Search Results

Search found 21719 results on 869 pages for 'password security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 523/869 | < Previous Page | 519 520 521 522 523 524 525 526 527 528 529 530  | Next Page >

  • Cisco pix command - whats this command mean?

    - by jason clark
    Hi, Anyone know what the following means? I have these two lines in our cisco PIX configuration file but have no references to these IP's anywhere else in the config and cant find a device on the network with them. global (inet) 10 213.228.xxx.xx global (inet) 20 213.228.xxx.xx thanks, Jason (BTW: I've xxx'ed out the remainder of the ip for security :-0 )

    Read the article

  • Aspect oriented Programming?

    - by Jaswant Agarwal
    How can we apply attributes to class fucntion using AOP in C#? UPDATE: I am slightly not clear in what context AOP should be used? As we can use AOP for logging purpose, security(Authentication), please suggest some other scenarios where we can take benefit of AOP Is AOP can be use to share data among different running threads in application process?

    Read the article

  • HTTP basic authentication via URL doesn't work with Firefox?

    - by Peter
    Normally you can login to sites that require HTTP basic authentication by passing the username and password in the URL, e.g.: http://myusername:[email protected]/mypath On my Linux machine, I could access this website without problems with my Konqueror browser as well as with my Opera browser. But with Firefox it doesn't work? It always displays the "Authentication Required" dialog window? Any ideas why it would work with the other browsers but not with Firefox? Peter

    Read the article

  • WCF Service Issue

    - by Om
    Hi, I am facing issue of the WCF Services on staging server. The same service is running perfectly in my local pc. But when i configured the same on staging server it is giving issue saying that: "The communication object, System.ServiceModel.Channels.ServiceChannel, cannot be used for communication, because it is in Faulted state." Is it related to security or anything else? How can i fix the issue? Regards, Om

    Read the article

  • CakePHP Test Fixtures Drop My Tables Permanently After Running A Test Case

    - by Frank
    I'm not sure what I've done wrong in my CakePHP unit test configuration. Every time I run a test case, the model tables associated with my fixtures are missing form my test database. After running an individual test case I have to re-import my database tables using phpMyAdmin. Here are the relevant files: This is the class I'm trying to test comment.php. This table is dropped after the test. App::import('Sanitize'); class Comment extends AppModel{ public $name = 'Comment'; public $actsAs = array('Tree'); public $belongsTo = array('User' => array('fields'=>array('id', 'username'))); public $validate = array( 'text' = array( 'rule' =array('between', 1, 4000), 'required' ='true', 'allowEmpty'='false', 'message' = "You can't leave your comment text empty!") ); database.php class DATABASE_CONFIG { var $default = array( 'driver' = 'mysql', 'persistent' = false, 'host' = 'project.db', 'login' = 'projectman', 'password' = 'projectpassword', 'database' = 'projectdb', 'prefix' = '' ); var $test = array( 'driver' = 'mysql', 'persistent' = false, 'host' = 'project.db', 'login' = 'projectman', 'password' = 'projectpassword', 'database' = 'testprojectdb', 'prefix' = '' ); } My comment.test.php file. This is the table that keeps getting dropped. <?php App::import('Model', 'Comment'); class CommentTestCase extends CakeTestCase { public $fixtures = array('app.comment', 'app.user'); function start(){ $this-Comment =& ClassRegistry::init('Comment'); $this-Comment-useDbConfig = 'test_suite'; } This is my comment_fixture.php class: <?php class CommentFixture extends CakeTestFixture { var $name = "Comment"; var $import = 'Comment'; } And just in case, here is a typical test method in the CommentTestCase class function testMsgNotificationUserComment(){ $user_id = '1'; $submission_id = '1'; $parent_id = $this-Comment-commentOnModel('Submission', $submission_id, '0', $user_id, "Says: A"); $other_user_id = '2'; $msg_id = $this-Comment-commentOnModel('Submission', $submission_id, $parent_id, $other_user_id, "Says: B"); $expected = array(array('Comment'=array('id'=$msg_id, 'text'="Says: B", 'submission_id'=$submission_id, 'topic_id'='0', 'ack'='0'))); $result = $this-Comment-getMessages($user_id); $this-assertEqual($result, $expected); } I've been dealing with this for a day now and I'm starting to be put off by CakePHP's unit testing. In addition to this issue -- Servral times now I've had data inserted into by 'default' database configuration after running tests! What's going on with my configuration?!

    Read the article

  • Should you do validation checks that go outside the possiblility of normal user activity?

    - by Scarface
    Hey guys I have been thinking about form security a lot lately. I have been told time and time again to check if form input is a number if you are expecting a number or escape it in case (unless you use proper mysqli formatting) to avoid injection. 1.After the safety checks are done, should I do additional logic checks? For example, if the user is sending a friend request to them-self for example even if my user interface will not show the form if the user is looking at their own page.

    Read the article

  • Best practices to store CreditCard information into DataBase

    - by Garis Suero
    In my country the online payments are not an old thing, the first time i saw a web application taking payments directly to a local bank account was last year. So, Im a newbie coding web payment system. My question is, what are the best practices to store creditcard information into the database... I have many ideas: encrypting the creditcard, database security restriction, etc. What have you done?

    Read the article

  • ChangePassword control without provider

    - by EugeneK
    Hello, Is there a way to make ChangePassword control work without Membership provider? Like the same way Login control works through an Authenticate event, could I make this component to use my password changing function and then showing success view without me writing custom provider? Thanks, Eugene.

    Read the article

  • OLEDB connection to Access database using DSN

    - by somu
    i want oledb connection using Dsn. I used the following code 'Dsn Create dbRegBase.RegisterDatabase("GEMINI", "Microsoft Access Driver (*.mdb)", True,DBQ=D:\Gemini\GEMINI\database\paints_01_2008-2009.mdb Description=Greenchip Technologies ODBC Database File Path OemToAnsi=No UID=admin PWD=XXXXXX conection code Provider=Microsoft.Jet.OLEDB.4.0;DBQ ='GEMINI';Persist Security Info=False;Jet OleDB:Database Password = XXXXXX But Error come error name is "Could not find installable ISAM" what i do . please tell me.

    Read the article

  • Access to Windows 7 log from a remote machine [closed]

    - by robob
    I'm trying to access with EventViewer (from a Windows XP Prof) to a remote machine with Windows 7 (Seven). Before I started the Service "RemoteRegistry" I received an "Access Denied". After started the service I can connet to the machine Log (in EventViewer app) but when i clik on any log as "Application" or "Security" I receive a "privilege" error. Could someone help me, please?

    Read the article

  • MVC 2 AntiForgeryToken - Why symmetric encryption + IPrinciple?

    - by Brad R
    We recently updated our solution to MVC 2, and this has updated the way that the AntiForgeryToken works. Unfortunately this does not fit with our AJAX framework any more. The problem is that MVC 2 now uses symmetric encryption to encode some properties about the user, including the user's Name property (from IPrincipal). We are able to securely register a new user using AJAX, after which subsequent AJAX calls will be invalid as the anti forgery token will change when the user has been granted a new principal. There are also other cases when this may happen, such as a user updating their name etc. My main question is why does MVC 2 even bother using symmetric encryption? Any then why does it care about the user name property on the principal? If my understanding is correct then any random shared secret will do. The basic principle is that the user will be sent a cookie with some specific data (HttpOnly!). This cookie is then required to match a form variable sent back with each request that may have side effects (POST's usually). Since this is only meant to protect from cross site attacks it is easy to craft up a response that would easily pass the test, but only if you had full access to the cookie. Since a cross site attacker is not going to have access to your user cookies you are protected. By using symmetric encryption, what is the advantage in checking the contents of the cookie? That is, if I already have sent an HttpOnly cookie the attacker cannot override it (unless a browser has a major security issue), so why do I then need to check it again? After having a think about it it appears to be one of those 'added layer of security' cases - but if your first line of defence has fallen (HttpOnly) then the attacker is going to get past the second layer anyway as they have full access to the users cookie collection, and could just impersonate them directly, instead of using an indirect XSS/CSRF attack. Of course I could be missing a major issue, but I haven't found it yet. If there are some obvious or subtle issues at play here then I would like to be aware of them.

    Read the article

  • web based FTP help needed

    - by kwek-kwek
    I am looking for a web based FTP client for our clients that is password protected, they can upload & download files. Each client must have a user/pass to login into their folders. Any reccomendation of open source would be very much appreciated

    Read the article

  • Write binary stream to browser using PHP

    - by Dave Jarvis
    Background Trying to stream a PDF report written using iReport through PHP to the browser. The general problem is: how do you write binary data to the browser using PHP? Working Code The following code does the job, but (for many reasons) it is not as efficient as it should be (the code writes a file then sends the file contents the browser). // Load the MySQL database driver. // java( 'java.lang.Class' )->forName( 'com.mysql.jdbc.Driver' ); // Attempt a database connection. // $conn = java( 'java.sql.DriverManager' )->getConnection( "jdbc:mysql://localhost:3306/climate?user=$user&password=$password" ); // Extract parameters. // $params = new java('java.util.HashMap'); $params->put('DistrictCode', '101'); $params->put('StationCode', '0066'); $params->put('CategoryCode', '010'); // Use the fill manager to produce the report. // $fm = java('net.sf.jasperreports.engine.JasperFillManager'); $pm = $fm->fillReport($report, $params, $conn); header('Cache-Control: no-cache private'); header('Content-Description: File Transfer'); header('Content-Disposition: attachment, filename=climate-report.pdf'); header('Content-Type: application/pdf'); header('Content-Transfer-Encoding: binary'); header('Content-Length: ' . strlen( $result ) ); $path = realpath( "." ) . "/output.pdf"; $em = java('net.sf.jasperreports.engine.JasperExportManager'); $result = $em->exportReportToPdfFile($pm,$path); readfile( $path ); $conn->close(); Non-working Code To remove the slight redundancy (i.e., write directly to the browser), the following code looks like it should work, but it does not: $em = java('net.sf.jasperreports.engine.JasperExportManager'); $result = $em->exportReportToPdf($pm); header('Content-Length: ' . strlen( $result ) ); echo $result; Content is sent to the browser, but the file is corrupt (it begins with the PDF header) and cannot be read by any PDF reader. Question How can I take out the middle step of writing to the file and write directly to the browser so that the PDF is not corrupted? Thank you!

    Read the article

  • Should We Mask Passwords?

    - by Abi Noda
    From Jacob Nielson's "Stop Password Masking": Usability suffers when users type in passwords and the only feedback they get is a row of bullets. Typically, masking passwords doesn't even increase security, but it does cost you business due to login failures. What do you guys think?

    Read the article

  • Why can't I get my Azure, WCF, REST, SSL project working? What am I doing wrong?

    - by Mark E
    I'm trying to get SSL, WCF and REST under Azure, but the page won't even load. Here are the steps I followed: 1) I mapped the www.mydomain.com CNAME to my azuresite.cloudapp.net 2) I procured an SSL certificate for www.mydomain.com and properly installed it at my azuresite.cloudapp.net hosted service project 3) I deployed my WCF REST service to Azure and started it. Below is my web.config configuration. The http (non-https) binding version worked correctly. My service URL, http: //www.mydomain .com/service.svc/sessions worked just fine. When I deployed the project with the web.config below, enabling SSL, https: //www.mydomain .com/service.svc/sessions does not even pull up at all. What am I doing wrong? <system.serviceModel> <services> <service name="Service"> <!-- non-https worked just fine --> <!-- <endpoint address="" binding="webHttpBinding" contract="IService" behaviorConfiguration="RestFriendly"> </endpoint> --> <!-- This does not work, what am I doing wrong? --> <endpoint address="" binding="webHttpBinding" bindingConfiguration="TransportSecurity" contract="IService" behaviorConfiguration="RestFriendly"> </endpoint> </service> </services> <behaviors> <endpointBehaviors> <behavior name="RestFriendly"> <webHttp></webHttp> </behavior> </endpointBehaviors> </behaviors> <bindings> <webHttpBinding> <binding name="TransportSecurity"> <security mode="Transport"> <transport clientCredentialType="None"/> </security> </binding> </webHttpBinding> </bindings> </system.serviceModel>

    Read the article

  • Spring redirecting back to referrer

    - by Eqbal
    I have some resources in my application that require redirection to another resource (form) if some context information is not set. After the context gets set (requires two user steps), I need to redirect back to the requested resource. How do I achieve that. I am using annotation based controllers in Spring 3. Is org.springframework.security.web.savedrequest.HttpSessionRequestCache of any use.

    Read the article

  • How to commit into TortoiseSVN using cruise control config file

    - by pratap
    hi all, can any one tell how to commit into tortoisesvn using cruise control config file. I am getting an error "C:***\Documentation\trunk\dotnet\svn" is not executable or it may not exist. here's the config part... <workingDirectory>C:\*****\Documentation\trunk\dotnet\</workingDirectory> <category>Individual Solutions</category> <modificationDelaySeconds>10</modificationDelaySeconds> <sourcecontrol type="svn"> <trunkUrl>******* svn url *********</trunkUrl> <username> unname </username> <password> pwd </password> <autoGetSource>true</autoGetSource> </sourcecontrol> <tasks> <exec> <executable>C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe</executable> <buildTimeoutSeconds>1200</buildTimeoutSeconds> <successExitCodes>0</successExitCodes> </exec> <exec> <executable>iisreset</executable> <buildArgs>/stop</buildArgs> </exec> <exec> <executable>c:\Program Files\TortoiseSVN\bin\TortoiseProc.exe /command:commit /path:"C:\*****\Documentation\trunk\dotnet\"</executable> <buildTimeoutSeconds>1200</buildTimeoutSeconds> <successExitCodes>0</successExitCodes> <description>checkin shared content...</description> </exec> <exec> <executable>iisreset</executable> <buildArgs>/start</buildArgs> </exec> </tasks> </project> Thank you all,

    Read the article

  • Adding binary checkbox values to MySQL database using PHP

    - by klyv
    I'm new to PHP, and I am creating a basic CMS using PHP and MySQL. I'm struggling to get the checkbox information from my HTML page across into the database. How can I make the values to appear as binary 0 or 1 values? The HTML document is written as follows: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <title>Create your news page</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> </head> <body> <fieldset> <legend>Checked components will show in the page</legend> <form method="POST" action="http://*********.php"> <span class="label">Header</span> <input type="checkbox" name="header" value="HEADER"> <br> <span class="label">Footer</span> <input type="checkbox" name="footer" value="FOOTER"> <hr> <span class="label">Local news</span> <input type="checkbox" name="local" value="LOCALNEWS"> <br> <span class="label">National news</span> <input type="checkbox" name="national" value="NATIONALNEWS"> <br> <span class="label">International news</span> <input type="checkbox" name="international" value="INTERNATIONALNEWS"> <p> <input type="submit"> </form> </fieldset> </body> </html> And the PHP document is written as follows: <?php $user="user_***"; $password="*********"; $database="dbxyz"; mysql_connect("localhost", $user, $password); mysql_select_db($database, $db_handle); mysql_select_db("dbxyz"); if(isset($_POST['layout'])) { foreach($_POST['layout'] as $value { $insert="INSERT INTO layout (header, footer, local, national, international) VALUES ('$value')"; mysql_query($insert); } } ?>

    Read the article

  • WMI: Editing the Registry Remotely

    - by Quanta
    I'm trying to use the following code (poorly written, but it's just a proof of concept) to edit the registry of a computer on a domain. I have a domain account, and I've verified that the domain admin group is present in the local admin group on the machines I'm attempting to affect. I've connected to these other machines to perform other administrative type tasks, so I'm sure that I have administrative privileges on these hosts. All of StdRegProv's "get" methods work fine (http://msdn.microsoft.com/en-us/library/aa393664%28VS.85%29.aspx) but the "set" or "create" methods as well as check access all return "5" which is "Error_Access_Denied" according to winerror.h. So there's the problem: why do I get access denied when attempting to modify the registry? If anyone can help me figure this out, you'd have my utmost appreciation! I almost forgot, when I fire up Visual Studio in admin mode on my local machine and run the code against the local machine, it works flawlessly. If I don't start in admin mode on the local machine, the code fails, so I suspect there's a UAC problem maybe? using System; using System.Management; public class EditRemoteRegistry { public static void Main(string[] args) { ConnectionOptions options = new ConnectionOptions(); options.EnablePrivileges = true; options.Impersonation = ImpersonationLevel.Impersonate; options.Password = "password goes here"; //options.Authority = "my company's domain"; //options.Username = "Admin username"; ManagementScope scope = new ManagementScope("\\\\arbitraryhost\\root\\default", options); scope.Connect(); ManagementClass mc = new ManagementClass("StdRegProv"); ManagementBaseObject inParams = mc.GetMethodParameters("CreateKey"); inParams["hDefKey"] = (UInt32)2147483650; inParams["sSubKeyName"] = "Software\\Test"; ManagementBaseObject outParams = mc.InvokeMethod("CreateKey", inParams, null); //Should return a 0, but returns a 5, "Error_Access_Denied" Console.WriteLine("CreateKey Method returned " + outParams["returnValue"]); //This chunk works fine ManagementBaseObject inParams5 = mc.GetMethodParameters("GetDWORDValue"); inParams5["hDefKey"] = 2147483650; inParams5["sSubKeyName"] = "Software\\Test"; inParams5["sValueName"] = "testDWORDvalue"; ManagementBaseObject outParams5 = mc.InvokeMethod("GetDWORDValue", inParams5, null); Console.WriteLine("GetDWORDValue returned " + (UInt32)outParams5["returnValue"] + " "); Console.WriteLine((UInt32)outParams5["uValue"]); ManagementBaseObject inParams6 = mc.GetMethodParameters("SetStringValue"); inParams6["hDefKey"] = 2147483650; inParams6["sSubKeyName"] = "Software\\Test"; inParams6["sValueName"] = "TestStringValue"; inParams6["sValue"] = "Hello World!"; ManagementBaseObject outParams6 = mc.InvokeMethod("SetStringValue", inParams6, null); //Should return a 0, but returns a 5, "Error_Access_Denied" Console.WriteLine("SetStringValue returned " + outParams6["returnValue"]); Console.ReadKey(); } }

    Read the article

  • How to Configure SSL over Database in Spring?

    - by Sameer Malhotra
    Hi, I want to add SSL security in the Database layer. I am using Struts2.1.6, Spring 2.5, JBOSS 5.0 and Informix 11.5. Any idea how to do this? I have researched through a lot on the internet but could not find any solution. Please suggest! Here is my datasource and entity manager beans which is working perfect without SSL: <bean id="entityManagerFactory" class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean"> <property name="dataSource" ref="dataSource" /> <property name="jpaVendorAdapter"> <bean class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter"> <property name="database" value="INFORMIX" /> <property name="showSql" value="true" /> </bean> </property> </bean> <bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close"> <property name="driverClassName" value="com.informix.jdbc.IfxDriver" /> <property name="url" value="jdbc:informix-sqli://SERVER_NAME:9088/DB_NAME:INFORMIXSERVER=SERVER_NAME;DELIMIDENT=y;" /> <property name="username" value="username" /> <property name="password" value="password" /> <property name="minIdle" value="2" /> </bean> <bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean" lazy-init="false"> <property name="targetObject" ref="dataSource" /> <property name="targetMethod" value="addConnectionProperty" /> <property name="arguments"> <list> <value>characterEncoding</value> <value>UTF-8</value> </list> </property> </bean> <bean id="jdbcTemplate" class="org.springframework.jdbc.core.JdbcTemplate" scope="prototype"> <property name="dataSource" ref="dataSource" /> </bean> <bean id="transactionManager" class="org.springframework.orm.jpa.JpaTransactionManager"> <property name="entityManagerFactory" ref="entityManagerFactory" /> </bean> <tx:annotation-driven transaction-manager="transactionManager" />

    Read the article

  • How to fine tune a Membership Provider?

    - by Venemo
    After all the answers to my last question about fine-tuning turned out to be more useful than I expected, I thought that I would ask another similar Question about the MembershipProviders as well. Okay, so firstly, to clarify: I know what a Membership, Role, and Profile provider is, how to implement my own, and how to configure them, and most of the things about them. Implementing a role and profile provider is pretty straightforward, because they only require simple CRUD most of the time. (A single line of LINQ is enough for about half of the RoleProvider's methods.) However, the Membership provider is a differend beast. Many of you may realize that it violates the SR (Single Responsibility) principle, because it has to do EVERYTHING related to user management. While this leaves a lot of room for customizations, it has its downsides as well. There is no information on the Internet about what their EXACT expected behaviour is, such as when should they throw exceptions or simply return null, and stuff like that. I use this sample implementation for reference, but it also contains several contradictions. For example, it uses its own ValidateUser method for checking for credentials in the ChangePassword method. But the ValidateUser also updates the user's LastLoginDate to the current date. So, does the framework expect that I set it in my own provider as well, or is it simply a mistake in the sample? The other is: the ChangePassword method throws an exception every time when validating the new password, but CreateUser doesn't ever throw an exception, it simply returns false. And last, but not least: it counts the invalid password attempts of the user and locks them if it passes a threshold. While this is good, but it requires manual action to unlock the users. Is it a problem if my provider automatically unlocks the user after a certain amount of time? (EDIT) I almost forgot: the CreateUser method in the sample inserts the ID from the method parameter. I actually think this is bad practice, because I use inters with auto incement as IDs, so inserting them from some method parameter is not an option. Should I just ignore the parameter, or require that its value is null and throw an exception if it isn't? All in all, does ASP.NET have any assumptions about the behaviour of a MembershipProvider? Is there any documentation which describes when should I throw an exception or just return null? I also tried to find a set of generic unit tests which would provide some guidance about the expected behaviour, but no luck, I found plenty of articles about "Unit testing is good", and "How to unit test a MembershipProvider", but not one where there would be any actual tests. Thanks in advance for everyone!

    Read the article

  • JBoss: Authentication caches wrong login credentials

    - by aliaslan
    I am using JBoss AS 4.2.3 JBossSeam 2.1 My Problem is that I can login/logout with different users as long as I do not enter a wrong password for one user. If this happens it is not possible to authenticate any user. Authentication always fails. If I delete the browser cookies everything works fine. I have tried to set DefaultCacheTimeout and DefaultCacheResolution to 0 but without luck. Why does JBoss cache wrong credentials?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 519 520 521 522 523 524 525 526 527 528 529 530  | Next Page >