Search Results

Search found 25324 results on 1013 pages for 'folder security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 144/1013 | < Previous Page | 140 141 142 143 144 145 146 147 148 149 150 151  | Next Page >

  • IHTMLTxtRange.execCommand("Copy",false,null) fails due to IE settings

    - by srirambalaji-s
    We have a .Net application that is used for editing/rendering customized HTML documents. It is hosted in IE using the AxSHDocVw.AxWebBrowser controls. We proceed with navigating to "about:blank" page initially then we change the Document by writing our custom values into it. The problem we are facing is the call to IHTMLTxtRange.execCommand("Copy",false,null) is failing if we don't enable the IE Security Settings in the Internet Security zone (Scripting-Allow Programmatic Access to Clipboard ). In order to bypass the security setting ,I tried to point to a local html file initially while navigating. But this fails as soon as I modify the Document. I want to use the IHTMLTxtRange.execCommand("Copy",false,null) command so that I can customize our Copy/Paste operations. Is there any other way I can do this. Please share your ideas inorder to overcome this situation. Thanks. Sriram

    Read the article

  • json webservice security

    - by crisgomez
    I have a problem regarding json web service security. I tried to developed a sample web application using json webservice,but the problem is the url was exposed on the client side.So from there,anybody can make a program and call the service for a thousand times. Please take note, that the web service will be using for a registration page, in which checks if the user was exist on the database.So there is no authentication happened on this process. What are the approach to secure the calling of the exposed web service?

    Read the article

  • C# Interop.Word Adding an Image from project resource folder

    - by iamnobody
    Hi guys. Having some image problem with Interop.Word and C#. I want to add an image in the header of the document that I am going to generate. I have this code working perfectly section.Headers[Word.WdHeaderFooterIndex.wdHeaderFooterPrimary].Shapes.AddPicture(@"C:\Logo.jpg", ref x, ref x, ref x, ref x, ref x, ref x, ref x); Problem is that I can't have "C:\Logo.jpg" in the code since after publishing the project, there would most probably be no Logo.jpg in the C folder of the user. The image is already in my project's resource folder. I've used Image.FromFile("Logo.jpg") before but .AddPicture requires a string and not an image. Any ideas? Any help would be greatly appreciated. Thanks! -- edit -- Saw this over the net: string anyPath = @"C:\logo.jpg"; Properties.Resources.logo.Save(anyPath); section.Headers.[...].Shapes.AddPicture(anyPath, ... but then I still get a generic error in GDI+ or ExternalException was unhandled.

    Read the article

  • Paypal's "Security header is not valid"

    - by Paypal
    I'm implementing the Express Checkout? I have no problem with the first two steps:SetExpressCheckout and GetExpressCheckout,but met the "Security header is not valid" at DoExpressCheckout. The API credentials are the same! I've fixed it by changing the $environment to live in DoExpressCheckout.(The difference is that it'll use https://api.sandbox.paypal.com/nvp/ instead of https://api-3t.$environment.paypal.com/nvp) But why? Is there something wrong with https://api-3t.$environment.paypal.com/nvp?

    Read the article

  • SharePoint Navigation Custom Link Security Trimming

    - by ifunky
    Hi, We've got our navigation setup so that subsites show in the global navigation but we have a requirement to also put custom links to external sites which is straight forward. The tricky part is that some of the custom links need security trimming which you don't get when you add your own links to the navigation. Just wondering if anyone has got some ideas on how to work around this? Thanks Dan

    Read the article

  • Make a Method of the Business Layer secure. best practice / best pattern [.net/c#]

    - by gsharp
    Hi We are using ASP.NET with a lot of AJAX "Page Method" calls. The WebServices defined in the Page invokes methods from our BusinessLayer. To prevent hackers to call the Page Methods, we want to implement some security in the BusinessLayer. We are struggling with two different issues. First one: public List<Employees> GetAllEmployees() { // do stuff } This Method should be called by Authorized Users with the Role "HR". Second one: public Order GetMyOrder(int orderId) { // do sutff } This Method should only be called by the owner of the Order. I know it's easy to implement the security for each method like: public List<Employees> GetAllEmployees() { // check if the user is in Role HR } or public Order GetMyOrder(int orderId) { // check if the order.Owner = user } What I'm looking for is some pattern/best practice to implement this kind of security in a generic way (without coding the the if then else every time) I hope you get what i mean :-) Thanks for you help.

    Read the article

  • Copy folder contents using VBScript

    - by LukeR
    I am trying to copy the contents of certain folders to another folder using VBScript. The goal is to enumerate a user's AD groups and then copy specific folder content based on those groups. I have code, which is currently not working. Dim Group,User,objFSO,objFolder,source,target,StrDomain StrDomain = "domain.local" FolderBase = "\\domain.local\netlogon\workgrps\icons" Set net = CreateObject("wscript.network") Struser = net.username target = "\\fs1\users\"&net.username&"\Desktop\AppIcons\" DispUserInWhichGroup() Function DispUserInWhichGroup() On Error Resume Next Set objFSO=CreateObject("Scripting.FileSystemObject") Set User = GetObject("WinNT://" & strDomain & "/" & strUser & ",user") For Each Group In User.Groups source = FolderBase & Group.name Set objFolder = GetFolder(source) For Each file in objFolder.Files objFSO.CopyFile source &"\"& file.name, target&"\"&file.name Next Next End Function This has been cobbled together from various sources, and I'm sure most of it is right, I just can't get it working completely. Any assistance would be great. Cheers.

    Read the article

  • Make a Method of the Business Layer secure. best practice / best pattern

    - by gsharp
    We are using ASP.NET with a lot of AJAX "Page Method" calls. The WebServices defined in the Page invokes methods from our BusinessLayer. To prevent hackers to call the Page Methods, we want to implement some security in the BusinessLayer. We are struggling with two different issues. First one: public List<Employees> GetAllEmployees() { // do stuff } This Method should be called by Authorized Users with the Role "HR". Second one: public Order GetMyOrder(int orderId) { // do sutff } This Method should only be called by the owner of the Order. I know it's easy to implement the security for each method like: public List<Employees> GetAllEmployees() { // check if the user is in Role HR } or public Order GetMyOrder(int orderId) { // check if the order.Owner = user } What I'm looking for is some pattern/best practice to implement this kind of security in a generic way (without coding the the if then else every time) I hope you get what i mean :-)

    Read the article

  • Turn off IIS 7.5 Attach security warning

    - by Miau
    IIS 7 and Visual Studio 2008, every time you attach to w3wp.exe you get an Attach Security Warning, How do you turn this of? It would be cool to know also, how to keep it attached for linger, as this seems to time out after a while Btw: I Added this as a comment to the answer below, the first thing i did was try the msdn article http://msdn.microsoft.com/en-us/library/ms241736.aspx that doesn't work

    Read the article

  • Where can I find a deliberately insecure open source web application?

    - by Phil Laliberte
    As a developer, I've learned that I usually gain a better understanding of best/worst practices through experience. The area of web application security isn't really somewhere where my organization can afford to let developers learn through trial and error. So looking for a hands-on approach to knowledge sharing of best practices in web application security, I was thinking that it would be useful to have an open source application that was deliberately built to be insecure in order to help teach junior developers about application security. Does anyone out there know where to find something like this?

    Read the article

  • folder structure in a mercurial repo?

    - by ajsie
    I have just switched from svn to mercurial and have read some tutorials about it. I've still got some confusions that i hope you could help me to sort out. I wonder if I have understood the folder structure in a mercurial repo right. In a svn repo I usually have these folders: svn: branches (branches/chat, branches/new_login etc) tags (version1.0, version2.0 etc) sandbox trunk Should a branch actually be another clone of the original/central repo in mercurial? it seemed like that when I read the manual. And a tag is just a named identifier, but you should clone the original/central repo whenever you want to create a tag? How about the sandbox? should that be another clone too? So basically you just have in a repo all the folders/files that you would have in the trunk folder? mercurial: central repo: projects folders/files (not in any parentfolder) tag repo: cloned from central repo at a given moment for release (version1.0, version2.0 etc) branch repo: cloned from central repo for adding features (chat, new_login etc) sandbox repo: experimental repo (could be pushed to central repo, or just deleted) is this correct?

    Read the article

  • osCommerce Security Issue

    - by Auxi
    Hi, I am planning to integrate some opensource shopping cart with my site and I am bit worried about it's security. Is it that easy to hack osCommerce based website? Because I am thinking to use osCommerce.. Kindly advise.

    Read the article

  • Access denied to path , when uploading image to folder in server

    - by apekshabs
    Am getting error when you are going to upload the file on specified folder in the server. Here I am going to upload P6100083.jpg in storeimg folder. When I am going to upload I am getting the following error: Access to the path 'C:\inetpub\vhosts\bookmygroups.com\httpdocs\storeimg\P6100083.jpg' is denied. Can anyone help me... How to use permisiion and were to use... My code is while uploading image if (FileUpload1.HasFile) { float fileSize = FileUpload1.PostedFile.ContentLength; float floatConverttoKB = fileSize / 1024; float floatConverttoMB = floatConverttoKB / 1024; string DirName = "storeimg"; string savepath = Server.MapPath(DirName + "/"); DirectoryInfo dir = new DirectoryInfo(savepath); // string savepath = "C:\\Documents and Settings\\ssis3\\My Documents\\Visual Studio 2005\\WebSites\\finalbookgroups\\" + DirName + "\\"; if (fileSize < 4194304) { string filename = Server.HtmlEncode(FileUpload1.FileName); string extension = System.IO.Path.GetExtension(filename).ToUpper(); if (extension.Equals(".jpg") || extension.Equals(".JPG") || extension.Equals(".JPEG") || extension.Equals(".GIF")) { savepath += filename; FileUpload1.SaveAs(savepath); } } Thanks in advance

    Read the article

  • Storing a NTFS Security Descriptor in C

    - by Doori Bar
    My goal is to store a NTFS Security Descriptor in its identical native state. The purpose is to restore it on-demand. I managed to write the code for that purpose, I was wondering if anybody mind to validate a sample of it? (The for loop represents the way I store the native descriptor) This sample only contains the flag for "OWNER", but my intention is to apply the same method for all of the security descriptor flags. I'm just a beginner, would appreciate the heads up. Thanks, Doori Bar #define _WIN32_WINNT 0x0501 #define WINVER 0x0501 #include <stdio.h> #include <windows.h> #include "accctrl.h" #include "aclapi.h" #include "sddl.h" int main (void) { DWORD lasterror; PSECURITY_DESCRIPTOR PSecurityD1, PSecurityD2; HANDLE hFile; PSID owner; LPTSTR ownerstr; BOOL ownerdefault; int ret = 0; unsigned int i; hFile = CreateFile("c:\\boot.ini", GENERIC_READ | ACCESS_SYSTEM_SECURITY, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_FLAG_BACKUP_SEMANTICS, NULL); if (hFile == INVALID_HANDLE_VALUE) { fprintf(stderr,"CreateFile() failed. Error: INVALID_HANDLE_VALUE\n"); return 1; } lasterror = GetSecurityInfo(hFile, SE_FILE_OBJECT, OWNER_SECURITY_INFORMATION , &owner, NULL, NULL, NULL, &PSecurityD1); if (lasterror != ERROR_SUCCESS) { fprintf(stderr,"GetSecurityInfo() failed. Error: %lu;\n", lasterror); ret = 1; goto ret1; } ConvertSidToStringSid(owner,&ownerstr); printf("ownerstr of PSecurityD1: %s\n", ownerstr); /* The for loop represents the way I store the native descriptor */ PSecurityD2 = malloc( GetSecurityDescriptorLength(PSecurityD1) * sizeof(unsigned char) ); for (i=0; i < GetSecurityDescriptorLength(PSecurityD1); i++) ((unsigned char *) PSecurityD2)[i] = ((unsigned char *) PSecurityD1)[i]; if (IsValidSecurityDescriptor(PSecurityD2) == 0) { fprintf(stderr,"IsValidSecurityDescriptor(PSecurityD2) failed.\n"); ret = 2; goto ret2; } if (GetSecurityDescriptorOwner(PSecurityD2,&owner,&ownerdefault) == 0) { fprintf(stderr,"GetSecurityDescriptorOwner() failed."); ret = 2; goto ret2; } ConvertSidToStringSid(owner,&ownerstr); printf("ownerstr of PSecurityD2: %s\n", ownerstr); ret2: free(owner); free(ownerstr); free(PSecurityD1); free(PSecurityD2); ret1: CloseHandle(hFile); return ret; }

    Read the article

  • IIS token based security, ssl certificate and https, proxy

    - by davidgshi
    I have developed a new web service. Now, I need to deal with security issue as we are intending to make it a secure service. In order to set up SSL and https, I need to obtain and install an SSL certificate. Who is the certificate authority? Do you know how to go about with this? Are there concise articles on this? Regards. David

    Read the article

  • Grails spring security defaultTargetUrl going wrong path

    - by fsi
    Grails 2.4 with Spring security 2 3RC I have this on my Config.groovy grails.plugin.springsecurity.controllerAnnotations.staticRules = [ '/': ['permitAll'], '/index': ['permitAll'], '/index.gsp': ['permitAll'], '/**/js/**': ['permitAll'], '/**/css/**': ['permitAll'], '/**/images/**': ['permitAll'], '/**/favicon.ico': ['permitAll'] ] grails.plugin.springsecurity.successHandler.defaultTargetUrl = "/home/index" But this keeping me redirecting to assets/favicon.ico And my HomeController is like that @Secured(['ROLE_ADMIN', 'ROLE_USER']) def index() { if (SpringSecurityUtils.ifAllGranted('ROLE_ADMIN')) { redirect controller: 'admin', action: 'index' return } } And I modify this in my UrlMapping: "/"(controller: 'home', action:'index') Why it keeps me sending wrong path? Update: using another computer, it redirects me to /asset/grails_logo.png

    Read the article

  • Microsoft .NET security model

    - by Thomas
    Hi all, I am looking for informations about the security model of Microsoft .NET If you could explain me how it is design, or give me links to understand it, it would be very kind of you ! Thanks.

    Read the article

  • Limiting what a .net plugin can access

    - by David Hogue
    I have a web application that can load plugins through reflection. It currently uses Assembly.LoadFrom() and Activator.CreateInstance() to get this done. Right now plugins are loaded into the same AppDomain and have access to anything in my app and anything my app could access. What I'm looking for is a way to limit what classes and methods the plugin can access for security purposes. I want to have all of my classes and methods throw an exception when called unless they are whitelisted. I'd be whitelisting basically all the functions in an API class and a few data transfer objects. I also don't want the plugin to be able to access the filesystem or the database on it's own. I think I can do that with trust levels in a separate AppDomain though. Does anyone out there have any good ideas or resources? Is this something that could be done with Code Access Security or the new Security-Transparent Code features in .net 4?

    Read the article

  • Beginning PHP for someone interested in Security

    - by MaXX
    I'd like to learn PHP specifically for dealing with security vulnerabilities/exploits. Could someone recommend a book? I don't know if I need to learn HTML/CSS/XML/XHTML etc, do I have to learn those too? I don't really plan on designing websites, could anyone help me with this? :P

    Read the article

  • Coverity publie Coverity Security Library, une bibliothèque open-source pour identifier les défauts de sécurité dans les applis Web Java

    Coverity publie Coverity Security Library Une bibliothèque open source pour identifier les défauts de sécurité les plus courants dans les applis Web Java Coverity, un des leaders du marché du test de développement, vient d'annoncer la création de la Coverity Security Library, un projet open source (disponible via GitHub et Maven) pour aider les développeurs à réparer les attaques de type cross-site scripting (XSS) dans les applications Web Java. Ce projet a été initié par le Security Research Laboratory de Coverity. Il s'agit d'une bibliothèque de fonctions de contournement et de codage gratuite. « Les développeurs peuvent ainsi réparer rapidement les problèmes les plus courants, qui p...

    Read the article

  • Calling a WCF service from another WCF service

    - by ultraman69
    Hi ! I have a WCF service hosted on a windows service on my Server1. It also has IIS on this machine. I call the service from a web app and it works fine. But within this service, I have to call another WCF sevice (also hosted on a windows service) located on Server2. The security credentials are set to "Message" and "Username". I have an error like "SOAP protcol negociation failed". It's a problem with my server certificate public key that doesn't seem to be recognise. However, if I call the service on the Server2 from Server1 in a console app, it works fine. I followed this tutorial to set up my certificates : http://www.codeproject.com/KB/WCF/wcf_certificates.aspx Here's the config file from my service on Server1 that tries to call the second one : <endpoint address="" binding="wsHttpBinding" contract="Microsoft.ServiceModel.Samples.ITraitement" /> <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" /> </service> </services> <client> <endpoint address="http://Server2:8000/servicemodelsamples/service" behaviorConfiguration="myClientBehavior" binding="wsHttpBinding" bindingConfiguration="MybindingCon" contract="Microsoft.ServiceModel.Samples.ICalculator" name=""> <identity> <dns value="ODWCertificatServeur" /> </identity> </endpoint> </client> <bindings> <wsHttpBinding> <binding name="MybindingCon"> <security mode="Message"> <message clientCredentialType="UserName" /> </security> </binding> </wsHttpBinding> </bindings> <behaviors> <serviceBehaviors> <behavior name="ServiceTraitementBehavior"> <serviceMetadata httpGetEnabled="True"/> <serviceDebug includeExceptionDetailInFaults="True" /> </behavior> </serviceBehaviors> <endpointBehaviors> <behavior name="myClientBehavior"> <clientCredentials> <clientCertificate findValue="MachineServiceTraitement" x509FindType="FindBySubjectName" storeLocation="LocalMachine" storeName="My" /> <serviceCertificate> <authentication certificateValidationMode="ChainTrust" revocationMode="NoCheck"/> </serviceCertificate> </clientCredentials> </behavior> </endpointBehaviors> </behaviors> And here's the config file from the web app that calls the service on Server1 : <system.serviceModel> <bindings> <wsHttpBinding> <binding name="WSHttpBinding_ITraitement" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false"> <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" /> <reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false" /> <security mode="Message"> <transport clientCredentialType="Windows" proxyCredentialType="None" realm="" /> <message clientCredentialType="Windows" negotiateServiceCredential="true" algorithmSuite="Default" establishSecurityContext="true" /> </security> </binding> </wsHttpBinding> </bindings> <client> <endpoint address="http://localhost:8020/ServiceTraitementPC" binding="wsHttpBinding" bindingConfiguration="WSHttpBinding_ITraitement" contract="ITraitement" name="WSHttpBinding_ITraitement"> </endpoint> </client> Any idea why it works if if I call it in a console app and not from my service ? Maybe it has something to do with the certificateValidationMode="ChainTrust" ?

    Read the article

  • How to treat compressed folders as files using ShellObject from WindowsAPICodePack?

    - by JustABill
    I am trying to implement a filesystem browser using the WindowsAPICodePack for C# (.Net 4), and it works pretty well, except that the ShellObject system treats zip files as folders, whereas I'd prefer they be files. Is there some way I can force it to work this way? The low-level interop it does is beyond me. As far as I can tell, internally it asks if the item is a Folder or a Filesystem element. It then uses this (and some type checks) to figure out what it actually is. Is it safe to force it to treat it as a file if it's Compressed? Or do I have to do something else?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 140 141 142 143 144 145 146 147 148 149 150 151  | Next Page >