Search Results

Search found 13196 results on 528 pages for 'security audit'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 50/528 | < Previous Page | 46 47 48 49 50 51 52 53 54 55 56 57  | Next Page >

  • Microsoft Warns of SharePoint Security Flaw

    Microsoft issued a security advisory on Thursday for a vulnerability in two SharePoint products....Did you know that DotNetSlackers also publishes .net articles written by top known .net Authors? We already have over 80 articles in several categories including Silverlight. Take a look: here.

    Read the article

  • log in to web-app through less secure website [on hold]

    - by martijnve
    We are worried about the security of our website containing the login-button to our saas-application. Security measures put in place for our application won't do us much good if the website is hacked. The login button could be redirected to some malicious copy of our app. The product website is maintained by people outside the dev team. Those people are not too knowledgable concerning security. We (dev-team) could mantain the website ourselves but that would be a large burden on our small team. How is this usually handled?

    Read the article

  • Google Chrome audit on caching

    - by Álvaro G. Vicario
    If I run an audit on my sites with Google Chrome, I get this message in the Leverage browser caching section: The following resources are missing a cache expiration. Resources that do not specify an expiration may not be cached by browsers: A list of all the pictures follows. I get a similar notice in Leverage proxy caching: Consider adding a "Cache-Control: public" header to the following resources: Apart from pictures, I also get a notice about HTML, CSS and JavaScript files: The following resources are explicitly non-cacheable. Consider making them cacheable if possible: Its funny because I've worked hard to cache all static contents (except for pictures, where I just left Apache's default settings). Firefox does indeed store all these items in cache. Is there anything I should improve in my HTTP headers? Here's the complete header set of some items as loaded after removing the browser caché. Pictures use default settings I didn't really check before, the rest should be cachéd for three hours. I can set headers with both .htaccess and PHP. PNG HTTP/1.1 200 OK Date: Sat, 31 Jul 2010 12:46:14 GMT Server: Apache Last-Modified: Thu, 18 Mar 2010 21:40:54 GMT Etag: "c48024-230-4821a15d6c580" Accept-Ranges: bytes Content-Length: 560 Keep-Alive: timeout=4 Connection: Keep-Alive Content-Type: image/png HTML HTTP/1.1 200 OK Date: Sat, 31 Jul 2010 12:46:13 GMT Server: Apache X-Powered-By: PHP/5.2.11 Expires: Sat, 31 Jul 2010 15:46:13 GMT Cache-Control: max-age=10800, s-maxage=10800, must-revalidate, proxy-revalidate Content-Encoding: gzip Vary: Accept-Encoding Last-Modified: Wed, 24 Mar 2010 20:30:36 GMT Keep-Alive: timeout=4 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: text/html; charset=ISO-8859-15 CSS HTTP/1.1 200 OK Date: Sat, 31 Jul 2010 12:48:21 GMT Server: Apache X-Powered-By: PHP/5.2.11 Expires: Sat, 31 Jul 2010 15:48:21 GMT Cache-Control: max-age=10800, s-maxage=10800, must-revalidate, proxy-revalidate Content-Encoding: gzip Vary: Accept-Encoding Last-Modified: Thu, 18 Mar 2010 21:40:12 GMT Keep-Alive: timeout=4 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: text/css JavaScript HTTP/1.1 200 OK Date: Sat, 31 Jul 2010 12:48:21 GMT Server: Apache X-Powered-By: PHP/5.2.11 Expires: Sat, 31 Jul 2010 15:48:21 GMT Cache-Control: max-age=10800, s-maxage=10800, must-revalidate, proxy-revalidate Content-Encoding: gzip Vary: Accept-Encoding Last-Modified: Thu, 18 Mar 2010 21:40:12 GMT Keep-Alive: timeout=4 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: application/x-javascript Update I've tested Jumby's suggestion and set my CSS's expire to 1 year: Cache-Control:max-age=31536000, s-maxage=31536000, must-revalidate, proxy-revalidate Connection:Keep-Alive Content-Encoding:gzip Content-Length:4198 Content-Type:text/css Date:Mon, 02 Aug 2010 20:48:56 GMT Expires:Tue, 02 Aug 2011 20:48:56 GMT Keep-Alive:timeout=5, max=99 Last-Modified:Thu, 18 Mar 2010 20:40:12 GMT Server:Apache/2.2.14 (Win32) PHP/5.3.1 Vary:Accept-Encoding X-Powered-By:PHP/5.3.1 However, Chrome still claims "explicitly non-cacheable".

    Read the article

  • Trying to get WCF client to work with wss 1.0 username token security

    - by darius murauskas
    I am trying to use a WCF client to call a third party web service. The web Service usses username token authentication WSS-Security 1.0 Soap Message Security Here is a sample soap authentication header for what the web service expects <soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Header> <wsse:Security soap:mustUnderstand="1"> <wsse:UsernameToken namespaces> <wsse:Username>username</wsse:Username> <wsse:Password Type="type info">password</wsse:Password> <wsse:Nonce>nonce</wsse:Nonce> <wsu:Created>date created</wsu:Created> </wsse:UsernameToken> <wsse:Security> </soap:Header> <soap:Body> <WebServiceMethodName xmlns="Web Service Namespace" /> I configured the client to the following way <basicHttpBinding> <binding name="Binding1"> <security mode="TransportWithMessageCredential"> <transport clientCredentialType="Basic"/> </security> </basicHttpBinding> but recieved an error that stating that the nonce and datecreated attributes were missing in the header. Does anyone know how to configure a WCF client to work with WSS-Security 1.0 Soap Message Security username token authentication?

    Read the article

  • What development technologies or technology stack is typically used in the security industry?

    - by vfilby
    In this case security means building security (access control, alarm systems, etc). And I am not talking about working directly with the hardware, more focused on web based applications/api's that clients or companies can use? Are there technologies that are commonly used? Are there technologies that shouldn't be used? Are there any real benefits to a linux based stack as opposed to a windows based stack for exposing web based applications?

    Read the article

  • What is the correct way to configure a spring TextEncryptor for use on Heroku

    - by Ollie Edwards
    I have a spring TextEncryptor defined like this <bean id="textEncryptor" class="org.springframework.security.crypto.encrypt.Encryptors" factory-method="text"> <constructor-arg value="${security.encryptPassword}" /> <constructor-arg value="${security.encryptSalt}" /> </bean> Which is fed these properties security.encryptPassword=47582920264f212c566d5e5a6d security.encryptSalt=39783e315e6a207e733d6f4141 Which works fine on my local environment. When I deploy to Heroku I get java.lang.IllegalArgumentException: Unable to initialize due to invalid secret key at org.springframework.security.crypto.encrypt.CipherUtils.initCipher(CipherUtils.java:110) at org.springframework.security.crypto.encrypt.AesBytesEncryptor.encrypt(AesBytesEncryptor.java:65) at org.springframework.security.crypto.encrypt.HexEncodingTextEncryptor.encrypt(HexEncodingTextEncryptor.java:36) ... Caused by: java.security.InvalidKeyException: Illegal key size at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:972) at javax.crypto.Cipher.implInit(Cipher.java:738) at javax.crypto.Cipher.chooseProvider(Cipher.java:797) at javax.crypto.Cipher.init(Cipher.java:1276) at javax.crypto.Cipher.init(Cipher.java:1215) at org.springframework.security.crypto.encrypt.CipherUtils.initCipher(CipherUtils.java:105) ... 53 more So I tried some smaller keys but I always get the same problem. What is the correct key size to use on Heroku?

    Read the article

  • Help Auditing in Oracle

    - by enrique
    Hello everybody I need some help in auditing in Oracle. We have a database with many tables and we want to be able to audit every change made to any table in any field. So the things we want to have in this audit are: user who modified time of change occurred old value and new value so we started creating the trigger which was supposed to perform the audit for any table but then had issues... As I mentioned before we have so many tables and we cannot go creating a trigger per each table. So the idea is creating a master trigger that can behaves dynamically for any table that fires the trigger. I was trying to do it but no lucky at all....it seems that Oracle restricts the trigger environment just for a table which is declared by code and not dynamically like we want to do. Do you have any idea on how to do this or any other advice for solving this issue? thanks in advance.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 46 47 48 49 50 51 52 53 54 55 56 57  | Next Page >