Search Results

Search found 15797 results on 632 pages for 'session variables'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 485/632 | < Previous Page | 481 482 483 484 485 486 487 488 489 490 491 492  | Next Page >

  • How to implement a good system for login/out into a webapp

    - by Brandon Wang
    I am one of the developers at PassPad, a secure password generator and username storage system. We're still working on it, but I have a few questions on the best way to implement a secure login/out system. Right now, what we plan on doing is to have the login system save a cookie with the username and a session key, and that's all that serves as authentication. The server verifies the two to match. Upon login/out a new key is created. This is a security-related webapp and while we don't actually store any information that might make the user queasy, because it is security-oriented it makes it a necessity for us to at least appear secure in a way that the user would be happy with. Is there a better way to implement a login/out system in PHP? Preferably it won't take too much coding time or server resources. Is there anything else I need to implement, like brute-force protection, etc? How would I go about that?

    Read the article

  • property not updating in object when page is posted

    - by Jared
    Hi I have set a property in a constructor like so function __construct() { $this->count = count(@$_SESSION['filearray']); //count how many files in array } and using it in condition statements if($this->count > 10) //then do something but it appears the count isn't being updated when I use another method of injecting values into this 'filearray' until I refresh the page. am I doing something wrong? I thought that my constructor would detect a change had been made in the session and whenever I call $this-count I would get the current count value but it seems to be 1 step behind until I refresh the page. If this is all vague I can include my form page that has all the method calls, but this is the jist of my question, why is my property not updating and how do I fix it :) TIA

    Read the article

  • Open source ASP.net webforms examples

    - by Yaaqov
    I learning ASP.net, and am looking to create a rather straightforward WebForms ASP.net application, but I have very limited examples to work with. Is there a site that has a lot of ASP.net WebForms projects that are downloadable? Books seem to focus on narrow aspects of using Webforms, like session control, or using master pages, but I'm looking for examples of how a whole app comes together. Or, better yet, is there someone willing to help a new developer out one-on-one by sharing a project or two of his? I'd appreciate any help. Thanks.

    Read the article

  • How to eager fetch a child collection while joining child collection entities to an association

    - by ShaneC
    Assuming the following fictional layout Dealership has many Cars has a Manufacturer I want to write a query that says get me a Dealership with a Name of X and also get the Cars collection but use a join against the manufacturer when you do so. I think this would require usage of ICriteria. I'm thinking something like this.. var dealershipQuery = Session.CreateCriteria< Dealership>("d") .Add(Restrictions.InsenstiveLike("d.Name", "Foo")) .CreateAlias("d.Cars", "c") .SetFetchMode("d.Cars", FetchMode.Select) .SetFetchMode("c.Manufacturer", FetchMode.Join) .UniqueResult< Dealership>(); But the resulting query looks nothing like I would have expected. I'm starting to think a DetachedCriteria may be required somewhere but I'm not sure. Thoughts?

    Read the article

  • JSF, actionlistener at facelets

    - by asrijaal
    Hi there, I'm using JSF (Mojarra 1.2) with Richfaces (3.3.2) within some facelets which are used as portlets (I'm using the Jboss Portlet Bridge 2.0 here). Now I'm facing something strange: I've got an actionlistener on my <h:commandButton> which is triggered, when the button is clicked but when I simply reload the page, the action is executed everytime I load the page again. This happens only if I already triggered the action before. Is this behaviour normal? I should notice that Spring 2.5 is used to manage my beans, the mentioned beans are session-scope beans, maybe this is a interessting point?!

    Read the article

  • App with MVC Virtual application shared AuthCookie.

    - by Razcer
    I have a 3.5 ASP.Net WebForm parent application. The parent uses forms authentication. I have a MVC child virtual application, I would like to make it so the user logs in to the parent application, user then navigates to the virtual application by pressing a link on the parent. However every time I do this it goes to the login screen for the virtual application. Is there a web setting I should double check in Parent? Or Child? Is there an IIS setting that I should check? Should I be using a virtual directory instead of virtual application? I want the child to be able to access the Session[] from the parent. I would like the child app to use the same authCookie as the parent app.

    Read the article

  • (type theoretical) How is ([] ==) [] typed in haskell?

    - by Ingo
    It sounds silly, but I can't get it. Why can the expression [] == [] be typed at all? More specifically, which type (in class Eq) is inferred to the type of list elements? In a ghci session, I see the following: Prelude> :t (==[]) (==[]) :: (Eq [a]) => [a] -> Bool But the constraint Eq [a] implies Eq a also, as is shown here: Prelude> (==[]) ([]::[IO ()]) <interactive>:1:1: No instance for (Eq (IO ())) arising from use of `==' at <interactive>:1:1-2 Probable fix: add an instance declaration for (Eq (IO ())) In the definition of `it': it = (== []) ([] :: [IO ()]) Thus, in []==[], the type checker must assume that the list element is some type a that is in class Eq. But which one? The type of [] is just [a], and this is certainly more general than Eq a = [a].

    Read the article

  • Choosing embedded EJB 3.x container to run JEE 5 app on Tomcat

    - by grigory
    I am sorry in advance if my question sounds too generic - I am doing all preliminary research myself but nothing substitutes real experience... My goal is to port a legacy JEE application (pre-EJB 3.x) to Tomcat with embedded EJB container. My choices currently stand as follows: JBoss Embeddable EJB Apache OpenEJB OW2 Consortium EasyBeans anything else? I am expecting to use JMS (with MDBs), Session beans (stateful and stateless), JPA and I am really excited about using JSF with Seam. Now, given choices above, are there any advantages in using one or another embedded EJB provider?

    Read the article

  • jndi reference error in ejb3.0

    - by Nila
    Hi! I'm trying to implement a stateless session bean in ejb3 using glassfish server v2 and netbeans as the editor. I'm using jndi lookup for calling bean class. When I tried to deploy the war file where I'm calling the bean class through servlet, it is showing the following error: This web app [C:\Documents and Settings\Test-war\build\web] has no ejb reference by the name of [TestingBean] deployed with moduleid = Test-war I manually created glassfish deployment descriptor for ejb and edited sun-web xml file in war. How to solve this jndi reference problem. Where I'm missing? Thanks in advance

    Read the article

  • How do I reuse code in Zend Framework

    - by Mario
    I am working on a web application which requires the user to login before they see or do anything. No part of this app should be accessible without being logged in. (Except of course, the login controller) Currently I am using sessions to handle the authentication and I have put code in each controller in the init() function to check if their session is valid. This was a temporary workaround, but it is redundant and inefficient. I would like my init() function to be similar to the following, but I am not sure how to achieve it: public function init() { // If user not logged in redirect to login controller $myLibrary = Zend_Library_MyLibrary(); $myLibrary->CheckAuth(); } So my question really has two parts: Where is the best place to store code that will be used in multiple controllers? How do I then call that function from a controller? Thanks.

    Read the article

  • ASP.net SessionState Error in Design Mode

    - by stringo0
    I'm getting a weird error in the design view for a user creation page for 2 controls: Error Creating Control - wCreateUser Session state can only be used when enableSessionState is set to true, either in a configuration file or in the Page directive. (There's some more) I've done both of these, but I'm still getting the error in design mode. The controls work fine when compiled, and on the live site - this is just in the Visual Web Developer 2010 Design view for the page. Any ideas as to how I can resolve this? Thanks!

    Read the article

  • Programmatic Bot Detection

    - by matt
    Hi, I need to write some code to analyze whether or not a given user on our site is a bot. If it's a bot, we'll take some specific action. Looking at the User Agent is not something that is successful for anything but friendly bots, as you can specify any user agent you want in a bot. I'm after behaviors of unfriendly bots. Various ideas I've had so far are: If you don't have a browser ID If you don't have a session ID Unable to write a cookie Obviously, there are some cases where a legitimate user will look like a bot, but that's ok. Are there other programmatic ways to detect a bot, or either detect something that looks like a bot? thanks!

    Read the article

  • Image manipulation with JQuery and PHP

    - by robertdd
    I want to do some kind of image editor, after I upload more images I want to make a list with all the thumbnails! After, I want to be able to click on one thumb and rotate, duplicate, drag and drop (to change positions of the images), and delete the image. I want all the images to be in a php array. If an image is deleted I want to delete the row from array too. If a image is drag-and-dropped I want to change the position in the array too. Ok, after the user uploads all the images and modifies some of them, how can I make a DONE button to save the positions of the images? For this small project how do you suggest I save the images? (to make a table in mysql and store the names of the images in the database depending on the session id? depending on the IP?) Any suggestions are welcome!

    Read the article

  • How can I update a row and insert a new one automatically in NHibernate with one call to Save?

    - by snicker
    Let's say I have a Type II SCD database, that is basically append only. I am using NHibernate to persist objects to my database. I have an object like so: Pony |- int Id |- Guid EntityId |- string PonyName |- string PonyColor |- int RevisionValidFrom |- int RevisionValidTo Here's a typical scenario: Pony myLittlePony = myStable.GetLatestPonyByGuid("0f1ac08a-3328-43db-b278-77c272e4fea3"); myLittlePony.PonyColor = "Fish"; myNHSession.Save(myLittlePony); I want to be able to call Session.Save(myLittlePony) and have NHibernate UPDATE the old entity's RevisionValidTo to whatever I specify and then INSERT the modified Pony as a new row with a new Id, basically as if it were a brand new object being persisted to the DB.

    Read the article

  • rsync over ssh is not working anymore, while ssh itself is working fine (Write failed: broken pipe)

    - by brazorf
    This issue started happening after i changed router. This is the scenario: Windows7 Host Ubuntu 10.04 Guest (VirtualBox) Ubuntu 10.04 remote server What i used to do is run a very basic rsync command: rsync -avz --delete /local/path/ username@host:/path/to/remote/directory This worked perfect until i did change adsl provider, and i changed router aswell: now, this happens: rsync on Ubuntu Guest is not working anymore (to any random server), if using this new router rsync on Ubuntu Guest is WORKING, if i switch back to old router i tried a new virtual box ubuntu install, and the command is WORKING with both the routers So, the not-working-combo is oldUbuntu + newRouter. To get things worst, i can state that (on the not-working ubuntu) i ping the remote host plain ssh connection to the remote host is working fine (i can auth, connect, and do stuff on the remote host) scp is NOT working (this is just a further thing i tried) This is the console output of the execution, with ssh verbose set to vvvv: root@client:~# rsync -ae 'ssh -vvvv' /root/test-rsync/ {username}@{hostname}:/home/{username}/test/ OpenSSH_5.3p1 Debian-3ubuntu7, OpenSSL 0.9.8k 25 Mar 2009 debug1: Reading configuration data /root/.ssh/config debug1: Applying options for {hostname} debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to {hostname} [{ip.add.re.ss}] port 22. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug3: Not a RSA1 key file /root/.ssh/{private_key}. debug2: key_type_from_name: unknown key type '-----BEGIN' debug3: key_read: missing keytype debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug2: key_type_from_name: unknown key type '-----END' debug3: key_read: missing keytype debug1: identity file /root/.ssh/{private_key} type 1 debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048 debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3p1 Debian-3ubuntu7 debug1: match: OpenSSH_5.3p1 Debian-3ubuntu7 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu7 debug2: fd 3 setting O_NONBLOCK debug1: SSH2_MSG_KEXINIT sent debug3: Wrote 792 bytes for a total of 831 debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: [email protected],zlib,none debug2: kex_parse_kexinit: [email protected],zlib,none debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,[email protected] debug2: kex_parse_kexinit: none,[email protected] debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: found hmac-md5 debug1: kex: server->client aes128-ctr hmac-md5 [email protected] debug2: mac_setup: found hmac-md5 debug1: kex: client->server aes128-ctr hmac-md5 [email protected] debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug3: Wrote 24 bytes for a total of 855 debug2: dh_gen_key: priv key bits set: 125/256 debug2: bits set: 525/1024 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug3: Wrote 144 bytes for a total of 999 debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts debug3: check_host_in_hostfile: match line 4 debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts debug3: check_host_in_hostfile: match line 5 debug1: Host '{hostname}' is known and matches the RSA host key. debug1: Found key in /root/.ssh/known_hosts:4 debug2: bits set: 512/1024 debug1: ssh_rsa_verify: signature correct debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug3: Wrote 16 bytes for a total of 1015 debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug3: Wrote 48 bytes for a total of 1063 debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: /root/.ssh/{private_key} (0x7f3ad0e7f9b0) debug3: Wrote 80 bytes for a total of 1143 debug1: Authentications that can continue: publickey,password debug3: start over, passed a different list publickey,password debug3: preferred gssapi-keyex,gssapi-with-mic,gssapi,publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Offering public key: /root/.ssh/{private_key} debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug3: Wrote 368 bytes for a total of 1511 debug1: Server accepts key: pkalg ssh-rsa blen 277 debug2: input_userauth_pk_ok: fp 1b:65:36:92:59:b3:12:3e:8c:c6:03:28:d4:81:09:dc debug3: sign_and_send_pubkey debug1: read PEM private key done: type RSA debug3: Wrote 656 bytes for a total of 2167 debug1: Enabling compression at level 6. debug1: Authentication succeeded (publickey). debug2: fd 4 setting O_NONBLOCK debug3: fd 5 is O_NONBLOCK debug1: channel 0: new [client-session] debug3: ssh_session2_open: channel_new: 0 debug2: channel 0: send open debug1: Requesting [email protected] debug1: Entering interactive session. debug3: Wrote 112 bytes for a total of 2279 debug2: callback start debug2: client_session2_setup: id 0 debug1: Sending environment. debug3: Ignored env TERM debug3: Ignored env SHELL debug3: Ignored env SSH_CLIENT debug3: Ignored env SSH_TTY debug1: Sending env LC_ALL = en_US.UTF-8 debug2: channel 0: request env confirm 0 debug3: Ignored env USER debug3: Ignored env LS_COLORS debug3: Ignored env MAIL debug3: Ignored env PATH debug3: Ignored env PWD debug1: Sending env LANG = en_US.UTF-8 debug2: channel 0: request env confirm 0 debug3: Ignored env SHLVL debug3: Ignored env HOME debug3: Ignored env LANGUAGE debug3: Ignored env LOGNAME debug3: Ignored env SSH_CONNECTION debug3: Ignored env LESSOPEN debug3: Ignored env LESSCLOSE debug3: Ignored env _ debug1: Sending command: rsync --server -logDtpre.iLsf . /home/{username}/test/ debug2: channel 0: request exec confirm 1 debug2: fd 3 setting TCP_NODELAY debug2: callback done debug2: channel 0: open confirm rwindow 0 rmax 32768 debug3: Wrote 208 bytes for a total of 2487 At this point everything freeze for lots of minutes, ending in Write failed: Broken pipe rsync: connection unexpectedly closed (0 bytes received so far) [sender] rsync error: unexplained error (code 255) at io.c(601) [sender=3.0.7] Any suggestion? Thank You F. Edit 2012/09/13: i am changing title and issue definition, since i made some TINY step ahead and i think i can give more detailed clues.

    Read the article

  • [Ruby on Rails] scribd_fu gsub error

    - by siulamvictor
    I have an application which allow user upload documents to Scribd. I tried to use scribd_fu in Rails. An error occurred when the controller try to save the model. NoMethodError in DocumentsController#processupload private method `gsub' called for nil:NilClass here is the related controller def processupload @document = Document.new(params[:document]) if @document.save session[:scribdid] = @document.ipaper_access_key else xxxxx and this is the related html form <form action="/documents/processupload" enctype="multipart/form-data" method="post"> <input name="authenticity_token" type="hidden" value="FqTCmlGGIvRjiaiaa+YtF50wgI7FfpxfrZsulLCbXcw=" /> <label class="label_h2">Upload a Document</label> <input id="document_document_upload" name="document[document_upload]" size="30" type="file" /></div> <div class="buttons"><button type="submit" class="positive"><img src="/images/icons/tick.png" alt="Save Document"/>Save Document</button> </form> Is there anything wrong?

    Read the article

  • Any way of working with Eclipse WTP that does not mean redeploying the _WHOLE_ application when a J

    - by Thorbjørn Ravn Andersen
    I have migrated a Web Application from MyEclipse to Eclipse WTP, and I am now in the middle of the first major upgrade to the code base and web pages after the migration, and it is frankly driving me mad that saving a JSP page causes a redeployment of the WHOLE application, as it takes time and that my backend connection does not survive the serialization-deserialization of the session object (which is non-trivial to fix). In addition to that the JSP-editor is insanely slow so I frequently have to pause to let the editor catch up to be certain where my edits go in a small JSP using JavaServer Faces. Disabling validation did not help. The Eclipse Dynamic Web Project depends on several library eclipse projects so I cannot just tell e.g. Jetty to use the WebRoot folder, as several dependencies are then missing from the classpath. The question is: Is there a way of working - ANY way of working - with the Eclipse WTP system that does NOT imply redeploying everything every time any file is saved? I can use Tomcat 5.5 or Jetty 6 as servers.

    Read the article

  • Concepts a web application developer should know?

    - by iama
    I think it is imperative for web application developers to know the answers surrounding the following general questions on web development irrespective of the programming language/framework used. What authentication mechanisms HTTP offer & what are their pros and cons? Why should one go for FORMS authentication? How to secure authentication or for that matter any transactions via HTTP? How to maintain state in HTTP? What are the downsides to maintaining state via cookie & what happens when browsers disable them? Security issues like cross site scripting, session hijacking etc. What other questions a web developer should have answers for similar to the ones above that are programming language/web framework agnostic?

    Read the article

  • Authlogic auto login fails on registration with STI User model

    - by Wei Gan
    Authlogin by default is supposed to auto login when the user's persistence token changes. It seems to fail in my Rails app. I set up the following single table inheritance user model hierarchy: class BaseUser < ActiveRecord::Base end class User < BaseUser acts_as_authentic end create_table "base_users", :force => true do |t| t.string "email" t.string "crypted_password" t.string "persistence_token" t.string "first_name" t.string "last_name" t.datetime "created_at" t.datetime "updated_at" t.string "type" end To get auto login to work, I need to explicitly log users in in my UsersController: def create @user = User.new(params[:user]) if @user.save UserSession.create(@user) # EXPLICITLY LOG USER IN BY CREATING SESSION flash[:notice] = "Welcome to Askapade!" redirect_to_target_or_default root_url else render :action => :new end end I was wondering if it's anything to do with STI, or that the table is named "base_users" and not "users". I set it up before without STI and it worked so I'm wondering why once I put in place this hierarchy, it fails. Thanks!

    Read the article

  • Why is the 'if' statement considered evil?

    - by Vadim
    I just came from Simple Design and Testing Conference. In one of the session we were talking about evil keywords in programming languages. Corey Haines, who proposed the subject, was convinced that if statement is absolute evil. His alternative was to create functions with predicates. Can you please explain to me why if is evil. I understand that you can write very ugly code abusing if. But I don't believe that it's that bad.

    Read the article

  • NHibernate: uninitialized proxy passed to save() and cascade

    - by jonnii
    Hi, I keep getting an NHibernate.PersistentObjectException when calling session.Save() which is due to an uninitialized proxy passed to save(). If I fiddle with my cascade settings I can make it go away, but then child objects aren't being saved. The only other fix I have found is by adding the following to my DefaultSaveEventListener. protected override bool ReassociateIfUninitializedProxy(object obj, global::NHibernate.Engine.ISessionImplementor source) { if (!NHibernateUtil.IsInitialized(obj)) NHibernateUtil.Initialize(obj); return base.ReassociateIfUninitializedProxy(obj, source); } This is obviously not an ideal solution. Any ideas?

    Read the article

  • Replay attacks for HTTPS requests

    - by MatthewMartin
    Let's say a security tester uses a proxy, say Fiddler, and records an HTTPS request using the administrator's credentials-- on replay of the entire request (including session and auth cookies) the security tester is able to succesfully (re)record transactions. The claim is that this is a sign of a CSRF vulnerability. What would a malicious user have to do to intercept the HTTPS request and replay it? It this a task for script kiddies, well funded military hacking teams or time-traveling-alien technology? Is it really so easy to record the SSL sessions of users and replay them before the tickets expire? No code in the application currently does anything interesting on HTTP GET, so AFAIK, tricking the admin into clicking a link or loading a image with a malicious URL isn't an issue.

    Read the article

  • login form with java/sqlite

    - by tuxou
    hi I would like to create a login form for my application with the possibility to add or remove users for an sqlite database, i have created the table users(nam, pass) but i can't unclud it in my login form, it someone could help me this is my login code: import java.awt.*; import java.awt.event.*; import javax.swing.*; public class login extends JFrame{ // Variables declaration private JLabel jLabel1; private JLabel jLabel2; private JTextField jTextField1; private JPasswordField jPasswordField1; private JButton jButton1; private JPanel contentPane; // End of variables declaration public login(){ super(); create(); this.setVisible(true); } private void create(){ jLabel1 = new JLabel(); jLabel2 = new JLabel(); jTextField1 = new JTextField(); jPasswordField1 = new JPasswordField(); jButton1 = new JButton(); contentPane = (JPanel)this.getContentPane(); // // jLabel1 // jLabel1.setHorizontalAlignment(SwingConstants.LEFT); jLabel1.setForeground(new Color(0, 0, 255)); jLabel1.setText("username:"); // // jLabel2 // jLabel2.setHorizontalAlignment(SwingConstants.LEFT); jLabel2.setForeground(new Color(0, 0, 255)); jLabel2.setText("password:"); // // jTextField1 // jTextField1.setForeground(new Color(0, 0, 255)); jTextField1.setSelectedTextColor(new Color(0, 0, 255)); jTextField1.setToolTipText("Enter your username"); jTextField1.addActionListener(new ActionListener() { public void actionPerformed(ActionEvent e){ jTextField1_actionPerformed(e); } }); // // jPasswordField1 // jPasswordField1.setForeground(new Color(0, 0, 255)); jPasswordField1.setToolTipText("Enter your password"); jPasswordField1.addActionListener(new ActionListener() { public void actionPerformed(ActionEvent e){ jPasswordField1_actionPerformed(e); } }); // // jButton1 // jButton1.setBackground(new Color(204, 204, 204)); jButton1.setForeground(new Color(0, 0, 255)); jButton1.setText("Login"); jButton1.addActionListener(new ActionListener() { public void actionPerformed(ActionEvent e){ jButton1_actionPerformed(e); } }); // // contentPane // contentPane.setLayout(null); contentPane.setBorder(BorderFactory.createEtchedBorder()); contentPane.setBackground(new Color(204, 204, 204)); addComponent(contentPane, jLabel1, 5,10,106,18); addComponent(contentPane, jLabel2, 5,47,97,18); addComponent(contentPane, jTextField1, 110,10,183,22); addComponent(contentPane, jPasswordField1, 110,45,183,22); addComponent(contentPane, jButton1, 150,75,83,28); // // login // this.setTitle("Login To Members Area"); this.setLocation(new Point(76, 182)); this.setSize(new Dimension(335, 141)); this.setDefaultCloseOperation(WindowConstants.EXIT_ON_CLOSE); this.setResizable(false); } /** Add Component Without a Layout Manager (Absolute Positioning) */ private void addComponent(Container container,Component c,int x,int y,int width,int height){ c.setBounds(x,y,width,height); container.add(c); } private void jTextField1_actionPerformed(ActionEvent e){ } private void jPasswordField1_actionPerformed(ActionEvent e){ } private void jButton1_actionPerformed(ActionEvent e){ System.out.println("\njButton1_actionPerformed(ActionEvent e) called."); String username = new String(jTextField1.getText()); String password = new String(jPasswordField1.getText()); if(username.equals("") || password.equals("")){// If password and username is empty > Do this >>> jButton1.setEnabled(false); JLabel errorFields = new JLabel("<HTML><FONT COLOR = Blue>You must enter a username and password to login.</FONT></HTML>"); JOptionPane.showMessageDialog(null,errorFields); jTextField1.setText(""); jPasswordField1.setText(""); jButton1.setEnabled(true); this.setVisible(true); } else{ JLabel optionLabel = new JLabel("<HTML><FONT COLOR = Blue>You entered</FONT><FONT COLOR = RED> <B>"+username+"</B></FONT> <FONT COLOR = Blue>as your username.<BR> Is this correct?</FONT></HTML>"); int confirm =JOptionPane.showConfirmDialog(null,optionLabel); switch(confirm){ // Switch > Case case JOptionPane.YES_OPTION: // Attempt to Login user jButton1.setEnabled(false); // Set button enable to false to prevent 2 login attempts break; case JOptionPane.NO_OPTION: // No Case.(Go back. Set text to 0) jButton1.setEnabled(false); jTextField1.setText(""); jPasswordField1.setText(""); jButton1.setEnabled(true); break; case JOptionPane.CANCEL_OPTION: // Cancel Case.(Go back. Set text to 0) jButton1.setEnabled(false); jTextField1.setText(""); jPasswordField1.setText(""); jButton1.setEnabled(true); break; } // End Switch > Case } } public static void main(String[] args){ JFrame.setDefaultLookAndFeelDecorated(true); JDialog.setDefaultLookAndFeelDecorated(true); try{ UIManager.setLookAndFeel("com.sun.java.swing.plaf.windows.WindowsLookAndFeel"); }catch (Exception ex){ System.out.println("Failed loading L&F: "); System.out.println(ex); } new login(); }; } my connectDb class : public class Connectdb { private static Connection connect; private static String url ="jdbc:sqlite:data.db"; private static Statement st; private static ResultSet rs; /** * Constructeur privé d'une connection à la bd unique */ private ConnectionBd(){ try { Class.forName("org.sqlite.JDBC"); connect = DriverManager.getConnection(url); } catch (ClassNotFoundException ex) { Logger.getLogger(ex.getName()).log(Level.SEVERE, null, ex); } catch (SQLException e) { System.exit(e.getErrorCode()); } } public static Connection getInstance(){ if(connect == null){ new Connectdb(); }else{ } return connect; } /** * @return */ public static void initTable(String query){ try { Statement state = getInstance().createStatement(ResultSet.TYPE_FORWARD_ONLY, ResultSet.CONCUR_READ_ONLY); ResultSet res = state.executeQuery(query); res.close(); state.close(); } catch (SQLException e) { JOptionPane.showMessageDialog(null, e.getMessage(), "ERROR ! ", JOptionPane.ERROR_MESSAGE); } }

    Read the article

  • "Initializing - Busy - Stopping" LOOP issue in Azure deployement

    - by Kushal Waikar
    Hi folks, I am trying to deploy an azure cloud application on Windows Azure. Application specifications are -- It has one WebRole - ASP.Net MVC Application (ASP.Net charting control is used in this MVC application) It does not contain any worker role. Third party references are set with property "copy Local" to "true"(MVC,ASP Charting control & ASP Provider DLLs) There is no DiagnosticsConnectionString in service configuration file It uses ASP provider for session state management. This application runs successfully on local dev fabric but when I try to deploy it on Windows Azure it gets stuck in a loop with status being changed between Initializing, Busy, Stopping states. It never goes into READY state. It seems that there are no ERROR logs for conveying the deployment issues to user. So is there any way to diagnose deployment issues ? Is there any way to get deployment ERROR logs ? Any kind of help will be appreciated. Thanks, Kushal

    Read the article

  • OpenCMS - Best approach for showing rotating references

    - by user197127
    Hi, I would like to add on the right column of my site a rotating references section. Each reference would have some text + name of person + company name. It does not need to be structured (open text is also ok). I would then want opencms to rotate between 20 difference references each time a page is displayed. I can keep a session scope counter holding which reference we last showed. I need a way to manage the references (users not programmers) over time. My question is which would be the best way to do so? Thanks

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 481 482 483 484 485 486 487 488 489 490 491 492  | Next Page >