Search Results

Search found 120608 results on 4825 pages for 'code access security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 142/4825 | < Previous Page | 138 139 140 141 142 143 144 145 146 147 148 149  | Next Page >

  • How does WCF RIA Services handle authentication/authorization/security?

    - by Edward Tanguay
    Since no one answered this question: What issues to consider when rolling your own data-backend for Silverlight / AJAX on non-ASP.NET server? Let me ask it another way: How does WCF RIA Services handle authentication/authorization/security at a low level? e.g. how does the application on the server determine that the incoming http request to change data is coming from a valid client and not from non-desirable source, e.g. a denial-of-service bot?

    Read the article

  • What kind of security issues will I have if I provide my web app write access?

    - by iama
    I would like to give my web application write access to a particular folder on my web server. My web app can create files on this folder and can write data to those files. However, the web app does not provide any interface to the users nor does it publicize the fact that it can create files or write to files. Am I susceptible to any security vulnerabilities? If so, what are they?

    Read the article

  • How can I write a "user can only access own profile page" type of security check in Play Framework?

    - by karianneberg
    I have a Play framework application that has a model like this: A Company has one and only one User associated with it. I have URLs like http://www.example.com/companies/1234, http://www.example.com/companies/1234/departments, http://www.example.com/companies/1234/departments/employees and so on. The numbers are the company id's, not the user id's. I want that normal users (not admins) should only be able to access their own profile pages, not other people's profile pages. So a user associated with the company with id 1234 should not be able to access the URL http://www.example.com/companies/6789 I tried to accomplish this by overriding Secure.check() and comparing the request parameter "id" to the ID of the company associated with the logged in user. However, this obviously fails if the parameter is called anything else than "id". Does anyone know how this could be accomplished?

    Read the article

  • End User Ad-Hoc Reporting Tool: Microsoft SQL Server Management Studio or Microsoft Access?

    - by schultkl
    Our centralized IT department has suggested two primary ad hoc query tools for our general user base of approximately 200 staff members: Microsoft SQL Server Management Studio 2008 (SSMS) Microsoft Access 2003 Environment The backend database is a read-only Microsoft SQL Server 2005 database. The schema is 400+ tables; allowing access to the raw data for our general staff would be a disaster. We will be building an "abstraction layer" over the raw data for our general staff to run ad hoc queries against. The abstraction layer will most likely contain a number of views. A number of users have basic knowledge in Microsoft Access; none have used SSMS. Which of the above tools (or alternative) would be best for a decidedly non-techie user base of approximately 200 people? What are the pros and cons of each? Also, the IT department has suggested teaching people T-SQL so they may use SSMS. Is this reasonable?

    Read the article

  • MS Access antiquated? Anything new in 2011?

    - by Heidi
    Our company has a database of 17,000 entries. We have used MS Access for over 10 years for our various mailings. Is there something new and better out there? I'm not a techie, so keep in mind when answering. Our problems with Access are: -no record of what was deleted, -will not turn up a name in a search if cap's or punctuation is not entered exactly, -is complicated for us to understand the de-duping process. - We'd like a more nimble program that we can access from more than one dedicated computer.

    Read the article

  • How to integrate access control with my ORM in a .net windows form application?

    - by Ying
    I am developing a general database query tools, a .Net 3.5 Windows Form application. In order to make the presentation layer is independent of the database layer. I use an ORM framework, XPO from DevExpress. But, I have no access control function built in. I surfed Internet and I found in WCF Data Services, there is an interesting concept, Interceptor, which is following AOP(Aspect Oriented Programming). I am wondering who has such an experience to build access control in ORM. My basic requirement is : It should be a general method and controlled by users in runtime. So any hard coding is not acceptable. It could be based on attribute, database table, or even an external assembly. I am willing to buy a ready solution. According to the idea of AOP, an access control function can be integrated with existing functions easily and nearly not knowingly to the previous developer;) Any suggestions are welcome.

    Read the article

  • How to access files in interior of an iPhone App?

    - by mxg
    Hi everyone! I need in a iPhone app to access files that the app is build with(.plist etc). There's an hardcoded way to do this: NSString *appDir = [[[NSSearchPathForDirectoriesInDomains(NSDocumentDirectory, NSUserDomainMask, YES) objectAtIndex:0] stringByDeletingLastPathComponent] stringByAppendingPathComponent:appFolder]; where appFolder is the name of folder app, like "test.app". After the appDir is known, to access files is simple. Is there any other, not-hardcoded way to have access to files form the app? Thanks in Advance!

    Read the article

  • Do I have to use Stored Procedures to get query level security or can I still do this with Dynamic S

    - by Peter Smith
    I'm developing an application where I'm concerned about locking down access to the database. I know I can develop stored procedures (and with proper parameter checking) limit a database user to an exact set of queries to execute. It's imperative that no other queries other then the ones I created in the stored procedures be allowed to execute under that user. Ideally even if a hacker gained access to the database connection (which only accepts connections from certain computers) they would only be able to execute the predefined stored procedures. Must I choose stored procedures for this or can I use Dynamic Sql with these fine grain permissions?

    Read the article

  • best approah (security) to do some admin work through web page in Linux?

    - by Data-Base
    Hello, I want to build a web based admin tools that allow the system admin to run pre-configured commands and scripts through a web page (simple and limited webmin), what is the best approach? I already started with Ubuntu installing LAMP and give the user www-data root's privileges !!! as I learned (please check the link) this is a really bad move !!!, so how to build such web-based system without the security risk? cheers

    Read the article

  • Java embedded applet page security, how to properly meet its recquirements?

    - by meds
    If I have an applet embedded in a webpage and I want it to connect to server side software (also written in Java) how can I do this properly on a windows machine running local host? Would I have to run the java application from within the localhost directory and access the applet html from a browser (i.e. localhost/applet.html)? From what I undestand if you don't have everything setup correctly you won't be able to connect because of Java's security requirements. Thanks for any help :)

    Read the article

  • Is MS Access still the most efficient RAD tool for small-scale custom apps?

    - by FastAl
    Of the many other development tools I've used, nothing holds a candle to the 'Functionality to Development Effort' ratio of MS Access. The reason I am asking is that I have been out of the language selection process for a few years, working on a large .Net system, and am only anecdotally familiar with the latest development tools outside the .Net world. I'm well aware of the limitations of Access, but for a limited concurrency (usually only 1 user at a time), small business, custom app, has anybody found a comparable end-to-end solution or combination that comes close? It doesn't have to be free, open source, or even Windows based. It just has to allow the same speed of development and maintenance, and maybe even provide some additional amenities like seamless autointegration with a server-based DB Engine (like Access does with its own 'Jet' dbms), better web support, and a file format more compatible with source control. I don't want to miss out on anything. Please share your development experience with your suggestions. Thanks.

    Read the article

  • How do you insert new entries into an Access db table through an ASP.net website?

    - by CGF
    I need to insert new records into an Access database. I'm using Visual Studio 2008 and firstly create a asp.net website. I can connect to the information in Access databse using dataview or gridview and can query a particular entry (ie. Proposal No. -brings up all details linking to that proposal). I can then edit the details of that proposal and this would update the Access Db. What I need to do is to have a form that simply enters new details for a new customer. ie. Enter name [__] Enter Adress[__]. Then for this to update the database. By using the gridview or dataview I am able to view all fields that exist in the table and edit them. Is there a way that I can get a blank gridview/dataview template (which includes all the fields in the table) and fill it out to then update the database? Thanks

    Read the article

  • ASP.NET Security Exception when Switch IIS7 to Use UNC Path for Content

    - by Jeremy H.
    I have a Windows Server 2008 R2 box running IIS7.5 with Medium Trust configured for ASP.NET. When I have the website running from local content (e.g.: c:\inetpub\wwwroot) everything works fine. When I change IIS to use a UNC path for the content (e.g.: \\computer\wwwroot) I get the following error: Security Exception Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file. Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Data.SqlClient.SqlClientPermission, System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed. I'm trying to figure out why ASP.NET/IIS would allow for the SQL call when using local content but not when using a UNC path. Any ideas what I need to do to use a UNC path from IIS7 properly?

    Read the article

  • how to protect telnet access to smtp port 25?

    - by Michael Mao
    Hi all: Please consider the following: 192-168-1-106:~ michael$ telnet <remote_server_ip> 25 Trying <remote_server_ip>... Connected to li*****.linode.com. Escape character is '^]'. 220 mindinscription.net ESMTP Postfix (Ubuntu) quit 221 2.0.0 Bye Connection closed by foreign host. Is this very bad? how to protect port 25 from malicious attackers? I've already set up a firewall, but not very sure what to do in this case. Basically I'd like to use this server to only send emails as alert messages, not receiving any external emails. Many thanks to the help in advance.

    Read the article

  • ASP.NET Security Exception when Switch IIS7 to Use UNC Path for Content

    - by Jeremy H.
    I have a Windows Server 2008 R2 box running IIS7.5 with Medium Trust configured for ASP.NET. When I have the website running from local content (e.g.: c:\inetpub\wwwroot) everything works fine. When I change IIS to use a UNC path for the content (e.g.: \\computer\wwwroot) I get the following error: Security Exception Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file. Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Data.SqlClient.SqlClientPermission, System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed. I'm trying to figure out why ASP.NET/IIS would allow for the SQL call when using local content but not when using a UNC path. Any ideas what I need to do to use a UNC path from IIS7 properly?

    Read the article

  • Norton Security Suite Symantec Download Manager Error: "Error writing to disk"

    - by Stephen Pace
    My broadband provider (Comcast) decided to switch their 'included with service' security suite from McAfee to Norton Security Suite. Their email directed me to a site that downloaded the Symantec Download Manager (NortonDL.exe) and that went fine. I'm running Windows 7 32-bit and running this application pops up the standard User Account Control message and the software is correctly identified as coming from Symantec. I answer 'yes' to allow the software to install and upon launch immediately get an "Error writing to disk" error. I searched the Internet for this error, but mainly I find Comcast users complaining about the same issue with no resolution other than to call Symantec. I found no one suggesting a successful workaround and it appeared that most of the support calls took up to three hours. I'd like to avoid that if possible. Ideas? To be honest, I'm getting close to bagging this installation and just moving to Microsoft Security Essentials.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 138 139 140 141 142 143 144 145 146 147 148 149  | Next Page >