Search Results

Search found 12717 results on 509 pages for 'ouaf security'.

Page 392/509 | < Previous Page | 388 389 390 391 392 393 394 395 396 397 398 399  | Next Page >

• iFrames and Cookies

  - by Tom

  I have a site on A.com and an iframe on B.com which reads info from A.com. I realize that there is some problems with third party cookies, iframes and P3P - particularly in Safari [my problem] Is it possible to instead, use AJAX or a hidden iFrame to pass the cookie information from A.com to B.com which will then "recreate" another cookie with the same information on the iframe in B.com. I am trying to do this for authenication - i.e. a user is logged in on A.com and then goes to b.com and the iframe is also logged in ? I was hoping to perhaps pass the data in a hidden iframe and "recreate" the cookie in the iframe on B.com using JavaScript? Is this possible ? Security issues ? What about HTTPS?

  Read the article

• How can I run a package created with Simple Build Tool?

  - by Lukasz Lew

  I run: $ echo 'object Hi { def main(args: Array[String]) { println("Hi!") } }' > hw.scala $ sbt > warn Set log level to warn > run Hi! > package $ java -jar target/scala_2.7.7/test_2.7.7-1.0.jar Exception in thread "main" java.lang.NoClassDefFoundError: scala/ScalaObject at java.lang.ClassLoader.defineClass1(Native Method) at java.lang.ClassLoader.defineClass(ClassLoader.java:621) at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:124) at java.net.URLClassLoader.defineClass(URLClassLoader.java:260) Why can't I run this jar package this way?

  Read the article

• RUP (Rational Unified Process)

  - by tony

  I have chosen to use the development method RUP (Rational Unified Process) in my project. This is a method I've never used before. I've also included some elements from Scrum in the development process. The question is what the requirement specifications should contain in a RUP-model? Is it functional and non-functional requirements? And what should be included in a technical analysis and security requirements for RUP? Can’t find any information. Notes about this would be helpful. Hope people with RUP experience can share some useful experiences

  Read the article

• Firefox window.parent.location

  - by Mustafa Magdy

  I've a Html page index.htm which has an iframe to page search.htm the search.htm has code like this function executeSearch() { window.parent.location = "/SearchResults.aspx?t=" + txt_Search.value; } this code executed now from index.htm page and it works great on IE and Chrome, but not FireFox ... is there any work around ?? I tried window.parent.location.href, window.opener.location, window.parent.document.location ... but nothing of those worked. after searching the web i found some one with similar prob he said that this is a security settings in Firefox ... is this true?? and if so is there any workaround ?

  Read the article

• Setting ownership/permissions for symfony2 and other web projects

  - by Handonam

  I've been very confused as to how to set permissions and user/groups for my sites. It is particularly one of my weakest suits My curent problem is that I often find myself running into a situation where if i view a particular page, it won't have permissions to write to cache or logs. At this point I'll set the ownership towards apache. Then, in other cases, if i try to run internal scripts, for example, I can't write to these cache/log files because i set them for apache. Currently, my symfony2 files are all registered to me as a part of staff (Handonam:Staff). I've seen various people creating groups such as www-data, apache, etc, and using users such as theirselves (e.g. Handonam) or www as a part of those groups. So my question is: For symfony2 and other web projects, what's generally the best setup for user/group setup so that both apache and myself can interact with these files, while maintaining decent security?

  Read the article

• How do I download an attachment from an annotation using client-side JScript?

  - by VVander

  I'm trying to provide a link to the attachment of a note through the client-side JScript. The standard MS-made Notes component does this through the following url: [serverurl]/[appname]/Activities/Attachment/download.aspx?AttachmentType=5&AttachmentId={blahblahblah}&IsNotesTabAttachment=1&CRMWRPCToken=blahblahblah&CRMWRPCTokenTimeStamp=blahblahblah The problem is that I don't know how to get the Token or TokenTimeStamp, so I'm receiving an Access Denied error ("form is no longer available, security precaution, etc"). The only other way I can think of doing this is through the OData endpoint, but that would at best get me a base64 string that I still would have translate into a filestream to give to the browser (all of which seems like it would take forever to implement/figure out). I've found a few other posts that describe the same thing, but no one has answered them: http://social.microsoft.com/Forums/en-US/crmdevelopment/thread/6eb9e0d4-0c0c-4769-ab36-345fbfc9754f/ http://social.microsoft.com/Forums/is/crm/thread/45dabb6e-1c6c-4cb4-85a4-261fa58c04da

  Read the article

• Can I create and connect to a SQL Server CE database if SQL Server 2005 isn't installed?

  - by MusiGenesis

  Is there any way to do this? Update: Sorry, I should have included more information. I am trying to create and connect to a SQL CE database using System.Data.SqlServerCe in C# running on a PC (i.e. not running on a Windows Mobile device). This code: string connstr = "Data Source=\"" + filename + "\";Persist Security Info=False;"; System.Data.SqlServerCe.SqlCeEngine engine = new SqlCeEngine(connstr); engine.CreateDatabase(); ... works fine on any PC that has SQL Server 2005 installed, but fails on any PC that doesn't have it installed. I'm trying to find out if there's any way to get this to work without installed SQL Server 2005 on the machine.

  Read the article

• Finding the URL of an XMLHttpRequest

  - by hawkettc

  Hi, I've got some code that does an ajax request using jQuery, and handles success and error conditions. On an error, I want to find out what the URL I called was, so I can log it. This information appears to be contained in the XMLHttpRequest.channel, but firefox is complaining about accessing this - Permission denied for <http://localhost:8081> to get property XMLHttpRequest.channel Any ideas how I can determine the URL associated with an XMLHttpRequest? What's the security issue getting hold of this information? Cheers, Colin

  Read the article

• Creating a simple wcf service publishing it to my webhotel, and get it to work

  - by H4mm3rHead

  Hi, This seems to be a recurring problem to me. I want to get started doing wcf services. I create a new Wcf Service Library, compile it, and publish it using FTP to my providers webhotel. But its not working. I somehow cant get access. I dont want some fancy security model - i just want to get a hole through to my simple webservice. Seems that its the part when i publish it to my webhotel (in a subdomain) that breaks the webservice - its working perfectly when starting it locally. How to proceed anyone?

  Read the article

• PHP with SQL Injection

  - by Scott S

  For our first assignment in a System Security class, we have to hack into the professors "cheaply organized" sql database. I know the only user is "admin" and the select statement generated in the php is: select user_id from user where user_username = 'admin' AND user_password = md5('noob') I am having a number of problems attempting to bypass the password part of this statement as the professor has some javascript embedded in the page to sanitize the username and password of any non-alphanumeric values. This can be bypassed by turning off javascript :P but any values sent still get cleaned by the operating system (some build of Debian 32-bit). I've seen the code for the login request and it does not escape any characters. How do I bypass the operating systems escape sequences?

  Read the article

• Accessing an RSS feed in Flex, works when run from Flash Builder 4, but not when the project is onli

  - by ben

  Hey guys, In my Flex 4 app, I access an RSS feed (I'm using http://news.ycombinator.com/rss as a dummy). It works okay when I run it from Flash Builder 4, but if I export the project and upload it, I get the following error when it tries to load the RSS feed: Error #2044: Unhandled securityError:. text=Error #2048: Security sandbox violation: my_website_url cannot load data from http://news.ycombinator.com/rss. What could be causing this error? Shouldn't RSS be able to be accessed from anywhere? Thanks for reading.

  Read the article

• Delete MSMQ Queue During Uninstall

  - by Todd Kobus

  Is it possible to delete a private message queue that was created by the service user? During uninstallation, we would like to clean up any message queues created by our application. For security purposes, access to these queues has been restricted to the current user (ServiceUser). During uninstall, we have admin privileges, but still get an access denied MessageQueueException when we attempt to delete the queue or modify the privs on the queue. Here is the cleanup code: public void DeleteAppQueues() { List<string> trash = new List<string>(); var machineQueues = MessageQueue.GetPrivateQueuesByMachine("."); foreach (var q in machineQueues) { if (IsAppQueue(q.QueueName)) { trash.Add(".\\" + q.QueueName); } q.Dispose(); } foreach (var queueName in trash) { try { using (MessageQueue delQueue = new MessageQueue(queueName)) { delQueue.SetPermissions("Everyone", MessageQueueAccessRights.FullControl, AccessControlEntryType.Allow); } MessageQueue.Delete(queueName); } catch (MessageQueueException ex) { // ex.Message is "Access to Message Queuing system is denied." } } }

  Read the article

• NoSQL for concurrent reads/writes

  - by Mickael Marrache

  After getting some performance issues for an application using a MySQL database, I'm thinking of using NoSQL solutions. My architecture is as follows: One application receives messages from the network at a high throughput (i.e. 50000 messages/sec). Each message is stored in the DB, so it's important for the write rate to be as fast as the arrival rate. Then, I also have some PHP pages that accesses the DB to get the data stored by the other application. It's important for me that the retrieved data is as relevant as possible (i.e. not old data, let's say not more than 5 seconds old). Also, the data is not critical, so I don't need any security mechanism to avoid losing the data. I see there are a lot of NoSQL solutions, but I don't know if they are all relevant. Could you please provide me some directions. Thanks

  Read the article

• Using an IN clause in Vb.net to save something to the database using SQL

  - by Rob

  I have a textbox and a button on a form. I wish to run a query (in Vb.Net) that will produce a query with the IN Values. Below is an example of my code myConnection = New SqlConnection("Data Source=sqldb\;Initial Catalog=Rec;Integrated Security=True") myConnection.Open() myCommand = New SqlCommand("UPDATE dbo.Recordings SET Status = 0 where RecID in ('" & txtRecID.Text & "') ", myConnection) ra = myCommand.ExecuteNonQuery() myConnection.Close() MsgBox("Done!", _ MsgBoxStyle.Information, "Done") When I enter a single value it works but when I enter values with commas it throws an error: "Conversion failed when converting the varchar value '1234,4567' to data type int." Could someone please help me to solve this or if there is an alternative way? Many Thanks

  Read the article

• Remote desktop connection to Raspberry Pi without specifying a port

  - by Max Methot

  I have a Raspberry Pi running Raspbian Wheezy connected in "Site A", where the network is managed by a third party company and where all ports are closed the the Internet (for security reasons). So, there is no way for me to do any port forwarding to VNC, nor SSH or anything else. That means I just can't access it in any way other than locally, on-site. However, I need to connect to that device on the X Desktop session (graphical interface) to do some maintenance, and I am located in let's say "Site B", which is nearly 300 miles away from site A. I know you can do such tasks on Windows or x86 Linux computers with TeamViewer (we use it for our other hardware in the same location and it works like a charm), but since the Raspberry Pi is based on an ARM architecture, it isn't supported by TeamViewer yet. If anyone has ever achieved this, I would be glad to hear how to do it! Thanks!

  Read the article

• Where are the best locations to write an error log in Windows?

  - by Keith Sirmons

  Where would you write an error log file, say ErrorLog.txt, in Windows? Keep in mind the path would need to be open to basic users for file write permissions. I know the eventlog is a possible location for writing errors, but does it work for "user" level permissions? EDIT: I am targeting Windows 2003, but I was posing the question in such a way as to have a "General Guideline" for where to write error logs. As for the EventLog, I have had issues before in an ASP.NET application where I wanted to log to the Windows event log, but I had security issues causing me heartache. (I do not recall the issues I had, but remember having them.)

  Read the article

• How can I use the Scala program schema2src?

  - by pr1001

  This perhaps more a Server Fault question... I installed schema2src via sbaz and now I would like to convert a DTD (Apple's plist schema) to Scala source. $ schema2src usage: schema2src [flags] --module mname arg* or schema2src dtd arg* or (experimental) schema2src xsd arg* (this doesn't work at all yet) where supported [flags] may be: --verbose prints some debugging information However, if I try give any argument, it appears it can't find Scala: $ schema2src --verbose Exception in thread "main" java.lang.NoClassDefFoundError: scala/runtime/BoxesUtility at schema2src.Main$.processArgs(Main.scala:56) at schema2src.Main$.main(Main.scala:25) at schema2src.Main.main(Main.scala) Caused by: java.lang.ClassNotFoundException: scala.runtime.BoxesUtility at java.net.URLClassLoader$1.run(URLClassLoader.java:200) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:188) at java.lang.ClassLoader.loadClass(ClassLoader.java:315) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:330) at java.lang.ClassLoader.loadClass(ClassLoader.java:250) at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:398) ... 3 more I have scala in my PATH... Any suggestions? Assuming that problem can be fixed, is this the correct syntax? $ schema2src PropertyList-1.0.dtd

  Read the article

• server.sh gives me following error Exception"main" java.lang.NoClassDefFoundError:

  - by NickNaik

  i am trying to start the "Program D" from the terminal, command in terminal "sh server.sh" gives me following error Starting Alicebot Program D. Exception in thread "main" java.lang.NoClassDefFoundError: org/alicebot/server/net/AliceServer Caused by: java.lang.ClassNotFoundException: org.alicebot.server.net.AliceServer at java.net.URLClassLoader$1.run(URLClassLoader.java:202) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:190) at java.lang.ClassLoader.loadClass(ClassLoader.java:306) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301) at java.lang.ClassLoader.loadClass(ClassLoader.java:247) My Server.sh file ALICE_HOME=.SERVLET_LIB=lib/servlet.jar ALICE_LIB=lib/aliceserver.jar JS_LIB=lib/js.jar # Set SQL_LIB to the location of your database driver. SQL_LIB=lib/mysql_comp.jar # These are for Jetty; you will want to change these if you are using a different http server. HTTP_SERVER_LIBS=lib/org.mortbay.jetty.jar:lib/javax.xml.jaxp.jar:lib/org.apache.crimson.jar PROGRAMD_CLASSPATH=$SERVLET_LIB:$ALICE_LIB:$JS_LIB:$SQL_LIB:$HTTP_SERVER_LIBS java -classpath $PROGRAMD_CLASSPATH -Xms64m -Xmx64m org.alicebot.server.net.AliceServer $1

  Read the article

• How can I receive messages using over http without MSMQ

  - by pduncan

  I need a reliable messaging framework that runs over http/https (due to client security requirements) and that doesn't use MSMQ (because some clients will use Windows XP Home). The clients only need to be able to receive messages, not send them. We already have a message queue on the server for each user, and the receivers have been getting messages by connecting to an HttpHandler on the server and getting a Stream from WebResponse.GetResponseStream() We keep this stream open, and pull messages off of it using Stream.Read(). This MOSTLY works, but Stream.Read() is a blocking call, and we can't reliably interrupt it. We need to be able to stop and start the receiver without losing messages, but the old stream often hangs around, even after we call Thread.Abort on its thread. Any suggestions?

  Read the article

• Data Warehouse: One Database or many?

  - by drrollins

  At my new company, they keep all data associated with the data warehouse, including import, staging, audit, dimension and fact tables, together in the same physical database. I've been a database developer for a number of years now and this consolidation of function and form seems counter to everything I know. It seems to make security, backup/restore and performance management issues more manually intensive. Is this something that is done in the industry? Are there substantial reasons for doing or not doing it? The platform is Netezza. The size is in terabytes, hundreds of millions of rows. What I'm looking to get from answers to this question is a solid understanding of how right or wrong this path is. From your experience, what are the issues I should be focused on arguing if this is a path that will cause trouble for us down the road. If it is no big deal, then I'd like to know that as well.

  Read the article

• CryptGenRandom to generate asp.net session id

  - by DoDo

  Hi! does anyone have working example of CryptGenrRandom class to generate session id (need to use in my iis module). HCRYPTPROV hCryptProv; BYTE pbData[16]; if(CryptAcquireContext( &hCryptProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) { if(CryptGenRandom(hCryptProv, 8, pbData)) { std::string s(( const char *) pbData); printf(s.c_str()); } else { MyHandleError("Error during CryptGenRandom."); } } else { MyHandleError("Error during CryptAcquireContext!\n"); } i tried this code but, its not working quite well (i get it from msdn) and this example don't work for me ( http://www.codeproject.com/KB/security/plaintextsessionkey.aspx ) so if anyone know how to generate sessionid using this class plz let me know tnx anyway!

  Read the article

• How can I know if a file has been changed in .NET C#?

  - by Anthony D

  I have an application that requires a secure way to store its configuration. There are users that can change the configuration. I need some sort of signature scheme where I can verify that the config file has not changed with out a valid user. I had thought about using RSA, where the private key is encrypted with the users password, and the public key is used to sign the config. However there is nothing to prevent someone from changing the user file and adding their own public key, thus circumventing my security. Any ideas?

  Read the article

• what's the key different between data management and data governance?

  - by Sid Xing

  i just read some articles about these two theories, and i thought they have the similar goal, but DG is more about process management by follow some best practice. So my 1st question is about the difference between DG & DM. I'm confused. There're so many concepts around data management. Data quality, data security, data governance, data profiling, data integration, master data management, metadata management.... It seems like neither of them is EXACTLY separated, they're together. My 2nd question, or ask for your suggestion to help me better understand the relation between these concepts. Appreciate your help.

  Read the article

• PHP require/include only works once in script then fails

  - by Colin

  Hi everybody, this isn't a problem as such but it's bugging me and I would appreciate any help. It might be totally obvious but I can't see it. $root_path = $_SERVER['DOCUMENT_ROOT'] require($root_path .'template/header.php') require($root_path .'template/footer.php') The script will include one or the other but not both. It will run and include the header but not the footer, if I swap them round it will load the footer first but not the header. I've tried using include instead of require but get the same result. It gives the error allow_url_include = 0. I know turning this on will solve it but my question is why is it happening? Why will it include one file but not the other? Is there any way to get them to both run without turning allow_url_include on (I'm trying to be security conscious). I have PHP 5.3 and am running WAMP. Thanks in advance for your help!

  Read the article

• Storing API keys in Android, is obfustication enough?

  - by fredley

  I'm using the Dropbox API. In the sample app, it includes these lines: // Replace this with your consumer key and secret assigned by Dropbox. // Note that this is a really insecure way to do this, and you shouldn't // ship code which contains your key & secret in such an obvious way. // Obfuscation is good. final static private String CONSUMER_KEY = "PUT_YOUR_CONSUMER_KEY_HERE"; final static private String CONSUMER_SECRET = "PUT_YOUR_CONSUMER_SECRET_HERE"; I'm well aware of the mantra 'Secrecy is not Security', and obfuscation really only slightly increases the amount of effort required to extract the keys. I disagree with their statement 'Obfustication is good'. What should I do to protect the keys then? Is obfustication good enough, or should I consider something more elaborate?

  Read the article

< Previous Page | 388 389 390 391 392 393 394 395 396 397 398 399  | Next Page >