Search Results

Search found 4775 results on 191 pages for 'permissions'.

Page 76/191 | < Previous Page | 72 73 74 75 76 77 78 79 80 81 82 83  | Next Page >

  • Problem running oracle script from command line using sqlplus

    - by Charlie
    I'm having a problem trying to run my sql script into oracle using sqlplus. The script just populates some dummy data: DECLARE role1Id NUMBER; user1Id NUMBER; role2Id NUMBER; user2Id NUMBER; role3Id NUMBER; user3Id NUMBER; perm1Id NUMBER; perm2Id NUMBER; perm3Id NUMBER; perm4Id NUMBER; perm5Id NUMBER; BEGIN INSERT INTO PB_USER(USER_ID,USER_NAME, USER_EMAIL, USER_ACTIVEYN) VALUES(PB_USER_ID_SEQ.nextval, 'RoleDataManagerTests_Username', '[email protected]',' '); INSERT INTO ROLES(ROLE_ID, ROLE_NAME) VALUES(PB_ROLE_ID_SEQ.nextval, 'Test role 1'); INSERT INTO ROLES(ROLE_ID, ROLE_NAME) VALUES(PB_ROLE_ID_SEQ.nextval, 'Test role 2'); INSERT INTO ROLES(ROLE_ID, ROLE_NAME) VALUES(PB_ROLE_ID_SEQ.nextval, 'Test role 3'); SELECT ROLE_ID INTO role1Id FROM ROLES WHERE ROLE_NAME = 'Test role 1'; SELECT USER_ID INTO user1Id FROM PB_USER WHERE USER_NAME = 'RoleDataManagerTests_Username'; INSERT INTO USERS_ROLES(USER_ID, ROLE_ID) VALUES(user1Id, role1Id); SELECT ROLE_ID INTO role2Id FROM ROLES WHERE ROLE_NAME = 'Test role 2'; SELECT USER_ID INTO user2Id FROM PB_USER WHERE USER_NAME = 'RoleDataManagerTests_Username'; INSERT INTO USERS_ROLES(USER_ID, ROLE_ID) VALUES(user2Id, role2Id); SELECT ROLE_ID INTO role3Id FROM ROLES WHERE ROLE_NAME = 'Test role 3'; SELECT USER_ID INTO user3Id FROM PB_USER WHERE USER_NAME = 'RoleDataManagerTests_Username'; INSERT INTO USERS_ROLES(USER_ID, ROLE_ID) VALUES(user3Id, role3Id); INSERT INTO PERMISSIONS(PERMISSION_ID, KEY, DESCRIPTION) VALUES (PB_PERMISSION_ID_SEQ.nextval, 'perm1', 'permission 1'); INSERT INTO PERMISSIONS(PERMISSION_ID, KEY, DESCRIPTION) VALUES (PB_PERMISSION_ID_SEQ.nextval, 'perm2', 'permission 2'); INSERT INTO PERMISSIONS(PERMISSION_ID, KEY, DESCRIPTION) VALUES (PB_PERMISSION_ID_SEQ.nextval, 'perm3', 'permission 3'); INSERT INTO PERMISSIONS(PERMISSION_ID, KEY, DESCRIPTION) VALUES (PB_PERMISSION_ID_SEQ.nextval, 'perm4', 'permission 4'); INSERT INTO PERMISSIONS(PERMISSION_ID, KEY, DESCRIPTION) VALUES (PB_PERMISSION_ID_SEQ.nextval, 'perm5', 'permission 5'); SELECT PERMISSION_ID INTO perm1Id FROM PERMISSIONS WHERE KEY = 'perm1'; SELECT PERMISSION_ID INTO perm2Id FROM PERMISSIONS WHERE KEY = 'perm2'; SELECT PERMISSION_ID INTO perm3Id FROM PERMISSIONS WHERE KEY = 'perm3'; SELECT PERMISSION_ID INTO perm4Id FROM PERMISSIONS WHERE KEY = 'perm4'; SELECT PERMISSION_ID INTO perm5Id FROM PERMISSIONS WHERE KEY = 'perm5'; INSERT INTO ROLES_PERMISSIONS(ROLE_ID, PERMISSION_ID) VALUES(role1Id, perm1Id); INSERT INTO ROLES_PERMISSIONS(ROLE_ID, PERMISSION_ID) VALUES(role1Id, perm2Id); INSERT INTO ROLES_PERMISSIONS(ROLE_ID, PERMISSION_ID) VALUES(role1Id, perm3Id); INSERT INTO ROLES_PERMISSIONS(ROLE_ID, PERMISSION_ID) VALUES(role2Id, perm3Id); INSERT INTO ROLES_PERMISSIONS(ROLE_ID, PERMISSION_ID) VALUES(role3Id, perm4Id); INSERT INTO ROLES_PERMISSIONS(ROLE_ID, PERMISSION_ID) VALUES(role3Id, perm5Id); END; / My script works fine when I run it using Oracle SQL Developer but when I use the sqlplus command line tool this is what's outputted and then it just hangs: SQL*Plus: Release 11.1.0.7.0 - Production on Tue May 11 09:49:34 2010 Copyright (c) 1982, 2008, Oracle. All rights reserved. Connected to: Oracle Database 10g Enterprise Edition Release 10.2.0.4.0 - 64bit Production With the Partitioning, Oracle Label Security, OLAP, Data Mining Scoring Engine and Real Application Testing options I'm running the tool using this command line, which works fine for other scripts: sqlplus username/password@server/dbname @Setup.sql Any ideas? Thanks.

    Read the article

  • Scenario - NTFS Symbolic Link or Junction?

    - by Unsigned
    Differences Absolute Relative File Directory UNC Symbolic link ? ? ? ? ? Junction ? x x ? x Scenario Let's assume we're creating a reparse point to create the redirect C:\SomeDir => D:\SomeDir Since this scenario only requires local, absolute paths, either a junction or symlink would work. In this situation, is there any advantage to using one or the other? Assume Windows 7 for the OS, disregarding backward-compatibility (prior to Vista, symlinks are not supported). Update I have found another difference. Symbolic Link - Link's permissions only affect delete/rename operations on the link itself, read/write access (to the target) is governed by the target's permissions Junction - Junction's permissions affect enumeration, revoking permissions on the junction will deny file listing through that junction, even if the target folder has more permissive ACLs The permissions make it interesting, as symlinks can allow legacy applications to access configuration files in UAC-restricted areas (such as %ProgramFiles%) without changing existing access permissions, by storing the files in a non-restricted location and creating symlinks in the restricted directory.

    Read the article

  • DTD is prohibited in this XML document -- how to change permissions?

    - by frankadelic
    I am using a 3rd-party .NET component which requires an XML configuration file. I'm am using this in an ASP.NET application. I get an error when configure the XML with the following dtd: <!DOCTYPE prod-config SYSTEM "prod-config.dtd"> The error is as follows: For security reasons DTD is prohibited in this XML document. To enable DTD processing set the ProhibitDtd property on XmlReaderSettings to false and pass the settings into XmlReader.Create method. prod-config.dtd is sitting in the same directory as the XML config file. I don't have access to the component code to modify XmlReaderSettings, ProhibitDtd etc. Is there anotherway I can modify or tag the XML file to permit the DTD to be accessed? (FYI, the component is Oracle Coherence .NET client)

    Read the article

  • Android HTTPClient not working inspite of giving permissions in manifest file.

    - by primal
    Hi, I was trying http-cleint tutorials from svn.apache.org. While running the application I am getting the following error in console. [2010-04-30 09:26:36 - HalloAndroid] ActivityManager: java.lang.SecurityException: Permission Denial: starting Intent { act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] flg=0x10000000 cmp=com.org.example/.HalloAndroid } from null (pid=-1, uid=-1) requires android.permission.INTERNET I have added android.permission.INTERNET in AndroidManifest.xml. <?xml version="1.0" encoding="utf-8"?> <manifest xmlns:android="http://schemas.android.com/apk/res/android" package="com.org.example" android:versionCode="1" android:versionName="1.0"> <application android:icon="@drawable/icon" android:label="@string/app_name"> <activity android:name=".HalloAndroid" android:label="@string/app_name" android:permission="android.permission.INTERNET"> <intent-filter> <action android:name="android.intent.action.MAIN" /> <category android:name="android.intent.category.LAUNCHER" /> </intent-filter> </activity> </application> <uses-permission android:name="android.permission.INTERNET"></uses-permission> </manifest> The java code in HalloAndroid.java is as follows HttpClient httpclient = new DefaultHttpClient(); HttpGet httpget2 = new HttpGet("http://google.com/"); HttpResponse response2 = null; try { response2 = httpclient.execute(httpget2); } catch (ClientProtocolException e1) { // TODO Auto-generated catch block e1.printStackTrace(); } catch (IOException e1) { // TODO Auto-generated catch block e1.printStackTrace(); } HttpEntity entity = response2.getEntity(); if (entity != null) { long len = entity.getContentLength(); if (len != -1 && len < 2048) { try { Log.d(TAG, EntityUtils.toString(entity)); } catch (ParseException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (IOException e) { // TODO Auto-generated catch block e.printStackTrace(); } } else { // Stream content out } Any help is much appreciated.

    Read the article

  • How to grant permissions to single SELECT/UPDATE statment (sql server) ?

    - by Albert
    I have a problem when trying to execute this update statement (below) using C# SqlCommand when I execute it locally it works fine, but when deployed to another machine I got a permission error The SELECT permission was denied on the object Order ... The UPDATE permission was denied on the object Order ... Update Statement "UPDATE Order SET Request = @request WHERE Id = @ID"; Is there any way to add GRANT SELECT and GRANT UPDATE to a single statement like the update above without using a stored procedure? or the SP is the way to go on this? Thanks in advance

    Read the article

  • Whats the python way for recursively setting file permissions?

    - by Geoff
    What's the "python way" to recursively set the owner and group to files in a directory? I could just pass a 'chown -R' command to shell, but I feel like I'm missing something obvious. I'm mucking about with this: import os path = "/tmp/foo" for root, dirs, files in os.walk(path): for momo in dirs: os.chown(momo, 502, 20) This seems to work for setting the directory, but fails when applied to files. I suspect the files are not getting the whole path, so chown fails since it can't find the files. The error is: 'OSError: [Errno 2] No such file or directory: 'foo.html' What am I overlooking here?

    Read the article

  • How do I gain permissions to a Sql Compact Database?

    - by Quenton Jones
    I have an Sql Compact Database v3.5 that I'm bundling with my application. When the application is installed, the database is copied into the application's Program Files directory. Because of Vista and Win7's security settings, the installed application can't access the database file. It is merely a problem of having the database file reside in the Program Files. The solution I have thought of is to copy the file into Program Data, but does anyone have another solution? I am sure others have come across a similar problem. Thanks in advance for your input.

    Read the article

  • Does anybody actually use the permissions policy controls in tomcat?

    - by stu
    While I can appreciate the point of the fine granularity in which you can enable security for every single little thing for each individual application in tomcat, in reality, it's an insane pain in the ass. Every single file, socket, everything for every single application. Sure if you're writing a "hello world" application, it's not too much to ask, but an enterprise sized application? That's insane. Does anybody actually use it, or does everybody just say "*" for everything?

    Read the article

  • How to deploy an application with firewall permissions on Mac?

    - by user264878
    I've bundled a jar file as a mac application using jar bundler. I'm now trying to create an installer for this app so that: 1) The application will be placed in the applications folder 2) The application is added to the list of permissible apps in Mac Application Level Firewall Also, I have several example files I would like to include with this application - what is the best way to make these available to the user. Someone suggested I have the mpkg file launch a dmg file which would contain these files, but this seems circuitous. Thanks

    Read the article

  • Tomcat 6: Access Control Exception?

    - by iftrue
    I'm trying to setup a tomcat6 server, and I'm trying to match another setup someone else established. However, my deployment (default Ubuntu install) uses a policy.d/ directory structure, and the established server just uses a catalina.policy file. I've tried setting every entry in policy.d to match the given catalina.policy, but I still get the following stacktrace on boot (from localhost log). I have two questions, then. First, how do I get tomcat to use a single poilcy file, rather than the directory structure presented by policy.d/? Secondly, why, when I specify all files to use the same policy, do I still get the stack trace below? Stack trace: SEVERE: Servlet /myapp threw load() exception java.security.AccessControlException: access denied (java.lang.RuntimePermission accessClassInPackage.org.apache.jasper) at java.security.AccessControlContext.checkPermission(AccessControlContext.java:342) at java.security.AccessController.checkPermission(AccessController.java:553) at java.lang.SecurityManager.checkPermission(SecurityManager.java:549) at java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1529) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:291) at java.lang.ClassLoader.loadClass(ClassLoader.java:264) at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1314) at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1245) at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:332) at org.apache.jasper.servlet.JspServlet.init(JspServlet.java:100) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:616) at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:244) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.Subject.doAsPrivileged(Subject.java:537) at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:276) at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162) at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:115) at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1166) at org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:992) at org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:4058) at org.apache.catalina.core.StandardContext.start(StandardContext.java:4367) at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791) at org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:123) at org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:145) at java.security.AccessController.doPrivileged(Native Method) at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:769) at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:525) at org.apache.catalina.startup.HostConfig.deployDirectory(HostConfig.java:978) at org.apache.catalina.startup.HostConfig.deployDirectories(HostConfig.java:941) at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:499) at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1201) at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:318) at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:117) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053) at org.apache.catalina.core.StandardHost.start(StandardHost.java:719) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045) at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443) at org.apache.catalina.core.StandardService.start(StandardService.java:516) at org.apache.catalina.core.StandardServer.start(StandardServer.java:710) at org.apache.catalina.startup.Catalina.start(Catalina.java:578) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:616) at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:616) at org.apache.commons.daemon.support.DaemonLoader.start(DaemonLoader.java:177) Policy.d grant codeBase "file:${java.home}/lib/-" { permission java.security.AllPermission; }; // These permissions apply to all shared system extensions grant codeBase "file:${java.home}/jre/lib/ext/-" { permission java.security.AllPermission; }; // These permissions apply to javac when ${java.home] points at $JAVA_HOME/jre grant codeBase "file:${java.home}/../lib/-" { permission java.security.AllPermission; }; // These permissions apply to all shared system extensions when // ${java.home} points at $JAVA_HOME/jre grant codeBase "file:${java.home}/lib/ext/-" { permission java.security.AllPermission; }; // ========== CATALINA CODE PERMISSIONS ======================================= // These permissions apply to the daemon code grant codeBase "file:${catalina.home}/bin/commons-daemon.jar" { permission java.security.AllPermission; }; // These permissions apply to the logging API grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" { permission java.util.PropertyPermission "java.util.logging.config.class", "read"; permission java.util.PropertyPermission "java.util.logging.config.file", "read"; permission java.io.FilePermission "${java.home}${file.separator}lib${file.separator}logging.properties", "read"; permission java.lang.RuntimePermission "shutdownHooks"; permission java.io.FilePermission "${catalina.base}${file.separator}conf${file.separator}logging.properties", "read"; permission java.util.PropertyPermission "catalina.base", "read"; permission java.util.logging.LoggingPermission "control"; permission java.io.FilePermission "${catalina.base}${file.separator}logs", "read, write"; permission java.io.FilePermission "${catalina.base}${file.separator}logs${file.separator}*", "read, write"; permission java.lang.RuntimePermission "getClassLoader"; // To enable per context logging configuration, permit read access to the appropriate file. // Be sure that the logging configuration is secure before enabling such access // eg for the examples web application: // permission java.io.FilePermission "${catalina.base}${file.separator}webapps${file.separator}examples${file.separator}WEB-INF${file.separator}classes${file.separator}logging.properties", "read"; }; // These permissions apply to the server startup code grant codeBase "file:${catalina.home}/bin/bootstrap.jar" { permission java.security.AllPermission; }; // These permissions apply to the servlet API classes // and those that are shared across all class loaders // located in the "lib" directory grant codeBase "file:${catalina.home}/lib/-" { permission java.security.AllPermission; }; // ========== WEB APPLICATION PERMISSIONS ===================================== // These permissions are granted by default to all web applications // In addition, a web application will be given a read FilePermission // and JndiPermission for all files and directories in its document root. grant { // Required for JNDI lookup of named JDBC DataSource's and // javamail named MimePart DataSource used to send mail permission java.util.PropertyPermission "java.home", "read"; permission java.util.PropertyPermission "java.naming.*", "read"; permission java.util.PropertyPermission "javax.sql.*", "read"; // OS Specific properties to allow read access permission java.util.PropertyPermission "os.name", "read"; permission java.util.PropertyPermission "os.version", "read"; permission java.util.PropertyPermission "os.arch", "read"; permission java.util.PropertyPermission "file.separator", "read"; permission java.util.PropertyPermission "path.separator", "read"; permission java.util.PropertyPermission "line.separator", "read"; // JVM properties to allow read access permission java.util.PropertyPermission "java.version", "read"; permission java.util.PropertyPermission "java.vendor", "read"; permission java.util.PropertyPermission "java.vendor.url", "read"; permission java.util.PropertyPermission "java.class.version", "read"; permission java.util.PropertyPermission "java.specification.version", "read"; permission java.util.PropertyPermission "java.specification.vendor", "read"; permission java.util.PropertyPermission "java.specification.name", "read"; permission java.util.PropertyPermission "java.vm.specification.version", "read"; permission java.util.PropertyPermission "java.vm.specification.vendor", "read"; permission java.util.PropertyPermission "java.vm.specification.name", "read"; permission java.util.PropertyPermission "java.vm.version", "read"; permission java.util.PropertyPermission "java.vm.vendor", "read"; permission java.util.PropertyPermission "java.vm.name", "read"; // Required for OpenJMX permission java.lang.RuntimePermission "getAttribute"; // Allow read of JAXP compliant XML parser debug permission java.util.PropertyPermission "jaxp.debug", "read"; // Precompiled JSPs need access to this package. permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.runtime"; permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.runtime.*"; // Precompiled JSPs need access to this system property. permission java.util.PropertyPermission "org.apache.jasper.runtime.BodyContentImpl.LIMIT_BUFFER", "read"; };

    Read the article

  • Code Access Security - Basics and Example

    - by jobless-spt
    I was going through this link to understand CodeAccessSecurity: http://www.codeproject.com/KB/security/UB_CAS_NET.aspx It's a great article but it left me with following questions: If you can demand and get whatever permissions you want, then any executable can get Full_Trust on machine. If permissions are already there, then why do we need to demand those? Code is executing on Server, so the permissions are on server not on client machine? Article takes an example of removing write permissions from an assembly to show security exception. Though in real world, System.IO assembly (or related classes) will take care of these permissions. So is there a real scenario where we will need CAS?

    Read the article

  • SQL SERVER – Importance of User Without Login

    - by pinaldave
    Some questions are very open ended and it is very hard to come up with exact requirements. Here is one question I was asked in recent User Group Meeting. Question: “In recent version of SQL Server we can create user without login. What is the use of it?” Great question indeed. Let me first attempt to answer this question but after reading my answer I need your help. I want you to help him as well with adding more value to it. Answer: Let us visualize a scenario. An application has lots of different operations and many of them are very sensitive operations. The common practice was to do give application specific role which has more permissions and access level. When a regular user login (not system admin), he/she might have very restrictive permissions. The application itself had a user name and password which means applications can directly login into the database and perform the operation. Developers were well aware of the username and password as it was embedded in the application. When developer leaves the organization or when the password was changed, the part of the application had to be changed where the same username and passwords were used. Additionally, developers were able to use the same username and password and login directly to the same application. In earlier version of SQL Server there were application roles. The same is later on replaced by “User without Login”. Now let us recreate the above scenario using this new “User without Login”. In this case, User will have to login using their own credentials into SQL Server. This means that the user who is logged in will have his/her own username and password. Once the login is done in SQL Server, the user will be able to use the application. Now the database should have another User without Login which has all the necessary permissions and rights to execute various operations. Now, Application will be able to execute the script by impersonating “user without login – with more permissions”. Here there is assumed that user login does not have enough permissions and another user (without login) there are more rights. If a user knows how the application is using the database and their various operations, he can switch the context to user without login making him enable for doing further modification. Make sure to explicitly DENY view definition permission on the database. This will make things further difficult for user as he will have to know exact details to get additional permissions. If a user is System Admin all the details which I just mentioned in above three paragraphs does not apply as admin always have access to everything. Additionally, the method describes above is just one of the architecture and if someone is attempting to damage the system, they will still be able to figure out a workaround. You will have to put further auditing and policy based management to prevent such incidents and accidents. I guess this is my answer. I read it multiple times but I still feel that I am missing something. There should be more to this concept than what I have just described. I have merely described one scenario but there will be many more scenarios where this situation will be useful. Now is your turn to help – please leave a comment with the additional suggestion where exactly “User without Login” will be useful as well did I miss anything when I described above scenario. Reference: Pinal Dave (http://blog.sqlauthority.com) Filed under: PostADay, SQL, SQL Authority, SQL Query, SQL Security, SQL Server, SQL Tips and Tricks, T SQL, Technology

    Read the article

  • Designing An ACL Based Permission System

    - by ryanzec
    I am trying to create a permissions system where everything is going to be stored in MySQL (or some database) and pulled using PHP for a project management system I am building.  I am right now trying to do it is an ACL kind of way.  There are a number key features I want to be able to support: 1.  Being able to assign permissions without being tied to a specific object. The reason for this is that I want to be able to selectively show/hide elements of the UI based on permissions at a point where I am not directly looking at a domain object instance.  For instance, a button to create a new project should only should only be shown to users that have the pm.project.create permission but obviously you can assign a create permission to an domain object instance (as it is already created). 2.  Not have to assign permissions for every single object. Obviously creating permissions entries for every single object (projects, tickets, comments, etc…) would become a nightmare to maintain so I want to have some level of permission inheritance. *3.  Be able to filter queries based on permissions. This would be a really nice to have but I am not sure if it is possible.  What I mean by this is say I have a page that list all projects.  I want the query that pulls all projects to incorporate the ACL so that it would not show projects that the current user does not have pm.project.read access to.  This would have to be incorporated into the main query as if it is a process that is done after that main query (which I know I could do) certain features like pagination become much more difficult. Right now this is my basic design for the tables: AclEntities id - the primary key key - the unique identifier for the domain object (usually the primary key of that object) parentId - the parent of the domain object (like the project object if this was a ticket object) aclDomainObjectId - metadata about the domain object AclDomainObjects id - primary key title - simple string to unique identify the domain object(ie. project, ticket, comment, etc…) fullyQualifiedClassName - the fully qualified class name for use in code (I am using namespaces) There would also be tables mapping AclEntities to Users and UserGroups. I also have this interface that all acl entity based object have to implement: IAclEntity getAclKey() - to the the unique key for this specific instance of the acl domain object (generally return the primary key or a concatenated string of a composite primary key) getAclTitle() - to get the unique title for the domain object (generally just returning a static string) getAclDisplayString() - get the string that represents this entity (generally one or more field on the object) getAclParentEntity() - get the parent acl entity object (or null if no parent) getAclEntity() - get the acl enitty object for this instance of the domain object (or null if one has not been created yet) hasPermission($permissionString, $user = null) - whether or not the user has the permission for this instance of the domain object static getFromAclEntityId($aclEntityId) - get a specific instance of the domain object from an acl entity id. Do any of these features I am looking for seems hard to support or are just way off base? Am I missing or not taking in account anything in my implementation? Is performance something I should keep in mind?

    Read the article

  • Adding user groups from a remote domain server to permissions of a remote desktop terminal server fails. why?

    - by doveyg
    I have 3 computers, two of which are servers running Windows Server 2008 and another running Windows 7. One of the servers has the following roles installed; Active Directory, DHCP and DNS. The other server has a Terminal Server role installed. I am trying to log-on to the Terminal Server via Remote Desktop using the Windows 7 machine with credentials from the Active Directory server. Sounds simple enough, right? Well, no. Whenever I try to add users or groups from the Active Directory Domain server to the Terminal Server's permissions for RDP it seems to ignore, or forget, them. Though the various methods I was able to find it either adds a strange sting of numbers after the user group or the logo to the left has a question mark on it, reopening the dialogue box replaces the user group with the name of the Domain. I am confident I have the Domain setup correctly as I am able to log-on to users in the Active Directory from other computers I have put in the Domain, and when I attempt to browse the user objects from the Domain I am prompted with a username/password field and am able to view the structure of Active Directory objects. Please advise.

    Read the article

  • Groovy on Grails: GORM and BitSets?

    - by Visionary Software Solutions
    I don't see anything in the official documentation about unsupported persistence data types, so I'm working under the assumption that types available in the Groovy language should be handled. However, for the following domain class: class DocGroupPermissions { Workgroup workgroup; Document document; BitSet permissions = new BitSet(2) public DocGroupPermissions() {} void setPermissions(boolean canRead, boolean canWrite){ setReadPermissions(canRead) setWritePermissions(canWrite) } BitSet getPermissions() { return permissions } void setReadPermissions(boolean canRead) { permissions.set(0,canRead) } void setWritePermissions(boolean canWrite) { permissions.set(1,canWrite) } boolean getReadPermissions() { return permissions.get(0) } boolean getWritePermissions() { return permissions.get(1) } static belongsTo = [workgroup:Workgroup, document:Document] static constraints = { workgroup(nullable:false, blank:false) document(nullable:false, blank:false) } } I'm getting: 2009-11-15 16:46:12,298 [main] ERROR context.ContextLoader - Context initialization failed org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'messageSource': Initialization of bean failed; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'transactionManager': Cannot resolve reference to bean 'sessionFactory' while setting bean property 'sessionFactory'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'sessionFactory': Invocation of init method failed; nested exception is org.hibernate.MappingException: An association from the table doc_group_permissions refers to an unmapped class: java.util.BitSet Has anyone run into this before?

    Read the article

  • Rails RESTful routs without #new, rspec trouble

    - by pdkl95
    I'm currently writing a Rails app, and hit a somewhat strange quirk. I have a controller PermissionsController, which is mainly for display purposes at the moment. So my routing is locked down: map.resources :permissions, :only => [:index, :show] Unfortunately, when writing the tests, one of the routing tests fails: it "does not recognize #new" do { :get => "/permissions/new" }.should_not be_routable end with the error: Expected 'GET /permissions/new' to fail, but it routed to {"action"=>"show", "id"=>"new", "controller"=>"permissions"} instead Obviously, the #show action's route is matching with /permissions/:id, which also gives the expected error Couldn't find Permission with ID=new if you actually browse to that URL. This is not a serious error, as it is correctly raising an exception with the bad :id parameter, but it's kind of ugly. Is there any way to actually make Rails reject that route? Some trick in the routing options that I'm missing? I suppose I should just leave that test out and ignore it, or maybe remove the whole RESTful idea altogether and go back to a simpler map.connect 'permissions/:id' style. I strongly suspect I'll be expanding this in the future, though, and kind of wanted to keep my controllers consistent with each other. Just having to add occasional :only or :except rules made routes.rb nice and clean...

    Read the article

  • SSIS DTS Package flat file error - "The file name specified in the connection was not valid"

    - by MisterZimbu
    I have a pretty basic SSIS package that is attempting to read a file hosted on a share, and import its contents to a database table. The package runs fine when I run it manually within SSIS. However, when I set up a SQL Agent job and attempt to execute it, I get the following error: Executed as user: DOMAIN\UserName. Microsoft (R) SQL Server Execute Package Utility Version 9.00.3042.00 for 64-bit Copyright (C) Microsoft Corp 1984-2005. All rights reserved. Started: 10:14:17 AM Error: 2010-05-03 10:14:17.75 Code: 0xC001401E Source: DataImport Connection manager "Data File Local" Description: The file name "\10.1.1.159\llpf\datafile.dat" specified in the connection was not valid. End Error Error: 2010-05-03 10:14:17.75 Code: 0xC001401D Source: DataAnimalImport Description: Connection "Data File Local" failed validation. End Error DTExec: The package execution returned DTSER_FAILURE (1). Started: 10:14:17 AM Finished: 10:14:17 AM Elapsed: 0.594 seconds. The package execution failed. The step failed. This leads me to believe it's a permissions issue, but every attempt I've made to fix it has failed. What I've tried so far: Run as the SQL Agent account (DOMAIN\SqlAgent) - yields same error. DOMAIN\SqlAgent has "Full Control" permissions on both the share and the uploaded file. Set up a proxy account with a different account's credentials (DOMAIN\Account) - yields same error. Like above, "Full Control" permissions were given over the share to that account. Gave "Everyone" full control permissions over the share (temporarily!). Yielded same error. Manually copied the file to a local path and tested with the SQL Agent account. Worked properly. Added an ActiveX script task that would first copy the remotely hosted file to a local path, and then have the DTS package reference the local file. Gave a completely nondescriptive (even by SSIS standards) error when trying to run the script. Set up a proxy account, using my own personal account's credentials - worked correctly. However, this is not an acceptable solution as there are password policies in place on my account, as well as being a bad practice to set things up this way in general. Any ideas? I'm still convinced it's a permissions issue. However, what I've read from various searches more or less says giving the executing account permissions on the share should work. However, this is not the case here (unless I'm missing something obscure when I'm setting up permissions on the share).

    Read the article

  • Can you set CIFS permisions from EMC Command Line?

    - by TJ.
    I am in the process of migrating file shares from my EMC NS-20 to my new VNXe 3100. I am using a RoboCopy script to move the files but am getting errors on some files and folders. I have Domain Admin privileges but when I go to view the security permissions on the folders it says I don't have permissions. I have tried taking ownership to get around the permissions issue but that fails too. So as a last resort can I set permissions on this folder from the EMC console or Web management console?

    Read the article

  • Installing Joomla on Windows Server 2008 with IIS 7.0

    - by Greg Zwaagstra
    Hi, I have been spending the past while trying to install Joomla on a server running Windows Server 2008. I have successfully installed PHP (using Microsoft's web tool for installing PHP with IIS) and MySQL and am now trying to run the browser-based installation. Everything comes up green, I fill in the appropriate information regarding the site name, MySQL information, etc. and no errors are thrown. However, when I get to the step that asks me to remove the installation directory, I am unable to do so as Windows states it is in use by another program (I cannot fathom how this is true). Also, there is no configuration.php file that is created so if I were to manage to delete this folder I have a feeling that there would be problems. I was thinking there was some kind of a permissions issue and have set the permissions for IIS_IUSRS to have read, write, and execute permissions for the entire folder that Joomla resides in but this has not helped. Any help in this matter is greatly appreciated. ;) Greg EDIT: I decided to try and manually install Joomla by manually editing the configuration.php file. This has worked great and now I am certain there is some kind of a permissions issue going on because I am able to do everything that involves the MySQL database (create an article, edit menu items, etc.), but anything that involves making changes to Joomla installation's directory does not work (install plugins, edit configuration settings using the Global Configuration menu within Joomla, etc.) I have granted IIS_IUSRS every permission except Full Control (reading on the Joomla! forums shows that this should be enough for everything to work). This is confusing to me and I am quite stuck on this problem. EDIT 2: The bizarre thing is that in the System Info under Directory Permissions, everything turns up as Writable but then whenever I try to actually use Joomla to, for example, edit the configuration.php file using the interface, it says it is unable to edit the file.

    Read the article

  • Can connect to shared folder on Windows Server 2012, but access denied when accessing

    - by Cylindric
    I have a Windows Server 2012 (non-domain) with a folder that's shared out as TestShare. The share permissions are Everyone has full access, and there is a local user TestUser that has full access to the actual folder. On GuestServer I can connect and/or map a drive to \HostServer\TestShare, specifying the username and password for TestUser. NTFS permissions: Share permissions Effective Access Report The problem is that when I try to access the folder, I get an "access denied" message. On the host server I can see the user connected to the share in the Sessions manager, so the password is correct and being recognised. If I use an incorrect password I don't get the "completed successfully" message, nor the 'open session'. What else can be blocking access to the shared files, when the share seems to be set, and the folder permissions seem to be set, and the connection seems to be okay? The network is recognised as "public", and the relevant firewall rules seem to be enabled - even disabling the firewall doesn't help.

    Read the article

  • Which Version Control Systems support LDAP/AD users and groups

    - by Jason Irwin
    Does anyone know which of the big players (if any) support LDAP/AD users and groups for authentication AND database permissions? Specifically, I'm wondering if SVN, GIT, Mercurial etc. will allow users to login/connect based on AD permissions and also allow granular permissions to be applied to folders within the VC database based on groups within AD. So far my research has not shown this to be possible....

    Read the article

< Previous Page | 72 73 74 75 76 77 78 79 80 81 82 83  | Next Page >