Search Results

Search found 12055 results on 483 pages for 'password complexity'.

Page 440/483 | < Previous Page | 436 437 438 439 440 441 442 443 444 445 446 447 | Next Page >

Is it possible to install into Program Files with limited privileges?

- by Marek

I have an application that will be deployed as MSI package (authored in WiX). I am deciding whether to specify elevated or limited privileges as required for the installer. The application does not include anything requiring elevated privileges besides the default install location, which is under Program Files. Now the problem: If I specify elevated privileges, then the user is prompted by UAC for administrator password during the installation. This is not required and prevents non-admin users from installing. If I specify limited privileges, then the user is presented with a dialog to select install location with Program Files being default. In case they do not change the install location (95 % of end users probably won't), then the installer will fail with a message that they should contact the Administrator or run the application as administrator. If they launch the installer as Administrator then they can install into Program Files without problem - but most of the users won't probably know how to launch an installer as administrator. I can potentially set the default install location to e.g. C:\Company name\Program\, but this seems nonstandard to me and majority of users will not probably like this (they are probably used to installing into Program Files). How do you solve this problem with installing applications under limited user accounts?

Read the article
How to avoid hard coding credentials into Sharepoint webpart?

- by SeeBees

I am building a Sharepoint web part that will be used by all users. The web part connects to a web service which needs credentials with higher privileges than common users. I hard coded credentials in the web part's code. query.Credentials = new System.Net.NetworkCredential("username", "password", "domain"); query is an instance of the web service class This may not be a good approach. In regard with security, source code of the web apart is available to people who are not allowed to see the credential. This is bad enough, But is there any other drawback of this approach? A web part doesn't have a .config file associated. The .config file is in application-level of the sharepoint site, and I don't want to modify it for a single webpart. I wonder if there is a webpart-specific way to solve this problem? Say provide a WebBrowsable property to an admin so that he/she can set credentials. Is this possible? Thanks

Read the article
echo php javascript alert?

- by Anaes Arias

How can I echo this javascript if the php error messages is called? I have an error message setting that when a user misses his username or password it triggers an error message. The php error message is called by a php code. Here is the code: <?php echo showmessage($msg) ?> I have an alert message in javascript that when called it will make a javascript css pop up alert box. IF the javascript code is present it will show the alert box right away after reload. Here is code: <script type="text/javascript"> $(document).ready(function () { jqxAlert.alert('Alert Message'); }) </script> How can I incorporate so that when the php echo message comes up it will trigger the javscript alert message. I was trying an if in php, so something like this code: if ( showmessage($msg) ) { <script type="text/javascript"> $(document).ready(function () { jqxAlert.alert('Alert Message'); }) </script> } How can I echo my javascript message on the php call?

Read the article
How does the receiver of a cipher text know the IV used for encryption?

- by PatrickL

If a random IV is used in encrypting plain text, how does the receiver of the cipher text know what the IV is in order to decrypt it? This is a follow-up question to a response to the previous stackoverflow question on IVs here. The IV allows for plaintext to be encrypted such that the encrypted text is harder to decrypt for an attacker. Each bit of IV you use will double the possibilities of encrypted text from a given plain text. The point is that the attacker doesn't know what the IV is and therefore must compute every possible IV for a given plain text to find the matching cipher text. In this way, the IV acts like a password salt. Most commonly, an IV is used with a chaining cipher (either a stream or block cipher). ... So, if you have a random IV used to encrypt the plain text, how do you decrypt it? Simple. Pass the IV (in plain text) along with your encrypted text. Wait. You just said the IV is randomly generated. Then why pass it as plain text along with the encrypted text?

Read the article
Problem with comparing value with array values

- by Java starter

This code is what I use now. But it does not work when I try to use an array to compare values. If anybody has any idea of why, please respond. <html> <head> <script type-'text/javascript'> function hovedFunksjon() { //alert("test av funksjon fungerte"); //alert(passordLager); window.open("index10.html","Window1","menubar=no,width=430,height=360,toolbar=no"); } function inArray(array, value) { for (var i = 0; i < array.length; i++) { if (array[i] == value) return true; } return false; } function spørOmPassord() { var passordLager = ["pass0","pass1","pass2"]; window.passordInput = prompt("password");//Ved å bruke "window." skaper man en global variabel //if (passordInput == passordLager[0] || passordLager[1] || passordLager[2]) if (inArray(passordLager,passorInput) ) { hovedFunksjon(); } else { alert("Feil passord"); //href="javascript:self.close()">close window } } function changeBackgroundColor() { //document.bgColor="#CC9900"; //document.bgColor="YELLOW" document.bgColor="BLACK" } </script> </head> <body> <script type-'text/javascript'> changeBackgroundColor(); </script> <div align="center"> <form> <input type = "button" value = "Logg inn" onclick="spørOmPassord()"> </form> </div> </body> </html>

Read the article
Fluent NHibernate AutoMap

- by Markus

Hi. I have a qouestion regarding the AutoMap xml generation. I have two classes: public class User { virtual public Guid Id { get; private set; } virtual public String Name { get; set; } virtual public String Email { get; set; } virtual public String Password { get; set; } virtual public IList<OpenID> OpenIDs { get; set; } } public class OpenID { virtual public Guid Id { get; private set; } virtual public String Provider { get; set; } virtual public String Ticket { get; set; } virtual public User User { get; set; } } The generated sequences of xml files are: For User class: <bag name="OpenIDs"> <key> <column name="User_Id" /> </key> <one-to-many class="BL_DAL.Entities.OpenID, BL_DAL, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" /> </bag> For OpenID class: <many-to-one class="BL_DAL.Entities.User, BL_DAL, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" name="User"> <column name="User_id" /> </many-to-one> I don't see the inverse=true attribute for the User mapping. Is it a normal behavior, or I made a mistake somewhere?

Read the article
Sharing same properties of ViewController for iPhone Stroryboard and iPad Story Board

- by Ruhul Amin

I'm developing a universal application. in the first view, I have the login screen for the user. In iPhone storyBoard, I have added 2 text field and one button( login check). I have added properties in ViewController.h file by dragging those objects(Ctrl key + Dragg) to .h file. I have added code for login check and it is working fine for iPhone. This is the code in ViewController.h @property (strong, nonatomic) IBOutlet UITextField *txtUserId; @property (strong, nonatomic) IBOutlet UITextField *txtUserPwd; @property (strong, nonatomic) IBOutlet UIButton *btnLogin; In the iPad storyBoard, I have added 2 text field( userid and password) and i button for login. So now, I want to bind those objects with the veriable which I declared already in ViewController.h file in case of iPhone. My questions: 1. What is the right way to bind properties for both storyboard? 2. Am I on the right direction or should I think in a different way to do it? I am new with iPhone development. Please help. Thanks. --Amin

Read the article
Making a Function-Activated Link Appear Without Having to Refresh Browser

- by John

Hello, I'm trying to use the code below to make the <a href='http://www...com/.../footervote.php'>Vote</a> link appear if a user logs in and a user shows up in the function getEditorsList(). The vote link only appears if the browser is refreshed. Any idea how I could make the vote link appear without having to refresh the browser? Thanks in advance, John index.php: <?php require_once "header.php"; //content include "login.php"; // more content require_once "footer.php"; ?> In header.php: <?php error_reporting(0); session_start(); require_once ('db_connect.inc.php'); require_once ("function.inc.php"); $seed="0dAfghRqSTgx"; $domain = "...com"; $editors = getEditorsList(); foreach($editors as $editor) { $editorids[] = $editor['loginid']; } if(in_array($_SESSION['loginid'], $editorids)) { echo "<div class='footervote'><a href='http://www...com/.../footervote.php'>Vote</a></div>"; } ?> login.php: <?php if (!isLoggedIn()) { if (isset($_POST['cmdlogin'])) { if (checkLogin($_POST['username'], $_POST['password'])) { show_userbox(); } else { echo "Incorrect Login information !"; show_loginform(); } } else { show_loginform(); } } else { show_userbox(); } ?>

Read the article
iPhone -trouble with a loading data from webservice into a tableview

- by medampudi

I am using a Window based application and then loading up my initial navigationview based controller. After loading it if the user is not registered/ does not have a credentials present then it takes the user to a login view controller . loginViewController *sampleView = [[loginViewController alloc] initWithNibName:@"loginViewController" bundle:nil]; [self.navigationController presentModalViewController:sampleView animated:YES]; [sampleView release]; then right after that i try to load the table with data that i get from a webservice using asiHTTP .. for this question lets say it takes 3 seconds time to get the data and then deserialize it . now... my question is it works out okey in the later runs as I store the username and password in a seure location... but in the first instance.... i am not able to get the data to laod to the tableview... I have tried a lot of things... 1. Initially the data fetch methods was in a diffrent methods.. so i thought that might be the problem as then moved it the same place as the tbleviewController(navigationController) 2. I event put in the Reload data at the end of the functionality for the data parsing and deserialization... nothing happens. 3. i did not understand the concept of @property and alll.... 4. The screen is black screen with nothing displayed on it for a good 5 seconds in the consecutive launches of the app.... so could we have something like a MBPorgressHUD implemented for the same. could any one please help for these scenarios and guidance as to what paths to take from here...

Read the article
Java and Jasper

- by bhargava

Hey Guys, I have integrated Jasper Reports on my netbeans platform and i am able to generate reports using the following code. Map<String, Object> params = new HashMap<String, Object>(); Connection conn = DriverManager.getConnection("databaseUrl", "userid","password"); JasperReport jasperReport = JasperCompileManager.compileReport(reportSource); JasperPrint jasperPrint = JasperFillManager.fillReport(jasperReport, params, conn); JasperExportManager.exportReportToHtmlFile(jasperPrint, reportDest); JasperViewer.viewReport(jasperPrint); This stuff works perfect. But not i am trying to integrate Jasper with GWT.I have my server as glass fish server. I am getting the Connection object using the followind code. public static Connection getConnection() { try { String JNDI = "JNDI name"; InitialContext initCtx = new InitialContext(); javax.sql.DataSource ds = (javax.sql.DataSource) initCtx.lookup(JNDI); Connection conn = (Connection) ds.getConnection(); return conn; } catch (Exception ex) { ex.printStackTrace(); } return null; } and then Map params = new HashMap(); JasperReport jasperReport = JasperCompileManager.compileReport(reportSource); JasperPrint jasperPrint = JasperFillManager.fillReport(jasperReport, params, getConnection()); JasperExportManager.exportReportToHtmlFile(jasperPrint, reportDest); JasperViewer.viewReport(jasperPrint); but i always get Error.I am implementing this on Server.I am having RPC calls to get this method to work when a button is clicked. Can you please help me how to work on this.(That is to integrate Jasper reports with GWT). I would highly appreciate any explanation with some code as i am just a beginner. Thanks

Read the article
Integrated Windows authentication in IIS causing ADO.NET failure

- by TrueWill

We have a .NET 3.5 Web Service running under IIS. It must use identity impersonate="true" and Integrated Windows authentication in order to authenticate to third-party software. In addition, it connects to a SQL Server database using ADO.NET and SQL Server Authentication (specifying a fixed User ID and Password in the connection string). Everything worked fine until the database was moved to another SQL Server. Then the Web Service would throw the following exception: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server) This error only occurs if identity impersonate is true in the Web.config. Again, the connection string hasn't changed and it specifies the user. I have tested the connection string and it works, both under the impersonated account and under the service account (and from both the remote machine and the server). What needs to be changed to get this to work with impersonation?

Read the article
TCP Message Structure with XML

- by metdos

Hello Everybody, I'm sending messages over TCP/IP and on the other side I parse TCP message.For example this is one of the sent messages. $DKMSG(requestType=REQUEST_LOGIN&requestId=123&username=metdos&password=123)$EDKMSG Clarification: $DKMSG( //Start )$EDKMSG //End requestType //Parameter REQUEST_LOGIN //Parameter Value Now I also want to add an Xml file to my message. I'm considering this option: $DKMSG(requestType=REQUEST_LOGIN&xmlData= <Item id="56D@MIT" type="SIGNAL"> <Label> <Text>56D</Text> <X1>10</X1> <Y1>40</Y1> <RotateAngle>90</RotateAngle> </Label> <X1>0</X1> <Y1>20</Y1> <Width>35</Width> <Height>10</Height> <Source>sgs3lr</Source> </Item> )$EDKMSG There are problems with this way: 1-)It doesn't seem right to me. 2-)I have to handle delimeter "=" with much more care or I need to change it in parameters. What are your suggestions, thanks.

Read the article
jQuery preventing RedirectToAction from working?

- by DaveDev

I'm trying to redirect the user if they login successfully but the code I have on my page seems to be preventing the redirection from working. If I remove the jQuery below the redirection works. Can somebody tell me tell me if there's something I'm doing wrong? Thanks I have the following Action: [AcceptVerbs(HttpVerbs.Post)] public ActionResult Login(User user) { var myErrors = new Dictionary<string, string>(); try { if (ModelState.IsValid) { if (userRepository.ValidUser(user)) { return RedirectToAction("Index", "Group", new {page = (int?)null}); } else { return Json("Username or password seems to be incorrect"); } } else { foreach (KeyValuePair<string, ModelState> keyValuePair in ViewData.ModelState) { if (keyValuePair.Value.Errors.Count > 0) { List<string> errors = new List<string>(); myErrors.Add(keyValuePair.Key, keyValuePair.Value.Errors[0].ErrorMessage); } } return Json(myErrors); } } catch (Exception) { return Json("Invalid"); } } and the following code on my page: <script language="javascript" type="text/javascript"> $(document).ready(function() { $("#SaveSuccess").hide(); $("#btnLogin").click(function() { $("form").submit(function(event) { var formData = $(this).serialize(); $.post($(this).attr("action"), formData, function(res) { ShowErrors(res); if (res == true) { $("#SaveSuccess").text("Saved"); } else { $("#divError").html(res); } $("#SaveSuccess").fadeIn(100); }, "json"); return false; }); }); }); </script>

Read the article
Facebook Android SDK. Error validating access token

- by Mj1992

I am trying to access user information from facebook sdk.But I keep getting this error. {"error":{"message":"Error validating access token: The session has been invalidated because the user has changed the password.","type":"OAuthException","code":190,"error_subcode":460}} Here is the call which returns me the error in the response parameter of the oncomplete function. mAsyncRunner.request("me", new RequestListener() { @Override public void onComplete(String response, Object state) { Log.d("Profile", response); String json = response; //<-- error in response try { JSONObject profile = new JSONObject(json); MainActivity.this.userid = profile.getString("id"); new GetUserProfilePic().execute(); runOnUiThread(new Runnable() { @Override public void run() { Toast.makeText(getApplicationContext(), "Name: " + MainActivity.this.userid, Toast.LENGTH_LONG).show(); } }); } catch (JSONException e) { e.printStackTrace(); Log.e("jsonexception",e.getMessage()); facebook.extendAccessTokenIfNeeded(MainActivity.this, null); GetUserInfo(); } } @Override public void onIOException(IOException e, Object state) { } @Override public void onFileNotFoundException(FileNotFoundException e, Object state) { } @Override public void onMalformedURLException(MalformedURLException e, Object state) { } @Override public void onFacebookError(FacebookError e, Object state) { } }); Sometimes I get the correct response also.I think this is due to the access token expiration if I am right. So can you guys tell me how to extend the access token although I've used this facebook.extendAccessTokenIfNeeded(this, null); in the onResume method of the activity. How to solve this?

Read the article
AFNetworking iOS

- by Jeromiin

I have a problem with a request in my app, I want to receive a json but because of the completion block my "PRINT 2" is print before my "PRINT 1" and of course my "PRINT 2" is null. I want the contrary and my "PRINT 2" to be filled but I can't manage to do it. -(void) makeConnection { NSURL *url = [NSURL URLWithString:[@"http://monsite.com/iPhonej/verifPseudo.php?login="stringByAppendingString:[_loginField.text stringByAppendingString:[@"&password=" stringByAppendingString:_passField.text]]]]; NSURLRequest *request = [NSURLRequest requestWithURL:url]; AFHTTPRequestOperation *operation = [[AFHTTPRequestOperation alloc] initWithRequest:request]; operation.responseSerializer = [AFJSONResponseSerializer serializer]; [operation setCompletionBlockWithSuccess:^(AFHTTPRequestOperation *operation, id responseObject) { self.response = (NSDictionary *)responseObject; NSLog(@"PRINT 1 : %@", self.response[@"la"][@"reponse"][0][@"rep"]); [_dataLock lock]; } failure:^(AFHTTPRequestOperation *operation, NSError *error) { NSLog(@"Request Failed: %@, %@", error, error.userInfo); }]; [operation start]; } - (IBAction)logIn:(id)sender { [self makeConnection]; NSLog(@"PRINT 2 : %@", self.response[@"la"][@"reponse"][0][@"rep"]); } I know that AFNetworking is asynchronous but is there an other way to do the request and receive my json well ? Thank you

Read the article
Specifying SOAP Headers for a Zend_Soap Service

- by Stephen

I have a generally straight forward web service that I've written (converting code to ZF from a Java implementation of the same service and trying to maintain the same wsdl structure as much as possible). The service loads a PHP class, rather than individual functions. The PHP class contains three different functions within it. Everything seems to be working just fine, except that I can't seem to figure out how to specify that a given function parameter should be passed as a SOAP header. I've not seen any mention of SOAP headers in the Server context, only how to pass header parameters with a client to a server. In addition to the standard parameters for the function that would be sent in the SOAP body and detailed in the docblock, I would like to specify two parameters (a username and password) that would be sent in a SOAP header. I have to assume this is possible, but haven't been able to find anything online, nor have I had any responses to a similar post on Zend's forum. Is there something that can be added in the docblock area to specify a parameter as a header (maybe in a similar fashion to using WebParam?)? Any suggestions/examples on how to get this accomplished would be greatly appreciated!

Read the article
Unable to insert DateTime format into database

- by melvg

I'm unable to insert the DateTime into my database. Am i writing the statement wrongly? Apparently without the DateTime, I am able to insert into the database string dateAndTime = date + " " + time; CultureInfo provider = CultureInfo.InvariantCulture; DateTime theDateTime = DateTime.ParseExact(dateAndTime, "d MMMM yyyy hh:mm tt", provider); //Create a connection, replace the data source name with the name of the SQL Anywhere Demo Database that you installed SAConnection myConnection = new SAConnection("UserID=dba;Password=sql;DatabaseName=emaDB;ServerName=emaDB"); //open the connection ; myConnection.Open(); //Create a command object. SACommand insertAccount = myConnection.CreateCommand(); //Specify a query. insertAccount.CommandText = ("INSERT INTO [meetingMinutes] (title,location,perioddate,periodtime,attenders,agenda,accountID,facilitator,datetime) VALUES ('"+title+"','" + location + "', '" + date + "','" + time + "', '" + attender + "','" + agenda + "', '" + accountID + "','" + facilitator + "','" +theDateTime+ "')"); try { insertAccount.ExecuteNonQuery(); if (title == "" || agenda == "") { btnSubmit.Attributes.Add("onclick", "displayIfSuccessfulInsert();"); //ScriptManager.RegisterStartupScript(this, GetType(), "error", "alert('Please ensure to have a title or agenda!');", true); } else { btnSubmit.Attributes.Add("onclick", "displayIfSuccessfulInsert();"); Response.Redirect("HomePage.aspx"); //ScriptManager.RegisterStartupScript(this, this.GetType(), "Redit", "alert('Minutes Created!'); window.location='" + Request.ApplicationPath + "/HomePage.aspx';", true); } } catch (Exception exception) { Console.WriteLine(exception); } finally { myConnection.Close(); } It does not insert the SQL into my database.

Read the article
Querying the size of a drive on a remote server is giving me an error

- by Testifier

Here's what I have: public static bool DriveHasLessThanTenPercentFreeSpace(string server) { long driveSize = 0; long freeSpace = 0; var oConn = new ConnectionOptions {Username = "username", Password = Settings.Default.SQLServerAdminPassword}; var scope = new ManagementScope("\\\\" + server + "\\root\\CIMV2", oConn); //connect to the scope scope.Connect(); //construct the query var query = new ObjectQuery("SELECT FreeSpace FROM Win32_LogicalDisk where DeviceID = 'D:'"); //this class retrieves the collection of objects returned by the query var searcher = new ManagementObjectSearcher(scope, query); //this is similar to using a data adapter to fill a data set - use an instance of the ManagementObjectSearcher to get the collection from the query and store it ManagementObjectCollection queryCollection = searcher.Get(); //iterate through the object collection and get what you're looking for - in my case I want the FreeSpace of the D drive foreach (ManagementObject m in queryCollection) { //the FreeSpace value is in bytes freeSpace = Convert.ToInt64(m["FreeSpace"]); //error happens here! driveSize = Convert.ToInt64(m["Size"]); } long percentFree = ((freeSpace / driveSize) * 100); if (percentFree < 10) { return true; } return false; } This line of code is giving me an error: driveSize = Convert.ToInt64(m["Size"]); The error says: ManagementException was unhandled by user code Not found I'm assuming the query to get the drive size is wrong. Please note that I AM getting the freeSpace value at the line: freeSpace = Convert.ToInt64(m["FreeSpace"]); So I know the query IS working for freeSpace. Can anyone give me a hand?

Read the article
Django tutorial says I haven't set DATABASE_ENGINE setting yet... but I have

- by Joe

I'm working through the Django tutorial and receiving the following error when I run the initial python manage.py syncdb: Traceback (most recent call last): File "manage.py", line 11, in <module> execute_manager(settings) File "/Library/Python/2.6/site-packages/django/core/management/__init__.py", line 362 in execute_manager utility.execute() File "/Library/Python/2.6/site-packages/django/core/management/__init__.py", line 303, in execute self.fetch_command(subcommand).run_from_argv(self.argv) File "/Library/Python/2.6/site-packages/django/core/management/base.py", line 195, in run_from_argv self.execute(*args, **options.__dict__) File "/Library/Python/2.6/site-packages/django/core/management/base.py", line 222, in execute output = self.handle(*args, **options) File "/Library/Python/2.6/site-packages/django/core/management/base.py", line 351, in handle return self.handle_noargs(**options) File "/Library/Python/2.6/site-packages/django/core/management/commands/syncdb.py", line 49, in handle_noargs cursor = connection.cursor() File "/Library/Python/2.6/site-packages/django/db/backends/dummy/base.py", line 15, in complain raise ImproperlyConfigured, "You haven't set the DATABASE_ENGINE setting yet." django.core.exceptions.ImproperlyConfigured: You haven't set the DATABASE_ENGINE setting yet. My settings.py looks like: DATABASES = { 'default': { 'ENGINE': 'django.db.backends.mysql', # Add 'postgresql_psycopg2', 'postgresql', 'mysql', 'sqlite3' or 'oracle'. 'NAME': 'dj_tut', # Or path to database file if using sqlite3. 'USER': '', # Not used with sqlite3. 'PASSWORD': '', # Not used with sqlite3. 'HOST': '', # Set to empty string for localhost. Not used with sqlite3. 'PORT': '', # Set to empty string for default. Not used with sqlite3. } } I'm guessing this is something simple, but why isn't it seeing the ENGINE setting?

Read the article
Silverlight 4 webclient authentication - anyone have this working yet?

- by Toran Billups

So one of the best parts about the new Silverlight 4 beta is that they finally implemented the big missing feature of the networking stack - Network Credentials! In the below I have a working request setup, but for some reason I get a "security error" when the request comes back - is this because twitter.com rejected my api call or something that I'm missing in code? It might be good to point out that when I watch this code execute via fiddler it shows that the xml file for cross domain is pulled down successfully, but that is the last request shown by fiddler ... public void RequestTimelineFromTwitterAPI() { WebRequest.RegisterPrefix("https://", System.Net.Browser.WebRequestCreator.ClientHttp); WebClient myService = new WebClient(); myService.AllowReadStreamBuffering = true; myService.UseDefaultCredentials = false; myService.Credentials = new NetworkCredential("username", "password"); myService.UseDefaultCredentials = false; myService.OpenReadCompleted += new OpenReadCompletedEventHandler(TimelineRequestCompleted); myService.OpenReadAsync(new Uri("https://twitter.com/statuses/friends_timeline.xml")); } public void TimelineRequestCompleted(object sender, System.Net.OpenReadCompletedEventArgs e) { //anytime I query for e.Result I get a security error }

Read the article
Custom authentication module inheriting IHttpModule issue.

- by Chandan Khatwani

LoginPage.aspx:- protected void Button1_Click(object sender, EventArgs e) { Context.Items["Username"] = txtUserId.Text; Context.Items["Password"] = txtPassword.Text; // FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, Context.Items["Username"].ToString(), DateTime.Now, DateTime.Now.AddMinutes(10), true, "users", FormsAuthentication.FormsCookiePath); // Encrypt the cookie using the machine key for secure transport string hash = FormsAuthentication.Encrypt(ticket); HttpCookie cookie = new HttpCookie( FormsAuthentication.FormsCookieName, // Name of auth cookie hash); // Hashed ticket // Set the cookie's expiration time to the tickets expiration time if (ticket.IsPersistent) cookie.Expires = ticket.Expiration; Response.Cookies.Add(cookie); Response.Redirect("Default.aspx"); } Global.asax file:- void Application_AuthenticateRequest(object sender, EventArgs e) { if (HttpContext.Current.User != null) { if (HttpContext.Current.User.Identity.IsAuthenticated) { if (HttpContext.Current.User.Identity is FormsIdentity) { FormsIdentity id = (FormsIdentity)HttpContext.Current.User.Identity; FormsAuthenticationTicket ticket = id.Ticket; // Get the stored user-data, in this case, our roles string userData = ticket.UserData; string[] roles = userData.Split(','); HttpContext.Current.User = new System.Security.Principal.GenericPrincipal(id, roles); Response.Write(HttpContext.Current.User.Identity.Name); Response.Redirect("Default.aspx"); } } } } I get the following error after signing in This webpage has a redirect loop. The webpage at http://localhost:1067/Default.aspx has resulted in too many redirects. Clearing your cookies for this site or allowing third-party cookies may fix the problem. If not, it is possibly a server configuration issue and not a problem with your computer.

Read the article
I am using a regex snippet query string path

- by Shelby Poston

Using the following to load images base on two ids one is the and bookid and the out is the client. My folder structures is this. root path = flipbooks subfolders under flipbooks are books and clients in subfolder books I have and .net page title tablet. the tablet code behind checks the bookid of client and render a the tablet page with images in a flipbook fashion. because we have over 15000 records and flipbooks already created and stored in the database. I don't move the client folder under the books subfolders. I need the code below to get to the client subfolder in the query string and help to change this would be helpful. The result now is http://www.somewebsite.com/books/client/images/someimage1.jpg[^] I need the results to be http://www.somewebsite.com/client/images/someimage1.jpg[^]. I tried moving the tablet.aspx file to the root flipbooks and it works but i have provide a user name and password each time. This need to be access by the public and my root is protected. Don't want to have to change permission. I am trying to remove the /books function getParameterByName(name) { var results = RegExp('[?&]' + name + '=([^&]*)').exec(window.location.search); return results ? decodeURIComponent(results[1].replace(/\+/g, ' ')) : null; } Thanks Mission Critical

Read the article
How should I handle expected errors? eg. "username already exists"

- by Pheter

I am struggling to understand how I should design the error handling parts of my code. I recently asked a similar question about how I should go about returning server error codes to the user, eg. 404 errors. I learnt that I should handle the error from within the current part of the application; seem's simple enough. However, what should I do when I can't handle the error from the current link in the chain? For example, I may have a class that is used to manage authentication. One of it's methods could be createUser($username, $password). Within that function, I need to determine if the username already exists. If this is true, how should I alert the calling code about this? Returning null instead of a user object is one way. But how do I then know what caused the error? How should I handle errors in such a way that calling code can easily find out what caused the error? Is there a design pattern commonly used for this kind of situation?

Read the article
How would a user stay logged in to a REST-based website?

- by unforgiven3

A year or so ago I asked this question: Can you help me understand this? “Common REST Mistakes: Sessions are irrelevant”. My question was essentially this: Okay, I get that HTTP authentication is done automatically on every message - but how? Is the username/password sent with every request? Doesn't that just increase attack surface area? I feel like I'm missing part of the puzzle. The answers I received made perfect sense in the context of a mobile (iPhone, Android, WP7) app - when talking to a REST service, the app would just send user credentials along with each request. That worked great for me. But now, I would like to better understand how one would secure a REST-like website, like StackOverflow itself or something like Reddit. How would things work if it was a user logged in via a web browser instead of logged in via an iPhone app? What happens when a user logs in? Are the credentials saved in the browser somehow? How would the browser know what credentials to send with subsequent REST requests? What if it's a JavaScript call to a webservice? How would the JavaScript call include user credentials? I'll be quite frank: my understanding of security when it comes to websites is pretty limited. I enjoyed working with REST services from an app perspective, but now I want to try and build a website that is based on REST principles, and I'm finding myself to be pretty lost. If there is anything in the above question that is unclear that you'd like me to clarify, please leave a comment and I'll address it.

Read the article
Block Cascade Json Serealize?

- by CrazyJoe

I have this Class: public class User { public string id{ get; set; } public string name{ get; set; } public string password { get; set; } public string email { get; set; } public bool is_broker { get; set; } public string branch_id { get; set; } public string created_at{get; set;} public string updated_at{get; set;} public UserGroup UserGroup {get;set;} public UserAddress UserAddress { get; set; } public List<UserContact> UserContact {get; set;} public User() { UserGroup = new UserGroup(); UserAddress = new UserAddress(); UserContact = new List<UserContact>(); } } I like to Serealize Only properties , how i block serealization of UserGroup, UserAdress, asn UserContact??? This is my Serealization function: public static string Serealize<T>(T obj) { System.Runtime.Serialization.Json.DataContractJsonSerializer serializer = new System.Runtime.Serialization.Json.DataContractJsonSerializer(obj.GetType()); MemoryStream ms = new MemoryStream(); serializer.WriteObject(ms, obj); return Encoding.UTF8.GetString(ms.ToArray(), 0,(int)ms.Length); }

Read the article

< Previous Page | 436 437 438 439 440 441 442 443 444 445 446 447 | Next Page >