Search Results

Search found 9516 results on 381 pages for 'duplicate resource'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 72/381 | < Previous Page | 68 69 70 71 72 73 74 75 76 77 78 79  | Next Page >

  • BST insert operation. don't insert a node if a duplicate exists already

    - by jeev
    the following code reads an input array, and constructs a BST from it. if the current arr[i] is a duplicate, of a node in the tree, then arr[i] is discarded. count in the struct node refers to the number of times a number appears in the array. fi refers to the first index of the element found in the array. after the insertion, i am doing a post-order traversal of the tree and printing the data, count and index (in this order). the output i am getting when i run this code is: 0 0 7 0 0 6 thank you for your help. Jeev struct node{ int data; struct node *left; struct node *right; int fi; int count; }; struct node* binSearchTree(int arr[], int size); int setdata(struct node**node, int data, int index); void insert(int data, struct node **root, int index); void sortOnCount(struct node* root); void main(){ int arr[] = {2,5,2,8,5,6,8,8}; int size = sizeof(arr)/sizeof(arr[0]); struct node* temp = binSearchTree(arr, size); sortOnCount(temp); } struct node* binSearchTree(int arr[], int size){ struct node* root = (struct node*)malloc(sizeof(struct node)); if(!setdata(&root, arr[0], 0)) fprintf(stderr, "root couldn't be initialized"); int i = 1; for(;i<size;i++){ insert(arr[i], &root, i); } return root; } int setdata(struct node** nod, int data, int index){ if(*nod!=NULL){ (*nod)->fi = index; (*nod)->left = NULL; (*nod)->right = NULL; return 1; } return 0; } void insert(int data, struct node **root, int index){ struct node* new = (struct node*)malloc(sizeof(struct node)); setdata(&new, data, index); struct node** temp = root; while(1){ if(data<=(*temp)->data){ if((*temp)->left!=NULL) *temp=(*temp)->left; else{ (*temp)->left = new; break; } } else if(data>(*temp)->data){ if((*temp)->right!=NULL) *temp=(*temp)->right; else{ (*temp)->right = new; break; } } else{ (*temp)->count++; free(new); break; } } } void sortOnCount(struct node* root){ if(root!=NULL){ sortOnCount(root->left); sortOnCount(root->right); printf("%d %d %d\n", (root)->data, (root)->count, (root)->fi); } }

    Read the article

  • How can I remove rows with unique values? As in only keeping rows with duplicate values?

    - by user1456405
    Here's the conundrum, I'm a complete and utter noob when it comes to programming. I understand the basics, but am still learning javascript. I have a spreadsheet of surveys, in which I need to see how particular users have varied over time. As such, I need to disregard all rows with unique values in a particular column. The data looks like this: Response Date Response_ID Account_ID Q.1 10/20/2011 12:03:43 PM 23655956 1168161 8 10/20/2011 03:52:57 PM 23660161 1168152 0 10/21/2011 10:55:54 AM 23672903 1166121 7 10/23/2011 04:28:16 PM 23694471 1144756 9 10/25/2011 06:30:52 AM 23732674 1167449 7 10/25/2011 07:52:28 AM 23734597 1087618 5 I've found a way to do so in VBA, which sucks as I have to use excel, per below: Sub Del_Unique() Application.ScreenUpdating = False Columns("B:B").Insert Shift:=xlToRight Columns("A:A").Copy Destination:=Columns("B:B") i = Application.CountIf(Range("A:A"), "<>") + 50 If i > 65536 Then i = 65536 Do If Application.CountIf(Range("B:B"), Range("A" & i)) = 1 Then Rows(i).Delete End If i = i - 1 Loop Until i = 0 Columns("B:B").Delete Application.ScreenUpdating = True End Sub But that requires mucking about. I'd really like to do it in Google Spreadsheets with a script that won't have to be changed. Closest I can get is retrieving all duplicate user ids from the range, but can't associate that with the row. That code follows: function findDuplicatesInSelection() { var activeRange = SpreadsheetApp.getActiveRange(); var values = activeRange.getValues(); // values that appear at least once var once = {}; // values that appear at least twice var twice = {}; // values that appear at least twice, stored in a pretty fashion! var final = []; for (var i = 0; i < values.length; i++) { var inner = values[i]; for (var j = 0; j < inner.length; j++) { var cell = inner[j]; if (cell == "") continue; if (once.hasOwnProperty(cell)) { if (!twice.hasOwnProperty(cell)) { final.push(cell); } twice[cell] = 1; } else { once[cell] = 1; } } } if (final.length == 0) { Browser.msgBox("No duplicates found"); } else { Browser.msgBox("Duplicates are: " + final); } } Anyhow, sorry if this is the wrong place or format, but half of what I've found so far has been from stack, I thought it was a good place to start. Thanks!

    Read the article

  • What Every Developer Should Know About MSI Components

    - by Alois Kraus
    Hopefully nothing. But if you have to do more than simple XCopy deployment and you need to support updates, upgrades and perhaps side by side scenarios there is no way around MSI. You can create Msi files with a Visual Studio Setup project which is severely limited or you can use the Windows Installer Toolset. I cannot talk about WIX with my German colleagues because WIX has a very special meaning. It is funny to always use the long name when I talk about deployment possibilities. Alternatively you can buy commercial tools which help you to author Msi files but I am not sure how good they are. Given enough pain with existing solutions you can also learn the MSI Apis and create your own packaging solution. If I were you I would use either a commercial visual tool when you do easy deployments or use the free Windows Installer Toolset. Once you know the WIX schema you can create well formed wix xml files easily with any editor. Then you can “compile” from the wxs files your Msi package. Recently I had the “pleasure” to get my hands dirty with C++ (again) and the MSI technology. Installation is a complex topic but after several month of digging into arcane MSI issues I can safely say that there should exist an easier way to install and update files as today. I am not alone with this statement as John Robbins (creator of the cool tool Paraffin) states: “.. It's a brittle and scary API in Windows …”. To help other people struggling with installation issues I present you the advice I (and others) found useful and what will happen if you ignore this advice. What is a MSI file? A MSI file is basically a database with tables which reference each other to control how your un/installation should work. The basic idea is that you declare via these tables what you want to install and MSI controls the how to get your stuff onto or off your machine. Your “stuff” consists usually of files, registry keys, shortcuts and environment variables. Therefore the most important tables are File, Registry, Environment and Shortcut table which define what will be un/installed. The key to master MSI is that every resource (file, registry key ,…) is associated with a MSI component. The actual payload consists of compressed files in the CAB format which can either be embedded into the MSI file or reside beside the MSI file or in a subdirectory below it. To examine MSI files you need Orca a free MSI editor provided by MS. There is also another free editor called Super Orca which does support diffs between MSI and it does not lock the MSI files. But since Orca comes with a shell extension I tend to use only Orca because it is so easy to right click on a MSI file and open it with this tool. How Do I Install It? Double click it. This does work for fresh installations as well as major upgrades. Updates need to be installed via the command line via msiexec /i <msi> REINSTALL=ALL REINSTALLMODE=vomus   This tells the installer to reinstall all already installed features (new features will NOT be installed). The reinstallmode letters do force an overwrite of the old cached package in the %WINDIR%\Installer folder. All files, shortcuts and registry keys are redeployed if they are missing or need to be replaced with a newer version. When things did go really wrong and you want to overwrite everything unconditionally use REINSTALLMODE=vamus. How To Enable MSI Logs? You can download a MSI from Microsoft which installs some registry keys to enable full MSI logging. The log files can be found in your %TEMP% folder and are called MSIxxxx.log. Alternatively you can add to your msiexec command line the option msiexec …. /l*vx <LogFileName> Personally I find it rather strange that * does not mean full logging. To really get all logs I need to add v and x which is documented in the msiexec help but I still find this behavior unintuitive. What are MSI components? The whole MSI logic is bound to the concept of MSI components. Nearly every msi table has a Component column which binds an installable resource to a component. Below are the screenshots of the FeatureComponents and Component table of an example MSI. The Feature table defines basically the feature hierarchy.  To find out what belongs to a feature you need to look at the FeatureComponents table where for each feature the components are listed which will be installed when a feature is installed. The MSI components are defined in the  Component table. This table has as first column the component name and as second column the component id which is a GUID. All resources you want to install belong to a MSI component. Therefore nearly all MSI tables have a Component_ column which contains the component name. If you look e.g. a the File table you see that every file belongs to a component which is true for all other tables which install resources. The component table is the glue between all other tables which contain the resources you want to install. So far so easy. Why is MSI then so complex? Most MSI problems arise from the fact that you did violate a MSI component rule in one or the other way. When you install a feature the reference count for all components belonging to this feature will increase by one. If your component is installed by more than one feature it will get a higher refcount. When you uninstall a feature its refcount will drop by one. Interesting things happen if the component reference count reaches zero: Then all associated resources will be deleted. That looks like a reasonable thing and it is. What it makes complex are the strange component rules you have to follow. Below are some important component rules from the Tao of the Windows Installer … Rule 16: Follow Component Rules Components are a very important part of the Installer technology. They are the means whereby the Installer manages the resources that make up your application. The SDK provides the following guidelines for creating components in your package: Never create two components that install a resource under the same name and target location. If a resource must be duplicated in multiple components, change its name or target location in each component. This rule should be applied across applications, products, product versions, and companies. Two components must not have the same key path file. This is a consequence of the previous rule. The key path value points to a particular file or folder belonging to the component that the installer uses to detect the component. If two components had the same key path file, the installer would be unable to distinguish which component is installed. Two components however may share a key path folder. Do not create a version of a component that is incompatible with all previous versions of the component. This rule should be applied across applications, products, product versions, and companies. Do not create components containing resources that will need to be installed into more than one directory on the user’s system. The installer installs all of the resources in a component into the same directory. It is not possible to install some resources into subdirectories. Do not include more than one COM server per component. If a component contains a COM server, this must be the key path for the component. Do not specify more than one file per component as a target for the Start menu or a Desktop shortcut. … And these rules do not even talk about component ids, update packages and upgrades which you need to understand as well. Lets suppose you install two MSIs (MSI1 and MSI2) which have the same ComponentId but different component names. Both do install the same file. What will happen when you uninstall MSI2?   Hm the file should stay there. But the component names are different. Yes and yes. But MSI uses not use the component name as key for the refcount. Instead the ComponentId column of the Component table which contains a GUID is used as identifier under which the refcount is stored. The components Comp1 and Comp2 are identical from the MSI perspective. After the installation of both MSIs the Component with the Id {100000….} has a refcount of two. After uninstallation of one MSI there is still a refcount of one which drops to zero just as expected when we uninstall the last msi. Then the file which was the same for both MSIs is deleted. You should remember that MSI keeps a refcount across MSIs for components with the same component id. MSI does manage components not the resources you did install. The resources associated with a component are then and only then deleted when the refcount of the component reaches zero.   The dependencies between features, components and resources can be described as relations. m,k are numbers >= 1, n can be 0. Inside a MSI the following relations are valid Feature    1  –> n Components Component    1 –> m Features Component      1  –>  k Resources These relations express that one feature can install several components and features can share components between them. Every (meaningful) component will install at least one resource which means that its name (primary key to stay in database speak) does occur in some other table in the Component column as value which installs some resource. Lets make it clear with an example. We want to install with the feature MainFeature some files a registry key and a shortcut. We can then create components Comp1..3 which are referenced by the resources defined in the corresponding tables.   Feature Component Registry File Shortcuts MainFeature Comp1 RegistryKey1     MainFeature Comp2   File.txt   MainFeature Comp3   File2.txt Shortcut to File2.txt   It is illegal that the same resource is part of more than one component since this would break the refcount mechanism. Lets illustrate this:            Feature ComponentId Resource Reference Count Feature1 {1000-…} File1.txt 1 Feature2 {2000-….} File1.txt 1 The installation part works well but what happens when you uninstall Feature2? Component {20000…} gets a refcount of zero where MSI deletes all resources belonging to this component. In this case File1.txt will be deleted. But Feature1 still has another component {10000…} with a refcount of one which means that the file was deleted too early. You just have ruined your installation. To fix it you then need to click on the Repair button under Add/Remove Programs to let MSI reinstall any missing registry keys, files or shortcuts. The vigilant reader might has noticed that there is more in the Component table. Beside its name and GUID it has also an installation directory, attributes and a KeyPath. The KeyPath is a reference to a file or registry key which is used to detect if the component is already installed. This becomes important when you repair or uninstall a component. To find out if the component is already installed MSI checks if the registry key or file referenced by the KeyPath property does exist. When it does not exist it assumes that it was either already uninstalled (can lead to problems during uninstall) or that it is already installed and all is fine. Why is this detail so important? Lets put all files into one component. The KeyPath should be then one of the files of your component to check if it was installed or not. When your installation becomes corrupt because a file was deleted you cannot repair it with the Repair button under Add/Remove Programs because MSI checks the component integrity via the Resource referenced by its KeyPath. As long as you did not delete the KeyPath file MSI thinks all resources with your component are installed and never executes any repair action. You get even more trouble when you try to remove files during an upgrade (you cannot remove files during an update) from your super component which contains all files. The only way out and therefore best practice is to assign for every resource you want to install an extra component. This ensures painless updatability and repairs and you have much less effort to remove specific files during an upgrade. In effect you get this best practice relation Feature 1  –> n Components Component   1  –>  1 Resources MSI Component Rules Rule 1 – One component per resource Every resource you want to install (file, registry key, value, environment value, shortcut, directory, …) must get its own component which does never change between versions as long as the install location is the same. Penalty If you add more than one resources to a component you will break the repair capability of MSI because the KeyPath is used to check if the component needs repair. MSI ComponentId Files MSI 1.0 {1000} File1-5 MSI 2.0 {2000} File2-5 You want to remove File1 in version 2.0 of your MSI. Since you want to keep the other files you create a new component and add them there. MSI will delete all files if the component refcount of {1000} drops to zero. The files you want to keep are added to the new component {2000}. Ok that does work if your upgrade does uninstall the old MSI first. This will cause the refcount of all previously installed components to reach zero which means that all files present in version 1.0 are deleted. But there is a faster way to perform your upgrade by first installing your new MSI and then remove the old one.  If you choose this upgrade path then you will loose File1-5 after your upgrade and not only File1 as intended by your new component design.   Rule 2 – Only add, never remove resources from a component If you did follow rule 1 you will not need Rule 2. You can add in a patch more resources to one component. That is ok. But you can never remove anything from it. There are tricky ways around that but I do not want to encourage bad component design. Penalty Lets assume you have 2 MSI files which install under the same component one file   MSI1 MSI2 {1000} - ComponentId {1000} – ComponentId File1.txt File2.txt   When you install and uninstall both MSIs you will end up with an installation where either File1 or File2 will be left. Why? It seems that MSI does not store the resources associated with each component in its internal database. Instead Windows will simply query the MSI that is currently uninstalled for all resources belonging to this component. Since it will find only one file and not two it will only uninstall one file. That is the main reason why you never can remove resources from a component!   Rule 3 Never Remove A Component From an Update MSI. This is the same as if you change the GUID of a component by accident for your new update package. The resulting update package will not contain all components from the previously installed package. Penalty When you remove a component from a feature MSI will set the feature state during update to Advertised and log a warning message into its log file when you did enable MSI logging. SELMGR: ComponentId '{2DCEA1BA-3E27-E222-484C-D0D66AEA4F62}' is registered to feature 'xxxxxxx, but is not present in the Component table.  Removal of components from a feature is not supported! MSI (c) (24:44) [07:53:13:436]: SELMGR: Removal of a component from a feature is not supported Advertised means that MSI treats all components of this feature as not installed. As a consequence during uninstall nothing will be removed since it is not installed! This is not only bad because uninstall does no longer work but this feature will also not get the required patches. All other features which have followed component versioning rules for update packages will be updated but the one faulty feature will not. This results in very hard to find bugs why an update was only partially successful. Things got better with Windows Installer 4.5 but you cannot rely on that nobody will use an older installer. It is a good idea to add to your update msiexec call MSIENFORCEUPGRADECOMPONENTRULES=1 which will abort the installation if you did violate this rule.

    Read the article

  • Hello World Pagelet

    - by astemkov
    Introduction The goal of this exercise is to give you a basic feel of how you can use Pagelet Producer to proxy a web page We will proxy a simple static Hello World web page, cut one section out of that page and present it as a pagelet that you can later insert on your own application page or to your portal page such as WebCenter Portal space or WebCenter Interaction community page. Hello World sample app This is the static web page we will work with: Let's assume the following: The Hello World web page is running on server http://appserver.company.com:1234/ The Hello World web page path is: http://appserver.company.com:1234/helloworld/ Initial Pagelet Producer setup Let's assume that the Pagelet Producer server is running on http://pageletserver.company.com:8889/pagelets/ First let's check that Pagelet Producer is up and running. In order to do that we just need to access the following URL: http://pageletserver.company.com:8889/pagelets/ And this is what should be returned: Now you can access Pagelet Producer administration screens using this URL: http://pageletserver.company.com:8889/pagelets/admin This is how the UI looks: Now if you connect to the internet via proxy server, you need to configure proxy in Pagelet Producer settings. In the Navigator pane: Jump To - Settings Click on "Proxy" Enter your proxy server configuration: Creating a resource First thing that you need to do is to create a resource for your web page. This will tell Pagelet Producer that all sub-paths of the web page should be proxied. It also will allow you to setup common rules of how your web page should be proxied and will serve as a container for your pagelets. In the Navigator pane: Jump To - Resources Click on any existing resource (ex. welcome_resource) Click on "Create selected type" toolbar button at the top of the Navigator pane Select "Web" in the "Select Producer Type" dialog box and click "OK" Now after the resource is created let's click on "General" sub-item a specify the following values Name = AppServer Source URL = http://appserver.company.com:1234/ Destination URL = /appserver/ Click on "Save" toolbar button at the top of the Navigator pane After the resource is created our web page becomes accessible by the URL: http://pageletserver.company.com:8889/pagelets/appserver/helloworld/ So in original web page address Source URL is replaced with Pagelet Producer URL (http://pageletserver.company.com:8889/pagelets) + Destination URL Creating a pagelet Now let's create "Hello World" pagelet. Under the resource node activate Pagelets subnode Click on "Create selected type" toolbar button at the top of the Navigator pane Click on "General" sub-node of newly created pagelet and specify the following values Name = Hello_World Library = MyLib Library is used for logical grouping. The portals use the "Library" value to group pagelets in their respective UI's. For example, when adding pagelets to a WebCenter Portal space you would see the individual pagelets listed under the "Library" name. URL Suffix = helloworld/index.html this is where the Hello World page html is served from Click on "Save" toolbar button at the top of the Navigator pane The Library name can be anything you want, it doesn't have to match the resource name at all. It is used as a logical grouping of pagelets, and you can include pagelets from multiple resources into the same library or create a new library for each pagelet. After you save the pagelet you can access it here: http://pageletserver.company.com:8889/pagelets/inject/v2/pagelet/MyLib/Hello_World which is : http://pageletserver.company.com:8889/pagelets/inject/v2/pagelet/ + [Library] + [Name] Or to test the injection of a pagelet into iframe you can click on the pagelets "Documentation" sub-node and use "Access Pagelet using REST" URL: This is what we will see: Clipping The pagelet that we just created covers the whole web page, but we want just the "Hello World" segment of it. So let's clip it. Under the Hello_World pagelet node activate Clipper sub-node Click on "Create selected type" toolbar button at the top of the Navigator pane Specify a Name for newly created clipper. For example: "c1" Click on "Content" sub-node of the clipper Click on "Launch Clipper" button New browser window will open By moving a mouse pointer over the web page select the area you want to clip: Click left mouse button - the browser window will disappear and you will see that Clipping Path was automatically generated Now let's save and access the link from the "Documentation" page again Here's our pagelet nicely clipped and ready for being used on your Web Center Space

    Read the article

  • Wpf Resource: "Unknown Build Error, 'Path cannot be null..."

    - by Femaref
    The following is a snippet from a xaml defining a DataGrid in a Control, defining a template selector. <DataGrid.Resources> <selector:CurrencyColorSelector x:Key="currencyColorSelector"> <selector:CurrencyColorSelector.NegativeTemplate> <DataTemplate> <TextBlock Text="{Binding Balance, StringFormat=n}" Background="Red"/> </DataTemplate> </selector:CurrencyColorSelector.NegativeTemplate> <selector:CurrencyColorSelector.NormalTemplate> <DataTemplate> <TextBlock Text="{Binding Balance, StringFormat=n}"/> </DataTemplate> </selector:CurrencyColorSelector.NormalTemplate> </selector:CurrencyColorSelector> </DataGrid.Resources> Now, an error is thrown: "Unknown build error, 'Path cannot be null. Parameter name: path Line 27 Position 79.'" (Compiler or xaml validation error). I have no idea where this Path comes from, neither does my example show anything of it. If you doubleclick the error, it points to the end of the first line. Did anybody encounter such a problem and has a solution for it? The example was from here: http://www.wpftutorial.net/DataGrid.html (Row Details depending on the type of data)

    Read the article

  • How does Android decide which background resource to draw on the foreground?

    - by Sebi
    I defined two ImageButton which are contained in a LinearLayout in my XML layout file: <LinearLayout xmlns:android="http://schemas.android.com/apk/res/android" android:id="@+id/tabs" android:layout_width="fill_parent" android:layout_height="wrap_content" android:orientation="horizontal" android:minHeight="40px" android:background="@drawable/library_tabs_background"> <LinearLayout xmlns:android="http://schemas.android.com/apk/res/android" android:id="@+id/button_library" android:layout_width="160px" android:paddingTop="7px" android:layout_height="40px" android:paddingLeft="30px" android:orientation="horizontal"> <ImageButton android:id="@+id/list" android:layout_width="110px" android:layout_height="30px" android:src="@drawable/library_tab1_button_active"> </ImageButton> </LinearLayout> <LinearLayout xmlns:android="http://schemas.android.com/apk/res/android" android:id="@+id/button_search" android:layout_width="160px" android:paddingTop="7px" android:layout_height="40px" android:orientation="horizontal"> <ImageButton android:id="@+id/search" android:layout_width="110px" android:layout_height="30px" android:src="@drawable/library_tab2_button_deactive"> </ImageButton> </LinearLayout> </LinearLayout> As one can see in the XML file, also the LinearLayout in which the buttons are contained, a background image is set. This two images (the button background and the linearlayout background) are overlapping. So in some views, the button background is in front of the layout background and in other views (im using a view flipper), the background of the layer is in the foreground. How can i set a clear rule? How does Android decide which BackgroundResource to draw first?

    Read the article

  • Security in Software

    The term security has many meanings based on the context and perspective in which it is used. Security from the perspective of software/system development is the continuous process of maintaining confidentiality, integrity, and availability of a system, sub-system, and system data. This definition at a very high level can be restated as the following: Computer security is a continuous process dealing with confidentiality, integrity, and availability on multiple layers of a system. Key Aspects of Software Security Integrity Confidentiality Availability Integrity within a system is the concept of ensuring only authorized users can only manipulate information through authorized methods and procedures. An example of this can be seen in a simple lead management application.  If the business decided to allow each sales member to only update their own leads in the system and sales managers can update all leads in the system then an integrity violation would occur if a sales member attempted to update someone else’s leads. An integrity violation occurs when a team member attempts to update someone else’s lead because it was not entered by the sales member.  This violates the business rule that leads can only be update by the originating sales member. Confidentiality within a system is the concept of preventing unauthorized access to specific information or tools.  In a perfect world the knowledge of the existence of confidential information/tools would be unknown to all those who do not have access. When this this concept is applied within the context of an application only the authorized information/tools will be available. If we look at the sales lead management system again, leads can only be updated by originating sales members. If we look at this rule then we can say that all sales leads are confidential between the system and the sales person who entered the lead in to the system. The other sales team members would not need to know about the leads let alone need to access it. Availability within a system is the concept of authorized users being able to access the system. A real world example can be seen again from the lead management system. If that system was hosted on a web server then IP restriction can be put in place to limit access to the system based on the requesting IP address. If in this example all of the sales members where accessing the system from the 192.168.1.23 IP address then removing access from all other IPs would be need to ensure that improper access to the system is prevented while approved users can access the system from an authorized location. In essence if the requesting user is not coming from an authorized IP address then the system will appear unavailable to them. This is one way of controlling where a system is accessed. Through the years several design principles have been identified as being beneficial when integrating security aspects into a system. These principles in various combinations allow for a system to achieve the previously defined aspects of security based on generic architectural models. Security Design Principles Least Privilege Fail-Safe Defaults Economy of Mechanism Complete Mediation Open Design Separation Privilege Least Common Mechanism Psychological Acceptability Defense in Depth Least Privilege Design PrincipleThe Least Privilege design principle requires a minimalistic approach to granting user access rights to specific information and tools. Additionally, access rights should be time based as to limit resources access bound to the time needed to complete necessary tasks. The implications of granting access beyond this scope will allow for unnecessary access and the potential for data to be updated out of the approved context. The assigning of access rights will limit system damaging attacks from users whether they are intentional or not. This principle attempts to limit data changes and prevents potential damage from occurring by accident or error by reducing the amount of potential interactions with a resource. Fail-Safe Defaults Design PrincipleThe Fail-Safe Defaults design principle pertains to allowing access to resources based on granted access over access exclusion. This principle is a methodology for allowing resources to be accessed only if explicit access is granted to a user. By default users do not have access to any resources until access has been granted. This approach prevents unauthorized users from gaining access to resource until access is given. Economy of Mechanism Design PrincipleThe Economy of mechanism design principle requires that systems should be designed as simple and small as possible. Design and implementation errors result in unauthorized access to resources that would not be noticed during normal use. Complete Mediation Design PrincipleThe Complete Mediation design principle states that every access to every resource must be validated for authorization. Open Design Design PrincipleThe Open Design Design Principle is a concept that the security of a system and its algorithms should not be dependent on secrecy of its design or implementation Separation Privilege Design PrincipleThe separation privilege design principle requires that all resource approved resource access attempts be granted based on more than a single condition. For example a user should be validated for active status and has access to the specific resource. Least Common Mechanism Design PrincipleThe Least Common Mechanism design principle declares that mechanisms used to access resources should not be shared. Psychological Acceptability Design PrincipleThe Psychological Acceptability design principle refers to security mechanisms not make resources more difficult to access than if the security mechanisms were not present Defense in Depth Design PrincipleThe Defense in Depth design principle is a concept of layering resource access authorization verification in a system reduces the chance of a successful attack. This layered approach to resource authorization requires unauthorized users to circumvent each authorization attempt to gain access to a resource. When designing a system that requires meeting a security quality attribute architects need consider the scope of security needs and the minimum required security qualities. Not every system will need to use all of the basic security design principles but will use one or more in combination based on a company’s and architect’s threshold for system security because the existence of security in an application adds an additional layer to the overall system and can affect performance. That is why the definition of minimum security acceptably is need when a system is design because this quality attributes needs to be factored in with the other system quality attributes so that the system in question adheres to all qualities based on the priorities of the qualities. Resources: Barnum, Sean. Gegick, Michael. (2005). Least Privilege. Retrieved on August 28, 2011 from https://buildsecurityin.us-cert.gov/bsi/articles/knowledge/principles/351-BSI.html Saltzer, Jerry. (2011). BASIC PRINCIPLES OF INFORMATION PROTECTION. Retrieved on August 28, 2011 from  http://web.mit.edu/Saltzer/www/publications/protection/Basic.html Barnum, Sean. Gegick, Michael. (2005). Defense in Depth. Retrieved on August 28, 2011 from  https://buildsecurityin.us-cert.gov/bsi/articles/knowledge/principles/347-BSI.html Bertino, Elisa. (2005). Design Principles for Security. Retrieved on August 28, 2011 from  http://homes.cerias.purdue.edu/~bhargav/cs526/security-9.pdf

    Read the article

  • jquery image slider for jquery mobile website

    - by Kaidul Islam Sazal
    I have found a fancy looking cubic jquery image slider for jquery mobile website here: http://m.jeep.com/en/mobile/vehicles/selector.html?app=bmo#&ui-state=dialog Now I want to use this slider in one of my project.But I didn't found any resource of this kind of slider for mobile website in online.Now I need to know if there are this kind of slider on the internet ? Or do you know any useful resource of image slider for mobile site (I didn't find any effective resource).

    Read the article

  • Beginners php developer does using LiveDocx white Zend Framework is cpu resource eater ?

    - by user63898
    Hello all im beginner in the php world i need to build option in web application that can convert well defined structures into rtf/pdf from txt/html i found using this site search about LiveDocx php component that is dependent on Zend Framework now im not familiar white the php engine ( the parser ) so im asking you experts is it good solution to use this components ? or its just over head ?

    Read the article

  • How best do you represent a bi-directional sync in a REST api?

    - by Edward M Smith
    Assuming a system where there's a Web Application with a resource, and a reference to a remote application with another similar resource, how do you represent a bi-directional sync action which synchronizes the 'local' resource with the 'remote' resource? Example: I have an API that represents a todo list. GET/POST/PUT/DELETE /todos/, etc. That API can reference remote TODO services. GET/POST/PUT/DELETE /todo_services/, etc. I can manipulate todos from the remote service through my API as a proxy via GET/POST/PUT/DELETE /todo_services/abc123/, etc. I want the ability to do a bi-directional sync between a local set of todos and the remote set of TODOS. In a rpc sort of way, one could do POST /todo_services/abc123/sync/ But, in the "verbs are bad" idea, is there a better way to represent this action?

    Read the article

  • Oracle 12cR1 : Evaluación "What-If" de un comando crsctl con Oracle Clusterware

    - by grantunez-Oracle
    Oracle en su nueva version 12cR1 introdujo una nueva y pequeña característica  al Oracle Clusterware, pero el que sea pequeña, no significa que no sea de gran utilidad. En versiones anteriores, si queríamos saber que iba a pasar al ejecutar un comando con la herramienta crsctl, teníamos que hacerlo en un ambiente de pruebas, ya que si no sabíamos de que se trataba el comando, se convertía en algo muy peligroso hacerlo sobre producción. En Oracle Clusterware 12cR1 se introduce la evaluación de comando tipo "What-If" en la herramienta mencionada anteriormente, crsctl eval, que lo que nos permite es ver , que va a suceder si ejecuta el comando, sin que realmente se ejecute el comando. Primero vamos a ver que recursos tenemos arriba  [oracle@oel6-112-rac1 ~]$ crsctl stat res -t--------------------------------------------------------------------------------Name           Target  State        Server                   State details       --------------------------------------------------------------------------------Local Resources--------------------------------------------------------------------------------ora.ASMNET1LSNR_ASM.lsnr               ONLINE  ONLINE       oel6-112-rac1            STABLE               ONLINE  ONLINE       oel6-112-rac2            STABLEora.DATA.dg               ONLINE  ONLINE       oel6-112-rac1            STABLE               ONLINE  ONLINE       oel6-112-rac2            STABLEora.LISTENER.lsnr               ONLINE  ONLINE       oel6-112-rac1            STABLE               ONLINE  ONLINE       oel6-112-rac2            STABLEora.net1.network               ONLINE  ONLINE       oel6-112-rac1            STABLE               ONLINE  ONLINE       oel6-112-rac2            STABLEora.ons               ONLINE  ONLINE       oel6-112-rac1            STABLE               ONLINE  ONLINE       oel6-112-rac2            STABLEora.proxy_advm               ONLINE  ONLINE       oel6-112-rac1            STABLE               ONLINE  OFFLINE      oel6-112-rac2            CLEANINGora.LISTENER_SCAN1.lsnr      1        ONLINE  ONLINE       oel6-112-rac2            STABLEora.LISTENER_SCAN2.lsnr      1        ONLINE  ONLINE       oel6-112-rac1            STABLEora.LISTENER_SCAN3.lsnr      1        ONLINE  ONLINE       oel6-112-rac1            STABLEora.MGMTLSNR      1        ONLINE  ONLINE       oel6-112-rac1            169.254.247.50 192.1                                                             68.1.111,STABLEora.asm      1        ONLINE  ONLINE       oel6-112-rac1            STABLE      2        ONLINE  ONLINE       oel6-112-rac2            STABLE      3        OFFLINE OFFLINE                               STABLEora.cvu      1        ONLINE  ONLINE       oel6-112-rac1            STABLEora.gns      1        ONLINE  ONLINE       oel6-112-rac1            STABLEora.gns.vip      1        ONLINE  ONLINE       oel6-112-rac1            STABLEora.mgmtdb      1        ONLINE  ONLINE       oel6-112-rac1            Open,STABLEora.oc4j      1        ONLINE  ONLINE       oel6-112-rac1            STABLEora.oel6-112-rac1.vip      1        ONLINE  ONLINE       oel6-112-rac1            STABLEora.oel6-112-rac2.vip      1        ONLINE  ONLINE       oel6-112-rac2            STABLEora.orcl.db      1        OFFLINE OFFLINE      oel6-112-rac2            Instance Shutdown,STABLE       2        ONLINE  ONLINE       oel6-112-rac1            Open,STABLEora.scan1.vip      1        ONLINE  ONLINE       oel6-112-rac2            STABLEora.scan2.vip      1        ONLINE  ONLINE       oel6-112-rac1            STABLEora.scan3.vip      1        ONLINE  ONLINE       oel6-112-rac1            STABLE Ahora lo que vamos a hacer , es evaluar que pasaría, si por ejemplo, el recurso de ASM llegara a fallar en nuestro nodo [oracle@oel6-112-rac1 ~]$ crsctl eval fail resource ora.asm Stage Group 1: -------------------------------------------------------------------------------- Stage Number Required Action --------------------------------------------------------------------------------      1    N Create new group (Stage Group = 2)    Y Resource 'ora.asm' (1/1) will be in state [ONLINE|INTERMEDIATE] on server [oel6-112-rac1]    Y Resource 'ora.asm' (2/1) will be in state [ONLINE|INTERMEDIATE] on server [oel6-112-rac2] -------------------------------------------------------------------------------- Stage Group 2: -------------------------------------------------------------------------------- Stage Number Required Action --------------------------------------------------------------------------------      1    N Resource 'ora.proxy_advm' (oel6-112-rac2) will be in state [ONLINE|INTERMEDIATE] on server [oel6-112-rac2] --------------------------------------------------------------------------------  Como vamos a ver a continuación, no es lo mismo se decidiéramos detener el recurso, en este caso tenemos que forzarlo , ya que es un recurso que no se puede detener sin la opción "-f":  [oracle@oel6-112-rac1 ~]$ crsctl eval stop resource ora.asm Stage Group 1: -------------------------------------------------------------------------------- Stage Number Required Action --------------------------------------------------------------------------------      1    N Error code [222] for entity [ora.asm]. Message is [CRS-2529: Unable to act on 'ora.asm' because that would require stopping or relocating 'ora.DATA.dg', but the force option was not specified]. -------------------------------------------------------------------------------- [oracle@oel6-112-rac1 ~]$ crsctl eval stop resource ora.asm -f Stage Group 1: -------------------------------------------------------------------------------- Stage Number Required Action --------------------------------------------------------------------------------      1    Y Resource 'ora.DATA.dg' (oel6-112-rac1) will be in state [OFFLINE]    Y Resource 'ora.DATA.dg' (oel6-112-rac2) will be in state [OFFLINE]    Y Resource 'ora.orcl.db' (2/1) will be in state [OFFLINE]    Y Resource 'ora.proxy_advm' (oel6-112-rac1) will be in state [OFFLINE]      2    Y Resource 'ora.asm' (1/1) will be in state [OFFLINE]    Y Resource 'ora.asm' (2/1) will be in state [OFFLINE] --------------------------------------------------------------------------------  Como puedes ver, es una característica nueva y pequeña, pero bastante util para evaluar todos tus comandos de crsctl sin impactar a ninguno de tus recursos. Así te permitira valorar el impacto que tendra el comando que vas a ejecutar. Puedes encontrar mas información en: Utilizando el comando eval

    Read the article

  • Shared Database Servers

    - by shivanshu.upadhyay
    As more enterprises consolidate their database environments to support private cloud initiatives, ISVs will have to deal with sceanrios where they need to run on a shared powerful database server like Exadata. Some ISVs are concerned about meeting SLAs for performance in a shared environment. Outside the virtualization world, there are capabilities of Oracle Database which can be used to prevent resource contention and guarantee SLA. These capabilities are - 1) Instance Caging - This guarantees the CPU allocated or limits the maximum number of CPUs (and so the number of Oracle processes) that an instance of Database can use simultaneously. With this feature, ISVs can be assured that their application is allocated adequate CPUs even if the database server is shared with other applications. 2) CPU Resource Allocation with Database Resource Manager - This allocates percentages of CPU time to different users and applications within a database. ISVs can use this feature to ensure that priority user or workloads within their application get CPU resources over other requirements. 3) Exadata I/O Resource Manager - The Database Resource Manager feature in Oracle Database 11g has been enhanced for use with Exadata. This allows the sharing of storage between databases without fear of one database monopolizing the I/O bandwidth and impacting the performance of the other databases sharing the storage. This can be used to ensure that I/O does not become a performance bottleneck due to poor design of other applications sharing the same server.

    Read the article

  • How to prevent "Local transaction already has 1 non-XA Resource" exception?

    - by Zeratul
    Hi, I'm using 2 PU in stateless EJB and each of them is invoked on one method: @PersistenceContext(unitName="PU") private EntityManager em; @PersistenceContext(unitName="PU2") private EntityManager em2; @TransactionAttribute(TransactionAttributeType.REQUIRES_NEW ) public void getCandidates(final Integer eventId) throws ControllerException { ElectionEvent electionEvent = em.find(ElectionEvent.class, eventId); ... Person person = getPerson(candidate.getLogin()); ... } @TransactionAttribute(TransactionAttributeType.REQUIRES_NEW ) private Person getPerson(String login) throws ControllerException { Person person = em2.find(Person.class, login); return person; } Those methods are annotated with REQUIRES_NEW transcaction to avoid this exception. When I was calling these method from javaFX applet, all worked as expected. Now I'm trying to call them from JAX-RS webservice (I don't see any logical difference as in both cases ejb was looked up in initial context) and I keep getting this exception. When I set up XADatasource in glassfish 2.1 connection pools, I got nullpointer exception on em2. Any ideas what to try next? Regards

    Read the article

  • The PASS Board of Directors Q&A Session

    - by andyleonard
    Friday afternoon (18 Oct 2013), the PASS Board of Directors met with interested members of the SQL Server Community to answer questions. Paraphrases of some questions and notes I collected during the session follow (Please note: this is not a transcript): Elections Kendall Van Dyke asked about duplicate voting. The Board responded that they had looked into the matter and identified duplicate memberships based on names and addresses, but with different email addresses. After filtering for duplicate...(read more)

    Read the article

  • Additional new content SOA Partner Community

    - by JuergenKress
    Oracle Reference Architecture: Application Infrastructure Foundation One of the earliest additions to the IT Strategies from Oracle library, this paper describes the concepts and capabilities of the application infrastructure and defines the platform on which solutions are built. Read it. Scaling Service Oriented Architecture What is scaling, and what does it mean to a service oriented architecture? Author Philip Wik explores those issues and proposes Oracle-based solutions to SOA scaling and a SOA scaling roadmap. Read it. SOA, Cloud, and Service Technologies: A Conversation with Thomas Erl Thomas Erl, the world's best selling SOA author, is joined by Oracle SOA experts Tim Hall and Demed L'Her for a wide ranging four-part conversation on the evolution of SOA and the emergence of the architect in the era of cloud computing. Listen to the Podcast & Read a Transcript Cloud e-book Invite your customers to download this Cloud e-book, packed with multi-media resources to educate your customers on the value of Oracle Cloud computing. Assessment: Are you Leading or Lagging when it comes to SOA and BPM? Take the online SOA Assessment and BPM Assessment. New Collateral: Whitepaper Series: The Promise of BPM Technology for Financial Services Institutions - Resource Kit Whitepaper: Reaching Process Excellence with Process Accelerators - PDF Demystifying Cloud Integration: Whitepapers, webcasts, and customer case studies - Resource Kit Whitepaper: Leveraging Governance to sustain Enterprise Architecture - PDF Article: Rethink SOA: A Recipe for Business Transformation - Article Oracle SOA Resource Kit Oracle SOA Governance Resource Kit Oracle BPM Resource Kit SOA & BPM Partner Community For regular information on Oracle SOA Suite become a member in the SOA & BPM Partner Community for registration please visit  www.oracle.com/goto/emea/soa (OPN account required) If you need support with your account please contact the Oracle Partner Business Center. Blog Twitter LinkedIn Mix Forum Technorati Tags: SOA Community,Oracle SOA,Oracle BPM,Community,OPN,Jürgen Kress

    Read the article

  • Open source VideoPlayer / AudioPlayer / MediaPlayer GUI / UI resource available?

    - by steff
    Hi, I'm looking for a user interface for a MediaPlayer which should be able to play video as well as audio files. Furthermore it needs the following things (nothing fancy): TextView for playing time Progress Bar for progress visulization Play/Pause/Stop buttons NO playlist functionality required, the player will only play a single item (that's why I don't need next/previous buttons). It sounds pretty much like the standard audio-player of Android = 2.0. Sure, I could try to find its source code but that would require to tediously check out the entire source. I'm just asking for a more efficient way. Thanks in advance, steff

    Read the article

  • Ok to use VirtualProtect to change resource in Delphi?

    - by user257188
    I'm working on a simple localization effort in D2010. I'm handling all strings on forms because ETM seems like overkill for my needs, as did other 3rd party tools... (although I'm not so sure at this point!) Is the code below for changing the Const.pas strings considered safe to change the button labels on standard message boxes? procedure HookResourceString(rs: PResStringRec; newStr: PChar); var oldprotect: DWORD; begin VirtualProtect(rs, SizeOf(rs^), PAGE_EXECUTE_READWRITE, @oldProtect); rs^.Identifier := Integer(newStr); VirtualProtect(rs, SizeOf(rs^), oldProtect, @oldProtect); end; const NewOK: PChar = 'New Ok'; NewCancel: PChar = 'New Cancel'; Procedure TForm.FormCreate; begin HookResourceString(@SMsgDlgOK, NewOK); HookResourceString(@SMsgDlgCancel, NewCancel); end;

    Read the article

  • Installing PHP-GTK with PHP 5.3 on OS X

    - by Shabbyrobe
    I'm having trouble getting php-gtk installed with php 5.3 on os x. I'm currently using macports to do it and when I try to install php-gtk, it spews 'duplicate static' errors: Error: Target org.macports.build returned: shell command " cd "/opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.macports.org_release_ports_php_php5-gtk/work/php-gtk-2.0.1" && /usr/bin/make -j2 all " returned error 2 Command output: ext/gtk+/gen_pango.c:2951: error: duplicate 'static' ext/gtk+/gen_pango.c:2957: error: duplicate 'static' ext/gtk+/gen_pango.c:3097: error: duplicate 'static' ext/gtk+/gen_pango.c:3103: error: duplicate 'static' Is there a way to coerce it into building, or an alternative way to install it?

    Read the article

  • Could any help me in resource of how to build framework with api like facebook ?

    - by Space Cracker
    we will develop a web site that will have some free services and we want to make it as a framework that can any build application over it or can use its api in their site .. Could any lead me in how to start it , what's the better architecture and design pattern help in that , is there any resources discuss or explain how to do like this ? FYI : we are dot net developers but we can learn any other if its urgently needed in such a solution

    Read the article

  • 5 Lessons learnt in localization / multi language support in WPF

    - by MarkPearl
    For the last few months I have been secretly working away at the second version of an application that we initially released a few years ago. It’s called MaxCut and it is a free panel/cut optimizer for the woodwork, glass and metal industry. One of the motivations for writing MaxCut was to get an end to end experience in developing an application for general consumption. From the early days of v1 of MaxCut I would get the odd email thanking me for the software and then listing a few suggestions on how to improve it. Two of the most dominant suggestions that we received were… Support for imperial measurements (the original program only supported the metric system) Multi language support (we had someone who volunteered to translate the program into Japanese for us). I am not going to dive into the Imperial to Metric support in todays blog post, but I would like to cover a few brief lessons we learned in adding support for multi-language functionality in the software. I have sectioned them below under different lessons. Lesson 1 – Build multi-language support in from the start So the first lesson I learnt was if you know you are going to do multi language support – build it in from the very beginning! One of the power points of WPF/Silverlight is data binding in XAML and so while it wasn’t to painful to retro fit multi language support into the programing, it was still time consuming and a bit tedious to go through mounds and mounds of views and would have been a minor job to have implemented this while the form was being designed. Lesson 2 – Accommodate for varying word lengths using Grids The next lesson was a little harder to learn and was learnt a bit further down the road in the development cycle. We developed everything in English, assuming that other languages would have similar character length words for equivalent meanings… don’t!. A word that is short in your language may be of varying character lengths in other languages. Some language like Dutch and German allow for concatenation of nouns which has the potential to create really long words. We picked up a few places where our views had been structured incorrectly so that if a word was to long it would get clipped off or cut out. To get around this we began using the WPF grid extensively with column widths that would automatically expand if they needed to. Generally speaking the grid replacement got round this hurdle, and if in future you have a choice between a stack panel or a grid – think twice before going for the easier option… often the grid will be a bit more work to setup, but will be more flexible. Lesson 3 – Separate the separators Our initial run through moving the words to a resource dictionary led us to make what I thought was one potential mistake. If we had a label like the following… “length : “ In the resource dictionary we put it as a single entry. This is fine until you start using a word more than once. For instance in our scenario we used the word “length’ frequently. with different variations of the word with grammar and separators included in the resource we ended up having what I would consider a bloated dictionary. When we removed the separators from the words and put them as their own resources we saw a dramatic reduction in dictionary size… so something that looked like this… “length : “ “length. “ “length?” Was reduced to… “length” “:” “?” “.” While this may not seem like a reduction at first glance, consider that the separators “:?.” are used everywhere and suddenly you see a real reduction in bloat. Lesson 4 – Centralize the Language Dictionary This lesson was learnt at the very end of the project after we had already had a release candidate out in the wild. Because our translations would be done on a volunteer basis and remotely, we wanted it to be really simple for someone to translate our program into another language. As a common design practice we had tiered the application so that we had a business logic layer, a ui layer, etc. The problem was in several of these layers we had resource files specific for that layer. What this resulted in was us having multiple resource files that we would need to send to our translators. To add to our problems, some of the wordings were duplicated in different resource files, which would result in additional frustration from our translators as they felt they were duplicating work. Eventually the workaround was to make a separate project in VS2010 with just the language translations. We then exposed the dictionary as public within this project and made it as a reference to the other projects within the solution. This solved out problem as now we had a central dictionary and could remove any duplication's. Lesson 5 – Make a dummy translation file to test that you haven’t missed anything The final lesson learnt about multi language support in WPF was when checking if you had forgotten to translate anything in the inline code, make a test resource file with dummy data. Ideally you want the data for each word to be identical. In our instance we made one which had all the resource key values pointing to a value of test. This allowed us point the language file to our test resource file and very quickly browse through the program and see if we had missed any linking. The alternative to this approach is to have two language files and swap between the two while running the program to make sure that you haven’t missed anything, but the downside of dual language file approach is that it is much a lot harder spotting a mistake if everything is different – almost like playing Where’s Wally / Waldo. It is much easier spotting variance in uniformity – meaning when you put the “test’ keyword for everything, anything that didn’t say “test” stuck out like a sore thumb. So these are my top five lessons learnt on implementing multi language support in WPF. Feel free to make any suggestions in the comments section if you feel maybe something is more important than one of these or if I got it wrong!

    Read the article

  • What is the proper name for this design pattern in Python?

    - by James
    In Python, is the proper name for the PersonXXX class below PersonProxy, PersonInterface, etc? import rest class PersonXXX(object): def __init__(self,db_url): self.resource = rest.Resource(db_url) def create(self,person): self.resource.post(person.data()) def get(self): pass def update(self): pass def delete(self): pass class Person(object): def __init__(self,name, age): self.name = name self.age = age def data(self): return dict(name=self.name,age=self.age)

    Read the article

  • Mixing Forms and Token Authentication in a single ASP.NET Application (the Details)

    - by Your DisplayName here!
    The scenario described in my last post works because of the design around HTTP modules in ASP.NET. Authentication related modules (like Forms authentication and WIF WS-Fed/Sessions) typically subscribe to three events in the pipeline – AuthenticateRequest/PostAuthenticateRequest for pre-processing and EndRequest for post-processing (like making redirects to a login page). In the pre-processing stage it is the modules’ job to determine the identity of the client based on incoming HTTP details (like a header, cookie, form post) and set HttpContext.User and Thread.CurrentPrincipal. The actual page (in the ExecuteHandler event) “sees” the identity that the last module has set. So in our case there are three modules in effect: FormsAuthenticationModule (AuthenticateRequest, EndRequest) WSFederationAuthenticationModule (AuthenticateRequest, PostAuthenticateRequest, EndRequest) SessionAuthenticationModule (AuthenticateRequest, PostAuthenticateRequest) So let’s have a look at the different scenario we have when mixing Forms auth and WS-Federation. Anoymous request to unprotected resource This is the easiest case. Since there is no WIF session cookie or a FormsAuth cookie, these modules do nothing. The WSFed module creates an anonymous ClaimsPrincipal and calls the registered ClaimsAuthenticationManager (if any) to transform it. The result (by default an anonymous ClaimsPrincipal) gets set. Anonymous request to FormsAuth protected resource This is the scenario where an anonymous user tries to access a FormsAuth protected resource for the first time. The principal is anonymous and before the page gets rendered, the Authorize attribute kicks in. The attribute determines that the user needs authentication and therefor sets a 401 status code and ends the request. Now execution jumps to the EndRequest event, where the FormsAuth module takes over. The module then converts the 401 to a redirect (302) to the forms login page. If authentication is successful, the login page sets the FormsAuth cookie.   FormsAuth authenticated request to a FormsAuth protected resource Now a FormsAuth cookie is present, which gets validated by the FormsAuth module. This cookie gets turned into a GenericPrincipal/FormsIdentity combination. The WS-Fed module turns the principal into a ClaimsPrincipal and calls the registered ClaimsAuthenticationManager. The outcome of that gets set on the context. Anonymous request to STS protected resource This time the anonymous user tries to access an STS protected resource (a controller decorated with the RequireTokenAuthentication attribute). The attribute determines that the user needs STS authentication by checking the authentication type on the current principal. If this is not Federation, the redirect to the STS will be made. After successful authentication at the STS, the STS posts the token back to the application (using WS-Federation syntax). Postback from STS authentication After the postback, the WS-Fed module finds the token response and validates the contained token. If successful, the token gets transformed by the ClaimsAuthenticationManager, and the outcome is a) stored in a session cookie, and b) set on the context. STS authenticated request to an STS protected resource This time the WIF Session authentication module kicks in because it can find the previously issued session cookie. The module re-hydrates the ClaimsPrincipal from the cookie and sets it.     FormsAuth and STS authenticated request to a protected resource This is kind of an odd case – e.g. the user first authenticated using Forms and after that using the STS. This time the FormsAuth module does its work, and then afterwards the session module stomps over the context with the session principal. In other words, the STS identity wins.   What about roles? A common way to set roles in ASP.NET is to use the role manager feature. There is a corresponding HTTP module for that (RoleManagerModule) that handles PostAuthenticateRequest. Does this collide with the above combinations? No it doesn’t! When the WS-Fed module turns existing principals into a ClaimsPrincipal (like it did with the FormsIdentity), it also checks for RolePrincipal (which is the principal type created by role manager), and turns the roles in role claims. Nice! But as you can see in the last scenario above, this might result in unnecessary work, so I would rather recommend consolidating all role work (and other claims transformations) into the ClaimsAuthenticationManager. In there you can check for the authentication type of the incoming principal and act accordingly. HTH

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 68 69 70 71 72 73 74 75 76 77 78 79  | Next Page >