Search Results

Search found 29222 results on 1169 pages for 'network security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 1009/1169 | < Previous Page | 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016  | Next Page >

  • CreateThread() fails on 64 bit Windows, works on 32 bit Windows. Why?

    - by Stephen Kellett
    Operating System: Windows XP 64 bit, SP2. I have an unusual problem. I am porting some code from 32 bit to 64 bit. The 32 bit code works just fine. But when I call CreateThread() for the 64 bit version the call fails. I have three places where this fails. 2 call CreateThread(). 1 calls beginthreadex() which calls CreateThread(). All three calls fail with error code 0x3E6, "Invalid access to memory location". The problem is all the input parameters are correct. HANDLE h; DWORD threadID; h = CreateThread(0, // default security 0, // default stack size myThreadFunc, // valid function to call myParam, // my param 0, // no flags, start thread immediately &threadID); All three calls to CreateThread() are made from a DLL I've injected into the target program at the start of the program execution (this is before the program has got to the start of main()/WinMain()). If I call CreateThread() from the target program (same params) via say a menu, it works. Same parameters etc. Bizarre. If I pass NULL instead of &threadID, it still fails. If I pass NULL as myParam, it still fails. I'm not calling CreateThread from inside DllMain(), so that isn't the problem. I'm confused and searching on Google etc hasn't shown any relevant answers. If anyone has seen this before or has any ideas, please let me know. Thanks for reading.

    Read the article

  • ASP.NET Web Application: use 1 or multiple virtual directories

    - by tster
    I am working on a (largish) internal web application which has multiple modules (security, execution, features, reports, etc.). All the pages in the app share navigation, CSS, JS, controls, etc. I want to make a single "Web Application" project, which includes all the pages for the app, then references various projects which will have the database and business logic in them. However, some of the people on the project want to have separate projects for the pages of each module. To make this more clear, this is what I'm advocating to be the projects. /WebInterface* /SecurityLib /ExecutionLib etc... And here is what they are advocating: /SecurityInterface* /SecutiryLib /ExecutionInterface* /ExecutionLib etc... *project will be published to a virtual directory of IIS Basically What I'm looking for is the advantages of both approaches. Here is what I can think of so far: Single Virtual Directory Pros Modules can share a single MasterPage Modules can share UserControls (this will be common) Links to other modules are within the same Virtual directory, and thus don't need to be fully qualified. Less chance of having incompatible module versions together. Multiple Virtual Directories Pros Can publish a new version of a single module without disrupting other modules Module is more compartmentalized. Less likely that changes will break other modules. I don't buy those arguments though. First, using load balanced servers (which we will have) we should be able to publish new versions of the project with zero downtime assuming there are no breaking database changes. Second, If something "breaks" another module, then there is either an improper dependency or the break will show up eventually in the other module, when the developers copy over the latest version of the UserControl, MasterPage or dll. As a point of reference, there are about 10 developers on the project for about 50% of their time. The initial development will be about 9 months.

    Read the article

  • Flex/Actionscript image display problem.

    - by IanH
    I'm trying to extend the Image class but hit a problem that I can't get past. I have a private image (img) that loads an image and a function that takes that image and copies it onto the parent. The debug function "copyit2" displays the image fine (so I know it's loaded OK). But the function "copyit" doesn't work - it just displays a white rectangle. I can't see how to make copyit work so that the original image is copied to the BitmapData and then subsequenty copied onto the parent? (The idea is to do some processing on the Bitmap data before it is displayed, although this isn't shown here to keep the example simple.) I suspect it is something to do with the security of loading images, but I'm loading it from the same server as the application is run from - so this shouldn't be a problem? Thanks for any help anyone can provide. Ian package zoomapackage { import flash.display.Bitmap; import flash.display.BitmapData; import flash.display.Sprite; import flash.events.MouseEvent; import flash.geom.Matrix; import flash.geom.Point; import flash.geom.Rectangle; import flash.net.*; import mx.controls.Image; import mx.events.FlexEvent; public dynamic class Zooma extends Image { private var img:Image; public function copyit():void { var imgObj:BitmapData = new BitmapData(img.content.width, img.content.height, false); imgObj.draw(img); var matrix:Matrix = new Matrix(); this.graphics.beginBitmapFill(imgObj, matrix, false,true); this.graphics.drawRect(0, 0, this.width , this.height); this.graphics.endFill(); } public function copyit2():void { this.source = img.source; } public function Zooma() { super(); img = new Image(); img.load("http://localhost/Koala.jpg"); } } }

    Read the article

  • Java website protection solutions (especially XSS)

    - by Mark
    I'm developing a web application, and facing some security problems. In my app users can send messages and see other's (a bulletin board like app). I'm validating all the form fields that users can send to my app. There are some very easy fields, like "nick name", that can be 6-10 alpabetical characters, or message sending time, which is sended to the users as a string, and then (when users ask for messages, that are "younger" or "older" than a date) I parse this with SimpleDateFormat (I'm developing in java, but my question is not related to only java). The big problem is the message field. I can't restrict it to only alphabetical characters (upper or lowercase), because I have to deal with some often use characters like ",',/,{,} etc... (users would not be satisfied if the system didn't allow them to use these stuff) According to this http://ha.ckers.org/xss.html, there are a lot of ways people can "hack" my site. But I'm wondering, is there any way I can do to prevent that? Not all, because there is no 100% protection, but I'd like a solution that can protect my site. I'm using servlets on the server side, and jQuery, on the client side. My app is "full" AJAX, so users open 1 JSP, then all the data is downloaded and rendered by jQuery using JSON. (yeah, I know it's not "users-without-javascript" friendly, but it's 2010, right? :-) ) I know front end validation is not enough. I'd like to use 3 layer validation: - 1. front end, javascript validate the data, then send to the server - 2. server side, the same validation, if there is anything, that shouldn't be there (because of client side javascript), I BAN the user - 3. if there is anything that I wasn't able to catch earlier, the rendering process handle and render appropriately Is there any "out of the box" solution, especially for java? Or other solution that I can use?

    Read the article

  • How can I limit asp.net control actions based on user role?

    - by Duke
    I have several pages or views in my application which are essentially the same for both authenticated users and anonymous users. I'd like to limit the insert/update/delete actions in formviews and gridviews to authenticated users only, and allow read access for both authed and anon users. I'm using the asp.net configuration system for handling authentication and roles. This system limits access based on path so I've been creating duplicate pages for authed and anon paths. The solution that comes to mind immediately is to check roles in the appropriate event handlers, limiting what possible actions are displayed (insert/update/delete buttons) and also limiting what actions are performed (for users that may know how to perform an action in the absence of a button.) However, this solution doesn't eliminate duplication - I'd be duplicating security code on a series of pages rather than duplicating pages and limiting access based on path; the latter would be significantly less complicated. I could always build some controls that offered role-based configuration, but I don't think I have time for that kind of commitment right now. Is there a relatively easy way to do this (do such controls exist?) or should I just stick to path-based access and duplicate pages? Does it even make sense to use two methods of authorization? There are still some pages which are strictly for either role so I'll be making use of path-based authorization anyway. Finally, would using something other than path-based authorization be contrary to typical asp.net design practices, at least in the context of using the asp.net configuration system?

    Read the article

  • JRuby app throws exception in Spring

    - by mat3001
    I am trying to run a JRuby app in Spring. I use Eclipse to run it. But it doesn't compile. Does anybody know what's going on here? Exception in thread "Launcher:/oflaDemo" [INFO] [Launcher:/oflaDemo] org.springframework.beans.factory.support.DefaultListableBeanFactory - Destroying singletons in org.springframework.beans.factory.support.DefaultListableBeanFactory@4a009ab0: defining beans [placeholderConfig,web.context,web.scope,web.handler,demoService.service]; parent: org.springframework.beans.factory.support.DefaultListableBeanFactory@f5d8d75 [INFO] [Launcher:/installer] org.red5.server.service.Installer - Installer service created org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'web.scope' defined in ServletContext resource [/WEB-INF/red5-web.xml]: Initialization of bean failed; nested exception is org.springframework.beans.TypeMismatchException: Failed to convert property value of type [org.springframework.scripting.jruby.JRubyScriptFactory] to required type [org.red5.server.api.IScopeHandler] for property 'handler'; nested exception is java.lang.IllegalArgumentException: Cannot convert value of type [org.springframework.scripting.jruby.JRubyScriptFactory] to required type [org.red5.server.api.IScopeHandler] for property 'handler': no matching editors or conversion strategy found at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:480) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory$1.run(AbstractAutowireCapableBeanFactory.java:409) at java.security.AccessController.doPrivileged(Native Method) I don't have a lot of experience with Spring, so I would really appreciate hits. If you're familiar with red5 - yes it's the oflademo app supplied by red5.

    Read the article

  • Another developer revoked and re-created my client's iOS Distribution Certificate - does this mean I can never update my client's existing app?

    - by Schnapple
    Here is the story so far: A client hired us to do an iPhone app for them. This client had never done an iPhone app before and as part of the arrangement we handled all aspects for them, including app store submission, and we handle some level of future development (new features, bug/security fixes, etc.) We created a Distribution certificate and key pair on the client's behalf We developed the app, published it to the App Store without incident Some time later the client hired a second developer to do a different app for them This second developer, it appears, has revoked the existing Distribution certificate and created a new one with a new key pair on their system This second developer shared the new Distribution certificate and key pair with us for future reference. Due to user error, this new certificate and key pair has now been imported onto the Macintosh where the original certificate and key pair for the original app we developed were created and the originals were not backed up. So we have App #1 on the App Store with Distribution certificate/key pair #1 App #2 either on the App Store or soon to be using Distribution certificate/key pair #2 Distribution certificate/key pair #1 appears to be lost now So my question is: if we ever need to update App #1, will we be able to, using Distribution certificate/key pair #2? Or will we have to upload it as a new app?

    Read the article

  • asp.net 3.5 app - can not load asemblies, "Strong name signature could not be verified", only when d

    - by hitsolutions
    Have developed an asp.net 3.5 application which consists of a we-site, some developed assemblies and some 3rd party assembles such as Telerik, Jayrock etc, all very much standard 3rd party apps. Created and built this app, tested on Win 2008 Eval running on a VM, all fine. Imagine my frustration when after installing on clients production Win 2008 server, that the app could not run and the error message was the "Strong name signature could not be verified. The assembly may have been tampered with, or it was delay signed ..." one. This was for all assembles in app (removed one and this kept popping up for a different assembly). Attempted to install on a machine on the network and received the same error. I am fairly baffled and a little freaked as I can not figure this out and time is rapidly running out. Have inspected all parts of server I know about (.NET, IIS7) but all seems fine. What could cause this? It sounds like there is a stricter security manifest on the production server - but where would I look and for what? It must be a group policy. only other item is that the machines are running Symantec ante-virus. The IT head is on hols so can't quiz him which is also frustrating - but as they say time waits for no man!

    Read the article

  • How can I refactor these script tags?

    - by Shpigford
    I have the following script tags in the <head> so that they don't prompt any security errors when going back and forth between SSL and non-SSL pages. But it just looks hairy. Any way I can combine them or reduce some of the code? <script type="text/javascript">document.write(["\<script src='",("https:" == document.location.protocol) ? "https://" : "http://","ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js' type='text/javascript'>\<\/script>"].join(''));</script> <script type="text/javascript">document.write(["\<script src='",("https:" == document.location.protocol) ? "https://" : "http://","html5shiv.googlecode.com/svn/trunk/html5.js' type='text/javascript'>\<\/script>"].join(''));</script> <script type="text/javascript">document.write(["\<script src='",("https:" == document.location.protocol) ? "https://" : "http://","use.typekit.com/12345.js' type='text/javascript'>\<\/script>"].join(''));</script>

    Read the article

  • Getting ellipses function parameters without an initial argument

    - by Tox1k
    So I've been making a custom parser for a scripting language, and I wanted to be able to pass only ellipses arguments. I don't need or want an initial variable, however Microsoft and C seem to want something else. FYI, see bottom for info. I've looked at the va_* definitions #define _crt_va_start(ap,v) ( ap = (va_list)_ADDRESSOF(v) + _INTSIZEOF(v) ) #define _crt_va_arg(ap,t) ( *(t *)((ap += _INTSIZEOF(t)) - _INTSIZEOF(t)) ) #define _crt_va_end(ap) ( ap = (va_list)0 ) and the part I don't want is the v in va_start. As a little background I'm competent in goasm and I know how the stack works so I know what's happening here. I was wondering if there is a way to get the function stack base without having to use inline assembly. Ideas I've had: #define im_va_start(ap) (__asm { mov [ap], ebp }) and etc... but really I feel like that's messy and I'm doing it wrong. struct function_table { const char* fname; (void)(*fptr)(...); unsigned char maxArgs; }; function_table mytable[] = { { "MessageBox", &tMessageBoxA, 4 } }; ... some function that sorts through a const char* passed to it to find the matching function in mytable and calls tMessageBoxA with the params. Also, the maxArgs argument is just so I can check that a valid number of parameters is being sent. I have personal reasons for not wanting to send it in the function, but in the meantime we can just say it's because I'm curious. This is just an example; custom libraries are what I would be implementing so it wouldn't just be calling WinAPI stuff. void tMessageBoxA(...) { // stuff to load args passed MessageBoxA(arg1, arg2, arg3, arg4); } I'm using the __cdecl calling convention and I've looked up ways to reliably get a pointer to the base of the stack (not the top) but I can't seem to find any. Also, I'm not worried about function security or typechecking.

    Read the article

  • What files does JDIC need to run?

    - by Domchi
    I'm trying to call JDIC from my application, but I can't get it to run. What files do I need and where? From what I've been able to gather from their site, I basically need to put jdic.jar in classpath... however there is also a lib folder with jdic.jar with a bit different size, and jdic_native_applet.jar, jdic_stub_unix.jar, jdic_stub_windows.jar and several folders with what I gather are platform specific files. I get this exception when instantiating AssociationService: java.lang.ClassNotFoundException: org.jdesktop.jdic.filetypes.internal.AppAssociationReaderFactory_windows at java.net.URLClassLoader$1.run(URLClassLoader.java:200) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:188) at java.lang.ClassLoader.loadClass(ClassLoader.java:307) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301) at java.lang.ClassLoader.loadClass(ClassLoader.java:252) at org.jdesktop.jdic.filetypes.AssociationService.<init>(Unknown Source) at QuickTest.main(QuickTest.java:101) I've tried last "official" release and last alpha release. I'm running Java 6 and Win7 64bit. Does JDIC even work under Win7 (or 64bit, although I use 32bit Java)? I see no release after 2006, and no activity in the project after about 2008... while Win7 came in 2009. I know that parts of JDIC, like Desktop, were included in Java 6, however that doesn't seem to be the case with file associations. And if it doesn't, are there any (hopefully cross-platform) alternatives for managing file associations? There are some things for Windows only that I tried, but that requires running native commands with administrator privileges which I don't know how to pull, apart from asking user to run my app as administrator and then use Runtime.exec()... If there are no alternatives to JDIC, I'm interested if anyone has managed to handle file associations well with cross-platform installers?

    Read the article

  • Protecting sensitive entity data

    - by Andreas
    Hi, I'm looking for some advice on architecture for a client/server solution with some peculiarities. The client is a fairly thick one, leaving the server mostly to peristence, concurrency and infrastructure concerns. The server contains a number of entities which contain both sensitive and public information. Think for example that the entities are persons, assume that social security number and name are sensitive and age is publicly viewable. When starting the client, the user is presented with a number of entities, not disclosing any sensitive information. At any time the user can choose to log in and authenticate against the server, given the authentication is successful the user is granted access to the sensitive information. The client is hosting a domain model and I was thinking of implementing this as some kind of "lazy loading", making the first request instantiating the entities and later refreshing them with sensitive data. The entity getters would throw exceptions on sensitive information when they've not been disclosed, f.e.: class PersonImpl : PersonEntity { private bool undisclosed; public override string SocialSecurityNumber { get { if (undisclosed) throw new UndisclosedDataException(); return base.SocialSecurityNumber; } } } Another more friendly approach could be to have a value object indicating that the value is undisclosed. get { if (undisclosed) return undisclosedValue; return base.SocialSecurityNumber; } Some concerns: What if the user logs in and then out, the sensitive data has been loaded but must be disclosed once again. One could argue that this type of functionality belongs within the domain and not some infrastructural implementation(i.e. repository implementations). As always when dealing with a larger number of properties there's a risk that this type of functionality clutters the code Any insights or discussion is appreciated!

    Read the article

  • Silverlight Business Application template with WCF is throwing warning.

    - by Manoj
    Hi, I am using the Silvelight Business Application template. I wrote a function which uses Membership.getUserList function to return the user list. I tried exposing it as Service using WCF. But when I try to compile the client side code it throws a warning saying "Client Proxy Generation for user_authentication.Web.Service1 failed'. Why does it happen? The complete warning message is: Warning 4 Client proxy generation for service 'user_authentication.Web.Service1' failed: Generating metadata files... Warning: Unable to load a service with configName 'user_authentication.Web.Service1'. To export a service provide both the assembly containing the service type and an executable with configuration for this service. Details:Either none of the assemblies passed were executables with configuration files or none of the configuration files contained services with the config name 'user_authentication.Web.Service1'. Warning: No metadata files were generated. No service contracts were exported. To export a service, use the /serviceName option. To export data contracts, specify the /dataContractOnly option. This can sometimes occur in certain security contexts, such as when the assembly is loaded over a UNC network file share. If this is the case, try copying the assembly into a trusted environment and running it.

    Read the article

  • Calling private constructors with Reflection.Emit?

    - by Jakob Botsch Nielsen
    I'm trying to emit the following IL: LocalBuilder pointer = il.DeclareLocal(typeof(IntPtr)); il.Emit(OpCodes.Ldarg_0); il.Emit(OpCodes.Stloc, pointer); il.Emit(OpCodes.Ldloca, pointer); il.Emit(OpCodes.Call, typeof(IntPtr).GetMethod("ToPointer")); il.Emit(OpCodes.Ret); The delegate I bind with has the signature void* TestDelegate(IntPtr ptr) It throws the exception Operation could destabilize the runtime. Anyone knows what's wrong? EDIT: Alright, so I got the IL working now. The entire goal of this was to be able to call a private constructor. The private constructor takes a pointer so I can't use normal reflection. Now.. When I call it, I get an exception saying Attempt by method <built method> to access method <private constructor> failed. Apparently it's performing security checks - but from experience I know that Reflection is able to do private stuff like this normally, so hopefully there is a way to disable that check?

    Read the article

  • parse.json of authenticated play request

    - by niklassaers
    I've set up authentication in my application like this, always allow when a username is supplied and the API-key is 123: object Auth { def IsAuthenticated(block: => String => Request[AnyContent] => Result) = { Security.Authenticated(RetrieveUser, HandleUnauthorized) { user => Action { request => block(user)(request) } } } def RetrieveUser(request: RequestHeader) = { val auth = new String(base64Decode(request.headers.get("AUTHORIZATION").get.replaceFirst("Basic", ""))) val split = auth.split(":") val user = split(0) val pass = split(1) Option(user) } def HandleUnauthorized(request: RequestHeader) = { Results.Forbidden } def APIKey(apiKey: String)(f: => String => Request[AnyContent] => Result) = IsAuthenticated { user => request => if(apiKey == "123") f(user)(request) else Results.Forbidden } } I want then to define a method in my controller (testOut in this case) that uses the request as application/json only. Now, before I added authentication, I'd say "def testOut = Action(parse.json) {...}", but now that I'm using authentication, how can I add parse.json in to the mix and make this work? def testOut = Auth.APIKey("123") { username => implicit request => var props:Map[String, JsValue] = Map[String, JsValue]() request.body match { case JsObject(fields) => { props = fields.toMap } case _ => {} // Ok("received something else: " + request.body + '\n') } if(!props.contains("UUID")) props.+("UUID" -> UniqueIdGenerator.uuid) if (!props.contains("entity")) props.+("entity" -> "unset") props.+("username" -> username) Ok(props.toString) } As a bonus question, why is only UUID added to the props map, not entity and username? Sorry about the noob factor, I'm trying to learn Scala and Play at the same time. :-) Cheers Nik

    Read the article

  • Linq to SQL duplicating entry when referencing FK

    - by Oscar
    Hi! I am still facing some problems when using LINQ-to-SQL. I am also looking for answers by myself, but this problem is so akward that I am having problems to find the right keywords to look for it. I have this code here: public CustomTask SaveTask(string token, CustomTask task) { TrackingDataContext dataConext = new TrackingDataContext(); //Check the token for security if (SessionTokenBase.Instance.ExistsToken(Convert.ToInt32(token)) == null) return null; //Populates the Task - the "real" Linq to SQL object Task t = new Task(); t.Title = task.Title; t.Description = task.Description; //****The next 4 lines are important**** if (task.Severity != null) t.Severity = task.Severity; else t.SeverityID = task.SeverityID; t.StateID = task.StateID; if (task.TeamMember != null) t.TeamMember = task.TeamMember; else t.ReporterID = task.ReporterID; if (task.ReporterTeam != null) t.Team = task.ReporterTeam; else t.ReporterTeamID = task.ReporterTeamID; //Saves/Updates the task dataConext.Tasks.InsertOnSubmit(t); dataConext.SubmitChanges(); task.ID = t.ID; return task; } The problem is that I am sending the ID of the severity, and then, when I get this situation: DB State before calling the method: ID Name 1 high 2 medium 3 low Call the method selecting "medium" as severity DB State after calling the method: ID Name 1 high 2 medium 3 low 4 medium The point is: -It identified that the ID was related to the Medium entry (and for this reason it could populate the "Name" Column correctly), but if duplicated this entry. The problem is: Why?!! Some explanation about the code: CustomTask is almost the same as Task, but I was having problems regarding serialization as can be seen here I don't want to send the Severity property populated because I want my message to be as small as possible. Could anyone clear to my, why it recognize the entry, but creates a new entry in the DB?

    Read the article

  • Editting CSS in iframe that sets Select tag's text color to black?

    - by Corey Ogburn
    This is a very specific question for a Google Chrome extension. http://www.meebo.com/mobile/ This page is where you're kicked to when you go to Meebo.com on an iPhone or Droid phone. But if you notice, the Status box where you can set yourself away or what you want your status to be has white text on a white background. In order to get a website to appear in a Google Chrome extension's popup window (the one that drops down when you click the icon next to the address bar) that isn't an included html file in the extension, I need to use an iFrame. I know that there's security measures about Cross-Site stuff like javascript and I'm not surprised I'm having trouble accessing the CSS. But there's a class, status, and it's color is white and I need to change that to black. I've tested it with Chrome's Inspect Element window and if I change that, I'll be fine. I've tried changing the manifest.json file to inject a CSS file using Content-Scripts, but nothing... I'm new to Chrome Extensions but I have experience doing web development.

    Read the article

  • Send file FTP over SSL with custom port number

    - by JM4
    I have asked the question before but in a different manner. I am trying taking form data, compiling into a temporary CSV file and trying to send over to a client via FTP over SSL (this is the only route I am interested in hearing solutions for unless there is a workaround to doing this, I cannot make changes). I have tried the following: ftp_connect - nothing happens, the page just times out ftp_ssl_connect - nothing happens, the page just times out curl library - same thing, given URL it also gives error. I am given the following information: FTPS Server IP Address TCP Port (1234) Username Password Data Directory to dump file FTP Mode: Passive very, very basic code (which I believe should initiate a connection at minimum): Code: <?php $ftp_server = "00.000.00.000"; //masked for security $ftp_port = "1234"; // masked but not 990 $ftp_user_name = "username"; $ftp_user_pass = "password"; // set up basic ssl connection $conn_id = ftp_ssl_connect($ftp_server, $ftp_port, "20"); // login with username and password $login_result = ftp_login($conn_id, $ftp_user_name, $ftp_user_pass); echo ftp_pwd($conn_id); // / echo "hello"; // close the ssl connection ftp_close($conn_id); ?> When I run this over a SmartFTP client, everything works just fine. I just can't get it to work using PHP (which is a necessity). Has anybody had success doing this in the past? I would be very interested to hear your approach.

    Read the article

  • Java Client interoperating with WSE 3.0 Web Service

    - by Dee
    I have a Interoperable Security Token Service (STS) that authenticates the User and then issues a SAML token. I also have transaction services that expects the SAML token in the incoming SOAP request header. For a client to make a call to transaction service, it first needs to authenticate with the STS, get the SAML token and then make a call to the transaction services. The STS is an interoperable service and can be invoked from a Java client. The Transaction services are build using WSE 3.0 framework, but the WSDL that it generates is not good enough for a Java client to understand it. I want my Java client to explicitly call the STS and then using the received SAML token make a call to Transaction Services. I tried with Netbeans and Metro WSIT toolkit. I was able to call the Transaction Services if it were implemented using WCF. With WCF Transaction Service the WSDL generated has complete information using which the Java client can figure out how to call to STS and then call the WCF Transaction service. How can my Java client explicitly call the STS and then in turn call the WSE 3.0 transaction services?

    Read the article

  • asp.net stored procedure problem

    - by kenom
    Why this code don't work,when i want run this code vwd 2008 express show me this error message:Invalid object name 'answers'. this is my ascx.cs code: using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Data; using System.Web.UI; using System.Web.UI.WebControls; using System.Web.Security; using System.Data.SqlClient; using System.Configuration; public partial class odgl : System.Web.UI.UserControl { protected void Page_Load(object sender, EventArgs e) { string connectionString = @"SANATIZEDSTRING!!!!"; using (SqlConnection cn = new SqlConnection(connectionString)) { using (SqlCommand dohvati = new SqlCommand("dbo.get_answers",cn)) { dohvati.CommandType = CommandType.StoredProcedure; SqlParameter izracun = new SqlParameter("@count", SqlDbType.Int); izracun.Direction = ParameterDirection.Output; dohvati.Parameters.Add(izracun); cn.Open(); dohvati.ExecuteNonQuery(); int count = Int32.Parse(dohvati.Parameters["@count"].Value.ToString()); Response.Write(count.ToString()); cn.Close(); } } } } and this is my stored procedure : set ANSI_NULLS ON set QUOTED_IDENTIFIER ON GO ALTER procedure [dbo].[get_answers] @ukupno int output as select @count= (SELECT COUNT(*) FROM answers) go

    Read the article

  • GPG error occurs while using "deb file:/local-path-to-repo ..." in /etc/apt/sources.list

    - by Chandler.Huang
    I need to install packages within non-internet connection environment. My plan is to download dist structure from Internet and then add file path to /etc/apt/sources.list. So I download related structure includes ubunt/dists/precise, precise-backports, precise-proposed, precise-security, precise-updates from a ftp mirror server. And then I remove original source and add the following to my /etc/apt/sources.list. deb file:path-to-local-ubuntu-directory/ precise main restricted multiverse universe deb-src file:path-to-local-ubuntu-directory/ precise main restricted multiverse universe Then I got GPG error as following after apt-get update. root@openstack:/~# apt-get update Ign file: precise InRelease Get:1 file: precise Release.gpg [198 B] Get:2 file: precise Release [50.1 kB] Ign file: precise Release Get:3 file: precise/main TranslationIndex [3,761 B] Get:4 file: precise/multiverse TranslationIndex [2,716 B] Get:5 file: precise/restricted TranslationIndex [2,636 B] Get:6 file: precise/universe TranslationIndex [2,965 B] Reading package lists... Done W: GPG error: file: precise Release: The following signatures were invalid: BADSIG 0976EAF437D05B5 Ubuntu Archive Automatic Signing Key <[email protected]> I had tried use the following steps after google but in vain. sudo apt-get clean cd /var/lib/apt sudo mv lists lists.old sudo mkdir -p lists/partial sudo apt-get update Is there any way to resolve this? And why this error occurs? Thanks a lot.

    Read the article

  • Database Programming in C#, returning output from Stored Proc

    - by jpavlov
    I am working at gaining an understanding at how to interface stored procedures with applications. My example is simple, but it doesn't display my columns and rows in the command prompt, instead it display System.Data.SqlClient.SqlDataReader. How do I display the rows from my stored procudure? ----Stored Proc-- ALTER PROCEDURE dbo.SelectID AS SELECT * FROM tb_User; ----- Below is the code: using System; using System.Data.SqlClient; using System.IO; namespace ExecuteStoredProc { class Program { static void Main(string[] args) { SqlConnection cnnUserMan; SqlCommand cmmUser; //SqlDataReader drdUser; //Instantiate and open the connection cnnUserMan = new SqlConnection("Data Source=.\\SQLEXPRESS;AttachDbFilename=c:\\Program Files\\Microsoft SQL Server\\MSSQL10.SQLEXPRESS\\MSSQL\\DATA\\UserDB.mdf; Integrated Security=True;Connect Timeout=30;User Instance=True"); cnnUserMan.Open(); //Instantiate and initialize command cmmUser = new SqlCommand("SelectID", cnnUserMan); cmmUser.CommandType = System.Data.CommandType.StoredProcedure; //drdUser = cmmUser.ExecuteReader(); Console.WriteLine(cmmUser.ExecuteReader()); Console.ReadLine(); } } } Thanks.

    Read the article

  • WCF newbie - how to install and use a SSL certificate?

    - by Shaul
    This should be a snap for anyone who's done it before... I'm trying to set up a self-hosted WCF service using NetTcpBinding. I got a trial SSL certificate from Thawte and successfully installed that in my IIS store, and I think I've got it correctly set up in the service - at least it doesn't exception out on me! Now, I'm trying to connect the client (this is still all on my dev machine), and it's giving me an error, "Message = "The X.509 certificate CN=ssl.mydomain.com, OU=For Test Purposes Only. No assurances., OU=IT, O=My Company, L=My Town, S=None, C=IL chain building failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider." Ooookeeeey... now what? Client code (I want to do this in code, not app.config): var baseAddress = "localhost"; var factory = new DuplexChannelFactory<IMyWCFService>(new InstanceContext(SiteServer.Instance)); factory.Endpoint.Address = new EndpointAddress("net.tcp://{0}:8000/".Fmt(baseAddress)); var binding = new NetTcpBinding(SecurityMode.Message); binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName; factory.Endpoint.Binding = binding; var u = factory.Credentials.UserName; u.UserName = userName; u.Password = password; return factory.CreateChannel()

    Read the article

  • Currently using View, Should I use a hard table instead?

    - by 1001010101
    I am currently debating whether my table, mapping_uGroups_uProducts, which is a view formed by the following table: CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `db`.`mapping_uGroups_uProducts` AS select distinct `X`.`upID` AS `upID`,`Z`.`ugID` AS `ugID` from ((`db`.`mapping_uProducts_Products` `X` join `db`.`productsInfo` `Y` on((`X`.`pID` = `Y`.`pID`))) join `db`.`mapping_uGroups_Groups` `Z` on((`Y`.`gID` = `Z`.`gID`))); My current query is: SELECT upID FROM uProductsInfo \ JOIN fs_uProducts USING (upID) column \ JOIN mapping_uGroups_uProducts USING (upID) -- could be faster if we use hard table and index \ JOIN mapping_fs_key USING (fsKeyID) \ WHERE fsName="OVERALL" \ AND ugID=1 \ ORDER BY score DESC \ LIMIT 0,30; which is pretty slow. (for 30 results, it requires about 10 secondes). I think the reason for my query being so slow is definitely due to the fact that that particular query relies on a VIEW which has no index to speed things up. +----+-------------+----------------+--------+----------------+---------+---------+---------------------------------------+-------+---------------------------------+ | id | select_type | table | type | possible_keys | key | key_len | ref | rows | Extra | +----+-------------+----------------+--------+----------------+---------+---------+---------------------------------------+-------+---------------------------------+ | 1 | PRIMARY | mapping_fs_key | const | PRIMARY,fsName | fsName | 386 | const | 1 | Using temporary; Using filesort | | 1 | PRIMARY | <derived2> | ALL | NULL | NULL | NULL | NULL | 19706 | Using where | | 1 | PRIMARY | uProductsInfo | eq_ref | PRIMARY | PRIMARY | 4 | mapping_uGroups_uProducts.upID | 1 | Using index | | 1 | PRIMARY | fs_uProducts | ref | upID | upID | 4 | db.uProductsInfo.upID | 221 | Using where | | 2 | DERIVED | X | ALL | PRIMARY | NULL | NULL | NULL | 40772 | Using temporary | | 2 | DERIVED | Y | eq_ref | PRIMARY | PRIMARY | 4 | db.X.pID | 1 | Distinct | | 2 | DERIVED | Z | ref | PRIMARY | PRIMARY | 4 | db.Y.gID | 2 | Using index; Distinct | +----+-------------+----------------+--------+----------------+---------+---------+---------------------------------------+-------+---------------------------------+ 7 rows in set (0.48 sec) The explain here looks pretty cryptic, and I don't know whether I should drop view and write a script to just insert everything in the view to a hard table. ( obviously, it will lose the flexibility of the view since the mapping changes quite frequently). Does anyone have any idea to how I can optimize my schema better?

    Read the article

  • i read that for RESTful websites. it is not good to use $_SESSION. Why is it not good? how then do i

    - by keisimone
    I read that it is not good to use $_SESSION. http://www.recessframework.org/page/towards-restful-php-5-basic-tips I am creating a WEBSITE, not web service in PHP. and i am trying to make it more RESTful. at least in spirit. right now i am rewriting all the action to use Form tags POST and add in a hidden value called _method which would be "delete" for deleting action and "put" for updating action. however, i am not sure why it is recommended NOT to use $_SESSION. i would like to know why and what can i do to improve. To allow easy authorization checking, what i did was to after logging in the user, the username is stored in the $_SESSION. Everytime the user navigates to a page, the page would check if the username is stored inside $_SESSION and then based on the $_SESSION retrieves all the info including privileges from the database and then evaluates the authorization to access the page based on the info retrieved. Is the way I am implementing bad? not RESTful? how do i improve performance and security? Thank you.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016  | Next Page >