Search Results

Search found 88705 results on 3549 pages for 'web application security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 94/3549 | < Previous Page | 90 91 92 93 94 95 96 97 98 99 100 101  | Next Page >

  • Can I make a web based video recording?

    - by Roman
    I want to have a web site which switches the web camera of users, makes a video recording and send results to my web server. Is it possible to do that? I think it should be. For example such sites as chatroulette.com starts web camera. Should it be done with the Adobe Flash technologies? Is it hard to do that?

    Read the article

  • Restoring web reference in Visual Studio 2008

    - by Mark Cheeseborough
    I had a web reference set in my VS2008 ASP.NET project, but due to some source control weirdness it is no longer listed in the project. I have the set of files in the Web References folder under my project. There's a .wsdl, .disco and several .datasource files. Is there any way to re-add this web reference through the existing files rather than using the "Add Web Reference" dialog?

    Read the article

  • The name/identity of the invoker of a web service

    - by Swamy g
    I have a SOAP web service which I call from two clients using axis2. Can the web service know from which of these two clients the call originated from? If so, how do I know that during runtime? Is there any API provided to lookup the name of the invoker of a particular web service by that web service. Thanks.

    Read the article

  • Designing a web service to be called by another language

    - by CollegeProgrammer
    This will sound naive (but then I am a junior programmer), but if I write a web service say in Python (standard WSDL web service), I then need to host it so it is reachable from an end point. This will give a URI for the service and then from another language, say Java or VB.NET (any), I can add a web service (this one) and then call the web service's object model, correct? Thanks

    Read the article

  • Calling and consuming a JBoss Web Service from JavaScript (AJAX)

    - by Andreas Grech
    I am fiddling around with JBOSS's Web Services, and I have created the following: http://127.0.0.1:8080/IM/TestService?wsdl Now I need to access Web Methods from that Web Service from JavaScript. Say I have a web method named foo in TestService, how do I make an ajax call to it? I tried accessing the method via http://127.0.0.1:8080/IM/TestService/foo, but I'm getting an HTTP Status 404.

    Read the article

  • Automatically inserting new fields in a web.config file

    - by MarceloRamires
    I have an ASP.NET project which has already some custom fields in it's web.config file. I've added in it three more fields and used them in my changes, and it's working great. But where it needs to be used, there aren't these thre fields in the web.config (this was expected, I've just added by hand for tests and developing). How do I check the existance of fields in web.config, and in case of not finding it, how do I add it permanently to the web.config ? Thank you

    Read the article

  • how can we achieve second application read that file when first application not modifying it

    - by soField
    i have two application first application is bash second is java which one of them is periodically deleting and recreating a specific file (first) the other one is also periodically reading this file and process it in it's own logic (second) how can we achieve second application read that file when first application not modifying it my aim is to force second app read the file only when content of file fully written inside it how can achieve this goal ?

    Read the article

  • Derek Brink shares "Worst Practices in IT Security"

    - by Darin Pendergraft
    Derek Brink is Vice President and Research Fellow in IT Security for the Aberdeen Group.  He has established himself as an IT Security Expert having a long and impressive career with companies and organizations ranging from RSA, Sun, HP, the PKI Forum and the Central Intelligence Agency.  So shouldn't he be talking about "Best Practices in IT Security?" In his latest blog he talks about the thought processes that drive the wrong behavior, and very cleverly shows how that incorrect thinking exposes weaknesses in our IT environments. Check out his latest blog post titled: "The Screwtape CISO: Memo #1 (silos, stovepipes and point solutions)"

    Read the article

  • Got an idea for an application, but part of it is patented, any suggestions?

    - by tekiegreg
    Hi there, so I've been working on developing an idea for an application that I think has the potential to be successful, however after some initial research I've discovered that at least part of my ideas are covered by a patent out there, the patent in particular is held by a really large company (I don't want to give away specifics for fear I'd draw their attention for sure). I'm debating a few options: 1) Develop patents around my ideas that don't conflict and maybe approach the company in question for a license exchange 2) Just approach them for a license outright 3) Just develop around it anyways and hope for the best :-p What have other people done in these situations? Are companies generally willing to grant patent licenses? Are they willing to grant them at reasonable prices? Thoughts?

    Read the article

  • ADF Desktop Integration Security Explained

    - by juan.ruiz
    ADFdi provides a secure access to spreadsheets within MS-Excel. Developers as well as administrators could wonder how the security features work in this mixed layout -having MS-Excel accessing JavaEE business services? and also what do system administrators should expect when deploying an ADF solution that offers ADFdi capabilities? Shaun Logan from the ADFdi team published an excellent article back in January where you can find in a great detail the ADF desktop integration security features and implementation. You can find the article here: http://www.oracle.com/technology/products/jdev/11/collateral/security%20whitepaper%20for%20adfdi%20r1%20final.pdf Enjoy!

    Read the article

  • ASP.NET WebAPI Security 2: Identity Architecture

    - by Your DisplayName here!
    Pedro has beaten me to the punch with a detailed post (and diagram) about the WebAPI hosting architecture. So go read his post first, then come back so we can have a closer look at what that means for security. The first important takeaway is that WebAPI is hosting independent-  currently it ships with two host integration implementations – one for ASP.NET (aka web host) and WCF (aka self host). Pedro nicely shows the integration into the web host. Self hosting is not done yet so we will mainly focus on the web hosting case and I will point out security related differences when they exist. The interesting part for security (amongst other things of course) is the HttpControllerHandler (see Pedro’s diagram) – this is where the host specific representation of an HTTP request gets converted to the WebAPI abstraction (called HttpRequestMessage). The ConvertRequest method does the following: Create a new HttpRequestMessage. Copy URI, method and headers from the HttpContext. Copies HttpContext.User to the Properties<string, object> dictionary on the HttpRequestMessage. The key used for that can be found on HttpPropertyKeys.UserPrincipalKey (which resolves to “MS_UserPrincipal”). So the consequence is that WebAPI receives whatever IPrincipal has been set by the ASP.NET pipeline (in the web hosting case). Common questions are: Are there situations where is property does not get set? Not in ASP.NET – the DefaultAuthenticationModule in the HTTP pipeline makes sure HttpContext.User (and Thread.CurrentPrincipal – more on that later) are always set. Either to some authenticated user – or to an anonymous principal. This may be different in other hosting environments (again more on that later). Why so generic? Keep in mind that WebAPI is hosting independent and may run on a host that materializes identity completely different compared to ASP.NET (or .NET in general). This gives them a way to evolve the system in the future. How does WebAPI code retrieve the current client identity? HttpRequestMessage has an extension method called GetUserPrincipal() which returns the property as an IPrincipal. A quick look at self hosting shows that the moral equivalent of HttpControllerHandler.ConvertRequest() is HttpSelfHostServer.ProcessRequestContext(). Here the principal property gets only set when the host is configured for Windows authentication (inconsisteny). Do I like that? Well – yes and no. Here are my thoughts: I like that it is very straightforward to let WebAPI inherit the client identity context of the host. This might not always be what you want – think of an ASP.NET app that consists of UI and APIs – the UI might use Forms authentication, the APIs token based authentication. So it would be good if the two parts would live in a separate security world. It makes total sense to have this generic hand off point for identity between the host and WebAPI. It also makes total sense for WebAPI plumbing code (especially handlers) to use the WebAPI specific identity abstraction. But – c’mon we are running on .NET. And the way .NET represents identity is via IPrincipal/IIdentity. That’s what every .NET developer on this planet is used to. So I would like to see a User property of type IPrincipal on ApiController. I don’t like the fact that Thread.CurrentPrincipal is not populated. T.CP is a well established pattern as a one stop shop to retrieve client identity on .NET.  That makes a lot of sense – even if the name is misleading at best. There might be existing library code you want to call from WebAPI that makes use of T.CP (e.g. PrincipalPermission, or a simple .Name or .IsInRole()). Having the client identity as an ambient property is useful for code that does not have access to the current HTTP request (for calling GetUserPrincipal()). I don’t like the fact that that the client identity conversion from host to WebAPI is inconsistent. This makes writing security plumbing code harder. I think the logic should always be: If the host has a client identity representation, copy it. If not, set an anonymous principal on the request message. Btw – please don’t annoy me with the “but T.CP is static, and static is bad for testing” chant. T.CP is a getter/setter and, in fact I find it beneficial to be able to set different security contexts in unit tests before calling in some logic. And, in case you have wondered – T.CP is indeed thread static (and the name comes from a time where a logical operation was bound to a thread – which is not true anymore). But all thread creation APIs in .NET actually copy T.CP to the new thread they create. This is the case since .NET 2.0 and is certainly an improvement compared to how Win32 does things. So to sum it up: The host plumbing copies the host client identity to WebAPI (this is not perfect yet, but will surely be improved). or in other words: The current WebAPI bits don’t ship with any authentication plumbing, but solely use whatever authentication (and thus client identity) is set up by the host. WebAPI developers can retrieve the client identity from the HttpRequestMessage. Hopefully my proposed changes around T.CP and the User property on ApiController will be added. In the next post, I will detail how to add WebAPI specific authentication support, e.g. for Basic Authentication and tokens. This includes integrating the notion of claims based identity. After that we will look at the built-in authorization bits and how to improve them as well. Stay tuned.

    Read the article

  • Imitating Exchange Server's "RBAC AuthZ" in my own application... (is there something similar?)

    - by makerofthings7
    Exchange 2010 has a delegation model where groups of winrm cmdlets are essentally grouped into roles, and the roles assigned to a user. (Image source) This is a great & flexible model considering how I can leverage all the benefits of PowerShell, while using the right low level technologies (WCF, SOAP etc), and requiring no additional software on the client side. (Image source) Question(s) Is there a way for me to leverage Exchange's delegation model in my .NET application? Has anyone attempted to imitate this model? If I must start from scratch, how would I go about imitating this approach?

    Read the article

  • Silverlight Security

    Here are some interesting links about Silverlight security (I learnt a lot from the first document): Silverlight security whitepaper: > http://download.microsoft.com/download/A/1/A/A1A80A28-907C-4C6A-8036-782E3792A408/Silverlight Security Overview.docx This reading gives you a lot of insight into features like Isolated Storage, Local Messaging, Cross-Site Scripting (XSS), Sandbox, Validate input, https, . Shawn Wildermuths session at MIX10: > Securing Microsoft Silverlight Applications ...Did you know that DotNetSlackers also publishes .net articles written by top known .net Authors? We already have over 80 articles in several categories including Silverlight. Take a look: here.

    Read the article

  • Can it be useful to build an application starting with the GUI?

    - by Grant Palin
    The trend in application design and development seems to be starting with the "guts": the domain, then data access, then infrastructure, etc. The GUI seems to usually come later in the process. I wonder if it could ever be useful to build the GUI first... My rationale is that by building at least a prototype GUI, you gain a better idea of what needs to happen behind the scenes, and so are in a better position to start work on the domain and supporting code. I can see an issue with this practice in that if the supporting code is not yet written, there won't be much for the GUI layer to actually do. Perhaps building mock objects or throwaway classes (somewhat like is done in unit testing) would provide just enough of a foundation to build the GUI on initially. Might this be a feasible idea for a real project? Maybe we could add GDD (GUI Driven Development) to the acronym stable...

    Read the article

  • Is there an application or method to log of data transfers?

    - by Gaurav_Java
    My friend asked me for some files that I let him take from my system. I did not see he doing that. Then I was left with a doubt: what extra files or data did he take from my system? I was thinking is here any application or method which shows what data is copied to which USB (if name available then shows name or otherwise device id) and what data is being copied to Ubuntu machine . It is some like history of USB and System data. I think this feature exists in KDE This will really useful in may ways. It provides real time and monitoring utility to monitor USB mass storage devices activities on any machine.

    Read the article

  • Ldap invalid credentials not loading authentication failure url

    - by Murari
    Able to do the custom ldap authentication for external db authorities. But when i am trying to test wrong password the authentication failure url is not showing instead my browser prints the exception details.Below is my securitycontext.xml and exption given <http auto-config="false" access-decision-manager-ref="accessDecisionManager" access-denied-page="/accessDenied.jsp"> <!-- Restrict access to ALL other pages --> <intercept-url pattern="/index.jsp" filters="none" /> <!-- Don't set any role restrictions on login.jsp --> <intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" /> <intercept-url pattern="/service/**" access="PRIV_Report User, PRIV_305" /> <logout logout-success-url="/index.jsp" /> <form-login authentication-failure-url="/index.jsp?error=1" default-target-url="/home.jsp" /> <anonymous/> </http> <b:bean id="accessDecisionManager" class="org.springframework.security.vote.AffirmativeBased"> <b:property name="decisionVoters"> <b:list> <b:ref bean="roleVoter" /> <b:ref bean="authenticatedVoter" /> </b:list> </b:property> </b:bean> <b:bean id="roleVoter" class="org.springframework.security.vote.RoleVoter"> <b:property name="rolePrefix" value="PRIV_" /> </b:bean> <b:bean id="authenticatedVoter" class="org.springframework.security.vote.AuthenticatedVoter"> </b:bean> <b:bean id="contextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource"> <b:constructor-arg value="ldap://mydomain:389" /> </b:bean> <b:bean id="ldapTemplate" class="org.springframework.ldap.core.LdapTemplate"> <b:constructor-arg ref="contextSource" /> </b:bean> <b:bean id="ldapAuthenticationProvider" class="com.zo.sas.gwt.security.login.server.SASLdapAuthenticationProvider"> <b:property name="authenticator" ref="ldapAuthenticator" /> <custom-authentication-provider /> </b:bean> <b:bean id="ldapAuthenticator" class="com.zo.sas.gwt.security.login.server.SASAuthenticator"> <b:property name="contextSource" ref="contextSource" /> <b:property name="userDnPatterns"> <b:value>uid={0},OU=People</b:value> </b:property> </b:bean> and my exception logs..... org.springframework.ldap.AuthenticationException: [LDAP: error code 49 - Invalid Credentials]; nested exception is javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid Credentials] org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:180) org.springframework.ldap.core.support.AbstractContextSource.createContext(AbstractContextSource.java:266) org.springframework.ldap.core.support.AbstractContextSource.getContext(AbstractContextSource.java:106) com.zo.sas.gwt.security.login.server.SASAuthenticator.authenticate(SASAuthenticator.java:55) com.zo.sas.gwt.security.login.server.SASLdapAuthenticationProvider.authenticate(SASLdapAuthenticationProvider.java:45) org.springframework.security.providers.ProviderManager.doAuthentication(ProviderManager.java:188) org.springframework.security.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:46) org.springframework.security.ui.webapp.AuthenticationProcessingFilter.attemptAuthentication(AuthenticationProcessingFilter.java:82) org.springframework.security.ui.AbstractProcessingFilter.doFilterHttp(AbstractProcessingFilter.java:258) org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) org.springframework.security.ui.logout.LogoutFilter.doFilterHttp(LogoutFilter.java:89) org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) org.springframework.security.context.HttpSessionContextIntegrationFilter.doFilterHttp(HttpSessionContextIntegrationFilter.java:235) org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53) org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:390) org.springframework.security.util.FilterChainProxy.doFilter(FilterChainProxy.java:175) org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:183) org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:138) This is my index.jsp <html> <script type="text/javascript" language="javascript"> var dictionary = { loginErr: "${SPRING_SECURITY_LAST_EXCEPTION.message}", error: "${param.error}" }; </script> <head> </head> <body > <iframe src="javascript:''" id="__gwt_historyFrame" style="width:0;height:0;border:0"></iframe> <script type="text/javascript" language="javascript" src="com.zo.sas.gwt.sasworkflow.home.Home.nocache.js"></script> </body> </html>

    Read the article

  • Development on Windows 7; Web server on Linux - How to share Apache web root?

    - by TheKeys
    I've got a LAMP server that I want to use as a local web server. I've got a Windows 7 machine that I want to use as my development machine. The machines will be on the same LAN (or the Windows box will be VPNed into the LAN). My questions is, what is the best way of sharing the web root of the LAMP server so that I can edit the files on the remote Windows 7 machine and how do I go about configuring this on the Linux machine? (Fedora 16) I would like the solution to be as easy to use as possible with preferably no extra steps required to save/edit/upload files from my IDE on my Windows 7 machine. I'm thinking either a Samba or NFS share are the way to go but I'm concerned I'm going to run into issues with permissions and unix/windows file handling. Is one better than ther other for my use case or is there a better alternative solution? I'm currently using Windows 7 Professional which doesn't have NFS support but would upgrade to Ultimate which does have NFS support if it's the best solution.

    Read the article

  • Tracking down the cause of a web service fault running in IIS

    - by BG100
    I have built a web service in Visual Studio 2008, and deployed it on IIS 7 running on Windows Server 2008 R2. It has been extensively tested, handles all errors gracefully and logs any uncaught errors to a file using log4net. The system normally runs perfectly, but occasionally (2 or 3 times a day) a fault occurs and screws up the application which needs an iisreset to get it working again. When the fault occurs I get some random errors that are caught by my catch-all error log, such as: Value cannot be null. Could not convert from type 'System.Boolean' to type 'System.DateTime'. Sequence contains no elements These errors are raised on every request until I manually do an iisreset, but there is no sight of them when the system is running normally. The web service is a stateless request-response application. Nothing is stored in the session. It could be load related, but I doubt it as there are only around 30 or 40 requests per minute. This is proving very tricky to track down. I can't work out what is putting IIS into this bad state, and why it needs an iisreset to get it working again. Nothing is reported in the event log. Can anyone suggest how to enable more extensive logging that might catch this fault? Also, does anyone know what might be causing the problem?

    Read the article

  • Copy a website and preserve the file & folder structure

    - by DrStalker
    I have an old web site running on an ancient version of Oracle Portal that we need to convert to a flat-html structure. Due to damage to the server we are not able to access the administrative interface, and even if we could there is no export functionality that can work with modern software versions. It would be enough to crawl the website and have all the pages & images saved to a folder, but the file structure needs to be preserved; that is, if a page is located at http://www.oldserver.com/foo/bar/baz/mypage.html then it needs to be saved to /foo/bar/baz/mypage.html so that the various Javascript bits will continue to function. None of the web crawlers I've found have been able to do this; they all want to rename the pages (page01.html, page02.html etc) and break the folder structure. Is there any crawler out there that will recreate the site structure as it appears to a user accessing the site? It doesn't need to redo any of teh content of the pages; once rehosted the pages will all have the same names they did originally so links will continue to work.

    Read the article

  • SharePoint Web Analytics not tracking usage for main application

    - by Chris W
    My SP 2010 setup is two separate applications - one for the main portal and one for MySite. Whilst WebAnalytics is tracking usage of MySite it's not showing any stats for the main Portal. The only thing it lists is the number of site collections but no page views etc. The WA service is clearly running to pick up data for MySite. In Configure web analytics and health data collection everything is ticked. I can't find any obvious settings that are different between the two applications. Where should I look to get usage tracking correctly? Edit: Having played with the date ranges I see that actually I've got no stats in the last 7 days for any site at all including MySite which has been working at some point previously. Edit: What does each service (WA Data Processing Service vs WA Web Services) do and where should they be active? At present they're both running on an App server but not on the WFEs (although they were running on WFEs previously). From what I can gather than only need to run on an App server but I find it strange that the only logged activity I see in the staging database relates to Central Admin URLs on the App server and nothing from the WFEs.

    Read the article

  • URL Redirect Configuration in Virtualhost for a Single Page Web Application

    - by fenderplayer
    I have a web application under development that I am running locally. The home page of the application is fetched with the following url: http://local.dev/myapp/index.shtml When the app runs, javascript on the webpage maintains the url and the app state internally. Some of the other urls read as: http://local.dev/myapp/results?param1=val1&param2=val2 http://local.dev/myapp/someResource Note that there are no pages named results.html or someResource.html on my web server. They are just made up URLs to simulate RESTfulness in the single page app. All the app code - javascript, css etc - is present in the index.shtml file So, essentially, the question is how can I redirect all requests to the first URL above? Here's how the vhost configuration looks like: <VirtualHost 0.0.0.0:80> ServerAdmin [email protected] DocumentRoot "/Users/Me/mySites" ServerName local.dev RewriteEngine On RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^(myapp|myapp2)\/results\?.+$ $1/index.shtml [R=301,L] <Directory "/Users/Me/mySites/"> Options +Includes Indexes MultiViews FollowSymlinks AllowOverride All Order allow,deny Allow from all </Directory> ErrorLog "/private/var/log/apache2/error.log" CustomLog "/private/var/log/apache2/access.log" common </VirtualHost> But this doesn't seem to work. Requesting the other URLs directly results in 404 error.

    Read the article

  • IIS7 can't read web.config on shared Mac filesystem

    - by RobG
    I'm running a VirtualBox virtualized Windows 2008 Server on my Mac, just finished setting it up today. On it, I have SQL Server 2008, IIS and ColdFusion 9. I want to serve websites from my Mac filesystem (for development purposes). So I created a new website in IIS and pointed it at the appropriate path using a UNC path: \vboxsvr\rob\Sites\testsite, which contains the ColdFusion code and a web.config file. When I attempt to modify the file at all, or view the site in a web browser, I get an error: HTTP 500.19 - Internal Server Error The requested page cannot be accessed because the related configuration data for the page is invalid. I did some Googling, and found several similar problems, but nothing exactly like I have. The closest one seemed to indicate permissions. So I recreated the site and set it up to allow the Administrator (in Windows) to access the stuff. That didn't help. I can read/modify the files just fine from within Windows, but IIS itself can't seem to do it. What do I need to do to fix this? Thanks!

    Read the article

  • Windows/IIS Hosting :: How much is too much?

    - by bsisupport
    I have 4 Windows 2003 servers running IIS 6. These servers host a bunch of unique web sites (in that they are all different in build/architecture/etc). The code behind these sites range from straight HTML, classic ASP, and 1.1/2.0/3.x flavors of .NET. Some (most) of the sites use a SQL backend, which is hosted on one or two different servers – not the IIS servers themselves. No virtualization on these servers and no load balancing for these particular sites. The problem I’m running into is coming up with some baseline metrics to determine, or basically come up with a “baseline score” to know when a web server has reached its hosting limit. Today, some basic information about each server is used: how much bandwidth does the server pump out, hard drive space availability, and basic (very basic) RAM & CPU utilization (what it looks like at peak traffic times.) I would be grateful if those of you that are 1000x smarter than I am could indulge me with your methods of managing IIS environments. Whether performance monitoring specifics, “score” determination as I’m trying to determine, or the obvious combination of both. Thanks in advance.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 90 91 92 93 94 95 96 97 98 99 100 101  | Next Page >