Search Results

Search found 301 results on 13 pages for 'credential'.

Page 5/13 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • Extend partition windows powershell

    - by user128364
    I want to create a Windows Powershell script to extend my partition through WMI (remotely), IP Address of my host id 10.10.10.10 $pass = convertto-securestring "abc123#" -asplaintext -force $mycred = new-object -typename System.Management.Automation.PSCredential -argumentlist "10.10.10.10\Administrator",$pass Invoke-Command -ComputerName 10.10.10.10 -Credential $myCred -ScriptBlock {"rescan","select volume 2","extend" | diskpart} Do we have any method with use of Invoke-Wmimethod

    Read the article

  • Powershell: Cannot connect via SSL

    - by JSWork
    Am following "secrets to powershell remoting" to setup an SLL account and seem to be missing a step. I ran Winrm create winrm/config/Listener?Address=*+Transport=HTTPS @{Hostname="redacted";CertificateThumbprint="redacted"} and got PS WSMan:\localhost&gt; dir wsman:\localhost\listener\Listener_1184937132 WSManConfig: Microsoft.WSMan.Management\WSMan::localhost\Listener\Listener_1184937132 Name Value Type ---- ----- ---- Address * System.String Transport HTTP System.String Port 5985 System.String Hostname System.String Enabled true System.String URLPrefix wsman System.String CertificateThumbprint System.String ListeningOn_756355952 10.0.0.54 System.String ListeningOn_1201550598 127.0.0.1 System.String PS WSMan:\localhost&gt; dir wsman:\localhost\listener\Listener_1187163138 WSManConfig: Microsoft.WSMan.Management\WSMan::localhost\Listener\Listener_1187163138 Name Value Type ---- ----- ---- Address * System.String Transport HTTP System.String Port 80 System.String Hostname System.String Enabled true System.String URLPrefix wsman System.String CertificateThumbprint System.String ListeningOn_756355952 10.0.0.54 System.String ListeningOn_1201550598 127.0.0.1 System.String PS WSMan:\localhost&gt; dir wsman:\localhost\listener\Listener_220862350 WSManConfig: Microsoft.WSMan.Management\WSMan::localhost\Listener\Listener_220862350 Name Value Type ---- ----- ---- Address * System.String Transport HTTPS System.String Port 5986 System.String Hostname redacted System.String Enabled true System.String URLPrefix wsman System.String CertificateThumbprint redacted System.String ListeningOn_756355952 10.0.0.54 System.String ListeningOn_1201550598 127.0.0.1 System.String Trouble is when i do this PS C:\Users\redacted> enter-pssession -Computername redacted -Credential redacted\redacted -UseSSL I get this Enter-PSSession : Connecting to remote server failed with the following error message : The client cannot connect to th e destination specified in the request. Verify that the service on the destination is running and is accepting requests . Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or Win RM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting Help topic. At line:1 char:16 + enter-pssession <<<< -Computername redacted -Credential redacted\redacted -UseSSL + CategoryInfo : InvalidArgument: (redacted:String) [Enter-PSSession], PSRemotingTransportException + FullyQualifiedErrorId : CreateRemoteRunspaceFailed This happens even when the firewall is off completely and when the machine tires to connect to itself locally. On top of that, despite the listners eing lsited on wsman, when I run PS WSMan:\localhost&gt; Get-PSSessionConfiguration I get Name PSVersion StartupScript Permission ---- --------- ------------- ---------- Microsoft.PowerShell 2.0 PS WSMan:\localhost&gt; Any ideas what I'm missing/doing wrong? edit: Windows 2003. Powershell v2.0

    Read the article

  • Invoke command with IP address as Target server does not works at all

    - by Praveen
    Please see the following command and with Trusted Hosts enabled, this does not work: Invoke-Command -ComputerName <IP address> -port 5985 -Credential (New-Object System.Management.Automation.PSCredential ('Domain\User', (ConvertTo-SecureString 'passwd' -AsPlainText -Force))) -Authentication CredSSP -ScriptBlock {Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010;Get-Mailbox} This works well when Computername is a hostname. The IP address does not works at all

    Read the article

  • Password manager bug with Firefox 3.6.13

    - by Nicolas Buduroi
    I'm having trouble with the latest Firefox (3.6.13) password manager. For a website I'm working on, it doesn't fill the password field for any login credential saved. I've looked into the options "Saved passwords" list and they are all there with the correct passwords. I thought at first that the website was blocking this feature in some way, but the password managers in Chrome (on the same Windows 7 machine) and Iceweasel (in a virtual Debian 6 machine) work well. Any idea about what could cause this problem?

    Read the article

  • LDAP hangs for 10-15 minutes if user put wrong credentials

    - by danny
    Hi: I am using a windows 2003 server .I am using LDAP to allow my wireless clients connect to the network. I can connect fine to the network. But whenever I enter a wrong credential my LDAP server freezes and no new clients can log in to the wireless network for 10 -15 minutes. i am using a cisco wlc and its doing web-authentication.

    Read the article

  • WCF: SecurityNegotiationException when using client

    - by bradhe
    So I've been trying to set up certificate authentication for my clients and services. The eventual goal is to partition data based on the certificate a client connects with (i.e. the certificate becomes their credentials in to the greater system and their data is partitioned based on these credentials). I have been able to set it up successfully on both the client and the server side. I have created a certificate and a private key, installed them on my computer, and set up my server such that 1) it has a certificate-based service credential and 2) if a client connects without providing a certificate-based credential an exception is thrown. What I then did was create a simple client and add a certificate credential to the configuration and try to call a simple operation on the service. It looks like the client connects OK, and it looks like the certificate is accepted by the server, but I do get this: SecurityNegotiationException: "The caller was not authenticated by the service." That seems rather ambiguous to me. Note that I am using wsHttpBinding, which supposedly defaults to Windows auth for transport security...but all of these processes are being run as my user account as I'm running in my debug environment. Here is my server configuration: <system.serviceModel> <bindings> <wsHttpBinding> <binding name="MyServiceBinding"> <security mode="Message"> <transport clientCredentialType="None"/> <message clientCredentialType="Certificate"/> </security> </binding> </wsHttpBinding> </bindings> <services> <service behaviorConfiguration="MyServiceBehavior" name="MyService"> <endpoint binding="wsHttpBinding" bindingConfiguration="MyServiceBinding" contract="IMyContract"/> <endpoint binding="mexHttpBinding" address="mex" contract="IMetadataExchange"> <identity> <dns value="localhost"/> </identity> </endpoint> </service> </services> <behaviors> <serviceBehaviors> <behavior name="MyServiceBehavior"> <serviceMetadata httpGetEnabled="true" policyVersion="Policy15" /> <serviceDebug includeExceptionDetailInFaults="false" /> <serviceCredentials> <serviceCertificate storeLocation="CurrentUser" storeName="My" x509FindType="FindBySubjectName" findValue="tmp123"/> </serviceCredentials> </behavior> </serviceBehaviors> </behaviors> <serviceHostingEnvironment multipleSiteBindingsEnabled="true" /> </system.serviceModel> Here is my client config -- note that I'm using the same cert for the client that I use on the service: <system.serviceModel> <bindings> <wsHttpBinding> <binding name="WSHttpBinding_IMyService" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false"> <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384"/> <reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false"/> <security mode="Message"> <!--<transport clientCredentialType="Windows" proxyCredentialType="None" realm=""/>--> <message clientCredentialType="Certificate" negotiateServiceCredential="true" algorithmSuite="Default"/> </security> </binding> </wsHttpBinding> </bindings> <client> <endpoint address="http://localhost:50120/UserServices.svc" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_IMyService" behaviorConfiguration="IMyService_Behavior" contract="UserServices.IUserServices" name="WSHttpBinding_IMyService"> <identity> <certificate encodedValue="Some RSA stuff"/> </identity> </endpoint> </client> <behaviors> <endpointBehaviors> <behavior name="IMyService_Behavior"> <clientCredentials> <clientCertificate storeLocation="CurrentUser" storeName="My" x509FindType="FindBySubjectName" findValue="tmp123"/> </clientCredentials> </behavior> </endpointBehaviors> </behaviors> </system.serviceModel> Can anyone please help provide some insight as to what might be up here? Thanks,

    Read the article

  • How to copy items using Nintex Workflow

    - by ybbest
    Nintex does not offer copying items from one SharePoint library to another out of box. However, it is not hard to implement one yourself. You can use the copy.asmx web services to achieve this. Here are the steps below and you can download the source here 1. Create a UDA with the following parameters: 2. Call the copy.asmx service to copy the item from SouceItemUrl to DestinationItemUrl 3. If your destination document library has versioning and check-in/out turned on , you can use list.asmx to check in your file as below: 4. You need to create constant of Credential type named SP_WORKFLOW_WS as below 5. Here is how it looks like in the Workflow designer. 6. To call this UDA, you can perform the following in your workflow

    Read the article

  • Want to create dynamic subdomain in codeigniter?

    - by Nilay Patel
    In my site i want to add an functionality for user to use their username with domain. Like in codeigniter right now i want to give the user to use their own url to login in site and do other stuff. For eg: i Want www.username.mysite.com/login or www.username.mysite.com/category so here the user can login with their credential and add the category. so i have two controller in my site with login and category. So how to do this with the routes Or .htaccess.

    Read the article

  • Demystified - BI in SharePoint 2010

    - by Sahil Malik
    Ad:: SharePoint 2007 Training in .NET 3.5 technologies (more information). Frequently, my clients ask me if there is a good guide on deciphering the seemingly daunting choice of products from Microsoft when it comes to business intelligence offerings in a SharePoint 2010 world. These are all described in detail in my book, but here is a one (well maybe two) page executive overview. Microsoft Excel: Yes, Microsoft Excel! Your favorite and most commonly used in the world database. No it isn’t a database in technical pure definitions, but this is the most commonly used ‘database’ in the world. You will find many business users craft up very compelling excel sheets with tonnes of logic inside them. Good for: Quick Ad-Hoc reports. Excel 64 bit allows the possibility of very large datasheets (Also see 32 bit vs 64 bit Office, and PowerPivot Add-In below). Audience: End business user can build such solutions. Related technologies: PowerPivot, Excel Services Microsoft Excel with PowerPivot Add-In: The powerpivot add-in is an extension to Excel that adds support for large-scale data. Think of this as Excel with the ability to deal with very large amounts of data. It has an in-memory data store as an option for Analysis services. Good for: Ad-hoc reporting and logic with very large amounts of data. Audience: End business user can build such solutions. Related technologies: Excel, and Excel Services Excel Services: Excel Services is a Microsoft SharePoint Server 2010 shared service that brings the power of Excel to SharePoint Server by providing server-side calculation and browser-based rendering of Excel workbooks. Thus, excel sheets can be created by end users, and published to SharePoint server – which are then rendered right through the browser in read-only or parameterized-read-only modes. They can also be accessed by other software via SOAP or REST based APIs. Good for: Sharing excel sheets with a larger number of people, while maintaining control/version control etc. Sharing logic embedded in excel sheets with other software across the organization via REST/SOAP interfaces Audience: End business users can build such solutions once your tech staff has setup excel services on a SharePoint server instance. Programmers can write software consuming functionality/complex formulae contained in your sheets. Related technologies: PerformancePoint Services, Excel, and PowerPivot. Visio Services: Visio Services is a shared service on the Microsoft SharePoint Server 2010 platform that allows users to share and view Visio diagrams that may or may not have data connected to them. Connected data can update these diagrams allowing a visual/graphical view into the data. The diagrams are viewable through the browser. They are rendered in silverlight, but will automatically down-convert to .png formats. Good for: Showing data as diagrams, live updating. Comes with a developer story. Audience: End business users can build such solutions once your tech staff has setup visio services on a SharePoint server instance. Developers can enhance the visualizations Related Technologies: Visio Services can be used to render workflow visualizations in SP2010 Reporting Services: SQL Server reporting services can integrate with SharePoint, allowing you to store reports and data sources in SharePoint document libraries, and render these reports and associated functionality such as subscriptions through a SharePoint site. In SharePoint 2010, you can also write reports against SharePoint lists (access services uses this technique). Good for: Showing complex reports running in a industry standard data store, such as SQL server. Audience: This is definitely developer land. Don’t expect end users to craft up reports, unless a report model has previously been published. Related Technologies: PerformancePoint Services PerformancePoint Services: PerformancePoint Services in SharePoint 2010 is now fully integrated with SharePoint, and comes with features that can either be used in the BI center site definition, or on their own as activated features in existing site collections. PerformancePoint services allows you to build reports and dashboards that target a variety of back-end datasources including: SQL Server reporting services, SQL Server analysis services, SharePoint lists, excel services, simple tables, etc. Using these you have the ability to create dashboards, scorecards/kpis, and simple reports. You can also create reports targeting hierarchical multidimensional data sources. The visual decomposition tree is a new report type that lets you quickly breakdown multi-dimensional data. Good for: Mostly everything :), except your wallet – it’s not free! But this is the most comprehensive offering. If you have SharePoint server, forget everything and go with performance point. Audience: Developers need to setup the back-end sources, manageability story. DBAs need to setup datawarehouses with cubes. Moderately sophisticated business users, or developers can craft up reports using dashboard designer which is a click-once App that deploys with PerformancePoint Related Technologies: Excel services, reporting services, etc.   Other relevant technologies to know about: Business Connectivity Services: Allows for consumption of external data in SharePoint as columns or external lists. This can be paired with one or more of the above BI offerings allowing insight into such data. Access Services: Allows the representation/publishing of an access database as a SharePoint 2010 site, leveraging many SharePoint features. Reporting services is used by Access services. Secure Store Service: The SP2010 Secure store service is a replacement for the SP2007 single sign on feature. This acts as a credential policeman providing credentials to various applications running with SharePoint. BCS, PerformancePoint Services, Excel Services, and many other apps use the SSS (Secure Store Service) for credential control. Comment on the article ....

    Read the article

  • ASP.NET WebAPI Security 4: Examples for various Authentication Scenarios

    - by Your DisplayName here!
    The Thinktecture.IdentityModel.Http repository includes a number of samples for the various authentication scenarios. All the clients follow a basic pattern: Acquire client credential (a single token, multiple tokens, username/password). Call Service. The service simply enumerates the claims it finds on the request and returns them to the client. I won’t show that part of the code, but rather focus on the step 1 and 2. Basic Authentication This is the most basic (pun inteneded) scenario. My library contains a class that can create the Basic Authentication header value. Simply set username and password and you are good to go. var client = new HttpClient { BaseAddress = _baseAddress }; client.DefaultRequestHeaders.Authorization = new BasicAuthenticationHeaderValue("alice", "alice"); var response = client.GetAsync("identity").Result; response.EnsureSuccessStatusCode();   SAML Authentication To integrate a Web API with an existing enterprise identity provider like ADFS, you can use SAML tokens. This is certainly not the most efficient way of calling a “lightweight service” ;) But very useful if that’s what it takes to get the job done. private static string GetIdentityToken() {     var factory = new WSTrustChannelFactory(         new WindowsWSTrustBinding(SecurityMode.Transport),         _idpEndpoint);     factory.TrustVersion = TrustVersion.WSTrust13;     var rst = new RequestSecurityToken     {         RequestType = RequestTypes.Issue,         KeyType = KeyTypes.Bearer,         AppliesTo = new EndpointAddress(Constants.Realm)     };     var token = factory.CreateChannel().Issue(rst) as GenericXmlSecurityToken;     return token.TokenXml.OuterXml; } private static Identity CallService(string saml) {     var client = new HttpClient { BaseAddress = _baseAddress };     client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("SAML", saml);     var response = client.GetAsync("identity").Result;     response.EnsureSuccessStatusCode();     return response.Content.ReadAsAsync<Identity>().Result; }   SAML to SWT conversion using the Azure Access Control Service Another possible options for integrating SAML based identity providers is to use an intermediary service that allows converting the SAML token to the more compact SWT (Simple Web Token) format. This way you only need to roundtrip the SAML once and can use the SWT afterwards. The code for the conversion uses the ACS OAuth2 endpoint. The OAuth2Client class is part of my library. private static string GetServiceTokenOAuth2(string samlToken) {     var client = new OAuth2Client(_acsOAuth2Endpoint);     return client.RequestAccessTokenAssertion(         samlToken,         SecurityTokenTypes.Saml2TokenProfile11,         Constants.Realm).AccessToken; }   SWT Authentication When you have an identity provider that directly supports a (simple) web token, you can acquire the token directly without the conversion step. Thinktecture.IdentityServer e.g. supports the OAuth2 resource owner credential profile to issue SWT tokens. private static string GetIdentityToken() {     var client = new OAuth2Client(_oauth2Address);     var response = client.RequestAccessTokenUserName("bob", "abc!123", Constants.Realm);     return response.AccessToken; } private static Identity CallService(string swt) {     var client = new HttpClient { BaseAddress = _baseAddress };     client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", swt);     var response = client.GetAsync("identity").Result;     response.EnsureSuccessStatusCode();     return response.Content.ReadAsAsync<Identity>().Result; }   So you can see that it’s pretty straightforward to implement various authentication scenarios using WebAPI and my authentication library. Stay tuned for more client samples!

    Read the article

  • Sign on Experience with Office 365

    - by Sahil Malik
    SharePoint 2010 Training: more information Office 365 offers two types of identities: · Microsoft Online Services cloud IDs (Cloud Identity): This is the default identity Microsoft provides you, requires no additional setup, you sign up for Office 365 and you are provided a credential. You can sign in using forms based authentication, the password policy etc. for which is stored in the cloud with the Office 365 service. The advantage obviously is no additional setup headache. The disadvantage? Yet another password to remember, and no hope of authenticated single sign on integration using this cloud identity with other services at least in the current version. · Federated IDs (Federated Identity): In companies with on-premises Active Directory, users can sign into Office 365 services using their Active Directory credentials. The corporate Active Directory authenticates the users, and stores and controls the password policy. The advantage here is plenty of single sign on possibilities and better user experience. The downside, more Read full article ....

    Read the article

  • chromium-browser --proxy-server debugging

    - by user3678068
    Many places online have pointed out to configure chromium proxy via command can be achieve with the following line chromium-browser --proxy-server=[username]:[password]@[host]:[port] but I got this result on every request. Here's the output in the command line right after executing the previous command. (They do not appear to be relevant. There are no new command line output when I try to visit a page) libGL error: failed to authenticate magic 30 libGL error: failed to load driver: vboxvideo ATTENTION: default value of option force_s3tc_enable overridden by environment. [29551:29551:0606/160459:ERROR:sandbox_linux.cc(268)] InitializeSandbox() called with multiple threads in process gpu-process I have double checked that the proxy credential works with the foxyproxy chrome plugin. What else can I try to figure this out? [Edit] Going to chrome://net-internals/#proxy and reading "Effective proxy settings" if I do chromium-browser with no flags, I get Use DIRECT connections. Source: GSETTINGS if chromium-browser --proxy-server=[host]:[port], I get a message box requesting to login, and under "Effective proxy settings": Proxy server: [host]:[port] if chromium-browser --proxy-server=[user]:[pass]@[host]:[port], "Effective proxy settings" shows: Use DIRECT connections

    Read the article

  • Two Sun Certification Exams To Retire August 1, 2010

    - by Paul Sorensen
    Effective August 1, 2010, Exam CX-310-400 ("Sun Certified Integrator for Identity Manager 7.1"), currently part of the "Sun Certified Integrator for Identity Manager 7.1" certification track, will be retired. We will also retire Exam CX-310-502 ("Sun Certified Java CAPS Integrator"), currently within the "Sun Certified Java CAPS Integrator" certification track. Both exams will remain available for registration and testing at Prometric Testing Centers through July 31, 2010.CREDENTIAL VALIDITYPlease note that that these credentials remain valid indefinitely for those holding the certifications. These retirements therefore have no effect on those who complete the certification requirements before August 1, 2010.QUICK LINKSRetiring Exams:Exam CX-310-400 "Sun Certified Integrator for Identity Manager 7.1"Exam CX-310-502 "Sun Certified Java CAPS Integrator" Certification Tracks:Sun Certified Integrator for Identity Manager 7.1Sun Certified Java CAPS IntegratorLearn more: Oracle Certification Retirements

    Read the article

  • How should programmers handle identity theft?

    - by Craige
    I recently signed up for an iTunes account, and found that somebody had fraudulently used MY email to register their iTunes account. Why Apple did not validate the email address, I will never know. Now I am told that I cannot use my email address to register a new iTunes account, as this email address is linked to an existing account. This got me thinking, as developers, database administrators, technical analysts, and everything in between, how should we handle reports of a fraud account? Experience teaches us never to re-assign identifying credentials. This can break things and/or cause mass confusion, especially in the realm of the web. That is, if we are are needing to reassign an identifying user credential we can very likely break a users bookmark by making a page render data that previously did not exist at that location. So if we have been taught not to re-assign details like these, how should we handle such a case where an account is discovered to be a fraud and the owner of the identity (e-mail or user name) wishes to claim this detail for their account?

    Read the article

  • MVC & Windows Authentication

    - by TJ
    Changed the ValidateUser function  public bool ValidateUser(string userName, string password)         {             bool validation;             try             {                 LdapConnection ldc = new LdapConnection(new LdapDirectoryIdentifier((string)null, false, false));                 NetworkCredential nc = new NetworkCredential(userName, password, "domainname.com");                 ldc.Credential = nc;                 ldc.AuthType = AuthType.Negotiate;                 ldc.Bind(nc); // user has authenticated at this point, as the credentials were used to login to the dc.                  string myvar = ldc.SessionOptions.DomainName;                 validation = true;             }             catch (LdapException)             {                 validation = false;             }             return validation;         }

    Read the article

  • which service to use among Amazon's free tier for Java app

    - by vikas devde
    this is the first time I am going to host a java app, Amazon offers a free tier which provides free usage for one year, and I am going to use it. But there are so many services (S3, EC2, etc etc), I cant figure out which service is for web hosting, which service is for what use, their docs is so huge, I am confused, what to read. can anybody write some good points, about which service to use specifically for Java apps, how much I will be charged, and they ask for credit/debit card credential for signup, does it mean they will debit me even in the free period?

    Read the article

  • Product Support Webcast for Existing Customers: Security Scenarios with Oracle WebCenter Content

    - by John Klinke
    Learn how user authentication and authorization is now implemented in Oracle WebCenter Content by attending this 1-hour Advisor Webcast "Security Scenarios with WebCenter Content" on September 27, 2012 at 11:00am Eastern (16:00 UK / 17:00 CET / 8:00am Pacific / 9:00am Mountain) This 1-hour session is recommended for technical and functional users of Oracle WebCenter Content. In this session, we will explain how user authentication and authorization is implemented in WebCenter Content 11g as well as ways that single sign-on (SSO) can be used. Topics will include: - How authentication and authorization was handled in previous WebCenter Content Server versions - The WebLogic Server mechanisms now used to provide user access and content security - Dealing with external and internal users - Overview of the WebLogic Server LDAP provider configuration - How to differentiate Roles and Accounts - WebCenter Content credential mapping - Single Sign-on (SSO) - SAML and Kerberos Register now at http://bit.ly/PH7zDj

    Read the article

  • ICAM Webcast Replay and slides

    - by Darin Pendergraft
    On October 10, 2012 Derrick Harcey and I co-presented on how Oracle IDM helps customers address the guidelines of Identity Credential Access Management, from a Federal (FICAM) and a State (SICAM) perspective. If you missed the webcast, here is a link to the replay:  webcast replay link. Derrick did a nice job reviewing the various ICAM components and architectures, and then invited me to provide additional detail on the Oracle technology stack.  He then closed by mapping the ICAM architectures to various components of the Oracle IDM platform. Icam oracle-webcast-2012-10-10 from OracleIDM The next webcast in the Secure Government Training Series, Safeguarding Government Cyberspace will be held Wednesday, November 28th.

    Read the article

  • Data Source Security Part 5

    - by Steve Felts
    If you read through the first four parts of this series on data source security, you should be an expert on this focus area.  There is one more small topic to cover related to WebLogic Resource permissions.  After that comes the test, I mean example, to see with a real set of configuration parameters what the results are with some concrete values. WebLogic Resource Permissions All of the discussion so far has been about database credentials that are (eventually) used on the database side.  WLS has resource credentials to control what WLS users are allowed to access JDBC resources.  These can be defined on the Policies tab on the Security tab associated with the data source.  There are four permissions: “reserve” (get a new connection), “admin”, “shrink”, and reset (plus the all-inclusive “ALL”); we will focus on “reserve” here because we are talking about getting connections.  By default, JDBC resource permissions are completely open – anyone can do anything.  As soon as you add one policy for a permission, then all other users are restricted.  For example, if I add a policy so that “weblogic” can reserve a connection, then all other users will fail to reserve connections unless they are also explicitly added.  The validation is done for WLS user credentials only, not database user credentials.  Configuration of resources in general is described at “Create policies for resource instances” http://docs.oracle.com/cd/E24329_01/apirefs.1211/e24401/taskhelp/security/CreatePoliciesForResourceInstances.html.  This feature can be very useful to restrict what code and users can get to your database. There are the three use cases: API Use database credentials User for permission checking getConnection() True or false Current WLS user getConnection(user,password) False User/password from API getConnection(user,password) True Current WLS user If a simple getConnection() is used or database credentials are enabled, the current user that is authenticated to the WLS system is checked. If database credentials are not enabled, then the user and password on the API are used. Example The following is an actual example of the interactions between identity-based-connection-pooling-enabled, oracle-proxy-session, and use-database-credentials. On the database side, the following objects are configured.- Database users scott; jdbcqa; jdbcqa3- Permission for proxy: alter user jdbcqa3 grant connect through jdbcqa;- Permission for proxy: alter user jdbcqa grant connect through jdbcqa; The following WebLogic Data Source objects are configured.- Users weblogic, wluser- Credential mapping “weblogic” to “scott”- Credential mapping "wluser" to "jdbcqa3"- Data source descriptor configured with user “jdbcqa”- All tests are run with Set Client ID set to true (more about that below).- All tests are run with oracle-proxy-session set to false (more about that below). The test program:- Runs in servlet- Authenticates to WLS as user “weblogic” Use DB Credentials Identity based getConnection(scott,***) getConnection(weblogic,***) getConnection(jdbcqa3,***) getConnection()  true  true Identity scottClient weblogicProxy null weblogic fails - not a db user User jdbcqa3Client weblogicProxy null Default user jdbcqaClient weblogicProxy null  false  true scott fails - not a WLS user User scottClient scottProxy null jdbcqa3 fails - not a WLS user User scottClient scottProxy null  true  false Proxy for scott fails weblogic fails - not a db user User jdbcqa3Client weblogicProxy jdbcqa Default user jdbcqaClient weblogicProxy null  false  false scott fails - not a WLS user Default user jdbcqaClient scottProxy null jdbcqa3 fails - not a WLS user Default user jdbcqaClient scottProxy null If Set Client ID is set to false, all cases would have Client set to null. If this was not an Oracle thin driver, the one case with the non-null Proxy in the above table would throw an exception because proxy session is only supported, implicitly or explicitly, with the Oracle thin driver. When oracle-proxy-session is set to true, the only cases that will pass (with a proxy of "jdbcqa") are the following.1. Setting use-database-credentials to true and doing getConnection(jdbcqa3,…) or getConnection().2. Setting use-database-credentials to false and doing getConnection(wluser, …) or getConnection(). Summary There are many options to choose from for data source security.  Considerations include the number and volatility of WLS and Database users, the granularity of data access, the depth of the security identity (property on the connection or a real user), performance, coordination of various components in the software stack, and driver capabilities.  Now that you have the big picture (remember that table in part 1), you can make a more informed choice.

    Read the article

  • Cannot login via Unity login screen after upgrade to 12.04

    - by codesurgeon
    Logging in via the shell accessed through Ctrl+Alt-F1 and logging in as guest via the graphical user interface work 0O When I try to log into my standard user account via the graphical interface, the screen flashes to black for a couple of seconds and bumps me back to a pristine login screen. Entering a wrong password for my user account yields the standard error message - my user account and credential verification seem to be OK. I suppose that my individual graphics configuration causes problems ... I'm not sure how to reset that. I've tried stopping the UI via sudo service lightdm stop executed sudo nvidia-xconfig and restarted the UI sudo service lightdm start to no avail. My workstation has a Nvidia GeForce 560-448 graphics card. I've tried getting this fixed with the latest Nvidia 64-bit drivers (cURL'ed from the official website), that is 295.49 and the latest beta driver 302.07. Anybody have an idea how to get this fixed? Your help is appreciated :)

    Read the article

  • OPN Certification during Oracle PartnerNetwork Exchange at OpenWorld

    - by Harold Green
    Join Us and Earn Your OPN Certification during Oracle PartnerNetwork Exchange at OpenWorld San Francisco, October 1-4, 2012 As a benefit to partners attending this year's OPN Exchange event, the Oracle Partner Network is offering Certification testing free of charge* to over 100 exam titles.  Successful completion of these exams give you the credential of Certified Specialist and counts toward your company Specialization and upgrade within the OPN Program.  Exams are offered during 10 different sessions and spaces will fill up quickly.   All you need to do is register for OPN Exchange and then select your session using the schedule builder.  On the day of your exam, be sure to bring your OPN Company ID, and Oracle Testing ID (Pearson VUE account ID).  Study guides are available online in the links below. Don't miss this exclusive opportunity to become Oracle Certified this year at Oracle PartnerNetwork Exchange at OpenWorld 2012.  Event Link: http://www.oracle.com/opnexchange/learn/test-fest/index.html *Available exams: http://www.oracle.com/partners/en/most-popular-resources/oow-testfest-exams-1836714.html

    Read the article

  • Beta Opportunity Soon to Close on "Oracle Database 12c: Installation and Administration" (1Z0-062)

    - by Brandye Barrington
    This is your last opportunity to take the "Oracle Database 12c: Installation and Administration" (1Z1-062) beta exam at the greatly discounted rate of $50 USD, as well as be one of the first to hold this new OCA certification. Earning the Oracle Database 12c Administrator Certified Associate credential gives you the foundational knowledge and skills needed to administer the Oracle Database and sets the stage for your future progression to Oracle Database 12c Administrator Certified Professional.  You can get all preparation details, including exam objectives, number of questions, time allotments, and pricing on the Oracle Certification website. Visit pearsonvue.com/oracle and register for exam 1Z1-062. QUICK LINKS: Certification Track: Oracle Database 12c Administrator Certified Associate Certification Exam: "Oracle Database 12c: Installation and Administration" (1Z1-062) Recommended Training: Oracle Database 12c: Admin, Install and Upgrade Accelerated, Oracle Database 12c: Install and Upgrade Workshop, or Oracle Database 12c: Administration Workshop Certification Website: About Beta Exams Register Now: Pearson VUE

    Read the article

  • Data Source Security Part 1

    - by Steve Felts
    I’ve written a couple of articles on how to store data source security credentials using the Oracle wallet.  I plan to write a few articles on the various types of security available to WebLogic Server (WLS) data sources.  There are more options than you might think! There have been several enhancements in this area in WLS 10.3.6.  There are a couple of more enhancements planned for release WLS 12.1.2 that I will include here for completeness.  This isn’t intended as a teaser.  If you call your Oracle support person, you can get them now as minor patches to WLS 10.3.6.   The current security documentation is scattered in a few places, has a few incorrect statements, and is missing a few topics.  It also seems that the knowledge of how to apply some of these features isn’t written down.  The goal of these articles is to talk about WLS data source security in a unified way and to introduce some approaches to using the available features.  Introduction to WebLogic Data Source Security Options By default, you define a single database user and password for a data source.  You can store it in the data source descriptor or make use of the Oracle wallet.  This is a very simple and efficient approach to security.  All of the connections in the connection pool are owned by this user and there is no special processing when a connection is given out.  That is, it’s a homogeneous connection pool and any request can get any connection from a security perspective (there are other aspects like affinity).  Regardless of the end user of the application, all connections in the pool use the same security credentials to access the DBMS.   No additional information is needed when you get a connection because it’s all available from the data source descriptor (or wallet). java.sql.Connection conn =  mydatasource.getConnection(); Note: You can enter the password as a name-value pair in the Properties field (this not permitted for production environments) or you can enter it in the Password field of the data source descriptor. The value in the Password field overrides any password value defined in the Properties passed to the JDBC Driver when creating physical database connections. It is recommended that you use the Password attribute in place of the password property in the properties string because the Password value is encrypted in the configuration file (stored as the password-encrypted attribute in the jdbc-driver-params tag in the module file) and is hidden in the administration console.  The Properties and Password fields are located on the administration console Data Source creation wizard or Data Source Configuration tab. The JDBC API can also be used to programmatically specify a database user name and password as in the following.  java.sql.Connection conn = mydatasource.getConnection(“user”, “password”); According to the JDBC specification, it’s supposed to take a database user and associated password but different vendors implement this differently.  WLS, by default, treats this as an application server user and password.  The pair is authenticated to see if it’s a valid user and that user is used for WLS security permission checks.  By default, the user is then mapped to a database user and password using the data source credential mapper, so this API sort of follows the specification but database credentials are one-step removed from the application code.  More details and the rationale are described later. While the default approach is simple, it does mean that only one database user is doing all of the work.  You can’t figure out who actually did the update and you can’t restrict SQL operations by who is running the operation, at least at the database level.   Any type of per-user logic will need to be in the application code instead of having the database do it.  There are various WLS data source features that can be configured to provide some per-user information about the operations to the database. WebLogic Data Source Security Options This table describes the features available for WebLogic data sources to configure database security credentials and a brief description.  It also captures information about the compatibility of these features with one another. Feature Description Can be used with Can’t be used with User authentication (default) Default getConnection(user, password) behavior – validate the input and use the user/password in the descriptor. Set client identifier Proxy Session, Identity pooling, Use database credentials Use database credentials Instead of using the credential mapper, use the supplied user and password directly. Set client identifier, Proxy session, Identity pooling User authentication, Multi Data Source Set Client Identifier Set a client identifier property associated with the connection (Oracle and DB2 only). Everything Proxy Session Set a light-weight proxy user associated with the connection (Oracle-only). Set client identifier, Use database credentials Identity pooling, User authentication Identity pooling Heterogeneous pool of connections owned by specified users. Set client identifier, Use database credentials Proxy session, User authentication, Labeling, Multi-datasource, Active GridLink Note that all of these features are available with both XA and non-XA drivers. Currently, the Proxy Session and Use Database Credentials options are on the Oracle tab of the Data Source Configuration tab of the administration console (even though the Use Database Credentials feature is not just for Oracle databases – oops).  The rest of the features are on the Identity tab of the Data Source Configuration tab in the administration console (plan on seeing them all in one place in the future). The subsequent articles will describe these features in more detail.  Keep referring back to this table to see the big picture.

    Read the article

  • Software Architecture

    - by Roger
    I have a question about Software Architecture, anyone can help me or give me some hints currently, I have a J2EE project which deploys in a server, I should a Java Standard project(J2SE) should run 24 hours x 7 days to monitor something it could not run separately, because the Java Project shared the some same classes such as Java Bean classes with the J2EE project maybe my design is not correct, can anyone suggest me what should I do? Using SOA? is this correct? my current solution is run this java project using a bash, but I dont think it is then best idea. I list my class packages com.company.alteck com.company.altronics com.company.gamming com.company.jaycar com.company.jup com.company.rpg com.company.sansai com.company.wiretech com.company.yatsal com.ebay.api com.ebay.bean com.ebay.credential com.ozsstock.finals com.ozstock.adapter com.ozstock.aspectj com.ozstock.model com.ozstock.persistence com.ozstock.service com.ozstock.suppliers my structure likes this, all the packages contains "company" should run separately, but depends on the model bean class. can anyone give me some hints to redesign?

    Read the article

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >