Search Results

Search found 88705 results on 3549 pages for 'web application security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 73/3549 | < Previous Page | 69 70 71 72 73 74 75 76 77 78 79 80  | Next Page >

  • Mobile security solutions

    - by techzen
    What are the mobile security solutions used by you / your organization. What are the pro's and cons of usage of these solution - and how far have you been successful in implementing these - were there any loopholes / issues faced in using them?. In general, can you suggest a set of guidelines to watch for when going for going for selecting a specific solution in this context.

    Read the article

  • Methods for ensuring security between users in multi-user applications

    - by Emilio
    I'm writing a multiuser application (.NET - C#) in which each user's data is separated from the others and there is no data that's common between users. It's critical to ensure that no user has access to another user's data. What are some approaches for implementing security at the database level and/or in the application architecture to to accomplish this? For example (and this is totally made up - I'm not suggesting it's a good or bad approach) including a userID column in all data tables might be an approach. I'm developing the app in C# (asp.net) and SQL Server 2008. I'm looking for options that are are either native in the tools I'm using or general patterns.

    Read the article

  • WPF Skin Skinning Security Concerns

    - by Erik Philips
    I'm really new to the WPF in the .Net Framework (get that out of the way). I'm writing an application where the interface is very customizable by simply loading .xaml (at the moment a Page element) files into a frame and then mapping the controls via names as needed. The idea is to have a community of people who are interested in making skins, skin my application however they want (much like Winamp). Now the question arises, due to my lack of Xaml knowledge, is it possible to create malicious Xaml pages that when downloaded and used could have other embedded Iframes or other elements that could have embed html or call remote webpages with malicious content? I believe this could be the case. If this is the case then I two options; either I have an automated process that can remove these types of Xaml files by checking it’s elements prior to allowing download (which I would assume would be most difficult) or have a human review them prior to download. Are there alternatives I’m unaware of that could make this whole process a lot easier?

    Read the article

  • Grails + Spring Security one field login

    - by Miguel
    Hi all Is it possible, using spring security plugin 0.5.3 with Grails 1.2.1, to authenticate a user using only one field? I mean, for example, making j_username and j_password fields in the authentication form equal previous to the authentication. I read it was possible to define j_username field in Config.groovy with acegi plugin, in older versions of the plugin. Now it uses SecurityConfig.groovy but the possibility of defining the field exists no more. Any ideas?? Thanks a lot, Miguel

    Read the article

  • Amazon S3 security credentials per bucket

    - by slythic
    Hi all, I was wondering if it was possible to generate security credentials per individual Amazon S3 bucket. I am working with a developer and would like to grant him access only to the bucket we are working with. It's not a trust issue, it's more a concern that he'll delete the wrong bucket or its contents. For example: If we were working on an application that used a bucket called test-application I could generate the credentials for just that one bucket. These credentials would not allow access to other buckets in my account. Is this possible? Thanks, Tony

    Read the article

  • Stand - alone application with JBoss or Tomcat

    - by sufoid
    Hallo, I have a more specific question about deploying a Java-application. I have created a Java application, it is a WAR file and can be installed on any Java application server. This works perfect. Now for users who do not have Java experience I want to package somehow my application together with the application server and distribute it as a stand-alone version. Question 1: Is this possible? Question 2: Which application server would be best for this? Question 3: Where should I start to learn how to do this? Do you have any experience you can share with me. Thanks.

    Read the article

  • Security of executing a command from php

    - by Nicolò Martini
    I'm writing a web application in which i use several thirdy party commands calling them with the exec function in PHP (for example, I render Latex formulas through a command-line program). My question is: what are the security issues of executing external command-line programs in php? What I have to be aware of? Can you give me a list of points to check? Thanks in advance.

    Read the article

  • google account security ?

    - by Chez
    I want to write a web-app which would ask the user to pass their google account (user and pwd) so that it can access their google data. I understand google supports alternative ways to do this, such as AuthSub and OathAuthSub. Also google discourages apparently clientLogin (which would be my approach) for web apps. My question is: if I were asking the user to register to my app by passing me a 'read only' google account ? so effectively I don't ask them to pass me their account but to create another account which is readonly. does anybody see anything wrong with this ? am I missing something ? Since their google account continues to be the admin they don't risk (in terms of security) anything. Any help would be welcome ? Thanks

    Read the article

  • Android Template Application?

    - by stormin986
    I have built an application that I want to use as the foundation for a few other variants. The variants will come from assets / resource files and a unique AndroidManifest.xml. However, I want to be able to leave all the application code alone (modifying the package of all my classes, etc). I'm having a hard time figuring out how to do so. My first thought was to simply have my main application in its own package, and then specify the specific application package in the manifest. However, this gives me issues with the generated R.java class, since it is generated to be in the main application's package. Anyone have any thoughts on how to accomplish this? To have a code baseline, and the application variants happen in resources/assets and the manifest?

    Read the article

  • Best approach to create a security environment in Java

    - by Tom Brito
    I need to create a desktop application that will run third party code, and I need to avoid the third party code from export by any way (web, clipboard, file io) informations from the application. Somethig like: public class MyClass { private String protectedData; public void doThirdPartyTask() { String unprotedtedData = unprotect(protectedData); ThirdPartyClass.doTask(unprotectedData); } private String unprotect(String data) { // ... } } class ThirdPartyClass { public static void doTask(String unprotectedData) { // Do task using unprotected data. // Malicious code may try to externalize the data. } } I'm reading about SecurityManager and AccessControler, but I'm still not sure what's the best approach to handle this. What should I read about to do this implementation?

    Read the article

  • Spring Security User

    - by DD
    What is best practise in Spring when creating a new user with custom attributes...to extend org.springframework.security.core.userdetails.User or to create the User in the UserDetailsService (this is the approach taken in the IceFaces tutorial). public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException { AppUser user = userDAO.findUser(username); if (user == null) throw new UsernameNotFoundException("User not found: " + username); else { return makeUser(user); } } private User makeUser(AppUser user) { return new User(user.getLogin(), user .getPassword(), true, true, true, true, makeGrantedAuthorities(user)); }

    Read the article

  • Javascript reference external script file - security implications

    - by rkrauter
    Hi, If I have a reference to an external third party JavaScript file on my website, what are the security implications? Can the JavaScript file be used to steal cookies? One example of this is the Google Analytics JavaScript reference file. Could the third party technically steal cookies or any other sensitive information from my logged on users (XSS)? The whole cross domain scripting has me confused sometimes. Thanks!

    Read the article

  • Detecting suspicious behaviour in a web application - what to look for?

    - by Sosh
    I would like to ask the proactive (or paranoid;) among us: What are you looking for, and how? I'm thinking mainly about things that can be watched for programaticaly, rather than manually inspecting logs. For example: - Manual/automated hack attempts - Data skimming - Bot registrations (that have evaded captcha etc.) - Other unwanted behaviour Just wondering what most people would consider practical and effective..

    Read the article

  • File System and security (PHP)

    - by Felicita
    Consider a simple file upload system written in php. Customer has access only in admin panel. (Not FTP). He may change folder option from 707 to 755 for security issue. How can do this? Can we do this from upload script ? If yes is this a secure application?

    Read the article

  • Security issues in accepting passwords vs auto generating the password

    - by Vivekanand Poojari
    Hi, I am developing a console application. This application generates a self signed certificate and installs it in the current machine's certificate store. The steps invlolved are :- Generate a certificate Create a pfx file Install the pfx file For these steps i would need a password for protecting the private key and the pfx file. However these passwords are used only during the execution of the exe. Should I auto generate a password using some random number generation algorithm or accept the password as input from the user? What are the security issues involved in both the scenarios ? Thanks Vivekanand

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 69 70 71 72 73 74 75 76 77 78 79 80  | Next Page >