Search Results

Search found 22238 results on 890 pages for 'db security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 136/890 | < Previous Page | 132 133 134 135 136 137 138 139 140 141 142 143  | Next Page >

  • Nashorn ?? JDBC ? Oracle DB ?????·?? 2

    - by Homma
    ???? Nashorn ?? JavaScript ??????? JDBC ? Oracle DB ?????????????????????????????????????JDBC ???????????????????????????????? ??????????????????????????? ????? URL ? https://blogs.oracle.com/nashorn_ja/entry/nashorn_jdbc_2 ??? ????????? JDBC ????? ??????????????? ${ORACLE_HOME}/jdbc/lib/ojdbc6.jar ??????????????????????????? JDBC ?????????????? ????? ojdbc6.jar ?????????????? ?????????????????????????????????????? var OracleDataSource = Java.type("oracle.jdbc.pool.OracleDataSource"); var ods = new OracleDataSource(); ods.setURL("jdbc:oracle:thin:test/test@dbsrv:1521:orcl"); var conn = ods.getConnection(); var meta = conn.getMetaData(); print("JDBC driver version is " + meta.getDriverVersion()); ???????? JDBC ?????? jjs ????? -cp ?????????????????????? $ jjs -cp ojdbc6.jar version.js JDBC driver version is 11.2.0.3.0 ????????????????????????????? JAR ????? Main Class ?????????????? ????JDBC ???????????????????????????????? ?????????java -jar ojdbc6.jar ?? JDBC ?????????????????? $ java -jar ojdbc6.jar Oracle 11.2.0.3.0 JDBC 4.0 compiled with JDK6 on Thu_Jul_11_15:43:23_PDT_2013 #Default Connection Properties Resource #Fri May 30 10:37:32 JST 2014 ????? JAR ???????????? Main-Class ???????????? main(String[]) ??????????????????? Nashorn ?????????????? JAR ????? Main-Class ???? ?? Main-Class ???????????? jar ????? JAR ?????????META-INF/MANIFEST.MF ???????????????? Main-Class ??????? $ jar xf ojdbc6.jar $ grep Main-Class META-INF/MANIFEST.MF Main-Class: oracle.jdbc.OracleDriver Main-Class ? oracle.jdbc.OracleDriver ????????????? Main-Class ??? ??????? oracle.jdbc.OracleDriver ???? main ????? Nashorn ???????? $ jjs -cp ojdbc6.jar jjs> var OracleDriver = Java.type("oracle.jdbc.OracleDriver"); jjs> var StringArray = Java.type("java.lang.String[]"); jjs> OracleDriver.main(new StringArray(0)) Oracle 11.2.0.3.0 JDBC 4.0 compiled with JDK6 on Thu_Jul_11_15:43:23_PDT_2013 #Default Connection Properties Resource #Fri May 30 10:55:22 JST 2014 null jjs> java ????? JAR ??????????????????????????? Java ???????????????? Java.type() ??????? JavaClass ????????????????????? ??? Nashorn ????????????? JDBC ? Oracle DB ????????JAR ????? Main-Class ???????????????? ??? Oracle DB ????? SQL ???????????????

    Read the article

  • Wildcards in jnlp template file

    - by Andy
    Since the last security changes in Java 7u40, it is required to sign a JNLP file. This can either be done by adding the final JNLP in JNLP-INF/APPLICATION.JNLP, or by providing a template JNLP in JNLP-INF/APPLICATION_TEMPLATE.JNLP in the signed main jar. The first way works well, but we would like to allow to pass a previously unknown number of runtime arguments to our application. Therefore, our APPLICATION_TEMPLATE.JNLP looks like this: <?xml version="1.0" encoding="UTF-8"?> <jnlp codebase="*"> <information> <title>...</title> <vendor>...</vendor> <description>...</description> <offline-allowed /> </information> <security> <all-permissions/> </security> <resources> <java version="1.7+" href="http://java.sun.com/products/autodl/j2se" /> <jar href="launcher/launcher.jar" main="true"/> <property name="jnlp...." value="*" /> <property name="jnlp..." value="*" /> </resources> <application-desc main-class="..."> * </application-desc> </jnlp> The problem is the * inside of the application-desc tag. It is possible to wildcard a fixed number of arguments using multiple argument tags (see code below), but then it is not possible to provide more or less arguments to the application (Java Webstart will no start with an empty argument tag). <application-desc main-class="..."> <argument>*</argument> <argument>*</argument> <argument>*</argument> </application-desc> Does someone can confirm this problem and/or has a solution for passing a previously undefined number of runtime arguments to the Java application? Thanks alot!

    Read the article

  • wss4j: - Cannot find key for alias: monit

    - by feiroox
    Hi I'm using axis1.4 and wss4j. When I define in client-config.wsdd for WSDoAllSender and WSDoAllReceiver different signaturePropFiles where I have different key stores defined with different certificates, I'm able to have different certificates for sending and receiving. But when I use the same signaturePropFiles' with the same keystore. I get this message when I try to send a message: org.apache.ws.security.components.crypto.CryptoBase -- Cannot find key for alias: [monit] in keystore of type [jks] from provider [SUN version 1.5] with size [2] and aliases: {other, monit} - Error during Signature: ; nested exception is: org.apache.ws.security.WSSecurityException: Signature creation failed; nested exception is: java.lang.Exception: Cannot find key for alias: [monit] org.apache.ws.security.WSSecurityException: Error during Signature: ; nested exception is: org.apache.ws.security.WSSecurityException: Signature creation failed; nested exception is: java.lang.Exception: Cannot find key for alias: [monit] at org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:60) at org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:202) at org.apache.ws.axis.security.WSDoAllSender.invoke(WSDoAllSender.java:168) at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32) at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118) at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83) at org.apache.axis.client.AxisClient.invoke(AxisClient.java:127) at org.apache.axis.client.Call.invokeEngine(Call.java:2784) at org.apache.axis.client.Call.invoke(Call.java:2767) at org.apache.axis.client.Call.invoke(Call.java:2443) at org.apache.axis.client.Call.invoke(Call.java:2366) at org.apache.axis.client.Call.invoke(Call.java:1812) at cz.ing.oopf.model.wsclient.ModelWebServiceSoapBindingStub.getStatus(ModelWebServiceSoapBindingStub.java:213) at cz.ing.oopf.wsgemonitor.monitor.util.MonitorUtil.checkStatus(MonitorUtil.java:18) at cz.ing.oopf.wsgemonitor.monitor.Test02WsMonitor.runTest(Test02WsMonitor.java:23) at cz.ing.oopf.wsgemonitor.Main.main(Main.java:75) Caused by: org.apache.ws.security.WSSecurityException: Signature creation failed; nested exception is: java.lang.Exception: Cannot find key for alias: [monit] at org.apache.ws.security.message.WSSecSignature.computeSignature(WSSecSignature.java:721) at org.apache.ws.security.message.WSSecSignature.build(WSSecSignature.java:780) at org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:57) ... 15 more Caused by: java.lang.Exception: Cannot find key for alias: [monit] at org.apache.ws.security.components.crypto.CryptoBase.getPrivateKey(CryptoBase.java:214) at org.apache.ws.security.message.WSSecSignature.computeSignature(WSSecSignature.java:713) ... 17 more How to have two certificates for wss4j in the same keystore? why it cannot find my certificate there when i have two certificates in one keystore. I have the same password for both certificates regarding PWCallback (CallbackHandler) My properties file: org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin org.apache.ws.security.crypto.merlin.keystore.type=jks org.apache.ws.security.crypto.merlin.keystore.password=keystore org.apache.ws.security.crypto.merlin.keystore.alias=monit org.apache.ws.security.crypto.merlin.alias.password=*** org.apache.ws.security.crypto.merlin.file=key.jks My client-config.wsdd: <deployment xmlns="http://xml.apache.org/axis/wsdd/" xmlns:java="http://xml.apache.org/axis/wsdd/providers/java"> <globalConfiguration> <requestFlow> <handler name="WSSecurity" type="java:org.apache.ws.axis.security.WSDoAllSender"> <parameter name="user" value="monit"/> <parameter name="passwordCallbackClass" value="cz.ing.oopf.common.ws.PWCallback"/> <parameter name="action" value="Signature"/> <parameter name="signaturePropFile" value="monit.properties"/> <parameter name="signatureKeyIdentifier" value="DirectReference" /> <parameter name="mustUnderstand" value="0"/> </handler> <handler type="java:org.apache.axis.handlers.JWSHandler"> <parameter name="scope" value="session"/> </handler> <handler type="java:org.apache.axis.handlers.JWSHandler"> <parameter name="scope" value="request"/> <parameter name="extension" value=".jwr"/> </handler> </requestFlow> <responseFlow> <handler name="DoSecurityReceiver" type="java:org.apache.ws.axis.security.WSDoAllReceiver"> <parameter name="user" value="other"/> <parameter name="passwordCallbackClass" value="cz.ing.oopf.common.ws.PWCallback"/> <parameter name="action" value="Signature"/> <parameter name="signaturePropFile" value="other.properties"/> <parameter name="signatureKeyIdentifier" value="DirectReference" /> </handler> </responseFlow> </globalConfiguration> <transport name="http" pivot="java:org.apache.axis.transport.http.HTTPSender"> </transport> </deployment> Listing from keytool: keytool -keystore monit-key.jks -v -list Enter keystore password: Keystore type: JKS Keystore provider: SUN Your keystore contains 2 entries Alias name: other Creation date: Jul 22, 2009 Entry type: PrivateKeyEntry Certificate chain length: 1 Certificate[1]: .... Alias name: monit Creation date: Oct 19, 2009 Entry type: trustedCertEntry

    Read the article

  • Session Id in url and/or cookie? [closed]

    - by Jacco
    Most people advice against rewriting every (internal) url to include the sessionId (both GET and POST). The standard argument against it seems to be:   If an attacker gets hold of the sessionId, they can hijack the session.   With the sessionId in the url, it easily leaks to the attacker (by referer etc.) But what if you put the sessionId in both an (encrypted) cookie and the url. if the sessionId in either the cookie or the url is missing or if they do not match, decline the request. Let's pretend the website in question is free of xss holes, the cookie encryption is strong enough, etc. etc. Then what is the increased risk of rewriting every url to include the sessionId? UPDATE: @Casper That is a very good point. so up to now there are 2 reasons: bad for search engines / SEO if used in public part of the website can cause trouble when users post an url with a session Id on a forum, send it trough email or bookmark the page apart from the:   It increases the security risk, but it is not clear what the increased risk is. some background info: I've a website that offers blog-like service to travellers. I cannot be sure cookies work nor can I require cookies to work. Most computers in internet cafes are old and not (even close to) up-to-date. The user has no control over them and the connection can be very unreliable for some more 'off the beaten path' locations. Binding the session to an IP-address is not possible, some places use load-balancing proxies with multiple IP addresses. (and from China there is The Great Firewall). Upon receiving the first cookie back, I flag cookies as mandatory. However, if the cookie was flagged as mandatory but not there, I ask for their password once more, knowing their session from the url. (Also cookies have a 1 time token in them, but that's not the point of this question). UPDATE 2: The conclusion seems to be that there are no extra *security* issues when you expose you session id trough the URL while also keeping a copy of the session id in an encrypted cookie. Do not hesitate to add additional information about any possible security implications

    Read the article

  • index help for a MySQL query using greater-than operator and ORDER BY

    - by Jaymon
    I have a table with at least a couple million rows and a schema of all integers that looks roughly like this: start stop first_user_id second_user_id The rows get pulled using the following queries: SELECT * FROM tbl_name WHERE stop >= M AND first_user_id=N AND second_user_id=N ORDER BY start ASC SELECT * FROM tbl_name WHERE stop >= M AND first_user_id=N ORDER BY start ASC I cannot figure out the best indexes to speed up these queries. The problem seems to be the ORDER BY because when I take that out the queries are fast. I've tried all different types of indexes using the standard index format: ALTER TABLE tbl_name ADD INDEX index_name (index_col_1,index_col_2,...) And none of them seem to speed up the queries. Does anyone have any idea what index would work? Also, should I be trying a different type of index? I can't guarantee the uniqueness of each row so I've avoided UNIQUE indexes. Any guidance/help would be appreciated. Thanks!

    Read the article

  • Removing non-alphanumeric characters in an Access Field.

    - by Jacques Tardie
    I need to remove hyphens from a string in a large number of access fields. What's the best way to go about doing this? Currently, the entries are follow this general format: 2010-54-1 2010-56-1 etc. I'm trying to run append queries off of this field, but I'm always getting validation errors causing the query to fail. I think the cause of this failure is the hypens in the entries, which is why I need to remove them. I've googled, and I see that there are a number of formatting guides using vbscript, but I'm not sure how I can integrate vb into Access. It's new to me :) Thanks in advance, Jacques

    Read the article

  • Authorizing a computer to access a web application

    - by HackedByChinese
    I have a web application, and am tasked with adding secure sign-on to bolster security, akin to what Google has added to Google accounts. Use Case Essentially, when a user logs in, we want to detect if the user has previously authorized this computer. If the computer has not been authorized, the user is sent a one-time password (via email, SMS, or phone call) that they must enter, where the user may choose to remember this computer. In the web application, we will track authorized devices, allowing users to see when/where they logged in from that device last, and deauthorize any devices if they so choose. We require a solution that is very light touch (meaning, requiring no client-side software installation), and works with Safari, Chrome, Firefox, and IE 7+ (unfortunately). We will offer x509 security, which provides adequate security, but we still need a solution for customers that can't or won't use x509. My intention is to store authorization information using cookies (or, potentially, using local storage, degrading to flash cookies, and then normal cookies). At First Blush Track two separate values (local data or cookies): a hash representing a secure sign-on token, as well as a device token. Both values are driven (and recorded) by the web application, and dictated to the client. The SSO token is dependent on the device as well as a sequence number. This effectively allows devices to be deauthorized (all SSO tokens become invalid) and mitigates replay (not effectively, though, which is why I'm asking this question) through the use of a sequence number, and uses a nonce. Problem With this solution, it's possible for someone to just copy the SSO and device tokens and use in another request. While the sequence number will help me detect such an abuse and thus deauthorize the device, the detection and response can only happen after the valid device and malicious request both attempt access, which is ample time for damage to be done. I feel like using HMAC would be better. Track the device, the sequence, create a nonce, timestamp, and hash with a private key, then send the hash plus those values as plain text. Server does the same (in addition to validating the device and sequence) and compares. That seems much easier, and much more reliable.... assuming we can securely negotiate, exchange, and store private keys. Question So then, how can I securely negotiate a private key for authorized device, and then securely store that key? Is it more possible, at least, if I settle for storing the private key using local storage or flash cookies and just say it's "good enough"? Or, is there something I can do to my original draft to mitigate the vulnerability I describe?

    Read the article

  • Are document-oriented databases meant to replace relational databases?

    - by evolve
    Recently I've been working a little with MongoDB and I have to say I really like it. However it is a completely different type of database then I am used. I've noticed that it is most definitely better for certain types of data, however for heavily normalized databases it might not be the best choice. It appears to me however that it can completely take the place of just about any relational database you may have and in most cases perform better, which is mind boggling. This leads me to ask a few questions: Are document-oriented databases have been developed to be the next generation of databases and basically replace relational databases completely? Is it possible that projects would be better off using both a document-oriented database and a relational database side by side for various data which is better suited for one or the other? If document-oriented databases are not meant to replace relational databases, then does anyone have an example of a database structure which would absolutely be better off in a relational database (or vice-versa)?

    Read the article

  • Get all model details in zend.

    - by Prasanth P
    Hi, I have one doubt in zend framework. I need all model details from project which i have done in zend framework. Is there any possibility to get all model details in zend framework. Please help me.. Thanks and regards, Prasanth P

    Read the article

  • Does this schema sound better suited for a document-oriented data store or relational?

    - by Blaine LaFreniere
    Disclaimer: let me know if this question is better suited for serverfault.com I want to store information on music, specifically: genres artists albums songs This information will be used in a web application, and I want people to be able to see all of the songs associated to an album, and albums associated to an artist, and artists associated to a genre. I'm currently using MySQL, but before I make a decision to switch I want to know: How easy is scaling horizontally? Is it easier to manage than an SQL based solution? Would the above data I want to store be too hard to do schema-free? When I think association, I immediately think RDBMSs; can data be stored in something like CouchDB but still have some kind of association as stated above?

    Read the article

  • Creating a Model using Stored Procedures with Zend Framework

    - by jwhat
    I'm using Zend Framework and I'd like to build a model to perform read/write operations on a database... using stored procedures. I know how stored procedures work, but I have yet to use them within Zend Framework. Is there any built in support for stored procedures that I should know about? What is the best practice way to create a model in this senario? Should I extend Zend_Db_Table_Abstract or some other class?

    Read the article

  • showSettings callback in Flex?

    - by Jim Robert
    I am pretty new to flex, so forgive me if this is an obvious question. Is there a way to open the Security.showSettings (flash.system.Security) with a callback? or at least to detect if it is currently open or not? My flex application is used for streaming audio, and is normally controlled by javascript, so I keep it hidden for normal use (via absolute positioning it off the page). When I need microphone access I need to make the flash settings dialog visible, which works fine, I move it into view and open the dialog. When the user closes it, I need to move it back off the screen so they don't see an empty flex app sitting there after they change their settings. thanks :)

    Read the article

  • Zend Framework - applying order by on a nested query

    - by Gublooo
    Hey guys This might be a very simple thing. Check out the normal sql query below (select * from shopping order by shopping_id desc limit 5) order by RAND() This query runs successfully in mysql - not sure if this is the right way of doing it - but it works. It gets the last 5 ids from shopping table and randomly orders them everytime I want to achieve this in Zend. I'm not sure how to execute the first part and then apply the RAND clause to the results - what I have below does not do that. $select = $this-select() -from(array('sh'='shopping')) -order('shopping_id desc') -limit(5) -order('RAND()');

    Read the article

  • Zend_DB_Table Update problem

    - by davykiash
    Am trying to construct a simple update query in my model class Model_DbTable_Account extends Zend_Db_Table_Abstract { protected $_name = 'accounts'; public function activateaccount($activationcode) { $data = array( 'accounts_status' => 'active', ); $this->update($data, 'accounts_activationkey = ' . $activationcode); } However I get an SQLSTATE[42S22]: Column not found: 1054 Unknown column 'my activation code value' in 'where clause' error. What am I missing in Zend_Table update construct?

    Read the article

  • Insert coding query in yii

    - by nerd
    I need to auto insert the next orders_id into an Orders table in a database. orders_id is not the primary Key, and it does not auto-increment I need to query the database, find the last (highest) id value, increment 1, and insert it in Orders table in database. Actually, I have a shipping action which will provide address of shipping of orders. So as soon as the user fills address form and move to payments page, I want to simultaneously fill my Orders table by max(orders_id)+1. I have built relations between Address table and Orders table but my orders Table is not getting populated. Please detail me correct codes to implement it in my controller in Yii

    Read the article

  • Zend Framework Relationships - findDependentRowset

    - by Morten Nielsen
    Hello, When I call the method findDependentRowset, the returning rowset contains all the rows in the dependent table, and not only the rowsets that matches the reference. Hoping someone could explain this, since I was of the assumption that findDependentRowset would only return rowset matching my 'rule'? I have the following DbTable Models: class Model_DbTable_Advertisement extends Zend_Db_Table_Abstract { protected $_name = 'Advertisements'; protected $_primary = 'Id'; protected $_dependentTables = array ( 'Model_DbTable_Image', ); } class Model_DbTable_Image extends Zend_Db_Table_Abstract { protected $_name = 'Images'; protected $_primary = 'Id'; protected $_referenceMap = array( 'Images' => array( 'column' => 'AdvertisementId', 'refColumn' => 'Id', 'refTableClass' => 'Model_DbTable_Advertisement', ) ); } Now when i execute the following: (Simplified for Question sake) $model = new Model_DbTable_Advertisement(); $rowSet = $model->fetchAll(); $row = $rowSet->current(); $dRow = $row->findDependentRowset('Model_DbTable_Image'); I would expect $dRow to only contain 'Images' that has the same advertisementId as $row, but instead i receive all rows in the Images table. Any help appriciated. Kind regards, Morten

    Read the article

  • BerkeleyDB vs. Tokyo Cabinet

    - by vsedach
    I'm looking for general experiences from people who have used both, particularly on how the two compare on handling large numbers of records, transaction/concurrency/deadlock handling, and juicy stories about database corruption and backup procedures.

    Read the article

  • How to secure authorization of methods

    - by Kurresmack
    I am building a web site in C# using MVC.Net How can I secure that no unauthorized persons can access my methods? What I mean is that I want to make sure that only admins can create articles on my page. If I put this logic in the method actually adding this to the database, wouldn't I have business logic in my data layer? Is it a good practise to have a seperate security layer that is always in between of the data layer and the business layer to make? The problem is that if I protect at a higher level I will have to have checks on many places and it is more likely that I miss one place and users can bypass security. Thanks!

    Read the article

  • Custom certificate as proof of transaction

    - by Andy
    I'm developing a site where a user conducts a given transaction and once completed, the user is issued with a 'secure certificate'. The certificate serves as proof of the transaction and the user is able to upload the certificate at a later stage, to view the details of the transaction. At the moment I'm using a custom XML document with encrypted fields. It works perfect, but I would like a standardized approach, such as an X.509 certificate. I'm no encryption expert, but from what I gather, X.509 is more geared towards SSL issued by a CA. Is it possible to create your own valid valid CRT file? As a test, I created a CRT file with the example provided on WikiPedia. However, when I open the file in Windows I get this warning: Invalid Public Key Security Object File - This file is invalid as the following: Security Certificate. Not having much luck here, so time to ask the experts. What direction should I be heading in? Any guidance would be greatly appreciated.

    Read the article

  • Custom rowsetClass does not return values

    - by Wesley
    Hi, I'm quite new to Zend and the database classes from it. I'm having problems mapping a Zend_Db_Table_Row_Abstract to my rows. The problem is that whenever I try to map it to a class (Job) that extends the Zend_Db_Table_Row_Abstract class, the database data is not receivable anymore. I'm not getting any errors, trying to get data simply returns null. Here is my code so far: Jobs: class Jobs extends Zend_Db_Table_Abstract { protected $_name = 'jobs'; protected $_rowsetClass = "Job"; public function getActiveJobs() { $select = $this->select()->where('jobs.jobDateOpen < UNIX_TIMESTAMP()')->limit(15,0); $rows = $this->fetchAll($select); return $rows; } } Job: class Job extends Zend_Db_Table_Row_Abstract { public function getCompanyName() { //Gets the companyName } } Controller: $oJobs = new Jobs(); $aActiveJobs = $oJobs->getActiveJobs(); foreach ($aActiveJobs as $value) { var_dump($value->jobTitle); } When I remove the "protected $_rowsetClass = "Job";" line, so that the table row is not mapped to my own class, I get all the jobTitles perfectly. What am I doing wrong here? Thanks in advance, Wesley

    Read the article

  • Can an Aspect conditionally render parts of a JSP page ?

    - by Scott The Scot
    At present the jsp pages have normal authorize tags to conditionally render links and information etc. The website is on the intranet, and we're using Spring Security 2.0.4. Ive now got a business user who wants to allow all roles to access everything for the first few weeks, then gradually add the security back in as feedback is gathered from the business. Rather than go through every page, removing the authorize tags, only to have to put them back in, is is possible to configure these through an aspect, or is there any other way to externalize this into a config file ? I've found Spring's MethodSecurityInterceptor and the meta data tags, but these wouldn't give me the externalization. I've been on google for the last hour, and am now pretty sure this can't be done, but would love to find out I haven't been asking the right questions. Advice appreciated

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 132 133 134 135 136 137 138 139 140 141 142 143  | Next Page >