Search Results

Search found 14878 results on 596 pages for 'mod security'.

Page 443/596 | < Previous Page | 439 440 441 442 443 444 445 446 447 448 449 450 | Next Page >

Error while running Jetty Server on port 80 as non root user

- by user75016

All, I was trying to setup jetty on port 80 but its giving exception saying permission denied as below. I have setup jetty to work with setuid and configured start.ini as follows: OPTIONS=Server,jsp,jmx,resources,websocket,ext,plus,annotations,jta,jdbc,setuid (below as first configuration file in start.ini) etc/jetty-setuid.xml and jetty-setuid.xml file with username and group name of non root user. 2012-07-03 15:29:02.411:INFO:oejdp.ScanningAppProvider:Deployment monitor /opt/jetty-hightide-8.1.3.v20120416/contexts at interval 1 2012-07-03 15:29:02.454:WARN:oejuc.AbstractLifeCycle:FAILED [email protected]:80: java.net.SocketException: Permission denied java.net.SocketException: Permission denied at sun.nio.ch.Net.bind(Native Method) at sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:126) at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:59) at org.eclipse.jetty.server.nio.SelectChannelConnector.open(SelectChannelConnector.java:182) at org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:311) at org.eclipse.jetty.server.nio.SelectChannelConnector.doStart(SelectChannelConnector.java:260) at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:59) at org.eclipse.jetty.server.Server.doStart(Server.java:273) at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:59) at org.eclipse.jetty.xml.XmlConfiguration$1.run(XmlConfiguration.java:1215) at java.security.AccessController.doPrivileged(Native Method) at org.eclipse.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1138) 2012-07-03 15:29:02.455:WARN:oejuc.AbstractLifeCycle:FAILED org.eclipse.jetty.server.Server@66da9ea4: java.net.SocketException: Permission denied java.net.SocketException: Permission denied

Read the article
Permission based Authorization vs. Role based Authorization - Best Practices - 11g

- by Prakash Yamuna

In previous blog posts here and here I have alluded to the support in OWSM for Permission based authorization and Role based authorization support. Recently I was having a conversation with an internal team in Oracle looking to use OWSM for their Web Services security needs and one of the topics was around - When to use permission based authorization vs. role based authorization? As in most scenarios the answer is it depends! There are trade-offs involved in using the two approaches and you need to understand the trade-offs and you need to understand which trade-offs are better for your scenario. Role based Authorization: Simple to use. Just create a new custom OWSM policy and specify the role in the policy (using EM Fusion Middleware Control). Inconsistent if you have multiple type of resources in an application (ex: EJBs, Web Apps, Web Services) - ex: the model for securing EJBs with roles or the model for securing Web App roles - is inconsistent. Since the model is inconsistent, tooling is also fairly inconsistent. Achieving this use-case using JDeveloper is slightly complex - since JDeveloper does not directly support creating OWSM custom policies. Permission based Authorization: More complex. You need to attach both an OWSM policy and create OPSS Permission authorization policies. (Note: OWSM leverages OPSS Permission based Authorization support). More appropriate if you have multiple type of resources in an application (ex: EJBs, Web Apps, Web Services) and want a consistent authorization model. Consistent Tooling for managing authorization across different resources (ex: EM Fusion Middleware Control). Better Lifecycle support in terms of T2P, etc. Achieving this use-case using JDeveloper is slightly complex - since JDeveloper does not directly support creating/editing OPSS Permission based authorization policies.

Read the article
CodePlex Daily Summary for Thursday, October 04, 2012

CodePlex Daily Summary for Thursday, October 04, 2012Popular ReleasesMCEBuddy 2.x: MCEBuddy 2.3.1: 2.3.1All new Remote Client Server architecture. Reccomended Download. The Remote Client Installation is OPTIONAL, you can extract the files from the zip archive into a local folder and run MCEBuddy.GUI directly. 2.2.15 was the last standalone release. Changelog for 2.3.1 (32bit and 64bit) 1. All remote MCEBuddy Client Server architecture (GUI runs remotely/independently from engine now) 2. Fixed bug in Audio Offset 3. Added support for remote MediaInfo (right click on file in queue to get ...Multiwfn: Multiwfn 2.5.2: Multiwfn 2.5.2D3 Loot Tracker: 1.5: Support for session upload to website. Support for theme change through general settings. Time played counter will now also display a count for days. Tome of secrets are no longer logged as items.patterns & practices - Develop Windows Store apps using C++ & XAML: Hilo: Hilo C++ October 4, 2012 Drop: This drop supports Windows 8 RTM (Build 9200). To view the documentation, right-click the m_hilo.chm file on disk, select Properties, then on the General tab, select Unblock. The .chm will now display the content.xUnit.net Contrib: xunitcontrib-resharper for 7.1 EAP (build 3): xunitcontrib release 0.6.1 (ReSharper runner) This release provides a test runner plugin for Resharper 7.1 EAP build 3, targetting all versions of xUnit.net. (See the xUnit.net project to download xUnit.net itself.) For ReSharper 7.0 and 6.1.1, see this release. For older versions, see this release. Also note that all builds work against ALL VERSIONS of xunit. The files are compiled against xunit.dll 1.9.1 - DO NOT REPLACE THIS FILE. Thanks to xunit's version independent runner system, this...SharePoint Column & View Permission: SharePoint Column and View Permission v1.5: Version 1.5 of this project. If you will find any bugs please let me know at enti@zoznam.sk or post your findings in Issue TrackerZ3: Z3 4.1.1 source code: Snapshot corresponding to version 4.1.1.DirectX Tool Kit: October 2012: October 2, 2012 Added ScreenGrab module Added CreateGeoSphere for drawing a geodesic sphere Put DDSTextureLoader and WICTextureLoader into the DirectX C++ namespace Renamed project files for better naming consistency Updated WICTextureLoader for Windows 8 96bpp floating-point formats Win32 desktop projects updated to use Windows Vista (0x0600) rather than Windows 7 (0x0601) APIs Tweaked SpriteBatch.cpp to workaround ARM NEON compiler codegen bugHome Access Plus+: v8.1: HAP+ Web v8.1.1003.000079318 Fixed: Issue with the Help Desk and updating a ticket as an admin 79319 Fixed: formatting issue with the booking system admin header 79321 Moved to using the arrow with a circle symbol on the homepage instead of the > and < 79541 Added: 480px wide mobile theme to login page 79541 Added: 480px wide mobile theme to home page 79541 Added: slide events for homepage 79553 Fixed: Booking System Multiple Lesson Bug 79553 Fixed: IE Error Message 79684 Fixed: jQuery issue ...System.Net.FtpClient: System.Net.FtpClient 2012.10.02.01: This is the first release of the new code base. It is not compatible with the old API, I repeat it is not a drop in update for projects currently using System.Net.FtpClient. New users should download this release. The old code base (Branch: System.Net.FtpClient_1) will continue to be supported while the new code matures. This release is a complete re-write of System.Net.FtpClient. The API and code are simpler than ever before. There are some new features included as well as an attempt at be...CRM 2011 Visual Ribbon Editor: Visual Ribbon Editor (1.3.1002.3): Visual Ribbon Editor 1.3.1002.3 What's New: Multi-language support for Labels/Tooltips for custom buttons and groups Support for base language other than English (1033) Connect dialog will not require organization name for ADFS / IFD connections Automatic creation of missing labels for all provisioned languages Minor connection issues fixed Notes: Before saving the ribbon to CRM server, editor will check Ribbon XML for any missing <Title> elements inside existing <LocLabel> elements...RenameApp: RenameApp 1.0: First release of RenameAppJsonToStaticTypeGenerator: JsonToStaticTypeGenerator 0.1: This is the first alpha release of JsonToStaticTypeGenerator.XiaoKyun: XiaoKyun V1.00: https://xiaokyun.codeplex.com/CatchThatException: Release 1.12: Wow a very fast change and a much better and faster writing to the text fileNaked Objects: Naked Objects Release 5.0.0: Corresponds to the packaged version 5.0.0 available via NuGet. Please note that the easiest way to install and run the Naked Objects Framework is via the NuGet package manager: just search the Official NuGet Package Source for 'nakedobjects'. It is only necessary to download the source code (from here) if you wish to modify or re-build the framework yourself. If you do wish to re-build the framework, consul the file HowToBuild.txt in the release. Major enhancementsNaked Objects 5.0 is desi...WinRT XAML Toolkit: WinRT XAML Toolkit - 1.3.0: WinRT XAML Toolkit based on the Windows 8 RTM SDK. Download the latest source from the SOURCE CODE page. For compiled version use NuGet. You can add it to your project in Visual Studio by going to View/Other Windows/Package Manager Console and entering: PM> Install-Package winrtxamltoolkit Features AsyncUI extensions Controls and control extensions Converters Debugging helpers Imaging IO helpers VisualTree helpers Samples Recent changes NOTE: Namespace changes DebugConsol...SubExtractor: Release 1029: Feature: Added option to make i and ¡ characters movie-specific for improved OCR on Spanish subs (Special Characters tab in Options) Feature: Allow switch to Word Spacing dialog directly from Spell Check dialog Fix: Added more default word spacings for accented characters Fix: Changed Word Spacing dialog to show all OCR'd characters in current sub Fix: Removed application focus grab during OCR Fix: Tightened HD subs fuzzy logic to reduce false matches in small characters Fix: Improved Arrow k...Readable Passphrase Generator: KeePass Plugin 0.7.1: See the KeePass Plugin Step By Step Guide for instructions on how to install the plugin. Changes Built against KeePass 2.20Windows 8 Toolkit - Charts and More: Beta 1.0: The First Compiled Version of my LibraryNew Projects<-Zielonka.co.uk Open source libraries. Extension methods, Enums and utilities.: The following code libraries are provided to the opensource communities to help developers with common simple tasks.Affine cipher school project: Affine cipher crypt with block = 10Agendamento_Recursos: Projeto agendamento de recursos áudio visuais.ASP.NET Desktop Membership Manager Application: This project aims to make it possible to manage ASP.Net Membership within the initial life cycle stages of your web application.ASP.Net MVC Starter Architecture: A sample ASP.Net MVC application that introduces concepts around dependency injection, interface interception, repositories, and other architectural patterns.Cet MicroWorkflow: Create your own automation on Netduino in a visual way.Custom WCF Context State Pattern Implementation (example): The WcfContext project is the class library and a training project of using WCF context like we used to use the HttpContext.Current.Dash-R: dash-r (-r) is a shim for allowing use of Mercurial-style local version numbers in Git.DoombringerStudios: VideogameEI1025: Usar GLUT para desarrollar aplicaciones que usen OpenGL sobre C++ExperimentosPascal: Programitas de ejemplo para mostrar la sintaxis de Pascal.Lyricsgrabber: A Tool to get automatically lyrics to provided songs and save them in their tags.Mediafire .Net Api: This project provides an easy to use lib to work with Mediafire's REST Api for .Net developers.NDownloader C# .NET 4.5 VS2012: Windows console based downloader for files. Useful for downloading freely available pdf files such as public domain books or mp3 media from the internet.Orchid Scene Editor: This project is a generic 3D editor.PdfReport: PdfReport is a code first reporting engine, which is built on top of the iTextSharp and EPPlus libraries.PowerShell Security: PoshSec is short for PowerShell security, a module provided to allow PowerShell users testing, analysis and reporting on Window securityR to CLR: Accessing a common language runtime (.NET or Mono) from the R statistical software.RMDdownloader: RMDdownloader is a tiny application designed to locate and download the the desktops submitted by the http://ratemydesktop.org userbase. Sample Sample Code: sample sample codeScreen Ruler: Simple ruler displayed on screenSharePoint Web Change Log: An alternate notification feature for SharePoint. It's working on Web basis.SimpleMin: SimpleMin is a very easy way to minify and bundle all js/css files in your web project.Sitecore Courier: Sitecore Courier aims to fill the gap between the development and production environments when building websites with Sitecore CMS. It lets you build SitecoreSql Migrations: Sql Migrations is a database migration framework for .NET.StripeOne Beauty Salon: Projeto que visa criar uma aplicação para salões de belezaStripeOne Blog: Esse projeto tem como objetivo criar um sistema para gerenciamento de blogs no estilo Wordpress.StripeOne Core: Projeto com métodos para facilitar a vida do programador.Testability analysis: Heuristics for testability of classes.This is the future: ；-）Viva Music Player: Viva Music Player is a free and open source music player. It's using C# and NAudio audio library to play audio files.Wedding Calculator: Services for wedding portal (under construction)Whitepad: Whitepad is a digital whiteboard with an infinite canvas.Win8SSH: This project will provide a ModernUI SSH-Client for Windows 8

Read the article
How to host customer developed code server side

- by user963263

I'm developing a multi-tenant web application, most likely using ASP.NET MVC5 and Web API. I have used business applications in the past where it was possible to upload custom DLL's or paste in custom code to a GUI to have custom functions run server side. These applications were self hosted and single-tenant though so the customer developed bits didn't impact other clients. I want to host the multi-tenant web application myself and allow customers to upload custom code that will run server side. This could be for things like custom web services that client side JavaScript could interact with, or it could be for automation steps that they want triggered server side asynchronously when a user takes a particular action. Additionally, I want to expose an API that allows customers' code to interact with data specific to the web application itself. Client code may need to be "wrapped" so that it has access to appropriate references - to our custom API and maybe to a white list of approved libraries. There are several issues to consider - security, performance (infinite loops, otherwise poorly written code, load balancing, etc.), receive compiled DLL's or require raw code, etc. Is there an established pattern for this sort of thing or a sample project anyone can point to? Or any general recommendations?

Read the article
5 Design Tricks Facebook Uses To Affect Your Privacy Decisions

- by Jason Fitzpatrick

If you feel like Facebook increasingly has fewer and fewer options to reject applications and organization access to your private information, you’re not imagining it. Here are five ways Facebook’s design choices in the App Center have minimized your choices over time. Over at TechCrunch they have a guest post by Avi Charkham highlighting five ways recent changes to the Facebook App Center put privacy settings on the back burner. In regard to the comparison seen in the image above, for example, he writes: #1: The Single Button Trick In the old design Facebook used two buttons – “Allow” and “Don’t Allow” – which automatically led you to make a decision. In the new App Center Facebook chose to use a single button. No confirmation, no decisions to make. One click and, boom, your done! Your information was passed on to the app developers and you never even notice it. Hit up the link below to check out the other four redesign choices that minimize the information about privacy and data usage you see and maximize the click-through and acceptance rate for apps. How To Switch Webmail Providers Without Losing All Your Email How To Force Windows Applications to Use a Specific CPU HTG Explains: Is UPnP a Security Risk?

Read the article
Privacy Protection in Oracle IRM 11g

- by martin.abrahams

Another innovation in Oracle IRM 11g is an in-built privacy policy challenge. By design, one of the many things that Oracle IRM does, of course, is collect audit information about how and where sealed documents are being used - user names, machine identifiers and so on. Many customers consider that this has privacy implications that the user should be invited to accept as a condition of service use - for the protection of both of the user and the service from avoidable controversy. So, in 11g IRM, when a new user connects to a server for the first time, they can expect to see the following privacy policy dialog. The dialog provides a configurable URL that the customer can use to publish the privacy policy for their IRM service. The policy might clarify what data is being collected and stored, what use that data might be put to, and so on as required by the service owner's legal advisers. In previous releases, you could construct an equivalent capability, and some customers did, but this innovation makes it much easier to do - you simply write a privacy policy and publish it as a web page for which the dialog automatically provides a link. This is another example of how Oracle IRM anticipates not just the security requirements of a customer, but also the broader requirements of service provisioning.

Read the article
New York Coherence Special Interest Group, Jan 13 2011

- by ruma.sanyal

Please join us for our next exciting event. We are pleased to announce that Aleksander Seovic, Craig Blitz and Madhav Sathe will be presenting to our group. Presentation details are provided below. Time: 3:00pm - 6:00pm ET Where: Oracle Office, Room 30076, 520 Madison Avenue, 30th Floor, NY We will be providing snacks and beverages. Register! - Registration is required for building security. Presentations:? Getting the Most out of your Coherence Cluster with Oracle Enterprise Manager - Madhav Sathe, Principal Product Manager (Oracle) How To Build a Coherence Practice - Craig Blitz, Senior Principal Product Manager (Oracle) Congratulations on your decision to buy Oracle Coherence. We believe you have chosen an excellent product. Now the hard work begins. To help you get the most out of Coherence from both a project and enterprise perspective, this talk will introduce you to resources available from Oracle and through the Coherence ecosystem. The talk will also discuss best organizational practices you can implement to ensure success with Coherence. The speaker will use his significant experience with customers' Coherence deployment to show what works and what doesn't in practice. Coherence in the Cloud - Aleksandar Seovic, Founder and Managing Director (S4HC) Amazon Web Services cloud provides great and affordable foundation for the next generation of scalable web applications. Application servers, load balancers, and scalable storage can be provisioned in a matter of minutes and used for pennies an hour. However, AWS cloud also brings a set of new architectural challenges, such as transient file systems and dynamically assigned IP addresses. In this session we will look at a real-world example of how Coherence can be used to address some of these challenges and show why the combination of AWS cloud and Coherence has a great synergy.

Read the article
Adding a CMS to an existing Magento shop

- by user6341

I am working on a project for 3 niche stores built on magento (using magento's multi-store function) that each get roughly 50k unique visitors a day. The sites don't currently have a blog or forum or any social networking aspects. Would like to add a cms to each site that can be centrally run and would like it to take over the front end content from Magento. Also would like it to maintain an online blog/publication of sorts with videos, articles, and the like with privileges to edit the content given to a dozen or so people with different privileges. Want to add a forum to each site that is fairly robust and to possibly add some social networking aspects down the road, so extandability and available plugins/mods in each cms is important. Other than shared login between the forums,blog/publication and store, would like to be able to integrate some content from the forums and blog/publication into the store as well. After researching this a bit, I am inclined towards Drupal, but I haven't found any modules to integrate it with Magento. Also, since the blog content will be done by about a dozen nontechnical people, I want something that is very easy to work with. Lastly, since the site gets a good amount of traffic, speed and security are very important. What CMS would you recommend integrating in this context? Deciding between Drupal, Wordpress and ModX. Also Plone as well. Thanks.

Read the article
Friday Fun: Building Blasters 2

- by Mysticgeek

After dealing with unnecessary spreadsheets and TPS reports all week, it’s time to waste time playing a flash game. Today we take a look at Building Blasters 2 where you strategically place explosives to bring down structures. Building Blasters 2 You need to place explosives carefully to clear areas in the red level, keep bystanders safe, and manage your budget. After placing the explosives on the structure, you can set the amount of time that passes before they blow. This comes in handy when you reach advanced levels. When you’re ready to start the demolition click on the Detonate button and watch the buildings fall. If you don’t achieve the objectives, you will get the Demolition Error screen and can replay the level. After you’ve received enough money, you’ll get a message between missions telling you there is enough money to buy items in the shop. You can get enhanced destructive devices such as nitroglycerin, a wrecking ball, call in an air strike and more… If you’re sick of the pointy haired boss dragging you down all week, pretend the structures are the office building and destroy away. Building Blasters 2 is a great way to have fun and let off steam so you can enjoy your weekend. Play Building Blasters 2 For additional fun games to play, make sure and check out the How-To Geek Arcade. Similar Articles Productive Geek Tips Friday Fun: Demolition CityFriday Fun: Cargo BridgeFriday Fun: Portal, the Flash VersionFriday Fun: VehiclesFriday Fun: Play Bubble Quod TouchFreeze Alternative in AutoHotkey The Icy Undertow Desktop Windows Home Server – Backup to LAN The Clear & Clean Desktop Use This Bookmarklet to Easily Get Albums Use AutoHotkey to Assign a Hotkey to a Specific Window Latest Software Reviews Tinyhacker Random Tips Xobni Plus for Outlook All My Movies 5.9 CloudBerry Online Backup 1.5 for Windows Home Server Snagit 10 10 Superb Firefox Wallpapers OpenDNS Guide Google TV The iPod Revolution Ultimate Boot CD can help when disaster strikes Windows Firewall with Advanced Security – How To Guides

Read the article
Azure Florida Association

- by Dave Noderer

Herve Roggero, SQL Azure MVP, has created a virtual community to focus on Azure. Here is the outline from Herve: User Group Name: Azure Florida Association Purpose: Start a virtual Florida user group that targets the Azure platform Venues: Most meetings will be virtual; however I plan to host a few physical events across Florida if possible from time to time; physical events may be a few hours long with potentially more than one speaker Possible Topics: The topics will touch Azure generally speaking, but can have a wide array of concern such as Integration, Data Migration, Hosting, Security, Scalability, Mobile Device integration, successful ventures/lessons learned, cross cloud integration patterns, testing in the cloud, deployment management, reporting… Target Members: Architects, Developers, IT Managers Membership: Membership will be free; virtual events will be free; physical events may involve a minimal cover charge Speakers: If you are interested in speaking or if you have topic ideas, please let me know Frequency: Initially these meetings will be held every other month The first meeting will be held on January 25, 2012 at 4PM EST. Vikas Sahni, SQL Azure MVP, will be presenting on Demystifying SQL Azure. Vikas will introduce SQL Azure, value proposition, usage scenarios, concepts and architecture, what is there and what is not, including Tips and Tricks. The actual meeting link will be available in January but please join the linked in group now to be kept informed of this and future events: http://www.linkedin.com/groups?gid=4177626.

Read the article
links for 2011-01-10

- by Bob Rhubart

Clusterware 11gR2: Setting up an Active/Passive failover configuration (Oracle Luxembourg XPS on Database) Some think that expensive third-party cluster systems are necessary when it comes to protecting a system with an Active/Passive architecture with failover capabilities. Not true, according to Gilles Haro. (tags: oracle otn database) Atul Kumar: Part IX : Install OAM Agent - 11g WebGate with OAM 11g Part 9 of Atul's step by step guide to the installation of Oracle Identity Management. (tags: oracle oam identitymanagement security otn) Michel Schildmeijer: Oracle Service Bus: enable / disable proxy service with WLST Amis Technology's Michel Schildmeijer shares a process he found for enabling / disabling a proxy service within Oracle Service Bus 11g with WLST (WebLogic Scripting tool). (tags: oracle soa servicebus weblogic) @andrejusb: SOA & E2.0 Partner Community Forum XIII - in Utrecht, The Netherlands Oracle ACE Director Andrejus Baranovskis shares a nice plug for the SOA & E2.0 Partner Community Forum XIII coming up in March in the Netherlands. (tags: oracle oracleace otn soa enterprise2.0) Oracle Magazine Architect Column: Enterprise Architecture in Interesting Times Oracle ACE Directors Lonneke Dikmans, Ronald van Luttikhuizen, Mike van Alst, and Floyd Teter and Oracle enterprise architect Mans Bhuller share their thoughts on the forces that are shaping enterprise architecture. (tags: oracle otn architect entarch oraclemag) InfoQ: Deriving Agility from SOA and BPM - Ten Things that Separate the Winners from the Losers In this presentation from SOA Symposium 2010, Manas Deb and Clemens Utschig-Utschig discuss how to derive business agility from SOA and BPM, motivations for agility, developing and nurturing agility, influencers and dependencies, how SOA and BPM enable agility, pitfalls and recommendations for organizational culture, and pitfalls and recommendations for business and technical architectures. (tags: ping.fm)

Read the article
Why does an error appear every time I try to open the Ubuntu Software Center? [duplicate]

- by askubuntu7639

This question already has an answer here: How do I remove a broken software source? 3 answers There is a glitch on the Ubuntu Software Center and whenever I open it an error appears and it keeps loading and never opens. Why does this happen? I have installed Ubuntu 13.04 on a disk and partitioned it. Please help me and ask for excess information if you need it. If you know of any duplicates please show me them!! This is the output of a question someone asked me. SystemError: E:Type '<!DOCTYPE' is not known on line 1 in source list /etc/apt/sources.list.d/medibuntu.list This next output is the output of cat /etc/apt/sources.list.d/medibuntu.list </div> <div style="float:left;"> <div class="textwidget"><script type="text/javascript"> </div> Unixmen Archive Select Month September 2013 August 2013 July 2013 June 2013 May 2013 April 2013 March 2013 February 2013 January 2013 December 2012 November 2012 October 2012 September 2012 August 2012 July 2012 June 2012 May 2012 April 2012 March 2012 February 2012 January 2012 December 2011 November 2011 October 2011 September 2011 August 2011 July 2011 June 2011 May 2011 April 2011 March 2011 February 2011 January 2011 December 2010 November 2010 October 2010 September 2010 August 2010 July 2010 June 2010 May 2010 April 2010 March 2010 February 2010 January 2010 December 2009 November 2009 October 2009 September 2009 August 2009 July 2009 June 2009 May 2009 April 2009 March 2009 February 2009 January 2009 December 2008 Tags Cloudandroid apache browser Centos chrome command line Debian eyecandy Fedora firefox games gaming gnome google karmic koala kde libreoffice Linux linux distribution LinuxMint lucid lynx maverick meerkat mysql news oneiric ocelot openoffice opensource opensuse oracle ppa Precise Pangolin release RHEL security server software themes tools ubuntu unix upgrade virtualbox vlc windows wine Unixmen Twitts Firefox 16, a treat for developers http://t.co/cnd27CzT Ubuntu 12.10 ‘Quantal Quetzal’: Beta 2 Sneak Peek http://t.co/hd4LwDOy Top 5 security Myths about Linux; and their realities http://t.co/zO1LgHST About Us Advertising Sitemap Privacy Contact Us Hire Us Copyright © 2008-2013 Unixmen.com . Maintained by Unixmen . /* */ jQuery(document).on('ready post-load', easy_fancybox_handler ); http://www.w3-edge.com/wordpress-plugins/ Page Caching using apc Database Caching 3/186 queries in 0.035 seconds using apc Content Delivery Network via 180016988.r.cdn77.net Served from: www.unixmen.com @ 2013-09-25 01:38:14 by W3 Total Cache

Read the article
Can I re-license Academic Free License code under 2-Clause BSD / ITC?

- by Stefano Palazzo

I want to fork a piece of code licensed under the Academic Free License. For the project, it would be preferable to re-license it under the ISC License or the 2-Clause BSD license, which are equivalent. I understand that the AFL grants me things such as limitation of liability, but licensing consistency is much more important to the project, especially since we're talking about just 800 lines of code, a quarter of which I've modified in some way. And it's very important for me to give these changes back to the community, given the fact that this is software relevant to security - I need the public scrutiny that I'll get by creating a public fork. In short: At the top of the file I want to say this, or something like it: # Licensed under the Academic Free License, version 3 # Copyright (C) 2009 Original Author # Licensed under the ISC License # Copyright (C) 2012 Stefano Palazzo # Copyright (C) 2012 Company Am I allowed to do this? My research so far indicates that it's not clear whether the AFL is GPL-Compatible, and I can't really understand any of the stuff concerning re-licensing to other permissive licenses. As a stop gap, I would also be okay with re-licensing under the GPL, however: I can find no consensus (though I can find disagreement) on whether this is allowed at all, and I don't want to risk it, of course. Wikipedia: ISC License Wikipedia: Academic Free License

Read the article
CodePlex Daily Summary for Wednesday, October 09, 2013

CodePlex Daily Summary for Wednesday, October 09, 2013Popular ReleasesxFunc: xFunc 2.7.3: Fixed memory leak. Small fixes.SmartStore.NET - Free ASP.NET MVC Ecommerce Shopping Cart Solution: SmartStore.NET 1.2.0: HighlightsMulti-store support "Trusted Shops" plugins Highly improved SmartStore.biz Importer plugin Add custom HTML content to pages Performance optimization New FeaturesMulti-store-support: now multiple stores can be managed within a single application instance (e.g. for building different catalogs, brands, landing pages etc.) Added 3 new Trusted Shops plugins: Seal, Buyer Protection, Store Reviews Added Display as HTML Widget to CMS Topics (store owner now can add arbitrary HT...Wrangle for Windows: Wrangle Beta 0.1.0.6: + Various Bugs Fixes + Notification are now available + Many small features added - Does not contain user profiles yet - Conclusions not available yetAD ACL Scanner: 1.3: New features:Effective rights, select a security principal and match it agains the permissions in AD. Color coded permissions based on criticality when using effective rights scan. Search levels : Base, One Level, Subtree. List you domains and select one from the list. Get the size of the security descriptor (bytes). Rerporting on disabled inheritance . Better search functianlity; you can use wildcards on Trustee. Get all inherited permissions in report.MoreTerra (Terraria World Viewer): MoreTerra 1.11.2: Release 1.11.2 Full 1.2 Support =========== =Bug Fixes= =========== We have all markers solsund made sure the tile and background colors are correct. (map looks correct with no missing pink) Added better error tracking for those having trouble.Fast YouTube Downloader: Youtube Downloader 2.1: Youtube Downloader 2.1MSCRM ToolKit: MSCRMToolKit 0.5.5: Increased MaxStringContextLength property in the Reference Data Transporter in response of the Issue: https://mscrmtoolkit.codeplex.com/workitem/1520NuGet: NuGet 2.7.1: Released October 07, 2013. Release notes: http://docs.nuget.org/docs/release-notes/nuget-2.7.1 Important note: After downloading the signed build of NuGet.exe, if you perform an update using the "nuget.exe update -self" command, it will revert back to the unsigned build.Mugen MVVM Toolkit: Mugen MVVM Toolkit 2.0: IntroductionMugen MVVM Toolkit makes it easier to develop Silverlight, WPF, WinRT and WP applications using the Model-View-ViewModel design pattern. The purpose of the toolkit is to provide a simple framework and set of tools for getting up to speed quickly with applications based on the MVVM design pattern. The core of Toolkit contains a navigation system, windows management system, models, validation, etc. Mugen MVVM Toolkit contains all the MVVM classes such as ViewModelBase, RelayCommand,...Office Ribbon Project (under active development): Ribbon (07. Oct. 2013): Fixed Scrollbar Bug if DropDown Button is bigger than screen Added Office 2013 Theme Fixed closing the Ribbon caused a null reference exception in the RibbonButton.Dispose if the DropDown was not created yet Fixed Memory leak fix (unhooked events after Dispose) Fixed ToolStrip Selected Text 2013 and 2007 for Blue and Standard themesGhostscript.NET: Ghostscript.NET v.1.1.0.: v.1.1.0. added GhostscriptViewer state handling (SaveState, RestoreState) GhostscriptRasterizer constructor is extended in order to support usage of the existing GhostscriptViewer instance. fixed problem while using a 32-bit assembly with 32-bit version of Ghostscript on 64-bit Windows: It couldn't find a registry key of installed Ghostscript. Reported and fixed by "r0land". v.1.0.9. implemented EPS (Encapsulated PostScript) support for the GhostscriptViewer. added GhostscriptRasterize...Ghostscript Studio: Ghostscript.Studio v.1.0.2: Ghostscript Studio is easy to use Ghostscript IDE, a tool that facilitates the use of the Ghostscript interpreter by providing you with a graphical interface for postscript editing and file conversions. Ghostscript Studio allows you to preview postscript files, edit the code and execute them in order to convert PDF documents and other formats. The program allows you to convert between PDF, Postscript, EPS, TIFF, JPG and PNG by using the Ghostscript.NET Processor. v.1.0.2. added custom -c s...cmdradio: v0.1.1 binary: Default download in win32. For other OS see here. This is alpha version. Please report all bugs.Squiggle - A free open source LAN Messenger: Squiggle 3.3 Alpha: Allow using environment variables in configuration file (history db connection string, download folder location, display name, group and message) Fix for history viewer to show the correct history entries History saved with UTC timestamp This is alpha release and not recommended for use in productionMedia Companion: Media Companion MC3.579b: Fixed IMDB actor scraping for Movies and TV. Note: there are a couple of new functions that are not active, as this release needed to be done due to IMDB change. New* TV - context menu for rescrapeing Poster image/Banner image Fixed* Both - Fixed actor scraping from IMDB * Movie - Fixed Tableview if Movie's movieset was not in MC's list of moviesets * Movie - Rename with mediainfo now lowercase. * Both - added ignore "A " in titles. Separate option in General Preferences. * Tv - Changing ...VidCoder: 1.5.7 Beta: Updated HandBrake core to SVN 4819. About dialog now pulls down HandBrake version from the DLL. Added a confirmation dialog to Stop if the encode has been going on for more than 5 minutes. Fixed handling of unicode characters for input and output filenames. We now encode to UTF-8 before passing to HandBrake. Fixed a crash in the queue multiple titles dialog. Added code to rescue tool windows which get placed outside of the visible screen area.Wsus Package Publisher: Release v1.3.1310.05: Enhance the "Reboot Remote Computers", by adding a timer before the reboot occure. So that remote users can save their documents and close applications. You can also add a message to be display. In 'Tools'->'Settings'-> Misc Tab, you can set a default message. Enhance the "Compare Computers against AD", by choosing OUs to include in the comparison.Pulse: Pulse 0.6.7.3: Pulse is now accepting donations. To donate by Bitcoin or PayPal see https://pulse.codeplex.com/wikipage?title=Donations Lots of updates in v0.6.7.3: (Feature) New option allows you to disable wallpaper changing when a full screen application is running. This way Pulse doesn't slow down/lag your videos and games :) (Fix) Some users were getting Wallbase errors when logging in. This has been fixed. (Feature) Right click a provider and you can now make a copy of it by selecting the "Dupl...VG-Ripper & PG-Ripper: PG-Ripper 1.4.19: NEW: Added Option to login as Guest NEW: Added Menu Option to delete an Forum Account NEW: Added Support for "ImageTeam.org links FIXED: Fixed Ripping of http://forum.babeunion.com ForumsSimpleExcelReportMaker: Serm 0.03: SourceCode and Sample .Net Framework 3.5 AnyCPU compile.New ProjectsA library of helpers to augment InfoPath code behind development.: A library providing useful helpers to augment and speed up deveopment of complex InfoPath forms requiring code behind.A Simple Online Document Management System Using Asp.net MVC 3: A system to manage documents on-line.ASP.NET Testing: ASP.NET testingAutoSPUpdater: Automated Updating for SharePoint Server 2010/2013Currency Calculator for Microsoft Dynamics AX: The Currency calculator is a tool for calculating amounts between currencies which uses the rates as setup in the Exchange rates of Microsoft Dynamics AX.Daystate Configuration Manager: To be filled later.Djikstra's Algorithm SGGW: It's university student project presenting Djikstra algorithm usage in finding the shortest path between two points in single graph.eCommMongo: eCommMongoFast YouTube Downloader: Fast Youtube Downloader downloads video from YouTube. You could choose different video formats and qualities, and download multiple videos at the same time.FirebirdWars: Firebird Wars online strategy game.FlowSimulation: ???????????? ????????????? ???????????? ?????????Guild Wars 2 VALORUS Command and Control System: The VALORUS Command and Control System is a tool to help track and manage large numbers of people on Guild Wars 2. Useful for WvW and Guild Missions.IntelliCommand: Visual Studio Extension. Helps to remember shortcut keys. This extension is supported for Visual Studio 2010/2012/2013... Professional and higher.myonlyle: gaoOnline War Game: aOracle Portal to SharePoint Migration Scripts: These scripts will assit you in moving from Oracle Portal 10g to SharePoint!OrderingPlatform: OrderingPlatform ?? ??PSEncrypt: Powershell cmdlets to do common encryption\decryption stuffReorderListBox: ReorderListBox is an enhancement to the standard ListBox control for Windows Phone apps that allows users to drag-and-drop list items to reorder the list.SampleTileAnimation: The Windows store application targets to create a Image to appear as a tile and Animate it using StoryBoard feature using C# /Xaml code. SharePoint Friends: Open source SharePoint app library projectSharing memory between user and kernel mode processes- WinCE 6/WEC7/2013: This is a sample driver that explain how to share a block of memory between Kernel mode driver and user mode application in Windows CE 6.0/ WEC7 and WEC2013.SharpHadoop: SharpHadoop facilitates access to WebHDFS from .Net. The library can easily be dependencies and solely relies on the .net standard library Features: 1) UploaSSRS Admin Tasks: Admin GUI Tool for SQL Server Reporting ServicesTimeWatcher: TimeWatcher is an application allowing you keep track of the time passed on tasks, even across multiple working sessions. A good tool for developers who need toTinyMIS: TinyMistmask: tmaskVitaliyPianykhStuff: Here I'll publish handy code snippets.World Simulator: Will the universe expand or will it collapse? Hundreds of experts are about to discuss this question and this program was designed to give an answer... :-)WSccTravel: This is the project created during class WScc 2013

Read the article
Oracle Inroduces a New Line of Defense for Databases

- by roxana.bradescu

Today at the 2011 RSA Conference, we announced the immediate availability of our new Oracle Database Firewall, the latest addition to a comprehensive portfolio of database security solutions. Oracle Database Firewall is a network-based software solution that monitors database traffic, and can detect and block SQL injection and other attacks from reaching Oracle and non-Oracle databases. According to the 2010 Verizon Data Breach Investigations Report, SQL injection attacks against databases are responsible for 89% of all breached data. SQL injection attacks are a technique for controlling responses from the database server through applications. This attack exploits the inherent trust between application layer and the back-end database. Previously the only way organizations had to safeguard against SQL injection attacks was a complete overhaul of their application code. Obviously a very costly, complex, and often impossible undertaking for most organizations. Enter the new Oracle Database Firewall. It can help prevent SQL injection attacks by establishing a defensive perimeter around your databases. The Oracle Database Firewall uses an innovative SQL grammar analysis to inspect the database traffic against pre-defined policies. Normal expected traffic is allowed to pass (and can be optionally logged to demonstrate regulatory compliance), ensuring no false positives or disruption to your business. SQL statements that are explicitly forbidden or unknown SQL statements can either pass, be logged, alert, block or be substitute with pre-defined SQL statements. Being able to substitute an unknown potentially harmful SQL statement with a harmless statement is especially powerful since it foils an attack while allowing the application to operate normally and preventing DoS attacks. So, if you're at RSA, stop by our booth or attend the session with Steve Moyle, Oracle Database Firewall CTO. Or if you want to learn more immediately, please watch our on-demand webcast and download the new Oracle Database Firewall Resource Kit with everything you need to get started today.

Read the article
Disable Password Complexity/Expiration etc. Policy on Windows Server 2008

- by Sahil Malik

Ad:: SharePoint 2007 Training in .NET 3.5 technologies (more information). One of the things I like to do, for development environments only is to get rid of that excessively bothersome password policies. I like to have my password as something like p@ssword1, so they are easy to remember etc. etc. Obviously never do this in production. However, Windows Server 2008 comes with a password policy that expires my passwords every 90 days, and requires me to pick complex passwords, can’t reuse passwords etc. etc. Well here is how you disable password policy on a Windows Server 2008 machine - Run Group Policy Management (gpmc.msc) Expand to your domain, look for Forest\Domains\yourdomain\default domain policy. Go to the settings tab, right click on the tab, and choose “Edit”. This will open the Group Policy Management Editor, in which - Go to Computer Configuration\Policies\Windows Settings\Security Settings\Account Policies\Password Policy, and change the policy to whatever that suits you. Close everything, and run command prompt as administrator, and issue a “gpupdate /force” command to force the group policy update on the machine. Restart, and you’re done! :) Comment on the article ....

Read the article
Oracle Solaris 11 Summit Day at the LISA Conference 2011-Register Today!

- by Terri Wischmann

We have successfully launched and shipped Oracle Solaris 11! Come to the LISA 2011 Conference in Boston, MA to learn about all the latest and greatest Oracle Solaris 11 technologies. On Tuesday, 12/6/11 we are hosting our 2nd annual Oracle Solaris 11 Summit Day! It's a Free full day of sessions covering the latest OS technologies, and a chance for you to meet key members of the Oracle Solaris engineering team as they conduct a deep-dive exploration of core Solaris features. See agenda below -Register Today!! Time Topic Presenter 9:00 -9:30 am Oracle Solaris 11 Strategy Markus Flierl 9:30 - 11:00 am Next Generation OS Lifecycle Management with Oracle Solaris 11 Dave Miner/Bart Smaalders 11:00 am - 12:00 pm Data Management with ZFS Mark Maybee 12:00 - 1:00 pm LUNCH All 1:00 - 2:30 pm Oracle Solaris Virtualization and Oracle Solaris Networking Mike Gerdts/Sebastian Roy 2:30 - 3:15 pm Security in your Oracle Solaris Cloud Environment Glenn Faden 3:15 - 3:30 pm BREAK All 3:30 - 4:15 pm Oracle Solaris - The Best Platform to run your Oracle Applications David Brean 4:15 - 5:00 pm Oracle Solaris Cluster - HA in the Cloud Gia-Khahn Nguyen 5:00 - 6:30 pm Reception All

Read the article
Thinktecture IdentityServer v1.0

- by Your DisplayName here!

Yeah – it is finally done. I just uploaded the v1 bits to Codeplex and the documentation to our server. Here’s the official blurb… Thinktecture IdentityServer is an open source security token service based on Microsoft .NET, ASP.NET MVC, WCF and WIF. High level features Multiple protocols support (WS-Trust, WS-Federation, OAuth2, WRAP, JSNotify, HTTP GET) Multiple token support (SAML 1.1/2.0, SWT) Out of the box integration with ASP.NET membership, roles and profile Support for username/password and client certificates authentication Support for WS-Federation metadata Support for WS-Trust identity delegation Extensibility points to customize configuration and user management handling Disclaimer I did thorough testing of all features of IdentityServer - but keep in mind that this is an open source project and I am the only architect, developer and tester on the team. IdentityServer also lacks many of the enterprise-level features like configuration services, proxy support, operations integration etc. I only recommend using IdentityServer if you also understand how it works (to be able to support it). I am offering consulting to help you with customization and lock down - contact me. Download. Documentation. Up next is v1 of the Azure version. Have fun!

Read the article
Oracle Database 12c is Generally Available

- by Thanos

Oracle Database 12c, a major release of Oracle’s flagship product, is generally available as of 25 June 2013. Oracle Database 12c introduces a breakthrough, new multitenant architecture enabling customers to create multiple, pluggable databases for database consolidation and cloud deployments. Customers will realize greater efficiency and flexibility through innovations such as Oracle Multitenant option and Automatic Data Optimization with Heat Map, for compressing and tiering data at a higher density. These unique advancements, combined with major enhancements in availability, security, and big data support, make Oracle Database 12c the ideal platform for private and public cloud deployments. As of 25/06/2013, the product is available for download on Linux x86-64, Solaris Sparc64 and Solaris (x86-64) via Oracle Technology Network. A news release is planned for July 1st, and an external launch webcast, Plug into the Cloud with Oracle Database 12c, featuring Mark Hurd, Andy Mendelsohn, Tom Kyte and other experts is planned for July 10th. Open here in New Window Everybody can register for the launch webcast here and register to attend global in-person events here. Resources: www.oracle.com/database www.oracle.com/databaseoptions Oracle Partner Network Database Knowledge Zone Open in Google Docs Viewer Open link in new tab Open link in new window Open link in new incognito window Download file Copy link address Edit PDF File on PDFescape.com

Read the article
Multiple vulnerabilities in Oracle Java Web Console

- by RitwikGhoshal

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2007-5333 Information Exposure vulnerability 5.0 Apache Tomcat Solaris 10 SPARC: 147673-04 X86: 147674-04 CVE-2007-5342 Permissions, Privileges, and Access Controls vulnerability 6.4 CVE-2007-6286 Request handling vulnerability 4.3 CVE-2008-0002 Information disclosure vulnerability 5.8 CVE-2008-1232 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3 CVE-2008-1947 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3 CVE-2008-2370 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability 5.0 CVE-2008-2938 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability 4.3 CVE-2008-5515 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability 5.0 CVE-2009-0033 Improper Input Validation vulnerability 5.0 CVE-2009-0580 Information Exposure vulnerability 4.3 CVE-2009-0781 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3 CVE-2009-0783 Information Exposure vulnerability 4.6 CVE-2009-2693 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability 5.8 CVE-2009-2901 Permissions, Privileges, and Access Controls vulnerability 4.3 CVE-2009-2902 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability 4.3 CVE-2009-3548 Credentials Management vulnerability 7.5 CVE-2010-1157 Information Exposure vulnerability 2.6 CVE-2010-2227 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 6.4 CVE-2010-3718 Directory traversal vulnerability 1.2 CVE-2010-4172 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3 CVE-2010-4312 Configuration vulnerability 6.4 CVE-2011-0013 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3 CVE-2011-0534 Resource Management Errors vulnerability 5.0 CVE-2011-1184 Permissions, Privileges, and Access Controls vulnerability 5.0 CVE-2011-2204 Information Exposure vulnerability 1.9 CVE-2011-2526 Improper Input Validation vulnerability 4.4 CVE-2011-3190 Permissions, Privileges, and Access Controls vulnerability 7.5 CVE-2011-4858 Resource Management Errors vulnerability 5.0 CVE-2011-5062 Permissions, Privileges, and Access Controls vulnerability 5.0 CVE-2011-5063 Improper Authentication vulnerability 4.3 CVE-2011-5064 Cryptographic Issues vulnerability 4.3 CVE-2012-0022 Numeric Errors vulnerability 5.0 This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Read the article
Oracle Product Hub: Customer Perspectives at the OpenWorld

- by Mala Narasimharajan

By Rohit Tandon The Oracle Product Hub (OPH) Product Strategy team will be hosting a customer session dedicated to OPH at Oracle Openworld. Oracle Product Information Management strategy team will have the pleasure to present this session with Motorola Mobility Solutions. . In this session, you will hear how Motorola Solutions utilizes OPH to meet their IT and business needs. Arif Girniwala, (MDM Lead, Motorola) and Chirag Jariwala (Manager, Deloitte Consulting) will cover the following topics amongst others: How does Motorola Solutions decide on what is Product Master Data for their enterprise? What are the Data Governance structures, Users, User roles, User Security etc. within Motorola Solutions? How does Motorola Solutions integrate, synchronize and leverage OPH with Agile PLM? 4. What is the Oracle Product Hub strategy and roadmap (Speaker - Sachin Patel, Director Oracle Product Hub Strategy) 5. What are the implementation best practices for Oracle Product Hub (Speaker - Srikant Bevara, Sr. Manager, Oracle Product Hub product management) If you're interested in hearing more about the above then I recommend attending this session: Customer Perspectives: Master Product Data: Strategies for Effective Product Information Management with Motorola Mobility Solutions (CON8834) Tuesday October, 2nd 10:15am - 11:15am Moscone West - 3001 We hope to see you at OOW 2012 and stay in touch via our future blogs! For a list of all Oracle MDM sessions click here.

Read the article
Working with data and meta data that are separated on different servers

- by afuzzyllama

While developing a product, I've come across a situation where my group wants to store meta data for data entry forms (questions, layout, etc) in a different database then the database where the collected data is stored. This is mostly for security because we want to be able to have our meta data public facing, while keeping collected data as secure as possible. I was thinking about writing a web service that provides the meta information that the data collection program could access. The only issue I see with this approach is the front end is going to have to match the meta data with the collected data, which would be more efficient as a join on the back end. Currently, this system is slated to run on .NET and MSSQL. I haven't played around with .NET libraries running in SQL, but I'm considering trying to create logic that would pull from the web service, convert the meta data into a table that SQL can join on, and return the combined data and meta data that way. Is this solution the wrong way to approach the problem? Is there a pattern or "industry standard" way of bringing together two datasets that don't live in the same database?

Read the article
The PATRIOT Act and how it relates to the Internet

The subject of the Internet and anonymity is a very sticky situation for me because I primarily develop web applications for a living. As a part of my job I have to track users as they enter, navigate and leave specific applications. The level of tracking depends on where the user goes within a website. The basic information that I capture includes the user’s IP address, browser type, operating system, the date/time they entered the site and the URL from which the user was referred to the website. In addition to the custom logging that is placed on the website, web servers also have methods of logging built-in as well. Web server logging allows companies to have a central repository to store all user activity across the entire server. Not to mention that they can also create a central repository that allows multiple servers to store log files in one location. This allows users to be tracked across multiple servers as they browse website located on a specific collection of servers that host multiple websites. All this being said there are methods to attempt to protect your privacy by using proxy servers and increasing your browser security levels, but that will only limit the amount of logging not eliminate it. I have to agree with Traynor when he states that the PATRIOT Act eviscerates the constitutional protections of anonymous communication on the Internet. Therefore, given the recent passage and implementation of the PATRIOT Act, the constitutional guarantees of the right to anonymity have been severely compromised. I think that the PATRIOT Act is a direct violation of our first amendment rights because it allows for the government to directly monitor any and all activity on the internet including communications, usage, and transactions that can occur. This opens the door to scrutiny and persecution of individuals who are not in line with the government’s beliefs and actions. If England had this type of monitoring capabilities during the revolutionary war, I believe it would have been almost impossible to succeed from England.

Read the article
Oracle Enterprise Content Management 11gR1 Patch Set 3 Released

- by michelle.huff

We're pleased to announce an updated patch set for Oracle Enterprise Content Management 11gR1 PS3 (11.1.1.4.0). Patch Set 3 (PS3) supports additional platforms and applications, and adds several new features to the products. Highlights include: Content Server (repository for UCM, URM & I/PM): New security capabilities, file store provider updates. Desktop Integration Suite: Windows 7 64-bit and Office 2010 (32 & 64-bit) support and new "Recent Content Items" menu. Universal Content Management (UCM): Site Studio Manager for Site Studio for External Applications, new template management options and ability to run Site Studio & Site Studio for External Applications 11g components on Content Server 10gR3. Imaging and Process Management (I/PM): Now certified with Oracle Business Process Management (BPM) 11g, Oracle Single Sign On (OSSO) 10g and Oracle Access Manager (OAM) 10g, export search results to Microsoft Excel. ECM Adapter for PeopleSoft: Support for UCM 11g Managed Attachments (support for 10g released earlier in 2010) and certification with PeopleTools 8.50. Information Rights Management (IRM): Desktop support for Microsoft Office 2010, Adobe Reader X and Microsoft SharePoint 2010. Customer Webcast We'll be covering this new release in our Quarterly Customer Update Webcast scheduled for this week, January 19/20, 2011. Register today. More Information Downloads now available on Oracle Technology Network (OTN) - it will be available via eDelivery soon. Read the updated ECM documentation for 11.1.1.4.0 Review the ECM 11.1.1.4.0 Upgrade & Patch Guides See the Release Notes

Read the article
Identity Propagation for Web Service - 11g

- by Prakash Yamuna

I came across this post from Beimond on how to do identity propagation using OWSM.As I have mentioned in the past here, here and here - Beimond has a number of excellent posts on OWSM. However I found one part of his comment puzzling. I quote: "OWSM allows you to pass on the identity of the authenticated user to your OWSM protected web service ( thanks to OPSS ), this username can then be used by your service. This will work on one or between different WebLogic domains. Off course when you don't want to use OWSM you can always use Oracle Access Manager OAM which can do the same." The sentence in red highlights the issue i find puzzling. In fact I just discussed this particular topic recently here. So let me try and clarify on a few points: a) OAM is used for Web SSO. b) OWSM is used for securing Web Services. You cannot do identity propagation using OAM for Web Services. c) You use SAML to do identity propagation across Web Services. OAM also supports SAML - but that is the browser profile of SAML relevant in the context of Web SSO and is not related to the SAML Token Profile defined as part of the WS-Security spec.

Read the article

Search Results

Search found 14878 results on 596 pages for 'mod security'.

Page 443/596 | < Previous Page | 439 440 441 442 443 444 445 446 447 448 449 450 | Next Page >

- by user75016

- by Prakash Yamuna

- by user963263

- by Jason Fitzpatrick

- by martin.abrahams

- by ruma.sanyal

- by user6341

- by Mysticgeek

- by Dave Noderer

- by Bob Rhubart

- by askubuntu7639

- by Stefano Palazzo

- by roxana.bradescu

- by Sahil Malik

- by Terri Wischmann

- by Your DisplayName here!

- by Thanos

- by RitwikGhoshal

- by Mala Narasimharajan

- by afuzzyllama

- by michelle.huff

- by Prakash Yamuna

< Previous Page | 439 440 441 442 443 444 445 446 447 448 449 450 | Next Page >