Blue Coat Backing Armored Browser
Networking and security firm offers commercial support for Quaresso, a startup offering a new spin on the armored browser with remote support to shore up the last mile.
Search Results
Search found 15415 results on 617 pages for 'security groups'.
Page 291/617 | < Previous Page | 287 288 289 290 291 292 293 294 295 296 297 298 | Next Page >
-
-
WIF, ADFS 2 and WCF–Part 2: The Service
- by Your DisplayName here!
OK – so let’s first start with a simple WCF service and connect that to ADFS 2 for authentication. The service itself simply echoes back the user’s claims – just so we can make sure it actually works and to see how the ADFS 2 issuance rules emit claims for the service: [ServiceContract(Namespace = "urn:leastprivilege:samples")] public interface IService { [OperationContract] List<ViewClaim> GetClaims(); } public class Service : IService { public List<ViewClaim> GetClaims() { var id = Thread.CurrentPrincipal.Identity as IClaimsIdentity; return (from c in id.Claims select new ViewClaim { ClaimType = c.ClaimType, Value = c.Value, Issuer = c.Issuer, OriginalIssuer = c.OriginalIssuer }).ToList(); } } The ViewClaim data contract is simply a DTO that holds the claim information. Next is the WCF configuration – let’s have a look step by step. First I mapped all my http based services to the federation binding. This is achieved by using .NET 4.0’s protocol mapping feature (this can be also done the 3.x way – but in that scenario all services will be federated): <protocolMapping> <add scheme="http" binding="ws2007FederationHttpBinding" /> </protocolMapping> Next, I provide a standard configuration for the federation binding: <bindings> <ws2007FederationHttpBinding> <binding> <security mode="TransportWithMessageCredential"> <message establishSecurityContext="false"> <issuerMetadata address="https://server/adfs/services/trust/mex" /> </message> </security> </binding> </ws2007FederationHttpBinding> </bindings> This binding points to our ADFS 2 installation metadata endpoint. This is all that is needed for svcutil (aka “Add Service Reference”) to generate the required client configuration. I also chose mixed mode security (SSL + basic message credential) for best performance. This binding also disables session – you can control that via the establishSecurityContext setting on the binding. This has its pros and cons. Something for a separate blog post, I guess. Next, the behavior section adds support for metadata and WIF: <behaviors> <serviceBehaviors> <behavior> <serviceMetadata httpsGetEnabled="true" /> <federatedServiceHostConfiguration /> </behavior> </serviceBehaviors> </behaviors> The next step is to add the WIF specific configuration (in <microsoft.identityModel />). First we need to specify the key material that we will use to decrypt the incoming tokens. This is optional for web applications but for web services you need to protect the proof key – so this is mandatory (at least for symmetric proof keys, which is the default): <serviceCertificate> <certificateReference storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectDistinguishedName" findValue="CN=Service" /> </serviceCertificate> You also have to specify which incoming tokens you trust. This is accomplished by registering the thumbprint of the signing keys you want to accept. You get this information from the signing certificate configured in ADFS 2: <issuerNameRegistry type="...ConfigurationBasedIssuerNameRegistry"> <trustedIssuers> <add thumbprint="d1 … db" name="ADFS" /> </trustedIssuers> </issuerNameRegistry> The last step (promised) is to add the allowed audience URIs to the configuration – WCF clients use (by default – and we’ll come back to this) the endpoint address of the service: <audienceUris> <add value="https://machine/soapadfs/service.svc" /> </audienceUris> OK – that’s it – now we have a basic WCF service that uses ADFS 2 for authentication. The next step will be to set-up ADFS to issue tokens for this service. Afterwards we can explore various options on how to use this service from a client. Stay tuned… (if you want to have a look at the full source code or peek at the upcoming parts – you can download the complete solution here)Read the article
-
java webservice requires usernametoken over basichttpbinding (3 replies)
I need to call a Java webservice. I can add a service reference without problems, and I get Intellisense in Visual Studio. However, when I try to call a service method I get an error message saying "Missing (user) Security Information". I n my code I try to set usercredentials: testWS.WarrantyClaimServiceClient svc new TestClient.testWS.WarrantyClaimServiceClient(); svc.ClientCredentials.UserName....Read the article
-
U of T sleuths track Internet espionage ring to China
<b>The Star:</b> "A massive cyber espionage network has infiltrated the Indian government and also hacked into a year's worth of the Dalai Lama's emails, according to a team of computer security experts co-led by University of Toronto researchers."Read the article
-
Skype does not save user configuration
- by varsketiz
On Ubuntu 10.10, I have recently started to experience this problem: For some reason Skype won't save any settings except "Sign in on startup". When Skype starts and tries to sign in it is unsuccessful (it shows incorrect password, in red) every time (I have provided the correct password). I always have to click to show contacts in groups, it does not remember it. Every time I have to go to options and update some notification settings. I know all these things should be "remembered" by Skype - this problem started only recently. I don't recall fiddling with any permissions that could have likely caused that. Do you know what the problem might be? I uninstalled (marking for complete configuration removal) and re-installed Skype, but it still remembers my username (why??). Can I find Skype configuration files on the filesystem somewhere and change permissions for them - or even better - edit the files to set what I want?Read the article
-
Today is Content Catalog Day
- by oracletechnet
Announced earlier today by the Oracle OpenWorld blog: It’s what you’ve been waiting for. The Oracle OpenWorld Content Catalog—the central repository for information on sessions, demos, labs, user groups, exhibitors, and more—is live. Right now. In the Content Catalog you can search on tracks, session types, session categories, keywords, and tags. Or, you can search for your favorite speakers to see what they’re presenting this year. And, directly from the catalog, you can share sessions you’re interested in with friends and colleagues through a broad array of social media channels. Start checking out Oracle OpenWorld content now to plan your week at the conference. Then you’ll be ready to sign up for all of your sessions in mid-July when the scheduling tool goes live. Thinking of cross-registering for JavaOne? The JavaOne Content Catalog is also live at this very minute so you can see what great content is on offer there. So start catalog surfing!Read the article
-
Managing accounts on a private website for a real-life community
- by Smudge
Hey Pro Webmasters, I'm looking at setting-up a walled-in website for a real-life community of people, and I was wondering if anyone has any experience with managing member accounts for this kind of thing. Some conditions that must be met: This community has a set list of real-life members, each of whom would be eligible for one account on the website. We don't expect or require that they all sign-up. It is purely opt-in, but we anticipate that many of them would be interested in the services we are setting up. Some of the community members emails are known, but some of them have fallen off the grid over the years, so ideally there would be a way for them to get back in touch with us through the public-facing side of the site. (And we'd want to manually verify the identity of anyone who does so). Their names are known, and for similar projects in the past we have assigned usernames derived from their real-life names. This time, however, we are open to other approaches, such as letting them specify their own username or getting rid of usernames entirely. The specific web technology we will use (e.g. Drupal, Joomla, etc) is not really our concern right now -- I am more interested in how this can be approached in the abstract. Our database already includes the full member roster, so we can email many of them generated links to a page where they can create an account. (And internally we can require that these accounts be paired with a known member). Should we have them specify their own usernames, or are we fine letting them use their registered email address to log-in? Are there any paradigms for walled-in community portals that help address security issues if, for example, one of their email accounts is compromised? We don't anticipate attempted break-ins being much of a threat, because nothing about this community is high-profile, but we do want to address security concerns. In addition, we want to make the sign-up process as painless for the members as possible, especially given the fact that we can't just make sign-ups open to anyone. I'm interested to hear your thoughts and suggestions! Thanks!Read the article
-
Week in Geek: Google Finds 9,500 New Malicious Websites Per Day
- by Asian Angel
Our last edition of WIG for June is filled with news link goodness covering topics such as a new printer bomb malware that wastes reams of paper, Google bars a website that converts YouTube songs into MP3s, Ubuntu plans to drop GRUB 2 to implement UEFI SecureBoot compatibility, and more. Image courtesy of Google Online Security Blog. How to Make Your Laptop Choose a Wired Connection Instead of Wireless HTG Explains: What Is Two-Factor Authentication and Should I Be Using It? HTG Explains: What Is Windows RT and What Does It Mean To Me?Read the article
-
Week in Geek: Forced Facebook E-mail Changes are Altering Address Books, Causing Lost Mail
- by Asian Angel
Our first edition of WIG for July is filled with news link goodness covering topics such as why Microsoft killed the Start Button in Windows 8, how to outsmart websites trying to get you to pay top dollar, OS X Mountain Lion will check daily for security updates, and more. How to Banish Duplicate Photos with VisiPic How to Make Your Laptop Choose a Wired Connection Instead of Wireless HTG Explains: What Is Two-Factor Authentication and Should I Be Using It?Read the article
-
CVE-2010-2761 Code Injection Vulnerability in Perl
- by Umang_D
CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2010-2761 Improper Control of Generation of Code ('Code Injection') vulnerability 4.3 Perl Solaris 9 Contact Support Solaris 10 SPARC : 146032-05 x86 : 146033-05 This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.Read the article
-
Warning: Why your Internet might fail on May 5
<b>IT News:</b> "On May 5, the world's top domain authorities (led by ICANN, the US Government and Verisign) will complete the first phase of the roll-out of DNSSEC (Domain Name System Security Extensions) across the 13 root servers that direct user requests to the relevant websites on the internet."Read the article
-
Warning: Why your Internet might fail on May 5
<b>IT News:</b> "On May 5, the world's top domain authorities (led by ICANN, the US Government and Verisign) will complete the first phase of the roll-out of DNSSEC (Domain Name System Security Extensions) across the 13 root servers that direct user requests to the relevant websites on the internet."Read the article
-
WebCenter Customer Spotlight: SICE
- by me
Author: Peter Reiser - Social Business Evangelist, Oracle WebCenter Solution SummarySociedad Ibérica de Construcciones Eléctricas, S.A. (SICE) is a Spanish company specializes in engineering and technology integration for intelligent transport systems and environmental control systems. They had a large quantity of engineering and environmental planning documents which they wanted to manage, classify and integrate with their existing enterprise resource planning (ERP) system. SICE adapted Oracle WebCenter Content to classify and manage more than 30 different types, defined a security plan to ensure the integrity and recovery of various document types and integrated the document management solution with SICE’s third-party enterprise resource planning (ERP) system. SICE accelerated time to market for all projects, minimized time required to identify and recover documents and achieved greater efficiency in all operations. Company Overview Created in 1921, Sociedad Ibérica de Construcciones Eléctricas, S.A. (SICE) currently specializes in engineering and technology integration for intelligent transport systems and environmental control systems. It has more than 2,500 employees, with operations in Spain and various locations in Latin America, the United States, Africa, and Australia. Business Challenges They had a large quantity of engineering and environmental planning documents generated in research and projects which they wanted to manage, classify and integrate with their existing enterprise resource planning (ERP) system. Solution Deployed SICE worked with the Oracle Partner ABAST Solutions to evaluate and choose the best document management system, ultimately selecting Oracle WebCenter Content over other options including Documentum, SharePoint, OpenText, and Alfresco.They adapted Oracle WebCenter Content to classify and manage more than 30 different types, defined a security plan to ensure the integrity and recovery of various document types and integrated the document management solution with SICE’s third-party enterprise resource planning (ERP) system to accelerate incorporation with the documentation system and ensure integrity ERP system data. Business Results SICE accelerated time to market for all projects by releasing reports and information that support and validate engineering projects, stored all documents in a single repository with organizationwide accessibility, minimizing time required to identify and recover documents needed for reports to initiate and execute engineering and building projects. Overall they achieved greater efficiency in all operations, including technical and impact report development and construction documentation management. “The correct and efficient management of information is vital to our environmental management activity. Oracle WebCenter Content serves as a basis for knowledge management practices, with the objective of adding greater value to everything that we do.” Manuel Delgado, IT Project Engineering, Sociedad Ibérica de Construcciones Eléctricas, S.A Additional Information SICE Customer Snapshot Oracle WebCenter ContentRead the article
-
Approaching events #mstc11 #ppws #sqlbits
- by Marco Russo (SQLBI)
The spring season is always full of events and I’m just preparing for a number of them. First of all, we are getting very good interest for the PowerPivot Workshop in Copenhagen on 21-22 March 2011. Tomorrow (Friday March 4) will be the last day to take advantage of the Early Bird rate for this date. We will also participate to an evening meeting of local user groups on March 21 in Copenhagen, more news about this in the next few days. Other scheduled dates are in Dublin (28-29 March 2011) and in...(read more)Read the article
-
Should we use an outside CMS?
- by SomeKittens
I work at a web design/development shop. Everything we do is centered around the Joomla! CMS. I'm a bit worried-if anything goes wrong with Joomla (major security flaw revealed, Joomla folds and ceases development) we're sunk. I'm meeting with the CEO to plan the next few steps for our company. Should I recommend that we create our own in-house CMS or am I just being paranoid about a single point of failure?Read the article
-
Critical Patch Updates During EBS 11i Exception to Sustaining Support Period
- by Elke Phelps (Oracle Development)
As previously blogged in the EBS 11i and 12.1 Support Timeline Changes entry, two important changes to the Oracle Lifetime Support policies were announced at Oracle OpenWorld 2012 - San Francisco. These changes affect E-Business Suite Releases 11i and 12.1. Critical Patch Updates for EBS 11i during the Exception to Sustaining Support Period You may be wondering about the availability of Critical Patch Updates (CPU) for EBS 11i during the Exception to Sustaining Support period. The following details the E-Business Suite Critical Patch Update support policy for EBS 11i during the Exception to Sustaining Support period: Oracle will continue to provide CPUs containing critical security fixes for E-Business Suite 11i. CPUs will be packaged and released as as cumulative patches for both ATG RUP 6 and ATG RUP 7. As always, we try to minimize the number of patches and dependencies required for uptake of a CPU; however, there have been quite a few changes to the 11i baseline since its release. For dependency reasons the 11i CPUs may require a higher number of files in order to bring them up to a consistent, stable, and well tested level. EBS 11i customer will continue to receive CPUs up to and including the October 2014 CPU. Where can I learn more? There are two interlocking policies that affect the E-Business Suite: Oracle's Lifetime Support policies for each EBS release (timelines which were updated by this announcement), and the Error Correction Support policies (which state the minimum baselines for new patches). For more information about how these policies interact, see: Understanding Support Windows for E-Business Suite Releases What about E-Business Suite technology stack components? Things get more complicated when one considers individual techstack components such as Oracle Forms or the Oracle Database. To learn more about the interlocking EBS+techstack component support windows, see these two articles: On Apps Tier Patching and Support: A Primer for E-Business Suite Users On Database Patching and Support: A Primer for E-Business Suite Users Where can I learn more about Critical Patch Updates?The Critical Patch Update Advisory is the starting point for relevant information. It includes a list of products affected, pointers to obtain the patches, a summary of the security vulnerabilities, and links to other important documents. Related Articles EBS 11i and 12.1 Support Timeline Changes Frequently Asked Questions about Latest EBS Support Changes Extended Support Fees Waived for E-Business Suite 11i and 12.0Read the article
-
How Secure Are Your ID Cards From Counterfeiting
ID cards are increasingly used by organizations as a key component of their security infrastructure. As such, there is an increasing concern that ID cards are secure so that they can NOT be fraudulen... [Author: Edmond Shi - Computers and Internet - May 23, 2010]Read the article
-
Bring the Windows 8 'Start Menu' back!
- by ihaynes
I've been using the the Windows 8 RTM from MSDN for a week but the more of my normal software I load onto the machine the more awkward it becomes using the new 'Metro' (yes I know that name is now not used) 'Start' screen. Yes, you can oraganise your programs in groups, or you can add them to the Quick Launch bar, or you can create alphabetic folders on the desktop but sorry Microsoft, none of these are as logical as the alphabetic Start menu of previous Windows versions.Fortunately the good people at Stardock have a solution in 'Start8', which brings the Start Menu we know and love back to Windows 8. It's still in Beta and the current one runs out in October. I'm looking forward to the final release and like lots of other users, I'll be happy to pay for this.Lets hope Microsoft either reinstate the Start Menu in the first service pack or gives us a usable alternative. In the meantime, here's an excellent solution.http://www.stardock.com/products/start8/Read the article
-
The Best Articles for Using and Customizing Windows 8
- by Lori Kaufman
Now that Windows 8 Enterprise is available to the public as a 90-day evaluation and Windows 8 Pro is available for Microsoft TechNet subscribers, we decided to collect links to the Windows 8 articles we’ve published since the release of the Developer Preview. How To Switch Webmail Providers Without Losing All Your Email How To Force Windows Applications to Use a Specific CPU HTG Explains: Is UPnP a Security Risk?Read the article
-
CVE-2012-0882 Buffer Overflow vulnerability in yaSSL
- by Umang_D
CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2012-0882 Buffer overflow vulnerability 7.5 yaSSL MySQL 5.1 5.1.62 MySQL 5.5 5.5.22 This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.Read the article
-
Google I/O 2012 - Writing Secure Web Apps and Chrome Extensions
Google I/O 2012 - Writing Secure Web Apps and Chrome Extensions Jorge Lucangeli Obes Today, a carefully developed web app can boast a high level of security, by taking advantage of several technologies: HTML5, CSP, NaCl, and the Chrome extension framework. The objective of this session is to show how these technologies allow a developer to create a web app that rivals or exceeds a desktop app in features, while remaining more secure than its desktop counterpart. For all I/O 2012 sessions, go to developers.google.com From: GoogleDevelopers Views: 46 1 ratings Time: 56:16 More in Science & TechnologyRead the article
-
Débat Java : Quelles sont les limites du framework Web Apache Wicket ? Confrontez vos points de vue
Bonjour Bien qu'appréciant beaucoup wicket, il n'en est pas moins que ce framework présente des limites. C'est d'ailleurs l'intitulé d'un post sur "Tom's Quest" : les limites de Wicket. Les points évoqués sont (le détail sur le blog):Le markup n'est pas toujours prévisualisable Wicket ne tient pas la charge Tester une application Wicket est difficile Les URLs générées sont moches Spring Security s'intègre mal à Wicket Wicket n'est pas un framework managé Wicket n'est pas outillé L'intégrable avec des frameworks JavaScript est difficile A noter que l'auteur ne fait pas que lister d'...Read the article
-
Using only password to authenticate user (no "username" field)
- by Guy
I am creating a client access system, to allow manage invoices, make payments, access information about their products and information/functionality alike. Supposedly there are less than 1000 clients. Would there be any security threat to use only password (UUID v4 strings) to authenticate user? My thoughts: There is virtually no probability of collision or success with brute-force attack. http://en.wikipedia.org/wiki/UUID#Random%5FUUID%5Fprobability%5Fof%5Fduplicates User friendly (one click go) It is not intended to be rememberedRead the article
-
New Solaris 11 book available
- by user12611852
A new Solaris 11 book is now available. Congratulations to my colleague in the Oracle Public Sector Hardware sales organization "Dr. Cloud" Harry Foxwell and his co-writers on publishing Oracle Solaris 11 System Administration The Complete Reference Table of contents 1 The Basics of Solaris 11 2 Prepare a System for Solaris3 Installation Options4 Alternative Installations for Enterprise5 The Solaris Graphical Desktop Environment6 The Service Management Facility7 Solaris Package Management "Image Packaging System"8 Solaris at the Command Line9 File systems and ZFS10 Customize the Solaris Shells11 Users and Groups HF12 Solaris 11 Security13 Basic System Performance Tuning14 Solaris Virtualization15 Print Management16 DNS and DHCP17 Mail Services18 Mgmt of Trusted Extensions19 The Network File System 20 The FTP Server21 Solaris and Samba 22 Apache and the Web Stack Buy one todayRead the article
-
Play videos with libwebkit in Ubuntu 11.10 server
- by Luis Fagundes
I'm using libwebkit (with python-webkit) to render a page that plays a video. This application works fine in a Ubuntu 11.04 Desktop, Nvidia card and lots of libraries and software installed, but in a fresh Ubuntu 11.10 Server with intel 82945G/GZ card the video does not play. I guess either some codec package is missing or it's a driver problem. What could be missing for this to play? I'm trying with this video: http://video.eustasy.co.uk/480/ EDIT: doesn't look like a driver problem. With chromium I can play the video, but with libwebkit + python-webkit the video just shows the first frame and doesn't play. Any hints on what package could be missing? SOLVED: apparently it had to do with lack of audio. While chrome would play the video with no sound, libwebkit wouldn't start video. Adding user to audio and video groups solved the problem.Read the article
