Search Results

Search found 12107 results on 485 pages for 'session timeout'.

Page 390/485 | < Previous Page | 386 387 388 389 390 391 392 393 394 395 396 397 | Next Page >

Is it a bad idea to have a login dialog inside an iframe?

- by AyKarsi

We're creating a website where we will be giving out code snippets to our users which they can place on their own websites. These snippets contain a link a javascript include. When clicking the link, an iframe containing the login dialog to our site opens. The user then authenticates inside the iframe, does his work and when he leaves the iframe his session is closed. We've got it working allready and it's very slick. Our main concern though is phishing. The user has absolutely now way of veryifying where the login page is really coming from. On the other hand, phising attacks are also succesfull even if the user can see the fake-url in the address bar. Would you enter your (OpenId) credentials in an iframe? Does anyone know a pattern with which we could minimise the chances of a phishing attack?

Read the article
Fix single entry from mbr

- by Sander

I use EasyBCD to manage my tripleboot of (1) Windows Server 2008 R2, (2) Windows 7 Professional and (3) Ubuntu Linux. While trying to change the order of my boot menu I ended up losing the Windows Server entry. Luckily I had a boot menu backup (.bcd file) that allowed me to restore my boot menu using EasyBCD. However, when I now select the Windows Server option in my boot menu the Windows Server Recovery Environment starts up. So I have to select language/keyboard layout/etc. and then I have 3 options as shown in the image below. . My goal is to fix the one corrupted Windows Server entry from my boot menu without messing up or losing the two other ones. I'm guessing the Recovery Console (Command Prompt) is the next step and that I will be needing bootrec.exe. But when consulting this page: Use the Bootrec.exe tool in the Windows Recovery Environment to troubleshoot and repair startup issues in Windows (about half way down there's a link that shows the bootrec.exe options) I'm getting uncertain. The page lists 4 options for bootrec.exe : /FixMbr /FixBoot /ScanOs /RebuildBcd What option do I need to fix just the server entry of my boot menu? Thanks in advance, Sander P.S. All three OS's are on the same physical disk (3 different partitions). Disk layout: System reserved (primary partition, 100 MB) Windows 7 (primary parition, 150 GB) Windows Server 2008 (primary partition, 150 GB) Extended partition (linux partitions (/,/swap,/home), 150GB + data partition, 150 GB) P.P.S. This is what my boot menu looks like using EasyBCD (Detailed/Debug mode) on my Windows 7 installation. Windows Boot Manager -------------------- identifier {9dea862c-5cdd-4e70-acc1-f32b344d4795} device partition=\Device\HarddiskVolume1 description Windows Boot Manager locale en-US inherit {7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e} default {93f90e43-cae8-11df-b05a-c9177e705936} resumeobject {93f90e3e-cae8-11df-b05a-c9177e705936} displayorder {93f90e43-cae8-11df-b05a-c9177e705936} {93f90e3f-cae8-11df-b05a-c9177e705936} {93f90e46-cae8-11df-b05a-c9177e705936} toolsdisplayorder {b2721d73-1db4-4c62-bf78-c548a880142d} timeout 10 displaybootmenu Yes Windows Boot Loader ------------------- identifier {93f90e43-cae8-11df-b05a-c9177e705936} device partition=\Device\HarddiskVolume3 path \Windows\system32\winload.exe description Windows Server 2008 R2 - Standard locale en-US inherit {6efb52bf-1766-41db-a6b3-0ee5eff72bd7} recoverysequence {93f90e44-cae8-11df-b05a-c9177e705936} recoveryenabled Yes osdevice partition=\Device\HarddiskVolume3 systemroot \Windows resumeobject {93f90e42-cae8-11df-b05a-c9177e705936} nx OptOut Windows Boot Loader ------------------- identifier {93f90e3f-cae8-11df-b05a-c9177e705936} device partition=C: path \Windows\system32\winload.exe description Windows 7 - Professional locale nl-NL inherit {6efb52bf-1766-41db-a6b3-0ee5eff72bd7} recoverysequence {93f90e40-cae8-11df-b05a-c9177e705936} recoveryenabled Yes osdevice partition=C: systemroot \Windows resumeobject {93f90e3e-cae8-11df-b05a-c9177e705936} nx OptIn Real-mode Boot Sector --------------------- identifier {93f90e46-cae8-11df-b05a-c9177e705936} device partition=C: path \NST\AutoNeoGrub0.mbr description Ubuntu 10.04 - Lucid Lynx

Read the article
@Local annotation in EJB 3.

- by stratwine

Hi, I have a stateless session bean and a standalone-java-program acting as a client. The bean method executes just fine when the interface is marked @Remote. However,when I mark that interface with @Local instead of @Remote, I get the following Exception. [java] javax.naming.NamingException: Could not dereference object [Root exception is java.lang.RuntimeException: Could not find InvokerLocator URL at JNDIaddress "chapter1/HelloUserBean/local"; looking up local Proxy from Remote JVM?] But I expected even the latter to work, since it is the same computer that the code executes in. Seeing this behavior, I am assuming that, the Application-Server and the Standalone-Java-Program use different JVM instances and not a single JVM instance and so this client can access only through a remote interface. Is that assumption correct ? Thanks !

Read the article
Security approach in web application

- by meep

Hello everyone. I am designing a web application in ASP.NET / C# where each registered user has the ability to add/modify/delete rows based on their user-id. Take this example: I am going to edit my route on the page /route.aspx?routeid=854 which belongs to me (user-id: 1). But because I am a curious guy I try to access /route.aspx?routeid=855 which belongs to another user (user-id: 2). How can I best avoid people from accessing other peoples data? Should I send each user id (from session) with each database-call, should I validate user/password on every page load or what is the best and most secure approach? I hope I made this clear enough.

Read the article
Test if current page is inside a shadowbox? (so i can close the shadowbox and reopen that page in t

- by Max Williams

Hi all I have a couple of pages in my site which open in a shadowbox window rather than the main window. My problem is that if the user session expires, then the user clicks on one of the links that open in a shadowbox, they are redirected to the login page INSIDE THE SHADOWBOX, which i don't want. I've been trying to think of the best way to handle this - one way i thought of, which seems a bit clumsy tbh, was on the login page to test if we're in a shadowbox, and if we are then close it and redirect the parent window to the login page. a) does this seem like a sensible plan? I added the following to my login page, which works: $(document).ready(function(){ if(window.parent.location != window.location){ window.parent.location.href = window.location; } } but i have to wait for the shadowbox to finish loading the page and then redirect. So it's working but like i say a bit clumsy. Is there a nicer way? grateful for any advice - max

Read the article
Can I pop up alert in javascript using php.

- by Shantanu Gupta

I want to trigger javascript alert using PHP. Is it possible I want to use it in head section, for displaying it at load time. <head> <?php $valid="valid"; if(!isset($valid)) echo "<script type=\"text/javascript\"> alert('Hi');</script>"; ?> </head> EDIT i want to display javascript alert() at load time after checking existance of session

Read the article
Why is django.test.client.Client not keeping me logged in.

- by Mystic

I'm using django.test.client.Client to test whether some text shows up when a user is logged in. However, I the Client object doesn't seem to be keeping me logged in. This test passes if done manually with Firefox but not when done with the Client object. class Test(TestCase): def test_view(self): user.set_password(password) user.save() client = self.client # I thought a more manual way would work, but no luck # client.post('/login', {'username':user.username, 'password':password}) login_successful = client.login(username=user.username, password=password) # this assert passes self.assertTrue(login_successful) response = client.get("/path", follow=True) #whether follow=True or not doesn't seem to work self.assertContains(response, "needle" ) When I print response it returns the login form that is hidden by: {% if not request.user.is_authenticated %} ... form ... {% endif %} This is confirmed when I run ipython manage.py shell. The problem seems to be that the Client object is not keeping the session authenticated.

Read the article
Unique number generation with Java Server Faces

- by Buddhika Ariyaratne

I am developing an application for a medical channelling centre where multiple users reserve bookings for doctors with JSF and JPA. A sequence number is unique to the Doctor, Date and Session. I tried to get a unique sequence number from counting the previous bookings and add one, but if two requests comes at the same time, two bookings get the same number causing trouble to functionality. How can I get unique number in this case? Can I use an application wide bean to generate it? (I thought it is not practicle to get the unique number from the database sequence number as there are several doctors, sessions and daily they have to have different booking number.)

Read the article
Proxy Error 502 "Reason: Error reading from remote server" with Apache 2.2.3 (Debian) mod_proxy and Jetty 6.1.18

- by Martin

Apache is receiving requests at port :80 and proxying them to Jetty at port :8080 The proxy server received an invalid response from an upstream server The proxy server could not handle the request GET /. My dilemma: Everything works fine normally (fast requests, few seconds or few tens of seconds long requests are processed ok). Problems occur when request processing takes long (few minutes?). If I issue request instead directly to Jetty at port :8080 the request is processed OK. So problem is likely to sit somewhere between Apache and Jetty where I am using mod_proxy. How to solve this? I have already tried some "tricks" related to KeepAlive settings, without luck. Here is my current configuration, any suggestions? #keepalive Off ## I have tried this, does not help #SetEnv force-proxy-request-1.0 1 ## I have tried this, does not help #SetEnv proxy-nokeepalive 1 ## I have tried this, does not help #SetEnv proxy-initial-not-pooled 1 ## I have tried this, does not help KeepAlive 20 ## I have tried this, does not help KeepAliveTimeout 600 ## I have tried this, does not help ProxyTimeout 600 ## I have tried this, does not help NameVirtualHost *:80 <VirtualHost _default_:80> ServerAdmin [email protected] ServerName www.mydomain.fi ServerAlias mydomain.fi mydomain.com mydomain www.mydomain.com ProxyRequests On ProxyVia On <Proxy *> Order deny,allow Allow from all </Proxy> ProxyRequests Off ProxyPass / http://www.mydomain.fi:8080/ retry=1 acquire=3000 timeout=600 ProxyPassReverse / http://www.mydomain.fi:8080/ RewriteEngine On RewriteCond %{SERVER_NAME} !^www\.mydomain\.fi RewriteRule /(.*) http://www.mydomain.fi/$1 [redirect=301L] ErrorLog /var/log/apache2/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog /var/log/apache2/access.log combined ServerSignature On </VirtualHost> Here is also the debug log from a failing request: 74.125.43.99 - - [29/Sep/2010:20:15:40 +0300] "GET /?wicket:bookmarkablePage=newWindow:com.mydomain.view.application.reports.SaveReportPage HTTP/1.1" 502 355 "https://www.mydomain.fi/?wicket:interface=:0:2:::" "Mozilla/5.0 (Windows; U; Windows NT 6.1; fi; rv:1.9.2.10) Gecko/20100914 Firefox/3.6.10" [Wed Sep 29 20:20:40 2010] [error] [client 74.125.43.99] proxy: error reading status line from remote server www.mydomain.fi, referer: https://www.mydomain.fi/?wicket:interface=:0:2::: [Wed Sep 29 20:20:40 2010] [error] [client 74.125.43.99] proxy: Error reading from remote server returned by /, referer: https://www.mydomain.fi/?wicket:interface=:0:2:::

Read the article
jquery cookie - hoursToLive

- by mathiregister

Hi guys, i'm using the jquery cookie plugin. Everything works fine except the fact that I have no idea how to set an expiration-time for the cookie? $.cookie('opt_visible', 'true'); the jquery-cookie documentation says: hoursToLive (DEPRECATED for expiresAt) NUMBER For how many hours should the cookie be valid? (Passing 0 means to delete the cookie at the end of the browser session--this is default. Negative values will delete the cookie, but you should use the del() method instead.) That's exactly what I'd like to have. The cookie should be available as long as i'm browsing the site. As soon as i close the window or browsertab, the cookie should be deleted. How can i implement this hoursToLive thingy to my mentioned line above? Thank you

Read the article
Hibernate: how to maintain insertion order

- by jwaddell

I have a list of entities where creation order is important, but they do not contain a timestamp to use for sorting. Entities are added to the end of the list as they are created so they will be ordered correctly in the list itself. After persisting the list using Hibernate the entities appear in the database table in the order that they were created. However when retrieving the list using a new Hibernate session the list is now in reverse order of insertion/creation. Is this expected behaviour? Is there any way to retrieve the list in the same order as it appears in the table? The primary key is a UUID, and the list of entities should always have been created on the same IP address and JVM. This mean sorting by UUID is a possibility but I'd rather not make assumptions. Another possibility is if the list is guaranteed to always come out in reverse order I could always just work through it backwards.

Read the article
WCF high instance count: anyone knows negative sideffects?

- by Alex

Hi there! Did anyone experience or know of negative side effects from having a high service instance count like 60k? Aside from the memory consumption of course. I am planning to increase the threshold for the maximum allowed instance count in our production environments. I am basically sick of severe production incidents just because "something" forgot to close a proxy properly. I plan to go to something like 60k instances which will allow the service to survive using default session timeouts at a call rate average for our clients. Thanks, Alex

Read the article
How do I retrieve readonly values when using a DetailsView control to update a record?

- by lincolnk

I'm using a detailsview control to update a record, however in this particular case there's only one field that can be changed out of a many. The update method for my object takes all fields as parameters. When the detailsview's updating method fires, the values for the readonly fields (those rendered as a Label) are not available in the e.NewValues collection. I'm currently grabbing a reference to the object when the detailsview is databound (in the objectdatasource selected event handler), storing it in session and manually adding entries to the e.NewValues collection when updating fires. It works but seems kind of heavy handed. So, is there a better way to get the read only values back into my update method? Or is there a better way of doing this altogether?

Read the article
Filtering with joined tables

- by viraptor

I'm trying to get some query performance improved, but the generated query does not look the way I expect it to. The results are retrieved using: query = session.query(SomeModel). options(joinedload_all('foo.bar')). options(joinedload_all('foo.baz')). options(joinedload('quux.other')) What I want to do is filter on the table joined via 'first', but this way doesn't work: query = query.filter(FooModel.address == '1.2.3.4') It results in a clause like this attached to the query: WHERE foos.address = '1.2.3.4' Which doesn't do the filtering in a proper way, since the generated joins attach tables foos_1 and foos_2. If I try that query manually but change the filtering clause to: WHERE foos_1.address = '1.2.3.4' AND foos_2.address = '1.2.3.4' It works fine. The question is of course - how can I achieve this with sqlalchemy itself?

Read the article
Trigger local program execution from browser

- by DroidIn.net

First and foremost: I know it's not right or even good thing to do but my current customer will not cave in. So here's what he is asking for (this is for in-house-behind-a-firewall-etc project). In the web report I need to supply a link which points to the executable script that lives on the universally mapped location (network file server). When user clicks on it it is expected to run on the local client starting local executable which should be pre-installed on the client's box. It should be agnostic to OS (Windows or Linux) and the browser used. Customer doesn't mind to click on angry pop-up alerts but he wants to do it once per client browser (or at minimum - session). QUESTION: Will trusted Java applet be able to do it? Or is the any other (better, simpler) ways of achieving the same? ActiveX control is out of question

Read the article
Omniauth + Pow Issue

- by neon

I am having a strange issue with Pow and Omniauth. Omniauth (Facebook Login) works fine when using localhost:3000, but when using Pow (appname.dev) things get fishy. Users are taken through the redirect and properly created if they don't exist in the database, as they should be. After this, however, they are redirected to the root_path and not signed in. Their record is saved in the database as expected, but sign in does not occur. Again, this is only happening on Pow (and lvh.me), and not on localhost. Any ideas? I am using the Devise/Omniauth approach for sign-in, and the controller code looks like this: def facebook @user = User.find_for_facebook_oauth(request.env["omniauth.auth"], current_user) if @user.persisted? flash[:notice] = I18n.t "devise.omniauth_callbacks.success", :kind => "Facebook" sign_in_and_redirect @user, :event => :authentication else session["devise.facebook_data"] = request.env["omniauth.auth"] redirect_to new_user_registration_url end end Again, the user is persisted but there is no flash notice or sign_in that occurs when using POW.

Read the article
Adding double quotes in <a> using C#

- by Solution

Hi Guys, I have below code behind in c# <a onclick='pageTracker._trackEvent('dictionary', 'spanish');' target ='_blank' href=" + Session["cmpDictionaryTitle"] + ">" + GetResourceString("c_DictionaryPDFName") + "</a> I am trying to make below <a> link as shown below: <a target ="_blank" href="/spa/Images/Diccionario_tcm25-18044.pdf" onclick="pageTracker._trackEvent('dictionary', 'spanish');">Diccionario de Español-Inglés GRATIS</a> However my c# code is generating below output when html page get renders, the reason is that I am not able to put proper quotes in my code behind. <a );="" spanish="" ,="" dictionary="" onclick="pageTracker._trackEvent(" href="/spa/Images/Diccionario_tcm25-18044.pdf" target="_blank">Diccionario de Español-Inglés GRATIS</a> Can you please suggest how can I achieve above result in code behind. Thanks & Best Regards

Read the article
Embed remote desktop in browser

- by Shaun_web

I would like to embed a Remote Desktop session within my browser. I must use remote desktop because my clients can't install any additional software on the server. Here are some problems that I can already foresee: 1) I believe that I can embed an RDP ActiveX control, but then all I could support is IE. And even then, IE lockdown may forbid ActiveX controls. 2) I don't know anything about Apple computers, but I presume that they don't inherently run RDP? 3) I think there are ways to run RDP through a Java control. I don't have experience to know if this is a good or bad idea. I suppose that Java may even be disabled on some browsers, but don't know if this is a common case? So, what options have I got here to make this work reliably? I presume that I may need some default options (ie ActiveX), and then some fallback options (ie Java), and code to identify the correct option each time.

Read the article
adding Buttons to Columns in Datagride view

- by kasunmit

HiHi, I wrote C# application for import unread e-mails from outlook 2007, I could import sender name, sender mail address,subject and body to data grid view as following foreach (Microsoft.Office.Interop.Outlook._MailItem mailItem in fldEmails.Items) { if (mailItem.UnRead) { UnreadEmails mail = new UnreadEmails(); // mail.AttachmentContent = (mailItem.UnRead == false) ? string.Empty : mailItem.Attachments.Session.OpenSharedItem; foreach (Microsoft.Office.Interop.Outlook.Attachment Atmt in mailItem.Attachments) { mail.AttachmentContent = (mailItem.UnRead == false) ? string.Empty : Atmt.DisplayName; } emails.Add(mail); } } UnreadEmails is a separte class. but couldn't find a way to import attachments (word pdf ppt excel) because i need it for my filter pls help me about it but i could import inly name of the attachment but i need to import attachment content (word, pdf , ppt .. atc. ) to this data grid pls tell how i can do it ... with the code

Read the article
Constraints when using WCF for an online multiplayer game

- by Etan

I want to build a service oriented game server and client using WCF where users can play card games on different tables after they logged in with an account. I would like to choose WCF due to it's flexibility in exchanging the communication channels. Maybe, a web interface will be added later which can then just use an other channel class. An additional plus is the ability for contexts which could be used to track a user over a whole gaming session. Are there some constraints I should be aware of when using WCF for the communication between the client and the server?

Read the article
Basic date/time manipulation in NHiberate query

- by Yann Trevin

I'm trying to restrict my NHibernate query with some basic date/time manipulation. More specifically, I want to execute the following statement (pseudo-SQL): select * from article where created_on + lifespan >= sysdate with: created_on is mapped to a property of type DateTime. lifespan is mapped to a property of type TimeSpan. sysdate is the current date/time (of the database server or ofthe application host, I don't care) Is there any built-in way to do that by using the Criteria-API or HQL? return session .CreateCriteria<Article>() .Add( ? ) .List<Article>();

Read the article
Spring-webflow error popup tweak

- by igorp1024

There is a link in a spring-webflow2 based application which start different flows. Flows are shown in popup (popup=true). If the session is expired or server is unavailable, the spring-webflow shows small empty popup with "Ajax Request Error" tooltip shown on mouse over. Is it possible to tweak the popup in order to give the user an ability to either re-login or to just close the popup and retry the request? EDIT: Or maybe some ideas how to force Spring-Dojo to make a redirect to login page?

Read the article
Firefox why window.opener is defined even for a new tab

- by jonny

Hi! I am porting quite old corp application from IE to Firefox. Here is my situation. User goes away from computer for a while and his session becomes expired. When user tries to access something in popup, he is being redirected to login page (in popup window). In login page onload event popup window chain is being closed and root page refreshed (in root page tab user is redirected to login page). The guy before me wrote this like this: if window.top.opener is undefined, we're not in popup. That's why I am getting non-stoppable refresh in Firefox. Why in Firefox window.opener is still defined and points to same window, even if this is a new tab, not popup? How should I correctly determine that current window is popup?

Read the article
Web programming: Apache modules: mod_python vs mod_php

- by Olivier Pons

Hi! I've been using for more than 12 years PHP with Apache (a.k.a mod_php) for my web development work. I've recenlty discovered python and its real power (I still don't understand why this is not always the best product that becomes the most famous). I've just discovered mod_python for Apache. I've already googled but without success things like mod_python vs mod_php. I wanted to know the differences between the two mod_php and mod_python in terms of: speed productivity maintainance (I know `python is most productive and maintainable language in the world, but is it the same for Web programming with Apache) availability of features e.g, cookies and session handling, databases, protocols, etc.

Read the article
How do I let a user sign in from a different domain on Authlogic?

- by Newy

[This is slightly different than a previous question about having multiple domains share the same cookie. It seemed like there wasn't an easy way to do that.] I have a application at application.com. A customer has app.customer.com pointed at my site on Heroku, and I have everything set up so that it renders a specific version of app correctly. The issue is that I want a user at app.customer.com to be able to login. I believe authlogic is now setting the cookie on application.com, so while it verifies the credentials, no session on customer.com is ever created.

Read the article

< Previous Page | 386 387 388 389 390 391 392 393 394 395 396 397 | Next Page >