Search Results

Search found 1052 results on 43 pages for 'secret'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 9/43 | < Previous Page | 5 6 7 8 9 10 11 12 13 14 15 16  | Next Page >

  • Rails send mail with GMail

    - by Danny McClelland
    Hi Everyone, I am on rails 2.3.5 and have the latest Ruby installed and my application is running well, except, GMail emails. I am trying to setup my gmail imap connection which has worked previously but now doesnt want to know. This is my code: # Be sure to restart your server when you modify this file # Uncomment below to force Rails into production mode when # you don't control web/app server and can't set it the proper way # ENV['RAILS_ENV'] ||= 'production' # Specifies gem version of Rails to use when vendor/rails is not present RAILS_GEM_VERSION = '2.3.5' unless defined? RAILS_GEM_VERSION # Bootstrap the Rails environment, frameworks, and default configuration require File.join(File.dirname(__FILE__), 'boot') Rails::Initializer.run do |config| # Gems config.gem "capistrano-ext", :lib => "capistrano" config.gem "configatron" # Make Time.zone default to the specified zone, and make Active Record store time values # in the database in UTC, and return them converted to the specified local zone. config.time_zone = "London" # The internationalization framework can be changed to have another default locale (standard is :en) or more load paths. # All files from config/locales/*.rb,yml are added automatically. # config.i18n.load_path << Dir[File.join(RAILS_ROOT, 'my', 'locales', '*.{rb,yml}')] #config.i18n.default_locale = :de # Your secret key for verifying cookie session data integrity. # If you change this key, all old sessions will become invalid! # Make sure the secret is at least 30 characters and all random, # no regular words or you'll be exposed to dictionary attacks. config.action_controller.session = { :session_key => '_base_session', :secret => '7389ea9180b15f1495a5e73a69a893311f859ccff1ffd0fa2d7ea25fdf1fa324f280e6ba06e3e5ba612e71298d8fbe7f15fd7da2929c45a9c87fe226d2f77347' } config.active_record.observers = :user_observer end ActiveSupport::CoreExtensions::Date::Conversions::DATE_FORMATS.merge!(:default => '%d/%m/%Y') ActiveSupport::CoreExtensions::Time::Conversions::DATE_FORMATS.merge!(:default => '%d/%m/%Y') require "will_paginate" ActionMailer::Base.delivery_method = :smtp ActionMailer::Base.smtp_settings = { :enable_starttls_auto => true, :address => "smtp.gmail.com", :port => 587, :domain => "XXXXXXXX.XXX", :authentication => :plain, :user_name => "XXXXXXXXXX.XXXXXXXXXX.XXX", :password => "XXXXX" } But the above just results in an SMTP auth error in the production log. I have read varied reports of this not working in Rails 2.2.2 but nothing for 2.3.5, anyone got any ideas? Thanks, Danny

    Read the article

  • Security review of an authenticated Diffie Hellman variant

    - by mtraut
    EDIT I'm still hoping for some advice on this, i tried to clarify my intentions... When i came upon device pairing in my mobile communication framework i studied a lot of papers on this topic and and also got some input from previous questions here. But, i didn't find a ready to implement protocol solution - so i invented a derivate and as i'm no crypto geek i'm not sure about the security caveats of the final solution: The main questions are Is SHA256 sufficient as a commit function? Is the addition of the shared secret as an authentication info in the commit string safe? What is the overall security of the 1024 bit group DH I assume at most 2^-24 bit probability of succesful MITM attack (because of 24 bit challenge). Is this plausible? What may be the most promising attack (besides ripping the device out off my numb, cold hands) This is the algorithm sketch For first time pairing, a solution proposed in "Key agreement in peer-to-peer wireless networks" (DH-SC) is implemented. I based it on a commitment derived from: A fix "UUID" for the communicating entity/role (128 bit, sent at protocol start, before commitment) The public DH key (192 bit private key, based on the 1024 bit Oakley group) A 24 bit random challenge Commit is computed using SHA256 c = sha256( UUID || DH pub || Chall) Both parties exchange this commitment, open and transfer the plain content of the above values. The 24 bit random is displayed to the user for manual authentication DH session key (128 bytes, see above) is computed When the user opts for persistent pairing, the session key is stored with the remote UUID as a shared secret Next time devices connect, commit is computed by additionally hashing the previous DH session key before the random challenge. For sure it is not transfered when opening. c = sha256( UUID || DH pub || DH sess || Chall) Now the user is not bothered authenticating when the local party can derive the same commitment using his own, stored previous DH session key. After succesful connection the new DH session key becomes the new shared secret. As this does not exactly fit the protocols i found so far (and as such their security proofs), i'd be very interested to get an opinion from some more crypto enabled guys here. BTW. i did read about the "EKE" protocol, but i'm not sure what the extra security level is.

    Read the article

  • Sinatra: How do I provide access to a login form while preventing access to the rest of my Sinatra a

    - by Brandon Toone
    I recently created a Sinatra app with a login form (no basic auth). To prevent access to the app unless the user logged in I put a before block in place before do unless request.path_info == '/login' authenticated? end end I quickly realized that this prevented me from accessing resources in the public directory like my style sheet and logo unless authenticated first as well. To get around that I changed my filter to the following: before do unless request.path_info == '/login' || request.path_info == "/stylesheets/master.css" || request.path_info == "/images/logo.png" authenticated? end end If there were lots of resources I needed to provide exceptions to this way of making them would quickly become overwhelming. What is a better way to code this so I can make exceptions for the public directory or even its specific sub-directories and files like /stylesheets, /images, /images/bg.png but not /secret or /secret/eyes-only.pdf? Or ... Is there a completely different best-practice to handle this situation of locking down everything except the stuff related to logging in (handlers, views, resources)?

    Read the article

  • Scratchable Ticket kind Custom View Item in Android ?

    - by Andhravaala
    Hi All, I need to develop a Instant Lottery game app. I need an idea/procedure to implement Scratchable custom widget similar to instant Lottery Tickets in Android. The requirement is like, the actual content(secret number) should be covered by some image(which indicates scratch area). When the user touch and scratch the image, the image has to disappear slowly and the background content(secret number) should appear accordingly. Please let me know the best way to implement this. I am in real need of it. Thanks in advance.

    Read the article

  • facebook extended access token login

    - by Pota Onasys
    I have the following code: $facebook = new Facebook(array( 'appId' => ID, 'secret' => SECRET, 'cookie' => true)); $fb_uid = $facebook->getUser(); if($fb_uid) { // check if person with fb_uid as facebook id in database, // if so log them in. If not, register them. $fb_user = $facebook->api('/' . $fb_uid); I then get their email address using $fb_user['email'] and facebook_id and store in the database as a means to log them in the future Sometimes $fb_uid returns false even though the person is logged in using facebook ... I think it is because the access token expires. how can I change this code to incorporate the extended access token to log in the user to my site? offline access token is deprecated, so I need to use the extended access token.

    Read the article

  • REST authentication S3 like hmac sha1 signature vs symetric data encryption.

    - by coulix
    Hello stackers, I was arguing about an S3 like aproach using authorization hash with a secret key as the seed and some data on the request as the message signed with hmac sha1 (Amazon S3 way) vs an other developer supporting symetric encryption of the data with a secret key known by the emiter and the server. What are the advantage of using signed data with hmac sha1 vs symetric key other than the fact that with the former, we do not need to encrypt the username or password. What would be the hardest to break ? symetric encryption or sha1 hashing at la S3 ? If all big players are using oauth and similar without symetric key it is sure that there are obvious advantages, what are those ?

    Read the article

  • How to get the stream of a public Facebook fanpage in php?

    - by Bundy
    Hi, I want to display my public fanpage feed onto my website via the Facebook API without requiring a login. I'm doing this require_once('../includes/classes/facebook-platform/php/facebook.php'); $fb = new Facebook($api_key, $secret); $fb->api_client->stream_get('',$app_id,'0','0','','','','','')); But I get this error Fatal error: Uncaught exception 'FacebookRestClientException' with message 'user id parameter or session key required' in includes/classes/facebook-platform/php/facebookapi_php5_restlib.php:3065 Stack trace: #0 includes/classes/facebook-platform/php/facebookapi_php5_restlib.php(1915): FacebookRestClient->call_method('facebook.stream...', Array) #1 facebook/api.php(12): FacebookRestClient->stream_get('', 13156929019, '0', '0', 30, '', '', '', '') #2 {main} thrown in includes/classes/facebook-platform/php/facebookapi_php5_restlib.php on line 3065 Then I figured, because of 'user id parameter or session key required', to add my user id to the call require_once('../includes/classes/facebook-platform/php/facebook.php'); $fb = new Facebook($api_key, $secret); $fb->api_client->stream_get(502945616,13156929019,$app_id,'0','0','','','','','')); But then I got this error Fatal error: Uncaught exception 'FacebookRestClientException' with message 'Session key invalid or no longer valid' I'm totally clueless :)

    Read the article

  • Storing API keys in Android, is obfustication enough?

    - by fredley
    I'm using the Dropbox API. In the sample app, it includes these lines: // Replace this with your consumer key and secret assigned by Dropbox. // Note that this is a really insecure way to do this, and you shouldn't // ship code which contains your key & secret in such an obvious way. // Obfuscation is good. final static private String CONSUMER_KEY = "PUT_YOUR_CONSUMER_KEY_HERE"; final static private String CONSUMER_SECRET = "PUT_YOUR_CONSUMER_SECRET_HERE"; I'm well aware of the mantra 'Secrecy is not Security', and obfuscation really only slightly increases the amount of effort required to extract the keys. I disagree with their statement 'Obfustication is good'. What should I do to protect the keys then? Is obfustication good enough, or should I consider something more elaborate?

    Read the article

  • Asterisk + FreePBX + GoTalk. Inbound route not working.

    - by user289581
    I'm running asterisk 1.6.2.6 and freepbx-2.7.0 My trunk is configured as follows: Outgoing Settings Trunk name: GoTalk Peer Details: host=sip.gotalk.com username=09xxxxxx secret=YNxxxxxx type=peer fromuser=09xxxxxx fromdomain=sip.gotalk.com canreinvite=no insecure=very Incoming Settings User Context: 09xxxxx User Details: username=09xxxxx fromuser=09xxxxx type=peer secret=YNxxxxx insecure=very host=dynamic fromdomain=sip.gotalk.com context=from-pstn Register String: 09xxxxxx:[email protected]/09xxxxxx I have an inbound route called Incoming with DID 09xxxxxx diverted to local extension 200 When I do a sip trace and dial my telephone number 0741xxxxx I just get failure beeps. I never see any SIP traffic from GoTalk to my asterisk server trying to connect the call. Seems I'm not registering correctly for incoming calls because GoTalk aren't sending them to me. I am correct in using the GoTalk username 09xxxxxx as the DID, aren't I ? I've tried using my phone number but it makes no difference.

    Read the article

  • How to avoid my this facebook app api login page?

    - by user1035140
    I got a problem regrading with my apps which is once I go to my apps, it sure will show me a login page instead of allow page? it always display the login page 1st then only display allow page, I had tried other apps, if I am 1st time user, It sure will appear the allow page only, it did not show me the login page. my question is how to I avoid my login page direct go to allow page? here is my login page picture here is my apps link https://apps.facebook.com/christmas_testing/ here is my facebook php jdk api coding <?php $fbconfig['appid' ] = "XXXXXXXXXXXXX"; $fbconfig['secret'] = "XXXXXXXXXXXXX"; $fbconfig['baseUrl'] = "myserverlink"; $fbconfig['appBaseUrl'] = "http://apps.facebook.com/christmas_testing/"; if (isset($_GET['code'])){ header("Location: " . $fbconfig['appBaseUrl']); exit; } if (isset($_GET['request_ids'])){ //user comes from invitation //track them if you need header("Location: " . $fbconfig['appBaseUrl']); } $user = null; //facebook user uid try{ include_once "facebook.php"; } catch(Exception $o){ echo '<pre>'; print_r($o); echo '</pre>'; } // Create our Application instance. $facebook = new Facebook(array( 'appId' => $fbconfig['appid'], 'secret' => $fbconfig['secret'], 'cookie' => true, )); //Facebook Authentication part $user = $facebook->getUser(); $loginUrl = $facebook->getLoginUrl( array( 'scope' => 'email,publish_stream,user_birthday,user_location,user_work_history,user_about_me,user_hometown' ) ); if ($user) { try { // Proceed knowing you have a logged in user who's authenticated. $user_profile = $facebook->api('/me'); } catch (FacebookApiException $e) { //you should use error_log($e); instead of printing the info on browser d($e); // d is a debug function defined at the end of this file $user = null; } } if (!$user) { echo "<script type='text/javascript'>top.location.href = '$loginUrl';</script>"; exit; } //get user basic description $userInfo = $facebook->api("/$user"); function d($d){ echo '<pre>'; print_r($d); echo '</pre>'; } ?

    Read the article

  • how to use facebooks old client library

    - by tushar
    i installed the old library from here:http://pearhub.org/get/facebook-0.1.0.tgz and then extracted the facebook.php file and wrote an index.php file in the same folder with the index .php file just displaying hello "username" but the problem is the index.php when run in browser does not show anythink its blank i have xamp installed on my system please help my index.php code is: require_once 'facebook.php'; $api_key = 'fda501108b3b955bcf0f87a4008bc786'; $secret = '833b35812a3e6b379a5158b2f3f0611f'; $facebook = new Facebook($api_key, $secret); $user_id = $facebook-require_login(); // Greet the currently logged-in user! echo "Hello, !"; ?

    Read the article

  • How To Securly Store Data In MySQL Using AES_ENCRYPT

    - by Justin
    We are storing sensitive data in MySQL, and I want to use AES_ENCRYPT(data, 'my-secret-key-here') which works great. My biggest question is how do I secure the key? Previously I just wast storing the key in a web PHP file, so something like: define("ENCRYPTION_KEY", 'my-secret-key-here'); This really doesn't work though, as our MySQL server and web server are the same physical machine, so if somebody gains access to the server, they can get both the encrypted data stored in MySQL and the key. Any ideas? I am thinking I need to move the key to a separate server, and read it in remotely. Or, what about generating the encryption key dynamically for each piece of data. For example taking the customer_id and running md5 on it, and then using that as the key.

    Read the article

  • Configuring Cisco 877W router from scratch for DHCP, WiFi, ADSL2+, NAT

    - by David M Williams
    Hi all, I apologise if this is a BIG question but I am quite lost with the Cisco IOS. I know what I want to achieve just not how to do it :( I have a Cisco 877W router with 4 FastEthernet interfaces, 1 ATM interface and 1 802.11 Radio. I want to set it up for a small network and am trying to construct a configuration below. I was using Google to try and flesh it out but I think I need help and guidance from actual experts! If it helps, output from show ver says Cisco IOS software, C870 software (C870-ADVSECURITYK9-M), version 12.4(4)T7, release software (fc1) ROM: System bootstrap, version 12.3(8r)YI4, release software Here's what I have so far, which hopefully outlines clearly enough what I am wanting to do. The bits in angle brackets are placeholders (eg the secret password). ! ! Set router hostname ! hostname Shazam ! ! Set usernames and passwords ! username david privilege 15 secret 0 <PASSWORD> enable secret <SECRETPASSWORD> ! ! Configure SSH and telnet access ! line vty 0 4 privilege level 15 login local transport input telnet ssh ! ! Local logging ! logging buffered 51200 warning ! ! Set date and time for NSW, Australia (GMT +10h) ! ! ! Set router IP address to 192.168.1.1 on FastEthernet0 port ! interface FastEthernet0 ip address 192.168.1.1 255.255.255.0 no shut ip nat inside ! ! Forward any unknown DNS requests to Google ! ip dns server ip name-server 8.8.8.8 ip name-server 8.8.4.4 ! ! Set up DHCP ! DHCP pool covers 192.168.1.100 - .199 ! Set gateway and DNS server to be the router, ie 192.168.1.1 ! service dhcp ip routing ip dhcp excluded-address 192.168.1.1 192.168.1.99 ip dhcp excluded-address 192.168.1.200 192.168.1.255 ip dhcp pool <DHCPPOOLNAME> network 192.168.1.0 255.255.255.0 default-router 192.168.1.1 dns-server 192.168.1.1 lease 7 ! ! DHCP reservations ! ! Assign IP address 192.168.1.105 to MAC address 00-21-5D-2F-58-04 ! ! Configure ADSL2 connection details ! interface atm dsl operating-mode adsl2+ ! ! Set up NAT rules ! ! Forward port 35394 to 192.168.1.105 ! ! Set up WiFi ! ! SSID visible, WPA2 security, Pre-shared key I'm hoping most of this is boiler-plate stuff to you guys. I'm keen to not just get a working script but to actually understand it also. Unfortunately, I'm finding the Cisco reference material online very complex. Thank you!

    Read the article

  • ASR / SNMP on Exadata

    - by rene.kundersma
    Recently I worked with ASR on Exadata for multiple customers. ASR is a great functionality that enables your 'systems' to alert Oracle when hardware failures occur. Sun hardware is using ASM for sometime and since 2009/2010 this is also available for Exadata. My goal is not to re-write the documentation so for general information I like to refer to this link. So, where is this note about ? Well, it is about two things I experienced around setting up ASR. I like to provide my experience so others can be successful with ASR fast as well. (It is however expected that things will be updated in the latest documentation.) First, imagine yourself configuring SNMP traps to be sent to ASR. In this situation be sure to not erase any existing SNMP Subscribers settings for example the subscription to Enterprise Manager Grid Control or whatever you already subscribed for. So, when you have documentation stating to execute "cellcli -e alter cell snmpSubscriber=(host=, port=)" be sure to add existing snmpSubscribers when they exist. The syntax allows this: snmpSubscriber= ((host=host [,port=port] [,community=community][,type=ASR]) [,(host=host[,port=port][,community=community][,type=ASR])...) Second, when configuring SnmpSubscribers using DCLI you have to work with a slash to escape the brackets. Be sure to verify your SNMP settings after setting them because you might end up with a bracket in the 'asrs.state' file stating 'public\' in stead of 'public'. Having the extra slash after the word 'public' of course doesn't help when sending SNMP-traps: dcli -g dbs_group -l root -n "/opt/oracle.cellos/compmon/exadata_mon_hw_asr.pl -validate_snmp_subscriber -type asr" cn38: Sending test trap to destination - 173.25.100.43:162 cn38: (1). count - 50 Failed to run "/usr/bin/snmptrap -v 2c -c public\ -M "+/opt/oracle.cellos/compmon/" -m SUN-HW-TRAP-MIB 173.25.100.43:162 "" SUN-HW- TRAP-MIB::sunHwTrapTestTrap sunHwTrapSystemIdentifier s " Sun Oracle Database Machine secret" sunHwTrapChassisId s "secret" sunHwTrapProductName s "SUN FIRE X4170 SERVER" sunHwTrapTestMessage s "This is a test trap. Exadata Compute Server: cn38.oracle.com "" cn38: getaddrinfo: +/opt/oracle.cellos/compmon/ Name or service not known cn38: snmptrap: Unknown host (+/opt/oracle.cellos/compmon/) All together ASR is a great addition to Exadata that I highly recommend. Some excellent documentation is written on the implementation details and available on MyOracleSupport. See "Oracle Database Machine Monitoring (Doc ID 1110675.1)" Rene Kundersma Technical Architect Oracle Technology Services

    Read the article

  • How to See What Web Sites Your Computer is Secretly Connecting To

    - by Lori Kaufman
    Has your internet connection become slower than it should be? There may be a chance that you have some malware, spyware, or adware that is using your internet connection in the background without your knowledge. Here’s how to see what’s going on under the hood. Secret Squirrel by akumath HTG Explains: When Do You Need to Update Your Drivers? How to Make the Kindle Fire Silk Browser *Actually* Fast! Amazon’s New Kindle Fire Tablet: the How-To Geek Review

    Read the article

  • Quirks in .NET – Part 3 Marshalling Numbers

    - by thycotic
    Kevin has posted about marshalling numbers in the 3rd part of his ongoing blog series.   Jonathan Cogley is the CEO of Thycotic Software, an agile software services and product development company based in Washington DC.  Secret Server is our flagship enterprise password management product.

    Read the article

  • Getting Things Done for Programmers

    - by thycotic
    Ben has posted about one of my favorite topics – Getting Things Done from a programmer’s perspective.   Jonathan Cogley is the CEO of Thycotic Software, an agile software services and product development company based in Washington DC.  Secret Server is our flagship web-based password management product.

    Read the article

  • SubCut Scala Dependency Injection Framework

    - by kerry
    It’s no secret I am a fan of dependency injection.  So I was happy to hear that Dick Wall of the Java Posse recently released a dependency injection framework for scala.  Called SubCut, or Scala Uniquely Bound Classes Under Traits, the project is a ‘mix of service locator and dependency injection patterns designed to provide an idiomatic way of providing configured dependencies to scala applications’. It’s hosted on github, so ‘git’ (rimshot) over there and try it out: Dependency injection framework for Scala

    Read the article

  • Root Access: Don Dodge and Louis Gray on Entrepreneurs

    Root Access: Don Dodge and Louis Gray on Entrepreneurs Between them both, Don Dodge and Louis Gray have worked at the smallest of startups, raised VC rounds big and small, launched companies for the first time, and seen their share of successes and failures. Now at Google, they talk about some of the secret ingredients that make teams, ideas and companies work. From: GoogleDevelopers Views: 0 0 ratings Time: 00:00 More in Science & Technology

    Read the article

  • Using the Parallel class to make multithreading easy

    - by thycotic
    Kevin has posted about the Parallel class and how to use it to easily do multiple operations at once without radically changing the structure of your code.  Very neat stuff.   Jonathan Cogley is the CEO of Thycotic Software, an agile software services and product development company based in Washington DC.  Secret Server is our flagship enterprise password vault.

    Read the article

  • There once was in Dublin a query

    - by Paul Nielsen
    For 6 months I’ve have been planning a secret trip to London in May as a surprise for my wife (of Irish heritage and accent) (I love how she says, "Aye laddie, kiss me I'm Irish." but that's for another blog.) The plan was to spend a week in London and then top if off with a visit to Dublin to see the Book of Kells (on my bucket list) and stay at Markree Castle at Sligo, Ireland (on her bucket list). The original plan was to have her boss assign mandatory vacation a few days before the trip (her...(read more)

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 5 6 7 8 9 10 11 12 13 14 15 16  | Next Page >