validate request - Page 221

Shibboleth + IIS and Pound Reverse Proxy

- by boburob

Having a bit of a problem getting Shibboleth (SSO) working with ADFS and Pound. The main problem seems to be that: The website address will be https://website.domain.com Pound will then terminate the SSL and forward the traffic to the webserver on a different port (http://server.domain.com:8888) I have set up Shibboleth to protect the address http://server.domain.com:8888, which allows me to retrieve metadata and it all seems to be working fine. However the problem seems to be that ADFS is configured to protect the https website, so when Shibboleth attempts to recieve information from ADFS I get nothing except the following error: A token request was received for a relying party identified by the key 'https://msstagrevproxy.cwpintranet.com/shibboleth', but the request could not be fulfilled because the key does not identify any known relying party trust. Key: https://msstagrevproxy.cwpintranet.com/shibboleth I am not really sure how I can work around this as to retrieve the metadata from Shibboleth I have to use the https address but this does not actually exist in Shibboleth or IIS. Has anyone had any experience with this before or using any other SSO with a reverse proxy that works?

Read the article

Windows redirect traffic to different DNS name not fixed IP address (hosts file equivalent)

- by Arik Raffael Funke

Using the Windows hosts file, one can redirect traffic for a domain to a specific IP address, e.g. domainA.com -- 127.0.0.1 I am looking for a SIMPLE way to do the same, but for a target domain name not for a target IP address (as this is dynamic), I.e. domainA.com -- domainB.com Addition: After the getting some initial answers I think I need to concretise my question. Situation: I have an application which looks up the IP of the target domain via DNS and then connects via HTTP to the IP address. I do not have control over any proxy settings. Option 1 Basically I am looking for a way to: intercept DNS requests for a domainA.com launch a DNS request for a domainB.com serve the IP of domainB.com in response to the request for domainA.com Without running an entire DNS server. Option 2 If a DNS server is the only way, in the alternative I would also be happy with an solution to how to define a non-standard DNS-server for a single application. Any ideas for wrapper applications, etc?

Read the article

Making WIF local STS to work with your ASP.NET application

- by DigiMortal

Making Windows Identity Foundation (WIF) STS test application work with your solution is not as straightforward process as you can read from books and articles. There are some tricks and some configuration modifications you must do to get things work. Fortunately these steps are simple one. 1. Move your application to IIS or IIS Express If your application uses development web server that ships with Visual Studio then make your application use IIS or IIS Express. You get simple support for IIS Express to Visual Studio 2010 after installing Visual Studio 2010 SP1. You can read more from my blog posting Visual Studio 2010 SP1 Beta supports IIS Express. NB! You don’t have to move your dummy STS project to IIS. 2. Change request validation mode to ASP.NET 2.0 As a next thing you will get the following error when coming back from dummy STS service: HttpRequestValidationException (0x80004005): A potentially dangerous Request.Form value was detected from the client. Open web.config of your application and add the following line before </system.web>: <httpRuntime requestValidationMode="2.0" /> Now you are done with configuring web application to work with STS.

Read the article

IIS: redirect everything to another URL, except for one Directory

- by DrStalker

I have an IIS server (IIS 6, Win 2003) that hosts the site http://www.foo.com. I want any request to http://foo.com (no matter what path/filename is used) to redirect to http://www.bar.org/AwesomePage.html UNLESS the request is for http://www.foo.com/specialdir, in which case the HTML files in the local directory specialdir should be used. The problem I have is once the redirect is set it also affects /specialdir - even if I right click on that directory and select "content should come from ... local directory" that change does not take effect, and the directory still shows as redirecting to http://www.bar.org/AwesomePage.html. The same thing happens if I try to set individual files to load from the local system instead of redirecting - IIS gives no error, but the change does not take effect and the files still show as being redirected. How can I set specialdir to override the redirection to the new URL?

Read the article

How do I disable nginx sending messages to syslog?

- by altman

My nginx sends lots of messages to syslog, but I don't need them. In my nginx.conf: error_log /var/log/nginx-error.log notice; ...... server { access_log off; location / { .... } } but, in my /var/log/message you see Nov 22 23:25:09 cache3 nginx: 2011/11/22 23:25:09 [error] 3437#0: *32172530 kevent() reported about an closed connection (60: Operation timed out) while reading response header from upstream, client: , server: , request: "GET http://www.igoido012.com//vk HTTP/1.1", upstream: "http:////vk", host: "www.igoido012.com", referrer: "http://www.baidu.com/" Nov 22 23:25:09 cache3 nginx: 2011/11/22 23:25:09 [error] 3437#0: *32099531 upstream timed out (60: Operation timed out) while reading response header from upstream, client: , server: , request: "GET http://t.web2.qq.com/channel/poll?msg_id=0&clientid=431509&t=1321975433305 HTTP/1.1", upstream: "http://:80/channel/poll?msg_id=0&clientid=431509&t=1321975433305", host: "t.web2.qq.com", referrer: "http://t.web2.qq.com/proxy.html?v=20110331001" How can I prevent nginx sending messages to my syslog?

Read the article

Windows Server 2008R2 IIS7.5, Requests getting 401 status

- by TLBH

We have a web site running in windows server 2008r2 iis7.5 and we are seeing several errors reported from our global error handler saying that "Request Timed Out". I matched up one to the IIS log file and see the request took 135116 (presumably milliseconds) had an sc-status of 401 an sc-sub0status of 0 and an sc-win32-status of 64. 2 requests failed in these way but lots of surrounding requests (1979 successful requests vs 2 fails) for the same user went through perfectly fine- with the same cs-username which makes a 401 seem a little odd. The target of the requests is an ASP.Net web service's web method called by the .net client library- it's called a lot of times per user (3 times per second) to keep a page updated. We're getting some users reportng seeing a freezing effect and I think this may be the cause, any ideas? Peter

Read the article

Running Sonatype Nexus in Tomcat 7.0, Tomcat blocking PUT requests

- by gdm

I was previously running Nexus 1.8 on OSX and uploading jars for releases without any issues. The OSX box died, so I moved to a FreeBSD server. Since Nexus doesn't have binaries for FreeBSD, I decided to run it in my Tomcat container. Now, I have set up Nexus 1.9 in Tomcat 7.0 on FreeBSD. Everything is working well, except I can't upload jars to my release or snapshot repositories. If I try via Hudson, I get a 401 error (and no further details). If I try manually via curl, I get an error message back from Tomcat: "This request requires HTTP authentication.". Why is Tomcat giving this error, and how do I stop it? If I look in the Nexus logs I can see that the PUT request doesn't even reach Nexus, Tomcat is intercepting it.

Read the article

Pushing complete notifications to client

- by ton.yeung

So with cqrs, we accept that consistency is eventual. However, that doesn't mean that the user has to continually poll, or that eventual means an update has to take more then 500ms to sync. For the sake of UX, we want to at least give the illusion of consistency, or if not possible, be as transparent as possible. With that in mind, I have this setup: angularjs web client, consumes webapi restful services, sends commands to nservicebus command handlers, saves to neventstore, dispatches events to nservicebus event handlers, sends message to signalr hub, sends notifications to angularjs web client so with that setup, theoretically some initiates a request the server validates the request sends out the necessary commands In the mean time the client gets a 200 response updates the view: working on it gets message sometime later: done, here's the updated data Here's where things get interesting, each command could spawn multiple events. Not sure if this is a serious no, no, or not, but that's how it is currently. For example, a new customer spawns CustomerIDCreated, CustomerNameUpdated, CustomerAddressUpdated, etc... Which event handler needs to notify the client? Should all of them in a progress bar style update?

Read the article

JUnit Testing in Multithread Application

- by e2bady

This is a problem me and my team faces in almost all of the projects. Testing certain parts of the application with JUnit is not easy and you need to start early and to stick to it, but that's not the question I'm asking. The actual problem is that with n-Threads, locking, possible exceptions within the threads and shared objects the task of testing is not as simple as testing the class, but testing them under endless possible situations within threading. To be more precise, let me tell you about the design of one of our applications: When a user makes a request several threads are started that each analyse a part of the data to complete the analysis, these threads run a certain time depending on the size of the chunk of data (which are endless and of uncertain quality) to analyse, or they may fail if the data was insufficient/lacking quality. After each completed its analysis they call upon a handler which decides after each thread terminates if the collected analysis-data is sufficient to deliver an answer to the request. All of these analysers share certain parts of the applications (some parts because the instances are very big and only a certain number can be loaded into memory and those instances are reusable, some parts because they have a standing connection, where connecting takes time, ex.gr. sql connections) so locking is very common (done with reentrant-locks). While the applications runs very efficient and fast, it's not very easy to test it under real-world conditions. What we do right now is test each class and it's predefined conditions, but there are no automated tests for interlocking and synchronization, which in my opionion is not very good for quality insurances. Given this example how would you handle testing the threading, interlocking and synchronization?

Read the article

How is this modsec rule getting triggered?

- by BipedalShark

I made a GET request to the URL, http://domain.tld/test/docs/index.php?create_table=1&step=2 and got a 403 response code. It turns out this modsec rule is getting triggered: Access denied with code 403 (phase 2). Pattern match "(?:ogg|gopher|zlib|(?:ht|f)tps?)\:/" at ARGS:gltr_redir. [file "/opt/mod_security/10_asl_rules.conf"] [line "827"] [id "340153"] [rev "22"] [msg "Generic PHP code injection protection via ARGS 3"] [severity "CRITICAL"] I would assume ARGS refers to GET/POST data, but there's no gltr_redir in the query string. And, being a GET request, there's obviously no POST data. So how is this rule being triggered?

Read the article

Suscribers locking during snapshot replication

- by remi_bourgarel

Hi all :) Here is my architecture : I have a main server and 4 replica (the servers are synchronized with snapshot replication). The replication is working fine, except for one thing : during the replication a lot of SELECT request on one of the replica fail with a time-out. Here are my questions : Can I avoid these time-out ? If I can't : how can I detect the start and the end of the replication to redirect all the request on one of the replica to the main ? Thanks Sorry if you already answered to that kind of question but I couldn't find anything.

Read the article

SSL Ajax type of certificate for the static domain (image + js)

- by Alexl

Hi, I have a page that is SSL and has a valid certificate extended. (mainpage.com) But this page request some static content to another domain(page-static.com), basicly images and js. Actually i have only a certificate for my mainpage.com. So now when i request this page i get invalid ssl page because it contains invalid encrypted data (the one provided by the www.page-static.com) What kind of certificate do i need for the www.page-static.com. Do i need the same one as the mainpage.com, because this certificate are expensive (it's a extended certificate). Or a cheap certificate from godaddy will do the trick. This is another question do both certificates have to be signed by the same root provider and/or the same encryption key length (or it can be only 128 bits)? Thanks for your help

Read the article

Apache Serving 403 Forbidden after OS X Snow Leopard Upgrade to Version 10.6.6

- by Ian Oxley

I've just upgraded my MacBook Pro to OS X Snow Leopard version 10.6.6 and now Apache is misbehaving: requests to http://localhost/ generate a 403 Forbidden response -- FIXED requests to any of my virtual hosts seem to generate a 200 Ok response, but contain zero bytes Some further info that might be useful: I'm using the Apache that comes bundled with OS X. I'm using PHP from http://www.entropy.ch/software/macosx/php/ (which is in /usr/local/bin) I've had look at the Apache error log and the only error seems to be the following: [notice] child pid 744 exit signal Segmentation fault (11) I'm completely stumped by this. Any help would be much appreciated. UPDATE Ok, I've managed to resolve the 403 Forbidden error thanks to http://techtrouts.com/mac-os-x-105-web-sharing-forbidden-403-on-httplocalhostusername/ I'm still having the second problem though for any request e.g. this now happens when I request http://localhost

Read the article

Webserver not giving the correct response on CURL and other httprequest methods [migrated]

- by Maxim

I am trying to make a REST request to a external webserver by using this code <?php $user = 'USER'; $pass = 'PASS'; $data = "MYDATA" $ch = curl_init('URL'); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $data); curl_setopt($ch, CURLOPT_HTTPHEADER, array( 'Content-Type: application/json', 'Content-Length: ' . strlen($data)) ); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_VERBOSE, true); if(!($res = curl_exec($ch))) { echo('[cURL Failure] ' . curl_error($ch)); } curl_close($ch); echo($res); Now this is a CURL request, however i tried different methods to test my result and they all give me a 403 forbidden error response that i get from the webserver, however i do get a 200 response when i run it on any other webserver (localhost, webserver2, ...) Therefore i think there is something wrong with my webserver and it might be disallowing/caching the post parameters that i provide because sometimes it returns a 200 response but most of the times it returns the 403. This is the response i get : HTTP/1.1 403 Forbidden Accept-Ranges: bytes Content-Type: application/json; charset=UTF-8 Date: Sat, 26 Oct 2013 13:56:37 GMT Server: Restlet-Framework/2.1.3 Vary: Accept-Charset, Accept-Encoding, Accept-Language, Accept Content-Length: 77 Connection: keep-alive {"error":"ForbiddenOperationException","errorMessage":"Invalid credentials."} It says Invalid credentials however i provide the correct credentials and i can confirm them because it is working on other servers. Since this is a crucial part of my script that i use for clients to register i assume that there is something wrong with the post parameters. I am running cpanel and uninstalled the following already: - varnish - apachebooster i also recompiled php already and enabled curl and its dependencies but nothing seems to resolve my problem. If more information is required then don't hesitate to ask me in the comments i will respond very quickly as i really need this. any help is appreciated. Kind regards Maxim

Read the article

Apache SSL losing session over load balancer

- by SaltyNuts

I have two physical Apache servers behind a load balancer. The load balancer was supposed to be set up so that a user would always be sent to the same physical server after the first request, to preserve sessions. This worked fine for our web apps until we added SSL to the setup. Now the user can successfully login, see the home page, but clicking on any other internal links logs the user right out. I traced the issue to the fact that while initial authentication is performed by server 1, clicking on internal links leads to having the request sent to server 2. Server 2 does not share sessions with server 1, and the user is kicked out. How can I fix it? Do I need to share sessions between the two servers? If so, could you point me to a good guide for doing this? Thanks.

Read the article

Validating User Stories: How much change is too much?

- by David Kaczynski

While the core of requirements development and acceptance criteria would ideally take place during the planning meeting in order to create a better estimate, Scrum encourages continuous interaction with the product owner throughout the sprint to validate and refine user stories. What kind of criteria is used to judge if there is too much change being imposed on a user story mid-sprint? When is it appropriate to change the requirements of the user story? When is it appropriate to cancel the user story / sprint in order to re-evaluate and re-estimate a user story in question?

Read the article

Nginx proxy to s3 bucket gets 400 Invalid Argument

- by elssar

I have a Django app in which I serve media files through an nginx proxy to s3. The relevant python code response = HttpResponse() response['X-Accel-Redirect'] = '/s3_redirect/%s' % filefield.url.replace('http://', '') response['Content-Disposition'] = 'attachment; filename=%s' % filefield.name return response The nginx block for the internal redirect is location ~* ^/s3_redirect/(.*) { internal; set $full_url http://$1; proxy_pass $full_url; And the request logged by s3 is. REST.GET.OBJECT <media file> "GET <media file>" 400 InvalidArgument 354 - 4 - "http://<referer>" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_3) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.89 Safari/537.1" - I, for the life of me, can't figure out what's wrong. The url send to nginx by the app is valid, it works in the browser. And nginx is sending a request to s3.

Read the article

Authenticating users for a website

- by MCB

I'm working on a website and I want to validate that an individual is an employee at one of a large number of companies (probably using their company's email address, which I don't know before hand). The idea being some users are the general public and others are from these companies. And I need some way to authenticate that the users claiming to be employees are being honest while still having a friendly enough UI. I did an informal survey of people I know and the domains and emails will match in a majority of cases but they might not always match exactly so you might have a company with a website foo.com and an email [email protected] (although foobar.com did redirect back to foo.com). And while I can easily check that I'm not sure what other variations might be out there (maybe fooLA.com and email [email protected], etc.)

Read the article

First Experience with Web Services

When I first started programming with Microsoft .Net (1.0 Framework) I had a strong desire to learn how search engines indexed web sites. At that time I was a working as a search engine spammer creating web pages to generate traffic for specific themes for various clients. One way I attempted to better understand .Net was to build a web spider that analyzed web pages on demand. An example of the spider is hosted at AddLinkz.com. After my spider was built I had no real idea what I could/should do with it until I found the MSN Search API. I used this web service to compare its results with my spider. Additionally, I used the API to feed my .Net web spider new URLs from the API based on specific search terms. MSN’s search API was very easy to use, I just had to request information by calling a web URL with parameters via a Get request and the results were returned in XML. At that time all requests were limited to XML responses and a maximum of 1,000 results per query. Since then the entire API has gone through several reconstructions, rebranding and new search services. Microsoft’s new Bing API replaced the older MSN search API and added several new search capabilities. These new features allow search data to be returned for web searches, image searches, new searches, and related search terms to name a few. Bing API Version 2.0 SourceTypes Web Searches for web content Sushi Image Searches for images on the web Sushi News Searches news stories Sushi InstantAnswer Searches Encarta online what is sushi, convert 5 feet to meters, x*5=7, and 2 plus 2 Spell Searches Encarta dictionary for spelling suggestions Phonebook Searches phonebook entries sushi in Los Angeles RelatedSearch Returns the query strings most similar to yours Ad Returns advertisements to incorporate with results I currently plan to start using the web search feature from the new Bing 2.0 API in an open source project related to exception management. Currently, it is still in the conception phase.

Read the article

Why does mod_security require an ACCEPT HTTP header field?

- by ripper234

After some debugging, I found that the core ruleset of mod_security blocks requests that don't have the (optional!) ACCEPT header field. This is what I find in the logs: ModSecurity: Warning. Match of "rx ^OPTIONS$" against "REQUEST_METHOD" required. [file "/etc/apache2/conf.d/modsecurity/modsecurity_crs_21_protocol_anomalies.conf"] [line "41"] [id "960015"] [msg "Request Missing an Accept Header"] [severity "CRITICAL"] [tag "PROTOCOL_VIOLATION/MISSING_HEADER"] [hostname "example.com"] [uri "/"] [unique_id "T4F5@H8AAQEAAFU6aPEAAAAL"] ModSecurity: Access denied with code 400 (phase 2). Match of "rx ^OPTIONS$" against "REQUEST_METHOD" required. [file "/etc/apache2/conf.d/modsecurity/optional_rules/modsecurity_crs_21_protocol_anomalies.conf"] [line "41"] [id "960015"] [msg "Request Missing an Accept Header"] [severity "CRITICAL"] [tag "PROTOCOL_VIOLATION/MISSING_HEADER"] [hostname "example.com"] [uri "/"] [unique_id "T4F5@H8AAQEAAFU6aPEAAAAL"] Why is this header required? I understand that "most" clients send these, but why is their absence considered a security threat?

Read the article

Need help configurating my Tomcat server

- by gablin

I just reinstalled my entire server, and now I can't seem to get my JSP-based website to work on Tomcat anymore. I use the same server.xml file, which worked perfectly before the reinstallation, but no longer. Here's the content of the server.xml file which worked before:  <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />  <Listener className="org.apache.catalina.core.JasperListener" />  <Listener className="org.apache.catalina.mbeans.ServerLifecycleListener" /> <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />  <GlobalNamingResources>  <Resource name="UserDatabase" auth="Container" type="org.apache.catalina.UserDatabase" description="User database that can be updated and saved" factory="org.apache.catalina.users.MemoryUserDatabaseFactory" pathname="conf/tomcat-users.xml" /> </GlobalNamingResources>  <Service name="Catalina">    <Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" />      <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />   <Engine name="Catalina" defaultHost="localhost">      <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/>        <Host name="www.rebootradio.nu"> <Alias>rebootradio.nu</Alias> <Context path="" docBase="D:/services/http/rebootradio.nu" debug="1" reloadable="true"/> </Host> </Engine> </Service> </Server> The JSP site doesn't use any WAR files or anything like that; there's just a default.jsp in the specified folder D:/services/http/rebootradio.nu which loads the site. As I said, this configuration worked before, but now with the latest verion of XAMPP and Tomcat it doesn't work anymore. All I get is a 404 message saying The requested resource () is not available.

Read the article

How to REALLY start thinking in terms of objects?

- by Mr Grieves

I work with a team of developers who all have several years of experience with languages such as C# and Java. Most of them are young enough to have been shown OOP as a standard way to develop software in university and are very comfortable with concepts such as inheritance, abstraction, encapsulation and polymorphism. Yet, many of them, and I have to include myself, still tend to create classes which are meant to be used in a very functional fashion. The resulting software is often several smaller classes which correctly represent business objects which get passed through larger classes which only supply ways to modify and use those objects (functions). Large complex difficult-to-maintain classes named Manager are usually the result of such behaviour. I can see two theoretical reasons why people might write this type of code: It's easy to start thinking of everything in terms of the database Deep down, for me, a computer handling a web request feels more like a functional operation than an object oriented operation when you think about Request Handlers, Threads, Processes, CPU Cores and CPU operations... I want source code which is easy to read and easy to modify. I have seen excellent examples of OO code which meet these objectives. How can I start writing code like this? How I can I really start thinking in an object oriented fashion? How can I share such a mentality with my colleagues?

Read the article

In TCP/IP terms, how does a download speed limiter in an office work?

- by TessellatingHeckler

Assume an office of people, they want to limit HTTP downloads to a max of 40% bandwidth of their internet connection speed so that it doesn't block other traffic. We say "it's not supported in your firewall", and they say the inevitable line "we used to be able to do it with our Netgear/DLink/DrayTek". Thinking about it, a download is like this: HTTP GET request Server sends file data as TCP packets Client acknowledges receipt of TCP packets Repeat until download finished. The speed is determined by how fast the server sends data to you, and how fast you acknowledge it. So, to limit download speed, you have two choices: 1) Instruct the server to send data to you more slowly - and I don't think there's any protocol feature to request that in TCP or HTTP. 2) Acknowledge packets more slowly by limiting your upload speed, and also ruin your upload speed. How do devices do this limiting? Is there a standard way?

Read the article

AJAX driven "page complete" function? Am I doing it right?

- by Julian H. Lam

This one might get me slaughtered, since I'm pretty sure it's bad coding practice, so here goes: I have an AJAX driven site which loads both content and javascript in one go using Mootools' Request.HTML. Since I have initialization scripts that need to be run to finish "setting up" the template, I include those in a function called pageComplete(), on every page Visiting one page to another causes the previous pageComplete() function to no longer apply, since a new one is defined. The javascript function that loads pages dynamically calls pageComplete() blindly when the AJAX call is completed and is loaded onto the page: function loadPage(page, params) { // page is a string, params is a javascript object if (pageRequest && pageRequest.isRunning) pageRequest.cancel(); pageRequest = new Request.HTML({ url: '<?=APPLICATION_LINK?>' + page, evalScripts: true, onSuccess: function(tree, elements, html) { // Empty previous content and insert new content $('content').empty(); $('content').innerHTML = html; pageComplete(); pageRequest = null; } }).send('params='+JSON.encode(params)); } So yes, if pageComplete() is not defined in one the pages, the old pageComplete() is called, which could potentially be disastrous, but as of now, every single page has pageComplete() defined, even if it is empty. Good idea, bad idea?

Read the article

How do you manage a complexity jump?

- by glenatron

It seems an infrequent but common experience that sometimes you're working on a project and suddenly something turns up unexpectedly, throws a massive spanner in the works and ramps up the complexity a whole lot. For example, I was working on an application that talked to SOAP services on various other machines. I whipped up a prototype that worked fine, then went on to develop a regular front end and generally get everything up and running in a nice, fairly simple and easy to follow fashion. It worked great until we started testing across a wider network and suddenly pages started timing out as the latency of the connections and the time required to perform calculations on remote machines resulted in timed out requests to the soap services. It turned out that we needed to change the architecture to spin requests out onto their own threads and cache the returned data so it could be updated progressively in the background rather than performing calculations on a request by request basis. The details of that scenario are not too important - indeed it's not a great example as it was quite forseeable and people who have written a lot of apps of this type for this type of environment might have anticipated it - except that it illustrates a way that one can start with a simple premise and model and suddenly have an escalation of complexity well into the development of the project. What strategies do you have for dealing with these types of functional changes whose need arises - often as a result of environmental factors rather than specification change - later on in the development process or as a result of testing? How do you balance between avoiding the premature optimisation/ YAGNI/ overengineering risks of designing a solution that mitigates against possible but not necessarily probable issues as opposed to developing a simpler and easier solution that is likely to be as effective but doesn't incorporate preparedness for every possible eventuality?

Search Results

Search found 17460 results on 699 pages for 'validate request'.

Page 221/699 | < Previous Page | 217 218 219 220 221 222 223 224 225 226 227 228 | Next Page >

- by boburob

- by Arik Raffael Funke

- by DigiMortal

- by DrStalker

- by altman

- by TLBH

- by gdm

- by ton.yeung

- by e2bady

- by BipedalShark

- by remi_bourgarel

- by Alexl

- by Ian Oxley

- by Maxim

- by SaltyNuts

- by David Kaczynski

- by elssar

- by MCB

- by ripper234

- by gablin

- by Mr Grieves

- by TessellatingHeckler

- by Julian H. Lam

- by glenatron

< Previous Page | 217 218 219 220 221 222 223 224 225 226 227 228 | Next Page >