Recommended way to secure page

Similar Messages

• Recommended way to secure my TCP/IP Communication

  This may be basic, sorry, but I never had to worry about this.
  What is the recommended way to secure my TCP/IP communication?
  I will have a simple server listening on a TCP socket and servicing client requests. Unfortunately, the server must run at a site only accessible to the client via the internet. The client is a .NET (C#) application. Typically, I'd connect the 2 easily with standard sockets and be done. In this case, I must protect the information being transfered.
  What would you use? SSL? I am not too familiar on how to do this on the .NET end.

  A common way to secure communications over TCP is SSL, yes. If your question is "How do use SSL in my .NET client?" then perhaps you should seek a more appropriate forum.

• What is the recommended way to launch a web-start enabled Java application?

  Hello,
  I have a simple web-start enabled Java application, which I can launch from a brower by entering :
  https://xx.xx.x.xxx/MyApp/launch.html
  This method would show me a page. I then had to click on a link to run my application.
  I noticed that I could also launch my program by entering :
  https://xx.xx.x.xxx/MyApp/launch.jnlp
  This method would run my application right away.
  I wonder if there is a recommended way to launch/run a web-start enabled Java application?
  Thank you,
  Akino

  user8708553 wrote:
  ..to directly launch my application and bypass the HTML page, why is there a need to
  display the HTML page and make the user do a click?There are a number of advantages to using the web page. Including..
  <li> An explanation to the end-user of what the application does (a 'sales pitch').
  <li> Provision of screen shots of the app. (more 'sales pitch').
  <li> A description of what security environment it requires, and why.
  <li> Access to using the deployJava.js* to ensure the end-user actually has Java installed & has a suitable minimum version of Java, before they ever get access to the launch button/link.
  * http://download.oracle.com/javase/6/docs/technotes/guides/jweb/deployment_advice.html#deployingApplications

• Why would Safari try to insert an s, as in https, into the facebook log in.  Safari won't open the secure page. Advice?

  Why would Safari try to insert an s, as in https, into the facebook log-in page.  "Safari can't connect to this secure page."  I've checked preferences and cannot find a reason for this change to the regular facebook address. Safari 5.0.5 on MacbookAir.  I can't even download the updated software.

  If you leave your session idle for a while, the site might log you out due to inactivity, but... I wouldn't trust that, either.
  Usually your bank will have a link, menu, or some other way to log out. Certainly that is the best thing if you can do it. Sometimes if a site is not fully compatible with Firefox its style rules will result in a jumbled layout. You can disable all the style rules and view the site in a plainer layout to see whether you can spot the missing link. To do that:
  tap the Alt key > View menu > Page Style > No Style
  (The tab will remain unstyled going forward. You can use the same menu to reapply the page's style sheets later.)
  Also, if you want to break the connection between Firefox and your banking session, you can clear your cookies for the bank site. This won't necessarily have any effect on your banking session ''on the server'' but should make it impossible for someone to use your Firefox to do anything in that session. To clear cookies for the current site, you can use the Page Info dialog. Here are 3 ways to open it:
  * right-click and choose View Page Info > Security > "View Cookies"
  * Alt+t (open the classic Tools menu) > Page Info > Security > "View Cookies"
  * click the padlock on the address bar > More Information > "View Cookies"
  In the dialog that opens, you can remove the site's cookies individually.
  Then reload the page and the site should behave as though you are not logged in.

• What is the recommended way of connecting to repository out of WebDAV, RMI, JNDI and JCA connector ?

  What is the recommended way of connecting to repository out of WebDAV, RMI, JNDI, and JCA connector possibilities provided by CQ 5.5?

  Hi dp_adusumalli,
  I recognized your list of ~8 questions you posted at around the same time, as I received that same list in our customer implementation from Arif A., from the India team, visiting San Jose. :-)
  I provided him feedback for most of the questions, so please check back with Arif for that info.
  For this particular question, can you provide specifics for the types of interactions you are interested in?
  Understanding the kinds of things you need to achieve will help determine which of the CQ/CRX interfaces is best suited for the task(s).
  I've collated a few points on this subject on this page:
  Manipulating the Adobe WEM/CQ JCR
  Regards,
  Paul

• Making sure you can't use back button to go back to a secure page

  I am wondering how I can go about ensuring that the user of my application can not use the back button to go back to a secure page after leaving it.
  What is the easiest way to implement this added security?
  Thank you.

  I think the easiest way would be to put in a javascript that opens a page of your choice (such as the home page of a site, for example) and another javascript that closes the browser window. You can get the new window script by clicking here. I'm not sure about the close browser window javascript, but I know that there is a close browser (kills the whole browser, and all the open windows) available here, but that may be a bit overkill. I think you could redo the javascript on the first one so it says something like close_window , but I'm new to javascript and wouldn't know for sure...
  Hope this helps!

• FLASH CMS websites - secured pages

  Hi,
  I’m looking for a way to build FLASH websites, which the user will be able to edit and control its content himself. You know, a CMS website, but then totally build in FLASH. I already started Googling on this a bit and came across these 2 things
  -          www.flashcontentmanager.com
  -          www.flashloaded.com/flashcomponents/fcmspro/
  especially that last one looks interesting, but it does cost a 300 dollars for 1 website, which maybe isn’t that expensive, given it’s apparent completeness and easy to use interface, but I still want to explore other potential possibilities.
  What is needed on the website, is the possibility to add text, pictures , videos and extra pages by the user himself. Also, and maybe this is the most important / difficult, there has to be the possibility to make secured pages where the client can view his pictures without downloading them à the man that’s needs this website is a photographer that wants to offer his albums to the respective client for which he made the pictures, online. 1 client should be able to watch his pictures on 1 secured page of the site, another client should be able to watch his pics on another secured page of the site, without being able to download them... I hope you know what I mean, I’m sure you know what I mean.
  I believe this is possible with FCMSPRO on the flashloaded website (between the keyfeatures list on the website I see: ‘Allows for multiple users with different file upload permissions’ – so I assume that the man will be able to provide costumers a password with which they can watch their pics online, without down- or uploading something themselves?)
  Is there someone that can help me on this? Is there anyone that has had some experience with FCMSPRO, Flashcontentmanager or other CMS systems already? I’m curious if I’m going to get out of this. If it will be worth deepening myself in this, or if it will be best to tell the photographer to find someone else for this job.
  Thanks

  The method i showed above does have a front end and a back end. The code i posted above would be part of the image module in the back end for deleting images.
  1. You don't put images and files in the database, you create an uploader that uploads the files (pictures, whatever) onto the server and then writes an entry into the database telling it where the picture is stored, what the name of the file is, what type it is, whatever you need. Then when your website connects to the database and downloads the info and stuffs it into arrays, it iterates through the photo array and downloads the photos as needed using the URL you stored.
  2. Loading into the database is covered with the above tutorial but i'll post my database retrieval code anyway.
  This connects to a database and stuffs each column of a database into an Array. Then if i wanted to actually download the photos i mentioned by the urls just retrieved i'd use:
  3. Some people put them in seperate swfs at password protected URLs because its more secure but you don't necessarily have to.
  flash CMS isn't well covered, i spent a long time looking for tutorials and i definitely didnt find any that worked well. If you're still working through the basics like AS3 tweens, loaders, and loops, then you're going to want to figure those out first. Those are supported well online, though.
  Finally, here's a good example of some flash CMS: http://group94.com/#/flash94/
  Good luck.
  EDIT: Sorry for retracting my code, the client i did it for wasn't happy.

• The lock symbol does not appear when I open a secure page in firefox 4.0. Has this been removed?

  Previously, using firefox 3.6.1, when I opened a secure or encrypted page, the lock icon appeared on that page.
  When I upgraded to firefox 4.0, the lock icon is no longer appearing when I open a secure page. Please confirm whether this has been removed or in the alternative whether there is a way to determine that the secure or encrypted page is indeed secure to use.

  In Firefox 4 you no longer have the Status bar that showed the padlock in previous Firefox versions.<br />
  The padlock only shows that there is a secure connection and doesn't guarantee that you are connected to the right server.<br />
  So you might still be connected to the wrong server if you make a typo in the URL and someone has claimed that mistyped URL.<br />
  The functionality of the padlock has been replaced by the [[Site Identity Button]] on the left end of the location bar.
  See also:
  * http://www.dria.org/wordpress/archives/2008/05/06/635/
  * https://support.mozilla.com/kb/Site+Identity+Button

• Moving from secure https page to non secure page on same site

  Secure https page navigation to a non secure http page still has you in a secure url when navigating within the same site, when user clicks to leave the secure page to go to a non secure page the address bar still has them in a secure https url. Is there a way to code the nav to not allow this to occur? Tried adding a full url to the non secure pages and that worked but then my active states of the nav stops working. Any ideas or scripts that may help here? Thanks!

  There's a script for that! Here's a link to it...
  http://kb.worldsecuresystems.com/598/bc_598.html#main_Returning_a_customer_to_a_default_UR L_after_viewing_the_receipt_page
  @webmosphere
  www.webmosphere.co.uk

• Loads part of secure page

  Logging into Schwab brokerage all views are secure.
  Type in Symbol for a Stock: I get back the chart.
  Type in Symbol for an ETF: I get nothing...well a blank page anyway.
  PPC or INTEL same result. {Safari 2.0.4}
  Dumped Safari Cache. Tiger Cache Cleaned. Same result. Stocks 1 ETFs 0.
  Thanks for the discussion "won't load secure page" below since it will give me some other ideas to try. I'll probably keep my broker and wait for the next version of Safari till this thing plays out. If anything works...will report.
  Firefox? Loads everything on both PPC & Intel. No Problem
  -wbajr tbc
  eMac DVD & iMac intel   Mac OS X (10.4.8)  

  Hi Wesley!
  Yes that was going to be my suggestion too is how does Firefox handle it? The only other thing I can think of is do you have pop-up blocking disabled? That might not have anything to do with it but I've noticed on several bank sites and also Ameritrade that with pop-up blocking on it gives some problems. By the way, Ameritrade is mostly ok but has a glitch or two with Safari as well. Funny thing is the home page doesn't even load properly with Safari. You would think their designer took a look at something other than windows huh???
  Reg

• Locking/password securing pages documents

  Is there a way to lock or password secure pages documents? I am starting to journal in pages and I'd like to keep the files private. I know there's a way to restrict privileges for other user accounts but I'd like to be able to password secure the file on my account as well. Is there a way pages would allow me to do that?

  passing a record id in the url is not a problem as long as
  you use
  <cfqueryparam> in your queries to prevent sql injection
  attacks. passing
  sensitive info in url (usernames, passwords) is not a good
  idea at all.
  you may also want to set the scriptprotect attribute of
  <cfapplication>
  tag in your Application.cfm to appropriate value ("all" is
  good).
  on your hosting server they should have robust error
  reporting turned
  off - if they don't consider finding another host...
  Azadi Saryev
  Sabai-dee.com
  http://www.sabai-dee.com

• Recommend way to replace doJoin

  I have nested TiledViews. In NetDynamics the Data Objects that
  populated their fields were joined using the doJoin method. What
  is the recommended way of getting this same behavior in JATO 1.2.x?
  I have been trying, with little success, to get the values from the
  parent TiledView's Model and set them as where-criteria for the child
  TiledView's Model.
  Thanks,
  paul
  code from ND:
  CSpDataDrivenVisual CSpDDV =(CSpDataDrivenVisual) event.getSource();
  return(CSpDDV.doJoin(event.getRowIndex()));

  Paul
  I'm happy to here you were able to diagnose the problem.
  I did a prototype app that had 3 nested tiled views and got it working,
  albeit, my sample requirements were not as demanding as yours (specific
  db logins and such), but I learned one thing.
  I found it easier to push the key value down to the child tiledview than
  getting it from the parent tiledview. But sounds like no need to pursue
  anymore.
  good work
  craig
  paul_r_madison wrote:
  I'll be in the corner with my dunce hat on for the rest of the day:
  I wasn't setting the user and password for the model in the
  beginDisplay event, I was setting in on the next and previous, etc
  (see below for why).
  You were a great help though. I had been trying to get the where
  criteria values from the tiled view parent's model and that was not
  working well for me, getting them from the page elements is working
  great.
  Thanks,
  paul
  --- In [email protected], "Craig V. Conover"
  <craig.conover@s...> wrote:
  Actually that pretty much sums up the advice I have given.
  Paul, I think we must be missing something that is going on in your app
  that is preventing you from getting the results that are expected.
  Tell me, does each TiledView use a different Model class or do they use
  the same Model class?
  Anything else that you can tell us?
  craig
  Todd Fast wrote:
  I think Craig is getting back to you with a better answer, but from a
  cursory look at your message, you need to execute each TiledView's
  model in
  its beginDisplay() method (or beginComponentDisplay() for JATO
  2.0). Are
  you doing this? In other words, each model needs to be re-executed
  for each
  display of the TiledView.
  Todd
  ----- Original Message -----
  From: <paul_r_madison@y...>
  Sent: Thursday, February 27, 2003 3:24 PM
  Subject: [SunONE-JATO] Re: Recommend way to replace doJoin
  Craig,
  Thanks for the help. I am doing this, but I'm still having problems.
  I have three TiledViews on the page:
  Survey
  |----Questions
  |----Display
  I'm attempting to illustrate the way they are nested here. It seems
  that the models, primary and not, are all executing on the
  BeginDisplay event of the page. They execute a second time after I
  set the where criteria, but it looks like the fields are already
  bound
  by the time the criteria is set. Also, the primary model for the
  Survey TiledView is executing on the next web action. I should also
  note that I have to change the defaultConnectionUser and
  defaultConnectionPassword on the model before I call handleWebAction
  on the repeated object; this is because there is a view in use that
  is specific to the username supplied when logging in, and if I don't
  change the user name the view contains no data.
  The first time in the page the Survey TiledView is displayed,but the
  two nested TiledViews are not; beginDisplay is called on Questions,
  but NextTile returns false. When I click next, the first record is
  again displayed and the correct data for Questions and Display.
  However, a second click of the next button displays the sameresults.
  A click on the Last button displays correct results for the last
  record.
  Any ideas where to look or what to look for would be appreciated.
  Thanks,
  paul
  --- In [email protected], "Craig V. Conover"
  <craig.conover@s...> wrote:
  Paul,
  This feature of ND is not built into JATO. It was a somewhatmysterious
  feature in ND. I remember it being one of the most difficult
  topics
  to
  explain how ND made it work in my ND developer classes so it
  is not
  surprising that you are having issues implementing it on your own.
  But the solution should end up being quite simple. We just need tomimic
  what the ND framework was doing and use a bit of the JATO
  framework
  to
  help us as well. Nested tiled views can be a bit sticky to
  grasp as
  well.
  I don't know what your code looks like, but here is basically whatyou
  should be doing. Assume CustomerListTiledView (outer) and
  OrderListTiledView (inner) are the TiledView names and
  CustomerListTiledView has fields CustNum and CustName, and
  OrderListTiledView has OrderID, and OrderDate.
  And CustomerListTiledView uses CustomerModel that has model fields
  CustNum and CustName, and OrderlistTiledView uses OrderModel andhas
  model fields OrderID, CustNum, and OrderDate.
  I will assume that your outer TiledView is not a problem and thatthe
  issue is with the inner.
  In CustomerListTiledView's nextTile method (ND analog to
  onBeforeRowDisplayEvent), you want to get the value of the CustNumfield
  for that tile, getDisplayFieldValue("CustNum"), and use it ascriteria
  for the OrderListTiledView's primary model (OrderModel). But don't
  forget to clear the criteria first.
  in nextTile method:
  TiledView tv = (TiledView)getChild("OrderListTiledView");
  SelectModel model = (SelectModel)tv.getPrimaryModel();
  model.clearUserWhereCriteria();
  model.addUserWhereCriterion("CustNum", getDisplayFieldValue("CustNum"));
  The auto retrieve for the OrderModel in the inner tiled view will
  execute it with the provided criteria on each row of the outer
  tiled
  view.
  If this is what you are doing, show me the relevant code (noattachments
  work on the group, just inline in email) and maybe I can spot thetrouble.
  craig
  paul_r_madison wrote:
  I have nested TiledViews. In NetDynamics the Data Objects that
  populated their fields were joined using the doJoin method. What
  is the recommended way of getting this same behavior in JATO
  1.2.x?
  I have been trying, with little success, to get the values fromthe
  parent TiledView's Model and set them as where-criteria for thechild
  TiledView's Model.
  Thanks,
  paul
  code from ND:
  CSpDataDrivenVisual CSpDDV =(CSpDataDrivenVisual)event.getSource();
  return(CSpDDV.doJoin(event.getRowIndex()));
  To download the latest version of S1AF (JATO), please visit
  one of
  the
  following locations:
  Framework + IDE plugin for Sun ONE Studio 4 Update 1, CommunityEdition:
  http://wwws.sun.com/software/download/products/Appl_Frmwk_2.0_CE.html
  Framework + IDE pluign for Sun ONE Studio 4 Update 1, EnterpriseEdition:
  http://wwws.sun.com/software/download/products/Appl_Frmwk_2.0_EE.html
  Previous versions of JATO:
  http://www.sun.com/software/download/developer/5102.html
  Service
  [Non-text portions of this message have been removed]To download the latest version of S1AF (JATO), please visit oneof the
  following locations:
  Framework + IDE plugin for Sun ONE Studio 4 Update 1, Community
  Edition:
  >
  http://wwws.sun.com/software/download/products/Appl_Frmwk_2.0_CE.html
  Framework + IDE pluign for Sun ONE Studio 4 Update 1, EnterpriseEdition:
  >
  http://wwws.sun.com/software/download/products/Appl_Frmwk_2.0_EE.html
  Previous versions of JATO:
  http://www.sun.com/software/download/developer/5102.html
  To download the latest version of S1AF (JATO), please visit one ofthe
  following locations:
  Framework + IDE plugin for Sun ONE Studio 4 Update 1, CommunityEdition:
  http://wwws.sun.com/software/download/products/Appl_Frmwk_2.0_CE.html
  Framework + IDE pluign for Sun ONE Studio 4 Update 1, EnterpriseEdition:
  http://wwws.sun.com/software/download/products/Appl_Frmwk_2.0_EE.html
  Previous versions of JATO:
  http://www.sun.com/software/download/developer/5102.html
  [Non-text portions of this message have been removed]To download the latest version of S1AF (JATO), please visit one of the
  following locations:
  Framework + IDE plugin for Sun ONE Studio 4 Update 1, Community Edition:
  http://wwws.sun.com/software/download/products/Appl_Frmwk_2.0_CE.html
  Framework + IDE pluign for Sun ONE Studio 4 Update 1, Enterprise Edition:
  http://wwws.sun.com/software/download/products/Appl_Frmwk_2.0_EE.html
  Previous versions of JATO:
  http://www.sun.com/software/download/developer/5102.html
  [Non-text portions of this message have been removed]

• Only secure pages load

  Only secure pages will load in firefox and safari. Anything that isn't secure will show a white page while it says "waiting for www.(website).com" in the status bar in the bottom left hand corner, and eventually stay that way and display "done" in the bar. The secure pages do load, but sometimes they take forever. I am on a wireless network on my college campus, and everything was working fine until a few days ago. Ideas?
  -Keven
  Message was edited by: the wigwam

  Gah nevermind my nephew was using my account and kept clicking the littlesnitch notifications to make them go away.  Little bugger managed to block everything on port 80 http.  Time to set up a guest account.

• Sfw on secure pages

  I have a flash file in my secure pages of my shopping cart
  and all of a sudden getting the non secure items warning. Is the
  flash file to blame because it's downloading from Macromedia site?
  Is there a way I can stop this. The swf file is local.
  Thanks

  I have had that happen before in IE, thought it would help if
  you knew IE did that to me before the change. I also had to code
  with direct URL's
  Jacson

• I cannot access Facebook after going through all the recommended ways to fix the problem. Help me.

  I went through all the reccomended ways to try and allow Firefox to access the cite. however after i do that ill try and access the web citie and everytime i get an error page. It says connection was reset. So i went back to Firefox support and did the recommended way to fix it again and still it did not fix my problem. How to i fix this issure?

  I dont understand the answer
  '''''""The problem can be solved by opening FF and choosing Tools...Add On's...select the SEARCH addon and choose UNINSTALL...restart FF browser when asked, then reload Mobsters. This worked for me. The suggestion on the 404 that says to remove Search via Add/Remove Programs is completely BS, as Search doesnt show there. ""'''''