Search Results

Search found 19074 results on 763 pages for 'secure government government cloud security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 530/763 | < Previous Page | 526 527 528 529 530 531 532 533 534 535 536 537  | Next Page >

  • how to run an ActiveX that must be visible and topmost on a server without a desktop?

    - by DanJ
    We're writing a server application that needs to use an ActiveX object that must be visible and Top-Most otherwise it doesn't render correctly. The challenge is that servers typically don't have an active desktop, and therefore the applications should not require one. Ours does. I must use this ActiveX, and I don't have access to the source code. When running from within remote-desktop everything works fine as long as the session is open. As soon as the session closes it stops working. I'm guessing this is because there is no desktop. Any ideas how I can work this out in a secure and robust way?

    Read the article

  • iPhone - Web Access Authentication

    - by Terry
    I am building a secure app for our exec's... here is my setup. It's a somewhat Macgyver approach, but bear with me :) There are only 10 users, I have a record of each uniqueIdentifier on my backend in a database table. (This is internal only for our users, so I don't believe I am breaking the public user registration rule mentioned in the API docs) Through adhoc distribution I install my app on all 10 devices My app is simply composed of a UIWebView. When the app starts it does a POST to our https site sending the uniqueIdentifier. (Thanks to this answer) The server page that recieves the POST, checks the uniqueIdentifier and if found sets a session cookie that automatically logs them into the site. This way the user doesn't have to enter in their credentials every time. So what do you think, is there a security hole with this? Thanks

    Read the article

  • Cyrillic characters from javascript cookie to php output via $_COOKIE

    - by Beck
    When i'm trying to put russian text in cookie via javascript and then output it via php it returns: %u043F%u0440%u043E%u0432%u0435%u0440%u043A%u0430 How to decode this to normal cyrillic characters? This is the function i'm using to pass to document.cookie: function setCookie(c_name,val,c_expiredays,c_path,c_domain,c_secure) { var exdate=new Date(); exdate.setDate(exdate.getDate()+c_expiredays); document.cookie=c_name+ "=" +escape(val)+ /* Additional settings */ ((c_path) ? "; path=" + c_path : "") + ((c_domain) ? "; domain=" + c_domain : "") + // used to allow using only on a certain domain ((c_secure) ? "; secure" : "") + // used for HTTPS (SSL) ((c_expiredays==null) ? "" : ";expires="+exdate.toGMTString()); } setCookie('name',$(this).val(),1); On server side, i'm outputting like that: (isset($_COOKIE['img_href_value']) ? $_COOKIE['img_href_value'] : '')

    Read the article

  • SSL on Heroku / User Authentication Across Multiple Domains

    - by Euwyn
    Posted a previous question on this, but have a followup. I was trying to create a workaround to use SSL on the expensive custom domain. I'm willing to live with bumping a user to https://app.heroku.com from http://www.app.com for certain secure pages, and have monkey-patched SSL required to make this happen. However, now this issue is with making sure my User is logged in when I do so. As I understand, cookies aren't cross domain. Is there a way around this issue?

    Read the article

  • Is writing eSQL database agnostic?

    - by Robert Koritnik
    Using EF we can use LINQ to read data which is rather simple (especialy using fluent calls), but we have less control unless we write eSQL on our own. Is writing eSQL database actually data store independant code? So if we decide to change data store, can the same statements still be used? Is writing eSQL strings in your code pose any serious security threats similar to writing TSQL statements in plain strings? So we moved to SPs. Could we still mode eSQL scripts outside of code as well and use some other technique to make them a bit more secure?

    Read the article

  • How to use Windows login for single-sign-on and for Active Directory entries for Desktop Java applic

    - by Touko
    I'd like to have my desktop Java application to have single sign on related to Active Directory users. In two steps, I'd like to : Be sure that the particular user has logged in to Windows with some user entry. Check out some setup information for that user from the Active Directory With http://stackoverflow.com/questions/31394/java-programatic-way-to-determine-current-windows-user I can get the name of the current Windows user but can I rely to that? I think the System.getProperty("user.name") won't be secure enough? ("user.name" seems to be got from environment variables, so I can't rely on that, I think?) Question http://stackoverflow.com/questions/390150/authenticating-against-active-directory-with-java-on-linux provides me the authentication for given name+pass but I'd like to authenticate based on the Windows logon? For the Active Directory access, the LDAP would probably be the choise? I'm not totally sure if I'm asking the right questions but hopefully somebody has some ideas to forward me on.

    Read the article

  • VCS File Downloading Issue with IE

    - by Sachin Gaur
    I am working on a http based (NOT Secure) Web Application. In this, I have provided a provision to add some appointment to the Client's outlook calendar. I am creating the .vcs file dynamically when clicked on a hyperlink. The code of generating .VCS file is: string calendarFormat = GetVCSFormat(); Response.ContentType = "text/calendar"; Response.AppendHeader("content-disposition", "attachment; filename=MyCalendar.vcs"); Response.Write(calendarFormat); Response.End(); It is working fine in all browsers except IE. It is giving me following error: Internet Explorer cannot download GenerateAppointment.aspx from server. Internet Explorer was not able to open this Internet site. The requested site is either unavailable or cannot be found. Please try again later. Can anyone focus some light on it?

    Read the article

  • Best package for basic web-based file manager

    - by alchemical
    I'm looking for a basic web-based file management application. It must have an affordable price, and fairly easy installation would be a plus. ASP.Net / IIS based would be easiest for me to work with. Basically, I'd like it to create a secure web site where myself and a few people can exchange various types of files, etc. I'm looking for a package I can install on my own server rather than a web-based service, as I think I can get more space at a good price point this way. I could go custom coding, but I figure this is such a generic need, there must be something already mature out there at a decent price. What has worked best for you?

    Read the article

  • SSL Form Post in ASP.NET MVC 1.0

    - by goombaloon
    I'd like to use SSL for the post action on the login page of my MVC 1.0 app. I've seen some articles related to the [RequireSSL] attribute in ASP.NET MVC Futures. However, since this works using a redirect, I assume it's not an option (can't redirect a POST, correct?). Ultimately, my goal is to get the Html.BeginForm method to render "https://..." as the form's action so that I can secure the information being posted (login info). How have others handled this?

    Read the article

  • Does Google index HTTPS ASP.NET pages?

    - by ncakmak
    I have an online application that all of its pages use HTTPS. I have 3 questions: Does Google index HTTPS pages? I have a password protected single ASP.NET page (using HTTPS). Password protection is basically achieved by a Session object. When the correct password is entered, it hides the login panel and displays the same page which has a sensitive data. Is this page indexed by Google? I have a Secure folder that I implemented Forms Authentication. All pages in folder use HTTPS as well. Are the pages in this folder indexed by Google? Thank you for your help, Niyazi

    Read the article

  • Let MySQL users create databases, but allow access to only their own databases

    - by eikes
    I want to have multiple a MySQL users to be able to issue commands like CREATE DATABASE dbTest; But I also want each of these users to be able to see and access only their own databases. All I could find was how to either create the databases by a DBA and grant the privileges on this database to the specific user: GRANT ALL PRIVILEGES ON dbTest.* TO 'user'; or grant privileges on all databases to a user: GRANT ALL PRIVILEGES ON *.* TO 'user'; But neither is what I want, because it needs to scale and be secure.

    Read the article

  • hosting environment for delivering FLVs [closed]

    - by Gotys
    What would be the ideal hardware setup for pushing lots of bandwith on a tube site? We have ever-expanding cloud storage where users upload the movies, then we have these web-delivery machines which cache the FLV files on its local harddrives and deliver them to users. Each cache machine can deliver 1200 mbits/s , if it has SAS 8 harddrives. Such a cache machine costs us $550/month for 8x160gb -- so each machine can cache only 160GB at any given time. If we want to cache more then 160gb , we need to add another machine..another $550/month..etc. This is very un-economical so I am wondering if we have any experts here who can figure out a better setup. I've been looking into "gluster FS", but I am not sure if this thing can push a lot of bandwith. Any ideas highly appreciated. Thank you!

    Read the article

  • How to generate a client certificate using a third party CA-NOT Self Signed CA

    - by Bryan
    I am trying to trying to export a client certificate for use with a web browser. The goal is to restrict access using the <Location directive to the admin area. I have seen numerous tutorials on using self signed CAs. How would you do this using a third party? 1) Do I need to include the CA in the client pfx if it is a trusted root CA? I have seen both examples. Without CA: openssl pkcs12 -export -inkey KEYFILENAME -in CERTFILEFILENAME -out XXX.pfx With CA: openssl pkcs12 -export -in my.crt- inkey my.key -certfile my.bundle -out my.pfx 2) Do I need to still include SSLCACertificateFile for trusted CA in the httpd.conf setup? SSLVerifyClient none SSLCACertificateFile conf/ssl.crt/ca.crt <Location /secure/area> SSLVerifyClient require SSLVerifyDepth 1 </Location> http://www.modssl.org/docs/2.8/ssl_howto.html#ToC8

    Read the article

  • Azure - Microsoft.IdentityModel not found

    - by Andy
    Hi There, I'm working with a WCF service in Azure, which uses Windows Live ID authentication with the recent deviceid requirements. When I host my WCF service locally in the compute emulator, it works properly, but when I deploy the cloud service to Azure and call it the same way (from another project that uses the WCF service as a service reference), I get the error: Could not load file or assembly 'Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The system cannot find the file specified. I found this post : http://social.msdn.microsoft.com/Forums/en-US/netservices/thread/cd139b5c-ad12-4298-af2f-1b2d0136a977 But there are a few problems: 1. I don't seem to have access to Microsoft.IdentityModel, only System.IdentityModel. I'm not sure why it's searching for something in 3.5 at all, as I'm building in .NET 4.0. 2. When I choose to "copy to local" on System.IdentityModel, it doesn't change anything. Any help? I would appreciate it! Best Regards, Andy

    Read the article

  • Wrapping variable width text in emacs lisp

    - by Jonathan Arkell
    I am hacking up a tagging application for emacs. I have got a tag cloud/weighted list successfully displaying on a buffer, but i am running into a snag. I need to be able to properly word-wrap the buffer, but I haven't a clue where to start. The font I am using is a variable width font. On top of that, each tag is going to be in a different size, depending on how many times it shows up on the buffer. Finally, the window that displays the tagcloud could be in a window that is 200 pixels wide, or the full screen width. I really have no idea where to start. I tried longlines mode on the tagcloud buffer, but that didn't work. Source code is at: http://emacswiki.org/cgi-bin/emacs/free-tagging.el

    Read the article

  • What are the use cases for closures/callback functions in Javascript?

    - by Christopher Altman
    I was listening to Crockford's talk on Javascript closures and am convinced of the benefit of information hiding, but I do not have a firm understanding of when to use callback functions. It is mostly a true statement that a person could accomplish the same functionality with or without callbacks. As someone who is writing code, what heuristics or cues should I keep in mind when determining when to use callbacks/closures? I am not looking for the blanket statement 'Closures make more secure code', rather a list of practical examples or rules of thumb for when callbacks are the right idea. Crockford's Presentation: http://www.yuiblog.com/blog/2010/04/08/video-crockonjs-5/

    Read the article

  • Finding out what user Apache is running as?

    - by AP257
    I want to secure a file upload directory on my server as described beautifully here, but I have one problem before I can follow these instructions. I don't know what user Apache is running as. I've found a suggestion that you can look in httpd.conf and there will be a "User" line, but there is no such line in my httpd.conf file, so I guess Apache is running as the default user. I can't find out what that is, though. So, my question is (are): how do I find out what the default user is do I need to change the default user if the answer is yes and I change the default user by editing httpd.conf, is it likely to screw anything up? Thanks!

    Read the article

  • My website is infected with JS:ScriptIP-inf [Trj]

    - by Rizwan Aaqil
    I am using Network Solutions hosting. I was recently attacked with JS:Illredir-S [Trj], I asked my hosting providers to clean it and they cleaned it and updated all passwords, but now after a week my site got infected again with JS:ScriptIP-inf [Trj]. Can anyone please suggest me how to secure my website properly ? Should I change my hosting provider ? I am fed up of these viruses again and again on my websites. I can't even find this virus in my files. Please post informative answers. Thanks

    Read the article

  • DotNetOpenAuth OpenIdTextBox For Google/Yahoo

    - by user300992
    If I want to integrate DotNetOpenAuth (primary for people to use their Google/Yahoo accounts to login, not act as provider) into my existing site, is this one line control good enough? <rp:OpenIdTextBox ID="OpenIdTextBox1" runat="server" /> Say, if a user wants to login as Google, I can simply set the textbox to "https://www.google.com/accounts/o8/id" and then they can login. I tried it with my Google account, it seems working and I can get the token from HttpContext.Current.User.Identity.Name. Is this "one line" solution secure enough for production? or is it a "must" that I have to use "OpenIdSelector" or "OpenIDLogin" control? I also opened the .net template and some samples, they are very complicated. There are PAPE policies, xrds.aspx (for discovery), ConsumerKey + ConsumerSecret...etc. As a newbie, I am very confused. Any tips on this will be really appreciated. Thanks

    Read the article

  • Looking for a simple interface for users to enter data for Silverlight application

    - by Edward Tanguay
    I have made a Silverlight application which can read data from various URLs. So users of the application who control a website can: FTP text and XML files onto their website put a clientaccesspolicy.xml in their root directory enter their URL in the silverlight application at which point the silverlight application then begins reading data from their site. I would like to extend this to less technical users who do not control a website, aren't adept with FTP, etc. What is the best service on the web that: allows users to publish different kinds of data, e.g. put out text files on web allows Silverlight client access (has clientaccesspolicy.xml set up) Some ideas are: free blog services (although then they are limited to a RSS feed, or the silverlight app would have to do some screen scraping) Google Docs? free cloud services? What free services allow easy publishing of any kind of data on the web and allow Silverlight client access?

    Read the article

  • How can I deploy my .NET app to Amazon EC2?

    - by Khash
    I have a .NET Windows service and a .NET Web Application that I would like to deploy to my Amazon EC2 Windows 2008 instances. At this point, all I need to do is to copy the zipped files across to the EC2 box and remote desktop to the EC2 instance and finish the deployment. In order to do this, I have tried LogMeIn Hamachi2 to create a P2P VPN and use RoboCopy to copy the files, however it seems Hamachi doesn't work on Windows EC2. What is your solution for deploying your .NET apps to Windows EC2 instances? I want to avoid running an FTP server on the box just to get my files up on the server and don't have a VPN server (like OpenVPN) running to run a cloud based VPN solution. Perhaps I can find a simple way of using Amazon S3 as a strategy? Any ideas? Suggestions?

    Read the article

  • Ruby on Rails website hosting

    - by sfactor
    i want to start a website. it'll be a small community based website. i've learned a fair bit of ruby on rails and am planning to use it. however, i have never deployed a production website before. i've just practiced in my local computer. i wanted to know what are the things i need to deploy the website on the internet. what is the best place to get a domain name and web hosting, esp for ruby on rails sites. how are cloud based services like amazon EC2 etc different from a traditional web host. which is a better choice. what else might i need to do to deploy a website. also i may happen to have a fair bit of users in the future. so how to go about planning for scalability issues. how to sites like twitter, fmylife.com etc all go about these things.

    Read the article

  • Advice on HTTPS connections using Ruby on Rails

    - by user502052
    Since I am developing a "secure" OAuth protocol for my RoR3 apps, I need to send protected information over the internet, so I need to use HTTPS connections (SSL/TSL). I read How to Cure Net::HTTP’s Risky Default HTTPS Behavior aticle that mentions the 'always_verify_ssl_certificates' gem, but, since I want to be more "pure" (it means: I do not want to install other gems, but I try to do everything with Ruby on Rails) as possible, I want to do that work without installing new gems. I read about 'open_uri' (it is also mentioned in the linked article: "open_uri is a common exception - it gets things right!") that is from the Ruby OOPL and I think it can do the same work. So, for my needs, is 'open_uri' the best choice (although it is more complicated of 'always_verify_ssl_certificates' gem)? If so, can someone help me using that (with an example, if possible) because I have not found good guides about?

    Read the article

  • Concurrency Problem in Java ...

    - by Tara Singh
    I am designing a client-server chat application in Java. This is a secure application where the messages are exchanged using cryptographic algorithms. I have one server and it can support many clients. My problem is that when one client logs on the server it works fine, but when another user logs into the system, the server starts giving me bad padding exceptions for the encrypted text. I am not able to figure out the problem, according to my logic, when new connection request to server is made, the server creates a thread for listening to the client. Is it possible that once the instance of thread class is created, it does all the processing correctly for the first client, but not for the second client because the variables in server listener thread class already have some previous value, and thus the encrypted text is not decrypted properly? Please advise how I can make this process more robust so that the number of clients does not affect how well the server functions.

    Read the article

  • Use absolute path for easier modify include path in future?

    - by i need help
    config.php put at the root level, this file will be included in any pages. Then at config.php <?php define( 'ROOT_DIR', dirname(__FILE__) ); ?> So at all other pages from different sub/a.php , sub/sub/b.php directories, when I want to include a specific file in specific location, I just need to include( ROOT_DIR.'/include/functions.php' ); In windows server, the ROOT_DIR bring the value to C:/inetpub/vhosts/domain.com Is this a good/secure way? It seems like via this way, when I move the b.php to other upper level folder, I don't need to do any changes to the include file path, which is good for maintenance. Any cons? Like SEO wise, or any other reason... What you guys think.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 526 527 528 529 530 531 532 533 534 535 536 537  | Next Page >