Search Results

Search found 13810 results on 553 pages for 'security roles'.

Page 436/553 | < Previous Page | 432 433 434 435 436 437 438 439 440 441 442 443  | Next Page >

• How to Detect Trusted Connection in Crystal Reports using VB.NET?

  - by Michael

  I have some Crystal Reports connecting to a Sql Server db that I would like to detect whether the connection is trusted or whether I need to supply the log on info (reports are not supplied by me so I can't control the connect method). If I just blindly supply login credentials, it won't connect if it is a trusted connection. The following does not work: oRpt = oCR.OpenReport("C:\MyReport.rpt") if oRpt.Database.Tables(1).ConnectionProperties.Item("Integrated Security") = True then 'trusted connection else 'supply login credentials end if It gives the following error: Operator '=' is not defined for type 'IConnectionProperty' and type 'Boolean'. I cannot find how create a construct in vb.net for IConnectionProperty. I can't find any documents from Crystal that explain it. I am using Crystal Reports XI - Developer

  Read the article

• running excel macro from another workbook

  - by every_answer_gets_a_point

  I have a macro that is on a server. I need to be able to run it from different workstations that connect to this server. Currently I am doing: Application.Run ("L:\database\lcmsmacro\macro1.xlsm!macro_name") The error message I am getting is "The macro may not be available in this workbook #1004" I have already made sure that my security settings are set on the lowest level. How do I run a macro from another workbook which is hosted on a different server? would using add-ins help me?

  Read the article

• how to add connection string for a windows form applicaton in asp.net

  - by manoj chalode

  i am working on windows form application and i want to add connection string of a database in. Right now, though i can access database i don't know the proper reasoning behind it. I have created a database and added it in a "Database" folder. The code for it is given below. i also want to know how can I make a connection string which can work on different PCs without changing it (I'm talking about relative path given in the "AttachDbFilename" attribute in the connection string). Reply... Conn = new SqlConnection(@"Data Source=.\SQLEXPRESS;AttachDbFilename="+ Application.StartupPath + "\\Database\\Database.mdf;Integrated Security=True;User Instance=True");

  Read the article

• AuthenticationForm - cookie cross site

  - by bit

  I've 2 web site, the first one myFirst.domain.com and the second one mySecondSite.domain.com. They stay on two different web server and my goal is allow a cross site authentication (my real need is shared authenticationForm Cookie). I've correctly setted web config (machine key node, forms node). The only different is about loginUrl where on myFirstSite appears like "~/login.aspx", instead on mySecondSite it appears like "http://myFirstSite.com/login.aspx". Note that I've not a virtual directory, I've just 2 different web apps. The problem: When I reach myFirstSite login page from mySecondSite I never get redirect from login page, it seems like if cookie doesn't being written. The following is a few of snippet about the issue: MyFirsSite: <machineKey validationKey="..." decryptionKey="..." validation="SHA1" decryption="AES" /> <authentication mode="Forms"> <forms loginUrl="login.aspx" name="authCookie" enableCrossAppRedirects="true"></forms> </authentication> <authorization> <deny users="?" /> <allow users="*"/> </authorization> MyFirstSite code behind: FormsAuthenticationTicket fat = new FormsAuthenticationTicket(1, "userName..", DateTime.Now, DateTime.Now.AddMinutes(30), true, "roles.."); string ticket = FormsAuthentication.Encrypt(fat); HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, ticket); authCookie.Expires = fat.Expiration; authCookie.Domain = "myDomain.com"; Response.Cookies.Add(authCookie); // here other stuff about querystring checking in order to execute exact redirect, however it's not work, I always return on login page MySecondSite: <machineKey validationKey="..." decryptionKey="..." validation="SHA1" decryption="AES"/> <authentication mode="Forms"> <forms loginUrl="http://myFirstSite.domain.com/login.aspx?queryStringToIndicateUrlPage" enableCrossAppRedirects="true"></forms> </authentication> <authorization> Well, that's all. Unfortunately it doesn't works. please, don't pay attention to "queryStringToIndicateUrlPage", it's only simple workaround in order to know whether I must redirect on the same app or on the another one.

  Read the article

• Force IOException during file reading

  - by DixonD

  I have the piece of code that reads data from file. I want to force IOException in this code for testing purpose (I want to check if code throws correct custom exception in this case). Is there a some way to create a file which is protected from being read, for example? Maybe dealing with some security checks can help? Please, note that passing name to not-existent file cannot help, because FileNotFoundException has separate catch clause. Here peace of code for better undestanding of question: BufferedReader reader = null; try { reader = new BufferedReader(new FileReader(csvFile)); String rawLine; while ((rawLine = reader.readLine()) != null) { // some work is done here } } catch (FileNotFoundException e) { throw new SomeCustomException(); } catch (IOException e) { throw new SomeCustomException(); } finally { // close the input stream if (reader != null) { try { reader.close(); } catch (IOException e) { // ignore } } }

  Read the article

• Parsing NTFS Partition in C

  - by DooriBar

  Hello all, I'm just a beginner and I have a need to parse a NTFS partition for the purpose of extracting Security Descriptors. (I been trying to use the native functions of the Windows API, but my conclusion is that something is seriously wrong with the functions' behavior, or their documentation.) I was wondering if anybody here experienced with such requirement, and could give me few hints, references, guidance... where to begin? (I've found www.ntfs.com, seems to have NTFS structure information, but I'm afraid I'll need something more to get started...) My intention is to use it under Windows XP. Thanks in advanced, Doori Bar

  Read the article

• How to escape/strip special characters in the LaTeX document?

  - by Igor

  We implemented the online service where it is possible to generate PDF with predefined structure. User can choose a LaTeX template and then compile it with an appropriate inputs. The question we worry about is the security, that the malicious user was not able to gain shell access through the injection of special instruction into latex document. We need some workaround for this or at least a list of special characters that we should strip from the input data. Preferred language would be PHP, but any suggestions, constructions and links are very welcomed. PS. in few word we're looking form mysql_real_escape_string for LaTeX

  Read the article

• 404 on custom post types after updating Wordpress to 3.7

  - by Chris

  Since I updated Wordpress from 3.6 to 3.7, I'm not able to visit the single-pages on my custom post types, then I get a 404 error. I thought this would be a rewrite_rules issue, so I've tried the following: -Go to the Permalink settings, click save (flush rewrites) -Manually deleted the rewrite_rules from the option table in the DB (I was desparate, and it seriously worked for me one time) -Re-check my .htaccess, but this is the exactly same as instructed on the permalink page -switched off the plugins I also tried switching the permalink to the "ugly" url (eg. ?page=35) and check if the articles worked, and they did! So I'm pretty sure it's a permalink issue. Now I rolled back to 3.6 again, but I of course want to upgrade in the near future (security etc.). A remarkable thing was that during the rollback I checked out a single page (notice that I didn't rolled back the database yet, only the files) and surprisingly they worked again. Any suggestions on how to solve this?

  Read the article

• Microsoft AntiXSS in Medium Trust :Error

  - by aramugam

  I want to include Microsoft AntiXss V1.5 library on my live site running in a medium trust setting.However, I got an error something like: Required permissions cannot be acquired. Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. Exception Details: System.Security.Policy.PolicyException: Required permissions cannot be acquired. I tried this in full trust setting on my development machine and everything works good.Looks like this will run only in full trust configuration......Does anybody knows a solution or workaround for this?

  Read the article

• How to? WCF customBinding over Https

  - by user663414

  Hi all, I'm trying to setup a WCF service for internal use, on our external facing web-farm (we dont have a web farm internally, and I need this service to have failover and load-balancing). Requirements: PerSession state, as we need the service to retain variable data for each session. HTTPS. After lots of googling i've read I needed to create a customBinding, which I've done, but not sure if it is correct. Larger message size, as one of the parameters is a byte[] array, which can be a max of 5mb. no requirement to manually edit the client-side app.config. ie, I need the Developer to just add the service reference, and then starts using the object without fiddly changing of app.config. Note: I've previously had this service working under HTTP correctly (using wsHttpBinding). I've also had it working under HTTPS, but it didn't support PerSession state, and lost internal variable values each function call. I'm currently getting this error from the test harness: Could not find default endpoint element that references contract 'AppMonitor.IAppMonitorWcfService' in the ServiceModel client configuration section. This might be because no configuration file was found for your application, or because no endpoint element matching this contract could be found in the client element. NOTE: The error is arising on an Test Harness EXE, that has the WCF service referenced directly under Service References. This is not the problem of an exe referencing another object, that then references the WCF service, that i've read about. The WSDL is showing correctly when browsing to the URL. Web.Config: <system.serviceModel> <services> <service name="AppMonitor.AppMonitorWcfService" behaviorConfiguration="ServiceBehavior"> <endpoint address="" binding="customBinding" bindingConfiguration="EnablePerSessionUnderHttps" contract="AppMonitor.IAppMonitorWcfService"/> <endpoint address="mex" binding="mexHttpsBinding" contract="IMetadataExchange" /> </service> </services> <bindings> <customBinding> <binding name="EnablePerSessionUnderHttps" maxReceivedMessageSize="5242880"> <reliableSession ordered="true"/> <textMessageEncoding> <readerQuotas maxDepth="64" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="4096" maxNameTableCharCount="16384" /> </textMessageEncoding> <httpsTransport authenticationScheme="Anonymous" requireClientCertificate="false"/> </binding> </customBinding> </bindings> <behaviors> <serviceBehaviors> <behavior name="ServiceBehavior"> <serviceMetadata httpsGetEnabled="true" httpGetEnabled="false"/> <serviceDebug includeExceptionDetailInFaults="true"/> </behavior> </serviceBehaviors> </behaviors> </system.serviceModel> EXE's App.config (auto-generated when adding the Service Reference): <configuration> <system.serviceModel> <bindings> <wsHttpBinding> <binding name="CustomBinding_IAppMonitorWcfService" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false"> <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" /> <reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="true" /> <security mode="Transport"> <transport clientCredentialType="None" proxyCredentialType="None" realm="" /> <message clientCredentialType="Windows" negotiateServiceCredential="true" establishSecurityContext="true" /> </security> </binding> </wsHttpBinding> </bindings> <client /> </system.serviceModel> </configuration> I'm not sure why the app.config is showing wsHttpBinding? Shouldn't this be customBinding? I really dont want to have to edit the app.config, as this service will be used by dozens of developers, and I want them to just be able to add the Service Reference, and away they go... Using VS2008, .NET 3.51. I think server is IIS7, Win Server 2008, can confirm if needed.

  Read the article

• Care to be taken when serving static content (JS, CSS, Media) from different domain?

  - by Aahan Krish

  Let me try to explain by example. Say website is hosted at example.com (NOT www.example.com). In order to serve static content cookie-free, I've chosen to use a different domain example-static.com. Now, lets consider that my static content is currently served like this: http://example.com/js/script.js http://example.com/css/style.css http://example.com/media/image.jpg ** Now I create a CNAME record aliasing example-static.com to my main domain i.e. example.com so that the static content is served as such: http://example-static.com/js/script.js http://example-static.com/css/style.css http://example-static.com/media/image.jpg ** Is that all I have to do? Will all browsers execute JavaScript files and load web fonts without any security concerns? OR should I be using some .htaccess rules to modify header information and the like? PS: It would be great if you can provide what rules should be added, if need be.

  Read the article

• Authenticating a user for a single app with multiple domains

  - by hofnarwillie

  I have one asp.net web application, but two different domains point to this web app. For instance: www.one.com and www.two.com both point to the same web app. I have an issue where I need certain pages to be on a specific domain (due to some security requirements from our online payment provider - a third party website). So let's say page1.aspx needs to be called on www.two.com The process is as follows: A user logs into www.one.com The authentication cookie is saved to the browser The user then navigates to page1.aspx and, if on the wrong domain, gets redirected to the correct domain. (this redirection happens on page1.aspx in the page_load event) Then asp.net redirects the user to the login screen, because the authentication cookie is not sent to www.two.com. How can I track the user and keep him/her logged in between the two domains?

  Read the article

• why can't I call .update on a MessageDigest instance

  - by Arthur Ulfeldt

  when i run this from the repl: (def md (MessageDigest/getInstance "SHA-1")) (. md update (into-array [(byte 1) (byte 2) (byte 3)])) I get: No matching method found: update for class java.security.MessageDigest$Delegate the Java 6 docs for MessageDigest show: update(byte[] input) Updates the digest using the specified array of bytes. and the class of (class (into-array [(byte 1) (byte 2) (byte 3)])) is [Ljava.lang.Byte; Am I missing something in the definition of update? Not creating the class I think I am? Not passing it the type I think I am?

  Read the article

• authorization services question cocoa

  - by Marius

  Sorry for being a total beginner in cocoa and for asking the following stupid question, but it's too confusing for me to google it myself or maybe i'm just missing something. I need to run a shellscript with elevated privileges in cocoa. As i understand, "AuthorizationExecuteWithPrivileges" is the correct way to do it. So i've created an application and tried to use some code from one example i found online. The problem is ... if i understand it correctly ... there should be a Security framework in /System/Library/Frameworks that i have to import to the project, but ... it's not there. What am i missing here? Thank you.

  Read the article

• Execute python code inside browser without Jython

  - by proportional

  Is there a way to execute python code in a browser, other than using Jython and an applet? The execution does not have to deal with anything related to graphics. For example, just sum all the digits of a binary 1Gb file (chosen by the browser user) and then return the result to the server. I am aware that python can be executed remotely outside a browser, but my requirement is to be done inside a browser. For sure, I take for granted the user will keep the right to execute or not, and will be asked to do so, and all this security stuff... but that is not my question.

  Read the article

• Best approach to store login credentials for website

  - by Zerotoinfinite

  I have created a site in ASP.NET 3.5 & I have only 2 or 3 user login IDs who can login to the website. What would be the best way to save these login details? Which of these approaches, or others, would be most suitable? Using Forms Authentication, and saving credentials (username and password) in web.config to create a text file in directory and modify it Which approach is best from a security and maintenance perspective? What other approaches are suitable for a login system for ASP.NET?

  Read the article

• What are the main reasons against the Windows Registry?

  - by dbemerlin

  If i want to develop a registry-like System for Linux, which Windows Registry design failures should i avoid? Which features would be absolutely necessary? What are the main concerns (security, ease-of-configuration, ...)? I think the Windows Registry was not a bad idea, just the implementation didn't fullfill the promises. A common place for configurations including for example apache config, database config or mail server config wouldn't be a bad idea and might improve maintainability, especially if it has options for (protected) remote access. I once worked on a kernel based solution but stopped because others said that registries are useless (because the windows registry is)... what do you think?

  Read the article

• Deploying plugins for Internet Explorer

  - by Techpriester

  Hi everybody. I'm looking for a way to deploy an Internet Explorer plugin for SVG-rendering without manually installing it on every client machine. Is there a way to use some ActiveX voodoo stuff to automatically install a plugin? I have no reliable information about the IE versions that are used on the client side so I assume the worst: IE6. To make things even harder, the users probably don't have administrator privileges on the client machines. The whole thing happens in an enclosed local network, so security considerations are entirely secondary. It also does not really matter which actual plugin it will be, anything that can render SVG and run Javascript on it will do just fine. I can't think of anything to make this work so I'm desperate for help here...

  Read the article

• Update database in asp.net not working

  - by Badescu Alexandru

  Hello ! i have in asp.net a few textboxes and i wish to update my database with the values that they encapsulate . The problem is that it doesn't work and although it doesn't work, the syntax seems correct and there are no errors present . Here is my linkbutton : <asp:linkbutton id="clickOnSave" runat="server" onclick="Save_Click" Text="Save Profile" /> and my update function protected void Save_Click(object sender, EventArgs e) { SqlConnection con = new System.Data.SqlClient.SqlConnection(); con.ConnectionString = "DataSource=.\\SQLEXPRESS;AttachDbFilename=C:\\Users\\alex\\Documents\\seeubook_db.mdf;Integrated Security=True;Connect Timeout=30;User Instance=True"; con.Open(); String commandString = "UPDATE users SET last_name='" + Text4.Text.Trim() + "' , first_name='" + Textbox1.Text.Trim() + "' , about_me='" + Textbox5.Text.Trim() + "' , where_i_live='" + Textbox2.Text.Trim() + "' , where_i_was_born='" + Textbox3.Text.Trim() + "' , work_place='" + Textbox4.Text.Trim() + "' WHERE email='" + Session["user"] + "'"; SqlCommand sqlCmd = new SqlCommand(commandString, con); sqlCmd.ExecuteNonQuery(); con.Close(); }

  Read the article

• PHP MySQL Zend-ACL - Find all inherited items (Children / Parents)

  - by Scoobler

  I have one MySQL DB table like the following, the resources table: id | name | type 1 | guest | user 2 | member | user 3 | moderator | user 4 | owner | user 5 | admin | user 6 | index | controller Onto the next table, the rules table: id | user_id | rule | resource_id | extras 1 | 2 | 3 | 1 | null 2 | 3 | 3 | 2 | null 3 | 4 | 3 | 3 | null 4 | 5 | 3 | 4 | null 5 | 6 | 1 | 1 | index,login,register 6 | 6 | 2 | 2 | login,register 7 | 6 | 1 | 2 | logout OK, sorry for the length, but I am trying to give a full picture of what I am trying to do. So the way it works, a role (aka user) can be granted (rule: 1) access to a controller, a role can inherit (rule: 3) access from another role or a role and be denied (rule: 2) access to a controller. (A user is a resource and a controller is a resource) Access to actions are granted / denied using the extras column. This all works, its not a problem with setting up the ACL within zend. What I am now trying to do is show the relationships; to do that I need to find the lowest level a role is granted access to a controller stopping if it has explicitly been removed. I plan on listing the roles. When I click a role, I want it to show all the controllers that role has access to. Then clicking on a controller shows the actions the role is allowed to do. So in the example above, a guest is allowed to view the index action of the index controller along with the login action. A member inherits the same access, but is then denied access to the login action and register action. A moderator inherits the rules of a member. So if I were to select the role moderator. I want to see the controller index listed. If I click on the controller, it should show the allowed actions as being action: index. (which was originally granted to the guest, but hasn't since been dissallowed) Is there any examples to doing this. I am obviously working with the Zend MVC (PHP) and MySQL. Even just a persudo code example would be a helpful starting point - this is one of the last parts of the jigsaw I am putting together. P.S. Obviously I have the ACL object - is it going to be easier to interigate that or is it better to do it my self via PHP/MySQL? The aim will be, show what a role can access which will then allow me to add or edit a role, controller and action in a GUI style (that is somewhat the easy bit) - currently I am updating the DB manually as I have been building the site.

  Read the article

• Validating/Allowing YouTube Embed Code

  - by mellowsoon

  Hi, hopefully this is a simple question. I have a simple custom forum on my site written in PHP. For security reasons I don't allow any HTML in the forum posts. I only allow certain BBCode tags. I would however like to allow embedded YouTube videos. So my question is this: What's the best (most secure) way to validate the YouTube embed code? YouTube is currently using iframes to embed videos, but obviously I can't just allow the iframe tag. I also need to ensure the src of the iframe is a YouTube URL, and ensure there's no other malicious bits of code in the iframe code.

  Read the article

• Should I use "id" or "unique username"?

  - by roa3

  I am using PHP, AS3 and mysql. I have a website. A flash(as3) website. The flash website store the members' information in mysql database through php. In "members" table, i have "id" as the primary key and "username" as a unique field. Now my situation is: When flash want to display a member's profile. My questions: Should Flash pass the member "ID" or "username" to php to process the mysql query? Is there any different passing the "id" or "username"? Which one is more secure? Which one you recommend? I would like to optimize my website in terms of security and performance.

  Read the article

• Web Form based login in Java

  - by BrunoLM

  How can I block access to the site if a user is not logged in? Under web.xml Security I checked Form authentication then I selected Login and Error page, but I don't know how to block the access and redirect the user to the login page. Do I need a filter? If so, how can I get the login url I specified? And how should I call the validation method? I saw in some examples this code <form method=post action="j_security_check"> <input type="text" name="j_username" /> <input type="password" name="j_password" /> </form> What does it do?

  Read the article

• Drupal does not recognize my website has been installed

  - by Marcos Buarque

  After a successful Drupal install, I was trying to follow the security recommendations and reverted the settings.php file to 444 permissions (read, read, read). Then, all of a sudden, right after doing that, Drupal does not recognize the installation process was completed. It went back to the install screen. Worst of all. I did chmod back to 666 (write, write, write) but it does not work any more. When I move forward as if I was going to install Drupal again, he tells me he does not have permissions to create the files folder under sites/default... But since the installation has already been completed... the files folder is already there... I am puzzled... Could it be some sort of server caching? Since this is one of my first adventures with a Linux server, I am a bit confused. Any help appreciated... Thanks.

  Read the article

• how do you get the response back into the instance of the object?

  - by randomdev

  If you've written a class in JavaScript that calls a remote service's API, and that remote API offers a callback, how do you get the response back into the instance of the object that made the request? I'll try to give you a very basic example FOO for making cross domain calls to BAR service which offers a callback. Please ignore the usual security concerns, (I own both servers). function FOO() { this.response = null; this.execute = function(url) { var script = document.createElement('script'); script.src = url; document.getElementsByTagName('head')[0].appendChild(script); } this.catch = function(response) { this.response = response; } } var sample = new FOO(); sample.execute('http://barservices.com/sample/?callback={ plshelphere: this.catch}'); I have a way to make this work, but I'm curious if there is an "accepted approach" here. Anyone have thoughts for me?

  Read the article

< Previous Page | 432 433 434 435 436 437 438 439 440 441 442 443  | Next Page >