Search Results

Search found 25872 results on 1035 pages for 'document security'.

Page 388/1035 | < Previous Page | 384 385 386 387 388 389 390 391 392 393 394 395 | Next Page >

Are there any concerns with using a static read-only unit of work so that it behaves like a cache?

- by Rowan Freeman

Related question: How do I cache data that rarely changes? I'm making an ASP.NET MVC4 application. On every request the security details about the user will need to be checked with the area/controller/action that they are accessing to see if they are allowed to view it. The security information is stored in the database. For example: User Permission UserPermission Action ActionPermission A "Permission" is a token that is applied to an MVC action to indicate that the token is required in order to access the action. Once a user is given the permission (via the UserPermission table) then they have the token and can therefore access the action. I've been looking in to how to cache this data (since it rarely changes) so that I'm only querying in-memory data and not hitting a database (which is a considerable performance hit at the moment). I've tried storing things in lists, using a caching provider but I either run in to problems or performance doesn't improve. One problem that I constantly run in to is that I'm using lazy loading and dynamic proxies with EntityFramework. This means that even if I ToList() everything and store them somewhere static, the relationships are never populated. For example, User.Permissions is an ICollection but it's always null. I don't want to Include() everything because I'm trying to keep things simple and generic (and easy to modify). One thing I know is that an EntityFramework DbContext is a unit of work that acts with 1st-level caching. That is, for the duration of the unit of work, everything that is accessed is cached in memory. I want to create a read-only DbContext that will exist indefinitely and will only be used to read about permission data. Upon testing this it worked perfectly; my page load times went from 200ms+ to 20ms. I can easily force the data to refresh at certain intervals or simply leave it to refresh when the application pool is recycled. Basically it will behave like a cache. Note that the rest of the application will interact with other contexts that exist per request as normal. Is there any disadvantage to this approach? Could I be doing something different?

Read the article
Unwanted Chinese language got set in system settings

- by Registered User

I was discussing on the Ubuntu users list how to type in in Hindi (Indic language) in Libre Office and about a package installation problem. I have made some changes in system settings, following suggestions by some users. However, this morning when I did a reboot I am unable to see English as my default language. My system is showing some Chinese characters which I do not understand. All I wanted was to use Libre Office for a particular document in Hindi. What happened is that even Gmail is opening in Chinese. The system settings folder and others are also opening in Chinese. I am unable to use the system now. I have uploaded the snapshots here: please have a look. Upon a reboot, I was asked to rename all folders. Gmail opening in Chinese This is how menu on my system looks: half English and half Chinese Notice that in the third snapshot the calendar and menu are appearing in Chinese. I want the original US English menus and folder names back. I just wanted to type a document with Lohit Hindi font in Libre Office. I use Ubuntu 11.10. I do not use Unity, only Gnome desktop. I installed gnome-session-fallback a long time back and have been using that ever since. How do I get back to all English submenus and English folder names? I have a US English Keyboard and I use only US English. This thing which is now somehow set is unwanted.

Read the article
A Short Guide To Html Form Builder

HTML form builder is used for additional security and to increase interaction with visitors. There are several benefits of form builder and it is the perfect way to unleash the potential. Form builde... [Author: Caimile Essien - Web Design and Development - April 21, 2010]

Read the article
Is there a canonical resource on multi-tenancy web applications using ruby + rails

- by AlexC

Is there a canonical resource on multi-tenancy web applications using ruby + rails. There are a number of ways to develop rails apps using cloud capabilities with real elastic properties but there seems to be a lack of clarity with how to achieve multitenancy, specifically at the model / data level. Is there a canonical resource on options to developing multitenancy rails applications with the required characteristics of data seperation, security, concurrency and contention required by an enterprise level cloud application.

Read the article
Generating documents with templating from a form

- by Anna

Hello, I would like to create a document generator with templating. The workflow should be as following: The user input data to a static form (simple text input). The user chooses a graphically designed template. A document with the chosen template containing the user data is generated. The initial templates repository is prepared in advance, but it should be easy to add new templates to the process. I have the full MS Office suite and the preferred file format is an MS .doc. I can do a little VB scripting if needed, but I prefer not to. Any advice would be greatly appreciated. Thank you, Anna

Read the article
Workflow Activity Extensions, Activity Packs and Unit Testing Framework

- by JoshReuben

http://wf.codeplex.com/ contains a plethora of infrastructure code and new activities for extending Workflow Foundation 4. These are also available as Nuget packages. These include: Activity Extensions Security Activity Pack ADO.NET Activity Pack Azure Activity Pack Activity Unit Testing Framework view my PowerPoint presentation on these and more here: http://www.slideshare.net/joshuareuben9/workflow-foundation-activity-packs-extensions-and-unit-testing

Read the article
Oracle E-Business Suite: Great for Small and Medium Size Organizations

RedDOT is a 100% employee owned business with sales revenues in the 100 million dollar range. They use Oracle E-Business Suite to manage their Financials, Purchasing, Manufacturing, Sales and Suppliers. One of the interesting things about this company is that they run their entire I.T. operation with a staff of four, which not only includes Oracle, but the corporate desktop (Microsoft Enterprise User), Parametric Technology Pro Engineer Suite, web services and security, e-business web site and telephones. They not only support Seattle, but operations in Memphis, TN, Ipswich, UK, and Shanghai.

Read the article
Backup and rescue disk creation

- by Polppan

I am in the process of backing up my PC using "Macrium backup and restore". I have successfully backed my PC, (both C and D drive) to an external hard disk. I have a question regarding creating rescue disks. I am following the steps as mentioned in this document. If I am creating an ISO file based on the document, how it is relates to the backup I have taken to my external disk ? I see no relation between creating rescue disks and backup data or am I missing something obvious? Any insight will be highly appreciable...

Read the article
Printing the second page from a Calc sheet

- by Luke

I've created a simple invoice document in LibreOffice Calc and it consists of 2 pages. I have defined the print range for my document as: $A$1:$D$33,$D$34:$D$35 My first page holds the actual invoice information the second page is a single merged cell holding terms and conditions text (wrapped to the cell width). The second page is defined by a row break. When I export the sheet as a PDF the first page comes out great but the second page with the terms text is all wrong. On the left hand side I see a portion of text (looks like a single column) and when I select the text inside the PDF I can see it go of the page somewhere to the left. I get the same result in a print preview. I'm at a complete loss on how to approach this problem and any insight is much appreciated.

Read the article
You Can’t Upload An Empty File To SharePoint 2007 Or SharePoint 2010

- by Brian Jackett

The title of this post is pretty self explanatory, but I thought it worth mentioning since I had never run across this rule until just recently. A few weeks ago I was testing out a new workflow attached to a SharePoint 2007 document library. I uploaded various file types to ensure all were handled properly. One of the files I happened to test with was an empty .txt file to which I got the following error. As you can see from the error message you aren’t allowed to upload a file that is empty. Fast forward to this week when I was doing some research for my upcoming SharePoint 2010 beta exams. I remembered that error I got a few weeks ago and decided to try out with SharePoint 2010 as well. No surprises I got a similar error. Conclusion Next time you are uploading files to a SharePoint 2007 or 2010 document library, make sure the file is not empty. Coincidentally when I tweeted about this issue a few friends replied that they had also found this error recently. I don’t know the internal reasoning why this is prevented but I assume it has something to do with how the blob for the file is stored in the database. I assume that this would still be the case even if you had Remote Blob Storage (RBS) configured for your farm, but don’t have access to such a farm to confirm. If anyone reading this does have access and wants to confirm that would be appreciated, just leave a comment. -Frog Out

Read the article
CVE-2011-1937 Cross-site scripting (XSS) vulnerability in Webmin

- by chandan

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-1937 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3 Webmin Solaris 10 SPARC: 145006-03 X86: 145007-03 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

Read the article
Multiple "My Documents" folders?

- by Flasimbufasa

I am having the issue, where, I have 2 folders called "My Documents". I recently edited my registry to make "Document" link in the Windows 7 start menu be a FOLDER link and not a LIBRARY link.. Here is the Registry Key information for the Documents key: Key Name: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7b0db17d-9cd2-4a93-9733-46cc89022e7c} Class Name: <NO CLASS> Last Write Time: 3/2/2011 - 2:33 AM Value 0 Name: Attributes Type: REG_DWORD Data: 0x1 Value 1 Name: Category Type: REG_DWORD Data: 0x4 Value 2 Name: Icon Type: REG_EXPAND_SZ Data: %SystemRoot%\system32\imageres.dll,-1002 Value 3 Name: LocalizedName Type: REG_EXPAND_SZ Data: @%SystemRoot%\system32\shell32.dll,-34575 Value 4 Name: Name Type: REG_SZ Data: Documents Value 5 Name: PublishExpandPath Type: REG_DWORD Data: 0x1 Value 6 Name: PrecCreate Type: REG_DWORD Data: 0x1 Value 7 Name: RelativePath Type: REG_SZ Data: Documents Value 8 Name: Roamable Type: REG_DWORD Data: 0x1 Also, Navigating through computer to "C:\Users\Flasimbufasa\" Only shows one folder called "Documents" However, whenever I navigate to user profile from "Desktop\Flasimbufasa" I get 2 Document folders. Any help?

Read the article
Anonymouse VS Logged in users on my site & Google Analytics

- by Flowpoke

I'd like to be able to run two different 'tracks' for Google Analytics; One for anonymous users of the site and another for Users whom are logged-in. I say "track" because Im not sure of the term--but I definitely know I want it to all be in the same "Analytics Account", I just want to segregate my logged-in users... In the site template, I can very easily add a conditional to display one or the other (Analytics code snippet)... Which Im hoping this comes down to and although Im not sure, it seems that the last digit in your Analytics ID (e.g. UA-15XXXX0-X) could be incremented to gain such additional 'tracks'....? Any tips? Am I doin it wrong? My current footer snippet: <script type="text/javascript"> var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E")); </script> <script type="text/javascript"> try { var pageTracker = _gat._getTracker("UA-XXXXXXX-1"); pageTracker._trackPageview(); } catch(err) {} </script>

Read the article
Tax Time Brings Out New Phishing Scams

Network security software vendor SonicWall is warning Internet users that it's seeing a dramatic increase in new phishing scams related to the upcoming IRS tax filing deadline.

Read the article
Create a folder shortcut/redirection in Vista

- by Ellipsis

Given a plain old directory of files in Windows Vista, say "C:\OldFolder\", is it possible to move the contents of that directory to a new location, perhaps "F:\NewFolder\" and keep a shortcut-like 'virtual' folder at C:\OldFolder that will always redirect access to the updated location. Shortcuts work for users accessing through the GUI to some extent, but all application links to the old location won't work anymore even with a shortcut. For example, If MS Word tried to access C:\OldFolder\document.doc I would want Windows to simply rewrite it's request to F:\NewFolder\document.doc... I guess I'm basically looking for Apache's Mod_Rewrite for Windows Vista... any suggestions?

Read the article
Is it possible to determine whether my web site is being accessed as a trusted site?

- by Sameer

I am working on site which have a lot of configuration and security settings and I have to check either clients browser is on trusted zone or not using JavaScript. Is it possible to determine whether my web site is being accessed as a trusted site? The reason I'd like to do this is that some functions won't work unless the site is being accessed as a trusted site, and I'd like to be able to warn users. Is there any solution ?

Read the article
CVE-2012-0444 Memory corruption vulnerability in Ogg Vorbis

- by chandan

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2012-0444 Memory corruption vulnerability 10.0 libvorbis Solaris 11 11/11 SRU 8.5 Solaris 10 SPARC: 148006-01 X86: 148007-01 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

Read the article
Lifecycle of an ASP.NET MVC 5 Application

Here you can download a PDF Document that charts the lifecycle of every ASP.NET MVC 5 application, from receiving the HTTP request to sending the HTTP response back to the client. It is designed both as an educational tool for those who are new to ASP.NET MVC and also as a reference for those who need to drill into specific aspects of the application. The PDF document has the following features: Relevant HttpApplication stages to help you understand where MVC integrates into the ASP.NET application lifecycle. A high-level view of the MVC application lifecycle, where you can understand the major stages that every MVC application passes through in the request processing pipeline. A detail view that shows drills down into the details of the request processing pipeline. You can compare the high-level view and the detail view to see how the lifecycles details are collected into the various stages. Placement and purpose of all overridable methods on the Controller object in the request processing pipeline. You may or may not have the need to override any one method, but it is important for you to understand their role in the application lifecycle so that you can write code at the appropriate life cycle stage for the effect you intend. Blown-up diagrams showing how each of the filter types (authentication, authorization, action, and result) is invoked. Link to a useful article or blog from each point of interest in the detail view. span.fullpost {display:none;}

Read the article
OpenVPN Is Too Slow? Time to Consider IPSEC

For smaller setups and times when you don't need server-to-server tunnels, OpenVPN may do the trick. But where do you turn when you need cross-platform security without any performance compromises?

Read the article
Is this an acceptable approach to undo/redo in Python?

- by Codemonkey

I'm making an application (wxPython) to process some data from Excel documents. I want the user to be able to undo and redo actions, even gigantic actions like processing the contents of 10 000 cells simultaneously. I Googled the topic, and all the solutions I could find involves a lot of black magic or is overly complicated. Here is how I imagine my simple undo/redo scheme. I write two classes - one called ActionStack and an abstract one called Action. Every "undoable" operation must be a subclass of Action and define the methods do and undo. The Action subclass is passed the instance of the "document", or data model, and is responsible for committing the operation and remembering how to undo the change. Now, every document is associated with an instance of the ActionStack. The ActionStack maintains a stack of actions (surprise!). Every time actions are undone and new actions are performed, all undone actions are removed for ever. The ActionStack will also automatically remove the oldest Action when the stack reaches the configurable maximum amount. I imagine the workflow would produce code looking something like this: class TableDocument(object): def __init__(self, table): self.table = table self.action_stack = ActionStack(history_limit=50) # ... def delete_cells(self, cells): self.action_stack.push( DeleteAction(self, cells) ) def add_column(self, index, name=''): self.action_stack.push( AddColumnAction(self, index, name) ) # ... def undo(self, count=1): self.action_stack.undo(count) def redo(self, count=1): self.action_stack.redo(count) Given that none of the methods I've found are this simple, I thought I'd get the experts' opinion before I go ahead with this plan. More specifically, what I'm wondering about is - are there any glaring holes in this plan that I'm not seeing?

Read the article
Windows 7 IIS 7 unable to receive incoming HTTP traffic

- by gregarobinson

I was trying to load a test html page from a LAN server that is running Windows 7. I could load the page from the server, but not from machines within the LAN. It took a while to figure out, but it turned ot to be the firewall in Windows 7. Here is what I had to do: Windows Firewall with Advanced Security ---> Inbound Rules ---> Enable World Wide receive incoming HTTP trafficWeb Services (HTTP Traffic-In)

Read the article
The premier support for Sun Cluster 3.1 ended

- by JuergenS

In October 2011 the premier support for Sun Cluster 3.1 ended. See details in Oracle Lifetime Support Policy for Oracle and Sun System Software document. There no 'Extended Support' and the 'Sustaining Support Ends' is indefinite. But for indefinite 'Sustaining Support' I like to point out from the mentioned document (version Sept. 2011) on page 5: Sustaining Support does NOT include: * New program updates, fixes, security alerts, general maintenance releases, selected functionality releases and documentation updates or upgrade tools * Certification with most new third-party products/versions and most new Oracle products * 24 hour commitment and response guidelines for Severity 1 service requests *Previously released fixes or updates that Oracle no longer supports This means Solaris 10 9/10 update9 is the last qualified release for Sun Cluster 3.1. So, Sun Cluster 3.1 is not qualified on Solaris 10 8/11 Update10. Furthermore there is an issue around with SVM patch 145899-06 or higher. This SVM patch is part of Solaris 10 8/11 Update10. The 145899-06 is the first released patch of this number, therefore the support for Sun Cluster 3.1 ends with the previous SVM patches 144622-01 and 139967-02. For details about the known problem with SVM patch 145899-06 please refer to doc 1378828.1. Further this means you should freeze (no patching, no upgrade) your Sun Cluster 3.1 configuration not later than Solaris 10 9/10 update9. Or even better plan an upgrade to Solaris Cluster 3.3 now to get back to full support.

Read the article
CVE-2012-6329 Code Injection vulnerability in Perl

- by Ritwik Ghoshal

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2012-6329 Code Injection vulnerability 7.5 Perl 5.12 Solaris 11.1 11.1.7.5.0 This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Read the article
WIF, ADFS 2 and WCF–Part 2: The Service

- by Your DisplayName here!

OK – so let’s first start with a simple WCF service and connect that to ADFS 2 for authentication. The service itself simply echoes back the user’s claims – just so we can make sure it actually works and to see how the ADFS 2 issuance rules emit claims for the service: [ServiceContract(Namespace = "urn:leastprivilege:samples")] public interface IService { [OperationContract] List<ViewClaim> GetClaims(); } public class Service : IService { public List<ViewClaim> GetClaims() { var id = Thread.CurrentPrincipal.Identity as IClaimsIdentity; return (from c in id.Claims select new ViewClaim { ClaimType = c.ClaimType, Value = c.Value, Issuer = c.Issuer, OriginalIssuer = c.OriginalIssuer }).ToList(); } } The ViewClaim data contract is simply a DTO that holds the claim information. Next is the WCF configuration – let’s have a look step by step. First I mapped all my http based services to the federation binding. This is achieved by using .NET 4.0’s protocol mapping feature (this can be also done the 3.x way – but in that scenario all services will be federated): <protocolMapping> <add scheme="http" binding="ws2007FederationHttpBinding" /> </protocolMapping> Next, I provide a standard configuration for the federation binding: <bindings> <ws2007FederationHttpBinding> <binding> <security mode="TransportWithMessageCredential"> <message establishSecurityContext="false"> <issuerMetadata address="https://server/adfs/services/trust/mex" /> </message> </security> </binding> </ws2007FederationHttpBinding> </bindings> This binding points to our ADFS 2 installation metadata endpoint. This is all that is needed for svcutil (aka “Add Service Reference”) to generate the required client configuration. I also chose mixed mode security (SSL + basic message credential) for best performance. This binding also disables session – you can control that via the establishSecurityContext setting on the binding. This has its pros and cons. Something for a separate blog post, I guess. Next, the behavior section adds support for metadata and WIF: <behaviors> <serviceBehaviors> <behavior> <serviceMetadata httpsGetEnabled="true" /> <federatedServiceHostConfiguration /> </behavior> </serviceBehaviors> </behaviors> The next step is to add the WIF specific configuration (in <microsoft.identityModel />). First we need to specify the key material that we will use to decrypt the incoming tokens. This is optional for web applications but for web services you need to protect the proof key – so this is mandatory (at least for symmetric proof keys, which is the default): <serviceCertificate> <certificateReference storeLocation="LocalMachine" storeName="My" x509FindType="FindBySubjectDistinguishedName" findValue="CN=Service" /> </serviceCertificate> You also have to specify which incoming tokens you trust. This is accomplished by registering the thumbprint of the signing keys you want to accept. You get this information from the signing certificate configured in ADFS 2: <issuerNameRegistry type="...ConfigurationBasedIssuerNameRegistry"> <trustedIssuers> <add thumbprint="d1 … db" name="ADFS" /> </trustedIssuers> </issuerNameRegistry> The last step (promised) is to add the allowed audience URIs to the configuration – WCF clients use (by default – and we’ll come back to this) the endpoint address of the service: <audienceUris> <add value="https://machine/soapadfs/service.svc" /> </audienceUris> OK – that’s it – now we have a basic WCF service that uses ADFS 2 for authentication. The next step will be to set-up ADFS to issue tokens for this service. Afterwards we can explore various options on how to use this service from a client. Stay tuned… (if you want to have a look at the full source code or peek at the upcoming parts – you can download the complete solution here)

Read the article
CVE-2012-6329 Code Injection vulnerability in Perl 5.8

- by RitwikGhoshal

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2012-6329 Code Injection vulnerability 7.5 Perl 5.8 Solaris 11.1 11.1.7.5.0 Solaris 10 Patches planned but not yet available This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Read the article

< Previous Page | 384 385 386 387 388 389 390 391 392 393 394 395 | Next Page >