Search Results

Search found 15415 results on 617 pages for 'security groups'.

Page 474/617 | < Previous Page | 470 471 472 473 474 475 476 477 478 479 480 481 | Next Page >

Hide header and footer when printing from Internet Explorer using Javascript or CSS

- by molasses

When I print a webpage from Internet Explorer it will automatically add a header and footer including the website title, URL, date, and page number. Is it possible to hide the header and footer programatically using Javascript or CSS? Requirements: works in IE 6 (no other browser support necessary as its for an Intranet) may use ActiveX, Java Applet, Javascript, CSS preferably not something that the user needs to install (eg. http://www.meadroid.com/scriptx). feel free to list other third party available plug-ins though as I think this may be the only option don't require the user to manually update their browser settings don't render the pages as PDF or Word document or any other format don't write to the registry (security prevents this) Thanks

Read the article
Implementation of ECC in Java

- by Rookie_22

While trying to encrypt a given input using Elliptic Curve Cryptography in Java I'm using the following algorithms for generating the cipher and the key: KeyPairGenerator g = KeyPairGenerator.getInstance("ECDSA"); Cipher cipher = Cipher.getInstance("ECIES"); Now as expected, the cipher isn't accepting the keys generated by the ECDSA algorithm. I get the error as - must be passed IE key. I searched for the ciphers being supported by these 2 methods here: http://java.sun.com/javase/6/docs/technotes/guides/security/StandardNames.html#Cipher Unfortunately no else algo is supported for ECC. Has anyone used ECC generated keys to encrypt/decrypt an input? Which algo should I use for both so that they don't clash with each other?

Read the article
Expose url to webservice

- by Patrick Peters

In our project we want to query a document management system for a specific document or movie. The dms returns a URL with the document location (for example: http://mydomain.myserver1.share/mypdf.pdf or http://mydomain.myserver2.share/mymovie.avi). We want to expose the document to internet users and intranet users. The requested file can be large (large video files). Our architecture is like: request goes like: webapp1 - webapp2 - webapp3 - dms response goes like: dms - webapp3 - webapp2 - webapp1 webapp1 could be on the internet. I have have been thinking how we can obfusicate the real url from the dms, due to security issues. I have seen implementations from other webapps where the pdf URL was obfusicated by creating a temp file for the requested document that is specific for the session and user. So other users cannot easily guess the documentname of other users. My question: is there a pattern that deals with exposing company/user vulernable data to the public ? Our development is in C# 3.5.

Read the article
Software to create a knowledge base/FAQ system

- by H1Man

Our company is looking to build a web-based knowledge base system that can be used by our clients/end users to reduce the amount of support calls. Couple important notes: This is aimed at our end users, in other words, non-techies. So the UI has to be easy to use Should have the excellent (fast, accurate) search Should have ability to rate and comment on articles This will only be maintained by one or 2 people, so security isn't a big concern Something similar to what Microsoft is doing with their Knowledge Base. http://support.microsoft.com/search/ Does anyone have any recommendations on what software I can use? Thanks, H. Edit: I should have made this clear before but I don't mean build as in having our developers build a support/kb system from the ground up. I am looking to use a existing software package/solution that can be used to implement a knowledge base/support site.

Read the article
Most popular classroom, bootcamp, or online training for ASP.NET 3.5

- by Curtis White

What are the most popular and highest quality training sources for ASP.NET 3.5. I am interested in both "boot camp" class room training and online self-paced training. I am interested in both training that can be applied to certification but also non certification based training in the following areas: ASP.NET 3.5, AJAX, and web security. The training should be geared to real world projects and not memorization. I am most interested to hear from Microsoft MVP's on the matter and those who personally have attended or scheduled such training.

Read the article
Asp.net fileupload control postback problems

- by Spooky2010

using ASP.net, vs2008 C#. Im using a FileUpload control on a webform. The uploading of a file (ie PDF dcouments) to a server directory works ok. I have on the webform a "preview" button that the user can use to preview the PDF file after they have selected it via the Fileupload browse feature. I do this by if (this.FileUpload1.HasFile) { localURL = FileUpload1.PostedFile.FileName; // use this to preview file. Other methods are restricted by local security requirements Process.Start(localURL); } My problems is that after the button click Postback occurs the location of the selected file disappears from the textbox part of the Fileupload control. How can i keep this info there, so the user does not have to browse again and instead can just click upload to upload the file. Any help appreciated thanks

Read the article
rpm installation error

- by JiminyCricket

im trying to install an RPM compat-db-4.1.25-9 on oracle linux enterprise, since its required to install WebCenter...however the rpm installation is throwing a warning and then not working [root@devsebl downloads]# rpm -i compat-db-4.1.25-9.rpm warning: compat-db-4.1.25-9.rpm: Header V3 DSA signature: NOKEY, key ID 9b3c94f4 [root@devsebl downloads]# rpm -q compat-db-4.1.25-9.rpm package compat-db-4.1.25-9.rpm is not installed any idea what that warning means and why its crashing there? i tried to use Yum, but its not available i guess: [root@devsebl downloads]# yum search compat-db Loaded plugins: security Warning: No matches found for: compat-db No Matches found

Read the article
NHibernate 2.1.2 in medium trust.

- by John

I'm trying to configure nhibernate 2.1.2 to run in medium trust, without any luck. I have tried follwing the suggestions to run in medium trust and pre-generating the proxies. I then tried to remove all references to lazy loading setting the default-lazy="false" on all classes and bags. However this threw an exception asking me to configure the proxyfactory.factory_class None of these methds worked as they kept throwing generic security exceptions or throwing easying that libraries do not allow AllowPartiallyTrustedCallers. Am I using the wrong version of NHibernate if I want to run in medium trust? Is there a specific set of binaries, or source, which I should be using.

Read the article
Getting "Object is read only" error when setting ClientCredentials in WCF

- by Paul Mrozowski

I have a proxy object generated by Visual Studio (client side) named ServerClient. I am attempting to set ClientCredentials.UserName.UserName/Password before opening up a new connection using this code: InstanceContext context = new InstanceContext(this); m_client = new ServerClient(context); m_client.ClientCredentials.UserName.UserName = "Sample"; As soon as the code hits the UserName line it fails with an "Object is read-only" error. I know this can happen if the connection is already open or faulted, but at this point I haven't called context.Open() yet. I have configured the Bindings (which uses netTcpBinding) to use Message as it's security mode, and MessageClientCredentialType is set to UserName. Any ideas?

Read the article
CakePHP session sharing between two apps, on the same domain

- by Amit Yadav

I am having two cakephp application working on the same domain. I access them like localhost:8080/wishlist & localhost:8080/lighthouse The wishlist is a separate cakePHP application and the lighthouse is a separate CakePHP application. The login page is at localhost:8080/lighthouse, now i want the session generated by the lighthouse application to be used in the wishlist application. The directory structure is /htdocs /wishlist /app /config .... /lighthouse /app /config .... I have edited the core.php file for both the application. I am using the same session cookie name and the same security sale but i am not able to get the session on the wishlist application. Can some one let me know how can i share session in between my two application.

Read the article
Cross-domain policy issues after redirect in Flash

- by ggambett

I'm having trouble with a cross-domain policy. I'm using the AS3 Loader to fetch an image; I'm making it load the policy file, like this : var pLoader : Loader = new Loader(); var pContext : LoaderContext = new LoaderContext(); pContext.checkPolicyFile = true; pLoader.load(new URLRequest(sURL), pContext); This works fine as long as the image is directly accessible; however, when the server sends a redirect, the loader follows it but loses the checkPolicyFile flag, resulting in a SecurityException - that is, it doesn't check the cross-domain policy of the redirected URL. I've found a solution here ( http://www.stevensacks.net/2008/12/23/solution-as3-security-error-2122-with-300-redirects ) but looks fragile (that is, looks like it will fail if there's more than one redirect). What would be the correct way of doing this?

Read the article
nginx - redirection doesn't work as expected

- by Luis

I have a domain listening on both http and https. I want to redirect all the traffic to https except for two specific locations. It works, but only for mydomain.com, not for www.mydomain.com. Here the config: upstream mydomain_rails { server unix:/home/deploy/mydomain/shared/pids/unicorn.sock; } # blog.mydomain.com server { listen 80; server_name blog.mydomain.com; rewrite ^ http://www.mydomain.com/de/blog permanent; } # blog.mydomain.com.br server { listen 80; server_name blog.mydomain.com.br; rewrite ^ http://www.mydomain.com/br/blog permanent; } # www.mydomain.de server { listen 80; server_name mydomain.de www.mydomain.de; rewrite ^ https://www.mydomain.com/de permanent; } # www.mydomain.com.br server { listen 80; server_name mydomain.com.br www.mydomain.com.br; rewrite ^ https://www.mydomain.com/br permanent; } server { listen 80; server_name mydomain.com; rewrite ^ http://www.mydomain.com$request_uri permanent; } ## www.mydomain.com ## Redirect http to https, keep blogs on plain http server { listen 80; server_name www.mydomain.com; location / { # if ($host ~* ^(www\.mydomain\.com)$ ) { rewrite ^/(.*)$ https://www.mydomain.com/$1 permanent; # } # return 444; } # Matches any request starting with '/br/blog' and proxies to the upstream blog instance location ~* /br/blog { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; if (!-f $request_filename) { rewrite ^/br/blog$ /; rewrite ^/br/blog/(.*)$ /$1; proxy_pass http://mydomain_blog_br; break; } } # Matches any request starting with '/de/blog' and proxies to the upstream blog instance location ~* /de/blog { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; if (!-f $request_filename) { rewrite ^/de/blog$ /; rewrite ^/de/blog/(.*)$ /$1; proxy_pass http://mydomain_blog; break; } } } # www.mydomain.com server { add_header Cache-Control "public, must-revalidate"; server_name mydomain.com www.mydomain.com; listen 443; ssl on; ssl_certificate /etc/ssl/mydomain.com/sslchain.crt; ssl_certificate_key /etc/ssl/mydomain.com/privatekey.key; ## Strict Transport Security (ForceHTTPS), max-age 30d add_header Strict-Transport-Security "max-age=2592000; includeSubdomains"; ## Due SSL encryption, rather to increase the keepalive requests and timeout keepalive_requests 10; keepalive_timeout 60 60; root /home/deploy/mydomain/current/public/; error_log /home/deploy/mydomain/shared/log/nginx.error.log info; access_log /home/deploy/mydomain/shared/log/nginx.access.log main; ## Redirect from non-www to www if ($host = 'mydomain.com' ) { rewrite ^/(.*)$ https://www.mydomain.com/$1 permanent; } ## Caching images for 3 months location ~* \.(ico|css|js|gif|jpe?g|png)\?[0-9]+$ { expires 30d; break; } ## Deny illegal Host headers if ($host !~* ^(mydomain.com|www.mydomain.com)$ ) { return 444; } ## Deny certain User-Agents (case insensitive) if ($http_user_agent ~* (Baiduspider|webalta|Wget|WordPress|youdao|jakarta) ) { return 444; } ## Deny certain Referers (case insensitive) if ($http_referer ~* (dating|diamond|forsale|girl|jewelry|nudit|poker|porn|poweroversoftware|sex|teen|webcam|zippo|zongdo) ) { return 444; } ## Enable maintenance page. The page is copied in during capistrano deployment set $maintenance 0; if (-f $document_root/index.html) { set $maintenance 1; } if ($request_uri ~* (jpg|jpeg|gif|png|js|css)$) { set $maintenance 0; } if ($maintenance) { rewrite ^(.*)$ /index.html last; break; } location /uk { auth_basic "Restricted"; auth_basic_user_file /etc/nginx/htpasswd; root /home/deploy/mydomain/current/public/; try_files $uri @fallback; } # Matches any request starting with '/br/blog' and proxies to the upstream blog instance location ^~ /br/blog { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; if (!-f $request_filename) { rewrite ^/br/blog$ /; rewrite ^/br/blog/(.*)$ /$1; proxy_pass http://mydomain_blog_br; break; } } # Matches any request starting with '/de/blog' and proxies to the upstream blog instance location ^~ /de/blog { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; if (!-f $request_filename) { rewrite ^/de/blog$ /; rewrite ^/de/blog/(.*)$ /$1; proxy_pass http://mydomain_blog; break; }} # Matches any request starting with '/lp' and proxies to the upstream blog instance location /lp { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; rewrite ^/lp(/?.*)$ /$1; proxy_pass http://mydomain_landingpage; break; } #Matches any request, and looks for static files before reverse proxying to the upstream app server socket location / { root /home/deploy/mydomain/current/public/; try_files $uri @fallback; } # Called after the above pattern, if no static file is found location @fallback { proxy_set_header X-Sendfile-Type X-Accel-Redirect; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; proxy_pass http://mydomain_rails; } ## All other errors get the generic error page error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /500.html; location /500.html { root /home/deploy/mydomain/current/public/; } } I defined the blog upstream. As said, it works properly for mydomain.com, but not for www.mydomain.com. Any idea?

Read the article
Spring MVC and Jetty: Prevent jsessionid from being used in RedirectView on redirect to external sit

- by Moritz Both

In Spring MVC 2.5 with Jetty - probably with any servlet container -, I want to redirect to an external site using RedirectView via the magic "redirect:" prefix for the view name in ModelAndView. Unfortunately, RedirectView uses response.encodeURL(), so my (otherwiese wanted) session id is appended to the URL. It is not only a security risk to carry the session id to the external site, the ";jsessionid=gagnbaba" string may also be interpreted as part of the ContextPath/PathInfo on the other site, resulting in a bad URL. Any "springish" options other than implement my own ExternalRedirectView... and also hack the ViewResolver to interpret a "externalRedirect:" prefix? (Requiring cookies is not an option.) Moritz

Read the article
Cant delete more than 200 contacts in HTC HERO

- by rahul

I'm working on security application which will copy all contacts to some other database and delete all contacts from phonebook. I'm testing this on android HTC HERO. I'm successful to delete contacts from phonebook and create new contact info database, Till 200 it is working, but after 200 contacts its not working properly. After tht application starts throwing error. There is one Sync with Google Option in MenuSettingData Sync, I think that is creating problem. There is notification that "Too many contacts deleted" n if i click tht there will b a dialog with title "Delete Limit exceeded". Is there anything i can do to stop syncronization or any other ideas by which i can achieve required output? Please Help me on this

Read the article
What is the fastest way to create a checksum for large files in C#

- by crono

Hi, I have to sync large files across some machines. The files can be up to 6GB in size. The sync will be done manually every few weeks. I cant take the filename into consideration because they can change anytime. My plan is to create checksums on the destination PC and on the source PC and than copy all files with a checksum, which are not already in the destination, to the destination. My first attempt was something like this: using System.IO; using System.Security.Cryptography; private static string GetChecksum(string file) { using (FileStream stream = File.OpenRead(file)) { SHA256Managed sha = new SHA256Managed(); byte[] checksum = sha.ComputeHash(stream); return BitConverter.ToString(checksum).Replace("-", String.Empty); } } The Problem was the runtime: - with SHA256 with a 1,6 GB File - 20 minutes - with MD5 with a 1,6 GB File - 6.15 minutes Is there a better - faster - way to get the checksum (maybe with a better hash function)?

Read the article
How do I protect a low budget network from rogue DHCP servers?

- by Kenned

I am helping a friend manage a shared internet connection in an apartment buildling with 80 apartments - 8 stairways with 10 apartments in each. The network is laid out with the internet router at one end of the building, connected to a cheap non-managed 16 port switch in the first stairway where the first 10 apartments are also connected. One port is connected to another 16 port cheapo switch in the next stairway, where those 10 apartments are connected, and so forth. Sort of a daisy chain of switches, with 10 apartments as spokes on each "daisy". The building is a U-shape, approximately 50 x 50 meters, 20 meters high - so from the router to the farthest apartment it’s probably around 200 meters including up-and-down stairways. We have a fair bit of problems with people hooking up wifi-routers the wrong way, creating rogue DHCP servers which interrupt large groups of the users and we wish to solve this problem by making the network smarter (instead of doing a physical unplugging binary search). With my limited networking skills, I see two ways - DHCP-snooping or splitting the entire network into separate VLANS for each apartment. Separate VLANS gives each apartment their own private connection to the router, while DHCP snooping will still allow LAN gaming and file sharing. Will DHCP snooping work with this kind of network topology, or does that rely on the network being in a proper hub-and-spoke-configuration? I am not sure if there are different levels of DHCP snooping - say like expensive Cisco switches will do anything, but inexpensive ones like TP-Link, D-Link or Netgear will only do it in certain topologies? And will basic VLAN support be good enough for this topology? I guess even cheap managed switches can tag traffic from each port with it’s own VLAN tag, but when the next switch in the daisy chain receives the packet on it’s “downlink” port, wouldn’t it strip or replace the VLAN tag with it’s own trunk-tag (or whatever the name is for the backbone traffic). Money is tight, and I don’t think we can afford professional grade Cisco (I have been campaigning for this for years), so I’d love some advice on which solution has the best support on low-end network equipment and if there are some specific models that are recommended? For instance low-end HP switches or even budget brands like TP-Link, D-Link etc. If I have overlooked another way to solve this problem it is due to my lack of knowledge. :)

Read the article
Is writing eSQL database agnostic?

- by Robert Koritnik

Using EF we can use LINQ to read data which is rather simple (especialy using fluent calls), but we have less control unless we write eSQL on our own. Is writing eSQL database actually data store independant code? So if we decide to change data store, can the same statements still be used? Is writing eSQL strings in your code pose any serious security threats similar to writing TSQL statements in plain strings? So we moved to SPs. Could we still mode eSQL scripts outside of code as well and use some other technique to make them a bit more secure?

Read the article
WCF performance improvements

- by Burt

I am developing a WPF application that talks to a server via WCF services over the internet. After profiling the application I noticed a lot of time is being taking up by creating the appropriate WCF client proxy and making the call to the server. The code on the server is optimised and doesn't take any time to run yet I am still seeing a 1.5 second delay from when a service is invloked to it returning to the client. A few points to give a bit of background: I am using the ASP.Net membership for security I will eventually hook into the same server side code through a website I would eventually like to have offline support in the application I really need to nail the performance early though as if the app is taking a couple of seconds to come back it is too long for what I am trying to do. Can anyone suggest performance tips that will help me please?

Read the article
c# gridview row click

- by Martijn

When i click on a row in my gridview, i want to go to a other page with the id i get from the database. In my RowCreated event i have the following line: e.Row.Attributes.Add("onClick", ClientScript.GetPostBackClientHyperlink(this.grdSearchResults, "Select$" + e.Row.RowIndex)); To prevent error messages i have this code: protected override void Render(HtmlTextWriter writer) { // .NET will refuse to accept "unknown" postbacks for security reasons. Because of this we have to register all possible callbacks // This must be done in Render, hence the override for (int i = 0; i < grdSearchResults.Rows.Count; i++) { Page.ClientScript.RegisterForEventValidation(new System.Web.UI.PostBackOptions(grdSearchResults, "Select$" + i.ToString())); } // Do the standard rendering stuff base.Render(writer); } My question is, how can i give a row a unique id (from the DB) and when i click the row, another page is opened (like clicking on a href) and that page can read the id. Thnx

Read the article
How to link paid app user account to the system ?

- by user164589

Hi guys, I have an issue related publishing the paid app to android market. (My application is internet connection based app.) If I've put the app to the android market, can user who bought the app pass to anyone ? How is its security (I mean safe of .apk file) ? Also, what is payment tool of android market ? My main point is choosing the best way to link paid user to our system. Actually I don't know how to link paid user account to my system(by email address or device unique id ?... what is better way ?). Can you suggest me on this part ? I really appreciate for help. Thanks in advance.

Read the article
Bind9 virtual subdomains

- by Steffan

I am trying to setup virtual subdomains using Bind9, following this tutorial.. http://groups.drupal.org/node/16862 which I've completed. Basically setting up the zone and modifying the resolv.conf file and the named.conf.local file. I've gotten everything to work, and I am able to from my server ping mydomain.com , test.mydomain.com and when i do a dig I get the following.. ; <<>> DiG 9.7.0-P1 <<>> test.mydomain.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32606 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 ;; QUESTION SECTION: ;test.mydomain.com. IN A ;; ANSWER SECTION: test.mydomain.com. 86400 IN A 174.###.###.# ;; AUTHORITY SECTION: mydomain.com. 86400 IN NS mydomain.com. ;; ADDITIONAL SECTION: mydomain.com. 86400 IN A 174.###.###.# ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Wed Jan 19 21:06:01 2011 ;; MSG SIZE rcvd: 86 So it looks like everything is working. However, when I try and do test.mydomain.com in the browser, expecting it to default for now to mydomain.com it does not work and I get a server not found page in Firefox. I did read elsewhere that in your virutalhosts file you also need to setup a *.mydomain.com alias, but that didn't fix anything. Any other information that I could provide to help troubleshoot, or any troubleshooting suggestions? I am using Ubuntu 10.4, with typical LAMP setup. The only other things installed on the server are Bind9 and ftp client.

Read the article
Invalid XML in persistence.xml : Init method

- by James.Elsey

I'm getting the following error when I try to startup my application on google app engine: Failed startup of context com.google.apphosting.utils.jetty.RuntimeAppEngineWebAppContext@8fcc7b{/,/base/data/home/apps/sales-tracker/3.340980411948080671} org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'clientDao' defined in ServletContext resource [/WEB-INF/applicationContext.xml]: Cannot resolve reference to bean 'entityManagerFactory' while setting bean property 'entityManagerFactory'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'entityManagerFactory' defined in ServletContext resource [/WEB-INF/applicationContext.xml]: Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: Invalid XML in persistence unit from URL [file:/base/data/home/apps/sales-tracker/3.340980411948080671/WEB-INF/classes/META-INF/persistence.xml] at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:275) at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:104) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1245) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1010) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:472) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory$1.run(AbstractAutowireCapableBeanFactory.java:409) at java.security.AccessController.doPrivileged(Native Method) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:380) at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:264) at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222) at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:261) at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:185) at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:164) at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:429) at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:728) at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:380) at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:255) at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:199) at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:45) at org.mortbay.jetty.handler.ContextHandler.startContext(ContextHandler.java:548) at org.mortbay.jetty.servlet.Context.startContext(Context.java:136) at org.mortbay.jetty.webapp.WebAppContext.startContext(WebAppContext.java:1250) at org.mortbay.jetty.handler.ContextHandler.doStart(ContextHandler.java:517) at org.mortbay.jetty.webapp.WebAppContext.doStart(WebAppContext.java:467) at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50) at com.google.apphosting.runtime.jetty.AppVersionHandlerMap.createHandler(AppVersionHandlerMap.java:191) at com.google.apphosting.runtime.jetty.AppVersionHandlerMap.getHandler(AppVersionHandlerMap.java:168) at com.google.apphosting.runtime.jetty.JettyServletEngineAdapter.serviceRequest(JettyServletEngineAdapter.java:123) at com.google.apphosting.runtime.JavaRuntime.handleRequest(JavaRuntime.java:243) at com.google.apphosting.base.RuntimePb$EvaluationRuntime$6.handleBlockingRequest(RuntimePb.java:5485) at com.google.apphosting.base.RuntimePb$EvaluationRuntime$6.handleBlockingRequest(RuntimePb.java:5483) at com.google.net.rpc.impl.BlockingApplicationHandler.handleRequest(BlockingApplicationHandler.java:24) at com.google.net.rpc.impl.RpcUtil.runRpcInApplication(RpcUtil.java:398) at com.google.net.rpc.impl.Server$2.run(Server.java:852) at com.google.tracing.LocalTraceSpanRunnable.run(LocalTraceSpanRunnable.java:56) at com.google.tracing.LocalTraceSpanBuilder.internalContinueSpan(LocalTraceSpanBuilder.java:536) at com.google.net.rpc.impl.Server.startRpc(Server.java:807) at com.google.net.rpc.impl.Server.processRequest(Server.java:369) at com.google.net.rpc.impl.ServerConnection.messageReceived(ServerConnection.java:442) at com.google.net.rpc.impl.RpcConnection.parseMessages(RpcConnection.java:319) at com.google.net.rpc.impl.RpcConnection.dataReceived(RpcConnection.java:290) at com.google.net.async.Connection.handleReadEvent(Connection.java:474) at com.google.net.async.EventDispatcher.processNetworkEvents(EventDispatcher.java:831) at com.google.net.async.EventDispatcher.internalLoop(EventDispatcher.java:207) at com.google.net.async.EventDispatcher.loop(EventDispatcher.java:103) at com.google.net.rpc.RpcService.runUntilServerShutdown(RpcService.java:251) at com.google.apphosting.runtime.JavaRuntime$RpcRunnable.run(JavaRuntime.java:404) at java.lang.Thread.run(Unknown Source) Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'entityManagerFactory' defined in ServletContext resource [/WEB-INF/applicationContext.xml]: Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: Invalid XML in persistence unit from URL [file:/base/data/home/apps/sales-tracker/3.340980411948080671/WEB-INF/classes/META-INF/persistence.xml] at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1338) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:473) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory$1.run(AbstractAutowireCapableBeanFactory.java:409) at java.security.AccessController.doPrivileged(Native Method) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:380) at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:264) at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222) at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:261) at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:185) at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:164) at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:269) ... 47 more Caused by: java.lang.IllegalArgumentException: Invalid XML in persistence unit from URL [file:/base/data/home/apps/sales-tracker/3.340980411948080671/WEB-INF/classes/META-INF/persistence.xml] at org.springframework.orm.jpa.persistenceunit.PersistenceUnitReader.readPersistenceUnitInfos(PersistenceUnitReader.java:151) at org.springframework.orm.jpa.persistenceunit.DefaultPersistenceUnitManager.readPersistenceUnitInfos(DefaultPersistenceUnitManager.java:303) at org.springframework.orm.jpa.persistenceunit.DefaultPersistenceUnitManager.preparePersistenceUnitInfos(DefaultPersistenceUnitManager.java:275) at org.springframework.orm.jpa.persistenceunit.DefaultPersistenceUnitManager.afterPropertiesSet(DefaultPersistenceUnitManager.java:260) at org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean.createNativeEntityManagerFactory(LocalContainerEntityManagerFactoryBean.java:192) at org.springframework.orm.jpa.AbstractEnti My persistence.xml looks as follows, as taken from the GAE documentation <?xml version="1.0" encoding="UTF-8" ?> <persistence xmlns="http://java.sun.com/xml/ns/persistence" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/persistence http://java.sun.com/xml/ns/persistence/persistence_1_0.xsd"version="1.0"> <persistence-unit name="transactions-optional"> <provider>org.datanucleus.store.appengine.jpa.DatastorePersistenceProvider</provider> <properties> <property name="datanucleus.NontransactionalRead" value="true" /> <property name="datanucleus.NontransactionalWrite" value="true" /> <property name="datanucleus.ConnectionURL" value="appengine" /> </properties> </persistence-unit> </persistence> Is there something wrong with my persistence file? Or could my errors be caused elsewhere? Can someone please give me some pointers thanks

Read the article
How to add request validation errors to ModelStateDictionary in ASP.NET MVC?

- by Morten Christiansen

Investigating the security of a system I'm building with ASP.NET MVC 2 led me to discover the request validation feature of ASP.NET - a very neat feature, indeed. But obviously I don't just want to present the users with the Yellow Screen of Death when they enter data with HTML in, so I'm out to find a better solution. My idea is to find all the fields that have invalid data and add them to the ModelStateDictionary before invoking the action such that they automatically appear in the UI as error messages. After googling this a bit it appears that no one have implemented this before which I find puzzling since it seems so obvious. Does anyone here have a suggestion on how to do this? My own idea is to supply a custom ControllerActionInvoker to the controller, as described here, that somehow checks for this and modifies the ModelStateDictionary but I'm stuck on how to do this last bit. Just catching HttpRequestValidationException exceptions does not seem a useful approach since it does not actually contain all the information I need.

Read the article
GetAllUsers - MVC

- by Jemes

I’m using the Membership Provider and would like to display a list of all the users and their First Name, Last Name etc using the GetAllUsers function. I'm having trouble understanding how to implement this function in MVC. Has anyone implemented this in MVC or is there an easier way to list all the users in my application? Any help or advise would be really helpful. Controller public ActionResult GetUsers() { var users = Membership.GetAllUsers(); return View(users); } View Model public class GetUsers { [Required] [DisplayName("User name")] public string UserName { get; set; } [Required] [DisplayName("User name")] public string FirstName { get; set; } } View <%= Html.Encode(item.UserName) %> Error The model item passed into the dictionary is of type 'System.Web.Security.MembershipUserCollection', but this dictionary requires a model item of type 'System.Collections.Generic.IEnumerable`1[Account.Models.GetUsers]'.

Read the article
WMD Markdown and server-side

Hello, I work since 2 days on WMD & Markdown and i don't find THE solution for stock data with security. I would like users can post html/xml (with WMD) on my site. For the moment, I stock data in Markdown format but If I disabled JavaScript the user can push easy XSS. If I strip_tags or html_entities all data i loose the user html/xml . How can I do ? In my opinion I must html_entities just the code between pre /pre, but how?! my data is in Markdown. After, how I can do for forbid xss attributes : <img src="javascript:alert('xss');" /> Sorry for my rusty english. MaxoU

Read the article

< Previous Page | 470 471 472 473 474 475 476 477 478 479 480 481 | Next Page >