Search Results

Search found 25758 results on 1031 pages for 'oracle security'.

Page 473/1031 | < Previous Page | 469 470 471 472 473 474 475 476 477 478 479 480  | Next Page >

• How to create Encryption Key for Encryption Algorithms?

  - by Akash Kava

  I want to use encryption algorithm available in .Net Security namespace, however I am trying to understand how to generate the key, for example AES algorithm needs 256 bits, that 16 bytes key, and some initialization vector, which is also few bytes. Can I use any combination of values in my Key and IV? e.g. all zeros in Key and IV are valid or not? I know the detail of algorithm which does lots of xors, so zero wont serve any good, but are there any restrictions by these algorithms? Or Do I have to generate the key using some program and save it permanently somewhere?

  Read the article

• How dangerous can javascript be? (is noscript worth the trouble)?

  - by CrazyJugglerDrummer

  I have recently started using noscript (in addition to ABP). It took a little while to get used to it and can occasionally require some clicking when visiting a new site to investigate why the site's not working and where I need to allow javascript from. Is the extra security worth it? Some of the controversy is discussed here. I suppose it boils down to a matter of whether javascript is a genuine threat to your computer or not. Any thoughts on this?

  Read the article

• Part 1: What are EBS Customizations?

  - by volker.eckardt(at)oracle.com

  Everything what is not shipped as Oracle standard may be called customization. And very often we differentiate between setup and customization, although setup can also be required when working with customizations.This highlights one of the first challenges, because someone needs to track setup brought over with customizations and this needs to be synchronized with the (standard) setup done manually. This is not only a tracking issue, but also a documentation issue. I will cover this in one of the following blogs in more detail.But back to the topic itself. Mainly our code pieces (java, pl/sql, sql, shell scripts), custom objects (tables, views, packages etc.) and application objects (concurrent programs, lookups, forms, reports, OAF pages etc.) are treated as customizations. In general we define two types: customization by extension and customization by modification. For sure we like to minimize standard code modifications, but sometimes it is just not possible to provide a certain functionality without doing it.Keep in mind that the EBS provides a number of alternatives for modifications, just to mention some:Files in file system    add your custom top before the standard top to the pathBI Publisher Report    add a custom layout and disable the standard layout, automatically yours will be taken.Form /OAF Change    use personalization or substitutionUsing such techniques you are on the safe site regarding standard patches, but for sure a retest is always required!Many customizations are growing over the time, initially it was just one file, but in between we have 5, 10 or 15 files in our customization pack. The more files you have, the more important is the installation order.Last but not least also personalization's are treated as customizations, although you may not use any deployment pack to transfer such personalisation's (but you can). For OAF personalization's you can use iSetup, I have also enabled iSetup to allow Forms personalizations to transport.Interfaces and conversion objects are quite often also categorized as customizations and I promote this decision. Your development standards are related to all these kinds of custom code whether we are exchanging data with users (via form or report) or with other systems (via inbound or outbound interface).To cover all these types of customizations two acronyms have been defined: RICE and CEMLI.RICE = Reports, Interfaces, Conversions, and ExtensionsCEMLI = Customization, Extension, Modification, Localization, IntegrationThe word CEMLI has been introduced by Oracle On Demand and is used within Oracle projects quite often, but also RICE is well known as acronym.It doesn't matter which acronym you are using, the main task here is to classify and categorize your customizations to allow everyone to understand when you talk about RICE- 211, CEMLI XXFI_BAST or XXOM_RPT_030.Side note: Such references are not automatically objects prefixes, but they are often used as such. I plan also to address this point in one other blog.Thank you!Volker

  Read the article

• Is Rails default CSRF protection insecure

  - by schickb

  By default the form post CSRF protection in Rails creates an authenticity token for a user that only changes when the user's session changes. One of our customers did a security audit of our site and flagged that as an issue. The auditor's statement was that if we also had a XSS vulnerability that an attacker could grab another user's authenticity token and make use of it for CSRF attacks until the user's session expired. But is seems to me that if we had an XSS vulnerability like that an attacker could just as easily grab another user's session cookie and login as that user directly. Or even just make call to our REST Api as the user being attacked. No secondary CSRF attack needed. Have I missed something? Is there a real problem with the default CSRF protection in Rails?

  Read the article

• AutoVue Success at Siemens Energy!

  - by prasenjit.niyogi(at)oracle.com

  Siemens Improves Review and Collaboration with Visually Enabled Engineering Platform Siemens Energy Incorporated offers products, solutions, and services for the entire energy conversion chain--from power generation and transmission to distribution. The organization primarily serves energy utilities and industrial companies. Siemens faced challenges in the form of: Long design review cycles and potential field service delays that stemmed from users' inability to digitally access, view, and collaborate on design documents for energy-related projects stored in SAP High costs and IT administration complexity that was caused by multiple design visualization tools Learn how the customized integration of Oracle's AutoVue with SAP, thanks to Oracle partner Lifecycle Technology, significantly streamlined design review processes, improved productivity, and eliminated paper-based collaboration for the field service technicians and engineers. Read the complete snapshot here

  Read the article

• HotRockit! EclipseCon 2011

  - by yosuke.arai(at)oracle.com

  HotRockit ?????????????????????????????????????Hotspot JVM(?Sun JVM)?JRockit JVM??????????????JVM?????????????3??Santa Clara?????EclipseCon 2011?????Marcus????????????????(?????blog????????) ----- HotRockit – What to Expect from Oracle’s Converged JVM HotRockit - ???????JVM???? Oracle is converging the HotSpot and JRockit JVMs to produce a "best of breed JVM". Internally the project is sometimes referred to as the HotRockit project. There is already a large influx of ideas and solutions provided by the JRockit JVM into the Open JDK. ?????Hotspot JVM?JRockit JVM?????"???·??·????"???JVM???????????-??????"HotRockit??????"-????????JRockit JVM???OpenJDK??????????????????????????????????? Examples of improvements include: New feature????????? Better monitoring and profiling Improved performance Better ergonomics This talk will discuss what to expect from the converged JVM over the next two years, and how this will benefit the Eclipse community. ???????????????JVM??????????????????????Eclipse???????????????????????????????? ----- ??????????????????!

  Read the article

• Remote Development With Solaris Studio

  - by rchrd

  A new technical article has been published on OTN: How to Develop Code from a Remote Desktop with Oracle Solaris Studio by Igor Nikiforov This article describes the remote desktop feature of the Oracle Solaris Studio IDE, and how to use it to compile, run, debug, and profile your code running on remote servers. Published May 2012 Introducing the IDE Desktop Distribution Determining Whether You Need the Desktop Distribution Creating the Desktop Distribution Using the Desktop Distribution See Also About the Author Introducing the IDE Desktop Distribution Sun Studio 12 Update 1 introduced a unique remote development feature that allows you to run just one instance of the IDE while working with multiple servers and platforms. For example, you could run the IDE on an x86-based laptop or desktop running Oracle Linux, and use a SPARC-based server running Oracle Solaris 10 to compile, run, debug, and profile your code. The IDE works seamlessly just as if you had the Oracle Solaris operating system on your laptop or desktop. ....read more

  Read the article

• Die Tape Library, die mitwächst

  - by A&C Redaktion

  Mit der Storage Tek SL150 Modular Tape Library hat Oracle eine Archiv-Lösung entwickelt, die zusammen mit dem Unternehmen wachsen kann. Die Ziele waren hoch gesteckt: Die neue Bandbibliothek sollte nicht nur extrem skalierbar, sondern auch günstig sein, denn sie ist als Einstiegs-Library für kleinere, wachsende und mittelständische Firmen gedacht. Zum Launch der Tape Library legt Oracle beeindruckende Zahlen und Fakten vor: - 75% günstiger in der Anschaffung, als vergleichbare Produkte - platzsparend durch 40% höhere Dichte - höchste Sicherheitsstandards - erweiterbar von 30 auf bis zu 300 Slots, und damit 900 Terabyte - einfache Bedienung dank intuitiver Benutzeroberfläche auf Basis der Oracle Fusion Middleware und Oracle Linux - die Installation dauert nur 30 Minuten - unterstützt viele verschiedene Systemumgebungen Partner haben die Möglichkeit, zu diesem neuen Mitglied der Oracle Produktfamilie eigene Support Services anzubieten. Details zu den Resell und Support Anforderungen finden Sie hier (mit OPN-Login): SL150 Produktübersicht Partner Support Option mit StorageTek SL150 Modular Tape Library FAQ - Partner Support Option mit StorageTek SL150 Modular Tape Library Auch die englischsprachige Pressemitteilung zum Launch bietet ausführliche Informationen und Details, von den Maßen bis zum Energieverbrauch, finden Sie hier im Storage Tek SL150 Data Sheet. Natürlich wollen wir Ihnen die ersten Stimmen aus der deutschsprachigen Fachpresse zur Storage Tek SL 150 nicht vorenthalten: SpeicherguideIT SecCityIT AdministratorDOAG

  Read the article

• OBIEE 11.1.1 - Tips for In-place Upgrade from 11.1.1.6 to 11.1.1.7.x

  - by Ahmed Awan

  Tips: – Use the Test to Production (T2P) / cloning process (movement scripts). For example: – Clone up the existing 11.1.1.6 environment.– Move the cloned copy to the new location / host (same 11.1.1.6.0 version at this point).– Patch new location / host (11.1.1.6) to the 11.1.1.7 level.– Switch to Production. – How to use movement scripts for OBIEE: 20.1 Introduction to the Movement Scripts , for details refer to: http://docs.oracle.com/cd/E29542_01/core.1111/e10105/clone.htm#CACHFECE 21.4.7.1 Moving Oracle Business Intelligence to a New Target Environment, for details refer to: http://docs.oracle.com/cd/E29542_01/core.1111/e10105/testprod.htm#CHDIAEFA http://docs.oracle.com/cd/E29542_01/core.1111/e10105/testprod.htm#BABGJGCF – Perform in-place upgrade to 11.1.1.7.0 using manual steps / Upgrade wizard, refer to: http://docs.oracle.com/cd/E28280_01/upgrade.1111/e16452/bi_plan.htm#BABECJJH

  Read the article

• Fusion Applications Outreach Continues: Europe

  - by mvaughan

  By Misha Vaughan, Applications User Experience The Oracle Applications User Experience team recently completed training in Europe for a select group of Oracle application solution consultants. The goal was to educate them about Oracle's investment in the Fusion User Experience. This group of newly trained Applications User Experience Sales Ambassadors (SAMBA), continues a program of educational outreach about Oracle's investment in usability across the suites. Katie Candland, Director, Applications User Experience, talks about the Fusion User Experience in Munich, Germany, recently. If you would like to hear more about the Fusion User Experience, Oracle's deep investment in this space, and how it extends to our existing product lines including JD Edwards, Siebel, E-Business Suite, and more, feel free to contact us. We can point you to a resource local to your area, including specially trained speakers 

  Read the article

• LocalUser access for WCF hosted in IIS

  - by Eugarps

  I have tried every combination to allow unauthenticated access to WCF as in "LocalUser" accounts, in IIS without success. Here is what I've most recently tried: wsHttpBinding with Message security and mode set to "None". IIS anonymous access enabled, all others disabled, folder level access at default (but granted read access to "Users" which is all users in our domain). I understand I may not have provided enough information to solve the issue, but perhaps somebody can point me in the right direction - is this likely to be a IIS configuration issue or a WCF configuration issue... if WCF, is it likely to be a client level or server level issue? The error I get when attempting to access here is "User is not authenticated". We have ASMX services in the domain which are behaving properly, I am the first developer using WCF here.

  Read the article

• WebCenter Workshops and Seminars

  - by rituchhibber

  The following workshops and eSeminars are already scheduled. You are allowed to forward eSeminars and events with registration links to any interested Oracle partner or consulting employee. If links are missing, please contact the organizer to be invited for this workshop (and get a registration link). Oracle WebCenter Content Foundation October 16-18, 2012: Colombes, France Oracle ADF Foundation October 10 -12, 2012: Colombes, Paris, France WebCenter Content Management Webcenter Content Manager 11g Workshop (3 days to nominated partners) Oracle Image Process Mgmt I/PM Foundation WS (3 days to nominated partners) WebCenter Sites November 20th - 22nd, 2012: Madrid, Spain ADF - Oracle Application Development Framework ADF 11g Foundation Workshop (3 days to nominated partners) ADF 11g Advanced Workshop (4 days to nominated partners)

  Read the article

• Flash not interacting with Javascripts in browser inside my app

  - by Shivaprasad

  Hi , I have an application which embeds a xulrunner based browser. I have to load some flash content in it which talks to some javascripts to update the browser title. The flash content works fine when launched from Firefox but not inside my app. I tried a sample html file which has some javascripts and they work fine. It even works when I have the flash content on a server. It is only when I try to run js through flash present on my local machine that I see this problem. I guess it must have something to do with some security settings in xulrunner. Could somebody help me figure out what the problem might be? Thanks jbsp72

  Read the article

• How to manually query LDAP through Acegi's beans?

  - by Veggen Skrikk

  I have an application using Acegi (earlier version of Spring Security) and LDAP for logins. Now, a specific scenario requires me to discover user's LDAP groups at arbitrary time (not at login time). Is it possible to use already set up Acegi to handle this situation? I'm thinking of using the configured LdapAuthProvider (or LdapAuthPopulator or whatever's appropriate) to get all the groups associated with a given username. Is this possible? If yes, please, please, give some hints how it should be done...

  Read the article

• Instance Patching Demo for BPM 11.1.1.7 by Mark Nelson

  - by JuergenKress

  BPM 11.1.1.7 has a new ‘instance patching and migration’ feature that allows you to apply changes to running instances of processes (without changing the revision of the process) and/or to migrate running instances between revisions of a process. There is a short viewlet demonstration posted here, but there is unfortunately no sound. SOA & BPM Partner Community For regular information on Oracle SOA Suite become a member in the SOA & BPM Partner Community for registration please visit www.oracle.com/goto/emea/soa (OPN account required) If you need support with your account please contact the Oracle Partner Business Center. Blog Twitter LinkedIn Facebook Wiki Mix Forum Technorati Tags: Mark Nelson,BPM,SOA Community,Oracle SOA,Oracle BPM,Community,OPN,Jürgen Kress

  Read the article

• Coherence 3.7.1 Released

  - by JuergenKress

  Oracle Coherence 3.7.1 introduces REST API, exalogic infiniband integration, improved data access performance due to more efficient in-memory and disk-based storage, and query explain plan support and much more, download now! View the webcast: Unbeatable Performance for your Cloud Application Foundation. To download Coherence 3.7.1 please visit OTN. Coherence Screencasts: Coherence 3.7.1 – Extend Only Keys Coherence 3.7.1 – REST Support Coherence 3.7.1 – POF Object Identities and References Coherence 3.7.1 – POF Annotation Support Coherence 3.7.1 – Query Explain Plan For more information please visit the Oracle Coherence Knowledge Base For regular Coherence information become a member in the WebLogic Partner Community please first login at http://partner.oracle.com and then visit: http://www.oracle.com/partners/goto/wls-emea Blog Twitter LinkedIn Mix Forum Wiki Technorati Tags: Coherence,Coherence 3.7.1,Oracle,WebLogic,J2EE caching,OPN,Jürgen Kress

  Read the article

• Centralized Credentials Service For Various Apps

  - by Vlad

  We are researching the possibility to build a centralized credentials storage for internal applications. These apps (vb6, vb.net, web apps in asp.net, etc) are using various instances of SQL servers and iSeries. We want to implement a central credentials facility that would act as a security broker. Basically it should work like this: Client app supplies AppID (I am Sales Application) and EnvironmentID (I am running in QA environment) and in return will get either a connection object (preferred) or encrypted connection string that will allow said application to connect to resources it needs. There will be cases when application needs to connect to two (or more) database resources (i.e. to SQL and iSeries). What are looking at DP API at the moment, but I am not convinced that DP API is the solution as it tied in with machine key. In our case using machine key isn't feasible, so I want to know if there are other approaches available.

  Read the article

• Verify my form workflow

  - by Shackrock

  I have a form, with some sensitive info (CC numbers). My work flow is: One page to take all form items Upon submission, values are validated. If all is well, all data is stored in a session variable, and the page reloads and displays this info from the session variable. If everything is ok on the review page, the user clicks submit and the session variable is sent to another form for processing (sending payment). Upon success, the session is destroyed. Upon failure (bad CC number, for example) - the user is sent back to the form, with all of the fields filled in just like before, so that they can check for errors and try again (session is NOT destroyed). Does anyone see anything wrong with this, from a security or best practices stand point? UPDATE I'm thinking I can get rid of a step - storing the info in a session EVER. Just have a one page checkout, no review page... makes sense.

  Read the article

• Adobe Socket Policy File Server Problems

  - by Matt

  Has anyone been able to successfully implement a service to serve the required socket policy file to FlashPlayer? I am running the Python implementation of the service provided by Adobe at http://www.adobe.com/devnet/flashplayer/articles/socket_policy_files.html and using the following policy file: <?xml version="1.0" encoding="UTF-8"?> <cross-domain-policy> <site-control permitted-cross-domain-policies="master-only"/> <allow-access-from domain="*" to-ports="*" secure="false"/> </cross-domain-policy> and receiving this message from Flash: [SecurityErrorEvent type="securityError" bubbles=false cancelable=false eventPhase=2 text="Error #2048: Security sandbox violation: http://www.mapopolis.com/family/Tree.swf cannot load data from www.mapopolis.com:1900."] Thanks.

  Read the article

• Avoid the problem with BigDecimal when migrating to Java 1.4 to Java 1.5+

  - by romaintaz

  Hello, I've recently migrated a Java 1.4 application to a Java 6 environment. Unfortunately, I encountered a problem with the BigDecimal storage in a Oracle database. To summarize, when I try to store a "7.65E+7" BigDecimal value (76,500,000.00) in the database, Oracle stores in reality the value of 7,650,000.00. This defect is due to the rewritting of the BigDecimal class in Java 1.5 (see here). In my code, the BigDecimal was created from a double using this kind of code: BigDecimal myBD = new BigDecimal("" + someDoubleValue); someObject.setAmount(myBD); // Now let Hibernate persists my object in DB... In more than 99% of the cases, everything works fine. Except that in really few case, the bug mentioned above occurs. And that's quite annoying. If I change the previous code to avoid the use of the String constructor of BigDecimal, then I do not encounter the bug in my uses cases: BigDecimal myBD = new BigDecimal(someDoubleValue); someObject.setAmount(myBD); // Now let Hibernate persists my object in DB... However, how can I be sure that this solution is the correct way to handle the use of BigDecimal? So my question is to know how I have to manage my BigDecimal values to avoid this issue: Do not use the new BigDecimal(String) constructor and use directly the new BigDecimal(double)? Force Oracle to use toPlainString() instead of toString() method when dealing with BigDecimal (and in this case how to do that)? Any other solution? Environment information: Java 1.6.0_14 Hibernate 2.1.8 (yes, it is a quite old version) Oracle JDBC 9.0.2.0 and also tested with 10.2.0.3.0 Oracle database 10.2.0.3.0

  Read the article

• Novos modelos de licenciamento para Web (Hosting, Cloud e SaaS) - Sessão para Parceiros - 15/Feb/11

  - by Claudia Costa

  RESERVE JÁ O SEU LUGAR!Com o aparecimento de novos modelos de 'deployment' de aplicações em Web - Hosting, On demand, Software-as-a-Service, Cloud Computing, etc - surgem também novas necessidades quanto às formas de licenciamento que permitam criar comerciais que suportem esses novos paradigmas. Neste encontro pretendemos actualizar os parceiros Oracle sobre os vários modelos de licenciamento disponíveis para estas novas forma de disponibilização das aplicações, dando-lhes a informação necessária e sugestões sobres as possíveis linhas de actuação que lhes permitam tirar partido destas novas oportunidades de negócio, e mostrar exemplos de como outros ISV já o estão a fazer. A quem se destina: Directores GeraisResponsáveis Comerciais Responsáveis de Marketing Equipas comerciais Responsáveis pela Gestão do Programa OPN e da relação com a Oracle Agenda What Oracle understands for ISV? Industry trends: Hosting, Cloud Computing e Software as a Service O que é que a Oracle entende por ISV? Revisão dos modelos de licenciamento tradicionais Full Use, Application Specific (ASFU) Novos modelos de licenciamento Hosting, Embedded (ESL), Embedded 'Royalty model', SaaS for ISV's, Proprietory Application Hosting, Modelos não standard Referências / Case Studies Discussão aberta Local e Horário9h30 - 12h30Oracle, Lagoas Park, Edifício 8, Porto SalvoInscrições: Enviar email para: [email protected] mais informações por favor contacte Claudia Costa pelo email ou telefone 21 423 50 27

  Read the article

• ArchBeat Link-o-Rama for 2012-08-31

  - by Bob Rhubart

  SOA Suite 11g Asynchronous Testing with soapUI | Greg Mally Greg Mally walks you through testing asynchronous web services with the free edition of soapUI. The Role of Oracle VM Server for SPARC in a Virtualization Strategy | Matthias Pfutzner Matthias Pfutzner's overview of hardware and software virtualization basics, and the role that Oracle VM Server for SPARC plays in a virtualization strategy. Cloud Computing: Oracle RDS on AWS - Connecting with DB tools | Tom Laszewski Cloud expert and author Tom Laszewski shares brief comments about the tools he used to connect two Oracle RDS instances in AWS. Keystore Wallet File – cwallet.sso – Zum Teufel! | Christian Screen "One of the items that trips up a FMW implementation, if only for mere minutes, is the cwallet.sso file," says Oracle ACE Christian Screen. In this short post he offers information to help you avoid landing on your face. Thought for the Day "With good program architecture debugging is a breeze, because bugs will be where they should be." — David May Source: SoftwareQuotes.com

  Read the article

• Ipad, closed environment and threat to privacy

  - by Akshay Bhat

  I had an unusual question about ipad, Since ipad environment is closed and does not allows installation of diagnostic and security related programs. How can then we be sure that any of the software installed on ipad is not infringing upon our privacy by doing stuff such as homing back information, etc. We cant install a packet tracer or any other software to check for attacks on privacy. Also given Apples poor track record (the safari browser was broken in one day), I don't think trusting apple solely would be a good idea. This might not seem to be a big issue but for business users it would be a significant concern.

  Read the article

• Saving data to server with user accounts.

  - by AKRamkumar

  Ok, so for an app I am making, I want the user to be able to save data online. On my website, I will provide a web server with tables of UserName/Password/SaveData. How can I do this without crashing the server load? How can I guarantee security ? Is there a Design Pattern for this?Is there a better way of doing this? This is going to be a free application, available to the public and I would like for their settings to be available, no matter the computer they are using. Is there a better way of doing this? I am using MEF for plugins so is there a way I can save plugin data as well?

  Read the article

• Roles / Permissions framework for c#?

  - by mark smith

  Hi there, Does anyone know of a good framework to allow me design permission and roles against users. Basically allowing me to automatically check a user can do a certain thing, and then disabling or enabling menu items etc I am not really looking for asp.net security ... as i need to use it in my own service layer and clients both WEB and WPF will use it. I was hoping for something that allows me to create new roles and groups against users and then check what type of permissions a user has or a group has Any help really appreciated.. I am sure some kind of open source framework is available, well i was hoping not having to create my own Thanks

  Read the article

< Previous Page | 469 470 471 472 473 474 475 476 477 478 479 480  | Next Page >