Search Results

Search found 15415 results on 617 pages for 'security groups'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 486/617 | < Previous Page | 482 483 484 485 486 487 488 489 490 491 492 493  | Next Page >

  • if isset PHP not working?

    - by Ellie
    Okay, Im trying to set a captcha up, However with this code in, it breaks. if(isset($_POST["captcha"])) if($_SESSION["captcha"]==$_POST["captcha"]) When i do it with out it, the page works, but the captcha is letting incorrect submits through. Parse error: syntax error, unexpected '"', expecting T_STRING or T_VARIABLE or T_NUM_STRING in /hermes/waloraweb085/b2027/moo.lutarinet/jointest.php on line 71 <?php $pagetitle = "Home"; $checkrank = 0; include ($_SERVER['DOCUMENT_ROOT'].'/header.inc.php'); ECHO <<<END <br><br> <b><center><i><u>DO NOT</u> USE YOUR NEOPETS PASSWORD OR PIN NUMBER!!!</b></i></center> <p> ?> <?php session_start() ?> <center><P><FORM ACTION="join.pro.php" enctype="multipart/form-data" METHOD=POST> <table width="393" height="188" border="0" cellpadding="0" cellspacing="0"> <td width="150">Username</td> <td width="243"><input type=text name="name" value="" size=32 maxlength=15></td> </tr> <tr> <td>Password</td> <td><input type=password name="pass1" VALUE="" maxlength=15></td> </tr> <tr> <td>Confirm Password</td> <td><input type=password name="pass2" VALUE="" size=32 maxlength=15></td> </tr> <tr> <td>Security Code (4 Diget Number)</td> <td><input type=password name="security" VALUE="" size=32 maxlength=4></td> </tr> <tr> <td>Email Address</td> <td><INPUT TYPE=text NAME="email" VALUE="" SIZE=32 maxlength=100></td> </tr> <tr> <td height="41" colspan="2" valign="middle"><p><p><center> By registering an account here you agree to all of our <A HREF="$baseurl/tos.php">Terms and Conditions</A>. You can also view our <A HREF="$baseurl/privacy.php">Privacy Policy</A>. </center></p></td> </tr> <tr><td align="center">CAPTCHA:<br> (antispam code, 3 black symbols)<br> <table><tr><td><img src="captcha.php" alt="captcha image"></td><td><input type="text" name="captcha" size="3" maxlength="3"></td></tr></table> </td></tr> <td height="27" colspan="2" valign="middle"> <center><input type=submit name=Submit value="Register"></center> </td> </table> </form> <?php if(isset($_POST["captcha"])) if($_SESSION["captcha"]==$_POST["captcha"]) { //CAPTHCA is valid; proceed the message: save to database, send by e-mail ... echo 'CAPTHCA is valid; proceed the message'; } else { echo 'CAPTHCA is not valid; ignore submission'; } ?> <?php END; include ($_SERVER['DOCUMENT_ROOT'].'/footer.inc.php'); ?> captcha.php <?php session_start(); header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); function _generateRandom($length=6) { $_rand_src = array( array(48,57) //digits , array(97,122) //lowercase chars // , array(65,90) //uppercase chars ); srand ((double) microtime() * 1000000); $random_string = ""; for($i=0;$i<$length;$i++){ $i1=rand(0,sizeof($_rand_src)-1); $random_string .= chr(rand($_rand_src[$i1][0],$_rand_src[$i1][1])); } return $random_string; } $im = @imagecreatefromjpeg("http://sketchedneo.com/images/sitedesigns/captcha.jpg"); $rand = _generateRandom(3); $_SESSION['captcha'] = $rand; ImageString($im, 5, 2, 2, $rand[0]." ".$rand[1]." ".$rand[2]." ", ImageColorAllocate ($im, 0, 0, 0)); $rand = _generateRandom(3); ImageString($im, 5, 2, 2, " ".$rand[0]." ".$rand[1]." ".$rand[2], ImageColorAllocate ($im, 255, 0, 0)); Header ('Content-type: image/jpeg'); imagejpeg($im,NULL,100); ImageDestroy($im); ?> Help please anyone? Line 71: if(isset($_POST["captcha"])) Line 72: if($_SESSION["captcha"]==$_POST["captcha"])

    Read the article

  • Converting SQL to LINQ to XML

    - by Morano88
    I'm writing the following code to convert SQL to LINQ and then to XML: SqlConnection thisConnection = new SqlConnection(@"Data Source=3BDALLAH-PC;Initial Catalog=XMLC;Integrated Security=True;Pooling=False;"); thisConnection.Open(); XElement eventsGive = new XElement("data", from c in ?????? select new XElement("event", new XAttribute("start", c.start), new XAttribute("end",c.eend), new XAttribute("title",c.title), new XAttribute("Color",c.Color), new XAttribute("link",c.link))); Console.WriteLine(eventsGive); The name of the table is "XMLC" and I want to refer to it. How can I do that? When I put its name directly VS gives an error. Also when I say thisConnection.XMLC it doesn't work.

    Read the article

  • protect flash files

    - by user172697
    Hello Ive a website that create avatars for users and provide them with link for avatar to use it in their website or singuters etc , my problems is the website based on flash . the main page has 1 swf file that load other swfs used to create avatars , if someone knows the link for the these swf files he can download them which means he can have all the website lets say: www.test.com as main page which load main swf and other swfs files which located at www.test.com/resources/flash/swffiles/file1.swf anyone can grap these files and have all the website which is a big security breach ive trying so many way protect these files from not download but protecting them means the main swf cant talk to them and cant load the main page correctaly , any suggestion for these .. thanks in advance

    Read the article

  • RewriteCond to change displayed host, but not server

    - by coneybeare
    Typing out the title to this leads me to believe this might not be possible due to security concerns, but I will ask anyway. I have shortcode support running on my server, lets call it xx.yy I want it so when a user sends a request to xx.yy, it just changes the displayed host to another valid domain running on the same box. I have this so far (lets the server know to accept requests from xx.yy): RewriteCond %{HTTP_HOST} ^.*xx.yy [NC] RewriteRule ^/(.*)$ http://127.0.0.1:<PORT_OMITTED>%{REQUEST_URI} [P,QSA,L] RewriteCond %{HTTP_HOST} ^.*mysite.com [NC] RewriteRule ^/(.*)$ http://127.0.0.1:<PORT_OMITTED>%{REQUEST_URI} [P,QSA,L] It works, and it directs the traffic into my app, but the url says http://xx.yy when I would rather it say http://mysite.com I know i could redirect to http://mysite.com instead of 127.0.0.1, but I have 4 parallel boxes of mysite.com and going back out to DNS to maybe go to another box seems like a waste when I am already here. Also, I am not sure how POST requests would work like that. What can I do?

    Read the article

  • SQL Server Agent 2005 job runs but no output

    - by alimack
    Essentially I have a job which runs in BIDS and as as a stand lone package and while it runs under the SQL Server Agent it doesn't complete properly (no error messages though). The job steps are: 1) Delete all rows from table; 2) Use For each loop to fill up table from Excel spreasheets; 3) Clean up table. I've tried this [MS page][1] (steps 1 & 2), didn't see any need to start changing from Server side security. Also SQLServerCentral.com for [this page][2], no resolution. How can I get error logging or a fix? Note I've reposted this from Server Fault as it's one of those questions that's not pure admin or programming. I have logged in as the proxy account I'm running this under, and the job runs stand alone but complains that the Excel tables are empty?

    Read the article

  • Issue in configuring JPA with Spring 3 in Jboss 4.2.2 server.

    - by KVMKReddy
    Hi, I am facing issues in configuring JPA with Spring 3 in JBoss 4.2.2 server. Please find the below file of persistence.xml. <?xml version="1.0" encoding="UTF-8"?> <persistence xmlns="http://java.sun.com/xml/ns/persistence" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/persistence http://java.sun.com/xml/ns/persistence/persistence_1_0.xsd" version="1.0"> <persistence-unit name="TestPU"> <provider>org.hibernate.ejb.HibernatePersistence</provider> <jta-data-source>java:/TestDS</jta-data-source> <properties> <property name="hibernate.dialect" value="org.hibernate.dialect.Oracle10gDialect"/> <property name="hibernate.show_sql" value="true"/> </properties> </persistence-unit> </persistence> My spring-beans.xml is as below <bean id="MyAdvise" class=".......Aspect"> <property name="persister"> <bean id="dbPersister" class="..............DataBasePersister"> </bean> </property> </bean> <bean id="localContainerEntityManagerFactory" class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean"> <property name="jpaVendorAdapter"> <bean class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter"> <property name="showSql" value="true"/> <property name="database" value="ORACLE"/> </bean> </property> <property name="jpaProperties"> <props> <prop key="hibernate.transaction.manager_lookup_class">org.hibernate.transaction.JBossTransactionManagerLookup</prop> </props> </property> </bean> <bean id="myTxManager" class="org.springframework.orm.jpa.JpaTransactionManager"> <property name="entityManagerFactory" ref="localContainerEntityManagerFactory"/> </bean> <tx:annotation-driven transaction-manager="myTxManager" /> My persister bean is as follows. public class DataBasePersister implements IPersister { private static Logger log = Logger.getLogger(DataBasePersister.class); // The Entity Manager @PersistenceContext protected EntityManager entityManager; @Transactional(readOnly = false) public void persist(Object data) { log.info("IN persist() call. Is the data can castable to MethodStats -->:"+(data instanceof MethodStats)); log.info("Entity Manager instance -->:"+(entityManager)); ---------------------- ---------------------- ---------------------- } } I am getting the following exception when the spring container creating my persister bean org.springframework.transaction.CannotCreateTransactionException: Could not open JPA EntityManager for transaction; nested exception is java.lang.IllegalStateException: JTA EntityManager cannot access a transactions at org.springframework.orm.jpa.JpaTransactionManager.doBegin(JpaTransactionManager.java:382) at org.springframework.transaction.support.AbstractPlatformTransactionManager.getTransaction(AbstractPlatformTransactionManager.java:371) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:309) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:166) at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202) at $Proxy147.getTransaction(Unknown Source) at org.springframework.transaction.interceptor.TransactionAspectSupport.createTransactionIfNecessary(TransactionAspectSupport.java:335) at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:105) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202) at $Proxy141.persist(Unknown Source) at com.adp.sbs.aop.aspectj.SBSMethodStatsCollectorAspect.doAround(SBSMethodStatsCollectorAspect.java:63) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:621) at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:610) at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:65) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:161) at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.framework.Cglib2AopProxy$DynamicAdvisedInterceptor.intercept(Cglib2AopProxy.java:621) at com.adp.sbs.aop.test.TestMethodLevelAnnotationStats$$EnhancerByCGLIB$$efbc78a8.MethodWithOneParamsAndReturnTypeAsString(<generated>) at com.adp.sbs.aop.test.SimpleTestServlet.testMethodAnnotations(SimpleTestServlet.java:46) at com.adp.sbs.aop.test.SimpleTestServlet.doPost(SimpleTestServlet.java:40) at com.adp.sbs.aop.test.SimpleTestServlet.doGet(SimpleTestServlet.java:33) at javax.servlet.http.HttpServlet.service(HttpServlet.java:690) at javax.servlet.http.HttpServlet.service(HttpServlet.java:803) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175) at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179) at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446) at java.lang.Thread.run(Thread.java:595) Caused by: java.lang.IllegalStateException: JTA EntityManager cannot access a transactions at org.hibernate.ejb.AbstractEntityManagerImpl.getTransaction(AbstractEntityManagerImpl.java:316) at org.springframework.orm.jpa.DefaultJpaDialect.beginTransaction(DefaultJpaDialect.java:70) at org.springframework.orm.jpa.vendor.HibernateJpaDialect.beginTransaction(HibernateJpaDialect.java:57) at org.springframework.orm.jpa.JpaTransactionManager.doBegin(JpaTransactionManager.java:332) Can you somebody please suggest me how to resolve this.

    Read the article

  • Chrome starts to load image then show broken link icon

    - by Clare A Keith Ward
    Chrome (21.0.1180.79 m) On several random pages it has started to load an image and then suddenly the image disappears and there's only the broken image icon. If I right click the icon and choose to open the image in another window then the image opens, so it seems to me that it isn't a problem with the page? Here's one of the pages that it does it on; http://welshjournals.llgc.org.uk/browse/viewpage/llgc-id:1048090/llgc-id:1048951/llgc-id:1048969/get650 I'm running Kaspersky Internet Security 2012 Any help would be appreciated. Thanks Clare

    Read the article

  • Authenticating to multiple OUs in Active Directory

    - by Jaxidian
    I'm using the Active Directory Membership Provider with the following configuration: <connectionStrings> <add name="MyConnString" connectionString="LDAP://domaincontroller/OU=Product Users,DC=my,DC=domain,DC=com" /> </connectionStrings> <membership defaultProvider="MyProvider"> <providers> <clear /> <add name="MyProvider" connectionStringName="MyConnString" connectionUsername="my.domain.com\service_account" connectionPassword="biguglypassword" type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> </providers> </membership> This works perfectly except it requires ALL of my users to be in the "Product Users" OU when I would actually like to have all of my users organized into various child OUs under our "Product Users" OU. Is this possible? (Note that this is a partial repost of this question but the question I'm asking here was never answered there.)

    Read the article

  • ASP.NET MVC How to call a secured page from a windows app?

    - by Malcolm
    Hi, I have a MVC app that has forms authentication enabled. The app allows printing of invoices. I have an external app that converts html to pdf. How can I call the secured page from this pdf converter app so that some security remains? The PDF converter app just requires a URL. One thought was to create a HttpHandler for an extenion of say .print and pass a public key in the URL qureystring that can be validated by the MVC app. Any ideas on this? Malcolm

    Read the article

  • How to access File over the Network

    - by Polo
    Hi! I am having a hard time on this one, I have a folder over the network with public access (no credential restriction). I am trying to do a File.Exist or Directory.Exist and I keep on having a exception. Can someone tell me the good way to do IO over the network. EDIT 1 FOR DETAILS: if i do execture = \agoodip\Public\test.txt I get the file etc etc In my code it look like a basic Directory.Exist(@"\\agoodip\Public") or File.exist(@"\\agoodip\Public\test.txt") The exception I get is Path not found. EDIT 2 : I am using Silverlight 3, Is there any security pattern to be aware of to lookup file on the network? Thanks!

    Read the article

  • At what point should I change the way Struts acquires the session token?

    - by Hanno Fietz
    It seems I have to find a different way to transmit the session token from a Flex client to a Struts backend without using cookies. If I were to put the session token in the payload of a request, at what point would I have to customize Struts' behaviour so that I can reuse as much of the existing session handling as possible? In particular, I don't want to reimplement whatever security measures (such as tying a token to an IP) and configuration parameters (such as session expiration interval). There's a CreateSession interceptor, rather early in the default stack, should I swap that with a subclassed version?

    Read the article

  • App logicstics & changes due to scope creep

    - by Kevin Brown
    I started an app that was initially a testing platform--user management, and managers that can view their employees tests. Recently, functionality has been extended (not built yet) to allow users to complete a test in place of an employee--basically adding a record, but no user. I have three tables in use for this: users(contains user info for login/security), profiles (all personal info: address, height, etc.), and survey (contains survey answers for user). How do I extend my application to encompass this functionality with minimal change to the structure? I assume that the best way to do this would be to insert records to the tables profiles and survey, and have no username/password/email? There MUST be a user_id associated b/c the tables are linked through the user_ids...

    Read the article

  • Help: My SSL Certificate expired but I can't renew it until Monday, is there any way I can disable SSL through IIS?

    - by Ryan
    Or perhaps force redirect to HTTP when they request HTTPS? I tried removing the SSL port settings under 'Advanced' but it broke the login page. I don't want to do a deploy/recompile right now but I am able to edit the VIEWS. However I am thinking there may be a way for IIS to do this, but then again I think the .NET code tries to force SSL. And yes, the key is that more support tickets will be caused by the browser giving a security error than if SSL was removed entirely for one day. Becaues they wouldn't very very likely not notice it being gone.

    Read the article

  • How to run a jar file in hadoop

    - by Arihant
    I have created a jar file using the java file from this blog using following statements javac -classpath /usr/local/hadoop/hadoop-core-1.0.3.jar -d /home/hduser/dir Dictionary.java /usr/lib/jvm/jdk1.7.0_07/bin/jar cf Dictionary.jar /home/hduser/dir Now i have tried running this jar in hadoop by hit and trial of various commands 1hduser@ubuntu:~$ /usr/local/hadoop/bin/hadoop jar Dictionary.jar Output: Warning: $HADOOP_HOME is deprecated. RunJar jarFile [mainClass] args... 2.hduser@ubuntu:~$ /usr/local/hadoop/bin/hadoop jar Dictionary.jar Dictionary Output: Warning: $HADOOP_HOME is deprecated. Exception in thread "main" java.lang.ClassNotFoundException: Dictionary at java.net.URLClassLoader$1.run(URLClassLoader.java:366) at java.net.URLClassLoader$1.run(URLClassLoader.java:355) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:354) at java.lang.ClassLoader.loadClass(ClassLoader.java:423) at java.lang.ClassLoader.loadClass(ClassLoader.java:356) at java.lang.Class.forName0(Native Method) at java.lang.Class.forName(Class.java:264) at org.apache.hadoop.util.RunJar.main(RunJar.java:149) How can i run the jar in hadoop? I have the right DFS Locations as per needed by my program.

    Read the article

  • How can I receive messages over http without MSMQ

    - by pduncan
    I need a reliable messaging framework that runs over http/https (due to client security requirements) and that doesn't use MSMQ (because some clients will use Windows XP Home). The clients only need to be able to receive messages, not send them. We already have a message queue on the server for each user, and the receivers have been getting messages by connecting to an HttpHandler on the server and getting a Stream from WebResponse.GetResponseStream() We keep this stream open, and pull messages off of it using Stream.Read(). This MOSTLY works, but Stream.Read() is a blocking call, and we can't reliably interrupt it. We need to be able to stop and start the receiver without losing messages, but the old stream often hangs around, even after we call Thread.Abort on its thread. Any suggestions?

    Read the article

  • What keying option does the keychain use?

    - by Rudiger
    I have read into the keychain and have found that it uses Triple DES. What I can't find is what keying option it uses. I am guessing / hoping that its keying option 1 where all 3 passwords are unique but if thats the case I can only think of two passwords it can use (user password and App ID that comes from your dev cert) so where is the third coming from? Is it a key private to Apple? If its keying option 2 (first and third key are the same) it might not be secure enough for our company to rely on. Although that might sound paranoid I have to justify to our security department that it is secure enough.

    Read the article

  • how to initialize spring bean from database

    - by wavelet
    hi,i use spring security and my config is in database: <sec:http auto-config="true" entry-point-ref="casProcessingFilterEntryPoint"> <sec:remember-me /> <sec:session-management> <sec:concurrency-control max-sessions="1" error-if-maximum-exceeded="true" /> </sec:session-management> <sec:logout logout-success-url="${host.url}/logout/" /> <sec:custom-filter ref="casAuthenticationFilter" after="CAS_FILTER" /> <sec:custom-filter ref="filterInvocationInterceptor" before="FILTER_SECURITY_INTERCEPTOR" /> </sec:http> like ${host.url} is in database how can i initialize ?

    Read the article

  • Does CAS Support Application Level Impersonation?

    - by Rob Wilkerson
    I have a PHP application that is successfully authenticating against a CAS server. One of the features supported by the application is impersonation; a user with the appropriate privileges can impersonate another of the application. Generally, this isn't a problem because the app itself can keep track of who the user is impersonating and manage privileges (which are based on username). A new requirement has come up, though, that requires the original app to include, via an iframe, content from a second PHP app that is also CAS-enabled. Somehow, I need for the second app to know whether impersonation is happening in the first. I don't want to pass usernames around for security reasons, so I'm wondering whether I can offload the responsibility for handling impersonation to the CAS server which is shared by both apps. Thanks.

    Read the article

  • Multitenant shared user account?

    - by jpartogi
    Dear all, Based on your experience, which is the route to go for a multi-tenant user login? One user login per account. Which means if there is one user that has access to multiple account, there will be redundancy of record in the database One user login for all account that she has privileges to. Which means one user record has access to multiple account if she has privileges to that account. From your experience, which one is better and why? I was thinking to choose the latter, but I don't know whether it will cause security issue or less flexibility. Thank you for sharing your experience.

    Read the article

  • Are there built-in issue tracking and task management in IDEs that integrate into SourceForge, Googl

    - by Kai Sellgren
    Hi, This question may not be exactly programming related, but this is about development. I have been trying to find IDEs that support JIRA/Bugzilla so that I could simply integrate the IDE with SourceForge. I do not like to refresh my browser to see issues, bug reports, security problems, etc. I would like to send issues, resolve issues, right from the IDE. I am currently developing with NetBeans, but I see no ways of integrating into any of the services provided by SourceForge. Am I missing something?

    Read the article

  • Templating Engine Pros and Cons with Zend Framework

    - by manyxcxi
    I am getting familiar with Zend Framework (and MVC with PHP in general) for a personal project. I have previous experience with Smarty and have no major gripes with it, but I would like to use this project as a good in-depth learning exercise. Those of you familiar with different templating engines and ZF: Do you believe there are better templating engines than Smarty in conjunction with ZF and why? I would like to apply what I learn to the real world and production environments. The personal project will be fairly robust. User management, sessions, security, database interaction, form input, jQuery, etc.

    Read the article

  • Issues with taglibs while using jasmine-maven-plugin to test dojo widgets with templates

    - by user2880454
    I am using jasmine-maven-plugin to run javascript unit tests for my dojo widgets. One of my dojo widgets refers to a html template jsp file with taglibs. When I initialize my dojo widgets, I get the following error: Error: Invalid template: <%@ taglib uri="http://www.springframework.org/security/tags" prefix="sec"% The plugin uses jetty to deploy the scripts to test. I tried including jstl jar into the WEB-INF folder but it doesn't work. I am assuming it's just not DOJO and this taglib issue can occur even with simple js file. I am looking for some clue on why taglibs are not recognized here. If I remove the taglib entries, my tests just work fine.

    Read the article

  • how to view internal jaxws logs in tomcat

    - by prmatta
    I have a web service that is deployed in tomcat, and it is rejecting a soap request over https. However, I can't see any logs as to why it is doing so. I have the following set in my service endpoint implementation file: System.setProperty("javax.net.debug", "all"); System.setProperty("java.security.debug", "all"); And I pass the following parameters to tomcat: -Dcom.sun.xml.ws.transport.http.HttpAdapter.dump=true -Dcom.sun.xml.ws.transport.http.client.HttpTransportPipe.dump=true Is there anything else I need to do to see the internal jaxws logs? Are there some other loggers I need to enable?

    Read the article

  • NoClassDefFoundError points to the wrong class.

    - by Sora
    I'm validating the installation of a program that consists of a few separate modules. They are not co-dependent. I have apple.jar and orange.jar, they are placed in the same folder and were developed in the same project, but run independent of each other. Running apple.jar goes fine, but orange.jar gives me a NoClassDefFoundError pointing to apple.jar. /usr/java/jre1.6.0_14/bin/java -jar validator.jar Exception in thread "main" java.lang.NoClassDefFoundError: orange/client/Apple Caused by: java.lang.ClassNotFoundException: orange.client.Apple at java.net.URLClassLoader$1.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at sun.misc.Launcher$AppClassLoader.loadClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at java.lang.ClassLoader.loadClassInternal(Unknown Source) Could not find the main class: validator/client/StormDataXMLGenerator. Program will exit. The manifest file lists Orange as the correct main class. Main-Class: orange/client/Orange Anybody know why it's giving me the NoClassDefFoundError? Thanks in advance!

    Read the article

  • LdapErr: DSID-0C0903AA, data 52e: authenticating against AD '08 with pam_ldap

    - by Stefan M
    I have full admin access to the AD '08 server I'm trying to authenticate towards. The error code means invalid credentials, but I wish this was as simple as me typing in the wrong password. First of all, I have a working Apache mod_ldap configuration against the same domain. AuthType basic AuthName "MYDOMAIN" AuthBasicProvider ldap AuthLDAPUrl "ldap://10.220.100.10/OU=Companies,MYCOMPANY,DC=southit,DC=inet?sAMAccountName?sub?(objectClass=user)" AuthLDAPBindDN svc_webaccess_auth AuthLDAPBindPassword mySvcWebAccessPassword Require ldap-group CN=Service_WebAccess,OU=Groups,OU=MYCOMPANY,DC=southit,DC=inet I'm showing this because it works without the use of any Kerberos, as so many other guides out there recommend for system authentication to AD. Now I want to translate this into pam_ldap.conf for use with OpenSSH. The /etc/pam.d/common-auth part is simple. auth sufficient pam_ldap.so debug This line is processed before any other. I believe the real issue is configuring pam_ldap.conf. host 10.220.100.10 base OU=Companies,MYCOMPANY,DC=southit,DC=inet ldap_version 3 binddn svc_webaccess_auth bindpw mySvcWebAccessPassword scope sub timelimit 30 pam_filter objectclass=User nss_map_attribute uid sAMAccountName pam_login_attribute sAMAccountName pam_password ad Now I've been monitoring ldap traffic on the AD host using wireshark. I've captured a successful session from Apache's mod_ldap and compared it to a failed session from pam_ldap. The first bindrequest is a success using the svc_webaccess_auth account, the searchrequest is a success and returns a result of 1. The last bindrequest using my user is a failure and returns the above error code. Everything looks identical except for this one line in the filter for the searchrequest, here showing mod_ldap. Filter: (&(objectClass=user)(sAMAccountName=ivasta)) The second one is pam_ldap. Filter: (&(&(objectclass=User)(objectclass=User))(sAMAccountName=ivasta)) My user is named ivasta. However, the searchrequest does not return failure, it does return 1 result. I've also tried this with ldapsearch on the cli. It's the bindrequest that follows the searchrequest that fails with the above error code 52e. Here is the failure message of the final bindrequest. resultcode: invalidcredentials (49) 80090308: LdapErr: DSID-0C0903AA, comment: AcceptSecurityContext error, data 52e, v1772 This should mean invalid password but I've tried with other users and with very simple passwords. Does anyone recognize this from their own struggles with pam_ldap and AD? Edit: Worth noting is that I've also tried pam_password crypt, and pam_filter sAMAccountName=User because this worked when using ldapsearch. ldapsearch -LLL -h 10.220.100.10 -x -b "ou=Users,ou=mycompany,dc=southit,dc=inet" -v -s sub -D svc_webaccess_auth -W '(sAMAccountName=ivasta)' This works using the svc_webaccess_auth account password. This account has scan access to that OU for use with apache's mod_ldap.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 482 483 484 485 486 487 488 489 490 491 492 493  | Next Page >