Search Results

Search found 4244 results on 170 pages for 'ssl certificate'.

Page 142/170 | < Previous Page | 138 139 140 141 142 143 144 145 146 147 148 149  | Next Page >

• Send post to a different domain using JS

  - by Lior

  Hello, I'd like a post request to be sent once a certain text input field is changed, using javascript. So here is my current code: <input name="message" onchange="$.ajax({type: \"POST\", url: \"http://example.com/example.php\", data: \"message=\" + document.getElementsByName(\"message\")[0].value});" /> Now, it's working on a regular connection, but it's not working on a secured connection (SSL). I mean, the page is secured, but the request is sent to a non secured page. Is there a solution?

  Read the article

• How is 'processing credit card data' defined (PCI)?

  - by Chris

  If i have a web application and i receive credit card data transmitted via a POST request by a web browser over HTTPS and instantly open a socket (SSL) to a remote PCI compilant card processor to forward the data and wait for a response, am i allowed to do that? or is this receiving the data with my application and forwarding it already subject of "processing credit card data"? if i create an iframe that is displayed in a client browser to enter cc data and this iframe posts the data via HTTPS to remote card processor (directly!) is this already a case of processing credit card data? even if my application code 'doesnt touch' the entered data with any event handlers? i'm interested in the definition "credit card data processing". when does it start to be a cc data processing application? can somebody maybe point me to that section in PCI-DSS standard that clearly defines when you start to 'be a processing application'? Thanks,

  Read the article

• Android:How to avoid XML verification failed error and Upgrading to 2.x SDK successfully?

  - by user187532

  Hi, I have setup for Android development with 1.5 SDK on Mac O.S X - Eclipse 3.5. I want to upgrade the SDK, so as i followed to choose Window-Android SDK and AVD Manager from Eclipse. But it throws error as follows: XML verification failed for https://dl-ssl.google.com/android/repository/repository.xml. Error: cvc-elt.1: Cannot find the declaration of element 'sdk:sdk- repository'. Failed to fetch URL I tried "http" instead of https, but still getting the same error. I don't know why such crap error comes. If i see Android website, http://developer.android.com/intl/zh-CN/sdk/index.html its confusing. Could someone guide me easily to update Android SDK to 2.x or later without uninstalling my current setup environment. Thanks. I appreciate your kind suggestions.

  Read the article

• What's the role of the parentheses in the following piece of code?

  - by Emanuil

  This is the tracking code for Google Analytics: var _gaq = _gaq || []; _gaq.push(["_setAccount", "UA-256257-21"]); _gaq.push(["_trackPageview"]); (function() { var ga = document.createElement("script"); ga.type = "text/javascript"; ga.async = true; ga.src = ("https:" == document.location.protocol ? "https://ssl" : "http://www") + ".google-analytics.com/ga.js"; var s = document.getElementsByTagName("script")[0]; s.parentNode.insertBefore(ga, s); })(); You can see that the function is inside parentheses. Why do you think is that?

  Read the article

• Converting LDAP from Tomcat to GlassFish

  - by Jon

  Hi, I have a simple web-app that is developed in Netbeans(6.8) and works fine in Tomcat(6) using LDAP(Active Directory). I need to convert this to an EE (JSF2), so I am moving from Tomcat to GlassFish(v3). I have changed the web files to xhtml and configured the xml files. However, I cannot get the GlassFish LDAP configuration to authenticate. I am attaching my old web.xml and server.xml (from Tomcat) snippets and the portions of the new web.xml, sun-web.xml, and the GlassFish configuration. If anyone can help me figure out where I am missing the piece that will allow a user to be authenticated, I would appreciate it. (btw, I am not using roles, just authenticating against the LDAP db is good enought.) As it is right now, my app will prompt me to enter a user when I try to access a file in the 'protected' area and the GlassFish server throws an exception when it fails to authenticate. Because it works under Tomcat, I know I have the right information, I just don't know how to format it to get GlassFish to pass it along. Thanks. TOMCAT FILES: - Tomcat server.xml: web.xml: <web-resource-collection> <web-resource-name>Protected Area</web-resource-name> <description>Authentication Required</description> <url-pattern>/faces/protected/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>*</role-name> </auth-constraint> * BASIC Please enter your user name and password: GLASSFISH FILES: (I enabled the Security Manager on the Security panel, set the Default Realm to 'LDAPRealm', and added "-Djava.naming.referral=follow" JVM options.) - domain.xml: <auth-realm name="certificate" classname="com.sun.enterprise.security.auth.realm.certificate.CertificateRealm" /> <auth-realm classname="com.sun.enterprise.security.auth.realm.ldap.LDAPRealm" name="LdapRealm"> <property description="()" name="search-bind-password" value="xxxxxxxx" /> <property description="()" name="search-bind-dn" value="cn=xxxxxxxx,ou=Administrators,ou=Information Technology,ou=ITTS,ou=Administrative,ou=xxx,dc=xxxxxx,dc=xxx" /> <property name="jaas-context" value="ldapRealm" /> <property name="base-dn" value="ou=xxx,dc=xxxxxx,dc=xxx" /> <property name="directory" value="ldap://xxxx.xxxxxx.xxx:389" /> <property name="search-filter" value="(&amp;(objectClass=user)(sAMAccountName=%s))" /> </auth-realm> -web.xml: <security-constraint> <display-name>protected</display-name> <web-resource-collection> <web-resource-name>ProtectedArea</web-resource-name> <description/> <url-pattern>/faces/protected/*</url-pattern> </web-resource-collection> <auth-constraint> <description/> <role-name>*</role-name> </auth-constraint> </security-constraint> <security-role> <description/> <role-name>*</role-name> </security-role> <login-config> <auth-method>FORM</auth-method> <realm-name>LDAPRealm</realm-name> <form-login-config> <form-login-page>/faces/login.xhtml</form-login-page> <form-error-page>/faces/loginError.xhtml</form-error-page> </form-login-config> </login-config> sun-web.xml: Here is the exception that it throws: SEVERE: SEC1113: Exception in LdapRealm when trying to authenticate user. javax.security.auth.login.LoginException: javax.security.auth.login.LoginException: User yyyyyyy not found. at com.sun.enterprise.security.auth.realm.ldap.LDAPRealm.findAndBind(LDAPRealm.java:450)

  Read the article

• Jar extraction and verification in BlackBerry

  - by Basilio

  Hi All, The application I am currently working on requires me to extract contents from and verify the authenticity of the signed jar that is stored on the SD Card. In Java [and Android], we have the java.util.jar and java.util.zip classes, that allow to extract jar. However, J2ME or BlackBerry® does not provide support for these packages. I have, however, successfully extracted these using the third party ZipMe library. Can anyone let me know, how to get the signature block from the .DSA/.RSA file to authenticate the jar? I have the certificate that was used to sign the jar as well. This is easily done in Java using the getCertificates() method available in java.util.jar.JarFile. Is there any 3rd party API available that emulates the JarFile for BlackBerry®? Any help in this regard will be deeply appreciated. Thanks & Regards Basilio John Vincent D'souza

  Read the article

• when i download file from my website which contains grid and in one of the column of grid there is d

  - by SmartDev

  Hi, I have page called filedownload.aspx , it contains grid and in grid they are three columns and in one of the column there is button which says Download , when user clicks on that button it picks file id and gives the download box to user with three options Open save and cancel . Now the problem is that when user clicks on the download button in grid it gives this ERROR: INTERNET EXPLORER CANNOT DOWNLOAD FILEDOWNLOAD.ASPX FROM ABC.XYZ.COM (MY URL EXAMPLE) INTERNET EXPLORER WAS NOT ABLE TO OPEN THIS SITE .THE REQUEST SITE IS EITHER UNAVAILABLE OR CANNOT BE FOUND . ONE MORE THING IS THT RECENTLY WE IMPLEMENTED SSL AND FROM HTTP WE MOVE TO HTTPS WITH NAME CHANGE IN URL ALSO BFEORE IT WAS AND NOW ITS . NOW WHEN I CHANGE THE URL TO OLD ONE THE PAGE IS WORKING FINE . CAN ANYONE HELP ME ON THIS ? THANKS, SMARTDEV

  Read the article

• What are best practices for securing the admin section of a website?

  - by UpTheCreek

  I'd like to know what people consider best practice for securing the Admin sections of websites, specifically from an authentication/access point of view. Of course there are obvious things, such as using SSL and logging all access, but I'm wondering just where above these basic steps people consider the bar to be set. For example: Are you just relying on the same authentication mechanism that you use for normal users? If not, what? Are you running the Admin section in the same 'application domain'? What steps do you take to make the admin section undiscovered? (or do you reject the while 'obscurity' thing)

  Read the article

• Is it possible to use HTTPS certificates for licensing?

  - by Ton van den Heuvel

  I am working on an application with multiple clients and a server running various web-services for the clients. To implement licensing I am thinking about using HTTPS as a protocol for the web-services using certificates that are issued by our company. By influencing the expiration date of a certificate for a client we can prevent them from using our software after their license term. It this possible and does it make sense to you? Additional information: I am planning on using Qt/C++ for the clients, and the Twisted framework for the web-services.

  Read the article

• Implementing a 'Send Feedback' feature in a Java desktop application

  - by William

  I would like to implement a 'Send Feedback' option in a Java desktop application. One which will pop up a box for the user to enter a comment, then send it to us along with a screenshot of the application window. How would be the best way to communicate the data to us? Two obvious solutions spring to mind: Email - I'm thinking that the application would connect to an SMTP server set-up by us, with the username/password somehow hidden in the code. SMTP over SSL for security (not of the data being sent, but of the SMTP username/password). Web service - pretty self explanatory. Which of these would be best, or is there a better alternative?

  Read the article

• OpenSSL: SessionTicket TLS extension problem

  - by rursw1

  Hello, I'm using an application which uses OpenSSL for client TLS side. We upgrade the OpenSSL version from 0.9.8e to 0.9.8k. And then TLS doesn't work... Wireshark shows that the new version (with OpenSSL 0.9.8k) sends the client hello packet with a SessionTicket extension - and the server side responds with a fatal internal error. The previous version sends an almost identical hello packet, but without the SessionTicket ext. When I replaced TLSv1_client_method with SSLv23_client_method, everything worked fine - the sent client hello packet was a SSLv2 one (In the sniffer) without any extension (as it wasn't TLS but SSL?) Is there a better way to disable this extension or to solve the problem in another way? Thanks in advance, rursw1

  Read the article

• how can I send messages to/from a Websphere Message Broker from an embedded C client (no JVM)?

  - by queBurro

  What are my options for pubsubing (or point to point but pubsub is better) messages to and from an IBM message broker from an embedded headless C/C++ linux client that doesn't have a JVM? Ideally we want large file transfer (2GB once per day off of the client) encryption (SSL) reliable ('assured' delivery / QoS2, maybe QoS1 would do) The client in question currently only has exes and some bash scripts, I've been playing with MQTTv3 and RSMB, but for that I'd have to chomp the large files up (and reassemble back home) and I don't want to get into that if there's a transport that will do this for me? I've looked at MQTTv5 (but our client's got no JVM); JMS (no JVM) and XMS? which again looks like it gives me a C API but then needs the JVM to be installed on the client (or am I wrong?) any clues or hints would be appreciated, cheers

  Read the article

• Xcode 3.2 says the version of iPhone OS isn't supported when my iPhone OS is version 3.1.3

  - by fr0man

  I just went through the whole certificate/keychain/provisioning/appID/profile/DNA test process to get my app running on my iPhone. Turns out my iPhone OS was out of date (3.0.1 I think), so I updated it. Now it says The version of iPhone OS on “Stefanie's phone” does not match any of the versions of iPhone OS supported for development with this copy of Xcode. Please restore the device to a version of the OS listed below. If necessary, the latest version of Xcode is available here. OS Installed on Stefanie's phone 3.1.3 (7E18) Xcode Supported iPhone OS Versions 3.1.2 (7D11) 3.1.1 (7C146) 3.1.1 (7C145) 3.1 (7C144) 3.0.1 (7A400) 3.0 2.2.1 2.2 2.1.1 2.1 2.0.2 (5C1) 2.0.1 (5B108) 2.0 (5A347) But I have Xcode 3.2.1, which is supposed to support iPhone OS 3.1.3. What am I doing wrong? I have a cruddy internet connection (HughesNet), so I can't upgrade the Xcode SDK without it taking literally days.

  Read the article

• nginx improperly forwards to https, adds two trailing slashes when rewriting

  - by Kevin

  I'm using nginx as a proxy for a django project on mod_wsgi and to serve the static content. I have two domain names for it: asdf-example.com and asdfexample.com. I want to use rewrites to redirect everything to www.asdf-example.com They're not quite working the way they should: asdf-example.com forwards to https:// www.asdf-example.com, which fails because I'm not using SSL. Though asdf-example.com/search forwards to http://.... asdfexample.com and www.asdfexample.com both forward to www.asdf-example.com//, which looks weird. My config file: server { listen 80; server_name asdf-example.com asdfexample.com; if ($host ~* ^asdf-example\.com){ rewrite ^(.*)$ http://www.asdf-example.com/$1 permanent; } if ($host ~* ^asdfexample\.com){ rewrite ^(.*)$ http://www.asdf-example.com/$1 permanent; } if ($host ~* ^www\.asdfexample\.com){ rewrite ^(.*)$ http://www.asdf-example.com/$1 permanent; } ... Thanks

  Read the article

• Paypal Payflow pro library

  - by John Stewart

  I already have an express checkout integrated with my Codeigniter application. Now I want to integrate seamless paypal where I collect the CC information and pass it to Paypal (via backend) and once everything is approved, my application shows that to the user. All this with out ever going to Paypal's website. I know that Paypal gives a bunch of sample code but they have so many different products that advertise to do the same thing. Is there any wrapper library in PHP that I can use for handling all this? What sort of design decision is involved in migrating to such system? Would I need SSL certificates for this?

  Read the article

• Web services Authentication Jungle

  - by redben

  I have been doing some research lately about best approaches to authenticating web services calls (REST SOAP or whatever). But none of the Approaches convinced me... But i still can't a make a choise... Some talk about SSL and http basic authentication -login/password- which just seems weird for a machine (i mean having to assign a login/password to a machine, or is it not ?). Some others say API keys (seems like these scheme is more used for tracking and not realy for securing). Some say tokens (like session IDs) but shouldn't we stay stateless (especially if in REST style) ? In my use case, when a remote app is calling one of our web services, i have to authenticate the calling application obviously, and the call must - if applicable - tell me which user it impersonates so i can deal with authorization later. Any thoughts ?

  Read the article

• Using java class HttpsURLConnection

  - by KB22

  Hi all, I have a small piece of code which basically impements a HTTP-Client, i.e. it POSTS request and works with re RESPONSE. As long as HTTP is concenerned everthing work well. For some reason I now have to support HTTPS too. So here is briefly what I do in order to get a connection opened: URL url = new URL(serverAddress); HttpsURLConnection httpsConn = (HttpsURLConnection) url.openConnection(); This fails, stating: sun.net.www.protocol.https.HttpsURLConnectionImpl cannot be cast to com.sun.net.ssl.HttpsURLConnection I guess this is kinda trivial, but I just don't get what I'm doing wrong in this one... Googled it, and the code just looks right - not? any ideas are appreciated! thanks, K

  Read the article

• How to send news letters in zend

  - by Sherif

  i am trying to send something like news letter Via Zend_Mail but after 12 mail i got this message Fatal error: Maximum execution time of 30 seconds exceeded in C:\Program Files\Zend\Apache2\htdocs\forga\library\Zend\Mail\Protocol\Abstract.php on line 321 my Code is like: $smtpHost = 'smtp.gmail.com'; $smtpConf = array( 'auth' = 'login', 'ssl' = 'tls', 'port' = '587', 'username' ='[email protected]', 'password' = 'xxxxxxxx' ); $transport = new Zend_Mail_Transport_Smtp($smtpHost, $smtpConf); foreach($users as $user) { $mail = new Zend_Mail(); $mail-setFrom("[email protected]", 'Forga'); $mail-setSubject($subject); if($html=='on') $mail-setBodyHtml($message); else $mail-setBodyText($message); $mail-addto($user); $transport-send($mail); }

  Read the article

• Can you create a HIPAA compliant Amazon S3 Web Application?

  - by xkingpin

  I am facing some questions when trying to design an S3 application using ASP.NET MVC and trying to stay HIPAA compliant. My initial plan was to require an SSL connection to my web server, encrypt the images on my server, then send them to s3 using my private keys. Here's my obvious concerns: You cannot store unencrypted images in any temporary file cache when client views images within the browser. Even if I setup an ashx to generically handle the image in memory, couldn't this get stored in cache? Saying the images will be encrpyted because you will be connecting to my server via https still does not guarantee all browsers will not cache data. It's not possible to even consider the "Query String" with expiration option since data will be encrypted before being stored on disk at s3, and will again be decrypted at my server in memory. I think my only option would be to write/purchase some sort of ActiveX component that will not expose the image as a simple html image source or write my app as a client side WinForm application.

  Read the article

• Has anyone managed to get jdotnetservices working on Android ?

  - by Bert

  I am trying to use jdotnetservices (http://www.jdotnetservices.com/), which is a java SDK for Windows Azure AppFabric, in an Android application. I have had to make some tweaks but only minor ones because jdotnetservices is written to target Java 1.6 and Android uses 1.5. I can get it to compile and run OK but I'm getting errors when I try to access the service bus ACS. Specifically, if I try to get a token from the service bus ACS I get this : Hostname mysolution-sb.accesscontrol.windows.net was not verified. Can anyone give me some pointers as to why this might be ? I can browse to the url of the ACS from Android : https://mysolution-sb.accesscontrol.windows.net/wrapv0.9 which gives me a certificate error, could this be why ? Any way round this ?

  Read the article

• Remote application monitoring through Visual GC

  - by Poole

  I am trying to monitor an application available on remote machine using VisualVM & Visual GC. I have enabled the jmxremote on the remote side as follows: -Dcom.sun.management.jmxremote, -Dcom.sun.management.jmxremote.port=8888, -Dcom.sun.management.jmxremote.ssl=false, -Dcom.sun.management.jmxremote.authenticate=false While monitoring through VisualVM, everything runs fine but VisualGC doesn't displays any stats (getting Not Supported for this JVM error). While tried to monitor one local application, VisualGC runs fine... Got success with the remote app once started jstad on the remote jvm. Is this a known issue with VisualGC...? Remote JVM - 1.5 Local JVM - 1.6

  Read the article

• Allowing New Users to Invite Their Gmail Contacts

  - by John

  Hello, For my site, I would like to give new users the option to invite all of their Gmail contacts to join. What is the basic step-by-step process to set this up? (Also, is it necessary to buy an SSL for this?) Thanks in advance, John EDIT: My site has a basic login where users set up a username and password. I would like to give users the option to invite their Gmail contacts right after they create their new profile. I would also like to give them the option to invite their Gmail contacts anytime they want.

  Read the article

• Writing iPhone apps on linux - What tools do you need

  - by Sia.G

  Hello. I wanted to know if it's possible to WRITE and COMPILE/TEST iPhone apps on a linux platform. I've been on google for a couple of days now, and people either talk about "Mac OS X only!", or "Develop jailbroke apps on Linux". My dev partner has a mac and has a certificate to sign the apps. I don't have a mac, but I will be doing most of the development. So what I want to do is simply develop/test the app in linux, and when it's finished, simply hand over the code to him, who will then compile the finalized app and sign it ready for submission to the app store. Could anyone tell me what linux tools I would need to accomplish this?

  Read the article

• changing src reference based upon https

  - by spody

  I'm adding a facebook comment widget to a website. I'm placing this widget in a file that is included on everypage. The navigation is relatively linked so it switches back and forth from http and https. But for some reason the comment widget only shows up if both the src linked file and webpage is secure or both the src linked file and webpage is NOT secure. The widget does not display of the src file is secure and the webpage is not secure. So... I've tried this but doesn't work. if (window.location.protocol == 'https:') script.setAttribute('src', 'https://ssl.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php'); } else { script.setAttribute('src', 'http://static.ak.connect.facebook.com/connect.php/en_US') }

  Read the article

• UrlRewriteFilter Direct to https

  - by adi

  I am using UrlRewriteFilter to redirect to SSL. I am running Glassfishv2. My rule looks something like this now. It's in my urlrewrite.xml in WEB-INF of my war folder. Is there any other glassfish setting that needs to be set? <rule> <condition name="host" operator="notequal">https://abc.def.com</condition> <condition name="host" operator="notequal">^$</condition> <from>^/(.*)</from> <to type="permanent-redirect" last="true">https://abc.def.com/ghi/$1</to> </rule> But FF keeps saying that the URL redirect rule is in a way that it will never complete. I am not exactly sure whats happening here. any ideas?

  Read the article

< Previous Page | 138 139 140 141 142 143 144 145 146 147 148 149  | Next Page >