Search Results

Search found 55010 results on 2201 pages for 'system security'.

Page 51/2201 | < Previous Page | 47 48 49 50 51 52 53 54 55 56 57 58  | Next Page >

  • Data Source Security Part 2

    - by Steve Felts
    In Part 1, I introduced the default security behavior and listed the various options available to change that behavior.  One of the key topics to understand is the difference between directly using database user and password values versus mapping from WLS user and password to the associated database values.   The direct use of database credentials is relatively new to WLS, based on customer feedback.  Some of the trade-offs are covered in this article. Credential Mapping vs. Database Credentials Each WLS data source has a credential map that is a mechanism used to map a key, in this case a WLS user, to security credentials (user and password).  By default, when a user and password are specified when getting a connection, they are treated as credentials for a WLS user, validated, and are converted to a database user and password using a credential map associated with the data source.  If a matching entry is not found in the credential map for the data source, then the user and password associated with the data source definition are used.  Because of this defaulting mechanism, you should be careful what permissions are granted to the default user.  Alternatively, you can define an invalid default user to ensure that no one can accidentally get through (in this case, you would need to set the initial capacity for the pool to zero so that the pool is populated only by valid users). To create an entry in the credential map: 1) First create a WLS user.  In the administration console, go to Security realms, select your realm (e.g., myrealm), select Users, and select New.  2) Second, create the mapping.  In the administration console, go to Services, select Data sources, select your data source name, select Security, select Credentials, and select New.  See http://docs.oracle.com/cd/E24329_01/apirefs.1211/e24401/taskhelp/jdbc/jdbc_datasources/ConfigureCredentialMappingForADataSource.html for more information. The advantages of using the credential mapping are that: 1) You don’t hard-code the database user/password into a program or need to prompt for it in addition to the WLS user/password and 2) It provides a layer of abstraction between WLS security and database settings such that many WLS identities can be mapped to a smaller set of DB identities, thereby only requiring middle-tier configuration updates when WLS users are added/removed. You can cut down the number of users that have access to a data source to reduce the user maintenance overhead.  For example, suppose that a servlet has the one pre-defined, special WLS user/password for data source access, hard-wired in its code in a getConnection(user, password) call.  Every WebLogic user can reap the specific DBMS access coded into the servlet, but none has to have general access to the data source.  For instance, there may be a ‘Sales’ DBMS which needs to be protected from unauthorized eyes, but it contains some day-to-day data that everyone needs. The Sales data source is configured with restricted access and a servlet is built that hard-wires the specific data source access credentials in its connection request.  It uses that connection to deliver only the generally needed day-to-day information to any caller. The servlet cannot reveal any other data, and no WebLogic user can get any other access to the data source.  This is the approach that many large applications take and is the reasoning behind the default mapping behavior in WLS. The disadvantages of using the credential map are that: 1) It is difficult to manage (create, update, delete) with a large number of users; it is possible to use WLST scripts or a custom JMX client utility to manage credential map entries. 2) You can’t share a credential map between data sources so they must be duplicated. Some applications prefer not to use the credential map.  Instead, the credentials passed to getConnection(user, password) should be treated as database credentials and used to authenticate with the database for the connection, avoiding going through the credential map.  This is enabled by setting the “use-database-credentials” to true.  See http://docs.oracle.com/cd/E24329_01/apirefs.1211/e24401/taskhelp/jdbc/jdbc_datasources/ConfigureOracleParameters.html "Configure Oracle parameters" in Oracle WebLogic Server Administration Console Help. Use Database Credentials is not currently supported for Multi Data Source configurations.  When enabled, it turns off credential mapping on Generic and Active GridLink data sources for the following attributes: 1. identity-based-connection-pooling-enabled (this interaction is available by patch in 10.3.6.0). 2. oracle-proxy-session (this interaction is first available in 10.3.6.0). 3. set client identifier (this interaction is available by patch in 10.3.6.0).  Note that in the data source schema, the set client identifier feature is poorly named “credential-mapping-enabled”.  The documentation and the console refer to it as Set Client Identifier. To review the behavior of credential mapping and using database credentials: - If using the credential map, there needs to be a mapping for each WLS user to database user for those users that will have access to the database; otherwise the default user for the data source will be used.  If you always specify a user/password when getting a connection, you only need credential map entries for those specific users. - If using database credentials without specifying a user/password, the default user and password in the data source descriptor are always used.  If you specify a user/password when getting a connection, that user will be used for the credentials.  WLS users are not involved at all in the data source connection process.

    Read the article

  • Which is more secure GET or POST sending parameters with cURL at PHP

    - by Steve
    I want to connect in a secure way with an API and I am using cURL to do it using HTTPS and SSL. Now, i was wondering what is better in terms of security, sending the data through GET or POST: $ch = curl_init("http://api.website.com/connect.php?user=xxx&pass=xxxx); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); $result = curl_exec($ch); curl_close($ch); Or $param['user'] = 'xxxx'; $param['pass'] = 'xxxx'; $ch = curl_init("http://api.website.com/connect.php); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $Parameters); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); $result = curl_exec($ch); curl_close($ch); I also realized that POST is much more slower retrieving the data.

    Read the article

  • Why does System.Web.Hosting.ApplicationHost.CreateApplicationHost throw System.IO.FileNotFoundExcept

    - by Scott Langham
    I saw something about needing to have the assembly available for the type of the first argument passed to the function. I think it is, I can't figure out what am I missing. This code is in a service. I was running the service under the 'NETWORK SERVICES' user account, when I changed the account to that of the session I was logged on with it worked ok. But, what's the difference, and how can I get it to work for the NETWORK SERVICES user.

    Read the article

  • Roadblocks in creating a custom operating system

    - by Dinah
    It seems to me that the most common overly ambitious project that programmers (esp. Comp. Sci. grads) try to tackle is building your own operating system. (Trying to create your own programming language + compiler is probably even more common but not nearly as ambitious.) For those (like myself) foolish enough to try: aside from the sheer size, what are the biggest *gotcha*s or unexpected roadblocks you've encountered in trying to create your own OS from the ground up? Edit: A great OS question: http://stackoverflow.com/questions/43180/how-to-get-started-in-operating-system-development/

    Read the article

  • How can I edit local security policy from a batch file?

    - by Stephen Jennings
    I am trying to write a utility as a batch file that, among other things, adds a user to the "Deny logon locally" local security policy. This batch file will be used on hundreds of independent computers (not on a domain and aren't even on the same network). I assumed one of the following were my options, but perhaps there's one I haven't thought of. A command line utility similar to net.exe which can modify local security policy. A VBScript sample to do the same. Write my own using some WMI or Win32 calls. I'd rather not do this one if I don't have to.

    Read the article

  • Where did System.Design go?

    - by Nilbert
    I am making a C# project in which I am using ScintillaNet, and it says: The referenced assembly "ScintillaNet" could not be resolved because it has a dependency on "System.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" which is not in the currently targeted framework ".NETFramework,Version=v4.0,Profile=Client". Please remove references to assemblies not in the targeted framework or consider retargeting your project. I tried adding a reference to System.Design, but it doesn't exist in my list. Do I need to download it somewhere? I have MS Visual Studio 10.

    Read the article

  • ASP.NET FormView: "Object of type 'System.Int32' cannot be converted to type 'System.String"

    - by Vinzcent
    Hey I have a problem with my FromView. I would like to show some data from a Database Table in my FormView. But some data is from the tupe Int32, while this data should be in a TextBox, a string. How do you convert these Int32's. FormView and my ObjectDataSource <asp:FormView ID="fvDetailOrder" runat="server"> <ItemTemplate> Aantal:<br /> <asp:Label CssClass="txtBox" ID="Label15" runat="server" Text='<%# Eval("COUNT") %>' /><br /> Prijs:<br /> <asp:Label CssClass="txtBox" ID="Label16" runat="server" Text='<%# Eval("PRICE") %>' /><br /> Korting:<br /> <asp:Label CssClass="txtBox" ID="Label17" runat="server" Text='' /><br /> Totaal:<br /> <asp:Label CssClass="txtBox" ID="Label18" runat="server" Text='<%# Eval("AMOUNT") %>' /><br /> Betaald:<br /> <asp:Label CssClass="txtBox" ID="Label19" runat="server" Text='<%# Eval("PAID") %>' /><br /> Datum betaling:<br /> <asp:Label CssClass="txtBox" ID="Label20" runat="server" Text='<%# Eval("PDATE") %>' /><br /> </ItemTemplate> </asp:FormView> <asp:ObjectDataSource ID="objdsOrderID" runat="server" OnSelecting="objdsOrderID_Selecting" SelectMethod="getOrdersByID" TypeName="DAL.OrdersDAL"> <SelectParameters> <asp:Parameter Name="id" Type="Int32" /> </SelectParameters> </asp:ObjectDataSource> My Code behind protected void gvOrdersAdmin_SelectedIndexChanged(object sender, EventArgs e) { fvDetailOrder.DataSource = objdsOrderID; fvDetailOrder.DataBind(); // <-- HERE I GET THE ERROR } protected void objdsOrderID_Selecting(object sender, ObjectDataSourceSelectingEventArgs e) { e.InputParameters["id"] = gvOrdersAdmin.DataKeys[gvOrdersAdmin.SelectedRow.RowIndex].Values[0]; ; } My Data Acces Layer public static DataTable getOrdersByID(string id) { string sql = "SELECT 'AUTHOR' = tblAuthors.FIRSTNAME + ' ' + tblAuthors.LASTNAME, tblBooks.*, tblGenres.*, tblLanguages.*, tblOrders.* FROM tblAuthors INNER JOIN tblBooks ON tblAuthors.AUTHOR_ID = tblBooks.AUTHOR_ID INNER JOIN tblGenres ON tblBooks.GENRE_ID = tblGenres.GENRE_ID INNER JOIN tblLanguages ON tblBooks.LANG_ID = tblLanguages.LANG_ID INNER JOIN tblOrders ON tblBooks.BOOK_ID = tblOrders.BOOK_ID" + " WHERE tblOrders.ID = @id;"; SqlDataAdapter da = new SqlDataAdapter(sql, GetConnectionString()); da.SelectCommand.Parameters["id"].Value = id; DataSet ds = new DataSet(); da.Fill(ds, "Orders"); return ds.Tables["Orders"]; } Thanks a lot, Vincent

    Read the article

  • How to make security group in one forest show up in another forest?

    - by Jake
    I have two Win2k8 forests which I do maintenance on. The two forests have full 2 way external, non transitive trust with each other. I have a folder in forest X, domain countryX.mycompany.com accessible ONLY by the global security group named $group. In forest Y, domain countryY.mycompany.com, countryY\user1, countryY\user2 etc needs to have access to the folder. The natural instinct is to put user1, user2 etc into the $group. However, none of the methods for adding user to group works as it appears that the AD cannot find the groups in the other forest. Question: 1.How to make forests see each other's security groups and be able to add? 2.In practice, what is the recommended way to achieve the user access to the folders/files in another forest?

    Read the article

  • What resources are best for staying current about information security?

    - by dr.pooter
    What types of sites do you visit, on a regular basis, to stay current on information security issues? Some examples from my list include: http://isc.sans.org/ http://www.kaspersky.com/viruswatch3 http://www.schneier.com/blog/ http://blog.fireeye.com/research/ As well as following the security heavyweights on twitter. I'm curious to hear what resources you recommend for daily monitoring. Anything specific to particular operating systems or other software. Are mailing lists still considered valuable. My goal would be to trim the cruft of all the things I'm currently subscribed to and focus on the essentials.

    Read the article

  • Login and Register System

    - by Darknight
    I'm darknight. My email is : [email protected] I'm creating a website and now I want to add login and register system. But i don't know how to use .sql and .php . I have downloaded some login and register system code. But their format is .sql and .php And they say to add the files to database.... How can i do that? What is database? I'm using weebly.com to create websites. If anyone can give me the right answer to [email protected] I will reward him/her.

    Read the article

  • How can I throttle user login attempts in PHP

    - by jasondavis
    I was just reading this post http://stackoverflow.com/questions/549/the-definitive-guide-to-website-authentication-beta#477585 on Preventing Rapid-Fire Login Attempts. Best practice #1: A short time delay that increases with the number of failed attempts, like: 1 failed attempt = no delay 2 failed attempts = 2 sec delay 3 failed attempts = 4 sec delay 4 failed attempts = 8 sec delay 5 failed attempts = 16 sec delay etc. DoS attacking this scheme would be very impractical, but on the other hand, potentially devastating, since the delay increases exponentially. I am curious how I could implement something like this for my login system in PHP?

    Read the article

  • Doubts in System call mechanism in linux

    - by bala1486
    We transit from ring3 to ring0 using 'int' or the new 'syscall/sysenter' instruction. Does that mean that the page tables and other stuffs that needs to be modified for the kernel is automatically done by the 'int' instruction or the interrupt handler for the 'int 0x80' will do the required stuff and jump to the respective system call. Also when returning from a system call, we again need to go to user space. For this we need to know the instruction address in the user space to continue the user application. Where is that address stored. Does the 'ret' instruction automatically changes the ring from ring3 to ring0 or where/how this ring changing mechanism takes place? Then, i read that changing from ring3 to ring0 is not as costly as changing from ring0 to ring3. Why is this so?? Thanks, Bala

    Read the article

  • Measuring execution time of a system call in C++

    - by jm1234567890
    I have found some code on measuring execution time here http://www.dreamincode.net/forums/index.php?showtopic=24685 However, it does not seem to work for system calls. I imagine this is because the execution jumps out of the current process. clock_t begin=clock(); system(something); clock_t end=clock(); cout<<"Execution time: "<<diffclock(end,begin)<<" s."<<endl; Then double diffclock(clock_t clock1,clock_t clock2) { double diffticks=clock1-clock2; double diffms=(diffticks)/(CLOCKS_PER_SEC); return diffms; } However this always returns 0 seconds... Is there another method that will work? Also, this is in Linux. Thanks!

    Read the article

  • Call iconv from Ruby through system()

    - by Sebastian
    I have a problem with iconv tool. I try to call it from rake file in that way: Dir.glob("*.txt") do |file| system("iconv -f UTF-8 -t 'ASCII//TRANSLIT' #{ file } >> ascii_#{ file }") end But one file is converted partly (size of partialy converted: 10059092 bytes, before convertion: 10081854). Comparing this two files prove that not all content was writen to ASCII. When I call this command explicit from shell it works perfectly. Other smaller files are converted without problems. Is there any limitations on iconv or Ruby's system()?

    Read the article

  • PHP exec() and system() functions always return false in IIS

    - by Loftx
    Hi there, I'm trying to use the PHP exec() or system() (or any other similar function) to run a batch file, but I can't seem to get these to return anything. The simplest example I've seen is this, which outputs nothing: <?php echo system('dir'); ?> The script is running on a windows XP machine on IIS with PHP installed and I've also tried it on my shared hosting account running windows 2003 server/IIS. Can anyone suggest what I need to do to get this working, or provide any commands I can use for troubleshooting? Cheers, Tom

    Read the article

  • what are security implications of running Ubuntu inside Windows 7?

    - by EndangeringSpecies
    I am thinking of switching to Ubuntu as a way of making web browsing more secure. So, suppose I will go the easy route and run Ubuntu as an app inside Windows and then run Firefox inside of that. What will this do to the security given the current threat environment? E.g. do most online threats nowadays target the browser and flash (which presumably would be safely sandboxed inside easy to wipe Ubuntu environment) or do they target the Windows TCP-IP stack where Ubuntu would give no protection? Well, most likely the above question does not come near to covering all the security implications of this setup :-), so please do discuss whatever other issues that may be relevant here.

    Read the article

  • Is WEP used in conjunction with a wireless access list adequate security?

    - by LeopardSkinPillBoxHat
    I use a Netgear wireless router, with various wireless devices connecting to it. One of my wireless devices doesn't support WPA2 security, so I had to downgrade the security on the router to WEP. We all know WEP is broken, so as an added measure I enabled a wireless access list on the router so that only devices with specified MAC addresses which are in my access list are permitted to connect to the router. I know it is possible to spoof a MAC address from a device for the purposes of accessing a secure network like this. But is it easy? Is using WEP and a wireless access list good enough to prevent most hacking attacks? Or should I do whatever I can to ensure all devices support WPA2 in the future?

    Read the article

  • How to detect pending system shutdown on Linux?

    - by Rajorshi
    Hi, I am working on an app where I need to detect system shutdown. However, I have not found any reliable way get a notification on this event. I know that on shutdown, my app will receive a SIGTERM signal followed by a SIGKILL. What I want to know is if there is someway to query if a SIGTERM is part of a shutdown sequence? Does any one know if there is a way to query that programmatically (C API)? As far as I know, the system does not provide any other method to query for an impending shutdowm. If it does, that would solve my problem as well. I have been trying out runlevels as well, but change in runlevels seem to be instantaneous and without any prior warnings.

    Read the article

  • Issuing native system commands in Scala

    - by Tony
    I want to issue a native system command from a Scala program, and perhaps trap the output. ("ls" comes to mind. There may be other ways to get directory information without issuing the command, but that's beside the point of my question.) It would correspond to os.system(...) in Python. I've looked in "Programming in Scala". I've looked in O'Reilly's "Programming Scala". I've Googled several combinations of terms. No luck yet. Can someone out there give me an example, or point me at a resource where I can find an example?

    Read the article

  • HOW TO understand the programmming of operation system..!!!

    - by piemesons
    Hello, I want to learn the operating system. How it works. I dont want to make my own operating system. I just want to learn how it works. As i can find out source code of any open source OS. But how to start. Like stating from the first elementary kernal(what ever it is). Some body suggested me try to implement linux from scratch.etc etc.Please guide me in a proper way. i want to know about the proper path to follow. I am ready to invest three four years just to understand the basics. I am having good fundamentals of c c++,php, Oops, compiler design

    Read the article

  • Killing a script launched in a Process via os.system()

    - by L.J.
    I have a python script which launches several processes. Each process basically just calls a shell script: from multiprocessing import Process import os import logging def thread_method(n = 4): global logger command = "~/Scripts/run.sh " + str(n) + " >> /var/log/mylog.log" if (debug): logger.debug(command) os.system(command) I launch several of these threads, which are meant to run in the background. I want to have a timeout on these threads, such that if it exceeds the timeout, they are killed: t = [] for x in range(10): try: t.append(Process(target=thread_method, args=(x,) ) ) t[-1].start() except Exception as e: logger.error("Error: unable to start thread") logger.error("Error message: " + str(e)) logger.info("Waiting up to 60 seconds to allow threads to finish") t[0].join(60) for n in range(len(t)): if t[n].is_alive(): logger.info(str(n) + " is still alive after 60 seconds, forcibly terminating") t[n].terminate() The problem is that calling terminate() on the process threads isn't killing the launched run.sh script - it continues running in the background until I either force kill it from the command line, or it finishes internally. Is there a way to have terminate also kill the subshell created by os.system()?

    Read the article

  • System.Net.WebClient Class in .Net CompactFramework 3.5 ?

    - by Leen15
    Hi at all! I need to comunicate with a Server that give me async answers (streamer connection). I find this: http://msdn.microsoft.com/en-en/library/ms144211%28v=VS.80%29.aspx that generate this event: http://msdn.microsoft.com/en-en/library/system.net.webclient.openreadcompleted%28v=VS.80%29.aspx I think this is what i need, but i don't have the WebClient class in my System.Net of CompactFramework 3.5. How can i do? Thanks. EDIT: I've done a more clear question: httpRequest, httpResponse, send GET through Stream and Receive the Result in C#

    Read the article

  • pthreads recursively calling system command and segfault appears

    - by jess
    I have a code base where i am creating 8 threads and each thread just calls system command to display date in a continuous cycle, as shown below: void * system_thread(void *arg) { int cpu = (int)arg; printf("thread : start %d\n", cpu); for (;;) { // date ã³ãã³ãã®å®è¡ if (mode == 0) { system("date"); } else { f_hfp_nlc_Fsystem("date"); } } sleep(timerval); return NULL; } This application segfaults after running for 2-3 seconds, due to following 2 reasons: 1. read access, where the address is out of VM area 2. write acces, where it does not of write permission and its trying to modify some structure.

    Read the article

< Previous Page | 47 48 49 50 51 52 53 54 55 56 57 58  | Next Page >