Search Results

Search found 41783 results on 1672 pages for 'method group'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 290/1672 | < Previous Page | 286 287 288 289 290 291 292 293 294 295 296 297  | Next Page >

  • Is there a debian lenny patch to allow apt-get to work with sftp?

    - by MiniQuark
    I would like to write things like this in /etc/apt/sources.list: deb sftp://[email protected]/path other stuff When I try this, apt-get complains that there is no sftp method for apt: # apt-get update E: The method driver /usr/lib/apt/methods/sftp could not be found. Has anyone written a patch to add the sftp method for apt? All I could find in Google was this spec for Ubuntu. Thanks for your help.

    Read the article

  • Gnome Desktop Environment install error

    - by Barbaros
    So i moved to a new server and i want to install gnome desktop environment to access my server via vnc viewer. But, i don't remember how i managed to install last time, so i tried yum groupinstall "GNOME Desktop Environment" command and server said Warning: Group GNOME Desktop Environment does not exist. No packages in any requested group available to install or update It's a brand new server so i didn't add any repos or else yet It's a centos 5.5 server ...

    Read the article

  • How to goup EC2 instances in order to delegate administrations to differents teams?

    - by Olivier
    Is it possible (using ARN) to make severals groups of instances. Then using differents policy to grant some access to a group of instance only and not the other instances? For example : { "Statement": [ { "Action": "ec2:*", "Effect": "Allow", "Resource": "*" }, { "Effect": "Allow", "Action": "elasticloadbalancing:*", "Resource": "*" }, { "Effect": "Allow", "Action": "cloudwatch:*", "Resource": "*" }, { "Effect": "Allow", "Action": "autoscaling:*", "Resource": "*" } ] } Instead of "*" could we use a group or something like that? like a specific subnet? a Tag? or whatever... Thanks for your help

    Read the article

  • LDAP authentication ... Log in fail on the LDAP client

    - by billyduc
    I can get the password and group from the LDAP client getent passwd getent group work sucessfully But when I try 'su USERNAME' the name from the LDAP server or 'ssh USERNAME@localhost' it prompt me a user password, I typed exactly the USERNAME password but it return "su : Authentication Failure" or "Permission denied, Please try again". I don't know why? it only work when I was at root at the client and "su USERNAME"

    Read the article

  • add blank for 0 result into existing formula

    - by Tom
    is there any way to use this formula [<30,0,1)) for a group of cells in Sheet1!(A14:I100)] and if result == 0 insert blank or add [=IF(O16=0,"",] somehow so all 0 results just show a blank result. I'm just not sure how to add this to my formula so if Cell a176= 07:48:16 and formula [<30,0,1)) for a group of cells in Sheet1!(A14:I100)] changes it to 468, all is good - however if Cell a176= 00:00:16, the result is "0" - I would like the result to be "" blank "" instead of "0". any ideas??

    Read the article

  • How to Assign datastorage Limit to the datastore from LM?

    - by esxvmuser
    Guys, We have a Data Storeage XYZ with 1TB HDD and 32 GB ram. - We want to assign this to 2 different groups 500GB HDD, 16GB RAM to Group - A and 500GB HDD and 16GB RAM to another group. We want to set this limit from LM, can you please comments if this is possible? and if yes could you please point us where can we do this in LM?

    Read the article

  • OSX Server - How to set environment variable on network user login

    - by tmkly3
    I have a group of users on my server, "Developers", and I would like an environment variable to be set for them whenever they login. More specifically, when anyone in this group logs in, I would like the equivalent of: setenv ANDROID_SDK_HOME /Developers/Android/User to be set at login. I can do this with a login script if necessary, but what I'm asking is: is it possible to set this type of thing in Profile Manager, Workgroup Manager, Directory Utility, etc? Thanks - I've looked everywhere but can't find anything.

    Read the article

  • What's the correct SELinux type for a directory?

    - by unthar
    If I create a new filesystem/directory off of / and I set the Linux permissions to 770 I expect the group to be able to read and write files in that directory. SELinux was preventing me from doing this until I changed the SELinux type on that directory to public_content_rw_t. If this is just a directory in which users in that group will share files is this an acceptable SELinux type or should I be using another one? Writing a custom policy seems like overkill for these purposes. Thanks

    Read the article

  • Ubuntu server; Should I add a new user or not?

    - by Camran
    On my Ubuntu server, when I do everything now I do it as "root" user. So for example, logging into ftp filezilla, I enter "root" as username... Is this the way to do it, or should I create a users group and add priveliges to the users in that group? Don't know if I should create a new user or not, it works with root just fine, but I don't want any security flaws... Thanks

    Read the article

  • Compiz: Switching focus by application instead of by window

    - by Ivan Vucica
    I got used to OS X way of doing things (separate shortcuts for switching between applications and switching between current application's windows). Is there a way to get Compiz to have a shortcut (such as Super+Tab) to switch between applications ("window groups") instead of between windows? I already got the "Scale" plugin (an expose clone) to display only windows from current window group, proving there is a way to group by application, but I cannot find a way to get the "Application Switcher" to switch between these groups instead of between windows themselves.

    Read the article

  • Looking for command line interface for setting Index properties for many files

    - by Sherryl
    I'm looking for a way to set a group of File Types to "Index Properties and File Contents" (Control Panel, Indexing Options, Advanced Options, File Types). Basically I'd like to write a batch file that switches that setting for a large group of file types and be able to share it with my entire team. Clicking in the UI is time consuming for everyone. This is a great solution for bringing up the GUI, but I'd like to create a batch file What is the command line for Indexing Options?

    Read the article

  • windows 2000 domain controller

    - by Chris
    in active directory 2000 server i have 5 groups of users and every user has different policies. The problem is that a different desktop loads for only one specific user no matter what changes i make in administrative templates. If i copy this user profile and paste it to another group with a different name windows workaround loads as it should but some policies are not applied. Does anybody know a way to solve this problem instead of creating a new group and user from scratch?

    Read the article

  • Multiple [Stand-alone] zip files creation?

    - by im_chc
    How can I automatically zip a group of files into multiple zip files (say, 2mb in size for each file), and that each zip file is a stand-alone zip file? (i.e. not mult-volume zip files, that you can't lost any one of the files, otherwise you can't unzip) Is there any tools available to do so? Actually I just need to group the files into many groups, 2mb each etc, zipped or not zipped doesn't matter thx!

    Read the article

  • Win 7 64-bit - looking for command line interface for setting Index properties for many files

    - by Sherryl
    I'm looking for a way to set a group of File Types to "Index Properties and File Contents" (Control Panel, Indexing Options, Advanced Options, File Types). Basically I'd like to write a batch file that switches that setting for a large group of file types and be able to share it with my entire team. Clicking in the UI is time consuming for everyone. This is a great solution for bringing up the GUI, but I'd like to create a batch file What is the command line for Indexing Options?

    Read the article

  • Permission to make symbolic links in Windows 7?

    - by karolrvn
    How to enable a particular user the possibility to create symlinks in Windows 7? I searched "Group Policy" and google, but haven't found it. BTW: Is there a way to search through everything in Group Policy Editor? The filters only seem to work on particular subtrees. Actually I never found anything using the filters. TIA

    Read the article

  • Linux RHEL : Making disk image efficiently

    - by TheProfoundGeek
    I have a linux box having RHEL. Its disk (hda1) is having free space of about 25GB. I have an another disk (hda2) which is of 250GB having another RHEL instance, it's partitioned for 200GB. Data on the disk occupies about 21GB of data. The image of hda2 needs to be taken and restored on other disk of same specs. What is the best way to make image file of the hda2? Ideally the images size should be around 25GBs as the actual data on the disk is just 21GB. I am aware about the following two methods. Method 1 : Raw Image dd if=/dev/hda2 of=/path/to/image dd if=/path/to/image of=/dev/hda3 Question 1 : Will the above method make a gigantic image of 250GBs? Is it efficient? Method 2 : Compressed Image. dd if=/dev/hda2 | gzip > /path/to/image.gz gzip -dc /path/to/image.gz | dd of=/dev/hda2 Question 2 : I tried the method 2, its taking too long. What are the pit falls of this methods? Which of the above method id efficient and why? Is there any other Linux utility which can do the job? Third party tools are no no.

    Read the article

  • What do the "ALL"s in the line " %admin ALL=(ALL) ALL " in Ubuntu's /etc/sudoers file stand for?

    - by sri
    What does each ALL mean? I understand that the whole line indicates that the admin group members get admininstartive privileges, but would like to know more info about the position of the ALLS and if they each refer to a different set of permissions or something like that? $sudo cat /etc/sudoers ... # User privilege Information root ALL=(ALL) ALL #... %sudo ALL=(ALL) ALL # #includedir /etc/sudoers.d #Members of the admin group may gain root privileges %admin ALL=(ALL) ALL # If it matters: OS: Ubuntu : 10.4

    Read the article

  • Filtering in a HierarchicalDataTemplate via MarkupExtension?

    - by Dan Bryant
    I'm trying to create a MarkupExtension to allow filtering of items in an ItemsSource of a HierarchicalDataTemplate. In particular, I'd like to be able to supply a method name that will be executed on the DataContext in order to perform the filtering. The usage syntax I'm after looks like this: <HierarchicalDataTemplate DataType="{x:Type src:DeviceBindingViewModel}" ItemsSource="{Utilities:FilterCollection {Binding Definition.Entries}, MethodName=FilterEntries}"> <StackPanel Orientation="Horizontal"> <Image Source="{StaticResource BindingImage}" Width="24" Height="24" Margin="3"/> <TextBlock Text="{Binding DisplayName}" FontSize="12" VerticalAlignment="Center"/> </StackPanel> </HierarchicalDataTemplate> My code for the custom MarkupExtension looks like this: public sealed class FilterCollectionExtension : MarkupExtension { private readonly MultiBinding _binding; private Predicate<Object> _filterMethod; public string MethodName { get; set; } public FilterCollectionExtension(Binding binding) { _binding = new MultiBinding(); _binding.Bindings.Add(binding); //We package a reference to the DataContext with the binding so that the Converter has access to it var selfBinding = new Binding {RelativeSource = RelativeSource.Self}; _binding.Bindings.Add(selfBinding); _binding.Converter = new InternalConverter(this); } public FilterCollectionExtension(Binding binding, string methodName) : this(binding) { MethodName = methodName; } public override object ProvideValue(IServiceProvider serviceProvider) { return _binding; } private bool FilterInternal(Object dataContext, Object value) { //Filtering is only applicable if a DataContext is defined if (dataContext != null) { if (_filterMethod == null) { var type = dataContext.GetType(); var method = type.GetMethod(MethodName, new[] { typeof(Object) }); if (method == null || method.ReturnType != typeof(bool)) throw new InvalidOperationException("Could not locate a filter predicate named " + MethodName + " on the DataContext"); _filterMethod = (Predicate<Object>)Delegate.CreateDelegate(typeof(Predicate<Object>), dataContext, method); } else { if (_filterMethod.Target != dataContext) { _filterMethod = (Predicate<Object>) Delegate.CreateDelegate(typeof (Predicate<Object>), dataContext, _filterMethod.Method); } } if (_filterMethod != null) return _filterMethod(value); } //If no filtering resolved, just allow all elements return true; } private class InternalConverter : IMultiValueConverter { private readonly FilterCollectionExtension _owner; public InternalConverter(FilterCollectionExtension owner) { _owner = owner; } public object Convert(object[] values, Type targetType, object parameter, System.Globalization.CultureInfo culture) { var enumerable = values[0]; var targetElement = (FrameworkElement)values[1]; var view = CollectionViewSource.GetDefaultView(enumerable); view.Filter = item => _owner.FilterInternal(targetElement.DataContext, item); return view; } public object[] ConvertBack(object value, Type[] targetTypes, object parameter, System.Globalization.CultureInfo culture) { throw new NotSupportedException("Cannot convert back"); } } } I can see that the extension is instantiated and I can see it return the MultiBinding that is used by the Template. I also see the call to the InternalConverter.Convert method, which sees the expected parameters (I see the collection provided by the nested {Binding}) and is successfully able to retrieve the ICollectionView for the incoming collection. The only problem is that FilterInternal never gets called. The template is ultimately being used by a TreeView, if that's relevant. I haven't been able to figure out why the FilterInternal method is not being called and I was hoping somebody might be able to offer some insight.

    Read the article

  • exception creating a JDBC Conection Pool Glassfish v3

    - by jon
    Hi all, I am experiencing problems creating a connection pool in glassfish v3, just for reference i am using the Java EE glassfish bundle. my enviroment vars are as follows Url: jdbc:oracle:thin:@localhost:1521:xe User: sys Password : xxxxxxxx which i think is all i need to make a connection. but i get the following exception WARNING: Can not find resource bundle for this logger. class name that failed: com.sun.gjc.common.DataSourceObjectBuilder SEVERE: jdbc.exc_cnfe_ds java.lang.ClassNotFoundException: oracle.jdbc.pool.OracleDataSource at java.net.URLClassLoader$1.run(URLClassLoader.java:202) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:190) at java.lang.ClassLoader.loadClass(ClassLoader.java:307) at java.lang.ClassLoader.loadClass(ClassLoader.java:248) at java.lang.Class.forName0(Native Method) at java.lang.Class.forName(Class.java:247) at com.sun.gjc.common.DataSourceObjectBuilder.getDataSourceObject(DataSourceObjectBuilder.java:279) at com.sun.gjc.common.DataSourceObjectBuilder.constructDataSourceObject(DataSourceObjectBuilder.java:108) at com.sun.gjc.spi.ManagedConnectionFactory.getDataSource(ManagedConnectionFactory.java:1167) at com.sun.gjc.spi.DSManagedConnectionFactory.getDataSource(DSManagedConnectionFactory.java:135) at com.sun.gjc.spi.DSManagedConnectionFactory.createManagedConnection(DSManagedConnectionFactory.java:90) at com.sun.enterprise.connectors.service.ConnectorConnectionPoolAdminServiceImpl.getManagedConnection(ConnectorConnectionPoolAdminServiceImpl.java:520) at com.sun.enterprise.connectors.service.ConnectorConnectionPoolAdminServiceImpl.getUnpooledConnection(ConnectorConnectionPoolAdminServiceImpl.java:630) at com.sun.enterprise.connectors.service.ConnectorConnectionPoolAdminServiceImpl.testConnectionPool(ConnectorConnectionPoolAdminServiceImpl.java:442) at com.sun.enterprise.connectors.ConnectorRuntime.pingConnectionPool(ConnectorRuntime.java:898) at org.glassfish.admin.amx.impl.ext.ConnectorRuntimeAPIProviderImpl.pingJDBCConnectionPool(ConnectorRuntimeAPIProviderImpl.java:570) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.glassfish.admin.amx.impl.mbean.AMXImplBase.invoke(AMXImplBase.java:1038) at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:836) at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:761) at javax.management.MBeanServerInvocationHandler.invoke(MBeanServerInvocationHandler.java:288) at org.glassfish.admin.amx.util.jmx.MBeanProxyHandler.invoke(MBeanProxyHandler.java:453) at org.glassfish.admin.amx.core.proxy.AMXProxyHandler._invoke(AMXProxyHandler.java:822) at org.glassfish.admin.amx.core.proxy.AMXProxyHandler.invoke(AMXProxyHandler.java:526) at $Proxy233.pingJDBCConnectionPool(Unknown Source) at org.glassfish.admingui.common.handlers.JdbcTempHandler.pingJdbcConnectionPool(JdbcTempHandler.java:99) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at com.sun.jsftemplating.layout.descriptors.handler.Handler.invoke(Handler.java:442) at com.sun.jsftemplating.layout.descriptors.LayoutElementBase.dispatchHandlers(LayoutElementBase.java:420) at com.sun.jsftemplating.layout.descriptors.LayoutElementBase.dispatchHandlers(LayoutElementBase.java:394) at com.sun.jsftemplating.layout.event.CommandActionListener.invokeCommandHandlers(CommandActionListener.java:150) at com.sun.jsftemplating.layout.event.CommandActionListener.processAction(CommandActionListener.java:98) at javax.faces.event.ActionEvent.processListener(ActionEvent.java:88) at javax.faces.component.UIComponentBase.broadcast(UIComponentBase.java:772) at javax.faces.component.UICommand.broadcast(UICommand.java:300) at com.sun.webui.jsf.component.WebuiCommand.broadcast(WebuiCommand.java:160) at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:775) at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1267) at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:82) at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101) at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118) at javax.faces.webapp.FacesServlet.service(FacesServlet.java:312) at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1523) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:343) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:215) at com.sun.webui.jsf.util.UploadFilter.doFilter(UploadFilter.java:240) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:215) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:277) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:188) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:641) at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:97) at com.sun.enterprise.web.PESessionLockingStandardPipeline.invoke(PESessionLockingStandardPipeline.java:85) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:185) at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:332) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:233) at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:239) at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:791) at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:693) at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:954) at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:170) at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:135) at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:102) at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:88) at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:76) at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:53) at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:57) at com.sun.grizzly.ContextTask.run(ContextTask.java:69) at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:330) at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:309) at java.lang.Thread.run(Thread.java:619) WARNING: RAR8054: Exception while creating an unpooled [test] connection for pool [ testingManagmentDataConnection ], Class name is wrong or classpath is not set for : oracle.jdbc.pool.OracleDataSource WARNING: Can not find resource bundle for this logger. class name that failed: com.sun.gjc.common.DataSourceObjectBuilder does anyone have any ideas what i am doing wrong/ what i will have to do to correct this issue, Thanks for your time Jon

    Read the article

  • multiple-inheritance substitution

    - by Luigi
    I want to write a module (framework specific), that would wrap and extend Facebook PHP-sdk (https://github.com/facebook/php-sdk/). My problem is - how to organize classes, in a nice way. So getting into details - Facebook PHP-sdk consists of two classes: BaseFacebook - abstract class with all the stuff sdk does Facebook - extends BaseFacebook, and implements parent abstract persistance-related methods with default session usage Now I have some functionality to add: Facebook class substitution, integrated with framework session class shorthand methods, that run api calls, I use mostly (through BaseFacebook::api()), authorization methods, so i don't have to rewrite this logic every time, configuration, sucked up from framework classes, insted of passed as params caching, integrated with framework cache module I know something has gone very wrong, because I have too much inheritance that doesn't look very normal.Wrapping everything in one "complex extension" class also seems too much. I think I should have few working togheter classes - but i get into problems like: if cache class doesn't really extend and override BaseFacebook::api() method - shorthand and authentication classes won't be able to use the caching. Maybe some kind of a pattern would be right in here? How would you organize these classes and their dependencies? EDIT 04.07.2012 Bits of code, related to the topic: This is how the base class of Facebook PHP-sdk: abstract class BaseFacebook { // ... some methods public function api(/* polymorphic */) { // ... method, that makes api calls } public function getUser() { // ... tries to get user id from session } // ... other methods abstract protected function setPersistentData($key, $value); abstract protected function getPersistentData($key, $default = false); // ... few more abstract methods } Normaly Facebook class extends it, and impelements those abstract methods. I replaced it with my substitude - Facebook_Session class: class Facebook_Session extends BaseFacebook { protected function setPersistentData($key, $value) { // ... method body } protected function getPersistentData($key, $default = false) { // ... method body } // ... implementation of other abstract functions from BaseFacebook } Ok, then I extend this more with shorthand methods and configuration variables: class Facebook_Custom extends Facebook_Session { public funtion __construct() { // ... call parent's constructor with parameters from framework config } public function api_batch() { // ... a wrapper for parent's api() method return $this->api('/?batch=' . json_encode($calls), 'POST'); } public function redirect_to_auth_dialog() { // method body } // ... more methods like this, for common queries / authorization } I'm not sure, if this isn't too much for a single class ( authorization / shorthand methods / configuration). Then there comes another extending layer - cache: class Facebook_Cache extends Facebook_Custom { public function api() { $cache_file_identifier = $this->getUser(); if(/* cache_file_identifier is not null and found a valid file with cached query result */) { // return the result } else { try { // call Facebook_Custom::api, cache and return the result } catch(FacebookApiException $e) { // if Access Token is expired force refreshing it parent::redirect_to_auth_dialog(); } } } // .. some other stuff related to caching } Now this pretty much works. New instance of Facebook_Cache gives me all the functionality. Shorthand methods from Facebook_Custom use caching, because Facebook_Cache overwrited api() method. But here is what is bothering me: I think it's too much inheritance. It's all very tight coupled - like look how i had to specify 'Facebook_Custom::api' instead of 'parent:api', to avoid api() method loop on Facebook_Cache class extending. Overall mess and ugliness. So again, this works but I'm just asking about patterns / ways of doing this in a cleaner and smarter way.

    Read the article

  • .NET Declarative Security: Why is SecurityAction.Deny impossible to work with?

    - by rally25rs
    I've been messing with this for about a day and a half now sifting through .NET reflector and MSDN docs, and can't figure anything out... As it stands in the .NET framework, you can demand that the current Principal belong to a role to be able to execute a method by marking a method like this: [PrincipalPermission(SecurityAction.Demand, Role = "CanEdit")] public void Save() { ... } I am working with an existing security model that already has a "ReadOnly" role defined, so I need to do exactly the opposite of above... block the Save() method if a user is in the "ReadOnly" role. No problem, right? just flip the SecurityAction to .Deny: [PrincipalPermission(SecurityAction.Deny, Role = "ReadOnly")] public void Save() { ... } Well, it turns out that this does nothing at all. The method still runs fine. It seems that the PrincipalPermissionAttribute defines: public override IPermission CreatePermission() But when the attribute is set to SecurityAction.Deny, this method is never called, so no IPermission object is ever created. Does anyone know of a way to get .Deny to work? I've been trying to make a custom secutiry attribute, but even that doesn't work. I tried to get tricky and do: public class MyPermissionAttribute : CodeAccessSecurityAttribute { private SecurityAction securityAction; public MyPermissionAttribute(SecurityAction action) : base(SecurityAction.Demand) { if (action != SecurityAction.Demand && action != SecurityAction.Deny) throw new ArgumentException("Unsupported SecurityAction. Only Demand and Deny are supported."); this.securityAction = action; } public override IPermission CreatePermission() { // do something based on the SecurityAction... } } Notice my attribute constructor always passes SecurityAction.Demand, which is the one action that would work previously. However, even in this case, the CreatePermission() method is still only called when the attribute is set to .Demand, and not .Deny! Maybe the runtime is actually checking the attribute instead of the SecurityAction passed to the CodeAccessSecurityAttribute constructor? I'm not sure what else to try here... anyone have any ideas? You wouldn't think it would be that hard to deny method access based on a role, instead of only demanding it. It really disturbed me that the default PrincipalPermission appears from within an IDE like it would be just fine doing a .Deny, and there is like a 1-liner in the MSDN docs that hint that it won't work. You would think the PrincipalPermissionAttribute constructor would throw an exception immediately if anything other that .Demand is specified, since that could create a big security hole! I never would have realized that .Deny does nothing at all if I hadn't been unit testing! Again, all this stems from having to deal with an existing security model that has a "ReadOnly" role that needs to be denied access, instead of doing it the other way around, where I cna just grant access to a role. Thanks for any help! Quick followup: I can actually make my custom attribute work by doing this: public class MyPermissionAttribute : CodeAccessSecurityAttribute { public SecurityAction SecurityAction { get; set; } public MyPermissionAttribute(SecurityAction action) : base(action) { } public override IPermission CreatePermission() { switch(this.SecurityAction) { ... } // check Demand or Deny } } And decorating the method: [MyPermission(SecurityAction.Demand, SecurityAction = SecurityAction.Deny, Role = "ReadOnly")] public void Save() { ... } But that is terribly ugly, since I'm specifying both Demand and Deny in the same attribute. But it does work... Another interesting note: My custom class extends CodeAccessSecurityAttribute, which in turn only extends SecurityAttribute. If I cnage my custom class to directly extend SecurityAttribute, then nothing at all works. So it seems the runtime is definately looking for only CodeAccessSecurityAttribute instances in the metadata, and does something funny with the SecurityAction specified, even if a custom constructor overrides it.

    Read the article

  • JSF SSL Hazzard

    - by java beginner
    In my application it is required that only certain pages need to be secured using SSL so I configured it security-constraint> <display-name>Security Settings</display-name> <web-resource-collection> <web-resource-name>SSL Pages</web-resource-name> <description/> <url-pattern>/*.jsp</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection> <user-data-constraint> <description>CONFIDENTIAL requires SSL</description> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> and added filter http://blogs.sun.com/jluehe/entry/how_to_downshift_from_https but only one hazard is there. I am using it with richFaces. Once it goes to HTTPS its not changing the page—I mean if I perform post action it doesn't actually happen. But if I do it from the local machine's browser it works perfectly, from a remote browser it stucks with HTTPS and not changing after that. Here is my web.xml's snap: <filter> <filter-name>MyFilter</filter-name> <filter-class>MyFilter</filter-class> <init-param> <param-name>httpPort</param-name> <param-value>8080</param-value> </init-param> </filter> <filter-mapping> <filter-name>MyFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <security-constraint> <web-resource-collection> <web-resource-name>Protected resource</web-resource-name> <url-pattern>somePattern</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint> and some other filters of richfaces. Problem is strange. If I try to access the web app from local's machine's browser it works fine but in remote machine's browser once it get into HTTP, all the forms of that page aswell as href stops working.(JSF,facelet is used.)

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 286 287 288 289 290 291 292 293 294 295 296 297  | Next Page >