Search Results

Search found 25872 results on 1035 pages for 'document security'.

Page 665/1035 | < Previous Page | 661 662 663 664 665 666 667 668 669 670 671 672 | Next Page >

Multiple merchant accounts with Activemerchant gem.

- by sosborn

I am developing a rails site that will allow a group of merchants (5 - 10) to accept credit card orders online. I plan on using the Activemerchant gem to handle the processing. In this case, each merchant will have their own merchant accounts to handle the payments. Storing banking information like that is not something I am a fan of. This could be solved by queing orders and allowing the merchant to log in to the site, input their credentials and process the order. However, if I go that route then it seems to me that I would have to store the customers' credit card information temporarily until the merchant has the opportunity to log in and process the order, which to me is the greater evil. Has anyone dealt with this situation? If so, what are the options available and what pitfalls should I look out for? In my mind, security customer credit card information is priority number one with the merchant account information a close second.

Read the article
.net site all pages do a 302 redirect with AspxAutoDetectCookieSupport

- by aron

Hello, First let me say that I did see this article: http://stackoverflow.com/questions/1045283/how-to-remove-aspxautodetectcookiesupport However it seems like it fixes the url issue, but not the 302 AspxAutoDetectCookieSupport issue. I've also read just about every other article on the web about this issue. I could really use some help here. This is my web.config <sessionState mode="InProc" cookieless="false" timeout="6600" /> <membership defaultProvider="MySqlMembershipProvider"> <providers> <clear /> <add connectionStringName="SimpleTickConnection" applicationName="TheaterSales" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" passwordFormat="Hashed" maxInvalidPasswordAttempts="15" minRequiredPasswordLength="7" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" passwordStrengthRegularExpression="" name="MySqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> </providers> </membership> <anonymousIdentification enabled="true" cookieless="AutoDetect" cookieProtection="All" cookieRequireSSL="false" cookieSlidingExpiration="true" /> Here's the entire web.config: http://support.simpletick.com/web-config-sample.txt

Read the article
Reinstalling Applications after Win 7 installation [closed]

- by Don Oxley

I'm preparing to upgrade to Win 7 and am trying to ensure that I will be able to reinstall all the relevant applications. Since most applications require product keys, I'm curious if the installation process for Win 7 preserves those keys in any way (say for Office 2007,...) or do I have to locate and reenter every key? Second, for appications that require a key and then check with their home server (Norton Internet Security, for example). Even if I have the key, how do I convince the server that I'm not trying to reuse an application that has a single use license? Thanks, --Don

Read the article
How to Publish InfoPath (which is fulltrusted having codebehid code ) in sharePoint?

- by JanardhanReddy

Hi all, I created one InfoPath form which is having C# code and i gave security option is 'full trusted' to access infopath object model,and it should be open with Browser.finally i published the Infopath form to SharePoint(by using admin-approved) site. But when i'am trying to open, it is not opening and giving an error that is 'InfoPath can not create a new or blank form InfoPath can not open the form,To fix this problem,Contact your System administrator' and in error show details its giving following message. 'The form template is trying to access files and settings on your computer. InfoPath cannot grant access to these files and settings because the form template is not fully trusted. For a form to run with full trust, it must be installed or digitally signed with a certificate'. please give me a solution.

Read the article
md5 hash for file without File Attributes

- by Glennular

Using the following code to compute MD5 hashs of files: Private _MD5Hash As String Dim md5 As New System.Security.Cryptography.MD5CryptoServiceProvider Dim md5hash() As Byte md5hash = md5.ComputeHash(Me._BinaryData) Me._MD5Hash = ByteArrayToString(md5hash) Private Function ByteArrayToString(ByVal arrInput() As Byte) As String Dim sb As New System.Text.StringBuilder(arrInput.Length * 2) For i As Integer = 0 To arrInput.Length - 1 sb.Append(arrInput(i).ToString("X2")) Next Return sb.ToString().ToLower End Function We are getting different hashes depending on the create-date and modify-date of the file. We are storing the hash and the binary file in a SQL DB. This works fine when we upload the same instance of a file. But when we save a new instance of the file from the DB (with today's date as the create/modify) on the file-system and then check the new hash versus the MD5 stored in the DB they do not match, and therefor fail a duplicate check. How can we check for a file hash excluding the file attributes? or is there a different issue here?

Read the article
Button in gridview

- by Rajeev

I'm using a button in a template field of gridview. On button click I want to redirect to another page but it throws an exception: Invalid postback or callback argument. Event validation is enabled using in configuration or <%@ Page EnableEventValidation="true" % in a page. For security purposes, this feature verifies that arguments to postback or callback events originate from the server control that originally rendered them. If the data is valid and expected, use the ClientScriptManager.RegisterForEventValidation method in order to register the postback or callback data for validation. What can I do to resolve this problem?

Read the article
How to add a Web Reference to a SSL web service?

- by Matt W

Hi, I have a web service in a C#/3.5 project which has been running fine. This is until I set the "SSL port" in IIS to 443 and set the "IIS - Directory Security - Secure Communications - Require secure channel (SSL)" option to true. Now, the web reference cannot be updated and I cannot add a new web reference to the web service in that site. When I try to view the service in a browse using just HTTP I get the "This page must be viewed over a secure channel" and when viewed with HTTPS on the front I get "This web page not available." Could someone tell me how to get a Web Reference added using Visual Studio to this secure web service, please? Thanks, Matt.

Read the article
asp.net free cms for library

- by Andrew Florko

We have library website written in classic ASP that allows to browse and search by multiple (50+) filter criterias (author, publication year, ISSN ... ). There are lots of security holes and we have only one developer who hardly maintain this ASP-site with some minor features for last 3 years. There are two common user groups - administrators (librarians) and students (5000+) who have books on hands and searches for them. We don't want to rewrite it from scratch, just to use standard free CMS (.net based) and migrate library data and user accounts with minimum effort. What CMS will you suggest? Thank you in advance.

Read the article
Solved::MessageQueue.BeginReceive() null ref error - c#

- by ltech

Have a windows service that listens to a msmq. In the OnStart method is have this protected override void OnStart(string[] args) { try { _queue = new MessageQueue(_qPath);//this part works as i had logging before and afer this call //Add MSMQ Event _queue.ReceiveCompleted += new ReceiveCompletedEventHandler(queue_ReceiveCompleted);//this part works as i had logging before and afer this call _queue.BeginReceive();//This is where it is failing - get a null reference exception } catch(Exception ex) { EventLogger.LogEvent(EventSource, EventLogType, "OnStart" + _lineFeed + ex.InnerException.ToString() + _lineFeed + ex.Message.ToString()); } } where private MessageQueue _queue = null; This works on my machine but when deployed to a windows 2003 server and running as Network service account, it fails Exception recvd: Service cannot be started. System.NullReferenceException: Object reference not set to an instance of an object. at MYService.Service.OnStart(String[] args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Solved: Turned out that the Q that i set up, I had to explicitly add Network Service account to it under security tab

Read the article
sql exception when transferring project from usb to c:\

- by jello

I'm working on a C# windows program with Visual Studio 2008. Usually, I work from school, directly on my usb drive. But when I copy the folder on my hard drive at home, an sql exception is unhandled whenever I try to write to the database. it is unhandled at the conn.Open(); line. here's the exception unhandled Database 'L:\system\project\the_project\the_project\bin\Debug\PatientMonitoringDatabase.mdf' already exists. Choose a different database name. Cannot attach the file 'C:\Documents and Settings\Administrator\My Documents\system\project\the_project\the_project\bin\Debug\PatientMonitoringDatabase.mdf' as database 'PatientMonitoringDatabase'. it's weird, because my connection string says |DataDirectory|, so it should work on any drive... here's my connection string: string connStr = "Data Source=.\\SQLEXPRESS;AttachDbFilename=|DataDirectory|\\PatientMonitoringDatabase.mdf; " + "Initial Catalog=PatientMonitoringDatabase; " + "Integrated Security=True";

Read the article
"Unable to find a version of the runtime to run this application" running .NET app in virtual XP mac

- by Pete

I've written a few winform apps in .net 2.0 which won't run in a virtual XP (running from VirtualBox). I get the error "unable to find a version of the runtime to run this application" (.NET Framework Initialization Error). I've tried fixing the installation of .net and also installing v3.5. I think it's probably a security issue rather than a framework problem, but i'm running under an administrator account. Other .net apps (2.0) run ok, so it might be a strong name/signing problem. I've tried compiling them completely unsigned and also delay signing them with a key and turning on verification skipping with the sn tool. help greatly appreciated!

Read the article
Microsoft CRM could not log you on to the system. Make sure your user record...

- by Willy

"Microsoft CRM could not log you on to the system. Make sure your user record is enabled and that you have been assigned at least one security role. For more information, contact your system administrator." When I RDP into the server and try Microsoft CRM Workflow Manager/Monitor with http or https connectivity, it doesn't work. "The specified Microsoft CRM server is not responding. This might happen if it is currently unavaliable, it is not a Microsoft CRM server, or you are not a valid user. Contact your sys-admin." This is a Microsoft CRM v3.0 / Microsoft SQL server 2005 box, Active directory is on a seperate box.. When I right click Microsoft CRM Worlkflow Service, properties, log on: it shows "crmtestuser" and a password. I did not RDP or try logging in as that crmtestuser, but I am Admin... Could this be a clue? What can I try?

Read the article
setting UAC settings of a file in C#

- by Inam Jameel

Hi guys. i want to give a file(already present on the client computer .exe) permissions to always execute with administrative permissions. please note that the file i wants to give permissions is already on target machine. and i want to change permissions of that file through another program written in c# and it has administrative permissions to do everything. kindly let me know how to do it i am using this code System.Security.AccessControl.FileSecurity fs = File.GetAccessControl(@"c:\inam.exe"); FileSystemAccessRule fsar = new FileSystemAccessRule("Everyone", FileSystemRights.FullControl, AccessControlType.Allow); fs.AddAccessRule(fsar); File.SetAccessControl(@"c:\inam.exe", fs); this code will change the permissions correctly but still when i execute inam.exe after executing this code the UAC not appeared and also the inam.exe cant perform administrative operations. actually i have already deployed an application on more than 10,000 clients so wants to release a patch to resolve the administrative rights issue.

Read the article
Would a Socket Connection Outperform an Intarvaled Database Sweep and Requests?

- by Jascha

I'm building a small chat application to add to an existing framework. There will only be 20-50 users MAX at any one time. I was wondering if I could get away with updating a cache file containing (semi) live chat data for whichever users happen to be chatting just by performing timed queries and regular AJAX refreshes for new data as opposed to learning how to open and maintain a socket connection. I'm sure there are existing chat plug-ins out there. But I just had a hell of a time installing one and I could see building the whole damn thing taking just as much time as plugging one in. Am I off to a bad start? Thanks in advance -J (p.s. this is a semi closed network behind a php login so security isn't a great concern)

Read the article
Launching an external application from within a NPAPI Plugin

- by Adam Cobb

I am trying to work out why an NPAPI plugin I have written, which works fine in terms of performing operations triggered via Javascipt calls, cannot use CreateProcess() or ShellExecute() to launch an application from a path specified via the Javascript call. I can seemingly use either of these methods and they return success, i.e. no error code. But the application just does not launch. I have tried modifying the parameters used when calling them, to create new process group etc. But seemingly with no effect. I know this may seem like a bit of a security risk, but for the very specific purpose we wish to use it for it shouldn't be a problem. Thanks.

Read the article
mod_php / mod_suphp / FastCGI | Which do you recommend and why.

- by Saif Bechan

I am at the point that I have to choose on what type of setup my application should run. I know there are some types available where apache runs smooth on, but they all have there downsides. System: Apache 2 / PHP 5.2 I hope you can give me some tips from firsthand experience. To give you an example of what to be covered. - Performance - Ease of setup - Security I know this does not really involve programming, but I have seen post concerning this and I know that you guys/girls here are certainly qualified to comment on this subject.

Read the article
Setting slime-enable-evaluate-in-emacs

- by Tyler

Hi, I am using SBCL with slime, and have the following code: (swank::eval-in-emacs '(with-current-buffer (slime-repl-buffer) (insert (propertize "foo" 'font-lock-face '(:foreground "red"))))) (print "here is some text") In general if I try to execute anything with swank:: prefixed to it emacs will give a security error, and this particular one tells me I need to set slime-enable-evaluate-in-emacs to true. Where is this value? I haven't been able to find a slime or swank config. & settings file. Thanks much.

Read the article
Problem authenticating with shiro in grails app

- by xain

I have a grails 1.2 app and I want to use declarative security in order to restrict accesses based on roles. I decided to try shiro, installed the plugin, but when I try to authenticate, the message "Invalid username and/or password" shows up in the header. I check the db entry and the user is there with the sha'ed password. No messages are shown neither in the console nor in the stacktrace file. I added "warn 'org.jsecurity'" to Config.groovy with no results. Any hints/tricks to troubleshoot this ?

Read the article
Spring - MVC - Sanitize URL before redisplaying to the user

- by Raghav

In my application , a HTTP GET request URL to the application with script tag is getting redisplayed as it is although it fails the authorization. Example: http://www.example.com/welcome<script>alert("hi")</script> The issue is sanitizing external input entered directly into address bar by modifying existing GET URL. Spring redisplays the submitted URL as it is. Though the script does not get executed in the browser(FF), is there anyway to strip the URL of these values before displaying it back to the user Reference: Spring MVC application filtering HTML in URL - Is this a security issue?

Read the article
How to create virtual Environment for users on server

- by Bhushan Nagaonkar

I have a web application where users can register them self and then save Java and C++ programs in their account. Programs are saved in a tmp directory like, /tmp -user1 --program1 --program2 -user2 --program1 --program2 So all the users folders are in same "tmp" directory. I want to know how can I proved security by not allowing a user to access files of other users. A user will be executing a java or c++ program in his folder which can be used to read files on the server. How to prevent this? I am new to this thing I don't know how to go about this. The server is Linux server and project is in python using Django. Thank in advance

Read the article
Javascript to PHP, mysql uploading, one button pressing solution

- by user2897858

my program is generating buttons from a mysql database.When one of the button is pressed, it would uplod the current time and the gps coordinate. Sadly, it only works if the same button is pressed twice, but its not an option, because the button has to dissappear. I would like to have some help in coding how to make that possible the user only need to press the button once for the correct upload.Thanks in advance Here is the full code of my my file: <?php session_start(); ?> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>title</title> </head> <?php $maidatum=date("Ymj"); echo "<script>getLocation();</script>"; //Az adatbázishoz való csatlakozás $conn = mysql_connect("localhost","root","asd"); if(!($conn))die("Nincs conn a kiszolgálóval!".mysql_error()); $adatbazisneve="schtrans"; mysql_select_db($adatbazisneve,$conn); mysql_query("set names 'utf8'"); mysql_query("set character set 'utf8'"); //Combobox $sql = "SELECT Jaratszam,Vezeto FROM user"; $rs = mysql_query($sql) or die(mysql_error()); echo "<form action=\"\" method=\"post\">"; echo<<<nev <select name='Lista'> nev; while($row = mysql_fetch_array($rs)){ echo "<option value='".$row["Jaratszam"]."'>".$row["Vezeto"]."</option>"; }mysql_free_result($rs); echo "</select>"; ///Combox vége echo<<<lekerd <form action="" method="post"> <input type="submit" name="bekuldes" value="Lekérdez" /> </form> </form> lekerd; echo<<<gps <form action="" method="post"> <input type="hidden" name= "longitude" id="longitude"> <input type= "hidden" name ="latitude" id="latitude"> </form> gps; if(isset($_POST["bekuldes"])) { $jaratszam = $_POST['Lista']; $_SESSION['jaratsz']=$jaratszam; $lekerdez_parancs="SELECT * FROM cim_$maidatum WHERE jarat=$jaratszam;"; $lekerdez=mysql_query($lekerdez_parancs, $conn); echo "<table border=\"1\">"; echo "<td>Utánvétel</td> <td>Megrendelés összege</td> <td>ISZ</td> <td>Város</td> <td>Utca</td> <td>Megjegyzés</td> <td>Csomagok</td> <td>Raklaphely</td> <td>Súly</td><td>Térfogat</td><td>Latitude</td><td>Longitude</td><td>Ido</td>"; $g=1; //cimszámláló while ($adatok=mysql_fetch_array($lekerdez)) { echo "<tr>"; $_SESSION['adatok0'][$g]=$adatok[0]; echo "<td>$adatok[2]</td> <td>$adatok[3]</td> <td>$adatok[4]</td> <td>$adatok[5]</td> <td>$adatok[6]</td> <td>$adatok[7]</td> <td>$adatok[8]</td> <td>$adatok[9]</td> <td>$adatok[10]</td><td>$adatok[11]</td><td>$adatok[13]</td><td>$adatok[14]</td>"; if ($adatok[12]==null) { echo<<<gomb <form action="" method="post"> <td> <input type="hidden" name= "longitude" id="longitude$g"> <input type= "hidden" name ="latitude" id="latitude$g"> <input type="submit" name="ido" value="$g" /></td> </form> gomb; } else {echo "<td>$adatok[12]</td>";} $g++; } echo "</table>"; } if(isset($_POST["ido"])) { $hanyadik=$_POST["ido"]; $longitudee="longitude$hanyadik"; $latitudee="latitude$hanyadik"; ?> <script> var x=document.getElementById("log"); function getLocation() { if (navigator.geolocation) { navigator.geolocation.getCurrentPosition(showPosition); } else{x.innerHTML="GPS szolgáltatás nem müködik ezen a böngészon, kérlek értesítsd a rendszergazdát!";} } function showPosition(position) { var latitude = position.coords.latitude; var longitude = position.coords.longitude; document.getElementById("<?php echo $longitudee;?>").value = longitude; document.getElementById("<?php echo $latitudee;?>").value = latitude; } </script> <?php echo "<script>getLocation();</script>"; $latitude=$_POST["latitude"]; $longitude=$_POST["longitude"]; print_r($_POST); $currentime=date("H:i:s"); $acim=$_SESSION['adatok0'][$hanyadik]; $idofeltolt_parancs="UPDATE cim_$maidatum SET ido='$currentime',lat='$latitude',longi='$longitude' WHERE cimid='$acim';"; $feltoltes=mysql_query($idofeltolt_parancs, $conn) or die(mysql_error()); //tryy $jaratszam=$_SESSION['jaratsz']; $lekerdez_parancs="SELECT * FROM cim_$maidatum WHERE jarat=$jaratszam;"; $lekerdez=mysql_query($lekerdez_parancs, $conn); mysql_query("set names 'utf8'"); mysql_query("set character set 'utf8'"); echo "<table border=\"1\">"; echo "<td>Utánvétel</td> <td>Megrendelés összege</td> <td>ISZ</td> <td>Város</td> <td>Utca</td> <td>Megjegyzés</td> <td>Csomagok</td> <td>Raklaphely</td> <td>Súly</td><td>Térfogat</td><td>Latitude</td><td>Longitude</td><td>Ido</td>"; $g=1; //cimszámláló while ($adatok=mysql_fetch_array($lekerdez)) { echo "<tr>"; $_SESSION['adatok0'][$g]=$adatok[0]; echo "<td>$adatok[2]</td> <td>$adatok[3]</td> <td>$adatok[4]</td> <td>$adatok[5]</td> <td>$adatok[6]</td> <td>$adatok[7]</td> <td>$adatok[8]</td> <td>$adatok[9]</td> <td>$adatok[10]</td><td>$adatok[11]</td><td>$adatok[13]</td><td>$adatok[14]</td>"; if ($adatok[12]==null) { echo<<<gomb <form action="" method="post"> <td> <input type="hidden" name= "longitude" id="longitude$g"> <input type= "hidden" name ="latitude" id="latitude$g"> <input type="submit" name="ido" value="$g" /></td> </form> gomb; } else {echo "<td>$adatok[12]</td>";} $g++; } echo "</table>"; } mysql_close($conn); ?> </html>

Read the article
Getting "Object is read only" error when setting ClientCredentials in WCF

- by Paul Mrozowski

I have a proxy object generated by Visual Studio (client side) named ServerClient. I am attempting to set ClientCredentials.UserName.UserName/Password before opening up a new connection using this code: InstanceContext context = new InstanceContext(this); m_client = new ServerClient(context); m_client.ClientCredentials.UserName.UserName = "Sample"; As soon as the code hits the UserName line it fails with an "Object is read-only" error. I know this can happen if the connection is already open or faulted, but at this point I haven't called context.Open() yet. I have configured the Bindings (which uses netTcpBinding) to use Message as it's security mode, and MessageClientCredentialType is set to UserName. Any ideas?

Read the article
X-Domain and P3P Headers

- by Jackson

Hi, I have a website A.com and a domain at B.com with a widget inside an iframe getting data from A.com. I want to allow x-domain cookies to be passed from a.com to inside the iframe using ASP.NET My understanding is that - I can do this in IE using P3P Headers - such that the A.com cookie is passed to the iframe and session | cookie data is preserved. The P3P headers have to be sent from the A.com and from the iframe. Is this correct ? In dev, my understanding is if I "accept all cookies" in IE - then P3P headers won't matter anyway and so this should all just work. If I put on Medium Security then P3P is required.

Read the article
Adding AllowPartiallyTrustedCallersAttribute To Paypal ASP.NET SDK

- by snwr

Currently, I cannot use Paypal Pro on my host (GoDaddy) because it requires Full trust level. After digging in Google, it seems a workaround is possible by adding AllowPartiallyTrustedCallersAttribute to the Paypal assembly. I have seen code samples that use AllowPartiallyTrustedCallersAttribute in their AssemblyInfo.cs file, however, I've yet to run into a code example that also happens to be using PayPal. My question is where should the AllowPartiallyTrustedCallersAttribute be added in my project if my objective is to make the PayPal assembly work? I have tried adding it to my AssemblyInfo.cs for the project that contains the entire website, but I have not been successful. At this point, any insight or shot in the dark would be greatly appreciated. Even if someone could point me in the general direction of some documentation I would be grateful. AllowPartiallyTrustedCallersAttribute Reference: http://msdn.microsoft.com/en-us/library/system.security.allowpartiallytrustedcallersattribute.aspx

Read the article
Using makecert for Development SSL

- by John

Here's my situation: I'm trying to create a SSL certificate that will be installed on all developer's machine's, along with two internal servers (everything is non-production). What do I need to do to create a certificate that can be installed in all of these places? Right now I've got something along these lines, using the makecert application in Microsoft Visual Studio 8\SDK\v2.0\Bin: makecert -r -pe -n "CN=MySite.com Dev" -b 01/01/2000 -e 01/01/2033 -eku 1.3.6.1.5.5.7.3.1 -ss Root -sr localMachine -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12 mycert.cer However, I'm not sure as to how to place this .cer file on the other computers, and when I install it on my local machine IIS, everytime I visit a page via https:, I get the security prompt (even after I've installed the certificate). Has anyone done this before?

Read the article

< Previous Page | 661 662 663 664 665 666 667 668 669 670 671 672 | Next Page >