Search Results

Search found 15648 results on 626 pages for 'wcf security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 186/626 | < Previous Page | 182 183 184 185 186 187 188 189 190 191 192 193  | Next Page >

  • Running an existing LINQ query against a dynamic object (DataTable like)

    - by TomTom
    Hello, I am working on a generic OData provider to go against a custom data provider that we have here. Thsi is fully dynamic in that I query the data provider for the table it knows. I have a basic storage structure in place so far based on the OData sample code. My problem is: OData supports queries and expects me to hand in an IQueryable implementation. On the lowe rside, I dont have any query support. Not a joke - the provider returns tables and the WHERE clause is not supported. Performance is not an issue here - the tables are small. It is ok to sort them in the OData provider. My main problem is this. I submit a SQL statement to get out the data of a table. The result is some sort of ADO.NET data reader here. I need to expose an IQueryable implementation for this data to potentially allow later filtering. Any ide ahow to best touch that? .NET 3.5 only (no 4.0 planned for some time). I was seriously thinking of creating dynamic DTO classes for every table (emitting bytecode) so I can use standard LINQ. Right now I am using a dictionary per entry (not too efficient) but I see no real way to filter / sort based on them.

    Read the article

  • Is it possible to put binary image data into html markup and then get the image displayed as usual i

    - by Joern Akkermann
    It's an important security issue and I'm sure this should be possible. A simple example: You run a community portal. Users are registered and upload their pictures. Your application gives security rules whenever a picture is allowed to be displayed. For example users must be friends on each sides by the system, in order that you can view someone else's uploaded pictures. Here comes the problem: it is possible that someone crawls the image directories of your server. But you want to protect your users from such attacks. If it's possible to put the binary data of an image directly into the HTML markup, you can restrict the user access of your image dirs the user and group your web application runs of and pass the image data to your Apache user and group directly in the HTML. The only possible weakness then is the password of the user that your web app runs as. Is there already a possibility?

    Read the article

  • Best Pratice to Implement Secure Remember Me

    - by Yan Cheng CHEOK
    Sometimes, I came across certain web development framework which doesn't provide authentication feature as in Authenication ASP.NET I was wondering what is the security measure needs to be considered, when implementing "Remember Me" login feature, by hand coding? Here are the things I usually did. 1) Store the user name in cookie. The user name are not encrypted. 2) Store a secret key in cookie. The secret key is generated using one way function based on user name. The server will verify secret key against user name, to ensure this user name is not being changed. 3) Use HttpOnly in cookie. http://www.codinghorror.com/blog/2008/08/protecting-your-cookies-httponly.html Any things else I could miss out, which could possible lead a security hole.

    Read the article

  • How to implement a lazy loaded Silverlight data grid without using paging

    - by Marc Wittke
    Using the Business Application template from the brand new released RIA Services, you can see lots of examples using the data grid on top of a DomainDataSource in combination with a DataPager. The properties PageSize and LoadSize can be used to adjust the amount of data to be displayed in one page and the data that is prefetched in the background. Now I'd like to have a data grid with a scrollbar and no pager. The underlying DomainDataSource should load only the data that is diplayed in the grid. It should trigger another load, when the user scrolls down to items that are not yet in the data context. Is there any sample implementation how to do this?

    Read the article

  • Deserialization on client side in Domain Service

    - by ankit
    I have 2 classes: Person and Contact. Person class has a property named ContactNumber which returns the Contact type, and this property is marked as a DataMember for serialization. I have marked Contact type as a DataContract. On the client side I am able to get the values, but when I try to insert a value and then do submit, I get the following exception: Failed to deserialize change-set. Failed to convert value of type 'Dictionary`2' to type 'Contact' Stack Trace is: at System.Web.Ria.DataServiceSubmitRequest.GetChangeSet(DomainService domainService) at System.Web.Ria.DataServiceSubmitRequest.Invoke(DomainService domainService) at System.Web.Ria.DataService.System.Web.IHttpHandler.ProcessRequest(HttpContext context) Can anyone give me the solution ?

    Read the article

  • How to allow netNamedPipeBinding to work with requiring UAC?

    - by Rohit
    I have a service running under Local system account. I have an application that run in a non-UAC mode. Both interact with each other as both act as server and client. Application as client can communicate with Service. But Service as client cannot communicate with application. If I run with UAC the problem is solved. <customBinding> <binding name="net.pipe"> <namedPipeTransport /> </binding> </customBinding>

    Read the article

  • Service Contracts with Message causes duplicate proxy classes

    - by jaklucky
    Hi, I have a service contract with Message as shown below. [OperationContract] Message MyMethodWithMessage(Message myMsgParam); Everything works fine. I could host my services. But when I try to create proxies through "Add Service References", I am getting the duplicate proxy classes. If I take out the above OperationContract and re run my services and try to create proxies, then "Add Service References" does not provide duplicate proxies. I am really confused about this!!! Any help is greatly appreciated... Thank you, Suresh

    Read the article

  • What are the weaknesses of this user authentication method?

    - by byronh
    I'm developing my own PHP framework. It seems all the security articles I have read use vastly different methods for user authentication than I do so I could use some help in finding security holes. Some information that might be useful before I start. I use mod_rewrite for my MVC url's. Passwords are sha1 and md5 encrypted with 24 character salt unique to each user. mysql_real_escape_string and/or variable typecasting on everything going in, and htmlspecialchars on everything coming out. Step-by step process: Top of every page: session_start(); session_regenerate_id(); If user logs in via login form, generate new random token to put in user's MySQL row. Hash is generated based on user's salt (from when they first registered) and the new token. Store the hash and plaintext username in session variables, and duplicate in cookies if 'Remember me' is checked. On every page, check for cookies. If cookies set, copy their values into session variables. Then compare $_SESSION['name'] and $_SESSION['hash'] against MySQL database. Destroy all cookies and session variables if they don't match so they have to log in again. If login is valid, some of the user's information from the MySQL database is stored in an array for easy access. So far, I've assumed that this array is clean so when limiting user access I refer to user.rank and deny access if it's below what's required for that page. I've tried to test all the common attacks like XSS and CSRF, but maybe I'm just not good enough at hacking my own site! My system seems way too simple for it to actually be secure (the security code is only 100 lines long). What am I missing? I've also spent alot of time searching for the vulnerabilities with mysql_real_escape string but I haven't found any information that is up-to-date (everything is from several years ago at least and has apparently been fixed). All I know is that the problem was something to do with encoding. If that problem still exists today, how can I avoid it? Any help will be much appreciated.

    Read the article

  • InvalidOperationException when using soap client

    - by codymanix
    I've added as wsdl file using the add servece reference dialog in vs2008. MyService serviceproxy = new MyService(); When I instantiate the service proxy, I get an InvalidOperationException with the following text (translated from german): Could not find default endpoint element to the contract "ServiceName.ServiceInterface" in the service model refers client configuration section. This may be because: The application configuration file was not found or not an endpoint in the client element item is found, which corresponded to this contract. Where servicename is the name I give the service when I add it in vs2008 and ServiceInterface the interface which is automatically generated for it.

    Read the article

  • How to change the behavior of string objects in web service calls via Windows Communication Foundati

    - by Geri Langlois
    I have third party api's which require string values to be submitted as empty strings. On an asp.net page I can use this code (abbreviated here) and it works fine: public class Customer { private string addr1 = ""; public string Addr1 { get {return addr1;} set {addr1 = value;} } private string addr2 = ""; public string Addr2 { get {return addr2;} set {addr2 = value;} } private string city = ""; public string City { get {return city;} set {city = value;} } } Customer cust = new Customer(); cust.Addr1 = "1 Main St."; cust.City = "Hartford"; int custno = CustomerController.InsertCustomer(cust); The Addr2 field, which was not initialized is still an empty string when inserted. However, using the same code but called it through a web service based on Windows Communication Foundation the Addr2 field is null. Is there a way (or setting) where all string fields, even if uninitialized, would return an empty string (unless, of course, a value was set).

    Read the article

  • Exposing a service to external systems - How should I design the contract?

    - by Larsi
    Hi! I know this question is been asked before here but still I'm not sure what to select. My service will be called from many 3 party system in the enterprise. I'm almost sure the information the service will collect (MyBigClassWithAllInfo) will change during the products lifetime. Is it still a good idea to expose objects? This is basically what my two alternatives: [ServiceContract] public interface ICollectStuffService { [OperationContract] SetDataResponseMsg SetData(SetDataRequestMsg dataRequestMsg); } // Alternative 1: Put all data inside a xml file [DataContract] public class SetDataRequestMsg { [DataMember] public string Body { get; set; } [DataMember] public string OtherPropertiesThatMightBeHandy { get; set; } // ?? } // Alternative 2: Expose the objects [DataContract] public class SetDataRequestMsg { [DataMember] public Header Header { get; set; } [DataMember] public MyBigClassWithAllInfo ExposedObject { get; set; } } public class SetDataResponseMsg { [DataMember] public ServiceError Error { get; set; } } The xml file would look like this: <?xml version="1.0" encoding="utf-8"?> <Message>   <Header>     <InfoAboutTheSender>...</InfoAboutTheSender>   </Header>   <StuffToCollectWithAllTheInfo>   <stuff1>...</stuff1> </StuffToCollectWithAllTheInfo> </Message> Any thought on how this service should be implemented? Thanks Larsi

    Read the article

  • "Circuit breaker" for net.msmq?

    - by Alex
    Hi, The Circuit Breaker pattern, from the book Release It!, protects a service from requests while it is failing (or recovering). The net.msmq binding used with transactions give us nice retry and poison message capabilities. But I am missing the implementation of such a "Circuit breaker" pattern. A service is put under even heavier load by retries while it is already in a failure condition (like DB connectivity issues causing loads of blocked threads etc.). Anyone knows about a behavior extension or similar that explicitly closes the service host when defined failure thresholds have been exceeded? Cheers, Alex

    Read the article

  • How do I create a Web Service in Visual Studio.NET using a WSDL file?

    - by myermian
    I'm trying to use a WSDL Top Down approach to create a Web Service in Visual Studio 2010. I used Eclipse's WSDL GUI Editor to generate a WSDL file (CalculatorWSDL.wsdl) which uses the SOAP method for communication. I also used wsdl.exe to generate a C# file (Calculator.cs). Now, I'm not sure what to do next. How do I actually use the Calculator.cs on the server and/or client?

    Read the article

  • Parsing JSON object in JQuery

    - by koby
    Hi, I have simple JSON object returned in form {"d":"{\"Name\":\"DMX100\",\"Description\":\"blah blah\",\"ID\":\" 780\",\"Make\":\"2010\"}"} How do I parse it in success. success: function(msg) { $('#something').html(msg.d.Name); } Above code doesnt display Name but when I pass $('#something').html(msg.d); it shows complete Json string. How do I reach to individual properties Thanks

    Read the article

  • ASP.Net: Is it possible to cache the js-proxies generated by scriptmanager?

    - by AndreasKnudsen
    We have the following code: <asp:ScriptManager runat="server"> ... <Services> <asp:ServiceReference Path="~/JSONServices/ProfileService.svc" /> </Services> ... This results in a Javascript proxy found in /JSONServices/ProfileService.svc/js. This Javascript has content expiry set to the same time it was called (so it is never cached on the client). Is it possible to have the clients cache these proxies for some time?

    Read the article

  • how to fix protocol violation in c#

    - by Jeremy Styers
    I have a c# "client" and a Java "server". The java server has a wsdl it serves to the client. So far it works for c# to make a request for the server to perform a soap action. My server gets the soap request executes the method and tries to return the result back to the client. When I send the response to c# however, I get "The server committed a protocol violation. Section=ResponseStatusLine". I have spent all day trying to fix this and have come up with nothing that works. If I explain what i did, this post would be very long, so I'll keep it brief. i Googled for hours and everything tells me my "response line" is correct. I tried shutting down Skype, rearranging the response line, adding things, taking things away, etc, etc. All to no avail. This is for a class assignment so no, I can not use apis to help. I must do everything manually on the server side. That means parsing by hand, creating the soap response and the http response by hand. Just thought you'd like to know that before you say to use something that does it for me. I even tried making sure my server was sending the correct header by creating a java client that "mimicked" the c# one so I could see what the server returned. However, it's returning exactly what i told it to send. I tried telling my java client to do the same thing but to an actuall running c# service, to see what a real service returns, and it returned basically the same thing. To be safe, I copied it's response and tried sending it to the c# client and it still threw the error. Can anyone help? I've tried all i can think of, including adding the useUnsafeHeaderParsing to my app config. Nothing is working though. I send it exactly what a real service sends it and it yells at me. I send it what i want and it yells. I'm sending this: "200 OK HTTP/1.0\r\n" + "Content-Length: 201\r\n" + "Cache-Control: private\r\n" + "Content-Type: text/xml; charset=utf-8\r\n\r\n";

    Read the article

  • Add a Binding Extension via Code

    - by FlySwat
    I'm trying to figure out a way to add a binding extension to an endpoint via code, instead of through configuration files. Ideally I want it to simply be an attribute I place on the service method. So far it seems like the only thing that isn't exposed publicly is the binding extensions.

    Read the article

  • Dealing with passwords securely

    - by Krt_Malta
    Hi I have a Java web service and a Java web client making use of this service. One of the functions is to create a new user account. My two concerns are: How will I send the user's password securely from the client. How will I store the user's password securely on the server. How can I achieve these? I know the theory basically behind security, security algorithms etc but can anyone give me some advice on how I should go about in coding? Could anyone point me to some good (and if possible not complicated) examples to follow since I found some examples on the Internet very contorted? Thanks a lot and regards, Krt_Malta

    Read the article

  • Can we host a Workflow Service as a Windows Service?

    - by arsayed
    I am working on a logging application that requires me to have a Workflow that is exposed as a Service (Workflow Service). We want to host it as a Windows Service (don't want to host workflow service as .svc file in IIS). Another reason for having it as windows service is to be able to communicate with the service through the Named pipes. Can we expose a Workflow Service through Named Pipes without hosting it in IIS?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 182 183 184 185 186 187 188 189 190 191 192 193  | Next Page >