Search Results

Search found 15415 results on 617 pages for 'security groups'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 99/617 | < Previous Page | 95 96 97 98 99 100 101 102 103 104 105 106  | Next Page >

  • json webservice security

    - by crisgomez
    I have a problem regarding json web service security. I tried to developed a sample web application using json webservice,but the problem is the url was exposed on the client side.So from there,anybody can make a program and call the service for a thousand times. Please take note, that the web service will be using for a registration page, in which checks if the user was exist on the database.So there is no authentication happened on this process. What are the approach to secure the calling of the exposed web service?

    Read the article

  • How to configure grails and shiro to mark cookies secure?

    - by j4y
    I'm using Grails 2.2.4 with the Shiro plugin (v1.1.4) and would like to mark the cookies as secure so the session information won't be sent over http. This is the attribute I want to set: securityManager.sessionManager.sessionIdCookie.secure = true The shiro source says to use the Grails bean property override mechanism, which is grails-app/conf/spring/resources.groovy How can I override just the one setting? // If the legacy 'security.shiro.filter.config' option is set, // use our custom INI-based filter... if (application.config.security.shiro.filter.config) { log.warn "security.shiro.filter.config option is deprecated. Use Grails' bean property override mechanism instead." 'filter-class'('org.apache.shiro.grails.LegacyShiroFilter') 'init-param' { 'param-name'('securityManagerBeanName') 'param-value'('shiroSecurityManager') }

    Read the article

  • Untrusted GPGPU code (OpenCL etc) - is it safe? What risks?

    - by Grzegorz Wierzowiecki
    There are many approaches when it goes about running untrusted code on typical CPU : sandboxes, fake-roots, virtualization... What about untrusted code for GPGPU (OpenCL,cuda or already compiled one) ? Assuming that memory on graphics card is cleared before running such third-party untrusted code, are there any security risks? What kind of risks? Any way to prevent them ? (Possible sandboxing on gpgpu or other technique?) P.S. I am more interested in gpu binary code level security rather than hight-level gpgpu programming language security (But those solutions are welcome as well). What I mean is that references to gpu opcodes (a.k.a machine code) are welcome.

    Read the article

  • Does adding to a method group count as using a variable?

    - by Vaccano
    I have the following code example taken from the code of a Form: protected void SomeMethod() { SomeOtherMethod(this.OnPaint); } private void SomeOtherMethod(Action<PaintEventArgs> onPaint) { onPaint += MyPaint; } protected void MyPaint(PaintEventArgs e) { // paint some stuff } The second method (SomeOtherMethod) has resharper complaining at me. It says of onPaint that "Value assigned is not used in any execution path". To my mind it was used because I added a method to the list of methods called when a paint was done. But usually when resharper tells me something like this it is because I am not understanding some part of C#. Like maybe when the param goes out of goes out of scope the item I added to the list gets removed (or something like that). I thought I would ask here to see if any one knows what resharper is trying to tell me. (Side Note: I usually just override OnPaint. But I am trying to get OnPaint to call a method in another class. I don't want to expose that method publicly so I thought I would pass in the OnPaint group and add to it.)

    Read the article

  • Hiding Group Column Names

    - by Robert
    You once replied to a post about hiding list group header names. http://edinkapic.blogspot.com/2008/06/hiding-list-view-group-headers.html I do not write code or jQuery at that. But you mentioned that it would be better to write a solution in jQuery. Would you have code that would hide the group header and colon in a 2003 list (SP v.2)? Do you have any good leads? Thanks. Robert S.

    Read the article

  • How to create entities in one Entity group ?

    - by Gopi
    I am building an app based on google app engine (Java) using JDO for persistence. Can someone give me an example or a point me to some code which shows persisting of multiple entities (of same type) using javax.jdo.PersistenceManager.makePersistentAll() within a transaction. Basically I need to understand how to put multiple entites in one Entity Group so that they can be saved using makePersistentAll() inside transaction.

    Read the article

  • SharePoint Navigation Custom Link Security Trimming

    - by ifunky
    Hi, We've got our navigation setup so that subsites show in the global navigation but we have a requirement to also put custom links to external sites which is straight forward. The tricky part is that some of the custom links need security trimming which you don't get when you add your own links to the navigation. Just wondering if anyone has got some ideas on how to work around this? Thanks Dan

    Read the article

  • Paypal's "Security header is not valid"

    - by Paypal
    I'm implementing the Express Checkout? I have no problem with the first two steps:SetExpressCheckout and GetExpressCheckout,but met the "Security header is not valid" at DoExpressCheckout. The API credentials are the same! I've fixed it by changing the $environment to live in DoExpressCheckout.(The difference is that it'll use https://api.sandbox.paypal.com/nvp/ instead of https://api-3t.$environment.paypal.com/nvp) But why? Is there something wrong with https://api-3t.$environment.paypal.com/nvp?

    Read the article

  • Turn off IIS 7.5 Attach security warning

    - by Miau
    IIS 7 and Visual Studio 2008, every time you attach to w3wp.exe you get an Attach Security Warning, How do you turn this of? It would be cool to know also, how to keep it attached for linger, as this seems to time out after a while Btw: I Added this as a comment to the answer below, the first thing i did was try the msdn article http://msdn.microsoft.com/en-us/library/ms241736.aspx that doesn't work

    Read the article

  • Make a Method of the Business Layer secure. best practice / best pattern [.net/c#]

    - by gsharp
    Hi We are using ASP.NET with a lot of AJAX "Page Method" calls. The WebServices defined in the Page invokes methods from our BusinessLayer. To prevent hackers to call the Page Methods, we want to implement some security in the BusinessLayer. We are struggling with two different issues. First one: public List<Employees> GetAllEmployees() { // do stuff } This Method should be called by Authorized Users with the Role "HR". Second one: public Order GetMyOrder(int orderId) { // do sutff } This Method should only be called by the owner of the Order. I know it's easy to implement the security for each method like: public List<Employees> GetAllEmployees() { // check if the user is in Role HR } or public Order GetMyOrder(int orderId) { // check if the order.Owner = user } What I'm looking for is some pattern/best practice to implement this kind of security in a generic way (without coding the the if then else every time) I hope you get what i mean :-) Thanks for you help.

    Read the article

  • Make a Method of the Business Layer secure. best practice / best pattern

    - by gsharp
    We are using ASP.NET with a lot of AJAX "Page Method" calls. The WebServices defined in the Page invokes methods from our BusinessLayer. To prevent hackers to call the Page Methods, we want to implement some security in the BusinessLayer. We are struggling with two different issues. First one: public List<Employees> GetAllEmployees() { // do stuff } This Method should be called by Authorized Users with the Role "HR". Second one: public Order GetMyOrder(int orderId) { // do sutff } This Method should only be called by the owner of the Order. I know it's easy to implement the security for each method like: public List<Employees> GetAllEmployees() { // check if the user is in Role HR } or public Order GetMyOrder(int orderId) { // check if the order.Owner = user } What I'm looking for is some pattern/best practice to implement this kind of security in a generic way (without coding the the if then else every time) I hope you get what i mean :-)

    Read the article

  • osCommerce Security Issue

    - by Auxi
    Hi, I am planning to integrate some opensource shopping cart with my site and I am bit worried about it's security. Is it that easy to hack osCommerce based website? Because I am thinking to use osCommerce.. Kindly advise.

    Read the article

  • Where can I find a deliberately insecure open source web application?

    - by Phil Laliberte
    As a developer, I've learned that I usually gain a better understanding of best/worst practices through experience. The area of web application security isn't really somewhere where my organization can afford to let developers learn through trial and error. So looking for a hands-on approach to knowledge sharing of best practices in web application security, I was thinking that it would be useful to have an open source application that was deliberately built to be insecure in order to help teach junior developers about application security. Does anyone out there know where to find something like this?

    Read the article

  • VB.Net Split A Group Of Text

    - by Ben
    I am looking to split up multiple lines of text to single them out, for example: Url/Host:ftp://server.com/1 Login:Admin1 Password:Password1 Url/Host:ftp://server.com/2 Login:Admin2 Password:Password2 Url/Host:ftp://server.com/3 Login:Admin3 Password:Password3 How can I split each section into a different textbox, so that section one would be put into TextBox1.Text on its own: Url/Host:ftp://server.com/1 Login:Admin1 Password:Password1 Thanks in advance :)!

    Read the article

  • Storing a NTFS Security Descriptor in C

    - by Doori Bar
    My goal is to store a NTFS Security Descriptor in its identical native state. The purpose is to restore it on-demand. I managed to write the code for that purpose, I was wondering if anybody mind to validate a sample of it? (The for loop represents the way I store the native descriptor) This sample only contains the flag for "OWNER", but my intention is to apply the same method for all of the security descriptor flags. I'm just a beginner, would appreciate the heads up. Thanks, Doori Bar #define _WIN32_WINNT 0x0501 #define WINVER 0x0501 #include <stdio.h> #include <windows.h> #include "accctrl.h" #include "aclapi.h" #include "sddl.h" int main (void) { DWORD lasterror; PSECURITY_DESCRIPTOR PSecurityD1, PSecurityD2; HANDLE hFile; PSID owner; LPTSTR ownerstr; BOOL ownerdefault; int ret = 0; unsigned int i; hFile = CreateFile("c:\\boot.ini", GENERIC_READ | ACCESS_SYSTEM_SECURITY, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_FLAG_BACKUP_SEMANTICS, NULL); if (hFile == INVALID_HANDLE_VALUE) { fprintf(stderr,"CreateFile() failed. Error: INVALID_HANDLE_VALUE\n"); return 1; } lasterror = GetSecurityInfo(hFile, SE_FILE_OBJECT, OWNER_SECURITY_INFORMATION , &owner, NULL, NULL, NULL, &PSecurityD1); if (lasterror != ERROR_SUCCESS) { fprintf(stderr,"GetSecurityInfo() failed. Error: %lu;\n", lasterror); ret = 1; goto ret1; } ConvertSidToStringSid(owner,&ownerstr); printf("ownerstr of PSecurityD1: %s\n", ownerstr); /* The for loop represents the way I store the native descriptor */ PSecurityD2 = malloc( GetSecurityDescriptorLength(PSecurityD1) * sizeof(unsigned char) ); for (i=0; i < GetSecurityDescriptorLength(PSecurityD1); i++) ((unsigned char *) PSecurityD2)[i] = ((unsigned char *) PSecurityD1)[i]; if (IsValidSecurityDescriptor(PSecurityD2) == 0) { fprintf(stderr,"IsValidSecurityDescriptor(PSecurityD2) failed.\n"); ret = 2; goto ret2; } if (GetSecurityDescriptorOwner(PSecurityD2,&owner,&ownerdefault) == 0) { fprintf(stderr,"GetSecurityDescriptorOwner() failed."); ret = 2; goto ret2; } ConvertSidToStringSid(owner,&ownerstr); printf("ownerstr of PSecurityD2: %s\n", ownerstr); ret2: free(owner); free(ownerstr); free(PSecurityD1); free(PSecurityD2); ret1: CloseHandle(hFile); return ret; }

    Read the article

  • default file/folder security permissions sbs 2003

    - by Floris
    I have lost all file/folder security permissions of a SBS 2003 installation and was wondering is there some command I can run to restore system file/folder permissions to there default values. I lost the permissions when I had boot error and had to restore the primary boot sector from backup primary boot sector and had to tun fixboot to get the system booting again. Many Thanks Floris

    Read the article

  • Writable folder by all users on the same pc

    - by Catalin DICU
    I have a desktop .NET WPF application witch uses an embedded database (SQLite). Where to put the database file ? It's the same database for all users. I tried to use CommonAppData but it's not writable by non-admin users. So I tried to use a custom installer action to give write rights to all users to this folder but it fails on domain PCs. The code is: DirectorySecurity security = Directory.GetAccessControl(appDataPath); FileSystemAccessRule rule = new FileSystemAccessRule("Users", FileSystemRights.WriteData, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.InheritOnly, AccessControlType.Allow); security.AddAccessRule(rule); Directory.SetAccessControl(appDataPath, security); Would ".\Users" insead of "Users" work on a domain ? Is this the best approach ? Is there any other folder I could use ?

    Read the article

  • IIS token based security, ssl certificate and https, proxy

    - by davidgshi
    I have developed a new web service. Now, I need to deal with security issue as we are intending to make it a secure service. In order to set up SSL and https, I need to obtain and install an SSL certificate. Who is the certificate authority? Do you know how to go about with this? Are there concise articles on this? Regards. David

    Read the article

  • Grails spring security defaultTargetUrl going wrong path

    - by fsi
    Grails 2.4 with Spring security 2 3RC I have this on my Config.groovy grails.plugin.springsecurity.controllerAnnotations.staticRules = [ '/': ['permitAll'], '/index': ['permitAll'], '/index.gsp': ['permitAll'], '/**/js/**': ['permitAll'], '/**/css/**': ['permitAll'], '/**/images/**': ['permitAll'], '/**/favicon.ico': ['permitAll'] ] grails.plugin.springsecurity.successHandler.defaultTargetUrl = "/home/index" But this keeping me redirecting to assets/favicon.ico And my HomeController is like that @Secured(['ROLE_ADMIN', 'ROLE_USER']) def index() { if (SpringSecurityUtils.ifAllGranted('ROLE_ADMIN')) { redirect controller: 'admin', action: 'index' return } } And I modify this in my UrlMapping: "/"(controller: 'home', action:'index') Why it keeps me sending wrong path? Update: using another computer, it redirects me to /asset/grails_logo.png

    Read the article

  • Microsoft .NET security model

    - by Thomas
    Hi all, I am looking for informations about the security model of Microsoft .NET If you could explain me how it is design, or give me links to understand it, it would be very kind of you ! Thanks.

    Read the article

  • Reporting Services Sum of Inner Group in Outer Group

    - by Spoonybard
    I have a report in Reporting Services 2008 using ASP.net 3.5 and SQL Server 2008. The report has 2 groupings and a detail row. This is the current format: Outer Group Inner Group Detail Row The Detail Row represents an item on a receipt and a receipt can have multiple items. Each receipt was paid with a certain payment method. So the Outer Group is grouped by payment type, the Inner Group is grouped by the receipt's ID, and the Detail Row is each item for the given receipt. My raw data result set has two important columns: The Amount Received and the Amount Applied. The Amount Received is how much money in total was collected for all the items on the receipt. The Amount Applied is how much money each item got from the total Amount Received. Sample Result Set: ReceiptID Item ItemID AmountReceived AmountApplied Payment Method ------------------------------------------------------------------------------------------ 1 Book 1 $200.00 $40.00 Cash 1 CD 2 $200.00 $20.00 Cash 1 Software 3 $200.00 $100.00 Cash 1 Backpack 4 $200.00 $40.00 Cash The Inner Group displays the AmountReceived correctly as $200. However, the Outer Group displays the AmountReceived as $800, because I believe that it is going off each detail row which in this case is a count of 4 items. What I want is to see in the Outer Group that the Amount Received is $200. I tried restricting the scope in my SUM function to be the Inner Group, but I get the error "The scope parameter must be set to a string constant that is equal to either the name of a containing group, the name of a containing data region, or the name of a dataset." Does anyone have any suggestions on how to solve this issue? Thanks.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 95 96 97 98 99 100 101 102 103 104 105 106  | Next Page >