Search Results

Search found 13810 results on 553 pages for 'security roles'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 417/553 | < Previous Page | 413 414 415 416 417 418 419 420 421 422 423 424  | Next Page >

  • Membership.GetUser() within TransactionScope throws TransactionAbortedException

    - by Bob Kaufman
    The following code throws a TransactionAbortedException with message "The transaction has aborted": using ( MyDataContext context = new MyDataContext() ) { using ( TransactionScope transactionScope = new TransactionScope() ) { Guid accountID = new Guid( Request.QueryString[ "aid" ] ); Account account = ( from a in context.Accounts where a.UniqueID.Equals( accountID ) select a ).SingleOrDefault(); IQueryable < My_Data_Access_Layer.Login > loginList = from l in context.Logins where l.AccountID == account.AccountID select l; foreach ( My_Data_Access_Layer.Login login in loginList ) { MembershipUser membershipUser = Membership.GetUser( login.UniqueID ); } } } The error occurs at the call to Membership.GetUser(). My Connection String is: <add name="MyConnectionString" connectionString="Data Source=localhost\SQLEXPRESS;Initial Catalog=MyDatabase;Integrated Security=True" providerName="System.Data.SqlClient" /> Everything I've read tells me that TransactionScope should just get magically applied to the Membership calls. The user exists (I'd expect a null return otherwise.)

    Read the article

  • reporting services: use a custom assembly with a local (RDLC) report

    - by JMarsch
    Hello: I am designing a report that will be used in local mode (an RDLC file) in a Winform app. I have a custom assembly with a static class that has some functions that I want to use inside of the report (as expressions). I have found all sorts of help for doing this with RDL reports, but I'm running into a permissions problem with my RDLC report. I get the following error at runtime: "The report references the code module (my module), which is not a trusted assembly". I know that this is some kind of a code security issue, but I'm not sure what to do to fix it. The documentation that I have seen online is aimed at RDL reports, and it instructs me to edit a SQL Server-specific policy file. I'm using RDLC, so there is no sql server involved. What do I need to do to acquire the appropriate permissions?

    Read the article

  • Get timestamp from Authenticode Signed files in .NET

    - by SlavaGu
    We need to verify that binary files are signed properly with digital signature (Authenticode). This can be achieved with signtool.exe pretty easily. However, we need an automatic way that also verifies signer name and timestamp. This is doable in native C++ with CryptQueryObject() API as shown in this wonderful sample: How To Get Information from Authenticode Signed Executables However we live in a managed world :) hence looking for C# solution to the same problem. Straight approach would be to pInvoke Crypt32.dll and all is done. But there is similar managed API in System.Security.Cryptography.X509Certificates Namespace. X509Certificate2 Class seems to provide some information but no timestamp. Now we came to the original question how can we get that timestamp of a digital signature in C Sharp?

    Read the article

  • How to get Xvfb to work on 32 bit color

    - by Robus
    Can anybody tell me how to get Xvfb to work on 32bit color? Vnc4server works fine for example, but didn't fit my purpose. > /etc/X11# Xvfb :1 -screen 0 1600x1200x24 error opening security policy file /etc/X11/xserver/SecurityPolicy (EE) XKB: Couldn't open rules file /usr/share/X11/xkb/rules/base Could not init font path element /usr/share/fonts/X11/cyrillic, removing from list! [config/hal] couldn't initialise context: (null) ((null)) FreeFontPath: FPE "/usr/share/fonts/X11/misc" refcount is 2, should be 1; fixing. Aka - it works, while: > /etc/X11# Xvfb :1 -screen 0 1600x1200x32 Fatal server error: Couldn't add screen 0

    Read the article

  • How to allow my Asp.net MVC 3 web app using MathJax to accept user input $x<y>z$ ?

    - by Recycle Bin
    I am developing a mathematics site using Asp.Net MVC 3 + Razor + MathJax. MathJax is a javascript library to render TeX or LaTeX codes on the web browser. And TeX or LaTeX codes represent mathematics contents such as an inline math $y=mx+c$ and a displayed math \[y=mx+c\]. Right now my site can accept input, for example, $x<y$. However it cannot accept $x<y>z$ because the framework regards this input is vulnerable to XSS and XSRF. Shortly speaking, what I should do to accomplish what I want but it does not open security vulnerability.

    Read the article

  • ExceptionPolicy.HandleException does not install Event Source for Logging in Registry if XBAP run ou

    - by Neo
    I am using the Logging Application Block (of Microsoft Enterprise Library) to log exceptions in the Event Viewer that occur in my WPF XBAP application. If I run the XBAP in the debugger from Visual Studio, an Event Source entry for my application is automatically created in the Registry at: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\MyApp This occurs at the point ExceptionPolicy.HandleException() is called. However, if I run the XBAP outside of the IDE directly from the file system or from its published location, the Registry entry isn't added. Therefore, no logging takes place. I can only assume this is a security issue with running XBAP applications and they do not have access to write to the Registry. Is this a setting within my project? Any idea on why this might be happening? Any help much appreciated.

    Read the article

  • Extending Code Igniter Model functions to external PHP Scripts

    - by Fábio Antunes
    Hello everybody. I'm doing a small web app, which uses CKeditor for user input, and CKfinder for file management (images/flash). Those who know CKFinder, also know that the config file for CKFinder as a function named CheckAuthentication() that returns false or true, giving or not permissions to use CKFinder. This is were a Custom PHP Code checks if the user as authorization to access CKFinder or not. Well for my app I'm using Code Igniter, and of course I've created a model were i handle everything about User Permissions, Loggin, Session Cookies, etc. And i also have a function witch its propose is just to check if the user is Logged in. So I would like to know if someone knows a way that i can call the function isLoggedIn() inside the model security from inside the function CheckAuthentication() in CKFinder config file. Thanks in advance.

    Read the article

  • iPhone Shell - is there any?

    - by alee
    While working on iphone security architecture, i came to know that i can run applications from other applications in iphone. referring to the following url http://iphonedevelopertips.com/cocoa/launching-other-apps-within-an-iphone-application.html for example, i can put a link in a website with following hyperlink skype:// will result skype to run and call at particular number. Now i have few concerns here. is there a shell running in background in iphone, so that it allows other application to run basic app commands. if the above statement is true then how can i enable or run commands directly into iphone shell? if above statements are false, then could you please explain how these commands are being executed? is this part of iPhone SDK? or this funcationality is iPhone OS

    Read the article

  • iPhone Shell - is there any?

    - by alee
    While working on iphone security architecture, i came to know that i can run applications from other applications in iphone. referring to the following url http://iphonedevelopertips.com/cocoa/launching-other-apps-within-an-iphone-application.html for example, i can put a link in a website with following hyperlink skype:// will result skype to run and call at particular number. Now i have few concerns here. is there a shell running in background in iphone, so that it allows other application to run basic app commands. if the above statement is true then how can i enable or run commands directly into iphone shell? if above statements are false, then could you please explain how these commands are being executed? is this part of iPhone SDK? or this funcationality is iPhone OS

    Read the article

  • How to access the Principal from a Java service object without using FlexContext?

    - by Marplesoft
    We're building some Java objects that are exposed via BlazeDS to our flex client application. So basically the BlazeDS messagebroker servlet instantiates and invokes methods on these objects in response to client requests. Works great. We're using app server-based authentication and have set up a security constraint on the <destination> elements in the remoting-config.xml file element to prevent unauthenticated clients from being able to access these remote java objects. Again, works fine. However, there are several places within the implementation of these java objects where we want to get the currently logged on user's username. Right now we are doing this via FlexContext.getUserPrincipal(), which gives access to this but we have a nagging concern that we don't like the idea that the implementation of these objects (the service layer) has a hard dependency on a BlazeDS class. But we're not sure how else to get access to this. The same applies to accessing the ServletContext and such. Any ideas?

    Read the article

  • Tridion Installation

    - by Kevin Brydon
    I am currently upgrading an installation of Tridion from 5.3 to 2011 starting almost from scratch (aside from migrating the database), brand new virtual servers. I just want to ask for some advice on my current server setup... a sanity check. All servers are running Windows Server 2008. The pages on our website are all classic ASP. Database SQL Server cluster. The 5.3 database has been migrated using the DatabaseManager. This is pretty standard and works well (in test anyway). Content Manager A single server to run the Content Manager and the Publisher. There are around 10 people using it at any one time so not under a particularly heavy load. Content Data Store Filesystem located somewhere on the network. One directory for live and one for staging. Content Delivery Two servers (cd1 and cd2) each with the the following server roles installed. cd1 writes to a filesystem content data store for the live website, cd2 writes to the content data store for the staging website. Presentation Two public facing web servers (web1 and web2) serving both the live and staging websites. The web servers read directly from the content data store as its a filesystem. Each of the web servers have the Content Delivery Server installed so that I can use dynamic linking (and other features?). I've so far set up everything but the web servers. Any thoughts? edit Thanks to Ram S who linked me to a decent walkthrough, upvoted. I suppose I should have posed some questions as I didn't really ask a question. I guess I'm a little confused over the content deliver aspect. I have the Content Delivery split in two separate parts. cd1 and cd2 do the work of shifting information from the Content Manager to the Staging/Live web directories. web1 and web2 should do the work of serving the web pages to the outside world and will interact with the content data store (file system). Is this a correct setup? I need some parts of the Content Delivery on my web servers right? Theoretically I could get rid of the cd1 and cd2 servers and use web1 and web2 to do the deployment right? But I suspect this will put the web servers under unnecessary strain should there ever be a big publish. I've been reading the 2011 Installation Manual, Content Delivery section, and I'm finding it quite hard to get my head around!

    Read the article

  • Microsoft.Web.Administration.ServerManager can't read config sections containing encrypted passwords in applicationHost.config

    - by Dylan Beattie
    I have some sites in IIS7 that are configured to run as domain users (MYDOMAIN\someuser). I'm using the Microsoft.Web.Administration namespace to scan my server configuration, but it's throwing an exception when I hit one of these "impersonator" sites: using (ServerManager sm = new ServerManager()) { foreach (Site site in sm.Sites) { foreach (Application app in site.Applications.Reverse()) { foreach (VirtualDirectory vdir in app.VirtualDirectories.Reverse()) { var config = app.GetWebConfiguration(); foreach (var locationPath in config.GetLocationPaths()) { // error occurs in GetLocationPaths() } } } } } The actual error message is: COMException was unhandled Filename: \\?\C:\Windows\system32\inetsrv\config\applicationHost.config Line number: 279 Error: Failed to decrypt attribute 'password' because the keyset does not exist It appears that IIS is storing the MYDOMAIN\someuser password encrypted in applicationHost.config, which is great in terms of security - but I have no idea how to get the ServerManager to decrypt this. Any tips on how I can either allow ServerManager to decrypt this, or just tell IIS to store the passwords in plain text? This is on IIS7 under Windows 7 RC, by the way.

    Read the article

  • Middleware for MongoDB or CouchDB with jQuery Ajax/JSON frontend

    - by Tauren
    I've been using the following web development stack for a few years: java/spring/hibernate/mysql/jetty/wicket/jquery For certain requirements, I'm considering switching to a NoSQL datastore with an AJAX frontend. I would probably build the frontend with jQuery and communicate with the web application middleware using JSON. I'm leaning toward MongoDB because of more dynamic query capabilities, but am still considering CouchDB. I'm not sure what to use in the middle. Probably something RESTful? My preference is to stick with Java (or maybe Scala or Groovy) since I'm using tools like Drools for rules and Shiro for security. But then again, I want to pick something that is quick an easy to work with, so I'm open to other solutions. If you are building ajax/json/nosql solutions, I'd like to hear details about what tools you are using and any pros/cons you've found to using them. Thanks!

    Read the article

  • ClassNotFoundException error in implementing Bayesian algorithm in Apache Mahout on Hadoop

    - by Shweta
    Hi, I have a problem in executing the Bayesian algorithm in Mahout. I built it with Maven and the job file is in target directory. When run from terminal using hadoop, I'm getting the ClassNotFoundException error. What should be done? $HADOOP_HOME/bin/hadoop jar mahout-core-0.3-SNAPSHOT.job org.apache.mahout.classifier.bayes.mapreduce.bayes.bayesdriver -i test -o output Exception in thread "main" java.lang.ClassNotFoundException: org.apache.mahout.classifier.bayes.mapreduce.bayes.bayesdriver at java.net.URLClassLoader$1.run(URLClassLoader.java:200) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:188) at java.lang.ClassLoader.loadClass(ClassLoader.java:307) at java.lang.ClassLoader.loadClass(ClassLoader.java:252) at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:320) at java.lang.Class.forName0(Native Method) at java.lang.Class.forName(Class.java:247) at org.apache.hadoop.util.RunJar.main(RunJar.java:149)

    Read the article

  • generate only objectLayer of Entity Framework Model by edmgen tool

    - by loviji
    How to generate only objectLayer by edmgen tool, without generating csdl, ssdl and views ? *"%windir%\Microsoft.NET\Framework\v4.0.30319\edmgen.exe" /mode:fullgeneration /c:"Data Source=.\sqlexpress; Initial Catalog=uqs; Integrated Security=SSPI" /project:generateEntityModel /entitycontainer:uqsEntities /namespace:uqsModel /language:CSharp /outobjectlayer:"D:/uqsObjectLayer.cs" * in this script I don't write location to write csdl, ssdl and views , but they are generated in C:\Users\adminUser in windows Vista and objectLayer generated to D:/uqsObjectLayer.cs. If I use /mode:EntityClassGeneration, this option requires the /incsdl argument and either the /project argument or the /outobjectlayer argument. The /language argument is optional. But I don't want use csdl file. As I understand, edmgen.tool can not create objectlayer without csdl file. Now is there alternate way or tool for generating objectlayer from db?

    Read the article

  • Installing Java3D on Eclipse

    - by Matt
    I'm trying to use Java3D in my project. This is the error I receive: 29-Dec-2010 1:01:29 AM javax.media.j3d.NativePipeline getSupportedOglVendor SEVERE: java.lang.UnsatisfiedLinkError: no j3dcore-ogl-chk in java.library.path Exception in thread "main" java.lang.UnsatisfiedLinkError: no j3dcore-d3d in java.library.path at java.lang.ClassLoader.loadLibrary(Unknown Source) at java.lang.Runtime.loadLibrary0(Unknown Source) at java.lang.System.loadLibrary(Unknown Source) at javax.media.j3d.NativePipeline$1.run(NativePipeline.java:189) at java.security.AccessController.doPrivileged(Native Method) at javax.media.j3d.NativePipeline.loadLibrary(NativePipeline.java:180) at javax.media.j3d.NativePipeline.loadLibraries(NativePipeline.java:137) at javax.media.j3d.MasterControl.loadLibraries(MasterControl.java:948) at javax.media.j3d.VirtualUniverse.<clinit>(VirtualUniverse.java:280) at World.<init>(World.java:10) at Start.main(Start.java:12) I have copied the .jar files into my project's lib folder and linked them in Project - Properties - Add Jar File. There was also a .dll file in the Java3D download that I haven't touched or included in any way. What am I missing?

    Read the article

  • iPhone - Web Access Authentication

    - by Terry
    I am building a secure app for our exec's... here is my setup. It's a somewhat Macgyver approach, but bear with me :) There are only 10 users, I have a record of each uniqueIdentifier on my backend in a database table. (This is internal only for our users, so I don't believe I am breaking the public user registration rule mentioned in the API docs) Through adhoc distribution I install my app on all 10 devices My app is simply composed of a UIWebView. When the app starts it does a POST to our https site sending the uniqueIdentifier. (Thanks to this answer) The server page that recieves the POST, checks the uniqueIdentifier and if found sets a session cookie that automatically logs them into the site. This way the user doesn't have to enter in their credentials every time. So what do you think, is there a security hole with this? Thanks

    Read the article

  • Hide header and footer when printing from Internet Explorer using Javascript or CSS

    - by molasses
    When I print a webpage from Internet Explorer it will automatically add a header and footer including the website title, URL, date, and page number. Is it possible to hide the header and footer programatically using Javascript or CSS? Requirements: works in IE 6 (no other browser support necessary as its for an Intranet) may use ActiveX, Java Applet, Javascript, CSS preferably not something that the user needs to install (eg. http://www.meadroid.com/scriptx). feel free to list other third party available plug-ins though as I think this may be the only option don't require the user to manually update their browser settings don't render the pages as PDF or Word document or any other format don't write to the registry (security prevents this) Thanks

    Read the article

  • Benefit for implementing OAuth

    - by zfranciscus
    Hi, I am just wondering from a webservice provider point of view what is the benefit of asking users to create an account or login using 3rd party web service provider e.g: Twitter or facebook. Wouldn't it be easier to ask the user to provide their twitter or facebook login and use that to pull the user's twitter or facebook data. I can understand the benefit of using From user point of view using OAuth provide security. It is safer to use OAuth than giving some one the internet our twitter or facebook login credential. But some how I can't figure out the benefit from the web service point of view. Thank you. Cheers

    Read the article

  • Implementation of ECC in Java

    - by Rookie_22
    While trying to encrypt a given input using Elliptic Curve Cryptography in Java I'm using the following algorithms for generating the cipher and the key: KeyPairGenerator g = KeyPairGenerator.getInstance("ECDSA"); Cipher cipher = Cipher.getInstance("ECIES"); Now as expected, the cipher isn't accepting the keys generated by the ECDSA algorithm. I get the error as - must be passed IE key. I searched for the ciphers being supported by these 2 methods here: http://java.sun.com/javase/6/docs/technotes/guides/security/StandardNames.html#Cipher Unfortunately no else algo is supported for ECC. Has anyone used ECC generated keys to encrypt/decrypt an input? Which algo should I use for both so that they don't clash with each other?

    Read the article

  • Software to create a knowledge base/FAQ system

    - by H1Man
    Our company is looking to build a web-based knowledge base system that can be used by our clients/end users to reduce the amount of support calls. Couple important notes: This is aimed at our end users, in other words, non-techies. So the UI has to be easy to use Should have the excellent (fast, accurate) search Should have ability to rate and comment on articles This will only be maintained by one or 2 people, so security isn't a big concern Something similar to what Microsoft is doing with their Knowledge Base. http://support.microsoft.com/search/ Does anyone have any recommendations on what software I can use? Thanks, H. Edit: I should have made this clear before but I don't mean build as in having our developers build a support/kb system from the ground up. I am looking to use a existing software package/solution that can be used to implement a knowledge base/support site.

    Read the article

  • ASPNETDB and ASPSTATE database. How to change the connectionstrings?

    - by George
    I have two ASP-specific SQL Server databases 1) ASPState - To store session state 2) ASPNETDB - To store Security/Role stuff. In my web.config, I am specifying the connection string used to identify the location of the APState database: <sessionState mode="SQLServer" sqlConnectionString="server=(local)\sql2008b;uid=sa;pwd=iainttelling;" timeout="120"/> Where is the conenction string specified for the ASPNETDB database? I am trying to point it to a db on a remote server. I have a feeling it is somewhere in IIS orthe Machine Config. I'd like to add it to my WEB.CONFIG Could someone help me to do this?

    Read the article

  • rpm installation error

    - by JiminyCricket
    im trying to install an RPM compat-db-4.1.25-9 on oracle linux enterprise, since its required to install WebCenter...however the rpm installation is throwing a warning and then not working [root@devsebl downloads]# rpm -i compat-db-4.1.25-9.rpm warning: compat-db-4.1.25-9.rpm: Header V3 DSA signature: NOKEY, key ID 9b3c94f4 [root@devsebl downloads]# rpm -q compat-db-4.1.25-9.rpm package compat-db-4.1.25-9.rpm is not installed any idea what that warning means and why its crashing there? i tried to use Yum, but its not available i guess: [root@devsebl downloads]# yum search compat-db Loaded plugins: security Warning: No matches found for: compat-db No Matches found

    Read the article

  • Expose url to webservice

    - by Patrick Peters
    In our project we want to query a document management system for a specific document or movie. The dms returns a URL with the document location (for example: http://mydomain.myserver1.share/mypdf.pdf or http://mydomain.myserver2.share/mymovie.avi). We want to expose the document to internet users and intranet users. The requested file can be large (large video files). Our architecture is like: request goes like: webapp1 - webapp2 - webapp3 - dms response goes like: dms - webapp3 - webapp2 - webapp1 webapp1 could be on the internet. I have have been thinking how we can obfusicate the real url from the dms, due to security issues. I have seen implementations from other webapps where the pdf URL was obfusicated by creating a temp file for the requested document that is specific for the session and user. So other users cannot easily guess the documentname of other users. My question: is there a pattern that deals with exposing company/user vulernable data to the public ? Our development is in C# 3.5.

    Read the article

  • Cross-domain policy issues after redirect in Flash

    - by ggambett
    I'm having trouble with a cross-domain policy. I'm using the AS3 Loader to fetch an image; I'm making it load the policy file, like this : var pLoader : Loader = new Loader(); var pContext : LoaderContext = new LoaderContext(); pContext.checkPolicyFile = true; pLoader.load(new URLRequest(sURL), pContext); This works fine as long as the image is directly accessible; however, when the server sends a redirect, the loader follows it but loses the checkPolicyFile flag, resulting in a SecurityException - that is, it doesn't check the cross-domain policy of the redirected URL. I've found a solution here ( http://www.stevensacks.net/2008/12/23/solution-as3-security-error-2122-with-300-redirects ) but looks fragile (that is, looks like it will fail if there's more than one redirect). What would be the correct way of doing this?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 413 414 415 416 417 418 419 420 421 422 423 424  | Next Page >