Search Results

Search found 2683 results on 108 pages for 'sign'.

Page 87/108 | < Previous Page | 83 84 85 86 87 88 89 90 91 92 93 94  | Next Page >

  • PGP Encrypt from C# using GnuPG

    - by Kishore
    Hello All, I'm trying to encrypt a incoming document in C#, and I'm using GnuPG with input redirection. I need to use -se(sign and encrypt) in a single step, which requires entering passphrase. But for some reason, input redirection is not working. Appreciate your help. Control is going to else block. I'm not sure if there is deadlock or child process(gpg.exe) waiting for the input. pgpproc = new Process(); pgpproc.StartInfo.FileName = exeFilePath; pgpproc.StartInfo.RedirectStandardOutput = false; pgpproc.StartInfo.RedirectStandardInput = true; pgpproc.StartInfo.UseShellExecute = false; pgpproc.StartInfo.Arguments = "-a -o C:\PGPStaging\output.pgp -se -r recipientID C:\PGPStaging\input.txt"; pgpproc.StartInfo.CreateNoWindow = true; pgpproc.Start(); StreamWriter myStreamWriter = pgpproc.StandardInput; myStreamWriter.Write("*****"); myStreamWriter.Close(); if (pgpproc.WaitForExit(waittime)) { //success } else { //failure pgpproc.Kill(); pgpproc.WaitForExit(); } `

    Read the article

  • Jquery cookie plugin - conditional content determined by cookie being set

    - by Dave
    Hello I have a sign up form that is displayed to all new site visitors. If a user fills out the form, the next time they visit the site, I would like to display a "welcome back" message where the form would usually sit. I am trying to do this via the jquery cookie plugin (http://plugins.jquery.com/project/Cookie). My form would look like this: <div id="sign_up_form_wrapper"><form id="sign_up" action="" method="POST" name="form"> <input type="checkbox" name="checkbox" id="checkbox" value="1">&nbsp; I accept the terms and conditions</a> <br /><br /><input type="submit" value="ENTER"> </form></div> And I am setting my cookie here: <script type="text/javascript" language="javascript"> $().ready(function() { $('#sign_upm').submit(function(e) { e.preventDefault(); if ($('#sign_up input[name=checkbox]').is(':checked')) { $.cookie('agreed_to_terms', '1', { path: '/', expires: 999999 }); } }); }); </script> That will set the cookie when a user has checked the box, but now I need to do somehting like this: if the cookie has been set, do this: <div id="sign_up_form_wrapper"> <p>Welcome back, John</p> </div> otherwise do this: <div id="sign_up_form_wrapper"> <!-- full form code here --> </div> Any ideas or pointers would be very appreciated, thanks.

    Read the article

  • Enterprise SSO & Identity management / recommendations

    - by Maxim Veksler
    Hello Friends, We've discussed SSO before. I would like to re-enhance the conversation with defined requirements, taking into consideration recent new developments. In the past week I've been doing market research looking for answers to the following key issues: The project should should be: Requirements SSO solution for web applications. Integrates into existing developed products. has Policy based password security (Length, Complexity, Duration and co) Security Policy can be managed using a web interface. Customizable user interface (the password prompt and co. screens). Highly available (99.9%) Scalable. Runs on Red Hat Linux. Nice to have Contains user Groups & Roles. Written in Java. Free Software (open source) solution. None of the solutions came up so far are "killer choice" which leads me to think I will be tooling several projects (OWASP, AcegiSecurity + X??) hence this discussion. We are ISV delivering front-end & backend application suite. The frontend is broken into several modules which should act as autonomous unit, from client point of view he uses the "application" - which leads to this discussion regrading SSO. I would appreciate people sharing their experience & ideas regarding the appropriete solutions. Some solutions are interesting CAS Sun OpenSSO Enterprise JBoss Identity IDM JOSSO Tivoli Access Manager for Enterprise Single Sign-On Or more generally speaking this list Thank you, Maxim.

    Read the article

  • SHA1 hashing in Delphi XE

    - by Leonardo Herrera
    Hello, I'm in the process of implementing XML digital signatures. I'm starting with little steps, so right now I want to solve the problem of SHA-1 hashing. There are lots of questions about this in SO: Digitially Sign Key with Lockbox Encryption library for Delphi Convert this php digital signing to Delphi Delphi: is there a version of LockBox for Delphi-XE Delphi 2010 Cryptography libraries ...and probably more. However, I'm using Delphi XE. So far, I've tried LockBox 2 (both the Songbeamer and Sourceforge versions), Lock Box 3, DCPCrypto2 and some others (Hashes is an easy to use unit which uses Windows crypto functions) I prepared a small test rig that gives me the following: LockBox2 FAILED: 1 ('abc') Got: '9f04f41a848514162050e3d68c1a7abb441dc2b5' Expected: 'a9993e364706816aba3e25717850c26c9cd0d89d' FAILED: 2 ('abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq') Got: '51d7d8769ac72c409c5b0e3f69c60adc9a039014' Expected: '84983e441c3bd26ebaae4aa1f95129e5e54670f1' LockBox3 FAILED: 1 ('abc') Got: '9f04f41a848514162050e3d68c1a7abb441dc2b5' Expected: 'a9993e364706816aba3e25717850c26c9cd0d89d' FAILED: 2 ('abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq') Got: '51d7d8769ac72c409c5b0e3f69c60adc9a039014' Expected: '84983e441c3bd26ebaae4aa1f95129e5e54670f1' DCPCrypto2 FAILED: 1 ('abc') Got: '9f04f41a848514162050e3d68c1a7abb441dc2b5' Expected: 'a9993e364706816aba3e25717850c26c9cd0d89d' FAILED: 2 ('abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq') Got: '51d7d8769ac72c409c5b0e3f69c60adc9a039014' Expected: '84983e441c3bd26ebaae4aa1f95129e5e54670f1' Hashes Test 1 passes Test 2 passes Have you succeeded in compile the mentioned libraries under Delphi XE and make them give the appropriate values? I'm particularly interested in DCPCrypt2 SelfTest procedure. Edit: I've added this answer with the fixed source code. Thank you all for your help, it is most appreciated.

    Read the article

  • AppletClassLoader exception : class not found

    - by gautam
    Hi, I am getting exception when i am trying to open an applet in my jsp. My jsp and applet is in same directory. My code is like: <object classid="clsid:8AD9C840-044E-11D1-B3E9-00805F499D93" width="720" height="500"`enter code here` type="application/x-java-applet;version=1.5"> <param name="type" value="application/x-java-applet;version=1.5"> <param name="code" value="com.timer.AppletGenerator.class"> <param name="codebase" value="."> <param name="ARCHIVE" value="Applet.jar, jcommon-1.0.0.jar, jfreechart-1.0.0.jar, log4j-1.2.13.jar, itext-1.3.1.jar" embed width="720" height="500" type="application/x-java-applet;version=1.5" code="com.timer.AppletGenerator.class" codebase="." ARCHIVE='Applet.jar, jcommon-1.0.0.jar, jfreechart-1.0.0.jar, log4j-1.2.13.jar, itext-1.3.1.jar' > </embed> </object> My AppletGenerator.class is like: public class AppletGenerator extends JApplet { public void init() { //Some code } } earlier it was woking fine. But now when i sign and verify the new jar its giving exception: load: class com.timer.AppletGenerator.class not found. java.lang.ClassNotFoundException: com.timer.AppletGenerator.class at sun.applet.AppletClassLoader.findClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at sun.applet.AppletClassLoader.loadClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at sun.applet.AppletClassLoader.loadCode(Unknown Source) at sun.applet.AppletPanel.createApplet(Unknown Source) at sun.plugin.AppletViewer.createApplet(Unknown Source) at sun.applet.AppletPanel.runLoader(Unknown Source) at sun.applet.AppletPanel.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Caused by: java.io.IOException: open HTTP connection failed. at sun.applet.AppletClassLoader.getBytes(Unknown Source) at sun.applet.AppletClassLoader.access$100(Unknown Source) at sun.applet.AppletClassLoader$1.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) ... 10 more I have searched a lot but didnt get any correct answer. There are few posts regarding this in stactoverflow but that also didnt work. Thanks and Regards,

    Read the article

  • SharePoint 2010 HttpModule problem

    - by Chris W
    I'm trying to write an HttpModule to run on our SharePoint farm - essentially it will check whether the user is authenticated and if they are it will validate some info against another database and potentially redirect the user to sign a variety of usage agreements. Whenever I enable the module in the web.config I'm finding that SharePoint has issues rendering the page - it's almost like the CSS is not getting loaded as the page is devoid of any styling. As a test I've even tried an empty module - i.e. an empty init block so it's not even hooking up any code to any events and the same issue arises. At this point it's an empty class that just implements IHttpModule so it's not even my dodgy coding causing the issue! The module is in a class library that I've dropped in to the bin folder of the application it needs to run against. In the web.config of the app I've simply added an entry as below: <modules runAllManagedModulesForAllRequests="true"> ... (default stuff ommitted) <add name="SharePointAUP" type="SPModules.SharePointAUP" /> </modules> I must be missing something really obvious here as I've done exactly the same as every sample I've found and yet I'm getting this strange behaviour. Is there something extra I need to do to get SharePoint to play nice with a custom module?

    Read the article

  • Storing a digital signature for bookings on a web based system

    - by Duncan
    I have a web based bookings system built for a UK higher education client to allow students to sign out equipment (laptops, camera's etc). It's been in use successfully for a couple of years, in the current workflow equipment is collected and the booking is printed, signed by the student and kept until the equipment is returned. They are emailed a pdf copy of the booking and reminders if equipment is outstanding. Students can login and prebook equipment using their university LDAP credentials, the booking is then authorised by staff for later collection, but can also walk in and have equipment booked out by staff. They would like to remove the signed paper part of the process and replace this with some sort of digital signature. The suggestion was a graphics tablet but with a web based system this would require a local software package and in my view be impractical. My thought is that students would enter their LDAP username and password upon collection of the equipment, verifying their identity and effectively digitally signing the booking. My question is what would be best to store as a signature or whether to simply authenticate the user and use a boolean flag to indicate that this has been done could be deemed sufficient?

    Read the article

  • Zend Framework subdomain+subfolder router rewrite problem

    - by zf_novice
    I'm new to Zend Framwork and this is an issue I've been struggling for several hours already... I'm trying to chain Hostname and standard Route in order to get url with subdomain+subfolders ie.: http:// lang.mydomain.com/myapplication/public/controller http:// lang.mydomain.com/myapplication/public/controller/action (sorry for the empty space in the address, this site won't allow links) Basically what I have done in Bootstrap is: // add language to default route $routePath = new Zend_Controller_Router_Route( ':controller/:action/*', array('controller'=>'index','action' => 'index','module'=>'default') ); $routeHostname = new Zend_Controller_Router_Route_Hostname( ':lang.mydomain.com', array('lang'=>$lang) ); $frontController = $this->getResource('FrontController'); $router = $frontController->getRouter(); $router->addRoute('default', $routeHostname->chain($routePath)) $frontController->setRouter($router); it finds the route ok, but every time I generate url in view or layout by $this-url() <?php echo $this->url( array( 'controller'=> 'guestbook', 'action' => 'sign', 'lang' => Zend_Registry::get('lang'), ), 'default', true) ?>"> I get http:// lang.mydomain.com/controller instead of http:// lang.mydomain.com/myapplication/public/controller I've been trying to set baseUrl on front controller but no luck... Also I've tried the static route with myapplication/public or following standard route: 'myapplication/public/:controller/:action/*' - it result with "An error occurred Page not found Exception information: Message: No route matched the request" and empty request Is there any way to assembly subdomain with subfolder in Zend Framwork?? EDIT: I changed above to: $frontController->setBaseUrl('.'); // add language to default route $routePath = new Zend_Controller_Router_Route( 'quickstart/public/:controller/:action/*', array( 'controller'=>'index', 'action' => 'index', 'module'=>'default', ) ); and it works form me, although I'm not sure whether it's been correct approach...

    Read the article

  • why does Integrated Windows Authentication fail when clients access off the network

    - by Bryan
    My background is not with web applications so this problem is hard for me to explain easily. First I'll try to describe the setup. Client setup:-Only browser that is effected is IE 6-8 (Firefox, chrome, opera, and safari all work fine) -A user will try to access our web application from a company laptop that is not connected to our network. -This machine will be a member of our workgroup and have the company DNS listed as a trusted intranet site. (to which the application in question would be a member) -The security logon mode is set to Automatic Logon only in intranet zone only, and IWA authentication is enabled on the clients browser.Server setup:-Windows server 2003 fp2-The application will first redirect to an Authorization asp page which has anonymous access disabled and IWA enabled in IIS.what should happen is that, since the client is not currently on the network, when this page is called it should prompt the user for network credentials. But with IE, instead of prompting, the user gets a page cannot be displayed error because the IIS manager is denying access to the asp page. If the company DNS is removed from the trusted intranet site list then it prompts correctly but disables single sign on the next time that computer is connected to the network or vpn. My assumption is that since IE uses IWA and the site is listed as an internal site, when no network is found IE just sends nulls to the server attempting to authenticate which is swiftly punted back. Other browsers do not have security zones so when network credentials are not present the server prompts for them. Is there a way to get around this so that our clients can keep the company DNS in the intranet zone but still have the server prompt for credentials when not on the network? Any attempt to allow for anonymous access on the asp page, as far as I know, will cause AUTH_USER to return null and again break SSO. I realize this is slightly rambling so I will do my best to clarify and questions you guys might have. Thanks in advance.

    Read the article

  • Paypal subscriptions IPN - problem with users subscribing multiple times

    - by Brian Armstrong
    I'm using paypal subscriptions and the instant payment notification (IPN) to handle subscribers on my site. For the most part it works well but there is one occasional problem I've encountered. Usually if a user cancels their subscription, I wait for the "end of term" (subscr_eot) notification before disabling access to my site. So if they prepay for the whole month, and then cancel right away, they still have access for the rest of the month (as it should be). But some users are having this problem where they: Cancel their subscription Before the "end of term" is reached they decide to re-subscribe When the "end of term" is reached for their first subscription, my app receives the notification and fires off an email to the user with something like "your account has been disabled, if you ever want to sign up again, you can re-subscribe by clicking here". This confuses them because they are thinking...that's weird, I thought I subscribed like a week ago (and they did). So they go subscribe AGAIN. Now they have two concurrent running subscriptions to my site and I get a support email in a month or two ("wtf you billed me twice this month jerk!!") So I haven't found a good way to fix this. I guess the best solution would be to do an additional API call when the "end of term" notification is received which asks paypal "hey did this person already re-subscribe?". If so then no need to fire off that email. But I haven't seen any way to do this API call yet. Another solution is to disable their account immediately when they cancel (the "subscr_cancel" notification) but then I get different angry support emails "hey I prepaid for the whole month why was my account disabled already!!". Anyone else solved this?

    Read the article

  • Error in Implementing WS Security web service in WebLogic 10.3

    - by Chris
    Hi, I am trying to develop a JAX WS web service with WS-Security features in WebLogic 10.3. I have used the ant tasks WSDLC, JWSC and ClientGen to generate skeleton/stub for this web service. I have two keystores namely WSIdentity.jks and WSTrust.jks which contains the keys and certificates. One of the alias of WSIdentity.jks is "ws02p". The test client has the following code to invoke the web service: SecureSimpleService service = new SecureSimpleService(); SecureSimplePortType port = service.getSecureSimplePortType(); List credProviders = new ArrayList(); CredentialProvider cp = new ClientBSTCredentialProvider( "E:\\workspace\\SecureServiceWL103\\keystores\\WSIdentity.jks", "webservice", "ws01p","webservice"); credProviders.add(cp); string endpointURL="http://localhost:7001/SecureSimpleService/SecureSimpleService"; BindingProvider bp = (BindingProvider)port; Map requestContext = bp.getRequestContext(); requestContext.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, endpointURL); requestContext.put(WSSecurityContext.CREDENTIAL_PROVIDER_LIST,credProviders); requestContext.put(WSSecurityContext.TRUST_MANAGER, new TrustManager() { public boolean certificateCallback(X509Certificate[] chain, int validateErr) { // Put some custom validation code in here. // Just return true for now return true; } }); SignResponse resp1 = new SignResponse(); resp1 = port.echoSignOnlyMessage("hello sign"); System.out.println("Result: " + resp1.getMessage()); When I trying to invoke this web servcie using this test client I am getting the error "Invalid signing policy" with the following stack trace: *[java] weblogic.wsee.security.wss.policy.SecurityPolicyArchitectureException: Invalid signing policy [java] at weblogic.wsee.security.wss.plan.SecurityPolicyBlueprintDesigner.verifyPolicy(SecurityPolicyBlueprintDesigner.java:786) [java] at weblogic.wsee.security.wss.plan.SecurityPolicyBlueprintDesigner.designOutboundBlueprint(SecurityPolicyBlueprintDesigner.java:136) Am I missing any configuration settings in WebLogic admin console or is it do with something else. Thanks in advance.

    Read the article

  • Inserting variable into routes - map.resources :posts, :as => X - is this possible?

    - by bgadoci
    Ok, so I am working on a blog application of sorts. Thus far, it allows for a user to sign up for their own account, create posts, tags, comments, etc. I have just implemented the ability to use www.myapp.com/brandon to set @user to find by username and therefore correctly display the users information at each url. So when you go to www.myapp.com/brandon you see all Brandon's posts, tags, and comments associated with those posts, etc. Works great. I'm implementing this URL mapping through the routes.rb file by adding the following: map.username_link '/:username', :controller => 'posts', :action => 'index' And then just setting the @user variable in the PostController and corresponding views to find_by_username. Now the issue is this. Once at www.myapp.com/brandon when you click on a post title, it sends to myapp.com/posts/id without the username in the URL. How do I tell rails to replace the /posts with /username. Is it even possible to insert the user_username variable into this code? map.resources :posts, :as => [what goes here]

    Read the article

  • PDF files created on iPad dont display correctly on Windows

    - by user286028
    My iPhone app creates PDF files (in Arial font). The plain iPhone 3.1.x version works great (other than the known issue that PDFs created on the iPhone cant be viewed correctly in Google Docs or the BlackBerry). As I am updating my project for OS 3.2 and the iPad, it works just the same, and the PDFs still look great on the iPhone, iPad and MacOS (Preview app). But now on Windows (Vista), Acrobat 9.3.1 says "Cannot extract the embedded font 'XYZABC+ArialMT'. Some characters may not display or print correctly". And in fact Acrobat then uses some generic font instead of Arial (or whatever other font I try). Quartz 3.2 seems to generate these "random" embedded font names each time it creates a PDF (the XYZABC changes around each time). I can't tell whether the problem is just the somewhat strange "temporary" embedded font name with the plus sign, or the way Quartz 3.2 is embedding fonts. I have tried my existing code (using CGPDFContext* funtions), and also the newly supported UIGraphics* functions, with the same results. Has anyone else tried creating PDFs on the iPad yet and gotten them to display correctly on Windows?

    Read the article

  • Session variables with Cucumber Stories

    - by Matthew Savage
    I am working on some Cucumber stories for a 'sign up' application which has a number of steps. Rather then writing a Huuuuuuuge story to cover all the steps at once, which would be bad, I'd rather work through each action in the controller like a regular user. My problem here is that I am storing the account ID which is created in the first step as a session variable, so when step 2, step 3 etc are visited the existing registration data is loaded. I'm aware of being able to access controller.session[..] within RSpec specifications however when I try to do this in Cucumber stories it fails with the following error (and, I've also read somewhere this is an anti-pattern etc...): Using controller.session[:whatever] or session[:whatever] You have a nil object when you didn't expect it! The error occurred while evaluating nil.session (NoMethodError) Using session(:whatever) wrong number of arguments (1 for 0) (ArgumentError) So, it seems accession the session store isn't really possible. What I'm wondering is if it might be possible to (and I guess which would be best..): Mock out the session store etc Have a method within the controller and stub that out (e.g. get_registration which assigns an instance variable...) I've looked through the RSpec book (well, skimmed) and had a look through WebRat etc, but I haven't really found an answer to my problem... To clarify a bit more, the signup process is more like a state machine - e.g. the user progresses through four steps before the registration is complete - hence 'logging in' isn't really an option (it breaks the model of how the site works)... In my spec for the controller I was able to stub out the call to the method which loads the model based on the session var - but I'm not sure if the 'antipattern' line also applies to stubs as well as mocks? Thanks!

    Read the article

  • DotNetOpenAuth OpenID on ISA 2006 Reverse Proxy problem

    - by userb00
    I am trying to host my site that uses DotNetOpenAuth (OpenID) behind ISA 2006 (reverse proxy), and after it authenticated with a provider (such as Google), and it returns with a URL with %253A in the URL. However, ISA HTTP filter rejects the request. What I need to do is, on ISA web publishing rule, right click config HTTP policy properties uncheck "Verify Normalization" and it worked. Is this a problem on ISA 2006 generally? Are other firewalls having similar problems? Or, is it an OpenID or DotNetOpenAuth issue? Is it safe to disable Normalization checking on ISA? According to MSDN, quote "Web servers receive requests that are URL encoded. This means that certain characters may be replaced with a percent sign (%) followed by a particular number. For example, %20 corresponds to a space, so a request for http://myserver/My%20Dir/My%20File.htm is the same as a request for http://myserver/My Dir/My File.htm. Normalization is the process of decoding URL-encoded requests. Because the % can be URL encoded, an attacker can submit a carefully crafted request to a server that is basically double-encoded. If this occurs, Internet Information Services (IIS) may accept a request that it would otherwise reject as not valid. When you select Verify Normalization, the HTTP filter normalizes the URL two times. If the URL after the first normalization is different from the URL after the second normalization, the filter rejects the request. This prevents attacks that rely on double-encoded requests. Note that while we recommend that you use the Verify Normalization function, it may also block legitimate requests that contain a %."

    Read the article

  • How do i use signtool.exe correctly in hudson running as a service?

    - by Tim
    I just purchased a code signing cert (MS authenticode) from THAWTE and have installed it apparently on my build machine. I am logged in as a user and when I open a cmd prompt I can sign EXEs using the cert with signtool.exe. Unfortunately this same command line does not work in the hudson process that is running on the machine. the error message I get is: SignTool Error: No certificates were found that met all the given criteria. I presume this is because the hudson service is running under a different account than the account that I ran signtool.exe from and from the account I used to get the cert from thawte. So, my question is: How do I fix this problem? I thought i was going to download a file from thawte, but instead it just used IE somehow to install the cert in the user's cache magically. I probably want to export (or whatever the correct term is) to a file that I can store/save or use on any other machine. How do i do that and how do I call signtool correctly with either the file or the cert from another user in the system/services account?

    Read the article

  • Public key of Android project and keystore created in Eclipse?

    - by user578056
    I created an Android project using Eclipse (under Windows FWIW) and let Eclipse create the keypair during the Export Android Application process. I successfully used Eclipse to make a signed release build that is now on the Market. Now I want to now use ProGuard, which I believe means using Ant instead of Eclipse to build. It was a pain, but Ant building works in both debug and release, until it tries to sign the APK. I get: [signjar] jarsigner: Certificate chain not found for: redacted. redacted must reference a valid KeyStore key entry containing a private key and corresponding public key certificate chain. keytool -list -keystore redacted gives me: Keystore type: JKS Keystore provider: SUN Your keystore contains 1 entry redacted, Jan 16, 2011, PrivateKeyEntry, Certificate fingerprint (MD5): BD:0F:70:C1:39:F5:FE:5B:BC:CD:89:0B:C8:66:95:E0 Which brings me to the actual question: where is my public key? I have some sort of public key on my Android Market profile, but is that the pair for my private key? If so, how do I store that in the keystore so that jarsigner will work?

    Read the article

  • Authlogic, logout, credential capture and security

    - by Paddy
    Ok this is something weird. I got authlogic-oid installed in my rails app today. Everything works perfectly fine but for one small nuisance. This is what i did: I first register with my google openid. Successful login, redirection and my email, along with my correct openid is stored in my database. I am happy that everything worked fine! Now when i logout, my rails app as usual destroys the session and redirects me back to my root url where i can login again. Now if i try to login it still remembers my last login id. Not a big issue as i can always "Sign in as a different user" but i am wondering if there is anyway to not only logout from my app but also logout from google. I noticed the same with stack overflow's openid authentication system. Why am i so bothered about this, you may ask. But is it not a bad idea if your web apps end user, who happens to be in a cyber cafe, thinks he has logged out from your app and hence from his google account only to realize later that his google account had got hacked by some unworthy loser who just happened to notice that the one before him had not logged out from google and say.. changed his password!! Should i be paranoid? Isn't this a major security lapse while implementing the openid spec? Probably today someone can give me a workaround for this issue and the question is solved for me. But what about the others who have implemented openid in their apps and not implemented a workaround?

    Read the article

  • Authlogic, logout and credential capture

    - by Paddy
    Ok this is something weird. I got authlogic-oid installed in my rails app today. Everything works perfectly fine but for one small nuisance. This is what i did: I first register with my google openid. Successful login, redirection and my email, along with my correct openid is stored in my database. I am happy that everything worked fine! Now when i logout, my rails app as usual destroys the session and redirects me back to my root url where i can login again. Now if i try to login it still remembers my last login id. Not a big issue as i can always "Sign in as a different user" but i am wondering if there is anyway to not only logout from my app but also logout from google. I noticed the same with stack overflow's openid authentication system. Why am i so bothered about this, you may ask. But is it not a bad idea if your web apps end user, who happens to be in a cyber cafe, thinks he has logged out from your app and hence from his google account only to realize later that his google account had got hacked by some unworthy loser who just happened to notice that the one before had not logged out from google and say.. changed his password!! Should i be paranoid?

    Read the article

  • E-commerce platform for custom application integration

    - by Zach Smith
    We are building an online subscription-based website and I'm looking for recommendations on which e-commerce platform to use for the checkout process. Requirements include: Only four products. The sign-up process of the site is heavily customized, and after checkout the user should automatically get logged into the subscriber area. Subscriptions will last one year and can be renewed manually. Support for coupons/discount codes at a later point. Since the entire application is custom, we've weighed building a custom checkout but are strongly leaning towards using existing software to avoid having to build lots of admin reporting as well as a coupon engine down the road. The two questions we're pondering are: Is it better to a) build our application custom and use whatever e-commerce software we select just for the payment piece, or b) use the e-commerce software as the basis and build our application around it/as a module/etc? Which e-commerce platform should we use? I've looked into a variety of off the shelf e-commerce software, but it's not clear to me which would be easiest to integrate with. I've researched on the Web and looked at many of the threads on SO to compiled a list of potential candidates: www.magentocommerce.com/ (seems difficult to integrate with) www.prestashop.com/ www.nopcommerce.com/ www.opencart.com/ www.cubecart.com/ www.spreecommerce.com/ www.interspire.com/ www.tradingeye.com/ We're most concerned with the level of effort required with ramping up on the software and then doing the integration with our custom functionality. We're most proficient with PHP, ASP.NET and some ROR and are only considering those technologies. We prefer open source, but would be open to commercial if there's a significant upside. Any experiences with similar projects and advice is greatly appreciated.

    Read the article

  • Using complex data types from Java in Axis webservice

    - by Manuel Ferreria
    I am currently developing a Java app which handles a SOAP webservice. The problem lies after I parse the WSDL [the Parser object from Apache Axis does it for me], and I create the call. When I try to invoke it, I have to pass a Object[] to assign the parameters [taken from the Action of the WSDL]. A normal action is easy, but when I have custom datatypes, I can't get it to fill it out for me. I try to pass Object[]{ new Object { }}, but it assigns the first field instead. I can't pass it already processed, because it changes the '< ' to '--lt --gt', and the server doesn't recognize it'. This is a fragment of the WSDL. <s:element name="FERecuperaQTYRequest"> <s:complexType> <s:sequence> <s:element minOccurs="0" maxOccurs="1" name="argAuth" type="tns:FEAuthRequest" /> </s:sequence> </s:complexType> </s:element> <s:complexType name="FEAuthRequest"> <s:sequence> <s:element minOccurs="0" maxOccurs="1" name="Token" type="s:string" /> <s:element minOccurs="0" maxOccurs="1" name="Sign" type="s:string" /> <s:element minOccurs="1" maxOccurs="1" name="cuit" type="s:long" /> </s:sequence> </s:complexType> And this is the troublesome Java Fragment QTY = (String) call.invoke ( new Object[]{ new Object[]{ tokenConexion.getToken (), tokenConexion.getSign (), tokenConexion.getCUIT () } });

    Read the article

  • blackberry smartcard reader example

    - by pajton
    I am writing an app for BlackBerry that utilizes a BlackBerry smartcard reader. There is not much documentation on the subject, so I'd really like if someone could give me starting examples. Basically, there is one RSA private key on the card plus a certificate (for paired public key). I would like to be able to encrypt/decrypt data and also sign it as well. The final goal would be to establish an mutual-authenticated SSL connection using client certificate contained on the smartcard. Here is the code I managed to come up with so far: SmartCardReader btReader = null; SmartCardReader[] readers = SmartCardReaderFactory.getInstalledReaders(); for (int i = 0; i < readers.length; i++) { SmartCardReader reader = readers[i]; if (reader.getType().equalsIgnoreCase("bluetooth")) { btReader = reader; break; } } SmartCardReaderSession readerSession = reader.openSession(); CryptoSmartCard card = (CryptoSmartCard) readerSession.getSmartCard(); RSACryptoToken token = (RSACryptoToken) card.getCryptoToken("RSA"); This token looks promising - has some nice methods, but with "cryptic" arguments. What to do next?

    Read the article

  • Get coordinates of google maps markers

    - by App_beginner
    I am creating a databse containing the names and coordinates of all bus stops in my local area. I have all the names stored in my database, and now I need to add the coordinates. I am trying to get these of a website that contains them all as placemarks on a google map. It seems to me like they are being generated from a local server, and then added to the map. However I am unable to find exactly where the server is queried for the coordinates. I am hoping to collect these coordinates through the use of a screen scraper. However unless I am able to find where in the source code the coordinates are created this seems to be impossible. I can of course search and collect all these placemarks manually, but that will be very time consuming. So I am hoping that someone in here can help me. This is the website I am trying to scrape. The placemarks are marked by the blue bus sign: http://reiseplanlegger.skyss.no/scripts/travelmagic/TravelMagicWE.dll/?from=Brimnes+ferjekai+%28Eidfjord%29&to= You can also get the coordinates of a single placemark by writing the name of the stop in the search field and pushing the "Vis i kart" button. I hope someone can help me with this.

    Read the article

  • Altering URLs and mapping - path_prefix? - Ruby on Rails...

    - by bgadoci
    Ok, so I am working on a blog application of sorts. Thus far, it allows for a user to sign up for their own account, create posts, tags, comments, etc. I have just implemented the ability to use www.myapp.com/brandon to set @user to find by username and therefore correctly display the users information at each url. So when you go to www.myapp.com/brandon you see all Brandon's posts, tags, and comments associated with those posts, etc. Works great. I implementing this URL mapping through the routes.rb file by adding the following: map.username_link '/:username', :controller => 'posts', :action => 'index' And then just setting the @user variable in the PostController and corresponding views to find_by_username. Now the issue is this. Once at www.myapp.com/brandon when you click on a post title, it sends to myapp.com/posts/id without the username in the URL which blows up my view because nothing is being set for the @user variable. How do I tell Rails to create the link reading www.myapp.com/brandon/posts/id vs www.myapp.com/posts/id and then map that action? I am assuming this will involve some code in the view, and then adding another line in the routes.rb file, map.subdomain_link '/:username/posts/:id', :controller => 'posts', :action => 'show' and adding the @user variable to the PostController#show action, but not totally sure if this is even the right approach. UPDATE: I have been reading about :path_prefix and seems like it might be what I am looking for. I have tried to implement simply by adding map.resources :posts, :path_prefix => '/:user_username/:post_id' to the routes.rb file but not working (even after server restart). I am sure this is not correct but wanted to let you know what I have tried.

    Read the article

  • How to create an SaaS Application?

    - by Andrew
    I don't know how else to say it so I'm just going to explain my ideal scenario and hopefully you can explain to me how to implement it... I'm creating an application with the Zend Framework that will be hosted with DreamHost. The application will be hosted on its own domain (i.e. example-app.com). Basically, a user should be able to sign up, get their own domain sampleuser.example-app.com or example-app.com/sampleuser which points to, what looks like their own instance of the app, which is really a single instance serving up different content based on the url. Eventually, I want my users to be able to create their own domain (like foobar.com) that points to sampleuser.example-app.com, such that visitors to foobar.com don't notice that the site is really being served up from example-app.com. I don't know how to do most of that stuff. How does this process work? Do I need to do some funky stuff with Apache or can this be done with a third party host, like DreamHost? Update: Thanks for the advice! I've decided to bite the bullet and upgrade my hosting plan to utilize wildcard subdomains. It's cheaper than I was expecting! I also found out about domain reseller programs, like opensrs.com, that have their own API. I think using one of these APIs will be the solution to my domain registration issue.

    Read the article

< Previous Page | 83 84 85 86 87 88 89 90 91 92 93 94  | Next Page >