Search Results

Search found 18805 results on 753 pages for 'security center'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 81/753 | < Previous Page | 77 78 79 80 81 82 83 84 85 86 87 88  | Next Page >

  • Standards & compliances for secure web application development?

    - by MarkusK
    I am working with developers right now that write code the way they want and when i tell them to do it other way they respond that its just matter of preference how to do it and they have their way and i have mine. I am not talking about the formatting of code, but rather of way site is organized in classes and the way the utilize them. and the way they create functions and process forms etc. Their coding does not match my standards, but again they argue that its matter of preference and as long as goal achieved the can be different way's to do it. I agree but their way is proven to have bugs and we spend a lot of time going back and forth with them to fix all problems security or functionality, yet they still write same code no matter how many times i asked them to stop doing certain things. Now i am ready to dismiss them but friend of mine told me that he has same exact problem with freelance developers he work with. So i don't want to trade one bad apple for another. Question is is there some world wide (or at least europe and usa) accepted standard or compliance on how write secure web based applications. What application architecture should be for maintainable application. Is there are some general standard that can be used for any language ruby php or java govern security and functionality and quality of code? Or at least for PHP and MySQL i use for my website. So i can make them follow this strict standard and stop making excuses.

    Read the article

  • What You Said: How Do You Browse Securely Away From Home?

    - by Jason Fitzpatrick
    Responses to this week’s Ask the Reader question show that just because you’re away from home doesn’t mean you have to give up the security and privacy that your home network provides. Earlier this week we asked you to share you browsing away from home security tips and tricks and obliged. JC offered one of the more entertaining tales of away-from-home browsing: Recently a bunch of us stayed at a high end resort down in Mexico. Internet was offered as a pay per device service at about $80/week/device. Considering we had about 12 wifi devices there among us(a few geeks), I decided to plan ahead. I setup a WRT54G as a WiFi client with a vpn back to my house and NAT. Setup a second one as a basic wireless access point with password and plugged it into the first. Onsite we setup the devices and connected to the wireless with one paid account(tied to the MAC address). Everyone connected to the other device for wireless access and it was all tunnelled through my home network with encryption. HTG Explains: Learn How Websites Are Tracking You Online Here’s How to Download Windows 8 Release Preview Right Now HTG Explains: Why Linux Doesn’t Need Defragmenting

    Read the article

  • Standard/Compliance for web programming?

    - by MarkusK
    I am working with developers right now that write code the way they want and when i tell them to do it other way they respond that its just matter of preference how to do it and they have their way and i have mine. I am not talking about the formatting of code, but rather of way site is organized in classes and the way the utilize them. and the way they create functions and process forms etc. Their coding does not match my standards, but again they argue that its matter of preference and as long as goal achieved the can be different way's to do it. I agree but their way is proven to have bugs and we spend a lot of time going back and forth with them to fix all problems security or functionality, yet they still write same code no matter how many times i asked them to stop doing certain things. Now i am ready to dismiss them but friend of mine told me that he has same exact problem with freelance developers he work with. So i don't want to trade one bad apple for another. Question is is there some world wide (or at least europe and usa) accepted standard or compliance on how write secure web based applications. What application architecture should be for maintainable application. Is there are some general standard that can be used for any language ruby php or java govern security and functionality and quality of code? Or at least for PHP and MySQL i use for my website. So i can make them follow this strict standard and stop making excuses.

    Read the article

  • How to go about designing an intermediate routing filter program to accept input and forward accordingly?

    - by phileaton
    My predicament: I designed an app, written in Python, to read my mail and check for messages that contain a certain digital signature. It opens these and looks for keywords. If the message contains these keywords, certain related functions area executed on the computer. It is a way I can control my computer from my cell phone without being there. I am still in the beginning stages and it can only currently remotely open and close applications/processes. The obvious issue is security risks. I hoped to spearhead that by requiring and checking for that digital signature. However, my issue comes when I'd like to make this program usable by multiple users. The idea is that the user will send keywords: username and password, for instance, to log into their personal email account and send messages to it to be parsed. Please ignore the security implications of sending non-encoded passwords through email. (Though if you could help me on that part I'd much appreciate it as well, but currently, that is not the scope of my question.) My issue is designing an intermediary process that will take an email/password to read an email and scan for those keywords. The issue is, that the program has to be accessing an email to read the email for the username/password! I have got myself into a loop and cannot figure out how to have this required intermediary program. I could just create an arbitrary email account and have that check for login-creds, but is there a better way of doing this than that? Also, is there a better way of communicating with a computer remotely than this? Especially if the computer is not a server and is behind a router with only a subnet ip? If I am asking this question in the wrong place, I deeply apologize. Any help would be much appreciated!

    Read the article

  • Cant install software

    - by user53209
    So I just installed the ubuntu 11.10 .. And when i goto software center and try to download any software(use source).. all i get is a window saying that "Failed to download repository information" , "check your internet connection" and W:Failed to fetch bzip2:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_oneiric_restricted_binary-i386_Packages Hash Sum mismatch , W:Failed to fetch bzip2:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_oneiric_universe_binary-i386_Packages Hash Sum mismatch , W:Failed to fetch bzip2:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_oneiric_multiverse_binary-i386_Packages Hash Sum mismatch , W:Failed to fetch htt p ://archive.ubuntu.com/ubuntu/dists/oneiric/main/i18n/Index No Hash entry in Release file /var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_oneiric_main_i18n_Index , W:Failed to fetch http ://archive.ubuntu.com/ubuntu/dists/oneiric/multiverse/i18n/Index No Hash entry in Release file /var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_oneiric_multiverse_i18n_Index , W:Failed to fetch htt ://archive.ubuntu.com/ubuntu/dists/oneiric/restricted/i18n/Index No Hash entry in Release file /var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_oneiric_restricted_i18n_Index , W:Failed to fetch ht tp://archive.ubuntu.com/ubuntu/dists/oneiric/universe/i18n/Index No Hash entry in Release file /var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_oneiric_universe_i18n_Index , W:Failed to fetch bzip2:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_oneiric-updates_main_source_Sources Hash Sum mismatch , W:Failed to fetch bzip2:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_oneiric-updates_restricted_binary-i386_Packages Hash Sum mismatch , W:Failed to fetch bzip2:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_oneiric-updates_universe_binary-i386_Packages Hash Sum mismatch , W:Failed to fetch bzip2:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_oneiric-updates_multiverse_binary-i386_Packages Hash Sum mismatch , W:Failed to fetch h tp://archive.ubuntu.com/ubuntu/dists/oneiric-updates/main/i18n/Index No Hash entry in Release file /var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_oneiric-updates_main_i18n_Index , W:Failed to fetch h ttp://archive.ubuntu.com/ubuntu/dists/oneiric-updates/multiverse/i18n/Index No Hash entry in Release file /var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_oneiric-updates_multiverse_i18n_Index , W:Failed to fetch ht tp://archive.ubuntu.com/ubuntu/dists/oneiric-updates/restricted/i18n/Index No Hash entry in Release file /var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_oneiric-updates_restricted_i18n_Index , W:Failed to fetch htt p://archive.ubuntu.com/ubuntu/dists/oneiric-updates/universe/i18n/Index No Hash entry in Release file /var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_oneiric-updates_universe_i18n_Index , W:Failed to fetch bzip2:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_oneiric-backports_main_source_Sources Hash Sum mismatch , W:Failed to fetch bzip2:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_oneiric-backports_restricted_binary-i386_Packages Hash Sum mismatch , W:Failed to fetch bzip2:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_oneiric-backports_universe_binary-i386_Packages Hash Sum mismatch , W:Failed to fetch bzip2:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_oneiric-backports_multiverse_binary-i386_Packages Hash Sum mismatch , W:Failed to fetch h ttp://archive.ubuntu.com/ubuntu/dists/oneiric-backports/main/i18n/Index No Hash entry in Release file /var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_oneiric-backports_main_i18n_Index , W:Failed to fetch h ttp://archive.ubuntu.com/ubuntu/dists/oneiric-backports/multiverse/i18n/Index No Hash entry in Release file /var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_oneiric-backports_multiverse_i18n_Index , W:Failed to fetch ht tp://archive.ubuntu.com/ubuntu/dists/oneiric-backports/restricted/i18n/Index No Hash entry in Release file /var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_oneiric-backports_restricted_i18n_Index , W:Failed to fetch ht tp://archive.ubuntu.com/ubuntu/dists/oneiric-backports/universe/i18n/Index No Hash entry in Release file /var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_oneiric-backports_universe_i18n_Index , W:Failed to fetch bzip2:/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_oneiric-security_main_source_Sources Hash Sum mismatch , E:Some index files failed to download. They have been ignored, or old ones used instead." Neglect the http typos, its to evade the 2 hyperlink.. I tried making a file in the apt.conf.d folder also, and added proxy entries, also set the system proxy.. and also the "network proxy", but nothing works.. And now I cant install any software!! Help needed

    Read the article

  • Is there a way to install i386 packages w/ it's i386 dependencies?

    - by foh1981
    I'm using Ubuntu 11.10 64-bit and I wish to install the CAD application DraftSight, which as of now only come in a 32-bit .deb file. I have installed this with some success before, but since 11.10 supports multiarch I would like to install the i386 versions of DraftSights dependencies. Ubuntu Software Center cannot handle the file, nor gdebi-gtk ('wrong architecture'). I can use dpkg with --force-architecture but there's A LOT of dependencies which I need to manually install afterward. Is there a way to automatically install these? Or semi-automatically with a script of some sort? (I'm thinking something along the lines of extracting the dependencies and adding :i386 and then feed that to apt-get or something...) Below is the output of dpkg-deb --info of the package in question. Package: dassault-systemes-draftsight Version: 2011.7.1198 Section: applications Priority: extra Architecture: i386 Pre-Depends: libexpat1 (>=2.0.1-4), libglib2.0-0 (>=2.22.3-0), libpcre3 (>=7.8-3), libselinux1 (>=2.0.85-2), zlib1g (>=1:1.2.3.3.dfsg-13), libc6 (>=2.10.1-0), libx11-6 (>=2:1.2.2-1), libxau6 (>=1:1.0.4-2), libxcomposite1 (>=1:0.4.0-4), libxcursor1 (>=1:1.1.9-1build1), libxdamage1 (>=1:1.1.1-4), libxdmcp6 (>=1:1.0.2-3), libxext6 (>=2:1.0.99.1-0), libxfixes3 (>=1:4.0.3-2build1), libxi6 (>=2:1.2.1-2), libxinerama1 (>=2:1.0.3-2), libxrandr2 (>=2:1.3.0-2), libxrender1 (>=1:0.9.4-2), libatk1.0-0 (>=1.28.0-0), libcairo2 (>=1.8.8-2), libdirectfb-extra (>=1.2.7-2), libfontconfig1 (>=2.6.0-1), libfreetype6 (>=2.3.9-5), libgtk2.0-0 (>=2.18.3-1), libpango1.0-0 (>=1.26.0-1), libpixman-1-0 (>=0.14.0-1), libpng12-0 (>=1.2.37-1), libxcb-render-util0 (>=0.3.6-1), libxcb-render0 (>=1.4-1), libxcb1 (>=1.4-1), debconf (>= 1.1) | debconf-2.0 Depends: libcomerr2 (>=1.41.9-1), libdbus-1-3 (>=1.2.16-0), libexpat1 (>=2.0.1-4), libgcc1 (>=1:4.4.1-4), libgcrypt11 (>=1.4.4-2), libglib2.0-0 (>=2.22.3-0), libgpg-error0 (>=1.6-1), libkeyutils1 (>=1.2-10), libpcre3 (>=7.8-3), libuuid1 (>=2.16-1), zlib1g (>=1:1.2.3.3.dfsg-13), libc6 (>=2.10.1-0), libgl1-mesa-glx (>=7.6.0-1), libglu1-mesa (>=7.6.0-1), libice6 (>=2:1.0.5-1), libsm6 (>=2:1.1.0-2), libx11-6 (>=2:1.2.2-1), libxau6 (>=1:1.0.4-2), libxdamage1 (>=1:1.1.1-4), libxdmcp6 (>=1:1.0.2-3), libxext6 (>=2:1.0.99.1-0), libxfixes3 (>=1:4.0.3-2build1), libxrender1 (>=1:0.9.4-2), libxt6 (>=1:1.0.5-3), libxxf86vm1 (>=1:1.0.2-1), libaudio2 (>=1.9.2-1), libavahi-client3 (>=0.6.25-1), libavahi-common3 (>=0.6.25-1), libcups2 (>=1.4.1-5), libdrm2 (>=2.4.14-1), libfontconfig1 (>=2.6.0-1), libgnutls26 (>=2.8.3-2), libgssapi-krb5-2 (>=1.7dfsg~beta3-1), libk5crypto3 (>=1.7dfsg~beta3-1), libkrb5-3 (>=1.7dfsg~beta3-1), libkrb5support0 (>=1.7dfsg~beta3-1), libstdc++6 (>=4.4.1-4), libtasn1-3 (>=2.2-1), libxcb1 (>=1.4-1), sendmail Installed-Size: 284948 Maintainer: Dassault Systemes <[email protected]> Homepage: www.3ds.com Description: With DraftSight, you can easily create professional CAD drawings. Supported file formats are DWT, DXF and DWG.

    Read the article

  • Request Limit Length Limits for IIS&rsquo;s requestFiltering Module

    - by Rick Strahl
    Today I updated my CodePaste.net site to MVC 3 and pushed an update to the site. The update of MVC went pretty smooth as well as most of the update process to the live site. Short of missing a web.config change in the /views folder that caused blank pages on the server, the process was relatively painless. However, one issue that kicked my ass for about an hour – and not foe the first time – was a problem with my OpenId authentication using DotNetOpenAuth. I tested the site operation fairly extensively locally and everything worked no problem, but on the server the OpenId returns resulted in a 404 response from IIS for a nice friendly OpenId return URL like this: http://codepaste.net/Account/OpenIdLogon?dnoa.userSuppliedIdentifier=http%3A%2F%2Frstrahl.myopenid.com%2F&dnoa.return_to_sig_handle=%7B634239223364590000%7D%7BjbHzkg%3D%3D%7D&dnoa.return_to_sig=7%2BcGhp7UUkcV2B8W29ibIDnZuoGoqzyS%2F%2FbF%2FhhYscgWzjg%2BB%2Fj10ZpNdBkUCu86dkTL6f4OK2zY5qHhCnJ2Dw%3D%3D&openid.assoc_handle=%7BHMAC-SHA256%7D%7B4cca49b2%7D%7BMVGByQ%3D%3D%7D&openid.claimed_id=http%3A%2F%2Frstrahl.myopenid.com%2F&openid.identity=http%3A%2F%2Frstrahl.myopenid.com%2F&openid.mode=id_res&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.sreg=http%3A%2F%2Fopenid.net%2Fextensions%2Fsreg%2F1.1&openid.op_endpoint=http%3A%2F%2Fwww.myopenid.com%2Fserver&openid.response_nonce=2010-10-29T04%3A12%3A53Zn5F4r5&openid.return_to=http%3A%2F%2Fcodepaste.net%2FAccount%2FOpenIdLogon%3Fdnoa.userSuppliedIdentifier%3Dhttp%253A%252F%252Frstrahl.myopenid.com%252F%26dnoa.return_to_sig_handle%3D%257B634239223364590000%257D%257BjbHzkg%253D%253D%257D%26dnoa.return_to_sig%3D7%252BcGhp7UUkcV2B8W29ibIDnZuoGoqzyS%252F%252FbF%252FhhYscgWzjg%252BB%252Fj10ZpNdBkUCu86dkTL6f4OK2zY5qHhCnJ2Dw%253D%253D&openid.sig=h1GCSBTDAn1on98sLA6cti%2Bj1M6RffNerdVEI80mnYE%3D&openid.signed=assoc_handle%2Cclaimed_id%2Cidentity%2Cmode%2Cns%2Cns.sreg%2Cop_endpoint%2Cresponse_nonce%2Creturn_to%2Csigned%2Csreg.email%2Csreg.fullname&openid.sreg.email=rstrahl%40host.com&openid.sreg.fullname=Rick+Strahl A 404 of course isn’t terribly helpful – normally a 404 is a resource not found error, but the resource is definitely there. So how the heck do you figure out what’s wrong? If you’re just interested in the solution, here’s the short version: IIS by default allows only for a 1024 byte query string, which is obviously exceeded by the above. The setting is controlled by the RequestFiltering module in IIS 6 and later which can be configured in ApplicationHost.config (in \%windir\system32\inetsvr\config). To set the value configure the requestLimits key like so: <configuration> <security> <requestFiltering> <requestLimits maxQueryString="2048"> </requestLimits> </requestFiltering> </security> </configuration> This fixed me right up and made the requests work. How do you find out about problems like this? Ah yes the troubles of an administrator? Read on and I’ll take you through a quick review of how I tracked this down. Finding the Problem The issue with the error returned is that IIS returns a 404 Resource not found error and doesn’t provide much information about it. If you’re lucky enough to be able to run your site from the localhost IIS is actually very helpful and gives you the right information immediately in a nicely detailed error page. The bottom of the page actually describes exactly what needs to be fixed. One problem with this easy way to find an error: You HAVE TO run localhost. On my server which has about 10 domains running localhost doesn’t point at the particular site I had problems with so I didn’t get the luxury of this nice error page. Using Failed Request Tracing to retrieve Error Info The first place I go with IIS errors is to turn on Failed Request Tracing in IIS to get more error information. If you have access to the server to make a configuration change you can enable Failed Request Tracing like this: Find the Failed Request Tracing Rules in the IIS Service Manager.   Select the option and then Edit Site Tracing to enable tracing. Then add a rule for * (all content) and specify status codes from 100-999 to capture all errors. if you know exactly what error you’re looking for it might help to specify it exactly to keep the number of errors down. Then run your request and let it fail. IIS will throw error log files into a folder like this C:\inetpub\logs\FailedReqLogFiles\W3SVC5 where the last 5 is the instance ID of the site. These files are XML but they include an XSL stylesheet that provides some decent formatting. In this case it pointed me straight at the offending module:   Ok, it’s the RequestFilteringModule. Request Filtering is built into IIS 6-7 and configured in ApplicationHost.config. This module defines a few basic rules about what paths and extensions are allowed in requests and among other things how long a query string is allowed to be. Most of these settings are pretty sensible but the query string value can easily become a problem especially if you’re dealing with OpenId since these return URLs are quite extensive. Debugging failed requests is never fun, but IIS 6 and forward at least provides us the tools that can help us point in the right direction. The error message the FRT report isn’t as nice as the IIS error message but it at least points at the offending module which gave me the clue I needed to look at request restrictions in ApplicationHost.config. This would still be a stretch if you’re not intimately familiar, but I think with some Google searches it would be easy to track this down with a few tries… Hope this was useful to some of you. Useful to me to put this out as a reminder – I’ve run into this issue before myself and totally forgot. Next time I got it, right?© Rick Strahl, West Wind Technologies, 2005-2010Posted in ASP.NET  Security  

    Read the article

  • Restore Your PC from Windows Home Server

    - by Mysticgeek
    If your computer crashes or you get a virus infection that makes it unrecoverable, doing a clean install can be a hassle, let alone getting your data back. If you’re backing up your computers to Windows Home Server, you can completely restore them to the last successful backup. Note: For this process to work you need to verify the PC you want to restore is connected to your network via Ethernet. If you have it connected wirelessly it won’t work. Restore a PC from Windows Home Server On the computer you want to restore, pop in the Windows Home Server Home Computer Restore disc and boot from it. If you don’t have one already made, you can easily make one following these instructions. We have also included the link to the restore disc below. Boot from the CD then select if your machine has 512MB or RAM or more. The disc will initialize… Then choose your language and keyboard settings. Hopefully if everything goes correctly, your network card will be detected and you can continue. However, if it doesn’t like in our example, click on the Show Details button. In the Detect Hardware screen click on the Install Drivers button. Now you will need to have a USB flash drive with the correct drivers on it. It has to be a flash drive or a floppy (if you happen to still have one of those) because you can’t take out the Restore CD. If you want to make sure you have the correct drivers on the USB flash drive, open the Windows Home Server Console on another computer on your network. In the Computers and Backup section right-click on the computer you want to restore and select View Backups. Select the backup you want to restore from and click the Open button in the Restore or view Files section. Now drag the entire contents of the folder named Windows Home Server Drivers for Restore to the USB flash drive. Back to the machine you’re trying to restore, insert the USB flash drive with the correct drivers and click the Scan button. Wait a few moments while the drivers are found then click Ok then Continue.   The Restore Computer Wizard starts up… Enter in your home server password and click Next. Select the computer you want to restore. If it isn’t selected by default you can pull it up from the dropdown list under Another Computer. Make certain you’re selecting the correct machine. Now select the backup you want to restore. In this example we only have one but chances are you’ll have several. If you have several backups to choose from, you might want to check out the details for them. Now you can select the disk from backup and and restore it to the destination volume. You might need to initialize a disk, change a drive letter, or other disk management tasks, if so, then click on Run Disk Manger. For example we want to change the destination drive letter to (C:).   After you’ve made all the changes to the destination disk you can continue with the restore process. If everything looks correct, confirm the restore configuration. If you need to make any changes at this point, you can still go back and make them. Now Windows Home Server will restore your drive. The amount of time it takes will vary depend on the amount of data you have to restore, network connection speed, and hardware. You are notified when the restore successfully completes. Click Finish and the PC will reboot and be restored and should be working correctly. All the updates, programs, and files will be back that were saved to the last successful backup. Anything you might have installed after that backup will be gone. If you have your computers set to backup every night, then hopefully it won’t be a big issue.   Conclusion Backing up the computers on your network to Windows Home Server is a valuable tool in your backup strategy. Sometimes you may only need to restore a couple files and we’ve covered how to restore them from backups on WHS and that works really well. If the unthinkable happens and you need to restore the entire computer, WHS makes that easy too.  Download Windows Home Server Home Computer Restore CD Similar Articles Productive Geek Tips Restore Files from Backups on Windows Home ServerCreate A Windows Home Server Home Computer Restore DiscGMedia Blog: Setting Up a Windows Home ServerShare Ubuntu Home Directories using SambaInstalling Windows Home Server TouchFreeze Alternative in AutoHotkey The Icy Undertow Desktop Windows Home Server – Backup to LAN The Clear & Clean Desktop Use This Bookmarklet to Easily Get Albums Use AutoHotkey to Assign a Hotkey to a Specific Window Latest Software Reviews Tinyhacker Random Tips Revo Uninstaller Pro Registry Mechanic 9 for Windows PC Tools Internet Security Suite 2010 PCmover Professional Make your Joomla & Drupal Sites Mobile with OSMOBI Integrate Twitter and Delicious and Make Life Easier Design Your Web Pages Using the Golden Ratio Worldwide Growth of the Internet How to Find Your Mac Address Use My TextTools to Edit and Organize Text

    Read the article

  • Hidden divs for "lazy javascript" loading? Possible security/other issues?

    - by xyld
    I'm curious about people's opinion's and thoughts about this situation. The reason I'd like to lazy load javascript is because of performance. Loading javascript at the end of the body reduces the browser blocking and ends up with much faster page loads. But there is some automation I'm using to generate the html (django specifically). This automation has the convenience of allowing forms to be built with "Widgets" that output content it needs to render the entire widget (extra javascript, css, ...). The problem is that the widget wants to output javascript immediately into the middle of the document, but I want to ensure all javascript loads at the end of the body. When the following widget is added to a form, you can see it renders some <script>...</script> tags: class AutoCompleteTagInput(forms.TextInput): class Media: css = { 'all': ('css/jquery.autocomplete.css', ) } js = ( 'js/jquery.bgiframe.js', 'js/jquery.ajaxQueue.js', 'js/jquery.autocomplete.js', ) def render(self, name, value, attrs=None): output = super(AutoCompleteTagInput, self).render(name, value, attrs) page_tags = Tag.objects.usage_for_model(DataSet) tag_list = simplejson.dumps([tag.name for tag in page_tags], ensure_ascii=False) return mark_safe(u'''<script type="text/javascript"> jQuery("#id_%s").autocomplete(%s, { width: 150, max: 10, highlight: false, scroll: true, scrollHeight: 100, matchContains: true, autoFill: true }); </script>''' % (name, tag_list,)) + output What I'm proposing is that if someone uses a <div class=".lazy-js">...</div> with some css (.lazy-js { display: none; }) and some javascript (jQuery('.lazy-js').each(function(index) { eval(jQuery(this).text()); }), you can effectively force all javascript to load at the end of page load: class AutoCompleteTagInput(forms.TextInput): class Media: css = { 'all': ('css/jquery.autocomplete.css', ) } js = ( 'js/jquery.bgiframe.js', 'js/jquery.ajaxQueue.js', 'js/jquery.autocomplete.js', ) def render(self, name, value, attrs=None): output = super(AutoCompleteTagInput, self).render(name, value, attrs) page_tags = Tag.objects.usage_for_model(DataSet) tag_list = simplejson.dumps([tag.name for tag in page_tags], ensure_ascii=False) return mark_safe(u'''<div class="lazy-js"> jQuery("#id_%s").autocomplete(%s, { width: 150, max: 10, highlight: false, scroll: true, scrollHeight: 100, matchContains: true, autoFill: true }); </div>''' % (name, tag_list,)) + output Nevermind all the details of my specific implementation (the specific media involved), I'm looking for a consensus on whether the method of using lazy-loaded javascript through hidden a hidden tags can pose issues whether security or other related? One of the most convenient parts about this is that it follows the DRY principle rather well IMO because you don't need to hack up a specific lazy-load for each instance in the page. It just "works". UPDATE: I'm not sure if django has the ability to queue things (via fancy template inheritance or something?) to be output just before the end of the </body>?

    Read the article

  • Google Map API v3 — set bounds and center

    - by Michael Bradley
    Hi, I've recently switched to Google Maps API V3. I'm working of a simple example which plots markers from an array, however I do not know how to center and zoom automatically with respect to the markers. I've searched the net high and low, including Google's own documentation, but have not found a clear answer. I know I could simply take an average of the co-ordinates, but how would I set the zoom accordingly? Could somebody please point me in the right direction? Perhaps you know of a good tutorial. Many thanks in advance, Michael function initialize() { var myOptions = { zoom: 10, center: new google.maps.LatLng(-33.9, 151.2), mapTypeId: google.maps.MapTypeId.ROADMAP } var map = new google.maps.Map(document.getElementById("map_canvas"),myOptions); setMarkers(map, beaches); } var beaches = [ ['Bondi Beach', -33.890542, 151.274856, 4], ['Coogee Beach', -33.423036, 151.259052, 5], ['Cronulla Beach', -34.028249, 121.157507, 3], ['Manly Beach', -33.80010128657071, 151.28747820854187, 2], ['Maroubra Beach', -33.450198, 151.259302, 1] ]; function setMarkers(map, locations) { var image = new google.maps.MarkerImage('images/beachflag.png', new google.maps.Size(20, 32), new google.maps.Point(0,0), new google.maps.Point(0, 32)); var shadow = new google.maps.MarkerImage('images/beachflag_shadow.png', new google.maps.Size(37, 32), new google.maps.Point(0,0), new google.maps.Point(0, 32)); var lat = map.getCenter().lat(); var lng = map.getCenter().lng(); var shape = { coord: [1, 1, 1, 20, 18, 20, 18 , 1], type: 'poly' }; for (var i = 0; i < locations.length; i++) { var beach = locations[i]; var myLatLng = new google.maps.LatLng(beach[1], beach[2]); var marker = new google.maps.Marker({ position: myLatLng, map: map, shadow: shadow, icon: image, shape: shape, title: beach[0], zIndex: beach[3] }); } }

    Read the article

  • How to ellipsize center-aligned textview beside a right-aligned button when screen width is small

    - by simplymoody
    ------------------------------------ | LONG_TITL... |button| | |------------------------------------| | | I have an app header which consists of the app title and a button. The button should be fixed on the right side but I want the title to be in the middle and ellipsize when the screen is too small. Problem is the title just won't ellipsize even though the button is nearly beside it. Here's what I have so far: <RelativeLayout android:id="@+id/headr" android:layout_width="match_parent" android:layout_height="wrap_content" android:gravity="center"> <ImageView android:id="@+id/bar_orange" android:layout_width="match_parent" android:layout_height="wrap_content" android:layout_alignParentTop="true" android:minHeight="40dp" android:scaleType="centerCrop" android:src="@drawable/bar_orange"/> <TextView android:id="@+id/Title" android:layout_marginLeft="20dp" android:layout_marginRight="20dp" android:layout_width="wrap_content" android:layout_height="wrap_content" android:layout_centerInParent="true" android:gravity="center" android:text="@string/bcd" android:textColor="#FFFFFF" android:ellipsize="marquee" android:singleLine="true" android:textSize="18sp" android:textStyle="bold"/> <Button android:padding="5dp" android:id="@+id/home" android:textColor="#ffffff" android:layout_marginRight="10dp" android:layout_marginLeft="10dp" android:layout_width="wrap_content" android:layout_height="wrap_content" android:layout_alignParentRight="true" android:layout_centerVertical="true" android:singleLine="true" android:background="@drawable/button_home" android:text="@string/home"/> </RelativeLayout> Is there a way to do this with just RelativeLayout?

    Read the article

  • CSS sliding-door buttons center alignment

    - by rochal
    Hi guys, I need help to align CSS buttons. I tried many different variations and I just cannot center my button the way I want. Firstly, have a look at this url: http://www.front-end-developer.net/cssbuttons/example.htm I'm using 2 images to form a button (this could be done on 1 image, but in this case we've got two). Everything works as expected as long as we apply float:left or float:right to the parent div element, to 'limit' width of the div and close it as soon as the content of the div ends. You can remove float:left from the button to see what I mean. But what about center positioned buttons? I cannot add float:left/right because I want align it in the middle. In theory, I could set { width:XXpx; margin:0 auto; } And I will get what you can see on this picture: But I don't know the length of the text inside. Having different translations my button can be very short, or 5 times that long. I also tried to use <span> instead of <div>, but unfortunately nested inline elements don't respect their padding correctly... And yes, I must use <a> inside, so buttons can be accessed by web crawlers. I'm really stuck on this one.

    Read the article

  • WPF ListView GridView DisplayMemberBinding Center alignin content

    - by Bigginn
    I'm trying to center align data in a ListView/Gridview where I use DisplayMemberBinding. This is (partially) how my gridview looks: <ListView> <ListView.View> <GridView> <GridView.Columns> <GridViewColumn DisplayMemberBinding="{Binding Path=Timi}" Width="Auto"> <GridViewColumnHeader Content="Tími" Click="GridViewColumnHeader_Click" ></GridViewColumnHeader> </GridViewColumn> </GridView.Columns> </GridView> </ListView.View> </ListView> I tried to use CellTemplate like explained on this page http://msdn.microsoft.com/en-us/library/system.windows.controls.gridviewcolumn.celltemplate.aspx but it didn't work and then later I read somewhere that one should never use cellTemplate and DisplayMemberBinding together. So the question is : How do I center the gridview data when I use DisplayMemberBinding to bind the data to the gridview? Thanks in advance.

    Read the article

  • Right way to center a <div> in xhtml?

    - by Meredith
    Im working with a XHTML 1.0 Transitional doctype html file, and I want to have a main div with 800px width and make it appears centered (not the div content, but the div itself). I've used this on the past: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> <style> <!-- html, body { margin:0; padding:0; } #main-container { background:black; width:800px; } --> </style> </head> <body> <center> <div id="main-container"> Content </div> </center> </body> </html> But I am not sure if this is cross-browser compatible, or if its valid xhtml.

    Read the article

  • Vertically center a fluid image in a fluid container

    - by Ferdy
    I certainly do not want to add to the pile of vertical alignments CSS questions, but I've spent hours trying to find a solution to no avail yet. Here's the situation: I am building a slideshow gallery of images. I want the images to be displayed as large as the user's window allows. So I have this outer placeholder: <section class="photo full"> (Yes, I'm using HTML5 elements). Which has the following CSS: section.photo.full { display:inline-block; width:100%; height:100%; position:absolute; overflow:hidden; text-align:center; } Next, the image is placed inside it. Depending on the orientation of the image, I set either the width or height to 75%, and the other axis to auto: $wide = $bigimage['width'] >= $bigimage['height'] ? true: false; ?> <img src="<?= $bigimage['url'] ?>" width="<?= $wide? "75%" : "auto"?>" height="<?= $wide? "auto" : "75%"?>"/> So, we have a fluid outer container, with inside a fluid image. The horizontal centering of the image works, yet I cannot seem to find a way to vertically center the image within it's container. I have researched centering methods but most assume either the container or image has a known width or height. Then there is the display:table-cell method, which does not seem to work for me either. I'm stuck. I'm looking for a CSS solution, but am open to js solutions too.

    Read the article

  • jquery animate from object center

    - by mtwallet
    Hi. I am trying to create a product viewer similar to the one at the bottom of this page http://www.logitech.com/en-gb/. As you can see the product animates from the center rather than top left which I think is Jquery's default. So what I am doing is trying animate the width and height and then also the offset to make it look like it animates from the center. My code looks like this: <style> body { background: black; } .box { background: #fff url('pic.jpg') no-repeat 0 0; width: 200px; height: 200px; margin: 10px 4%; float: left; } </style> <script type="text/javascript"> $(document).ready(function() { $(".box").hover(function() { $(".box").not(this).fadeTo(500, 0.5); $(this).animate({ width: 300, height: 300, left: -100, top: -100 }, 500); }, function() { $(this).animate({ width: 200, height: 200, left: 100, top: 100 }, 500); $(".box").fadeTo(500, 1); }); }); </script> I cannot seem to get this working as I want. Can anyone help with this or suggest a better technique? Many thanks

    Read the article

  • Center big image in smaller div

    - by larin555
    I'm trying to align images in the center of a slider div. I'm adjusting FlexSlider css by the way. Here's my CSS code : .flexslider {margin: 0; padding: 0; width: 600px; height:480px; overflow:hidden;margin-left:auto;margin-right:auto;} .flexslider .slides > li {display: none; -webkit-backface-visibility: hidden;} /* Hide the slides before the JS is loaded. Avoids image jumping */ .flexslider .slides img {width:auto;height:100%; display: inline-block; text-align:center;} Everything is working like I want, except that I want wider image to be centered in the div. Right now it is left-aligned. I cannot use background-image by the way. Any ideas? I also tried applying to the .flexslider .slides img : margin-left:-50%...not working margin-left:auto and margin-right:auto...not working left:50% and right:50%...not working either

    Read the article

  • How do I center align horizontal <UL> menu?

    - by Steven
    I need to centre align a horizontal menu. I've tried various solutions, including the mix of inline-block / block / center-align etc., but not being successful. Can someone help me please? :) Here is my code: <div class="topmenu-design"> <!-- Top menu content: START --> <ul id="topmenu firstlevel"> <li class="firstli" id="node_id_64"><div><a href="#"><span>Om kampanjen</span></a></div></li> <li id="node_id_65"><div><a href="#"><span>Fakta om inneklima</span></a></div></li> <li class="lastli" id="node_id_66"><div><a href="#"><span>Statistikk</span></a></div></li> </ul> <!-- Top menu content: END --> </div> UPDATE I know how to center align the UL within the DIV. That can be accomplished using Sarfraz's suggestion. But the list items are still floated left within the UL. Do I smell javascript to accomplish this?

    Read the article

  • How do I center this form in css?

    - by johnny
    I have tried everything. I cannot get this centered on the screen. I am using ie 9 but it does the same in chrome. It just sits on the left of the webpage. Thank you for any help. <style type="text/css"> body { margin:50px 0px; padding:0px; text-align:center; align:center; } label,input { display: block; width: 150px; float: left; margin-bottom: 10px; } label { text-align: right; width: 75px; padding-right: 20px; } br { clear: left; } </style> </head> <body> <form name="Form1" action="mypage.asp" method="get"> <label for="name">Name</label> <input id="name" name="name"><br> <label for="address">Address</label> <input id="address" name="address"><br> <label for="city">City</label> <input id="city" name="city"><br> <input type="submit" name="submit" id="submit" value="submit" class="button" /> </form> </body>

    Read the article

  • How to center a List(ul)

    - by BlackPearl
    I have a ul List that contain some li elements and I float them to left. It currently looks like below; | A | B | C | D | E < space empty| I want it to be | A | B | C | D | E | that is center on the page and contents should be centered too HTML <div class="profile-content"> <ul class="content-btn"> <li> <div class="digits">83</div>Followers </li> <li> <div class="digits">1507</div>Tweets </li> <li> <div class="digits">234</div>Friends </li> <li> <div class="digits">51</div>Likes </li> <li> <div class="digits">42</div>Gits </li> </ul> <div class="clear"></div> </div> CSS .content-btn { width:100%; margin: 0 auto; } .profile-content ul li { float: left; padding: 5px 8px; text-align: center; border-right: 1px solid #eeeeee; border-left: 1px solid #ffffff; } .profile-content ul li .digits { font-weight: bold; font-size: 16px; }

    Read the article

  • Security in shared hosting vs VPS 'virtual appliances'

    - by Pedro Loureiro
    I have to change my hosting provider. Right now I have a shared hosting account but I'm considering trying the LAMP stack appliance from turnkeylinux.org. I'm very comfortable with using linux, I've been using it for a long time. I have no problem ssh'ing into remote machines and do whatever I have to do (coding, reading logs, moving files, deploying, etc). The problem is that none of those tasks have involved securing the server/firewall. My experience has been as a desktop user or developer deploying apps/files in remote servers. Ignoring the security in the application logic (read: any scripts, frameworks, websites I might have created or installed) - I'm worried about things like base configuration of deamons, firewall, ports, executable scripts being readable from the outside and whatnot. My question is: how do you compare the (expected) out of the box security of the LAMP stack from turnkey and the (expected) security of a "regular" shared hosting provider? I was hoping to find some guides with a list of steps to do to protect my server but the only documentation I found was simply referring to ubuntu's documentation.

    Read the article

  • Win 2008 R2 terminal server and redirected printer queue security

    - by Ian
    I have a case where I need a non-priv account to be able to make a modification to the redirected printer. I know, its not advisable but we're not giving them access - changes will be made in code. So, following the docs (http://technet.microsoft.com/en-us/library/ee524015(WS.10).aspx) I modified the default security for new printer queues. This doesnt work though as windows doesn't seem to assign the privs you configure in the printer admin tool to redirected printer queues. As I test I added a non-priv test user to the default security tab in the printer admin tool (control panel - admin tools - printer admin. I assigned it all privs (its a test) and logged the user into the terminal server. The redirected printers duely appeared as usual. However if I open the printer properties - security tab, the user appears in the list of accounts/groups but the options I selected (all privs) are not set. Instead the user special privs box is marked and when I click on 'advanced options' and view them, there is nothing marked. So, something is clearing these options.... the question is, why and how can I convince it not to? Ian

    Read the article

  • (Some) security perms in WinXP corrupted (shows GUID instead of username)

    - by Andy
    I've been using my Win XP machine (part of a domain) over the holiday period, so until yesterday it hadn't rebooted for about five days. I used it yesterday perfectly fine and shut it down. When I switched it on this morning the majority (but not all) of my shortcut links in the Quick Launch toolbar showed as generic file icons. If you open the folder and get properties on one of the failing shortcuts it says ''Target type: This is not a valid shortcut''. Then in Outlook I noticed my signature wasn't showing (I checked my sent folder and the sig was ok yesterday). Checking the signature folder, I can't see the security tab on any of the sig files, and I have an access denied message on trying to open them. I can see the security tab on the signature folder itself, just none of the contents. If I try and use the parent folder's security tab and ''Replace permission entries on all child objects with entries shown here that apply to child objects'' it appears to work fine, but makes no actual difference. I logged in as administrator and saw that the owner of the files showed up as a GUID (clearly should've been my account in its place). Any ideas what might have made that happen? So far I haven't heard any similar complaints from anyone else at the office...

    Read the article

  • I Can't Install or Remove Any Application

    - by berkay gürsoy
    when i try to install or remove an application via either software center or apt-get install they both fail and give some debconf errors below is the log please help.Sorry some of the text is not english. sudo apt-get install aptitude Paket listeleri okunuyor... Bitti Bagimlilik agaci insa ediliyor. Durum bilgisi okunuyor... Bitti Asagidaki ek paketler de yüklenecek: aptitude-common libboost-iostreams1.49.0 libcwidget3 Önerilen paketler: aptitude-doc-en aptitude-doc tasksel debtags libcwidget-dev Asagidaki YENI paketler kurulacak: aptitude aptitude-common libboost-iostreams1.49.0 libcwidget3 Yükseltilen: 0, Yeni Kurulan: 4, Kaldirilacak: 0 ve Yükseltilmeyecek: 48. 8 tam olarak kurulmadi veya kaldirilmadi. Indirilmesi gereken dosya boyutu 0 B/2.498 kB Bu islemden sonra 10,4 MB ek disk alani kullanilacak. Devam etmek istiyor musunuz [E/h]? e Use of uninitialized value in concatenation (.) or string at /usr/share/perl5/Debconf/DbDriver/File.pm line 44, <DEBCONF_CONFIG> chunk 3. Use of uninitialized value in -e at /usr/share/perl5/Debconf/DbDriver/File.pm line 46, <DEBCONF_CONFIG> chunk 3. Use of uninitialized value in pattern match (m//) at /usr/share/perl5/Debconf/DbDriver/File.pm line 47, <DEBCONF_CONFIG> chunk 3. Use of uninitialized value $directory in -d at /usr/share/perl5/Debconf/DbDriver/File.pm line 48, <DEBCONF_CONFIG> chunk 3. Use of uninitialized value $directory in concatenation (.) or string at /usr/share/perl5/Debconf/DbDriver/File.pm line 49, <DEBCONF_CONFIG> chunk 3. debconf: DbDriver "config": mkdir :Böyle bir dosya ya da dizin yok Selecting previously unselected package aptitude-common. dpkg: uyari: files list file for package 'aspell' missing; assuming package has no files currently installed dpkg: uyari: files list file for package 'ubuntu-desktop' missing; assuming package has no files currently installed dpkg: uyari: files list file for package 'vuze' missing; assuming package has no files currently installed dpkg: uyari: files list file for package 'java-wrappers' missing; assuming package has no files currently installed (Veritabani okunuyor... 198988 files and directories currently installed.) Unpacking aptitude-common (from .../aptitude-common_0.6.8.1-2ubuntu1_all.deb) ... Selecting previously unselected package libboost-iostreams1.49.0. Unpacking libboost-iostreams1.49.0 (from .../libboost-iostreams1.49.0_1.49.0-3.1ubuntu1_amd64.deb) ... Selecting previously unselected package libcwidget3. Unpacking libcwidget3 (from .../libcwidget3_0.5.16-3.4ubuntu1_amd64.deb) ... Selecting previously unselected package aptitude. Unpacking aptitude (from .../aptitude_0.6.8.1-2ubuntu1_amd64.deb) ... wicd-daemon (1.7.2.4-2ubuntu1) kuruluyor... Use of uninitialized value in concatenation (.) or string at /usr/share/perl5/Debconf/DbDriver/File.pm line 44, <DEBCONF_CONFIG> chunk 3. Use of uninitialized value in -e at /usr/share/perl5/Debconf/DbDriver/File.pm line 46, <DEBCONF_CONFIG> chunk 3. Use of uninitialized value in pattern match (m//) at /usr/share/perl5/Debconf/DbDriver/File.pm line 47, <DEBCONF_CONFIG> chunk 3. Use of uninitialized value $directory in -d at /usr/share/perl5/Debconf/DbDriver/File.pm line 48, <DEBCONF_CONFIG> chunk 3. Use of uninitialized value $directory in concatenation (.) or string at /usr/share/perl5/Debconf/DbDriver/File.pm line 49, <DEBCONF_CONFIG> chunk 3. debconf: DbDriver "config": mkdir :Böyle bir dosya ya da dizin yok dpkg: error processing wicd-daemon (--configure): installed post-installation script alt islemi çikis durumunda hata döndürdü : 1 man-db (2.6.3-1) kuruluyor... Use of uninitialized value in concatenation (.) or string at /usr/share/perl5/Debconf/DbDriver/File.pm line 44, <DEBCONF_CONFIG> chunk 3. Use of uninitialized value in -e at /usr/share/perl5/Debconf/DbDriver/File.pm line 46, <DEBCONF_CONFIG> chunk 3. Use of uninitialized value in pattern match (m//) at /usr/share/perl5/Debconf/DbDriver/File.pm line 47, <DEBCONF_CONFIG> chunk 3. Use of uninitialized value $directory in -d at /usr/share/perl5/Debconf/DbDriver/File.pm line 48, <DEBCONF_CONFIG> chunk 3. Use of uninitialized value $directory in concatenation (.) or string at /usr/share/perl5/Debconf/DbDriver/File.pm line 49, <DEBCONF_CONFIG> chunk 3. debconf: DbDriver "config": mkdir :Böyle bir dosya ya da dizin yok dpkg: error processing man-db (--configure): installed post-installation script alt islemi çikis durumunda hata döndürdü : 1 dictionaries-common (1.12.10) kuruluyor... Use of uninitialized value in concatenation (.) or string at /usr/share/perl5/Debconf/DbDriver/File.pm line 44, <DEBCONF_CONFIG> chunk 3. Use of uninitialized value in -e at /usr/share/perl5/Debconf/DbDriver/File.pm line 46, <DEBCONF_CONFIG> chunk 3. Use of uninitialized value in pattern match (m//) at /usr/share/perl5/Debconf/DbDriver/File.pm line 47, <DEBCONF_CONFIG> chunk 3. Use of uninitialized value $directory in -d at /usr/share/perl5/Debconf/DbDriver/File.pm line 48, <DEBCONF_CONFIG> chunk 3. Use of uninitialized value $directory in concatenation (.) or string at /usr/share/perl5/Debconf/DbDriver/File.pm line 49, <DEBCONF_CONFIG> chunk 3. debconf: DbDriver "config": mkdir :Böyle bir dosya ya da dizin yok dpkg: error processing dictionaries-common (--configure): installed post-installation script alt islemi çikis durumunda hata döndürdü : 1 dpkg: dependency problems prevent configuration of aspell: aspell depends on dictionaries-common (>> 0.40); bununla beraber: Package dictionaries-common is not configured yet. dpkg: error processing aspell (--configure): bagimlilik sorunlari - yapilandirilmadan birakiliyor dpkg: dependency problems prevent configuration of aspell-en: aspell-en depends on aspell (>= 0.60.3-2); bununla beraber: Package aspell is not configured yet. aspell-en depends on dictionaries-common (>= 0.49.2); bununla beraber: Package dictionaries-common is not configured yet. dpkg: error processing aspell-en (--configure): bagimlilik sorunlari - yapilandirilmadan birakiliyor dpkg: dependency problems prevent configuration of hyphen-en-us: hyphen-en-us depends on dictionaries-common (>= 0.10) | openoffice.org-updatedicts; bununla beraber: Package dictionaries-common is not configured yet. openoffice.org-updatedicts paketi yüklenmedi. Package dictionaries-common which provides openoffice.org-updatedicts is not configured yet. dpkg: error processing hyphen-en-us (--configure): bagimlilik sorunlari - yapilandirilmadan birakiliyor dpkg: dependency problems prevent configuration of wicd-gtk: wicd-gtk depends on wicd-daemon (= 1.7.2.4-2ubuntu1); bununla beraber: Package wicd-daemon is not configured yet. dpkg: error processing wicd-gtk (--configure): bagimlilik sorunlari - yapilandirilmadan birakiliyor dpkg: dependency problems prevent configuration of wicd: wicd depends on wicd-daemon (= 1.7.2.4-2ubuntu1); bununla beraber: Package wicd-daemon is not configured yet. wicd depends on wicd-gtk (= 1.7.2.4-2ubuntu1) | wicd-curses (= 1.7.2.4-2ubuntu1) | wicd-cli (= 1.7.2.4-2ubuntu1) | wicd-client; bununla beraber: Package wicd-gtk is not configured yet. wicd-curses paketi yüklenmedi. wicd-cli paketi yüklenmedi. wicd-client paketi yüklenmedi. Package wicd-gtk which provides wicd-client is not configured yet. dpkg: error processing wicd (--configure): bagimlilik sorunlari - yapilandirilmadan birakiliyor aptitude-common (0.6.8.1-2ubuntu1) kuruluyor... libboost-iostreams1.49.0 (1.49.0-3.1ubuntu1) kuruluyor... libcwidget3 (0.5.16-3.4ubuntu1) kuruluyor... aptitude (0.6.8.1-2ubuntu1) kuruluyor... update-alternatives: using /usr/bin/aptitude-curses to provide /usr/bin/aptitude (aptitude) in Otomatik Mod Processing triggers for libc-bin ... ldconfig deferred processing now taking place Islem sirasinda hatalar bulundu: wicd-daemon man-db dictionaries-common aspell aspell-en hyphen-en-us wicd-gtk wicd E: Sub-process /usr/bin/dpkg returned an error code (1)

    Read the article

  • Using Oracle Proxy Authentication with JPA (eclipselink-Style)

    - by olaf.heimburger
    Security is a very intriguing topic. You will find it everywhere and you need to implement it everywhere. Yes, you need. Unfortunately, one can easily forget it while implementing the last mile. The Last Mile In a multi-tier application it is a common practice to use connection pools between the business layer and the database layer. Connection pools are quite useful to speed database connection creation and to split the load. Another very common practice is to use a specific, often called technical, user to connect to the database. This user has authentication and authorization rules that apply to all application users. Imagine you've put every effort to define roles for different types of users that use your application. These roles are necessary to differentiate between normal users, premium users, and administrators (I bet you will find or already have more roles in your application). While these user roles are pretty well used within your application, once the flow of execution enters the database everything is gone. Each and every user just has one role and is the same database user. Issues? What Issues? As long as things go well, this is not a real issue. However, things do not go well all the time. Once your application becomes famous performance decreases in certain situations or, more importantly, current and upcoming regulations and laws require that your application must be able to apply different security measures on a per user role basis at every stage of your application. If you only have a bunch of users with the same name and role you are not able to find the application usage profile that causes the performance issue, or which user has accessed data that he/she is not allowed to. Another thread to your role concept is that databases tend to be used by different applications and tools. These tools can be developer tools like SQL*Plus, SQL Developer, etc. or end user applications like BI Publisher, Oracle Forms and so on. These tools have no idea of your applications role concept and access the database the way they think is appropriate. A big oversight for your perfect role model and a big nightmare for your Chief Security Officer. Speaking of the CSO, brings up another issue: Password management. Once your technical user account is compromised, every user is able to do things that he/she is not expected to do from the design of your application. Counter Measures In the Oracle world a common counter measure is to use Virtual Private Database (VPD). This restricts the values a database user can see to the allowed minimum. However, it doesn't help in regard of a connection pool user, because this one is still not the real user. Oracle Proxy Authentication Another feature of the Oracle database is Proxy Authentication. First introduced with version 9i it is a quite useful feature for nearly every situation. The main idea behind Proxy Authentication is, to create a crippled database user who has only connect rights. Even if this user is compromised the risks are well understood and fairly limited. This user can be used in every situation in which you need to connect to the database, no matter which tool or application (see above) you use.The proxy user is perfect for multi-tier connection pools. CREATE USER app_user IDENTIFIED BY abcd1234; GRANT CREATE SESSION TO app_user; But what if you need to access real data? Well, this is the primary use case, isn't it? Now is the time to bring the application's role concept into play. You define database roles that define the grants for your identified user groups. Once you have these groups you grant access through the proxy user with the application role to the specific user. CREATE ROLE app_role_a; GRANT app_role_a TO scott; ALTER USER scott GRANT CONNECT THROUGH app_user WITH ROLE app_role_a; Now, hr has permission to connect to the database through the proxy user. Through the role you can restrict the hr's rights the are needed for the application only. If hr connects to the database directly all assigned role and permissions apply. Testing the Setup To test the setup you can use SQL*Plus and connect to your database: $ sqlplus app_user[hr]/abcd1234 Java Persistence API The Java Persistence API (JPA) is a fairly easy means to build applications that retrieve data from the database and put it into Java objects. You use plain old Java objects (POJOs) and mixin some Java annotations that define how the attributes of the object are used for storing data from the database into the Java object. Here is a sample for objects from the HR sample schema EMPLOYEES table. When using Java annotations you only specify what can not be deduced from the code. If your Java class name is Employee but the table name is EMPLOYEES, you need to specify the table name, otherwise it will fail. package demo.proxy.ejb; import java.io.Serializable; import java.sql.Timestamp; import java.util.List; import javax.persistence.Column; import javax.persistence.Entity; import javax.persistence.Id; import javax.persistence.JoinColumn; import javax.persistence.ManyToOne; import javax.persistence.NamedQueries; import javax.persistence.NamedQuery; import javax.persistence.OneToMany; import javax.persistence.Table; @Entity @NamedQueries({ @NamedQuery(name = "Employee.findAll", query = "select o from Employee o") }) @Table(name = "EMPLOYEES") public class Employee implements Serializable { @Column(name="COMMISSION_PCT") private Double commissionPct; @Column(name="DEPARTMENT_ID") private Long departmentId; @Column(nullable = false, unique = true, length = 25) private String email; @Id @Column(name="EMPLOYEE_ID", nullable = false) private Long employeeId; @Column(name="FIRST_NAME", length = 20) private String firstName; @Column(name="HIRE_DATE", nullable = false) private Timestamp hireDate; @Column(name="JOB_ID", nullable = false, length = 10) private String jobId; @Column(name="LAST_NAME", nullable = false, length = 25) private String lastName; @Column(name="PHONE_NUMBER", length = 20) private String phoneNumber; private Double salary; @ManyToOne @JoinColumn(name = "MANAGER_ID") private Employee employee; @OneToMany(mappedBy = "employee") private List employeeList; public Employee() { } public Employee(Double commissionPct, Long departmentId, String email, Long employeeId, String firstName, Timestamp hireDate, String jobId, String lastName, Employee employee, String phoneNumber, Double salary) { this.commissionPct = commissionPct; this.departmentId = departmentId; this.email = email; this.employeeId = employeeId; this.firstName = firstName; this.hireDate = hireDate; this.jobId = jobId; this.lastName = lastName; this.employee = employee; this.phoneNumber = phoneNumber; this.salary = salary; } public Double getCommissionPct() { return commissionPct; } public void setCommissionPct(Double commissionPct) { this.commissionPct = commissionPct; } public Long getDepartmentId() { return departmentId; } public void setDepartmentId(Long departmentId) { this.departmentId = departmentId; } public String getEmail() { return email; } public void setEmail(String email) { this.email = email; } public Long getEmployeeId() { return employeeId; } public void setEmployeeId(Long employeeId) { this.employeeId = employeeId; } public String getFirstName() { return firstName; } public void setFirstName(String firstName) { this.firstName = firstName; } public Timestamp getHireDate() { return hireDate; } public void setHireDate(Timestamp hireDate) { this.hireDate = hireDate; } public String getJobId() { return jobId; } public void setJobId(String jobId) { this.jobId = jobId; } public String getLastName() { return lastName; } public void setLastName(String lastName) { this.lastName = lastName; } public String getPhoneNumber() { return phoneNumber; } public void setPhoneNumber(String phoneNumber) { this.phoneNumber = phoneNumber; } public Double getSalary() { return salary; } public void setSalary(Double salary) { this.salary = salary; } public Employee getEmployee() { return employee; } public void setEmployee(Employee employee) { this.employee = employee; } public List getEmployeeList() { return employeeList; } public void setEmployeeList(List employeeList) { this.employeeList = employeeList; } public Employee addEmployee(Employee employee) { getEmployeeList().add(employee); employee.setEmployee(this); return employee; } public Employee removeEmployee(Employee employee) { getEmployeeList().remove(employee); employee.setEmployee(null); return employee; } } JPA could be used in standalone applications and Java EE containers. In both worlds you normally create a Facade to retrieve or store the values of the Entities to or from the database. The Facade does this via an EntityManager which will be injected by the Java EE container. Here is sample Facade Session Bean for a Java EE container. package demo.proxy.ejb; import java.util.HashMap; import java.util.List; import javax.ejb.Local; import javax.ejb.Remote; import javax.ejb.Stateless; import javax.persistence.EntityManager; import javax.persistence.PersistenceContext; import javax.persistence.Query; import javax.interceptor.AroundInvoke; import javax.interceptor.InvocationContext; import oracle.jdbc.driver.OracleConnection; import org.eclipse.persistence.config.EntityManagerProperties; import org.eclipse.persistence.internal.jpa.EntityManagerImpl; @Stateless(name = "DataFacade", mappedName = "ProxyUser-TestEJB-DataFacade") @Remote @Local public class DataFacadeBean implements DataFacade, DataFacadeLocal { @PersistenceContext(unitName = "TestEJB") private EntityManager em; private String username; public Object queryByRange(String jpqlStmt, int firstResult, int maxResults) { // setSessionUser(); Query query = em.createQuery(jpqlStmt); if (firstResult 0) { query = query.setFirstResult(firstResult); } if (maxResults 0) { query = query.setMaxResults(maxResults); } return query.getResultList(); } public Employee persistEmployee(Employee employee) { // setSessionUser(); em.persist(employee); return employee; } public Employee mergeEmployee(Employee employee) { // setSessionUser(); return em.merge(employee); } public void removeEmployee(Employee employee) { // setSessionUser(); employee = em.find(Employee.class, employee.getEmployeeId()); em.remove(employee); } /** select o from Employee o */ public List getEmployeeFindAll() { Query q = em.createNamedQuery("Employee.findAll"); return q.getResultList(); } Putting Both Together To use Proxy Authentication with JPA and within a Java EE container you have to take care of the additional requirements: Use an OCI JDBC driver Provide the user name that connects through the proxy user Use an OCI JDBC driver To use the OCI JDBC driver you need to set up your JDBC data source file to use the correct JDBC URL. hr jdbc:oracle:oci8:@(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=localhost)(PORT=1521))(CONNECT_DATA=(SID=XE))) oracle.jdbc.OracleDriver user app_user 62C32F70E98297522AD97E15439FAC0E SQL SELECT 1 FROM DUAL jdbc/hrDS Application Additionally you need to make sure that the version of the shared libraries of the OCI driver match the version of the JDBC driver in your Java EE container or Java application and are within your PATH (on Windows) or LD_LIBRARY_PATH (on most Unix-based systems). Installing the Oracle Database Instance Client software works perfectly. Provide the user name that connects through the proxy user This part needs some modification of your application software and session facade. Session Facade Changes In the Session Facade we must ensure that every call that goes through the EntityManager must be prepared correctly and uniquely assigned to this session. The second is really important, as the EntityManager works with a connection pool and can not guarantee that we set the proxy user on the connection that will be used for the database activities. To avoid changing every method call of the Session Facade we provide a method to set the username of the user that connects through the proxy user. This method needs to be called by the Facade client bfore doing anything else. public void setUsername(String name) { username = name; } Next we provide a means to instruct the TopLink EntityManager Delegate to use Oracle Proxy Authentication. (I love small helper methods to hide the nitty-gritty details and avoid repeating myself.) private void setSessionUser() { setSessionUser(username); } private void setSessionUser(String user) { if (user != null && !user.isEmpty()) { EntityManagerImpl emDelegate = ((EntityManagerImpl)em.getDelegate()); emDelegate.setProperty(EntityManagerProperties.ORACLE_PROXY_TYPE, OracleConnection.PROXYTYPE_USER_NAME); emDelegate.setProperty(OracleConnection.PROXY_USER_NAME, user); emDelegate.setProperty(EntityManagerProperties.EXCLUSIVE_CONNECTION_MODE, "Always"); } } The final step is use the EJB 3.0 AroundInvoke interceptor. This interceptor will be called around every method invocation. We therefore check whether the Facade methods will be called or not. If so, we set the user for proxy authentication and the normal method flow continues. @AroundInvoke public Object proxyInterceptor(InvocationContext invocationCtx) throws Exception { if (invocationCtx.getTarget() instanceof DataFacadeBean) { setSessionUser(); } return invocationCtx.proceed(); } Benefits Using Oracle Proxy Authentification has a number of additional benefits appart from implementing the role model of your application: Fine grained access control for temporary users of the account, without compromising the original password. Enabling database auditing and logging. Better identification of performance bottlenecks. References Effective Oracle Database 10g Security by Design, David Knox TopLink Developer's Guide, Chapter 98

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 77 78 79 80 81 82 83 84 85 86 87 88  | Next Page >