Search Results

Search found 15648 results on 626 pages for 'wcf security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 413/626 | < Previous Page | 409 410 411 412 413 414 415 416 417 418 419 420  | Next Page >

  • Starting a Blog using Microsoft.Net technologies

    - by manav inder
    I want to start a blog using Microsoft technologies. My primary reason is to get more in-sync with technologies which are very much in demand. It does not matter how steep is the learning curve as long I am willing to devote all the time in the world. There are lot going on like Microsoft WebAPI, Dot net nuke MVC SPA etc. Let me tell you what i know I have very good experience in developing database driven .net application using winforms and wpf. Average experience in asp.net and asp.net mvc. Good in entity framework, ado.net and wcf rest services. Good in IoC/DI.

    Read the article

  • Schema Inheritance in BizTalk Server

    - by newbtdev
    Hi, I just wondering if anyone has already tried of doing something like schema inheritance in BizTalk schemas? I am using WCF Adapter and using 'consume adapter service' to generate a schema automatically, what I wanted is instead of always generating a schema and since most of my schema is the same then I want to have something like a base schema. I have this scenario that I'm testing flat file debatching, for debatching I need to set maxoccur property of the schema to '1' but for batch processing it should be '*', instead of creating a two different schemas I want just to create a base schema and inherit from it and then change the maxoccur property in the derived schema. Any help would be appreciated. Many Thanks

    Read the article

  • cross domain iFrames communication problem

    - by Cyno
    I have a page A containing 2 children iFrames called B and C. A and B are on different domains. On pressing a button in B I would like to change C's URL. Based on the law III of Michael Mahemoff it should work, but in fact it doesn't (js security error). Here is the JS code in B: window.parent.frames['C'].location.href = "http://random.url";

    Read the article

  • Black hat knowledge for white hat programmers

    - by Dinah
    There's always skepticism from non-programmers when honest developers learn the techniques of black hat hackers. Obviously though, we need to learn many of their tricks so we can keep our own security up to par. To what extent do you think an honest programmer needs to know the methods of malicious programmers?

    Read the article

  • How do you mock a Sealed class?

    - by Brett Veenstra
    Mocking sealed classes can be quite a pain. I currently favor an Adapter pattern to handle this, but something about just keeps feels weird. So, What is the best way you mock sealed classes? Java answers are more than welcome. In fact, I would anticipate that the Java community has been dealing with this longer and has a great deal to offer. But here are some of the .NET opinions: Why Duck Typing Matters for C# Develoepers Creating wrappers for sealed and other types for mocking Unit tests for WCF (and Moq)

    Read the article

  • ASP.net dealing issues with production system

    - by nettguy
    First time i am going to work on (maintenance project) application that is already in production.The application was developed in ASP.net 3.5/C# 3.0(web forms) with jQuery,Ajax,Sql server 2005 and microsoft enterprise library 4.0.,WCF services. Questions (bear with me if my question is wrong) 1) Is it possible to use Visual Studio (2008 with SP1) to debug the remote application (i.e already in production)?.What are the tools do i need to use in order to keep track the things in case something went wrong? 2) Simply looking into Log file ,will solve the issues? 3) After having done with enhancements,is it possible to directly deploy the DLLs into production server.Won't it affect the running application? Please guide me what are the procedures i need to follow.Client is ready to provide any tools for my support.(What are the area do i need to aware to handle production system) Thanks in advance.

    Read the article

  • Issues Migrating Ejb 2.0 from jboss 4 to jboss 5.1

    - by Ravi
    Deploying an EAR application in jboss 5.1 throws an error. Below is the error The content of element type "message-driven" must match "(description?,display-name?,small- icon?,large-icon?,ejb-name,ejb-class,transaction-type,message-selector?,acknowledge- mode?,message-driven-destination?,env-entry*,ejb-ref*,ejb-local-ref*,security-identity?,resource- ref*,resource-env-ref*)". This EAR application worked in JBoss 4.0.2, but not working on Jboss 5.1 Thanks Ravi S

    Read the article

  • OLEDB connection to Access database using DSN

    - by somu
    Hai i want oledb connection using Dsn. I used the following code 'Dsn Create dbRegBase.RegisterDatabase("GEMINI", "Microsoft Access Driver (*.mdb)", True,DBQ=D:\Gemini\GEMINI\database\paints_01_2008-2009.mdb Description=Greenchip Technologies ODBC Database File Path OemToAnsi=No UID=admin PWD=XXXXXX conection code Provider=Microsoft.Jet.OLEDB.4.0;DBQ ='GEMINI';Persist Security Info=False;Jet OleDB:Database Password = XXXXXX But Error come error name is "Could not find installable ISAM" what i do . please tell me.

    Read the article

  • Using OpenID as the only authentication method

    - by iconiK
    I have read the other questions and they mostly talk about the security of doing so. That's not entirely my concern, mostly because the website is question is a browser-based game. However, the larger issue is the user - not every user is literate enough to understand OpenID. Sure RPX makes this pretty easy, which is what I'll use, but what if the user does not have an account at Google or Facebook or whatever, or does not trust the system to log in with an existing account? They'd have to get an account at another provide - I'm sure most will know how to do it, let alone be bothered to do it. There is also the problem of how to manage it in the application. A user might want to use multiple identities with a single account, so it's not as simple as username + password to deal with. How do I store the OpenID identities of a user in the database? Using OpenID gives me a benefit too: RPX can provide extensive profile information, so I can just prefill the profile form and ask the user to edit as required. I currently have this: UserID Email ------ --------------- 86000 [email protected] 86001 [email protected] UserOpenID OpenID ---------- ------ 86000 16733 86001 16839 86002 19361 OpenID Provider Identifier ------ -------- ---------------- 16733 Yahoo https:\\me.yahoo.com\bob#d36bd 16839 Yahoo https:\\me.yahoo.com\bigbobby#x75af 19361 Yahoo https:\\me.yahoo.com\alice#c19fd Is that the right way to store OpenID identifiers in the database? How would I match the identifier RPX gave me with one in the database to log in the user (if the identifier is known). So here are concrete questions: How would I make it accessible to users not having an OpenID or not wanting to use one? (security concerns over say, logging in with their Google account for example) How do I store the identifier in the database? (I'm not sure if the tables above are right) What measures do I need to take in order to prevent someone from logging in as another user and happily doing anything with their account? (as I understand RPX sends the identifier via HTTP, so what anyone would have to do is to just somehow grab it then enter it in the "OpenID" field) What else do I need to be aware of when using OpenID?

    Read the article

  • ASP.NET MVC3 Custom Membership Provider - The membership provider name specified is invalid.

    - by David Lively
    I'm implementing a custom membership provider, and everything seems to go swimmingly until I create a MembershipUser object. At that point, I receive the error: The membership provider name specified is invalid. Parameter name: providerName In web.config the membership key is <membership defaultProvider="MembersProvider"> <providers> <clear/> <add name="MembersProvider" type="Members.Providers.MembersProvider" connectionStringName="ApplicationServices" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="DeviceDatabase" /> </providers> </membership> When creating the MembershipUser object from my custom User class: public static MembershipUser ToMembershipUser(User user) { MembershipUser member = new MembershipUser ("MembersProvider" , user.Name , user.Id , user.EmailAddress , user.PasswordQuestion , user.Comment , user.IsApproved , user.IsLockedOut , user.DateCreated , user.LastLoginDate ?? DateTime.MinValue , user.LastActivityDate ?? DateTime.MinValue , user.LastPasswordChangedDate ?? DateTime.MinValue , user.LastLockoutDate ?? DateTime.MinValue ); return member; } (I realize I could probably just inherit my User class from MembershipUser, but it's already part of an existing class hierarchy. I honestly think this is the first time I've encountered a legitimate need for for multiple inheritance!) My feeling is that the new MembershipUser(...) providerName parameter is supposed to match what's set in web.config, but, since they match already, I'm at a loss as to how to proceed. Is there a convenient way to get the name of the active membership provider in code? I'm starting to think that using the built-in membership system is overkill and more trouble than it's worth. Edit Not sure if it's relevant, but the custom membership provider class is in a class library, not the main WAP project. Update Here's the contents of the System.Web.Security.Membership.Provider object as show in the VS2010 command window: >eval System.Web.Security.Membership.Provider {Members.Providers.MembersProvider} [Members.Providers.MembersProvider]: {Members.Providers.MembersProvider} base {System.Configuration.Provider.ProviderBase}: {Members.Providers.MembersProvider} ApplicationName: null EnablePasswordReset: true EnablePasswordRetrieval: false MaxInvalidPasswordAttempts: 5 MinRequiredNonAlphanumericCharacters: 0 MinRequiredPasswordLength: 6 PasswordAttemptWindow: 10 PasswordFormat: Function evaluation was aborted. PasswordStrengthRegularExpression: Cannot evaluate expression because debugging information has been optimized away . RequiresQuestionAndAnswer: Cannot evaluate expression because debugging information has been optimized away . RequiresUniqueEmail: Cannot evaluate expression because debugging information has been optimized away .

    Read the article

  • Keep an object for the time the connection is running in ASP.NET

    - by vtortola
    Hi, I'm developing a web service with ASP.NET, is not an .asmx or WCF, it's a custom one, so I'm working with the Http classes (context, request, response, etc..). Session is disabled. I'm working with my own handler and module. I'd like to keep a object alive and accessible for the time the connection is alive. I mean, a request enters, I assign a DbCommand to it and that connection will use that command as long is doing things, when that connection is ended, the object should be disposed. I've thought, that I can add it to my IPrincipal implementation, then when the connection is authenticated in the module and the user retrieved, I can add that DbCommand to the IPrincipal, so I can retrieve it from wherever I want in the code, and after in the module EndRequest event, I can dispose it, but I don't know if there is a better approach to do this. What do you think? cheers

    Read the article

  • OutOfMemoryException - out of ideas

    - by Captain Comic
    Hi I have a net Windows service that is constantly throwing OutOfMemoryException. The service has two builds for x86 and x64 Windows. However on x64 it consumes a lot more memory. I have tried profiling it with various memory profilers. But I cannot get a clue what the problem is. The diagnosis - service consumes lot of VMSize. Also I tried to look at performance counters (perfmon.exe). What I can see is that heap size is growing and %GC time is 19%. My application has threads and locking objects, DB connections and WCF interface. See first app in list The link to picture with performance counters view http://s006.radikal.ru/i215/1003/0b/ddb3d6c80809.jpg

    Read the article

  • How do you prevent brute force attacks on RESTful data services

    - by Adrian Grigore
    Hi, I'm about to implement an RESTful API to our website (based on WCF data services, but that probably does not matter). All data offered via this API belongs to certain users of my server, so I need to make sure only those users have access to my resources. For this reason, all requests have to be performed with a login/password combination as part of the request. What's the recommended approach for preventing brute force attacks in this scenario? I was thinking of logging failed requests denied due to wrong credentials and ignoring requests originating from the same IP after a certain threshold of failed requests has been exceeded. Is this the standard approach, or am I a missing something important? Thanks, Adrian

    Read the article

  • Converting from One Class to another Class using Xml Serialization in C#

    - by nrk
    Hi, In our project we are consuming WCF webservices exposed at Central location as services with basicHttpBinding. In client desktop application we need consume those webservices. I am able to generate proxy class using WSDL.exe. But, I need to convert data/class given by the webservice into my local class, for that now I am xmlserialzing those class/objects given by webservice and deserializing into my local classes as both classes schema matches exactly same. Is there any better way that I can follow? or Do I need to assign each property from one class to another? thanks nRk.

    Read the article

  • Silverlight Control Disable/Remove Events

    - by Dave
    I have a scenario where a control has an event wired up in XAML, say a Button.Click. Somewhere else in my code, a security check is applied which mean I need to disable said event, but I do not have access to the normal -= syntax to remove it. How else can I remove or disable this event? Thanks, Dave

    Read the article

  • Cisco pix command - whats this command mean?

    - by jason clark
    Hi, Anyone know what the following means? I have these two lines in our cisco PIX configuration file but have no references to these IP's anywhere else in the config and cant find a device on the network with them. global (inet) 10 213.228.xxx.xx global (inet) 20 213.228.xxx.xx thanks, Jason (BTW: I've xxx'ed out the remainder of the ip for security :-0 )

    Read the article

  • How to run an application as root without asking for an admin password?

    - by kvaruni
    I am writing a program in Objective-C (XCode 3.2, on Snow Leopard) that is capable of either selectively blocking certain sites for a duration or only allow certain sites (and thus block all others) for a duration. The reasoning behind this program is rather simple. I tend to get distracted when I have full internet access, but I do need internet access during my working hours to get to a number of work-related websites. Clearly, this is not a permanent block, but only helps me to focus whenever I find myself wandering a bit too much. At the moment, I am using a Unix script that is called via AppleScript to obtain Administrator permissions. It then activates a number of ipfw rules and clears those after a specific duration to restore full internet access. Simple and effective, but since I am running as a standard user, it gets cumbersome to enter my administrator password each and every time I want to go "offline". Furthermore, this is a great opportunity to learn to work with XCode and Objective-C. At the moment, everything works as expected, minus the actual blocking. I can add a number of sites in a list, specify whether or not I want to block or allow these websites and I can "start" the blocking by specifying a time until which I want to stay "offline". However, I find it hard to obtain clear information on how I can run a privileged Unix command from Objective-C. Ideally, I would like to be able to store information with respect to the Administrator account into the Keychain to use these later on, so that I can simply move into "offline" mode with the convenience of clicking a button. Even more ideally, there might be some class in Objective-C with which I can block access to some/all websites for this particular user without needing to rely on privileged Unix commands. A third possibility is in starting this program with root permissions and the reducing the permissions until I need them, but since this is a GUI application that is nested in the menu bar of OS X, the results are rather awkward and getting it to run each and every time with root permission is no easy task. Anyone who can offer me some pointers or advice? Please, no security-warnings, I am fully aware that what I want to do is a potential security threat.

    Read the article

  • Open Source Alternative to ASP.NET membership

    - by Tony Lenzi
    I'm currently supporting a Python web app with increasingly complicated user/role/permission management requirements. Currently, we are rolling our own user, groups, permissions, etc. code and supporting database. I'd like to find something like ASP.NET membership that can help manage user authentication and authorization, rather than risk security issues in continuing to create an increasingly complicated custom solution. Are there any similar projects out there worth taking a look at?

    Read the article

  • Best practices to store CreditCard information into DataBase

    - by Garis Suero
    In my country the online payments are not an old thing, the first time i saw a web application taking payments directly to a local bank account was last year. So, Im a newbie coding web payment system. My question is, what are the best practices to store creditcard information into the database... I have many ideas: encrypting the creditcard, database security restriction, etc. What have you done?

    Read the article

  • OLEDB connection to Access database using DSN

    - by somu
    i want oledb connection using Dsn. I used the following code 'Dsn Create dbRegBase.RegisterDatabase("GEMINI", "Microsoft Access Driver (*.mdb)", True,DBQ=D:\Gemini\GEMINI\database\paints_01_2008-2009.mdb Description=Greenchip Technologies ODBC Database File Path OemToAnsi=No UID=admin PWD=XXXXXX conection code Provider=Microsoft.Jet.OLEDB.4.0;DBQ ='GEMINI';Persist Security Info=False;Jet OleDB:Database Password = XXXXXX But Error come error name is "Could not find installable ISAM" what i do . please tell me.

    Read the article

  • sqlserver 2008 and sql CE over Microsoft sync framework

    - by malik
    The server will drop the connection, because the client driver has sent multiple requests while the session is in single-user mode. This error occurs when a client sends a request to reset the connection while there are batches still running in the session, or when the client sends a request while the session is resetting a connection. Please contact the client driver vendor. Synchronisation process some time work and mostly fails. I have 5 client of sql CE that need to sync and i am using WCF IIS and sql 2008 for this process.

    Read the article

  • Change notification in EF EntityCollection

    - by Savvas Sopiadis
    Hi everybody! In a Silverlight 4 proj i'm using WCF RIA services, MVVM principles and EF 4. I 'm running into this situation: created an entity called Category and another one called CategoryLocale (automated using VS, no POCO). The relation between them is 1 to N respectively (one Category can have many CategoryLocales), so trough this relationship one can implement master-detail scenarios. Everytime i change a property in the master record (Category) i get a notifypropertychanged notification raised. But: whenever i change a property in the detail (CategoryLocales) i don't get anything raised. The detail part is bound to a Datagrid like this: <sdk:DataGrid Grid.Row="3" Grid.ColumnSpan="2" ItemsSource="{Binding SelectedRecord.CategoryLocales,Mode=TwoWay}" AutoGenerateColumns="False" VerticalScrollBarVisibility="Auto" > Any help is appreciated! Thanks in advance

    Read the article

  • MVC 2 AntiForgeryToken - Why symmetric encryption + IPrinciple?

    - by Brad R
    We recently updated our solution to MVC 2, and this has updated the way that the AntiForgeryToken works. Unfortunately this does not fit with our AJAX framework any more. The problem is that MVC 2 now uses symmetric encryption to encode some properties about the user, including the user's Name property (from IPrincipal). We are able to securely register a new user using AJAX, after which subsequent AJAX calls will be invalid as the anti forgery token will change when the user has been granted a new principal. There are also other cases when this may happen, such as a user updating their name etc. My main question is why does MVC 2 even bother using symmetric encryption? Any then why does it care about the user name property on the principal? If my understanding is correct then any random shared secret will do. The basic principle is that the user will be sent a cookie with some specific data (HttpOnly!). This cookie is then required to match a form variable sent back with each request that may have side effects (POST's usually). Since this is only meant to protect from cross site attacks it is easy to craft up a response that would easily pass the test, but only if you had full access to the cookie. Since a cross site attacker is not going to have access to your user cookies you are protected. By using symmetric encryption, what is the advantage in checking the contents of the cookie? That is, if I already have sent an HttpOnly cookie the attacker cannot override it (unless a browser has a major security issue), so why do I then need to check it again? After having a think about it it appears to be one of those 'added layer of security' cases - but if your first line of defence has fallen (HttpOnly) then the attacker is going to get past the second layer anyway as they have full access to the users cookie collection, and could just impersonate them directly, instead of using an indirect XSS/CSRF attack. Of course I could be missing a major issue, but I haven't found it yet. If there are some obvious or subtle issues at play here then I would like to be aware of them.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 409 410 411 412 413 414 415 416 417 418 419 420  | Next Page >