Search Results

Search found 9696 results on 388 pages for 'proxy authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 352/388 | < Previous Page | 348 349 350 351 352 353 354 355 356 357 358 359  | Next Page >

  • Extjs - Loading Grid when call

    - by Oxi
    I have form and grid. the user must enter data in form fields then display related records in the grid. I want to implement a search form, e.g: user will type the name and gender of the student, then will get a grid of all students have the same name and gender. So, I use ajax to send form fields value to PHP and then creat a json_encode wich will be used in grid store. I am really not sure if my idea is good. But I haven't found another way to do that. The problem is when I set autoLoad to true in the store, the grid automatically filled with all data - not just what I asked for - So, I understand that I have to set autoLoad to false, but then the result not shown in the grid even it returned successfully in the firebug! I don't know what to do. My View: { xtype: 'panel', layout: "fit", id: 'searchResult', flex: 7, title: '<div style="text-align:center;"/>SearchResultGrid</div>', items: [ { xtype: 'gridpanel', store: 'advSearchStore', id: 'AdvSearch-grid', columns: [ { xtype: 'gridcolumn', dataIndex: 'name', align: 'right', text: 'name' }, { xtype: 'gridcolumn', dataIndex: 'gender', align: 'right', text: 'gender' } ], viewConfig: { id : 'Arr' ,emptyText: 'noResult' }, requires: ['MyApp.PrintSave_toolbar'], dockedItems: [ { xtype: 'PrintSave_tb', dock: 'bottom', } ] } ] }, My Store and Model: Ext.define('AdvSearchPost', { extend: 'Ext.data.Model', proxy: { type: 'ajax', url: 'AdvSearch.php', reader: { type: 'json', root: 'Arr', totalProperty: 'totalCount' } }, fields: [ { name: 'name'}, { name: 'type_and_cargo'} ] }); Ext.create('Ext.data.Store', { pageSize: 10, autoLoad: false, model: 'AdvSearchPost', storeId: 'AdvSearchPost' });

    Read the article

  • identify accounts using zend-openid [HELP]

    - by tawfekov
    Hi! , i had successfully implemented simple open ID authentication with the [gmail , yahoo , myopenid, aol and many others ] exactly as stackoverflow do but i had a problem with identifying accounts for example 'openid_ns' => string 'http://specs.openid.net/auth/2.0' (length=32) 'openid_mode' => string 'id_res' (length=6) 'openid_op_endpoint' => string 'https://www.google.com/accounts/o8/ud' (length=37) 'openid_response_nonce' => string '2010-05-02T06:35:40Z9YIASispxMvKpw' (length=34) 'openid_return_to' => string 'http://dev.local/download/index/gettingback' (length=43) 'openid_assoc_handle' => string 'AOQobUf_2jrRKQ4YZoqBvq5-O9sfkkng9UFxoE9SEBlgWqJv7Sq_FYgD7rEXiLLXhnjCghvf' (length=72) 'openid_signed' => string 'op_endpoint,claimed_id,identity,return_to,response_nonce,assoc_handle' (length=69) 'openid_sig' => string 'knieEHpvOc/Rxu1bkUdjeE9YbbFX3lqZDOQFxLFdau0=' (length=44) 'openid_identity' => string 'https://www.google.com/accounts/o8/id?id=AItOawk0NAa51T3xWy-oympGpxFj5CftFsmjZpY' (length=80) 'openid_claimed_id' => string 'https://www.google.com/accounts/o8/id?id=AItOawk0NAa51T3xWy-oympGpxFj5CftFsmjZpY' (length=80) i thought that openid_claimed_id or openid_identity is identical for every account but after some testing turns out the claimed id is changeable by the users them self in yahoo and randomly changing in case of gmail FYI am using zend openid with a bit modification on consumer class and i can't use SERG [Simple Refistration Extension] cuz currently it uses openid v1 specification :( i hadn't read the specification of openid so if any body know please help me to how to identify openid accounts to know if this account has signed in before or not

    Read the article

  • Error accessing uncompiled pages using ISA Server 2006 SP1

    - by Bravax
    We are in the processing of configuring a portal to use ISA Server as our front end security provider. So we are using ISA Server 2006 SP1. Unfortunately when we access .net applications through ISA Server, the first time they are accessed. i.e. They are not compiled yet, the following error appears: Error Code: 500 Internal Server Error. The parameter is incorrect. (87) In the ISA Monitoring logs, this shows: Failed Connection Attempt Log type: Web Proxy (Reverse) Status: 87 The parameter is incorrect. Once the application is compiled, the error never appears. Does anyone know how to resolve this, so the site works correctly the first time? Some additional information: The websites accessed are running on windows server 2008 64 bit - standard edition, and occurs for Sharepoint as well as standard .net websites. ISA Server is running on Windows server 2003 R2 SP2 Standard eidtion The firewall on the windows server 2008 box allows all access. (To rule this out.) Nothing odd appears in the IIS logs or firewall logs.

    Read the article

  • Not loading associations without proxies in NHibernate

    - by Alice
    I don't like the idea of proxy and lazy loading. I don't need that. I want pure POCO. And I want to control loading associations explicitly when I need. Here is entity public class Post { public long Id { get; set; } public long OwnerId { get; set; } public string Content { get; set; } public User Owner { get; set; } } and mapping <class name="Post"> <id name="Id" /> <property name="OwnerId" /> <property name="Content" /> <many-to-one name="Owner" column="OwnerId" /> </class> However if I specify lazy="false" in the mapping, Owner is always eagerly fetched. I can't remove many-to-one mapping because that also disables explicit loading or a query like from x in session.Query<Comment>() where x.Owner.Title == "hello" select x; I specified lazy="true" and set use_proxy_validator property to false. But that also eager loads Owner. Is there any way to load only Post entity?

    Read the article

  • JasperReports reports access image via authenticated URL

    - by user363115
    Hi all, I am hoping that this is a simple issue with a simple solution and that I have missed something obvious. Let me explain the problem; We have an application that generates PDF reports (using Jasper). These reports contain data from our database, as well as imagery (photographs). These photographs are stored in S3. We use signed URLs to access these photographs. We link these photographs into our Jasper reports using these S3 URLs. Because the S3 URLs are signed and time-limited (by design), the process is as follows; User requests a report to be generated, Report is filled, and goes to our database (at which time UUIDs to any required images are retrieved), For each UUID an S3 signed URL must be generated, To do this the URL behind each report image is a call to an authenticated URL in our app (/get_img?uuid=foo), The controller behind this URL generates a signed S3 URL and returns it, Reports loads the image. The problem is with step (4) - the call to the authenticated URL fails because Jasper does not pass any authentication information with the request. Is there a solution here? Thanks all for your time. Ben

    Read the article

  • @selector and return value

    - by user320926
    The idea it's very easy, i have an http download class, this class must support the http authentication but it's basically a background thread so i would like to avoid to prompt directly to the screen, i would like to use a delegate method to require from outside of the class, like a viewController. But i don't know if is possible or if i have to use a different syntax. This class use this delegate protocol: //Updater.h @protocol Updater <NSObject> -(NSDictionary *)authRequired; @optional -(void)statusUpdate:(NSString *)newStatus; -(void)downloadProgress:(int)percentage; @end @interface Updater : NSThread { ... } This is the call to the delegate method: //Updater.m // This check always fails :( if ([self.delegate respondsToSelector:@selector(authRequired:)]) { auth = [delegate authRequired]; } This is the implementation of the delegate method //rootViewController.m -(NSDictionary *)authRequired; { // TODO: some kind of popup or modal view NSMutableDictionary *ret=[[NSMutableDictionary alloc] init]; [ret setObject:@"utente" forKey:@"user"]; [ret setObject:@"password" forKey:@"pass"]; return ret; }

    Read the article

  • Axis2 SOAP Envelope Header Information

    - by BigZig
    I'm consuming a web service that places an authentication token in the SOAP envelope header. It appears (through looking at the samples that came with the WS WSDL) that if the stub is generated in .NET, this header information is exposed through a member variable in the stub class. However, when I generate my Axis2 java stub using WSDL2Java it doesn't appear to be exposed anywhere. What is the correct way to extract this information from the SOAP envelope header? WSDL: http://www.vbar.com/zangelo/SecurityService.wsdl C# Sample: using System; using SignInSample.Security; // web service using SignInSample.Document; // web service namespace SignInSample { class SignInSampleClass { [STAThread] static void Main(string[] args) { // login to the Vault and set up the document service SecurityService secSvc = new SecurityService(); secSvc.Url = "http://localhost/AutodeskDM/Services/SecurityService.asmx"; secSvc.SecurityHeaderValue = new SignInSample.Security.SecurityHeader(); secSvc.SignIn("Administrator", "", "Vault"); DocumentServiceWse docSvc = new DocumentServiceWse(); docSvc.Url = "http://localhost/AutodeskDM/Services/DocumentService.asmx"; docSvc.SecurityHeaderValue = new SignInSample.Document.SecurityHeader(); docSvc.SecurityHeaderValue.Ticket = secSvc.SecurityHeaderValue.Ticket; docSvc.SecurityHeaderValue.UserId = secSvc.SecurityHeaderValue.UserId; } } } The sample illustrates what I'd like to do. Notice how the secSvc instance has a SecurityHeaderValue member variable that is populated after a successful secSvc.SignIn() invocation. Here's some relevant API documentation regarding the SignIn method: Although there is no return value, a successful sign in will populate the SecurityHeaderValue of the security service. The SecurityHeaderValue information is then used for other web service calls.

    Read the article

  • sql server mdf file database attachment

    - by jnsohnumr
    hello all i'm having a bear of a time getting visual studio 2010 (ultimate i think) to properly attach to my database. it was moved from original spot to #MYAPP#/#MYAPP#.Web/App_Data/#MDF_FILE#.mdf. I have three instances of sql server running on this machine. i have tried to replace the old mdf file with my new one and cannot get the connectionstring right for it. what i'm really wanting to do is to just open some DB instance, run a DB create script. Then I can have a DB that was generated via my edmx (generate database from model) in silverlight business application (c#) right now, when i go to server explorer in VS, choose add new connection, choose MS SQL Server Database FIle (SqlClient), choose my file location (app_data directory), use windows authentication, and hit the Test Connection button I get the following error: Unable to open the physical file "". Operating system error 5: "5(Access Denied.)". An attempt to attach to an auto-named database for file"" failed. A database with the same name exists, or specified file cannot be opened, or it is located on UNC share. The mdf file was created on the same machine by connecting to (local) on the sql server management studio, getting a new query, pasting in the SQL from the generated ddl file, adding a CREATE DATABASE [NcrCarDatabase]; GO before the pasted SQL, and executing the query. I then disconnected from the DB in management studio, closed management studio, navigated to the DATA directory for that instance, and copying the mdf and ldf files to my application's app_data folder. I am then trying to connect to the same file inside visual studio. I hope that gives more clarity to my problems :). Connection string is: Data Source=.\SQLEXPRESS;AttachDbFilename=C:\SourceCode\NcrCarDatabase\NcrCarDatabase.Web\App_Data\NcrCarDatabase.mdf;Integrated Security=True;Connect Timeout=30;User Instance=True

    Read the article

  • DotNetOpeId - Using OpenIdButton for Google Apps

    - by JediPotPie
    I am an ASP.NET newbie and I am trying to design an OpenID/SSO system for an internal web application. The web application is pretty simple and the authentication is currently being managed by a database with usernames and passwords. I want to replace the existing accounts stored in the database with Google Apps accounts. I have downloaded the latest DotNetOpenAuth-3.4.3.10103 package and got the OpenIdRelyingPartyWebForms sample up and running on IIS. I have built my own login page using just a OpenIdButton object that points to a development Google domain. The button seems to work fine in FireFox, at least it is forwarding me to the Google Apps login, but nothing happens when I load the same page in IE. When I click the Google button, nothing happens, zip. The same is true for the Yahoo button in the login.aspx page given in the sample. Here is the .aspx code I am using... <rp:OpenIdButton runat="server" ImageUrl="http://www.google.com/accounts/google_transparent.gif" Text="Login with Google!" ID="googleLoginButton" Identifier="https://www.google.com/accounts/o8/site-xrds?hd=dev.connexcloud.com" />

    Read the article

  • Some sonatype nexus questions.

    - by smallufo
    I deployed a sonatype nexus server inside my LAN , mapping some remote repositories to my public repositories : First question is , why these repositories not sync with the "real" repositories ? For example , I mapped maven central (http://repo1.maven.org/maven2) to "central" , but when I browse http://smallufo:8081/nexus/content/repositories/central/org/springframework/ , the packages are not complete , in http://repo2.maven.org/maven2/org/springframework/ , there are tons of artifacts , but I only have some of them : And versions are old ... ex : spring-core is only 2.5.6.SEC01 , but the latest version is 3.0.2.RELEASE. And my maven client seems can only find the old artifacts ... "central" is a proxy directory , it should be the same with the remote server. I tried to "Expire Cache" , "ReIndex" , "Incremental ReIndex" the whole "central" : After a long time with almost 100% java process load , the situation seems not better , just add some artifacts ... not reflecting the real "Maven Central" data... Second question , what's difference with "Expire Cache" , "ReIndex" , "Incremental ReIndex" ? Even I can "search" spring-core.3.0.2.RELEASE , my m2eclipse still cannot find it : I can also see the spring-core-3.0.2.RELEASE in the "index" , (but not available in "storage") : But why m2eclipse cannot make use of it ? it seems m2eclipse can only install artifacts in the storage , if this is how nexus works , how do I "force" download spring-core-3.0.2.RELEASE to nexus's storage ? How do I solve these strange incompatibilities ? Thanks a lot !

    Read the article

  • Different approaches for finding users within Active Directory

    - by EvilDr
    I'm a newbie to AD programming, but after a couple of weeks of research have found the following three ways to search for users in Active Directory using the account name as the search parameter: Option 1 - FindByIdentity Dim ctx As New PrincipalContext(ContextType.Domain, Environment.MachineName) Dim u As UserPrincipal = UserPrincipal.FindByIdentity(ctx, IdentityType.SamAccountName, "MYDOMAIN\Administrator") If u Is Nothing Then Trace.Warn("No user found.") Else Trace.Warn("Name=" & u.Name) Trace.Warn("DisplayName=" & u.DisplayName) Trace.Warn("DistinguishedName=" & u.DistinguishedName) Trace.Warn("EmployeeId=" & u.EmployeeId) Trace.Warn("EmailAddress=" & u.EmailAddress) End If Option 2 - DirectorySearcher Dim connPath As String = "LDAP://" & Environment.MachineName Dim de As New DirectoryEntry(connPath) Dim ds As New DirectorySearcher(de) ds.Filter = String.Format("(&(objectClass=user)(anr={0}))", Split(User.Identity.Name, "\")(1)) ds.PropertiesToLoad.Add("name") ds.PropertiesToLoad.Add("displayName") ds.PropertiesToLoad.Add("distinguishedName") ds.PropertiesToLoad.Add("employeeId") ds.PropertiesToLoad.Add("mail") Dim src As SearchResult = ds.FindOne() If src Is Nothing Then Trace.Warn("No user found.") Else For Each propertyKey As String In src.Properties.PropertyNames Dim valueCollection As ResultPropertyValueCollection = src.Properties(propertyKey) For Each propertyValue As Object In valueCollection Trace.Warn(propertyKey & "=" & propertyValue.ToString) Next Next End If Option 3 - PrincipalSearcher Dim ctx2 As New PrincipalContext(ContextType.Domain, Environment.MachineName) Dim sp As New UserPrincipal(ctx2) sp.SamAccountName = "MYDOMAIN\Administrator" Dim s As New PrincipalSearcher s.QueryFilter = sp Dim p2 As UserPrincipal = s.FindOne() If p2 Is Nothing Then Trace.Warn("No user found.") Else Trace.Warn(p2.Name) Trace.Warn(p2.DisplayName) Trace.Warn(p2.DistinguishedName) Trace.Warn(p2.EmployeeId) Trace.Warn(p2.EmailAddress) End If All three of these methods return the same results, but I was wondering if any particular method is better or worse than the others? Option 1 or 3 seem to be the best as they provide strongly-typed property names, but I might be wrong? My overall objective is to find a single user within AD based on the user principal value passed via the web browser when using Windows Authentication on a site (e.g. "MYDOMAIN\MyUserAccountName")

    Read the article

  • Creating a HTTP handler for IIS that transparently forwards request to different port?

    - by Lasse V. Karlsen
    I have a public web server with the following software installed: IIS7 on port 80 Subversion over apache on port 81 TeamCity over apache on port 82 Unfortunately, both Subversion and TeamCity comes with their own web server installations, and they work flawlessly, so I don't really want to try to move them all to run under IIS, if that is even possible. However, I was looking at IIS and I noticed the HTTP redirect part, and I was wondering... Would it be possible for me to create a HTTP handler, and install it on a sub-domain under IIS7, so that all requests to, say, http://svn.vkarlsen.no/anything/here is passed to my HTTP handler, which then subsequently creates a request to http://localhost:81/anything/here, retrieves the data, and passes it on to the original requestee? In other words, I would like IIS to handle transparent forwards to port 81 and 82, without using the redirection features. For instance, Subversion doesn't like HTTP redirect and just says that the repository has been moved, and I need to relocate my working copy. That's not what I want. If anyone thinks this can be done, does anyone have any links to topics I need to read up on? I think I can manage the actual request parts, even with authentication, but I have no idea how to create a HTTP handler. Also bear in mind that I need to handle sub-paths and documents beneath the top-level domain, so http://svn.vkarlsen.no/whatever/here needs to be handled by a single handler, I cannot create copies of the handler for all sub-directories since paths are created from time to time.

    Read the article

  • In M-V-VM where does my code go?

    - by Nate Bross
    So, this is a pretty basic question I hope. I have a web service that I've added through Add Service Reference. It has some methods to get list and get detail of a perticular table in my database. What I'm trying to do is setup a UI as follows: App Load Load service proxy Call the GetList(); method display the results in a ListBox control User Double Clicks item in ListBox, display a modal dialog with a "detail" view I'm extremely new to using MVVM, so any help would be greatly appreciated. Additional information: // Service Interface (simplification): interface IService { IEnumerable<MyObject> GetList(); MyObject GetDetail(int id); } // Data object (simplification) class MyObject { public int ID { get; set; } public string Name { get; set; } } I'm thinking I should have something like this: MainWindow MyObjectViewUserControl Displays list Opens modal window on double click Specific Questions: What would my ViewModel class look like? Where does the code to handle the double click go? Inside the UserControl? Sorry for the long details, but I'm very new to the whole thing and I'm not educated enough to ask the right questions. I checked out the MVVM Sample from wpf.codeplex.com and something isn't quite clicking for me yet, because it seems very confusing.

    Read the article

  • How do you submit an authenticated HTML form using XUL (Firefox extension) Javascript?

    - by machineghost
    I am working on a Firefox extension, and in that extension I am trying to use AJAX to submit a form on a webpage. I am using: var request = Components.classes["@mozilla.org/xmlextras/xmlhttprequest;1"].createInstance(Components.interfaces.nsIXMLHttpRequest); request.onload = loadHandler; request.open("POST", url, true); request.send(values); to make the request, and it works ... mostly. The one problem is that the form has an authentication token on it, and I need to submit that token with my POST. I tried doing a GET separately to get this token, but by the time I made my second (POST) request my session had (evidently) changed, and the authenticity token was considered invalid. Does anyone know of a way to use the XUL/Chrome Javscript to maintain a constant session across multiple requests (all "behind the scenes") for something this? I'm still a XUL n00b, so there may be a totally obvious alternative that I'm missing (eg. hidden IFRAME; I tried that briefly but couldn't get it to work).

    Read the article

  • what is a root directory in IIS 6 and How do I make one of my subfolder in ASP.NET website the root directory?

    - by R_Coder
    I need to integrate a third party plugin in my asp.net website. To install the plugin, they have mentioned this sentence, "Create an application through your IIS control panel with root directory at -(some path from my website folder)?". I am not much aware with IIS and rarely worked with it. Though I tried every possible way i could do in IIS, I am not able to work it out. After installation, there is a test page provided by plugin which i have to run to check but when I run it, it shows this error. "It is an error to use a section registered as allowDefinition='MachineToApplication' beyond application level. This error can be caused by a virtual directory not being configured as an application in IIS." I searched this error too and found that it is because the two Web.Config file, one from the main project and another from plugin folder. The only way to work with this is to make the plugin folder they specified as root directory in IIS. Someone kindly tell me some easy steps to do this. What I was doing is, in IIS6, I added New website with the main folder of my asp.net website, then I right clickadd application and choosed the gievn path, thought it would become root directory but it ain't. Help would be appreciated. ALso note that, i have to put the plugin folder in my main website folder only. So, there are two web.config. I tried to rename one of them too, it solved the above error but gave another errors but I think main problem is of root directory. P.S they show me above error on web.config file of plugin folder on this sentence- "Line 51: < authentication mode="Windows" />"

    Read the article

  • Protecting sensitive entity data

    - by Andreas
    Hi, I'm looking for some advice on architecture for a client/server solution with some peculiarities. The client is a fairly thick one, leaving the server mostly to peristence, concurrency and infrastructure concerns. The server contains a number of entities which contain both sensitive and public information. Think for example that the entities are persons, assume that social security number and name are sensitive and age is publicly viewable. When starting the client, the user is presented with a number of entities, not disclosing any sensitive information. At any time the user can choose to log in and authenticate against the server, given the authentication is successful the user is granted access to the sensitive information. The client is hosting a domain model and I was thinking of implementing this as some kind of "lazy loading", making the first request instantiating the entities and later refreshing them with sensitive data. The entity getters would throw exceptions on sensitive information when they've not been disclosed, f.e.: class PersonImpl : PersonEntity { private bool undisclosed; public override string SocialSecurityNumber { get { if (undisclosed) throw new UndisclosedDataException(); return base.SocialSecurityNumber; } } } Another more friendly approach could be to have a value object indicating that the value is undisclosed. get { if (undisclosed) return undisclosedValue; return base.SocialSecurityNumber; } Some concerns: What if the user logs in and then out, the sensitive data has been loaded but must be disclosed once again. One could argue that this type of functionality belongs within the domain and not some infrastructural implementation(i.e. repository implementations). As always when dealing with a larger number of properties there's a risk that this type of functionality clutters the code Any insights or discussion is appreciated!

    Read the article

  • Is MarshalByRefObject special?

    - by Vilx-
    .NET has a thing called remoting where you can pass objects around between separate appdomains or even physical machines. I don't fully understand how the magic is done, hence this question. In remoting there are two base ways of passing objects around - either they can be serialized (converted to a bunch of bytes and the rebuilt at the other end) or they can inherit from MarshalByRefObject, in which case .NET makes some transparent proxies and all method calls are forwarded back to the original instance. This is pretty cool and works like magic. And I don't like magic in programming. Looking at the MarshalByRefObject with the Reflector I don't see anything that would set it apart from any other typical object. Not even a weird internal attribute or anything. So how is the whole transparent proxy thing organized? Can I make such a mechanism myself? Can I make an alternate MyMarshalByRefObject which would not inherit from MarshalByRefObject but would still act the same? Or is MarshalByRefObject receiving some special treatment by the .NET engine itself and the whole remoting feat is non-duplicatable by mere mortals?

    Read the article

  • Sorcery/Capybara: Cannon log in with :js => true

    - by PlankTon
    I've been using capybara for a while, but I'm new to sorcery. I have a very odd problem whereby if I run the specs without Capybara's :js = true functionality I can log in fine, but if I try to specify :js = true on a spec, username/password cannot be found. Here's the authentication macro: module AuthenticationMacros def sign_in user = FactoryGirl.create(:user) user.activate! visit new_sessions_path fill_in 'Email Address', :with => user.email fill_in 'Password', :with => 'foobar' click_button 'Sign In' user end end Which is called in specs like this: feature "project setup" do include AuthenticationMacros background do sign_in end scenario "creating a project" do "my spec here" end The above code works fine. However, IF I change the scenario spec from (in this case) scenario "adding questions to a project" do to scenario "adding questions to a project", :js => true do login fails with an 'incorrect username/password' combination. Literally the only change is that :js = true. I'm using the default capybara javascript driver. (Loads up Firefox) Any ideas what could be going on here? I'm completely stumped. I'm using Capybara 2.0.1, Sorcery 0.7.13. There is no javascript on the sign in page and save_and_open_page before clicking 'sign in' confirms that the correct details are entered into the username/password fields. Any suggestions really appreciated - I'm at a loss.

    Read the article

  • Can i change the identity of the logged in user in ASP.net?

    - by Rising Star
    I have an ASP.net application I'm developing authentication for. I am using an existing cookie-based log on system to log users in to the system. The application runs as an anonymous account and then checks the cookie when the user wants to do something restricted. This is working fine. However, there is one caveat: I've been told that for each page that connects to our SQL server, I need to make it so that the user connects using an Active Directory account. because the system I'm using is cookie based, the user isn't logged in to Active Directory. Therefore, I use impersonation to connect to the server as a specific account. However, the powers that be here don't like impersonation; they say that it clutters up the code. I agree, but I've found no way around this. It seems that the only way that a user can be logged in to an ASP.net application is by either connecting with Internet Explorer from a machine where the user is logged in with their Active Directory account or by typing an Active Directory username and password. Neither of these two are workable in my application. I think it would be nice if I could make it so that when a user logs in and receives the cookie (which actually comes from a separate log on application, by the way), there could be some code run which tells the application to perform all network operations as the user's Active Directory account, just as if they had typed an Active Directory username and password. It seems like this ought to be possible somehow, but the solution evades me. How can I make this work?

    Read the article

  • How can I use a custom configured RememberMeAuthenticationFilter in spring security?

    - by Sebastian
    I want to use a slightly customized rememberme functionality with spring security (3.1.0). I declare the rememberme tag like this: <security:remember-me key="JNJRMBM" user-service-ref="gymUserDetailService" /> As I have my own rememberme service I need to inject that into the RememberMeAuthenticationFilter which I define like this: <bean id="rememberMeFilter" class="org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter"> <property name="rememberMeServices" ref="gymRememberMeService"/> <property name="authenticationManager" ref="authenticationManager" /> </bean> I have spring security integrated in a standard way in my web.xml: <filter-name>springSecurityFilterChain</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> Everything works fine, except that the RememberMeAuthenticationFilter uses the standard RememberMeService, so I think that my defined RememberMeAuthenticationFilter is not being used. How can I make sure that my definition of the filter is being used? Do I need to create a custom filterchain? And if so, how can I see my current "implicit" filterchain and make sure I use the same one except my RememberMeAuthenticationFilter instead of the default one? Thanks for any advice and/or pointers!

    Read the article

  • Cross-Origin Resource Sharing (CORS) - am I missing something here?

    - by David Semeria
    I was reading about CORS (https://developer.mozilla.org/en/HTTP_access_control) and I think the implementation is both simple and effective. However, unless I'm missing something, I think there's a big part missing from the spec. As I understand, it's the foreign site that decides, based on the origin of the request (and optionally including credentials), whether to allow access to its resources. This is fine. But what if malicious code on the page wants to POST a user's sensitive information to a foreign site? The foreign site is obviously going to authenticate the request. Hence, again if I'm not missing something, CORS actually makes it easier to steal sensitive information. I think it would have made much more sense if the original site could also supply an immutable list of servers its page is allowed to access. So the expanded sequence would be: 1) Supply a page with list of acceptable CORS servers (abc.com, xyz.com, etc) 2) Page wants to make an XHR request to abc.com - the browser allows this because it's in the allowed list and authentication proceeds as normal 3) Page wants to make an XHR request to malicious.com - request rejected locally (ie by the browser) because the server is not in the list. I know that malicious code could still use JSONP to do its dirty work, but I would have thought that a complete implementation of CORS would imply the closing of the script tag multi-site loophole. I also checked out the official CORS spec (http://www.w3.org/TR/cors) and could not find any mention of this issue.

    Read the article

  • Nginx , Apache , Mysql , Memcache with server 4G ram. How optimize to enoigh of memory?

    - by TomSawyer
    i have 1 dedicated server with Nginx proxy for Apache. Memcache, mysql, 4G Ram. These day, my visitor on my site wasn't increased, but my server get overload always in some specified time. (9AM - 15PM) Ram in use is increased second by second to full. that's moment, my server will get overload. i have to kill all apache , mysql service and reboot it to get free memory. and it'll full again. that's the terrible circle. here is my ram in use at the moment 160(nginx) 220(apache) 512(memcache) 924(mysql) here's process number 4(nginx) 14(apache) 5(memcache) 20(mysql) and here's my my.cnf config. someone can help me to optimize it? [mysqld] datadir=/var/lib/mysql socket=/var/lib/mysql/mysql.sock user=mysql skip-locking skip-networking skip-name-resolve # enable log-slow-queries log-slow-queries = /var/log/mysql-slow-queries.log long_query_time=3 max_connections=200 wait_timeout=64 connect_timeout = 10 interactive_timeout = 25 thread_stack = 512K max_allowed_packet=16M table_cache=1500 read_buffer_size=4M join_buffer_size=4M sort_buffer_size=4M read_rnd_buffer_size = 4M max_heap_table_size=256M tmp_table_size=256M thread_cache=256 query_cache_type=1 query_cache_limit=4M query_cache_size=16M thread_concurrency=8 myisam_sort_buffer_size=128M # Disabling symbolic-links is recommended to prevent assorted security risks symbolic-links=0 [mysqldump] quick max_allowed_packet=16M [mysql] no-auto-rehash [isamchk] key_buffer=256M sort_buffer=256M read_buffer=64M write_buffer=64M [myisamchk] key_buffer=256M sort_buffer=256M read_buffer=64M write_buffer=64M [mysqlhotcopy] interactive-timeout [mysql.server] user=mysql basedir=/var/lib [mysqld_safe] log-error=/var/log/mysqld.log pid-file=/var/run/mysqld/mysqld.pid

    Read the article

  • implementing a Intelligent File Transfer Software in java over TCP/IP

    - by whyjava
    Hello I am working on a proposal where we have to implement a software which can move files between one source to destination.The overall goal of this project is to create intelligent file transfer.This software will have three components :- 1) Broker : Broker is the module that communicates with other brokers, monitors files, moves files, retrieves configurations from the Configuration Manager, supplies process information for the monitor, archives files, writes all process data to log files and escalates issues if necessary 2) Configuration Manager :Configuration Manager is a web-based application used to configure and deploy the configuration to all brokers. 3) Monitor : Monitor is a web-based application used to monitor each Broker in the environment. This project has to be built up in java and protocol for file transfer in tcp/ip. Client does not want to use FTP. File Transfer seems very easy, until there are several processes who are waiting to pick the file up automatically. Several problems arise: How can we guarantee the file is received at the destination? If a file isn’t received the first time, we should try it again (even after a restart or power breakdown) ? How does the receiver knows the file that is received is complete? How can we transfer multiple files synchronously? How can we protect the bandwidth, so file transfer isn’t blocking other processes? How does one interoperate between multiple OS platforms? What about authentication? How can we monitor het workflow? Auditing / logging Archiving Can you please provide answer to some of these? Thanks

    Read the article

  • Using awk to return only certain chunks of data

    - by Koriar
    I'm not 100% certain how to phrase my question simply, so I apologize if this has been answered somewhere and I was just unable to find it. What I have are debug logs with authentication packets in them along with a bunch of other output. I need to search through about 2 million lines of logs to find every packet that contains a certain mac address. The packets look something like this (slightly censored): -----------------[ header ]----------------- Event: Authd-Response (1900) Sequence: -54 Timestamp: 1969-12-31 19:30:00 (0) ---------------[ attributes ]--------------- Auth-Result = Auth-Accept Service-Profile-SID = 53 Service-Profile-SID = 49 RADIUS-Access-Accept-Attr/WiMAX-Capability = 0x(numbers) Session-Timeout = 3600 Service-Profile-SID = 4 Service-Profile-SID = 29 Chargeable-User-Identity = "(Numbers)" User-Password = "(the MAC address I'm looking for)" -------------------------------------------- However there are about 10 different possible types with different possible lengths. They all start with the header line and end with the all-dashes line. I've had success using awk to get the code blocks themselves using this: awk '/-----------------\[ header \]-----------------/,/--------------------------------------------/' filename.txt But I was hoping to be able to use it to return only the packets which contain the MAC address that I need. I've been trying to figure this out for a few days now and I'm pretty stuck. I could try and write a bash script, but I could swear that I've used awk to do something like this before...

    Read the article

  • How to access a web service behind a NAT?

    - by jr
    We have a product we are deploying to some small businesses. It is basically a RESTful API over SSL using Tomcat. This is installed on the server in the small business and is accessed via an iPhone or other device portable device. So, the devices connecting to the server could come from any number of IP addresses. The problem comes with the installation. When we install this service, it seems to always become a problem when doing port forwarding so the outside world can gain access to tomcat. It seems most time the owner doesn't know router password, etc, etc. I am trying to research other ways we can accomplish this. I've come up with the following and would like to hear other thoughts on the topic. Setup a SSH tunnel from each client office to a central server. Basically the remote devices would connect to that central server on a port and that traffic would be tunneled back to Tomcat in the office. Seems kind of redundant to have SSH and then SSL, but really no other way to accomplish it since end-to-end I need SSL (from device to office). Not sure of performance implications here, but I know it would work. Would need to monitor the tunnel and bring it back up if it goes done, would need to handle SSH key exchanges, etc. Setup uPNP to try and configure the hole for me. Would likely work most of the time, but uPNP isn't guaranteed to be turned on. May be a good next step. Come up with some type of NAT transversal scheme. I'm just not familiar with these and uncertain of how they exactly work. We have access to a centralized server which is required for the authentication if that makes it any easier. What else should I be looking at to get this accomplished?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 348 349 350 351 352 353 354 355 356 357 358 359  | Next Page >