Search Results

Search found 41147 results on 1646 pages for 'database security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 556/1646 | < Previous Page | 552 553 554 555 556 557 558 559 560 561 562 563  | Next Page >

  • Critical Patch Update For Oracle Fusion Middleware - CPU October 2012

    - by Daniel Mortimer
    The latest Critical Patch Update (CPU) has been released for Oracle products. Start your reading hereCritical Patch Updates, Security Alerts and Third Party Bulletin  This is the home page containing links to all "Critical Patch Updates" released to date, along with sections detailing  Security Alerts  Third Party Bulletin Public Vulnerabilities Fixed Policies Reporting Security Vulnerabilities  On this page you will find the link to the Oracle Critical Patch Update Advisory - October 2012 The advisory lists the support documents that cover the patch availability for all Oracle products. From an Oracle Fusion Middleware perspective, you can cut to the chase by using the links below which take you to the appropriate sections inPatch Set Update and Critical Patch Update October 2012 Availability Document [ID 1477727.1] Oracle Fusion Middleware 11g Release 2  11.1.2.0 Oracle Fusion Middleware 11g Release 1 11.1.1.4 (Portal,Forms,Reports and Discoverer) 11.1.1.5 11.1.1.6 Oracle Application Server 10g Release 3 10.1.3.5 The #anchor links above should work in Firefox and IE provided you have already logged into My Oracle Support within the same browser session. For some reason, Chrome always takes you to the top of the document :-/ Tip: Error Correction Support for Oracle Identity Management 10g, version 10.1.4.x ended in December 2011. For this reason, there is no section which is specific to this version. However, Error Correction Support remains in place, until end of this year, for the Oracle Identity Management 10.1.4.x components Single Sign On (SSO) Delegated Administration Services (OIDDAS) provided you are using them as part of a Single Sign-On solution (OID 11g + SSO / OIDDAS 10.1.4.3) for a Portal / Forms / Reports and Discoverer 11.1.1.x architecture.    As such there are security related patches available for Fusion Middleware Single Sign On. You will find the patch numbers listed in the sections for 11.1.1.4, 11.1.1.5 and 11.1.1.6 And finally, if you are hit any unexpected errors when applying the CPU patches, check out the known issues documented in these two support documents. Critical Patch Update October 2012 Oracle Fusion Middleware Known Issues (Doc ID 1455408.1) Critical Patch Update October 2012 Database Known Issues (Doc ID 1477865.1)

    Read the article

  • Webcast Tomorrow: Securing the Cloud for Public Sector

    - by Darin Pendergraft
    Securing the Cloud for Public Sector Click here, to register for the live webcast. Cloud computing offers government organizations tremendous potential to enhance public value by helping organizations increase operational efficiency and improve service delivery. However, as organizations pursue cloud adoption to achieve the anticipated benefits a common set of questions have surfaced. “Is the cloud secure? Are all clouds equal with respect to security and compliance? Is our data safe in the cloud?” Join us December 12th for a webcast as part of the “Secure Government Training Series” to get answers to your pressing cloud security questions and learn how to best secure your cloud environments. You will learn about a comprehensive set of security tools designed to protect every layer of an organization’s cloud architecture, from application to disk, while ensuring high levels of compliance, risk avoidance, and lower costs. Discover how to control and monitor access, secure sensitive data, and address regulatory compliance across cloud environments by: providing strong authentication, data encryption, and (privileged) user access control to ensure that information is only accessible to those who need it mitigating threats across your databases and applications protecting applications and information – no matter where it is – at rest, in use and in transit For more information, access the Secure Government Resource Center or to speak with an Oracle representative, please call1.800.ORACLE1. LIVE Webcast Securing the Cloud for Public Sector Date: Wednesday, December 12, 2012 Time: 2:00 p.m. ET Visit the Secure Government Resource CenterClick here for information on enterprise security solutions that help government safeguard information, resources and networks. ACCESS NOW Copyright © 2012, Oracle. All rights reserved. Contact Us | Legal Notices | Privacy Statement

    Read the article

  • Best ways to collect location-based user input

    - by user359650
    I'm working on a website where users will be able to register and provide information about their location. In order to prevent users from inputting incorrect data, we don't want users to provide free-text information but instead choose from predefined values as much as possible. We believe there are 2 ways of providing those values: use an API to an external service provider or create your own local database. APIs Some resources: - https://developers.facebook.com/docs/reference/ads-api/get-autocomplete-data/ - http://developer.yahoo.com/geo/geoplanet/ Pros: -accuracy and completeness of data. -no maintenance related to update of data as this it taken care of by API provider. -easier/faster to get started (no need to create local database, just implement API). Cons: -degradation of performance when availability issues with external API. -outage due to changes to the external API (until your code is updated to reflect those changes). -lock-in with external provider. Local database Some resources: - http://developer.yahoo.com/geo/geoplanet/data/ - http://www.maxmind.com/app/geolitecity - http://download.geonames.org/export/dump/ Pros: -no external dependency: improved stability and performance. Cons: -more work to get started (you need to create the database and code to interact with it). -risks of inaccurate/incomplete data, either initially or over time. -more maintenance work to keep database up to date. Assuming the depth information requested from users is as follows: -country: interested in value. also used to narrow down list of regions. -region (state in the US, county in the UK...): not interested in value itself, only used to narrow down list of cities. -city: interested in value (which can be used to work out related region should we need regional statistics). -address: interested in value although OPTIONAL. Which option (whether API or local database) would you choose? What tips you would give for the implementation? What other resources can you share?

    Read the article

  • Critical Patch Update for Oracle Fusion Middleware - CPU October 2013

    - by Daniel Mortimer
    The latest Critical Patch Update (CPU) has been released for Oracle products. Start your reading here Critical Patch Updates, Security Alerts and Third Party Bulletin  This is the home page containing links to all "Critical Patch Updates" released to date, along with sections detailing  Security Alerts  Third Party Bulletin Public Vulnerabilities Fixed Policies Reporting Security Vulnerabilities On this page you will find the link to the Oracle Critical Patch Update Advisory - October 2013 The advisory lists the support documents that cover the patch availability for all Oracle products. For Oracle Fusion Middleware, go to: Patch Set Update and Critical Patch Update October 2013 Availability Document [ID 1571391.1] If you are hit any unexpected errors when applying the CPU patches, check out the known issues documented in these two support documents. Critical Patch Update October 2013 Oracle Fusion Middleware Known Issues  [ID 1571369.1] Critical Patch Update October 2013 Database Known Issues [ID 1571653.1] And lastly, for an informal summary of what the Critical Patch Update fixes, check out the blog posts by "Oracle Software Security Assurance" team October 2013 Critical Patch Update Released

    Read the article

  • Oracle Internet Directory 11gR1 11.1.1.6 Certified with Oracle E-Business Suite

    - by B Shashikumar
    We are very pleased to announce that Oracle Internet Directory 11gR1 (11.1.1.6) is now certified with Oracle E-Business Suite Releases 11i, 12.0 and 12.1. With this certification, we are offering several benefits to Oracle E-Business Suite customers: · Massive Scale: Oracle Internet Directory (OID) is a proven solution for mission critical deployments. OID can scale to extremely large deployments on less hardware as demonstrated by its published Two-Billion-User Benchmark. This reduces the footprint required to deploy enterprise directory services in the data-center resulting in cost savings and a greener enterprise. · Enhanced Security: OID is the most secure directory service that provides security at every level from data in transit to storage and backups. In addition to LDAP security, it leverages powerful Oracle database security features like Database Vault and Transparent Data Encryption · Investment Protection: This certification leverages Identity Management’s hot-pluggable capabilities enabling E-Business Suite customers to store and manage user identities in existing directory servers thus helping them maximize their investments For a complete matrix of platforms supported by Oracle Internet Directory and its components, refer to the Oracle Identity and Access Management 11gR1 certification matrix. For more information about this certification, check out the Oracle E-Business Suite blog. 

    Read the article

  • Software Center not Opening at all Error

    - by Newbie
    When I open software from menu, it says "cannot open software database. Please reinstall the software-center package. When I write software-center on terminal, such error comes: 2014-05-28 09:11:20,584 - softwarecenter.ui.gtk3.app - INFO - setting up proxy 'None' 2014-05-28 09:11:20,593 - softwarecenter.ui.gtk3.app - ERROR - xapian open failed Traceback (most recent call last): File "/usr/share/software-center/softwarecenter/ui/gtk3/app.py", line 302, in __init__ if self.db.schema_version() != DB_SCHEMA_VERSION: File "/usr/share/software-center/softwarecenter/db/database.py", line 289, in schema_version return self.xapiandb.get_metadata("db-schema-version") File "/usr/share/software-center/softwarecenter/db/database.py", line 177, in xapiandb self._db_per_thread[thread_name] = self._get_new_xapiandb() File "/usr/share/software-center/softwarecenter/db/database.py", line 190, in _get_new_xapiandb xapiandb = xapian.Database(self._db_pathname) File "/usr/lib/python2.7/dist-packages/xapian/__init__.py", line 3667, in __init__ _xapian.Database_swiginit(self,_xapian.new_Database(*args)) DatabaseCorruptError: /var/cache/software-center/xapian/iamchert: Chert version file should be 28 bytes, actually 0 Now, when I write command sudo apt-get remove software-center dpkg: error: corrupt info database format file '/var/lib/dpkg/info/format' E: Sub-process /usr/bin/dpkg returned an error code (2) I had ubuntu before but it kind of got corrupted. Now, I have freshly reinstalled it and even at start, software center is not opening and this error comes. I hope you have a solution. Thanks.

    Read the article

  • IDC's Sally Hudson on Securing Mobile Access

    - by Naresh Persaud
    After the launch of Identity Management 11g R2, Oracle Magazine writer David Baum sat down with Sally Hudson, research director of security products at International Data Corporation (IDC) to get her perspective on securing mobile access.  Below is an excerpt from the interview. The complete article can be found here. "We’re seeing a much more diverse landscape of devices, computing habits, and access methods from outside of the corporate network. This trend necessitates a total security picture with different layers and end-point controls. It used to be just about keeping people out. Now, you have to let people in. Most organizations are looking toward multifaceted authentication—beyond the password—by using biometrics, soft tokens, and so forth to do this securely. Corporate IT strategies have evolved beyond just identity and access management to encompass a layered security approach that extends from the end point to the data center. It involves multiple technologies and touch points and coordination, with different layers of security from the internals of the database to the edge of the network." ( Sally Hudson, Oracle Mag Sept/Oct 2012) As the landscape changes you can find out how to adapt by reading Oracle's strategy paper on providing identity services at Internet scale. 

    Read the article

  • More Tables or More Databases?

    - by BuckWoody
    I got an e-mail from someone that has an interesting situation. He has 15,000 customers, and he asks if he should have a database for their data per customer. Without a LOT more data it’s impossible to say, of course, but there are some general concepts to keep in mind. Whenever you’re segmenting data, it’s all about boundary choices. You have not only boundaries around how big the data will get, but things like how many objects (tables, stored procedures and so on) that will be involved, if there are any cross-sections of data (do they share location or product information) and – very important – what are the security requirements? From the answer to these types of questions, you now have the choice of making multiple tables in a single database, or using multiple databases. A database carries some overhead – it needs a certain amount of memory for locking and so on. But it has a very clean boundary – everything from objects to security can be kept apart. Having multiple users in the same database is possible as well, using things like a Schema. But keeping 15,000 schemas can be challenging as well. My recommendation in complex situations like this is similar to a post on decisions that I did earlier – I lay out the choices on a spreadsheet in rows, and then my requirements at the top in the columns. I  give each choice a number based on how well it meets each requirement. At the end, the highest number wins. And many times it’s a mix – perhaps this person could segment customers into larger regions or districts or products, in a database. Within that database might be multiple schemas for the customers. Of course, he needs to query across all customers, that becomes another requirement. Share this post: email it! | bookmark it! | digg it! | reddit! | kick it! | live it!

    Read the article

  • ArchBeat Link-o-Rama for 2012-09-27

    - by Bob Rhubart
    Understanding Oracle BI 11g Security vs Legacy Oracle BI 10g | Christian Screen "After conducting a large amount of Oracle BI 10g to Oracle BI 11g upgrades and after writing the Oracle BI 11g book," says Oracle ACE Christian Screen, "I still continually get asked one of the most basic questions regarding security in Oracle BI 11g; How does it compare to Oracle BI 10g? The trail of questions typically goes on to what are the differences? And, how do we leverage our current Oracle BI 10g security table schema in Oracle BI 11g?" Process Oracle OER Events using a simple Web Service | Bob Webster Bob Webster's post "provides an example of a simple web service that processes Oracle Enterprise Repository (OER) Events. The service receives events from OER and utilizes the OER REX API to implement simple OER automations for selected event types." Oracle Fusion Middleware Security: Attaching OWSM policies to JRF-based web services clients | Andre Correa "OWSM (Oracle Web Services Manager) is Oracle's recommended method for securing SOAP web services," says Oracle Fusion Middleware A-Team member Andre Correa. "It provides agents that encapsulate the necessary logic to interact with the underlying software stack on both service and client sides. Such agents have their behavior driven by policies. OWSM ships with a bunch of policies that are adequate to most common real world scenarios." His detailed post shows how to make it happen. WebCenter Content (WCC) Trace Sections | ECM Architect ECM Architect Kevin Smith shares a detailed technical post covering WebCenter Content (WCC) Trace sections. Thought for the Day "A complex system that works is invariably found to have evolved from a simple system that worked." — John Gall Source: SoftwareQuotes.com

    Read the article

  • links for 2010-12-17

    - by Bob Rhubart
    Overview of Oracle Enterprise Manager Management Packs How does Oracle Enterprise Manager Grid Control do so much across so many different systems? Porus Homi Havewala has the answers.  (tags: oracle otn grid soa entarch) How to overcome cloud computing hurdles - Computerworld What does it take to go from 'we should move to the cloud' to a successful cloud computing strategy? This excerpt from Silver Clouds, Dark Linings offers advice on crossing cloud chasms and developing a successful roadmap. (tags: ping.fm) Security in OBIEE 11g, Part 2 Guest blogger Pravin Janardanam continues the discussion about OBIEE 11g Authorization and other Security aspects. (tags: oracle otn security businessintelligence obiee) Oracle Fusion Middleware Security: A Quick Note about Oracle Access Manager 11g and WebLogic "OAM 11g integrates with WebLogic using the very same components used to integrate OAM 10.1.4.3. Under most circumstances, that means using the OAM Identity Asserter...which asserts the OAM_REMOTE_USER header as the user principal in the JAAS subject." - Brian Eidelman (tags: WebLogic oracle) Comparison Between Cluster Multicast Messaging and Unicast Messaging Mode Weblogic wonders!!! "When servers are in a cluster, these member servers communicate with each other by sending heartbeats and indicating that they are alive. For this communication between the servers, either unicast or multicast messaging is used." -- Divya Duryea (tags: weblogic oracle) Ron Batra: Cloud Computing Series: IV: Database.com, ExaData on Demand and connecting the dots Oracle ACE Direct Ron Batra offers his assessment of recent rumblings in the Cloud. (tags: oracle otn oracleace cloud database)

    Read the article

  • Ubuntu 10.04 LTS Server - fresh install - failed apt-get update

    - by user87227
    Good day and greetings to all, I just did a fresh installation of Ubuntu 10.04 LTS server without any issues. However, the apt-get update or aptitude update is giving the following errors: a. bzip2:(stdin) is not bzip2 file.ign for all lines plus the following errors : etched 3,582B in 0s (74.1kB/s) Reading package lists... W: A error occurred during the signature verification. The repository is not updated and the previous index files will be used.GPG error: //security.ubuntu.com lucid-security Release: The following signatures were invalid: NODATA 1 NODATA 2 W: A error occurred during the signature verification. The repository is not updated and the previous index files will be used.GPG error: //in.archive.ubuntu.com lucid Release: The following signatures were invalid: NODATA 1 NODATA 2 W: A error occurred during the signature verification. The repository is not updated and the previous index files will be used.GPG error: in.archive.ubuntu.com lucid-updates Release: The following signatures were invalid: NODATA 1 NODATA 2 W: Failed to fetch security.ubuntu.com/ubuntu/dists/lucid-security/Release W: Failed to fetch in.archive.ubuntu.com/ubuntu/dists/lucid/Release W: Failed to fetch in.archive.ubuntu.com/ubuntu/dists/lucid-updates/Release W: Some index files failed to download, they have been ignored, or old ones used instead. Please guide in resolving this error. TIA Regards Venu

    Read the article

  • Failed to download repository information (Maveric)

    - by Rhiannon
    I have been through most of the duplicates for this question, and still can't find an answer. I may have missed one but hopefully this isn't a duplicate! Having a problem with updates. I get the "failed to download..."message followed by "Check your internet connection", which is clearing working fine as I am on it now. I click details and get the following **W:Failed to fetch http://archive.ubuntu.com/ubuntu/dists/maverick-updates/multiverse/source/Sources 404 Not Found [IP: 91.189.92.202 80] , W:Failed to fetch http://archive.ubuntu.com/ubuntu/dists/maverick-updates/universe/source/Sources 404 Not Found [IP: 91.189.92.202 80] , W:Failed to fetch http:// archive.ubuntu.com/ubuntu/dists/maverick-updates/multiverse/binary-i386/Packages 404 Not Found [IP: 91.189.92.202 80] , W:Failed to fetch http:// archive.ubuntu.com/ubuntu/dists/maverick-updates/universe/binary-i386/Packages 404 Not Found [IP: 91.189.92.202 80] , W:Failed to fetch http:// archive.ubuntu.com/ubuntu/dists/maverick-security/multiverse/source/Sources 404 Not Found [IP: 91.189.92.202 80] , W:Failed to fetch http:// archive.ubuntu.com/ubuntu/dists/maverick-security/universe/source/Sources 404 Not Found [IP: 91.189.92.202 80] , W:Failed to fetch http:// archive.ubuntu.com/ubuntu/dists/maverick-security/multiverse/binary-i386/Packages 404 Not Found [IP: 91.189.92.202 80] , W:Failed to fetch http:// archive.ubuntu.com/ubuntu/dists/maverick-security/universe/binary-i386/Packages 404 Not Found [IP: 91.189.92.202 80] , E:Some index files failed to download. They have been ignored, or old ones used instead.** All the faults have "maveric" somewhere in them, so I have gone to settings and unticked all the Mavarics I can find, but this problem is still happening. Any ideas? Many thanks

    Read the article

  • Software development project inception phase

    - by john ryan
    Currently our team develops Web Applications and now we are going to Windows Forms applications. I have created the inception phase for our Windows Forms project structure. eg: ApplicationSolution --> Security Project(Login Authentication) a. Users will be registered with different applications in our application database. eg: ProjectApplicationId|ProjectName | UserId 1 |ProjectApplication1| user 2 |ProjectApplication2| user b. Execute Application (Start) c. On Security dialog, application automatically get the userid of the user and see all the application it is registered using System.Security.Principal.WindowsIdentity.GetCurrent() eg: Prototype Welcome User! Please Choose Appliations you are registered on below: ProjectApplication1 <--this will be a dropdown ProjectApplication2 Password: [*********************] [Access Application Button] d. User selects the application with its password e. If the password is incorrect (application.exit()) else execute Selected Application eg: ProjectApplication1 is selected then execute ProjectApplication1 --> ProjectApplication1 --> ProjectApplication2 --> Many to come ++ if ProjectApplications has been closed then restart security Application. My questions on this use case: Is my use case possible? Can you give me any recommendations ? Currently we use setup and deployment to create installer in each Windows Forms application.

    Read the article

  • Breaking The Promise of Web Service Interoperability

    The promise of web service interoperability is achievable if certain technical and non-technical issues are dealt with properly. As the world gets smaller and smaller thanks to our growing global economy the need for security is increasing. The use of security is vital in the transferring of data from one server to another. As new security standards and protocols are created, the environments for web service hosts and clients must be in sync so that they can communicate on the same standard and protocols. For example, if a new protocol x can only be implemented on computers built after 2010 then all computers built prior to 2010 will not be able to connect to any web service hosts that only use this protocol in its security policy. If both the host and client of a web service cannot communicate using a set of common standards and protocols then web services are not available to these clients thus breaking the promise of interoperability. Another limiting factor of web services is governmental policies and regulations. I have experienced this first hand last year when I had to work on a project that dealt with personally identifiable information (PII) regarding US and Canadian Citizens. Currently the Canadian government regulates that any data pertaining to Canadian citizens must be store in Canada only. The issue that we had was that fact that we are a US based company that sometimes works with Canadian PII as part of a service that we provide. As you can see we are US based company and dealing with Canadian Data, so we had to place a file server inside the border of Canada in order for us to continue working for our Canadian customers.

    Read the article

  • Struggles to connect to network when using WPA with a BCM43225

    - by pst007x
    When booting my laptop, it will try to connect to my wireless network, however a window keeps popping up asking me for my security password, which has already been saved. I have to keep deleting my network settings, and reconnecting, otherwise it keeps failing to connect. My wireless is set up with a WPA, I do not want to lower my security because of this, but it is a pain and can take me 15mins plus to finally connect. The problem has only become apparent since a fresh install of 11.10. IPV6 disabled. System info: 01:00.0 Ethernet controller: Broadcom Corporation NetLink BCM57780 Gigabit Ethernet PCIe (rev 01) Subsystem: Acer Incorporated [ALI] Device 036d Flags: bus master, fast devsel, latency 0, IRQ 43 Memory at b3400000 (64-bit, non-prefetchable) [size=64K] Capabilities: <access denied> Kernel driver in use: tg3 Kernel modules: tg3 02:00.0 Network controller: Broadcom Corporation BCM43225 802.11b/g/n (rev 01) Subsystem: Broadcom Corporation Device 04da Flags: bus master, fast devsel, latency 0, IRQ 17 Memory at b2400000 (64-bit, non-prefetchable) [size=16K] Capabilities: <access denied> Kernel driver in use: brcmsmac Kernel modules: wl, brcmsmac ADDITIONAL: In terminal I get this: pst007x@pst007x-ubuntu64:~$ nm-applet start ** Message: applet now removed from the notification area ** (nm-applet:2816): DEBUG: old state indicates that this was not a disconnect 0 ** Message: using fallback from indicator to GtkStatusIcon ** Message: applet now embedded in the notification area ** Message: No keyring secrets found for Auto Access 01/802-11-wireless-security; asking user. ** (nm-applet:2816): DEBUG: foo_client_state_changed_cb Note this line: ** Message: No keyring secrets found for Auto Access 01/802-11-wireless-security; asking user. At this point is where I am asked for the password. Please report WPA issues with Ubuntu 11.10 here: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/892727

    Read the article

  • ArchBeat Link-o-Rama for December 4, 2012

    - by Bob Rhubart
    Exalogic 2.0.1 Tea Break Snippets - Creating and using Distribution Groups | The Old Toxophilist "Although in many cases we, as Cloud Users, may not be to worried how the Virtualisation Algorithm decides where to place our vServers," says The Old Toxopholist, "there are cases where it is extremely important that vServers run on distinct physical compute nodes." There's plenty more on the subject in his blog post. Oracle Endeca (2.3) Record Level Security | Adam Seed Adam Sneed's blog post covers "the basics of security within Endeca Information Discovery, as these basic security objects are required in order to explain the implementation of record level security." ODI Handling DQ | Gurcan Orhan Oracle ACE Director Gurcan Orhan suggests you have fun with these scripts for Oracle Data Integrator. Parleys Testimonial at GlassFish Community Event - JavaOne 2012 Video of Parley's webmaster Stephan Janssen's presentation at the GlassFish Community Event at JavaOne 2012, in which he explains why Parley's moved from Tomcat to GlassFish. Java Spotlight Episode 109: Pete Muir on CDI 1.1 This edition of Roger Brinkley's Java Spotlight Podcast features an interview with CDI 1.1 spec lead Pete Muir of JBoss/Red Hat. Muir talks about the features in CDI 1.1 and what to expect in the future. Webcast: Java Management Extensions with Oracle WebLogic Server 12c Dr. Frank Munz and Dave Cabelus do the talking in this on-demand webcast focused on Oracle WebLogic Server 12c with Java Management Extensions (JMX). Using the Coherence API to get Portable Object Format bytes | Bruno Borges Bruno Borges shares a code snippet that illustrates how easy it is to use the Coherence API. Thought for the Day "Experience is something you don't get until just after you need it." — Anonymous Source: SoftwareQuotes.com

    Read the article

  • June 2012 Critical Patch Update for Java SE Released

    - by Eric P. Maurice
    Hi, this is Eric Maurice. Oracle just released the June 2012 Critical Patch Update for Java SE.  This Critical Patch Update provides 14 new security fixes across Java SE products.  As discussed in previous blog entries, Critical Patch Updates for Java SE will, for the foreseeable future, continue to be released on a separate schedule than that of other Oracle products due to previous commitments made to Java customers.  12 of the 14 Java SE vulnerabilities fixed in this Critical Patch Update may be remotely exploitable without authentication.  6 of these vulnerabilities have a CVSS Base Score of 10.0.  In accordance with Oracle’s policies, these CVSS 10 scores represent instances where a user running a Java applet or Java Web Start application has administrator privileges (as is typical on Windows XP).  When the user does not run with administrator privileges (typical on the Solaris and Linux operating systems), the corresponding CVSS impact scores for Confidentiality, Integrity, and Availability for these vulnerabilities would be "Partial" instead of "Complete", thus lowering these CVSS Base Scores to 7.5. Due to the high severity of these vulnerabilities, Oracle recommends that customers obtain and apply these security fixes as soon as possible: Developers should download the latest release at http://www.oracle.com/technetwork/java/javase/downloads/index.html    Java users should download the latest release of JRE at http://java.com, and of course  Windows users can take advantage of the Java Automatic Update to get the latest release. In addition, Oracle recommends removing old an unused versions  of Java as the latest version is always the recommended version as it contains the most recent enhancements, and bug and security fixes.  For more information: •Instructions on removing older (and less secure) versions of Java can be found at http://java.com/en/download/faq/remove_olderversions.xml  •Users can verify that they’re running the most recent version of Java by visiting: http://java.com/en/download/installed.jsp   •The Advisory for the June 2012 Critical Patch Update for Java SE is located at http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html

    Read the article

  • Accessing Secure Web Services from ADF Mobile

    - by Shay Shmeltzer
    Most of the enterprise Web services you'll access are going to be secured - meaning they'll require you to pass a user/password in order to get to their data.  If you never created a secured Web service, it's simple in JDeveloper! For the below video I just right clicked on a Java class that I exposed as a Web service, and chose  "Web Service Properties" and then checked the "oracle/wss_username_token_service_policy" box from the list of options (that's the option supported by ADF Mobile right now): In the demo below we are going to use a "remote" login server that does the authentication of the user/pass.The easiest way to "create" a remote login server is to create a "regular" web ADF application, secure it, and deploy it on a server. The secured ADF application can just require ADF Authentication with a simple HTTP Basic Authentication - basically the next two images in the Application->Secure->Configure ADF Security menu wizard. ok - so now you have a secured ADF application - deploy it on a server and get the URL for that application.  From this point on you'll see the process in the video which deals with the configuration of your ADF Mobile app. First you'll need to enable security for your ADF mobile application, so it will prompt users to provide a user/pass combination. You'll also need to configure security on specific features. And you can have them use remote login pointing to your regular secured ADF application. Next define your Web service data control. Right click on the web service data control to "define Web Service Security". You'll also need to define the adfCredentialStoreKey property for the Web Service data control in the connections.xml file. This should be it. Here is the flow: If you haven't already - you can read more about this in the Mobile developer guide, and Andrejus has a sample for you.

    Read the article

  • Connection String Incorrectly Formatted [migrated]

    - by Randy E
    I'm running into some issues. Every time I launch into debug mode and hit the "Create User" button, I'm getting an exception being thrown that is due to the Connection String either being in the wrong syntax or just wrong. Using Visual Studio 2010, project is .NET 3.5 with SQL 2008 Express. This is just a personal project that I'm testing some other things with, I know this generally isn't the recommended format but for a personal small project, I don't see the point in doing it any other way. The things I'm testing actually work :) Data Source=.\SQLEXPRESS;AttachDbFilename=|Data Directory|ASPAppDatabase.mdf;Integrated Security=True;User Instance=True That doesn't work. Data Source=.\SQLEXPRESS;AttachDbFilename="|Data Directory|ASPAppDatabase.mdf";Integrated Security=True;User Instance=True Neither does that. Data Source=.\SQLEXPRESS;AttachDbFilename='|Data Directory|ASPAppDatabase.mdf';Integrated Security=True;User Instance=True And again, neither does that :/ However, rather than using "|Data directory| if I use the full path to the local DB file it works just fine and no exception is thrown, and I can read and write as I need. And just to cover all my bases, here is the button click event that creates the User. protected void btnAddUser_Click(object sender, EventArgs e) { Membership.CreateUser(txtUserName.Text, txtPassword.Text); btnLogin_Click(sender, e); } So, what am I missing in regards to the |Data Directory|? Here is an example of the above not working correctly..taken directly from web.config. <add name="ASPAppDatabaseConnection" connectionString='Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|ASPAppDatabase.mdf;Integrated Security=True;User Instance=True'/>

    Read the article

  • 64kb limit on the size of MSMQ Multicast Messages

    - by John Breakwell
    When Windows 2003 came out, Microsoft introduced the ability to broadcast messages to any machines that were listening back. All you had to do was send out a message on a particular port and IP address and any client that had set up a Multicast queue with matching port and IP address would get a copy. Since its introduction, there have been a couple of security vulnerabilities that needed to be removed: Microsoft Security Bulletin MS06-052 Vulnerability in Pragmatic General Multicast (PGM) Could Allow Remote Code Execution (919007) Microsoft Security Bulletin MS08-036 Vulnerabilities in Pragmatic General Multicast (PGM) could allow denial of service (950762) The second of these, MS08-036, was resolved through an undocumented change in functionality. Basically, a limit of 64kb was put on the maximum size of a message that could be broadcast using the Multicast method. Obviously this has caused a few problems for any existing MSMQ Multicast applications that expected to be able to send larger messages. A hotfix has been developed to resolve this problem. 961605 FIX: Multicast messages larger than 64 kilobytes (KB) are not delivered as expected by using Message Queuing 3.0 after security update MS08-036 is installed A registry change is required: Open the registry with Regedit Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RMCAST\Parameters\ Create a DWord called MaxpacketSize Set the value to the desired number of bytes. You can set it to a value between zero and 4MB. If you specify anything above 4MB, it will default to 64K. A reboot is needed after adding this value.

    Read the article

  • Datenbank in a Box

    - by A&C Redaktion
    Die Oracle Database Appliance: ein zuverlässiges, einfach zu bedienendes und erschwingliches Datenbank-System. Endlich kommt ein Datenbanksystem auf den Markt, das auf die Bedürfnisse kleinerer Unternehmen zugeschnitten ist: Oracle Database Appliance (ODA). Nicht jeder, der große Datenmengen zu verwalten hat, kann schließlich gleich zu Exadata und Co. greifen. Die kompakte „Datenbank in a Box“ kombiniert Software, Server und Speicherkapazität und bietet diverse Vernetzungsmöglichkeiten. Sie beinhaltet zwei geclusterte SunFire-Server, die unter Oracle Linux laufen, vorinstalliert ist eine Oracle Database 11g Release 2. Einer der großen ODA-Vorteile: Die Datenbank wächst mit den Bedürfnissen des Unternehmens: Die Leistungsfähigkeit des Clusters lässt sich anpassen, indem per "Pay-as-you-grow" Software-Lizensierung sukzessive zwei bis 24 Cores freigeschaltet werden können. Sie bietet außerdem hohe Verfügbarkeit für Eigen- und Standard-OLTP sowie universelle Datenbanken, auch in großer Anzahl. Für den Schutz vor Server- und Speichersystemausfällen sorgen Oracle Real Application Clusters, beziehungsweise Oracle Automatic Storage Management. Proaktive Systemüberwachung, Software-Bereitstellung auf einen Klick, integrierte Patches über den gesamten Stack und ein automatischer Call-Home bei Hardware-Ausfällen sparen Kosten und Ressourcen bei der Instandhaltung. Über das Oracle PartnerNetzwerk steht Kunden eine große Anzahl an branchenübergreifenden und -spezifischen Anwendungen zur Verfügung, die von der besseren Verfügbarkeit der Oracle Database Appliance profitieren. Auch die Fachpresse setzt sich mit der neuen Oracle Database Appliance auseinander: Ausführlich berichten unter anderem die Computerwoche und heise online. Das Admin-Magazin bietet eine kurze aber treffende Übersicht. Eine ebenfalls anschauliche, etwas ausführlichere Darstellung bietet die Webseite von DOAG e.V. Im Webcast zur Oracle Database Appliance geht Judson Althoff unter anderem auf deren Bedeutung für das Partner-Business ein:

    Read the article

  • Rules Manager and Expression Filter getting removed

    - by Mike Dietrich
    I doubt that many people are using the Oracle features "Rules Manager" and "Expression Filter" as usually people handle these things (such as ensuring that a zip code or a car number plate has a certain format) within the application code and not inside the database. Oracle Beehive for instance uses that just on the side.  Anyway, just learned today that Rules Manager and Expression Filter components will get removed once our next database release most likely called Oracle Database 12c will get released. So before upgrading to Oracle Database 12c you can remove EXF and RUL components (SELECT COMP_ID FROM DBA_REGISTRY WHERE COMP_ID IN ('EXF','RUL'); ). You'd simply do that by executing the following script before upgrade:SQL> @?/rdbms/admin/catnoexf.sqlThis will clean up Rules Manager and Expression Filter components inside the database. You could run ?/rdbms/admin/catnorul.sql before but I believe catnoexf.sql will clean up everything already. And you'll find all this information plus guidelines for migration of existing content in MOS Note: 1233535.1 - Obsolescence Notice: Rules Manager and Expression Filter Features of Oracle Database -M.

    Read the article

  • Welcome!

    - by mannamal
    Welcome to the Oracle Big Data Connectors blog, which will focus on posts related to integrating data on a Hadoop cluster with Oracle Database. In particular the blog will focus on best practices, usage notes, and performance tips for using Oracle Loader for Hadoop and Oracle Direct Connector for HDFS, which are part of Oracle Big Data Connectors. Oracle Big Data Connectors 1.0 also includes Oracle R Connector for Hadoop and Oracle Data Integrator Application Adapters for Hadoop. Oracle Loader for Hadoop: Oracle Loader for Hadoop loads data from Hadoop to Oracle Database. It runs as a MapReduce job on Hadoop to partition, sort, and convert the data into an Oracle-ready format, offloading to Hadoop the processing that is typically done using database CPUs. The data is thenloaded to the database by the Oracle Loader for Hadoop job (online load) or written out as Oracle Data Pump files for load and access later (offline load) with Oracle Direct Connector for HDFS. Oracle Direct Connector for HDFS: Oracle Direct Connector for HDFS is a connector for high speed access of data on HDFS from Oracle Database. With this connector Oracle SQL can be used to directly query data on HDFS. The data can be Oracle Data Pump files generated by Oracle Loader for Hadoop or delimited text files. The connector can also be used to load data into the database using SQL.

    Read the article

  • Java SE Updates

    - by Tori Wieldt
    Duke's helpers from around the world have been busy making Java just right for all good developers. Here are the updates:  Java SE 7 Update 10This releases provides key security features and bug fixes. Oracle strongly recommends that all Java SE 7 users upgrade to this release. JavaFX 2.2.4 is now bundled with the JDK on Windows, Mac and Linux x86/x64.Learn more Download Java SE 6 Update 38  This release provides security features and bug fixes. Oracle strongly recommends that all Java SE 6 users upgrade to this release (or to Java SE 7 update 10). Learn more Download Java SE Embedded 7 Update 10 This releases provides the security features and bug fixes from Java SE 7 Update 10. Learn more Download Java SE Embedded 6 Update 38  This releases provides the security features and bug fixes from Java SE 6 Update 38. Learn more Download NOTE: The end of public updates for Java SE 6 will occur in February 2013. See "The End of Public Updates for Java SE 6" and the Java SE Support Roadmap for more information.

    Read the article

  • More Tables or More Databases?

    - by BuckWoody
    I got an e-mail from someone that has an interesting situation. He has 15,000 customers, and he asks if he should have a database for their data per customer. Without a LOT more data it’s impossible to say, of course, but there are some general concepts to keep in mind. Whenever you’re segmenting data, it’s all about boundary choices. You have not only boundaries around how big the data will get, but things like how many objects (tables, stored procedures and so on) that will be involved, if there are any cross-sections of data (do they share location or product information) and – very important – what are the security requirements? From the answer to these types of questions, you now have the choice of making multiple tables in a single database, or using multiple databases. A database carries some overhead – it needs a certain amount of memory for locking and so on. But it has a very clean boundary – everything from objects to security can be kept apart. Having multiple users in the same database is possible as well, using things like a Schema. But keeping 15,000 schemas can be challenging as well. My recommendation in complex situations like this is similar to a post on decisions that I did earlier – I lay out the choices on a spreadsheet in rows, and then my requirements at the top in the columns. I  give each choice a number based on how well it meets each requirement. At the end, the highest number wins. And many times it’s a mix – perhaps this person could segment customers into larger regions or districts or products, in a database. Within that database might be multiple schemas for the customers. Of course, he needs to query across all customers, that becomes another requirement. Share this post: email it! | bookmark it! | digg it! | reddit! | kick it! | live it!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 552 553 554 555 556 557 558 559 560 561 562 563  | Next Page >