Search Results

Search found 20283 results on 812 pages for 'security context'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 88/812 | < Previous Page | 84 85 86 87 88 89 90 91 92 93 94 95  | Next Page >

  • Can't change user security on folder - Business Objects XI 3.1

    - by Chris W
    I've got a single folder within the list of All Folders that I can't change any user permissions on. I'm logged in as an admin and when I view security for the folder it says I have full rights to the folder yet i can't change anything on it or it's sub folders even though it clearly shows me as having rights to "Modify the rights users have to objects". As a test I added a new sub-folder called Test which created ok but I'm not able to then delete the sub folder or change it's permissions either. Interestingly we changed permissions on one sub-folder last week without issue but when I check that folder today I now can't update it. Any ideas anyone?

    Read the article

  • Windows azure: Security Concerns

    - by veda
    I am concern about the security of the data and application on Windows Azure... I read in a book that The windows azure provides security through service-level agreement. Can anyone tell me about the What kind of authentication mechanisms used to protect my data. How Microsoft provides these securities...

    Read the article

  • How to change behavior of items in Firefox context menu

    - by tom
    Hi, I'm trying to change the behavior of in placesOverlay.xul. My goal is to disable the Properties entry upon conditions that I need to figure out using Javascript. I am new to XBL bindings and handlers and don't know how to register such a handler for an existing/browser-defined XUL element. Or is there a simpler way? Thanks.

    Read the article

  • Security issue when returning local filesystem results in a custom Windows Federated Search Provider

    - by user561922
    hi- i'm following the instructions on how to build a custom search provider for windows federated search: http://msdn.microsoft.com/en-us/library/dd742956(v=VS.85) i'm returning local results of the form: File://C:\Users\user\file.txt however, when i perform a search, i get results that say: "This item was blocked because of your Internet security settings". how can i change my security settings so that federated search will allow my customer search provider to return local filesystem results? thanks.

    Read the article

  • PHP: prevent invocation of method X from from context != Y

    - by sunwukung
    This is a tricky one. I am "emulating" ZF Bootstrapping (surface appearance). Don't ask me why, call it academic interest. So I have a Bootstrap Abstract with a method "run" that iterates over itself to locate any methods prefixed with "init". The application looks for a user defined class which extends this class, in which the user can define any number of methods in this way. However, I want to prevent the user from being able to execute the "run" command of it's parent class, while still exposing the same command for the client code. Anyone got any thoughts/advice/guidance? regards SWK

    Read the article

  • sudoers security

    - by jetboy
    I've setup a script to do Subversion updates across two servers - the localhost and a remote server - called by a post-commit hook run by the www-data user. /srv/svn/mysite/hooks/post-commit contains: sudo -u cli /usr/local/bin/svn_deploy /usr/local/bin/svn_deploy is owned by the cli user, and contains: #!/bin/sh svn update /srv/www/mysite ssh cli@remotehost 'svn update /srv/www/mysite' To get this to work I've had to add the following to the sudoers file: www-data ALL = (cli) NOPASSWD: /usr/local/bin/svn_deploy cli ALL = NOEXEC:NOPASSWD: /usr/local/bin/svn_deploy Entries for both www-data and cli were necessary to avoid the error: post commit hook failed: no tty present and no askpass program specified I'm wary of giving any kind of elevated rights to www-data. Is there anything else I should be doing to reduce or eliminate any security risk?

    Read the article

  • Stateful beans and Stateless beans in Spring context

    - by umesh awasthi
    Hi All, i am reading spring through its official documentation and at one place i came to a line that use prototype scope for for all statefull beans while singleton for stateless beans. i know there is something as statefull as well stateless beans in EJB but this is not what they have mentioned in the documents. Can any one explain me what exact this means of statefull as well stateless beans in Spring Thanks in advance

    Read the article

  • What are the tradeoffs involved in referencing Context in a library?

    - by C. Ross
    Context is one of the core classes of Android, and many functions it contains are useful in Android library projects, particularly accessing configuration. What are the trade offs involved in accessing the Context in a library, either by injection or by subclassing Application in the library, and subclassing that in the application. Does this make the application brittle or introduce inappropriate coupling?

    Read the article

  • LINQ Data Context Not Showing Methods

    - by CccTrash
    For some reason my DataContext is not showing all the normal methods like SubmitChanges() etc in the intellisense. It also won't compile if I type in db.SubmitChanges(); Any idea what I'm doing wrong? Normally I don't have this issue, I have several other projects that work fine... Image of what I'm talking about:

    Read the article

  • Getting the name of a child class in the parent class (static context)

    - by Benoit Myard
    Hi everybody, I'm building an ORM library with reuse and simplicity in mind; everything goes fine except that I got stuck by a stupid inheritance limitation. Please consider the code below: class BaseModel { /* * Return an instance of a Model from the database. */ static public function get (/* varargs */) { // 1. Notice we want an instance of User $class = get_class(parent); // value: bool(false) $class = get_class(self); // value: bool(false) $class = get_class(); // value: string(9) "BaseModel" $class = __CLASS__; // value: string(9) "BaseModel" // 2. Query the database with id $row = get_row_from_db_as_array(func_get_args()); // 3. Return the filled instance $obj = new $class(); $obj->data = $row; return $obj; } } class User extends BaseModel { protected $table = 'users'; protected $fields = array('id', 'name'); protected $primary_keys = array('id'); } class Section extends BaseModel { // [...] } $my_user = User::get(3); $my_user->name = 'Jean'; $other_user = User::get(24); $other_user->name = 'Paul'; $my_user->save(); $other_user->save(); $my_section = Section::get('apropos'); $my_section->delete(); Obviously, this is not the behavior I was expecting (although the actual behavior also makes sense).. So my question is if you guys know of a mean to get, in the parent class, the name of child class.

    Read the article

  • Win 2008 Server & IIS7: ASP installed but displays 'FILE DOWNLOAD - SECURITY WARNING"

    - by AzC
    Hi Dudes, Installed Win 2008 server and IIS7. Enabled ASP Classic and ASP.NET on it. Can't get any ASP scripts to run e.g. desperate.asp containing following line: <% Response.Write "Hello Love, Fancy a Date?" % It just comes up with a "FILE DOWNLOAD - SECURITY WARNING" panel asking em to download. When I select anything it keeps looping. Found lots fo stuff on internet but nothing working. Also same for other ASP scripts HTML works no problem e.g. a file called reply.html containing: Get lost little boy. We only serve French Fries in Macdonalds Any ideas?

    Read the article

  • Getting Path (context root) to the Application in Restlet

    - by Chad Gorshing
    I am needing to get the application root within a Restlet resource class (it extends ServerResource). My end goal is trying to return a full explicit path to another Resource. I am currently using getRequest().getResourceRef().getPath() and this almost gets me what I need. This does not return the full URL (like http://example.com/app), it returns to me /resourceName. So two problems I'm having with that, one is it is missing the schema (the http or https part) and server name, the other is it does not return where the application has been mounted to. So given a person resource at 'http://dev.example.com/app_name/person', I would like to find a way to get back 'http://dev.example.com/app_name'. I am using Restlet 2.0 RC3 and deploying it to GAE.

    Read the article

  • java web start security warning

    - by ria
    I have a web application that downloads a jar file from the web server using java web start. The jar is signed using J2SE security tool. However, I get the security warning "The application digital signature cannot be verified. Do you want to run the application?" Am I missing something that is causing this??

    Read the article

  • how to get rid of certificate error: navigation blocked in ie8

    - by Radek
    when I access our intranet via https I get this "certificate error: navigation blocked" error in IE8 on Windows XP SP3. I can click Continue to this website (not recommended). but I use IE for automation testing so I have to avoid these extra clicks. Any idea? I tried setting “Turn off the Security Settings Check feature” to enabled. setting "Display Mixed Content" to enabled lowering security levels to minimum adding the web server address to trusted zone

    Read the article

  • Is this iptables NAT exploitable from the external side?

    - by Karma Fusebox
    Could you please have a short look on this simple iptables/NAT-Setup, I believe it has a fairly serious security issue (due to being too simple). On this network there is one internet-connected machine (running Debian Squeeze/2.6.32-5 with iptables 1.4.8) acting as NAT/Gateway for the handful of clients in 192.168/24. The machine has two NICs: eth0: internet-faced eth1: LAN-faced, 192.168.0.1, the default GW for 192.168/24 Routing table is two-NICs-default without manual changes: Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 (externalNet) 0.0.0.0 255.255.252.0 U 0 0 0 eth0 0.0.0.0 (externalGW) 0.0.0.0 UG 0 0 0 eth0 The NAT is then enabled only and merely by these actions, there are no more iptables rules: echo 1 > /proc/sys/net/ipv4/ip_forward /sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE # (all iptables policies are ACCEPT) This does the job, but I miss several things here which I believe could be a security issue: there is no restriction about allowed source interfaces or source networks at all there is no firewalling part such as: (set policies to DROP) /sbin/iptables -A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT /sbin/iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT And thus, the questions of my sleepless nights are: Is this NAT-service available to anyone in the world who sets this machine as his default gateway? I'd say yes it is, because there is nothing indicating that an incoming external connection (via eth0) should be handled any different than an incoming internal connection (via eth1) as long as the output-interface is eth0 - and routing-wise that holds true for both external und internal clients that want to access the internet. So if I am right, anyone could use this machine as open proxy by having his packets NATted here. So please tell me if that's right or why it is not. As a "hotfix" I have added a "-s 192.168.0.0/24" option to the NAT-starting command. I would like to know if not using this option was indeed a security issue or just irrelevant thanks to some mechanism I am not aware of. As the policies are all ACCEPT, there is currently no restriction on forwarding eth1 to eth0 (internal to external). But what are the effective implications of currently NOT having the restriction that only RELATED and ESTABLISHED states are forwarded from eth0 to eth1 (external to internal)? In other words, should I rather change the policies to DROP and apply the two "firewalling" rules I mentioned above or is the lack of them not affecting security? Thanks for clarification!

    Read the article

  • jersey security and session management

    - by Adhir
    Hi, Is there a way for session management or security available programatically in Jersey specification. e.g. like a web-application session management. Or is transaction, session, security all handeled by the containor on which the jersey application is deployed. Adhir

    Read the article

  • Dynamic context menu items

    - by Willem
    I am using Eclipse RCP to build desktop app. When the user invokes a popup menu I'd like to add some items to the menu. Something like a list of "suggested actions" to take for a problem. The pop-up is is on a table and it already has commands on it. What is the right way to implement this?

    Read the article

  • ...may not be used in this context...while serialization

    - by phenevo
    Hi, I've webservice and WebMethod [webMethod] public object GetObjects(Cars[] cars) { return Translator.ToObjects(Facade.GetObjects(cars); } public static object GetObjects(Cars cars) { List<Car> cars =new List<Country(...fillingcollection) return cars.ToArray(), } public static object ToObjects(object collection) { if(collection is Car[]) { return ConvertModelCarsToContractCars(collection), } public ModelCar[] ConvertModelCarsToContractCars(Cars[] collection) { ...there is rewriting pool... } And I get exception at side of client: There was an error generating the XML document. I'm using this function to check collection which I would send to the client and it works, doesn't return exceptions: public static void SerializeContainer(object obj) { try { // Make sure even the construsctor runs inside a // try-catch block XmlSerializer ser = new XmlSerializer(typeof(object)); TextWriter w = new StreamWriter(@"c:\list.xml"); ser.Serialize(w, obj); w.Close(); } catch (Exception ex) { DumpException(ex); } } Interesting is when collection has only One element [webmethod] works fine, but when is more it brokes

    Read the article

  • Restricting Directory access from web application context

    - by Yogi
    i have a web application which stores users file in directory which is under webroot directory.. Suppose web application is under 'fileupload' and all files are getting stored in 'xyz' folder under 'fileupload' so now if user points to url say like www.xyzpqr.com/fileupload/xyz/abc.doc, he gets that file. How do i restirct this from happening.. i have thought of putting xyz folder in WeB-inf folder but as my application is very big i have to made changes at too many places.. so is there any way so that without moving the folder to web-inf (restricted folders) i can achieve wat i want..

    Read the article

  • XP Missing AD in secuirity location

    - by Rodent43
    I have a few Window XP clients that are part of a domain, when trying to set the permissions on the security tab and pressing location to search the AD for users it only presents the local machine... So I follow this path Right click folder Properties Security Add in the locations field where I would normally see the windows domain, I am only seeing the local machine name??? So only users that have a local account can be added to the folders permissions... Any tips would be appreciated

    Read the article

  • SQL2005 reporting server: intense security activity

    - by David Wimbush
    On my reporting server the Security log shows large numbers of Logon/Logoff events, often 10 or more, when you run pretty much any report in the Report Manager. Is this normal or is it a classic sign of having the wrong setup? Some system details: Windows Server 2003 R2 SP2, virtual server running under VMWare). SQL Server 2005 SP3 Standard Edition, running databases, Report Manager, and Ananlysis Services cubes. No other major services on the machine (i.e. it's not a domain controller, Exchange server or anything like that). Any ideas, please, guys?

    Read the article

  • Object equality in context of hibernate / webapp

    - by bert
    How do you handle object equality for java objects managed by hibernate? In the 'hibernate in action' book they say that one should favor business keys over surrogate keys. Most of the time, i do not have a business key. Think of addresses mapped to a person. The addresses are keeped in a Set and displayed in a Wicket RefreshingView (with a ReuseIfEquals strategy). I could either use the surrogate id or use all fields in the equals() and hashCode() functions. The problem is that those fields change during the lifetime ob the object. Either because the user entered some data or the id changes due to JPA merge() being called inside the OSIV (Open Session in View) filter. My understanding of the equals() and hashCode() contract is that those should not change during the lifetime of an object. What i have tried so far: equals() based on hashCode() which uses the database id (or super.hashCode() if id is null). Problem: new addresses start with an null id but get an id when attached to a person and this person gets merged() (re-attached) in the osiv-filter. lazy compute the hashcode when hashCode() is first called and make that hashcode @Transitional. Does not work, as merge() returns a new object and the hashcode does not get copied over. What i would need is an ID that gets assigned during object creation I think. What would be my options here? I don't want to introduce some additional persistent property. Is there a way to explicitly tell JPA to assign an ID to an object? Regards

    Read the article

  • Security review of an authenticated Diffie Hellman variant

    - by mtraut
    EDIT I'm still hoping for some advice on this, i tried to clarify my intentions... When i came upon device pairing in my mobile communication framework i studied a lot of papers on this topic and and also got some input from previous questions here. But, i didn't find a ready to implement protocol solution - so i invented a derivate and as i'm no crypto geek i'm not sure about the security caveats of the final solution: The main questions are Is SHA256 sufficient as a commit function? Is the addition of the shared secret as an authentication info in the commit string safe? What is the overall security of the 1024 bit group DH I assume at most 2^-24 bit probability of succesful MITM attack (because of 24 bit challenge). Is this plausible? What may be the most promising attack (besides ripping the device out off my numb, cold hands) This is the algorithm sketch For first time pairing, a solution proposed in "Key agreement in peer-to-peer wireless networks" (DH-SC) is implemented. I based it on a commitment derived from: A fix "UUID" for the communicating entity/role (128 bit, sent at protocol start, before commitment) The public DH key (192 bit private key, based on the 1024 bit Oakley group) A 24 bit random challenge Commit is computed using SHA256 c = sha256( UUID || DH pub || Chall) Both parties exchange this commitment, open and transfer the plain content of the above values. The 24 bit random is displayed to the user for manual authentication DH session key (128 bytes, see above) is computed When the user opts for persistent pairing, the session key is stored with the remote UUID as a shared secret Next time devices connect, commit is computed by additionally hashing the previous DH session key before the random challenge. For sure it is not transfered when opening. c = sha256( UUID || DH pub || DH sess || Chall) Now the user is not bothered authenticating when the local party can derive the same commitment using his own, stored previous DH session key. After succesful connection the new DH session key becomes the new shared secret. As this does not exactly fit the protocols i found so far (and as such their security proofs), i'd be very interested to get an opinion from some more crypto enabled guys here. BTW. i did read about the "EKE" protocol, but i'm not sure what the extra security level is.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 84 85 86 87 88 89 90 91 92 93 94 95  | Next Page >