Search Results

Search found 13256 results on 531 pages for 'password policy'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 82/531 | < Previous Page | 78 79 80 81 82 83 84 85 86 87 88 89  | Next Page >

  • Temp file that exists only in RAM?

    - by Auraomega
    I'm trying to write an encrpytion using the OTP method. In keeping with the security theories I need the plain text documents to be stored only in memory and never ever written to a physical drive. The tmpnam command appears to be what I need, but from what I can see it saves the file on the disk and not the RAM. Using C++ is there any (platform independent) method that allows a file to exist only in RAM? I would like to avoid using a RAM disk method if possible. Thanks Edit: Thanks, its more just a learning thing for me, I'm new to encryption and just working through different methods, I don't actually plan on using many of them (esspecially OTP due to doubling the original file size because of the "pad"). If I'm totally honest, I'm a Linux user so ditching Windows wouldn't be too bad, I'm looking into using RAM disks for now as FUSE seems a bit overkill for a "learning" thing.

    Read the article

  • HTTP authentication logout via PHP

    - by Josef Sábl
    What is the correct way to log out of HTTP authentication protected folder? There are workarounds that can achieve this, but they are potentially dangerous because they can be buggy or don't work in certain situations / browsers. That is why I am looking for correct and clean solution.

    Read the article

  • secure from unauthorised access

    - by soclose
    Hi, Based on the user requirements, he wants to use our android application via pin code access like login whenever he starts to use this application. In Android or any mobile, most of the applications start again the last using layout. so which event should i call this login alertdialog to access each time users start to use it? Or let me know the better. Thank you.

    Read the article

  • Send post to a different domain using JS

    - by Lior
    Hello, I'd like a post request to be sent once a certain text input field is changed, using javascript. So here is my current code: <input name="message" onchange="$.ajax({type: \"POST\", url: \"http://example.com/example.php\", data: \"message=\" + document.getElementsByName(\"message\")[0].value});" /> Now, it's working on a regular connection, but it's not working on a secured connection (SSL). I mean, the page is secured, but the request is sent to a non secured page. Is there a solution?

    Read the article

  • How to solve JavaScript origin problem with an application and static file server

    - by recipriversexclusion
    In a system that I'm building I want to serve Static files (static HTML pages and a lot of images), and Dynamic XML generated by my servlet. The dynamic XML is generated from my database (through Hibernate) and I use Restlets to serve it in response to API calls. I want to create a static file server (e.g. Apache) so that this does not interfere with the dynamic server traffic. Currently both servers need to run on the same machine. I've never done something like this before and this is where I'm stuck: The static HTML pages contain JavaScript that makes API calls to the dynamic server. However, since the two servers operate on different ports, I get stuck with the same origin problem. How can this be solved? As a bonus, if you can point me to any resources that explain how to create such a static/dynamic content serving system, I'll be happy. Thanks!

    Read the article

  • Run intent DevicePolicyManager.ACTION_ADD_DEVICE_ADMIN from a service

    - by Zorb
    I have a service and I want the service promote to enable it as Device Admin, until now I launched this kind of UI interactions from the service like Intent intent2 = new Intent(); intent2.setFlags(Intent.FLAG_ACTIVITY_NEW_TASK); intent2.setAction(android.content.Intent.ACTION_VIEW); intent2.setDataAndType(uri, "application/vnd.android.package-archive"); context.startActivity(intent2); and it works, but with DevicePolicyManager I can't find the way: Intent intent = new Intent(DevicePolicyManager.ACTION_ADD_DEVICE_ADMIN); intent.setFlags(Intent.FLAG_ACTIVITY_NEW_TASK); intent.putExtra(DevicePolicyManager.EXTRA_DEVICE_ADMIN, mAdminName); intent.putExtra(DevicePolicyManager.EXTRA_ADD_EXPLANATION, "some text."); context.startActivity(intent); does't work: do not promote nothing but also do not crash. Without intent.setFlags(Intent.FLAG_ACTIVITY_NEW_TASK); It simply crash because this code is inside a tread inside a service. Ideas?

    Read the article

  • How can you ask a sensitive work question anonymously but still inform readers of your credibility a

    - by Rob
    I would like to request opinions about my career/situation at work with a software development project. I would like to ask anonymously or created a new stackoverflow.com account because I think I may be identified by co-workers at my employer since I have referred them to (non-sensititive) technical questions I have asked here. So they might know my account and be able to follow my activity. If I create a new account it will have no reputation and some readers may ignore it, for example, because they might think that the user only wishes to take ideas from here and not contribute, i.e. not a committed stackoverflow poster. What are your thoughts? (I do feel that it is appropriate to ask such pogramming career/situational questions here as many others have and there are some good questions -and answers and it seems that the stackoverflow community accepts such questions even thought the site's strict guidelines are for specific answers and not discussion, and non-subjective questions. And thank goodness that is the case - not all problems faced by programmers are about the craft but also the human factors around it - where else would folks go?)

    Read the article

  • Adobe Acrobat API - How to skip opening password protected PDFs?

    - by Ryan
    Hi all, I've been using Delphi and the Adobe Acrobat 9 API. I'm simply opening a PDF and printing it, followed by closing it without saving anything. I'm having an issue while opening some PDFs though. If the PDF is password protected the Open method displays Adobe's "Input password" prompt. My application is running in an automated fashion, and therefor cannot proceed beyond this password prompt until somebody clicks cancel. I've been looking for something that will either notify me that the file is password protected prior to opening it, or a parameter or something that will skip password protected files. I need my program to assume it cannot open any passworded PDF. Does anyone know enough about the Acrobat API to provide any assistance here? Thank you, Ryan

    Read the article

  • iFrames and Cookies

    - by Tom
    I have a site on A.com and an iframe on B.com which reads info from A.com. I realize that there is some problems with third party cookies, iframes and P3P - particularly in Safari [my problem] Is it possible to instead, use AJAX or a hidden iFrame to pass the cookie information from A.com to B.com which will then "recreate" another cookie with the same information on the iframe in B.com. I am trying to do this for authenication - i.e. a user is logged in on A.com and then goes to b.com and the iframe is also logged in ? I was hoping to perhaps pass the data in a hidden iframe and "recreate" the cookie in the iframe on B.com using JavaScript? Is this possible ? Security issues ? What about HTTPS?

    Read the article

  • htpasswd, secure specific files in zend framework

    - by AKFourSeven
    Hi I have been bashing my head against the wall with this riddle and cannot find the way to solve this. I would like to secure couple of files to restrict access to certain pages but my attempts so far are unsuccessful. I do not want to use Zend Auth as it is a very small web site doing simple stuff. Here is a sample of what I have done: AuthUserFile /path/to/my/.htpasswd AuthName "Admin Restriction" AuthType Basic <Files file.phtml> require valid-user </Files> Is there any way to achieve this ?

    Read the article

  • How do I retrieve and display html/asp/aspx page on different host using jQuery ajax?

    - by user717236
    I have an html page, which is a dynamically created asp/aspx page on http://host2.mydomain.com. I have no control over the html page. I cannot modify it in any such way. I cannot modify this page; so, setting document.domain is out of the question, unfortunately. I want to retrieve and display this page on http://host1.mydomain.com/page1.jsp using Ajax. FYI: host1 is being served by IIS 7 and Apache Tomcat (for JSP pages). And host2 is using IIS 7 and ASP. How can I retrieve this page using a Ajax POST request? Thank you.

    Read the article

  • What are some commonly used source code check-in policies?

    - by rwmnau
    I'm curious what code review policies other development shops apply to their source code when it's checked into the source control repository. I'm setting up a TFS (Team Foundation) server, and I'd like to apply some check-in policies to start to stamp out bad practices. For example, I was thinking of starting with the following couple, so this is the kind of stuff I'm looking for: Prohibit empty "Catch" blocks. This would prevent applications from swallowing any exceptions without at least requiring a comment explaining why it's not necessary to do anything with the exception. Prohibit "Catch ex as Exception" generic exception handling. Instead, require code to catch specific types of exceptions and deal with them appropriately, instead of just building catch-all handling. Require a check-in comment. This one should be self-explanatory, though it seems that TFS (and most other source-control systems) don't require a comment by default. While these are just examples, they're where I'm thinking of starting, and while I'd like some additional examples of what's popular, I'm open to feedback on these. Also, though we're a mostly .NET shop, I imagine the popular policies are universal across languages and IDEs (we have some Java development and a few people who will use the repository develop with Eclipse).

    Read the article

  • Can I grant explicit Javascript methods to a different-host iframe?

    - by Matchu
    I'm thinking about a system in which I allow users to create Javascript-empowered widgets for other users to embed in their dashboard on my website. I'd like to limit these widgets fairly strictly, so each would exist as an iframe kept on its own unique hostname: the widget with ID #47 would be accessible at w47.widgets.example.com, for example. It would be helpful, for permission-granting dialogs and the like, to allow the widget to call very specific methods explicitly granted by the parent window, without authorizing the iframe to do whatever it likes with the parent frame on the user's behalf. Is it possible for a parent document to explicitly allow certain method calls to a child document on a different host?

    Read the article

  • Flask Admin didn't show all fields

    - by twoface88
    I have model like this: class User(db.Model): __tablename__ = 'users' __table_args__ = {'mysql_engine' : 'InnoDB', 'mysql_charset' : 'utf8'} id = db.Column(db.Integer, primary_key=True) username = db.Column(db.String(80), unique=True) email = db.Column(db.String(120), unique=True) _password = db.Column('password', db.String(80)) def __init__(self, username = None, email = None, password = None): self.username = username self.email = email self._set_password(password) def _set_password(self, password): self._password = generate_password_hash(password) def _get_password(self): return self._password def check_password(self, password): return check_password_hash(self._password, password) password = db.synonym("_password", descriptor=property(_get_password, _set_password)) def __repr__(self): return '<User %r>' % self.username I have ModelView: class UserAdmin(sqlamodel.ModelView): searchable_columns = ('username', 'email') excluded_list_columns = ['password'] list_columns = ('username', 'email') form_columns = ('username', 'email', 'password') But no matter what i do, flask admin didn't show password field when i'm editing user info. Is there any way ? Even just to edit hash code. UPDATE: https://github.com/mrjoes/flask-admin/issues/78

    Read the article

  • Section of website to be protected by a login

    - by shane
    I have a section of my website where I will have forms. I only want people who have registered with the site to be able to use these forms so that I only have serious customers using them. So what i want to have is a way that people can register on the site and once registered the area with the forms will be available to them and I will know who has sent me a form etc.

    Read the article

  • Android Device Management

    - by Jon Hopkins
    I'm looking at the possibility of using Android as a secure corporate mobile platform. One of the pre-requisites for this will be a way of managing multiple devices, security policies, software deployment, that sort of thing - essentially the things the BlackBerry Enterprise Server handles for BlackBerry or MDM (or something 3rd party like SOTI) handles for Windows Mobile. Does such a thing exist for Android? It's a platform we're interested in but without this right now (and we're not in a position to build it ourselves) it's a non-starter.

    Read the article

  • Policies Array Class-Design wrapper

    - by PT
    Hi, i want to write an wrapper for different Array Classes with different Policies. For example: typedef ArrayType<useValArray,StdAllocator> Array; // one global assignment I want to use the class like a blitz++ Array for example: Array<double,2> x(2,2); //maps the Array to an Valarray or to a Blitz++ Array Array<double,2> x2(5,6); is this Posible? Which technics i need to realise that?

    Read the article

  • iPhone / ios development - best way to check if password is secure enough?

    - by Pranoy C
    what is the best way to check the strength of a password in iOS development? I came across this post: What is the best way to check the strength of a password? but this is not iOS specific. My question is - Does Apple or third party libraries provide any libraries by default which I can use to check if the user entered a secure password? If not, then as the above post says, is using regular expressions the best way? Does Apple have any requirements which our app needs to implement to make sure user has a secure password? I am planning on using the keychain to store the password.

    Read the article

  • Thread placement policies on NUMA systems - update

    - by Dave
    In a prior blog entry I noted that Solaris used a "maximum dispersal" placement policy to assign nascent threads to their initial processors. The general idea is that threads should be placed as far away from each other as possible in the resource topology in order to reduce resource contention between concurrently running threads. This policy assumes that resource contention -- pipelines, memory channel contention, destructive interference in the shared caches, etc -- will likely outweigh (a) any potential communication benefits we might achieve by packing our threads more densely onto a subset of the NUMA nodes, and (b) benefits of NUMA affinity between memory allocated by one thread and accessed by other threads. We want our threads spread widely over the system and not packed together. Conceptually, when placing a new thread, the kernel picks the least loaded node NUMA node (the node with lowest aggregate load average), and then the least loaded core on that node, etc. Furthermore, the kernel places threads onto resources -- sockets, cores, pipelines, etc -- without regard to the thread's process membership. That is, initial placement is process-agnostic. Keep reading, though. This description is incorrect. On Solaris 10 on a SPARC T5440 with 4 x T2+ NUMA nodes, if the system is otherwise unloaded and we launch a process that creates 20 compute-bound concurrent threads, then typically we'll see a perfect balance with 5 threads on each node. We see similar behavior on an 8-node x86 x4800 system, where each node has 8 cores and each core is 2-way hyperthreaded. So far so good; this behavior seems in agreement with the policy I described in the 1st paragraph. I recently tried the same experiment on a 4-node T4-4 running Solaris 11. Both the T5440 and T4-4 are 4-node systems that expose 256 logical thread contexts. To my surprise, all 20 threads were placed onto just one NUMA node while the other 3 nodes remained completely idle. I checked the usual suspects such as processor sets inadvertently left around by colleagues, processors left offline, and power management policies, but the system was configured normally. I then launched multiple concurrent instances of the process, and, interestingly, all the threads from the 1st process landed on one node, all the threads from the 2nd process landed on another node, and so on. This happened even if I interleaved thread creating between the processes, so I was relatively sure the effect didn't related to thread creation time, but rather that placement was a function of process membership. I this point I consulted the Solaris sources and talked with folks in the Solaris group. The new Solaris 11 behavior is intentional. The kernel is no longer using a simple maximum dispersal policy, and thread placement is process membership-aware. Now, even if other nodes are completely unloaded, the kernel will still try to pack new threads onto the home lgroup (socket) of the primordial thread until the load average of that node reaches 50%, after which it will pick the next least loaded node as the process's new favorite node for placement. On the T4-4 we have 64 logical thread contexts (strands) per socket (lgroup), so if we launch 48 concurrent threads we will find 32 placed on one node and 16 on some other node. If we launch 64 threads we'll find 32 and 32. That means we can end up with our threads clustered on a small subset of the nodes in a way that's quite different that what we've seen on Solaris 10. So we have a policy that allows process-aware packing but reverts to spreading threads onto other nodes if a node becomes too saturated. It turns out this policy was enabled in Solaris 10, but certain bugs suppressed the mixed packing/spreading behavior. There are configuration variables in /etc/system that allow us to dial the affinity between nascent threads and their primordial thread up and down: see lgrp_expand_proc_thresh, specifically. In the OpenSolaris source code the key routine is mpo_update_tunables(). This method reads the /etc/system variables and sets up some global variables that will subsequently be used by the dispatcher, which calls lgrp_choose() in lgrp.c to place nascent threads. Lgrp_expand_proc_thresh controls how loaded an lgroup must be before we'll consider homing a process's threads to another lgroup. Tune this value lower to have it spread your process's threads out more. To recap, the 'new' policy is as follows. Threads from the same process are packed onto a subset of the strands of a socket (50% for T-series). Once that socket reaches the 50% threshold the kernel then picks another preferred socket for that process. Threads from unrelated processes are spread across sockets. More precisely, different processes may have different preferred sockets (lgroups). Beware that I've simplified and elided details for the purposes of explication. The truth is in the code. Remarks: It's worth noting that initial thread placement is just that. If there's a gross imbalance between the load on different nodes then the kernel will migrate threads to achieve a better and more even distribution over the set of available nodes. Once a thread runs and gains some affinity for a node, however, it becomes "stickier" under the assumption that the thread has residual cache residency on that node, and that memory allocated by that thread resides on that node given the default "first-touch" page-level NUMA allocation policy. Exactly how the various policies interact and which have precedence under what circumstances could the topic of a future blog entry. The scheduler is work-conserving. The x4800 mentioned above is an interesting system. Each of the 8 sockets houses an Intel 7500-series processor. Each processor has 3 coherent QPI links and the system is arranged as a glueless 8-socket twisted ladder "mobius" topology. Nodes are either 1 or 2 hops distant over the QPI links. As an aside the mapping of logical CPUIDs to physical resources is rather interesting on Solaris/x4800. On SPARC/Solaris the CPUID layout is strictly geographic, with the highest order bits identifying the socket, the next lower bits identifying the core within that socket, following by the pipeline (if present) and finally the logical thread context ("strand") on the core. But on Solaris on the x4800 the CPUID layout is as follows. [6:6] identifies the hyperthread on a core; bits [5:3] identify the socket, or package in Intel terminology; bits [2:0] identify the core within a socket. Such low-level details should be of interest only if you're binding threads -- a bad idea, the kernel typically handles placement best -- or if you're writing NUMA-aware code that's aware of the ambient placement and makes decisions accordingly. Solaris introduced the so-called critical-threads mechanism, which is expressed by putting a thread into the FX scheduling class at priority 60. The critical-threads mechanism applies to placement on cores, not on sockets, however. That is, it's an intra-socket policy, not an inter-socket policy. Solaris 11 introduces the Power Aware Dispatcher (PAD) which packs threads instead of spreading them out in an attempt to be able to keep sockets or cores at lower power levels. Maximum dispersal may be good for performance but is anathema to power management. PAD is off by default, but power management polices constitute yet another confounding factor with respect to scheduling and dispatching. If your threads communicate heavily -- one thread reads cache lines last written by some other thread -- then the new dense packing policy may improve performance by reducing traffic on the coherent interconnect. On the other hand if your threads in your process communicate rarely, then it's possible the new packing policy might result on contention on shared computing resources. Unfortunately there's no simple litmus test that says whether packing or spreading is optimal in a given situation. The answer varies by system load, application, number of threads, and platform hardware characteristics. Currently we don't have the necessary tools and sensoria to decide at runtime, so we're reduced to an empirical approach where we run trials and try to decide on a placement policy. The situation is quite frustrating. Relatedly, it's often hard to determine just the right level of concurrency to optimize throughput. (Understanding constructive vs destructive interference in the shared caches would be a good start. We could augment the lines with a small tag field indicating which strand last installed or accessed a line. Given that, we could augment the CPU with performance counters for misses where a thread evicts a line it installed vs misses where a thread displaces a line installed by some other thread.)

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 78 79 80 81 82 83 84 85 86 87 88 89  | Next Page >