Search Results

Search found 4187 results on 168 pages for 'secure erase'.

Page 87/168 | < Previous Page | 83 84 85 86 87 88 89 90 91 92 93 94  | Next Page >

  • C# Ignore certificate errors?

    - by JL
    I am getting the following error during a web service request to a remote web service: Could not establish trust relationship for the SSL/TLS secure channel. --- System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure. Is there anyway to ignore this error, and continue. It seems the remote certificate is not signed. The site I connect to is www.czebox.cz - so feel free to visit the site, and notice even browsers through security exceptions. Thanks

    Read the article

  • How to support both HTTP and HTTPS channels in Flex/BlazeDS?

    - by digitalsanctum
    I've been trying to find the right configuration for supporting both http/s requests in a Flex app. I've read all the docs and they allude to doing something like the following: <default-channels> <channel ref="my-secure-amf"> <serialization> <log-property-errors>true</log-property-errors> </serialization> </channel> <channel ref="my-amf"> <serialization> <log-property-errors>true</log-property-errors> </serialization> </channel> This works great when hitting the app via https but get intermittent communication failures when hitting the same app via http. Here's an abbreviated services-config.xml: <channel-definition id="my-amf" class="mx.messaging.channels.AMFChannel"> <endpoint url="http://{server.name}:{server.port}/{context.root}/messagebroker/amf" class="flex.messaging.endpoints.AMFEndpoint"/> <properties> <!-- HTTPS requests don't work on IE when pragma "no-cache" headers are set so you need to set the add-no-cache-headers property to false --> <add-no-cache-headers>false</add-no-cache-headers> <!-- Use to limit the client channel's connect attempt to the specified time interval. --> <connect-timeout-seconds>10</connect-timeout-seconds> </properties> </channel-definition> <channel-definition id="my-secure-amf" class="mx.messaging.channels.SecureAMFChannel"> <!--<endpoint url="https://{server.name}:{server.port}/{context.root}/messagebroker/amfsecure" class="flex.messaging.endpoints.SecureAMFEndpoint"/>--> <endpoint url="https://{server.name}:{server.port}/{context.root}/messagebroker/amfsecure" class="flex.messaging.endpoints.AMFEndpoint"/> <properties> <add-no-cache-headers>false</add-no-cache-headers> <connect-timeout-seconds>10</connect-timeout-seconds> </properties> </channel-definition> I'm running with Tomcat 5.5.17 and Java 5. The BlazeDS docs say this is the best practice. Is there a better way? With this config, there seems to be 2-3 retries associated with each channel defined in the default-channels element so it always takes ~20s before the my-amf channel connects via a http request. Is there a way to override the 2-3 retries to say, 1 retry for each channel? Thanks in advance for answers.

    Read the article

  • .Net/C# - Pros and cons using the GAC

    - by Adi barad
    Hi Guys, I would like to hear your opinion regarding the benefits of disadvantages of using the GAC in .Net applications. To me, it looks more professional to sign & register the application dlls in the GAC. It's more secure, helps with backward compatibility, side by side installations and easy to reference for end-users. But I want to hear the other side as well. Thank you very much, Adi Barda

    Read the article

  • Blackberry application testing in Blackberry Mobile getting error like this attempts to access a sec

    - by upendra
    I developed a Blackberry application using Eclipse. The application is working fine in the simulator. By using Blackberry desktop software, I tested the application in Blackberry mobile and it's working fine; but when I am using Progressbar screen, I am getting an error like this "Error starting Applicationname : Module 'ApplicationName' attempts to access a secure API." How do I avoid this error?

    Read the article

  • WCF security when it is used with sync services

    - by malik
    I am using following architecture for sync process. http://www.codeproject.com/KB/smart/sync_services.aspx And for server i use WCF service, can anybody guide me how can i secure my wcf service without using certificate that is hosted on IIS. Can i get a way to pass credential or some token to authenticate? I need to authenticate and encrypt the communication, when syncagent call synchronise method.

    Read the article

  • Using paired certificates with urllib2

    - by Ned Batchelder
    I need to create a secure channel between my server and a remote web service. I'll be using HTTPS with a client certificate. I'll also need to validate the certificate presented by the remote service. How can I use my own client certificate with urllib2? What will I need to do in my code to ensure that the remote certificate is correct?

    Read the article

  • Is Flash/Actionscript any safer than Javascript for persistent online game?

    - by Sean Madigan
    I'm finding lately how unsecure Javascript is when programming a game (I'm trying to do a turn based RPG and currently the battle calculations are done through Javascript which any player can cheat with of course giving themselves as much XP as they want), so I'm wondering if I were to move my battle screen to flash if this would be any more secure, or is there just as easy of a way to cheat this?

    Read the article

  • ssl multi domain website

    - by NetParis
    We need to secure a multi-langual web application with SSL (registration, login,..). However, this application is accessed by different domain names, exactly a domain name for each language (domainName.co.uk, domainName.fr, domainName.it and so on). We're looking for the simplest and cheapest solution. We don't want to purchase a certificate for each domain name. Some one has an idea ? the web server : IIS 6 Thanks

    Read the article

  • Automatically backing up a file to another server?

    - by codemonkey613
    I have a backup created of my mysql database (vbulletin forum v3.8) everyday. It's about 360mb in size. It's stored as one text file in a secure folder. I'm thinking of getting another server, through a different host, and somehow automatically transferring the backup to my second server every day. Any ideas on how I could automate this process? I'm thinking PHP and a cron job.

    Read the article

  • How to set up Mercurial with ssl/security

    - by Sam Lee
    I've been following the hginit.com tutorial on how to use mercurial. Everything is going fine except it uses push_ssl=False. This does not work for my situation because I want pushes (and pulls if possible) to be secure. All the tutorials I've been able to find also use push_ssl=False. Can anyone give me pointers on how to set up ssl/security for Mercurial? Thanks.

    Read the article

  • Web Security: Worst-Case Situation

    - by Yongho
    I currently have built a system that checks user IP, browser, and a random-string cookie to determine if he is an admin. In the worst case, someone steals my cookie, uses the same browser I do, and masks his IP to appear as mine. Is there another layer of security I should add onto my script to make it more secure?

    Read the article

  • Irc server for ubuntu

    - by Ralphz
    The Ubuntu WIKI https://help.ubuntu.com/community/IrcServer it lists few IRC servers you can use in Ubuntu. My question is which one is you favorite one and more secure. I will also need one that will allow me to monitor rooms for regular expressions and run some scripts if regexp matches. Thanks

    Read the article

  • Simple "Long Polling" example code?

    - by dbr
    I can find lots of information on how Long Polling works (For example, this, and this), but no simple examples of how to implement this in code. All I can find is cometd, which relies on the Dojo JS framework, and a fairly complex server system.. Basically, how would I use Apache to serve the requests, and how would I write a simple script (say, in PHP) which would "long-poll" the server for new messages? The example doesn't have to be scaleable, secure or complete, it just needs to work!

    Read the article

  • google-app-engine deploy error..

    - by zjm1126
    2010-04-20 15:33:39,421 WARNING appengine_rpc.py:399 ssl module not found. Without the ssl module, the identity of the remote host cannot be verified, and connections may NOT be secure. To fix this, please install the ssl module from http://pypi.python.org/pypi/ssl . To learn more, see http://code.google.com/appengine/kb/general.html#rpcssl . how can i do ? thanks

    Read the article

  • Authorizing a computer to access a web application

    - by HackedByChinese
    I have a web application, and am tasked with adding secure sign-on to bolster security, akin to what Google has added to Google accounts. Use Case Essentially, when a user logs in, we want to detect if the user has previously authorized this computer. If the computer has not been authorized, the user is sent a one-time password (via email, SMS, or phone call) that they must enter, where the user may choose to remember this computer. In the web application, we will track authorized devices, allowing users to see when/where they logged in from that device last, and deauthorize any devices if they so choose. We require a solution that is very light touch (meaning, requiring no client-side software installation), and works with Safari, Chrome, Firefox, and IE 7+ (unfortunately). We will offer x509 security, which provides adequate security, but we still need a solution for customers that can't or won't use x509. My intention is to store authorization information using cookies (or, potentially, using local storage, degrading to flash cookies, and then normal cookies). At First Blush Track two separate values (local data or cookies): a hash representing a secure sign-on token, as well as a device token. Both values are driven (and recorded) by the web application, and dictated to the client. The SSO token is dependent on the device as well as a sequence number. This effectively allows devices to be deauthorized (all SSO tokens become invalid) and mitigates replay (not effectively, though, which is why I'm asking this question) through the use of a sequence number, and uses a nonce. Problem With this solution, it's possible for someone to just copy the SSO and device tokens and use in another request. While the sequence number will help me detect such an abuse and thus deauthorize the device, the detection and response can only happen after the valid device and malicious request both attempt access, which is ample time for damage to be done. I feel like using HMAC would be better. Track the device, the sequence, create a nonce, timestamp, and hash with a private key, then send the hash plus those values as plain text. Server does the same (in addition to validating the device and sequence) and compares. That seems much easier, and much more reliable.... assuming we can securely negotiate, exchange, and store private keys. Question So then, how can I securely negotiate a private key for authorized device, and then securely store that key? Is it more possible, at least, if I settle for storing the private key using local storage or flash cookies and just say it's "good enough"? Or, is there something I can do to my original draft to mitigate the vulnerability I describe?

    Read the article

  • gitosis-admin git push failed, exec hooks/post-update

    - by v14nt0
    I'm following this tutorial http://scie.nti.st/2007/11/14/hosting-git-repositories-the-easy-and-secure-way after this step git commit -a -m "Allow jdoe write access to free_monkey" git push i always failed, with this error fatal: exec hooks/post-update failed. this is from my /home/git/repositories/gitosis-admin/hooks/post-update -rwxr-xr-x 1 git git 83 Mar 10 11:49 post-update so i change gitosis.conf manually from server for adding new repositories, and repos can work fine. i've google what might cause it, i want to admin gitosis in proper way Please Help Regards, REV

    Read the article

  • Do encryption algorithms require an internal hashing algorithm?

    - by Rudi
    When I use C# to implement the AES symmetric encryption cipher, I noticed: PasswordDeriveBytes derivedPassword = new PasswordDeriveBytes(password, saltBytesArray, hashAlgorithmName, numPasswordIterations); Why do I need to use a hashing algorithm for AES encryption? Aren't they separate? Or is the hashing algorithm only used to create a secure key? The AES algorithm doesn't use a hashing algorithm internally does it?

    Read the article

  • How to do HTTP authentication with Goliath/Heroku?

    - by David
    I'm using Goliath as my app server, and I am trying to convert "Ruby – Secure staging environment of your public app from users and bots" so it applies to my Goliath application. I am trying to use Rack::Static but I'm not sure how to write the code. I was trying something like: class Application < Goliath::API use(Rack::Lock) But I am not really sure how to translate the link I posted. I'm open to other alternatives, I just need my whole site password protected.

    Read the article

  • Accessing xml from jsp on tomcat server is throwing FileNotFoundException trying to access .keystore

    - by mobibob
    I am trying to access an XML file from JSP on my Tomcat server. The error is from Catalina's protocol handler and the exception is java.io.FileNotFoundException trying to access my .keystore in the 'documents and settings' folder for my signed-on user (with admin, but not the user that installed the server). I can provide the stacktrace if that would help ... but my question is more fundamental about secure access to files and where is the keystore configured / used on a Window's install?

    Read the article

< Previous Page | 83 84 85 86 87 88 89 90 91 92 93 94  | Next Page >