Search Results

Search found 30819 results on 1233 pages for 'software security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 340/1233 | < Previous Page | 336 337 338 339 340 341 342 343 344 345 346 347  | Next Page >

  • Permission based access control

    - by jellysaini
    I am trying to implement permission based access control in ASP.NET. To implement this I have created some database tables that hold all the information about which roles are assigned what permissions and which roles are assigned to what user. I am checking the permissions in the business access layer. Right now I have created a method which checks the permissions of the user. If the user has permissions then okay otherwise it redirects to another page. I want to know if the following things are possible? class User { [PremissionCheck(UserID,ObjectName,OperationName)] public DataTable GetUser() { //coding for user } } I have seen it in MVC3. Can I Create it in ASP.NET? If yes then how can I implement it?

    Read the article

  • refresh a <ui:composition when j_security_check connection interrupted (http 408)

    - by José Osuna Barrios
    I have a "j_security_check connection interrupted (http code 408)" and proposed solution is <meta http-equiv="refresh" content="#{session.maxInactiveInterval}"/> by http://stackoverflow.com/a/2141274/1852036 but my page structure is a composition using a template.xhtml and a view.xhtml like a <ui:composition: my template.xhtml: <html ... <f:view ... <h:body ... <ui:insert name="content"> ... my view.xhtml to refresh when session.maxInactiveInterval <ui:composition ... <ui:define name="content"> ... may anyone help me to do this? I want to refresh this <ui:composition view, I can't use <meta http-equiv="refresh" content="#{session.maxInactiveInterval}"/> on template.xhtml because it's used by several views

    Read the article

  • What Java tools/apis to use for decrypting/encrypting

    - by Java_bear
    I am trying to decrypt (and later encrypt) an email message (ebXML). The message contains a Signature element that contains child elements to specify the SignedInfo, SignatureValue and KeyInfo. Also, the message contains an encrypted attachment. Question: What Java tools/apis should be used for decrypting? I would like to find some tool/api that would (automagically) instantiate objects based on whatever is included with the Signature element, so that the data (message) could be easily validated. And the other way around: Creating objects (specifying methods, signature value and keyinfo) and then outputting the xml to go into the message.

    Read the article

  • Where should I place a function that I want to run before the cached page is served (Drupal)

    - by kidbrax
    We have a intranet site that runs on Drupal. If an employee hits the site from outside our network they are required to login first. If they are already in our network, they can browse around freely. So we have a function that checks where they are coming from and redirects them to a login page if they are from outside. If we enable caching, they are not redirected because the cached page is rendered without running our function. The code currently exists inside of the theme_preprocess function. Where can I put it so that it always runs before the cached pages are served?

    Read the article

  • What do I need to know before working on an IM application?

    - by John
    I'm looking into building an IM-type application using Java stack (for the server at least). I'd be interested to see any information/advice on how applications like Skype/AIM/MSN work, as well as know any technologies/APIs that might be relevant. Without giving away the idea itself, it's perhaps more akin to Google Wave than Skype, but information useful for either is very welcome. Specific points I have already thought of include: Server Vs P2P... for reasons of logging my system will require all communication to go through a central server. Is this how other IM tools work... especially when audio/video comes into the equation? Cross-communication with other systems. Are there APIs for this or do all IM providers work hard to keep their protocol secret? The nature of what I'm designing means integration could probably only be limited, but it definitely seems worthwhile from a business perspective

    Read the article

  • Url rewriting : prevent to display xml

    - by Frank
    Edit : I've got an aspx file (default.aspx) that loads a flash file (index.swf), but this swf needs a xml file (foo.xml) to load correctly. However, I would like to block any request aiming directly at the xml file. Is it possible, using a rewritting engine (isapi_rewrite for example) to detect if the xml file is being 'hotlinked' or being loaded by the 'index.swf'(inside default.aspx)? Any ideas? Thank you.

    Read the article

  • Post data with jQuery to ASP.net, am I doing this secure enough?

    - by Wim Haanstra
    For a website I am building, I am using jQuery to post data to Generic Handlers I created for this purpose. Because you need to be logged in, to do most post actions (like 'rate a picture'), I am currently using the following technique: User visits page Page determines if user is logged in On Page_Load the page fills a hidden field with an encrypted string, which contains several needed variables, like User ID, Picture ID (of the picture they are currently viewing), the DateTime when the page was rendered. When the user clicks a "I like this picture"-button, I do a $.ajax post to my Generic Handler, with the encrypted string and the value whether or not they liked the picture. The Generic Handler decrypts the supplied encrypted string and takes a look at the DateTime to determine if it was not too long ago When everything works out, the vote is submitted to the database. In my understanding this is a pretty secure way to handle a situation like this. But maybe I am missing a very important point here. Any advice would be very welcome.

    Read the article

  • Ways to restrict WCF Service so only our apps can access it.

    - by RP
    I have a public WCF Service. I have a WPF Desktop app & a silverlight app. My apps does not have any login requirements. I want to make it difficult for another developer / website to make use of my service. What's the best way to restrict access to my service? Use SSL and have the desktop / silverlight app store a token inside of it?

    Read the article

  • php web based portal authentication through IP.

    - by user434885
    i have a web portal running which involves basic data entry. The issue being that this is highly sensitive data. And the credibility of the data entry personel is very low. Therefore i have implemented recording of IP when an entry is made. The Problem i am facing is if this if this person starts forwarding his IP from a proxy server then i am unable to track authenticity of the data. How do i detect if the IP forwarding is happening/ get the real ip address of the person.

    Read the article

  • How should my main web application (A) securely retrieve data from my content storage web applicatio

    - by fonacule
    I have two web applications (A) and (B). (A) is my primary web application. (B) is purely for content storage, such as file uploads by users of (A). What's best way to securely retrieve data from (B) into (A) but in a way that does not expose the data in (B) to potential discovery by third-parties over the public internet or nosy users of (A)? For example, if I use a HTML form POST from (A) to (B) to retrieve user data, and have a hidden form field called user_id=1, then someone could simply change this to user_id=2 and see the content owned by another user of the application. That would be a problem.

    Read the article

  • How can I gain root access on a Mac OS X system without wiping the OS?

    - by Richard T
    My father died recently and I've inherited his Mac. I'd love to put it to use in my own life, but I don't want to wipe its brains out just so I can reconfigure it to use in my network, etc. His old files are historically important to me—I trust you can understand my desire to keep them. I can log in as I had an account on the machine before he passed, but that's about it.

    Read the article

  • Block upload of executable images (PHP)

    - by James Simpson
    It has come to my attention that a user has been trying to create an exploit through avatar image uploads. This was discovered when a user reported to me that they were getting a notice from their Norton Anti-virus saying "HTTP Suspicious Executable Image Download." This warning was referencing the user's avatar image. I don't think they had actually achieved anything in the way of stealing information or anything like that, but I assume it could be possible if the hole is left open long enough. I use PHP to upload the image files, and I check if the file being uploaded is a png, jpg, or gif.

    Read the article

  • How to check for a file's authenticity ?

    - by Ale_x
    Let's say I write a game application. I want the level of the player to be stored in an external file. How can I prevent a hacker from writing and modifying the file to put another level ? I want the file to be modified by my application only. I can sign the file's content with a key, but then this key will be stored in the application, therefore it would be possible for a hacker to decompile the binary and find the key. Is there any way to do this ?

    Read the article

  • How can I add one line into all php files' beginning?

    - by Tom
    So, ok. I have many php files and one index.php file. All files can't work without index.php file, because I include them in index.php. For example. if somebody click Contact us the URL will become smth like index.php?id=contact and I use $_GET['id'] to include contacts.php file. But, if somebody find the file's path, for example /system/files/contacts.php I don't want that that file would be executed. So, I figured out that I can add before including any files in index.php line like this $check_hacker = 1 and use if in every files beginning like this if($check_hacker <> 1) die();. So, how can I do it without opening all files and adding this line to each of them? Is it possible? Because I actually have many .php files. And maybe there is other way to do disable watching separate file? Any ideas? Thank you.

    Read the article

  • Execute a batch script from Firefox

    - by danilo
    I have written an intranet application from which you can directly connect to a virtual machine by clicking on a RDP-button. The click calls a .bat file, which opens the connection. With IE, this is no problem, as you can choose to directly execute the batch file. But with Firefox, I can only download the script, and have to start it manually afterwards. Is there a way to trust the intranet domain (about:config?) so Firefox allows it to execute scripts directly? Or is there an even better (easier) way to start an RDP connection from Firefox?

    Read the article

  • Aggregation, Association and Composition (examples of code given)

    - by Bukocen
    I have such a simple example: public class Order { private ArrayList<Product> orders = new ArrayList<Product>(); public void add(Product p) { orders.add(p); } } Is it aggregation or composition? I guess it's composition, because orders will be delated after delete of Order, right? Unfortunately it was a task and answer was different;/ Do you know why? second problem: public class Client extends Person { String adress = ""; Orders orders = new Orders(); public Client(String n, String sn) { name = n; surName = sn; } public String getAddress() { return adress; } public Orders getOrders() { return this.orders; } } Is it Association between Client and Orders? My teacher told me that this is association, but I was wondering why it's not a aggregation/composition - he told me that aggregation or composition occur only when one class contains few instances of different class - is that right? I guess not, because e.g. car contains ONE wheel and it's aggregation I guess? What type of relation is that and why? Greetings

    Read the article

  • Hiding "Print to file" in a Java print dialog

    - by Carl Smotricz
    I'm maintaining this Swing app that has a "print" option. Users need to be kept from interacting in any way with the underlying file system, but the print dialog offers "print to file" as one printer, and that of course allows selecting a directory and file from the file system. Is there a painless way to override/modify the print dialog to hide the "to file" printer from this dialog? I understand the API will let me do this piecemeal but I'd rather not have to re-create most of the dialog GUI and functionality to do this.

    Read the article

  • Is there any way to view PHP code (the actual code not the compiled result) from a client machine?

    - by Columbo
    This may be a really stupid question...I started worrying last night that there might be someway to view PHP files on a server via a browser or someother means on a client machine. My worry is, I have an include file that contains the database username and password. If there were a way to put the address of this file in to a browser or some other system and see the code itself then it would be an issue for obvious reasons. Is this a legitimate concern? If so how do people go about preventing this?

    Read the article

  • Strongest cipher available to use with C/C++ ?

    - by George0x77
    I am just wondering if you are supposed to write a sort of really secure application with data being transmitted over insecure networks, what kind of encryption algorithm will you use it in order to make it safe ? I know several c++ libraries for encryption providing nice functions with different algorithms, but i'm not quite sure which cipher to use - AES, DES, RSA, Blowfish or maybe something more different ? Please provide your ideas and suggestions. Thank you.

    Read the article

  • What's the big deal with brute force on hashes like MD5

    - by Jan Kuboschek
    I just spent some time reading http://stackoverflow.com/questions/2768248/is-md5-really-that-bad (I highly recommend!). In it, it talks about hash collisions. Maybe I'm missing something here, but can't you just encrypt your password using, say, MD5 and then, say, SHA-1 (or any other, doesn't matter.) Wouldn't this increase the processing power required to brute-force the hash and reduce the possibility of collision?

    Read the article

  • Best data recovery tools?

    - by Nonick
    So due to a recent act of stupidity and bravado, I uttered the words "backups! who needs backups?!" and what followed was the tragic loss of 260gb of data. This scenario in particular is requiring me to recover a repartitioned hard disk, but I was wondering what tools people here use in general to recover lost data. I'm sure everyone has been there, either accidentally rewriting files, resaving an old version, computer crash, hard disk death, user deletes an important document etc. So was thinking it might be an interesting point of discussion as to what you guys use to recover lost data. I appologise if this is considered irrelevant, but considering there has been a few recovery questions, I think this might be interesting.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 336 337 338 339 340 341 342 343 344 345 346 347  | Next Page >