Search Results

Search found 13810 results on 553 pages for 'security roles'.

Page 438/553 | < Previous Page | 434 435 436 437 438 439 440 441 442 443 444 445  | Next Page >

• How to? - part of the site over ssl, other part not

  - by spirytus

  What is common practice for coding web applications where part of the site has to be secured (e.g. checkout section) and part not necessarily, lets say homepage. As far as I know sharing sessions in between http and https parts of the site is not easily possible (or is it?). What would be common approach if I wanted to display on http page like homepage, shopping cart data (items) that users ordered on https pages? How those two parts of the site would communicate if necessary? Also isn't it security flaw in popular shopping carts as it seems that many of these have only checkout pages secured (ssl) and the rest not? I'm using php if it makes any difference.

  Read the article

• Package names - impl v internal

  - by Ben J

  In my time of digging around Java APIs I have come across both impl and internal packages. Up until now I never really thought about the difference - as with all enterprisey Java apps, I figured they just meant that "actual implementation in here; you (API user) should be really using the interface. Go away." A little bit of digging around Stack Overflow seems to suggest that the internal package at least can have some security placed around it. So, what is the difference? I don't think it is a matter of taste because I have seen APIs with both.

  Read the article

• Organizing PHP includes in your development environment

  - by Andrew Heath

  I'm auditing my site design based on the excellent Essential PHP Security by Chris Shiflett. One of the recommendations I'd like to adopt is moving all possible files out of webroot, this includes includes. Doing so on my shared host is simple enough, but I'm wondering how people handle this on their development testbeds? Currently I've got an XAMPP installation configured so that localhost/mysite/ matches up with D:\mysite\ in which includes are stored at D:\mysite\includes\ In order to keep include paths accurate, I'm guess I need to replicate the server's path on my local disk? Something like D:\mysite\public_html\ Is there a better way?

  Read the article

• Asp.net 3.5 Deployment issue

  - by peter

  For deploying my website in server by using IIS 5.1,,i created virtual directory,,i browsed in to my application and selected asp.net 2.0 tab(application is framework3.5)..I reset framwork configuratio 2,0 Runtime security Policy Enterprise,Machine,User tab,,What ever things i can do i did Still also application is working properly,,but i am not able to deploy it in IIS i am getting this error If i browse Login.aspx i am getting ** Server Application Unavailable The web application you are attempting to access on this web server is currently unavailable. Please hit the "Refresh" button in your web browser to retry your request. Administrator Note: An error message detailing the cause of this specific request failure can be found in the application event log of the web server. Please review this log entry to discover what caused this error to occur. ** Is it with IIS 5.1?? Here my machine is acting as server ,It has xp professional 2002 service pack 2 and IIS 5.1

  Read the article

• Request for the permission of type 'System.Data.SqlClient.SqlClientPermission failed

  - by Richmond

  Hi All! I have asp.net application, using LINQ to connecto to SQL Server 2008 R2 databse. My connection string: Data Source=[SqlServerIp];Initial Catalog=[databaseName]User Id=newLogin;Password=newPassword; When I deploy application on my local IIS (which is not the same machine as database server) it works fine, but when I deploy application on other IIS (the same machine as sqlServer) it throws an exception: System.Security.SecurityException: Request for the permission of type 'System.Data.SqlClient.SqlClientPermission, System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed. Anyone knows how to fix it? Maybe it is due to some bad configuration of IIS? Please help.

  Read the article

• iphone - how to properly handle exceptional situations (signals ?)

  - by pmilosev

  Hi In my iphone app, I want to provide some sort of app termination handler that will do some final work (delete some sensitive data) before the application terminates. I want to handle as much of the termination situations as possible: 1) User terminates the app 2) The device runs out of battery 3) The system terminates the app due to some reason (e.g. out of memory or app freeze) 4) Application crashes (EXC_BAD_ACCESS or SIGSEGV) Any other exceptional situation ? What is the best way to achieve this (e.g. is applicationWillTerminate method called in situation 2) ? Is it possible to do the cleanup in a signal handler (includes iPhone Security framework calls) ? regards

  Read the article

• Class declaration bug (NoClassDefFoundError caused by ClassNotFoundException)

  - by aladine

  Please advise me what's wrong with this class declaration: ExchEngine.java package engine; public class ExchEngine { public ExchEngine() { } public static void main(String[] args) { ExchEngine engine=new ExchEngine() ; } } When I compile this file, I always get exception: java.lang.NoClassDefFoundError: test_engine/ExchEngine Caused by: java.lang.ClassNotFoundException: test_engine.ExchEngine at java.net.URLClassLoader$1.run(URLClassLoader.java:202) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:190) at java.lang.ClassLoader.loadClass(ClassLoader.java:307) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301) at java.lang.ClassLoader.loadClass(ClassLoader.java:248) Exception in thread "main" This seems very weird that ExchEngine.java is inside a package and it cannot run itself. Thanks for any help.

  Read the article

• Is looking for Wi-Fi access points purely passive?

  - by Aric TenEyck

  Say I carry a Wi-Fi enabled phone or laptop through an area where there are WAPs. Assuming that I don't actively try to connect to them or otherwise interact with them, is it possible for the owner of that WAP to know that I was there? I'm asking this in the context of my earlier question: Looking for MACs on the network I was talking with a friend about my newfound ability to detect phones (and other devices with MAC addresses) on the network, and he pointed out that it might be useful to detect unknown phones on the network; I could use that data to track down anyone who was in my house and brought a Wi-Fi phone with them. So, if I set up a logging fake WAP with no security or encryption, can I glean any useful information about the devices that come into the house? Assuming that the thief doesn't actively try to connect...

  Read the article

• What to do with twitter oauth token once retreived?

  - by mcintyre321

  I'm writing a web app that will use twitter as its primary log on method. I've written code which gets the oauth token back from Twitter. My plan is now to Find the entry in my Users table for the twitter username retreived using the token, or create the entry if necessary Update the Users.TwitterOAuthToken column with the new OAuth token Create a permanent cookie with a random guid on the site and insert a record into my UserCookies table matching Cookie to User when a request comes in I will look for the browser cookie id in the UserCookies table, then use that to figure out the user, and make twitter requests on their behalf Write the oauth token into some pages as a js variable so that javascript can make requests on behalf of the user If the user clears his/her cookies the user will have to log in again to twitter Is this the correct process? Have I created any massive security holes? thanks!

  Read the article

• Ping or otherwise tell if a device is on the network by MAC in C#

  - by Aric TenEyck

  I'm developing a home security application. One thing I'd like to do is automatically turn it off and on based on whether or not I'm at home. I have a phone with Wifi that automatically connects to my network when I'm home. The phone connects and gets its address via DHCP. While I could configure it to use a static IP, I'd rather not. Is there any kind of 'Ping' or equivalent in C# / .Net that can take the MAC address of a device and tell me whether or not it's currently active on the network?

  Read the article

• Unable to edit and save a file on remote machine using notepad++

  - by gsk

  I am using Notepad++ 5.3.1. I want to edit and save files on a remote machine(both are running on windows xp). I have granted the access privileges and security permissions in the folder containing the files. When I try to save any of these files after editing in Notepad ++, I get the following error. 'Please check whether if this file is opened in another program' There are no other places where the file has been opened but I still get this error. I was able to edit and save earlier but this error seems to be coming only since yesterday.

  Read the article

• Simple RIA backend

  - by Jeremy

  I'm creating a prototype for a java web application. Frontend is a Swing-based java applet. Backend should be a type of web-service, that is called by applet. Backend should run inside a servlet container and should have its own security (username/password) database. I know, that Tomcat has its own user database (realm), but the app should have own. Web-services, in turn, carrying out app logic and database access (via Hibernate). I'm a newbie for a web development and I'm getting lost in a huge amount of the java web frameworks. Even just reading 'introduction' and 'getting started' documents takes a lot of time. So I need an advice which framework(s) are suitable for the task and not very complex for a quick start. Thank you

  Read the article

• Can events fired from an iframe be handled by elements in its parent?

  - by allyourcode

  Suppose I have a page located at www.example.com/foo, and it contains an iframe with src="http://www.example.com/bar". I want to be able to fire an event from /bar and have it be heard by /foo. Using the Prototype library, I've tried doing the following without success: Element.fire(parent, 'ns:frob'); When I do this, in ff 3.5, I get the following error: Node cannot be used in a document other than the one in which it was created" code: "4 Line 0 Not sure if that's related to my problem. Is there some security mechanism that's preventing scripts in /bar from kicking off events in /foo?

  Read the article

• What is the best way pre filter user access for sqlalchemy queries?

  - by steve

  I have been looking at the sqlalchemy recipes on their wiki, but don't know which one is best to implement what I am trying to do. Every row on in my tables have an user_id associated with it. Right now, for every query, I queried by the id of the user that's currently logged in, then query by the criteria I am interested in. My concern is that the developers might forget to add this filter to the query (a huge security risk). Therefore, I would like to set a global filter based on the current user's admin rights to filter what the logged in user could see. Appreciate your help. Thanks.

  Read the article

• When we run an aspx page with client side scripting on IIS, we get an ActiveX control error?

  - by Ananya

  we have implemented the code for installing the messenger theme pack using the client side scripting in a web page. We are creating an object of the messenger using the classid .Using this object we call the installcontent() method and try to install the messenger theme pack hosted at following path: http://www.messengerexpressions.com/assets/worldCup/cabs/en-gb.cab Our code initially checks whether the messenger is installed on the user machine or not. Then it checks for the user login ,once the messenger is installed on the machine. And if the user is signed-in , the messenger theme pack is installed. The code currently when hosted on IIS checks the “Sign-In of the user” but when it tries to install the theme pack an error is thrown “An ActiveX control on this page is unsafe.Your current security settings prohibit running unsafe control on this page.As a result,this page may not be display as intended.” Please let us know if any setting is required on IIS for running this piece of codeor anything that we are missing out.

  Read the article

• How to give anonymous access to site in IIS ?

  - by Lalit

  Hi, I want to give the anonymous access to my deployed site on IIS. i checked in Directory Security by right clicking on site in IIS there is checked the box Enable Anonymous access.also there is user IUSR_MySERVER is there. but still it is asking for user name & pwd. why. I don't want to ask any uname and pwd when site accessing. What to do? please help. I fact my application is, i am importing the Excel sheet from file location in my applicatiom. When i saying browse it run perfect . But when i say Import , it asking for the username and password. on Click of Import button I am reading Excelsheet in datatable by interop services. What should this problem should be?

  Read the article

• Which Namespaces Must Be Used to Connect to SQL Server with ADO.NET?

  - by every_answer_gets_a_point

  i am using this example to connect c# to sql server. can you please tell me what i have to include in order to be able to use sqlconnection? it must be something like: using Sqlconnection; ??? string connectionString = @"Data Source=.\SQLEXPRESS;AttachDbFilename=""C:\SQL Server 2000 Sample Databases\NORTHWND.MDF"";Integrated Security=True;Connect Timeout=30;User Instance=True"; SqlConnection sqlCon = new SqlConnection(connectionString); sqlCon.Open(); string commandString = "SELECT * FROM Customers"; SqlCommand sqlCmd = new SqlCommand(commandString, sqlCon); SqlDataReader dataReader = sqlCmd.ExecuteReader(); while (dataReader.Read()) { Console.WriteLine(String.Format("{0} {1}", dataReader["CompanyName"], dataReader["ContactName"])); } dataReader.Close(); sqlCon.Close();

  Read the article

• Not getting return value

  - by scottO

  I am trying to get a return value and it keeps giving me an error. I am trying to grab the "roleid" after the username has been validated by sending it the username-- I can't figure out what I am doing wrong? public string ValidateRole(string sUsername) { string matchstring = "SELECT roleid FROM tblUserRoles WHERE UserName='" + sUsername +"'"; SqlCommand cmd = new SqlCommand(matchstring); cmd.Connection = new SqlConnection("Data Source=(local);Initial Catalog="mydatabase";Integrated Security=True"); cmd.Connection.Open(); cmd.CommandType = CommandType.Text; SqlDataAdapter sda = new SqlDataAdapter(); DataTable dt = new DataTable(); sda.SelectCommand = cmd; sda.Fill(dt); string match; if (dt.Rows.Count > 0) { foreach (DataRow row in dt.Rows) { match = row["roleid"].ToString(); return match; } } else { match = "fail"; return match; } }

  Read the article

• Whats wrong with this my SELECt Query >?

  - by user559800

  Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click Dim SQLData As New System.Data.SqlClient.SqlConnection("Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\Database.mdf;Integrated Security=True;User Instance=True") Dim cmdSelect As New System.Data.SqlClient.SqlCommand("SELECT COUNT(*) FROM Table1 WHERE Name =" + TextBox1.Text + " And Last = '" + TextBox2.Text + "'", SQLData) SQLData.Open() If cmdSelect.ExecuteScalar > 0 Then Label1.Text = "Record Found ! " & TextBox1.Text & " " & TextBox2.Text Return End If Label1.Text = "Record Not Found ! " SQLData.Close() End Sub I write this code to find whether the record entered in textbox1 and textbox2 exists or not ..if record exist ..then in label1 the text would be RECORD FOUND else NO RECORD FOUND ERROR : **when i enter in textbox1 and textbox2 then on button click event it shows the error : Invalid column name ,,**

  Read the article

• How to automatically open a session after a Windows 2003 SP2 reboot ?

  - by Fredv

  Hi, i'm using a Windows 2003 Server. I have a session with my username on it and i have a windows application (not service) opened on it. I want this application to always be running. The problem is, when Security updates force Windows to reboot, my session is closed and i need to reconnect to the session to get my application working again .. How can i do to automaticaly force the opening of my user's session upon server's reboot ? (application launch is in the startup of my session) Thanks

  Read the article

• Business web application platform structure

  - by VoodooRider

  Hi, I would like to develop a web application in java/spring/hibernate serving as a business platform that I could connect plugins to (i.e. CRM plugin, ware plugin, sales plugin). Those plugins could be dependent of other plugins in a tree manner. The parent project would be packaged as war having all the basic configuration and looks (spring configs, css, scripts), ready to go user and group management, security settings, etc. All together I would like it to behave and look a bit like Joomla, but built using different tools for different purposes. And I have a few questions concerning that project: Do you know of any open source projects offering such a platform ready to go? If not is maven applicable for managing those plugins? What is the best way to package and deploy those plugins? And the last but not least, basically is this the right way to go or is a dead end and it would be better to create a separate web app for those business needs?

  Read the article

• How can I customize the title bar on JFrame?

  - by Jonas

  I would like to have a customized title bar in my Java Swing desktop application. What is the best way to do that? I can use a "Swing-title bar" by using the following code in the constructor for my JFrame: this.setUndecorated(true); this.getRootPane().setWindowDecorationStyle(JRootPane.FRAME); But how do I customize it? Is there any UI delegates that I can override or do I have to implement my own title bar from scratch? I want something like Lawson Smart Office: Or like Trend Micro Internet Security:

  Read the article

• A PHP Function that verify code language

  - by tymc

  Hi, I have a form with 2 textareas; the first one allows user to send HTML Code, the second allows to send CSS Code. I have to verify with a PHP function, if the language is correct. If the language is correct, for security, i have to check that there is not PHP code or SQL Injection or whatever. What do you think ? Is there a way to do that ? Where can I find this kind of function ? Is "HTML Purifier" http://htmlpurifier.org/ a good solution ?

  Read the article

• Stored Procedure Permissions Problem

  - by JimR

  I have migrated a set of SQL 2000 databases to SQL 2008. Most is working well, however I have some stored procedures that scheduled and run by SQL Server Agent jobs that are giving me troubles. Many of the scheduled stored procedures work, but the stored procs that access a database other than the default databases are failing with the following message: Executed as user: XYZ\YadaYada. The server principal: "XYZ\YadaYada" is not able to access the database "MyOtherDatabaseOnSameServer" under the current security context. [SQL STATE 08004](Error 619) The step failed. Obviously, I changed the names to protect the guilty. The account is a user in all of the relavent databases and is a memeber of db_owner, db_datareader, and db_datawriter. When I run these same procedures from a query window in SMS using the same accounts (I have tried many) they work fine. What am I missing?

  Read the article

• Choosing a Reporting Services parameter value based on the currently logged in user

  - by Robert Iver

  Here's my situation. I have a Microsoft Reporting Services report that as a parameter takes a salesperson's name and shows them their sales across their territories blah blah blah. But, salesperson A should not be able to choose and view salesperson B's data. So, my thought was to get the currently logged in user from Reporting Services, and then use that to populate the "salesperson" parameter. Is there a way to get the currently logged in user through some hidden RS interface, or is there some other way of accomplishing my goal that I'm just not seeing? Any help would be GREAT, as the higher ups aren't too happen with my (apparent) lack of security right now.

  Read the article

< Previous Page | 434 435 436 437 438 439 440 441 442 443 444 445  | Next Page >