Search Results

Search found 120608 results on 4825 pages for 'code access security'.

Page 258/4825 | < Previous Page | 254 255 256 257 258 259 260 261 262 263 264 265  | Next Page >

  • Question: Using Windows 7, Unauthorized Access Exception when running my application

    - by RedEye
    My application is raising an unauthorized access error. While running my application, I try to access a directory in the following location: Application.UserAppDataPath. The Problem: It says I do not have permission to access the Application.UserAppDataPath directory Is there a way to set permissions within my application source code? Something like: Application.UserAppDataPath.SetPermissions()

    Read the article

  • How to configure grails and shiro to mark cookies secure?

    - by j4y
    I'm using Grails 2.2.4 with the Shiro plugin (v1.1.4) and would like to mark the cookies as secure so the session information won't be sent over http. This is the attribute I want to set: securityManager.sessionManager.sessionIdCookie.secure = true The shiro source says to use the Grails bean property override mechanism, which is grails-app/conf/spring/resources.groovy How can I override just the one setting? // If the legacy 'security.shiro.filter.config' option is set, // use our custom INI-based filter... if (application.config.security.shiro.filter.config) { log.warn "security.shiro.filter.config option is deprecated. Use Grails' bean property override mechanism instead." 'filter-class'('org.apache.shiro.grails.LegacyShiroFilter') 'init-param' { 'param-name'('securityManagerBeanName') 'param-value'('shiroSecurityManager') }

    Read the article

  • Code First / Database First / Model First : are they just personnal preferences?

    - by Antoine M
    Merely knowing the internal functionality of each approaches, and after reading a lot of posts, I still can't figure out if each one of them is just a matter of personnal preference for the developper or if they deserve different axes of productivity ? Does one of them should be applyed for some specific productivity needs or MS is just beeing kind offering three different flavours ? Should we consider CF as a sort of improvement over DBF or MF and thinking of it as a futur standard on wich spending a peculiar intelectual investment ... ? Is there a link showing a sort of synthetic table with un-passionate pros and cons for each approach, a little bit like for web-forms and MVC. Sorry for those who will find this question redondant. I know it is.

    Read the article

  • How to restrict an access to some of the functions at third level in Classes (OOPs)

    - by Shantanu Gupta
    I have created a class say A which has some functions defined as protected. Now Class B inherits A and class C inherits B. Class A has private default constructor and protected parameterized constructor. I want Class B to be able to access all the protected functions defined in Class A but class C can have access on some of the functions only not all the functions and class C is inheriting class B. How can I restrict access to some of the functions of Class A from Class C ? Class A { private A(){} protected A(int ){} } Class B : A {} CLass C:B { }

    Read the article

  • json webservice security

    - by crisgomez
    I have a problem regarding json web service security. I tried to developed a sample web application using json webservice,but the problem is the url was exposed on the client side.So from there,anybody can make a program and call the service for a thousand times. Please take note, that the web service will be using for a registration page, in which checks if the user was exist on the database.So there is no authentication happened on this process. What are the approach to secure the calling of the exposed web service?

    Read the article

  • Limiting method access in protected section to few classes

    - by Bharat
    Hi, I want to limit the access of protected methods to certain inherited classes only. For example there is a base class like TBase = Class Protected Method1; Method2; Method3; Method4; End; I have two classes derived from TBase TDerived1 = Class(TBase) //Here i must access only Method1 and Method2 End; TDerived2 = Class(TBase) //Here i must access only Method3 and Method4 End; Then is it possible to access only Method1 and Method2 when i use objects of TDerived1 and Method3 and Method4 when i use objects of TDerived2

    Read the article

  • [CODE GENERATION] How to generate DELETE statements in PL/SQL, based on the tables FK relations?

    - by The chicken in the kitchen
    Is it possible via script/tool to generate authomatically many delete statements based on the tables fk relations, using Oracle PL/SQL? In example: I have the table: CHICKEN (CHICKEN_CODE NUMBER) and there are 30 tables with fk references to its CHICKEN_CODE that I need to delete; there are also other 150 tables foreign-key-linked to that 30 tables that I need to delete first. Is there some tool/script PL/SQL that I can run in order to generate all the necessary delete statements based on the FK relations for me? (by the way, I know about cascade delete on the relations, but please pay attention: I CAN'T USE IT IN MY PRODUCTION DATABASE, because it's dangerous!) I'm using Oracle DataBase 10G R2. This is the result I've written, but it is not recursive: This is a view I have previously written, but of course it is not recursive! CREATE OR REPLACE FORCE VIEW RUN ( OWNER_1, CONSTRAINT_NAME_1, TABLE_NAME_1, TABLE_NAME, VINCOLO ) AS SELECT OWNER_1, CONSTRAINT_NAME_1, TABLE_NAME_1, TABLE_NAME, '(' || LTRIM ( EXTRACT (XMLAGG (XMLELEMENT ("x", ',' || COLUMN_NAME)), '/x/text()'), ',') || ')' VINCOLO FROM ( SELECT CON1.OWNER OWNER_1, CON1.TABLE_NAME TABLE_NAME_1, CON1.CONSTRAINT_NAME CONSTRAINT_NAME_1, CON1.DELETE_RULE, CON1.STATUS, CON.TABLE_NAME, CON.CONSTRAINT_NAME, COL.POSITION, COL.COLUMN_NAME FROM DBA_CONSTRAINTS CON, DBA_CONS_COLUMNS COL, DBA_CONSTRAINTS CON1 WHERE CON.OWNER = 'TABLE_OWNER' AND CON.TABLE_NAME = 'TABLE_OWNED' AND ( (CON.CONSTRAINT_TYPE = 'P') OR (CON.CONSTRAINT_TYPE = 'U')) AND COL.TABLE_NAME = CON1.TABLE_NAME AND COL.CONSTRAINT_NAME = CON1.CONSTRAINT_NAME --AND CON1.OWNER = CON.OWNER AND CON1.R_CONSTRAINT_NAME = CON.CONSTRAINT_NAME AND CON1.CONSTRAINT_TYPE = 'R' GROUP BY CON1.OWNER, CON1.TABLE_NAME, CON1.CONSTRAINT_NAME, CON1.DELETE_RULE, CON1.STATUS, CON.TABLE_NAME, CON.CONSTRAINT_NAME, COL.POSITION, COL.COLUMN_NAME) GROUP BY OWNER_1, CONSTRAINT_NAME_1, TABLE_NAME_1, TABLE_NAME; ... and it contains the error of using DBA_CONSTRAINTS instead of ALL_CONSTRAINTS...

    Read the article

  • What's the correct way to hide/prevent access to wp-admin

    - by Jaypee
    I'm dealing with this matter since a while, I have read a ton of articles and stuff out there but I couldn't find a place that shows the RIGHT way, standard, correct, whatever you like to call it, to prevent access to my wp-admin or wp-login.php On all Wordpress sites I see (the well made ones) you will never see anything if you type thesite.com/wp-admin As I could see, one way to do this is by restricting the access to that folder by creating an .htaccess file and restrict by IP the access to the folder. Seems to be the "cleanest" way to do. What I'm not sure about it is that I have a dynamic address provided by my ISP, so on a certain time my IP will change, that will force me to also change the .htaccess to my new address, I don't see that practical. I can set a range also, but by doing that I will also authorize access to all people within that range of IPs (other clients of my ISP for example). I'm then struggling to find the best/standard way to do this. Anyone can help me? Thanks

    Read the article

  • jQuery ajax is throwing an error code 302... what is this?

    - by AndreMiranda
    Hi everyone! I'm working with ASP.NET MVC and jQuery and I have a UserControl that is repeated in every page. And in every page request, a ajax callback occurs... so far so good. But this is when I'm in localhost. When I publish the site, I notice that this ajax is throwing an error 302, but this only occus in HTTPS pages and in FF and Chrome... on IE this ajax request works fine. What is this error 302? Why it only occurs on https pages and only in FF or chrome? thank you all!!

    Read the article

  • Porting WebSphere code to get remote credentials to Tomcat

    - by Glenn Lawrence
    I have been asked to look into porting some code from a web app under IBM WAS 7 so that it will run under Tomcat 7. This is part of a larger SPNEGO/Kerberos SSO system but for purposes of discussion I have distilled the code down to the following that shows the dependencies on the two WebSphere classes AccessController and WSSubject: GSSCredential clientCreds = (GSSCredential) com.ibm.ws.security.util.AccessController.doPrivileged(new java.security.PrivilegedAction() { public Object run() { javax.security.auth.Subject subject = com.ibm.websphere.security.auth.WSSubject.getCallerSubject(); GSSCredential clientCreds = (GSSCredential) subject.getPrivateCredentials(GSSCredential.class).iterator().next(); return clientCreds; } }); I'd like to be able to do this in Tomcat.

    Read the article

  • SharePoint Navigation Custom Link Security Trimming

    - by ifunky
    Hi, We've got our navigation setup so that subsites show in the global navigation but we have a requirement to also put custom links to external sites which is straight forward. The tricky part is that some of the custom links need security trimming which you don't get when you add your own links to the navigation. Just wondering if anyone has got some ideas on how to work around this? Thanks Dan

    Read the article

  • How to avoid Eclipse warnings when using legacy code without generics?

    - by Paul Crowley
    I'm using JSON.simple to generate JSON output from Java. But every time I call jsonobj.put("this", "that"), I see a warning in Eclipse: Type safety: The method put(Object, Object) belongs to the raw type HashMap. References to generic type HashMap should be parameterized The clean fix would be if JSONObject were genericized, but since it isn't, I can't add any generic type parameters to fix this. I'd like to switch off as few warnings as possible, so adding "@SuppressWarnings("unchecked")" to lots of methods is unappealing, but do I have any other option besides putting up with the warnings?

    Read the article

  • Retrieving all objects in code upfront for performance reasons

    - by ming yeow
    How do you folks retrieve all objects in code upfront? I figure you can increase performance if you bundle all the model calls together? This makes for a bigger deal, especially if your DB cannot keep everything in memory def hitDBSeperately { get X users ...code get Y users... code get Z users... code } Versus: def hitDBInSingleCall { get X+Y+Z users code for X code for Y... }

    Read the article

  • How to access the backing field of an inherited class using fluent nhibernate

    - by Akk
    How do i set the Access Strategy in the mapping class to point to the inherited _photos field? public class Content { private IList<Photo> _photos; public Content() { _photos = new List<Photo>(); } public virtual IEnumerable<Photo> Photos { get { return _photos; } } public virtual void AddPhoto() {...} } public class Article : Content { public string Body {get; set;} } I am currently using thw following to try and locate the backing field but an exception is thrown as it cannot be found. public class ArticleMap : ClassMap<Article> { HasManyToMany(x => x.Photos) .Access.CamelCaseField(Prefix.Underscore) //_photos //... } i tried moving the backing field _photos directly into the class and the access works. So how can i access the backing field of an inherited class?

    Read the article

  • Paypal's "Security header is not valid"

    - by Paypal
    I'm implementing the Express Checkout? I have no problem with the first two steps:SetExpressCheckout and GetExpressCheckout,but met the "Security header is not valid" at DoExpressCheckout. The API credentials are the same! I've fixed it by changing the $environment to live in DoExpressCheckout.(The difference is that it'll use https://api.sandbox.paypal.com/nvp/ instead of https://api-3t.$environment.paypal.com/nvp) But why? Is there something wrong with https://api-3t.$environment.paypal.com/nvp?

    Read the article

  • Turn off IIS 7.5 Attach security warning

    - by Miau
    IIS 7 and Visual Studio 2008, every time you attach to w3wp.exe you get an Attach Security Warning, How do you turn this of? It would be cool to know also, how to keep it attached for linger, as this seems to time out after a while Btw: I Added this as a comment to the answer below, the first thing i did was try the msdn article http://msdn.microsoft.com/en-us/library/ms241736.aspx that doesn't work

    Read the article

  • Make a Method of the Business Layer secure. best practice / best pattern [.net/c#]

    - by gsharp
    Hi We are using ASP.NET with a lot of AJAX "Page Method" calls. The WebServices defined in the Page invokes methods from our BusinessLayer. To prevent hackers to call the Page Methods, we want to implement some security in the BusinessLayer. We are struggling with two different issues. First one: public List<Employees> GetAllEmployees() { // do stuff } This Method should be called by Authorized Users with the Role "HR". Second one: public Order GetMyOrder(int orderId) { // do sutff } This Method should only be called by the owner of the Order. I know it's easy to implement the security for each method like: public List<Employees> GetAllEmployees() { // check if the user is in Role HR } or public Order GetMyOrder(int orderId) { // check if the order.Owner = user } What I'm looking for is some pattern/best practice to implement this kind of security in a generic way (without coding the the if then else every time) I hope you get what i mean :-) Thanks for you help.

    Read the article

  • How can i run code on the client side from a browser?

    - by acidzombie24
    With LLVM and silverlight this may be possible now (or it may be possible with flash). I like the user to select a file and then do the following things 1) Hash it with md5 and sha1 2) If archive check if an exe is in it 3) If archive check if password protected The first to see if the user has uploaded it already (today, yesterday, last month) 2nd to prevent viruses 3rd i should be fine without but if i decide to not allow protected archives i can warn before the user uploads it. How may i do this through the browser?

    Read the article

  • Windows Console .exe won't run if it's downloaded from the internet

    - by Jason Kester
    I have a nightly job on Windows Server 2003 that automatically updates itself by downloading its .exe from Amazon S3. I've noticed that when it performs the download and tries to run the newly downloaded .exe, it is immediately kicked back to the command line without actually running anything. I can verify this by sticking the new version of the code directly on the server and watching it execute successfully, then uploading it to the "update" server, running the bootstrapper then running the .exe and observing it fail to execute. I can only assume that this is due to Windows protecting me from running code from outside its trusted zone. How does a fella go about configuring it to allow code from this particular external location to execute? Thanks!

    Read the article

  • Make a Method of the Business Layer secure. best practice / best pattern

    - by gsharp
    We are using ASP.NET with a lot of AJAX "Page Method" calls. The WebServices defined in the Page invokes methods from our BusinessLayer. To prevent hackers to call the Page Methods, we want to implement some security in the BusinessLayer. We are struggling with two different issues. First one: public List<Employees> GetAllEmployees() { // do stuff } This Method should be called by Authorized Users with the Role "HR". Second one: public Order GetMyOrder(int orderId) { // do sutff } This Method should only be called by the owner of the Order. I know it's easy to implement the security for each method like: public List<Employees> GetAllEmployees() { // check if the user is in Role HR } or public Order GetMyOrder(int orderId) { // check if the order.Owner = user } What I'm looking for is some pattern/best practice to implement this kind of security in a generic way (without coding the the if then else every time) I hope you get what i mean :-)

    Read the article

  • Compromising design & code quality to integrate with existing modules

    - by filip-fku
    Greetings! I inherited a C#.NET application I have been extending and improving for a while now. Overall it was obviously a rush-job (or whoever wrote it was seemingly less competent than myself). The app pulls some data from an embedded device & displays and manipulates it. At the core is a communications thread in the main application form which executes a 600+ lines of code method which calls functions all over the place, implementing a state machine - lots of if-state-then-do type code. Interaction with the device is done by setting the state/mode globally and letting the thread do it's thing. (This is just one example of the badness of the code - overall it is not very OO-like, it reminds of the style of embedded C code the device firmware is written in). My problem is that this piece of code is central to the application. The software, communications protocol or device firmware are not documented at all. Obviously to carry on with my work I have to interact with this code. What I would like some guidance on, is whether it is worth scrapping this code & trying to piece together something more reasonable from the information I can reverse engineer? I can't decide! The reason I don't want to refactor is because the code already works, and changing it will surely be a long, laborious and unpleasant task. On the flip side, not refactoring means I have to sometimes compromise the design of other modules so that I may call my code from this state machine! I've heard of "If it ain't broke don't fix it!", so I am wondering if it should apply when "it" is influencing the design of future code! Any advice would be appreciated! Thanks!

    Read the article

  • Access varialbe from code behind via jQery

    - by Morron
    Hi, I have the following code that I want to return to a variable "t" in jQery: Code behind: Public Shared Function GetSomeText() As String Dim result = "This is from code behind" Return result End Function Caller variable in jQuery: //This is not working like that, I think var t = GetSomeText(); So, how can I make variable "t" get the "result" from Function GetSomeText from code-behind? Thank you.

    Read the article

  • Dealing With Java Default Level Access Specifiers

    - by Tom Tresansky
    I've seen some code in a project recently where some fields in a couple classes have been using the default access modifier without good reason to. It almost looks like a case of "oops, forgot to make these private". Since the classes are used almost exclusively outside of the package they are defined in, the fields are not visible from the calling code, and are treated as private. So the mistake/oversight would not be very noticeable. However, encapsulation is broken. If I wanted to add a new class to the existing package, I could then mess with internal data in objects using fields with default access. So, my questions: Are there any best practices concerning default access specifiers that I should be aware of? Anything that would help prevent this type of accident from re-occurring? Are are any annotations which might say something to the effect of "I really meant for these to be default access"? Using CheckStyle, or any other Eclipse plugins, is there any way to flag instances of default fields, or disallow any not accompanied by, say, a "//default access" comment trailing them?

    Read the article

< Previous Page | 254 255 256 257 258 259 260 261 262 263 264 265  | Next Page >