Search Results

Search found 22139 results on 886 pages for 'security testing'.

Page 615/886 | < Previous Page | 611 612 613 614 615 616 617 618 619 620 621 622 | Next Page >

GetAllUsers - MVC

- by Jemes

I’m using the Membership Provider and would like to display a list of all the users and their First Name, Last Name etc using the GetAllUsers function. I'm having trouble understanding how to implement this function in MVC. Has anyone implemented this in MVC or is there an easier way to list all the users in my application? Any help or advise would be really helpful. Controller public ActionResult GetUsers() { var users = Membership.GetAllUsers(); return View(users); } View Model public class GetUsers { [Required] [DisplayName("User name")] public string UserName { get; set; } [Required] [DisplayName("User name")] public string FirstName { get; set; } } View <%= Html.Encode(item.UserName) %> Error The model item passed into the dictionary is of type 'System.Web.Security.MembershipUserCollection', but this dictionary requires a model item of type 'System.Collections.Generic.IEnumerable`1[Account.Models.GetUsers]'.

Read the article
ASPNETDB and ASPSTATE database. How to change the connectionstrings?

- by George

I have two ASP-specific SQL Server databases 1) ASPState - To store session state 2) ASPNETDB - To store Security/Role stuff. In my web.config, I am specifying the connection string used to identify the location of the APState database: <sessionState mode="SQLServer" sqlConnectionString="server=(local)\sql2008b;uid=sa;pwd=iainttelling;" timeout="120"/> Where is the conenction string specified for the ASPNETDB database? I am trying to point it to a db on a remote server. I have a feeling it is somewhere in IIS orthe Machine Config. I'd like to add it to my WEB.CONFIG Could someone help me to do this?

Read the article
Extending Code Igniter Model functions to external PHP Scripts

- by Fábio Antunes

Hello everybody. I'm doing a small web app, which uses CKeditor for user input, and CKfinder for file management (images/flash). Those who know CKFinder, also know that the config file for CKFinder as a function named CheckAuthentication() that returns false or true, giving or not permissions to use CKFinder. This is were a Custom PHP Code checks if the user as authorization to access CKFinder or not. Well for my app I'm using Code Igniter, and of course I've created a model were i handle everything about User Permissions, Loggin, Session Cookies, etc. And i also have a function witch its propose is just to check if the user is Logged in. So I would like to know if someone knows a way that i can call the function isLoggedIn() inside the model security from inside the function CheckAuthentication() in CKFinder config file. Thanks in advance.

Read the article
generate only objectLayer of Entity Framework Model by edmgen tool

- by loviji

How to generate only objectLayer by edmgen tool, without generating csdl, ssdl and views ? *"%windir%\Microsoft.NET\Framework\v4.0.30319\edmgen.exe" /mode:fullgeneration /c:"Data Source=.\sqlexpress; Initial Catalog=uqs; Integrated Security=SSPI" /project:generateEntityModel /entitycontainer:uqsEntities /namespace:uqsModel /language:CSharp /outobjectlayer:"D:/uqsObjectLayer.cs" * in this script I don't write location to write csdl, ssdl and views , but they are generated in C:\Users\adminUser in windows Vista and objectLayer generated to D:/uqsObjectLayer.cs. If I use /mode:EntityClassGeneration, this option requires the /incsdl argument and either the /project argument or the /outobjectlayer argument. The /language argument is optional. But I don't want use csdl file. As I understand, edmgen.tool can not create objectlayer without csdl file. Now is there alternate way or tool for generating objectlayer from db?

Read the article
Should I use vnd.youtube:videoID?

- by Felix

While playing around with the emulator, I noticed that when trying to view a YouTube video the browser gives an error saying it can not load the page at vnd.youtube:ngc978y6rCU?some=parameters. I don't have an Android device, but by this I can suppose that launching a VIEW intent with the data URI set to vnd.youtube:VIDEO_ID would launch the default YouTube application and watch that video. Now, my application has to be able to display YouTube videos. Right now I have a custom-made YouTube activity which does just that, but I'm thinking of: Removing my custom activity and just launching a VIEW intent with a vnd.youtube:VIDEO_ID Uri, or Testing whether that Intent is available and using it, or, if it's not available, using my custom activity. Is this a good idea? Does this work at all (as I said I have no Android device, I'll just be borrowing one from a friend to test my final application)? Which way should I go?

Read the article
Benefit for implementing OAuth

- by zfranciscus

Hi, I am just wondering from a webservice provider point of view what is the benefit of asking users to create an account or login using 3rd party web service provider e.g: Twitter or facebook. Wouldn't it be easier to ask the user to provide their twitter or facebook login and use that to pull the user's twitter or facebook data. I can understand the benefit of using From user point of view using OAuth provide security. It is safer to use OAuth than giving some one the internet our twitter or facebook login credential. But some how I can't figure out the benefit from the web service point of view. Thank you. Cheers

Read the article
Efficiency Question for an Ajax App

- by Kubi

Hi, Currently I am dealing with a web application which uses a txt file as a database for testing for now. But we will connect it to a server later on. My question is, if there is a more efficient way to get my objects than the way I am using now. During the page_init I am getting all my objects into a Collection as List, then I am populating the ajax toolkit accordion objects in the page with that. I have some client side buttons which fires callbacks for getting some other objects to populate the accordions in an update panel. And I am using .net Collections too much like dictionary and list, I am wondering if using arrays is more efficient. Could you advise me about how to make this site better and faster ? Is it better or possible to initialize those TravelP objects in javascript at the beginning and use it like that ? Any comments would be greatly appreciated, Thanks

Read the article
Where can I download a free, text-rich dataset?

- by blee

I want to do a bit of lightweight testing and bench-marking for full-text search, so the dataset should have the qualities: 10,000 - 100,000 records. good dispersion of English words. In CSV or Excel format--i.e. I don't want to access it via API. Something like books or movies with title and description fields would be perfect. I browsed the UCI Machine Learning Repo, but it was too number-oriented. Thanks!

Read the article
Microsoft.Web.Administration.ServerManager can't read config sections containing encrypted passwords in applicationHost.config

- by Dylan Beattie

I have some sites in IIS7 that are configured to run as domain users (MYDOMAIN\someuser). I'm using the Microsoft.Web.Administration namespace to scan my server configuration, but it's throwing an exception when I hit one of these "impersonator" sites: using (ServerManager sm = new ServerManager()) { foreach (Site site in sm.Sites) { foreach (Application app in site.Applications.Reverse()) { foreach (VirtualDirectory vdir in app.VirtualDirectories.Reverse()) { var config = app.GetWebConfiguration(); foreach (var locationPath in config.GetLocationPaths()) { // error occurs in GetLocationPaths() } } } } } The actual error message is: COMException was unhandled Filename: \\?\C:\Windows\system32\inetsrv\config\applicationHost.config Line number: 279 Error: Failed to decrypt attribute 'password' because the keyset does not exist It appears that IIS is storing the MYDOMAIN\someuser password encrypted in applicationHost.config, which is great in terms of security - but I have no idea how to get the ServerManager to decrypt this. Any tips on how I can either allow ServerManager to decrypt this, or just tell IIS to store the passwords in plain text? This is on IIS7 under Windows 7 RC, by the way.

Read the article
Map a column to be IDENTITY in db with EF4 Code-Only

- by Tomas Lycken

Although I have marked my ID column with .Identity(), the generated database schema doesn't have IDENTITY set to true, which gives me problems when I'm adding records. If I manually edit the database schema (in SQL Management Studio) to have the Id column marked IDENTITY, everything works as I want it - I just can't make EF do that by itself. This is my complete mapping: public class EntryConfiguration : EntityConfiguration<Entry> { public EntryConfiguration() { Property(e => e.Id).IsIdentity(); Property(e => e.Amount); Property(e => e.Description).IsRequired(); Property(e => e.TransactionDate); Relationship(e => (ICollection<Tag>)e.Tags).FromProperty(t => t.Entries); } } As I'm using EF to build and re-build the database for integration testing, I really need this to be done automatically...

Read the article
Expose url to webservice

- by Patrick Peters

In our project we want to query a document management system for a specific document or movie. The dms returns a URL with the document location (for example: http://mydomain.myserver1.share/mypdf.pdf or http://mydomain.myserver2.share/mymovie.avi). We want to expose the document to internet users and intranet users. The requested file can be large (large video files). Our architecture is like: request goes like: webapp1 - webapp2 - webapp3 - dms response goes like: dms - webapp3 - webapp2 - webapp1 webapp1 could be on the internet. I have have been thinking how we can obfusicate the real url from the dms, due to security issues. I have seen implementations from other webapps where the pdf URL was obfusicated by creating a temp file for the requested document that is specific for the session and user. So other users cannot easily guess the documentname of other users. My question: is there a pattern that deals with exposing company/user vulernable data to the public ? Our development is in C# 3.5.

Read the article
Why is the unit test useful when the view is not unit testable in MVVM?

- by BigTiger

Why is the unit test useful when the view is not unit testable in MVVM? In MVVM, we have the models, view-models, and views. The claimed advantage is that MVVM can make the models and view=models unit testable. But all the three parties belong to the same application. If the views are not unit testable, why test the other two? Will unit testing the other two and leave one not tested improve the quality? Removing all the code-behind from the views sounds weird to me. How about the code-behind only handles the pure UI operations?

Read the article
tcp checksum and tcp offloading

- by scatman

i am using raw sockets to create my own socket. i need to set the tcp_checksum. i have tried a lot of references but all are not working (i am using wireshark for testing). could you help me please. by the way, i read somewhere that if you set tcp_checksum=0. then the hardware will calculate the checksum automatically for you. is this true? i tried it, but in wireshark the tcp_checksum gives a value of 0X000 and says tcp offload. i also read about tcp offloading, and didn't understand, is it only that wireshark is cannot check an offloaded tcp checksum, but there is a correct one??

Read the article
How to simulate a mouse click on a UIWebView in Cocoa for the iPhone?

- by eagle

I'm trying to setup automated unit tests for an iPhone application. I'm using a UIWebView and need to simulate clicks on different links. I've tried doing this with JavaScript, but it doesn't produce the same result as when I manually click on the links. The main problem is with links that have their target property set. I believe the only way for this automated unit test to work correctly is to simulate a mouse click at a specific x/y coordinate (i.e. where the link is located). Since the unit testing will only be used internally, private API calls are fine. It seems like this should be possible since the iPhone app isimulate seems to do something similar. Is there any way to do this in the framework?

Read the article
ClassNotFoundException error in implementing Bayesian algorithm in Apache Mahout on Hadoop

- by Shweta

Hi, I have a problem in executing the Bayesian algorithm in Mahout. I built it with Maven and the job file is in target directory. When run from terminal using hadoop, I'm getting the ClassNotFoundException error. What should be done? $HADOOP_HOME/bin/hadoop jar mahout-core-0.3-SNAPSHOT.job org.apache.mahout.classifier.bayes.mapreduce.bayes.bayesdriver -i test -o output Exception in thread "main" java.lang.ClassNotFoundException: org.apache.mahout.classifier.bayes.mapreduce.bayes.bayesdriver at java.net.URLClassLoader$1.run(URLClassLoader.java:200) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:188) at java.lang.ClassLoader.loadClass(ClassLoader.java:307) at java.lang.ClassLoader.loadClass(ClassLoader.java:252) at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:320) at java.lang.Class.forName0(Native Method) at java.lang.Class.forName(Class.java:247) at org.apache.hadoop.util.RunJar.main(RunJar.java:149)

Read the article
rpm installation error

- by JiminyCricket

im trying to install an RPM compat-db-4.1.25-9 on oracle linux enterprise, since its required to install WebCenter...however the rpm installation is throwing a warning and then not working [root@devsebl downloads]# rpm -i compat-db-4.1.25-9.rpm warning: compat-db-4.1.25-9.rpm: Header V3 DSA signature: NOKEY, key ID 9b3c94f4 [root@devsebl downloads]# rpm -q compat-db-4.1.25-9.rpm package compat-db-4.1.25-9.rpm is not installed any idea what that warning means and why its crashing there? i tried to use Yum, but its not available i guess: [root@devsebl downloads]# yum search compat-db Loaded plugins: security Warning: No matches found for: compat-db No Matches found

Read the article
MVC4 bundling GZIP and headers

- by plurby

I'm testing my site with Google PageSpeed and YSlow and the bundles that i've created with MVC4 bundles aren't getting Gzipped (Compressing resources with gzip or deflate can reduce the number of bytes sent over the network) and there is no Vary: Accept-Encoding header (Instructs proxy servers to cache two versions of the resource: one compressed, and one uncompressed. This helps avoid issues with public proxies that do not detect the presence of a Content-Encoding header properly.) And also how can i add encoding header for the whole scripts folder on the ISS. I know there is HTTP Response Headers, then Add Custom HTTP Response Header, but will this work on the whole scripts folders and subfolders and what to put in the Name and Value fields. How can this be solved. Regards.

Read the article
Objective-C : BOOL vs bool

- by santoni

Hi, I'm new to objective-c and I saw the "new type" BOOL (YES, NO). I read that this type is almost like a char. For testing I did : NSLog(@"Size of BOOL %d", sizeof(BOOL)); NSLog(@"Size of bool %d", sizeof(bool)); Good to see both display 1 (sometimes in C++ bool just an int and sizeof is 4) So I was just wondering I there were some issues with the bool type or something ? Can I just use bool (that seems to work) without loosing speed? Thanks for answers

Read the article
NHibernate 2.1.2 in medium trust.

- by John

I'm trying to configure nhibernate 2.1.2 to run in medium trust, without any luck. I have tried follwing the suggestions to run in medium trust and pre-generating the proxies. I then tried to remove all references to lazy loading setting the default-lazy="false" on all classes and bags. However this threw an exception asking me to configure the proxyfactory.factory_class None of these methds worked as they kept throwing generic security exceptions or throwing easying that libraries do not allow AllowPartiallyTrustedCallers. Am I using the wrong version of NHibernate if I want to run in medium trust? Is there a specific set of binaries, or source, which I should be using.

Read the article
WCF performance improvements

- by Burt

I am developing a WPF application that talks to a server via WCF services over the internet. After profiling the application I noticed a lot of time is being taking up by creating the appropriate WCF client proxy and making the call to the server. The code on the server is optimised and doesn't take any time to run yet I am still seeing a 1.5 second delay from when a service is invloked to it returning to the client. A few points to give a bit of background: I am using the ASP.Net membership for security I will eventually hook into the same server side code through a website I would eventually like to have offline support in the application I really need to nail the performance early though as if the app is taking a couple of seconds to come back it is too long for what I am trying to do. Can anyone suggest performance tips that will help me please?

Read the article
nginx - redirection doesn't work as expected

- by Luis

I have a domain listening on both http and https. I want to redirect all the traffic to https except for two specific locations. It works, but only for mydomain.com, not for www.mydomain.com. Here the config: upstream mydomain_rails { server unix:/home/deploy/mydomain/shared/pids/unicorn.sock; } # blog.mydomain.com server { listen 80; server_name blog.mydomain.com; rewrite ^ http://www.mydomain.com/de/blog permanent; } # blog.mydomain.com.br server { listen 80; server_name blog.mydomain.com.br; rewrite ^ http://www.mydomain.com/br/blog permanent; } # www.mydomain.de server { listen 80; server_name mydomain.de www.mydomain.de; rewrite ^ https://www.mydomain.com/de permanent; } # www.mydomain.com.br server { listen 80; server_name mydomain.com.br www.mydomain.com.br; rewrite ^ https://www.mydomain.com/br permanent; } server { listen 80; server_name mydomain.com; rewrite ^ http://www.mydomain.com$request_uri permanent; } ## www.mydomain.com ## Redirect http to https, keep blogs on plain http server { listen 80; server_name www.mydomain.com; location / { # if ($host ~* ^(www\.mydomain\.com)$ ) { rewrite ^/(.*)$ https://www.mydomain.com/$1 permanent; # } # return 444; } # Matches any request starting with '/br/blog' and proxies to the upstream blog instance location ~* /br/blog { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; if (!-f $request_filename) { rewrite ^/br/blog$ /; rewrite ^/br/blog/(.*)$ /$1; proxy_pass http://mydomain_blog_br; break; } } # Matches any request starting with '/de/blog' and proxies to the upstream blog instance location ~* /de/blog { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; if (!-f $request_filename) { rewrite ^/de/blog$ /; rewrite ^/de/blog/(.*)$ /$1; proxy_pass http://mydomain_blog; break; } } } # www.mydomain.com server { add_header Cache-Control "public, must-revalidate"; server_name mydomain.com www.mydomain.com; listen 443; ssl on; ssl_certificate /etc/ssl/mydomain.com/sslchain.crt; ssl_certificate_key /etc/ssl/mydomain.com/privatekey.key; ## Strict Transport Security (ForceHTTPS), max-age 30d add_header Strict-Transport-Security "max-age=2592000; includeSubdomains"; ## Due SSL encryption, rather to increase the keepalive requests and timeout keepalive_requests 10; keepalive_timeout 60 60; root /home/deploy/mydomain/current/public/; error_log /home/deploy/mydomain/shared/log/nginx.error.log info; access_log /home/deploy/mydomain/shared/log/nginx.access.log main; ## Redirect from non-www to www if ($host = 'mydomain.com' ) { rewrite ^/(.*)$ https://www.mydomain.com/$1 permanent; } ## Caching images for 3 months location ~* \.(ico|css|js|gif|jpe?g|png)\?[0-9]+$ { expires 30d; break; } ## Deny illegal Host headers if ($host !~* ^(mydomain.com|www.mydomain.com)$ ) { return 444; } ## Deny certain User-Agents (case insensitive) if ($http_user_agent ~* (Baiduspider|webalta|Wget|WordPress|youdao|jakarta) ) { return 444; } ## Deny certain Referers (case insensitive) if ($http_referer ~* (dating|diamond|forsale|girl|jewelry|nudit|poker|porn|poweroversoftware|sex|teen|webcam|zippo|zongdo) ) { return 444; } ## Enable maintenance page. The page is copied in during capistrano deployment set $maintenance 0; if (-f $document_root/index.html) { set $maintenance 1; } if ($request_uri ~* (jpg|jpeg|gif|png|js|css)$) { set $maintenance 0; } if ($maintenance) { rewrite ^(.*)$ /index.html last; break; } location /uk { auth_basic "Restricted"; auth_basic_user_file /etc/nginx/htpasswd; root /home/deploy/mydomain/current/public/; try_files $uri @fallback; } # Matches any request starting with '/br/blog' and proxies to the upstream blog instance location ^~ /br/blog { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; if (!-f $request_filename) { rewrite ^/br/blog$ /; rewrite ^/br/blog/(.*)$ /$1; proxy_pass http://mydomain_blog_br; break; } } # Matches any request starting with '/de/blog' and proxies to the upstream blog instance location ^~ /de/blog { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; if (!-f $request_filename) { rewrite ^/de/blog$ /; rewrite ^/de/blog/(.*)$ /$1; proxy_pass http://mydomain_blog; break; }} # Matches any request starting with '/lp' and proxies to the upstream blog instance location /lp { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; rewrite ^/lp(/?.*)$ /$1; proxy_pass http://mydomain_landingpage; break; } #Matches any request, and looks for static files before reverse proxying to the upstream app server socket location / { root /home/deploy/mydomain/current/public/; try_files $uri @fallback; } # Called after the above pattern, if no static file is found location @fallback { proxy_set_header X-Sendfile-Type X-Accel-Redirect; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; proxy_pass http://mydomain_rails; } ## All other errors get the generic error page error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /500.html; location /500.html { root /home/deploy/mydomain/current/public/; } } I defined the blog upstream. As said, it works properly for mydomain.com, but not for www.mydomain.com. Any idea?

Read the article
How do you include additional files using VS2010 web deployment packages?

- by Jason

I am testing out using the new web packaging functionality in visual studio 2010 and came across a situation where I use a pre-build event to copy required .dll's into my bin folder that my app relies on for API calls. They cannot be included as a reference since they are not COM dlls that can be used with interop. When I build my deployment package those files are excluded when I choose the option to only include the files required to run the app. Is there a way to configure the deployment settings to include these files? I have had no luck finding any good documentation on this.

Read the article
How do I use the iPhone Simulator in 3.2 (not iPad Simulator)

- by JustinXXVII

I'm fixing my app to be a universal binary. Testing on the simulator seems to default to the iPad. For small corrections like checking orientations and small UI updates, the only way I can find to get the iPhone version is to plug in my iPhone and build and run on device. Loading the debugger takes valuable time, when running on simulator is so much faster for this kind of work. Can I set the simulator to default to iPhone for this? Setting it to 3.1.3 doesn't work because of the 3.2 code I have in the binary for the iPad.

Read the article
Using Tweepy API behind proxy

- by user1505819

I have a using Tweepy, a python wrapper for Twitter.I am writing a small GUI application in Python which updates my twitter account. Currently, I am just testing if the I can get connected to Twitter, hence used test() call. I am behind Squid Proxy server.What changes should I make to snippet so that I should get my work done. Setting http_proxy in bash shell did not help me. def printTweet(self): #extract tweet string tweet_str = str(self.ui.tweet_txt.toPlainText()) ; #tweet string extracted. self.ui.tweet_txt.clear() ; self.tweet_on_twitter(str); def tweet_on_twitter(self,my_tweet) : auth = tweepy.OAuthHandler(CONSUMER_KEY, CONSUMER_SECRET); auth.set_access_token(ACCESS_KEY, ACCESS_SECRET) ; api = tweepy.API(auth) ; if api.test() : print 'Test successful' ; else : print 'Test unsuccessful';

Read the article
iPhone - Web Access Authentication

- by Terry

I am building a secure app for our exec's... here is my setup. It's a somewhat Macgyver approach, but bear with me :) There are only 10 users, I have a record of each uniqueIdentifier on my backend in a database table. (This is internal only for our users, so I don't believe I am breaking the public user registration rule mentioned in the API docs) Through adhoc distribution I install my app on all 10 devices My app is simply composed of a UIWebView. When the app starts it does a POST to our https site sending the uniqueIdentifier. (Thanks to this answer) The server page that recieves the POST, checks the uniqueIdentifier and if found sets a session cookie that automatically logs them into the site. This way the user doesn't have to enter in their credentials every time. So what do you think, is there a security hole with this? Thanks

Read the article

< Previous Page | 611 612 613 614 615 616 617 618 619 620 621 622 | Next Page >