Search Results

Search found 32181 results on 1288 pages for 'j security check'.

Page 84/1288 | < Previous Page | 80 81 82 83 84 85 86 87 88 89 90 91  | Next Page >

• Windows telling me, the local security authority is internally inconsistent upon mounting a network drive

  - by acme

  Since ages I've mounted a network share (via samba to a Linux machine) in Windows 7 to access it via drive letter. This worked flawlessly so far. Until now. Suddenly I couldn't access the drive anymore. Windows was telling me the network name (I didn't remember the exact term) was already in use. So I disconnected and tried to connect again: net use Y: \\10.10.10.208\work After a long time I get a message saying "The Local Security Authority (LSA) database contains an internal inconsistency" A restart didn't help. The mapped share is accessible (works on other machines in the same network), so obviously something strange is going on on my machine. Can anyone tell me how I can fix this inconsistency? Update: All machines that have saved the login information refuse with this error. So it must be something with the authorization. When I use net use Y: \\10.10.10.208\work /user:raphael it prompts me for the password and then returns that error message.

  Read the article

• Check for updates of a specific Debian package list

  - by Erwan Queffélec

  The setup I run a Debian Squeeze host that I use to build a multilanguage project (python, java, php...) and generate custom packages (debian and RPM) automatically (through jenkins) The problem The target distributions of those Debian packages are Etch, Lenny and Squeeze. But our project has some native dependencies that are available only through the DebianRelease + 1 repository (i.e Lenny + 1 == Squeeze, Squeeze + 1 == Wheezy). We for example, need the jetty packages from Squeeze in Lenny, and the cyrus-imapd-2.4 packages from Wheezy in Squeeze. Some additional info : Some package we can simply 'backport by hand' by mirroring the DebianRelease + 1 packages to our own repositories. For instance, the jetty package from Squeeze will run fine on Lenny because it doesn't need an s**tload of additional dependencies However we do need to rebuild some packages. For instance, cyrus-imapd-2.4 from Wheezy has a lot of unsatisfied dependencies on Squeeze. So we need to rebuild it in Squeeze and then upload it to our repo. The question I need to have a simple way of knowing if they are any updates on those extra packages (both "normal" and "security" updates). I could write a simple script that runs weekly, get some parameters from a file, and generate an update report. Let's say the file looks like this: jetty:squeeze cyrus-imapd-2.4:wheezy The script should run as normal user not to mess up the system apt configuration and issue the appropriate commands to generate that report. Does Debian has some built-in apt-* commands/options dedicated to that kind of problem I could use to write this script ? If not, can someone think of another clean solution to achieve what I need ?

  Read the article

• Load Testing a Security/Gateway Appliance

  - by Joel Coel

  In a couple weeks I will load testing a security/gateway appliance. We're a small residential college, and that "residential" means the traffic moving through the appliance is a bit like the Wild West. We have everything from Facebook to World of Warcraft, BitTorrent to Netflix, or Halo to YouTube... basically anything you might find in the home of a high-school or college aged person. Somewhere in there some real academic work gets done as well. We rely on our current appliance for traffic shaping, antivirus, malware filtering, intrusion detection on our servers, logging and abuse reporting, and even some content filtering. All this puts a decent load when we have students around, and I'm concerned about the ability of the new candidate to keep up. On paper it should handle things, but I'm worried. Prior experience is that vendors greatly over-report what an appliance can handle. The product also includes a licensed session limit, and I'm also worried that just a few misbehaving students could unwittingly bring us to that limit and cause service disruptions. I need to know this will work for our campus in order to commit to it. Going a performance level higher in that product takes the pricing way out of line with what we expect and have done in the past. What I need is a good way to load test this guy. My problem is that our current level of summer traffic is less than one percent of what it will be when students come back just six weeks from now. Any ideas on how to really stress this thing and see what it can do, in a way that will give me some clear ideas o. How that will scale for our campus? For the curious, I'm looking at a Watchguard 515, but it could be anything. If I were evaluating a competitor, I'd ask the same question.

  Read the article

• /etc/security/limits.conf for setting program limits in Linux

  - by Flavius Akerele

  I have the following inside /etc/security/limits.conf (I have specified root separately because * will not include it.) user2 - core unlimited * - core 0 root - core 0 * - rss 512000 root - rss 512000 * - nproc 100 root - nproc 100 * - maxlogins 1 root - maxlogins 1 I run a program as user2 (./programname) but /proc/3498/limits says cores are disabled: Limit Soft Limit Hard Limit Units Max cpu time unlimited unlimited seconds Max file size unlimited unlimited bytes Max data size unlimited unlimited bytes Max stack size 8388608 unlimited bytes Max core file size 0 0 bytes Max resident set 524288000 524288000 bytes Max processes 100 100 processes Max open files 1024 1024 files Max locked memory 65536 65536 bytes Max address space unlimited unlimited bytes Max file locks unlimited unlimited locks Max pending signals 14001 14001 signals Max msgqueue size 819200 819200 bytes Max nice priority 0 0 Max realtime priority 0 0 Max realtime timeout unlimited unlimited us Both ulimit -Sa and ulimit -Ha output that cores are disabled: core file size (blocks, -c) 0 data seg size (kbytes, -d) unlimited scheduling priority (-e) 0 file size (blocks, -f) unlimited pending signals (-i) 14001 max locked memory (kbytes, -l) 64 max memory size (kbytes, -m) 512000 open files (-n) 1024 pipe size (512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 real-time priority (-r) 0 stack size (kbytes, -s) unlimited cpu time (seconds, -t) unlimited max user processes (-u) 100 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited Why are cores disabled ?

  Read the article

• /etc/security/limits.conf for setting program limits in Linux

  - by Flavius Akerele

  I have the following inside /etc/security/limits.conf (I have specified root separately because * will not include it.) user2 - core unlimited * - core 0 root - core 0 * - rss 512000 root - rss 512000 * - nproc 100 root - nproc 100 * - maxlogins 1 root - maxlogins 1 I run a program as user2 (./programname) but /proc/3498/limits says cores are disabled: Limit Soft Limit Hard Limit Units Max cpu time unlimited unlimited seconds Max file size unlimited unlimited bytes Max data size unlimited unlimited bytes Max stack size 8388608 unlimited bytes Max core file size 0 0 bytes Max resident set 524288000 524288000 bytes Max processes 100 100 processes Max open files 1024 1024 files Max locked memory 65536 65536 bytes Max address space unlimited unlimited bytes Max file locks unlimited unlimited locks Max pending signals 14001 14001 signals Max msgqueue size 819200 819200 bytes Max nice priority 0 0 Max realtime priority 0 0 Max realtime timeout unlimited unlimited us Both ulimit -Sa and ulimit -Ha output that cores are disabled: core file size (blocks, -c) 0 data seg size (kbytes, -d) unlimited scheduling priority (-e) 0 file size (blocks, -f) unlimited pending signals (-i) 14001 max locked memory (kbytes, -l) 64 max memory size (kbytes, -m) 512000 open files (-n) 1024 pipe size (512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 real-time priority (-r) 0 stack size (kbytes, -s) unlimited cpu time (seconds, -t) unlimited max user processes (-u) 100 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited Why are cores disabled ?

  Read the article

• Notebook Operating System with extreme support cycles/security updates

  - by leto

  Hello there, after reading the announcements about Mac OS X "Lion" and Apples political decision, I've had enough. I'm a longtime Apple User since 1992, have always felt at home there, but am trying to switch to alternative Operating System since a year. I've also been working with Unix machines since 2001, so I'm looking in one of the free Unices or a Linux. Since I last looked at the desktop in 2002 choke much has changed, it seems. So I'm lost once more in the war between desktop environments and software. To be honest: I don't care what it's name is, I want to get my job done. Here's what I set me as landmark for an operating system/software to be considered: Has to be atleast four years old Has to supply security updates for current release for atleast a year Production quality stability for the whole desktop environment (!) No f****g commercial stuff that tends to supply me with privacy invading App Store or Cloud space So far I'm running a MacBook from 2007, 4 Gig memory, 250 Gig disk and I need: IMAPs for Mail since 1995 Webbrowser sic Shell Keeping current with Updates/Upgrades with no more than 5 Minutes spent in entering commands (makes it hard for OpenBSD ;-) ) A desktop filemanger would be nice, but is a bonus. What can you suggest as operating system? The one with the longest support cycles and best chance to survive the next 10 years will win a new user, even sending patches when needed :-) Greets

  Read the article

• samba joined to AD canot see users when in the security tab on client

  - by Jonathan

  I've got samba joined via kerberos and winbindd to our AD network and user authentication and everything else is working great. However when I try to add users/groups to file permissions it tells me they are not found. All the users groups show up fine with getent so I'm not sure why they are not showing up. Here is my smb.conf and I would much appreciate any help with this. #GLOBAL PARAMETERS [global] socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE SO_RCVBUF=11264 SO_SNDBUF=11264 workgroup = [hidden] realm = [hidden] preferred master = no server string = xerxes web/file server security = ADS encrypt passwords = yes log level = 3 log file = /var/log/samba/%m max log size = 50 printcap name = cups printing = cups winbind enum users = Yes winbind enum groups = Yes winbind use default domain = Yes winbind nested groups = Yes winbind separator = + winbind refresh tickets = yes idmap uid = 1600-20000 idmap gid = 1600-20000 template primary group = "Domain Users" template shell = /bin/bash kerberos method = system keytab nt acl support = yes [homes] comment = Home Direcotries valid users = %S read only = No browseable = No create mask = 0770 directory mask = 0770 force create mode = 0660 force directory mode = 2770 inherit owner = no [test] comment = Test path=/mnt/test writeable=yes valid users = %s create mask = 0770 directory mask = 0770 force create mode = 0660 force directory mode = 2770 inherit owner = no [printers] comment = All Printers path = /var/spool/cups browseable = no printable = yes

  Read the article

• "Security Warning" comes up when I run via another program

  - by Alexander Bird

  If I execute vmmap from the command line it works fine. However, if I call some other program and pass vmmap as a paramater for this other program to start the execution, then I get this "security error" popup -- which makes it hard to automate scripts. In other words, I want to wrap vmmap via another program. In my case, I want to wrap vmmap via another program because whenever vmmap runs, it will bring a window up momentarily and then disappear. So I try passing vmmap as an argument to another program which will start the program "headlessly". I tried this program and this program, and in both cases I get the same popup which defeats the purpose of automation. Why does this happen when the program isn't run directly? Does anyone know the internals of what this warning is? And, utlimately, is there a way to stop this from happening, but only for this instance? I don't want to disable this warning-system on my whole computer. EDIT: I am using Windows Server 2003, and I don't necessarily need solutions for other platforms, but I would like to know what they are if they are platform-dependent solutions.

  Read the article

• Additional Security Measures for Syslog over SSH

  - by Eric

  I'm currently working on setting up some secure syslog connections between a few Fedora servers. This is my currently setup 192.168.56.110 (syslog-server) <---- 192.168.57.110 (syslog-agent) From the agent, I am running this command: ssh -fnNTx -L 1514:127.0.0.1:514 [email protected] This works just fine. I have rsyslog on the syslog-agent pointing to @@127.0.0.1:1514 and it forwards everything to the server correctly on port 514 via the tunnel. My issue is, I want to be able to lock this down. I am going to use ssh keys so this is automated because there will be multiple agents talking to the server. Here are my concerns. Someone getting on the syslog-agent and logging into the server directly. I have taken care of this by ensuring that syslog_user has a shell of /sbin/nologin so that user can't get a shell at all. I don't want someone to be able to tunnel another port over ssh. Ex. - 6666:127.0.0.1:21. I know my first line of defense against this is to just not have anything listening on those ports and it's not an issue. However I want to be able to lock this down somehow. Are there any sshd_config settings on the server that I can use to make it where only port 514 can be tunneled over ssh? Are there any other major security concerns I'm overlooking at this point? Thanks in advance for your help/comments.

  Read the article

• Server 2008 R2 & Domain Trusts - Attempt to Compromise Security

  - by SnAzBaZ

  We have two separate Active Directory domains; EUROPE and US. There is a two way trust between the domains / forests. I have a group of users called "USA Staff" that have access to certain shares on servers in the EUROPE domain and a group called "EUROPE Staff" which have access to shares in the USA domain. Recently the USA PDC was upgraded to Windows Server 2008 R2. Now when I try to access a share on a USA server from a Windows 7 workstation in the EUROPE domain I get the "Please enter your username / password" dialog box appear, with a message at the bottom: "The system has detected a possible attempt to compromise security." When I enter a username / password for a user in the USA domain, I can then access the network resource. Entering credentials for a EUROPE user however does not give me access, even though my NTFS and Share permissions are set to allow that. Windows Server 2003 / Windows Server 2008 did not have this problem, it seems to be unique to R2. I found KB938457 and opened up port 88 on the Server 2008 R2 firewall but it did not make any difference. Any other suggestions as to what to turn off in R2 to get this working again ? Thanks

  Read the article

• Windows 7 - ignore security when reading external drive

  - by w-

  hi, My system hard drive on an XP computer kind of failed (random corrupt sectors). So i got a new harddrive and am trying to recover the files. The filesystem is NTFS. The system i'm trying to use when recovering the files is Windows 7. I'm obviously an admin on this box. The last data i'm trying to recover is stuff in the Documents and Settings folder. I'm using a SATA to a USB cable thingy so that I just plug it in as an External Hard Drive. The problem: In Windows Explorer when i try to copy the data, I keep getting prompted with Security warnings and error messages. It keeps telling me i have to change the owner permissions of the folder and all it's contents. If i tell it to change all the files and folder permissions it takes a really long time because it has to recurse through all the folder contents to change the permissions. Is there a way for me to ignore the file permissions when doing this? thanks

  Read the article

• Drive security settings in Windows 8 Pro

  - by Donotalo

  My PC OS is Windows 8 Pro x64. Windows 8 seems confusing. D:\ drive is supposed to be used solely by a single user, who is in Users group of the PC. The requirement is... that user will have full control of D drive. Admins will have full control of D drive. All other users can only list drive contents. No file could be opened. My account is admin account. From D drive's property Security tab, I've set the following: Allow "List folder contents" for Authenticated Users group. Allow "Full control" for SYSTEM. Allow "Full control" to specific user, who's supposed to use the drive. Allow "Full control" for Administrators group of the computer. Allow "List folder contents" for Users group. After setting this up, the specific user have full control of D drive. No other user can open any file on D drive. But though my account is an admin account, no file on D drive could be opened from my account! Why is this happening and how files can be opened from my account? Note: All accounts in this PC are local accounts.

  Read the article

• validate weblogic security realm user through java

  - by user1877246

  i have installed weblogic '10.3.4.0' and have created a user in the default security realm 'myrealm'. The authenticator is DefaultAuthenticator. Now, I have to authenticate the user through a stand alone java application. But the application is resposning with 'LDAP: error code 49 - Invalid Credentials': CODE-START ** Properties l_props = new Properties(); LdapContext l_ctx = null; l_props.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); l_props.put(Context.PROVIDER_URL, "ldap://localhost:7001"); l_props.put(Context.SECURITY_AUTHENTICATION, "simple"); l_props.put(Context.SECURITY_PRINCIPAL, "cn=username"); l_props.put(Context.SECURITY_CREDENTIALS, "password"); l_ctx = new InitialLdapContext(l_props, null); ** CODE-END ** * ERROR-START * javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid Credentials] at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3041) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2987) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2789) at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2703) at com.sun.jndi.ldap.LdapCtx.(LdapCtx.java:293) at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175) at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193) at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136) at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66) at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667) at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288) at javax.naming.InitialContext.init(InitialContext.java:223) at javax.naming.ldap.InitialLdapContext.(InitialLdapContext.java:134) at com.iflex.fcat.misc.TestLDAP.createInitialLdapContext(TestLDAP.java:258) at com.iflex.fcat.misc.TestLDAP.authenticate(TestLDAP.java:170) at com.iflex.fcat.misc.TestLDAP.main(TestLDAP.java:125) ERROR-END

  Read the article

• RepositoryItemCheckEdit to get value

  - by cstan

  Hi I have a GridView that has a column with RepositoryItemCheckEdit as ColumnEdit. I want to go get the value "True" and "False" once user click on the check box. what event should i use and how to i get the value. please if anyone can help is urgent.

  Read the article

• Ajax in UserControl

  - by nader

  Hi i have a signup page and i want to check username exists or not with ajax <%@ Control Language="C#" AutoEventWireup="true" CodeFile="Simple.ascx.cs" Inherits="UserControls_Simple" %> ??? ??????: ???? ???? i eant to show label if user exists how can i do that? tnx

  Read the article

• Checking if subfolders exist linux

  - by laura

  I'm trying to check if a folder has any subfolders without iterating through its children, in Linux. The closest I've found so far is using ftw and stopping at the first subfolder - or using scandir and filtering through the results. Both, are, however, an overkill for my purposes, I simply want a yes/no. On Windows, this is done by calling SHGetFileInfo and then testing dwAttributes & SFGAO_HASSUBFOLDER on the returned structure. Is there such an option on Linux?

  Read the article

• SQL Server Constraints Across Tables

  - by chama

  I have a SQL Server database with an Apartment table (which has columns FloorNum and BuildingID) and an ApartmentBuilding table (with column NumFloors). Is there any way to set up a constraint (using the SQL Server UI) to check that Apartment.FloorNum is greater than ApartmentBuilding.NumFloors? I tried this: FloorNum > ApartmentBuilding.NumFloors but now I realize that I somehow have to join the columns on the BuildingID, but I have no idea how to do that within a constraint. Thanks for your help!

  Read the article

• Ensure Oracle row represents a unique timespan

  - by Dan F.

  I have to make a process in Oracle/PLSQL. I have to verify that the interval of time between start_date and end_date from a new row that I create must not intersect other start_dates and end_dates from other rows. Now I need to check each row for that condition and if it doesn't correspond the repetitive instruction should stop and after that to display a message such as "The interval of time given is not correct". I don't know how to make repetitive instructions in Oracle/PLSQL and I would appreciate if you would help me.

  Read the article

• What happened to the CSS Checker tool?

  - by Kyle Sevenoaks

  I used it before, and was reminded of it when someone asked about a tool to strip unsused CSS from a stylsheet. I went back to the link, but it's gone, what happened to it? Is it gone forever or does anyone know of a backup? Or a similar tool that can still check your CSS against the HTML and strip orphan CSS. Thanks. Link (to broken site for reference).

  Read the article

• How to best transfer large payloads of data using wsHttp with WCF with message security

  - by jpierson

  I have a case where I need to transfer large amounts of serialized object graphs (via NetDataContractSerializer) using WCF using wsHttp. I'm using message security and would like to continue to do so. Using this setup I would like to transfer serialized object graph which can sometimes approach around 300MB or so but when I try to do so I've started seeing a exception of type System.InsufficientMemoryException appear. After a little research it appears that by default in WCF that a result to a service call is contained within a single message by default which contains the serialized data and this data is buffered by default on the server until the whole message is completely written. Thus the memory exception is being caused by the fact that the server is running out of memory resources that it is allowed to allocate because that buffer is full. The two main recommendations that I've come across are to use streaming or chunking to solve this problem however it is not clear to me what that involves and whether either solution is possible with my current setup (wsHttp/NetDataContractSerializer/Message Security). So far I understand that to use streaming message security would not work because message encryption and decryption need to work on the whole set of data and not a partial message. Chunking however sounds like it might be possible however it is not clear to me how it would be done with the other constraints that I've listed. If anybody could offer some guidance on what solutions are available and how to go about implementing it I would greatly appreciate it. Related resources: Chunking Channel How to: Enable Streaming Large attachments over WCF Custom Message Encoder Another spotting of InsufficientMemoryException I'm also interested in any type of compression that could be done on this data but it looks like I would probably be best off doing this at the transport level once I can transition into .NET 4.0 so that the client will automatically support the gzip headers if I understand this properly.

  Read the article

• Missing Password check

  - by AAA

  I am using the code below, it checks for empty fields and verifies email, but even if the password is correct it won't login. the password has been inserted with md5 protection, below is the code. I am new to this so please bare with me. Thanks! PHP: session_start(); //Checks if there is a login cookie if(isset($_COOKIE['ID_my_site'])) //if there is, it logs you in and directes you to the members page { $email = $_COOKIE['ID_my_site']; $pass = $_COOKIE['Key_my_site']; $check = mysql_query("SELECT * FROM accounts WHERE email = '$email'")or die(mysql_error()); while($info = mysql_fetch_array( $check )) { if ($pass != $info['password']) { } else { header("Location: home.php"); } } } //if the login form is submitted if (isset($_POST['submit'])) { // if form has been submitted // makes sure they filled it in if(!$_POST['email'] | !$_POST['password']) { die('You did not fill in a required field.'); } // checks it against the database if (!get_magic_quotes_gpc()) { $_POST['email'] = addslashes($_POST['email']); } $check = mysql_query("SELECT * FROM accounts WHERE email = '".$_POST['email']."'")or die(mysql_error()); //Gives error if user dosen't exist $check2 = mysql_num_rows($check); if ($check2 == 0) { die('That user does not exist in our database. <a href=add.php>Click Here to Register</a>'); } while($info = mysql_fetch_array( $check )) { $_POST['password'] = stripslashes($_POST['password']); $info['password'] = stripslashes($info['password']); $_POST['password'] = md5($_POST['password']); //gives error if the password is wrong if ($_POST['password'] != $info['password']) { die('Incorrect password, please try again.'); } else { // if login is ok then we add a cookie $_POST['email'] = stripslashes($_POST['email']); $hour = time() + 3600; setcookie(ID_my_site, $_POST['email'], $hour); setcookie(Key_my_site, $_POST['password'], $hour); //then redirect them to the members area header("Location: home.php"); } } } else { // if they are not logged in <form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> <table border="0"> <tr><td colspan=2><h1>Login</h1></td></tr> <tr><td>email:</td><td> <input type="text" name="email" maxlength="40"> </td></tr> <tr><td>Password:</td><td> <input type="password" name="password" maxlength="50"> </td></tr> <tr><td colspan="2" align="right"> <input type="submit" name="submit" value="Login"> </td></tr> </table> </form> } Here is the registration code: PHP: // here we encrypt the password and add slashes if needed $_POST['password'] = md5($_POST['password']); if (!get_magic_quotes_gpc()) { $_POST['password'] = mysql_escape_string($_POST['password']); $_POST['email'] = mysql_escape_string($_POST['email']); $_POST['full_name'] = mysql_escape_string($_POST['full_name']); $_POST['user_url'] = mysql_escape_string($_POST['user_url']); } // now we insert it into the database $insert = "INSERT INTO accounts (Uniquer, Full_name, Email, Password, User_url) VALUES ('".$uniquer."','".$_POST['full_name']."', '".$_POST['email']."','".$_POST['password']."', '".$_POST['user_url']."')"; $add_member = mysql_query($insert); After using ini_set function i got to see the error, i am getting this message but not sure what it means: Notice: Undefined index: password in /var/www/domain.com/htdocs/login.php on line 103 Notice: Use of undefined constant password - assumed 'password' in /var/www/domain.com/htdocs/login.php on line 11

  Read the article

• Invalid security validation exception inside a SharePoint workflow

  - by Dan Revell

  I'm having a strange security problem with a SharePoint workflow. Particular calls seem to result in the following exception: Microsoft.SharePoint.SPException: The security validation for this page is invalid. I've come across this error before and the simple fix is web.AllowUnsafeUpdates = true; ... web.AllowUnsafeUpdates = false; However I've never once encountered this problem inside a workflow before since a workflow runs as system. I first got this error in a code activity where I set the value of a column on the list item. Wrapping the item.Update in AllowUnsafeUpdates fixed it. After the code activity I have a CreateTask activity. This also causes the same error but only after running the code inside the activity's MethodInvoking. In both cases there's a SPListItem.UpdateItem involved within the stack trace. This call is failing a security check. I don't know anything about how this check works so I don't know where to look next. This is a strange one, because this SharePoint dev machine has been working fine for some time. No other projects or workflows exhibit this behaviour so that rules out an installation problem. There's just something about this particular workflow. [UPDATE] I've gotten around the issue by just creating a new project and building it up again. I still have the broken one and I'd still like to figure out the problem with it. I'd appreciate any suggestions of what it might be.

  Read the article

• MessageSecurityException: The security header element 'Timestamp' with the '' id must be signed

  - by NiklasN

  I'm asking the same question here that I've already asked on msdn forums http://social.msdn.microsoft.com/Forums/en-US/netfxnetcom/thread/70f40a4c-8399-4629-9bfc-146524334daf I'm consuming a (most likely Java based) Web Service with I have absolutely no access to modify. It won't be modified even though I would ask them (it's a nation wide system). I've written the client with WCF. Here's some code: CustomBinding binding = new CustomBinding(); AsymmetricSecurityBindingElement element = SecurityBindingElement.CreateMutualCertificateDuplexBindingElement(MessageSecurityVersion.WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10); element.AllowSerializedSigningTokenOnReply = true; element.SetKeyDerivation(false); element.IncludeTimestamp = true; element.KeyEntropyMode = SecurityKeyEntropyMode.ClientEntropy; element.MessageProtectionOrder = System.ServiceModel.Security.MessageProtectionOrder.SignBeforeEncrypt; element.LocalClientSettings.IdentityVerifier = new CustomIdentityVerifier(); element.SecurityHeaderLayout = SecurityHeaderLayout.Lax; element.IncludeTimestamp = false; binding.Elements.Add(element); binding.Elements.Add(new TextMessageEncodingBindingElement(MessageVersion.Soap11, Encoding.UTF8)); binding.Elements.Add(new HttpsTransportBindingElement()); EndpointAddress address = new EndpointAddress(new Uri("url")); ChannelFactory<MyPortTypeChannel> factory = new ChannelFactory<MyPortTypeChannel>(binding, address); ClientCredentials credentials = factory.Endpoint.Behaviors.Find<ClientCredentials>(); credentials.ClientCertificate.Certificate = myClientCert; credentials.ServiceCertificate.DefaultCertificate = myServiceCert; credentials.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None; service = factory.CreateChannel(); After this every request done to the service fails in client side (I can confirm my request is accepted by the service and a sane response is being returned) I always get the following exception MessageSecurityException: The security header element 'Timestamp' with the '' id must be signed. By looking at trace I can see that in the response there really is a timestamp element, but in the security section there is only a signature for body. Can I somehow make WCF to ingore the fact Timestamp isn't signed?

  Read the article

• Getting rid of the Expires node in the WS security header

  - by Nick

  From the snippet below, how do i get rid of the <wsu:Expires> tag? I want to either get rid of it or pass it in as a empty element. It is a read only property in objClient.RequestSoapContext.Security.Timestamp.Expires. Any help is appreciated. <wsse:Security soap:mustUnderstand="1"> <wsu:Timestamp wsu:Id="Timestamp-26d09d54-10ef-4141-aa2c-11c75ed8172b"> <wsu:Created>2010-03-08T15:32:16Z</wsu:Created> <wsu:Expires>2010-03-08T15:37:16Z</wsu:Expires> </wsu:Timestamp> <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SecurityToken-7c9b80ec-98e9-4e41-af2e-ad37070cbdd3"> <wsse:Username>bubba</wsse:Username> <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">dsfdfsdfsfs+-dasdf=</wsse:Password> <wsse:Nonce>QQ3C4HUfO2CyGx7HrjzMzg==</wsse:Nonce> <wsu:Created>2010-03-08T15:32:16Z</wsu:Created> </wsse:UsernameToken> </wsse:Security>

  Read the article

• How to resolve a java.security.AccessControlException?

  - by thisisananth

  I have written an SAX parser in my Google App Engine Web application. in that I try to validate my xml file with an xsd. But I am getting an access control exception when my code is tyring to access that xsd. java.security.AccessControlException: access denied (java.io.FilePermission \WEB-INF\ApplicationResponse.xsd read) at java.security.AccessControlContext.checkPermission(AccessControlContext.java:264) at java.security.AccessController.checkPermission(AccessController.java:427) at java.lang.SecurityManager.checkPermission(SecurityManager.java:532) at com.google.appengine.tools.development.DevAppServerFactory$CustomSecurityManager.checkPermission(DevAppServerFactory.java:166) at java.lang.SecurityManager.checkRead(SecurityManager.java:871) at java.io.FileInputStream.(FileInputStream.java:100) at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaLoader.xsdToXMLInputSource(XMLSchemaLoader.java:830) at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaLoader.processJAXPSchemaSource(XMLSchemaLoader.java:708) at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaLoader.loadSchema(XMLSchemaLoader.java:554) at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.findSchemaGrammar(XMLSchemaValidator.java:2459) at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.handleStartElement(XMLSchemaValidator.java:1807) at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.startElement(XMLSchemaValidator.java:705) at com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.scanStartElement(XMLNSDocumentScannerImpl.java:330) at com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl$NSContentDispatcher.scanRootElementHook(XMLNSDocumentScannerImpl.java:779) at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatcher.dispatch(XMLDocumentFragmentScannerImpl.java:1794) at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:368) at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:834) at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:764) at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:148) at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(AbstractSAXParser.java:1242) at sax.SAXLocalNameCount.parse(SAXLocalNameCount.java:220) at com.sms2mint.InterfaceServlet.doGet(InterfaceServlet.java:54) Please let me know how to debug this? I have tried to place the xsd in classes, webcontent, /WEB-INF but didn't help. Also declared this as a resource file in appengine-web.xml also but no avail.

  Read the article

< Previous Page | 80 81 82 83 84 85 86 87 88 89 90 91  | Next Page >