Search Results

Search found 33454 results on 1339 pages for 'access token'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 311/1339 | < Previous Page | 307 308 309 310 311 312 313 314 315 316 317 318  | Next Page >

  • Group / User based security. Table / SQL question

    - by Brett
    Hi, I'm setting up a group / user based security system. I have 4 tables as follows: user groups group_user_mappings acl where acl is the mapping between an item_id and either a group or a user. The way I've done the acl table, I have 3 columns of note (actually 4th one as an auto-id, but that is irrelevant) col 1 item_id (item to access) col 3 user_id (user that is allowed to access) col 3 group_id (group that is allowed to access) So for example item1, peter, , item2, , group1 item3, jane, , so either the acl will give access to a user or a group. Any one line in the ACL table with either have an item - user mapping, or an item group. If I want to have a query that returns all objects a user has access to, I think I need to have a SQL query with a UNION, because I need 2 separate queries that join like.. item - acl - group - user AND item - acl - user This I guess will work OK. Is this how its normally done? Am I doing this the right way? Seems a little messy. I was thinking I could get around it by creating a single user group for each person, so I only ever deal with groups in my SQL, but this seems a little messy as well..

    Read the article

  • Approach for authentication and storing user details.

    - by cappuccino
    Hey folks, I am using the Zend Framework but my question is broadly about sessions / databases / auth (PHP MySQL). Currently this is my approach to authentication: 1) User signs in, the details are checked in database. - Standard stuff really. 2) If the details are correct only the user's unique ID is stored in the session and a security token (user unique ID + IP + Browser info + salt). The session in written to the filesystem. I've been reading around and many are saying that storing stuff in sessions is not a good idea, and that you should really only write a unique ID which refers back to the user's details and a security token to prevent session hijacking. So this is the approach i've taken, i use to write the user's details in session, but i've moved that out. Wanted to know your opinions on this. I'm keeping sessions in the filesystem since i don't run on multiple servers, and since i'm only writting a tiny tiny bit of data to sessions, i thought that performance would be greater keeping sessions in the filesystem to reduce load on the database. Once the session is written on authentication, it really is only read-only from then on. 3) The rest of the user's details (like subscription details, permissions, account info etc) are cached in the filesystem (this can always be easily moved to memory if i wanted even more performance). So rather than keeping the user's details in session, the user's details are cached in the file system. I'm using Zend_Cache and the unique cache id is something like md5(/cache/auth/2892), the number is the unique id of the user. I guess the benefit of this method is that once the user is logged in, there is essentially not database queries being run to get the user's details. Just wonder if this approach is better than keeping the whole lot in session... 4) As the user moves throughout the site the only thing that is checked is the ID in the session and the security token. So, overall the first question is 1) is the filesystem more efficient than a database for this purpose 2) have i taken enough security precautions 3) is separating user detail's from the session into a cached file a pointless task? Thanks.

    Read the article

  • What is wrong with the program

    - by Naveen
    I am getting error for below code: #include "parent_child.h" #include "child_proces.h" int main() { childprocess::childprocess(){} childprocess::~childprocess(){} /* parentchild *cp = NULL; act.sa_sigaction = cp->SignalHandlerCallback; act.sa_flags = SA_SIGINFO; sigaction(SIGKILL, &act, NULL); }*/ printf("Child process\n"); return 0; } ERROR: child_proces.cpp: In function âint main()â: child_proces.cpp:11: error: expected ;' before â{â token child_proces.cpp:12: error: no matching function for call to âchildprocess::~childprocess()â child_proces.h:9: note: candidates are: childprocess::~childprocess() child_proces.cpp:12: error: expected;' before â{â token

    Read the article

  • Should my internal API classes be all in one package?

    - by Chris
    I'm hard at work packaging up an API for public consumption. As such I'm trying to limit the methods that are exposed to only those that I wish to be public and supportable. Underneath this of course there are a multitude of limited access methods. The trouble is that I have a lot of internal code that needs to access these restricted methods without making those methods public. This creates two issues: I can't create interfaces to communicate between classes as this would make these my internal methods public. I can't access protected or default methods unless I put the majority of my internal classes in the same package. So, I have around 70 or 80 internal classes in cleanly segregated packages BUT with overly permissive access modifiers. Would you say that a single package is the lesser of two evils or is there a better way to be able to mask my internal methods whilst keeping more granular packages? I'd be interested to find out the best practice here. I'm already aware of This

    Read the article

  • how to customize NSTokenField like in "To/ CC" fields in mac mail?

    - by Miraaj
    Hi all, I am able to work with NSTokenField, it is easy to use.. but I want your suggestions on how can I customize it just like it is in "To/ CC" fields in mac mail ie. when no. of tokens in a token field increases height of "To" field gets increased to a certain limit then a vertical scroller starts appearing! By default when we use a token field neither its height gets increased nor a vertical scroller appears! I tried different combinations in IB but I could not obtain mac mail like functionality. Can anyone suggest me some solution for it?? Thanks, Miraaj

    Read the article

  • PHP code cannot see query string param on return in Facebook oAuth flow

    - by TMC
    I am doing some integration with Facebook Open Graph using their oAuth flow and having issues with parsing query string parameters they return. On my callback URL, they pass back an "access_token" parameter with a hash (#). so the callback would be: http://mydomain.com/callback.php#access_token=foobar123 where foobar123 is my access token I'm trying to parse out. However, no matter what I do, my PHP code cannot see if and I've done every debug trick I know (even using phpinfo() to go through everything). The URL is stated only as http://mydomain.com/callback.php. It's as if the rest of the URL isn't really there! This code returns nothing: $token = $_REQUEST['access_token']; Any help would be greatly appreciated... I'm obviously missing something simple.

    Read the article

  • WCF cross-domain policy security error

    - by George2
    Hello everyone, I am using VSTS 2008 + C# + WCF + .Net 3.5 + Silverlight 3.0. I host Silverlight control in an html page and debug it from VSTS 2008 (press F5, then run in VSTS 2008 built-in ASP.Net development web server), then call another WCF service (hosted in another machine running IIS 7.0 + Vista). The WCF service is very simple, just return a constant string to client. When invoking the WCF service from Silverlight, I got the following error message, An error occurred while trying to make a request to URI 'https://LabTest/Test.svc'. This could be due to attempting to access a service in a cross-domain way without a proper cross-domain policy in place, or a policy that is unsuitable for SOAP services. You may need to contact the owner of the service to publish a cross-domain policy file and to ensure it allows SOAP-related HTTP headers to be sent. This error may also be caused by using internal types in the web service proxy without using the InternalsVisibleToAttribute attribute. Please see the inner exception for more details. Here is the clientaccesspolicy.xml file, anything wrong? <?xml version="1.0" encoding="utf-8" ?> <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers="*"> <domain uri="*"> </domain> </allow-from> <grant-to> <resource path="/" include-subpaths="true"></resource> </grant-to> </policy> </cross-domain-access> </access-policy> thanks in advance, George

    Read the article

  • python: strange behavior about exec statement

    - by ifocus
    exec statement: exec code [ in globals[, locals]] When I execute the following code in python, the result really confused me. Some of the variables were setup into the globals, some were setup into the locals. s = """ # test var define int_v1 = 1 list_v1 = [1, 2, 3] dict_v1 = {1: 'hello', 2:'world', 3:'!'} # test built-in function list_v2 = [float(x) for x in list_v1] len_list_v1 = len(list_v1) # test function define def func(): global g_var, list_v1, dict_v1 print 'access var in globals:' print g_var print 'access var in locals:' for x in list_v1: print dict_v1[x] """ g = {'__builtins__': __builtins__, 'g_var': 'global'} l = {} exec s in g, l print 'globals:', g print 'locals:', l exec 'func()' in g, l the result in python2.6.5: globals: {'__builtins__': <module '__builtin__' (built-in)>, 'dict_v1': {1: 'hello', 2: 'world', 3: '!'}, 'g_var': 'global', 'list_v1': [1, 2, 3]} locals: {'int_v1': 1, 'func': <function func at 0x00ACA270>, 'x': 3, 'len_list_v1': 3, 'list_v2': [1.0, 2.0, 3.0]} access var in globals: global access var in locals: hello world ! And if I want to setup all variables and functions into the locals, and keep the rights of accessing the globals. How to do ?

    Read the article

  • Other SecurityManager implementations available?

    - by mhaller
    Is there any other implementation (e.g. in an OSS project) of a Java SecurityManager available which has more features than the one in the JDK? I'm looking for features like configurable at runtime policies updateable at runtime, read from other data sources than a security.policy file Thread-aware, e.g. different policies per Thread Higher-level policies, e.g. "Disable network functions, but allow JDBC traffic" Common predefined policies, e.g. "Allow read-access to usual system properties like file.encoding or line.separator, but disallow read-access to user.home" Monitoring and audit trace logging, e.g. "Log all file access, log all network access going NOT to knownhost.example.org" Blocking jobs "requesting" a permission until an administrator grants permission, letting the thread/job continue ... I'm pretty sure that application servers (at least the commercial ones) have their own SecurityManager implementation or at least their own policy configuration. I'm wondering if there is any free project with similar requirements.

    Read the article

  • IIS and Windows 7

    - by xscape
    Hi, Im trying to host my wcf service to IIS. However when I click Basic Settings and Click Test Settings, it has an error. The server is configured to use pass-through authentication with a built-in account to access the specified physical path. However, IIS Manager cannot verify whether the built-in account has access. Make sure that the application pool identity has Read access to the physical path. If this server is joined to a domain, and the application pool identity is NetworkService or LocalSystem, verify that \$ has Read access to the physical path. Then test these settings again. The version of my IIS is 7.5.7600.16385 and my OS is Windows 7

    Read the article

  • How created method with signature as List

    - by London
    Hi all, I'm very new to Java programming language so this is probably dumb question but I have to ask it because I can't figure it out on my own. Here is the deal. I want to create method which extracts certain object type from a list. So the method should receive List as argument, meaning list should contain either Object1 or Object2. I've tried like this : public Object1 extractObject(List<?>){ //some pseudo-code ... loop trough list and check if list item is instance of object one return that instance } The problem with declaring method with List<?> as method argument is that I receive compilation error from eclipse Syntax error on token ">", VariableDeclaratorId expected after this token. How do I set the method signature properly to accept object types either Object1 or Object2 ? Thank you

    Read the article

  • Disallow private constructor invocation in friend function

    - by user2907032
    Is there any way to not allow private construction in friend function, In case we do have private constructor with friend function in our class. Only Static method should be responsible for object creation and other than this compiler should flash error message #include <iostream> #include <memory> using namespace std; class a { public: void see () { cout<<"Motimaa"; } static a& getinstance() { static a instance; return instance; } private: a() {}; friend void access(); }; void access () { a obj; obj.see();//still friend function can access } int main() { a::getinstance().see(); access(); return 1; }

    Read the article

  • Get UserToken from Logon ID (LUID) (C++)

    - by strDisplayName
    Hey Everybody I'm trying to understand better how windows sessions work, so if I have some weird mistakes in the question, please, let me know :-) . I use LsaEnumerateLogonSessions() to get all the logged on sessions in the system. Now I have LUID that represents a log-on, and if I understand correctly, it represents a user that logged on or a build it user like SYSTEM. Now, if user X starts a process, windows gives that process a token that represents X. So here comes my question: Is there a way (in a windows service) to get the user's token from LUID? I know I can get it from a process HANDLE, but that is not what I want... Thanks a lot!

    Read the article

  • Making a relevant search of text in database using regex

    - by madphp
    Can anyone tell me how I could count the possible instances of a keyword in a block of text? I've split a search term up into separate tokens, so just need to run through and do a count for every instance and removing punctuation or other special characters when making the count. Secondly, if someone has inserted search terms surrounded by double quotes, i want to be able to skip explode, but just count instances of that exact phrase. It doesn't have to be case sensitive and I would like to remove punctuation from the phrase when doing the count. Thirdly, in both cases i want to be able to ignore wordpress and html tags. Lastly, if anyone know any good tutorials for relevant searches that answer the questions above, that would cool too. I've got this far. $results = $wpdb->get_results($sql); $tokens = explode('search_terms'); // Re-arrange Relevant Results foreach ($results As $forum_topic){ foreach($tokens As $token){ // count tokens in topic_title if ($token ){ } } }

    Read the article

  • can this code be broken?

    - by user105165
    Consider the below html string <p>This is a paragraph tag</p> <font>This is a font tag</font> <div>This is a div tag</div> <span>This is a span tag</span> This string is processed to tokanize the text found in it and we get 2 results as below 1) Token Array : $tokenArray == array( 'This is a paragraph tag', 'This is a div tag', '<font>This is a font tag</font>', '<span>This is a span tag</span>' ); 2) Tokenized template : $templateString == "<p>{0}</p>{2}<div>{1}</div>{3}"; If you observe, the sequence of the text strings segments from the original HTML strings is different from the tokenized template The PHP code below is used to order the tokenized template and accordingly the token array to match the original html string class CreateTemplates { public static $tokenArray = array(); public static $tokenArrayNew = array(); function foo($templateString,$tokenArray) { CreateTemplates::$tokenArray = $tokenArray; $ptn = "/{[0-9]*}*/"; // Search Pattern from the template string $templateString = preg_replace_callback($ptn,array(&$this, 'callbackhandler') ,$templateString); // function call return $templateString; } // Function defination private static function callbackhandler($matches) { static $newArr = array(); static $cnt; $tokenArray = CreateTemplates::$tokenArray; array_push($newArr, $matches[0]); CreateTemplates::$tokenArrayNew[count($newArr)] = $tokenArray[substr($matches[0],1,(strlen($matches[0])-2))]; $cnt = count($newArr)-1; return '{'.$cnt.'}'; } // function ends } // class ends Final output is (ordered template and token array) $tokenArray == array('This is a paragraph tag', '<font>This is a font tag</font>', 'This is a div tag', '<span>This is a span tag</span>' ); $templateString == "<p>{0}</p>{1}<div>{2}</div>{3}"; Which is the expected result. Now, I am not confident whether this is the right way to achieve this. I want to see how this code can be broken or not. Under what conditions will this code break? (important) Is there any other way to achieve this? (less important)

    Read the article

  • how to allow unamed user in svn authz file?

    - by dtrosset
    I have a subversion server running with apache. It authenticates users using LDAP in apache configuration and uses SVN authorizations to limit user access to certain repositories. This works perfectly. Apache DAV svn SVNParentPath /srv/svn SVNListParentPath Off SVNPathAuthz Off AuthType Basic AuthName "Subversion Repository" AuthBasicProvider ldap AuthLDAPBindDN # private stuff AuthLDAPBindPassword # private stuff AuthLDAPURL # private stuff Require valid-user AuthzSVNAccessFile /etc/apache2/dav_svn.authz Subversion [groups] soft = me, and, all, other, developpers Adding anonymous access from one machine Now, I have a service I want to setup (rietveld, for code reviews) that needs to have an anonymous access to the repository. As this is a web service, accesses are always done from the same server. Thus I added apache configuration to allow all accesses from this machine. This did not work until I add an additional line in the authorization file to allow read access to user -. Apache <Limit GET PROPFIND OPTIONS REPORT> Order allow,deny Allow from # private IP address Satisfy Any </Limit> Subversion [Software:/] @soft = rw - = r # <-- This is the added line For instance, before I add this, all users were authenticated, and thus had a name. Now, some accesses are done without a user name! I found this - user name in the apache log files. But does this line equals to * = r that I absolutely do not want to enable, or does it only allows the anonymous unnamed user (that is allowed access only from the rietveld server)?

    Read the article

  • [Rails] HTTP Get Request

    - by Karl
    I've been trying to get Rails to play with the new Facebook Graph API. After I get the authorization "code", I need to send another request which returns the access token in JSON form. It seems to work fine, however I want to fetch the access token JSON without redirecting the user. I'm attempting to use Net::HTTP.get, but I'm not sure how to use it to get a request body, or even if it's the right thing to use to begin with. Can anyone give an example of performing an HTTP GET?

    Read the article

  • Serializing JSON string to object

    - by user1476075
    I am trying to parse through a JSON string and convert it to the following POJO: package apicall; //POJO representation of OAuthAccessToken public class OAuthAccessToken { private String tokenType; private String tokenValue; public OAuthAccessToken(String tokenType,String tokenValue) { this.tokenType=tokenType; this.tokenValue=tokenValue; } public String toString() { return "tokenType="+tokenType+"\ntokenValue="+tokenValue; } public String getTokenValue() { return tokenValue; } public String getTokenType() { return tokenType; } } In order to do this I have written the following code: Gson gson=new Gson(); String responseJSONString="{\"access_token\" : \"2YotnFZFEjr1zCsicMWpAA\",\"token_type\" : \"bearer\"}"; OAuthAccessToken token=gson.fromJson(responseJSONString, OAuthAccessToken.class); System.out.println(token); When I run the code, I get the following output: tokenType=null tokenValue=null Instead of tokenType=bearer tokenValue=2YotnFZFEjr1zCsicMWpAA I dont understand if there's anything I've done wrong. Please help.

    Read the article

  • Excel 2007 - Worksheet is larger than the window

    - by Chris
    Hi This is an odd problem but frustrating none the less. I have a worksheet saved which is larger than the Excel 2007 "workarea". This means when I open the worksheet I cannot access the corners of the worksheet to reduce the size and the worksheets title bar area (with move,size,minimise etc) is hidden beneath the ribbon , even if I remove the ribbon , I still can't see the title bar. In Excel 2003 I've had a similar effect but I've always been able to hit the "alt" key to access the "Move" option. However in Excel 2007 , hitting "alt" brings up some shortcuts for the ribbon etc but I can't access the worksheet options. Has anyone else know how to access the worksheet drop down when this happens?

    Read the article

  • running same query in different databases

    - by user316833
    I wrote a query that I want to run in several access databases. I have 1000+ access databases with the same tables (same names, same fields). So far, I have been manually copying this query from a txt file to the sql view in the access query design screen for each database and then run it. I did not need to change the query language - everything is the same for the 1000 databases. Is there a way to automate this?

    Read the article

  • C++ vector and segmentation faults

    - by Headspin
    I am working on a simple mathematical parser. Something that just reads number = 1 + 2; I have a vector containing these tokens. They store a type and string value of the character. I am trying to step through the vector to build an AST of these tokens, and I keep getting segmentation faults, even when I am under the impression my code should prevent this from happening. Here is the bit of code that builds the AST: struct ASTGen { const vector<Token> &Tokens; unsigned int size, pointer; ASTGen(const vector<Token> &t) : Tokens(t), pointer(0) { size = Tokens.size() - 1; } unsigned int next() { return pointer + 1; } Node* Statement() { if(next() <= size) { switch(Tokens[next()].type) { case EQUALS : Node* n = Assignment_Expr(); return n; } } advance(); } void advance() { if(next() <= size) ++pointer; } Node* Assignment_Expr() { Node* lnode = new Node(Tokens[pointer], NULL, NULL); advance(); Node* n = new Node(Tokens[pointer], lnode, Expression()); return n; } Node* Expression() { if(next() <= size) { advance(); if(Tokens[next()].type == SEMICOLON) { Node* n = new Node(Tokens[pointer], NULL, NULL); return n; } if(Tokens[next()].type == PLUS) { Node* lnode = new Node(Tokens[pointer], NULL, NULL); advance(); Node* n = new Node(Tokens[pointer], lnode, Expression()); return n; } } } }; ... ASTGen AST(Tokens); Node* Tree = AST.Statement(); cout << Tree->Right->Data.svalue << endl; I can access Tree->Data.svalue and get the = Node's token info, so I know that node is getting spawned, and I can also get Tree->Left->Data.svalue and get the variable to the left of the = I have re-written it many times trying out different methods for stepping through the vector, but I always get a segmentation fault when I try to access the = right node (which should be the + node) Any help would be greatly appreciated.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 307 308 309 310 311 312 313 314 315 316 317 318  | Next Page >