Search Results

Search found 25758 results on 1031 pages for 'oracle security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 819/1031 | < Previous Page | 815 816 817 818 819 820 821 822 823 824 825 826  | Next Page >

  • cross domain iFrames communication problem

    - by Cyno
    I have a page A containing 2 children iFrames called B and C. A and B are on different domains. On pressing a button in B I would like to change C's URL. Based on the law III of Michael Mahemoff it should work, but in fact it doesn't (js security error). Here is the JS code in B: window.parent.frames['C'].location.href = "http://random.url";

    Read the article

  • Black hat knowledge for white hat programmers

    - by Dinah
    There's always skepticism from non-programmers when honest developers learn the techniques of black hat hackers. Obviously though, we need to learn many of their tricks so we can keep our own security up to par. To what extent do you think an honest programmer needs to know the methods of malicious programmers?

    Read the article

  • SQL Server 2008 Splitting string variable number of token per line

    - by josephj1989
    I have a fairly simple requirement -I have a table with the following (relevant) structure. with cte as( select 1 id,'AA,AB,AC,AD' names union all select 2,'BA,BB' union all select 3,'CA,CB,CC,CD,CE' union all select 4,'DA,DB,DC' ) i would like to create a select statement which will split each "names" column into multiple rows. For example the first row should produce 1,'AA' 1,'AB' 1,'AC' 1,'AD' Can we do it using only SQL. This is failry easy to do in Oracle.

    Read the article

  • Issues Migrating Ejb 2.0 from jboss 4 to jboss 5.1

    - by Ravi
    Deploying an EAR application in jboss 5.1 throws an error. Below is the error The content of element type "message-driven" must match "(description?,display-name?,small- icon?,large-icon?,ejb-name,ejb-class,transaction-type,message-selector?,acknowledge- mode?,message-driven-destination?,env-entry*,ejb-ref*,ejb-local-ref*,security-identity?,resource- ref*,resource-env-ref*)". This EAR application worked in JBoss 4.0.2, but not working on Jboss 5.1 Thanks Ravi S

    Read the article

  • OLEDB connection to Access database using DSN

    - by somu
    Hai i want oledb connection using Dsn. I used the following code 'Dsn Create dbRegBase.RegisterDatabase("GEMINI", "Microsoft Access Driver (*.mdb)", True,DBQ=D:\Gemini\GEMINI\database\paints_01_2008-2009.mdb Description=Greenchip Technologies ODBC Database File Path OemToAnsi=No UID=admin PWD=XXXXXX conection code Provider=Microsoft.Jet.OLEDB.4.0;DBQ ='GEMINI';Persist Security Info=False;Jet OleDB:Database Password = XXXXXX But Error come error name is "Could not find installable ISAM" what i do . please tell me.

    Read the article

  • Using OpenID as the only authentication method

    - by iconiK
    I have read the other questions and they mostly talk about the security of doing so. That's not entirely my concern, mostly because the website is question is a browser-based game. However, the larger issue is the user - not every user is literate enough to understand OpenID. Sure RPX makes this pretty easy, which is what I'll use, but what if the user does not have an account at Google or Facebook or whatever, or does not trust the system to log in with an existing account? They'd have to get an account at another provide - I'm sure most will know how to do it, let alone be bothered to do it. There is also the problem of how to manage it in the application. A user might want to use multiple identities with a single account, so it's not as simple as username + password to deal with. How do I store the OpenID identities of a user in the database? Using OpenID gives me a benefit too: RPX can provide extensive profile information, so I can just prefill the profile form and ask the user to edit as required. I currently have this: UserID Email ------ --------------- 86000 [email protected] 86001 [email protected] UserOpenID OpenID ---------- ------ 86000 16733 86001 16839 86002 19361 OpenID Provider Identifier ------ -------- ---------------- 16733 Yahoo https:\\me.yahoo.com\bob#d36bd 16839 Yahoo https:\\me.yahoo.com\bigbobby#x75af 19361 Yahoo https:\\me.yahoo.com\alice#c19fd Is that the right way to store OpenID identifiers in the database? How would I match the identifier RPX gave me with one in the database to log in the user (if the identifier is known). So here are concrete questions: How would I make it accessible to users not having an OpenID or not wanting to use one? (security concerns over say, logging in with their Google account for example) How do I store the identifier in the database? (I'm not sure if the tables above are right) What measures do I need to take in order to prevent someone from logging in as another user and happily doing anything with their account? (as I understand RPX sends the identifier via HTTP, so what anyone would have to do is to just somehow grab it then enter it in the "OpenID" field) What else do I need to be aware of when using OpenID?

    Read the article

  • ASP.NET MVC3 Custom Membership Provider - The membership provider name specified is invalid.

    - by David Lively
    I'm implementing a custom membership provider, and everything seems to go swimmingly until I create a MembershipUser object. At that point, I receive the error: The membership provider name specified is invalid. Parameter name: providerName In web.config the membership key is <membership defaultProvider="MembersProvider"> <providers> <clear/> <add name="MembersProvider" type="Members.Providers.MembersProvider" connectionStringName="ApplicationServices" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="DeviceDatabase" /> </providers> </membership> When creating the MembershipUser object from my custom User class: public static MembershipUser ToMembershipUser(User user) { MembershipUser member = new MembershipUser ("MembersProvider" , user.Name , user.Id , user.EmailAddress , user.PasswordQuestion , user.Comment , user.IsApproved , user.IsLockedOut , user.DateCreated , user.LastLoginDate ?? DateTime.MinValue , user.LastActivityDate ?? DateTime.MinValue , user.LastPasswordChangedDate ?? DateTime.MinValue , user.LastLockoutDate ?? DateTime.MinValue ); return member; } (I realize I could probably just inherit my User class from MembershipUser, but it's already part of an existing class hierarchy. I honestly think this is the first time I've encountered a legitimate need for for multiple inheritance!) My feeling is that the new MembershipUser(...) providerName parameter is supposed to match what's set in web.config, but, since they match already, I'm at a loss as to how to proceed. Is there a convenient way to get the name of the active membership provider in code? I'm starting to think that using the built-in membership system is overkill and more trouble than it's worth. Edit Not sure if it's relevant, but the custom membership provider class is in a class library, not the main WAP project. Update Here's the contents of the System.Web.Security.Membership.Provider object as show in the VS2010 command window: >eval System.Web.Security.Membership.Provider {Members.Providers.MembersProvider} [Members.Providers.MembersProvider]: {Members.Providers.MembersProvider} base {System.Configuration.Provider.ProviderBase}: {Members.Providers.MembersProvider} ApplicationName: null EnablePasswordReset: true EnablePasswordRetrieval: false MaxInvalidPasswordAttempts: 5 MinRequiredNonAlphanumericCharacters: 0 MinRequiredPasswordLength: 6 PasswordAttemptWindow: 10 PasswordFormat: Function evaluation was aborted. PasswordStrengthRegularExpression: Cannot evaluate expression because debugging information has been optimized away . RequiresQuestionAndAnswer: Cannot evaluate expression because debugging information has been optimized away . RequiresUniqueEmail: Cannot evaluate expression because debugging information has been optimized away .

    Read the article

  • scjp certification future validity

    - by abson
    Is this the right time to go for a scjp certification?With Oracle being the authority won't SCJP lose its value as and when OCJP gets announced instead of the former? my worry is will one be able to go for the next level like SCWCD?

    Read the article

  • How to: mirror a staging server from a production server

    - by Zombies
    We want to mirror our current production app server (Oracle Application Server) onto our staging server. As it stands right now, various things are out of sync, and what may work in testing/QA can easily fail in production because of settings/patch/etc inconsistencies. I was thinking what would be best is to clone the entire disk daily and push it onto the staging server... Would this be the best method...?

    Read the article

  • Silverlight Control Disable/Remove Events

    - by Dave
    I have a scenario where a control has an event wired up in XAML, say a Button.Click. Somewhere else in my code, a security check is applied which mean I need to disable said event, but I do not have access to the normal -= syntax to remove it. How else can I remove or disable this event? Thanks, Dave

    Read the article

  • Cisco pix command - whats this command mean?

    - by jason clark
    Hi, Anyone know what the following means? I have these two lines in our cisco PIX configuration file but have no references to these IP's anywhere else in the config and cant find a device on the network with them. global (inet) 10 213.228.xxx.xx global (inet) 20 213.228.xxx.xx thanks, Jason (BTW: I've xxx'ed out the remainder of the ip for security :-0 )

    Read the article

  • How to run an application as root without asking for an admin password?

    - by kvaruni
    I am writing a program in Objective-C (XCode 3.2, on Snow Leopard) that is capable of either selectively blocking certain sites for a duration or only allow certain sites (and thus block all others) for a duration. The reasoning behind this program is rather simple. I tend to get distracted when I have full internet access, but I do need internet access during my working hours to get to a number of work-related websites. Clearly, this is not a permanent block, but only helps me to focus whenever I find myself wandering a bit too much. At the moment, I am using a Unix script that is called via AppleScript to obtain Administrator permissions. It then activates a number of ipfw rules and clears those after a specific duration to restore full internet access. Simple and effective, but since I am running as a standard user, it gets cumbersome to enter my administrator password each and every time I want to go "offline". Furthermore, this is a great opportunity to learn to work with XCode and Objective-C. At the moment, everything works as expected, minus the actual blocking. I can add a number of sites in a list, specify whether or not I want to block or allow these websites and I can "start" the blocking by specifying a time until which I want to stay "offline". However, I find it hard to obtain clear information on how I can run a privileged Unix command from Objective-C. Ideally, I would like to be able to store information with respect to the Administrator account into the Keychain to use these later on, so that I can simply move into "offline" mode with the convenience of clicking a button. Even more ideally, there might be some class in Objective-C with which I can block access to some/all websites for this particular user without needing to rely on privileged Unix commands. A third possibility is in starting this program with root permissions and the reducing the permissions until I need them, but since this is a GUI application that is nested in the menu bar of OS X, the results are rather awkward and getting it to run each and every time with root permission is no easy task. Anyone who can offer me some pointers or advice? Please, no security-warnings, I am fully aware that what I want to do is a potential security threat.

    Read the article

  • Best practices to store CreditCard information into DataBase

    - by Garis Suero
    In my country the online payments are not an old thing, the first time i saw a web application taking payments directly to a local bank account was last year. So, Im a newbie coding web payment system. My question is, what are the best practices to store creditcard information into the database... I have many ideas: encrypting the creditcard, database security restriction, etc. What have you done?

    Read the article

  • Open Source Alternative to ASP.NET membership

    - by Tony Lenzi
    I'm currently supporting a Python web app with increasingly complicated user/role/permission management requirements. Currently, we are rolling our own user, groups, permissions, etc. code and supporting database. I'd like to find something like ASP.NET membership that can help manage user authentication and authorization, rather than risk security issues in continuing to create an increasingly complicated custom solution. Are there any similar projects out there worth taking a look at?

    Read the article

  • OLEDB connection to Access database using DSN

    - by somu
    i want oledb connection using Dsn. I used the following code 'Dsn Create dbRegBase.RegisterDatabase("GEMINI", "Microsoft Access Driver (*.mdb)", True,DBQ=D:\Gemini\GEMINI\database\paints_01_2008-2009.mdb Description=Greenchip Technologies ODBC Database File Path OemToAnsi=No UID=admin PWD=XXXXXX conection code Provider=Microsoft.Jet.OLEDB.4.0;DBQ ='GEMINI';Persist Security Info=False;Jet OleDB:Database Password = XXXXXX But Error come error name is "Could not find installable ISAM" what i do . please tell me.

    Read the article

  • Advanced WSO2 API MANAGER configurations

    - by nuvio
    I am trying to use an 'external' WSO2 ESB, so I changed the "api-manager.xml" as follows: (ESB port: 9443, API MANAGER port: 9445) <ServerURL>https://localhost:9443/services/</ServerURL> ... <APIEndpointURL>http://localhost:9443,https://localhost:9443</APIEndpointURL> But I have an error when publishing an API via "API publisher": Caused by: org.apache.axis2.AxisFault: Error initializing API handler: org.wso2. carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler Any suggestion, many thanks in advance for your help!

    Read the article

  • MVC 2 AntiForgeryToken - Why symmetric encryption + IPrinciple?

    - by Brad R
    We recently updated our solution to MVC 2, and this has updated the way that the AntiForgeryToken works. Unfortunately this does not fit with our AJAX framework any more. The problem is that MVC 2 now uses symmetric encryption to encode some properties about the user, including the user's Name property (from IPrincipal). We are able to securely register a new user using AJAX, after which subsequent AJAX calls will be invalid as the anti forgery token will change when the user has been granted a new principal. There are also other cases when this may happen, such as a user updating their name etc. My main question is why does MVC 2 even bother using symmetric encryption? Any then why does it care about the user name property on the principal? If my understanding is correct then any random shared secret will do. The basic principle is that the user will be sent a cookie with some specific data (HttpOnly!). This cookie is then required to match a form variable sent back with each request that may have side effects (POST's usually). Since this is only meant to protect from cross site attacks it is easy to craft up a response that would easily pass the test, but only if you had full access to the cookie. Since a cross site attacker is not going to have access to your user cookies you are protected. By using symmetric encryption, what is the advantage in checking the contents of the cookie? That is, if I already have sent an HttpOnly cookie the attacker cannot override it (unless a browser has a major security issue), so why do I then need to check it again? After having a think about it it appears to be one of those 'added layer of security' cases - but if your first line of defence has fallen (HttpOnly) then the attacker is going to get past the second layer anyway as they have full access to the users cookie collection, and could just impersonate them directly, instead of using an indirect XSS/CSRF attack. Of course I could be missing a major issue, but I haven't found it yet. If there are some obvious or subtle issues at play here then I would like to be aware of them.

    Read the article

  • MaxReceivedMessageSize adjusted, but still getting the QuotaExceedException with WCF

    - by djerry
    Hey guys, First of all, i have read the "millions" of post on this site and some blogs/forum post on other websites, and no answer is solving my problem. I'm my app, there's a possibility to import a txt or csv file with data. In the case of the error, the file contains 444 rows (file is 14,5 kB). When i try to send it to the server to process it, i get an QuotaExceedException, telling me to increase MaxReceivedMessageSize. So i changed it to a much higher value, but i'm still getting the same exception. I'm using the same exact items for client and server in system.servicemodel in my config file. Config snippet : <system.serviceModel> <bindings> <netTcpBinding> <binding name="NetTcpBinding_IMonitoringSystemService" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions" hostNameComparisonMode="StrongWildcard" listenBacklog="10" maxBufferPoolSize="2147483647" maxBufferSize="2147483647" maxConnections="500" maxReceivedMessageSize="2147483647"> <readerQuotas maxDepth="32" maxStringContentLength="100000" maxArrayLength="100000" maxBytesPerRead="100000" maxNameTableCharCount="100000" /> <reliableSession ordered="true" inactivityTimeout="00:10:00" enabled="false" /> <security mode="Message"> <transport clientCredentialType="Windows" protectionLevel="EncryptAndSign"> <extendedProtectionPolicy policyEnforcement="Never" /> </transport> <message clientCredentialType="Windows" /> </security> </binding> </netTcpBinding> </bindings> <client> <endpoint address="net.tcp://localhost:8000/Monitoring%20Server" binding="netTcpBinding" bindingConfiguration="NetTcpBinding_IMonitoringSystemService" contract="IMonitoringSystemService" > <!--name="NetTcpBinding_IMonitoringSystemService"--> <identity> <userPrincipalName value="DJERRYY\djerry" /> </identity> </endpoint> </client> </system.serviceModel> Can i use this sample for client and server config? And what should i not use in that case. Thanks in advance.

    Read the article

  • JSplitPane giving wrong resize cursor with GTK LAF?

    - by carneades
    Running the official JSplitPane demo http://java.sun.com/docs/books/tutorial/uiswing/components/splitpane.html on my Ubuntu system gives a resize cursor like -- over the divider. The behavior of native split panes gives <-- resize cursors. Does this qualify as a bug that should be reported to Sun (eh, Oracle)? Is there a workaround?

    Read the article

  • Incorrect XML produced by SUDS

    - by Ben
    Hi, I am trying to talk to a SOAP web service using SUDS and Python. After lots of messing around learning Python (yes I am new to this) and working out how to use SUDS I have come across a problem. The signature of the web method I am calling, according to suds, is (FWTCaseCreate){ ClassificationEventCode = None Priority = None Title = None Description = None Queue = None DueDate = None AssociatedObject = (FWTObjectBriefDetails){ ObjectID = (FWTObjectID){ ObjectType = None ObjectReference[] = <empty> } ObjectDescription = None Details = None Category = None } Form = (FWTCaseForm){ FormField[] = <empty> FormName = None FormKey = None } Internal = None InteractionID = None XCoord = None YCoord = None } So I use SUDS to create the classes that I want and send it to the method. However I get an error. So I turned logging on and I can see that the XML that is being sent is not correct which is causing a deserialize error. The SOAP package looks like the following <?xml version="1.0" encoding="UTF-8"?> <SOAP-ENV:Envelope xmlns:ns0="http://www.lagan.com/wsdl/FLTypes" xmlns:ns1="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"> <SOAP-ENV:Header> <wsse:Security> <wsse:BinarySecurityToken>eaadf1ddff99a8</wsse:BinarySecurityToken> </wsse:Security> </SOAP-ENV:Header> <ns1:Body> <ns0:FWTCaseCreate> <ClassificationEventCode> <ClassificationEventCode>2000023</ClassificationEventCode> <Priority>1</Priority> <Title>testing</Title> <Description>testing</Description> <Queue/> <Internal>True</Internal> <XCoord>356570</XCoord> <YCoord>168708</YCoord> </ClassificationEventCode> </ns0:FWTCaseCreate> </ns1:Body> As you can see there is a 'ClassificationEventCode' element around all the other elements, this should not be there. If I cut and paste this xml into SOAPUI and first remove this element and then post it directly to the web service it works successfully. Does anyone have any ideas why this is happening? I guess SUDS thinks that it should be there based on the WSDL. Thanks.

    Read the article

  • Changing the working directory for a process remotely

    - by Michael
    I've got an application that has a bug right now, but we're unable to update the end-user to get the fix out. What a possible workaround would be is to change the working directory to the application's install directory, but from what I can tell, there's no way to do that outside of the program itself. Is there some sort of Windows API call that can change other processes' working directories, or is that not available due to security issues? I figure it's not possible.

    Read the article

  • Mixed launch mode not supported: [Profile]

    - by Imran
    Friends, I need to debug a application. The using Oracle Workshop for weblogic 10.3, I have downloaded plugins for TPTP. when i tested working of TPTP in a sample Java Standard-alone application it worked. but when i tried to use it for Web-app which uses Weblogic, it prompting me the above error[in the subject]. Please help.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 815 816 817 818 819 820 821 822 823 824 825 826  | Next Page >