Search Results

Search found 11147 results on 446 pages for 'password prompts'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 75/446 | < Previous Page | 71 72 73 74 75 76 77 78 79 80 81 82  | Next Page >

  • Quick Fix for GlassFish/MySQL NoPasswordCredential Found

    - by MarkH
    Just the other day, I stood up a GlassFish 3.1.2 server in preparation for a new web app we've developed. Since we're using MySQL as the back-end database, I configured it for MySQL (driver) and created the requisite JDBC resource and supporting connection pool. Pinging the finished pool returned a success, and all was well. Until we fired up the app, that is -- in this case, after a weekend. Funny how things seem to break when you leave them alone for a couple of days. :-) Strangely, the error indicated "No PasswordCredential found". Time to re-check that pool. All the usual properties and values were there (URL, driverClass, serverName, databaseName, portNumber, user, password) and were populated correctly. Yes, the password field, too. And it had pinged successfully. So why the problem? A bit of searching online produced enough relevant material to offer promise. I didn't take notes as I was investigating the cause (note to self), but here were the general steps I took to resolve the issue: First, per some guidance I had found, I tried resetting the password value to nothing (using () for a value). Of course, this didn't fix anything; the database account requires a password. And when I tried to put the value back, GlassFish politely refused. Hmm. I'd seen that some folks created a new pool to replace the "broken" one, and while that did work for them, it seemed to simply side-step the issue. So I deleted the password property - which GlassFish allowed me to do - and restarted the domain. Once I was back in, I re-added the password property and its value, saved it, and pinged...success! But now to the app for the litmus test. The web app worked, and everything and everyone was now happy. Not bad for a Monday.  :-D Hope this helps, Mark

    Read the article

  • ASP.NET MVC2 Implementing Custom RoleManager problem

    - by ile
    To create a custom membership provider I followed these instructions: http://stackoverflow.com/questions/2771094/asp-net-mvc2-custom-membership and these: http://mattwrock.com/post/2009/10/14/Implementing-custom-Membership-Provider-and-Role-Provider-for-Authinticating-ASPNET-MVC-Applications.aspx So far, I've managed to implement custom membership provider and that part works fine. RoleManager still needs some modifications... Project structure: SAMembershipProvider.cs: public class SAMembershipProvider : MembershipProvider { #region - Properties - private int NewPasswordLength { get; set; } private string ConnectionString { get; set; } public bool enablePasswordReset { get; set; } public bool enablePasswordRetrieval { get; set; } public bool requiresQuestionAndAnswer { get; set; } public bool requiresUniqueEmail { get; set; } public int maxInvalidPasswordAttempts { get; set; } public int passwordAttemptWindow { get; set; } public MembershipPasswordFormat passwordFormat { get; set; } public int minRequiredNonAlphanumericCharacters { get; set; } public int minRequiredPasswordLength { get; set; } public string passwordStrengthRegularExpression { get; set; } public override string ApplicationName { get; set; } public override bool EnablePasswordRetrieval { get { return enablePasswordRetrieval; } } public override bool EnablePasswordReset { get { return enablePasswordReset; } } public override bool RequiresQuestionAndAnswer { get { return requiresQuestionAndAnswer; } } public override int MaxInvalidPasswordAttempts { get { return maxInvalidPasswordAttempts; } } public override int PasswordAttemptWindow { get { return passwordAttemptWindow; } } public override bool RequiresUniqueEmail { get { return requiresUniqueEmail; } } public override MembershipPasswordFormat PasswordFormat { get { return passwordFormat; } } public override int MinRequiredPasswordLength { get { return minRequiredPasswordLength; } } public override int MinRequiredNonAlphanumericCharacters { get { return minRequiredNonAlphanumericCharacters; } } public override string PasswordStrengthRegularExpression { get { return passwordStrengthRegularExpression; } } #endregion #region - Methods - public override void Initialize(string name, NameValueCollection config) { throw new NotImplementedException(); } public override bool ChangePassword(string username, string oldPassword, string newPassword) { throw new NotImplementedException(); } public override bool ChangePasswordQuestionAndAnswer(string username, string password, string newPasswordQuestion, string newPasswordAnswer) { throw new NotImplementedException(); } public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status) { throw new NotImplementedException(); } public override bool DeleteUser(string username, bool deleteAllRelatedData) { throw new NotImplementedException(); } public override MembershipUserCollection FindUsersByEmail(string emailToMatch, int pageIndex, int pageSize, out int totalRecords) { throw new NotImplementedException(); } public override MembershipUserCollection FindUsersByName(string usernameToMatch, int pageIndex, int pageSize, out int totalRecords) { throw new NotImplementedException(); } public override MembershipUserCollection GetAllUsers(int pageIndex, int pageSize, out int totalRecords) { throw new NotImplementedException(); } public override int GetNumberOfUsersOnline() { throw new NotImplementedException(); } public override string GetPassword(string username, string answer) { throw new NotImplementedException(); } public override MembershipUser GetUser(object providerUserKey, bool userIsOnline) { throw new NotImplementedException(); } public override MembershipUser GetUser(string username, bool userIsOnline) { throw new NotImplementedException(); } public override string GetUserNameByEmail(string email) { throw new NotImplementedException(); } protected override void OnValidatingPassword(ValidatePasswordEventArgs e) { base.OnValidatingPassword(e); } public override string ResetPassword(string username, string answer) { throw new NotImplementedException(); } public override bool UnlockUser(string userName) { throw new NotImplementedException(); } public override void UpdateUser(MembershipUser user) { throw new NotImplementedException(); } public override bool ValidateUser(string username, string password) { AccountRepository accountRepository = new AccountRepository(); var user = accountRepository.GetUser(username); if (string.IsNullOrEmpty(password.Trim())) return false; if (user == null) return false; //string hash = EncryptPassword(password); var email = user.Email; var pass = user.Password; if (user == null) return false; if (pass == password) { //User = user; return true; } return false; } #endregion protected string EncryptPassword(string password) { //we use codepage 1252 because that is what sql server uses byte[] pwdBytes = Encoding.GetEncoding(1252).GetBytes(password); byte[] hashBytes = System.Security.Cryptography.MD5.Create().ComputeHash(pwdBytes); return Encoding.GetEncoding(1252).GetString(hashBytes); } } SARoleProvider.cs public class SARoleProvider : RoleProvider { AccountRepository accountRepository = new AccountRepository(); public override bool IsUserInRole(string username, string roleName) { return true; } public override string ApplicationName { get { throw new NotImplementedException(); } set { throw new NotImplementedException(); } } public override void AddUsersToRoles(string[] usernames, string[] roleNames) { throw new NotImplementedException(); } public override void RemoveUsersFromRoles(string[] usernames, string[] roleNames) { throw new NotImplementedException(); } public override void CreateRole(string roleName) { throw new NotImplementedException(); } public override bool DeleteRole(string roleName, bool throwOnPopulatedRole) { throw new NotImplementedException(); } public override bool RoleExists(string roleName) { throw new NotImplementedException(); } public override string[] GetRolesForUser(string username) { int rolesCount = 0; IQueryable<RoleViewModel> rolesNames; try { // get roles for this user from DB... rolesNames = accountRepository.GetRolesForUser(username); rolesCount = rolesNames.Count(); } catch (Exception ex) { throw ex; } string[] roles = new string[rolesCount]; int counter = 0; foreach (var item in rolesNames) { roles[counter] = item.RoleName.ToString(); counter++; } return roles; } public override string[] GetUsersInRole(string roleName) { throw new NotImplementedException(); } public override string[] FindUsersInRole(string roleName, string usernameToMatch) { throw new NotImplementedException(); } public override string[] GetAllRoles() { throw new NotImplementedException(); } } AccountRepository.cs public class RoleViewModel { public string RoleName { get; set; } } public class AccountRepository { private DB db = new DB(); public User GetUser(string email) { return db.Users.SingleOrDefault(d => d.Email == email); } public IQueryable<RoleViewModel> GetRolesForUser(string email) { var result = ( from role in db.Roles join user in db.Users on role.RoleID equals user.RoleID where user.Email == email select new RoleViewModel { RoleName = role.Name }); return result; } } webconfig <membership defaultProvider="SAMembershipProvider" userIsOnlineTimeWindow="15"> <providers> <clear/> <add name="SAMembershipProvider" type="SA_Contacts.Membership.SAMembershipProvider, SA_Contacts" connectionStringName ="ShinyAntConnectionString" /> </providers> </membership> <roleManager defaultProvider="SARoleProvider" enabled="true" cacheRolesInCookie="true"> <providers> <clear/> <add name="SARoleProvider" type="SA_Contacts.Membership.SARoleProvider" connectionStringName ="ShinyAntConnectionString" /> </providers> </roleManager> AccountController.cs: public class AccountController : Controller { SAMembershipProvider provider = new SAMembershipProvider(); AccountRepository accountRepository = new AccountRepository(); public AccountController() { } public ActionResult LogOn() { return View(); } [AcceptVerbs(HttpVerbs.Post)] public ActionResult LogOn(string userName, string password, string returnUrl) { if (!ValidateLogOn(userName, password)) { return View(); } var user = accountRepository.GetUser(userName); var userFullName = user.FirstName + " " + user.LastName; FormsAuthentication.SetAuthCookie(userFullName, false); if (!String.IsNullOrEmpty(returnUrl) && returnUrl != "/") { return Redirect(returnUrl); } else { return RedirectToAction("Index", "Home"); } } public ActionResult LogOff() { FormsAuthentication.SignOut(); return RedirectToAction("Index", "Home"); } private bool ValidateLogOn(string userName, string password) { if (String.IsNullOrEmpty(userName)) { ModelState.AddModelError("username", "You must specify a username."); } if (String.IsNullOrEmpty(password)) { ModelState.AddModelError("password", "You must specify a password."); } if (!provider.ValidateUser(userName, password)) { ModelState.AddModelError("_FORM", "The username or password provided is incorrect."); } return ModelState.IsValid; } } In some testing controller I have following: [Authorize] public class ContactsController : Controller { SAMembershipProvider saMembershipProvider = new SAMembershipProvider(); SARoleProvider saRoleProvider = new SARoleProvider(); // // GET: /Contact/ public ActionResult Index() { string[] roleNames = Roles.GetRolesForUser("[email protected]"); // Outputs admin ViewData["r1"] = roleNames[0].ToString(); // Outputs True // I'm not even sure if this method is the same as the one below ViewData["r2"] = Roles.IsUserInRole("[email protected]", roleNames[0].ToString()); // Outputs True ViewData["r3"] = saRoleProvider.IsUserInRole("[email protected]", "admin"); return View(); } If I use attribute [Authorize] then everything works ok, but if I use [Authorize(Roles="admin")] then user is always rejected, like he is not in role. Any idea of what could be wrong here? Thanks in advance, Ile

    Read the article

  • Is the salt contained in a phpass hash or do you need to salt its input?

    - by Exception e
    phpass is a widely used hashing 'framework'. Is it good practice to salt the plain password before giving it to PasswordHash (v0.2), like so?: $dynamicSalt = $record['salt']; $staticSalt = 'i5ininsfj5lt4hbfduk54fjbhoxc80sdf'; $plainPassword = $_POST['password']; $password = $plainPassword . $dynamicSalt . $staticSalt; $passwordHash = new PasswordHash(8, false); $storedPassword = $passwordHash->HashPassword($password); For reference the phpsalt class: # Portable PHP password hashing framework. # # Version 0.2 / genuine. # # Written by Solar Designer <solar at openwall.com> in 2004-2006 and placed in # the public domain. # # # class PasswordHash { var $itoa64; var $iteration_count_log2; var $portable_hashes; var $random_state; function PasswordHash($iteration_count_log2, $portable_hashes) { $this->itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; if ($iteration_count_log2 < 4 || $iteration_count_log2 > 31) $iteration_count_log2 = 8; $this->iteration_count_log2 = $iteration_count_log2; $this->portable_hashes = $portable_hashes; $this->random_state = microtime() . getmypid(); } function get_random_bytes($count) { $output = ''; if (is_readable('/dev/urandom') && ($fh = @fopen('/dev/urandom', 'rb'))) { $output = fread($fh, $count); fclose($fh); } if (strlen($output) < $count) { $output = ''; for ($i = 0; $i < $count; $i += 16) { $this->random_state = md5(microtime() . $this->random_state); $output .= pack('H*', md5($this->random_state)); } $output = substr($output, 0, $count); } return $output; } function encode64($input, $count) { $output = ''; $i = 0; do { $value = ord($input[$i++]); $output .= $this->itoa64[$value & 0x3f]; if ($i < $count) $value |= ord($input[$i]) << 8; $output .= $this->itoa64[($value >> 6) & 0x3f]; if ($i++ >= $count) break; if ($i < $count) $value |= ord($input[$i]) << 16; $output .= $this->itoa64[($value >> 12) & 0x3f]; if ($i++ >= $count) break; $output .= $this->itoa64[($value >> 18) & 0x3f]; } while ($i < $count); return $output; } function gensalt_private($input) { $output = '$P$'; $output .= $this->itoa64[min($this->iteration_count_log2 + ((PHP_VERSION >= '5') ? 5 : 3), 30)]; $output .= $this->encode64($input, 6); return $output; } function crypt_private($password, $setting) { $output = '*0'; if (substr($setting, 0, 2) == $output) $output = '*1'; if (substr($setting, 0, 3) != '$P$') return $output; $count_log2 = strpos($this->itoa64, $setting[3]); if ($count_log2 < 7 || $count_log2 > 30) return $output; $count = 1 << $count_log2; $salt = substr($setting, 4, 8); if (strlen($salt) != 8) return $output; # We're kind of forced to use MD5 here since it's the only # cryptographic primitive available in all versions of PHP # currently in use. To implement our own low-level crypto # in PHP would result in much worse performance and # consequently in lower iteration counts and hashes that are # quicker to crack (by non-PHP code). if (PHP_VERSION >= '5') { $hash = md5($salt . $password, TRUE); do { $hash = md5($hash . $password, TRUE); } while (--$count); } else { $hash = pack('H*', md5($salt . $password)); do { $hash = pack('H*', md5($hash . $password)); } while (--$count); } $output = substr($setting, 0, 12); $output .= $this->encode64($hash, 16); return $output; } function gensalt_extended($input) { $count_log2 = min($this->iteration_count_log2 + 8, 24); # This should be odd to not reveal weak DES keys, and the # maximum valid value is (2**24 - 1) which is odd anyway. $count = (1 << $count_log2) - 1; $output = '_'; $output .= $this->itoa64[$count & 0x3f]; $output .= $this->itoa64[($count >> 6) & 0x3f]; $output .= $this->itoa64[($count >> 12) & 0x3f]; $output .= $this->itoa64[($count >> 18) & 0x3f]; $output .= $this->encode64($input, 3); return $output; } function gensalt_blowfish($input) { # This one needs to use a different order of characters and a # different encoding scheme from the one in encode64() above. # We care because the last character in our encoded string will # only represent 2 bits. While two known implementations of # bcrypt will happily accept and correct a salt string which # has the 4 unused bits set to non-zero, we do not want to take # chances and we also do not want to waste an additional byte # of entropy. $itoa64 = './ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'; $output = '$2a$'; $output .= chr(ord('0') + $this->iteration_count_log2 / 10); $output .= chr(ord('0') + $this->iteration_count_log2 % 10); $output .= '$'; $i = 0; do { $c1 = ord($input[$i++]); $output .= $itoa64[$c1 >> 2]; $c1 = ($c1 & 0x03) << 4; if ($i >= 16) { $output .= $itoa64[$c1]; break; } $c2 = ord($input[$i++]); $c1 |= $c2 >> 4; $output .= $itoa64[$c1]; $c1 = ($c2 & 0x0f) << 2; $c2 = ord($input[$i++]); $c1 |= $c2 >> 6; $output .= $itoa64[$c1]; $output .= $itoa64[$c2 & 0x3f]; } while (1); return $output; } function HashPassword($password) { $random = ''; if (CRYPT_BLOWFISH == 1 && !$this->portable_hashes) { $random = $this->get_random_bytes(16); $hash = crypt($password, $this->gensalt_blowfish($random)); if (strlen($hash) == 60) return $hash; } if (CRYPT_EXT_DES == 1 && !$this->portable_hashes) { if (strlen($random) < 3) $random = $this->get_random_bytes(3); $hash = crypt($password, $this->gensalt_extended($random)); if (strlen($hash) == 20) return $hash; } if (strlen($random) < 6) $random = $this->get_random_bytes(6); $hash = $this->crypt_private($password, $this->gensalt_private($random)); if (strlen($hash) == 34) return $hash; # Returning '*' on error is safe here, but would _not_ be safe # in a crypt(3)-like function used _both_ for generating new # hashes and for validating passwords against existing hashes. return '*'; } function CheckPassword($password, $stored_hash) { $hash = $this->crypt_private($password, $stored_hash); if ($hash[0] == '*') $hash = crypt($password, $stored_hash); return $hash == $stored_hash; } }

    Read the article

  • How do I migrate from a basic plaintext password authentication to an OAuth based system?

    - by different
    Hello, Found out today that Twitter will be discontinuing its basic authentication for its API; the push is now towards OAuth but I don’t have a clue as to how to use it or whether it’s the right path for me. All I want to be able to do is post a tweet linking to the most recently published post when I hit publish. Currently I’m sending the login credentials for my Twitter account as plaintext, which I realise isn’t that secure but as my site is fairly small it isn’t an issue at least for now. I’m using this basic PHP code: $status = urlencode(stripslashes(urldecode("Test tweet"))); $tweetUrl = 'http://www.twitter.com/statuses/update.xml'; $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, "$tweetUrl"); curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 2); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_POST, 1); curl_setopt($curl, CURLOPT_POSTFIELDS, "status=$status"); curl_setopt($curl, CURLOPT_USERPWD, "$username:$password"); $result = curl_exec($curl); $resultArray = curl_getinfo($curl); if ($resultArray['http_code'] == 200) { curl_close($curl); $this->redirect(""); } else { curl_close($curl); echo 'Could not post to Twitter. Please go back and try again.'; } How do I move from this to an OAuth system? Do I need to?

    Read the article

  • Why does PDO print my password when the connection fails?

    - by Joe Hopfgartner
    I have a simple website where I establish a connection to a Mysql server using PDO. $dbh = new PDO('mysql:host=localhost;dbname=DB;port=3306', 'USER', 'SECRET',array(PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES utf8")); I had some traffic on my site and the servers connection limit was reached, and the website throw this error, with my PLAIN password in it! Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[08004] [1040] Too many connections' in /home/premiumize-me/html/index.php:64 Stack trace: #0 /home/premiumize-me/html/index.php(64): PDO-__construct('mysql:host=loca...', 'USER', 'SECRET', Array) #1 {main} thrown in /home/premiumize-me/html/index.php on line 64 Ironically I switched to PDO for security reasons, this really shocked me. Because this exact error is something you can provoke very easily on most sites using simple http flooding. I now wrapped my conenction into a try/catch clause, but still. I think this is catastrophic! So I am new to PDO and my questino is: What do I have to consider to be safe! How to I establish a connection in a secure way? Are there other known security holes like this one that I have to be aware of?

    Read the article

  • Sending a password securely using gwt and app engine?

    - by user246114
    Hi, I set up session handling on a google app project. This is supposed to allow my users to login and maintain state across pages. I just dumped it into the default greeting service to try it out: public class GreetingServiceImpl extends RemoteServiceServlet implements GreetingService { public void sessionTest(String username) { HttpSession session = getThreadLocalRequest().getSession(false); session.setAttribute("username", username); } } then attempting to pull it out in my landing project.jsp page: <% String username = null; HttpSession mysession = request.getSession(false); if (mysession.getAttribute("username") != null) { username = (String)mysession.getAttribute("username"); } else { username = "(not logged in yet)"; } <p>You are: <%= username %> </p> %> It works, but I don't know how to send the data in sessionTest() securely. If I were sending the user's password in there too, it would be in the clear. This would be ok (I think) if I was using https, but google app engine does not allow you to use https under custom domains (like www.mysite.com), they have to be under the (mysite.appspot.com) domain. I'm kind of stuck here - how do we send passwords securely? If I was using php, I think I could use digest authentication (I'm not too experienced here) - can we do something like that with gwt + gae? Thanks

    Read the article

  • Quick guide to Oracle IRM 11g: Server configuration

    - by Simon Thorpe
    Quick guide to Oracle IRM 11g index Welcome to the second article in this quick quide to Oracle IRM 11g. Hopefully you've just finished the first article which takes you through deploying the software onto a Linux server. This article walks you through the configuration of this new service and contains a subset of information from the official documentation and is focused on installing the server on Oracle Enterprise Linux. If you are planning to deploy on a non-Linux platform, you will need to reference the documentation for platform specific information. Contents Introduction Create IRM WebLogic Domain Starting the Admin Server and initial configuration Introduction In the previous article the database was prepared, the WebLogic Application Server installed and the files required for an IRM server installed. But we don't actually have a configured system yet. We need to now create a WebLogic Domain in which the IRM server will run, then configure some of the settings and crypography so that we can create a context and be ready to seal some content and test it all works. This article doesn't cover the configuration of SSL communication from client to server. This is quite a big topic and a separate article has been dedicated for this area. In these articles I also use the hostname, irm.company.internal to reference the IRM server and later on use the hostname irm.company.com in reference to the public facing service. Create IRM WebLogic Domain First step is creating the WebLogic domain, in a console switch to the newly created IRM installation folder as shown below and we will run the domain configuration wizard. [oracle@irm /]$ cd /oracle/middleware/Oracle_IRM/common/bin [oracle@irm bin]$ ./config.sh First thing the wizard will ask is if you wish to create a new or extend an existing domain. This guide is creating a standalone system so you should select to create a new domain. Next step is to choose what technologies from the Oracle ECM Suite you wish this domain to host. You are only interested in selecting the option "Oracle Information Rights Management". When you select this check box you will notice that it also selects "Oracle Enterprise Manager" and "Oracle JRF" as these are dependencies of the IRM server. You then need to specify where you wish to place the domain files. I usually just change the domain name from base_domain or irm_domain and leave the others with their defaults. Now the domain will have a single user initially and by default this user is called "weblogic". I usually change this account name to "sysadmin" or "administrator", but in this guide lets just accept the default. With respects to the next dialog, again for eval or dev reasons, leave the server startup mode as development. The JDK should also be automatically detected. We now need to provide details of the database. This guide is using the Oracle 11gR2 database and the settings I used can be seen in the image to the right. There is a lot of configuration that can now be done for the admin server, any managed servers and where the deployments reside. In this guide I am leaving all of these to their defaults so do not check any of the boxes. However I will on this blog be detailing later how you can go back and setup things such as automated startup of an IRM server which require changes to these default settings. But for now, lets leave it all alone and just click next. Now we are ready to install. Note that from this dialog you can scroll the left window and see there are going to be two servers created from the defaults. The AdminServer which is where you modify settings for the WebLogic Server and also hosts the Oracle Enterprise Manager for IRM which allows to monitor the IRM service performance and also make service related settings (which we shortly do below) and the IRM_server1 which hosts the actual IRM services themselves. So go right ahead and hit create, the process is pretty quick and usually under 10 minutes. When the domain creation ends, it will give you the URL to the admin server. It's worth noting this down and the URL is usually; http://irm.company.internal:7001 Starting the Admin Server and initial configuration First thing to do is to start the WebLogic Admin server and review the initial IRM server settings. In this guide we are going to run the Admin server and IRM server in console windows, in another article I will discuss running these as background services. So for now, start a console and run the Admin server by doing the following. cd /oracle/middleware/user_projects/domains/irm_domain/ ./startWebLogic.sh Wait for the server to start, you are looking for the following line to be reported in the console window. <BEA-00360><Server started in RUNNING mode> First step is configuring the IRM service via Enterprise Manager. Now that the Admin server is running you can point a browser at http://irm.company.internal:7001/em. Login with the username and password you supplied when you created the domain. In Enterprise Manager the IRM service administrator is able to make server wide configuration. However finding where to access the pages with these settings can be a bit of a challenge. After logging in on the left you'll see a tree containing elements of the Enterprise Manager farm Farm_irm_domain. Open up Content Management, then Information Rights Management and finally select the IRM node. On the right then select the IRM menu item, navigate to the Administration section and now we have four options, for now, we are just going to look at General Settings. The image on the right proves that a picture is worth a thousand words (or 113 in this case). The General Settings page allows you to set the cryptographic algorithms used for protecting sealed content. Unless you have a burning need to increase the key lengths or you need to comply to a regulation or government mandate, AES192 is a good start. You can change this later on without worry. The most important setting here we need to make is the Server URL. In this blog article I go over why this URL is so important, basically every single piece of content you protect with Oracle IRM is going to have this URL embedded in it, so if it's wrong or unresolvable, then nobody can open the secured documents. Note that in our environment we have yet to do any SSL configuration of the service. If you intend to build a server without SSL, then use http as the protocol instead of https. But I would recommend using SSL and setting this up is described in the next article. I would also probably up the device count from 1 to 3. This means that any user can retrieve rights to access content onto 3 computers at any one time. The default of 1 doesn't really make sense in development, evaluation nor even production environments and my experience is that 3 is a better number. Next step is to create the keystore for the IRM server. When a classification (called a context) is created, Oracle IRM generates a unique set of symmetric keys which are used to secure the content itself. These keys are then encrypted with a set of "wrapper" asymmetric cryptography keys which are stored externally to the server either in a Java Key Store or a HSM. These keys need to be generated and the following shows my commands and the resulting output. I have greyed out the responses from the commands so you can see the input a little easier. [oracle@irmsrv ~]$ cd /oracle/middleware/wlserver_10.3/server/bin/ [oracle@irmsrv bin]$ ./setWLSEnv.sh CLASSPATH=/oracle/middleware/patch_wls1033/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/oracle/middleware/patch_ocp353/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/usr/java/jdk1.6.0_18/lib/tools.jar:/oracle/middleware/wlserver_10.3/server/lib/weblogic_sp.jar:/oracle/middleware/wlserver_10.3/server/lib/weblogic.jar:/oracle/middleware/modules/features/weblogic.server.modules_10.3.3.0.jar:/oracle/middleware/wlserver_10.3/server/lib/webservices.jar:/oracle/middleware/modules/org.apache.ant_1.7.1/lib/ant-all.jar:/oracle/middleware/modules/net.sf.antcontrib_1.1.0.0_1-0b2/lib/ant-contrib.jar: PATH=/oracle/middleware/wlserver_10.3/server/bin:/oracle/middleware/modules/org.apache.ant_1.7.1/bin:/usr/java/jdk1.6.0_18/jre/bin:/usr/java/jdk1.6.0_18/bin:/usr/kerberos/bin:/usr/local/bin:/bin:/usr/bin:/home/oracle/bin Your environment has been set. [oracle@irmsrv bin]$ cd /oracle/middleware/user_projects/domains/irm_domain/config/fmwconfig/ [oracle@irmsrv fmwconfig]$ keytool -genkeypair -alias oracle.irm.wrap -keyalg RSA -keysize 2048 -keystore irm.jks Enter keystore password: Re-enter new password: What is your first and last name? [Unknown]: Simon Thorpe What is the name of your organizational unit? [Unknown]: Oracle What is the name of your organization? [Unknown]: Oracle What is the name of your City or Locality? [Unknown]: San Francisco What is the name of your State or Province? [Unknown]: CA What is the two-letter country code for this unit? [Unknown]: US Is CN=Simon Thorpe, OU=Oracle, O=Oracle, L=San Francisco, ST=CA, C=US correct? [no]: yes Enter key password for (RETURN if same as keystore password): At this point we now have an irm.jks in the directory /oracle/middleware/user_projects/domains/irm_domain/config/fmwconfig. The reason we store it here is this folder would be backed up as part of a domain backup. As with any cryptographic technology, DO NOT LOSE THESE KEYS OR THIS KEY STORE. Once you've sealed content against a context, the keys will be wrapped with these keys, lose these keys, and you can't get access to any secured content, pretty important. Now we've got the keys created, we need to go back to the IRM Enterprise Manager and set the location of the key store. Going back to the General Settings page in Enterprise Manager scroll down to Keystore Settings. Leave the type as JKS but change the location to; /oracle/Middleware/user_projects/domains/irm_domain/config/fmwconfig/irm.jks and hit Apply. The final step with regards to the key store is we need to tell the server what the password is for the Java Key Store so that it can be opened and the keys accessed. Once more fire up a console window and run these commands (again i've greyed out the clutter to see the commands easier). You will see dummy passed into the commands, this is because the command asks for a username, but in this instance we don't use one, hence the value dummy is passed and it isn't used. [oracle@irmsrv fmwconfig]$ cd /oracle/middleware/Oracle_IRM/common/bin/ [oracle@irmsrv bin]$ ./wlst.sh ... lots of settings fly by... Welcome to WebLogic Server Administration Scripting Shell Type help() for help on available commands wls:/offline>connect('weblogic','password','t3://irmsrv.us.oracle.com:7001') Connecting to t3://irmsrv.us.oracle.com:7001 with userid weblogic ... Successfully connected to Admin Server 'AdminServer' that belongs to domain 'irm_domain'. Warning: An insecure protocol was used to connect to the server. To ensure on-the-wire security, the SSL port or Admin port should be used instead. wls:/irm_domain/serverConfig>createCred("IRM","keystore:irm.jks","dummy","password") Location changed to domainRuntime tree. This is a read-only tree with DomainMBean as the root. For more help, use help(domainRuntime)wls:/irm_domain/serverConfig>createCred("IRM","key:irm.jks:oracle.irm.wrap","dummy","password") Already in Domain Runtime Tree wls:/irm_domain/serverConfig> At last we are now ready to fire up the IRM server itself. The domain creation created a managed server called IRM_server1 and we need to start this, use the following commands in a new console window. cd /oracle/middleware/user_projects/domains/irm_domain/bin/ ./startManagedWebLogic.sh IRM_server1 This will start up the server in the console, unlike the Admin server, you need to provide the username and password for the service to start. Enter in your weblogic username and password when prompted. You can change this behavior by putting the password into a boot.properties file, read more about this in the WebLogic Server documentation. Once running, wait until you see the line; <Notice><WebLogicServer><BEA-000360><Server started in RUNNING mode> At this point we can now login to the Oracle IRM Management Website at the URL. http://irm.company.internal:1600/irm_rights/ The server is just configured for HTTP at the moment, no SSL involved. Just want to ensure we can get a working system up and running. You should now see a login like the image on the right and you can now login using your weblogic username and password. The next article in this guide goes over adding SSL and now testing your server by actually adding a few users, sealing some content and opening this content as a user.

    Read the article

  • Asp.Net MVC Data Annotations. How to get client side validation on 2 properties being equal

    - by Mark
    How do you get client side validation on two properties such as the classic password confirm password scenario. I'm using a metadata class based on EF mapping to my DB table, heres the code. The commented out attributes on my class will get me server side validation but not client side. [MetadataType(typeof(MemberMD))] public partial class Member { //[CustomValidation(typeof(MemberMD), "Verify", ErrorMessage = "The password and confirmation password did not match.")] //[PropertiesMustMatch("Password", "ConfirmPassword", ErrorMessage = "The password and confirmation password did not match.")] public class MemberMD { [Required(ErrorMessage = "Name is required.")] [StringLength(50, ErrorMessage = "No more than 50 characters")] public object Name { get; set; } [Required(ErrorMessage = "Email is required.")] [StringLength(50, ErrorMessage = "No more than 50 characters.")] [RegularExpression(".+\\@.+\\..+", ErrorMessage = "Valid email required e.g. [email protected]")] public object Email { get; set; } [Required(ErrorMessage = "Password is required.")] [StringLength(30, ErrorMessage = "No more than 30 characters.")] [RegularExpression("[\\S]{6,}", ErrorMessage = "Must be at least 6 characters.")] public object Password { get; set; } [Required] public object ConfirmPassword { get; set; } [Range(0, 150), Required] public object Age { get; set; } [Required(ErrorMessage = "Postcode is required.")] [RegularExpression(@"^[a-zA-Z0-9 ]{1,10}$", ErrorMessage = "Postcode must be alphanumeric and no more than 10 characters in length")] public object Postcode { get; set; } [DisplayName("Security Question")] [Required] public object SecurityQuestion { get; set; } [DisplayName("Security Answer")] [Required] [StringLength(50, ErrorMessage = "No more than 50 characters.")] public object SecurityAnswer { get; set; } public static ValidationResult Verify(MemberMD t) { if (t.Password == t.ConfirmPassword) return ValidationResult.Success; else return new ValidationResult(""); } } Any help would be greatly appreciated, as I have only been doing this 5 months please try not to blow my mind.

    Read the article

  • XML deserializer (Iserialzable)

    - by user311130
    Hey everybody, I have a class in c# that implements Iserialzable. I'm using a XMLSerializer that produces a XML from instance of that class. I get the following XML: <?xml version="1.0"?> <Configuration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <SessionConfiguration> <RemoteMachineName>HV-BENDA</RemoteMachineName> </SessionConfiguration> <SessionsCredentialsList> <CredentialsItem> <User>test0</User> <Password>Pa$$word1</Password> </CredentialsItem> <CredentialsItem> <User>test1</User> <Password>Pa$$word1</Password> </CredentialsItem> <CredentialsItem> <User>test2</User> <Password>Pa$$word1</Password> </CredentialsItem> <CredentialsItem> <User>test3</User> <Password>Pa$$word1</Password> </CredentialsItem> <CredentialsItem> <User>test4</User> <Password>Pa$$word1</Password> </CredentialsItem> </SessionsCredentialsList> <TIME_OUT /> <LOCAL_USERS_NUM>5</LOCAL_USERS_NUM> </Configuration> At some later point in the code I use a XMLSerializer again to deserial that XML document. and I get the following error: {"There is an error in XML document (1, 1)."} Inner exception: {"Data at the root level is invalid. Line 1, position 1."} Do someone knows wat could be the problem? All the best

    Read the article

  • Zend Form not in place labbels values, how to move them that they will be exactly above text box?

    - by Yosef
    Hi, I have esthetic's problem. Zend Form not in place label value, how to move them that they will be exactly above text box, and not from left? (I didn't put filters and validation to make this code simpler here) Thanks, Yosef My Code Login.php form: public function init() { $username = new Zend_Form_Element_Text('username'); $username->setLabel("username"); $password = new Zend_Form_Element_Password('password'); $password->setLabel('password'); $this->addElements(array($username, $password)); }

    Read the article

  • How do I impersonate a user with AuthLogic

    - by Sam Saffron
    I need to be able to create a UserSession without having the decrypted password. How do I go about doing this? My current workaround is: In user.rb def valid_crypted_or_non_crypted_password?(password) valid_password?(password) || password == crypted_password end In user_session.rb verify_password_method :valid_crypted_or_non_crypted_password? To login UserSession.create(:login => u.login, :password => u.crypted_password) Is there a nicer way to do this?

    Read the article

  • How to run an application as root without asking for an admin password?

    - by kvaruni
    I am writing a program in Objective-C (XCode 3.2, on Snow Leopard) that is capable of either selectively blocking certain sites for a duration or only allow certain sites (and thus block all others) for a duration. The reasoning behind this program is rather simple. I tend to get distracted when I have full internet access, but I do need internet access during my working hours to get to a number of work-related websites. Clearly, this is not a permanent block, but only helps me to focus whenever I find myself wandering a bit too much. At the moment, I am using a Unix script that is called via AppleScript to obtain Administrator permissions. It then activates a number of ipfw rules and clears those after a specific duration to restore full internet access. Simple and effective, but since I am running as a standard user, it gets cumbersome to enter my administrator password each and every time I want to go "offline". Furthermore, this is a great opportunity to learn to work with XCode and Objective-C. At the moment, everything works as expected, minus the actual blocking. I can add a number of sites in a list, specify whether or not I want to block or allow these websites and I can "start" the blocking by specifying a time until which I want to stay "offline". However, I find it hard to obtain clear information on how I can run a privileged Unix command from Objective-C. Ideally, I would like to be able to store information with respect to the Administrator account into the Keychain to use these later on, so that I can simply move into "offline" mode with the convenience of clicking a button. Even more ideally, there might be some class in Objective-C with which I can block access to some/all websites for this particular user without needing to rely on privileged Unix commands. A third possibility is in starting this program with root permissions and the reducing the permissions until I need them, but since this is a GUI application that is nested in the menu bar of OS X, the results are rather awkward and getting it to run each and every time with root permission is no easy task. Anyone who can offer me some pointers or advice? Please, no security-warnings, I am fully aware that what I want to do is a potential security threat.

    Read the article

  • django admin site make CharField a PasswordInput

    - by Paul
    I have a Django site in which the site admin inputs their Twitter Username/Password in order to use the Twitter API. The Model is set up like this: class TwitterUser(models.Model): screen_name = models.CharField(max_length=100) password = models.CharField(max_length=255) def __unicode__(self): return self.screen_name I need the Admin site to display the password field as a password input, but can't seem to figure out how to do it. I have tried using a ModelAdmin class, a ModelAdmin with a ModelForm, but can't seem to figure out how to make django display that form as a password input...

    Read the article

  • NoSuchMessageException: No message found

    - by adisembiring
    Hi .... I try to learn Spring MVC 3.0 validation. but I got NoSuchMessageException: No message found under code 'name.required' for locale 'en_US' error message when form submted. I have create message.properties in src/message.properties and the content of that file is: name.required = User Name is required password.required = Password is required gender.required = Gender is required I have set ResourceBundleMessageSource in my app-servlet.xml <bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource" p:basename="messages" /> My validator code is: @Component("registrationValidator") public class RegistrationValidator implements Validator { @Override public boolean supports(Class<?> clazz) { return RegistrationCommand.class.isAssignableFrom(clazz); } @Override public void validate(Object target, Errors errors) { RegistrationCommand registrationCommand = (RegistrationCommand) target; ValidationUtils.rejectIfEmptyOrWhitespace(errors, "name", "name.required"); ValidationUtils.rejectIfEmptyOrWhitespace(errors, "password", "password.required"); ValidationUtils.rejectIfEmpty(errors, "gender", "gender.required"); ValidationUtils.rejectIfEmpty(errors, "country", "country.required"); //ValidationUtils.rejectIfEmpty(errors, "community", "community.required"); ValidationUtils.rejectIfEmptyOrWhitespace(errors, "description", "description.required"); if (registrationCommand.getCommunity().length == 0) { errors.rejectValue("community", "community.required"); } } } and JSP Page is: <form:form commandName="registrationCommand"> <p class="name"> <label for="name">Name</label> <form:input path="name" /> <form:errors path="name" cssClass="error"></form:errors> </p> <p class="password"> <label for="password">Password</label> <form:password path="password" /> <form:errors path="password" cssClass="error"></form:errors> </p> <p class="gender"> <label>Gender</label> <form:radiobutton path="gender" value="M" label="M" /> <form:radiobutton path="gender" value="F" label="F" /> <form:errors path="gender" cssClass="error"></form:errors> </p> <p class="submit"> <input type="submit" value="Submit" /> </p> </form:form>

    Read the article

  • Addressing threats introduced by the BYOD trend

    - by kyap
    With the growth of the mobile technology segment, enterprises are facing a new type of threats introduced by the BYOD (Bring Your Own Device) trend, where employees use their own devices (laptops, tablets or smartphones) not necessarily secured to access corporate network and information.In the past - actually even right now, enterprises used to provide laptops to their employees for their daily work, with specific operating systems including anti-virus and desktop management tools, in order to make sure that the pools of laptop allocated are spyware or trojan-horse free to access the internal network and sensitive information. But the BYOD reality is breaking this paradigm and open new security breaches for enterprises as most of the username/password based systems, especially the internal web applications, can be accessed by less or none protected device.To address this reality we can adopt 3 approaches:1. Coué's approach: Close your eyes and assume that your employees are mature enough to know what he/she should or should not do.2. Consensus approach: Provide a list of restricted and 'certified' devices to the internal network. 3. Military approach: Access internal systems with certified laptop ONLYIf you choose option 1: Thanks for visiting my blog and I hope you find the others entries more useful :)If you choose option 2: The proliferation of new hardware and software updates every quarter makes this approach very costly and difficult to maintain.If you choose option 3: You need to find a way to allow the access into your sensitive application from the corporate authorized machines only, managed by the IT administrators... but how? The challenge with option 3 is to find out how end-users can restrict access to certain sensitive applications only from authorized machines, or from another angle end-users can not access the sensitive applications if they are not using the authorized machine... So what if we find a way to store the applications credential secretly from the end-users, and then automatically submit them when the end-users access the application? With this model, end-users do not know the username/password to access the applications so even if the end-users use their own devices they will not able to login. Also, there's no need to reconfigure existing applications to adapt to the new authenticate scheme given that we are still leverage the same username/password authenticate model at the application level. To adopt this model, you can leverage Oracle Enterprise Single Sign On. In short, Oracle ESSO is a desktop based solution, capable to store credentials of Web and Native based applications. At the application startup and if it is configured as an esso-enabled application - check out my previous post on how to make Skype essso-enabled, Oracle ESSO takes over automatically the sign-in sequence with the store credential on behalf of the end-users. Combined with Oracle ESSO Provisioning Gateway, the credentials can be 'pushed' in advance from an actual provisioning server, like Oracle Identity Manager or Tivoli Identity Manager, so the end-users can login into sensitive application without even knowing the actual username and password, so they can not login with other machines rather than those secured by Oracle ESSO.Below is a graphical illustration of this approach:With this model, not only you can protect the access to sensitive applications only from authorized machine, you can also implement much stronger Password Policies in terms of Password Complexity as well as Password Reset Frequency but end-users will not need to remember the passwords anymore.If you are interested, do not hesitate to check out the Oracle Enterprise Single Sign-on products from OTN !

    Read the article

  • Making a Login Work After Cache, Cookies, etc. Have Been Cleared

    - by John
    Hello, I am using the code below for a user login. The first I try to login after cache / cookies, etc. have been cleared, the browser refreshes and the user name is not logged in. After that, logging in works fine. Any idea how I can make it work the first time? Thanks in advance, John index.php: <?php if($_SERVER['REQUEST_METHOD'] == "POST"){header('Location: http://www...com/.../index.php?username='.$username.'&password='.$password.'');} require_once "header.php"; include "login.php"; require_once "footer.php"; ?> login.php: <?php if (!isLoggedIn()) { if (isset($_POST['cmdlogin'])) { if (checkLogin($_POST['username'], $_POST['password'])) { show_userbox(); } else { echo "Incorrect Login information !"; show_loginform(); } } else { show_loginform(); } } else { show_userbox(); } ?> show_loginform function: function show_loginform($disabled = false) { echo '<form name="login-form" id="login-form" method="post" action="./index.php?'.$_SERVER['QUERY_STRING'].'"> <div class="usernameformtext"><label title="Username">Username: </label></div> <div class="usernameformfield"><input tabindex="1" accesskey="u" name="username" type="text" maxlength="30" id="username" /></div> <div class="passwordformtext"><label title="Password">Password: </label></div> <div class="passwordformfield"><input tabindex="2" accesskey="p" name="password" type="password" maxlength="15" id="password" /></div> <div class="registertext"><a href="http://www...com/.../register.php" title="Register">Register</a></div> <div class="lostpasswordtext"><a href="http://www...com/.../lostpassword.php" title="Lost Password">Lost password?</a></div> <p class="loginbutton"><input tabindex="3" accesskey="l" type="submit" name="cmdlogin" value="Login" '; if ($disabled == true) { echo 'disabled="disabled"'; } echo ' /></p></form>'; }

    Read the article

  • Warning: expects resource but string given

    - by Damien
    I get: "Resource id #8 Warning: mysql_fetch_array() expects parameter 1 to be resource, string given" Heres the code: $sql="SELECT password FROM user WHERE userid=$userid"; echo $password=mysql_query($sql); while($row = mysql_fetch_array($password)) { $password = $row['password']; } Any ideas?

    Read the article

  • php web services not getting data from iphone application

    - by user317192
    Hi, I am connecting with a php web service from my iphone application, I am doing a simple thing i.e. 1. Getting user inputs for: username password in a text field from the iphone form and sending the same to the PHP Post request web service. At the web service end I receive nothing other than blank fields that are inserted into the MySQL Database....... The code for sample web service is: ***********SAMPLE CODE FOR WEB SERVICES***** mysql_select_db("eventsfast",$con); $username = $_REQUEST['username']; $password = $_REQUEST['password']; echo $username; echo $password; $data = $_REQUEST; $fp = fopen("log.txt", "w"); fwrite($fp, $data['username']); fwrite($fp, $data['password']); $sql="INSERT INTO users(username,password) VALUES('{$username}','{$password}')"; if(!mysql_query($sql,$con)) { die('Error:'.mysql_error()); } echo json_encode("1 record added to users table"); mysql_close($con); echo "test"; ? ***************PHP******** ****** **************IPHONE EVENT CODE******* import "postdatawithphpViewController.h" @implementation postdatawithphpViewController @synthesize userName,password; -(IBAction) postdataid) sender { NSLog(userName.text); NSLog(password.text); NSString * dataTOB=[userName.text stringByAppendingString:password.text]; NSLog(dataTOB); NSData * postData=[dataTOB dataUsingEncoding:NSUTF8StringEncoding allowLossyConversion:YES]; NSString *postLength = [NSString stringWithFormat:@"%d", [postData length]]; NSLog(postLength); NSMutableURLRequest *request = [[[NSMutableURLRequest alloc] init] autorelease]; NSURL *url = [NSURL URLWithString:[NSString stringWithFormat:@"http://localhost:8888/write.php"]]; [request setURL:url]; [request setHTTPMethod:@"POST"]; [request setValue:postLength forHTTPHeaderField:@"Content-Length"]; [request setValue:@"application/x-www-form-urlencoded" forHTTPHeaderField:@"Content-Type"]; [request setHTTPBody:postData]; NSURLResponse *response; NSError *error; [NSURLConnection sendSynchronousRequest:request returningResponse:&response error:&error]; if(error==nil) NSLog(@"Error is nil"); else NSLog(@"Error is not nil"); NSLog(@"success!"); } Please help.............

    Read the article

  • Issue Displaying/Hiding Views (Obj-C iPhone Programming)

    - by roswell
    All right all, So I've got a UITableView that is inited in applicationDidFinishLaunching like so: [self showForumList]; Said method does this: -(void)showForumList { ForumList *fl = [ForumList alloc]; [fl initWithNibName:@"ForumList" bundle:[NSBundle mainBundle]]; self.ForumList = fl; [window addSubview:[self.ForumList view]]; [fl release]; }where self.ForumList is previously defined in the interface as ForumList *ForumList;, etc. Now, in ForumList (itself an extension of UITableViewController obviously), I've got didSelectRowAtIndexPath: -- within it I have the following code: Forum *f = [Forum alloc]; NSArray *forums = [f getForumList]; NSDictionary *selectedForum = [forums objectAtIndex:[indexPath row]]; NSString *Url = [selectedForum objectForKey:@"url"]; NSString *Username = [selectedForum objectForKey:@"username"]; NSString *Password = [selectedForum objectForKey:@"password"]; NSLog(@"Identified press on forum %@ (%@/%@)", Url, Username, Password); [self.globalDelegate showForumListFromForumUsingUrl:Url username:Username password:Password]; [self.globalDelegate closeForumList]; NSLog(@"ForumListFromForum init"); Both of the NSLog calls in this function are executed and perform as they should. Now, here is where the issue starts. self.globalDelegate is defined as AppDelegate *globalDelegate; in the Interface specification in my header file. However, [self.globalDelegate showForumListFromForumUsingUrl:username:password] and and [self.globalDelegate closeForumList] are never actually called. They look like so: -(void)closeForumList { NSLog(@"Hiding forum list"); [[self.ForumList view] removeFromSuperview]; } -(void)showForumListFromForumUsingUrl:(NSString *)Url username:(NSString *)Username password:(NSString *)Password { NSLog(@"Showing forum list from forum"); ForumListFromForum *fl = [ForumListFromForum alloc]; [fl initWithNibName:@"ForumListFromForum" bundle:[NSBundle mainBundle]]; [fl initFromForumWithUrl:Url username:Username password:Password]; self.ForumListFromForum = fl; [window addSubview:[self.ForumListFromForum view]]; [fl release]; } The app does not respond to my press and neither of these NSLog calls are made. Any idea where I've gone wrong?

    Read the article

  • login not working when changing from mysql to mysqli

    - by user1438647
    I have a code below where it logs a teacher in by matching it's username and password in the database, if correct, then log in, if incorrect, then display a message. <?php session_start(); $username="xxx"; $password="xxx"; $database="mobile_app"; $link = mysqli_connect('localhost',$username,$password); mysqli_select_db($link, $database) or die( "Unable to select database"); foreach (array('teacherusername','teacherpassword') as $varname) { $$varname = (isset($_POST[$varname])) ? $_POST[$varname] : ''; } ?> <form action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>" method="post" id="teachLoginForm"> <p>Username</p><p><input type="text" name="teacherusername" /></p> <!-- Enter Teacher Username--> <p>Password</p><p><input type="password" name="teacherpassword" /></p> <!-- Enter Teacher Password--> <p><input id="loginSubmit" type="submit" value="Login" name="submit" /></p> </form> <?php if (isset($_POST['submit'])) { $query = " SELECT * FROM Teacher t WHERE (t.TeacherUsername = '".mysqli_real_escape_string($teacherusername)."') AND (t.TeacherPassword = '".mysqli_real_escape_string($teacherpassword)."') "; $result = mysqli_query($link, $query); $num = mysqli_num_rows($result); $loged = false; while($row = mysqli_fetch_array($result)) { if ($_POST['teacherusername'] == ($row['TeacherUsername']) && $_POST['teacherpassword'] == ($row['TeacherPassword'])) { $loged = true; } $_SESSION['teacherforename'] = $row['TeacherForename']; $_SESSION['teachersurname'] = $row['TeacherSurname']; $_SESSION['teacherusername'] = $row['TeacherUsername']; } if ($loged == true){ header( 'Location: menu.php' ) ; }else{ echo "The Username or Password that you Entered is not Valid. Try Entering it Again."; } mysqli_close($link); } ?> Now the problem is that even if the teacher has entered in the correct username and password, it still doesn't let the teacher log in. When the code above was the old mysql() code, it worked fine as teacher was able to login when username and password match, but when trying to change the code into mysqli then it causes login to not work even though username and password match. What am I doing wrong?

    Read the article

  • What happens when you click a button using WebRat under cucumber

    - by Peter Tillemans
    I am trying to login to a Java web application. The login page has the following html : <html> <head><title>Login Page</title></head> <body onload='document.f.j_username.focus();'> <h3>Login with Username and Password</h3> <form name='f' action='/ui/j_spring_security_check' method='POST'> <table> <tr><td>User:</td><td><input type='text' name='j_username' value=''></td></tr> <tr><td>Password:</td><td><input type='password' name='j_password'/></td></tr> <tr> <td><input type='checkbox' name='_spring_security_remember_me'/> </td> <td>Remember me on this computer.</td> </tr> <tr><td colspan='2'><input name="submit" type="submit"/></td></tr> <tr><td colspan='2'><input name="reset" type="reset"/></td></tr> </table> </form> </body> </html> I use the following script: Given /^I am logged in as (.*) with password (.*)$/ do | user, password | visit "http://localhost:8080/ui" click_link "Projects" puts "Response Body:" puts response.body assert_contain "User:" fill_in "j_username", :with => user fill_in "j_password", :with => password puts "Response Body:" puts response.body click_button puts "Response Body:" puts response.body end This gives the following in the log file : [INFO] Response Body: [INFO] <html><head><title>Login Page</title></head><body onload='document.f.j_username.focus();'> [INFO] <h3>Login with Username and Password</h3><form name='f' action='/ui/j_spring_security_check' method='POST'> [INFO] <table> [INFO] <tr><td>User:</td><td><input type='text' name='j_username' value=''></td></tr> [INFO] <tr><td>Password:</td><td><input type='password' name='j_password'/></td></tr> [INFO] <tr><td><input type='checkbox' name='_spring_security_remember_me'/></td><td>Remember me on this computer.</td></tr> [INFO] <tr><td colspan='2'><input name="submit" type="submit"/></td></tr> [INFO] <tr><td colspan='2'><input name="reset" type="reset"/></td></tr> [INFO] </table> [INFO] </form></body></html> [INFO] Response Body: [INFO] <html><head><title>Login Page</title></head><body onload='document.f.j_username.focus();'> [INFO] <h3>Login with Username and Password</h3><form name='f' action='/ui/j_spring_security_check' method='POST'> [INFO] <table> [INFO] <tr><td>User:</td><td><input type='text' name='j_username' value=''></td></tr> [INFO] <tr><td>Password:</td><td><input type='password' name='j_password'/></td></tr> [INFO] <tr><td><input type='checkbox' name='_spring_security_remember_me'/></td><td>Remember me on this computer.</td></tr> [INFO] <tr><td colspan='2'><input name="submit" type="submit"/></td></tr> [INFO] <tr><td colspan='2'><input name="reset" type="reset"/></td></tr> [INFO] </table> [INFO] </form></body></html> [INFO] Response Body: [INFO] [INFO] Given I am logged in as pti with password ptipti # features/step_definitions/authentication_tests.rb:2 So apparently the response.body disappeared after clicking the submit button. I can see from the server log files that the script does not arrive on the Project page. I am new to webrat and quite new to ruby and I am now thoroughly confused. I have no idea why the response.body is gone. I have no idea where I am. I speculated that I had to wait for the page request, but all documentation says that webrat nicely waits till all redirects, pageloads, etc are finished. (At least I think I read that). Besides I find no method to wait for the page in the webrat API. Can someone give some tips on how to proceed with debugging this?

    Read the article

  • PHP submit problem

    - by TaG
    I'm trying to check if the username is available and display it for the user to see when they check there account settings, which I have done. BUT when the user tries to fill out another field I get the Your username is unavailable! which should not pop up because its the users username already. I want to know how can I fix this problem using PHP so that the users name is displayed every time the user views their account settings and it wont cause problems when a user submits additional info? Here is the PHP code. if (isset($_POST['submitted'])) { require_once '../htmlpurifier/library/HTMLPurifier.auto.php'; $config = HTMLPurifier_Config::createDefault(); $config->set('Core.Encoding', 'UTF-8'); $config->set('HTML.Doctype', 'XHTML 1.0 Strict'); $config->set('HTML.TidyLevel', 'heavy'); $config->set('HTML.SafeObject', true); $config->set('HTML.SafeEmbed', true); $purifier = new HTMLPurifier($config); $mysqli = mysqli_connect("localhost", "root", "", "sitename"); $dbc = mysqli_query($mysqli,"SELECT users.* FROM users WHERE user_id=3"); $first_name = mysqli_real_escape_string($mysqli, $purifier->purify(htmlentities(strip_tags($_POST['first_name'])))); $username = mysqli_real_escape_string($mysqli, $purifier->purify(htmlentities(strip_tags($_POST['username'])))); if($_POST['username']) { $u = "SELECT user_id FROM users WHERE username = '$username'"; $r = mysqli_query ($mysqli, $u) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($mysqli)); if (mysqli_num_rows($r) == TRUE) { $username = NULL; echo '<p class="error">Your username is unavailable!</p>'; } else if(mysqli_num_rows($r) == 0) { $username = mysqli_real_escape_string($mysqli, $purifier->purify(htmlentities(strip_tags($_POST['username'])))); if ($_POST['password1'] == $_POST['password2']) { $sha512 = hash('sha512', $_POST['password1']); $password = mysqli_real_escape_string($mysqli, $purifier->purify(strip_tags($sha512))); } else { $password = NULL; } if($password == NULL) { echo '<p class="error">Your password did not match the confirmed password!</p>'; } else { if (mysqli_num_rows($dbc) == 0) { $mysqli = mysqli_connect("localhost", "root", "", "sitename"); $dbc = mysqli_query($mysqli,"INSERT INTO users (user_id, first_name, username, password) VALUES ('$user_id', '$first_name', '$username', '$password')"); } if ($dbc == TRUE) { $dbc = mysqli_query($mysqli,"UPDATE users SET first_name = '$first_name', username = '$username', password = '$password' WHERE user_id = '$user_id'"); echo '<p class="changes-saved">Your changes have been saved!</p>'; } if (!$dbc) { print mysqli_error($mysqli); return; } } } } } Here is the html form. <form method="post" action="index.php"> <fieldset> <ul> <li><label for="first_name">First Name: </label><input type="text" name="first_name" id="first_name" size="25" class="input-size" value="<?php if (isset($_POST['first_name'])) { echo stripslashes(htmlentities(strip_tags($_POST['first_name']))); } else if(!empty($first_name)) { echo stripslashes(htmlentities(strip_tags($first_name))); } ?>" /></li> <li><label for="username">UserName: </label><input type="text" name="username" id="username" size="25" class="input-size" value="<?php if (isset($_POST['username'])) { echo stripslashes(htmlentities(strip_tags($_POST['username']))); } else if(!empty($username)) { echo stripslashes(htmlentities(strip_tags($username))); } ?>" /><br /><span>(ex: CSSKing, butterball)</span></li> <li><label for="password1">Password: </label><input type="password" name="password1" id="password1" size="25" class="input-size" value="<?php if (isset($_POST['password1'])) { echo stripslashes(htmlentities(strip_tags($_POST['password1']))); } ?>" /></li> <li><label for="password2">Confirm Password: </label><input type="password" name="password2" id="password2" size="25" class="input-size" value="<?php if (isset($_POST['password2'])) { echo stripslashes(htmlentities(strip_tags($_POST['password2']))); } ?>" /></li> <li><input type="submit" name="submit" value="Save Changes" class="save-button" /> <input type="hidden" name="submitted" value="true" /> <input type="submit" name="submit" value="Preview Changes" class="preview-changes-button" /></li> </ul> </fieldset> </form>

    Read the article

  • How do I leverage Bitlocker cmdlets?

    - by user1418882
    This article hints at being able to unlock a bitlocked drive using: Unlock-BitLocker -MountPoint -Password However, I know diddly squat about Powershell and how to use the Powershell cmdlets to do what I want to do. So, how do I do use the above to do something like the following? Unlock-BitLocker -MountPoint D:\ -Password "password" Currently about as much as I know how to do is start Powershell and that's it. I don't want to learn masses of Powershell to get to the point where I can do this. All that I need to know in enough to know how I can execute the commands that are pointed out in the first link. So far in the powershell prompt if I past in: Unlock-BitLocker -MountPoint D:\ -Password "password" I get the following error: The term 'Unlock-BitLocker' is not recognized as the name of a cmdlet, function, script file, or operable program. Chec k the spelling of the name, or if a path was included, verify that the path is correct and try again. At line:1 char:17 + Unlock-BitLocker <<<< -MountPoint D:\ -Password "password" + CategoryInfo : ObjectNotFound: (Unlock-BitLocker:String) [], CommandNotFoundException + FullyQualifiedErrorId : CommandNotFoundException This is most likely because I don't have any clue about how the commands on the initially linked page work in a powershell context. This is so that I can answer my own question here: Bitlocker and scheduled task (powershell) script to unlock non-system drive

    Read the article

  • Bacula & Multiple Tape Devices, and so on

    - by Tom O'Connor
    Bacula won't make use of 2 tape devices simultaneously. (Search for #-#-# for the TL;DR) A little background, perhaps. In the process of trying to get a decent working backup solution (backing up 20TB ain't cheap, or easy) at $dayjob, we bought a bunch of things to make it work. Firstly, there's a Spectra Logic T50e autochanger, 40 slots of LTO5 goodness, and that robot's got a pair of IBM HH5 Ultrium LTO5 drives, connected via FibreChannel Arbitrated Loop to our backup server. There's the backup server.. A Dell R715 with 2x 16 core AMD 62xx CPUs, and 32GB of RAM. Yummy. That server's got 2 Emulex FCe-12000E cards, and an Intel X520-SR dual port 10GE NIC. We were also sold Commvault Backup (non-NDMP). Here's where it gets really complicated. Spectra Logic and Commvault both sent respective engineers, who set up the library and the software. Commvault was running fine, in so far as the controller was working fine. The Dell server has Ubuntu 12.04 server, and runs the MediaAgent for CommVault, and mounts our BlueArc NAS as NFS to a few mountpoints, like /home, and some stuff in /mnt. When backing up from the NFS mountpoints, we were seeing ~= 290GB/hr throughput. That's CRAP, considering we've got 20-odd TB to get through, in a <48 hour backup window. The rated maximum on the BlueArc is 700MB/s (2460GB/hr), the rated maximum write speed on the tape devices is 140MB/s, per drive, so that's 492GB/hr (or double it, for the total throughput). So, the next step was to benchmark NFS performance with IOzone, and it turns out that we get epic write performance (across 20 threads), and it's like 1.5-2.5TB/hr write, but read performance is fecking hopeless. I couldn't ever get higher than 343GB/hr maximum. So let's assume that the 343GB/hr is a theoretical maximum for read performance on the NAS, then we should in theory be able to get that performance out of a) CommVault, and b) any other backup agent. Not the case. Commvault seems to only ever give me 200-250GB/hr throughput, and out of experimentation, I installed Bacula to see what the state of play there is. If, for example, Bacula gave consistently better performance and speeds than Commvault, then we'd be able to say "**$.$ Refunds Plz $.$**" #-#-# Alas, I found a different problem with Bacula. Commvault seems pretty happy to read from one part of the mountpoint with one thread, and stream that to a Tape device, whilst reading from some other directory with the other thread, and writing to the 2nd drive in the autochanger. I can't for the life of me get Bacula to mount and write to two tape drives simultaneously. Things I've tried: Setting Maximum Concurrent Jobs = 20 in the Director, File and Storage Daemons Setting Prefer Mounted Volumes = no in the Job Definition Setting multiple devices in the Autochanger resource. Documentation seems to be very single-drive centric, and we feel a little like we've strapped a rocket to a hamster, with this one. The majority of example Bacula configurations are for DDS4 drives, manual tape swapping, and FreeBSD or IRIX systems. I should probably add that I'm not too bothered if this isn't possible, but I'd be surprised. I basically want to use Bacula as proof to stick it to the software vendors that they're overpriced ;) I read somewhere that @KyleBrandt has done something similar with a modern Tape solution.. Configuration Files: *bacula-dir.conf* # # Default Bacula Director Configuration file Director { # define myself Name = backuphost-1-dir DIRport = 9101 # where we listen for UA connections QueryFile = "/etc/bacula/scripts/query.sql" WorkingDirectory = "/var/lib/bacula" PidDirectory = "/var/run/bacula" Maximum Concurrent Jobs = 20 Password = "yourekiddingright" # Console password Messages = Daemon DirAddress = 0.0.0.0 #DirAddress = 127.0.0.1 } JobDefs { Name = "DefaultFileJob" Type = Backup Level = Incremental Client = backuphost-1-fd FileSet = "Full Set" Schedule = "WeeklyCycle" Storage = File Messages = Standard Pool = File Priority = 10 Write Bootstrap = "/var/lib/bacula/%c.bsr" } JobDefs { Name = "DefaultTapeJob" Type = Backup Level = Incremental Client = backuphost-1-fd FileSet = "Full Set" Schedule = "WeeklyCycle" Storage = "SpectraLogic" Messages = Standard Pool = AllTapes Priority = 10 Write Bootstrap = "/var/lib/bacula/%c.bsr" Prefer Mounted Volumes = no } # # Define the main nightly save backup job # By default, this job will back up to disk in /nonexistant/path/to/file/archive/dir Job { Name = "BackupClient1" JobDefs = "DefaultFileJob" } Job { Name = "BackupThisVolume" JobDefs = "DefaultTapeJob" FileSet = "SpecialVolume" } #Job { # Name = "BackupClient2" # Client = backuphost-12-fd # JobDefs = "DefaultJob" #} # Backup the catalog database (after the nightly save) Job { Name = "BackupCatalog" JobDefs = "DefaultFileJob" Level = Full FileSet="Catalog" Schedule = "WeeklyCycleAfterBackup" # This creates an ASCII copy of the catalog # Arguments to make_catalog_backup.pl are: # make_catalog_backup.pl <catalog-name> RunBeforeJob = "/etc/bacula/scripts/make_catalog_backup.pl MyCatalog" # This deletes the copy of the catalog RunAfterJob = "/etc/bacula/scripts/delete_catalog_backup" Write Bootstrap = "/var/lib/bacula/%n.bsr" Priority = 11 # run after main backup } # # Standard Restore template, to be changed by Console program # Only one such job is needed for all Jobs/Clients/Storage ... # Job { Name = "RestoreFiles" Type = Restore Client=backuphost-1-fd FileSet="Full Set" Storage = File Pool = Default Messages = Standard Where = /srv/bacula/restore } FileSet { Name = "SpecialVolume" Include { Options { signature = MD5 } File = /mnt/SpecialVolume } Exclude { File = /var/lib/bacula File = /nonexistant/path/to/file/archive/dir File = /proc File = /tmp File = /.journal File = /.fsck } } # List of files to be backed up FileSet { Name = "Full Set" Include { Options { signature = MD5 } File = /usr/sbin } Exclude { File = /var/lib/bacula File = /nonexistant/path/to/file/archive/dir File = /proc File = /tmp File = /.journal File = /.fsck } } Schedule { Name = "WeeklyCycle" Run = Full 1st sun at 23:05 Run = Differential 2nd-5th sun at 23:05 Run = Incremental mon-sat at 23:05 } # This schedule does the catalog. It starts after the WeeklyCycle Schedule { Name = "WeeklyCycleAfterBackup" Run = Full sun-sat at 23:10 } # This is the backup of the catalog FileSet { Name = "Catalog" Include { Options { signature = MD5 } File = "/var/lib/bacula/bacula.sql" } } # Client (File Services) to backup Client { Name = backuphost-1-fd Address = localhost FDPort = 9102 Catalog = MyCatalog Password = "surelyyourejoking" # password for FileDaemon File Retention = 30 days # 30 days Job Retention = 6 months # six months AutoPrune = yes # Prune expired Jobs/Files } # # Second Client (File Services) to backup # You should change Name, Address, and Password before using # #Client { # Name = backuphost-12-fd # Address = localhost2 # FDPort = 9102 # Catalog = MyCatalog # Password = "i'mnotjokinganddontcallmeshirley" # password for FileDaemon 2 # File Retention = 30 days # 30 days # Job Retention = 6 months # six months # AutoPrune = yes # Prune expired Jobs/Files #} # Definition of file storage device Storage { Name = File # Do not use "localhost" here Address = localhost # N.B. Use a fully qualified name here SDPort = 9103 Password = "lalalalala" Device = FileStorage Media Type = File } Storage { Name = "SpectraLogic" Address = localhost SDPort = 9103 Password = "linkedinmakethebestpasswords" Device = Drive-1 Device = Drive-2 Media Type = LTO5 Autochanger = yes } # Generic catalog service Catalog { Name = MyCatalog # Uncomment the following line if you want the dbi driver # dbdriver = "dbi:sqlite3"; dbaddress = 127.0.0.1; dbport = dbname = "bacula"; DB Address = ""; dbuser = "bacula"; dbpassword = "bbmaster63" } # Reasonable message delivery -- send most everything to email address # and to the console Messages { Name = Standard mailcommand = "/usr/lib/bacula/bsmtp -h localhost -f \"\(Bacula\) \<%r\>\" -s \"Bacula: %t %e of %c %l\" %r" operatorcommand = "/usr/lib/bacula/bsmtp -h localhost -f \"\(Bacula\) \<%r\>\" -s \"Bacula: Intervention needed for %j\" %r" mail = root@localhost = all, !skipped operator = root@localhost = mount console = all, !skipped, !saved # # WARNING! the following will create a file that you must cycle from # time to time as it will grow indefinitely. However, it will # also keep all your messages if they scroll off the console. # append = "/var/lib/bacula/log" = all, !skipped catalog = all } # # Message delivery for daemon messages (no job). Messages { Name = Daemon mailcommand = "/usr/lib/bacula/bsmtp -h localhost -f \"\(Bacula\) \<%r\>\" -s \"Bacula daemon message\" %r" mail = root@localhost = all, !skipped console = all, !skipped, !saved append = "/var/lib/bacula/log" = all, !skipped } # Default pool definition Pool { Name = Default Pool Type = Backup Recycle = yes # Bacula can automatically recycle Volumes AutoPrune = yes # Prune expired volumes Volume Retention = 365 days # one year } # File Pool definition Pool { Name = File Pool Type = Backup Recycle = yes # Bacula can automatically recycle Volumes AutoPrune = yes # Prune expired volumes Volume Retention = 365 days # one year Maximum Volume Bytes = 50G # Limit Volume size to something reasonable Maximum Volumes = 100 # Limit number of Volumes in Pool } Pool { Name = AllTapes Pool Type = Backup Recycle = yes AutoPrune = yes # Prune expired volumes Volume Retention = 31 days # one Moth } # Scratch pool definition Pool { Name = Scratch Pool Type = Backup } # # Restricted console used by tray-monitor to get the status of the director # Console { Name = backuphost-1-mon Password = "LastFMalsostorePasswordsLikeThis" CommandACL = status, .status } bacula-sd.conf # # Default Bacula Storage Daemon Configuration file # Storage { # definition of myself Name = backuphost-1-sd SDPort = 9103 # Director's port WorkingDirectory = "/var/lib/bacula" Pid Directory = "/var/run/bacula" Maximum Concurrent Jobs = 20 SDAddress = 0.0.0.0 # SDAddress = 127.0.0.1 } # # List Directors who are permitted to contact Storage daemon # Director { Name = backuphost-1-dir Password = "passwordslinplaintext" } # # Restricted Director, used by tray-monitor to get the # status of the storage daemon # Director { Name = backuphost-1-mon Password = "totalinsecurityabound" Monitor = yes } Device { Name = FileStorage Media Type = File Archive Device = /srv/bacula/archive LabelMedia = yes; # lets Bacula label unlabeled media Random Access = Yes; AutomaticMount = yes; # when device opened, read it RemovableMedia = no; AlwaysOpen = no; } Autochanger { Name = SpectraLogic Device = Drive-1 Device = Drive-2 Changer Command = "/etc/bacula/scripts/mtx-changer %c %o %S %a %d" Changer Device = /dev/sg4 } Device { Name = Drive-1 Drive Index = 0 Archive Device = /dev/nst0 Changer Device = /dev/sg4 Media Type = LTO5 AutoChanger = yes RemovableMedia = yes; AutomaticMount = yes; AlwaysOpen = yes; RandomAccess = no; LabelMedia = yes } Device { Name = Drive-2 Drive Index = 1 Archive Device = /dev/nst1 Changer Device = /dev/sg4 Media Type = LTO5 AutoChanger = yes RemovableMedia = yes; AutomaticMount = yes; AlwaysOpen = yes; RandomAccess = no; LabelMedia = yes } # # Send all messages to the Director, # mount messages also are sent to the email address # Messages { Name = Standard director = backuphost-1-dir = all } bacula-fd.conf # # Default Bacula File Daemon Configuration file # # # List Directors who are permitted to contact this File daemon # Director { Name = backuphost-1-dir Password = "hahahahahaha" } # # Restricted Director, used by tray-monitor to get the # status of the file daemon # Director { Name = backuphost-1-mon Password = "hohohohohho" Monitor = yes } # # "Global" File daemon configuration specifications # FileDaemon { # this is me Name = backuphost-1-fd FDport = 9102 # where we listen for the director WorkingDirectory = /var/lib/bacula Pid Directory = /var/run/bacula Maximum Concurrent Jobs = 20 #FDAddress = 127.0.0.1 FDAddress = 0.0.0.0 } # Send all messages except skipped files back to Director Messages { Name = Standard director = backuphost-1-dir = all, !skipped, !restored }

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 71 72 73 74 75 76 77 78 79 80 81 82  | Next Page >