Search Results

Search found 15415 results on 617 pages for 'security groups'.

Page 481/617 | < Previous Page | 477 478 479 480 481 482 483 484 485 486 487 488 | Next Page >

VS2010 Clean Web.configs - not updating

- by cw

Hello, I'm messing around with MVC 2.0 on VS2010 and am having an issue getting the clean web config feature working. Basically in my Web.debug.config I have <connectionStrings xdt:Transform="Replace"> <add name="ApplicationServices" connectionString="Server=localhost;Database=SITE_DB;User ID=dbuser;Password=P@ssw0rd;Trusted_Connection=False;" /> </connectionStrings> and in my Web.config I have <connectionStrings> <add name="ApplicationServices" connectionString="data source=.\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|aspnetdb.mdf;User Instance=true" providerName="System.Data.SqlClient" /> </connectionStrings> When I run the site in debug mode, I'd expect that xdt:Transform="Replace" would replace the entire connectionStrings section with what is in the Web.debug.config. Am I assuming wrong? Or am I doing something else incorrect. Not much info posted around this and I'd figure I'd ask you guys.

Read the article
Key stroke time in Openmoko or any smart phones

- by Adi

Dear all, I am doing a project in which I am working on security issues related to smart phones. I want to develop an authentication scheme which is based on biometrics, Every human being have a unique key-hold time,digraph time error rate. Key-Hold Time : Time difference between pressing and releasing a key . Digraph Time : Time difference between releasing one and pressing next one. Error Rate : No of times backspace is pressed. I got these metrics from a paper "Keystroke-based User Identification on Smart Phones" by Saira Zahid1, Muhammad Shahzad1, Syed Ali Khayam1,2, Muddassar Farooq1. I was planning to get the datasets to test my algorithm from openmoko phone, but the phone is mis-behaving and I am finding trouble in generating these time data-sets. If anyone can help me or tell me a good source of data sets for the 3 metrics I defined, it will be a great help. Thanks Aditya

Read the article
sql exception when transferring project from usb to c:\

- by jello

I'm working on a C# windows program with Visual Studio 2008. Usually, I work from school, directly on my usb drive. But when I copy the folder on my hard drive at home, an sql exception is unhandled whenever I try to write to the database. it is unhandled at the conn.Open(); line. here's the exception unhandled Database 'L:\system\project\the_project\the_project\bin\Debug\PatientMonitoringDatabase.mdf' already exists. Choose a different database name. Cannot attach the file 'C:\Documents and Settings\Administrator\My Documents\system\project\the_project\the_project\bin\Debug\PatientMonitoringDatabase.mdf' as database 'PatientMonitoringDatabase'. it's weird, because my connection string says |DataDirectory|, so it should work on any drive... here's my connection string: string connStr = "Data Source=.\\SQLEXPRESS;AttachDbFilename=|DataDirectory|\\PatientMonitoringDatabase.mdf; " + "Initial Catalog=PatientMonitoringDatabase; " + "Integrated Security=True";

Read the article
Copied App.config to (Assembly).exe.config but from folder debug application doesn't run

- by uugan

Gives error: "The specified named connection is either not found in the configuration, not intended to be used with the EntityClient provider, or not valid" App.config looks like and it's same as (Assembly.exe.config) config file for output: <?xml version="1.0" encoding="utf-8"?> <configuration> <connectionStrings> <add name="Entities1" connectionString="metadata=res://*/;provider=System.Data.SqlClient;provider connection string='data source=localhost;initial catalog=DatabaseName;integrated security=True;multipleactiveresultsets=True;App=EntityFramework'" providerName="System.Data.EntityClient" /> </connectionStrings> </configuration> How to run exe with it's configuration file? I tried to change '' to quot but nothing has changed.

Read the article
Adding AllowPartiallyTrustedCallersAttribute To Paypal ASP.NET SDK

- by snwr

Currently, I cannot use Paypal Pro on my host (GoDaddy) because it requires Full trust level. After digging in Google, it seems a workaround is possible by adding AllowPartiallyTrustedCallersAttribute to the Paypal assembly. I have seen code samples that use AllowPartiallyTrustedCallersAttribute in their AssemblyInfo.cs file, however, I've yet to run into a code example that also happens to be using PayPal. My question is where should the AllowPartiallyTrustedCallersAttribute be added in my project if my objective is to make the PayPal assembly work? I have tried adding it to my AssemblyInfo.cs for the project that contains the entire website, but I have not been successful. At this point, any insight or shot in the dark would be greatly appreciated. Even if someone could point me in the general direction of some documentation I would be grateful. AllowPartiallyTrustedCallersAttribute Reference: http://msdn.microsoft.com/en-us/library/system.security.allowpartiallytrustedcallersattribute.aspx

Read the article
Problem in SQL Server 2005 using ASP.Net

- by megala

I created one ASP.Net project using SQLServer database as back end.I shows the foollwing error .How to solve this? ===============Coding Imports System.Data.SqlClient Partial Class Default2 Inherits System.Web.UI.Page Dim myConnection As SqlConnection Dim myCommand As SqlCommand Dim ra As Integer Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click myConnection = New SqlConnection("Data Source=JANANI-FF079747\SQLEXPRESS;Initial Catalog=new;Persist Security Info=True;User ID=sa;Password=janani") 'server=localhost;uid=sa;pwd=;database=pubs") myConnection.Open() myCommand = New SqlCommand("Insert into table3 values 'janani','jan'") ra = myCommand.ExecuteNonQuery() ========---> error is showing here MsgBox("New Row Inserted" & ra) myConnection.Close() End Sub End Class =========Error Message============ ExecuteNonQuery: Connection property has not been initialized.

Read the article
ASP.NET MVC + MySql Membership Provider, user cannot login

- by Jason Miesionczek

Hello, I've been playing around with using MySql as the membership provider for asp.net mvc forms authentication. I've got things configured correctly as far as i can tell, and i can create users via both the register action and asp.net web config site. however, when i try to login with one of the users, it does not work. it returns an error as if i had entered a wrong password, or if the account doesn't exist. i have verified in the database that the account does exist. I've followed the instructions here for reference: http://blog.tchami.com/post/ASPNET-MVC-2-and-MySQL-Membership-Provider.aspx here is my web.config: <?xml version="1.0"?>  <configuration> <connectionStrings> <add name="MySQLConn" connectionString="Server=localhost;Database=intereditor;Uid=<user>;Pwd=<password>;"/> </connectionStrings> <system.web> <compilation debug="true" targetFramework="4.0"> <assemblies> <add assembly="System.Web.Abstractions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> <add assembly="System.Web.Routing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> <add assembly="System.Web.Mvc, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> </assemblies> </compilation> <authentication mode="Forms"> <forms loginUrl="~/Account/LogOn" timeout="2880" name=".ASPXFORM$" path="/" requireSSL="false" slidingExpiration="true" enableCrossAppRedirects="false" /> </authentication> <membership defaultProvider="MySqlMembershipProvider"> <providers> <clear/> <add name="MySqlMembershipProvider" type="MySql.Web.Security.MySQLMembershipProvider,MySql.Web,Version=6.3.4.0, Culture=neutral,PublicKeyToken=c5687fc88969c44d" autogenerateschema="true" connectionStringName="MySQLConn" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" passwordStrengthRegularExpression="" applicationName="/" /> </providers> </membership> <profile defaultProvider="MySqlProfileProvider"> <providers> <clear/> <add name="MySqlProfileProvider" type="MySql.Web.Profile.MySQLProfileProvider,MySql.Web,Version=6.3.4.0,Culture=neutral,PublicKeyToken=c5687fc88969c44d" connectionStringName="MySQLConn" applicationName="/" /> </providers> </profile> <roleManager enabled="true" defaultProvider="MySqlRoleProvider"> <providers> <clear /> <add name="MySqlRoleProvider" type="MySql.Web.Security.MySQLRoleProvider,MySql.Web,Version=6.3.4.0,Culture=neutral,PublicKeyToken=c5687fc88969c44d" connectionStringName="MySQLConn" applicationName="/" /> </providers> </roleManager> <pages> <namespaces> <add namespace="System.Web.Mvc" /> <add namespace="System.Web.Mvc.Ajax" /> <add namespace="System.Web.Mvc.Html" /> <add namespace="System.Web.Routing" /> </namespaces> </pages> </system.web> <system.webServer> <validation validateIntegratedModeConfiguration="false"/> <modules runAllManagedModulesForAllRequests="true"/> </system.webServer> <runtime> <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1"> <dependentAssembly> <assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" /> <bindingRedirect oldVersion="1.0.0.0" newVersion="2.0.0.0" /> </dependentAssembly> </assemblyBinding> </runtime> </configuration> Can anyone please help me identify what is wrong so that users can login? UPDATE So after debugging the login process in the code of the membership provider itself, i discovered that there is a bug in the provider. There is a discrepancy between the password hash that is stored in the database, and the has that is generated based on the inputted password. As a workaround for my issue, i changed the password format to 'encrpyted' and added a machine key to my web.config. I am still interested in figuring out the issue with the hashed format in the provider, and will spend some more time debugging it, and if i can figure out the problem, i will put together a patch and submit it.

Read the article
How can I embed a PDF in a Word Doc, and access that PDF with VBA?

- by Austin R

I have a word doc with some ActiveX buttons on it. When one of these buttons is pressed, a UserForm pops up with a corresponding PDF displayed, like so: This is exactly the behavior I want. However, the problem is that for this to work, the user of the word doc needs to have each of the PDFs saved on their machine as well. Here's the code for one of the buttons: Private Sub AC1Button_Click() DisplayForm.AcroPDF1.LoadFile ("C:\Users\arose\Desktop\Security Control Doc\Sub PDFs\AC1.pdf") DisplayForm.Show End Sub As you can see, the path is hardcoded in. I need to be able to distribute this word doc without needing to distribute a bunch of PDFs along with it, so is there any way to embed PDFs in a word document in such a way that they're accessible by VBA? I've discovered here that it's reasonably easy to embed a PDF in any office doc. And I've tried that: But I can't figure out how to access that PDF object in my VBA code, in order to display it on the UserForm. Any insight is appreciated, thanks!

Read the article
Problem authenticating with shiro in grails app

- by xain

I have a grails 1.2 app and I want to use declarative security in order to restrict accesses based on roles. I decided to try shiro, installed the plugin, but when I try to authenticate, the message "Invalid username and/or password" shows up in the header. I check the db entry and the user is there with the sha'ed password. No messages are shown neither in the console nor in the stacktrace file. I added "warn 'org.jsecurity'" to Config.groovy with no results. Any hints/tricks to troubleshoot this ?

Read the article
Use of COM object in IIS 7

- by Wouter d.A.

Hi all, I am currently moving an ASP.NET web-project from an IIS 6 to a IIS 7 hosting environment. Everything seems to be running OK, except my calls to a COM object. I can perfectly instantiate an object of the COM type, but when I call one of its methods, the IIS crashes. The event log reports an error code "0xc0000374", which indicates a heap corruption. When I run the application inside the visual studio development server, everything goes well and the COM object code gets executed without any errors. This is also the case when the application is hosted on an IIS 6 machine. I have looked through all settings of the IIS 7 and have not found anything configurable for COM objects, like security or ... I have been struggling with this for a while and I'm out of ideas. Does anyone have any experience deploying COM objects on IIS 7? Your help would be very appreciated!

Read the article
Lotus Notes doesn't send customised button

- by damo_inc

Hi All, I created a customised button with some simple actions attached to it in Lotus Notes 6.5. It's just a simple voting button, which I emailed to a group of nearly 200 people. While sending I got a pop up telling me that the button can't be send. After about 10 seconds I got a first reply asking 'where's the button'. Then an avalanche of very clever emails followed, such as: 'no button', 'where's the button', etc. Before I spammed everyon I had tried the email on my work mate and the button went through fine! Any ideas? I suspect some security policy.... I really need to send this mail and get the survey results, so I don't want to fail again. Any suggestions appreciated. Many Thanks, Damo

Read the article
Macros no longer working in VS2005

- by NPVN

I'm using VS2005 on Vista. I'm using some macros, but now they have suddenly stopped working. No error messages of any kind. I am not aware of having done anything that could trigger this. I have made sure that "Allow macros to run" is checked in Tools-Options-Addin/Macro Security. I have tried running the macros from a keyboard shortcut, from the Macro Explorer, and from the Macros IDE, all in vain: The little spinning icon displays shortly (<1 sec) and then disappears without the macro being executed. I have tried putting a breakpoint on the first line of the macro and then executing it from the main IDE, with no effect (the breakpoint isn't hit). I have tried the same from the Macro IDE: The state changes to "running", but the breakpoint isn't hit. I have to break the execution manually. Any ideas?

Read the article
Graceful handling of server timeout in BlazeDS

- by Rydell

I have a flex client that makes service calls to a tomcat server running BlazeDS. I would like to gracefully handle server session timeouts in this environment. I do have security constraints on the service, so the client authenticates against a remote object by initializing a ChannelSet based on the destination, and then logging in using that ChannelSet. After the user is authenticated, if they go get a (long) cup of coffee, their session will inevitably time out. I would like the client to detect the timeout, and return the user back to the login page, with the appropriate informational messages. But I am having difficulty finding the best way to detect this timeout from the client. Is it possible, or must I have the server throw an error when the timeout occurs? Thanks!

Read the article
How to create virtual Environment for users on server

- by Bhushan Nagaonkar

I have a web application where users can register them self and then save Java and C++ programs in their account. Programs are saved in a tmp directory like, /tmp -user1 --program1 --program2 -user2 --program1 --program2 So all the users folders are in same "tmp" directory. I want to know how can I proved security by not allowing a user to access files of other users. A user will be executing a java or c++ program in his folder which can be used to read files on the server. How to prevent this? I am new to this thing I don't know how to go about this. The server is Linux server and project is in python using Django. Thank in advance

Read the article
Is it possible to use JSONP on the server?

- by Denis Hoctor

Hi all, I'm stuck on a clients host that has medium trust setup which blocks cross domain requests and need data from a 3rd party domain. I now have the option to use JSONP. I've used JSONP from the client with jQuery to get around the browsers cross domain security and I've used HttpWebRequest in ASP.Net 3.5. Is it possible to use JSON on the server and if so how? I don't think it is, but worth asking seeing as I already have this app written server side.... Thanks, Denis

Read the article
Do I need to auto-login after account activation?

- by Art

This is the standard scenario: User registers on the site User receives an account activation email, clicks link to activate Web site notifies the user that account is activated Now there are at least two pathways: User is taken to the login screen and asked to enter login details User is automatically logged in and taken to a welcome/profile/etc page While there are obvious benefits in (1) as far as the user's experience is concerned, there could be drawbacks as well. Option (2) offers improved security at cost of UX. Which of the scenarios is preferable and why? Any serious flaws in any of them?

Read the article
How to add a Web Reference to a SSL web service?

- by Matt W

Hi, I have a web service in a C#/3.5 project which has been running fine. This is until I set the "SSL port" in IIS to 443 and set the "IIS - Directory Security - Secure Communications - Require secure channel (SSL)" option to true. Now, the web reference cannot be updated and I cannot add a new web reference to the web service in that site. When I try to view the service in a browse using just HTTP I get the "This page must be viewed over a secure channel" and when viewed with HTTPS on the front I get "This web page not available." Could someone tell me how to get a Web Reference added using Visual Studio to this secure web service, please? Thanks, Matt.

Read the article
System.Web.AspNetHostingPermission Exception on New Deployment

- by Jason N. Gaylord

I have a friend that is moving a web application from one server over to another. The new server has the same settings as the first server, however, he's running into a Security issue. Here's the error details: Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed. The Event Viewer does not point to anything specific in the web.config file or anything. The web applicaiton is on the C: drive. This is a Windows Server 2008 R2 x64 server with a brand new IIS 7 installation. IIS is set in classic mode for this app pool.

Read the article
problem in loading class from 'me.prettyprint.hector.api.Serializer'

- by dhananjay patil

I have created executable jar but having some problem with Class not found Exception. When I type command: java -jar JarFileName.jar arguments.. I get error message, Exception in thread "main" java.lang.NoClassDefFoundError: me/prettyprint/hector/api/Serializer at com.ensarm.niidle.web.scraper.NiidleScrapeManager.main(NiidleScrapeManager.java:21) Caused by: java.lang.ClassNotFoundException: me.prettyprint.hector.api.Serializer at java.net.URLClassLoader$1.run(URLClassLoader.java:200) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:188) at java.lang.ClassLoader.loadClass(ClassLoader.java:307) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301) at java.lang.ClassLoader.loadClass(ClassLoader.java:252) at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:320) ... 1 more please tell me solution for this,class is not getting loaded from the external jar

Read the article
Why don't web fonts in Firefox don't work on a different domain?

- by mikez302

I was experimenting with the fancy new OpenType font capability in Firefox 3.5 and I ran into a problem. I was trying to embed a font on a different domain than the page it would be used on, and it didn't work. I thought it may have been a bug, but from what I read on the MDC reference page, I noticed this note: In Gecko, web fonts are subject to the same domain restriction (font files must be on the same domain as the page using them), unless HTTP access controls are used to relax this restriction. It looks like they designed the browser that way on purpose. Out of curiosity, why would they do that? Is there any security risk with embedding a font? Or is it for legal trademark or copyright issues? Or something else?

Read the article
Browser Helper Object doesnot get loaded in IE8

- by velusbits

I have a BHO, which i can see it as enabled in Add On's list. But it does not get loaded when i start my IE on the Win2k8 R2 machines(64 bit). I have disabled IE Enhanced security as well but no help. The same BHO gets loaded in other machines. The registry details under (HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects & HKEY_CLASSES_ROOT\Wow6432Node\CLSID) seem to be fine. Is there any setting that disables BHO from actually getting loaded?

Read the article
Running custom Javascript on every page in Mozilla Firefox

- by saturn

I have a custom piece of Javascript which I would like to run on every web page from specific domains, or perhaps simply on every web page. (If you are wondering: it is not malicious. It allows to display formulas by using MathJax.) Is that possible? I tried including it in userContent.css, that of course did not work. A simple Greasemonkey script I tried did not insert it. Is it because of the security precautions? (Which would be very logical). Still, there should be a way to do it on the machine I physically control, by changing something in Mozilla chrome directory, shouldn't it? Anyway, how can I do this for myself?

Read the article
Spring - MVC - Sanitize URL before redisplaying to the user

- by Raghav

In my application , a HTTP GET request URL to the application with script tag is getting redisplayed as it is although it fails the authorization. Example: http://www.example.com/welcome<script>alert("hi")</script> The issue is sanitizing external input entered directly into address bar by modifying existing GET URL. Spring redisplays the submitted URL as it is. Though the script does not get executed in the browser(FF), is there anyway to strip the URL of these values before displaying it back to the user Reference: Spring MVC application filtering HTML in URL - Is this a security issue?

Read the article
Why exactly is eval evil?

- by Jay

I know that Lisp and Scheme programmers usually say that eval should be avoided unless strictly necessary. I´ve seen the same recommendation for several programming languages, but I´ve not yet seen a list of clear arguments against the use of eval. Where can I find an account of the potential problems of using eval? For example, I know the problems of GOTO in procedural programming (makes programs unreadable and hard to maintain, makes security problems hard to find, etc), but I´ve never seen the arguments against eval. Interestingly, the same arguments against GOTO should be valid against continuations, but I see that Shemers, for example, won´t say that continuations are "evil" -- you should just be careful when using them. They´re much more likely to frown upon code using eval than upon code using continuations (as far as I can see -- I could be wrong).

Read the article
Getting "Object is read only" error when setting ClientCredentials in WCF

- by Paul Mrozowski

I have a proxy object generated by Visual Studio (client side) named ServerClient. I am attempting to set ClientCredentials.UserName.UserName/Password before opening up a new connection using this code: InstanceContext context = new InstanceContext(this); m_client = new ServerClient(context); m_client.ClientCredentials.UserName.UserName = "Sample"; As soon as the code hits the UserName line it fails with an "Object is read-only" error. I know this can happen if the connection is already open or faulted, but at this point I haven't called context.Open() yet. I have configured the Bindings (which uses netTcpBinding) to use Message as it's security mode, and MessageClientCredentialType is set to UserName. Any ideas?

Read the article

< Previous Page | 477 478 479 480 481 482 483 484 485 486 487 488 | Next Page >