Search Results

Search found 18563 results on 743 pages for 'url'.

Page 318/743 | < Previous Page | 314 315 316 317 318 319 320 321 322 323 324 325  | Next Page >

• Merging XMLTextReaders in C#

  - by smithchelluk

  I have a website that needs to pull information from two diffferent XML data sources. Originally I only need to get the data from one source so I was building a URL in the backend that went and retrieved the data from the XML site and then parsed and rendered it in the front end of the website. Now I have to use a 2nd data source and merge the result sets (which are identically structured XML) into one result set. Here is the code I am currently using to get one XML feed. sUrl = sbUrl.ToString(); //The URL for the XML feed XmlDocument xDoc = new XmlDocument(); StringBuilder oBuilder = new StringBuilder(); //The parsed HTML output XmlTextReader oXmlReader = new XmlTextReader(sUrl); oXmlReader.Read(); xDoc.Load(oXmlReader); XmlNodeList List = xDoc.GetElementsByTagName("result"); foreach (XmlNode node in List) { XmlElement key = (XmlElement)node; //BUILD THE OUTPUT HERE } Thanks in advance for your help.

  Read the article

• MySQL: searh by host name in field containing urls

  - by Silver Light

  Hello! I have this database table: id | url ----------------------------------------- 1 | http://stackoverflow.com/ 2 | http://www.google.com 3 | http://example.com/somepage 4 | https://another.net?id=88 5 | http://hello.org/index.php?hello=2 6 | http://google.com?q=hello+world I need to search all fields, where URL belongs to a certain host. For example, if I give the query 'google.com', it will return rows 2 and 6 (www is ignored). I get the host using PHP parse_url() function. How this SQL query would look like?

  Read the article

• How can I create a <a href=> to facebook and share a message?

  - by alex

  I don't want to share my PAGE, but I want to share a message with a short URL link to something.

  Read the article

• Detect if the iframe content has loaded successfully.

  - by skinssay

  Hi, I have a widget that contains an iframe. The user can configure the url of this iframe, but if the url could not be loaded (it does not exists or the user does not have access to internet) then the iframe should failover to a default offline page. The question is, how can I detect if the iframe could be loaded or not? I tried subscribing to the 'load' event, and, if this event is not fired after some time then I failover, but this only works in Firefox, since IE and Chrome fires the 'load' event when the "Page Not Found" is displayed.

  Read the article

• escaping into php

  - by pradeep

  $valid-url = "p1=".rawurlencode($_GET['p1'])."&type=".rawurlencode($_GET['type'])."&os=".rawurlencode($_GET['os'])."&price=".rawurlencode($_GET['price'])."&sort=".rawurlencode($_GET['sort'])."&sort_order=".rawurlencode($_GET['sort_order'])."&perpage=".rawurlencode($perpage).""; i am trying to build the url and pass it to <a href=''..but its throwing escaping problem...can i get some help on this.

  Read the article

• rewrite condition for directory along with file

  - by RHR

  Any one please help me.I am new to .htaccess I want to check the following condition RewriteCond : IF !index.html AND !app/facebookapp/{[a-zA-Z0-9-/]}.html RewriteRule : ..... My code is RewriteCond %{REQUEST_URI} !index\.html RewriteCond %{REQUEST_URI} app/facebookapp/^([a-zA-Z0-9-/]+).html$ RewriteRule ...... its not working And one more question if the request url is header.html RewriteCond %{REQUEST_URI} header.html$ RewriteRule ^([a-zA-Z0-9-/]+).html$ position.php?position=$1 [L] $l will return header. if the request url is app/facebookapp/header.html we write the same above condition $l will return app/facebookapp/header.my question is how to get only the filename ?? thanks

  Read the article

• BufferedInputStream.read(byte[]) Causes problems. Anyone have this problem before?

  - by K-RAN

  Hello! I've written a Java program that downloads audio files for me and I'm using BufferedInputStream. The read() function works fine but is really slow so I've tried using the overloaded version using byte[]. For some reason, the audio becomes lossy and strange after download. I'm not totally sure what I'm doing wrong so any help is appreciated! Here's the simplified, sloppy version of the code. BufferedInputStream bin = new BufferedInputStream((new URL(url)).openConnection().getInputStream()); File file = new File(fileName); FileOutputStream fop = new FileOutputStream(file); int rd = bin.read(); while(rd != -1) { fop.write(rd); rd = bin.read(); }

  Read the article

• Ajax posting to PHP

  - by JQonfused

  Hi guys, I'm testing a jQuery ajax post method on a local Apache 2.2 server with PHP 5.3 (totally new at this). Here are the files, all in the same folder. html body (jQuery library included in head): <form id="postForm" method="post"> <label for="name">Input Name</label> <input type="text" name="name" id="name" /><br /> <label for="age">Input Age</label> <input type="text" name="age" id="age" /><br /> <input type="submit" value="Submit" id="submitBtn" /> </form> <div id="resultDisplay"></div> <script src="queryRequest.js"></script> queryRequest.js $(document).ready(function(){ $('#s').focus(); $('#postForm').submit(function(){ var name = $('#name').val(); var age = $('#age').val(); var URL = "post.php"; $.ajax({ type:'POST', url: URL, datatype:'json', data:{'name': name ,'age': age}, success: function(data){ $('#resultDisplay').append("Value returned.<br />name: "+data.name+" age: "+data.age); }, error: function() { $('resultDisplay').append("ERROR!") } }); }); }); post.php <?php $name = $_POST['name']; $age = $_POST['age']; $return = array('name' => $name, 'age' => $age); echo json_encode($return); ?> After inputting the two fields and pressing 'Submit', the success method is called, text appended, but the values returned from ajax post are undefined. And then after less than a second, the text fields are emptied, and the text appended to the div is gone. Doesn't seem like it's a page refresh, though, since there's no empty page flash. What's going on here? I'm sure it's a silly mistake but Firebug isn't telling me anything.

  Read the article

• chrome.tab.onactivated

  - by Leon Cunningham

  Can someone please show me how to use the chrome.tabs.onActivated. I would like to refresh the tab that is clicked/activated if the url equals: www.example.com. Or if this is the wrong method please tell me what to use. Can someone please show me how to use the chrome.tabs.onActivated. I would like to refresh the tab that is clicked/activated if the url equals: www.example.com. Or if this is the wrong method please tell me what to use.

  Read the article

• Firefox back issue

  - by wikiz

  Hello, I am using a menu that switches from standard state to select state for an item by reading the current url var where = document.location.href; My issue is that when using Firefox, if I switch to some items from the menu (for instance, I click home, donwload, contact) and press the back button the url is not read correctly so 2 items remain on the selected state. This only happens in Firefox (I've tested already in Explorer, Chrome and Opera) So what I'm trying to ask: is there a way to handle the so called back button action in/for Firefox so I can fix my menu issue ?

  Read the article

• How do submit an object to a struts2 action using jQuery?

  - by James Drinkard

  I have an object that I'm populating from a selection off a table row that a user selects. I have a jQuery function that captures the click event and a hidden form field populates an id I need. However, I'm not sure as to the proper way to send off that object to a struts2 action? I tried using this: $(function() { $('#tbl tr').click(function() { var id = $(this).closest('tr').find('input:hidden').val(); var page = "<s:url action='update/deleteInfo.action'/>?model.isDelete=true&model.info.id=id"; console.log(page); window.location.href=(page); }); }); The model object has an isDelete boolean variable and the model has a nested info object that has an id variable with getter/setters. However, when I send this across, the model object isn't populated with these entries. Is there a way to do this or a better way than the url tag?

  Read the article

• PHP $_REQUEST doesn't contain all $_GET varaibles

  - by pinky0x51

  Until today I thought that $_REQUEST always contains all variables form $_POST and $_GET. But today I had the strange experience that one variable is part of $_GET but not part of $_REQUEST. I played a little bit around with the URL which hands over the parameters and it seems like always the fist parameter is missing in the $_REQUEST array. Do you have any idea why this could happen? Thanks! URL: localhost/?app=files&getfile=ajax/newfile.php?dir=%2Ftest4&source=http%3A%2F%2Fl??ocalhost%2Fimg%2Flogo.svg&filename=logo.svg&requesttoken=e250827c341650990cd4

  Read the article

• Does a form gets closed after form.submit()?

  - by user281180

  I have the following code: $.ajax({ type: "POST", url: '<%=Url.Action("test","pepole") %>', data: $("#PeopleForm").submit(), contentType: "application/json; charset=utf-8", dataType: "html", sucess: function() { }, error: function(request, status, error) { $("#NotSelectedList").html("Error: " & request.responseText); } }); The PeopleForm is displayed in a dialog. After the submit, the dialog gets closed. Is that normal? I don`t want the dialog to get closed after the submit. How can I do that?

  Read the article

• Debug Mode for CodeIgniter?

  - by user350814

  Does CodeIgniter provide a Debug Mode, for example, when accessing an Invalid URL? Ruby on Rails does show debugging Messages when a incorrect URL has been given, and the controller is unable to resolve it using the routes map. How would I enable such debugging messages in CodeIgniter? The profiler ... $this->output->enable_profiler(TRUE); ... only affects single classes, but not all routes. So debugging without an actual debugger mode is a little... difficult. :-)

  Read the article

• How to insert scraping data to mysql

  - by user1887288

  i am fetching data from other websites can any one tell me how to insert fetch data to mysql database Below code i am using to fetch results coming $urls = $_POST["urls"]; require_once('simple_html_dom.php'); $useragent = 'Googlebot/2.1 (http://www.googlebot.com/bot.html)'; foreach ($urls as $url) { $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, $url); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 20); curl_setopt($curl, CURLOPT_USERAGENT, $useragent); $str = curl_exec($curl); curl_close($curl); $html= str_get_html($str); foreach($html->find('span.price') as $e) echo $e->innertext . '<br>'; }

  Read the article

• server not sending custom header values

  - by egza

  I'm using PHP 5.2.17 to get a remote page, the HTTP requests contains some cookie values but cookies are not delivered to the destination page. $url = 'http://somesite.com/'; $opts = array( 'http' => array ( 'header' => array("Cookie: field1=value1; field2=value2\r\n") ) ); $context = stream_context_create($opts); echo file_get_contents($url, false, $context); Can you help me find the problem? Note: I can't use curl. Thanks.

  Read the article

• How to SetCookie() in a System.Net.HttpWebRequest request for another Page2.aspx?

  - by Mike108

  How can I SetCookie in Page1.aspx by a System.Net.HttpWebRequest request for Page2.aspx which handle the SetCookie() function? Page1.aspx and Page2.aspx are in the same webapp. Page1.aspx: protected void Page_Load(object sender, EventArgs e) { string url = "http://localhost/Page2.aspx"; System.Net.HttpWebRequest myReq = (System.Net.HttpWebRequest)System.Net.HttpWebRequest.Create(url); System.Net.HttpWebResponse HttpWResp = (System.Net.HttpWebResponse)myReq.GetResponse(); System.IO.Stream myStream = HttpWResp.GetResponseStream(); } Page2.aspx: protected void Page_Load(object sender, EventArgs e) { string userName = "Lily"; FormsAuthentication.SetAuthCookie(userName, true); }

  Read the article

• Android image fetching

  - by NorthIsUp

  What is the simplest way to fetch an image from a url in an android program?

  Read the article

• Submit form with our page refresh in Servlet

  - by John

  <script type="text/javascript"> $(document).ready(function() { $('.ibutton').click(function() { var ajaxdata=$("#country").val(); var value = "country="+ajaxdata; $.ajax({ url: "saveIt", type: "POST", data: value, cache: false, success: function(data){ alert("load success"); } });return false; }); }); </script> Friends, i followed every thing but its not working, upon submit, am unable to send the servlet request, saveIt is my url pattern,pls help me.

  Read the article

• when to encode space to plus (+) and when to %20 ?

  - by Daziplqa

  Sometimes the spaces get url encoded to + sign, some other times to %20, what is the difference and why and why not this happens?

  Read the article

• Teamviewer: cannot control monitor 1, but can control monitor 2

  - by DaveT

  I'm using the web client of Teamviewer from my work computer trying to control my home computer. I have 2 monitors on the remote desktop, but for some reason only have control on the second monitor. When I switch to the main monitor (monitor 1), I cannot do anything and cannot even move the cursor. But I have no issues when I switch over to the second monitor (monitor 2). I used to have no issues with either, but in the past couple of months this has been causing me issues. Anyone have a suggestion? Thanks!! Also... Here is the log from the Teamviewer session. Showing me switching back and forth between the monitors. (just in case this will help). I had to remove the links in order to post the log since I don't have enough reputation points, but they were just teamviewer login weblinks. =============================================================================== 21.08 16:00:41,176: Version: 9.0.15099 21.08 16:00:41,177: Sandbox: remote 21.08 16:00:41,177: SysLanguage: en 21.08 16:00:41,177: VarLanguage: en 21.08 16:00:41,177: Flash Player: PlugIn (WIN 14,0,0,179) 21.08 16:00:41,178: UseLanguage: en 21.08 16:00:41,178: UseLanguage: en 21.08 16:00:41,182: TeamViewer hasPassword: true 21.08 16:00:41,418: ExternalConnect id=910035824 21.08 16:00:41,419: CT connect 910035824 masterURL: , sandbox = remote 21.08 16:00:41,425: MC.requestRoute(910035824) 21.08 16:00:41,426: MC.sendMasterCommand text=F=RequestRoute2&ID1=777&Client=TV& ID2=910035824&SA_AccountID=26641022&SA_PasswordMD5HashBase64Encoded=& SA_SessionSecret=f7H6Z7SYfX5ahQ7SJq/r/K20PBYg9fOZhp+DKLhf5ts=&SA_SessionID=1558929948& V=9.0.15099&OS=Flash 21.08 16:00:41,426: MC wait for ping completion 21.08 16:00:42,064: PS.socket event: [Event type="connect" bubbles=false cancelable=false eventPhase=2] 21.08 16:00:42,182: PingThread: TCP-Ping ok 21.08 16:00:42,183: MC.socket mode = TCP, MasterURL: 21.08 16:00:42,183: MC.connect: 21.08 16:00:43,058: PS.socket event: [Event type="connect" bubbles=false cancelable=false eventPhase=2] 21.08 16:00:43,058: MC.connectHandler: [Event type="connect" bubbles=false cancelable=false eventPhase=2] 21.08 16:00:43,236: MC.requestRouteResponse: [email protected]_10800_128000_762319420_910035824_10000__1_0_16778176_128000_16778176: 128000;2147483647:1280000;4:640000_786297_786297 21.08 16:00:43,239: CT init socket: TCP 21.08 16:00:43,513: PS.socket event: [Event type="connect" bubbles=false cancelable=false eventPhase=2] 21.08 16:00:43,514: CT.connectHandler: [Event type="connect" bubbles=false cancelable=false eventPhase=2] 21.08 16:00:43,519: Browser name: Netscape 21.08 16:00:43,936: CMD_IDENTIFY id=910035824 ver=2.41 21.08 16:00:44,666: CMD_CONFIRMENCRYPTION: encryption confirmed 21.08 16:00:44,667: Started resendrequest timer 21.08 16:00:45,063: Remote Version: TV 009.000 21.08 16:00:45,501: start classic authentication 21.08 16:00:45,502: Login::SendRequestToConsole(): url= 21.08 16:00:45,828: start srp authentication 21.08 16:00:46,983: checkFirstPacket ok, m_LastReceivedPacketID =4 21.08 16:00:47,148: Login::SendRequestToConsole(): url= 21.08 16:00:47,478: start srp authentication 21.08 16:00:48,210: Login::SendRequestToConsole(): url= 21.08 16:00:48,485: checkFirstPacket ok, m_LastReceivedPacketID =7 21.08 16:00:48,780: TVCmdAuthenticate_Authenticated: 1 21.08 16:00:49,321: Connected to 910035824, name=NEWMAN, os=14, version=9.0.31064 21.08 16:00:49,329: ConnectionAccessSettings: RemoteControl: AllowedFileTransfer: AllowedControlRemoteTV: AllowedSwitchSides: DeniedAllowDisableRemoteInput: AllowedAllowVPN: AllowedAllowPartnerViewDesktop: Allowed 21.08 16:00:52,195: unexpected TVCommand.CommandType == 56 21.08 16:00:52,231: CW received display params: 1680x1050x8 monitors: 2 (active:0) 21.08 16:00:52,301: Caching active, version=2 21.08 16:03:47,158: CW received display params: 1680x1050x8 monitors: 2 (active:1) 21.08 16:04:24,447: CW received display params: 1680x1050x8 monitors: 2 (active:0) 21.08 16:04:40,609: CW received display params: 3360x1050x8 monitors: 2 (active:-1) 21.08 16:04:59,802: CW received display params: 1680x1050x8 monitors: 2 (active:1) 21.08 16:04:59,933: CW received display params: 1680x1050x8 monitors: 2 (active:1) 21.08 16:05:58,419: CW received display params: 1680x1050x8 monitors: 2 (active:0) 21.08 16:06:36,824: CW received display params: 1680x1050x8 monitors: 2 (active:1) 21.08 16:07:07,232: CW received display params: 1680x1050x8 monitors: 2 (active:0)

  Read the article

• How to configure emacs by using this file?

  - by Andy Leman

  From http://public.halogen-dg.com/browser/alex-emacs-settings/.emacs?rev=1346 I got: (setq load-path (cons "/home/alex/.emacs.d/" load-path)) (setq load-path (cons "/home/alex/.emacs.d/configs/" load-path)) (defconst emacs-config-dir "~/.emacs.d/configs/" "") (defun load-cfg-files (filelist) (dolist (file filelist) (load (expand-file-name (concat emacs-config-dir file))) (message "Loaded config file:%s" file) )) (load-cfg-files '("cfg_initsplit" "cfg_variables_and_faces" "cfg_keybindings" "cfg_site_gentoo" "cfg_conf-mode" "cfg_mail-mode" "cfg_region_hooks" "cfg_apache-mode" "cfg_crontab-mode" "cfg_gnuserv" "cfg_subversion" "cfg_css-mode" "cfg_php-mode" "cfg_tramp" "cfg_killbuffer" "cfg_color-theme" "cfg_uniquify" "cfg_tabbar" "cfg_python" "cfg_ack" "cfg_scpaste" "cfg_ido-mode" "cfg_javascript" "cfg_ange_ftp" "cfg_font-lock" "cfg_default_face" "cfg_ecb" "cfg_browser" "cfg_orgmode" ; "cfg_gnus" ; "cfg_cyrillic" )) ; enable disabled advanced features (put 'downcase-region 'disabled nil) (put 'scroll-left 'disabled nil) (put 'upcase-region 'disabled nil) ; narrow cursor ;(setq-default cursor-type 'hbar) (cua-mode) ; highlight current line (global-hl-line-mode 1) ; AV: non-aggressive scrolling (setq scroll-conservatively 100) (setq scroll-preserve-screen-position 't) (setq scroll-margin 0) (custom-set-variables ;; custom-set-variables was added by Custom. ;; If you edit it by hand, you could mess it up, so be careful. ;; Your init file should contain only one such instance. ;; If there is more than one, they won't work right. '(ange-ftp-passive-host-alist (quote (("redbus2.chalkface.com" . "on") ("zope.halogen-dg.com" . "on") ("85.119.217.50" . "on")))) '(blink-cursor-mode nil) '(browse-url-browser-function (quote browse-url-firefox)) '(browse-url-new-window-flag t) '(buffers-menu-max-size 30) '(buffers-menu-show-directories t) '(buffers-menu-show-status nil) '(case-fold-search t) '(column-number-mode t) '(cua-enable-cua-keys nil) '(user-mail-address "[email protected]") '(cua-mode t nil (cua-base)) '(current-language-environment "UTF-8") '(file-name-shadow-mode t) '(fill-column 79) '(grep-command "grep --color=never -nHr -e * | grep -v .svn --color=never") '(grep-use-null-device nil) '(inhibit-startup-screen t) '(initial-frame-alist (quote ((width . 80) (height . 40)))) '(initsplit-customizations-alist (quote (("tabbar" "configs/cfg_tabbar.el" t) ("ecb" "configs/cfg_ecb.el" t) ("ange\\-ftp" "configs/cfg_ange_ftp.el" t) ("planner" "configs/cfg_planner.el" t) ("dired" "configs/cfg_dired.el" t) ("font\\-lock" "configs/cfg_font-lock.el" t) ("speedbar" "configs/cfg_ecb.el" t) ("muse" "configs/cfg_muse.el" t) ("tramp" "configs/cfg_tramp.el" t) ("uniquify" "configs/cfg_uniquify.el" t) ("default" "configs/cfg_font-lock.el" t) ("ido" "configs/cfg_ido-mode.el" t) ("org" "configs/cfg_orgmode.el" t) ("gnus" "configs/cfg_gnus.el" t) ("nnmail" "configs/cfg_gnus.el" t)))) '(ispell-program-name "aspell") '(jabber-account-list (quote (("[email protected]")))) '(jabber-nickname "AVK") '(jabber-password nil) '(jabber-server "halogen-dg.com") '(jabber-username "alex") '(remember-data-file "~/Plans/remember.org") '(safe-local-variable-values (quote ((dtml-top-element . "body")))) '(save-place t nil (saveplace)) '(scroll-bar-mode (quote right)) '(semantic-idle-scheduler-idle-time 432000) '(show-paren-mode t) '(svn-status-hide-unmodified t) '(tool-bar-mode nil nil (tool-bar)) '(transient-mark-mode t) '(truncate-lines f) '(woman-use-own-frame nil)) ; ?? ????? ??????? y ??? n? (fset 'yes-or-no-p 'y-or-n-p) (custom-set-faces ;; custom-set-faces was added by Custom. ;; If you edit it by hand, you could mess it up, so be careful. ;; Your init file should contain only one such instance. ;; If there is more than one, they won't work right. '(compilation-error ((t (:foreground "tomato" :weight bold)))) '(cursor ((t (:background "red1")))) '(custom-variable-tag ((((class color) (background dark)) (:inherit variable-pitch :foreground "DarkOrange" :weight bold)))) '(hl-line ((t (:background "grey24")))) '(isearch ((t (:background "orange" :foreground "black")))) '(message-cited-text ((((class color) (background dark)) (:foreground "SandyBrown")))) '(message-header-name ((((class color) (background dark)) (:foreground "DarkGrey")))) '(message-header-other ((((class color) (background dark)) (:foreground "LightPink2")))) '(message-header-subject ((((class color) (background dark)) (:foreground "yellow2")))) '(message-separator ((((class color) (background dark)) (:foreground "thistle")))) '(region ((t (:background "brown")))) '(tooltip ((((class color)) (:inherit variable-pitch :background "IndianRed1" :foreground "black"))))) The above is a python emacs configure file. Where should I put it to use it? And, are there any other changes I need to make?

  Read the article

• ScriptAlias makes requests match too many Location blocks. What is going on?

  - by brain99

  We wish to restrict access on our development server to those users who have a valid SSL Client certificate. We are running Apache 2.2.16 on Debian 6. However, for some sections (mainly git-http, setup with gitolite on https://my.server/git/) we need an exception since many git clients don't support SSL client certificates. I have succeeded in requiring client cert authentication for the server, and in adding exceptions for some locations. However, it seems this does not work for git. The current setup is as follows: SSLCACertificateFile ssl-certs/client-ca-certs.crt <Location /> SSLVerifyClient require SSLVerifyDepth 2 </Location> # this works <Location /foo> SSLVerifyClient none </Location> # this does not <Location /git> SSLVerifyClient none </Location> I have also tried an alternative solution, with the same results: # require authentication everywhere except /git and /foo <LocationMatch "^/(?!git|foo)"> SSLVerifyClient require SSLVerifyDepth 2 </LocationMatch> In both these cases, a user without client certificate can perfectly access my.server/foo/, but not my.server/git/ (access is refused because no valid client certificate is given). If I disable SSL client certificate authentication completely, my.server/git/ works ok. The ScriptAlias problem Gitolite is setup using the ScriptAlias directive. I have found that the problem occurs with any similar ScriptAlias: # Gitolite ScriptAlias /git/ /path/to/gitolite-shell/ ScriptAlias /gitmob/ /path/to/gitolite-shell/ # My test ScriptAlias /test/ /path/to/test/script/ Note that /path/to/test/script is a file, not a directory, the same goes for /path/to/gitolite-shell/ My test script simply prints out the environment, super simple: #!/usr/bin/perl print "Content-type:text/plain\n\n"; print "TEST\n"; @keys = sort(keys %ENV); foreach (@keys) { print "$_ => $ENV{$_}\n"; } It seems that if I go to https://my.server/test/someLocation, that any SSLVerifyClient directives are being applied which are in Location blocks that match /test/someLocation or just /someLocation. If I have the following config: <LocationMatch "^/f"> SSLVerifyClient require SSLVerifyDepth 2 </LocationMatch> Then, the following URL requires a client certificate: https://my.server/test/foo. However, the following URL does not: https://my.server/test/somethingElse/foo Note that this only seems to apply for SSL configuration. The following has no effect whatsoever on https://my.server/test/foo: <LocationMatch "^/f"> Order allow,deny Deny from all </LocationMatch> However, it does block access to https://my.server/foo. This presents a major problem for cases where I have some project running at https://my.server/project (which has to require SSL client certificate authorization), and there is a git repository for that project at https://my.server/git/project which cannot require a SSL client certificate. Since the /git/project URL also gets matched agains /project Location blocks, such a configuration seems impossible given my current findings. Question: Why is this happening, and how do I solve my problem? In the end, I want to require SSL Client certificate authorization for the whole server except for /git and /someLocation, with as minimal configuration as possible (so I don't have to modify the configuration each time something new is deployed or a new git repository is added). Note: I rewrote my question (instead of just adding more updates at the bottom) to take into account my new findings and hopefully make this more clear.

  Read the article

• This task is currently locked by a running workflow and cannot be edited. Limitation to both Nintex and SPD workflow

  - by ybbest

  Note, this post is from Nintex Forum here. These limitations apply to both SharePoint designer Workflow and Nintex Workflow as Nintex using the SharePoint workflow engine. The common cause that I experience is that ‘parent’ workflow is generating more than one task at once. This is common as you can have multiple approvers for certain approval process. You could also have workflow running when the task is created, one of the common scenario is you would like to set a custom column value in your approval task. For me this is huge limitation, as Nintex lover I really hope Nintex could solve this problem with Microsoft going forward. Introduction “This task is currently locked by a running workflow and cannot be edited” is a common message that is seen when an error occurs while the SharePoint workflow engine is processing a task item associated with a workflow. When a workflow processes a task normally, the following sequence of events is expected to occur: 1.       The process begins. 2.       The workflow places a ‘lock’ on the task so nothing else can change the values while the workflow is processing. 3.       The workflow processes the task. 4.       The lock is released when the task processing is finished. When the message is encountered, it usually indicates that an error occurred between step 2 and 4. As a result, the lock is never released. Therefore, the ‘task locked’ message is not an error itself, rather a symptom of another error – the ‘task locked’ message does not indicate what went wrong. In most cases, once this message is encountered, the workflow cannot be made to continue and must be terminated and started again. The following is a guide that can help troubleshoot the cause of these messages.  Some initial observations to narrow down the potential causes are: Is the error consistent or intermittent? When the error is consistent, it will happen every time the workflow is run. When it is intermittent, it may happen regularly, but not every time. Does the error occur the first time the user tries to respond to a task, or do they respond and notice the workflow does not continue, and when they respond again the error occurs? If the message is present when the user first responds to the task, the issue would have occurred when the task was created. Otherwise, it would have occurred when the user attempted to respond to the task. Causes Modifying the task list A cause of this error appearing consistently the first time a user tries to respond to a task is a modification to the default task list schema. For example, changing the ‘Assigned to’ field in a task list to be a multiple selection will cause the behaviour. Deleting the workflow task then restoring it from the Recycle bin If you start a workflow, delete the workflow task then restore it from the Recycle Bin in SharePoint, the workflow will fail with the ‘task locked’ error.  This is confirmed behaviour whether using a SharePoint Designer or a Nintex workflow.  You will need to terminate the workflow and start it again. Parallel simultaneous responses A cause of this error appearing inconsistently is multiple users responding to tasks in parallel at the same time. In this scenario, one task will complete correctly and the other will not process. When the user tries again, the ‘task locked’ message will display. Nintex included a workaround for this issue in build 11000. In build 11000 and later, one of the users will receive a message on the task form when they attempt to respond, stating that they need to try again in a few moments. Additional processing on the task A cause of this error appearing consistently and inconsistently is having an additional system running on the items in the task list. Some examples include: a workflow running on the task list, an event receiver running on the task list or another automated process querying and updating workflow tasks. Note: This Microsoft help article (http://office.microsoft.com/en-us/sharepointdesigner/HA102376561033.aspx#5) explains creating a workflow that runs on the task list to update a field on the task. Our experience shows that this causes the ‘Task Locked’ issues when the ‘parent’ workflow is generating more than one task at once. Isolated system error If the error is a rare event, or a ‘one off’ event, then an isolated system error may have occurred. For example, if there is a database connectivity issue while the workflow is processing the task response, the task will lock. In this case, the user will respond to a task but the workflow will not continue. When they respond again, the ‘task locked’ message will display. In this case, there will be an error in the SharePoint ULS Logs at the time that the user originally responded. Temporary delay while workflow processes If the workflow is taking a long time to process after a user submits a task, they may notice and try to respond to the task again. They will see the task locked error, but after a number of attempts (or after waiting some time) the task response page eventually indicates the task has been responded to. In this case, nothing actually went wrong, and the error message gives an accurate indication of what is happening – the workflow temporarily locked the task while it was processing. This scenario may occur in a very large workflow, or after the SharePoint application pool has just started. Modifying the task via a web service with an invalid url If the Nintex Workflow web service is used to respond to or delegate a task, the site context part of the url must be a valid alternative access mapping url. For example, if you access the web service via the IP address of the SharePoint server, and the IP address is not a valid AAM, the task can become locked. The workflow has become stuck without any apparent errors This behaviour can occur as a result of a bug in the SharePoint 2010 workflow engine.  If you do not have the August 2010 Cumulative Update (or later) for SharePoint, and your workflow uses delays, “Flexi-task”, State machine”, “Task Reminder” actions or variables, you could be affected. Check the SharePoint 2010 Updates site here: http://technet.microsoft.com/en-us/sharepoint/ff800847.  The October CU is recommended http://support.microsoft.com/kb/2553031.   The fix is described as “Consider the following scenario. You add a Delay activity to a workflow. Then, you set the duration for the Delay activity. You deploy the workflow in SharePoint Foundation 2010. In this scenario, the workflow is not resumed after the duration of the Delay activity”. If you find this is occurring in your environment, install the October CU, terminate all the running workflows affected and run them afresh. Investigative steps The first step to isolate the issue is to create a new task list on the site and configure the workflow to use it.  Any customizations that were made to the original task list should not be made to the new task list. If the new task list eliminates the issue, then the cause can be attributed to the original task list or a change that was made to it. To change the task list that the workflow uses: In Workflow Designer select Settings -> Startup Options Then configure the task list as required If any of the scenarios above do not help, check the SharePoint logs for any messages with a category of ‘Workflow Infrastructure’. Conclusion The information in this article has been gathered from observations and investigations by Nintex. The sources of these issues are the underlying SharePoint workflow engine. This article will be updated if further causes are discovered. From <http://connect.nintex.com/forums/thread/6503.aspx>

  Read the article

• WCF WS-Security and WSE Nonce Authentication

  - by Rick Strahl

  WCF makes it fairly easy to access WS-* Web Services, except when you run into a service format that it doesn't support. Even then WCF provides a huge amount of flexibility to make the service clients work, however finding the proper interfaces to make that happen is not easy to discover and for the most part undocumented unless you're lucky enough to run into a blog, forum or StackOverflow post on the matter. This is definitely true for the Password Nonce as part of the WS-Security/WSE protocol, which is not natively supported in WCF. Specifically I had a need to create a WCF message on the client that includes a WS-Security header that looks like this from their spec document:<soapenv:Header> <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> <wsse:UsernameToken wsu:Id="UsernameToken-8" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> <wsse:Username>TeStUsErNaMe1</wsse:Username> <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText" >TeStPaSsWoRd1</wsse:Password> <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" >f8nUe3YupTU5ISdCy3X9Gg==</wsse:Nonce> <wsu:Created>2011-05-04T19:01:40.981Z</wsu:Created> </wsse:UsernameToken> </wsse:Security> </soapenv:Header> Specifically, the Nonce and Created keys are what WCF doesn't create or have a built in formatting for. Why is there a nonce? My first thought here was WTF? The username and password are there in clear text, what does the Nonce accomplish? The Nonce and created keys are are part of WSE Security specification and are meant to allow the server to detect and prevent replay attacks. The hashed nonce should be unique per request which the server can store and check for before running another request thus ensuring that a request is not replayed with exactly the same values. Basic ServiceUtl Import - not much Luck The first thing I did when I imported this service with a service reference was to simply import it as a Service Reference. The Add Service Reference import automatically detects that WS-Security is required and appropariately adds the WS-Security to the basicHttpBinding in the config file:<?xml version="1.0" encoding="utf-8" ?> <configuration> <system.serviceModel> <bindings> <basicHttpBinding> <binding name="RealTimeOnlineSoapBinding"> <security mode="Transport" /> </binding> <binding name="RealTimeOnlineSoapBinding1" /> </basicHttpBinding> </bindings> <client> <endpoint address="https://notarealurl.com:443/services/RealTimeOnline" binding="basicHttpBinding" bindingConfiguration="RealTimeOnlineSoapBinding" contract="RealTimeOnline.RealTimeOnline" name="RealTimeOnline" /> </client> </system.serviceModel> </configuration> If if I run this as is using code like this:var client = new RealTimeOnlineClient(); client.ClientCredentials.UserName.UserName = "TheUsername"; client.ClientCredentials.UserName.Password = "ThePassword"; … I get nothing in terms of WS-Security headers. The request is sent, but the the binding expects transport level security to be applied, rather than message level security. To fix this so that a WS-Security message header is sent the security mode can be changed to: <security mode="TransportWithMessageCredential" /> Now if I re-run I at least get a WS-Security header which looks like this:<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> <s:Header> <o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> <u:Timestamp u:Id="_0"> <u:Created>2012-11-24T02:55:18.011Z</u:Created> <u:Expires>2012-11-24T03:00:18.011Z</u:Expires> </u:Timestamp> <o:UsernameToken u:Id="uuid-18c215d4-1106-40a5-8dd1-c81fdddf19d3-1"> <o:Username>TheUserName</o:Username> <o:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText" >ThePassword</o:Password> </o:UsernameToken> </o:Security> </s:Header> Closer! Now the WS-Security header is there along with a timestamp field (which might not be accepted by some WS-Security expecting services), but there's no Nonce or created timestamp as required by my original service. Using a CustomBinding instead My next try was to go with a CustomBinding instead of basicHttpBinding as it allows a bit more control over the protocol and transport configurations for the binding. Specifically I can explicitly specify the message protocol(s) used. Using configuration file settings here's what the config file looks like:<?xml version="1.0"?> <configuration> <system.serviceModel> <bindings> <customBinding> <binding name="CustomSoapBinding"> <security includeTimestamp="false" authenticationMode="UserNameOverTransport" defaultAlgorithmSuite="Basic256" requireDerivedKeys="false" messageSecurityVersion="WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10"> </security> <textMessageEncoding messageVersion="Soap11"></textMessageEncoding> <httpsTransport maxReceivedMessageSize="2000000000"/> </binding> </customBinding> </bindings> <client> <endpoint address="https://notrealurl.com:443/services/RealTimeOnline" binding="customBinding" bindingConfiguration="CustomSoapBinding" contract="RealTimeOnline.RealTimeOnline" name="RealTimeOnline" /> </client> </system.serviceModel> <startup> <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/> </startup> </configuration> This ends up creating a cleaner header that's missing the timestamp field which can cause some services problems. The WS-Security header output generated with the above looks like this:<s:Header> <o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> <o:UsernameToken u:Id="uuid-291622ca-4c11-460f-9886-ac1c78813b24-1"> <o:Username>TheUsername</o:Username> <o:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText" >ThePassword</o:Password> </o:UsernameToken> </o:Security> </s:Header> This is closer as it includes only the username and password. The key here is the protocol for WS-Security:messageSecurityVersion="WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10" which explicitly specifies the protocol version. There are several variants of this specification but none of them seem to support the nonce unfortunately. This protocol does allow for optional omission of the Nonce and created timestamp provided (which effectively makes those keys optional). With some services I tried that requested a Nonce just using this protocol actually worked where the default basicHttpBinding failed to connect, so this is a possible solution for access to some services. Unfortunately for my target service that was not an option. The nonce has to be there. Creating Custom ClientCredentials As it turns out WCF doesn't have support for the Digest Nonce as part of WS-Security, and so as far as I can tell there's no way to do it just with configuration settings. I did a bunch of research on this trying to find workarounds for this, and I did find a couple of entries on StackOverflow as well as on the MSDN forums. However, none of these are particularily clear and I ended up using bits and pieces of several of them to arrive at a working solution in the end. http://stackoverflow.com/questions/896901/wcf-adding-nonce-to-usernametoken http://social.msdn.microsoft.com/Forums/en-US/wcf/thread/4df3354f-0627-42d9-b5fb-6e880b60f8ee The latter forum message is the more useful of the two (the last message on the thread in particular) and it has most of the information required to make this work. But it took some experimentation for me to get this right so I'll recount the process here maybe a bit more comprehensively. In order for this to work a number of classes have to be overridden: ClientCredentials ClientCredentialsSecurityTokenManager WSSecurityTokenizer The idea is that we need to create a custom ClientCredential class to hold the custom properties so they can be set from the UI or via configuration settings. The TokenManager and Tokenizer are mainly required to allow the custom credentials class to flow through the WCF pipeline and eventually provide custom serialization. Here are the three classes required and their full implementations:public class CustomCredentials : ClientCredentials { public CustomCredentials() { } protected CustomCredentials(CustomCredentials cc) : base(cc) { } public override System.IdentityModel.Selectors.SecurityTokenManager CreateSecurityTokenManager() { return new CustomSecurityTokenManager(this); } protected override ClientCredentials CloneCore() { return new CustomCredentials(this); } } public class CustomSecurityTokenManager : ClientCredentialsSecurityTokenManager { public CustomSecurityTokenManager(CustomCredentials cred) : base(cred) { } public override System.IdentityModel.Selectors.SecurityTokenSerializer CreateSecurityTokenSerializer(System.IdentityModel.Selectors.SecurityTokenVersion version) { return new CustomTokenSerializer(System.ServiceModel.Security.SecurityVersion.WSSecurity11); } } public class CustomTokenSerializer : WSSecurityTokenSerializer { public CustomTokenSerializer(SecurityVersion sv) : base(sv) { } protected override void WriteTokenCore(System.Xml.XmlWriter writer, System.IdentityModel.Tokens.SecurityToken token) { UserNameSecurityToken userToken = token as UserNameSecurityToken; string tokennamespace = "o"; DateTime created = DateTime.Now; string createdStr = created.ToString("yyyy-MM-ddThh:mm:ss.fffZ"); // unique Nonce value - encode with SHA-1 for 'randomness' // in theory the nonce could just be the GUID by itself string phrase = Guid.NewGuid().ToString(); var nonce = GetSHA1String(phrase); // in this case password is plain text // for digest mode password needs to be encoded as: // PasswordAsDigest = Base64(SHA-1(Nonce + Created + Password)) // and profile needs to change to //string password = GetSHA1String(nonce + createdStr + userToken.Password); string password = userToken.Password; writer.WriteRaw(string.Format( "<{0}:UsernameToken u:Id=\"" + token.Id + "\" xmlns:u=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\">" + "<{0}:Username>" + userToken.UserName + "</{0}:Username>" + "<{0}:Password Type=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText\">" + password + "</{0}:Password>" + "<{0}:Nonce EncodingType=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary\">" + nonce + "</{0}:Nonce>" + "<u:Created>" + createdStr + "</u:Created></{0}:UsernameToken>", tokennamespace)); } protected string GetSHA1String(string phrase) { SHA1CryptoServiceProvider sha1Hasher = new SHA1CryptoServiceProvider(); byte[] hashedDataBytes = sha1Hasher.ComputeHash(Encoding.UTF8.GetBytes(phrase)); return Convert.ToBase64String(hashedDataBytes); } } Realistically only the CustomTokenSerializer has any significant code in. The code there deals with actually serializing the custom credentials using low level XML semantics by writing output into an XML writer. I can't take credit for this code - most of the code comes from the MSDN forum post mentioned earlier - I made a few adjustments to simplify the nonce generation and also added some notes to allow for PasswordDigest generation. Per spec the nonce is nothing more than a unique value that's supposed to be 'random'. I'm thinking that this value can be any string that's unique and a GUID on its own probably would have sufficed. Comments on other posts that GUIDs can be potentially guessed are highly exaggerated to say the least IMHO. To satisfy even that aspect though I added the SHA1 encryption and binary decoding to give a more random value that would be impossible to 'guess'. The original example from the forum post used another level of encoding and decoding to string in between - but that really didn't accomplish anything but extra overhead. The header output generated from this looks like this:<s:Header> <o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> <o:UsernameToken u:Id="uuid-f43d8b0d-0ebb-482e-998d-f544401a3c91-1" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> <o:Username>TheUsername</o:Username> <o:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">ThePassword</o:Password> <o:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" >PjVE24TC6HtdAnsf3U9c5WMsECY=</o:Nonce> <u:Created>2012-11-23T07:10:04.670Z</u:Created> </o:UsernameToken> </o:Security> </s:Header> which is exactly as it should be. Password Digest? In my case the password is passed in plain text over an SSL connection, so there's no digest required so I was done with the code above. Since I don't have a service handy that requires a password digest,  I had no way of testing the code for the digest implementation, but here is how this is likely to work. If you need to pass a digest encoded password things are a little bit trickier. The password type namespace needs to change to: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#Digest and then the password value needs to be encoded. The format for password digest encoding is this: Base64(SHA-1(Nonce + Created + Password)) and it can be handled in the code above with this code (that's commented in the snippet above): string password = GetSHA1String(nonce + createdStr + userToken.Password); The entire WriteTokenCore method for digest code looks like this:protected override void WriteTokenCore(System.Xml.XmlWriter writer, System.IdentityModel.Tokens.SecurityToken token) { UserNameSecurityToken userToken = token as UserNameSecurityToken; string tokennamespace = "o"; DateTime created = DateTime.Now; string createdStr = created.ToString("yyyy-MM-ddThh:mm:ss.fffZ"); // unique Nonce value - encode with SHA-1 for 'randomness' // in theory the nonce could just be the GUID by itself string phrase = Guid.NewGuid().ToString(); var nonce = GetSHA1String(phrase); string password = GetSHA1String(nonce + createdStr + userToken.Password); writer.WriteRaw(string.Format( "<{0}:UsernameToken u:Id=\"" + token.Id + "\" xmlns:u=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\">" + "<{0}:Username>" + userToken.UserName + "</{0}:Username>" + "<{0}:Password Type=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#Digest\">" + password + "</{0}:Password>" + "<{0}:Nonce EncodingType=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary\">" + nonce + "</{0}:Nonce>" + "<u:Created>" + createdStr + "</u:Created></{0}:UsernameToken>", tokennamespace)); } I had no service to connect to to try out Digest auth - if you end up needing it and get it to work please drop a comment… How to use the custom Credentials The easiest way to use the custom credentials is to create the client in code. Here's a factory method I use to create an instance of my service client:  public static RealTimeOnlineClient CreateRealTimeOnlineProxy(string url, string username, string password) { if (string.IsNullOrEmpty(url)) url = "https://notrealurl.com:443/cows/services/RealTimeOnline"; CustomBinding binding = new CustomBinding(); var security = TransportSecurityBindingElement.CreateUserNameOverTransportBindingElement(); security.IncludeTimestamp = false; security.DefaultAlgorithmSuite = SecurityAlgorithmSuite.Basic256; security.MessageSecurityVersion = MessageSecurityVersion.WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10; var encoding = new TextMessageEncodingBindingElement(); encoding.MessageVersion = MessageVersion.Soap11; var transport = new HttpsTransportBindingElement(); transport.MaxReceivedMessageSize = 20000000; // 20 megs binding.Elements.Add(security); binding.Elements.Add(encoding); binding.Elements.Add(transport); RealTimeOnlineClient client = new RealTimeOnlineClient(binding, new EndpointAddress(url)); // to use full client credential with Nonce uncomment this code: // it looks like this might not be required - the service seems to work without it client.ChannelFactory.Endpoint.Behaviors.Remove<System.ServiceModel.Description.ClientCredentials>(); client.ChannelFactory.Endpoint.Behaviors.Add(new CustomCredentials()); client.ClientCredentials.UserName.UserName = username; client.ClientCredentials.UserName.Password = password; return client; } This returns a service client that's ready to call other service methods. The key item in this code is the ChannelFactory endpoint behavior modification that that first removes the original ClientCredentials and then adds the new one. The ClientCredentials property on the client is read only and this is the way it has to be added.   Summary It's a bummer that WCF doesn't suport WSE Security authentication with nonce values out of the box. From reading the comments in posts/articles while I was trying to find a solution, I found that this feature was omitted by design as this protocol is considered unsecure. While I agree that plain text passwords are rarely a good idea even if they go over secured SSL connection as WSE Security does, there are unfortunately quite a few services (mosly Java services I suspect) that use this protocol. I've run into this twice now and trying to find a solution online I can see that this is not an isolated problem - many others seem to have struggled with this. It seems there are about a dozen questions about this on StackOverflow all with varying incomplete answers. Hopefully this post provides a little more coherent content in one place. Again I marvel at WCF and its breadth of support for protocol features it has in a single tool. And even when it can't handle something there are ways to get it working via extensibility. But at the same time I marvel at how freaking difficult it is to arrive at these solutions. I mean there's no way I could have ever figured this out on my own. It takes somebody working on the WCF team or at least being very, very intricately involved in the innards of WCF to figure out the interconnection of the various objects to do this from scratch. Luckily this is an older problem that has been discussed extensively online and I was able to cobble together a solution from the online content. I'm glad it worked out that way, but it feels dirty and incomplete in that there's a whole learning path that was omitted to get here… Man am I glad I'm not dealing with SOAP services much anymore. REST service security - even when using some sort of federation is a piece of cake by comparison :-) I'm sure once standards bodies gets involved we'll be right back in security standard hell…© Rick Strahl, West Wind Technologies, 2005-2012Posted in WCF  Web Services   Tweet !function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0];if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src="//platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs"); (function() { var po = document.createElement('script'); po.type = 'text/javascript'; po.async = true; po.src = 'https://apis.google.com/js/plusone.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(po, s); })();

  Read the article

< Previous Page | 314 315 316 317 318 319 320 321 322 323 324 325  | Next Page >