Search Results

Search found 16365 results on 655 pages for 'auto login'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 246/655 | < Previous Page | 242 243 244 245 246 247 248 249 250 251 252 253  | Next Page >

  • Unable to sync custom authentication with RIA services in SL3 + RIA implementation

    - by Nair
    I am developing SL3 + RIA services with custom authentication. I followed the example in http://code.msdn.microsoft.com/RiaServices/Release/ProjectReleases.aspx?ReleaseId=2661 to implement custom authentication. Based on the implementation, you first do login request from client to service. This request is async process. Noe the client GUI will start to bind data to SL controls using RIA services, which requires the authentication to be successful (by adding [RequireAuthentication] attribute). The trouble is, since you requested login from the main process, while it is doing authentication, the page control takes over and starts to bind data using RIA services. But the problem is authentication is not completed yet thus which ever the first service method data binding hits will fail with 'Access denied'. Bottom line is GUI is will not wait for authentication to be completed to start the data binding. My question is how do you handle this situation? Thanks,

    Read the article

  • Error when logging in with Machinist in Shoulda test

    - by user303747
    I am having some trouble getting the right usage of Machinist and Shoulda in my testing. Here is my test: context "on POST method rating" do p = Product.make u = nil setup do u = login_as post :vote, :rating => 3, :id => p end should "set rating for product to 3" do assert_equal p.get_user_vote(u), 3 end And here's my blueprints: Sham.login { Faker::Internet.user_name } Sham.name { Faker::Lorem.words} Sham.email { Faker::Internet.email} Sham.body { Faker::Lorem.paragraphs(2)} User.blueprint do login password "testpass" password_confirmation { password } email end Product.blueprint do name {Sham.name} user {User.make} end And my authentication test helper: def login_as(u = nil) u ||= User.make() @controller.stubs(:current_user).returns(u) u end The error I get is: /home/jason/moderndarwin/vendor/rails/activerecord/lib/active_record/validations.rb:1090:in `save_without_dirty!': Validation failed: Login has already been taken, Email has already been taken (ActiveRecord::RecordInvalid) from /home/jason/moderndarwin/vendor/rails/activerecord/lib/active_record/dirty.rb:87:in `save_without_transactions!' from /home/jason/moderndarwin/vendor/rails/activerecord/lib/active_record/transactions.rb:200:in `save!' from /home/jason/moderndarwin/vendor/rails/activerecord/lib/active_record/connection_adapters/abstract/database_statements.rb:136:in `transaction' from /home/jason/moderndarwin/vendor/rails/activerecord/lib/active_record/transactions.rb:182:in `transaction' from /home/jason/moderndarwin/vendor/rails/activerecord/lib/active_record/transactions.rb:200:in `save!' from /home/jason/moderndarwin/vendor/rails/activerecord/lib/active_record/transactions.rb:208:in `rollback_active_record_state!' from /home/jason/moderndarwin/vendor/rails/activerecord/lib/active_record/transactions.rb:200:in `save!' from /usr/lib/ruby/gems/1.8/gems/machinist-1.0.6/lib/machinist/active_record.rb:55:in `make' from /home/jason/moderndarwin/test/blueprints.rb:37 from /usr/lib/ruby/gems/1.8/gems/machinist-1.0.6/lib/machinist.rb:77:in `generate_attribute_value' from /usr/lib/ruby/gems/1.8/gems/machinist-1.0.6/lib/machinist.rb:46:in `method_missing' from /home/jason/moderndarwin/test/blueprints.rb:37 from /usr/lib/ruby/gems/1.8/gems/machinist-1.0.6/lib/machinist.rb:20:in `instance_eval' from /usr/lib/ruby/gems/1.8/gems/machinist-1.0.6/lib/machinist.rb:20:in `run' from /usr/lib/ruby/gems/1.8/gems/machinist-1.0.6/lib/machinist/active_record.rb:53:in `make' from ./test/functional/products_controller_test.rb:25:in `__bind_1269805681_945912' from /home/jason/moderndarwin/vendor/gems/thoughtbot-shoulda-2.10.2/lib/shoulda/context.rb:293:in `call' from /home/jason/moderndarwin/vendor/gems/thoughtbot-shoulda-2.10.2/lib/shoulda/context.rb:293:in `merge_block' from /home/jason/moderndarwin/vendor/gems/thoughtbot-shoulda-2.10.2/lib/shoulda/context.rb:288:in `initialize' from /home/jason/moderndarwin/vendor/gems/thoughtbot-shoulda-2.10.2/lib/shoulda/context.rb:169:in `new' from /home/jason/moderndarwin/vendor/gems/thoughtbot-shoulda-2.10.2/lib/shoulda/context.rb:169:in `context' from ./test/functional/products_controller_test.rb:24 I can't figure out what it is I'm doing wrong... I have tested the login_as with my auth (Authlogic) in my user_controller testing. Any pointers in the right direction would be much appreciated!

    Read the article

  • WPF DataGrid does not scoll on drag

    - by Greg R
    I have a strange problem with a WPF DataGrid from WPF Toolkit. The scrollbars appear correctly when the number of rows grows, and the scrolling works when you press up or down arrows on the scrollbar. The problem comes in when I try to drag the scrollbar on the datagrid. My page has a scroll viewer around it. When I click and drag the scrollbar on the grid, it scrolls the page scroller instead. If the scrollbar does not apear on the page, there grid still does not scroll. Is there a workaround for this??? Would really appreciate some help with this issue! For example, in this case if the page is < 280, it scrolls on drag. But drag scrolling does not work on the grid. <ScrollViewer ScrollViewer.IsDeferredScrollingEnabled="True" HorizontalScrollBarVisibility="Auto" VerticalScrollBarVisibility="Auto" > <DockPanel> <dg:DataGrid HorizontalScrollBarVisibility="Auto" SelectionMode="Single" CanUserAddRows="False" CanUserDeleteRows="False" CanUserResizeColumns="False" CanUserSortColumns="False" AutoGenerateColumns="False" RowHeaderWidth="17" ItemsSource="{Binding Path=OrderSearchVm}" IsReadOnly="True" MaxHeight="280" DockPanel.Dock="Top"> <dg:DataGrid.Columns> <dg:DataGridTextColumn Width="75" Header="Date" Binding="{Binding Path=OrderDate}" > <dg:DataGridTextColumn.ElementStyle> <Style TargetType="{x:Type TextBlock}"> <Setter Property="TextWrapping" Value="Wrap" /> </Style> </dg:DataGridTextColumn.ElementStyle> </dg:DataGridTextColumn> <dg:DataGridTextColumn Header="Type" Binding="{Binding Path=OrderType}" Width="45"/> <dg:DataGridTextColumn Header="Shipping Name" Binding="{Binding Path=ShipToName}" Width="115"> <dg:DataGridTextColumn.ElementStyle> <Style TargetType="{x:Type TextBlock}"> <Setter Property="TextWrapping" Value="Wrap" /> </Style> </dg:DataGridTextColumn.ElementStyle> </dg:DataGridTextColumn> <dg:DataGridTextColumn Header="Shipping Address " Binding="{Binding Path=ShipToAddress}" Width="160"> <dg:DataGridTextColumn.ElementStyle> <Style TargetType="{x:Type TextBlock}"> <Setter Property="TextWrapping" Value="Wrap" /> </Style> </dg:DataGridTextColumn.ElementStyle> </dg:DataGridTextColumn> <dg:DataGridTextColumn Header="E-Mail" Binding="{Binding Path=Email}" Width="140"> <dg:DataGridTextColumn.ElementStyle> <Style TargetType="{x:Type TextBlock}"> <Setter Property="TextWrapping" Value="Wrap" /> </Style> </dg:DataGridTextColumn.ElementStyle> </dg:DataGridTextColumn> </dg:DataGrid.Columns> </dg:DataGrid> </DockPanel> </ScrollViewer>

    Read the article

  • Using C# WATIN, how do I get the value of a INPUT tag html element?

    - by djangofan
    Using C# WATIN, how do I get the value of the second occurence of a INPUT tag html element on a page? I've tried a whole bunch of things and haven't succeeded. The debugger isn't giving me any obvious way to get element[1] among the 4 that returned. Console.WriteLine(ie.Element(Find.ByClass("myclass")).GetAttributeValue("value") ) ; // works but prints the value of the 1st of 4 input elements on the page Console.WriteLine(ie.ElementsWithTag("input", "text").Length.ToString() ); // returns the number 4 Console.WriteLine( ie.Element(Find.ByName("login")).GetAttributeValue("value") ); // works but its not safe since its possible there might be two elements with the name login Basically, I want to be able to select the input element by its array index.

    Read the article

  • Facebook Graph Api doesn't redirect to my callback

    - by Pentium10
    I am following the steps to do the authorization as described here, but I am not redirected to my callback url. I get the following five steps after calling the first one: https://graph.facebook.com/oauth/authorize?display=touch&client_id=...&redirect_uri=... https://www.facebook.com/connect/uiserver.php?display=touch&client_id=...&redirect_uri=...&next=https://graph.facebook.com/oauth/authorize_success?display=touch&client_id=...&redirect_uri=...&type=web_server&cancel_url=https://graph.facebook.com/oauth/authorize_cancel?display=touch&client_id=...&redirect_uri=...&method=permissions.request&return_session=1 http://www.facebook.com/ http://touch.facebook.com/?w2m http://touch.facebook.com/login.php?next=http://touch.facebook.com/?w2m&cancel=http://touch.facebook.com/?w2m&fbconnect=0&r39c26cf0&refid=108 As you see the 5th steps just displays the login screen. If I log in, or I am already logged in I am presented with the home page. I use my application key, and the connect url of the app I've setup in FB Developers page. What I am doing wrong, why I am not redirected to my url?

    Read the article

  • Unable to set cookie in response header (newcookie doesn't show in external browser) : Jersey jax-rs

    - by Pankhuri
    I am trying to set a session cookie from server side : import javax.ws.rs.core.NewCookie; import javax.ws.rs.core.Response; public class Login { @POST @Produces("application/json") @Consumes("application/json") public Response login (String RequestPacket){ NewCookie cookie=null; CacheControl cc=new CacheControl(); cookie = LoginBO.validUser(RequestPacket); cc.setNoCache(true); if(cookie.getValue()!=null) return Response.ok("welcome "+cookie.getValue()).cookie(cookie).cacheControl(cc).build(); else return Response.status(404).entity("Invalid User").build(); } } In eclipse browser: on the client side (using gxt for that) when I print header i get the Set-Cookie field. which is expected. But the browser is not storing the cookie. in external browser: the header doesn't have any set-cookie field. Should I use HTTPServletResponse? But shouldn't the javax.ws.rs.core.Response work as well?

    Read the article

  • Problem with the nonresponding threads

    - by Oxygen
    Hello there, I have a web application which runs multiple threads on button click each thread making IO call on different ipAddresses ie(login windows account and then making file operations). There is a treshold value of 30 seconds. I assume that while login attempt if the treshold is exceeded, device on ipAddress does not match my conditions thus I dont care it. Thread.Abort() does not fit my situation where it waits for the IO call to finish which might take long time. I tried doing the db operations acording to states of the threads right after the treshold timeout. It worked fine but when I checked out the log file, I noticed that the thread.IsAlive property of the nonresponding threads were still true. After several debuggings on my local pc, I encountered a possible deadlock situation (which i suspect) that my pc crashed badly. In short, do you have any idea about killing (forcefully) nonresponding threads (waiting for the IO opreation) right after the execution of the button_click? (PS: I am not using the threadpool) Oguzhan

    Read the article

  • Building Eclipse RCP application, running fails

    - by Raven
    Hi, after successfully building my application the start fails because it relies on config files which are located in the META-INF directory and after the build this directory is zipped into a jar file, hence making it unable to access the config files. After manually unzipping the jar, deleting the jar and renaming the directory with xxx.jar the program runs without a problem. The config files are needed for SSO login (Kerberos). Here is the code: Bundle bundle = Platform.getBundle(Application.PLUGIN_ID); String path; try { path = new URL(bundle.getLocation().substring(18)).getPath(); } catch (MalformedURLException e1) { System.out.println(e1); path=""; } System.setProperty("java.security.auth.login.config",path+"META-INF/jaas-win.config"); Path variable contains something like "plugin/mydomain.pluginame-xxxx.jar/" But it seems that the System needs the jar unzipped. That am I doing wrong building the app? Thanks

    Read the article

  • How to add limit option in Magento API call.

    - by ritesh
    I am creating web service for my store. I am using magento API to collect product list from store. But it display all the 500 records. And i want it 25 records per page. What to add in API call? Or What filter will be apply for this? //create soap object $proxy = new SoapClient('http://localhsot/magento/api/soap/?wsdl'); // create authorized session id using api user name and api key // $sessionId = $proxy->login('apiUser', 'apiKey'); $sessionId = $proxy->login('test_admin', '12345678'); $filters = array( ); // Get list of product $productlist = $proxy->call($sessionId, 'product.list', array($filters)); print_r($productlist );

    Read the article

  • FB Init - reloadIfSessionStateChanged is not working

    - by Naresh
    Can some one plz tell me whats wrong with below code. After i login it doesnt do anything ... neither reloading the page nor setting the login FB cookies. Its a simple code but i'm not sure what i'm doing wrong. <script type="text/javascript" src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php"></script> <script type="text/javascript"> FB.init(FB_API_KEY, "xd_receiver.htm",{"reloadIfSessionStateChanged":true}); </script> <a href='#' onclick='FB.Connect.requireSession(); return false;'> <img id='fb_login_image' src='fblogin.jpg' alt='Connect' /> </a>

    Read the article

  • What's the mobileish connect url of Facebook connect?

    - by Pentium10
    I use the following URL setting to authorize Facebook login. But the page for Application Authorization is webish, and not mobileish. webview .loadUrl("http://www.connect.facebook.com/login.php?return_session=1&nochrome=1&fbconnect=1&extern=2&connect_display=popup&api_key=" + FConnect.API_KEY + "&v=1.0&next=" + FConnect.SUCCESS_URL + "%3Ffb_login%26fname%3D_opener&cancel_url=" + FConnect.CANCEL_URL + "%23fname%3D_opener%26%257B%2522t%2522%253A3%252C%2522h%2522%253A%2522fbCancelLogin%2522%252C%2522sid%2522%253A%25220.741%2522%257D&channel_url=" + FConnect.XD_RECEIVER); As you see this is webish, as I had to scroll to the middle, Do you know the address to get a mobileish App authorization page?

    Read the article

  • Java JPA Hibernate Spring @EntityListeners throws org.springframework.dao.DataIntegrityViolationException

    - by user
    I am using Spring 3 with Hibernate 3. I would like to update the last modification date automatically when an entity is updated. Below is the sample code: HibernateConfig: @Configuration public class HibernateConfig { @Bean public DataSource dataSource() throws Exception { DriverManagerDataSource dataSource = new DriverManagerDataSource(); Properties properties = new Properties(); properties.load(ClassLoader.getSystemResourceAsStream(new String("hibernate.properties"))); dataSource.setUrl(properties.getProperty(new String("jdbc.url"))); dataSource.setUsername(properties.getProperty(new String("jdbc.username"))); dataSource.setPassword(properties.getProperty(new String("jdbc.password"))); dataSource.setDriverClassName(properties.getProperty(new String("jdbc.driverClassName"))); return dataSource; } @Bean public AnnotationSessionFactoryBean sessionFactory() throws Exception { AnnotationSessionFactoryBean sessionFactory = new AnnotationSessionFactoryBean(); Properties hibernateProperties = new Properties(); Properties properties = new Properties(); properties.load(ClassLoader.getSystemResourceAsStream(new String("hibernate.properties"))); // set the Hibernate Properties hibernateProperties.setProperty(new String("hibernate.dialect"), properties.getProperty(new String("hibernate.dialect"))); hibernateProperties.setProperty(new String("hibernate.show_sql"), properties.getProperty(new String("hibernate.show_sql"))); hibernateProperties.setProperty(new String("hibernate.hbm2ddl.auto"), properties.getProperty(new String("hibernate.hbm2ddl.auto"))); sessionFactory.setDataSource(dataSource()); sessionFactory.setHibernateProperties(hibernateProperties); sessionFactory.setAnnotatedClasses(new Class[]{Message.class}) return sessionFactory; } @Bean public HibernateTemplate hibernateTemplate() throws Exception { HibernateTemplate hibernateTemplate = new HibernateTemplate(); hibernateTemplate.setSessionFactory(sessionFactory().getObject()); return hibernateTemplate; } } DAOConfig: @Configuration public class DAOConfig { @Autowired private HibernateConfig hibernateConfig; @Bean public MessageDAO messageDAO() throws Exception { MessageDAO messageDAO = new MessageHibernateDAO(hibernateConfig.hibernateTemplate()); return messageDAO; } } Message: import java.util.Date; import javax.persistence.Column; import javax.persistence.Entity; import javax.persistence.EntityListeners; import javax.persistence.Table; import javax.persistence.Temporal; import javax.persistence.TemporalType; import java.io.Serializable; import javax.persistence.Column; import javax.persistence.GeneratedValue; import javax.persistence.GenerationType; import javax.persistence.Id; @Entity @Table @EntityListeners(value = MessageListener.class) public class Message implements Serializable { @Id @GeneratedValue(strategy = GenerationType.AUTO) @Column private int id; @Column(nullable = false) @Temporal(TemporalType.TIMESTAMP) private Date lastMod; public Message() { } public int getId() { return id; } public void setId(int id) { this.id = id; } public Date getLastMod() { return lastMod; } public void setLastMod(Date lastMod) { this.lastMod = lastMod; } } MessageListener: import java.util.Date; import javax.persistence.PrePersist; import javax.persistence.PreUpdate; import org.springframework.stereotype.Component; @Component public class MessageListener { @PrePersist @PreUpdate public void setLastMod(Message message) { message.setLastMod(new Date()); } } When running this the MessageListener is not being invoked. I use a DAO design pattern and when calling dao.update(Message) it throws the following Exception: org.springframework.dao.DataIntegrityViolationException: not-null property references a null or transient value: com.persistence.entities.MessageStatus.lastMod; nested exception is org.hibernate.PropertyValueException: not-null property references a null or transient value: com.persistence.entities.Message.lastMod at org.springframework.orm.hibernate3.SessionFactoryUtils.convertHibernateAccessException(SessionFactoryUtils.java:665) at org.springframework.orm.hibernate3.HibernateAccessor.convertHibernateAccessException(HibernateAccessor.java:412) at org.springframework.orm.hibernate3.HibernateTemplate.doExecute(HibernateTemplate.java:411) at org.springframework.orm.hibernate3.HibernateTemplate.executeWithNativeSession(HibernateTemplate.java:374) at org.springframework.orm.hibernate3.HibernateTemplate.save(HibernateTemplate.java:683) at com.persistence.dao.hibernate.GenericHibernateDAO.save(GenericHibernateDAO.java:38) Having looked at a number of websites there seems not to be a solution.

    Read the article

  • set focus in unfilled edittext how can implemented android application

    - by narasimha
    hi I am implementing one application gust i am adding validations in login page implemented then two fields required username and password button login i am applying validations then focus are not getting then set focus in unfilled edittext if(Username.contentEquals("")) { > Toast.makeText(LBS.this, "Please enter > username ",Toast.LENGTH_SHORT).show(); > } else { if( pwd.contentEquals("")) > Toast.makeText(LBS.this, "Please enter > password ",Toast.LENGTH_SHORT).show(); > else > try { ........................... } not filling username then filling password then username entered some toast displayed fine focus are entered in username edittext this is the problem how can implemented focus in unfilled username

    Read the article

  • Ubuntu 9.10 and Squid 2.7 Transparent Proxy TCP_DENIED

    - by user298814
    Hi, We've spent the last two days trying to get squid 2.7 to work with ubuntu 9.10. The computer running ubuntu has two network interfaces: eth0 and eth1 with dhcp running on eth1. Both interfaces have static ip's, eth0 is connected to the Internet and eth1 is connected to our LAN. We have followed literally dozens of different tutorials with no success. The tutorial here was the last one we did that actually got us some sort of results: http://www.basicconfig.com/linuxnetwork/setup_ubuntu_squid_proxy_server_beginner_guide. When we try to access a site like seriouswheels.com from the LAN we get the following message on the client machine: ERROR The requested URL could not be retrieved Invalid Request error was encountered while trying to process the request: GET / HTTP/1.1 Host: www.seriouswheels.com Connection: keep-alive User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/532.9 (KHTML, like Gecko) Chrome/5.0.307.11 Safari/532.9 Cache-Control: max-age=0 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,/;q=0.5 Accept-Encoding: gzip,deflate,sdch Cookie: __utmz=88947353.1269218405.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); __qca=P0-1052556952-1269218405250; __utma=88947353.1027590811.1269218405.1269218405.1269218405.1; __qseg=Q_D Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Some possible problems are: Missing or unknown request method. Missing URL. Missing HTTP Identifier (HTTP/1.0). Request is too large. Content-Length missing for POST or PUT requests. Illegal character in hostname; underscores are not allowed. Your cache administrator is webmaster. Below are all the configuration files: /etc/squid/squid.conf, /etc/network/if-up.d/00-firewall, /etc/network/interfaces, /var/log/squid/access.log. Something somewhere is wrong but we cannot figure out where. Our end goal for all of this is the superimpose content onto every page that a client requests on the LAN. We've been told that squid is the way to do this but at this point in the game we are just trying to get squid setup correctly as our proxy. Thanks in advance. squid.conf acl all src all acl manager proto cache_object acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 acl localnet src 192.168.0.0/24 acl SSL_ports port 443 # https acl SSL_ports port 563 # snews acl SSL_ports port 873 # rsync acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl Safe_ports port 631 # cups acl Safe_ports port 873 # rsync acl Safe_ports port 901 # SWAT acl purge method PURGE acl CONNECT method CONNECT http_access allow manager localhost http_access deny manager http_access allow purge localhost http_access deny purge http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost http_access allow localnet http_access deny all icp_access allow localnet icp_access deny all http_port 3128 hierarchy_stoplist cgi-bin ? cache_dir ufs /var/spool/squid/cache1 1000 16 256 access_log /var/log/squid/access.log squid refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern (Release|Package(.gz)*)$ 0 20% 2880 refresh_pattern . 0 20% 4320 acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9] upgrade_http0.9 deny shoutcast acl apache rep_header Server ^Apache broken_vary_encoding allow apache extension_methods REPORT MERGE MKACTIVITY CHECKOUT cache_mgr webmaster cache_effective_user proxy cache_effective_group proxy hosts_file /etc/hosts coredump_dir /var/spool/squid access.log 1269243042.740 0 192.168.1.11 TCP_DENIED/400 2576 GET NONE:// - NONE/- text/html 00-firewall iptables -F iptables -t nat -F iptables -t mangle -F iptables -X echo 1 | tee /proc/sys/net/ipv4/ip_forward iptables -t nat -A POSTROUTING -j MASQUERADE iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128 networking auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 142.104.109.179 netmask 255.255.224.0 gateway 142.104.127.254 auto eth1 iface eth1 inet static address 192.168.1.100 netmask 255.255.255.0

    Read the article

  • Spring security request matcher is not working with regex

    - by Felipe Cardoso Martins
    Using Spring MVC + Security I have a business requirement that the users from SEC (Security team) has full access to the application and FRAUD (Anti-fraud team) has only access to the pages that URL not contains the words "block" or "update" with case insensitive. Bellow, all spring dependencies: $ mvn dependency:tree | grep spring [INFO] +- org.springframework:spring-webmvc:jar:3.1.2.RELEASE:compile [INFO] | +- org.springframework:spring-asm:jar:3.1.2.RELEASE:compile [INFO] | +- org.springframework:spring-beans:jar:3.1.2.RELEASE:compile [INFO] | +- org.springframework:spring-context:jar:3.1.2.RELEASE:compile [INFO] | +- org.springframework:spring-context-support:jar:3.1.2.RELEASE:compile [INFO] | \- org.springframework:spring-expression:jar:3.1.2.RELEASE:compile [INFO] +- org.springframework:spring-core:jar:3.1.2.RELEASE:compile [INFO] +- org.springframework:spring-web:jar:3.1.2.RELEASE:compile [INFO] +- org.springframework.security:spring-security-core:jar:3.1.2.RELEASE:compile [INFO] | \- org.springframework:spring-aop:jar:3.0.7.RELEASE:compile [INFO] +- org.springframework.security:spring-security-web:jar:3.1.2.RELEASE:compile [INFO] | +- org.springframework:spring-jdbc:jar:3.0.7.RELEASE:compile [INFO] | \- org.springframework:spring-tx:jar:3.0.7.RELEASE:compile [INFO] +- org.springframework.security:spring-security-config:jar:3.1.2.RELEASE:compile [INFO] +- org.springframework.security:spring-security-acl:jar:3.1.2.RELEASE:compile Bellow, some examples of mapped URL path from spring log: Mapped URL path [/index] onto handler 'homeController' Mapped URL path [/index.*] onto handler 'homeController' Mapped URL path [/index/] onto handler 'homeController' Mapped URL path [/cellphone/block] onto handler 'cellphoneController' Mapped URL path [/cellphone/block.*] onto handler 'cellphoneController' Mapped URL path [/cellphone/block/] onto handler 'cellphoneController' Mapped URL path [/cellphone/confirmBlock] onto handler 'cellphoneController' Mapped URL path [/cellphone/confirmBlock.*] onto handler 'cellphoneController' Mapped URL path [/cellphone/confirmBlock/] onto handler 'cellphoneController' Mapped URL path [/user/update] onto handler 'userController' Mapped URL path [/user/update.*] onto handler 'userController' Mapped URL path [/user/update/] onto handler 'userController' Mapped URL path [/user/index] onto handler 'userController' Mapped URL path [/user/index.*] onto handler 'userController' Mapped URL path [/user/index/] onto handler 'userController' Mapped URL path [/search] onto handler 'searchController' Mapped URL path [/search.*] onto handler 'searchController' Mapped URL path [/search/] onto handler 'searchController' Mapped URL path [/doSearch] onto handler 'searchController' Mapped URL path [/doSearch.*] onto handler 'searchController' Mapped URL path [/doSearch/] onto handler 'searchController' Bellow, a test of the regular expressions used in spring-security.xml (I'm not a regex speciality, improvements are welcome =]): import java.util.Arrays; import java.util.List; public class RegexTest { public static void main(String[] args) { List<String> pathSamples = Arrays.asList( "/index", "/index.*", "/index/", "/cellphone/block", "/cellphone/block.*", "/cellphone/block/", "/cellphone/confirmBlock", "/cellphone/confirmBlock.*", "/cellphone/confirmBlock/", "/user/update", "/user/update.*", "/user/update/", "/user/index", "/user/index.*", "/user/index/", "/search", "/search.*", "/search/", "/doSearch", "/doSearch.*", "/doSearch/"); for (String pathSample : pathSamples) { System.out.println("Path sample: " + pathSample + " - SEC: " + pathSample.matches("^.*$") + " | FRAUD: " + pathSample.matches("^(?!.*(?i)(block|update)).*$")); } } } Bellow, the console result of Java class above: Path sample: /index - SEC: true | FRAUD: true Path sample: /index.* - SEC: true | FRAUD: true Path sample: /index/ - SEC: true | FRAUD: true Path sample: /cellphone/block - SEC: true | FRAUD: false Path sample: /cellphone/block.* - SEC: true | FRAUD: false Path sample: /cellphone/block/ - SEC: true | FRAUD: false Path sample: /cellphone/confirmBlock - SEC: true | FRAUD: false Path sample: /cellphone/confirmBlock.* - SEC: true | FRAUD: false Path sample: /cellphone/confirmBlock/ - SEC: true | FRAUD: false Path sample: /user/update - SEC: true | FRAUD: false Path sample: /user/update.* - SEC: true | FRAUD: false Path sample: /user/update/ - SEC: true | FRAUD: false Path sample: /user/index - SEC: true | FRAUD: true Path sample: /user/index.* - SEC: true | FRAUD: true Path sample: /user/index/ - SEC: true | FRAUD: true Path sample: /search - SEC: true | FRAUD: true Path sample: /search.* - SEC: true | FRAUD: true Path sample: /search/ - SEC: true | FRAUD: true Path sample: /doSearch - SEC: true | FRAUD: true Path sample: /doSearch.* - SEC: true | FRAUD: true Path sample: /doSearch/ - SEC: true | FRAUD: true Tests Scenario 1 Bellow, the important part of spring-security.xml: <security:http entry-point-ref="entryPoint" request-matcher="regex"> <security:intercept-url pattern="^.*$" access="ROLE_SEC" /> <security:intercept-url pattern="^(?!.*(?i)(block|update)).*$" access="ROLE_FRAUD" /> <security:access-denied-handler error-page="/access-denied.html" /> <security:form-login always-use-default-target="false" login-processing-url="/doLogin.html" authentication-failure-handler-ref="authFailHandler" authentication-success-handler-ref="authSuccessHandler" /> <security:logout logout-url="/logout.html" success-handler-ref="logoutSuccessHandler" /> </security:http> Behaviour: FRAUD group **can't" access any page SEC group works fine Scenario 2 NOTE that I only changed the order of intercept-url in spring-security.xml bellow: <security:http entry-point-ref="entryPoint" request-matcher="regex"> <security:intercept-url pattern="^(?!.*(?i)(block|update)).*$" access="ROLE_FRAUD" /> <security:intercept-url pattern="^.*$" access="ROLE_SEC" /> <security:access-denied-handler error-page="/access-denied.html" /> <security:form-login always-use-default-target="false" login-processing-url="/doLogin.html" authentication-failure-handler-ref="authFailHandler" authentication-success-handler-ref="authSuccessHandler" /> <security:logout logout-url="/logout.html" success-handler-ref="logoutSuccessHandler" /> </security:http> Behaviour: SEC group **can't" access any page FRAUD group works fine Conclusion I did something wrong or spring-security have a bug. The problem already was solved in a very bad way, but I need to fix it quickly. Anyone knows some tricks to debug better it without open the frameworks code? Cheers, Felipe

    Read the article

  • Check ReturnUrl is valid before redirecting

    - by Josh
    I'm using ASP.NET Membership and Form Authentication and before redirecting to the returnURL I wanted to validate it. For those unfamiliar with the workflow, basically if you request a page that requires that you are authenticated, you are redirected to a login page. In the URL string you'll see a parameter called returnURL, e.g. http://example.com/login.aspx?ReturnUrl=%2fprotected%2fdefault.aspx Whether you use this in a redirect such as Response.Redirect(returnURL) or indirectly through the FormsAuthentication.RedirectFromLoginPage method, it passes without validating returnURL. FormsAuthentication.RedirectFromLoginPage does have a security check that it is isn't leaving the domain, but that still doesn't stop someone from putting enough random characters to cause an error. I tried using System.IO.File.Exists(Server.MapPath(returnURL)) but given enough illegal characters it cause Server.MapPath to error. Note: URLEncoding doesn't work because we are not cleaning a parameter, but the primary URL. Any other suggestions for validating or cleaning the returnURL value?

    Read the article

  • aspnet membeship logon page and https redirect

    - by DefSol
    Hello, I have a gridview control that has on onclick event bound to every cell. Once a user clicks on a cell it directs them to a booking confirmation page and passes 3 url variables. This booking page is behind a aspnet membership and thus if the user is not logged in they are served the login page. The login page has a redirect to https connection in the onload event using the IsSecure property. The issue is once the user logs in, then is returned to the booking confirmation page I lose 2 of the url vars. If I remove the https redirect, everything works fine, but the user logs on on a http connection, which is not cool. Appreciate and help thanks Reuben

    Read the article

  • How to use the md5 hash?

    - by Ken
    Okay, so I'm learning php, html, and mysql to learn website development (for fun). One thing I still don't get is how to use md5 of sha1 hashes. I know how to hash the plain text, but say I want to make a login page. Since the password is hashed and can't be reversed, how would mysql know that the user-inserted password matches the hashed password in the database? Here is what I mean: $password = md5($_POST['password']); $query = ("INSERT INTO `users`.`data` (`password`) VALUES ('$password')"); I know that this snippet of script hashes the password, but how would I use this piece of code and make a login page? Any working examples would be great.

    Read the article

  • Issue passing NSMutableDictionary to a method

    - by roswell
    Hello all, I've got a chunk of code that's passing an NSMutableDictionary (amongst other things) to a method in another class: [self.shuttle makeAPICallAndReturnResultsUsingMode:@"login" module:@"login" query:credentials]; The NSMutableArray credentials is previously defined like this: NSMutableDictionary *credentials = [[NSMutableDictionary alloc] init]; [credentials setObject:username forKey:@"username"]; [credentials setObject:password forKey:@"password"]; The method that receives it looks like this: -(id)makeAPICallAndReturnResultsUsingMode:(NSString *)mode module:(NSString *)module query:(NSMutableDictionary *)query The code works fine up until this point within the above method: [query setObject:self.sessionID forKey:@"session_id"]; At this point, the application terminates -- the console informs me of this exception: * Terminating app due to uncaught exception 'NSInvalidArgumentException', reason: '* -[NSCFDictionary setObject:forKey:]: method sent to an uninitialized mutable dictionary object' This leads me to believe that I must initialize NSMutableDictionary in some way in my new method before I can access it, but I have no idea how. Any advice?

    Read the article

  • Asp.net override Membership settings at runtime (asp.net mvc)

    - by minal
    I had an application that hooked onto 1 single database. The app now needs to hook into multiple databases. What we want to do is, using the same application/domain/hostname/virtual dir give the user the option on the login screen to select the "App/Database" they want to connect into. Each database has the App tables/data/procs/etc as well as the aspnet membership/roles stuff. When the user enters the username/password and selects (select list) the application, I want to validate the user against the selected applications database. Presently the database connection string for membership services is saved in the web.config. Is there any way I can override this at login time? Also, I need the "remember me" function to work smoothly as well. How does this work when the user comes back to the app in 5 hours... This process should be able to identify the user and application and log in appropriately.

    Read the article

  • Request builder call not returning when using ssl(https)

    - by Zeeshan Khan
    Hi , I am using GWT. Currently using gwt-rpc to for login authentication. For only login purpose i want to use ssl(https) and so instead of using gwt-rpc i am trying Request Builder and calling a servlet with https. When in Servlet URL i use protocol as http the request builder works perfectly and response returns to client side(onResponseReceived ). but when i use https in the servlet url then the servlet is gettting called but the response is not returning to the onResponseReceived method of request builder. my url with http looks like : http://localhost:8888/myproject/myservlet and with https it looks like :https://localhost/myproject/myservlet Please give any suggestion or is there any other way to do it.and also is it possible to use ssl over gwt-rpc.

    Read the article

  • Getting Started with CacheMoney

    - by Matt Grande
    I recently installed cache-money. After some difficulties getting memcached and cache-money set up, I thought I had it working. It cached the one query on my login page fine. I login, and go to my message index page and get this error: indices delegated to @cache_config.indices, but @cache_config is nil: Slug(id: integer, name: string, sluggable_id: integer, sequence: integer, sluggable_type: string, scope: string, created_at: datetime) Searching for the first part of that error message returns 0 hits on Google, so I'm at a loss on where to even begin. Any suggestions?

    Read the article

  • How to programmatically answer "Yes" to WebBrowser control security alert

    - by ih8ie8
    I am using WebBrowser control to programmatically access a single website, but whenever I login, I receive this certificate security alert: Since I trust that website and since I need to programmatically automate the login as well, this dialog box gets in the way. I searched SO for a solution and found a question similar to mine, but the accepted answer does not work! I defined a static member in the form that contains the WebControl: public static bool ValidateServerCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) { return true; } In my form's constructor I added: ServicePointManager.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback(ValidateServerCertificate); But that didn't get rid of the certificate security alert. Is there any way to get rid of this warning? Is there an IE equivalent to Firefox's Add Security Exception??? Note: The owner's certificate works perfectly fine (without exhibiting this security alert) with standalone browsers (IE, FF, Chrome, Safari). It only exhibits the problem with the WebBroswer control.

    Read the article

  • Windows Service Webbrowser object invalid cast exception error

    - by Sam Youtsey
    Hi all, I'm having a bit of trouble with a Windows Service webbrowser object. It's attempting to load in values of username and password to a site but keeps failing and throwing the following error: System.InvalidCastException: Specified cast is not valid. at System.Windows.Forms.UnsafeNativeMethods.IHTMLDocument2.GetLocation() at System.Windows.Forms.WebBrowser.get_Document() at MyWindowsService.MyDataProcessor.login() The code that I'm using to make this call is: MyWebBrowser.Document.All["Login"].SetAttribute("Value", username); MyWebBrowser.Document.All["Password"].SetAttribute("Value", password); MyWebBrowser.Document.All["submit"].InvokeMember("Click"); Any ideas as to why it keeps failing? Thanks in advance for the help.

    Read the article

  • IPhone App Signing: A valid signing identity matching this profile could not be found in your keycha

    - by Ben Reeves
    I'm pulling my hair out over this. I just downloaded the iphone 3.0 SDK, but now I can't get my provisioning profiles to work. Here is what I have tried: Delete all provisioning profiles Delete login keychain Create new "login" keychain, make it default Create a new cert signing request Create new developer and distribution certs in the apple developer center Download and install them Download the WWDR cert and install it Create a new provisioning profile and double click it to install All the certificates report as valid, but xcode still won't recognize them. Anyone got any ideas? Thanks Edit: I completely re-installed osx and from a fresh install installed the 3.0 sdk and still the same problem.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 242 243 244 245 246 247 248 249 250 251 252 253  | Next Page >