Search Results

Search found 55091 results on 2204 pages for 'obiee system security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 75/2204 | < Previous Page | 71 72 73 74 75 76 77 78 79 80 81 82  | Next Page >

  • Small business: what should I know about computer security?

    - by geschema
    I run a small (1 man) consulting company in the field of embedded systems, working from home using a standard DSL internet access. My main development machine is a Windows XP PC, which is connected to the router with an ethernet cable. I also have a MacBook Pro laptop, which is connects to the network via WLAN (WPA-PSK). Besides enabling the Windows firewall, not using IE, having an up-to-date antivirus program and strong passwords, what do I need to know to keep my customers' data safe on these computers?

    Read the article

  • Can I lose files when changing security on an XP drive within Windows 7?

    - by Will
    Hard to come up with a title for this one, sheesh. Have a friend whose computer went down. He asked me to get all his data off his drive. His old computer was running XP. So, I've plugged it into my Windows 7 computer. When I attempt to open up his Documents and Settings folder, I get prompted to elevate in order to "permanently get access to this folder." If I do this, will I be able to access the files in this directory, or will all the current files be lost? I may be overly paranoid about this, but I can't find any information about exactly what will happen when I do this. TIA.

    Read the article

  • Is there a security concern exposing NTLM authentication over http or should it only be https?

    - by Shane
    We are setting up a SharePoint 2010 site. Don't worry, this is not a Sharepoint question, just adding it for context. Most of the site will be anonymous, but some users are able to authenticate in and edit content. They use NTLM (users exist in AD). Is there any concern about exposing NTLM login for users that can modify content over the internet via http or should that only be exposed via https?

    Read the article

  • Read-only file system

    - by John
    The title might not be as descriptive as I would like it to be but couldn't come up with a better one. My server's file system went into Read-only. And I don't understand why it does so and how to solve it. I can SSH into the server and when trying to start apache2 for example I get the following : username@srv1:~$ sudo service apache2 start [sudo] password for username: sudo: unable to open /var/lib/sudo/username/1: Read-only file system * Starting web server apache2 (30)Read-only file system: apache2: could not open error log file /var/log/apache2/error.log. Unable to open logs Action 'start' failed. The Apache error log may have more information. When I try restarting the server I get : username@srv1:~$ sudo shutdown -r now [sudo] password for username: sudo: unable to open /var/lib/sudo/username/1: Read-only file system Once I restart it manually it just start up without any warning or message saying something is wrong. I hope somebody could point me into the right direction to resolve this issue. Thanks in advance!

    Read the article

  • Boot failure after update and system crash 11.10

    - by Alubuntu
    I'm using: Dell XPS M1330 laptop, Ubuntu 11.10 32bits, single boot (only Linux OS), Virtualbox (with Windows XP on virtual machine). System crashed while working with a very heavy image on GIMP (and Virtualbox was on). During the same session, I made an automatic system update, but don't know what was exactly updated. After the crash the system doesn't boot. Always freezes on terminal screen but at different stages, ""Starting CUPS printing spooler/server", "Checking battery state", "mountall: plymouth command failed", etc. Sometimes indicates [failed] in some of the processes and sometimes they're all [ok]. Did a Boot info summary with boot-repair and gave me this report http://paste.ubuntu.com/1050743/ This is not a new install, have been using it for almost 6 months...though since last month it couldn't halt..it started shutting down and stopped at black screen with fan on and on/off light still on (I used to finish the shutdown process by forcing halt with a long-press of the power button). I don't know if these has anything to do with the boot failure. Is there anyway I can solve this issue (the boot failure) or make some sort of system check to find out what is the cause of the problem? I wasn't sure if this was the right place to ask the question, so I also did it at https://answers.launchpad.net/ubuntu/+question/201004

    Read the article

  • System boots in console + login loop

    - by Imagicien
    I messed up my system while trying to fix permission problems for setting up a LAMP local server. I tried this solution: How to avoid using sudo when working in /var/www? without success. Then I saw this solution: Permissions issue: how can Apache access files in my Home directory? I understood that I had to change the permissions of my root directory (among others), so I executed: sudo chmod 710 / I also changed the user group on / to www-data. I also did these operations on /home. I'm pretty sure one of those commands broke something, because it's the last commands I executed, and after that, my system showed strange/broken behavior: Firefox stopped showing pages Some icons got replaced by an red X icon (meaning "Icon not found" I guess) Applications refused to launch (no reaction) After rebooting: I got a strange graphical message talking about not being able to mount something, asking me if I wanted to wait, and talking about /tmp (I forgot the message since I was in shock) My system now boots in console, and when I login, it flashes unsignificant stuff* before re-asking me to login. My important data is on Ubuntu One. I'd prefer not having to reinstall from scratch. Is there a way to regain access to my system? Thanks a lot for your help. *Looks like a terminal header with the name of the OS and other info. Doesn't seem important.

    Read the article

  • What is an Enterprise Resource Planning (ERP) System?

    In order to understand what an Enterprise Resource Planning System is let us look at a classic American kids snack, the Rice Krispy Treat if we conceptually view the treat as a company’s internal applications as a whole.  Furthermore we can view a company’s departmentalized software applications as the theoretical Rice Krispies in the treat. In addition, the Rice Krispies consist of a combination of ingredients that be broken down into data, user interfaces and business logic. Next, we have the margarine or butter that is used to help the marshmallows bind with the Rice Krispies; this role in our conceptual view is taken by a data source typically as a relational database management system. Finally we have the melted marshmallows which act as the ERP software that connects all of the individual departmental software applications in to one unified system that allows all user one unified system to interact with all of the individual dispersed systems. An example of this would be if a customer places an order with a telephone operator and once the orders is processed an employee in the shipping department can see the order ready for fulfillment on his order screen. The ERP acts a go between for various independent departmental systems so that they can integrate with one another.

    Read the article

  • C++ and system exceptions

    - by Abyx
    Why standard C++ doesn't respect system (foreign or hardware) exceptions? E.g. when null pointer dereference occurs, stack isn't unwound, destructors aren't called, and RAII doesn't work. The common advice is "to use system API". But on certain systems, specifically Win32, this doesn't work. To enable stack unwinding for this C++ code // class Foo; // void bar(const Foo&); bar(Foo(1, 2)); one should generate something like this C code Foo tempFoo; Foo_ctor(&tempFoo); __try { bar(&tempFoo); } __finally { Foo_dtor(&tempFoo); } Foo_dtor(&tempFoo); and it's impossible to implement this as C++ library. Upd: Standard doesn't forbid handling system exceptions. But it seems that popular compilers like g++ doesn't respect system exceptions on any platforms just because standard doesn't require this. The only thing that I want - is to use RAII to make code readable and program reliable. I don't want to put hand-crafted try\finally around every call to unknown code. For example in this reusable code, AbstractA::foo is such unknown code: void func(AbstractA* a, AbstractB* b) { TempFile file; a->foo(b, file); } Maybe one will pass to func such implementation of AbstractA, which every Friday will not check if b is NULL, so access violation will happen, application will terminate and temporary file will not be deleted. How many months uses will suffer because of this issue, until either author of func or author of AbstractA will do something with it? Related: Is `catch(...) { throw; }` a bad practice?

    Read the article

  • Big level objects collision system for 2d game

    - by Aristarhys
    I read many variants today and get some knowledge in general, so here is a steps of mine thoughts in pictures (horrible paint.net ones). We need to develop grid system, so we check only thing near, perform simple check to cut out deep check, and at - last deep check like per-pixel collision check. Step 1 - Let p1, p2 are some sprites lets first just check with circle collision - because large distance between p1, p2 this fails and of course so we don't need test more deeply. But if we have not 2, but 20 objects, why we need to even circle test something so far outside of our view. Step 2 - Add basic column system, now we don't bother with p2 if it's in a column far from p1 column, so we even don't do circle test. But p3 is in the same col, so let do circle test, which of course will fail. Step 3 - Lets improve column system to the grid system with grid cell size just like p1, p2, p3 collision boxes, so we cut out things much top or below p1. And this is all great until comes BIG OBJs which is some kind of platforms. They are much bigger then grid cell. Circle test for will be successful, but deep check for whole big obj will fail And that the part I can't get. How do I store the grid position of big object? Like 4 grid coords for big object vertexes? And if one of them close to p1 do circle check for centre of big object then a deep one if succeed? Am I do it wrong? My possible solution:

    Read the article

  • Oracle Magazine Sept/Oct 2012 - Security on the Move

    - by Darin Pendergraft
    This month's Oracle Magazine cover story is Security on the Move.  In it, two Oracle IDM customers discuss their impressions of the latest IDM release.  Kurt Lieber from Kaiser Permanente and Peter Boyle from BT discuss how they are using Oracle IDM to enable their business. Click this link to see the latest issue: http://www.oracle.com/technetwork/issue-archive/2012/12-sep/index.html Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;} In addition to the cover article, the Analyst’s Corner features an interview with Sally Hudson from IDC focusing on IDM issues : http://www.oracle.com/technetwork/issue-archive/2012/12-sep/o52analyst-1735921.html And the Partner Perspectives contains information from our IDM partners Hub City Media, aurionPro SENA, and ICSynergy

    Read the article

  • Designing a system with different business rules for different customers

    - by user1595846
    My company is rewriting our proprietary business application. The current architecture is poorly done and inflexible. It is coded more procedural oriented as opposed to object oriented. It has become difficult to maintain. Our system is a web application written in .Net Webforms. I am considering ASP.Net MVC for the rewrite. We intend to rewrite it with a good, solid architecture with the goal of maintainability and reusable classes for some of our other systems and services. We would also like the system to be customizable for different customers in the event that we market the system. I am considering redesigning the system based on the layered architecture (Presentation, Business, Data Access layers) described in the Microsoft Patterns and Practices Application Architecture Guide. http://msdn.microsoft.com/en-us/library/ff650706.aspx Hopefully this isn't too open ended, but how would you recommend allowing for different business logic/rules for different customers? I'm aware of Windows Workflow Foundation, but from what I've read about it, it seems many business rules could be too complicated to handle there. Also, Can anyone point me to where I can download an example of a .net solution that is based on the Application Architecture Guide? I have already downloaded the Layered Architecture Solution Guidance and the Expense Sample on codeplex. I was looking for something a bit larger and more robust that I could step through the code and see how it works. If you feel there are better architectures to base our redesign on please feel free to share. I appreciate your help!

    Read the article

  • Webcast: DB Enterprise User Security Integration with Oracle Directory Services

    - by B Shashikumar
    The typical enterprise has a large number of DBA (Database administrator) accounts that are locally managed, which is often very costly, problematic and error-prone. Databases are a crucial component of your enterprise IT infrastructure, housing sensitive corporate data and database user accounts and privileges. To ensure the integrity of your enterprise's data, it's imperative to have a well-managed identity management system. This begins with centralized management of user accounts and access rights. Enterprise User Security (EUS), an Oracle Database Enterprise Edition feature, combined with Oracle Identity Management, gives you the ability to centrally manage database users and their authorizations in one central place. The cost of user provisioning and password resets is dramatically reduced. This technology is a must for new application development and should be considered for existing applications as well. Join Oracle Advisors for a live webcast on Jul 11 at 8am Pacific Time where Oracle experts will briefly introduce EUS, followed by a detailed discussion about the various directory options that are supported, including integration with Microsoft Active Directory. We'll conclude how to avoid common pitfalls deploying EUS with directory services. To register for this event, click here  

    Read the article

  • Complex, yet simple crafting system model

    - by KatShot
    I'm working on some arcade shooter/slasher, and the main logline is "Kick'em with everything you want". There's not so many enemies in GDD, main focus is on tons of weapons and gadgets to cause mayhem. To get weapon, you need to craft it, and now crafting system looks simple, like: 1) You got three slots for weapon parts (like A, B, C) 2) You collect misc weapon parts, and when you got atleast one for every slot, you can craft a weapon (for example, if you got A1, B1, B2, B3 and C1, you can craft such models - A1B1C1, A1B2C1, A1B3C1) As for me, this crafting system is too simple, because weapon parts will just fall from the top of screen, often enough. That's why I'm thinking about adding some more crafting system levels, like resources (collect 10 scrap pieces to make part A1 or C3), etc. My question is: How can i add some more complex, still simple, transparent levels in crafting system? upd. For example, in Minecraft or Terraria, first 5-10 crafting recipies quite transparent and simple IMHO. But then it turns into huge mess to understand, how to craft this or that (for example, fishing rod)

    Read the article

  • Iterate through deserialized xml object

    - by Bruce Adams
    I have a deserialized xml c# objet. I need to iterate through the oject to display all items, in this case there's just one, and display the name, colors and sizes for each item. The xml: <?xml version="1.0" encoding="utf-8"?> <Catalog Name="Example"> <Items> <Item Name="ExampleItem"> <Colors> <Color Name="Black" Value="#000" /> <Color Name="White" Value="#FFF" /> </Colors> <Sizes> <Size Name="Small" Value="10" /> <Size Name="Medium" Value="20" /> </Sizes> </Item> </Items> </Catalog> xsd.exe generated classes: //------------------------------------------------------------------------------ // <auto-generated> // This code was generated by a tool. // Runtime Version:2.0.50727.4927 // // Changes to this file may cause incorrect behavior and will be lost if // the code is regenerated. // </auto-generated> //------------------------------------------------------------------------------ using System.Xml.Serialization; // // This source code was auto-generated by xsd, Version=2.0.50727.42. // /// <remarks/> [System.CodeDom.Compiler.GeneratedCodeAttribute("xsd", "2.0.50727.42")] [System.SerializableAttribute()] [System.Diagnostics.DebuggerStepThroughAttribute()] [System.ComponentModel.DesignerCategoryAttribute("code")] [System.Xml.Serialization.XmlTypeAttribute(AnonymousType=true)] [System.Xml.Serialization.XmlRootAttribute(Namespace="", IsNullable=false)] public partial class Catalog { private CatalogItemsItem[][] itemsField; private string nameField; /// <remarks/> [System.Xml.Serialization.XmlArrayAttribute(Form=System.Xml.Schema.XmlSchemaForm.Unqualified)] [System.Xml.Serialization.XmlArrayItemAttribute("Item", typeof(CatalogItemsItem[]), Form=System.Xml.Schema.XmlSchemaForm.Unqualified, IsNullable=false)] public CatalogItemsItem[][] Items { get { return this.itemsField; } set { this.itemsField = value; } } /// <remarks/> [System.Xml.Serialization.XmlAttributeAttribute()] public string Name { get { return this.nameField; } set { this.nameField = value; } } } /// <remarks/> [System.CodeDom.Compiler.GeneratedCodeAttribute("xsd", "2.0.50727.42")] [System.SerializableAttribute()] [System.Diagnostics.DebuggerStepThroughAttribute()] [System.ComponentModel.DesignerCategoryAttribute("code")] [System.Xml.Serialization.XmlTypeAttribute(AnonymousType=true)] public partial class CatalogItemsItem { private CatalogItemsItemColorsColor[][] colorsField; private CatalogItemsItemSizesSize[][] sizesField; private string nameField; /// <remarks/> [System.Xml.Serialization.XmlArrayAttribute(Form=System.Xml.Schema.XmlSchemaForm.Unqualified)] [System.Xml.Serialization.XmlArrayItemAttribute("Color", typeof(CatalogItemsItemColorsColor[]), Form=System.Xml.Schema.XmlSchemaForm.Unqualified, IsNullable=false)] public CatalogItemsItemColorsColor[][] Colors { get { return this.colorsField; } set { this.colorsField = value; } } /// <remarks/> [System.Xml.Serialization.XmlArrayAttribute(Form=System.Xml.Schema.XmlSchemaForm.Unqualified)] [System.Xml.Serialization.XmlArrayItemAttribute("Size", typeof(CatalogItemsItemSizesSize[]), Form=System.Xml.Schema.XmlSchemaForm.Unqualified, IsNullable=false)] public CatalogItemsItemSizesSize[][] Sizes { get { return this.sizesField; } set { this.sizesField = value; } } /// <remarks/> [System.Xml.Serialization.XmlAttributeAttribute()] public string Name { get { return this.nameField; } set { this.nameField = value; } } } /// <remarks/> [System.CodeDom.Compiler.GeneratedCodeAttribute("xsd", "2.0.50727.42")] [System.SerializableAttribute()] [System.Diagnostics.DebuggerStepThroughAttribute()] [System.ComponentModel.DesignerCategoryAttribute("code")] [System.Xml.Serialization.XmlTypeAttribute(AnonymousType=true)] public partial class CatalogItemsItemColorsColor { private string nameField; private string valueField; /// <remarks/> [System.Xml.Serialization.XmlAttributeAttribute()] public string Name { get { return this.nameField; } set { this.nameField = value; } } /// <remarks/> [System.Xml.Serialization.XmlAttributeAttribute()] public string Value { get { return this.valueField; } set { this.valueField = value; } } } /// <remarks/> [System.CodeDom.Compiler.GeneratedCodeAttribute("xsd", "2.0.50727.42")] [System.SerializableAttribute()] [System.Diagnostics.DebuggerStepThroughAttribute()] [System.ComponentModel.DesignerCategoryAttribute("code")] [System.Xml.Serialization.XmlTypeAttribute(AnonymousType=true)] public partial class CatalogItemsItemSizesSize { private string nameField; private string valueField; /// <remarks/> [System.Xml.Serialization.XmlAttributeAttribute()] public string Name { get { return this.nameField; } set { this.nameField = value; } } /// <remarks/> [System.Xml.Serialization.XmlAttributeAttribute()] public string Value { get { return this.valueField; } set { this.valueField = value; } } } /// <remarks/> [System.CodeDom.Compiler.GeneratedCodeAttribute("xsd", "2.0.50727.42")] [System.SerializableAttribute()] [System.Diagnostics.DebuggerStepThroughAttribute()] [System.ComponentModel.DesignerCategoryAttribute("code")] [System.Xml.Serialization.XmlTypeAttribute(AnonymousType=true)] [System.Xml.Serialization.XmlRootAttribute(Namespace="", IsNullable=false)] public partial class NewDataSet { private Catalog[] itemsField; /// <remarks/> [System.Xml.Serialization.XmlElementAttribute("Catalog")] public Catalog[] Items { get { return this.itemsField; } set { this.itemsField = value; } } } Deserialization code: System.Xml.Serialization.XmlSerializer xSerializer = new System.Xml.Serialization.XmlSerializer(typeof(Catalog)); TextReader reader = new StreamReader("catalog.xml"); Catalog catalog = (Catalog)xSerializer.Deserialize(reader); foreach (var item in catalog.Items) { } reader.Close(); When I setp through the code there is one item present in catalog.items, but it is empty, no name, colors or sizes. Any ideas what I need to do? Thanks

    Read the article

  • Spring Security DB Authentication w/Hibernate and hashed passwords?

    - by Seth
    I'm trying to set up spring security 3 to authenticate users against my hibernate 3 database. I'm storing only sha1 hashes of the passwords in the database (not plaintext). I've looked at this and this, which tell me to implement my own UserDetailsService. Unfortunately, the UserDetails that loadUserByUsername spits out seem to need the plaintext password, which I don't have. How is this usually handled? Can Spring Security actually do what I need here? Am I missing something?

    Read the article

  • How to implement login page using Spring Security so that it works with Spring web flow?

    - by simon
    I have a web application using Spring 2.5.6 and Spring Security 2.0.4. I have implemented a working login page, which authenticates the user against a web service. The authentication is done by defining a custom authentincation manager, like this: <beans:bean id="customizedFormLoginFilter" class="org.springframework.security.ui.webapp.AuthenticationProcessingFilter"> <custom-filter position="AUTHENTICATION_PROCESSING_FILTER" /> <beans:property name="defaultTargetUrl" value="/index.do" /> <beans:property name="authenticationFailureUrl" value="/login.do?error=true" /> <beans:property name="authenticationManager" ref="customAuthenticationManager" /> <beans:property name="allowSessionCreation" value="true" /> </beans:bean> <beans:bean id="customAuthenticationManager" class="com.sevenp.mobile.samplemgmt.web.security.CustomAuthenticationManager"> <beans:property name="authenticateUrlWs" value="${WS_ENDPOINT_ADDRESS}" /> </beans:bean> The authentication manager class: public class CustomAuthenticationManager implements AuthenticationManager, ApplicationContextAware { @Transactional @Override public Authentication authenticate(Authentication authentication) throws AuthenticationException { //authentication logic return new UsernamePasswordAuthenticationToken(principal, authentication.getCredentials(), grantedAuthorityArray); } The essential part of the login jsp looks like this: <c:url value="/j_spring_security_check" var="formUrlSecurityCheck"/> <form method="post" action="${formUrlSecurityCheck}"> <div id="errorArea" class="errorBox"> <c:if test="${not empty param.error}"> ${sessionScope["SPRING_SECURITY_LAST_EXCEPTION"].message} </c:if> </div> <label for="loginName"> Username: <input style="width:125px;" tabindex="1" id="login" name="j_username" /> </label> <label for="password"> Password: <input style="width:125px;" tabindex="2" id="password" name="j_password" type="password" /> </label> <input type="submit" tabindex="3" name="login" class="formButton" value="Login" /> </form> Now the problem is that the application should use Spring Web Flow. After the application was configured to use Spring Web Flow, the login does not work anymore - the form action to "/j_spring_security_check" results in a blank page without error message. What is the best way to adapt the existing login process so that it works with Spring Web Flow?

    Read the article

  • Is there a way to load a different cacerts than the one specified in the java_home/jre/lib/security

    - by feniix
    I have a single installation of java in a system that runs 2 or 3 applications. All the applications use the same runtime. Is there a way to specify a different keystores for the ca certs than the one in java_home/jre/lib/security. That is, is there an option to specify an "extra" keystore that is loaded and added to the certs loaded from java_home/jre/lib/security/cacerts? What I want to avoid is having to re-import our local ca every time I upgrade the jdk in the box.

    Read the article

  • CakePHP: Why does adding 'Security' component break my app?

    - by Steve
    I have a strange problem -- of my own making -- that's cropped up, and is driving me crazy. At some point, I inadvertently destroyed a file in the app/tmp directory...I'm not sure which file. But now my app breaks when I include the "Security" component, and works just fine when it's not included. I'm thinking it might be related to the Security.salt value somehow, or possibly to the saved session info, but I don't really have a deep enough knowledge of CakePHP to figure it out. Can anyone offer any insight here?

    Read the article

  • In search of a packaged .Net security solution for web-forms.

    - by Chuck Conway
    We are looking for a security solution for asp.net that has security down to the control level. This is not a necessity but, it would be nice. At the very least it needs to extend-able to allow for control level permissions. The solution should have an administration panel of some sort. It also needs to support roles, groups, and individual permissions. We haven't seen anything like this in the marketplace -- we are in the process of rolling our own solution. We'd rather use an off the shelf solution.

    Read the article

  • Is man-in-the-middle attack a security threat during SSH authentication using keys?

    - by JP19
    Hi, I am no expert in network security, so pardon if this question is not very smart :). I am automating logins to some machines using ssh. I am currently avoiding host-key warnings using StrictHostKeyChecking no. I naively understand that someone can impersonate as the server and I risk losing my password to him if that were the case. However, if I am using only public/private Key based authentication ( using PasswordAuthentication no ), can the intruder still cause harm? So basically, with ssh -o "StrictHostKeyChecking no" -o "PasswordAuthentication no" : 1) Can the intruder decipher my private key? 2) Are there any other security threats? regards, JP

    Read the article

  • Important Security Issue: Is it possible to put binary image data into html markup code and then get

    - by Joern Akkermann
    Hi, it's an important security issue and I'm sure this should be possible. A simple example: You run a community portal. Users are registered and upload their pictures. Your application gives security rules wenever a picture is allowed to be displayed. For example users must be friends on each sides by the system, in order that you can view someone elses uploaded pictures. Here comes the problem: it is possible that someone crawls the image directories of your server. But you want to protect your users from such attacks. If it's possible to put the binary data of an image directly into the html markup, you can restrict the user access of your image dirs the user and group your web application runs of and pass the image data to your apache user and group directly in the html. The only possible weakness then is the password of the user that your web app runs as. Is there already a possibility? Yours, Joern.

    Read the article

  • Make a connection to a HTTPS server from Java and ignore the validity of the security certificate

    - by justinhj
    I've been testing some that works with a bunch of https servers with different keys, some of which are invalid and all of them are not in the local key store for my JVM. I am really only testing things out, so I don't care about the security at this stage. Is there a good way to make POST calls to the server and tell Java not to worry about the security certificates? My google searches for this have brought up some code examples that make a class to do the validation, that always works, but I cannot get it to connect to any of the servers.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 71 72 73 74 75 76 77 78 79 80 81 82  | Next Page >