Search Results

Search found 8692 results on 348 pages for 'patterns and practices'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 123/348 | < Previous Page | 119 120 121 122 123 124 125 126 127 128 129 130  | Next Page >

  • Can per-user randomized salts be replaced with iterative hashing?

    - by Chas Emerick
    In the process of building what I'd like to hope is a properly-architected authentication mechanism, I've come across a lot of materials that specify that: user passwords must be salted the salt used should be sufficiently random and generated per-user ...therefore, the salt must be stored with the user record in order to support verification of the user password I wholeheartedly agree with the first and second points, but it seems like there's an easy workaround for the latter. Instead of doing the equivalent of (pseudocode here): salt = random(); hashedPassword = hash(salt . password); storeUserRecord(username, hashedPassword, salt); Why not use the hash of the username as the salt? This yields a domain of salts that is well-distributed, (roughly) random, and each individual salt is as complex as your salt function provides for. Even better, you don't have to store the salt in the database -- just regenerate it at authentication-time. More pseudocode: salt = hash(username); hashedPassword = hash(salt . password); storeUserRecord(username, hashedPassword); (Of course, hash in the examples above should be something reasonable, like SHA-512, or some other strong hash.) This seems reasonable to me given what (little) I know of crypto, but the fact that it's a simplification over widely-recommended practice makes me wonder whether there's some obvious reason I've gone astray that I'm not aware of.

    Read the article

  • How convince other developers not to ignore Exceptions?

    - by Mnementh
    Recently I encountered a bug in an application I took over from another developer. I debugged for the reason and over an hour later I realized, that the problem wasn't the code producing the exception, but some code executed before this returning wrong data. If I dived into this, I encountered the following: try { ... } catch (XYException e){} If the Exception would have been propagated (a change I did), I would have found the reason for the bugs in a few minutes, as the stacktrace had pointed me to the problem. So how can I convince other developers to never catch and ignore exceptions in this way?

    Read the article

  • When to use "property" builtin: auxiliary functions and generators

    - by Seth Johnson
    I recently discovered Python's property built-in, which disguises class method getters and setters as a class's property. I'm now being tempted to use it in ways that I'm pretty sure are inappropriate. Using the property keyword is clearly the right thing to do if class A has a property _x whose allowable values you want to restrict; i.e., it would replace the getX() and setX() construction one might write in C++. But where else is it appropriate to make a function a property? For example, if you have class Vertex(object): def __init__(self): self.x = 0.0 self.y = 1.0 class Polygon(object): def __init__(self, list_of_vertices): self.vertices = list_of_vertices def get_vertex_positions(self): return zip( *( (v.x,v.y) for v in self.vertices ) ) is it appropriate to add vertex_positions = property( get_vertex_positions ) ? Is it ever ok to make a generator look like a property? Imagine if a change in our code meant that we no longer stored Polygon.vertices the same way. Would it then be ok to add this to Polygon? @property def vertices(self): for v in self._new_v_thing: yield v.calculate_equivalent_vertex()

    Read the article

  • Java 'Prototype' pattern - new vs clone vs class.newInstance

    - by Guillaume
    In my project there are some 'Prototype' factories that create instances by cloning a final private instance. The author of those factories says that this pattern provides better performance than calling 'new' operator. Using google to get some clues about that, I've found nothing really relevant about that. Here is a small excerpt found in a javdoc from an unknown project javdoc from an unknown project Sadly, clone() is rather slower than calling new. However it is a lot faster than calling java.lang.Class.newInstance(), and somewhat faster than rolling our own "cloner" method. For me it's looking like an old best practice of the java 1.1 time. Does someone know more about this ? Is this a good practice to use that with 'modern' jvm ?

    Read the article

  • How to design this class hierarchy?

    - by devoured elysium
    I have defined an Event class: Event and all the following classes inherit from Event: AEvent BEvent CEvent DEvent Now, with the info I gather from all these Event classes, I will make a chart. With AEvent and BEvent, I will generate points for that chart, while with CEvent and DEvent I will paint certain regions of the chart. Now, how should I signal this in my class hierarchy? Should I make AEvent and BEvent inherit from PointEvent while CEvent and DEvent inherit from RegionEvent, being that both RegionEvent and PointEvent inherit from Event? Should I add a field with an Enum to Event with 2 values, Point and Region, and each of the child classes set their value to it? Should I use some kind of pattern here? Which one? Thanks.

    Read the article

  • One repository per table or one per functional section?

    - by Ian Roke
    I am using ASP.NET MVC 2 and C# with Entity Framework 4.0 to code against a normalised SQL Server database. A part of my database structure contains a table of entries with foreign keys relating to sub-tables containing drivers, cars, engines, chassis etc. I am following the Nerd Dinner tutorial which sets up a repository for dinners which is fair enough. Do I do one for drivers, one for engines, one for cars and so on or do I do one big one for entries? Which is the best practise for this type of work? I am still new to this method of coding.

    Read the article

  • UML Class Relationships

    - by 01010011
    Hi, I would like to confirm whether I am on the right track when identifying common UML class relationships. For example, is the relationship between: 1 a stackoverflow member and his/her stackoverflow user account categorized as a composition relationship or an aggregation relationship? At first I thought it was an association because this member "has a" account. However on second thought, I am thinking its composition because each "part" (user account) belongs to only one whole (user) at a time, meaning for as long as I am logged into stackoverflow, I have to use this one and only account until I log off. If I log back onto stackoverflow with a different account then its composition again. Do you agree? 2 a database and a person's user account an aggregation relationship? I think so because 1 database (the whole) can store 0...* number of user accounts (the parts) but another database can store the same user accounts. Finally, can anyone recommend a website that specializes in designing code using UML? Thanks in advance

    Read the article

  • What is the best software design to use in this scenario

    - by domdefelice
    I need to generate HTML snippets using jQuery. The creation of those snippets depends on some data. The data is stored server-side, in session (where PHP is used). At the moment I achieved this - retrieving the data from the server via AJAX in form of JSON - and building the snippets via specific javascript functions that read those data The problem is that the complexity of the data is getting bigger and hence the serialization into JSON is getting even more difficult since I can't do it automatically. I can't do it automatically because some information are sensible so I generate a "stripped" version to send to the client. I know it is difficult to understand without any code to read, but I am hoping this is a common scenario and would be glad for any tip, suggestion or even design-pattern you can give me. Should I store both a complete and a stripped data on the server and then use some library to automatically generate the JSON from the stripped data? But this also means I have to get the two data synchronized. Or maybe I could move the logic server-side, this way avoiding sending the data. But this means sending javascript code (since I rely on jQuery). Maybe not a good idea. Feel free to ask me more details if this is not clear. Thank you for any help

    Read the article

  • .Net4 ConcurrentDictionary: Tips & Tricks

    - by SDReyes
    Hi guys, I started to use the new ConcurrentDictionary from .Net4 yesterday to implement a simple caching for a threading project. But I'm wondering what I have to take care of/be careful about when using it? What have been your experiences using it?

    Read the article

  • How to include associative table information and still retain strong typing

    - by mwright
    I am using LINQ to SQL to create strongly typed objects in my project. Let's say I have an object that is represented by a database table. This object has a "Current State" that is kept in an associative table. I would like to make a single db call where I pull back the two tables joined but am unsure how I should be populating that information into some sort of object to preserve strong typing within my model so that the view using the information can just consume the information from the objects. I looked into creating a view model for this but it doesn't seem to quite fit. Am I thinking about this in the wrong way? What information can I include to help clarify my problem? Other details that may or may not be important: It's an MVC project....

    Read the article

  • Java operator overloading

    - by nimcap
    Not using operators makes my code obscure. (aNumber / aNother) * count is better than aNumber.divideBy(aNother).times(count) After 6 months of not writing a single comment I had to write a comment to the simple operation above. Usually I refactor until I don't need comment. And this made me realize that it is easier to read and perceive math symbols and numbers than their written forms. For example TWENTY_THOUSAND_THIRTEEN.plus(FORTY_TWO.times(TWO_HUNDERED_SIXTY_ONE)) is more obscure than 20013 + 42*261 So do you know a way to get rid of obscurity while not using operator overloading in Java? Update: I did not think my exaggeration on comments would cause such trouble to me. I am admitting that I needed to write comment a couple of times in 6 months. But not more than 10 lines in total. Sorry for that. Update 2: Another example: budget.plus(bonusCoefficient.times(points)) is more obscure than budget + bonusCoefficient * points I have to stop and think on the first one, at first sight it looks like clutter of words, on the other hand, I get the meaning at first look for the second one, it is very clear and neat. I know this cannot be achieved in Java but I wanted to hear some ideas about my alternatives.

    Read the article

  • How to create custom javadoc tags

    - by Carlucho
    How to create custom javadoc tags such as @pre / @post... I found some links that explain it but i haven had luck with them, i dont know if that am already tired but i can figure where to put it. these are some of the links http://www.developer.com/java/other/article.php/3085991/Javadoc-Programming.html http://java.sun.com/j2se/1.5.0/docs/tooldocs/windows/javadoc.html I'm sorry to ask to be spoon fed but am at the stage where i only see black dots on the screen :\ Thanks a bunch

    Read the article

  • Best practice for DAO pattern ?

    - by Tony
    I've seen a lot of codes use a service-dao pattern , I don't know the origin of this pattern . It force the front layer call service , then delegates some of the service task to dao. I want to ask : Does DAO layer do purely data access related task ? What about exception encapsulation ? Is there other pattern can be used to replace this ?

    Read the article

  • Managing of shared resources between classes?

    - by Axarydax
    Imagine that I have a several Viewer component that are used for displaying text and they have few modes that user can switch (different font presets for viewing text/binary/hex). What would be the best approach for managing shared objects - for example fonts, find dialog, etc? I figured that static class with lazily initialized objects would be OK, but this might be the wrong idea. static class ViewerStatic { private static Font monospaceFont; public static Font MonospaceFont { get { if (monospaceFont == null) //TODO read font settings from configuration monospaceFont = new Font(FontFamily.GenericMonospace, 9, FontStyle.Bold); return monospaceFont; } } private static Font sansFont; public static Font SansFont { get { if (sansFont == null) //TODO read font settings from configuration sansFont = new Font(FontFamily.GenericSansSerif, 9, FontStyle.Bold); return sansFont; } } }

    Read the article

  • Controls added in the designer are null during Page_Load

    - by mwright
    All of the names below are generic and not the actual names used. I have a custom UserControl with a Panel that contains a a couple Labels, both .aspx controls. .aspx: <asp:Panel runat="server"> <asp:Label ID="label1" runat="server"> </asp:Label> </asp:Panel> <asp:Panel runat="server"> <asp:Label ID="label2" runat="server"> </asp:Label> </asp:Panel> Codebehind: private readonly Object object; protected void Page_Load(object sender, EventArgs e) { // These are the lines that are failing // label1 and label2 are null label1.Text = object.Value1; label2.Text = object.Value2; } public ObjectRow(Object objectToDisplay) { object = objectToDisplay; } On another page, in the code behind, I create a new instance of the custom user control. protected void Page_Load(object sender, EventArgs e) { CustomControl control = new CustomControl(object); } The user control takes the parameter and attempts to set the labels based off of the object passed in. The labels that it tries to assign the values to are however, null. Is this an ASP.net lifecycle issue that I'm not understanding? My understanding based on the Microsoft ASP.net lifecycle page was that page controls were available after the Page_Initialization. What is the proper way to do this? Is there a better way?

    Read the article

  • IoC, Containers, and NServiceBus confusion

    - by andy
    Hey guys, here's my setup Castle Windsor is my container NServiceBus is itself using it's own container internally, Spring by default I'm implementing the PubSub config. Ok, if I have my Bus.Publish happening within my IWantToRunAtStartup class, then everything is fine. As a test for example on Run() we can start a timer and it'll go into a Service style loop. However, what if I want to abstract NServiceBus from my app, and have my app go: new CustomPulisherClass().Notify(ISomeMessage msg); In this situation, how do I implement CustomPublisherClass. My confusion is coming from the fact that NServiceBus is already running as a Service, it's already been "Started". How to I get at the correct instance of the Bus object? cheers andy

    Read the article

  • Is using the Class instance as a Map key a best practice?

    - by Pangea
    I have read somewhere that using the class instances as below is not a good idea as they might cause memory leaks. Can someone tell me if if that is a valid statement? Or are they any problems using it this way? Map<Class<?>,String> classToInstance=new HashMap(); classToInstanceMap.put(String.class,"Test obj");

    Read the article

  • Where should I exclude and select information BL or DL?

    - by MRFerocius
    Hi guys; I have another conceptual question. Suppose I have a Data Layer and a Bussines Layer. I have on my data base for example Customers and those customers has an assigned Vendor: Customers(customerID, customerName, customerAddress, vendorID) Vendors(vendorID, vendorName, vendorAddress) Now suppose my Vendor logs into my web application and wants to see all his customers: a) Should I use my Datalayer method and there find his customers on the query? b) Should the data layer return all the customers and on the Buissnes Layer filter that vendor ones? Is B even a good approach because is the one I want to use.... Is it correct? Thanks in advance!!!

    Read the article

  • Throwing exception vs returning null value with switch statement

    - by Greg
    So I have function that formats a date to coerce to given enum DateType{CURRENT, START, END} what would be the best way to handling return value with cases that use switch statement public static String format(Date date, DateType datetype) { ..validation checks switch(datetype){ case CURRENT:{ return getFormattedDate(date, "yyyy-MM-dd hh:mm:ss"); } ... default:throw new ("Something strange happend"); } } OR throw excpetion at the end public static String format(Date date, DateType datetype) { ..validation checks switch(datetype){ case CURRENT:{ return getFormattedDate(date, "yyyy-MM-dd hh:mm:ss"); } ... } //It will never reach here, just to make compiler happy throw new IllegalArgumentException("Something strange happend"); } OR return null public static String format(Date date, DateType datetype) { ..validation checks switch(datetype){ case CURRENT:{ return getFormattedDate(date, "yyyy-MM-dd hh:mm:ss"); } ... } return null; } What would be the best practice here ? Also all the enum values will be handled in the case statement

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 119 120 121 122 123 124 125 126 127 128 129 130  | Next Page >