Search Results

Search found 1258 results on 51 pages for 'grant roy'.

Page 6/51 | < Previous Page | 2 3 4 5 6 7 8 9 10 11 12 13  | Next Page >

  • Reflections on SQL Saturday #60 - Cleveland

    - by AaronBertrand
    Every time I attend a SQL Saturday , I leave with a rejuvenated and even further reinforced sense of community. Cleveland ( SQL Saturday #60 ) was by far no exception. Allen White ( blog | twitter ), Erin Stellato ( blog | twitter ), Cory Stevenson, Brian Davis ( twitter ), and all others involved put on a fantastic event that endured some crappy weather, parking problems, and significant delays and hardship for at least one speaker - sorry Grant! (Grant wrote about his experience .) I was able to...(read more)

    Read the article

  • Reflections on SQL Saturday #60 - Cleveland

    - by AaronBertrand
    Every time I attend a SQL Saturday , I leave with a rejuvenated and even further reinforced sense of community. Cleveland ( SQL Saturday #60 ) was by far no exception. Allen White ( blog | twitter ), Erin Stellato ( blog | twitter ), Cory Stevenson, Brian Davis ( twitter ), and all others involved put on a fantastic event that endured some crappy weather, parking problems, and significant delays and hardship for at least one speaker - sorry Grant! (Grant wrote about his experience .) I was able to...(read more)

    Read the article

  • Upgrade Workshop in Melbourne - Recap

    - by Mike Dietrich
    Thanks to everybody who did attend at our Upgrade and Migration Workshop in Melbourne last Friday. First of all it was a Friday so we really appreciated your patience of staying until the very end And then, yes we know, it was a full room. And we'd really like to thank you It was a great day for Roy and me. And you were such a great crowd with many questions and excellent discussions during the breaks. Please have all successful upgrade and migrations. And feel free to get in touch directly with Roy and me if you have additional questions or if you'd like to become a reference. Please feel free to download the slides from the Slides Download section to your right - or simply use that link here. Ah, and sorry that neither Mark Webber nor Sebastian Vettel did win ... next time -Mike

    Read the article

  • Upgrade Workshop in Wellington - Recap

    - by Mike Dietrich
    Wow! Wellington is really a wonderful city - except for the weather situation But it was the first time that Roy and me did arrive to a workshop with a ferry boat. We flew in on Friday to Christchurch (btw, this was the longest customs and border control I've ever went through - and I traveled to Israel by Bus via Allenby Bridge from the West Bank some years ago - it took us two hours to go through immigration and customs in the night from Friday to Saturday) and drove up the Southern Island. Very nice Great landscapes, great wines and great people! I'f you'd like to download the slides please download them from the Slides Download section to your right. And next time you'll have to ask more questions Don't be this shy - Roy and me (usually) don't bite -Mike

    Read the article

  • Workshop in Denver canceled - thanks to hurricane Isaac

    - by Mike Dietrich
    Yesterday Roy did start his journey on time to travel to Denver, CO for today's Upgrade and Migration Workshop.  But unfortunately due to the remnants of  hurricane Issac moving up the East Coast and scrambling up flight schedules Roy's flight from NYC to Denver got canceled after a 3 hour delay leaving Manchester, NH, and there was no option to arrive in Denver this morning on time. So we apologize for canceling that workshop. The local marketing department will contact you regarding an alternative date. Sorry for any inconvenience!

    Read the article

  • Is it OK to have multiple asserts in a single unit test?

    - by Restuta
    I think that there are some cases when multiple assertions are needed (e.g. Guard Assertion), but in general I try to avoid this. What is your opinion? Please provide a real word examples when multiple asserts are really needed. Thanks! Edit In the comment to this great post Roy Osherove pointed to the OAPT project that is designed to run each assert in a single test. This is written on projects home page: Proper unit tests should fail for exactly one reason, that’s why you should be using one assert per unit test. And also Roy wrote in comments: My guideline is usually that you test one logical CONCEPT per test. you can have multiple asserts on the same object. they will usually be the same concept being tested.

    Read the article

  • Sharing a printer over the net from Windows 7 to Windows Server 2003

    - by Grant Unwin
    Hi, I need to share a printer that is connected to a Windows 7 computer. The windows 7 computer is in another building about an hours drive away. The computer that needs to access the printer is running Windows Server 2008. Ive tried setting the printer as 'shared' for 'everyone' on the Windows 7 PC and accessing it from the server by adding a TCP/IP port to the IP address but the printer just wont add. From googling aparently it may need setting up as a printer server through IIS, but i'm just not sure on the best practice. Any help greatly appreciated. Thanks Grant Unwin

    Read the article

  • MySQL root user can't access database

    - by Ed Schofield
    Hi all, We have a MySQL database ('myhours') on a production database server that is accessible to one user ('edsf') only, but not to the root user. The command 'SHOW DATABASES' as the root user does not list the 'myhours' database. The same command as the 'edsf' user lists the database: mysql> SHOW DATABASES; +--------------------+ | Database | +--------------------+ | information_schema | | myhours | +--------------------+ 2 rows in set (0.01 sec) Only the 'edsf' user can access the 'myhours' database with 'USE myhours'. Neither user seems to have permission to grant further permissions for this database. My questions are: Q1. How is it that the root user does not have permission to use the database? How could this have come about? The output of SHOW GRANTS FOR 'root'@'localhost'; looks fine to me: GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED BY PASSWORD '*xxx' WITH GRANT OPTION Q2. How can I recover this situation to make this database visible to the MySQL root user and grant further permissions on it? Thanks in advance for any help! -- Ed

    Read the article

  • Wix, Launch application after installation complete, with UAC turned on.

    - by Christopher Roy
    Good day. I've been building an installer for our product using the WIX(Windows Installer XML) technology. The expected behavior is that the product is launched, if the check box is checked after installation. This has been working for some time now, but we found out recently that UAC of Win 7, and Vista is stopping the application from launching. I've done some research and it has been suggested to me that I should add the attributes Execute='deferred' and Impersonate='no'. Which I did, but then found out that to execute deferred, the CustomAction has to be performed, between the InstallInitialize, and IntallFinalize phases; which is not what I need. I need the product to launch AFTER install finalize, IF the launch checkbox is checked. Is there any other way to elevate permissions? Any and all answers, suggestions, or resonings will be appreciated. Cheers, Christopher Roy.

    Read the article

  • Why doesn't WebBBS work now that I've migrated to a new server?

    - by Roy Peleg
    Hello, I've moved a WebBBS board from one server to another. Ever since the board doesn't work. I'm getting an Apache error whenever I try to access the board. Don't even know where to start the debugging, I'm not a Perl person. The file paths remained the same and there isn't any DB involved. http://gammonline.com/members/board/ Any ideas? After a bit of testing I believe that the problem has something to do with the index.cgi which is located in that folder (not getting the error when renaming it). Thanks, Roy.

    Read the article

  • WPF : how can i use a picture while i'm showing it?

    - by Roy Gavrielov
    hello, i'm trying to do so but the program throws this exception : An unhandled exception of type 'System.IO.IOException' occurred in mscorlib.dll Additional information: The process cannot access the file 'C:\Users\Roy\documents\visual studio 2010\Projects\Assignment3\Assignment3\bin\Debug\Images\Chrysanthemum.jpg' because it is being used by another process. is there a way to use it while it's open? code : if (imgAddMessage.Source != null) { BitmapImage src = (BitmapImage)imgAddMessage.Source; if (!Directory.Exists("Images")) { Directory.CreateDirectory("Images"); } FileStream stream = new FileStream("Images/" + imageName, FileMode.Create, FileAccess.ReadWrite); JpegBitmapEncoder encoder = new JpegBitmapEncoder(); encoder.Frames.Add(BitmapFrame.Create(src)); encoder.Save(stream); stream.Close(); } thanks.

    Read the article

  • Looping through worksheets in an Excel (xls) file using classic ASP on a win 2008 server

    - by Roy
    Hi, I have just migrated an older ASP solution to a windows 2008 server and everything works out fine except for using ADOX.Catalog to list all the worksheets in an uploaded xls file. I use the following code: <% Set objExcelCon = Server.CreateObject("ADODB.Connection") With objExcelCon .Provider = "Microsoft.ACE.OLEDB.12.0" .ConnectionString = "Data Source=" & strFilePath & "\" & strFileName & ";Extended Properties=Excel 12.0;" .Open End With Set objAdo = Server.CreateObject("ADOX.Catalog") ' Set ADOX activeConnection objAdo.activeConnection = objExcelCon ' Loop through tables (worksheets) For i = 0 To objAdo.Tables.Count - 1 response.Write objAdo.Tables(i).Name Next Set objExcelCon = Nothing Set objAdo = Nothing % When I run this i get no error message or anything. Anyone got any idea whats causing this? Best regards, Roy

    Read the article

  • In need of a semantic thesaurus as a SAS

    - by Roy Peleg
    Hello, I'm currently building a web application. In one of it's key processes the application need to match short phrases to other similar ones available in the DB. The application needs to be able to match the phrase: Looking for a second hand car in good shape To other phrases which basically have the same meaning but use different wording, such as: 2nd hand car in great condition needed or searching for a used car in optimal quality The phrases are length limited (say 250 chars), user generated & unstructured. I'm in need of a service / company / some solution which can help / do these connections for me. Can anyone give any ideas? Thanks, Roy

    Read the article

  • In need of a SaaS solution for semantic thesaurus matching

    - by Roy Peleg
    Hello, I'm currently building a web application. In one of it's key processes the application need to match short phrases to other similar ones available in the DB. The application needs to be able to match the phrase: Looking for a second hand car in good shape To other phrases which basically have the same meaning but use different wording, such as: 2nd hand car in great condition needed or searching for a used car in optimal quality The phrases are length limited (say 250 chars), user generated & unstructured. I'm in need of a service / company / some solution which can help / do these connections for me. Can anyone give any ideas? Thanks, Roy

    Read the article

  • Samba share not accessible from Win 7 - tried advice on superuser

    - by Roy Grubb
    I have an old Red Hat Linux box that I use, amongst other things, to run Samba. My Vista and remaining Win XP PC can access the p/w-protected Samba shares. I just set up a new Windows 7 64-bit Pro PC. Attempts to access the Samba shares by clicking on the Linux box's icon in 'Network' from this machine gave a Logon failure: unknown user name or bad password. message when I gave the correct credentials. So I followed the suggestions in Windows 7, connecting to Samba shares (also checked here but found LmCompatibilityLevel was already 1). This got me a little further. If click on the Linux box's icon in 'Network' from this machine I now see icons for the shared directories. But when I click on one of these, I get \\LX\share is not accessible. You might not have permission... etc. I tried making the Win 7 password the same as my Samba p/w (the user name was already the same). Same result. The Linux box does part of what I need for ecommerce - the in-house part, it's not accessible to the Internet. As my Linux Fu is weak, I have to avoid changes to the Linux box, so I'm hoping someone can tell me what to do to Win 7 to make it behave like XP and Vista when accessing this share. Help please!? Thanks Thanks for replying @Randolph. I had set 'Network security: LAN Manager authentication level' to Send LM & NTLM - use NTLMv2 session security if negotiated based on the advice in Windows 7, connecting to Samba shares and had restarted the machine, but that didn't work for me. I'll try playing with other Network security values. I have now tried the following: Network security: Allow Local System to use computer identity for NTLM: changed from Not Defined to "Enabled". Restarted machine Still says "\LX\share is not accessible. You might not have permission..." etc. Network security: Restrict NTLM: Add remote server exceptions for NTLM Authentication (added LX) Restarted machine Still says "\LX\share is not accessible. You might not have permission..." etc. I can't see any other Network security settings that might affect this. Any other ideas please? Thanks Roy

    Read the article

  • Why do I get error "1337 The security ID structure is invalid" when using subinacl?

    - by ralbatross
    I have a standard Win 7 account 'popuser' to which I'd like to grant start and stop permissions for the OpenVPNService. I've used the following command successfully on other machines, but for some reason on a new Acer Aspire 5830T that I'm setting up this doesn't do the trick for me: subinacl /service OpenVPNService /grant=popuser=TO I keep getting the following error message: LookupAccountName : OpenVPNService:popuser 1337 The security ID structure is invalid. Current object OpenVPNService will not be processed Elapsed Time: 00 00:00:00 Done: 0, Modified 0, Failed 0, Syntax errors 1 Last Syntax Error:WARNING : /grant=popuser=to : Error when checking arguments - OpenVPNService I've tried adding the machine name to the username and the service name to no avail. I'm running command prompt as an administrator. Anyone have any ideas what's going on?

    Read the article

  • Anonymous user permission issue in SharePoint Server

    - by George2
    Hello everyone, I am using SharePoint Server 2007 x64 and Windows Server 2008 x64. I have setup a site with template publishing portal. I have grant anonymous access to all the site. My question is, if I create a new page, how to grant permission to anonymous user to access (read permission) the page? I got this confusion because, for the permission setting of a page, a permission is set according to a user name (e.g. read permission for user "foo" of a page). Since anonymous user does not have a related "user name", how could I grant read permission to anonymous user? BTW: I use Windows Forms authentication and Windows NTLM authentication for my sites. Thanks in advance, George

    Read the article

  • How to protect UI components using OPSS Resource Permissions

    - by frank.nimphius
    v\:* {behavior:url(#default#VML);} o\:* {behavior:url(#default#VML);} w\:* {behavior:url(#default#VML);} .shape {behavior:url(#default#VML);} Normal 0 false false false false EN-US X-NONE X-NONE /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;} table.MsoTableGrid {mso-style-name:"Table Grid"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-priority:59; mso-style-unhide:no; border:solid black 1.0pt; mso-border-alt:solid black .5pt; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-border-insideh:.5pt solid black; mso-border-insidev:.5pt solid black; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:10.0pt; font-family:"Times New Roman","serif";} ADF security protects ADF bound pages, bounded task flows and ADF Business Components entities with framework specific JAAS permissions classes (RegionPermission, TaskFlowPermission and EntityPermission). If used in combination with the ADF security expression language and security checks performed in Java, this protection already provides you with fine grained access control that can also be used to secure UI components like buttons and input text field. For example, the EL shown below disables the user profile panel tabs for unauthenticated users: <af:panelTabbed id="pt1" position="above">   ...   <af:showDetailItem        text="User Profile" id="sdi2"                                       disabled="#{!securityContext.authenticated}">   </af:showDetailItem>   ... </af:panelTabbed> The next example disables a panel tab item if the authenticated user is not granted access to the bounded task flow exposed in a region on this tab: <af:panelTabbed id="pt1" position="above">   ...   <af:showDetailItem text="Employees Overview" id="sdi4"                        disabled="#{!securityContext.taskflowViewable         ['/WEB-INF/EmployeeUpdateFlow.xml#EmployeeUpdateFlow']}">   </af:showDetailItem>   ... </af:panelTabbed> Security expressions like shown above allow developers to check the user permission, authentication and role membership status before showing UI components. Similar, using Java, developers can use code like shown below to verify the user authentication status: ADFContext adfContext = ADFContext.getCurrent(); SecurityContext securityCtx = adfContext.getSecurityContext(); boolean userAuthenticated = securityCtx.isAuthenticated(); Note that the Java code lines use the same security context reference that is used with expression language. But is this all that there is? No ! The goal of ADF Security is to enable all ADF developers to build secure web application with JAAS (Java Authentication and Authorization Service). For this, more fine grained protection can be defined using the ResourcePermission, a generic JAAS permission class owned by the Oracle Platform Security Services (OPSS).  Using the ResourcePermission  class, developers can grant permission to functional parts of an application that are not protected by page or task flow security. For example, an application menu allows creating and canceling product shipments to customers. However, only a specific user group - or application role, which is the better way to use ADF Security - is allowed to cancel a shipment. To enforce this rule, a permission is needed that can be used declaratively on the UI to hide a menu entry and programmatically in Java to check the user permission before the action is performed. Note that multiple lines of defense are what you should implement in your application development. Don't just rely on UI protection through hidden or disabled command options. To create menu protection permission for an ADF Security enable application, you choose Application | Secure | Resource Grants from the Oracle JDeveloper menu. The opened editor shows a visual representation of the jazn-data.xml file that is used at design time to define security policies and user identities for testing. An option in the Resource Grants section is to create a new Resource Type. A list of pre-defined types exists for you to create policy definitions for. Many of these pre-defined types use the ResourcePermission class. To create a custom Resource Type, for example to protect application menu functions, you click the green plus icon next to the Resource Type select list. The Create Resource Type editor that opens allows you to add a name for the resource type, a display name that is shown when granting resource permissions and a description. The ResourcePermission class name is already set. In the menu protection sample, you add the following information: Name: MenuProtection Display Name: Menu Protection Description: Permission to grant menu item permissions OK the dialog to close the resource permission creation. To create a resource policy that can be used to check user permissions at runtime, click the green plus icon in the Resources section of the Resource Grants section. In the Create Resource dialog, provide a name for the menu option you want to protect. To protect the cancel shipment menu option, create a resource with the following settings Resource Type: Menu Protection Name: Cancel Shipment Display Name: Cancel Shipment Description: Grant allows user to cancel customer good shipment   A new resource Cancel Shipmentis added to the Resources panel. Initially the resource is not granted to any user, enterprise or application role. To grant the resource, click the green plus icon in the Granted To section, select the Add Application Role option and choose one or more application roles in the opened dialog. Finally, you click the process action to define the policy. Note that permission can have multiple actions that you can grant individually to users and roles. The cancel shipment permission for example could have another action "view" defined to determine which user should see that this option exist and which users don't. To use the cancel shipment permission, select the disabled property on a command item, like af:commandMenuItem and click the arrow icon on the right. From the context menu, choose the Expression Builder entry. Expand the ADF Bindings | securityContext node and click the userGrantedResource option. Hint: You can expand the Description panel below the EL selection panel to see an example of how the grant should look like. The EL that is created needs to be manually edited to show as #{!securityContext.userGrantedResource[               'resourceName=Cancel Shipment;resourceType=MenuProtection;action=process']} OK the dialog so the permission checking EL is added as a value to the disabled property. Running the application and expanding the Shipment menu shows the Cancel Shipments menu item disabled for all users that don't have the custom menu protection resource permission granted. Note: Following the steps listed above, you create a JAAS permission and declaratively configure it for function security in an ADF application. Do you need to understand JAAS for this? No!  This is one of the benefits that you gain from using the ADF development framework. To implement multi lines of defense for your application, the action performed when clicking the enabled "Cancel Shipments" option should also check if the authenticated user is allowed to use process it. For this, code as shown below can be used in a managed bean public void onCancelShipment(ActionEvent actionEvent) {       SecurityContext securityCtx =       ADFContext.getCurrent().getSecurityContext();   //create instance of ResourcePermission(String type, String name,   //String action)   ResourcePermission resourcePermission =     new ResourcePermission("MenuProtection","Cancel Shipment",                            "process");        boolean userHasPermission =          securityCtx.hasPermission(resourcePermission);   if (userHasPermission){       //execute privileged logic here   } } Note: To learn more abput ADF Security, visit http://download.oracle.com/docs/cd/E17904_01/web.1111/b31974/adding_security.htm#BGBGJEAHNote: A monthly summary of OTN Harvest blog postings can be downloaded from ADF Code Corner. The monthly summary is a PDF document that contains supporting screen shots for some of the postings: http://www.oracle.com/technetwork/developer-tools/adf/learnmore/index-101235.html

    Read the article

  • icacls in windows 7 does not give full permission to write files in root drive

    - by Menuta
    icacls in windows 7 does not give full permission to write files in root drive. We have a very old application based on Omnis7 that needs to create and read/write files on drive C: when running as a restricted user. In Windows XP to give this permission is quite trivial using cacls. cacls C:\ /G Everyone:(C) The equivalent icacls in Windows 7 will not work. icacls C:\ /Grant Everyone:(M) I have also tried the following. icacls C:\ /Grant Everyone:(F) icacls C:\ /Grant Domain\user:(F) trying to create file with a restricted user gives this C:\>copy nul text.txt Access is denied. 0 file(s) copied. After applying the icacls permissions above the result changes to this. C:\>copy nul text.txt A required privilege is not held by the client. 0 file(s) copied. Is this an issue with the way I am applying the permissions? Or is Window 7 being extremely strict?

    Read the article

  • Granting rights on postgresql database to another user

    - by Austin
    I'm trying to set up a system with a PostgreSQL database per user, with a PHP-FPM resource pool for an associated account. I need to grant all privileges on the database to the other user, but it seems that it's only possible to do this for tables. I've tried grant all privileges on database username to username_shadow but this gives only limited privileges. I've upgraded to PGSQL 9.2, which has the ability to grant privileges on schema, but I can't get a useful result. How do I simply make another user have all the privileges of the first on the same database?

    Read the article

  • How do I start mysqld with options

    - by xiankai
    I need to start up mysqld with command line options as from here: http://dev.mysql.com/doc/refman/5.1/en/server-options.html#option_mysqld_skip-grant-tables I normally do sudo service mysqld start, but passing the option as sudo service mysqld start --skip-grant-tables does not seem to work. Alternatively I have tried starting as a daemon, sudo mysqld_safe --skip-grant-tables & But it seems to terminate too soon: 131101 04:59:57 mysqld_safe Logging to '/var/lib/mysql/vagrant.example.com.err'. 131101 04:59:57 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql 131101 05:00:03 mysqld_safe mysqld from pid file /var/lib/mysql/vagrant.example.com.pid ended My last option seems to specify the option in /etc/my.cnf instead, but is there any way to do it via the command line?

    Read the article

  • How can give privilege for DB to a user [ ERROR 1044 (42000): Access denied for user ''@'localhost']

    - by Ahn
    I have created user in mysql 5.1 and given the ALL privilege, details given below, mysql> show GRANTS FOR test; +-------------------------------------------------------------+ | Grants for test@% | +-------------------------------------------------------------+ | GRANT ALL PRIVILEGES ON *.* TO 'test'@'%' WITH GRANT OPTION | | GRANT ALL PRIVILEGES ON `tt`.* TO 'test'@'%' | +-------------------------------------------------------------+ 2 rows in set (0.00 sec) But the show databases is not showing the databases on the mysql. It only shows as given below. How can give privilege for other DB s tables as well for the user 'test'? mysql> show databases; +--------------------+ | Database | +--------------------+ | information_schema | | test | +--------------------+ Error while I tried to use the mysql DB as user test: mysql> use mysql; ERROR 1044 (42000): Access denied for user ''@'localhost' to database 'mysql'

    Read the article

  • why need select privileges on *.* to use view?

    - by profy
    I have a problem using view with MySQL server 5.0 (5.0.92) I cannot use view with a user granted like that : GRANT USAGE ON *.* TO 'testuser'@'' IDENTIFIED BY PASSWORD '**********'; GRANT ALL PRIVILEGES ON `testuser`.* TO 'testuser'@''; I can create view, but when I try to select in, I have this messages : ERROR 1356 (HY000): View 'testuser.v' references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them I need to "GRANT SELECT ON . TO 'testuser'@''" to make select working on the view. Why ? Do you know a solution to use VIEW's without the select privileges on . ? Thanks a lots for your answers.

    Read the article

  • Remote connect to mysql server?

    - by LF4
    I've been trying to figure out why I keep getting this error when I try to connect to the MySQL server with the following commands. $~ mysql -u username -h SQLserver -p Enter password: ERROR 1045 (28000): Access denied for user 'username'@'myIP' (using password: YES) I've done the following: Port is open in the firewall other wise I wouldn't get the error it'd just timeout. MySQL server not running with skip-networking or bind-address username has host as '%' and I can connect locally so the password is correct. GRANT USAGE ON *.* TO username@% IDENTIFIED BY 'password'; FLUSH PRIVILEGES; I wanted to know if anyone had ideas or ran into this issue before and solved it? mysql> select user, host from mysql.user where user='username'; +----------+------+ | user | host | +----------+------+ | username | % | +----------+------+ 1 row in set (0.00 sec) mysql> show grants for 'username'; +----------------------------------------------------------------------------------------------------------------+ | Grants for username@% | +----------------------------------------------------------------------------------------------------------------+ | GRANT ALL PRIVILEGES ON *.* TO 'username'@'%' IDENTIFIED BY PASSWORD '*F42AD03PASSWORDHASHADF4021C86B' | | GRANT ALL PRIVILEGES ON `DB2`.* TO 'username'@'%' | +----------------------------------------------------------------------------------------------------------------+ 2 rows in set (0.00 sec)

    Read the article

  • How to sanely configure security policy in Tomcat 6

    - by Chas Emerick
    I'm using Tomcat 6.0.24, as packaged for Ubuntu Karmic. The default security policy of Ubuntu's Tomcat package is pretty stringent, but appears straightforward. In /var/lib/tomcat6/conf/policy.d, there are a variety of files that establish default policy. Worth noting at the start: I've not changed the stock tomcat install at all -- no new jars into its common lib directory(ies), no server.xml changes, etc. Putting the .war file in the webapps directory is the only deployment action. the web application I'm deploying fails with thousands of access denials under this default policy (as reported to the log thanks to the -Djava.security.debug="access,stack,failure" system property). turning off the security manager entirely results in no errors whatsoever, and proper app functionality What I'd like to do is add an application-specific security policy file to the policy.d directory, which seems to be the recommended practice. I added this to policy.d/100myapp.policy (as a starting point -- I would like to eventually trim back the granted permissions to only what the app actually needs): grant codeBase "file:${catalina.base}/webapps/ROOT.war" { permission java.security.AllPermission; }; grant codeBase "file:${catalina.base}/webapps/ROOT/-" { permission java.security.AllPermission; }; grant codeBase "file:${catalina.base}/webapps/ROOT/WEB-INF/-" { permission java.security.AllPermission; }; grant codeBase "file:${catalina.base}/webapps/ROOT/WEB-INF/lib/-" { permission java.security.AllPermission; }; grant codeBase "file:${catalina.base}/webapps/ROOT/WEB-INF/classes/-" { permission java.security.AllPermission; }; Note the thrashing around attempting to find the right codeBase declaration. I think that's likely my fundamental problem. Anyway, the above (really only the first two grants appear to have any effect) almost works: the thousands of access denials are gone, and I'm left with just one. Relevant stack trace: java.security.AccessControlException: access denied (java.io.FilePermission /var/lib/tomcat6/webapps/ROOT/WEB-INF/classes/com/foo/some-file-here.txt read) java.security.AccessControlContext.checkPermission(AccessControlContext.java:323) java.security.AccessController.checkPermission(AccessController.java:546) java.lang.SecurityManager.checkPermission(SecurityManager.java:532) java.lang.SecurityManager.checkRead(SecurityManager.java:871) java.io.File.exists(File.java:731) org.apache.naming.resources.FileDirContext.file(FileDirContext.java:785) org.apache.naming.resources.FileDirContext.lookup(FileDirContext.java:206) org.apache.naming.resources.ProxyDirContext.lookup(ProxyDirContext.java:299) org.apache.catalina.loader.WebappClassLoader.findResourceInternal(WebappClassLoader.java:1937) org.apache.catalina.loader.WebappClassLoader.findResource(WebappClassLoader.java:973) org.apache.catalina.loader.WebappClassLoader.getResource(WebappClassLoader.java:1108) java.lang.ClassLoader.getResource(ClassLoader.java:973) I'm pretty convinced that the actual file that's triggering the denial is irrelevant -- it's just some properties file that we check for optional configuration parameters. What's interesting is that: it doesn't exist in this context the fact that the file doesn't exist ends up throwing a security exception, rather than java.io.File.exists() simply returning false (although I suppose that's just a matter of the semantics of the read permission). Another workaround (besides just disabling the security manager in tomcat) is to add an open-ended permission to my policy file: grant { permission java.security.AllPermission; }; I presume this is functionally equivalent to turning off the security manager. I suppose I must be getting the codeBase declaration in my grants subtly wrong, but I'm not seeing it at the moment.

    Read the article

< Previous Page | 2 3 4 5 6 7 8 9 10 11 12 13  | Next Page >