Search Results

Search found 5507 results on 221 pages for 'mod ssl'.

Page 194/221 | < Previous Page | 190 191 192 193 194 195 196 197 198 199 200 201 | Next Page >

OpenSSL: SessionTicket TLS extension problem

- by rursw1

Hello, I'm using an application which uses OpenSSL for client TLS side. We upgrade the OpenSSL version from 0.9.8e to 0.9.8k. And then TLS doesn't work... Wireshark shows that the new version (with OpenSSL 0.9.8k) sends the client hello packet with a SessionTicket extension - and the server side responds with a fatal internal error. The previous version sends an almost identical hello packet, but without the SessionTicket ext. When I replaced TLSv1_client_method with SSLv23_client_method, everything worked fine - the sent client hello packet was a SSLv2 one (In the sniffer) without any extension (as it wasn't TLS but SSL?) Is there a better way to disable this extension or to solve the problem in another way? Thanks in advance, rursw1

Read the article
nginx improperly forwards to https, adds two trailing slashes when rewriting

- by Kevin

I'm using nginx as a proxy for a django project on mod_wsgi and to serve the static content. I have two domain names for it: asdf-example.com and asdfexample.com. I want to use rewrites to redirect everything to www.asdf-example.com They're not quite working the way they should: asdf-example.com forwards to https:// www.asdf-example.com, which fails because I'm not using SSL. Though asdf-example.com/search forwards to http://.... asdfexample.com and www.asdfexample.com both forward to www.asdf-example.com//, which looks weird. My config file: server { listen 80; server_name asdf-example.com asdfexample.com; if ($host ~* ^asdf-example\.com){ rewrite ^(.*)$ http://www.asdf-example.com/$1 permanent; } if ($host ~* ^asdfexample\.com){ rewrite ^(.*)$ http://www.asdf-example.com/$1 permanent; } if ($host ~* ^www\.asdfexample\.com){ rewrite ^(.*)$ http://www.asdf-example.com/$1 permanent; } ... Thanks

Read the article
django-cms lighttpd redirect domain to url

- by Robert

Hello, I am using djano-cms for my site, but instead of language alias /en/ /de/ I need to use another domain. I would like to avoid running multiple django instances, and instead I would like to use lighttpd redirects if possible. I would like requests coming to domain2.com getting data from domain.com/en . The best would be if the user entering: domain2.com/offer got transparently data from domain.com/en/offer Tried many solutions with url.redirect, url.rewrite but none seems to work as desired. Also tried with: http://stackoverflow.com/questions/261904/matching-domains-with-regex-for-lighttpd-mod-evhost-www-domain-com-domain-com but that didn't work. Please help. This is my lighttpd configuration. $HTTP["host"] == "^domain2\.com" { url.redirect = ("^/(.*)" => "http://domain.com/en/$1") } $HTTP["host"] =~ "^domain\.com" { server.document-root = "/var/www/django/projects/domain/" accesslog.filename = "/var/log/lighttpd/domain.log-access.log" server.errorlog = "/var/log/lighttpd/www.domain-error.log" fastcgi.server = ( "/domain-service.fcgi" => ( "main" => ( "socket" => "/tmp/django-domain.sock", "check-local" => "disable", ) ), ) alias.url = ( "/media/" => "/var/www/django/projects/domain/media/", ) url.rewrite-once = ( "^(/site_media.*)$" => "$1", "^(/media.*)$" => "$1", "^/favicon\.ico$" => "/media/favicon.ico", "^(/.*)$" => "/domain-service.fcgi$1", } Thanks

Read the article
Web services Authentication Jungle

- by redben

I have been doing some research lately about best approaches to authenticating web services calls (REST SOAP or whatever). But none of the Approaches convinced me... But i still can't a make a choise... Some talk about SSL and http basic authentication -login/password- which just seems weird for a machine (i mean having to assign a login/password to a machine, or is it not ?). Some others say API keys (seems like these scheme is more used for tracking and not realy for securing). Some say tokens (like session IDs) but shouldn't we stay stateless (especially if in REST style) ? In my use case, when a remote app is calling one of our web services, i have to authenticate the calling application obviously, and the call must - if applicable - tell me which user it impersonates so i can deal with authorization later. Any thoughts ?

Read the article
Checking if a console application is still running using the Process class

- by Ced

I'm making an application that will monitor the state of another process and restart it when it stops responding, exits, or throws an error. However, I'm having trouble to make it reliably check if the process (Being a C++ Console window) has stopped responding. My code looks like this: public void monitorserver() { while (true) { server.StartInfo = new ProcessStartInfo(textbox_srcdsexe.Text, startstring); server.Start(); log("server started"); log("Monitor started."); while (server.Responding) { if (server.HasExited) { log("server exitted, Restarting."); break; } log("server is running: " + server.Responding.ToString()); Thread.Sleep(1000); } log("Server stopped responding, terminating.."); try { server.Kill(); } catch (Exception) { } } } The application I'm monitoring is Valve's Source Dedicated Server, running Garry's Mod, and I'm over stressing the physics engine to simulate it stopping responding. However, this never triggers the process class recognizing it as 'stopped responding'. I know there are ways to directly query the source server using their own protocol, but i'd like to keep it simple and universal (So that i can maybe use it for different applications in the future). Any help appreciated

Read the article
Paypal Payflow pro library

- by John Stewart

I already have an express checkout integrated with my Codeigniter application. Now I want to integrate seamless paypal where I collect the CC information and pass it to Paypal (via backend) and once everything is approved, my application shows that to the user. All this with out ever going to Paypal's website. I know that Paypal gives a bunch of sample code but they have so many different products that advertise to do the same thing. Is there any wrapper library in PHP that I can use for handling all this? What sort of design decision is involved in migrating to such system? Would I need SSL certificates for this?

Read the article
How to call Javascript fun() in JSF EL conditionally?

- by Paul

I have to call Javascript funtion based on the bean value. i use the following code onmouseover="#{occasionBean.user.userPreference.defaultPreview==true?'':'Tip()'})" I need to send some parameters in Tip() like this Tip('') Error i am getting is javax.servlet.jsp.JspException: javax.faces.el.EvaluationException: com.sun.faces.el.impl.parser.ParseException: Encountered "test" at line 1, column 60. Was expecting one of: "}" ... "." ... "" ... "gt" ... "<" ... "lt" ... "==" ... "eq" ... "<=" ... "le" ... "=" ... "ge" ... "!=" ... "ne" ... "[" ... "+" ... "-" ... "*" ... "/" ... "div" ... "%" ... "mod" ... "and" ... "&&" ... "or" ... "||" ... "?" ... '

Read the article
How to send news letters in zend

- by Sherif

i am trying to send something like news letter Via Zend_Mail but after 12 mail i got this message Fatal error: Maximum execution time of 30 seconds exceeded in C:\Program Files\Zend\Apache2\htdocs\forga\library\Zend\Mail\Protocol\Abstract.php on line 321 my Code is like: $smtpHost = 'smtp.gmail.com'; $smtpConf = array( 'auth' = 'login', 'ssl' = 'tls', 'port' = '587', 'username' ='[email protected]', 'password' = 'xxxxxxxx' ); $transport = new Zend_Mail_Transport_Smtp($smtpHost, $smtpConf); foreach($users as $user) { $mail = new Zend_Mail(); $mail-setFrom("[email protected]", 'Forga'); $mail-setSubject($subject); if($html=='on') $mail-setBodyHtml($message); else $mail-setBodyText($message); $mail-addto($user); $transport-send($mail); }

Read the article
How to change value inside a JSON string.

- by Jeremy Roy

I have a JSON string array of objects like this. [{"id":"4","rank":"adm","title":"title 1"}, {"id":"2","rank":"mod","title":"title 2"}, {"id":"5","rank":"das","title":"title 3"}, {"id":"1","rank":"usr","title":"title 4"}, {"id":"3","rank":"ref","title":"title 5"}] I want to change the title value of it, once the id is matching. So if my variable myID is 5, I want to change the title "title 5" to new title, and so on. And then I get the new JSON array to $("#rangArray").val(jsonStr); Something like $.each(jsonStr, function(k,v) { if (v==myID) { this.title='new title'; $("#myTextArea").val(jsonStr); } }); Here is the full code. $('img.delete').click(function() { var deltid = $(this).attr("id").split('_'); var newID = deltid[1]; var jsonStr = JSON.stringify(myArray); $.each(jsonStr, function(k,v) { if (v==newID) { // how to change the title jsonStr[k].title = 'new title'; alert(jsonStr); $("#rangArray").val(jsonStr); } }); }); The above is not working. Any help please?

Read the article
Accessing Securised Web Service

- by Xstahef

Hi, I need to connect to a provider's web service with a Windows Form application. He gives me a certificate to access it but I have a security problem. I have done these following steps : Add certificate to personal store (on IE & Firefox) Generate a proxy with the remote wsdl (no problem) Use this code to call a method : `using (service1.MessagesService m = new service1.MessagesService()) { X509Certificate crt = new X509Certificate(@"C:\OpenSSL\bin\thecert.p12",string.Empty); m.ClientCertificates.Add(crt); var result = m.AuthoriseTransaction(aut); this.textBox1.AppendText(result.id.ToString()); }` I have the following error : The underlying connection was closed: Could not establish trust relationship for the channel SSL / TLS. Thanks for your help

Read the article
changing src reference based upon https

- by spody

I'm adding a facebook comment widget to a website. I'm placing this widget in a file that is included on everypage. The navigation is relatively linked so it switches back and forth from http and https. But for some reason the comment widget only shows up if both the src linked file and webpage is secure or both the src linked file and webpage is NOT secure. The widget does not display of the src file is secure and the webpage is not secure. So... I've tried this but doesn't work. if (window.location.protocol == 'https:') script.setAttribute('src', 'https://ssl.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php'); } else { script.setAttribute('src', 'http://static.ak.connect.facebook.com/connect.php/en_US') }

Read the article
Smarty - foreach loop 4 times and create a new list

- by Harold

I want to achieve a list like this with smarty. <ul> <li> <a>img1</a> <a>img2</a> <a>img3</a> <a>img4</a> </li> <li> <a>img5</a> <a>img6</a> <a>img7</a> <a>img8</a> </li> <li> <a>img9</a> <a>img10</a> <a>img11</a> <a>img12</a> </li> </ul> Using this sample code <ul class="bullet"> {foreach from=$manufacturers item=manufacturer name=manufacturer_list} {if $smarty.foreach.manufacturer_list.index < 4} <li class="{if $smarty.foreach.manufacturer_list.last}last_item{elseif $smarty.foreach.manufacturer_list.first}first_item{else}item{/if}"> <a href="{$link->getmanufacturerLink($manufacturer.id_manufacturer, $manufacturer.link_rewrite)}" title="{l s='More about' mod='blockmanufacturer'}{$manufacturer.name}"> <img src="{$img_manu_dir}{$manufacturer.id_manufacturer}.jpg"><span>{$manufacturer.name}<span></a> </li> {/if} {/foreach} First with given array $manufacturers it will loop inside a <li> max of 4 times and will create 4 <img>. And then, when it reach the 4th index, it will make a new <li> tag. Thanks for the help!

Read the article
Allowing New Users to Invite Their Gmail Contacts

- by John

Hello, For my site, I would like to give new users the option to invite all of their Gmail contacts to join. What is the basic step-by-step process to set this up? (Also, is it necessary to buy an SSL for this?) Thanks in advance, John EDIT: My site has a basic login where users set up a username and password. I would like to give users the option to invite their Gmail contacts right after they create their new profile. I would also like to give them the option to invite their Gmail contacts anytime they want.

Read the article
Can you create a HIPAA compliant Amazon S3 Web Application?

- by xkingpin

I am facing some questions when trying to design an S3 application using ASP.NET MVC and trying to stay HIPAA compliant. My initial plan was to require an SSL connection to my web server, encrypt the images on my server, then send them to s3 using my private keys. Here's my obvious concerns: You cannot store unencrypted images in any temporary file cache when client views images within the browser. Even if I setup an ashx to generically handle the image in memory, couldn't this get stored in cache? Saying the images will be encrpyted because you will be connecting to my server via https still does not guarantee all browsers will not cache data. It's not possible to even consider the "Query String" with expiration option since data will be encrypted before being stored on disk at s3, and will again be decrypted at my server in memory. I think my only option would be to write/purchase some sort of ActiveX component that will not expose the image as a simple html image source or write my app as a client side WinForm application.

Read the article
Java applet loading images from external jars

- by Mathias

I have a jar on a server, and users should be able to develop extensions for it. Therefore the jars main class should be extended and some resources should be added to a second user created jar which will be loaded from another server or locally. Now I have problems accessing the resources (images) from the user loaded jars. Heres is the structure: My Server: game.jar containing game.class images.class ... image1.png (...) Local: user.jar containing: user.class extends game userimage.png The extension is loaded via Greasemonkey, it modifies the "archive" attribute to "/home/username/user.jar, game.jar" and the "code" attribute to "user.class". The user should be able to overwrite already defined images. If the image does not exist in game.jar, it is loaded correctly from user.jar. But the images loaded early in the game are always loaded from the game.jar, others seem to be overwritten correctly by the user. Is there a way to make sure they are always loaded in the correct order? This might be because of some caching mechanism. Because Greasemonkey removes the game from the page, changes the archive and code and reinsert it, the game is loaded without a mod for a brief second. In that time, images are loaded as expected from game jar, but those are the ones not being overwritable by the user. But how to avoid it? Another thing: If I overwrite the "run" method in user.class, the game is unable to load any image at all. Not from the user.jar and not from the game.jar. Java doesn't find the image, as the URL object "getClass().getResource(imagename)" returns with null. I tried to overwrite the image.class, but that doesn't fix the problem, unless I overwrite every class from game.class involved into calling the image.class

Read the article
php request variables assigning $_GEt

- by chris

if you take a look at a previous question http://stackoverflow.com/questions/2690742/mod-rewrite-title-slugs-and-htaccess I am using the solution that Col. Shrapnel proposed- but when i assign values to $_GET in the actual file and not from a request the code doesnt work. It defaults away from the file as if the $_GET variables are not set The code I have come up with is- if(!empty($_GET['cat'])){ $_GET['target'] = "category"; if(isset($_GET['page'])){ $_GET['pageID'] = $_GET['page']; } $URL_query = "SELECT category_id FROM cats WHERE slug = '".$_GET['cat']."';"; $URL_result = mysql_query($URL_query); $URL_array = mysql_fetch_array($URL_result); $_GET['category_id'] = $URL_array['category_id']; }elseif($_GET['product']){ $_GET['target'] = "product"; $URL_query = "SELECT product_id FROM products WHERE slug = '".$_GET['product']."';"; $URL_result = mysql_query($URL_query); $URL_array = mysql_fetch_array($URL_result); print_r($URL_array); $_GET['product_id'] = $URL_array['product_id']; The original variable string that im trying to represent is /cart.php?Target=product&product_id=16142&category_id=249 And i'm trying to build the query string variables with code and including cart.php so i can use cleaner URL's So I have product/product-title-with-clean-url/ going to slug.php?product=slug Then the slug searches the db for a record with the matching slug and returns the product_id as in the code above.Then built the query string and include cart.php

Read the article
file_get_contents() returns "failed to open stream" when hitting HTTPS

- by TMC

file_get_contents() is returning "failed to open stream" when I call it on an HTTPS URL. Warning: file_get_contents(https://google.com) [function.file-get-contents]: failed to open stream: No error in E:\\htdocs\callback3.php on line 5 Same call will work with a non-SSL URL. At first, I thought it was a security issue with my webhoster, but I have verified with phpinfo() that allow url open is indeed allowed. I have also tried this code and verified it works: Anyone have any ideas why file_get_contents() is failing with an HTTPS URL? update: People correctly pointed out this was an HTTPS issue. My webhoster claims this should work, and has no idea how to resolve this. Anyone have specific directions I can give them for their IIS7 setup?

Read the article
Using java class HttpsURLConnection

- by KB22

Hi all, I have a small piece of code which basically impements a HTTP-Client, i.e. it POSTS request and works with re RESPONSE. As long as HTTP is concenerned everthing work well. For some reason I now have to support HTTPS too. So here is briefly what I do in order to get a connection opened: URL url = new URL(serverAddress); HttpsURLConnection httpsConn = (HttpsURLConnection) url.openConnection(); This fails, stating: sun.net.www.protocol.https.HttpsURLConnectionImpl cannot be cast to com.sun.net.ssl.HttpsURLConnection I guess this is kinda trivial, but I just don't get what I'm doing wrong in this one... Googled it, and the code just looks right - not? any ideas are appreciated! thanks, K

Read the article
What to keep in mind when creating your own custom web services API?

- by John Conde

I have created a website which allows users to sign up for, and use, an online service. To help promote the website we will be have resellers who will be offering their own branded services through us. The initial plan is to allow resellers to place registration, login, and lost password forms on their own website and use an API created by us to handle these requests. I have begun outlining how I expect the API to work (and starting documenting it as well) and I want to make sure I get it right, or as close to right, as I can from the beginning as I know once you have declared a public API you want to avoid changing that API at all costs. So far I have decided: To have the user pass their account credentials with each request To require SSL for all requests What else should I be keeping in mind?

Read the article
authentication of webapps when passwords are hashed with bcrypt

- by dubreakkk

I created a GWT project which requires authentication. Initially, the users' passwords were in plain text, but now I would like to hash them with BCrypt. I searched but I cannot find a place describing how to make Jetty authenticate against a BCrypt hashed password. I'm sending the password to the server using a FORM in plain text and over SSL. What do I need to do to make Jetty hash this password and compare it to the one in the database? Thank you;

Read the article
Can I make TCP/IP session to run less than 60 seconds?

- by Pavel

Our server is overloaded with TCP/IP sessions, we have 1200 - 1500 of them. Most of them are hanging in TIME_OUT state. It turns out that a connection in TIME_OUT state occupies a socket until 60 second time-out is elapsed. The problem is that the server gets unresponsive and many clients are not getting served. I have made a simple test: download an XML file from the server with Internet Explorer 8.0 The download finishes in a fraction of second. But then I see that the TCP/IP connection is hanging in TIME_OUT state for 60 seconds. Is there any way to get rid of TIME_OUT waiting or make it less to free the socket for new connections? I understand why TCP/IP connection enters TIME_OUT state, but I don't understand why Internet Explorer does not close the connection after the XML file download is over. The details. Our server runs web service written in Perl (mod-perl). The service provides weather data to clients. Client is a Flash appication (actually Flash ActiveX control embedded in Windows application). Apache "Keep Alive" option is set to 0

Read the article
Core jQuery event modification problem

- by DSKVR

I am attempting to overwrite a core jQuery event, in this case the keydown event. My intention is to preventDefault() functionality of Left(37), Up(38), Right(39) and Down(40) to maintain the consistency of hot keys in my web application. I am using the solution provided here for the conditional charCode preventDefault problem. For some reason, my function overwrite is simply not firing, and I cannot put my finger on the problem. I am afraid that over the past 30 minutes this issue has resulted in some hair loss. Anybody have the remedy? /* Modify Keydown Event to prevent default PageDown and PageUp functionality */ (function(){ var charCodes = new Array(37,38,39,40); var original = jQuery.fn.keydown; jQuery.fn.keydown = function(e){ var key=e.charCode ? e.charCode : e.keyCode ? e.keyCode : 0; alert('now why is my keydown mod not firing?'); if($.inArray(key,charCodes)) { alert('is one of them, do not scroll page'); e.preventDefault(); return false; } original.apply( this, arguments ); } })();

Read the article
.NET Web Service Proxy is adding special characters in XML

- by xkingpin

My web service proxy seems to be adding special characters like "*" and "#" etc. within the xml nodes. My proxy created lists using arrays of objects. I am trying to create a generic list and then doing list.ToArray() to set the proxy MyProxyObject[] object. Is this the cause of the problem I am having? I plan on running fiddler on the request later but it is over SSL and I do not have access to the URL at the moment. Here is an example of the XML that is generated: <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> * <soap:Body> o I'm a little concerned because the special characters are even occuring before the array nodes

Read the article
SSL_CTX_set_cert_verify_callback vs. SSL_CTX_set_verify

- by BreakPoint

Hello, Can anyone tell me what is the difference between SSL_CTX_set_cert_verify_callback and SSL_CTX_set_verify? From OpenSSL docs: SSL_CTX_set_cert_verify_callback() sets the verification callback function for ctx. SSL objects that are created from ctx inherit the setting valid at the time when SSL_new(3) is called. and: SSL_CTX_set_verify() sets the verification flags for ctx to be mode and specifies the verify_callback function to be used. If no callback function shall be specified, the NULL pointer can be used for verify_callback. So I'm trying to understand which callback to send for each one (from client side). Thanks experts.

Read the article
Remote application monitoring through Visual GC

- by Poole

I am trying to monitor an application available on remote machine using VisualVM & Visual GC. I have enabled the jmxremote on the remote side as follows: -Dcom.sun.management.jmxremote, -Dcom.sun.management.jmxremote.port=8888, -Dcom.sun.management.jmxremote.ssl=false, -Dcom.sun.management.jmxremote.authenticate=false While monitoring through VisualVM, everything runs fine but VisualGC doesn't displays any stats (getting Not Supported for this JVM error). While tried to monitor one local application, VisualGC runs fine... Got success with the remote app once started jstad on the remote jvm. Is this a known issue with VisualGC...? Remote JVM - 1.5 Local JVM - 1.6

Read the article

< Previous Page | 190 191 192 193 194 195 196 197 198 199 200 201 | Next Page >