Search Results

Search found 13454 results on 539 pages for 'ws security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 93/539 | < Previous Page | 89 90 91 92 93 94 95 96 97 98 99 100  | Next Page >

  • Metro + Jetty + OSGi = pain

    - by mjgp2
    I am trying to swap out Sun's HTTPServer for the much better Jetty server, within an OSGi bundle, running on Equinox. I have tried this: System.setProperty("com.sun.net.httpserver.HttpServerProvider","org.mortbay.jetty.j2se6.JettyHttpServerProvider"); but when endpoint.publish(url) is called, and the server is spawned, it complains of a ClassNotFoundException for org.mortbay.jetty.j2se6.JettyHttpServerProvider. However, the correct jars are in the bundle, and indeed in the Activator I can instantiate a org.mortbay.jetty.j2se6.JettyHttpServerProvider. I think that this is a some kind of classpath issue - the spawned server is in a different classpath maybe? I have tried adding the JARs in at the JDK level, but this doesn't make any difference. Can oanyone shed any light how on earth to get this working? P.S. Maybe hideous System.setProperty calls will vanish from the world one day. Hopefully :)

    Read the article

  • How to specify a parameter as part of every web service call?

    - by LES2
    Currently, each web service for our application has a user parameter that is added for every method. For example: @WebService public interface FooWebService { @WebMethod public Foo getFoo(@WebParam(name="alwaysHere",header=true,partName="alwaysHere") String user, @WebParam(name="fooId") Long fooId); @WebMethod public Result deletetFoo(@WebParam(name="alwaysHere",header=true,partName="alwaysHere") String user, @WebParam(name="fooId") Long fooId); // ... } There could be twenty methods in a service, each with the first parameter as user. And there could be twenty web services. We don't actually use the 'user' argument in the implementations - in fact, I don't know why it's there - but I wasn't involved in the design, and the person that put it there had a reason (I hope). Anyway, I'm trying to straighten out this Big Ball of Mud. I have already come a long way by wrapping the web services by a Spring proxy, which allows me to do some before-and-after processing in an interceptor (before there were at least 20 lines of copy-pasted boiler plate per method). I'm wondering if there's some kind of "message header" I can apply to the method or package and that can be accessed by some type of handler or something outside of each web service method. Thanks in advance for the advice, LES

    Read the article

  • iphone: is there any secure way to establish 2-way SSL from an application

    - by pmilosev
    Hi I need to establish a HTTPS 2-way SSL connection from my iPhone application to the customer's server. However I don't see any secure way to deliver the client side certificates to the application (it's an e-banking app, so security is really an issue). From what I have found so far the only way that the app would be able to access the certificate is to provide it pre-bundeled with the application itself, or expose an URL from which it could be fetched (http://stackoverflow.com/questions/2037172/iphone-app-with-ssl-client-certs). The thing is that neither of this two ways prevent some third party to get the certificate, which if accepted as a risk eliminates the need for 2-way SSL (since anyone can have the client certificate). The whole security protocol should look like this: - HTTPS 2-way SSL to authenticate the application - OTP (token) based user registration (client side key pair generated at this step) - SOAP / WSS XML-Signature (requests signed by the keys generated earlier) Any idea on how to establish the first layer of security (HTTPS) ? regards

    Read the article

  • [JAX-B] How can I ignore a superclass?

    - by MrSpandex
    I'm trying to write a web service for the java.util.logging api. So I wrote a class MyLogRecord that inherits from LogRecord. I annotated this class with JAX-B annotations, including @XmlAccessorType(XmlAccessType.NONE) so it would ignore non-annotated fields and properties. When I start up tomcat, I get errors that java.util.logging.Level and other java.util.logging classes do not have a default constructor, but none of my annotated methods make any reference to the Level class or any of the other java.util.logging classes. These are referenced by the parent class. My sub-class has everything it needs defined. How can I get JAX-B to ignore the parent class completely? Update: I found another post on this, which suggests modifying the parent class. This is obviously not possible because I am extending a java.util class. IS there any way to do this without modifying the superclass? Update2: I found a thread on java.net for a similar problem. That thread resulted in an enhancement request, which was marked as a duplicate of another issue, which resulted in the @XmlTransient annotation. The comments on these bug reports lead me to believe this is impossible in the current spec.

    Read the article

  • Jboss webservice client error

    - by user309281
    Hi I am getting following error, when a java webservice client written using jboss webservices, tries to invoke a webservice through WSDL URL. The program is executed in java 1.5 VM installed in RHEL Any idea when this kind of exception will pop up? And moreover the IP 192.168.182.20 is not of the system from which the client program executed. javax.xml.ws.soap.SOAPFaultException: [192.168.182.20] is not authorized. at org.jboss.ws.core.jaxws.SOAPFaultHelperJAXWS.getSOAPFaultException(SOAPFaultHelperJAXWS.java:84) at org.jboss.ws.core.jaxws.binding.SOAP11BindingJAXWS.throwFaultException(SOAP11BindingJAXWS.java:107) at org.jboss.ws.core.CommonSOAPBinding.unbindResponseMessage(CommonSOAPBinding.java:579) at org.jboss.ws.core.CommonClient.invoke(CommonClient.java:381) at org.jboss.ws.core.jaxws.client.ClientImpl.invoke(ClientImpl.java:291) at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy.java:170) at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy.java:150) at $Proxy21.send(Unknown Source)

    Read the article

  • How do I customise date/time bindings using JAXWS and APT?

    - by Jordan Digby
    Im using JAXWS 2.1.7, using some classes to run through JAXWS's 'apt' to generate the WSDL. For dates, I use @XmlSchemaType(name="time") private Date wakeupTime; and this generates a schema with xs:time, but when this all comes out in XML, the value is something like <wakeupTime>1901-01-01T01:00:00 +10</wakeupTime> I want JUST the time portion to come! I think I want to use a custom converter to say that xs:time + java.util.Date should be printed and parsed in such-and-sucha manner, but I cant see that I can pass a bindings file to the apt routine. I can't (for historical & other reasons) use XMLGregorianCalendar - it has to be a java.util.Date. How do I specify a custom binding for the apt tool in jaxb

    Read the article

  • Create java sandbox based on security policies

    - by argos
    I need to create environment to run potentially untrusted code. Program allowed to connect to preconfigured address:port and nothing else (even read the system time). I have compiled the class whitelist. I'd searched similar questions, but found only template that based on SecurityManager which AFAIK is deprecated. Can anybody give me a simple sample how to run code in sandbox based on security policies and AccessController?

    Read the article

  • IHTMLTxtRange.execCommand("Copy",false,null) fails due to IE settings

    - by srirambalaji-s
    We have a .Net application that is used for editing/rendering customized HTML documents. It is hosted in IE using the AxSHDocVw.AxWebBrowser controls. We proceed with navigating to "about:blank" page initially then we change the Document by writing our custom values into it. The problem we are facing is the call to IHTMLTxtRange.execCommand("Copy",false,null) is failing if we don't enable the IE Security Settings in the Internet Security zone (Scripting-Allow Programmatic Access to Clipboard ). In order to bypass the security setting ,I tried to point to a local html file initially while navigating. But this fails as soon as I modify the Document. I want to use the IHTMLTxtRange.execCommand("Copy",false,null) command so that I can customize our Copy/Paste operations. Is there any other way I can do this. Please share your ideas inorder to overcome this situation. Thanks. Sriram

    Read the article

  • json webservice security

    - by crisgomez
    I have a problem regarding json web service security. I tried to developed a sample web application using json webservice,but the problem is the url was exposed on the client side.So from there,anybody can make a program and call the service for a thousand times. Please take note, that the web service will be using for a registration page, in which checks if the user was exist on the database.So there is no authentication happened on this process. What are the approach to secure the calling of the exposed web service?

    Read the article

  • Spring Web Service

    - by deepak
    I want Spring Webservice program in details. I have visited many websites , no website is providing me in proper. I want that program to be detailed and clear explained. It is better if you use any one of the Netbeans of Eclipse Ganymade IDE's

    Read the article

  • How to configure grails and shiro to mark cookies secure?

    - by j4y
    I'm using Grails 2.2.4 with the Shiro plugin (v1.1.4) and would like to mark the cookies as secure so the session information won't be sent over http. This is the attribute I want to set: securityManager.sessionManager.sessionIdCookie.secure = true The shiro source says to use the Grails bean property override mechanism, which is grails-app/conf/spring/resources.groovy How can I override just the one setting? // If the legacy 'security.shiro.filter.config' option is set, // use our custom INI-based filter... if (application.config.security.shiro.filter.config) { log.warn "security.shiro.filter.config option is deprecated. Use Grails' bean property override mechanism instead." 'filter-class'('org.apache.shiro.grails.LegacyShiroFilter') 'init-param' { 'param-name'('securityManagerBeanName') 'param-value'('shiroSecurityManager') }

    Read the article

  • Untrusted GPGPU code (OpenCL etc) - is it safe? What risks?

    - by Grzegorz Wierzowiecki
    There are many approaches when it goes about running untrusted code on typical CPU : sandboxes, fake-roots, virtualization... What about untrusted code for GPGPU (OpenCL,cuda or already compiled one) ? Assuming that memory on graphics card is cleared before running such third-party untrusted code, are there any security risks? What kind of risks? Any way to prevent them ? (Possible sandboxing on gpgpu or other technique?) P.S. I am more interested in gpu binary code level security rather than hight-level gpgpu programming language security (But those solutions are welcome as well). What I mean is that references to gpu opcodes (a.k.a machine code) are welcome.

    Read the article

  • SharePoint Navigation Custom Link Security Trimming

    - by ifunky
    Hi, We've got our navigation setup so that subsites show in the global navigation but we have a requirement to also put custom links to external sites which is straight forward. The tricky part is that some of the custom links need security trimming which you don't get when you add your own links to the navigation. Just wondering if anyone has got some ideas on how to work around this? Thanks Dan

    Read the article

  • Consuming Third Party web services through Spring WebServiceTemplate

    I'm trying to consume a Third Party web service, through a wsdl file provided. I would load the file locally from a Spring-J2EE based project underneath WEB-INF folder. The wsdl might have more than one operation exposed. So I need a way to be able to choose the method to be called. I would also need to make use of a JaxbMarshaller. Can anyone help with a code snippet for the same? Thanks for the help.

    Read the article

  • JAXWS serves only 100 requests, how to configure JAXWS to change it to unlimited?

    - by cbz
    Hello, I'm using JAXWS for generating webservices and serving using EndPoint.publish() as well as deploying war file, but as soon as it has served 100 requests it wouldn't return 101st response. How to configure JAXWS to change this count to unlimited? EDIT: solution found, first of all it was not related to JAXWS and I'm sorry for posting it here, in my first impression I thought problem is with JAXWS but after deep exploring and debugging I found problem with my persistence layer (Hibernate) where max number of sessions allowed are 100 by default. Sorry again for making you guys to think which actually does not make sense.

    Read the article

  • Paypal's "Security header is not valid"

    - by Paypal
    I'm implementing the Express Checkout? I have no problem with the first two steps:SetExpressCheckout and GetExpressCheckout,but met the "Security header is not valid" at DoExpressCheckout. The API credentials are the same! I've fixed it by changing the $environment to live in DoExpressCheckout.(The difference is that it'll use https://api.sandbox.paypal.com/nvp/ instead of https://api-3t.$environment.paypal.com/nvp) But why? Is there something wrong with https://api-3t.$environment.paypal.com/nvp?

    Read the article

  • Turn off IIS 7.5 Attach security warning

    - by Miau
    IIS 7 and Visual Studio 2008, every time you attach to w3wp.exe you get an Attach Security Warning, How do you turn this of? It would be cool to know also, how to keep it attached for linger, as this seems to time out after a while Btw: I Added this as a comment to the answer below, the first thing i did was try the msdn article http://msdn.microsoft.com/en-us/library/ms241736.aspx that doesn't work

    Read the article

  • Make a Method of the Business Layer secure. best practice / best pattern [.net/c#]

    - by gsharp
    Hi We are using ASP.NET with a lot of AJAX "Page Method" calls. The WebServices defined in the Page invokes methods from our BusinessLayer. To prevent hackers to call the Page Methods, we want to implement some security in the BusinessLayer. We are struggling with two different issues. First one: public List<Employees> GetAllEmployees() { // do stuff } This Method should be called by Authorized Users with the Role "HR". Second one: public Order GetMyOrder(int orderId) { // do sutff } This Method should only be called by the owner of the Order. I know it's easy to implement the security for each method like: public List<Employees> GetAllEmployees() { // check if the user is in Role HR } or public Order GetMyOrder(int orderId) { // check if the order.Owner = user } What I'm looking for is some pattern/best practice to implement this kind of security in a generic way (without coding the the if then else every time) I hope you get what i mean :-) Thanks for you help.

    Read the article

  • Make a Method of the Business Layer secure. best practice / best pattern

    - by gsharp
    We are using ASP.NET with a lot of AJAX "Page Method" calls. The WebServices defined in the Page invokes methods from our BusinessLayer. To prevent hackers to call the Page Methods, we want to implement some security in the BusinessLayer. We are struggling with two different issues. First one: public List<Employees> GetAllEmployees() { // do stuff } This Method should be called by Authorized Users with the Role "HR". Second one: public Order GetMyOrder(int orderId) { // do sutff } This Method should only be called by the owner of the Order. I know it's easy to implement the security for each method like: public List<Employees> GetAllEmployees() { // check if the user is in Role HR } or public Order GetMyOrder(int orderId) { // check if the order.Owner = user } What I'm looking for is some pattern/best practice to implement this kind of security in a generic way (without coding the the if then else every time) I hope you get what i mean :-)

    Read the article

  • osCommerce Security Issue

    - by Auxi
    Hi, I am planning to integrate some opensource shopping cart with my site and I am bit worried about it's security. Is it that easy to hack osCommerce based website? Because I am thinking to use osCommerce.. Kindly advise.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 89 90 91 92 93 94 95 96 97 98 99 100  | Next Page >