Search Results

Search found 50247 results on 2010 pages for 'base class'.

Page 630/2010 | < Previous Page | 626 627 628 629 630 631 632 633 634 635 636 637 | Next Page >

Multiple vulnerabilities in OpenSSL

- by chandan

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-4108 Cryptographic Issues vulnerability 4.3 OpenSSL Solaris 11 11/11 SRU 4a CVE-2011-4109 Unspecified vulnerability 9.3 CVE-2011-4576 Information Disclosure vulnerability 5.0 CVE-2011-4577 Denial of Service (DoS) vulnerability 4.3 CVE-2011-4619 Denial of Service (DoS) vulnerability 5.0 CVE-2012-0027 Denial of Service (DoS) vulnerability 5.0 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

Read the article
How to Write Manageable Code With Functional Programming?

- by dade

I just started with Functional Programming(Node.Js) and from the look of things it looks as if the code am writing would grow to be one hell of a code base to manage, when compared to Programming languages that have a sort of Object Oriented Paradigm. With OOP I am familair with practices that would ensure your code is easily managed and extensible. But am nore sure of similar convention with Functional Programming.

Read the article
Testing the Effectiveness of Your Web Marketing Strategies

Web marketing is a great option to choose when seeking to establish an online customer base for your product. Yet there is more than just advertising, marketing and generating SEO content for your site as all these strategies could fail to generate sales for your product. Given that e-commerce is a dynamic, ever changing business platform, it is important that an online business owner keeps testing the effectiveness of their online marketing strategies.

Read the article
the requested resource is not available [closed]

- by James Pj

I have written a Java servlet program and run it through local Tomcat 7, But it was showing following error : HTTP Status 404 - /skypark/registration type Status report message /skypark/registration description The requested resource is not available. Apache Tomcat/7.0.33 I don't know what was the reason for it my Html page is <html> <head> <title> User registration </title> </head> <body> <form action="registration" method="post"> <center> <h2><b>Skypark User Registration</b></h2> <table border="0"> <tr><td> First Name </td><td> <input type="text" name="fname"/></br> </td></tr><tr><td> Last Name </td><td> <input type="text" name="lname"/></br> </td></tr><tr><td> UserName </td><td> <input type="text" name="uname"></br> </td></tr><tr><td> Enter Password </td><td> <input type="password" name="pass"></br> </td></tr><tr><td> Re-Type Password </td><td> <input type="password" name="pass1"></br> </td></tr><tr><td> Enter Email ID </td><td> <input type="email" name="email1"></br> </td></tr><tr><td> Phone Number </td><td> <input type="number" name="phone"> </td></tr><tr><td> Gender<br> </td></tr><tr><td> <input type="radio" name="gender" value="Male">Male</input></br> </td></tr><tr><td> <input type="radio" name="gender" value="Female">Female</input></br> </td></tr><tr><td> Enter Your Date of Birth<br> </td><td> <Table Border=0> <tr> <td> Date </td> <td>Month</td> <td>Year</td> </tr><tr> <td> <select name="date"> <option value="1">1</option> <option value="2">2</option> <option value="3">3</option> <option value="4">4</option> <option value="5">5</option> . . . have some code . . . </table> <input type="submit" value="Submit"></br> </center> </form> </body> </html> My servlet is : package skypark; import skypark.*; import java.io.*; import javax.servlet.*; import javax.servlet.http.*; import java.sql.*; public class Registration extends HttpServlet { public static Connection prepareConnection()throws ClassNotFoundException,SQLException { String dcn="oracle.jdbc.driver.OracleDriver"; String url="jdbc:oracle:thin:@JamesPJ-PC:1521:skypark"; String usname="system"; String pass="tiger"; Class.forName(dcn); return DriverManager.getConnection(url,usname,pass); } public void doPost(HttpServletRequest req,HttpServletResponse resp)throws ServletException,IOException { resp.setContentType("text/html"); PrintWriter out=resp.getWriter(); try { String phone1,uname,fname,lname,dob,address,city,state,country,pin,email,password,gender,lang,qual,relegion,privacy,hobbies,fav; uname=req.getParameter("uname"); fname=req.getParameter("fname"); lname=req.getParameter("lname"); dob=req.getParameter("date"); address=req.getParameter("address"); city=req.getParameter("city"); state=req.getParameter("state"); country=req.getParameter("country"); pin=req.getParameter("pin"); email=req.getParameter("email1"); password=req.getParameter("password"); gender=req.getParameter("gender"); phone1=req.getParameter("phone"); lang=""; qual=""; relegion=""; privacy=""; hobbies=""; fav=""; int phone=Integer.parseInt(phone1); Connection con=prepareConnection(); String Query="Insert into regdetails values(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)"; PreparedStatement ps=con.prepareStatement(Query); ps.setString(1,uname); ps.setString(2,fname); ps.setString(3,lname); ps.setString(4,dob); ps.setString(5,address); ps.setString(6,city); ps.setString(7,state); ps.setString(8,country); ps.setString(9,pin); ps.setString(10,lang); ps.setString(11,qual); ps.setString(12,relegion); ps.setString(13,privacy); ps.setString(14,hobbies); ps.setString(15,fav); ps.setString(16,gender); int c=ps.executeUpdate(); String query="insert into passmanager values(?,?,?,?)"; PreparedStatement ps1=con.prepareStatement(query); ps1.setString(1,uname); ps1.setString(2,password); ps1.setString(3,email); ps1.setInt(4,phone); int i=ps1.executeUpdate(); if(c==1||c==Statement.SUCCESS_NO_INFO && i==1||i==Statement.SUCCESS_NO_INFO) { out.println("<html><head><title>Login</title></head><body>"); out.println("<center><h2>Skypark.com</h2>"); out.println("<table border=0><tr>"); out.println("<td>UserName/E-Mail</td>"); out.println("<form action=login method=post"); out.println("<td><input type=text name=uname></td>"); out.println("</tr><tr><td>Password</td>"); out.println("<td><input type=password name=pass></td></tr></table>"); out.println("<input type=submit value=Login>"); out.println("</form></body></html>"); } else { out.println("<html><head><title>Error!</title></head><body>"); out.println("<center><b>Given details are incorrect</b>"); out.println(" Please try again</center></body></html>"); RequestDispatcher rd=req.getRequestDispatcher("registration.html"); rd.include(req,resp); return; } } catch(Exception e) { out.println("<html><head><title>Error!</title><body>"); out.println("<b><i>Unable to process try after some time</i></b>"); out.println("</body></html>"); RequestDispatcher rd=req.getRequestDispatcher("registration.html"); rd.include(req,resp); return; } out.flush(); out.close(); } } And the web.xml file is <?xml version="1.0" encoding="UTF-8"?> <web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" version="3.0" metadata-complete="true"> <servlet> <servlet-name>reg</servlet-name> <servlet-class>skypark.Registration</servlet-class> </servlet> <servlet-mapping> <servlet-name>reg</servlet-name> <url-pattern>/registration</url-pattern> </servlet-mapping> This i kept in C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\skypark\WEB_INF\web.xml and servlet class in C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\skypark\WEB_INF\classes\skypark and registration.html in C:\Program Files\Apache Software Foundation\Tomcat 7.0\webapps\skypark\ if any mistake in this makes above error means please help me.Thanks in advance....

Read the article
Multiple vulnerabilities in Samba

- by chandan

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-2522 Cross-Site Request Forgery (CSRF) vulnerability 6.8 Samba Solaris 10 SPARC: 119757-21 X86: 119758-21 Solaris 9 Contact Support CVE-2011-2694 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 2.6 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

Read the article
Why are only some of my objects being rendered?

- by BleedObsidian

Every time I create a new asteroid the previous one is no longer rendered? I did some debugging and printed out the size of Array-List 'Small' and when a new asteroid is created it doesn't go down, so the thread is still there it's just not being rendered, Why? StatePlay: package me.bleedobsidian.astroidjump; import org.newdawn.slick.GameContainer; import org.newdawn.slick.Graphics; import org.newdawn.slick.SlickException; import org.newdawn.slick.state.BasicGameState; import org.newdawn.slick.state.StateBasedGame; public class StatePlay extends BasicGameState { int stateID = 10; Player player; Asteroids asteroids; StatePlay(int stateID) { this.stateID = stateID; } @Override public int getID() { return stateID; } @Override public void init(GameContainer gc, StateBasedGame sbg) throws SlickException { ResManager.loadImages(); player = new Player(); asteroids = new Asteroids(); } @Override public void render(GameContainer gc, StateBasedGame sbg, Graphics g) throws SlickException { g.setAntiAlias(true); player.render(g); asteroids.render(g); g.drawString("Asteroids: " + Asteroids.small.size(), 10, 25); } @Override public void update(GameContainer gc, StateBasedGame sbg, int delta) throws SlickException { player.update(gc, delta); asteroids.update(delta); } } Asteroids: package me.bleedobsidian.astroidjump; import java.util.ArrayList; import java.util.Timer; import org.newdawn.slick.Graphics; import org.newdawn.slick.Image; import org.newdawn.slick.SpriteSheet; public class Asteroids { public static ArrayList<Asteroid_Small> small = new ArrayList<Asteroid_Small>(); static SpriteSheet small_sprites = new SpriteSheet(ResManager.asteroids_small_ss, 32, 32); static Image small_1 = small_sprites.getSubImage(0, 0); static Image small_2 = small_sprites.getSubImage(1, 0); static Image small_3 = small_sprites.getSubImage(2, 0); static Image small_4 = small_sprites.getSubImage(3, 0); static boolean asteroids = true; static int diff = 0; Asteroids() { Task_Asteroids TaskA = new Task_Asteroids(); Timer timer = new Timer("Asteroids"); if(diff == 0) { timer.schedule(TaskA, 0, 4000); } else if(diff == 1) { timer.schedule(TaskA, 0, 3000); } } public static Image chooseSmallImage(int i) { if(i == 0) { return small_1; } else if(i == 1) { return small_2; } else if(i == 2) { return small_3; } else if(i == 3) { return small_4; } else { return small_1; } } public static void level_manager(float x) { if(x < 1000) { diff = 0; } else if(x < 2000) { diff = 1; } else if(x < 3000) { diff = 2; } else if(x < 5000) { diff = 3; } else if(x < 10000) { diff = 4; } else { diff = 5; } } public void update(int delta) { for(int s = 0; s < small.size(); s++) { Asteroid_Small as = small.get(s); as.update(delta); } } public void render(Graphics g) { for(int s = 0; s < small.size(); s++) { Asteroid_Small as = small.get(s); as.render(g); } } public static void setAsteroids(boolean tf) { asteroids = tf; } } Asteroid_Small: package me.bleedobsidian.astroidjump; import org.newdawn.slick.Graphics; import org.newdawn.slick.Image; public class Asteroid_Small { private static Image me; private static float x = 0; private static float y = 0; private static float speed = 0; private static float rotation = 0; private static float rotation_speed = 0; Asteroid_Small(Image i, float x, float y, float rs, float sp) { me = i; Asteroid_Small.x = x; Asteroid_Small.y = y; Asteroid_Small.rotation_speed = rs; Asteroid_Small.speed = sp; } public void update(int delta) { x -= speed * delta; rotation += rotation_speed * delta; me.setRotation(rotation); } public void render(Graphics g) { g.drawImage(me, x, y); } } Task_Asteroid: package me.bleedobsidian.astroidjump; import java.util.TimerTask; public class Task_Asteroids extends TimerTask { public void run() { if(Asteroids.diff == 0) { int randImage = (int) (Math.random() * 4); int randHeight = (int) (Math.random() * 480); Asteroids.small.add(new Asteroid_Small(Asteroids.chooseSmallImage(randImage), Player.x + 960, randHeight, 0.05f, 0.04f)); } } }

Read the article
Firefox 23 n'autorise plus la désactivation de JavaScript, l'utilisateur devrait-il avoir le choix où le Web sans JavaScript est désormais stupide ?

Firefox 23 n'autorise plus la désactivation de JavaScript L'utilisateur devrait-il avoir le choix ou le Web sans JavaScript est-il désormais stupide ?JavaScript devient omniprésent et quasiment incontournable dans l'écosystème du Web.Développé à la base comme un simple langage de script qui devait permettre de rendre des pages Web interactives, JavaScript peut être désactivé via une option dans les navigateurs.Pour le développeur, cette option permet de voir comment peut fonctionner son application Web sans JavaScript et pour l'utilisateur, la désactivation de JavaScript devait permettre d'éviter les popup publicitaires intrusifs, le chargement rapide des pages ou de bénéficier de plus de sécuri...

Read the article
Using static methods in objects PHP - is it advantage?

- by RePRO

I was reading some articles and discussions on the use of static methods on objects and it struck me how much the views differ. Someone say that using static methods is an advantage. Someone says that use is a big mistake. I wonder how is it? My question is when to use static methods and when not? I would like to hear answers from experts in this field (PHP OOP). This is because I know how it really is. The following code should be analogous. Just call the static method is simpler (my opinion): <?php class A { public function write($a) { echo $a; } } class B { public static function write($a) { echo $a; } } $a = new A; $a->write(5); // 5 B::write(5); // 5 ?> Thank you.

Read the article
CVE-2011-4028 Information Disclosure vulnerability in X.org

- by chandan

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2011-4028 File Existence Disclosure vulnerability 1.2 X.Org Solaris 10 SPARC: 125719-42 X86: 125720-52 Solaris 11 Contact Support This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

Read the article
Multiple Denial of Service vulnerabilities in Wireshark

- by chandan

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2012-0041 Denial of Service(DoS) vulnerability 1.9 Wireshark Solaris 11 11/11 SRU 04 CVE-2012-0042 Denial of Service(DoS) vulnerability 2.9 CVE-2012-0043 Buffer Overflow vulnerability 5.4 CVE-2012-0066 Denial of Service(DoS) vulnerability 1.9 CVE-2012-0067 Denial of Service(DoS) vulnerability 1.9 CVE-2012-0068 Buffer Overflow vulnerability 4.4 This notification describes vulnerabilities fixed in third-party components that are included in Sun's product distribution.Information about vulnerabilities affecting Oracle Sun products can be found on Oracle Critical Patch Updates and Security Alerts page.

Read the article
Security Alert for CVE-2012-4681 Released

- by Eric P. Maurice

Hi, this is Eric Maurice again! Oracle has just released Security Alert CVE-2012-4681 to address 3 distinct but related vulnerabilities and one security-in-depth issue affecting Java running in desktop browsers. These vulnerabilities are: CVE-2012-4681, CVE-2012-1682, CVE-2012-3136, and CVE-2012-0547. These vulnerabilities are not applicable to standalone Java desktop applications or Java running on servers, i.e. these vulnerabilities do not affect any Oracle server based software. Vulnerabilities CVE-2012-4681, CVE-2012-1682, and CVE-2012-3136 have each received a CVSS Base Score of 10.0. This score assumes that the affected users have administrative privileges, as is typical in Windows XP. Vulnerability CVE-20120-0547 has received a CVSS Base Score of 0.0 because this vulnerability is not directly exploitable in typical user deployments, but Oracle has issued a security-in-depth fix for this issue as it can be used in conjunction with other vulnerabilities to significantly increase the overall impact of a successful exploit. If successfully exploited, these vulnerabilities can provide a malicious attacker the ability to plant discretionary binaries onto the compromised system, e.g. the vulnerabilities can be exploited to install malware, including Trojans, onto the targeted system. Note that this malware may in some instances be detected by current antivirus signatures upon its installation. Due to the high severity of these vulnerabilities, Oracle recommends that customers apply this Security Alert as soon as possible. Furthermore, note that the technical details of these vulnerabilities are widely available on the Internet and Oracle has received external reports that these vulnerabilities are being actively exploited in the wild. Developers should download the latest release at http://www.oracle.com/technetwork/java/javase/downloads/index.html Java users should download the latest release of JRE at http://java.com, and of course Windows users can take advantage of the Java Automatic Update to get the latest release. For more information: The Advisory for Security Alert CVE-2012-4681 is located at http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html Users can verify that they’re running the most recent version of Java by visiting: http://java.com/en/download/installed.jsp Instructions on removing older (and less secure) versions of Java can be found at http://java.com/en/download/faq/remove_olderversions.xml

Read the article
clone() only partially doable; how to react?

- by hllnll

Suppose we have a class-hierarchy whose base class B requires a clone() method to be defined in its derivations. Whilst this works perfectly for most of them there is this one derivation X that holds an optional reference to a resource/object that can only be referenced from one instance of X. Whilst the rest of X can be cloned without problems this reference would have to be set to null/nil/nullptr. What is the correct way to handle this situation? X::clone() could throw an UncloneableException. Though this would be correct, it is not satisfying. Set the reference to null/nil/nullptr and leave no notice of it. The user of X has to know about Xs "particularities". Require derivations of B to define B::nearestClone(): the user of B has to be aware that the return value might not be a 1:1 clone. Something else?

Read the article
Is it appropriate to try to control the order of finalization?

- by Strilanc

I'm writing a class which is roughly analogous to a CancellationToken, except it has a third state for "never going to be cancelled". At the moment I'm trying to decide what to do if the 'source' of the token is garbage collected without ever being set. It seems that, intuitively, the source should transition the associated token to the 'never cancelled' state when it is about to be collected. However, this could trigger callbacks who were only kept alive by their linkage from the token. That means what those callbacks reference might now in the process of finalization. Calling them would be bad. In order to "fix" this, I wrote this class: public sealed class GCRoot { private static readonly GCRoot MainRoot = new GCRoot(); private GCRoot _next; private GCRoot _prev; private object _value; private GCRoot() { this._next = this._prev = this; } private GCRoot(GCRoot prev, object value) { this._value = value; this._prev = prev; this._next = prev._next; _prev._next = this; _next._prev = this; } public static GCRoot Root(object value) { return new GCRoot(MainRoot, value); } public void Unroot() { lock (MainRoot) { _next._prev = _prev; _prev._next = _next; this._next = this._prev = this; } } } intending to use it like this: Source() { ... _root = GCRoot.Root(callbacks); } void TransitionToNeverCancelled() { _root.Unlink(); ... } ~Source() { TransitionToNeverCancelled(); } but now I'm troubled. This seems to open the possibility for memory leaks, without actually fixing all cases of sources in limbo. Like, if a source is closed over in one of its own callbacks, then it is rooted by the callback root and so can never be collected. Presumably I should just let my sources be collected without a peep. Or maybe not? Is it ever appropriate to try to control the order of finalization, or is it a giant warning sign?

Read the article
How to solve cyclic dependencies in a visitor pattern

- by Benjamin Rogge

When programming at work we now and then face a problem with visitors and module/project dependencies. Say you have a class A in a module X. And there are subclasses B and C in module Y. That means that module Y is dependent on module X. If we want to implement a visitor pattern to the class hierarchy, thus introducing an interface with the handle Operations and an abstract accept method in A, we get a dependency from module Y to module X, which we cannot allow for architectural reasons. What we do is, use a direct comparison of the types (i.e. instanceof, since we program in Java), which is not satisfying. My question(s) would be: Do you encounter this kind of problem in your daily work (or do we make poor architectural choices) and if so, how is your approach to solve this?

Read the article
Keep coding the wrong way to remain consistent? [closed]

- by bwalk2895

Possible Duplicate: Code maintenance: keeping a bad pattern when extending new code for being consistent, or not? To keep things simple let's say I am responsible for maintaining two applications, AwesomeApp and BadApp (I am responsible for more and no that is not their actual names). AwesomeApp is a greenfield project I have been working on with other members on my team. It was coded using all the fancy buzzwords, Multilayer, SOA, SOLID, TDD, and so on. It represents the direction we want to go as a team. BadApp is a application that has been around for a long time. The architecture suffers from many sins, namely everything is tightly coupled together and it is not uncommon to get a circular dependency error from the compiler, it is almost impossible to unit test, large classes, duplicate code, and so on. We have a plan to rewrite the application following the standards established by AwesomeApp, but that won't happen for a while. I have to go into BadApp and fix a bug, but after spending months coding what I consider correctly, I really don't want do continue perpetuate bad coding practices. However, the way AwesomeApp is coded is vastly different from the way BadApp is coded. I fear implementing the "correct" way would cause confusion for other developers who have to maintain the application. Question: Is it better to keep coding the wrong way to remain consistent with the rest of the code in the application (knowing it will be replaced) or is it better to code the right way with an understanding it could cause confusion because it is so much different? To give you an example. There is a large class (1000+ lines) with several functions. One of the functions is to calculate a date based on an enumerated value. Currently the function handles all the various calculations. The function relies on no other functionality within the class. It is self contained. I want to break the function into smaller functions (at the very least) and put them into their own classes and hide those classes behind an interface (at the most) and use the factory pattern to instantiate the date classes. If I just broke it out into smaller functions within the class it would follow the existing coding standard. The extra steps are to start following some of the SOLID principles.

Read the article
Going from webforms, VS 2008, 3.5 framework to the "next level" based on my goals

- by Caveatrob

I've got a few choices to make as I develop some business websites that will run for the next two to three years. Currently I run ASP.NET 3.5 with Visual Studio 2008. I do my development rather crudely in WebForms because that's what I learned and am most productive with. I don't use Membership or any other frameworks in my projects. I use a simple class that maintains a few session keys for each user based on basic database tables for users and roles. (I have about 3,000 users). So far I've kept the data simple, using ADO.NET against SQL Server and a data access class (Circa 2000, I know) to build my sites. My questions are as follows: Under what conditions would I be better off moving to MVC? Under what conditions would I find LINQ and ORM a better way to go than standard ADO.NET? Would I benefit, in my current state of development, from going from Studio 2008 to Studio 2010?

Read the article
Looking to apply Bundle Patch 1 on Enterprise Manager 12c ? Here is a workbook to help you ....

- by Pankaj

Are you planning to apply Bundle patch 1 for EM 12c ? If yes , check this workbook which describes the complete flow . Enterprise Manager Cloud Control Workbook for Applying Bundle Patch 1 (February 2012) and 12.1.0.2 Plugins [ID 1393173.1] Applies to:Enterprise Manager Base Platform - Version: 12.1.0.1.0 to 12.1.0.1.0 - Release: 12.1 to 12.1 PurposeThis document provides an overview of the installation steps needed to apply Bundle Patch 1 on the EM Cloud Control 12c Oracle Management Service OMS) and Management Agent.

Read the article
If a variable has getter and setter, should it be public?

- by Oni

I am an about to graduate Computer Science student so probably this is a stupid question. If I have a class with a variable that is private and the class have getter and setter for that variable. Why don't make that variable public? The only case I think you have to use getters and setters is if you need to do some operation besides the set or the get. Example: void my_class::set_variable(int x){ /* Some operation like updating a log */ this->variable = x; } Thanks in advance!

Read the article
What is the most appropriate testing method in this scenario?

- by Daniel Bruce

I'm writing some Objective-C apps (for OS X/iOS) and I'm currently implementing a service to be shared across them. The service is intended to be fairly self-contained. For the current functionality I'm envisioning there will be only one method that clients will call to do a fairly complicated series of steps both using private methods on the class, and passing data through a bunch of "data mangling classes" to arrive at an end result. The gist of the code is to fetch a log of changes, stored in a service-internal data store, that has occurred since a particular time, simplify the log to only include the last applicable change for each object, attach the serialized values for the affected objects and return this all to the client. My question then is, how do I unit-test this entry point method? Obviously, each class would have thorough unit tests to ensure that their functionality works as expected, but the entry point seems harder to "disconnect" from the rest of the world. I would rather not send in each of these internal classes IoC-style, because they're small and are only made classes to satisfy the single-responsibility principle. I see a couple possibilities: Create a "private" interface header for the tests with methods that call the internal classes and test each of these methods separately. Then, to test the entry point, make a partial mock of the service class with these private methods mocked out and just test that the methods are called with the right arguments. Write a series of fatter tests for the entry point without mocking out anything, testing the entire functionality in one go. This looks, to me, more like "integration testing" and seems brittle, but it does satisfy the "only test via the public interface" principle. Write a factory that returns these internal services and take that in the initializer, then write a factory that returns mocked versions of them to use in tests. This has the downside of making the construction of the service annoying, and leaks internal details to the client. Write a "private" initializer that take these services as extra parameters, use that to provide mocked services, and have the public initializer back-end to this one. This would ensure that the client code still sees the easy/pretty initializer and no internals are leaked. I'm sure there's more ways to solve this problem that I haven't thought of yet, but my question is: what's the most appropriate approach according to unit testing best practices? Especially considering I would prefer to write this test-first, meaning I should preferably only create these services as the code indicates a need for them.

Read the article
Access Control Service: Handling Errors

- by Your DisplayName here!

Another common problem with external authentication is how to deal with sign in errors. In active federation like WS-Trust there are well defined SOAP faults to communicate problem to a client. But with web applications, the error information is typically generated and displayed on the external sign in page. The relying party does not know about the error, nor can it help the user in any way. The Access Control Service allows to post sign in errors to a specified page. You setup this page in the relying party registration. That means that whenever an error occurs in ACS, the error information gets packaged up as a JSON string and posted to the page specified. This way you get structued error information back into you application so you can display a friendlier error message or log the error. I added error page support to my ACS2 sample, which can be downloaded here. How to turn the JSON error into CLR types The JSON schema is reasonably simple, the following class turns the JSON into an object: [DataContract] public class AcsErrorResponse { [DataMember(Name = "context", Order = 1)] public string Context { get; set; } [DataMember(Name = "httpReturnCode", Order = 2)] public string HttpReturnCode { get; set; } [DataMember(Name = "identityProvider", Order = 3)] public string IdentityProvider { get; set; } [DataMember(Name = "timeStamp", Order = 4)] public string TimeStamp { get; set; } [DataMember(Name = "traceId", Order = 5)] public string TraceId { get; set; } [DataMember(Name = "errors", Order = 6)] public List<AcsError> Errors { get; set; } public static AcsErrorResponse Read(string json) { var serializer = new DataContractJsonSerializer( typeof(AcsErrorResponse)); var response = serializer.ReadObject( new MemoryStream(Encoding.Default.GetBytes(json))) as AcsErrorResponse; if (response != null) { return response; } else { throw new ArgumentException("json"); } } } [DataContract] public class AcsError { [DataMember(Name = "errorCode", Order = 1)] public string Code { get; set; } [DataMember(Name = "errorMessage", Order = 2)] public string Message { get; set; } } Retrieving the error information You then need to provide a page that takes the POST and deserializes the information. My sample simply fills a view that shows all information. But that’s for diagnostic/sample purposes only. You shouldn’t show the real errors to your end users. public class SignInErrorController : Controller { [HttpPost] public ActionResult Index() { var errorDetails = Request.Form["ErrorDetails"]; var response = AcsErrorResponse.Read(errorDetails); return View("SignInError", response); } } Also keep in mind that the error page is an anonymous page and that you are taking external input. So all the usual input validation applies.

Read the article
CVE-2013-0900 Race Conditions vulnerability in ICU

- by Ritwik Ghoshal

CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2013-0900 Race Conditions vulnerability 6.8 International Components for Unicode (ICU) Solaris 10 SPARC: 119810-08 X86: 119811-08 Solaris 11.1 11.1.16.5.0 This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

Read the article
Am I violating LSP if the condition can be checked?

- by William

This base class for some shapes I have in my game looks like this. Some of the shapes can be resized, some of them can not. private Shape shape; public virtual void SetSizeOfShape(int x, int y) { if (CanResize()){ shape.Width = x; shape.Height = y; } else { throw new Exception("You cannot resize this shape"); } } public virtual bool CanResize() { return true; } In a sub class of a shape that I don't ever want to resize I am overriding the CanResize() method so a piece of client code can check before calling the SetSizeOfShape() method. public override bool CanResize() { return false; } Here's how it might look in my client code: public void DoSomething(Shape s) { if(s.CanResize()){ s.SetSizeOfShape(50, 70); } } Is this violating LSP?

Read the article
Where can I get the Natty kernel .config file?

- by Oli

I'm using Maverick with the latest available kernels on kernel.org and building them myself. Until now I've been basing my configuration off the stock Maverick kernel and accepting the make oldconfig defaults. I've been doing this for 3 major releases now so I figure I'm starting to slip behind the current "standard". I would like to re-base my kernels off the new Natty .config file. Is this available somewhere online or do I have to download the whole kernel package and extract it?

Read the article
Tester/Doer pattern: Assume the caller conforms to the pattern or be defensive and repeat the check?

- by Daniel Hilgarth

Assume a simple class that implements the Tester/Doer pattern: public class FooCommandHandler : ICommandHandler { public bool CanHandle(object command) { return command is FooCommand; } public void Handle(object command) { var fooCommand = (FooCommand)command; // Do something with fooCommand } } Now, if someone doesn't conform to the pattern and calls Handle without verifying the command via CanHandle, the code in Handle throws an exception. However, depending on the actual implementation of Handle this can be a whole range of different exceptions. The following implementation would check CanHandle again in Handle and throw a descriptive exception: public void Handle(object command) { if(!CanHandle(command)) throw new TesterDoerPatternUsageViolationException("Please call CanHandle first"); // actual implementation of handling the command. } This has the advantage that the exception is very descriptive. It has the disadvantage that CanHandle is called twice for "good" clients. Is there a consensus on which variation should be used?

Read the article
Re-sizing the form without scaling the GUI

- by Bmoore

I am writing a turn based strategy game in C#. My GUI implementation consists of class that extends Form containing a class that extends Panel. When I render the GUI I draw to the paint method in the panel. I am trying to figure out what is the best way for handling form re-size events. I know I want a minimum window size, but I would prefer to not have a maximum or a set size. Ideally the GUI would reveal more/less of the map as the user changes the window size. I would like to avoid scaling the graphics if at all possible. What is the best way to handle re-size events?

Read the article

< Previous Page | 626 627 628 629 630 631 632 633 634 635 636 637 | Next Page >