Search Results

Search found 13256 results on 531 pages for 'password policy'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 338/531 | < Previous Page | 334 335 336 337 338 339 340 341 342 343 344 345  | Next Page >

  • Download HTML content that require authorization?

    - by NVA
    I use WebClient from System.Net Namespace of Visual Studio 2008 to download the HTML content. It done well with normal website but with some 4rum that require authorization such as warez-bb.org, it always return the HTML of the login page. I wonder if there is a way to send the username and password to the WebClient?

    Read the article

  • Xcode App Crash-When connecting to the ODATA services [on hold]

    - by user3685677
    Can someone help me resolving the following issue: When trying to connect from iPad app to SAP ECC system through ODATA channel services via SUP, it is allowing me to login for the first time and could retrieve the data successfully from SAP system. But when I logout and try logging in again with the same session, application gets crashed. Below is the crash report for your reference. I am using SDM Parser to connect the SAP system. SDMODataServiceDocumentParser *sdmDocParser = [[SDMODataServiceDocumentParser alloc] init]; [sdmDocParser parse:aServiceDocument]; m_serviceDocument = sdmDocParser.serviceDocument; //Load the object with metadata xml: SDMODataMetaDocumentParser *sdmMetadataParser = [[SDMODataMetaDocumentParser alloc] initWithServiceDocument:m_serviceDocument]; [sdmMetadataParser parse:aMetadata]; After initiated the service, setting the URL. [service setServiceDocumentUrl:m_serviceDocumentURL]; Using SDMconnectivityhelper to connect the URL id<SDMRequesting> serviceDocumentRequest2 = [connectivityHelper executeBasicSyncRequestWithQuery3:[[ODataQuery alloc]initWithURL:[NSURL URLWithString:encodedStrUrl]]] ; - (id <SDMRequesting>)executeBasicSyncRequestWithQuery3:(ODataQuery *)aQuery { id<SDMRequesting> request = [self createRequestWithQuery:aQuery]; [request setTimeOutSeconds:TIMEOUT_SEC]; [request setRequestMethod:@"GET"]; [request addRequestHeader:@"Content-Type" value:@"application/xml"]; [request startSynchronous];**[App getting CRASH in this line]** return request; } - (id <SDMRequesting>)createRequestWithQuery:(ODataQuery *)aQuery { if (isSUPMode) { [SDMRequestBuilder setRequestType:SUPRequestType]; } else { [SDMRequestBuilder setRequestType:HTTPRequestType]; } id <SDMRequesting> request = [SDMRequestBuilder requestWithURL:aQuery.URL]; request.username = self.username; request.password = self.password; return request; } Crash Report:- Incident Identifier: 347511BA-5F7F-45D4-8662-D5DCD2F88EA7 CrashReporter Key: 9a4d38cf19b1a94476eb6b2170d4f56678d6ca60 Hardware Model: iPad3,4 Path: /var/mobile/Applications/F38AD64F-03F8-4A21- Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Subtype: KERN_INVALID_ADDRESS at 0x00000000 Triggered by Thread: 0 Thread 0 Crashed: 0 libsystem_platform.dylib 0x393a94c0 _platform_memmove$VARIANT $Swift + 160 1 Eby Sales Order 0x0015a2c8 0xb7000 + 668360 2 Eby Sales Order 0x0015a8b8 0xb7000 + 669880 3 Eby Sales Order 0x003331ee 0xb7000 + 2605550 4 Eby Sales Order 0x0031856e 0xb7000 + 2495854 5 Eby Sales Order 0x00338454 0xb7000 + 2626644 6 Eby Sales Order 0x000e6ad8 0xb7000 + 195288 7 Eby Sales Order 0x000e99a0 0xb7000 + 207264 8 Eby Sales Order 0x000ea442 0xb7000 + 209986 9 Eby Sales Order 0x000eb0d6 0xb7000 + 213206 10 Eby Sales Order 0x000c13d0 0xb7000 + 41936 11 Foundation 0x2ec93112 __NSFireDelayedPerform + 410 12 CoreFoundation 0x2e27ef4c __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ + 12 13 CoreFoundation 0x2e27eb66 __CFRunLoopDoTimer + 790 14 CoreFoundation 0x2e27ceee __CFRunLoopRun + 1214 15 CoreFoundation 0x2e1e7764 CFRunLoopRunSpecific + 520 16 CoreFoundation 0x2e1e7546 CFRunLoopRunInMode + 102 17 GraphicsServices 0x331216ce GSEventRunModal + 134 18 UIKit 0x30b4688c UIApplicationMain + 1132 19 Eby Sales Order 0x000bd8da 0xb7000 + 26842 20 Eby Sales Order 0x000bd89c 0xb7000 + 26780

    Read the article

  • How to create a login with struts2 and ldap?

    - by jl
    Hi, I need to create a login and account validation using struts 2 and ldap, so the flow would be: Display login page User inputs his username and password Validates user's existence in ldap Redirect to welcome page with message and user's name How should I get it done in Struts 2 and Ldap? Thank you.

    Read the article

  • IE sends multiple cookies with same name?

    - by akach
    I have a strange bug that occurs in IE7/XP and IE8/Vista on my website. IE sends two cookies named PHPSESSID. How to reproduce: Clear cookies in IE (not necessary if you never visited unisender.com). Visit unisender.com (exactly without www to reproduce!) and it will redirect to www.unisender.com Login with any valid username and password (I've registered username testmsdn with password testmsdn - feel free to use for testing) Run your favourite capture-the-traffic program (I prefer wireshark) Now click any menu link (e.g. "messages") Look at captured traffic - you will see that IE sends double PHPSESSID cookie (and you are logged out after click because of this). It seems like first PHPSESSID is from unisender.com and second from www.unisender.com. Captured sample: GET /en/letter_list HTTP/1.1 Accept: image/gif, image/jpeg, image/pjpeg, application/x-ms-application, application/vnd.ms-xpsdocument, application/xaml+xml, application/x-ms-xbap, application/x-shockwave-flash, / Referer: http://www.unisender.com/en/intro Accept-Language: ru User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.5.21022; .NET CLR 3.5.30729; FDM; .NET CLR 3.0.30729) Accept-Encoding: gzip, deflate Host: www.unisender.com Connection: Keep-Alive Cookie: authchallenge=3a9cfcfc9fe33822e3e21d75c8a3d3e4; PHPSESSID=14ea1cb133632951592397c86eaf037e; us_reg_ref=unknown; us_reg_url=http%3A%2F%2Funisender.com%2F; __utma=1.778517853.1271204400.1271204400.1271204400.1; __utmb=1.3.10.1271204400; __utmc=1; __utmz=1.1271204400.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=65e110aeb995a66b9dc8da5656c7a3da; last_login_name=testmsdn I've tried to use session and non-session cookies, tried to use .unisender.com instead of unisender.com for cookie - nothing helps. I suppose there should not be cookies with same name. Am I right? Is it a bug in IE? If it's a bug then is there a workaround? Or am I wrong and it's an expected behavior?

    Read the article

  • Rails: How to to download a file from a http and save it into database

    - by Chris
    Hi, i would like to create a Rails controller that download a serie of jpg files from the web and directly write them into database as binary (I am not trying to do an upload form) Any clue on the way to do that ? Thank you Edit : Here is some code I already wrote using attachment-fu gem : http = Net::HTTP.new('awebsite', 443) http.use_ssl = true http.verify_mode = OpenSSL::SSL::VERIFY_NONE http.start() { |http| req = Net::HTTP::Get.new("image.jpg") req.basic_auth login, password response = http.request(req) attachment = Attachment.new(:uploaded_data => response.body) attachement.save } And I get an "undefined method `content_type' for #" error

    Read the article

  • Add if else function in Ajax Jquery function

    - by Naga Botak
    Is it possible to add other else function in my JS like this: ? if response == success redirect to home if response == failed redirect to failed $.ajax({ type: "POST", url: action, data: form_data, success: function(response) { if(response == 'success') window.location.replace("home"); else $("#message").html("<div class='error_log'><p class='error'>Invalid username and/or password.</p></div>"); } });

    Read the article

  • I am unsure of how to access a persistence entity from a JSP page?

    - by pharma_joe
    Hi, I am just learning Java EE, I have created a Persistence entity for a User object, which is stored in the database. I am now trying to create a JSP page that will allow a client to enter a new User object into the System. I am unsure of how the JSP page interacts with the User facade, the tutorials are confusing me a little. This is the code for the facade: <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>Add User to System</title> </head> <body> <h2>Add User</h2> <h3>Please fill out the details to add a user to the system</h3> <form action=""> <label>Email:</label> <input type="text" name="email"><br /> <label>Password:</label> <input type="password" name="name"><br /> <label>Name:</label> <input type="text" name="name"><br /> <label>Address:</label> <input type="text" name="address"><br /> <label>Type:</label> <select name="type"> <option>Administrator</option> <option>Member</option> </select><br /> <input type="submit" value="Add" name="add"/> <input type="reset" value="clear" /> </form> </body> This is the code I have to add a new User object within the User facade class: @Stateless public class CinemaUserFacade { @PersistenceContext(unitName = "MonashCinema-warPU") private EntityManager em; public void create(CinemaUser cinemaUser) { em.persist(cinemaUser); } I am finding it a little difficult to get my head around the whole MVC thing, getting there but would appreciate it if someone could turn the light on for me!

    Read the article

  • SINGLE SIGN ON SECURITY THREAT! FACEBOOK access_token broadcast in the open/clear

    - by MOKANA
    Subsequent to my posting there was a remark made that this was not really a question but I thought I did indeed postulate one. So that there is no ambiquity here is the question with a lead in: Since there is no data sent from Facebook during the Canvas Load process that is not at some point divulged, including the access_token, session and other data that could uniquely identify a user, does any one see any other way other than adding one more layer, i.e., a password, sent over the wire via HTTPS along with the access_toekn, that will insure unique untampered with security by the user? Using Wireshark I captured the local broadcast while loading my Canvas Application page. I was hugely surprised to see the access_token broadcast in the open, viewable for any one to see. This access_token is appended to any https call to the Facebook OpenGraph API. Using facebook as a single click log on has now raised huge concerns for me. It is stored in a session object in memory and the cookie is cleared upon app termination and after reviewing the FB.Init calls I saw a lot of HTTPS calls so I assumed the access_token was always encrypted. But last night I saw in the status bar a call from what was simply an http call that included the App ID so I felt I should sniff the Application Canvas load sequence. Today I did sniff the broadcast and in the attached image you can see that there are http calls with the access_token being broadcast in the open and clear for anyone to gain access to. Am I missing something, is what I am seeing and my interpretation really correct. If any one can sniff and get the access_token they can theorically make calls to the Graph API via https, even though the call back would still need to be the site established in Facebook's application set up. But what is truly a security threat is anyone using the access_token for access to their own site. I do not see the value of a single sign on via Facebook if the only thing that was established as secure was the access_token - becuase for what I can see it clearly is not secure. Access tokens that never have an expire date do not change. Access_tokens are different for every user, to access to another site could be held tight to just a single user, but compromising even a single user's data is unacceptable. http://www.creatingstory.com/images/InTheOpen.png Went back and did more research on this: FINDINGS: Went back an re ran the canvas application to verify that it was not any of my code that was not broadcasting. In this call: HTTP GET /connect.php/en_US/js/CacheData HTTP/1.1 The USER ID is clearly visible in the cookie. So USER_ID's are fully visible, but they are already. Anyone can go to pretty much any ones page and hover over the image and see the USER ID. So no big threat. APP_ID are also easily obtainable - but . . . http://www.creatingstory.com/images/InTheOpen2.png The above file clearly shows the FULL ACCESS TOKEN clearly in the OPEN via a Facebook initiated call. Am I wrong. TELL ME I AM WRONG because I want to be wrong about this. I have since reset my app secret so I am showing the real sniff of the Canvas Page being loaded. Additional data 02/20/2011: @ifaour - I appreciate the time you took to compile your response. I am pretty familiar with the OAuth process and have a pretty solid understanding of the signed_request unpacking and utilization of the access_token. I perform a substantial amount of my processing on the server and my Facebook server side flows are all complete and function without any flaw that I know of. The application secret is secure and never passed to the front end application and is also changed regularly. I am being as fanatical about security as I can be, knowing there is so much I don’t know that could come back and bite me. Two huge access_token issues: The issues concern the possible utilization of the access_token from the USER AGENT (browser). During the FB.INIT() process of the Facebook JavaScript SDK, a cookie is created as well as an object in memory called a session object. This object, along with the cookie contain the access_token, session, a secret, and uid and status of the connection. The session object is structured such that is supports both the new OAuth and the legacy flows. With OAuth, the access_token and status are pretty much al that is used in the session object. The first issue is that the access_token is used to make HTTPS calls to the GRAPH API. If you had the access_token, you could do this from any browser: https://graph.facebook.com/220439?access_token=... and it will return a ton of information about the user. So any one with the access token can gain access to a Facebook account. You can also make additional calls to any info the user has granted access to the application tied to the access_token. At first I thought that a call into the GRAPH had to have a Callback to the URL established in the App Setup, but I tested it as mentioned below and it will return info back right into the browser. Adding that callback feature would be a good idea I think, tightens things up a bit. The second issue is utilization of some unique private secured data that identifies the user to the third party data base, i.e., like in my case, I would use a single sign on to populate user information into my database using this unique secured data item (i.e., access_token which contains the APP ID, the USER ID, and a hashed with secret sequence). None of this is a problem on the server side. You get a signed_request, you unpack it with secret, make HTTPS calls, get HTTPS responses back. When a user has information entered via the USER AGENT(browser) that must be stored via a POST, this unique secured data element would be sent via HTTPS such that they are validated prior to data base insertion. However, If there is NO secured piece of unique data that is supplied via the single sign on process, then there is no way to guarantee unauthorized access. The access_token is the one piece of data that is utilized by Facebook to make the HTTPS calls into the GRAPH API. it is considered unique in regards to BOTH the USER and the APPLICATION and is initially secure via the signed_request packaging. If however, it is subsequently transmitted in the clear and if I can sniff the wire and obtain the access_token, then I can pretend to be the application and gain the information they have authorized the application to see. I tried the above example from a Safari and IE browser and it returned all of my information to me in the browser. In conclusion, the access_token is part of the signed_request and that is how the application initially obtains it. After OAuth authentication and authorization, i.e., the USER has logged into Facebook and then runs your app, the access_token is stored as mentioned above and I have sniffed it such that I see it stored in a Cookie that is transmitted over the wire, resulting in there being NO UNIQUE SECURED IDENTIFIABLE piece of information that can be used to support interaction with the database, or in other words, unless there were one more piece of secure data sent along with the access_token to my database, i.e., a password, I would not be able to discern if it is a legitimate call. Luckily I utilized secure AJAX via POST and the call has to come from the same domain, but I am sure there is a way to hijack that. I am totally open to any ideas on this topic on how to uniquely identify my USERS other than adding another layer (password) via this single sign on process or if someone would just share with me that I read and analyzed my data incorrectly and that the access_token is always secure over the wire. Mahalo nui loa in advance.

    Read the article

  • @Resource annotation is null at run-time.

    - by Andrew
    I'm using GlassFish v3. The following field is declared in a class: @Resource private javax.sql.DataSource _data_source; The following is declare in web.xml: <data-source <namejava:app/env/data</name <class-namecom.mysql.jdbc.Driver</class-name <server-namelocalhost</server-name <port-number3306</port-number <usermyUser</user <passwordmyPass</password </data-source At run-time _data_source is empty. What am I doing wrong?

    Read the article

  • git - how do we verify commit messages for a push?

    - by shovas
    Coming from CVS, we have a policy that commit messages should be tagged with a bug number (simple suffix "... [9999]"). A CVS script checks this during commits and rejects the commit if the message does not conform. The git hook commit-msg does this on the developer side but we find it helpful to have automated systems check and remind us of this. During a git push, commit-msg isn't run. Is there another hook during push that could check commit messages? How do we verify commit messages during a git push?

    Read the article

  • Sending E-mail from the client

    - by peterpan764
    hi guys i need some help the vb.net. my problem is that i have got an formular with "name" "password" "e-mail" and some other.... i want that the client file in his for example name and i want to recieve an e-mail at my e-emil acc. Can somebody help my please?

    Read the article

  • Using PHP5s SOAP Client to send data to an ASP/.NET based SOAP server.

    - by user325143
    I am trying to write a snippet of PHP to connect to a third party's API via SOAP to enter some data into their database. The API requires me to pass several mandatory fields for every call (username, password, companyid, entitytype) in addition to the mandatory data fields. It also requires me to call the "ValidateEntity" funciton before calling the "CreateEntity" function. Documentation can be found here: http://wiki.agemni.com/Getting_Started/APIs/Database_API I have never worked with SOAP before, so I am very new to this. Here is what I have so far: error_reporting(E_ALL); ini_set('display_errors', '1'); $client = new SoapClient("http://agemni.com/AgemniWebservices/service1.asmx?WSDL", array('trace'=> true)); $options = array( 'username' => "myuser", 'password' => "mypassword", 'companyid' => myID, 'entitytype' => 2 ); $params = array( 'fname' => "John", 'lname' => "Doe", 'phone' => "859-333-3333", 'zip' => "40332", 'area id' => "12345", 'lead id' => "28222", 'contactdate' => "4/10/2010" ); $validate = $client->__soapCall("ValidateEntity", array($params), array($options)); $client->__soapCall("CreateEntity", array($params), array($options)); echo "<pre>"; var_dump($client-> __getLastRequestHeaders()); var_dump($client-> __getLastRequest()); var_dump($client-> __getLastResponseHeaders()); var_dump($client-> __getLastResponse()); var_dump($result); echo "</pre>"; Upon executing this code, I get the following error: Fatal error: Uncaught SoapFault exception: [Client] SOAP-ERROR: Encoding: object hasn't 'objecttype' property in /www/tmp/index-soap.php:24 Stack trace: #0 /www/tmp/index-soap.php(24): SoapClient->__soapCall('ValidateEntity', Array) #1 {main} thrown in /www/stealth/tmp/index-soap.php on line 24 I guess my question is.. am I even going about doing this the right way? I know this is a very broad question, but I appreciate any advice you can give me about making this work. Please let me know if you require more detail. Thanks!

    Read the article

  • Are cookies enough for storing login data? (PHP)

    - by jpjp
    I am reading the Head First PHP/Mysql book and they say to store both the user's username, email into cookies and sessions. Is it safe to assume that everyone know a day has cookies? Or should I store both in sessions and cookies? I am not storing any sensitive data in cookies such as password, etc.

    Read the article

  • Tomcat6 fails to update User parameter on a stopped service

    - by Woot4Moo
    At the moment I have installed tomcat via the service.bat command. After install I stop the service and execute the following command: //US//TOMCAT6 --User=MyUser this fails to update the service with the user MyUser, in addition this command also fails //US//TOMCAT6 --User=MyUser --Password=MyPassword I am running xp sp3 and it is Tomcat 6.20

    Read the article

  • Show or hide fields depending on the Acl9 role - Ruby on Rails

    - by Michaël
    Hi, I am using Acl9 to manage the roles and I want to hide the checkbox usertype if the user has the role :customer and show it if the role is :manager. I want that just the :manager can edit all the fields and some for the :customer. Thank you for your help! <h1>Editing user</h1> <% form_for(@user) do |f| %> <%= f.error_messages %> <p> <%= f.label :usertype %><br /> <%= f.check_box :usertype %> </p> <p> <%= f.label :surname %><br /> <%= f.text_field :surname %> </p> <p> <%= f.label :firstname %><br /> <%= f.text_field :firstname %> </p> <p> <%= f.label :phone %><br /> <%= f.text_field :phone %> </p> <p> <%= f.label :email %><br /> <%= f.text_field :email %> </p> <p> <%= f.label :registrationdate %><br /> <%= f.datetime_select :registrationdate %> </p> <p> <%= f.label :login %><br /> <%= f.text_field :login %> </p> <p> <%= f.label :password %><br /> <%= f.text_field :password %> </p> <p> <%= f.submit 'Update' %> </p> <% end %> <%= link_to 'Show', @user %> | <%= link_to 'Back', users_path %>

    Read the article

  • Not able to create a datasource registration with WAMP MysQL 5.0 in DBArtisan

    - by Alf Christophersen
    I try in a test version of DBArtisan to set up a datasource and register both servere as localhost, database to use, my username and password, but, when testing the connection, I get message that connection failed. Hooking up from eg. Delphi and other utilities run nicely. But not DBArtisan, Is MySQL 5.0 not supported yet ?? Or is it WAMP that is the culprit naming the service wampmysqld insted of just mysqld ??

    Read the article

  • Getting service unavailable message when sending messages to google xmpp using wokkel

    - by Code freak
    Hi, I made a wokkel (twisted python) bot to send and receive messages from the google xmpp service. Everything (auth, presence) etc works fine. One of the rquirements of our prject is that we need to send broadcast messages to everyone in the list. Normal messages and replies work fin, but when i snd a broadcast message, i get this service unavailable error 503 message. There are about 1000 user in my contact list. Is this some bug in the code or is it google policy to prevent rapid messaging. Also, how do other google bots cater to a large contact base ? does google provide a commercial solution for such applications ? Thanks

    Read the article

  • Is it possible to authenticate on another website?

    - by Blankman
    If I am on a website#1, and I enter my username/pwd for website#2 on a login page that is on website#1, and website#1, behind the scenes, makes a httpwebrequest to website#2 and posts to the login page. If I then navigate to website#2, should I be logged in? website#2 uses formsauthentication and I call a httpHandler that is on website#2 and pass it the username/password via the querystring. Should this work?

    Read the article

  • Windows Media Service authentication issue

    - by George2
    Hello everyone, I am using Windows Server 2008 R2 with Windows Media Service. At the client side, I want to use Silverlight to play the media file. I am using VSTS 2008 + Silverlight 3 + ASP.Net + .Net 3.5. I want to know how to implement a custom authentication protocol (I have a custom user database, which contains user name and password. I want to enable logged-in user to be able to play through Silverlight)? thanks in advance, George

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 334 335 336 337 338 339 340 341 342 343 344 345  | Next Page >