue how to do this. It would be great if someone could take on this challenge and show us all that it is possible. I'd prefer a non-proxy solution first, then try a proxy. The error details: e.Error = {System.Security.SecurityException --- System.Security.SecurityException: Security error. at System.Net.Browser.BrowserHttpWebRequest.InternalEndGetResponse(IAsyncResult asyncResult) at System.Net.Browser.BrowserHttpWebRequest.<c__DisplayClass5. Any intelligent master coders out there who can solve this in their sleep? Thanks if you can! Pass this on to someone who can if you can't. If you know someone who can't, don't pass it to them, but if you know someone can't then presumedly you know how to solve it and would encourage you to give it a go! Cheers! Dan.

    Read the article

  • Penetration testing tools

    - by Shoban
    We have 100s of websites which were developed in asp, .net and java... and we are paying lot of money for an external agency to do a penetration testing for our sites to check for security loop holes. Are there any (good) software (paid or free) to do this? or.. are there any tehnical articles which can help me develop this tool.

    Read the article

  • Network Security [closed]

    - by kapilg
    I have been a .net developer for the past three yrs. Just curious to know about the network security field. What kind of work does the developers working in these area do? I really have not much idea about network security but what my understanding is these people are involved in securing network, preventing attacks on network as obvious. Could any one please give me some details about this field and also what does it take to move to this field.

    Read the article

  • Security in programmming?

    - by yesraaj
    What is the best book to read about security issues that should be kept in mind while programming? What should a c++ programmer know about security? Is it worth buying any one of the following book If so which one should I get. Secure Coding In C & C++ Secure Programming Cookbook for C and C++ Writing Secure code

    Read the article

  • PHP security question?

    - by pHp
    I just wanted to know what are some basic PHP security techniques I should use when creating a web page that accepts articles? I'm fairly new to PHP and was wondering what will hold the fort down until I'm a security expert?

    Read the article

  • Multiple config files for spring security

    - by Xabier
    Hello all, I'm quite new to all things spring, and right now I'm developing an application that uses Spring, Spring MVC and Srping Security. My problem is that I'm using two dispatcher servlets, one for /csm/*.html and another one for *.html and I'd like to have one spring security configuration file per servlet. Is this possible at all?, if so, could you point me to an example?. Thanks in advance, Xabier.

    Read the article

  • security topics

    - by scatman
    i have a course project to do on network security, the project themes are lightweight security on mobile devices,sensors,rfids... i am really finding it hard to get papers about any of these topics. so what are some nice project topics that i can do? thanks

    Read the article

  • GWT with spring security not working on app engine live server.

    - by bedanand
    I configured gwt with spring and spring security that works fine on local development server on google app engine. I deployed to the appspot but there it shows critical error when i see on the log. and on the browser side shows 500 server error. log error Uncaught exception from servlet javax.servlet.UnavailableException: Initialization failed. at com.google.apphosting.runtime.jetty.AppVersionHandlerMap.createHandler(AppVersionHandlerMap.java:200) at com.google.apphosting.runtime.jetty.AppVersionHandlerMap.getHandler(AppVersionHandlerMap.java:168) at com.google.apphosting.runtime.jetty.JettyServletEngineAdapter.serviceRequest(JettyServletEngineAdapter.java:123) at com.google.apphosting.runtime.JavaRuntime.handleRequest(JavaRuntime.java:243) at com.google.apphosting.base.RuntimePb$EvaluationRuntime$6.handleBlockingRequest(RuntimePb.java:5838) at com.google.apphosting.base.RuntimePb$EvaluationRuntime$6.handleBlockingRequest(RuntimePb.java:5836) at com.google.net.rpc.impl.BlockingApplicationHandler.handleRequest(BlockingApplicationHandler.java:24) at com.google.net.rpc.impl.RpcUtil.runRpcInApplication(RpcUtil.java:398) at com.google.net.rpc.impl.Server$2.run(Server.java:852) at com.google.tracing.LocalTraceSpanRunnable.run(LocalTraceSpanRunnable.java:56) at com.google.tracing.LocalTraceSpanBuilder.internalContinueSpan(LocalTraceSpanBuilder.java:576) at com.google.net.rpc.impl.Server.startRpc(Server.java:807) at com.google.net.rpc.impl.Server.processRequest(Server.java:369) at com.google.net.rpc.impl.ServerConnection.messageReceived(ServerConnection.java:442) at com.google.net.rpc.impl.RpcConnection.parseMessages(RpcConnection.java:319) at com.google.net.rpc.impl.RpcConnection.dataReceived(RpcConnection.java:290) at com.google.net.async.Connection.handleReadEvent(Connection.java:474) at com.google.net.async.EventDispatcher.processNetworkEvents(EventDispatcher.java:831) at com.google.net.async.EventDispatcher.internalLoop(EventDispatcher.java:207) at com.google.net.async.EventDispatcher.loop(EventDispatcher.java:103) at com.google.net.rpc.RpcService.runUntilServerShutdown(RpcService.java:251) at com.google.apphosting.runtime.JavaRuntime$RpcRunnable.run(JavaRuntime.java:404) at java.lang.Thread.run(Unknown Source) web.xml <web-app> <servlet> <servlet-name>dispatcher</servlet-name> <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>dispatcher</servlet-name> <url-pattern>*.rpc</url-pattern> </servlet-mapping> <filter> <filter-name>springSecurityFilterChain</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> </filter> <filter-mapping> <filter-name>springSecurityFilterChain</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <listener> <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> </listener> <!-- Default page to serve --> <welcome-file-list> <welcome-file>PushUrl.html</welcome-file> </welcome-file-list> </web-app> appengine-web.xml <application>pushurl</application> <version>1</version> <!-- Configure java.util.logging --> <system-properties> <property name="java.util.logging.config.file" value="WEB-INF/logging.properties"/> </system-properties> <sessions-enabled>true</sessions-enabled> applicationContext.xml <security:http auto-config="true"> <security:intercept-url pattern="/**/users.rpc" access="ROLE_USER"/> <security:intercept-url pattern="/**/categories.rpc" access="ROLE_ADMIN"/> <security:intercept-url pattern="/css/**" filters="none"/> <security:intercept-url pattern="/login.jsp*" filters="none"/> <security:form-login login-page='/login.jsp' /> </security:http> <security:authentication-manager> <security:authentication-provider> <security:user-service> <security:user name="jimi" password="jimi" authorities="ROLE_USER, ROLE_ADMIN" /> <security:user name="bob" password="bob" authorities="ROLE_USER" /> </security:user-service> </security:authentication-provider> </security:authentication-manager> dispatcher-servlet.xml <bean class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping"> <property name="mappings"> <value> /**/users.rpc=userService /**/categories.rpc=categoryService </value> </property> </bean> <bean id="userController" class="com.beda.pushurl.server.GwtRpcController"> <property name="remoteService" ref="userService"> </property> </bean> <bean id="userService" class="com.beda.pushurl.server.UserServiceImpl" > <property name="userDAO" ref="myUserDAO"></property> </bean> <bean id="categoryService" class="com.beda.pushurl.server.CategoryServiceImpl"> <property name="categoryDAO" ref="myCategoryDAO"></property> </bean> <bean id="myUserDAO" class="com.beda.pushurl.server.dao.UserDAOImpl"> </bean> <bean id="myCategoryDAO" class="com.beda.pushurl.server.dao.CategoryDAOImpl"> </bean>

    Read the article

  • Can you configure Spring-Security programmatically?

    - by jschoen
    I am working to configure Spring-Security with an existing application, for just basic security (i.e. what pages a user can see based on their roles). The question came up wondering if we could set what roles are required for each page in java instead of the ApplicationContext.xml. The idea is to store them in a table in our database, so we can easily change them with out a redeployment. Is this possible? How?

    Read the article

  • Security in Iphone?

    - by adusum
    Is There any concept of HTTPS in Iphone.how iphone apps are safe? if we are developing any apps related to some security?how can we provide security to iphone apps. I know that NSURL,NSURLConnection classes contains in Build HTTP but is there any concept of HTTPS? Thanks,

    Read the article

  • Alternatives to CAT.NET for website security analysis

    - by Gavin Miller
    I'm looking for an alternative tool to CAT.NET for performing static security scans on .NET code. Currently the CAT.NET tooling/development is at a somewhat fragile stage and doesn't offer the reliability that I'm looking for. Are there any alternative static code analyzers that you use for detecting security issues?

    Read the article

  • Security for ASP.NET Diagnostics page

    - by Moe Sisko
    I'm thinking of creating a diagnostics page for an ASP.NET app, which would be mostly intended for admin use to get more information about the application for diagnosing problems. Examples of the info the page might have : System.Environment.MachineName (might be useful in web farm scenarios) System.Environment.Version Environment.UserName database name current user's session ID Some of the info on this page might be sensitive from a security perspective. If you've done this sort of page before, what sort of security did you put on access to this page ? .

    Read the article

  • Java Security Manager for JRuby

    - by nijikunai
    I'm allowing user supplied ruby code to run in server(java scripting), and since jruby doesn't support safe-levels as in ruby I'm thinking about using java's security manager. Is this a good decision? Has anyone else implemented this? Are there any good articles/books/resources that introduce me to security manager?

    Read the article

  • Sources for news about network security

    - by chris.nullptr
    I am a software developer that wants to stay up-to-date on network security news. What are some of the best sources online for not only keeping tabs on newly discovered security vulnerabilities that may affect projects I'm working on, but also best-practices when developing network software. Please keep in mind that I am looking for sources that cater to the software developer not IT administration.

    Read the article

  • spring security filter-chain regex pattern

    - by lewap
    In my application which uses spring security I want to define two different areas both using their own spring security filter-chain. My question is: is it possible to define two regex expressions as follows: every path starting with /foobar/* every other path not starting with /foobar The important part here is that the second path should also match if somewhere within it, but not in the beginning, it cotains the /foobar/ string. Thanks

    Read the article

< Previous Page | 38 39 40 41 42 43 44 45 46 47 48 49  | Next Page >