Search Results

Search found 30819 results on 1233 pages for 'software security'.

Page 495/1233 | < Previous Page | 491 492 493 494 495 496 497 498 499 500 501 502 | Next Page >

How secure are GUIDs in terms of predictability?

- by ssg

We're using .NET's Guid.NewGuid() to generate activation codes and API keys currently. I wonder if that poses a security problem since their algorithm is open. .NET Guid uses Win32 CoCreateGuid and I don't know it's internals (possibly MAC address + timestamp?). Can someone derive a second GUID out of the first one, or can he hit it with some smart guesses or is the randomness good enough so search space becomes too big? Generating random keys have the problem of collision, they need a double check before adding to a database. That's why we stuck with GUIDs but I'm unsure about their security for these purposes. Here are the 4 consecutive UUIDGEN outputs: c44dc549-5d92-4330-b451-b29a87848993 d56d4c8d-bfba-4b95-8332-e86d7f204c1c 63cdf958-9d5a-4b63-ae65-74e4237888ea 6fd09369-0fbd-456d-9c06-27fef4c8eca5 Here are 4 of them by Guid.NewGuid(): 0652b193-64c6-4c5e-ad06-9990e1ee3791 374b6313-34a0-4c28-b336-bb2ecd879d0f 3c5a345f-3865-4420-a62c-1cdfd2defed9 5b09d7dc-8546-4ccf-9c85-de0bf4f43bf0

Read the article
Implode error for PHP

- by Pete Herbert Penito

Hi Everyone! I have a form where I've got three checkboxes like this: <td>Wireless <input type="checkbox" name="services[]" value="wireless" /></td> </tr> <tr> <td>Cellular <input type="checkbox" name="services[]" value="cellular" /></td> </tr> <tr> <td>Security <input type="checkbox" name="services[]" value="Security" /></td> <input type="submit" name="submit"> and then I extract($_POST), and have this code $comServices = implode(",", $services); but I get an error: Warning: implode() [function.implode]: Invalid arguments passed in .. does anyone know why Im getting this error?

Read the article
Image not loading onto JPanel?

- by None None

I have been trying to figure out how to add an image to a JPanel as a background, but still have complete control over the placing of JButtons, JLabels, and etc. This is one method I found, but it is crashing and not loading the image or buttons. Here is the code: import javax.swing.JFrame; import javax.swing.JPanel; import javax.swing.JButton; import java.awt.BorderLayout; import java.awt.FlowLayout; import java.awt.GridLayout; public class PanelDemo extends JFrame { private static final long serialVersionUID = 1L; private JButton btn1 = new JButton("EASY"); private JButton btn2 = new JButton("MEDIUM"); private JButton btn3 = new JButton("HARD"); private JButton btn4 = new JButton("High Score"); public PanelDemo() { super("Image Panel Demo"); JPanel panel = new ImagePanel( new FlowLayout(FlowLayout.CENTER, 50, 180)); JPanel panelbtn = new JPanel(new GridLayout(4, 1)); btn1.setBackground(new java.awt.Color(0, 0, 0)); btn1.setFont(new java.awt.Font("Showcard Gothic", 1, 24)); btn1.setForeground(new java.awt.Color(0, 255, 102)); btn2.setBackground(new java.awt.Color(0, 0, 0)); btn2.setFont(new java.awt.Font("Showcard Gothic", 1, 24)); btn2.setForeground(new java.awt.Color(0, 255, 102)); btn3.setBackground(new java.awt.Color(0, 0, 0)); btn3.setFont(new java.awt.Font("Showcard Gothic", 1, 24)); btn3.setForeground(new java.awt.Color(0, 255, 102)); btn4.setBackground(new java.awt.Color(0, 0, 0)); btn4.setFont(new java.awt.Font("Showcard Gothic", 1, 24)); btn4.setForeground(new java.awt.Color(0, 255, 102)); panel.add(panelbtn); panelbtn.add(btn1); panelbtn.add(btn2); panelbtn.add(btn3); panelbtn.add(btn4); add(panel, BorderLayout.CENTER); setSize(640, 480); setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE); } public static void main(String... args) { new PanelDemo().setVisible(true); } } ImagePanel.java import java.awt.Graphics; import java.awt.Image; import java.awt.LayoutManager; import javax.swing.ImageIcon; import javax.swing.JPanel; public class ImagePanel extends JPanel { private static final long serialVersionUID = 1L; String imageFile = "/rsc/img/background.jpg"; public ImagePanel() { super(); } public ImagePanel(String image) { super(); this.imageFile = image; } public ImagePanel(LayoutManager layout) { super(layout); } public void paintComponent(Graphics g) { ImageIcon imageicon = new ImageIcon(getClass().getResource(imageFile)); Image image = imageicon.getImage(); super.paintComponent(g); if (image != null) g.drawImage(image, 0, 0, getWidth(), getHeight(), this); } } Error: Exception in thread "AWT-EventQueue-0" java.lang.NullPointerException at javax.swing.ImageIcon.<init>(Unknown Source) at ImagePanel.paintComponent(ImagePanel.java:27) at javax.swing.JComponent.paint(Unknown Source) at javax.swing.JComponent.paintChildren(Unknown Source) at javax.swing.JComponent.paint(Unknown Source) at javax.swing.JComponent.paintChildren(Unknown Source) at javax.swing.JComponent.paint(Unknown Source) at javax.swing.JLayeredPane.paint(Unknown Source) at javax.swing.JComponent.paintChildren(Unknown Source) at javax.swing.JComponent.paintToOffscreen(Unknown Source) at javax.swing.RepaintManager$PaintManager.paintDoubleBuffered(Unknown Source) at javax.swing.RepaintManager$PaintManager.paint(Unknown Source) at javax.swing.RepaintManager.paint(Unknown Source) at javax.swing.JComponent.paint(Unknown Source) at java.awt.GraphicsCallback$PaintCallback.run(Unknown Source) at sun.awt.SunGraphicsCallback.runOneComponent(Unknown Source) at sun.awt.SunGraphicsCallback.runComponents(Unknown Source) at java.awt.Container.paint(Unknown Source) at java.awt.Window.paint(Unknown Source) at javax.swing.RepaintManager$3.run(Unknown Source) at javax.swing.RepaintManager$3.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source) at javax.swing.RepaintManager.paintDirtyRegions(Unknown Source) at javax.swing.RepaintManager.paintDirtyRegions(Unknown Source) at javax.swing.RepaintManager.prePaintDirtyRegions(Unknown Source) at javax.swing.RepaintManager.access$1000(Unknown Source) at javax.swing.RepaintManager$ProcessingRunnable.run(Unknown Source) at java.awt.event.InvocationEvent.dispatch(Unknown Source) at java.awt.EventQueue.dispatchEventImpl(Unknown Source) at java.awt.EventQueue.access$200(Unknown Source) at java.awt.EventQueue$3.run(Unknown Source) at java.awt.EventQueue$3.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source) at java.awt.EventQueue.dispatchEvent(Unknown Source) at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source) at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source) at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source) at java.awt.EventDispatchThread.pumpEvents(Unknown Source) at java.awt.EventDispatchThread.pumpEvents(Unknown Source) at java.awt.EventDispatchThread.run(Unknown Source) Also, if anyone knows of a better way to put a background image on a JPanel, pease do tell. Thank you in advance.

Read the article
Not getting redirection to custom error page using custom errors - ASP.Net

- by weevie

Here's my Application_OnError event sink in global.asax.vb: Sub Application_OnError(ByVal sender As Object, ByVal e As EventArgs) Dim innerMostException As Exception = getInnerMostException(Me.Context.Error) If TypeOf innerMostException Is AccessDeniedException Then Security.LogAccessDeniedOccurrence(DirectCast(innerMostException, AccessDeniedException)) Dim fourOhThree As Integer = DirectCast(HttpStatusCode.Forbidden, Integer) Throw New HttpException(fourOhThree, innerMostException.Message, innerMostException) End If End Sub You'll see that if we've got an innermost Exception of type AccessDeniedException we throw a new HTTPExcpetion with a status code of 403 AKA 'forbidden' Here's the relevant web.config entry: <customErrors defaultRedirect="~/Application/ServerError.aspx" mode="On"> <error statusCode="403" redirect="~/Secure/AccessDenied.aspx" /> </customErrors> So what we're expecting is a redirect to the AccessDenied.aspx page. What we get is a redirect to the ServerError.aspx page. We've also tried this: Sub Application_OnError(ByVal sender As Object, ByVal e As EventArgs) Dim innerMostException As Exception = getInnerMostException(Me.Context.Error) If TypeOf innerMostException Is AccessDeniedException Then Security.LogAccessDeniedOccurrence(DirectCast(innerMostException, AccessDeniedException)) Context.Response.StatusCode = DirectCast(HttpStatusCode.Forbidden, Integer) End If End Sub Which unsuprisingly doesn't work either. Any ideas what we're doing wrong?

Read the article
Sql CLR calling webservice throws exception

- by TonyP

I have clr stored procedure that calls a Webservice method. Webmethod in turn call a com object .. and do some processing on a remote Unix server. When I invoke webmethod by it self it works fine. But when called from the CLR I get the following exception.. What am I doing wrong ? Msg 6522, Level 16, State 1, Procedure PrintOa, Line 0 A .NET Framework error occurred during execution of user-defined routine or aggregate "PrintOa": System.Security.HostProtectionException: Attempted to perform an operation that was forbidden by the CLR host. The protected resources (only available with full trust) were: All The demanded resources were: Synchronization System.Security.HostProtectionException: at System.Reflection.MethodBase.PerformSecurityCheck(Object obj, RuntimeMethodHandle method, IntPtr parent, UInt32 invocationFlags) at System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) at System.Diagnostics.TraceUtils.GetRuntimeObject(String className, Type baseType, String initializeData) at System.Diagnostics.TypedElement.BaseGetRuntimeObject() at System.Diagnostics.ListenerElement.GetRuntimeObject() at System.Diagnostics.ListenerElementsCollection.GetRuntimeObject() at System.Diagnostics.TraceInternal.get_Listeners() at System.Diagnostics.TraceInternal.WriteLine(Object value) at System.Diagnostics.Debug.WriteLine(Object value) at BaaNOA.PrintOA(String trid)

Read the article
Call REST service while impersonating a user that is already authorized to the glasfish server

- by user1894489

There are two web-applications deployed on a glassfish server. Both web applications provide a REST web service. the access to both web-services is secured via glassfish security constraints (at the moment BASIC Auth and file-realm). Let's say a user is accessing the service of web application A. After he is authorized, service A wants to call service B via REST client. Is there a way for a service to impersonate a user that is already authorized to the glasfish server? Maybe something like forwarding the security context or editing the headers? Is there another Filter? @Context private SecurityContext securityContext; username = securityContext.getUserPrincipal().getName(); password = ??? client.addFilter(new com.sun.jersey.api.client.filter.HTTPBasicAuthFilter(username, password)); Thanks!

Read the article
Is it possible to prevent a locally-running SWF (AS3) from downloading from my website?

- by Matt

I've got a crossdomain.xml file which allows SWFs running on only a certain few domains to download resources from my domain. However, one simple way around this is for a user to download the SWF to their local machine, and run it there (i.e. by double-clicking on it within Windows Explorer, not by running through http://localhost). It seems that when this happens, the crossdomain.xml file is ignored. I understand that in my actionscript, I can do this: if (Security.sandboxType.indexOf(Security.REMOTE) == -1) // running locally - don't allow However it is incredibly easy for someone to decompile the SWF and simply remove this line. Is it possible to do something on the server side to stop a locally running SWF to download from my site? I tried checking the referrer but this field often isn't populated. Does anyone have any other ideas? Thanks, Matt

Read the article
Translate from Java to C#: simple code to re-encode a string

- by Dr. Zim

We were sent this formula to encrypt a string written in Java: String myInput = "test1234"; MessageDigest md = MessageDigest.getInstance("SHA"); byte[] myD = md.digest(myInput.getBytes()); BASE64Encoder en64 = new BASE64Encoder(); String myOutput = new String ( Java.net.URLEncoder.encode( en64.encode(myD))); // myOutput becomes "F009U%2Bx99bVTGwS3cQdHf%2BJcpCo%3D" Our attempt at writing this in C# is: System.Security.Cryptography.SHA1 sha1 = new System.Security.Cryptography.SHA1CryptoServiceProvider(); string myOutput = HttpUtility.UrlEncode( Convert.ToBase64String( sha1.ComputeHash( ASCIIEncoding.Default.GetBytes(myInput)))); However the output is no where near the same. It doesn't even have percent signs in it. Any chance anyone would know where we are going wrong?

Read the article
EPL (Eclipse Public Licence) for commercial usage

- by code-gijoe

Hi, I'm developing an application which requires a third party framework which is under an Eclipse Public Licence (EPL). The application is a server-side commercial application which will be running on my servers. The EPL software is distributed as binaries (jar files). I'm only using the packages and am not making any contribution, i.e. not making any changes to the source. Under EPL I believe I'm not a "Contributor" nor am I making a "Contribution". But if I want to make my software available to be installed at some offsite server I'm having trouble with REQUIREMENTS of EPL: b.iv - "states that source code for the Program is available from such Contributor, and informs licensees how to obtain it in a reasonable manner on or through a medium customarily used for software exchange". Does this mean that if I where to modify the source code of the 3rd party framework for my own purposes I would need to distribute all of my source code? EPL is supposed to be commercially friendly but it doesn't seem that way to me. Thank you.

Read the article
Strategy for developing a multi function asp.net web application

- by user247023

I'm about to start a new project and want some advice on how to implement. I need a web application which contains a booking module for reserving timeslots, and a time management module which will enable employees to clock in / clock out. If I am writing an update to the time managment module, I don't want to disrupt the booking engine availability by releasing a new solution containing both modules. to make things more difficult, there is some shared functionality like common users, roles and security. Here's a suggestion I've gotten, which sounds a bit cruddy, but may be functional. Write a 'container' web application which consists of basically a frame, and authentication / security features. This then has links which, will load the 2 independantly built and released web applications into the frame. I can see that say, if I wanted to update the time management module, I would only need to build and release this separately, and the rest of the solution would be 'untouched' Any better alternatives?

Read the article
Google App Engine with Java. Can't start:(

- by anatolix

Hello all! I have a problem with GAE. Even simpliest 'helloworld' app doesn't work in Eclipse. Such error appears: java.lang.IllegalStateException: SecurityManagerInstaller must be loaded in the system ClassLoader; was sun.misc.Launcher$ExtClassLoader@35ce36 at com.google.apphosting.utils.security.SecurityManagerInstaller.generatePolicyFile(SecurityManagerInstaller.java:103) at com.google.apphosting.utils.security.SecurityManagerInstaller.install(SecurityManagerInstaller.java:66) at com.google.appengine.tools.development.DevAppServerFactory.createDevAppServer(DevAppServerFactory.java:72) at com.google.appengine.tools.development.DevAppServerFactory.createDevAppServer(DevAppServerFactory.java:38) at com.google.appengine.tools.development.DevAppServerMain$StartAction.apply(DevAppServerMain.java:153) at com.google.appengine.tools.util.Parser$ParseResult.applyArgs(Parser.java:48) at com.google.appengine.tools.development.DevAppServerMain.<init>(DevAppServerMain.java:113) at com.google.appengine.tools.development.DevAppServerMain.main(DevAppServerMain.java:89) What does it mean, any idea, please?:)

Read the article
Embed external images for use in HTML canvas?

- by Philipp Lenssen

I'm using JavaScript to load an image into my Canvas element in Firefox. This works fine for local images, but throws a security exception for external images. Is there any way to avoid this security exception, one that does not involve my server having to act as proxy to load the image locally (because that would stress my server)? PS: The current code is similar to this: var img = new Image(); var contextSource = canvasSource.getContext('2d'); contextSource.drawImage(img, 0, 0); // get image data to do stuff with pixels var imageDataSource = contextSource.getImageData(0, 0, width - 1, height - 1);

Read the article
What technology should I use to write my game?

- by Alon

I have a great idea for a 3D network game, and I've concluded that it is possible to write it in Java as an applet which will live under the web browser, just like a full software in C++. And it will look and feel the same. The main advantage of Java on C++ is that with Java you can play without downloading any software. I have already thought about the download of the graphics, sound, etc but I found a solution for it. RuneScape just proves that it is possible. So my first question is, should my game live on a web browser or on the operating system? I think that in a web browser it is much more portable, although you need install Java and stuff. But the fact is, that most MMO games are currently not in the web. If you suggest in a software so please suggest a language either - C++ or something more productive like Python or C#? So after choosing a language, I need a graphics solution. Should I write directly with OpenGL/DirectX or use a game engine? What game engine should I use? Ogre? jMonkeyEngine? What's your opinion? Thank you! P.S: Please don't use answers like "Use what you know".

Read the article
Useful design patterns when dealing with spring 3 controllers

- by Mat Banik

Recently I was overlooking my controllers and they are bit of mess. I'd like to organize they way I set returning views Do more elegant mesageSource massaging back to the users and account for i18n Security checking, what user can access an what they can't Consistent way of calling the service layer And somehow bring consistency to the debugging lines. Do better job with error handling and serving it to the user. I'm already on mission to do security logging with AOP :) I'm just looking for patterns I could implement to help me to do all of the above. Or just some general advice in case no patterns apply, or advice on something I didn't mention but is common practice.

Read the article
A feeling that I'm not that good developer

- by Karim

Hi, Im having a strange feeling, but let me first introduce myself as a software developer. I started to program when I was still a kid, I had about 10 or 11 years. I really enjoy my work and never get bored from it. It's amazing how somebody could be paid for what he really likes to do and would be doing it anyway even for free. WHen I first started to program, I was feeling proud of what I was doing, each application I built was for me a success and after 2-3 year I had a feeling that I'm a coding guru. It was a nice feeling ;-) But the more I was in the field, the more types of software I started to develop I was starting to have a feeling that I'm completely wrong in that I'm guru. I felt that I'm not even a mediocre developer. Each new field I start to work on is giving me this feeling. Like when I once developed a device driver for a client, I saw how much I need to learn about device drivers. When I developed a video filter for an application, I saw how much do I still need to learn about DirectShow, Color Spaces, and all the theory behind that. The worst thing was when I started to learn algorithms. It was several years ago. I knew then the basic structures and algorithms like the sorting, some types of trees, some hashtables, strings etc.. and when I really wanted to learn a group of structures I learned about 5-6 new types and saw that in fact even this small group has several hundred subtypes of structures. It's depressing how little time people have in their lives to learn all this stuff. I'm now a software developer with about 10 years of experience and I still feel that I'm not a proficient developer when I think about things that others do in the industry. Is this normal what I'm experiencing or is it a sign of a destructive excessive ambition? Thanks in advance for any comments.

Read the article
SharePoint form-based authentication with custom database

- by Clodin

Hi, I have SharePoint site and I want to use form-based authentication, not Windows how it is by default. For this I read that I have to modify the web.config from Central Administration and web.config from my site with the membership and roleManager tags configured properly. But if I use this: <membership> <providers> <add name="MyProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" .../> </providers> </membership> System.Web.Security.SqlMembershipProvider requires a database generated with ASP.NET SQL Server Setup Wizard (aspnet_regsql.exe), and this is my problem! I want to use another database with cunstom table 'Users' from where to take the username and password for authentication. How can I do this? Thank you in advance

Read the article
how to store passwords in database?

- by rgksugan

I use jsp and servlets in my web application. i need to store passwords in the database. I found that hashing will be the best way to do that. I used this code to do it. java.security.MessageDigest d = null; d = java.security.MessageDigest.getInstance("SHA-1"); d.reset(); d.update(pass.getBytes("UTF-8")); byte b[] = d.digest(); String tmp = (new BASE64Encoder()).encode(b); When i tried to print the value of tmp, i get some other value.i guess its the hash value of the password. But when i persist this data to the database the original password gets saved there other than the value in tmp.. What is the problem???

Read the article
Negative number representation across multiple architechture

- by Donotalo

I'm working with OKI 431 micro controller. It can communicate with PC with appropriate software installed. An EEPROM is connected in the I2C bus of the micro which works as permanent memory. The PC software can read from and write to this EEPROM. Consider two numbers, B and C, each is two byte integer. B is known to both the PC software and the micro and is a constant. C will be a number so close to B such that B-C will fit in a signed 8 bit integer. After some testing, appropriate value for C will be determined by PC and will be stored into the EEPROM of the micro for later use. Now the micro can store C in two ways: The micro can store whole two byte representing C The micro can store B-C as one byte signed integer, and can later derive C from B and B-C I think that two's complement representation of negative number is now universally accepted by hardware manufacturers. Still I personally don't like negative numbers to be stored in a storage medium which will be accessed by two different architectures because negative number can be represented in different ways. For you information, 431 also uses two's complement. Should I get rid of the headache that negative number can be represented in different ways and accept the one byte solution as my other team member suggested? Or should I stick to the decision of the two byte solution because I don't need to deal with negative numbers? Which one would you prefer and why?

Read the article
Creating compound applications in Windows 7

- by Mmarquee

I need to port a suite of Windows applications (running under XP with little security turned on) to Windows 7 with various levels of security, depending on how our clients may configure it. Each functional area is a seperate executable or DLL that is downloaded and registered by a central 'compound' application. This means that the different parts are all joined together to form in effect a large single application. My problem is that the compound application knows about the other applications via COM registery, either as a typelibrary or as OCXs, where appropriate. I have tried several questions here to try and solve the problems I am getting, but I don't seem to be able to get around the problem of needing elevated access to register applications and access the registry. Our clients will be expecting the same (relatively) seemless download and activation process as current under XP. So does anyone have a solution for registering typelibraries and OCX controls without need to go through an elevation process. Thanks in advance

Read the article
Should a developer be a coauthor to a paper presented about the application they developed?

- by ved

In our organization, project teams come up with a need and funding and developers are given a basic scope and are allowed to develop the solution. There is a certain degree of implementation freedom given to the developers. They drive the solution to pilot and live deployment from its inception. If the solution is presented in a conference as a technical paper/white paper what is the protocol for the list of authors: because for the most part I see the project manager's and the dev team manager's names as authors but no mention of the actual developer. Is this correct? A lot of us developers feel pretty bummed to never see our names as the coauthors. Appreciate any pointers. Answers to the FOLLOW UP questions (1) in what field of study is the paper, and what are the standards of authorship for that field? The paper is for Flood Plain Management - there is nothing on the abstract guidelines, I have called the contact person listed for comment - waiting to hear. 2) was the paper literally about the software application as your question implies, or were the software issues incidental to the topic of the paper? The paper specifically deals with a GIS Application that is used in Coastal Engineering, yes the software is not incidental, but the meat of the paper and mentioned in the Title. 2

Read the article
Two differents FOSUser in application

- by Jérôme Boé

I face a problem with FOSUserBundle. In my Symfony2 application, I want to implement two differents User. I have one entity User, for basic user, and one entity UserPro with more informations. My problem is that I want to configure my bundle with this two entities: fos_user: db_driver: orm firewall_name: main user_class: Btp\UserBundle\Entity\User fos_userpro: db_driver: orm firewall_name: pro user_class: Btp\UserProBundle\Entity\UserPro And so, use fos_user and fos_userpro as provider in my security.yml. I'm no sure it's be possible. I obtain an error : There is no extension able to load the configuration for "fos_userpro" (in /..../app/config/config.yml). Looked for namespace "fos_userpro", found "framework", "security", ... And when I take a look in FOSUserBundle files, I feel that fos_user is not a configuration variable and is directly written in strings. Thanks.

Read the article
How to retrieve Google Blogger feed in ASP.NET medium trust?

- by ChrisP

I have an ASP.NET web site hosted at HostMySite.com and they recently changed the shared accounts to run in medium trust. In my web site I query my Blogger account and get blog posts to display on my web site. I am using Google.GData.Client v1.4.0.2 The retrieval works locally (and worked until medium trust was invoked at the ISP). Now I receive the following error: [SecurityException: Request for the permission of type 'System.Net.WebPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.] System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet) +0 System.Security.CodeAccessPermission.Demand() +58 System.Net.HttpWebRequest..ctor(Uri uri, ServicePoint servicePoint) +147 System.Net.HttpRequestCreator.Create(Uri Uri) +26 System.Net.WebRequest.Create(Uri requestUri, Boolean useUriBase) +216 System.Net.WebRequest.Create(Uri requestUri) +31 Google.GData.Client.GDataRequest.EnsureWebRequest() +77 Google.GData.Client.GDataRequest.Execute() +42 Google.GData.Client.Service.Query(Uri queryUri, DateTime ifModifiedSince, String etag, Int64& contentLength) +193 Google.GData.Client.Service.Query(FeedQuery feedQuery) +202 I've search the Google documentation and on-line but have not been able to find out what I need to change. Thanks

Read the article
Table prefix for MySqlMembershipProvider

- by choudeshell

I have MySqlMembershipProvider working with Asp.Net MVC. My question is how can I configure the table prefix... so instead of 'my_aspnet_' prefix on the tables, I want this to be either none or defined by me. My web.config: <?xml version="1.0"?> <add name="ApplicationServices" connectionString="server=localhost;user id=root;Password=*********;database=sparkSources" providerName="MySql.Data.MySqlClient"/> <authentication mode="Forms"> <forms loginUrl="~/Account/LogOn" timeout="2880" /> </authentication> <membership defaultProvider="MySqlMembershipProvider"> <providers> <clear/> <add name="MySqlMembershipProvider" type="MySql.Web.Security.MySQLMembershipProvider, MySql.Web, Version=6.3.4.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d" autogenerateschema="true" tablePrefix="ss" connectionStringName="ApplicationServices" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" passwordStrengthRegularExpression="" applicationName="sparkSources" /> </providers> </membership> <profile> <providers> <clear/> <add name="AspNetSqlProfileProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="ApplicationServices" applicationName="/" /> </providers> </profile> <roleManager enabled="false"> <providers> <clear/> <add name="AspNetSqlRoleProvider" type="System.Web.Security.SqlRoleProvider" connectionStringName="ApplicationServices" applicationName="/" /> <add name="AspNetWindowsTokenRoleProvider" type="System.Web.Security.WindowsTokenRoleProvider" applicationName="/" /> </providers> </roleManager> <pages> <namespaces> <add namespace="System.Web.Mvc" /> <add namespace="System.Web.Mvc.Ajax" /> <add namespace="System.Web.Mvc.Html" /> <add namespace="System.Web.Routing" /> </namespaces> </pages>

Read the article
SharePoint SLK and T-SQL xp_cmdshell safety

- by Mitchell Skurnik

I am looking into a TSQL command called "xp_cmdshell" to use to monitor a change to a the SLK (SharePoint Learning Kit) database and then execute a batch or PowerShell script that will trigger some events that I need. (It is bad practice to modify SharePoint's database directly, so I will be using its API) I have been reading on various blogs and MSDN that there are some security concerns with this approach. The sites suggest that you limit security so the command can be executed by only a specific user role. What other tips/suggestions would you recommend with using "xp_cmdshell"? Or should I go about this another way and create a script or console application that constantly checks if a change has been made? I am running Server 2008 with SQL 2008.

Read the article
Change password in Task Scheduler in script

- by titanium

I'm changing password every month for all scheduled tasks I created in Task Scheduler. This is because our security policy expires our password every month. Due to increasing number of scheduled tasks I'm creating, it eats up a lot of time in just changing password within Task Scheduler. My question is: Is there a way in script to change password in one run specifying the tasks, DOMAIN\username, and password? I know there's a security risk in putting the password in script. The password in script will be removed after the running it.

Read the article

< Previous Page | 491 492 493 494 495 496 497 498 499 500 501 502 | Next Page >