Search Results

Search found 20761 results on 831 pages for 'chef client'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 452/831 | < Previous Page | 448 449 450 451 452 453 454 455 456 457 458 459  | Next Page >

  • Authorizing a computer to access a web application

    - by HackedByChinese
    I have a web application, and am tasked with adding secure sign-on to bolster security, akin to what Google has added to Google accounts. Use Case Essentially, when a user logs in, we want to detect if the user has previously authorized this computer. If the computer has not been authorized, the user is sent a one-time password (via email, SMS, or phone call) that they must enter, where the user may choose to remember this computer. In the web application, we will track authorized devices, allowing users to see when/where they logged in from that device last, and deauthorize any devices if they so choose. We require a solution that is very light touch (meaning, requiring no client-side software installation), and works with Safari, Chrome, Firefox, and IE 7+ (unfortunately). We will offer x509 security, which provides adequate security, but we still need a solution for customers that can't or won't use x509. My intention is to store authorization information using cookies (or, potentially, using local storage, degrading to flash cookies, and then normal cookies). At First Blush Track two separate values (local data or cookies): a hash representing a secure sign-on token, as well as a device token. Both values are driven (and recorded) by the web application, and dictated to the client. The SSO token is dependent on the device as well as a sequence number. This effectively allows devices to be deauthorized (all SSO tokens become invalid) and mitigates replay (not effectively, though, which is why I'm asking this question) through the use of a sequence number, and uses a nonce. Problem With this solution, it's possible for someone to just copy the SSO and device tokens and use in another request. While the sequence number will help me detect such an abuse and thus deauthorize the device, the detection and response can only happen after the valid device and malicious request both attempt access, which is ample time for damage to be done. I feel like using HMAC would be better. Track the device, the sequence, create a nonce, timestamp, and hash with a private key, then send the hash plus those values as plain text. Server does the same (in addition to validating the device and sequence) and compares. That seems much easier, and much more reliable.... assuming we can securely negotiate, exchange, and store private keys. Question So then, how can I securely negotiate a private key for authorized device, and then securely store that key? Is it more possible, at least, if I settle for storing the private key using local storage or flash cookies and just say it's "good enough"? Or, is there something I can do to my original draft to mitigate the vulnerability I describe?

    Read the article

  • Facebook Graph API and ActionScript

    - by dani
    I'm setting out to develop a number of Facebook applications/games, which make use of some Facebook user information and stores game info in a database backend etc, in ActionScript 3.0. How can one leverage the new Graph API Should I use JavaScript or PHP as a "middle layer" or should I go with the ActionScript Client Library? Are there other libraries (Facebook / database / multiplayer related.) that could simplify the development of these Facebook games?

    Read the article

  • WCF Duplex net.tcp issues on win7

    - by Tom
    We have a WCF service with multiple clients to schedule operations amongst clients. It worked great on XP. Moving to win7, I can only connect a client to the server on the same machine. At this point, I'm thinking it's something to do with IPv6, but I'm stumped as to how to proceed. Client trying to connect to a remote server gives the following exception: System.ServiceModel.EndpointNotFoundException: Could not connect to net.tcp://10.7.11.14:18297/zetec/Service/SchedulerService/Scheduler. The connection attempt lasted for a time span of 00:00:21.0042014. TCP error code 10060: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 10.7.11.14:18297. --- System.Net.Sockets.SocketException: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 10.7.11.14:18297 The service is configured like so: <system.serviceModel> <services> <service name="SchedulerService" behaviorConfiguration="SchedulerServiceBehavior"> <host> <baseAddresses> <add baseAddress="net.tcp://localhost/zetec/Service/SchedulerService"/> </baseAddresses> </host> <endpoint address="net.tcp://localhost:18297/zetec/Service/SchedulerService/Scheduler" binding="netTcpBinding" bindingConfiguration = "ConfigBindingNetTcp" contract="IScheduler" /> <endpoint address="net.tcp://localhost:18297/zetec/Service/SchedulerService/Scheduler" binding="netTcpBinding" bindingConfiguration = "ConfigBindingNetTcp" contract="IProcessingNodeControl" /> </service> </services> <bindings> <netTcpBinding> <binding name = "ConfigBindingNetTcp" portSharingEnabled="True"> <security mode="None"/> </binding> </netTcpBinding > </bindings> <behaviors> <serviceBehaviors> <behavior name="SchedulerServiceBehavior"> <serviceDebug includeExceptionDetailInFaults="true" /> <serviceThrottling maxConcurrentSessions="100"/> </behavior> </serviceBehaviors> </behaviors> </system.serviceModel> I've checked my firewall about a dozen times, but I guess there could be something I'm missing. Tried disabling windows firewall. I tried changing localhost to my ipv4 address to try to keep away from ipv6, I've tried removing any anti-ipv6 code.

    Read the article

  • iPhone SDK:HTML parsing standard way or example:

    - by Clave Martin
    Hi, I am accessing a web page using NSURLConnection and have a HTML data downloaded programmatically in my iPhone client application. I want to parse and pick some description data from the HTML tags..It is too dirty tags and my data is also here and there. I would like to ask you, is there a standard or easy way of parsing of HTML data on iPhone development. P.S: I know about XML parsing. thanks. Clave/

    Read the article

  • Any one like me who still believes in AspNet Web forms? Or has evryone switched to MVC

    - by The_AlienCoder
    After years mastering Aspnet webforms I recently decided to try out ASpnet MVC. Naturally my first action was to google 'Aspnet webforms vs Aspnet MVC'. I hoped to get an honest comparison of the two development techniques and guidelines on when to use which one. ..But I was completely turned off by the MVC proponents. In almost every post on the net comparing the two 'platforms' the MVC camp is simply bashing webform developers like me. They go on and on about how wrong and stupid using webforms is. As if what we have been doing the past decade has been pointless - all those websites built(& still running), all those clever controls, the mighty gridview..ALL POINTLESS ! Karl Seguin especially with his stupid webforms rant really turned me off. If his intention was to convert people like me he did the oposite and made me defensive. If anything I am now convinced that the webforms approach is better. consider the following All the critical shortcomings of aspnet webforms have now been Addressed in visual studio 2010 with Aspnet 4.0.- Cleaner html, cleaner control IDs, friendly urls, leaner viewstate etc Why would any one want to implement the mighty gridview and other wonderful controls from scratch ? In MVC you have to do this yourself because ABSTRACTION IS PLAIN STUPID- Instead of writing loops why not just code using 1s and 0s then? A stateless web is a WEAKNESS so why would anyone want to get rid of viewstate? Everyone would like a better implementation but getting rid of it is a step backwards not forward. Unit testing is great but not a critical requirement for most web projects. I thought inline codes were dead with asp. But now they are back and fashionable - Thanks to MVC. I dont know about you people but codebehind was REVOLUTIONARY. Ive had the Ajax Update panel do so many wonderful things without writing a line of code so why demonise it? Ive succesfully implemented a chat client, IM client and Status bar using nothing but the update panel and script manager.Ofcourse you cant use it for everything but most of the time its appropriate. And finally the last word from JQUERY - 'Write less do more !' - That's what webforms is all about ! So Am I the only who still believes in webforms(and it getting better as Aspnet 4.0 has shown) or will it be dead and gone a few years from now like asp? I mean if inline coding is 'the future' why not just switch to PHP !

    Read the article

  • Dynamic tab width in a Flex 4 TabBar component with skin

    - by JoriDor
    Hi, I have a Flex 4 TabBar component with a custom skin. In this skin, the item renderer is defined with an ButtonBarButton with a custom skin. All the tabs in the itemrenderer have now the same width. The client however wants me to make the tabs width dynamically, so a smaller tab for a smaller label, a bigger one for a long label. Does anybody know how to adjust the width of Tab (ButtonBarButton)? Thanks a million!

    Read the article

  • Can a Winforms/WPF app act as HTTP server?

    - by user46703
    Hi, I have a desktop written with Winforms. Now I have requests that people want to access the data from other machines. First I thought about a regular Client/Server app but now I think best would be if the app could act as HTTP server and send HTML to connected browsers. Does anybody know if there is a library available to add HTTP server functionality to an app? Ideally it would be able to serve ASP.NET content.

    Read the article

  • CSS: How to get two DIVs side by side with automatic height, to the height of their container?

    - by Jake Petroules
    I am designing a website for a client, and I am trying to get two side-by-side DIVs to adjust to 100% of their container. I've got the side-by-side done, but I can't get the right DIV to be the same height as the left one. You can view the problem here: http://campusmomlaundry.petroules.com/ The "challenges" and "benefits" DIVs should be side-by-side and the same height, without manually specifying the height. How can I do this?

    Read the article

  • Django-registration and ReCaptcha integration - how to pass the user's IP

    - by knuckfubuck
    New to django and trying to setup django-registration 0.8 with recaptcha-client. I followed the advice posted in the answer to this question. I used the custom form and custom backend from that post and the widget and field from this tutorial. My form is displaying properly with the recaptcha widget but when I submit it throws the error about the missing IP. What's the best way to pass the IP using django-registration?

    Read the article

  • Do Programmers create BUGS?

    - by Diallo
    Recently i had a not very friendly discussion with a client stating that "he can't pay for fixing bugs on the application i've built for him". his reason is simple: - I Can't actually pay for bugs you actually create. He think that a bug in an application has as origin the author so it should be his responsibility to fix it. Do you share that idea?

    Read the article

  • MySQL queries - how expensive are they really?

    - by incrediman
    I've heard that mysql queries are very expensive, and that you should avoid at all costs making too many of them. I'm developing a site that will be used by quite a few people, and I'm wondering: How expensive are mysql queries actually? If I have 400,000 people in my database, how expensive is it to query it for one of them? How close attention do I need to pay that I don't make too many queries per client request?

    Read the article

  • how to get mysql query as xml?

    - by mobibob
    I recall reading about XML support from MySql. Does anyone know how to get XML without writing code? My client-protocol expects XML and I have a data source that I can access from a web app (JSP using JDBC).

    Read the article

  • practical security ramifications of increasing WCF clock skew to more than an hour

    - by Andrew Patterson
    I have written a WCF service that returns 'semi-private' data concerning peoples name, addresses and phone numbers. By semi-private, I mean that there is a username and password to access the data, and the data is meant to be secured in transit. However, IMHO noone is going to expend any energy trying to obtain the data, as it is mostly available in the public phone book anyway etc. At some level, the security is a bit of security 'theatre' to tick some boxes imposed on us by government entities. The client end of the service is an application which is given out to registered 'users' to run within their own IT setups. We have no control over the IT of the users - and in fact they often tell us to 'go jump' if we put too many requirements on their systems. One problem we have been encountering is numerous users that have system clocks that are not accurate. This can either be caused by a genuine slow/fast clocks, or more than likely a timezone or daylight savings zone error (putting their machine an hour off the 'real' time). A feature of the WCF bindings we are using is that they rely on the notion of time to detect replay attacks etc. <wsHttpBinding> <binding name="normalWsBinding" maxBufferPoolSize="524288" maxReceivedMessageSize="655360"> <reliableSession enabled="false" /> <security mode="Message"> <message clientCredentialType="UserName" negotiateServiceCredential="false" algorithmSuite="Default" establishSecurityContext="false" /> </security> </binding> </wsHttpBinding> The inaccurate client clocks cause security exceptions to be thrown and unhappy users. Other than suggesting users correct their clocks, we know that we can increase the clock skew of the security bindings. http://www.danrigsby.com/blog/index.php/2008/08/26/changing-the-default-clock-skew-in-wcf/ My question is, what are the real practical security ramifications of increasing the skew to say 2 hours? If an attacker can perform some sort of replay attack, why would a clock skew window of 5 minutes be necessarily safer than 2 hours? I presume performing any attack with security mode of 'message' requires more than just capturing some data at a proxy and sending the data back in again to 'replay' the call? In a situation like mine where data is only 'read' by the users, are there indeed any security ramifications at all to allowing 'replay' attacks?

    Read the article

  • Introduction to 3D Graphics Programming

    - by Jacob Relkin
    Hi everyone! I'm a self-taught programmer with absolutely nil 3D programming experience. A client of mine has related to me an idea for an iPhone app that requires OpenGL ES 2.0 for it's inherently complex 3D structure and animations. Where do I start on this ( albeit long ) journey toward OpenGL ES competence? I'm willing to put in a tremendous amount of time and effort into learning, and if i could please get some pointers to where I should start and what to expect, that would be awesome!

    Read the article

  • Best Cross Platform Networking Framework For iPhone Dev

    - by Carmen
    I am looking to write a client/server application that will run on both iPhone, OS X and Windows. What are the best solutions for networking that will work on all 3 platforms? I have looked into Qt and it doesn't look like it has support for iPhone. I have also looked at boost, and that looks like it can be compiled for the iPhone. However I was hoping for a somewhat higher level framework like what Qt has to offer.

    Read the article

  • How to print long bill in WPF

    - by RAJ K
    I have a WPF application for product purchase billing. My client wants that app should be able to bill and print upto 1-99 products at once. they use bill printer (mini size printer) for billing. How I can achieve this in WPF C#. Any code or link would be helpful. Thank you...

    Read the article

  • Server to stream RTSP to android

    - by dar
    Can Flash Media Server 3.5 serve a video rtsp stream to android? Or do we need to use Wowza or red5 with Android rtsp clients? Are there any other rtsp servers to consider when the client is going to be running on android?

    Read the article

  • decrypt an encrypted value ?

    - by jim
    I have an old Paradox database (I can convert it to Access 2007) which contains more then 200,000 records. This database has two columns: the first one is named "Word" and the second one is named "Mean". It is a dictionary database and my client wants to convert this old database to ASP.NET and SQL. However, we don't know what key or method is used to encrypt or encode the "Mean" column which is in the Unicode format. The software itself has been written in Delphi 7 and we don't have the source code. My client only knows the credentials for logging in to database. The problem is decoding the Mean column. What I do have is the compiled windows application and the Paradox database. This software can decode the "Mean" column for each "Word" so the method and/or key is in its own compiled code(.exe) or one of the files in its directory. For example, we know that in the following row the "Zymurgy" exactly means "???? ??? ????? ?? ???? ????, ????? ?????" since the application translates it like that. Here is what the record looks like when I open the database in Access: Word Mean Zymurgy 5OBnGguKPdDAd7L2lnvd9Lnf1mdd2zDBQRxngsCuirK5h91sVmy0kpRcue/+ql9ORmP99Mn/QZ4= Therefore we're trying to discover how the value in the Mean column is converted to "???? ??? ????? ?? ???? ????, ????? ?????". I think the "Mean" column value in above row is encoded in Base64 string format, but decoding the Base64 string does not yet result in the expected text. The extensions for files in the win app directory are dll, CCC, DAT, exe (other than the main app file), SYS, FAM, MB, PX, TV, VAL. Any kind of help is appreciated. Additional information: guys! the creators are not that stupid to save the values only in encoded form. they're definitely encrypted them. so i guess we have to look for the key.

    Read the article

  • Hidden Features of JavaScript?

    - by Allain Lalonde
    What "Hidden Features" of JavaScript do you think every programmer should know? After having seen the excellent quality of the answers to the following questions I thought it was time to ask it for JavaScript. Hidden Features of C# Hidden Features of Java Hidden Features of ASP.NET Hidden Features of Python Hidden Features of HTML Hidden Features of PHP Even though JavaScript is arguably the most important Client Side language right now (just ask Google) it's surprising how little most web developers appreciate how powerful it really is.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 448 449 450 451 452 453 454 455 456 457 458 459  | Next Page >