Search Results

Search found 42331 results on 1694 pages for 'event log security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 47/1694 | < Previous Page | 43 44 45 46 47 48 49 50 51 52 53 54  | Next Page >

  • WT-NMP - PHP-CGI randomly stops running with no error log

    - by alexfontaine
    We have recently installed WT-NMP and are currently running Php-Cgi with php 5.4.24. We are running fairly simple php scripts and when testing everything is running fine. Over the weekend we wanted to keep the server running test it over a longer period of time. The server and scripts ran fine all day on Friday, but sometime late on Saturday, the php-cgi stopped running. There are no errors in the error log (C:\WT-NMP\log). In the configuration (php.ini) I have the following options set: error_reporting = E_ALL display_errors = On display_startup_errors = On log_errors = On html_errors = On error_log = "c:/wt-nmp/log/php_error.log" We also have the standard nginx.conf error logs: access_log "c:/wt-nmp/log/nginx_access.log"; error_log "c:/wt-nmp/log/nginx_error.log" warn; So, since the log directory is empty, I am assuming that the running php scripts and general nginx operations are not causing the php-cgi to stop. So my questions are: What else could cause the php-cgi to stop running? Are there any other options for logging that we could turn on that could help us track this down? Are there other log locations that we should be looking at? Thanks!

    Read the article

  • Event Handling for MFC Dialog

    - by Maksud
    This is my second question of the day, pardon me. I am writing a wrapper library to communicate with a scanner device. The source code was in C++ MFC. I am converting it to a plain Dll which will be invoked from C#. So, I am using DllImport in C# to call the wrapper library. Now I am provided with MFC code and the library is a ActiveX Object, at least I think so. class CDpocx : public CWnd { } So in my wrapper library I will have an instance of CDpocx and will call it via C# P/Invoke. But the problem is CDpocx also throws some events which I need to catch. In traditional app, I would just attach an function with it. But How would I attach the events on non MFC class. I have seen something like: BEGIN_EVENTSINK_MAP(CVC60Dlg, CDialog) //{{AFX_EVENTSINK_MAP(CVC60Dlg) ON_EVENT(CVC60Dlg, IDC_DPOCXCTRL1, 1 , OnReadyDpocxctrl1, VTS_NONE) //}}AFX_EVENTSINK_MAP END_EVENTSINK_MAP() OnReadyDpocxctrl1 is the function that handles 1 (Ready) event. How can I gain simmilar function in non MFC class. Regards, Maksud

    Read the article

  • SQL 2005 Log Shipping - Was working, now isnt!

    - by Jim
    Hello, I had log shipping working between two SQL 2005 server fine. I suspect that a job was added to the source server which backed up the transaction log to disk (nothing to do with the existing log shipping job). As I understand it, if you do this then log shipping will fail to work. Sure enough, it no longer works. I've deleted the job which had just been created. Log shipping still does not work. I've rebooted both servers and, again, Log shipping does not work. I'm at a loss now... all I get is the folloing error: The log shipping secondary database XXXXXXXXXX has restore threshold of 45 minutes and is out of sync. No restore was performed for 5882 minutes. Restored latency is 15 minutes. Check agent log and logshipping monitor information. Any help appreciated! Thanks in advance.

    Read the article

  • Shrinking a large transaction log on a full drive

    - by Sam
    Someone fired off an update statement as part of some maintenance which did a cross join update on two tables with 200,000 records in each. That's 40 trillion statements, which would explain part of how the log grew to 200GB. I also did not have the log file capped, which is another problem I will be taking care of server wide - where we have almost 200 databases residing. The 'solution' I used was to backup the database, backup the log with truncate_only, and then backup the database again. I then shrunk the log file and set a cap on the log. Seeing as there were other databases using the log drive, I was in a bit of a rush to clean it out. I might have been able to back the log file up to our backup drive, hoping that no other databases needed to grow their log file. Paul Randal from http://technet.microsoft.com/en-us/magazine/2009.02.logging.aspx Under no circumstances should you delete the transaction log, try to rebuild it using undocumented commands, or simply truncate it using the NO_LOG or TRUNCATE_ONLY options of BACKUP LOG (which have been removed in SQL Server 2008). These options will either cause transactional inconsistency (and more than likely corruption) or remove the possibility of being able to properly recover the database. Were there any other options I'm not aware of?

    Read the article

  • rsync option --log-file seems is not working

    - by user1017735
    I am using the --log-file option in rsync to see the logs. But when I tried to run, it says: --log-file unrecognized option Here is my command: #/usr/bin/rsync -av -u --log-file="/sreeni/log.txt" --rsync-path=/usr/local/bin/rsync /sreeni nnmhpt20.ind.hp.com:/sreeni could some one help me with the right syntax ? I tried these options also. #/usr/bin/rsync -av -u --log-file /sreeni/log.txt --rsync-path=/usr/local/bin/rsync /sreeni nnmhpt20.ind.hp.com:/sreeni and #/usr/bin/rsync -av -u --log-file="/sreeni/log.txt" --rsync-path=/usr/local/bin/rsync /sreeni nnmhpt20.ind.hp.com:/sreeni

    Read the article

  • ctrl+click or shift+click not always firing the onclick event

    - by Erik
    Hi, I recently discovered that different browsers handle the onclick event differently when the control of shift key is pressed. Same thing for following links with the middle mouse button. <a href="http://www.example.com/" onclick="alert('onclick');">go to example.com</a> Onclick browser support table Mouse Keyboard Chrome Firefox Safari Opera IE5.5 IE6 IE7 IE8 IE9 Left None yes yes yes yes yes yes yes yes yes Left Ctrl yes yes yes yes ? yes no no ? Left Shift yes yes yes yes ? yes yes yes ? Middle None yes no yes no ? N/A no no ? Can someone please fill in the question marks for me? Also; I'm wondering if the behaviour differs for each version of Chrome, Firefox, Safari and Opera. Finding a logical pattern in this behaviour would be even nicer, but I don't think there is :). Thanks a lot.

    Read the article

  • How to find the source of a cryptic event viewer log

    - by mlsteeves
    I'm looking at the eventviewer logs, and I see a bunch Error entries in the Application log. (Windows Server 2008 R1). There is an error written to the logs about every 4 seconds. I need to find out which application is causing these events, is there anyway to find this out? Here is what each look like: Error 12/2/2010 12:00:09 PM Application 0 None The details for each error: Log Name: Application Source: Application Date: 12/2/2010 12:00:09 PM Event ID: 0 Task Category: None Level: Error Keywords: Classic User: N/A Computer: computer.domain Description: The description for Event ID 0 from source Application cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer. If the event originated on another computer, the display information had to be saved with the event. The following information was included with the event: the message resource is present but the message is not found in the string/message table Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Application" /> <EventID Qualifiers="0">0</EventID> <Level>2</Level> <Task>0</Task> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2010-12-02T20:00:09.000Z" /> <EventRecordID>237167</EventRecordID> <Channel>Application</Channel> <Computer>computer.domain</Computer> <Security /> </System> <EventData> <Binary>534F434B...</Binary> </EventData> </Event>

    Read the article

  • C++ Storing variables and inheritance

    - by Kaa
    Hello Everyone, Here is my situation: I have an event driven system, where all my handlers are derived from IHandler class, and implement an onEvent(const Event &event) method. Now, Event is a base class for all events and contains only the enumerated event type. All actual events are derived from it, including the EventKey event, which has 2 fields: (uchar) keyCode and (bool)isDown. Here's the interesting part: I generate an EventKey event using the following syntax: Event evt = EventKey(15, true); and I ship it to the handlers: EventDispatch::sendEvent(evt); // void EventDispatch::sendEvent(const Event &event); (EventDispatch contains a linked list of IHandlers and calls their onEvent(const Event &event) method with the parameter containing the sent event. Now the actual question: Say I want my handlers to poll the events in a queue of type Event, how do I do that? x Dynamic pointers with reference counting sound like too big of a solution. x Making copies is more difficult than it sounds, since I'm only receiving a reference to a base type, therefore each time I would need to check the type of event, upcast to EventKey and then make a copy to store in a queue. Sounds like the only solution - but is unpleasant since I would need to know every single type of event and would have to check that for every event received - sounds like a bad plan. x I could allocate the events dynamically and then send around pointers to those events, enqueue them in the array if wanted - but other than having reference counting - how would I be able to keep track of that memory? Do you know any way to implement a very light reference counter that wouldn't interfere with the user? What do you think would be a good solution to this design? I thank everyone in advance for your time. Sincerely, Kaa

    Read the article

  • Log Problem and bash script

    - by GvWorker
    Hello Guys, I have 11 Debian servers running on rackspace cloud hosting. All running VHCS2 for hosting management. 1 server is used for application and 10 are used for only smtp. My question is regarding smtp servers. Each server hosted 1 domain. My problem is when my client use smtp there's a log created in this directory /var/log/ but within 24 hours drives are full and server refuse all smtp connections. Then I deleted the logs and ran following command to check the disk space. df -h but it shows hdd still full and server is still refusing the smtp connections. Then I ran following command to see the truth du --max-depth=1 -h It shows the truth. The real disk space used. Then I rebooted the server and now server working fine. But after few hours same situation happened. Then I created the following script. #!/bin/sh rm -fr /var/log/* rm -fr /var/log/apache2/*.log rm -fr /var/log/apache2/*.log.* rm -fr /var/log/apache2/users/* rm -fr /var/log/apache2/backup/* reboot It worked for days but after that logs are again filling the hdd. Now I want the following solutions. If anybody can help me. When I delete files from server hdd will free up without rebooting Log should be in specific range. Like a specific size of file where old data overwrite with new data

    Read the article

  • Authenticating a SOAP service in Java (password security)

    - by user1686448
    I am writing an application, in Java, which needs to log in to a remote SOAP service (JIRA) prior to calling methods on that service. I have looked at examples of how to do this, for example http://www.j-tricks.com/1/post/2010/8/jira-soap-client.html, however I am concerned that I need to put the password in memory at some point. I've read that I should store the password as a char[] but still, I'm concerned about storing the password in the clear at all. How should I store the password used by my client to log into the SOAP service? And how should I read it and pass it to JIRA?

    Read the article

  • Calendar gets saved successfully.but edit event force close error

    - by Jast Vacaty
    I am trying to add calendar events with my applicatiom. Event gets saved successfully. However when i try to edit that event in Calendar. I get Force Close error. String calId = ""; Cursor userCursor =getContentResolver().query(Uri.parse(content://com.android.calendar/calendars),null, null, null, null); if(userCursor.getCount() > 0){ userCursor.moveToFirst(); calId = userCursor.getString(userCursor.getColumnIndex("_id")); } ContentValues event = new ContentValues(); event.put("title", "title"); event.put("description", "description"); event.put("eventLocation", "Event Location"); event.put("allDay", 0); event.put("hasAlarm",0); event.put("calendar_id",calId); Calendar mCalendar = Calendar.getInstance(); mCalendar.set(2012, 2, 27,7,00,00); long start = mCalendar.getTimeInMillis(); mCalendar.set(2012, 2, 27,8,00,00); long end = mCalendar.getTimeInMillis(); event.put("dtstart", start); event.put("dtend", end); Uri newEvent = Uri.parse(content://com.android.calendar/events); getContentResolver().insert(newEvent, event); ContentValues values = new ContentValues(); userCursor.close(); But when I change event.put("allDay", 0); to event.put("allDay", 1); Event gets saved successfully and gets edited successfully. How do I fix it? Using 2.3.5 device. Appreciate any help. thanks.

    Read the article

  • Spring Security session-management setting and IllegalStateException

    - by JayL
    I'm trying to add <session-management> in my Spring Security namespace configuration so that I can provide a different message than the login page when the session times out. As soon as I add it to my configuration it starts throwing "IllegalStateException: Cannot create a session after the response has been committed" when I access the app. I'm using Spring Security 3 and Tomcat 6. Here's my configuration: <http> <intercept-url pattern="/go.htm" access="ROLE_RESPONDENT" /> <intercept-url pattern="/complete.htm" access="ROLE_RESPONDENT" /> <intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" /> <form-login login-processing-url="/j_spring_security_check" login-page="/login.htm" authentication-failure-url="/login.htm?error=true" default-target-url="/go.htm" /> <anonymous/> <logout logout-success-url="/logout_message.htm"/> <session-management invalid-session-url="/login.htm" /> </http> Everything works great until I add in the <session-management> line. What am I missing?

    Read the article

  • security policy error iphone ipod touch issue

    - by Joey
    I'm getting an "Error from Debugger: Error launching remote program: security policy error" when I try to run my app on my ipod touch. The provisions look in order, and the app builds to my iphone 3gs just fine. The app used to build just fine to my ipod touch, so I'm flustered what could have changed and wondering if anyone has any thoughts on what might be causing this issue. The build logs are below. Mon Mar 15 14:25:54 unknown com.apple.debugserver-43[449] : Connecting to com.apple.debugserver service... Mon Mar 15 14:25:55 unknown SpringBoard[24] : Unable to launch com.yourcompany.Unearthed because it has an invalid code signature, inadequate entitlements or its profile has not been explicitly trusted by the user. Mon Mar 15 14:25:55 unknown com.apple.debugserver-43[449] : error: unable to launch the application with CFBundleIdentifier 'com.yourcompany.Unearthed' sbs_error = 9 Mon Mar 15 14:25:55 unknown com.apple.debugserver-43[449] : 1 [01c1/0903]: RNBRunLoopLaunchInferior DNBProcessLaunch() returned error: '' Mon Mar 15 14:25:55 unknown com.apple.debugserver-43[449] : error: failed to launch process (null): security policy error Mon Mar 15 14:26:03 unknown MobileSafari[72] : void SendDelegateMessage(NSInvocation*): delegate (webView:decidePolicyForNavigationAction:request:frame:decisionListener:) failed to return after waiting 10 seconds. main run loop mode: UITrackingRunLoopMode

    Read the article

  • How to access/use custom attribute in spring security based CAS client

    - by Bill Li
    I need send certain attributes(say, human readable user name) from server to client after a successful authentication. Server part was done. Now attribute was sent to client. From log, I can see: 2010-03-28 23:48:56,669 DEBUG Cas20ServiceTicketValidator:185 - Server response: [email protected] <cas:proxyGrantingTicket>PGTIOU-1-QZgcN61oAZcunsC9aKxj-cas</cas:proxyGrantingTicket> <cas:attributes> <cas:FullName>Test account 1</cas:FullName> </cas:attributes> </cas:authenticationSuccess> </cas:serviceResponse> Yet, I don't know how to access the attribute in client(I am using Spring security 2.0.5). In authenticationProvider, a userDetailsService is configured to read db for authenticated principal. <bean id="casAuthenticationProvider" class="org.springframework.security.providers.cas.CasAuthenticationProvider"> <sec:custom-authentication-provider /> <property name="userDetailsService" ref="clerkManager"/> <!-- other stuff goes here --> </bean> Now in my controller, I can easily do this: Clerk currentClerk = (Clerk)SecurityContextHolder.getContext().getAuthentication().getPrincipal(); Ideally, I can fill the attribute to this Clerk object as another property in some way. How to do this? Or what is recommended approach to share attributes across all apps under CAS's centralized nature?

    Read the article

  • How do I use WS-Security with WCF?

    - by Jonathan Allen
    Below is the style of header I need to create. I am expected to use either a public/private key or a SSL style certificate. I don't know for certain, but I think my counter-party is using some form of Java. <soap-env:Header> <wsse:Security xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/04/secext"> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:SignedInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /> <ds:Reference URI="#secinfo"> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> <ds:DigestValue>xxxxxxxxxxxxx</ds:DigestValue> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"> <ds:XPath>//*[@id='secinfo']/child::*/text()</ds:XPath> </ds:Transform> </ds:Transforms> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>xxxxxxxxxxds:SignatureValue> <ds:KeyInfo> <ds:KeyName>xxxxxxx</ds:KeyName> </ds:KeyInfo> </ds:Signature> <t:UsernameToken xmlns:t="http://schemas.xmlsoap.org/ws/2002/04/secext" id="secinfo"> <t:UserInfo>USER=xxxx;CORR=xxxx;TIMESTAMP=201003161916</t:UserInfo> </t:UsernameToken> </wsse:Security> </soap-env:Header>

    Read the article

  • Flash Security Error Accessing URL with crossdomain.xml

    - by user163757
    Hello, I recently deployed a Flash application to a server, and am now experiencing errors when making HTTPService requests. I have put what I believe to be the most permissive crossdomain.xml possible in the wwwroot folder, and still get the errors. Interestingly enough, the error only seems to occur when the request is made from a direct user interaction (i.e. button click). The application makes other requests that are initiated by other means(i.e creationComplete) , and they seem to work as expected. Anyone see anything wrong with the crossdomain.xml, or have any other suggestions? ERROR MESSAGE [RPC Fault faultString="Security error accessing url" faultCode="Channel.Security.Error" faultDetail="Destination: DefaultHTTP"] at mx.rpc::AbstractInvoker/http://www.adobe.com/2006/flex/mx/internal%3A%3AfaultHandler() at mx.rpc::Responder/fault() at mx.rpc::AsyncRequest/fault() at DirectHTTPMessageResponder/securityErrorHandler() at flash.events::EventDispatcher/dispatchEventFunction() at flash.events::EventDispatcher/dispatchEvent() at flash.net::URLLoader/redirectEvent() <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"> <cross-domain-policy> <site-control permitted-cross-domain-policies="all" /> <allow-access-from domain="*" secure="false" /> <allow-http-request-headers-from domain="*" headers="*" secure="false" /> </cross-domain-policy>

    Read the article

  • IE Security Warning with widgets

    - by superexsl
    Hey I'm creating an ASP.NET application which uses Facebook Connect and fbml tags. It also uses the LinkedIn widget. When I run this app in any browser, there are no warnings and everything works. However, in IE, a message like this comes up: Security Warning: The current webpage is trying to open a site in your Trusted sites list. Do you want to allow this? Current site:http://www.facebook.com Trusted site:http://localhost (same for LinkedIn.com). I know how to fix this from a client perspective and to stop the security warning showing up. However, is it possible to ensure this message doesn't come up as it could be off putting for users who don't know how to suppress this warning? I haven't tried uploading it to my webhost, so not sure if this message will appear for everyone in production. However, I always get it on my local machine. (None of my pages use SSL, so I don't think that's the issue. I tried using FB's HTTPS urls but that didn't make a difference). Thanks

    Read the article

  • Game login authentication and security.

    - by Charles
    First off I will say I am completely new to security in coding. I am currently helping a friend develop a small game (in Python) which will have a login server. I don't have much knowledge regarding security, but I know many games do have issues with this. Everything from 3rd party applications (bots) to WPE packet manipulation. Considering how small this game will be and the limited user base, I doubt we will have serious issues, but would like to try our best to limit problems. I am not sure where to start or what methods I should use, or what's worth it. For example, sending data to the server such as login name and password. I was told his information should be encrypted when sending, so in-case someone was viewing it (with whatever means), that they couldn't get into the account. However, if someone is able to capture the encrypted string, wouldn't this string always work since it's decrypted server side? In other words, someone could just capture the packet, reuse it, and still gain access to the account? The main goal I am really looking for is to make sure the players are logging into the game with the client we provide, and to make sure it's 'secure' (broad, I know). I have looked around at different methods such as Public and Private Key encryption, which I am sure any hex editor could eventually find. There are many other methods that seem way over my head at the moment and leave the impression of overkill. I realize nothing is 100% secure. I am just looking for any input or reading material (links) to accomplish the main goal stated above. Would appreciate any help, thanks.

    Read the article

  • Restricting dynamically loaded classes and jars based on a security policy

    - by Max
    Hi, I would like to dynamically load a set of jars or classes (i.e. plugins loaded at runtime). At the same time, I would like to restrict what these plugins are able to do in the JVM. For a test case, I would like to restrict them to pretty much everything (right now I'm just allowing one System.getProperty value to be read). I am currently using a security policy file, but I'm having difficulty specifying a policy for one folder or package in my codeBase, but not another. Here is how my policy looks now: grant codeBase "file:/home/max/programming/java/plugin/plugins/" { permission java.util.PropertyPermission "java.version", "read"; }; grant codeBase "file:/home/max/programming/java/plugin/api/" { permission java.security.AllPermission; }; Where (for testing purposes), all files in the plugins package and folder are restricted, but the classes in the api folder are not. Is this possible? Do I have to create a custom class loader? Is there a better way to go about doing this? Thanks.

    Read the article

  • OpenPeak Flash app XMLSocket Security Problem

    - by Kira
    We're trying to create an app for OpenPeak. The Flash app will act as a client to a Java server on another computer on another domain. The Flash app client connects via XMLSocket. The Java Server uses ServerSocket to receive a request and send back a message. In order to trust the server, the Flash client needs a socket master policy file to tell it that the server comes from a trustworthy domain. According to an article on Adobe, when a connection has succeeded, the Flash client automatically requests the cross-domain policy or socket master policy file on port 843. Still, even when we implement it according to the tutorials and recommendations we have read, the Flash client continues to throw the following security error: SecurityErrorEvent type="securityError" bubbles=false cancelable=false eventPhase=2 text="Error #2048" We've tried logging the policy file request during testing to see if there was any call made to port 843. There was not. Interestingly, even without a policy file, the Flash client still manages to send the first data message to the server successfully. It's just when the server tries to send back a reply that the entire thing hangs for about 10 seconds before the security error above is displayed. Any ideas / suggestions?

    Read the article

  • Calling a SLSB with Seam security from a servlet

    - by wilth
    Hello, I have an existing application written in SEAM that uses SEAM Security (http://docs.jboss.org/seam/2.1.1.GA/reference/en-US/html/security.html). In a stateless EJB, I might find something like this: @In Identity identity; ... if(identity.hasRole("admin")) throw new AuthException(); As far as I understand, Seam injects the Identity object from the SessionContext of the servlet that invokes the EJB (this happens "behind the scenes", since Seam doesn't really use servlets) and removes it after the call. Is this correct? Is it now possible to access this EJB from another servlet (in this case, that servlet is the server side of a GWT application)? Do I have to "inject" the correct Identity instance? If I don't do anything, Seam injects an instance, but doesn't correctly correlate the sessions and instances of Identity (so the instances of Identity are shared between sessions and sometimes calls get new instances etc.). Any help and pointers are very welcome - thanks! Technology: EJB3, Seam 2.1.2. The servlets are actually the server-side of a GWT app, although I don't think this matters much. I'm using JBoss 5.

    Read the article

  • Spring security and authentication provider

    - by Pascal
    I'm trying to implement Spring 3 Security in a project, but I can not get rid of the following error: org.springframework.beans.factory.BeanCreationException: Error creating bean with name '_authenticationManager': Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: No authentication providers were found in the application context This seems weird, as I did provide an authentication provider! I've added these lines to web. <filter> <filter-name>springSecurityFilterChain</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> </filter> <filter-mapping> <filter-name>springSecurityFilterChain</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> And this is my applicationContext-security.xml: <http auto-config="false"> <intercept-url pattern="/**" access="ROLE_USER" /> <http-basic /> </http> <authentication-manager alias="authenticationManager"> <authentication-provider> <user-service> <user name="jimi" password="jimispassword" authorities="ROLE_USER, ROLE_ADMIN"/> <user name="bob" password="bobspassword" authorities="ROLE_USER"/> </user-service> </authentication-provider> </authentication-manager> Google couldn't help me much further, nor could the official documentation.

    Read the article

  • ASP.NET webservice API security.

    - by Tejaswi Yerukalapudi
    Hi, I have an iPhone app accessing an ASP.NET Webservice for data. Since I'm building both the ASP.NET end and the iPhone part of the app, and we'll shortly be publishing it in the Appstore, I'd like to know what security checks I need to make. The basic flow of the program (without divulging too much info about it) is as follows - . Login (Enter Username, pass on the app) . Primary screen where the data is loaded from a webservice and presented . And post data back after a few updates by the user I'm using POST to send the data to the Webservice via HTTPS. I'm sanitizing the inputs, checking for length of the inputs, but that's the limit of my knowledge as far as security goes. Any other tips are greatly appreciated! Edit: I should probably add that our service needs to be subscribed to separately and the iPhone component of it cannot be used alone. So the average user will not have login credentials. And the app itself has healthcare data in it, so I'd rather not have anyone trying attacks from my login page. Thanks, Teja.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 43 44 45 46 47 48 49 50 51 52 53 54  | Next Page >