Search Results

Search found 25758 results on 1031 pages for 'oracle security'.

Page 474/1031 | < Previous Page | 470 471 472 473 474 475 476 477 478 479 480 481  | Next Page >

• Saving data to server with user accounts.

  - by AKRamkumar

  Ok, so for an app I am making, I want the user to be able to save data online. On my website, I will provide a web server with tables of UserName/Password/SaveData. How can I do this without crashing the server load? How can I guarantee security ? Is there a Design Pattern for this?Is there a better way of doing this? This is going to be a free application, available to the public and I would like for their settings to be available, no matter the computer they are using. Is there a better way of doing this? I am using MEF for plugins so is there a way I can save plugin data as well?

  Read the article

• Roles / Permissions framework for c#?

  - by mark smith

  Hi there, Does anyone know of a good framework to allow me design permission and roles against users. Basically allowing me to automatically check a user can do a certain thing, and then disabling or enabling menu items etc I am not really looking for asp.net security ... as i need to use it in my own service layer and clients both WEB and WPF will use it. I was hoping for something that allows me to create new roles and groups against users and then check what type of permissions a user has or a group has Any help really appreciated.. I am sure some kind of open source framework is available, well i was hoping not having to create my own Thanks

  Read the article

• Grails LDAP authentication failed

  - by Leo

  Hi, guys I am developing a web app by using Grails and using Grails LDAP as my Authentication mechanism. However, i always get following error: {Error 500: Cannot pass null or empty values to constructor Servlet: default URI: /ldap-app/j_spring_security_check Exception Message: Cannot pass null or empty values to constructor Caused by: Cannot pass null or empty values to constructor Class: GrailsAuthenticationProcessingFilter } My SecurityConfig.groovy file is : security { // see DefaultSecurityConfig.groovy for all settable/overridable properties active = true loginUserDomainClass = "User" authorityDomainClass = "Role" requestMapClass = "Requestmap" useLdap = true ldapRetrieveDatabaseRoles = false ldapRetrieveGroupRoles = false ldapServer = 'ldap://worf-mi.dapc.kao.au:389' ldapManagerDn = 'CN=sa-ldap-its,OU=Unix Servers for Kerberos,OU=Information Technology Services,OU=Special Accounts,DC=nexus,DC=dpac,DC=cn' ldapManagerPassword = 'Asdf1234' ldapSearchBase = 'OU=People,DC=nexus,DC=dpac,DC=cn' ldapSearchFilter = '(&(cn={0})(objectClass=user))' }

  Read the article

• Getting Started with FMW 11g - Advisor Webcast Recordings

  - by Daniel Mortimer

  Predating the creation of this blog there have been two Oracle Support Advisor Webcasts which are worth reviewing- especially if you tackling install and/or patching of Oracle Fusion Middleware 11g for the first time.  Topic  Web Links How to Plan for a New Installation of Oracle Fusion Middleware 11g Webcast Recording Slides (PDF) Oracle Fusion Middleware 11g Patching Concepts and Tools Webcast Recording Slides (PDF) Ignore the duration of the recording indicated by the link. You can skip forward to the main presentation and demo .. which shapes up at 45 minutes long, the rest is Q/A and blurb.Support Advisor Webcast Schedule and Recordings are found via these support documents Advisor Webcast Current Schedule [Doc ID 740966.1] Advisor Webcast Archived Recordings [Doc ID 740964.1] Note: You will need a My Oracle Support login to access these documents.

  Read the article

• Ipad, closed environment and threat to privacy

  - by Akshay Bhat

  I had an unusual question about ipad, Since ipad environment is closed and does not allows installation of diagnostic and security related programs. How can then we be sure that any of the software installed on ipad is not infringing upon our privacy by doing stuff such as homing back information, etc. We cant install a packet tracer or any other software to check for attacks on privacy. Also given Apples poor track record (the safari browser was broken in one day), I don't think trusting apple solely would be a good idea. This might not seem to be a big issue but for business users it would be a significant concern.

  Read the article

• INNOVATIONS IN PRODUCTS – Partner Briefing PROGRAM - October 1st

  - by Mike.Hallett(at)Oracle-BI&EPM

  Partners are invited to join the Innovations in Products webcast, October 1st: 4:00pm CET /5:00pm UK BI & EPM Product breakout Webcast sessions available on October 1st: Topics Speaker To Register Oracle Endeca Information Discovery, Product Overview Emma Palii, BI Sales Consultant CLICK HERE Hyperion Project Financial Planning, Measure the full financial impacts of your Projects Olivier Bernard, EPM Business Solutions Director CLICK HERE To see the full list of session topics, goto the overall registration page Innovations in Products October 1st.    To access the previously presented Applications, and Public-Sector Value Proposition presentations, please click here. Delivery Format: 1 Hour Webcast The Innovations in Products program is a series of Oracle product presentations followed by live Q&A.  It will be delivered over the Web.  Partner Participants have the opportunity to submit questions during the web cast via chat and subject matter experts will provide verbal answers live. For further information please contact Markku Rouhiainen.  

  Read the article

• Centralized Credentials Service For Various Apps

  - by Vlad

  We are researching the possibility to build a centralized credentials storage for internal applications. These apps (vb6, vb.net, web apps in asp.net, etc) are using various instances of SQL servers and iSeries. We want to implement a central credentials facility that would act as a security broker. Basically it should work like this: Client app supplies AppID (I am Sales Application) and EnvironmentID (I am running in QA environment) and in return will get either a connection object (preferred) or encrypted connection string that will allow said application to connect to resources it needs. There will be cases when application needs to connect to two (or more) database resources (i.e. to SQL and iSeries). What are looking at DP API at the moment, but I am not convinced that DP API is the solution as it tied in with machine key. In our case using machine key isn't feasible, so I want to know if there are other approaches available.

  Read the article

• Potential for SQL injection here?

  - by Matt Greer

  This may be a really dumb question but I figure why not... I am using RIA Services with Entity Framework as the back end. I have some places in my app where I accept user input and directly ask RIA Services (and in turn EF and in turn my database) questions using their data. Do any of these layers help prevent security issues or should I scrub my data myself? For example, whenever a new user registers with the app, I call this method: [Query] public IEnumerable<EmailVerificationResult> VerifyUserWithEmailToken(string token) { using (UserService userService = new UserService()) { // token came straight from the user, am I in trouble here passing it directly into // my DomainService, should I verify the data here (or in UserService)? User user = userService.GetUserByEmailVerificationToken(token); ... } } (and whether I should be rolling my own user verification system is another issue altogether, we are in the process of adopting MS's membership framework. I'm more interested in sql injection and RIA services in general)

  Read the article

• piece of php code for prevent hacking.

  - by artmania

  Hi friends, I have a php file at my site, and I connect to db, get some records and list them in same file. mysql_connect("localhost", "blabla", "blabla") or die(mysql_error()); mysql_select_db("blabla") or die(mysql_error()); $blabla1 = mysql_query("SELECT * FROM gallery WHERE id_cat=1"); $blabla2 = mysql_query("SELECT * FROM gallery WHERE id_cat=2"); $blabla3 = mysql_query("SELECT * FROM gallery WHERE id_cat=3"); So, is there anything I need to do for security? :/ like sql-injection or anything else. there is nothing going to url. it is just www.blabla.com/gallery.php appreciate advises!!! thanks a lot!

  Read the article

• Nodemanager Init.d Script

  - by john.graves(at)oracle.com

  I’ve seen many of these floating around.  This is my favourite on an Ubuntu based machine. Just throw it into the /etc/init.d directory and update the following lines: export MW_HOME=/opt/app/wls10.3.4 user='weblogic' Then run: update-rc.d nodemanager default Everything else should be ok for 10.3.4. #!/bin/sh # ### BEGIN INIT INFO # Provides: nodemanager # Required-Start: # Required-Stop: # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: WebLogic Nodemanager ### END INIT INFO # nodemgr Oracle Weblogic NodeManager service # # chkconfig: 345 85 15 # description: Oracle Weblogic NodeManager service # ### BEGIN INIT INFO # Provides: nodemgr # Required-Start: $network $local_fs # Required-Stop: # Should-Start: # Should-Stop: # Default-Start: 3 4 5 # Default-Stop: 0 1 2 6 # Short-Description: Oracle Weblogic NodeManager service. # Description: Starts and stops Oracle Weblogic NodeManager. ### END INIT INFO # Source function library. . /lib/lsb/init-functions # set Weblogic environment defining CLASSPATH and LD_LIBRARY_PATH # to start/stop various components. export MW_HOME=/opt/app/wls10.3.4 # # Note: # The setWLSEnv.sh not only does a good job of setting the environment, # but also advertises the fact explicitly in the console! Silence it. # . $MW_HOME/wlserver_10.3/server/bin/setWLSEnv.sh > /dev/null # set NodeManager environment export NodeManagerHome=$WL_HOME/common/nodemanager NodeManagerLockFile=$NodeManagerHome/nodemanager.log.lck # check JAVA_HOME if [ -z ${JAVA_HOME:-} ]; then export JAVA_HOME=/opt/sun/products/java/jdk1.6.0_18 fi exec=$MW_HOME/wlserver_10.3/server/bin/startNodeManager.sh prog='nodemanager' user='weblogic' is_nodemgr_running() { local nodemgr_cnt=`ps -ef | \ grep -i 'java ' | \ grep -i ' weblogic.NodeManager ' | \ grep -v grep | \ wc -l` echo $nodemgr_cnt } get_nodemgr_pid() { nodemgr_pid=0 if [ `is_nodemgr_running` -eq 1 ]; then nodemgr_pid=`ps -ef | \ grep -i 'java ' | \ grep -i ' weblogic.NodeManager ' | \ grep -v grep | \ tr -s ' ' | \ cut -d' ' -f2` fi echo $nodemgr_pid } check_nodemgr_status () { local retval=0 local nodemgr_cnt=`is_nodemgr_running` if [ $nodemgr_cnt -eq 0 ]; then if [ -f $NodeManagerLockFile ]; then retval=2 else retval=3 fi elif [ $nodemgr_cnt -gt 1 ]; then retval=4 else retval=0 fi echo $retval } start() { ulimit -n 65535 [ -x $exec ] || exit 5 echo -n $"Starting $prog: " su $user -c "$exec &" retval=$? echo return $retval } stop() { echo -n $"Stopping $prog: " kill -s 9 `get_nodemgr_pid` &> /dev/null retval=$? echo [ $retval -eq 0 ] && rm -f $NodeManagerLockFile return $retval } restart() { stop start } reload() { restart } force_reload() { restart } rh_status() { local retval=`check_nodemgr_status` if [ $retval -eq 0 ]; then echo "$prog (pid:`get_nodemgr_pid`) is running..." elif [ $retval -eq 4 ]; then echo "Multiple instances of $prog are running..." else echo "$prog is stopped" fi return $retval } rh_status_q() { rh_status >/dev/null 2>&1 } case "$1" in start) rh_status_q && exit 0 $1 ;; stop) rh_status_q || exit 0 $1 ;; restart) $1 ;; reload) rh_status_q || exit 7 $1 ;; force-reload) force_reload ;; status) rh_status ;; condrestart|try-restart) rh_status_q || exit 0 restart ;; *) echo -n "Usage: $0 {" echo -n "start|" echo -n "stop|" echo -n "status|" echo -n "restart|" echo -n "condrestart|" echo -n "try-restart|" echo -n "reload|" echo -n "force-reload" echo "}" exit 2 esac exit $? .csharpcode, .csharpcode pre { font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/ } .csharpcode pre { margin: 0em; } .csharpcode .rem { color: #008000; } .csharpcode .kwrd { color: #0000ff; } .csharpcode .str { color: #006080; } .csharpcode .op { color: #0000c0; } .csharpcode .preproc { color: #cc6633; } .csharpcode .asp { background-color: #ffff00; } .csharpcode .html { color: #800000; } .csharpcode .attr { color: #ff0000; } .csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em; } .csharpcode .lnum { color: #606060; }

  Read the article

• Fusion Middleware Sales Plays 2014

  - by JuergenKress

  Please invite your sales persons and pre-sales persons to watch this short Oracle Fusion Middleware Sales Play overview webcast. Ed Zou, Vice President product management gives insights what and how to position the Oracle middleware solutions including customer examples. Watch the webcast here. At our WebLogic Community Workspace (WebLogic Community membership required) you can find the sales kits for: WebLogic 12c FY15 sales resources and Mobile Platform 12c FY15 sales resources. WebLogic Partner Community For regular information become a member in the WebLogic Partner Community please visit: http://www.oracle.com/partners/goto/wls-emea ( OPN account required). If you need support with your account please contact the Oracle Partner Business Center. Blog Twitter LinkedIn Mix Forum Wiki Technorati Tags: sales,Ed Zou,education,WebLogic,WebLogic Community,Oracle,OPN,Jürgen Kress

  Read the article

• Database Insider May Edition - Now Available

  - by jenny.gelhausen

  The May Edition of the Database Insider newsletter is now available. This edition covers customer successes with Oracle Database, upcoming events not to be missed as well as headlining news articles: Oracle Application Express 4.0 Will Rock Kaleidoscope 2010 Fast-track to Oracle Database 11g with Oracle Consulting Save 10% on Oracle Database Management Packs Check it out here. var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E")); try { var pageTracker = _gat._getTracker("UA-13185312-1"); pageTracker._trackPageview(); } catch(err) {}

  Read the article

• Advisor Webcast: Remote Diagnostic Agent (RDA) Use with EPM/BI Applications

  - by THE

  Maurice Bauhan and Ian Bristow will run an Advisor Webcast on the use of RDA with the EPM / BI Applications. Learn how to install, run, and analyze outputs of Remote Diagnostic Agent. RDA is a free tool for Oracle customers that could save you time as you work with your subset of most Oracle software. This one-hour session presented by senior proactive support engineers is recommended for technical users and support contacts. The session will include information on: Download and install of Remote Diagnostic Agent Run RDA, narrowing data retrieval to the context of Oracle products you need to investigate Analyze the RDA program outputs Via My Oracle Support Help the engineers at Oracle and assist communities with what you learn There will be 2 sessions: 12/15/2011 - 09:00 GMT (10:00 CET) - register here ( note 1376286.1 )12/15/2011 - 16:00 GMT (17:00 CET) - register here ( note 1376323.1 ) an overview of all upcoming Advisor Webcasts can be found in note 740966.1 Find more information about Advisor Webcasts: All future Advisor Webcasts | All recorded Advisor Webcasts | Support specific recorded Webcasts

  Read the article

• Meet up with JCP at Devoxx - 13 - 16 November

  - by Heather VanCura

  The JCP will be back at Devoxx this year:-).  If you are attending, you can catch either Patrick or Heather at one of these events... Tuesday - OpenJDK Lab, and then we will move over to the Hackergarten (TCK/unit testing); or Beer Bash at Oracle Booth-17:30–19:30. Wednesday - Beer Bash at Oracle Booth-18:00–20:00! Thursday - JCP session-12:00:  The JCP Program: More than 101 Ways to Influence the Future of the Java Platform ; Patrick Curran, Chair of the JCP & Heather VanCura, JCP Manager; or Beer Bash at Oracle Booth-18:00–20:00. Oracle booth twiki Oracle Session listing

  Read the article

• Django with custom authentication backends, is Csrf middleware really required ?

  - by Hellnar

  Hello, Under Django 1.1.1, I am using several authentication backends such as social-registration for facebook connect and django-emailauth for email based authentication instead of user names. I am curious if the Csrf middleware is an essential security measure as it seems like it sometimes generates problems, especially with facebook connect. My project is rather simple. Each user have a profile which they can fill and a purchase page where they fill the payment for to do purchases. Either of these pages are protected via @login_required.

  Read the article

• Why Shouldn't I Programmatically Submit Username/Password to Facebook/Twitter/Amazon/etc?

  - by viatropos

  I wish there was a central, fully customizable, open source, universal login system that allowed you to login and manage all of your online accounts (maybe there is?)... I just found RPXNow today after starting to build a Sinatra app to login to Google, Facebook, Twitter, Amazon, OpenID, and EventBrite, and it looks like it might save some time. But I keep wondering, not being an authentication guru, why couldn't I just have a sleek login page saying "Enter username and password, and check your login service", and then in the background either scrape the login page from say EventBrite and programmatically submit the form with Mechanize, or use an API if there was one? It would be so much cleaner and such a better user experience if they didn't have to go through popups and redirects and they could use any previously existing accounts. My question is: What are the reasons why I shouldn't do something like that? I don't know much about the serious details of cookies/sessions/security, so if you could be descriptive or point me to some helpful links that would be awesome. Thanks!

  Read the article

• Statements of direction for EPM 11.1.1.x series products

  - by THE

  Some of the older parts of EPM that have been replaced with newer software will phase out after January 2013. For most of these the 11.1.1.x Series will be the last release. They will then only be supported via sustaining support (see policy). We have notes about: the Essbase Excel Add In (replaced by SmartView which nearly achieved functionality parity with release 11.1.2.1.102) Oracle Essbase Spreadsheet Add-in Statement of Direction (Doc ID 1466700.1) Hyperion Data Integration Management (replaced by Oracle Data Integrator ( ODI )) Hyperion Data Integration Management Statement of Direction (Doc ID 1267051.1) Hyperion Enterprise and Enterprise Reporting (replaced by HFM) Hyperion Enterprise and Hyperion Enterprise Reporting Statement of Direction (Doc ID 1396504.1) Hyperion Business Rules (replaced by Calculation Manager) Hyperion Business Rules Statement of Direction (Doc ID 1448421.1) Oracle Visual Explorer (this one phased out in June 11 already - just in case anyone missed it) Oracle Essbase Visual Explorer Statement of Direction (Doc ID 1327945.1) For a complete list of the Supported Lifetimes, please review the "Oracle Lifetime Support Policy for Applications"

  Read the article

• Use DLL and have it be as trusted as my own application is

  - by Binary255

  Hi, I am using a port of GNU GetOpts, to be specific I am using the one at: http://getopt.codeplex.com I have added the DLL as a reference. But when I run my application I receive an exception: System.IO.FileLoadException was unhandled Message="Could not load file or assembly 'Gnu.Getopt, Version=0.9.1.24287, Culture=neutral, PublicKeyToken=d014b4ccdc53511a' or one of its dependencies. Failed to grant permission to execute. (Exception from HRESULT: 0x80131418)" If it is possible I would like my application to say, "trust this DLL as much as you trust me". Is there a way to do that so I won't have to fiddle with security settings? And if there is not. What is the cleanest way to get the DLL working?

  Read the article

• How can I monitor if a cookie is being sent to a domain other than the one it originated from?

  - by Brendan Salt

  I am trying to write a program that will verify that all cookies sent out from the machine are in fact going to the domain they came from. This is part of a larger security project to detect cookie based malicious attacks (such as XSS). The main snag for this project is actually detecting the out-going cookies. Can someone point me in the right direction for monitoring out-going HTTP traffic for cookie information? Other information about the project: This is a windows application written in C and numerous scripting languages. Thanks so much for the help.

  Read the article

• ADO "Unspecified Error" instead of actual error when fetching server side cursor

  - by Dan

  This relates to my recent question: http://stackoverflow.com/questions/2835663/force-oracle-error-on-fetch I am now able to reproduce a scenario where using ADO with the Oracle OLEDB Provider, I can force an error such as ORA-01722: invalid number to occur on calling Recordset.MoveNext However, this is not the error that is returned to the application. Instead, the application sees Provider error '80004005' Unspecified error. How can I get the application to see the real error from the database? This is with Oracle 10g (client and server), if it matters. Sample code is roughly as follows: Dim con As New ADODB.Connection Dim cmd As New ADODB.Command Dim rs As ADODB.Recordset con.ConnectionString = "Provider=OraOLEDB.ORACLE;Data Source=xxx;User Id=yyy;Password=zzz" con.CursorLocation = adUseServer con.Open Set cmd.ActiveConnection = con cmd.CommandText = "select * from table(ret_err)" cmd.Prepared = True Set rs = cmd.Execute While Not rs.EOF rs.MoveNext Wend

  Read the article

• B2B training material

  - by JuergenKress

  At our SOA Community Workspace (SOA Community membership required) you can find the latest B2B training material including training videos. B2B Technical Webcast - Part 1 - Feb 7 2013 - PPT.pptx B2B Technical Webcast - Part 2 - Feb 19 2013 - PPT.pptx B2B Technical Webcast - Part 1 - Feb 7 2013 - Audio & Video.wmv B2B Technical Webcast - Part 2 - Feb 19 2013 - Audio & Video.wmv Visit our next B2B and Adapters partner training August 26th-30th 2013 in Lisbon SOA & BPM Partner Community For regular information on Oracle SOA Suite become a member in the SOA & BPM Partner Community for registration please visit www.oracle.com/goto/emea/soa (OPN account required) If you need support with your account please contact the Oracle Partner Business Center. Blog Twitter LinkedIn Facebook Wiki Mix Forum Technorati Tags: b2b,SOA Community,Oracle SOA,Oracle BPM,Community,OPN,Jürgen Kress

  Read the article

• Is there any benefit to encrypting twice using pgp?

  - by ojblass

  I am asking from a "more secure" perspective. I can imagine a scenario with two required private keys needed for decryption scenarios that may make this an attractive model. This is to settle an argument. My vote is that it is not adding any additional security other than having to compromise two different private keys. I think that if it was any more secure than encrypting it one million times would be the best way to secure informaiton and I don't buy it. So I guess my question becomes is a two locking mechanism equivalent to another one locking mechanism with a single key? Update: Forgive me if the answer is obvious but my bread goes dead as I read books on the topic.

  Read the article

• BI Applications Mobile Demonstration

  - by Mike.Hallett(at)Oracle-BI&EPM

  Partners can now run live interactive Demos of the latest version of OBI Mobile on an iPad, and BI Applications have also been made available via OBI mobile app Demos including; Financials, HR, Marketing, Procurement & Spend, Projects and Supply chain.  You can download Demo Scripts for these: e.g. Mobile_Marketing_Analytics.pdf The mobile app is using the same dashboards and data as the BI Applications Test Drives, which partners can access here. These existing demo scripts for these BI Applications can be used with the BI mobile app.  The instructions regarding the interface will be different, but the story line is the same.  If you want the “Mobile Financial Analytics” script ask me @ [email protected] For more instructions on setting up and connecting your iPad, see: Run Live OBI Mobile HD Demos on your iPad Business doesn't stop just because you're on the go. See how Oracle BI Mobile makes consuming BI on the go simple, secure and fast.  

  Read the article

• Prevent Method call without Exception using @PreAuthorize Annotation

  - by Chepech

  Hi all. We are using Spring Security 3. We have a custom implementation of PermissionEvaluator that has this complex algorithm to grant or deny access at method level on the application. To do that we add a @PreAuthorize annotation to the method we want to protect (obviously). Everything is fine on that. However the behavior that we are looking for is that if a hasPermission call is denied, the protected method call only needs to be skipped, instead we are getting a 403 error each time that happens. Any ideas how to prevent that? You can find a different explanation of the problem here; AccessDeniedException handling during methodSecurityInterception

  Read the article

• Detecting if a browser is using Private Browsing mode

  - by Steve

  I'm building an extranet for a company paranoid about security. They want to make sure that (among other things) their users are browsing the site with the Private Browsing mode switched on in their web browser so that no cookies or history is kept. I found only this http://jeremiahgrossman.blogspot.com/2009/03/detecting-private-browsing-mode.html and http://serverfault.com/questions/18966/force-safari-to-operate-in-private-mode-and-detect-that-state-from-a-webserver The ideal solution would use no or minimal javascript. Would attempting to set a unique cookie work for all browsers and platforms? Anyone done this before? thanks!

  Read the article

< Previous Page | 470 471 472 473 474 475 476 477 478 479 480 481  | Next Page >