Table security concerns with form on intranet

Similar Messages

• Airport Extreme security concern with Airport Utility App

  Just bought the new Airport Extreme (802.11ac) last night. BY FAR the easiest wireless setup I have ever done (< 5 minutes).  Hats off to the Apple developers on this one - they crushed it!  One of the things that makes this device so easy to setup though is the iPad/iPhone Airport Utility app.  I used the iPad version.
  My concern - When I startup this app it goes straight to the main config screen.  Just tap on the Airport Extreme image, then tap Edit and I'm into my wireless settings (id's, passwords, etc.).  And that's my concern.  It didn't ask me for any kind of password to get into the utility, or the settings.  What's to stop someone else from using my iPad to get into the wireless settings, or from someone else installing the app on their iPad and getting into my wireless settings.
  It feels like this is a huge security hole.  Am I missing something?
  Thanks in advance - MarkInColo 

  Is there a way to lock down the app on my iPad so that the settings can't be accessed unless I authorize it?
  No
  Only way I can think of is uninstall the app, and install it again only when I need it.  Isn't there a better way?
  If it were me, I would not install or use AirPort Utility for the iPad, iPhone etc.  Use only AirPort Utility on your Mac, and do not enable the option to have KeyChain Access remember the password.
  Then, anyone who wants to access the settings in AirPort Utility on the Mac will have to enter the Base Station password to be able to make any changes in AirPort Utility.

• Table like structure with form fields

  In flash - How can we organize the form fields like a HTML
  table dynamically?

  Since performance may be an issue when hitting BSEG table
  Any of the below accounting tables can be used.
  1.BSAD
  2.BSAK
  3.BSAS
  4.BSID
  5.BSIK
  6.BSIS
  These are normal database tables, not clusters. Normally every record from BSEG can be found in one of these 6 tables. The program which selects data
  From these tables runs faster than from BSEG.
  Plz reward if helpful.
  Thanks.
  Ramya

• Customer security concerns with using OWC (Beehive)

  Hi,
  My customer is currently using strtc for OWCs but I believe that this will move to Beehive very soon.
  Their security team has locked down strtc and need answers to some security questions.
  When using Beehive for conferencing, can you answer what the support teams will be able to access please?
  The type of things that their security team want to know are:
  "we need to give them details of what can be done by Oracle Support while we are linked together via this site. Is this something you can gather details together for and send over to me? Type of things they want to know are whether files can be copied from our network / linked pc, can files be dropped onto our network / linked pc, can you explore our network via the linked pc without us knowing etc."
  Thanks for any advice.
  Kind Regards,
  Rachel

  Hi,
  Beehive Web conferencing has similar capabilities to STRTC and the transfer of files between the server and the client is not one of our capabilities - the system allows co-browsing to be enabled to allow the customer to show the support staff the problem in situ and the capability exist for the support staff to control the remote users desktop - with their approval should it be thought valuable to solving the problem. The session can also be recorded.
  So we cannot do anything on the remote PC without their knowledge and approval.
  File movement between support and the customer is done via the Oracle Support portal not the web conferencing system.
  Phil

• Safari password auto fill security concern

  Just discovered what I consider to be a big security concern with iCloud Keychain. If you go into Settings, then Safari and your iCloud Keychain is under stored passwords and auto fill, the passwords are stored in plain text with no asterisk or anything. This means that all someone needs is your 4digit unlock code and they are then able to view all your stored passwords in Safari. They should at least require your iCloud Keychain password to view these, or just asterisk them out. If someone saw you enter your four digit unlock code, and then put your phone down, they could get this information without you even knowing it. This is not safe.

  The purpose of that section is so that you can see your passwords, there wouldn't be much point in replacing them with asterisks. They are password protected, just don't give others your password.

• Flash security concerns, 16.0.0.296 is installed - but 16.0.0.287 is actual?

  Windows 7 -> Adobe - Flash Player: 16.0.0.296 is the installed version, but the list below (Platform, Browser, Player version) shows 16.0.0.287 as actual .... Should we "downgrade" ?
  Due the latest security concerns with flash, I had to rethink the whole story - maybe better just uninstall flash?
  rgds,
  Chris

  Hi Chris,
  Version 16.0.0.296 is the latest release available.  However, it's only being pushed out through our silent auto update and enterprise distribution channels.  We're hard at work making sure this is also available on https://get.adobe.com/flashplayer but that's going to take another day or two to complete.  Once it's out everywhere, we'll update our release notes and associated pages with the proper version number.
  Thanks,
  Chris

• Problem with Table display in Adobe Form of Web Dynpro ABAP

  Hi Team,
  I'm trying to display a table in Adobe Print Form (not interactive). The table is bound to the context node in the Web Dynpro ABAP where the cardinality is 0:N. I get a short dump. Don't know what to do here. I'm able to display individual fields from my context successfully. Looks like something is missing when I try to display a table. Any pointers to display a data table in Adobe? Any step by step example you know of where I can find out what I did wrong? Many thanks for your time
  We are on support pack SP06 on 2004S release.
  DUMP INFORMATION:
  Short text                                                               
      Access via 'NULL' object reference not possible.                 
  What happened?                                                           
      Error in the ABAP Application Program  The current ABAP program "CL_WD_ADOBE_SERVICES==========CP" had to be terminated because it has come across a statement that unfortunately cannot be executed.
  An exception occurred that is explained in detail below.                    
  The exception, which is assigned to class 'CX_SY_REF_IS_INITIAL', was not caught in procedure "CREATE_PDF" "(METHOD)", nor was it propagated by a RAISING clause.

  Hi Thomas,
  We upgraded our system(2004S) to SP10 so that we can use the ADOBE form printing in Web Dynpro ABAP but could not apply note 1034425 because of the validity constraints in SNOTE. All the pre-requisite notes are already in the system apart from one note 1029721 which talks about supporting input helps. We don't want to use input helps in our system and cannot upgrade to SP11 because of problems with Business functionality.
  Questions:
  1) Is note 1034425 absolutely dependent on 1029721?
  2) If NOT, can someone please correct the validity so that we can implement using SNOTE.
  3) Would it be OK if we manually apply the changes specified in 1034425 without implementing 1029721?
  4) If all of the above is not applicable, is there any other note which fixes the above mentioned short dump.
  Your help in this matter will greatly help us in using the ADOBE services provided by SAP WDA.
  Thanks much

• Insert into one table, update another with one form

  Does anyone know how to do this?
  I'm writing a small system where I need to have a master project record in one table, and small little project events in a sub notes table. I want to be able to insert a record with notes into the sub table and update the status in the master table -- all from one form.
  Any thoughts would be very, very appreciated :) -LR

  Hi Lee,
  in case your main Insert transaction provides a value which can be used to identify the master table´s primary key, I think you should set up a Custom Trigger to update a specific record in the master table.
  Cheers,
  Günter Schenk
  Adobe Community Expert, Dreamweaver

• Error updating table with form

  All i have setup a application using the tabular form, and i went through the wizard and now when the table comes up with the entries that i can change i get this error
  Error in mru internal routine: ORA-20001: no data found in tabular form
  Error Unable to process update.
  OK
  Even when i use the delete i get
  ORA-20001: Error in multi row delete operation: row= 5, ORA-01403: no data found,
  Error multi row operation failed
  OK
  And i am unable to update any rows

  It looks to me you wrongly selected the P-Key for the tabular form.
  If you can provide some more information like the table columns, p-key etc we may help you out in debugging.

• How do I redirect a secure zone login form with javascript?

  I would like to redirect what page a user goes to after filling out the secure log in form. I would change the landing page of the secure zone, but I need a log in form to go to a different page of the site. I would also create a seperate secure zone, but I have almost 3000 subscribers and it would be very time consuming to add all those users to this new zone.
  I would like to redirect the user (using the form from a secure zone) to a different page other than the landing page of the log in form. How do I do this with javascript?
  I saw this page: http://kb.worldsecuresystems.com/598/bc_598.html#main_Logging_into_different_Secure_Zones_ according_to_ID_number but couldn't make sense of it for my current situation. (I don't need multiple zones, just the form to redirect to a different page after submission)
  <form action="https://redlakewalleye.worldsecuresystems.com/ZoneProcess.aspx?ZoneID=12369&Referrer={module_siteUrl,true,true}&amp;OID={module_oid}&amp;OTYPE={module_otype}" method="post" onSubmit="return checkWholeForm52938(this)" name="catseczoneform52938">
              <div class="form">
              <div class="item"><label for="SZUsername">Username</label><br />
              <input type="text" maxlength="255" id="SZUsername" name="Username" class="cat_textbox_small" /></div>
              <div class="item"><label for="SZPassword">Password</label><br />
              <input type="password" autocomplete="off" maxlength="255" id="SZPassword" name="Password" class="cat_textbox_small" /></div>
              <div class="item"><input type="checkbox" id="RememberMe" name="RememberMe" /><label for="RememberMe">Remember Me</label></div>
              <div class="item"><input type="submit" value="Log in" class="cat_button" /> <a href="/_System/SystemPages/PasswordRetrieveRequest">Lost password?</a></div>
              </div>
              <script type="text/javascript" src="/CatalystScripts/ValidationFunctions.js"></script>
              <script type="text/javascript">
                  //<![CDATA[
                  function checkWholeForm52938(theForm){
                      var why = "";
                          if (theForm.Username) why += isEmpty(theForm.Username.value, "Username");
                          if (theForm.Password) why += isEmpty(theForm.Password.value, "Password");
                          if (why != ""){alert(why);
                              return false;
                     // Add the redirect code here?
                      theForm.submit();
                      return false;
                  //]]>
              </script>
          </form>

  I've been working on the same thing and have nearly solved it with these tutorials:
  http://www.bcgurus.com/tutorials/re-directing-users-to-the-correct-secure-zone
  http://www.bcgurus.com/tutorials/building-a-better-secure-zone-login-page
  The first tutorial will let a person continue on to the page he/she was attempting to access. For example, if your site offers learning lessons in a secure zone... A visitor could click on a lesson, get prompted to login and then be redirected to that particular lesson instead of the landing page for the secure zone.  The script in the tutorial also accommodates general logging in: "if the person wasn't going somewhere specific then send him/her here (landing page, user account, whatever).
  Might be worth checking out the free BCGurus trial or joining for a month.
  Brian

• Multiple Secure Zones with a Single Login Form

  Hello, I've created a login form and 20 different secure zones. I am needing to redirect users to their own personal secure zone automatically once they login (without the need for them to choose the secure zone) Can you please let me know how this can be done? Thank you much

  Hi
  The main difference is :
  Using generic secure zone login option : When customer logs in , he stays on the same page. I mean , Generic secure zone in BC doesn't support redirect to other pages . However, he will have access to all the pages that were in other secure zones to which he actually subscribed to.
  Using Specific secure zone login form, you have option to redirect the user to specific landing page and user will have access to data that is placed in this specific secure zone.
  You may locate the Generic secure zone login form in toolbox > site modules > secure zones > sign in form >  as shown in below screenshot :

• Urgent Help needed : Connecting Access 2000 with forms 6i

  Dear friends,
  I am really struggling to solve this connection issue. I am working with forms 6i, oracle 8i, in Windows XP pro environment. Developing programs using oracle 8i tables is ok, but there are tables in Access 2000, which I have to add the program that I am developing. The things I have done are
  - I have already tables in MS Access databse.
  - I Installed ODBC for microsoft and for Oracle as well(which . I added the MS Access Database there and I can perfom SQL from Oracle ODBC.
  - I also installed OCA for developer from the CD.
  From this point I followed the instructions in Developer Help menu and I was not able to connect and still trying, I will appreciate if anyone provide me sometips. Thanks in advance
  Best Regards

  Hi,
  I know the bad solution. But anyway, I'll tell you in any kind of help. I also had an AccessControlException when I started a RMI client program using JFileChooser. I rewrote policy files again and agin, but in vain. The last and ultimate method I did was remove the RMISecurityManager. This is obviously dangerous in the Internet, but if you use your application in the intranet or in some kind of safe environment. There would be no problem.
  Hope this could be any kind of your help.

• Security issues with connecting pdf to database

  I have a pdf form that is being called from a webform as part
  of a web application. The PDF has two dropdown lists that I was
  populating from a SQL Server Database. I had created a special user
  that had select access only to the tables for the dropdowns.
  My question is are there any known security issues with
  regard to allowing a pdf to connect to a database this way. The PDF
  is being called from a secure connection but I don't know if
  opening this database connection to populate these dropdowns
  exposes a security hole of any sort. If it does, do you have a
  solution to make this secure? I am asking because another developer
  on the project brought up the issue of this design creating a
  security risk and I haven't been able to find anything online
  discussing it either way.
  Thanks!
  Maureen

  Hello Maureen,
  Thanks for posting, but I'm not sure I see if your question
  relates to Acrobat.com
  Are you using any of the Acrobat.com Services as any part of
  your workflow?
  Thanks!
  Pete

• Fiori security concern

  Hi All
  We are now receiving security concerns from customer about FIORI.
  1.Information Leakage:
       for instance , when we clicked an item , then it failed, and we got the error message which might cause information leakage.
       Is it possible that the backend could provide some general information with no sensitive information involved.
  2.remember password option:
       after entering the password and username, the browser will prompt if you want to remember the password. there is security concern to remember password in browser. Is it possible to disable this pop-up window,  that is , is it possible to Set auto complete off in every form that is getting submitted.
  Thanks
  Message was edited by: Michael Appleby

  Hi Torren,
  i don't want to be a smartass, but do you really think it's a good idea to post an image, where you can see a productive URL of a customer? When we talk about security, we should start to hide or obfuscate such information, which are absolutely not necessary to investigate an issue. I think the customer itself doesn't want to see this information in a forum, which is available for everyone in the internet. Besides: Never post a real User of a productive System in a forum!!! I couldn't believe, that your Test-User "TEST*****" is actual a real one. A hacker has now perfect premises to start an attack on this system!
  Because i myself am a customer of SAP, i have the expectations, that SAP always works confidential with my data.
  Sry, if i can't answer your questions, but this topic is very important for me!
  Regards
  Michael

• How do I reset my apple id security question with out a rescue email

  How do I reset my apple id security question with out a rescue email?

  You need to ask Apple to reset your security questions; ways of contacting them include clicking here and picking a method for your country, phoning AppleCare and asking for the Account Security team, and filling out and submitting this form.
  They wouldn't be security questions if they could be bypassed without Apple verifying your identity.
  (101013)