Search Results

Search found 3673 results on 147 pages for 'pop3 ssl'.

Page 91/147 | < Previous Page | 87 88 89 90 91 92 93 94 95 96 97 98  | Next Page >

• How to make QT support HTML 5 database?

  - by Mickey Shine

  I am using Qt 4.7.1 and embedded a webview in my app. But I got the following error when trying to visit http://webkit.org/demos/sticky-notes/ to test the HTML 5 database feature Failed to open the database on disk. This is probably because the version was bad or there is not enough space left in this domain's quota I compiled my static Qt library with the following command: configure --prefix=/usr/local/qt-static-release-db --accessibility --multimedia --audio-backend --svg --webkit --javascript-jit --script --scripttools --declarative --release -nomake examples -nomake demos --static --openssl -I /usr/local/ssl/include -L /usr/local/ssl/lib -confirm-license -sql-qsqlite -sql-qmysql -sql-qodbc

  Read the article

• Cisco VPN Client Behind ASA 5505

  - by fdf33

  I'm trying to get connected to another ASA via Cisco VPN Client. I am behind an ASA 5505 myself and I am tryihng to VPN to a 5510. I get the message: Secure VPN Connection terminated locally by the Client. Reason 412: The remote peer is no longer responding. I can connect to the other ASA if I use a normal cheap Linksys. Here's the version of my ASA: Result of the command: "sh ver" Cisco Adaptive Security Appliance Software Version 8.4(1) Any help would be great. Thanks running-config : Saved : Written by enable_15 at 23:12:32.378 UTC Fri Jul 1 2011 ! ASA Version 8.4(1) ! hostname aaaasa domain-name aaa.local enable password xxxxxxxxxxxxxxx encrypted passwd xxxxxxxxxxxxxxxxxxxx encrypted names ! interface Vlan1 nameif inside security-level 100 ip address 192.168.1.254 255.255.255.0 ! interface Vlan2 nameif outside security-level 0 ip address xxx.xxx.xxx.xxx 255.255.254.0 ! interface Vlan5 no nameif security-level 50 ip address 172.16.0.254 255.255.255.0 ! interface Vlan500 no nameif security-level 100 ip address 10.10.10.1 255.255.255.0 ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 ! interface Ethernet0/2 ! interface Ethernet0/3 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! boot system disk0:/asa841-k8.bin ftp mode passive dns domain-lookup inside dns domain-lookup outside dns server-group DefaultDNS name-server 4.2.2.2 domain-name aaa.local same-security-traffic permit inter-interface same-security-traffic permit intra-interface object network obj_any subnet 0.0.0.0 0.0.0.0 object network A_93.97.168.1 host 93.97.168.1 object network rdp host 192.168.1.2 object network NETWORK_OBJ_192.168.1.0_24 subnet 192.168.1.0 255.255.255.0 access-list 101 extended permit tcp any host 192.168.1.2 eq 3389 access-list 101 extended permit icmp any any echo-reply access-list 101 extended permit icmp any any source-quench access-list 101 extended permit icmp any any time-exceeded access-list 101 extended permit icmp any any unreachable access-list 102 extended permit ip any any pager lines 24 logging enable logging asdm informational mtu inside 1500 mtu outside 1492 ip local pool VPNPool 192.168.2.200-192.168.2.210 mask 255.255.255.0 icmp unreachable rate-limit 1 burst-size 1 asdm image disk0:/asdm-641.bin no asdm history enable arp timeout 14400 ! object network rdp nat (inside,outside) static interface service tcp 3389 3389 ! nat (inside,outside) after-auto source dynamic any interface access-group 101 in interface outside access-group 102 out interface outside ! router ospf 1 network 192.168.1.0 255.255.255.0 area 0 log-adj-changes ! route outside 0.0.0.0 0.0.0.0 93.97.168.1 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 dynamic-access-policy-record DfltAccessPolicy http server enable http 192.168.1.0 255.255.255.0 inside no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart crypto ipsec ikev2 ipsec-proposal DES protocol esp encryption des protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal 3DES protocol esp encryption 3des protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal AES protocol esp encryption aes protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal AES192 protocol esp encryption aes-192 protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal AES256 protocol esp encryption aes-256 protocol esp integrity sha-1 md5 crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP crypto map outside_map interface outside crypto ca trustpoint ASDM_TrustPoint0 enrollment self subject-name CN=ciscoasa proxy-ldc-issuer crl configure crypto ca certificate chain ASDM_TrustPoint0 certificate 8877d64d 30820248 308201b1 a0030201 02020488 77d64d30 0d06092a 864886f7 0d010105 05003036 3111300f 06035504 03130863 6973636f 61736131 21301f06 092a8648 86f70d01 09021612 63697363 6f617361 2e6e6a64 2e6c6f63 616c301e 170d3131 30353231 30383533 34325a17 0d323130 35313830 38353334 325a3036 3111300f 06035504 03130863 6973636f 61736131 21301f06 092a8648 86f70d01 09021612 63697363 6f617361 2e6e6a64 2e6c6f63 616c3081 9f300d06 092a8648 86f70d01 01010500 03818d00 30818902 818100ea 1aa95141 480e616c efee6816 a96d6511 313b6776 cd3dd57b cd84b4d2 5e108aee 7c980086 4d92e2eb b6c7bf66 4585af0a ccbf153a db9270be c6f5c67b db9dd8d1 2f78d033 3348b056 df4be0da 70e08953 53adf294 9db6c020 597d250f bf448b43 b90179c8 ff0b15d8 744632d9 31c1945f 0b11e258 b4c1d224 692efff4 7b2f5102 03010001 a3633061 300f0603 551d1301 01ff0405 30030101 ff300e06 03551d0f 0101ff04 04030201 86301f06 03551d23 04183016 8014493c 19db183a ab1af9e9 b1e44ad4 2a408b3c 89d1301d 0603551d 0e041604 14493c19 db183aab 1af9e9b1 e44ad42a 408b3c89 d1300d06 092a8648 86f70d01 01050500 03818100 1dd1760a fdd15941 4803fb9a cd6f44a7 2e275854 a1c0fbe1 d19f2cc9 182d43ef a547f854 8df96d15 3ea79c62 cf3fcb1c 5820360b c607dbfc 4de8bb16 19f727e9 b928a085 665816d8 138e4a35 ed610950 7910dd4a 0b1a9dd9 0e26f1c8 b78bc0cc cbf19eb2 4c4c3931 45199ea5 249e3266 661e44fd 7a00d376 dcfc6e4e d43f10b8 quit crypto isakmp nat-traversal 30 crypto ikev2 policy 1 encryption aes-256 integrity sha group 5 prf sha lifetime seconds 86400 crypto ikev2 policy 10 encryption aes-192 integrity sha group 5 prf sha lifetime seconds 86400 crypto ikev2 policy 20 encryption aes integrity sha group 5 prf sha lifetime seconds 86400 crypto ikev2 policy 30 encryption 3des integrity sha group 5 prf sha lifetime seconds 86400 crypto ikev2 policy 40 encryption des integrity sha group 5 prf sha lifetime seconds 86400 crypto ikev2 enable outside client-services port 443 crypto ikev2 remote-access trustpoint ASDM_TrustPoint0 telnet timeout 5 ssh 192.168.1.0 255.255.255.0 inside ssh timeout 5 console timeout 0 dhcpd auto_config outside ! dhcpd address 192.168.1.5-192.168.1.36 inside dhcpd dns 4.2.2.2 interface inside dhcpd enable inside ! threat-detection basic-threat threat-detection statistics host number-of-rate 3 threat-detection statistics port threat-detection statistics protocol threat-detection statistics access-list threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200 ntp server 82.219.4.31 source outside prefer ssl trust-point ASDM_TrustPoint0 outside webvpn enable outside anyconnect image disk0:/anyconnect-win-2.4.1012-k9.pkg 1 anyconnect profiles AnyConnectVPN_client_profile disk0:/AnyConnectVPN_client_profile.xml anyconnect profiles SSLAnyConnectVPN_client_profile disk0:/SSLAnyConnectVPN_client_profile.xml anyconnect enable tunnel-group-list enable group-policy GroupPolicy_AnyConnectVPN internal group-policy GroupPolicy_AnyConnectVPN attributes wins-server none dns-server value 4.2.2.2 vpn-tunnel-protocol ikev2 ssl-client ssl-clientless default-domain value aaa.local webvpn url-list none anyconnect profiles value AnyConnectVPN_client_profile type user group-policy GroupPolicy_SSLAnyConnectVPN internal group-policy GroupPolicy_SSLAnyConnectVPN attributes wins-server none dns-server value 4.2.2.2 vpn-tunnel-protocol ikev2 ssl-client default-domain value aaa.local webvpn anyconnect profiles value SSLAnyConnectVPN_client_profile type user username testuser password xxxxxxxxxxxxxxxxx encrypted privilege 0 username testuser attributes vpn-group-policy GroupPolicy_AnyConnectVPN tunnel-group SSLPOL type remote-access tunnel-group SSLPOL general-attributes default-group-policy GroupPolicy_AnyConnectVPN tunnel-group SSLAnyConnectVPN type remote-access tunnel-group SSLAnyConnectVPN general-attributes address-pool VPNPool default-group-policy GroupPolicy_SSLAnyConnectVPN tunnel-group SSLAnyConnectVPN webvpn-attributes group-alias SSLAnyConnectVPN enable ! class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect dns preset_dns_map parameters message-length maximum 512 policy-map global_policy class inspection_default inspect dns preset_dns_map inspect esmtp inspect ftp inspect h323 h225 inspect h323 ras inspect ip-options inspect netbios inspect rsh inspect rtsp inspect sip inspect skinny inspect sqlnet inspect sunrpc inspect tftp inspect xdmcp ! service-policy global_policy global prompt hostname context call-home profile CiscoTAC-1 no active destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService destination address email [email protected] destination transport-method http subscribe-to-alert-group diagnostic subscribe-to-alert-group environment subscribe-to-alert-group inventory periodic monthly subscribe-to-alert-group configuration periodic monthly subscribe-to-alert-group telemetry periodic daily Cryptochecksum:94a65341aa27d3929d5e92a32ba22120 : end

  Read the article

• undefined BIO_new_socket function in OpenSSL library

  - by Chuck

  Hi, I get the following problem with some openssl (yeah, I know it's poorly documented, but I wish to use it any way) code in a project of mine (written in c, on osx and tested in ubuntu): Undefined symbols: "_BIO_new_socket", referenced from: _main in ccG3cvyw.o ld: symbol(s) not found collect2: ld returned 1 exit status I did have SSL library problems aswel, because I forgot to link my program to the openssl libraries. The above undefined still stands though. My compile line is: gcc -o test_app test_app.c -lssl Versions I use: (GCC) 4.2.1 OpenSSL 0.9.8l 5 Nov 2009 I'm fairly certain it's a (linked) library issue, as the SSL function SSL_set_bio() works (as in does not produce a build error). Any clue is very much appreciated :) Chuck

  Read the article

• Restful authentication between two GAE apps.

  - by user259349

  Hello everyone, i am trying to write a restful google app engine application (python) that accepts requests only from another GAE that i wrote. I dont like any of the ways that i thought of to get this done, please advice if you know of something better than: Get SSL setup, and simply add the credentials on the request that my consuming app will send. I dont like it cause SSL will slow things down. Security by obsecurity. Add a random number in my request that is in Xmod0, where X is a secret number that both applications know. I just,,,, dont like this. Check the HTTP header to see where is the request coming from. This option is the one that i hate the least, not alot of processing, and spoofing an HTTP request is not really worth it, for my application's data. Is there any other clean solution for this?

  Read the article

• SSL_CTX_use_PrivateKey_file fail on Linux (part 2)

  - by Fredrik Ullner

  For some reason, my calls to OpenSSL's SSL_CTX_use_PrivateKey_file have started to fail (again) on Ubuntu. My previous post concerning this function; http://stackoverflow.com/questions/2028862/ssl-ctx-use-privatekey-file-fail-under-linux With the above fix, I have been able to use things fine until a couple of days ago. I have no idea why. The error string I'm now getting is error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib with 336265225 as error code. What is the problem? Additional info: The file passed to the function exist (SSL_CTX_use_certificate_file is passed the same file). The code in the callback function for the password is also not called (at least apparantly not according to the debugger). Everything works fine on Windows.

  Read the article

• wireshark - filter by process/pid

  - by Ryan Fernandes

  Like the question says, is there a way to filter/follow a tcp/ssl stream based on a particular process ID?

  Read the article

• facebook iframe size not working under https facebook connect

  - by acton

  Follow the following direction in: http://wiki.developers.facebook.com/index.php/Facebook_Connect_Via_SSL to use SSL version facebook connect, some of CanvasUtil functions regarding the resizing doesn't seem to work, the code is as following: FB_RequireFeatures(["Connect","Api","CanvasUtil"], function() { FB.Facebook.init(apiKey, channel,{ "doNotUseCachedConnectState":true }); FB.CanvasClient.getCanvasInfo(function(info){ alert("get it"); }); }); I don't see "get it". If I swtich back to http version, I could get the alert message and things are ok. Does anyone know how to make CanvasUtils from SSL facebook connect working? It might be a bug in facebook. Thanks a lot!

  Read the article

• Simplest Way to Process Basic HTTPS GET File Requests?

  - by stormin986

  All I need to do is download some basic text-based and image files from a web server that has a self-signed SSL certificate. I have been trying to figure out how to use HttpClient to do this, but getting the SSL to work is a nightmare that seems to be way too much trouble for such a simple task. Is there a better way to perform these file downloads? Perhaps through a WebView or Browser feature? Reinventing the wheel of making a simple HTTPS GET request is a major pain, and is significantly holding up my development schedule.

  Read the article

• Apple Push Notifications With Foreign Accent Characters Not Receiving

  - by confeng

  I'm sending push notifications and when the message contains foreign characters (Turkish in my case) like I, s, ç, g... The message does not arrive to devices. Here's my code: $message = 'THIS is push'; $passphrase = 'mypass'; $ctx = stream_context_create(); stream_context_set_option($ctx, 'ssl', 'local_cert', 'MyPemFile.pem'); stream_context_set_option($ctx, 'ssl', 'passphrase', $passphrase); // Open a connection to the APNS server $fp = stream_socket_client( 'ssl://gateway.push.apple.com:2195', $err, $errstr, 60, STREAM_CLIENT_CONNECT|STREAM_CLIENT_PERSISTENT, $ctx); if (!$fp) exit("Failed to connect: $err $errstr" . PHP_EOL); echo 'Connected to Apple service. ' . PHP_EOL; // Encode the payload as JSON $body['aps'] = array( 'alert' => $message, 'sound' => 'default' ); $payload = json_encode($body); $result = 'Start'.PHP_EOL; $tokenArray = array('mytoken'); foreach ($tokenArray as $item) { // Build the binary notification $msg = chr(0) . pack('n', 32) . pack('H*', $item) . pack('n', strlen($payload)) . $payload; // Send it to the server $result = fwrite($fp, $msg, strlen($msg)); if (!$result) echo 'Failed message'.PHP_EOL; else echo 'Successful message'.PHP_EOL; } // Close the connection to the server fclose($fp); I have tried encoding $message variable with utf8_encode() but the message received as "THÝS is push". And other ways like iconv() didn't work for me, some of them cropped Turkish characters, some didn't receive at all. I also have header('content-type: text/html; charset: utf-8'); and <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> in my page. I don't think the problem appears while I set the value but maybe with pack() function. Any ideas to solve this without replacing characters with English?

  Read the article

• Restfull authentication between two GAE apps.

  - by user259349

  Hello everyone, i am trying to write a restful google app engine application (python) that accepts requests only from another GAE that i wrote. I dont like any of the ways that i thought of to get this done, please advice if you know of something better than: Get SSL setup, and simply add the credentials on the request that my consuming app will send. I dont like it cause SSL will slow things down. Security by obsecurity. Pass a long number by my consuming app that is in Xmod0, where X is a secret number that both applications know. I just,,,, dont like this. Check the HTTP header to see where is the request coming from. This option is the one that i hate the least, not alot of processing, and spoofing an HTTP request is not really worth it, for my application's data. Is there any other clean solution for this?

  Read the article

• SharePoint : https area in a public website

  - by Hugo Migneron

  I'm working on a public website that was built using SharePoint (WSS). We need to add an area in the site where people will be able to purchase items with their credit cards and obviously the area needs to be secured. The website is using Form Based Authentication and the users need to stay logged in when they are moved back and forth from the https zone. I know how to enable SSL for a new web application / site collection but this isn't really an option for me as the website is already online and we don't want the whole thing to be secured. I am comfortable with the development of the webparts involved (payment module, shopping cart, etc.) but I can't really figure out how to create only certain https pages when the site collection is created. Can you have features that deploy pages that are secured? If so, how? Can you have a zone where SSL is enabled but where the users are redirected to and from without losing their authentication (FBA)? Thanks!

  Read the article

• How to retrieve email from GMail account using PHP?

  - by Tatu Ulmanen

  Hi, I'm trying to automatically retrieve some email from my GMail account for further parsing, but I can't get my head around on how to do that. I've searched the internets and it suggested that I use PHP's imap functions, like this: $server = '{imap.gmail.com:993/ssl}'; $connection = imap_open($server, '[email protected]', 'password'); But using that code, I get: Warning: imap_open() [function.imap-open]: Couldn't open stream {imap.gmail.com:993/ssl} Any idea what I am doing wrong? Any server setting that might be preventing me from making a connection to GMail (I'm using a shared service)? Is the address even right? Has anyone ever managed to do something like this? I've found tons of examples on how to send email via GMail, but very little of retrieving. Any help is much appreciated.

  Read the article

• Prepend 'www' to an HTTPS url using .htaccess & mod_rewrite

  - by webfac

  I have a dilemma with this one. With the following code I am able to force SSL on any non SSL url, however when the user (and results from Google) take the user to http://mysite.co.za then we hit an issue as the url is then rewritten to https://mysite.co.za Due to the fact that my certificate is bound to www.mysite.co.za it immediately throws a security error because of the missing 'www' in the url. Can someone point out a way to add the www to the domain when the domain starts with HTTPS and not HTTP? Much appreciated. And the current code to add the https:// is as follows: RewriteCond %{HTTP_HOST} !^www\. RewriteCond %{HTTPS}s ^on(s)| RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

  Read the article

• How do I send signed emails from ActionMailer?

  - by James A. Rosen

  I'm using GMail as my SMTP server. I have that configuration working just fine: # config/initializers/action_mailer.rb: ActionMailer::Base.smtp_settings = { :tls => true, :address => "smtp.gmail.com", :port => "587", :domain => "www.example.org", :authentication => :login, :user_name => "[email protected]", :password => "it's a secret" } I also have a public/private RSA key pair in config/ssl/rsa.public and config/ssl/rsa.private. What do I do to sign the emails before shipping them off to GMail's SMTP server?

  Read the article

• HTTPS with Self-Signed Certificate Issues... Solution or better way?

  - by stormin986

  All I need to do is download some basic text-based and image files from a web server that has a self-signed SSL certificate. I have been trying to figure out how to use HttpClient to do this, but getting the SSL to work is a nightmare that seems to be way too much trouble for such a simple task. Is there a better way to perform these file downloads? Perhaps through a WebView or Browser feature? Reinventing the wheel of making a simple HTTPS GET request is a major pain, and is significantly holding up my development schedule. ** Updated title to more accurately reflect question / solution **

  Read the article

• Network Security and Encryption explained in laymen terms

  - by Ehrann Mehdan

  Although I might pretend very well that I known a thing about networks or security and it might help me pass an interview, or fix a bug, I don't really feel I'm fooling anyone. I'm looking for a laymen terms explanation of nowadays network security concepts and solutions. The information is scattered around and I didn't find a resource for "dummies" like me (e.g experienced Java developers that can speak the jargon but have no real clue what it means) Topics I have a weak notion about and want to understand better as a Java developer PGP Public / Private keys RSA / DES SSL and 2 way SSL (keystore / trustore) Protecting against Man in the middle fraud Digital Signature and Certificates Is there a resource out there that really explains it in a way that doesn't require a Cisco certificate / Linux lingo / know what is subnet masking or other plumbing skills?

  Read the article

• Can't find AVD or SDK manager in Eclipse

  - by zigzag

  Seems like I'm having some problems after updating my android sdk tools and platform-tools using the sdk manager. The problem is that, after updating, I found that the avd or sdk options in the windows dropdown menu in eclipse are gone! And, I can't find any option to create an android project from file-new projects any more. I tried removing the ADT from eclipse and the software site "https://dl-ssl.google.com/android/eclipse/" from "available software sites" and then reinstalled the ADT from "https://dl-ssl.google.com/android/eclipse/" using help-install new software. The installation was successful, but I still don't have any option for shortcuts to the SDK manager or the AVD in eclipse, and neither can I create a new android project. By the way, the android perspectives are not gone, they are still here. Also, I can manually open the avd and sdk manager from the directory where I have installed them. Can anyone please show me a workaround? Any help would be greatly appreciated.

  Read the article

• Zend Framework - Not Connecting to IMAP mail server - instead dumps empty php file

  - by Ali

  Hi guys I'm trying to connect to an imap mail server using zend frameworks Zend_Mail_Storage_Imap function. Its working with some accounts but with most accounts it just dies out. I'm connecting using: $mail = new Zend_Mail_Storage_Imap(array('host' =>$current_dept->incoming_server, 'ssl' =>$current_dept->ssl, 'port'=>$current_dept->incoming_port, 'folder'=>$mbox_name, 'user' =>$current_dept->email, 'password' =>$current_dept->email_psd)); WIth some email accounts teh code doesn't go past this statement - and instead I'm prompted to 'download' the php file being run. Whats happening here - the mail server details are correct.

  Read the article

• How to transfer large files from desktop to server ( .NET)

  - by rahulchandran

  I am writing a .NET 2.0 based desktop client that will send large files ( well largish under 2GB) to a server. Need to develop the server as well. Server can be on any technology It should be secure so an underlying SSL stream is needed What are my options. Any obvious caveats etc I should be aware of To my mind the simplest solution is to open a tcp\ip connection over SSL to the server and send n packets each of size M bytes and then have the server append the chunks to the file and finally send an EOF packet as well IS this horrible. Will the perf suck on the server with all these disk writes What are any other clever options. I am limited to .NET 2.0 on the client if I did move to a WCF client will it buy be something magical and cool for this scenario Thanks

  Read the article

• Ensuring Updated CSS/JavaScript on Client Side

  - by Alex

  I'm trying to ensure that visitors of my ASP.NET MVC website always have the most-current CSS and Javascript (and not some older cached version). I tried to realize this by generating a seed value when the application domain starts, and automatically append it to the CSS and Javascript URLs (so now instead of /Content/All.js the link is /Content/All.js?549238 etc.). Unfortunately I just found out by debugging via Firebug that this causes now a full download request every time (the new "seeded" response is no longer cached at all, but I only wanted the first check to download the 'updated' version, but then cache again/only check if there is a difference). How can I achieve my goal, is there a better way of doing this? I need the client to always request the newest version, but then cache if no change happened. Edit: This appears to be related to the fact that my page is served over SSL. I asked a follow up question here regarding enabling clientside caching with SSL.

  Read the article

• Android and PHP - Do I need to use sessions?

  - by jtnire

  I have created an Android App that communicates with a PHP web server. They both send JSON to each other. My App is almost finished, however there is one thing left to do: authentication. Since the user's username and password will be stored in Android SharedPreferences, is there any need to use PHP sessions, given that the user won't need to enter the username/password at every request? Since I can just send the username and password in the HTTP POST header for every request, and that I will be using SSL, is this sufficient? I guess I could add an extra field in the header called 'random' that just adds a random value, just to use as a salt so that the encrypted SSL payload will be different everytime. The reason why I don't want to use sessions is that my Android App would either have to handle cookies, or managed the storage of the session ID. If there are some serious cons to using my method above, then I'm more than happy to use sessions, however all advice is appreciated. Thanks

  Read the article

• Webservice for uploading data: security considerations

  - by Philip Daubmeier

  Hi everyone! Im not sure about what authentification method I should use for my webservice. I've searched on SO, and found nothing that helped me. Preliminary Im building an application that uploads data from a local database to a server (running my webservice), where all records are merged and stored in a central database. I am currently binary serializing a DataTable, that holds a small fragment of the local database, where all uninteresting stuff is already filtered out. The byte[] (serialized DataTable), together with the userid and a hash of the users password is then uploaded to the webservice via SOAP. The application together with the webservice already work exactly like intended. The Problem The issue I am thinking about is now: What is if someone just sniffs the network traffic, 'steals' the users id and password hash to send his own SOAP message with modified data that corrupts my database? Options The approaches to solving that problem, I already thought of, are: Using ssl + certificates for establishing the connection: I dont really want to use ssl, I would prefer a simpler solution. After all, every information that is transfered to the webservice can be seen on the website later on. What I want to say is: there is no secret/financial/business-critical information, that has to be hidden. I think ssl would be sort of an overkill for that task. Encrypting the byte[]: I think that would be a performance killer, considering that the goal of the excercise was simply to authenticate the user. Hashing the users password together with the data: I kind of like the idea: Creating a checksum from the data, concatenating that checksum with the password-hash and hashing this whole thing again. That would assure the data was sent from this specific user, and the data wasnt modified. The actual question So, what do you think is the best approach in terms of meeting the following requirements? Rather simple solution (As it doesnt have to be super secure; no secret/business-critical information transfered) Easily implementable retrospectively (Dont want to write it all again :) ) Doesnt impact to much on performance What do you think of my prefered solution, the last one in the list above? Is there any alternative solution I didnt mention, that would fit better? You dont have to answer every question in detail. Just push me in the right direction. I very much appreciate every well-grounded opinion. Thanks in advance!

  Read the article

• Cross domain secure cookie usage?

  - by asdasda

  I have a website that came with a SSL site for HTTPS but its on a different server. Example being my website: http://example.com my SSL site: http://myhostingcompany.com/~myuseraccount/ So I can do transactions over HTTPS and we have user accounts and everything but it is located on a different domain. The cookie domain is set for that one. Is there a way I can check on my actual site to see if a cookie is set for the other one? And possibly grab its data and auth a user? I think this violates a major principle of security and can't be done for good reasons, but am i wrong? is this possible?

  Read the article

• SuperSocket

  - by csharp-source.net

  SuperSocket is a light weight extensible socket application framework. You can use it to build a command based server side socket application (like FTP server, SMTP/POP3/IMAP4 server, SIP server, etc) easily without thinking about how to use socket, how to maintain the socket connections and how socket works(synchronize/asynchronize). It is a pure C# project which is designed to be extended, so it is easy to be integrated to your existing system. As long as your systems (like forum/CRM/MIS/HRM/ERP) are developed in .NET language, you must be able to use SuperSocket to build your socket application as a part of your current system perfectly.

  Read the article

• C programming in 2011

  - by Duncan Bayne

  Many moons ago I cut C code for a living, primarily while maintaining a POP3 server that supported a wide range of OSs (Linux, *BSD, HPUX, VMS ...). I'm planning to polish the rust off my C skills and learn a bit about language implementation by coding a simple FORTH in C. But I'm wondering how (or whether?) have things changed in the C world since 2000. When I think C, I think ... comp.lang.c ANSI C wherever possible (but C89 as C99 isn't that widely supported) gcc -Wall -ansi -pedantic in lieu of static analysis tools Emacs Ctags Autoconf + make (and see point 2 for VMS, HP-UX etc. goodness) Can anyone who's been writing in C for the past eleven years let me know what (if anything ;-) ) has changed over the years? (In other news, holy crap, I've been doing this for more than a decade).

  Read the article

< Previous Page | 87 88 89 90 91 92 93 94 95 96 97 98  | Next Page >