Search Results

Search found 15558 results on 623 pages for 'basic authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 472/623 | < Previous Page | 468 469 470 471 472 473 474 475 476 477 478 479  | Next Page >

  • Anyone have BlazeDS working with WebLogic Security (j_security_check) ??

    - by Brian
    I'm working on a Flex implementation (currently using SDK 3.5) on WebLogic 10.3 (11G.) We originally used Glassfish v2.1.1 with zero issues (there was an active directory group lookup bug but it did not hinder our progress.) Since transitioning to WebLogic we have an issue where the flexsession is invalidated after logging in using j_security_check: [BlazeDS]Unexpected error encountered in Message Broker servlet flex.messaging.LocalizedException: The FlexSession is invalid. at flex.messaging.FlexSession.checkValid(FlexSession.java:943) at flex.messaging.FlexSession.getUserPrincipal(FlexSession.java:254) at flex.messaging.HttpFlexSession.getUserPrincipal(HttpFlexSession.java:286) at flex.messaging.MessageBrokerServlet.service(MessageBrokerServlet.java:296) at javax.servlet.http.HttpServlet.service(HttpServlet.java:820) at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227) at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125) at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292) at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:175) at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3594) at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321) at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121) at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2202) at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2108) at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1432) at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201) at weblogic.work.ExecuteThread.run(ExecuteThread.java:173) I've tried almost every option in services-config.xml: [security [login-command class="flex.messaging.security.WeblogicLoginCommand" server="Weblogic"/> [!-- Uncomment the correct app server [login-command class="flex.messaging.security.TomcatLoginCommand" server="JBoss"> [login-command class="flex.messaging.security.JRunLoginCommand" server="JRun"/> [login-command class="flex.messaging.security.TomcatLoginCommand" server="Tomcat"/> [login-command class="flex.messaging.security.WebSphereLoginCommand" server="WebSphere"/> --> [/security> I've even completely removed this section with no luck. The login functions correctly from a non-BlazeDS perspective. It authenticates the user correctly. Without authentication, BlazeDS works fine (no errors for any remote calls.) Together its a big ball of fail (invalid flexsession every time.) Has anyone got this working? Any tips?

    Read the article

  • WCF NetTcpBinding Security - how does it work?

    - by RemotecUk
    Hi, encountered the following problems trying to work through the quagmire of settings in WCF... I created a WCF client server service using a NetTcp binding. I didn't make any changes to the security settings and when running on one machine it works very nicely. However, when I ran my client from another machine it complained that the server didnt like the security credentials that were sent. I understand now that NetTCP is "secured" by default and that my client would have been passing the wrong security details - namely the windows user name and password (or some form of domain authentication) to my server which as they are not running on the same domain it would not have liked. However, what I don't understand is as follows: I haven't specified any security in my binding - does the standard settings expect a windows user name or password to be sent? I don't have any certificate installed on my server - I understand that NetTCP bindings need some form of public private key to protect the credentials - yet this seemed to work when both client and server were on the same machine - how was the data getting encrypted? Or wants it as WCF knew it was on the same machine and encryption isn't needed? I have had to set my security mode on my client and server to "none" now and they connect nicely. However is there any way to encrypt my data without a certificate? Finally... what is the difference between Transport and Message security? To check my understanding (excuse the scenario!) message security is like if I sent a letter from person A to person B and I encode my hand writing to ensure that if anyone intercepts it they cannot read it? Transport Security is if I decide to have my letter sent by armed transport so that no one can get at it along the way? Is it possible to have any form of encryption in WCF without a certificate? My project is a private project and I dont want to purchase a certificate and the data isnt that sensitive anyway so its just for my own knowledge. Thanks in advance.

    Read the article

  • DBExpress connecting SQL 2008 at runtime with Delphi 2009

    - by Pascal
    Hi, I'm trying to connect at runtime with SQL Server 2008 with Delphi 2009 using DBExpress, it it's not working. When I set all the properties at design time, it works great, but at RunTime, I'm getting "unknown driver: mssql". Below is the code: scnConexao := TSQLConnection.Create(nil); scnConexao.DriverName := 'MSSQL'; scnConexao.ConnectionName := 'MSSQLConnection'; scnConexao.GetDriverFunc := 'getSQLDriverMSSQL'; scnConexao.LibraryName := 'dbxmss.dll'; scnConexao.VendorLib := 'oledb'; scnConexao.LoginPrompt := False; scnConexao.Params.Add('SchemaOverride=sa.dbo'); scnConexao.Params.Add('HostName=DESKTOP'); scnConexao.Params.Add('DataBase=DBNAME'); scnConexao.Params.Add('OS Authentication=False'); scnConexao.Params.Add('User_Name=UserName'); scnConexao.Params.Add('Password=Password'); scnConexao.Params.Add('MSSQL TransIsolation=ReadCommited'); scnConexao.Open; I have included the dbxmss.dll in the same directory as my app, but to no avail. Any help would be greatly appreciated. Tks

    Read the article

  • Permission denied for cvs server via ssh

    - by NovumCoder
    I cant create a new project by importing a java project via eclipse onto my cvs server via internet. I created a directory as root called /priv/cvs/. Then i called "cvs -d /priv/cvs/ init". I created a user named cvs and a groups called cvs. The repository is owned by cvs and in group cvs. Then i created a user "ben" and his only group is cvs. I "chrooted" the user "ben" accessing only the cvs functionality by not allowing to access the server via ssh with password, only by using a public key which is added in his home directory on the server in file authorized_keys2. the contect of authorized_keys2 is as follows: no-port-forwarding,no-X11-forwarding,command="/usr/bin/cvs server" ssh-rsa [public_key_content] rsa-key Connecting to the server works pretty fine. Eclipse asks for the passphrase for the private key to connect to the server. Authentication works and eclipse is able to run cvs commands. But when importing my project by using Team-Share Project. I get the error: The server reported an error: Permission denied projectname: cvs server: cannot open /priv/cvs/CVSROOT/config: Permission denied projectname: Cannot access /priv/cvs/CVSROOT The access right for the cvs root (/priv/cvs/) is set to 770. Which means that the owner, which is cvs and the group participants of the group cvs are allowed to read and write. Why do i get Permission denied? When i set the folder to 777, which means read/write to ALL, then it works. But i dont want that. I only want cvs users read/write to this folder? Is there something i misunderstood about access rules?

    Read the article

  • Embeddable forum software

    - by Rented
    I am in the planning stages of a specific subject matter community web site, and one feature I feel is required is that of member discussions. However, not in a typical forum style. For example, I don't want the members to have to navigate away from their own "user space" in order to discuss a topic. I think it is best described with an analogous example. Lets say the site is for literature buffs, and each member has a set of pages for keeping notes, progress, questions, etc. on books they are studying/reading. So Joe will have one page for Great Expectations, another for Hamlet, a third for I, Robot, and so forth. Likewise, Jane will have a page for Don Quixote, Lord of the Flies, and also I, Robot. Now, wouldn't it be nice if Joe and Jane could discuss I, Robot from within their own respective pages? Now, at first thought, roll your own seems like the way to go. However, once we start getting into issues such as spam blocking, banning, ratings, pruning, archiving, flooding and so on, well "roll your own" doesn't sound too appealing anymore. Also, I have next to zero experience with forum software. So I'm looking for forum software that has an extensive API or is generally very integration-friendly. I would like to be able to create user groups, topics, permissions, etc. programmatically,as well as the obvious user authentication (most seem open in that respect). The site will most probably be built with Java. Tangler seems like a descent option, but it seems less mature than what I'd prefer.

    Read the article

  • Dynamics CRM Customer Portal Accelerator Installation

    - by saturdayplace
    (I've posted this question on the codeplex forums too, but have yet to get a response) I've got an on-premise installation of CRM and I'm trying to hook the portal to it. My connection string in web.config: <connectionStrings> <add name="Xrm" connectionString="Authentication Type=AD; Server=http://myserver:myport/MyOrgName; User ID=mydomain\crmwebuser; Password=thepassword" /> </connectionStrings> And my membership provider: <membership defaultProvider="CustomCRMProvider"> <providers> <add connectionStringName="Xrm" applicationName="/" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="true" passwordFormat="Hashed" minRequiredPasswordLength="1" minRequiredNonalphanumericCharacters="0" name="CustomCRMProvider" type="System.Web.Security.SqlMembershipProvider" /> </providers> </membership> Now, I'm super new to MS style web development, so please help me if I'm missing something. In Visual Studio 2010, when I go to Project ASP.NET Configuration it launches the Web Site Administration Tool. When I click the Security Tab there, I get the following error: There is a problem with your selected data store. This can be caused by an invalid server name or credentials, or by insufficient permission. It can also be caused by the role manager feature not being enabled. Click the button below to be redirected to a page where you can choose a new data store. The following message may help in diagnosing the problem: An error occurred while attempting to initialize a System.Data.SqlClient.SqlConnection object. The value that was provided for the connection string may be wrong, or it may contain an invalid syntax. Parameter name: connectionString I can't see what I'm doing wrong here. Does the user mydomain\crmwebuser need certain permissions in the SQL database, or somewhere else? edit: On the home page of the Web Site Administration Tool, I have the following: **Application**:/ **Current User Name**:MACHINENAME\USERACCOUNT Which is obviously a different set of credentials than mydomain\crmwebuser. Is this part of the problem?

    Read the article

  • System Out Of Memory Exception in Production Server

    - by Sachin Gupta
    We have .net application installed on production server. It is using .net FrameWork 3.0 on windows server 2003 with RAM 4 GB. But there is a problem in application while running sometimes it throws system out of memory exception. I am very frustrating with this. Also I am unable to simulate the issue. I had checked all the possibilities which can cause the problem but didn’t get any thing which solve the issue I checked on production server event log found the Out Of Memory Exception also INVALID VIEW STATE logs are there. Look at the following event log which may help to find solutions. Exception information: Exception type: HttpException Exception message: Invalid viewstate. Request information: Request path: /zContest/ScriptResource.axd User: LisaA Is authenticated: True Authentication Type: Forms Thread information: Thread ID: 10 Is impersonating: True Stack trace: at System.Web.UI.Page.DecryptStringWithIV(String s, IVType ivType) at System.Web.UI.Page.DecryptString(String s) at System.Web.Handlers.ScriptResourceHandler.DecryptParameter(NameValueCollection queryString) at System.Web.Handlers.ScriptResourceHandler.ProcessRequestInternal(HttpResponse response, NameValueCollection queryString, VirtualFileReader fileReader) at System.Web.Handlers.ScriptResourceHandler.ProcessRequest(HttpContext context) at System.Web.Handlers.ScriptResourceHandler.System.Web.IHttpHandler.ProcessRequest(HttpContext context) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) ------------------------------------------------------ ------------------------------------------------------------------------------------------------------------------------------------------------------------------ Event code: 3005 Event message: An unhandled exception has occurred. Process information: Process ID: 5388 Process name: w3wp.exe Exception information: Exception type: OutOfMemoryException Exception message: Exception of type 'System.OutOfMemoryException' was thrown. ------------------------------------------------------ ------------------------------------------------------------------------------------------------------------------------------------------------------------------ Please help me out on this

    Read the article

  • Issues Connecting to SQLExpress using Oracle SQL Developer

    - by ArtDeveloper
    Hey Guys, I'm trying to create a connection inside Oracle SQL Developer to a SQLExpress database I have Everything I have resides on the same machine so there isn't any network issues I should have to deal with but everytime I follow the instructions and I try to connect I get the following message "Failure - Unable to get information from SQL Server: localhost." I can connect to the SQLExpress DB using the SQL Management Studio and through an ODBC connection. I've installed the third party extensions and I've enabled the TCP protocol on the SQL Server Configuration manager as well as enabled the IP Addresses I'm assuming that the SQLExpress Database is on port 1433 because I didn't change this when I installed but if someone can tell me how to double check that I would appreciate that info as well. I setup the new connection with the following information name: databasename I'm using windows authentication so the username and password aren't filled in host:localhost port:1433/databasename;instance=SQLEXPRESS *databasename - this is replaced with the actual DB name I've just changed the name here to protect the innocent I've spent about a full day on this trying to get it connected and many google attempts where other ppl have had this issue but have gotten it solved through various methods that I've tried and it hasn't resolved my issue. Any information would be much appreciated Thank you in Advance, AD

    Read the article

  • Best practice: git, github, lighthouse and 2 developers

    - by Alxandr
    I'm setting up a new project and plan on using git and github for sourcecontroll and hosting of repo and lighthouse for bugtracking. I've been working with git for some while now, but only been using it for more of a backup solution than collaborate coding solution. Also, I've noticed that in github you can setup a servicehook to lighthouse so that whenever you push to github it notifies lighthouse of the changes. This uses a token for user-authentication and has the ability to change tickets to resolved etc. However, this token I believe functions that way so that whenever a user pushes to the repo (dosn't matter who), it's the owner of the repo that "updates" to lighthouse. This is a problem. So, I believe it is necessary with 2 separate repos at github (one for each dev), and I'm wondering about the workflow that should be used. Any1 care to shred any light on this matter? Like when to pull and push (and where), and how to make the two github repos in sync or something like that? Or another solution to the problem altogether.

    Read the article

  • mod_wsgi for multiple trac projects [Windows]

    - by fampinheiro
    Hello, I have a system with windows server 2008, Apache httpd 2.2 and trac 0.11 i'm using mod_wsgi so the apache server do the web server job. Integration with Trac after read this site i found that the most suitable solution was the following (i have in my httpd.conf the line Include conf/extra/httpd-trac.conf) httpd-trac.conf LoadModule wsgi_module modules/mod_wsgi.so WSGIDaemonProcess tracs processes=3 threads=25 maximum-requests=1000 RewriteEngine On RewriteCond %{REQUEST_URI} ^/trac/([^/]+) RewriteCond c:\Project\Services\Trac\%1\conf\trac.ini !-f RewriteRule . - [F] RewriteCond %{REQUEST_URI} ^/trac/([^/]+) RewriteRule . - [E=trac.env_path:c:\Project\Services\Trac\%1] WSGIScriptAliasMatch ^/trac/([^/]+) c:\Project\Trac\trac.wsgi <Directory c:\Project\Trac> WSGIProcessGroup tracs WSGIApplicationGroup %{GLOBAL} Order deny,allow Allow from all </Directory> the problem i encouter is the following: C:\Project\Apache\binhttpd.exe -k start Syntax error on line 3 of C:/Project/Apache/conf/extra/httpd-trac.conf: Invalid command 'WSGIDaemonProcess', perhaps misspelled or defined by a module not included in the server configuration The objective: My objective is to have multiple trac projects with diferente authentication information. If you have other solution than this please tell me =) Thank you for your help.

    Read the article

  • iphone bookmarklet cookie persistence

    - by Larry Davis
    I have an iphone (jqtouch based) web app that uses cookies for authentication. The use flow is as follows : user goes to the mobile landing page and is instructed to save the page as a bookmarklet on their home page. they launch the bookmarklet to go to a login page to login and get a cookie. the cookie works and they can navigate throughout the web site. However this session cookie is not persistent. If they leave safari and then restart using the saved bookmarklet, the cookies set during their previous session are gone. Just using safari (ie: launch safari directly rather than through the bookmarklet) to navigate the pages works fine (ie: start safari, go to url, do login, restart safari, go back to url). I find that that the cookies that were active when the bookmarklet was created are persistent but any cookies set during the session when safari is accessed through the bookmarklet are not persistent. I'm wondering if this is a safari/iphone issue and/or if there is any way around this. Many thanks for any insight you can provide.

    Read the article

  • Castle Windsor with ASP.NET MVC 2 Areas

    - by Doug Shontz
    Been lurking for a few months and decided to jump in with a question. I am very new to Windsor and IoC in general. I can get Windsor to work with my MVC2 project with no problem. The project I am working on is a "portal" of multiple applications under one MVC2 project using the new Areas concept. In this scenario, each Area will actually be a separate application inside the "portal". We are doing this to effectively share a LOT of common code, views, authentication, and cross-application functionality. Many of our apps link to one another, so it made sense after discussing it to combine them into one project. What I am wondering how to do is actually allow different Areas to inject different concrete classes? In my limited understanding, the Application_Start is governing building the container and assigning it as the controller factory. I don't necessarily want to do all the injection at the application level. We have a config system where we have a config.xml at the root of every Area and those settings override any root settings. I would like to continue that trend by having the injections for each Area be read by the Area's config.xml (an inheritance similar to Webforms web.config where the config in a lower folder overrides settings in a parent folder). Example: I would have an ILogHandler which would need a different concrete implementation depending on which Area of the application I am in. So I would need to inject something different depending on where I am at in the application. I can easily do this using factories since each area could have it's own set of factories, but I am attempting to take this opportunity to learn about IoC and what the benefits/drawbacks are. Any help would be appreciated.

    Read the article

  • Using Tweet# to pull 5 most recent updates from a user

    - by Richard West
    I am working on a method that will allow me to pull in the 5 most recent posts that my company has made on it's Twitter account. One requirement of this web application is that it present these twitter posts as "regular" html in our website, so using the Twitter javascript method is ruled out. I have found Tweet#, a C# plugin that exposes the Twitter commands. This seems to be a nice way to pull this information but I have a question. I would like to be able to pull these updates from Twitter without authenticating to Twitter. Since the information is publically available I would think this would be fairly simple, however I'm having a problem with Tweet# wanting to do this. The cloest I have found to be able to do this requires my to login/authenticate with Twitter and then pull the 5 most recent tweets. Like this: var twitter = FluentTwitter.CreateRequest() .AuthenticateAs("UserName", "p@ssw0rd") .Configuration.CacheForInactivityOf(60.Seconds()) .Statuses().OnUserTimeline().Take(5).AsJson(); What I need is something that will allow my to specific the user id to pull the most recent 5 tweets from without authentication.

    Read the article

  • drupal using node.save with XMLRPC call to another site. "Access Denied" message

    - by EricP
    I have a piece of code on 1 drupal site to create a node another drupal site in a multi-site setup. It looks like I'm getting the sessionid and logging in just fine, but when trying to create a "page" node, I get "Access denied". Under Services - Settings I have "Key Authentication", "Use keys" is unchecked, and "Use sessid" is checked. Below is my code: <p>Test Page 1</p> <? $url = 'http://drupal2.dev/xmlrpc.php'; ?> <? $conn = xmlrpc($url, 'system.connect'); print_r($conn); ?> <p>--</p> <? $login = xmlrpc($url, 'user.login', $conn['sessid'], 'superuser_name', 'superuser_password'); print_r($login); ?> <p>--</p> <? $data=array('type'=>'page', 'title'=>'Test', 'body'=>'test'); $data_s=serialize($data); $result = xmlrpc($url, 'node.save', $login['sessid'], $data_s); echo $result; //echo $data_s; ?> <? if($error = xmlrpc_error()){ if($error->code > 0){ $error->message = t('Outgoing HTTP request failed because the socket could not be opened.'); } drupal_set_message(t('Operation failed because the remote site gave an error: %message (@code).', array( '%message' => $error->message, '@code' => $error->code ) ) ); } ?> thanks for the help.

    Read the article

  • Asterisk Manager API SIPPeers - Permission Denied

    - by Matt H
    I'm wanting to use the asterisk manager api to show the status of all my SIP lines in a PHP web interface. I thought I'd start simple and use telnet to see it working. So I created a user in /etc/asterisk/manager.conf [portal] secret = password read = all,system,call,log,verbose,command,agent,user Then telnet to localhost on port 5038 This is what I get. asterisk ~ # telnet localhost 5038 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Asterisk Call Manager/1.0 Action: login Username: portal Secret: 8u9sdgk Events: off Response: Success Message: Authentication accepted Action: SIPPeers Response: Error Message: Permission denied Why am I getting permission denied? I thought the user has basically full access? Do I need to restart asterisk to make this work? I didn't restart it. On the other hand, I was able to log in which makes me think that the manager.conf has been reloaded as the portal user didn't exist before. Any ideas?

    Read the article

  • using System.Net.Mail To send smtp mail via google gets me a time out exception.

    - by Anicho
    Hey guys, I guess I got another asp.net question I am trying to send email using smtp authentication through google but I am constantly getting a timed out error and no idea what it might be from the following code its not my firewall or my isp blocking smtp ports so its most probably the code: MailMessage msg = new MailMessage(); String BodyMsg; BodyMsg = "Hey " + TxtBoxUsername.Text + "@" + "Welcome to Tiamo your username and password are:@Username: " + TxtBoxUsername.Text + "@Password: " + PasswordString + "@You have succesffully registered, you can now login." + "@Thank You@Tiamo Team"; BodyMsg = BodyMsg.Replace("@", System.Environment.NewLine); msg.To.Add(new MailAddress(TxtBoxEmail.Text)); msg.From = new MailAddress("[email protected]"); msg.Subject = "Re: Welcome to Tiamo"; msg.Body = BodyMsg; SmtpClient client = new SmtpClient() ; client.EnableSsl = true; client.Send(msg); and this is my web.config email smtp settings: <system.net> <mailSettings> <smtp from="[email protected]"> <network host="smtp.gmail.com" port="465" userName="[email protected]" password="MyLovelyPassword" defaultCredentials="true"/> </smtp> </mailSettings> Im completely exhausted so I thought the best thing is to pop up a question, hope you can help it will all be much appreciated... thanks anicho.

    Read the article

  • Classic ASP Session not working in IIS 7 Windows Server 2008 R2 x64

    - by user553361
    Hi, I've been googleing and searching here info about this but so far couldn't find anything relevant to my problem. We have a website currently working on II6 and Windows Server 2003 (x86) without any problem. Now we want to migrate our server to a Virtual Machine with Windows Server 2008 R2 (x64) and IIS7. Out current app is built in Classic ASP and SQL Server (This one located on a 2nd Server but this is staying the way it is now). The website is configured as a WebSite, not a virtual directory. Using DefaultAppPool with 4 applications. Now, the problem I'm getting is with the Sessions, or at least that's what I think since I created a simple hello.asp with this code <% response.write "Hello" response.write Session.SessionID %> And this is giving us this result: Hello error '8002801d' /hello.asp, line 3 ASP Sessions Properties Enable Session State : True Maximum Sessions : 2147483647 New ID On Secure Connection : True Time-out : 20 min This is the log in Event Viewer Warning 24/12/2010 14:03:42 Active Server Pages 9 None FailedReqLog Url http://apps.shocklogic.com:80/hello.asp App Pool DefaultAppPool Authentication anonymous User from token NT AUTHORITY\IUSR Activity ID {00000000-0000-0000-1400-0080000000F8} Site 1 Process 3312 Failure Reason STATUS_CODE Trigger Status 500 Final Status 500 Time Taken 110 msec Would be great if anyone has any ideas. Thanks, Federico

    Read the article

  • How to check whether a user belongs to an AD group and nested groups?

    - by elsharpo
    hi guys, I have an ASP.NET 3.5 application using Windows Authentication and implementing our own RoleProvider. Problem is we want to restrict access to a set of pages to a few thousand users and rathern than inputing all of those one by one we found out they belong to an AD group. The answer is simple if the common group we are checking membership against the particular user is a direct member of it but the problem I'm having is that if the group is a member of another group and then subsequently member of another group then my code always returns false. For example: Say we want to check whether User is a member of group E, but User is not a direct member of *E", she is a member of "A" which a member of "B" which indeed is a member of E, therefore User is a member of *E" One of the solutions we have is very slow, although it gives the correct answer using (var context = new PrincipalContext(ContextType.Domain)) { using (var group = GroupPrincipal.FindByIdentity(context, IdentityType.Name, "DL-COOL-USERS")) { var users = group.GetMembers(true); // recursively enumerate return users.Any(a => a.Name == "userName"); } } The original solution and what I was trying to get to work, using .NET 3.5 System.DirectoryServices.AccountManagement and it does work when users are direct members of the group in question is as follows: public bool IsUserInGroup(string userName, string groupName) { var cxt = new PrincipalContext(ContextType.Domain, "DOMAIN"); var user = UserPrincipal.FindByIdentity(cxt, IdentityType.SamAccountName, userName); if (user == null) { return false; } var group = GroupPrincipal.FindByIdentity(cxt, groupName); if (group == null) { return false; } return user.IsMemberOf(group); } The bottom line is, we need to check for membership even though the groups are nested in many levels down. Thanks a lot!

    Read the article

  • Deploying software on compromised machines

    - by Martin
    I've been involved in a discussion about how to build internet voting software for a general election. We've reached a general consensus that there exist plenty of secure methods for two way authentication and communication. However, someone came along and pointed out that in a general election some of the machines being used are almost certainly going to be compromised. To quote: Let me be an evil electoral fraudster. I want to sample peoples votes as they vote and hope I get something scandalous. I hire a bot-net from some really shady dudes who control 1000 compromised machines in the UK just for election day. I capture the voting habits of 1000 voters on election day. I notice 5 of them have voted BNP. I look these users up and check out their machines, I look through their documents on their machine and find out their names and addresses. I find out one of them is the wife of a tory MP. I leak 'wife of tory mp is a fascist!' to some blogger I know. It hits the internet and goes viral, swings an election. That's a serious problem! So, what are the best techniques for running software where user interactions with the software must be kept secret, on a machine which is possibly compromised?

    Read the article

  • How to use perl for SMTP connection with user and SSL Auth and send emails with attachment

    - by Octopus
    I am using a SMTP mail server which require user + ssl authentication for connection. I am looking for the perl modules to connect to the mail server and send emails but doesn't found anything helpful. Any suggestion for perl module or any perl code would be really appreciated. EDIT I have tried to use Mail::Sendmail and Net::SMTP::SSL to connect to the sendmail server and send mail. Below is the sample code but getting the error user unknown. Error: mail: Net::SMTP::SSL=GLOB(0x9599850) not found RCPT TO: error (550 5.1.1 <[email protected]>... User unknown). Code: #!/usr/bin/perl use strict; use warnings; use Mail::Sendmail; use Net::SMTP::SSL; my %mail = ( #To=> 'No to field this time, only Bcc and Cc', From=> '[email protected]', Cc=> '[email protected]', # Cc will appear in the header. (Bcc will not) Subject => 'Test message', 'X-Mailer' => "Mail::Sendmail version $Mail::Sendmail::VERSION", ); $mail{Smtp} = Net::SMTP::SSL->new("mail.server.com", Port=> 465); $mail{auth} = {user=>'username', password=>"password", required=>1 }; $mail{'X-custom'} = 'My custom additionnal header'; $mail{Message} = "The message key looks terrible, but works."; # cheat on the date: $mail{Date} = Mail::Sendmail::time_to_date( time() - 86400 ); if (sendmail %mail) { print "Mail sent OK.\n" } else { print "Error sending mail: $Mail::Sendmail::error \n" } print "\n\$Mail::Sendmail::log says:\n", $Mail::Sendmail::log;

    Read the article

  • Cloning git repository from svn repository, results in file-less, remote-branch-less git repo.

    - by Tchalvak
    Working SVN repo I'm starting a git repo to interact with a svn repo. The svn repository is set and working fine, with a single commit of a basic README file in it. Checking it out works fine: tchalvak:~/test/svn-test$ svn checkout --username=myUsernameHere http://www.url.to/project/here/charityweb/ A charityweb/README Checked out revision 1. Failed git-svn clone of svn repo When I try to clone the repository in git, the first step shows no errors... tchalvak:~/test$ git svn clone -s --username=myUserNameHere http://www.url.to/project/here/charityweb/ Initialized empty Git repository in /home/tchalvak/test/charityweb/.git/ Authentication realm: <http://www.url.to/project/here:80> Charity Web Password for 'myUserNameHere': ...but results in a useless folder: tchalvak:~/test$ ls charityweb tchalvak:~/test$ cd charityweb/ tchalvak:~/test/charityweb$ ls tchalvak:~/test/charityweb$ ls -al total 12 drwxr-xr-x 3 tchalvak tchalvak 4096 2010-04-02 13:46 . drwxr-xr-x 4 tchalvak tchalvak 4096 2010-04-02 13:46 .. drwxr-xr-x 8 tchalvak tchalvak 4096 2010-04-02 13:47 .git tchalvak:~/test/charityweb$ git branch -av tchalvak:~/test/charityweb$ git status # On branch master # # Initial commit # nothing to commit (create/copy files and use "git add" to track) tchalvak:~/test/charityweb$ git fetch fatal: Where do you want to fetch from today? tchalvak:~/test/charityweb$ git rebase origin/master fatal: bad revision 'HEAD' fatal: Needed a single revision invalid upstream origin/master tchalvak:~/test/charityweb$ git log fatal: bad default revision 'HEAD' How do I get something I can commit back to? I expect I'm doing something wrong in this process, but what?

    Read the article

  • Open Source Web Frameworks : Security

    - by trappedIntoCode
    How secure are popular open source web frameworks? I am particularly interested in popular frameworks like Rails and DJango. If I am building a site which is going to do heavy e-commerce, is it Ok to use frameworks like DJango and Satchmo? Is security compromised because their open architecture ? I know being OS does not mean being down right open to hackers, Linux uses superb authentication mechanism, but web is a different game. What can be done in this regard? UPDATE: Thanks for answers guys. I understand that I will have to find a suitable hosting service for a secure e-commerce application and that additional layers of security will be needed. I understand that Django and Rails have been designed keeping security aspects in mind, the most common form attacks like XSS, Injections etc. (Django book has a ch on Security) I was expecting comments from security Gurus. If you are a security Guru, would you recommend an important site, which is likely going to be popular, to be built on DJango or Rails?

    Read the article

  • Using ASP .NET Membership and Profile with MVC, how can I create a user and set it to HttpContext.Cu

    - by Jeremy Gruenwald
    I've read the other questions on the topic of MVC membership and profiles, but I'm missing something. I implemented a custom Profile object in code as described by Joel here: http://stackoverflow.com/questions/426609/asp-net-membership-how-to-assign-profile-values I can't get it to work when I'm creating a new user, however. When I do this: Membership.CreateUser(userName, password); Roles.AddUserToRole(userName, "MyRole"); the user is created and added to a role in the database, but HttpContext.Current.User is still empty, and Membership.GetUser() returns null, so this (from Joel's code) doesn't work: static public AccountProfile CurrentUser { get { return (AccountProfile) (ProfileBase.Create(Membership.GetUser().UserName)); } } AccountProfile.CurrentUser.FullName = "Snoopy"; I've tried calling Membership.GetUser(userName) and setting Profile properties that way, but the set properties remain empty, and calling AccountProfile.CurrentUser(userName).Save() doesn't put anything in the database. I've also tried indicating that the user is valid & logged in, by calling Membership.ValidateUser, FormsAuthentication.SetAuthCookie, etc., but the current user is still null or anonymous (depending on the state of my browser cookies). I have the feeling I'm missing some essential piece of understanding about how Membership, Authentication, and Profiles fit together. Do I have to do a round trip before the current User will be populated? Any advice would be much appreciated.

    Read the article

  • java.sql.Exception ClosedConnection

    - by john
    I am getting the following error: java.sql.SQLException: Closed Connection at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:112) at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:146) at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:208) at oracle.jdbc.driver.PhysicalConnection.getMetaData(PhysicalConnection.java:1508) at com.ibatis.sqlmap.engine.execution.SqlExecutor.moveToNextResultsSafely(SqlExecutor.java:348) at com.ibatis.sqlmap.engine.execution.SqlExecutor.handleMultipleResults(SqlExecutor.java:320) at com.ibatis.sqlmap.engine.execution.SqlExecutor.executeQueryProcedure(SqlExecutor.java:277) at com.ibatis.sqlmap.engine.mapping.statement.ProcedureStatement.sqlExecuteQuery(ProcedureStatement.java:34) at com.ibatis.sqlmap.engine.mapping.statement.GeneralStatement.executeQueryWithCallback(GeneralStatement.java:173) at com.ibatis.sqlmap.engine.mapping.statement.GeneralStatement.executeQueryForList(GeneralStatement.java:123) at com.ibatis.sqlmap.engine.impl.SqlMapExecutorDelegate.queryForList(SqlMapExecutorDelegate.java:614) at com.ibatis.sqlmap.engine.impl.SqlMapExecutorDelegate.queryForList(SqlMapExecutorDelegate.java:588) at com.ibatis.sqlmap.engine.impl.SqlMapSessionImpl.queryForList(SqlMapSessionImpl.java:118) at org.springframework.orm.ibatis.SqlMapClientTemplate$3.doInSqlMapClient(SqlMapClientTemplate.java:268) at org.springframework.orm.ibatis.SqlMapClientTemplate.execute(SqlMapClientTemplate.java:193) at org.springframework.orm.ibatis.SqlMapClientTemplate.executeWithListResult(SqlMapClientTemplate.java:219) at org.springframework.orm.ibatis.SqlMapClientTemplate.queryForList(SqlMapClientTemplate.java:266) at gov.hud.pih.eiv.web.authentication.AuthenticationUserDAO.isPihUserDAO(AuthenticationUserDAO.java:24) at gov.hud.pih.eiv.web.authorization.AuthorizationProxy.isAuthorized(AuthorizationProxy.java:125) at gov.hud.pih.eiv.web.authorization.AuthorizationFilter.doFilter(AuthorizationFilter.java:224) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246) at I am really stumped and can't figure out what could be causing this error. I am not able to reproduce the error on my machine but on production it is coming a lot of times. I am using iBatis in the whole application so there are no chances of my code not closing connections. We do have stored procedures that run for a long time before they return results (around 15 seconds). does anyone have any ideas on what could be causing this? I dont think raising the # of connections on the application server will fix this issue buecause if connections were running out then we'd see "Error on allocating connections"

    Read the article

  • DomainContext class is not created in a RIA services class library solution

    - by Konamiman
    I have created a RIA services class library project and things are not going as I expected. The problem is that when I add domain service classes to the server project, the corresponding domain context classes are not generated on the client project. I start by creating a new project of type WCF RIA services class library. The generated solution has two projects: RIAServicesLibrary1 (the Silverlight class library project) and RIAServicesLibrary1.Web (the class library that will hold the services). Then I add a new project item to RIAServicesLibrary1.Web of type DomainServiceClass. I add a sample method so that the resulting class code is: namespace RIAServicesLibrary1.Web { using System; using System.Collections.Generic; using System.ComponentModel; using System.ComponentModel.DataAnnotations; using System.Linq; using System.ServiceModel.DomainServices.Hosting; using System.ServiceModel.DomainServices.Server; // TODO: Create methods containing your application logic. [EnableClientAccess()] public class DomainService1 : DomainService { [Invoke] void DoSomething() { } } } Then I generate the whole solution and... nothing happens on the client project. The Generated_Code folder is empty, and the domain context object for the service is not here. Funny enough, if I add a new item of type Authentication domain service, it works as expected: the file RIAServicesLibrary1.Web.g.cs is created on the client project, containing the AuthenticationDomainService1 class as expected. So what's happening here? Am I doing something wrong? Note: I am using Visual Studio 2010 Ultimate RTM and WCF RIA services 1.0.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 468 469 470 471 472 473 474 475 476 477 478 479  | Next Page >