Search Results

Search found 11717 results on 469 pages for 'credentials manager'.

Page 259/469 | < Previous Page | 255 256 257 258 259 260 261 262 263 264 265 266 | Next Page >

Replay attacks for HTTPS requests

- by MatthewMartin

Let's say a security tester uses a proxy, say Fiddler, and records an HTTPS request using the administrator's credentials-- on replay of the entire request (including session and auth cookies) the security tester is able to succesfully (re)record transactions. The claim is that this is a sign of a CSRF vulnerability. What would a malicious user have to do to intercept the HTTPS request and replay it? It this a task for script kiddies, well funded military hacking teams or time-traveling-alien technology? Is it really so easy to record the SSL sessions of users and replay them before the tickets expire? No code in the application currently does anything interesting on HTTP GET, so AFAIK, tricking the admin into clicking a link or loading a image with a malicious URL isn't an issue.

Read the article
How to assign permissions for Copy/Paste on windows

- by jalchr

Well, as everyone knows there is no way you can assign permissions for Copy/Paste of files on windows platform. I need to control the copy process from a central file server, in a way that helps me know: which user performed the copy Which files were copied where did he pasted them Total size of data copied Time of copy operation If user exceeds the allowed "Copy-Limit", a dialog box requests him to enter administrative credentials or deny him (as it would be configured) Store all this data in a file for later review or send by email. I need to collect this data by putting a utility program on the server itself, without any other installation on client computers. I know about monitoring the Clipboard, but which clipboard would it be? the user's clipboard or the server's clipboard ? And what about drag-drop operation, which doesn't even pass through the clipboard? Any knowledge of whether SystemFileWatcher is useful in such case ? Any ideas ?

Read the article
Determine if count of related model > 0

- by Lowgain

I have a model called Stem. I need a 'thumbs up' feature, so I have created a second model called Thumb, which consists of stem_id and user_id. I'm also using the restful authentication plugin for user credentials. I have the 'thumbs up' button working, which adds a row to the thumbs table fine, but I'd like to be able to check if the currently logged in user has already given a thumbs up to this particular stem. I tried adding this to the Stem model: def thumbed Thumb.count_by_sql ["SELECT COUNT(*) FROM thumbs WHERE user_id = ? AND stem_id = ?", current_user.id, self.id ] end The problem here is that the stem model has no access to the current_user variable the the controllers have. Is there a way I can get access to this property, or alternatively, is there another way I could go about checking this? I was hoping to get this as a property in the model because the stems are passed over to a Flex app using RubyAMF. Thanks!

Read the article
Using JLabels as pseudo buttons.

- by FreeThinker

Currently I am developing a small todo list manager and would like to use labels in place of buttons on the 'context' bar. If any one could provide me with information on how I could go about doing this I would appreciate it greatly.

Read the article
Mint Linux - Downgrade Java to 1.5

- by Chrisc

Hello, Currently, I am running Mint Linux (Release 9). I need to downgrade Java from version 1.6 to 1.5, and have been trying to figure out how to go about this. So far, I've had no luck. The package manager doesn't seem to have it. Does anyone have any suggestions? Thanks, - Chris

Read the article
codeigniter: how to redirect after login to current controller (php_self in regular php)

- by krike

Well it's not really a problem but I check if the user exist and log them in and redirect to site/members_area, but I don't want to send the user to a specific page but i want to reload the current controller. So if I login in index/home I would like to be redirected at index/home, how should I proceed? in regular php I would put in the action to redirect to current page <?php echo $_SERVER['PHP_SELF']; ?> This is the code in the framework function validate_credentials() { $this->load->model('membership_model'); $query = $this->membership_model->validate(); if($query) // if the user's credentials validated... { $data = array( 'username' => $this->input->post('username'), 'is_logged_in' => true ); $this->session->set_userdata($data); redirect('site/members_area'); //<-- this line here should be dynamic } else // incorrect username or password { $this->index(); } }

Read the article
Powershell: error handling with try and catch

- by resolver101

I'm writing a script and want to control the errors. However im having trouble finding information on error handling using the try, catch. I want to catch the specific error (shown below) and then perform some actions and resume the code. What code is needed for this? This is the code i am running and im entering in a invalid username when prompted. Get-WMIObject Win32_Service -ComputerName localhost -Credential (Get-Credential) Get-WmiObject : User credentials cannot be used for local connections At C:\Users\alex.kelly\AppData\Local\Temp\a3f819b4-4321-4743-acb5-0183dff88462.ps1:2 char:16 + Get-WMIObject <<<< Win32_Service -ComputerName localhost -Credential (Get-Credential) + CategoryInfo : InvalidOperation: (:) [Get-WmiObject], ManagementException + FullyQualifiedErrorId : GetWMIManagementException,Microsoft.PowerShell.Commands.GetWmiObjectCommand

Read the article
RESTFul, statelesness and sessions

- by Per Arneng

RESTFul service has a rule that it should be stateless. By beeing that it does not allow a session to be created and maintained by sending a session key between the client and the server and then holding a session state on the server. If i look at the definition in wikipedia of stateless server http://en.wikipedia.org/wiki/Stateless_server "A stateless server is a server that treats each request as an independent transaction that is unrelated to any previous request" It states that it should be unrelated to any previous request. In practice this means that any type of authentication will be comparing the credentials of a user to a state on the server that was created by a previous operation. So a service called login is related to and dependent on the state that has been created by previous requests (ex: create_user and/or change_password). In my view you are breaking statelessnes by doing authentication. My point is that people are complaining about having sessions in RESTFul is breaking statelesness but doing authentication is also breaking the same rule. What do you think?

Read the article
maven .Net build plugin clean, compile problem

- by senzacionale

i am using http://maven-dotnet-plugin.appspot.com/ but i get when i use clean command: [INFO] Internal error in the plugin manager executing goal 'org.codehaus.sonar-plugins.dotnet:maven-dotnet-plugin:0.1:clean': Unable to load the mojo 'org.codehaus.sonar-plugins.dotnet:maven-dotnet-plugin:0.1:clean' in the plugin 'org.codehaus.sonar-plugins.dotnet:maven-dotnet-pl ugin'. A required class is missing: org/codehaus/plexus/util/cli/CommandLineException org.codehaus.plexus.util.cli.CommandLineException [INFO]

Read the article
How do I authenticate a Twitter user and access the API without leaving my iPhone app?

- by thebossman

I'd like to allow users to send out Tweets from my iPhone app. That's all the functionality I need at the moment. From what I know of the Twitter API, there's a standard authentication mechanism, which allows the developer to include the user's name and password in the request string that the application sends to Twitter. This method will no longer be supported come June 30, 2010. Given the timeframe, the better other choice is oAuth. One of the caveats of oAuth is that it requires a UIWebView to pop up within the app to allow the user to enter his or her credentials or a PIN number. None of the Twitter apps on my phone do this, however: Tweetie, TweetDeck and Twitterific. I assume they're using the first authentication method, but it seems like Twitter wouldn't deprecate an API that would hurt the user experience across the board. There must be an alternative method--what am I missing?

Read the article
Activesync wont connect to my Windows CE 6 device

- by Presidenten

Hi! When I connect my Windows CE 6 device to my development machine I get Microsoft USB Sync to register in Windows Device manager. But I cant connect with ActiveSync for some reason. Any ideas on how to fix this? It worked with Windows CE 5, but when we upgraded ActiveSync-functionality disappeared.

Read the article
SQL efficiency argument, add a column or solvable by query?

- by theTurk

I am a recent college graduate and a new hire for software development. Things have been a little slow lately so I was given a db task. My db skills are limited to pet projects with Rails and Django. So, I was a little surprised with my latest task. I have been asked by my manager to subclass Person with a 'Parent' table and add a reference to their custodian in the Person table. This is to facilitate going from Parent to Form when the custodian, not the Parent, is the FormContact. Here is a simplified, mock structure of a sql-db I am working with. I would have drawn the relationship tables if I had access to Visio. We have a table 'Person' and we have a table 'Form'. There is a table, 'FormContact', that relates a Person to a Form, not all Persons are related to a Form. There is a relationship table for Person to Person relationships (Employer, Parent, etc.) I've asked, "Why this couldn't be handled by a query?" Response, Inefficient. (Really!?!) So, I ask, "Why not have a reference to the Form? That would be more efficient since you wouldn't be querying the FormContacts table with the reference from child/custodian." Response, this would essentially make the Parent is a FormContact. (Fair enough.) I went ahead an wrote a query to get from non-FormContact Parent to Form, and tested on the production server. The response time was instantaneous. *SOME_VALUE* is the Parent's fk ID. SELECT FormID FROM FormContact WHERE FormContact.ContactID IN (SELECT SourceContactID FROM ContactRelationship WHERE (ContactRelationship.RelatedContactID = *SOME_VALUE*) AND (ContactRelationship.Relationship = 'Parent')); If I am right, "This is an unnecessary change." What should I do, defend my position or should I concede to the managers request? If I am wrong. What is my error? Is there a better solution than the manager's?

Read the article
Sign in as different user when using Integrated Windows Authentication

- by Sam

I have restricted access to a site by using Integrated Windows Authentication and turning off anonymous access. This way I can then show them their real name (from looking up on Active Directory and using the server variable LOGON_USER) and do other related Active Directory tasks. How can I then prompt again for their user credentials, through a 'sign in as other user' link , showing the browser prompt (like you would get on a browser like Chrome or Firefox, or if the site was not in the 'Intranet' zone in IE) rather than a Web Form? Since SharePoint offers this functionality, I assume there is a way to do this through code, but I don't know what code can do this (using C#). I can send a 401 header which makes the prompt appear, but how do you then confirm if they are logged in?

Read the article
List of existing Android Virtual Devices empty

- by sunpech

I'm new to Android development and I'm currently going through some tutorials. When I setup a new Android Project in Eclipse, and select Windows - Android SDK and AVD Manager, in Virtual Devices, the list of existing Android Virtual Devices is empty. Is it supposed to be? From the pictures in the tutorial, it's pre-populated. Can I download these AVDs from somewhere, am I missing something here? Also, I'm developing this on my Macbook Pro.

Read the article
Is automated unit-testing on Cognos possible ?

- by Evandro

Hi everyone ! Does anyone know if there is any tool or a way to apply automated unit testing in report studio and/or framework manager ? When some regression tests are required and I need to run report by report, on the traditional way, it really bothers me. Best regards, Evandro

Read the article
Create, Delete and Use e-mail accounts within a website! Is it possible?

- by BitDrink

Hello! I'm developing an administration panel (in php), for a website (in a shared host), to let the administrator to manage the personal infos of the employees! With this panel should be possible to create or delete an e-mail account for an employee and if the employee logs in the admin panel, he/she should be able to access to his/her e-mail account! I had thought to install Horde WebMail on the website to let the employees use their e-mail accounts ... but how can I pass the login credentials to Horde? And what you suggest to create and delete the e-mails account that can be read by Horde? Any other suggestion is greatly appreciated! Thanks in advance!!! EDIT: Or are there better alternatives to Horde to accomplish, at least, the e-mail account access from within the web site?

Read the article
Use the ASUS Express Gate Button to boot an other Operating System

- by Ruby

I have a ASUS U50AG Notebook, with a normal Power On and an Express Gate Power On Button. Now i will install a Windows and a Linux. To start one of the OS i will use one of the Button. Und use no Boot Manager. How can i do that?

Read the article
SelectedItem in ListView binding

- by Matt

I'm new in wfp. In my sample application I'm using a ListView to display contents of property. I don't know how to bind SelectedItem in ListView to property and then bind to TextBlock. Window.xaml <Window x:Class="Exec.App" xmlns="http://schemas.microsoft.com/winfx/2006/xaml/presentation" xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml" Title="Main window" Height="446" Width="475" > <Grid> <ListView Name="ListViewPersonDetails" Margin="15,12,29,196" ItemsSource="{Binding Persons}" SelectedItem="{Binding CurrentSelectedPerson}"> <ListView.View> <GridView> <GridViewColumn Header="FirstName" DisplayMemberBinding="{Binding FstNamePerson}"/> <GridViewColumn Header="LastName" DisplayMemberBinding="{Binding SndNamePerson}"/> <GridViewColumn Header="Address" DisplayMemberBinding="{Binding AdressPerson}"/> </GridView> </ListView.View> </ListView> <TextBlock Height="23" Name="textFirstNameBlock" FontSize="12" Margin="97,240,155,144"> <Run Text="Name: " /> <Run Text="{Binding CurrentSelectedPerson.FstNamePerson}" FontWeight="Bold" /> </TextBlock> <TextBlock Height="23" Name="textLastNameBlock" FontSize="12" Margin="97,263,155,121"> <Run Text="Branch: " /> <Run Text="{Binding CurrentSelectedPerson.SndNamePerson}" FontWeight="Bold" /> </TextBlock> <TextBlock Height="23" Name="textAddressBlock" FontSize="12" Margin="0,281,155,103" HorizontalAlignment="Right" Width="138"> <Run Text="City: " /> <Run Text="{Binding CurrentSelectedPerson.AdressPerson}" FontWeight="Bold" /> </TextBlock> </Grid> </Window> MainWindow.xaml.cs Tman manager = new Tman(); private List<Person> persons; public List<Person> Persons { get { return this.persons; } set { if (value != null) { this.persons = value; this.NotifyPropertyChanged("Data"); } } } private Person currentSelectedPerson; public Person CurrentSelectedPerson { get { return currentSelectedPerson; } set { this.currentSelectedPerson = value; this.NotifyPropertyChanged("CurrentSelectedItem"); } } public event PropertyChangedEventHandler PropertyChanged; private void NotifyPropertyChanged(string propertyName) { var handler = this.PropertyChanged; if (handler != null) { handler(this, new PropertyChangedEventArgs(propertyName)); } } private void Window_Loaded(object sender, RoutedEventArgs e){ ListViewPersonDetails.ItemsSource= manager.GetPersons(); } Person.cs class Person { public string FirstName { get; set; } public string LastName { get; set; } public string Address { get; set; } } Thanks for any help.

Read the article
Django: Summing values

- by Anry

I have a two Model - Project and Cost. class Project(models.Model): title = models.CharField(max_length=150) url = models.URLField() manager = models.ForeignKey(User) class Cost(models.Model): project = models.ForeignKey(Project) cost = models.FloatField() date = models.DateField() I must return the sum of costs for each project. view.py: from mypm.costs.models import Project, Cost from django.shortcuts import render_to_response from django.db.models import Avg, Sum def index(request): #... return render_to_response('index.html',... How?

Read the article
SQL reporting services reference

- by SonOfOmer

Hi everyone, I want to add service reference to SQL reporting services on local machine. In Reporting Service Configuration Manager under Web Service URL tab I have report service URL exposed, I have tried to add web reference to project with that Web Reference URL, but it can not be found. Please tell me am I missing something or is this right way to to? Thanks a lot.

Read the article
FastMM and Dynamically loaded DLLs

- by Vegar

I have a host application, that loads a dozen of libraries at start up. I want to switch from Delphi 7s default memory manager to the full version of FastMM4 for better mem leak reporting. Should I include FastMM4 in the uses section of both the host application and the libraries? What about shared runtime packages? -Vegar

Read the article
Can I migrate from ClearCase to Serena VM?

- by Rich B

I have a repository using Rational ClearCase Explorer 2003.06.10+ which I want to migrate into Serena ChangeMan Version Manager 8.1.4.2. Is this possible? The ClearCase repository was not used for all it's functions, just as a place to hold copies of documents, so the only thing I need to keep is the files and their version histories.

Read the article
How to lock non-browser clients from submitting a request?

- by Thomas Kohl

I want to block non-browser clients from accessing certain pages / successfully making a request. The website content is served to authenticated users. What happens is that our user gives his credentials to our website to 3rd party - it can be another website or a mobile application - that performs requests on his behalf. Say there is a form that the user fills out and sends a message. Can I protect this form so that the server processing the submission can tell whether the user has submitted it directly from the browser or not? I don't want to use CAPTCHA for usability reasons. Can I do it with some javascript?

Read the article
Dollar ($) sign in password string treated as variable

- by ncatnow

Spent some time troubleshooting a problem whereby a PHP/MySQL web application was having problems connecting to the database. The database could be accessed from the shell and phpMyAdmin with the exact same credentials and it didn't make sense. Turns out the password had a $ sign in it: $_DB["password"] = "mypas$word"; The password being sent was "mypas" which is obviously wrong. What's the best way to handle this problem? I escaped the $ with a \ $_DB["password"] = "mypas\$word"; and it worked. I generally use $string = 'test' for strings which is probably how I avoided running into this before. Is this correct behavious? What if this password was stored in a database and PHP pulled it out - would this same problem occur? What am I missing here...

Read the article
SQL Comments on Create Table on SQL Server 2008

- by user494901

I need to create some pretty big tables in SQL server 2008, while I do have SQL Server Manager Studio, I would like to comment the tables and the columns when I create the table. How do I do this? Example of the query I am running: CREATE TABLE cert_Certifications ( certificationID int PRIMARY KEY IDENTITY, profileID int, cprAdultExp datetime null ) I've tried COMMENT'Expiration Date for the Adult CPR' and COMMENT='Expiration Date for the Adult CPR' after the data type, and SQL server is giving me an error.

Read the article

< Previous Page | 255 256 257 258 259 260 261 262 263 264 265 266 | Next Page >