Search Results

Search found 25324 results on 1013 pages for 'folder security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 143/1013 | < Previous Page | 139 140 141 142 143 144 145 146 147 148 149 150  | Next Page >

  • AutoMapper and SecurityException in IIS

    - by Felipe
    Hi everybody... I'm developing a asp.net mvc application with nhibernate and I would not like to expose my objects mappings with NHibernate, so I created DTO for each entity and I'm trying to convert my Domain objects to DTO and send it to View. So I have in my sollution: ClassLibrary with my Domain (for NHibernate) and DTO objetcs Class library to make a SessionFactory adn Factories in my Project Asp.Net MVC 2 Application So, I download AutoMapper to transform Domain objects in DTO and add a the code to do this in Application_Start of global.asax. When I run in VisualStudio (by pressing F5) it works fine and my dtos are into the view, So when I publish this in IIS, I get a security exception =( in first line of conversion: Mapper.CreateMap(); <--- this line throw exception Mapper.CreateMap(); System.Security.SecurityException: Failed request for the permission of type 'System.Security.Permissions.ReflectionPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'. What can I do to resolve this to work in IIS ? When I will publish it on web server, the error will get too :( Thanks Cheers

    Read the article

  • ASN1 out of memory. during a signedCMS.decode

    - by JL
    I am having a problem using the signedCMS.decode routine. See the code below. The error seems to occur when the file size is too big in this case 11MB. private static void RemoveZfoSignature(string zfoFileName) { byte[] fileContents = File.ReadAllBytes(zfoFileName); var contentInfo = new ContentInfo(fileContents); var signedCms = new SignedCms(contentInfo); // This line throws the error 100% of the time signedCms.Decode(fileContents); signedCms.RemoveSignature(0); byte[] outfile = signedCms.ContentInfo.Content; string outFileName = zfoFileName.Replace(".zfo", "_tmp.zfo"); File.WriteAllBytes(outFileName, outfile); } Here is the exact error: "System.Security.Cryptography.CryptographicException: ASN1 out of memory. at System.Security.Cryptography.Pkcs.SignedCms.OpenToDecode(Byte[] encodedMessage, ContentInfo contentInfo, Boolean detached) at System.Security.Cryptography.Pkcs.SignedCms.Decode(Byte[] encodedMessage) at ConsoleApplication2.Program.RemoveZfoSignature(String zfoFileName) in C:\\Users\\\\Documents\\Visual Studio 2008\\Projects\\ConsoleApplication2\\ConsoleApplication2\\Program.cs:line 30" Any idea on how to fix this?

    Read the article

  • Per-User basis security with restful_authentication in Rails ?

    - by benoror
    Hi! I'm using restful_authentication plugin, but I would like to have per-user security, for example: class PostsController < ApplicationController # Login required before_filter :login_required, :except => [ :index, :show ] # Only the same user can create, edit and delete their own posts before_filter :only_by_same_user, :only => [ :create, :update, :destroy ] end Thanks!

    Read the article

  • Consuming secured WCF service through basicHTTPbinding

    - by Jason M
    I am consuming an secured service hosted over basicHttpBinding I have to pass credentials to the service for authenticatioon Here’s the config setting for the client <security mode="TransportWithMessageCredential"> <transport clientCredentialType="None" proxyCredentialType="None" realm="" /> <message clientCredentialType="UserName" algorithmSuite="Default" /> </security> While calling the service, I am getting following exception message An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail. Message = "An invalid security token was provided (Bad UsernameToken Values)” I not sure how to get it working I am curious if somebody can help me out or provide me any url where I could find the solution

    Read the article

  • Questions and considerations to ask client for designing a database

    - by Julia
    Hi guys! so as title says, I would like to hear your advices what are the most important questions to consider and ask end-users before designing database for their application. We are to make database-oriented app, with special attenion to pay on db security (access control, encryption, integrity, backups)... Database will also keep some personal information about people, which is considered sensitive by law regulations, so security must be good. I worked on school projects with databases, but this is first time working "in real world", where this db security has real implications. So I found some advices and questions to ask on internet, but here I always get best ones. All help appreciated! Thank you!

    Read the article

  • WindowsIdentity Token in Legacy ASP

    - by Max Schmeling
    I've created a .Net library at work that is used by all of our developers. The security part of it uses Microsoft AzMan for the security backend. In order to create a security (AzMan) ClientContext I have to pass it a token value (as a uint). This is all fine an dandy until I needed to make a COM wrapper for our common library so some of our legacy pages could take advantage of it without being rewritten for now. I cannot figure out how to get the token value to pass to AzMan from legacy ASP. The COM wrapper is setup to run as a COM Server and runs as a specific user that we use here for all COM objects, therefor the common library can't just pull the identity using .Net. Any ideas?

    Read the article

  • SQLite assembly not copied to output folder for unit testing

    - by Groo
    Problem: SQLite assembly referenced in my DAL assembly does not get copied to the output folder when doing unit tests (Copy local is set to true). I am working on a .Net 3.5 app in VS2008, with NHibernate & SQLite in my DAL. Data access is exposed through the IRepository interface (repository factory) to other layers, so there is no need to reference NHibernate or the System.Data.SQLite assemblies in other layers. For unit testing, there is a public factory method (also in my DAL) which creates an in-memory SQLite session and creates a new IRepository implementation. This is also done to avoid have a shared SQLite in-memory config for all assemblies which need it, and to avoid referencing those DAL internal assemblies. The problem is when I run unit tests which reside a separate project - if I don't add System.Data.SQLite as a reference to the unit test project, it doesn't get copied to the TestResults...\Out folder (although this project references my DAL project, which references System.Data.SQLite, which has its Copy local property set to true), so the tests fail while NHibernate is being configured. If I add the reference to my testing project, then it does get copied and unit tests work. What am I doing wrong?

    Read the article

  • Thin permissions in etc folder (Ubuntu)

    - by Apollo
    I am working on a RoR server setup that uses Thin and Nginx. It works fine, but only if I manually add the folder /etc/thin and set the permissions to 777 in order to use the command below: thin config -C /etc/thin/testapp.yml -c /var/www/testapp --servers 1 -e production If I don't set it to 777, I get this error: me@UbuntuRails:/etc$ thin config -C /etc/thin/testapp.yml -c /var/www/testapp --servers 1 -e production /usr/local/rvm/gems/ruby-1.9.3-p286@rails328/gems/thin-1.5.0/lib/thin/controllers/controller.rb:115:in initialize': Permission denied - /etc/thin/testapp.yml (Errno::EACCES) from /usr/local/rvm/gems/ruby-1.9.3-p286@rails328/gems/thin-1.5.0/lib/thin/controllers/controller.rb:115:inopen' from /usr/local/rvm/gems/ruby-1.9.3-p286@rails328/gems/thin-1.5.0/lib/thin/controllers/controller.rb:115:in config' from /usr/local/rvm/gems/ruby-1.9.3-p286@rails328/gems/thin-1.5.0/lib/thin/runner.rb:187:inrun_command' from /usr/local/rvm/gems/ruby-1.9.3-p286@rails328/gems/thin-1.5.0/lib/thin/runner.rb:152:in run!' from /usr/local/rvm/gems/ruby-1.9.3-p286@rails328/gems/thin-1.5.0/bin/thin:6:in' from /usr/local/rvm/gems/ruby-1.9.3-p286@rails328/bin/thin:19:in load' from /usr/local/rvm/gems/ruby-1.9.3-p286@rails328/bin/thin:19:in' from /usr/local/rvm/gems/ruby-1.9.3-p286@rails328/bin/ruby_noexec_wrapper:14:in eval' from /usr/local/rvm/gems/ruby-1.9.3-p286@rails328/bin/ruby_noexec_wrapper:14:in' I don't like to set this folder to a 777, sounds like a rubbish workaround. I run everything from an admin user account, not root. RVM runs from my admin user and gem only works in my admin as well. If I sudo that action, nothing happens because my root doesn't "know" thin. Which is the correct way to handle this? Thanks!

    Read the article

  • silverlight 4 net tcp binding security

    - by SLfan
    This document talks about how to send username and password from SL4 app to a web service. It assumes that HTTPS will be used for transport. However, I want to use NET TCP because of its speed. Is that possible because another article says net tcp in SL4 does not provide transport level security. If that's incorrect then how do I convert the https implementation to net tcp?

    Read the article

  • Broken images and security warnings in Facebook Connect

    - by Adam
    I'm hoping this is just a bug on Facebook's end that will be fixed soon, but in my Facebook Connect app I'm launching the dialogue FB provides to make a post. This dialogue is launched on a page with an SSL connection. In this dialogue the profile pic for some users comes up with a security warning while others display correctly. I'm already setup to use Facebook's SSL javascript file instead of the HTTP file.

    Read the article

  • Security warnings in Facebook Connect

    - by Adam
    I'm hoping this is just a bug on Facebook's end that will be fixed soon, but in my Facebook Connect app I'm launching the dialogue FB provides to make a post. This dialogue is launched on a page with an SSL connection. In this dialogue the profile pic for some users comes up with a security warning while others display correctly. I'm already setup to use Facebook's SSL javascript file instead of the HTTP file.

    Read the article

  • java.security.AccessControlException: access denied Exception

    - by Nila
    Hi! I'm trying to do a simple program for RMI. But, I'm getting the following exception while running the line Naming.rebind("interfacename",Remoteserverobject); java.security.AccessControlException: access denied (java.net.SocketPermission 127.0.0.1:1099 connect,resolve) How to overcome this problem. Thanks in advance

    Read the article

  • Axis2 custom handler to turn security off

    - by Michael
    I have a WCF service endpoint exposed over wsHttp binding with zero security config. When i call the service from Java I get the following error: org.apache.axis2.AxisFault: Must Understand check failed for header http://www.w3.org/2005/08/addressing : Action at org.apache.axis2.engine.AxisEngine.checkMustUnderstand(AxisEngine.java:102) How do I set the mustunderstand header to false. I would prefer to do this in code than via configuration.

    Read the article

  • Addressing "Access Denied" Exception with WMI Calls

    - by Joe
    I'm getting an exception with a message of "Access Denied" when executing against a WMI request. Some WMI requests appear to require higher security privileges than others. Ultimately my goal is to monitor process launches within the system and log. Regardless if there is a better approach, its now become a vendetta in getting this WMI approach to work. I've attempted the code at Security Tools - WMI Programming Using C#.Net and still receive the exception. If you copy the code found in the blog entry you can reproduce my issue. Another post on a similar topic can be found at link text but again, try the code and you'll the see the same security exception. How do I permit my code to execute these WMI requests? I'm running on Windows 7 Pro and VS 2010 in a new C# command line project.

    Read the article

  • Mixing JQuery Ajax with ASP.NET : is there any security risk

    - by Sayem Ahmed
    I am using jQuery with ASP.NET in a project. Instead of using ASP.NET Ajax, I am using jquery's ajax functions. Is there any security risk if I do that? I mean, since I am using jquery's ajax calls, no view state information will be passed to the server so that it can verify the page's authenticity (though it saves a lot of bandwidth..). I would also like to know what is the best/good practice here.

    Read the article

  • Rolling back file moves, folder deletes and mysql queries

    - by Workoholic
    This has been bugging me all day and there is no end in sight. When the user of my php application adds a new update and something goes wrong, I need to be able to undo a complex batch of mixed commands. They can be mysql update and insert queries, file deletes and folder renaming and creations. I can track the status of all insert commands and undo them if an error is thrown. But how do I do this with the update statements? Is there a smart way (some design pattern?) to keep track of such changes both in the file structure and the database? My database tables are MyISAM. It would be easy to just convert everything to InnoDB, so that I can use transactions. That way I would only have to deal with the file and folder operations. Unfortunately, I cannot assume that all clients have InnoDB support. It would also require me to convert many tables in my database to InnoDB, which I am hesitant to do.

    Read the article

  • iphone: is there any secure way to establish 2-way SSL from an application

    - by pmilosev
    Hi I need to establish a HTTPS 2-way SSL connection from my iPhone application to the customer's server. However I don't see any secure way to deliver the client side certificates to the application (it's an e-banking app, so security is really an issue). From what I have found so far the only way that the app would be able to access the certificate is to provide it pre-bundeled with the application itself, or expose an URL from which it could be fetched (http://stackoverflow.com/questions/2037172/iphone-app-with-ssl-client-certs). The thing is that neither of this two ways prevent some third party to get the certificate, which if accepted as a risk eliminates the need for 2-way SSL (since anyone can have the client certificate). The whole security protocol should look like this: - HTTPS 2-way SSL to authenticate the application - OTP (token) based user registration (client side key pair generated at this step) - SOAP / WSS XML-Signature (requests signed by the keys generated earlier) Any idea on how to establish the first layer of security (HTTPS) ? regards

    Read the article

  • How to configure grails and shiro to mark cookies secure?

    - by j4y
    I'm using Grails 2.2.4 with the Shiro plugin (v1.1.4) and would like to mark the cookies as secure so the session information won't be sent over http. This is the attribute I want to set: securityManager.sessionManager.sessionIdCookie.secure = true The shiro source says to use the Grails bean property override mechanism, which is grails-app/conf/spring/resources.groovy How can I override just the one setting? // If the legacy 'security.shiro.filter.config' option is set, // use our custom INI-based filter... if (application.config.security.shiro.filter.config) { log.warn "security.shiro.filter.config option is deprecated. Use Grails' bean property override mechanism instead." 'filter-class'('org.apache.shiro.grails.LegacyShiroFilter') 'init-param' { 'param-name'('securityManagerBeanName') 'param-value'('shiroSecurityManager') }

    Read the article

  • Create java sandbox based on security policies

    - by argos
    I need to create environment to run potentially untrusted code. Program allowed to connect to preconfigured address:port and nothing else (even read the system time). I have compiled the class whitelist. I'd searched similar questions, but found only template that based on SecurityManager which AFAIK is deprecated. Can anybody give me a simple sample how to run code in sandbox based on security policies and AccessController?

    Read the article

  • Untrusted GPGPU code (OpenCL etc) - is it safe? What risks?

    - by Grzegorz Wierzowiecki
    There are many approaches when it goes about running untrusted code on typical CPU : sandboxes, fake-roots, virtualization... What about untrusted code for GPGPU (OpenCL,cuda or already compiled one) ? Assuming that memory on graphics card is cleared before running such third-party untrusted code, are there any security risks? What kind of risks? Any way to prevent them ? (Possible sandboxing on gpgpu or other technique?) P.S. I am more interested in gpu binary code level security rather than hight-level gpgpu programming language security (But those solutions are welcome as well). What I mean is that references to gpu opcodes (a.k.a machine code) are welcome.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 139 140 141 142 143 144 145 146 147 148 149 150  | Next Page >