What stops users from extracting the JAR, decompiling to get FTP details?
So I have made an applet to upload files to a server which uses FTp details. How can I stop them from getting the JAR file , extracting the files and decompiling the classes to get the FTP details.
When I sign the pplet, the process asks for a passwors, will the extraction process ask for this password?
Thanks
Hi,
From what I've seen the JAR file can be extracted easily with WinRar (or WinZip if you rename to .zip extension!). The signing just verifies that the contents of the jar haven't been changed by someone since it was created.
Heh it looks like we're working on the same problem...!
What I'm doing with my applet (based on the ZUpload applet from Sourceforge) is have it to read in the ftp connection params from an encrypted file. In my case the users are "semi trusted" so I am just trying to prevent someone casually lifting the ftp login and bypassing the applet. Obviously in theory someone could still decompile my classes and get the secret key then decrypt the params, but in my case this is unlikely to be a problem.
I'd love to hear if you find a better way!
Similar Messages
-
How do I stop users from using the standard inbuilt VPN connection in Windows
We have a UAG Portal setup to check the security of users computers etc then if it is all correct they are presented with the log in and once logged in the are connected to the corpirate network via a SSTP connection. The all works fine but the issue
I have is users can bypass all the checking but just going into network connections on their local computer and creating a SSTP VPN connection, like on this webpage http://blogs.technet.com/b/tugait/archive/2011/10/12/how-to-publish-a-vpn-sstp-using-your-uag-in-a-https-trunk.aspx
Any idea how to stop users being able to do this and forcing them to use Internet Explorer?Found my answer on this page http://technet.microsoft.com/en-us/library/ee809077.aspx
"To enforce Forefront UAG portal authentication, do not set users dial-in properties to Allow
access." -
Please,I want to stop users from visiting particular wensites while connected to the internet. How do I configure Firefox to automatically stop users from visiting such dangerous sites?
Thanks, Ronda! I haven't been able to try your suggestion because I fried my router! So I need to get a new wireless router before proceeding.
(I may start a new thread about getting a new router, but I will look for answers first to my questions and only start one if I cannot find answers.)
After I get a new router, I will try what you suggested and report back here. -
Stopping user from making in app purchases on a live iPhone app
Hi
I am trying to stop user from making in app purchases on a live iPhone app. What i have done is i made Cleared for Sale: No in itunesconnect product id and Status is changed to Status: Developer Removed from Sale. But still i am able to do in app purchase in the app. Any idea why is it? anything i should do? Last Thureday night i have done this changes in itunes connect. i don't want to delete the product id from the itunesconnect.
Thanks
AnishHey Michael,
Is that the only way to stop in app purchase? delete the product ids from the itunes connect?
Thanks
Anish -
I've transferred my Itunes Media Library to a NAS drive, and pointed Itunes (using the advanced preferences tab) to the relevant folder on the NAS drive. I have done this to free up disk space on a computer I primarily use for work but which I use both at home and at work. The NAS drive is at home. (To clarify, I am not expecting Itunes to function at work, only at home when access to the NAS drive is available).
Under certain circumstances Itunes will start-up at work and when it does it will create the folder structure for the Itunes Media Library in the default location (on the local drive) instead of looking for the location I have specified (the NAS drive) which it should not be able to find when I am at work and telling me that it can't find it (which would be fine).
How do I stop Itunes from recreating the default folder structure and defaulting the file path to the standard media library location on my local drive? Every time this happens I have to re-point Itunes to the NAS drive location, which often requires me to reconsolicate libraries which is tedious and time consuming. It seems that in the process of one of these consolidations I have lost some of the media files. They are still in the library (ie. visible in the Itunes window) but Itunes can't find the media associated with that file - identifying them with an excamation mark "!".
Any help with this would be appreciated, as I have read several forums and threads, and despite trying several different approaches I have been unable to address the problem, which appears to be exacerbated by the laptop being remote from the NAS drive.angelofromnsw wrote:
Can I put the ".itl" and other database files on the NAS, and if so where would I put them? I'm thinking that if the library file is only available at home then the ITunes library won't get corrupted at work when it can't find the media, in the event that I accidentally start up itunes eg. while opening an attachment or disc that can be read by Itunes.
iTunes will start up and you will have an empty library.
Can I put the ".itl" and other database files on the NAS, and if so where would I put them?
Yes.
Quit iTunes.
Copy the /Music/iTunes/ folder on the NAS.
Move the /iTunes media/ folder currently on the NAS into the /iTunes/ folder you just copied to the NAS.
Hold Option, launch iTunes, select Choose library... and select the iTunes folder on the NAS.
You can delete /Music/iTunes/ folder on the internal drive.
If you launch iTunes while NOT comnnected to the NAS, iTunes will recreate the /Music/iTunes/ folder and you will have an empty library.
WHen you are again connected to the NAS, just do step 4 above.
Do you know what the advantages and disadvantages are of having the database files like the ".itl" files stored locally versus on the NAS?
Keeping everyhing together inside the iTunes folder makes it "cleaner" and simpler to manage everything. -
How do I stop GoLive from changing the location of my CSScriptLib.js file?
How do I stop GoLive from changing the location of my CSScriptLib.js file?
I am making rollovers and want my CSScriptLib.js to be in the same folder as my HTML files.
Every time I edit the rollovers GoLIve recreates the path of the CSScriptLib.js to file:///Users/xxx/Library/Preferences/Adobe/GoLive/Settings8/JScripts/GlobalScripts/CSScr iptLib.js so it won't work when uploaded. I always need to edit my HTML before uploading. All I want it to say is src="CSScriptLib.js" as the default.The site file is a database that keeps track of all your assets (and much more), including the scriptLib file. As soon as the page is saved (when you use the site file and it's open) the link will be change to the correct path that will work on the server.
If you're not using the site file you might as well use a text editor, since most of GL functionality is gone. -
How to prevent multiple users from updating the same data in coherence
Hi,
I have a Java Web Application and for data cache am using coherence 3.5. The same data maybe shared by multiple users which maybe in hundreds. Now how do I prevent multiple users from updating the same data in coherence i.e. is there something in coherence that will only allow one user a time to update. If one user is in a process of updating a data in coherence and some other user also tries to update then the second user should get an error.
ThanksI have a question on the same line. How can I restrict someone from updating a cache value when I a process is already working on it. I tried locking the cache key but it does not stop other process to update it , it only does not allow other process to get lock on it.
-
Is there a way to prevent users from changing the Advanced, Connection, Settings Tab?
I need to stop network users from changing the proxy settings to avoid the firewall. Is there any way to disable or prevent them from getting to the advanced, connections tab, and changing the settings for the proxy?
You can lock the corresponding prefs, then users won't be able to change the settings.
See http://kb.mozillazine.org/Locking_preferences
See also http://kb.mozillazine.org/about%3Aconfig_entries -
Is there any way to prevent non-root users from rebooting the system?
This question seems to be addressed many times on the web, but the problem is that none of the wannabe-howtos work on my system. In particular, this doesn't work and this doesn't work either, because (1) I need to keep policykit installed for udisks and other dependencies to function and (2) renaming (or removing) the file /usr/share/polkit-1/actions/org.freedesktop.login1.policy has (again) no effect on the users' ability to reboot and shut down the system. Even more surprisingly, adding the following to /etc/polkit-1/rules.d/20-disable-shutdown.rules has no effect at all:
polkit.addRule(function(action, subject) {
if (
action.id == "org.freedesktop.login1.power-off" ||
action.id == "org.freedesktop.login1.reboot" ||
action.id == "org.freedesktop.login1.suspend" ||
action.id == "org.freedesktop.upower.suspend" ||
action.id == "org.freedesktop.login1.hibernate" ||
action.id == "org.freedesktop.upower.hibernate"
return polkit.Result.NO;
As a result, ordinary users (not in the wheel group and with no special permissions) can simply reboot the machine by typing reboot. I remember that a simple polkit rule (as proposed on the Fedora forum) worked fine just a few months ago, but this doesn't work nowadays. The action IDs mentioned there are no longer listed in pkaction, so it's quite obvious that some changes (and bugs) have been introduced since then. I just need to prevent the users from rebooting the machine and to keep policykit installed. Is there any way to do this?karol wrote:Do said users have the ability to push the Power or Reset buttons?
No, they don't.
But come on, access permissions are a matter of principle rather than a matter of what you can possibly do with a hammer in your hand. That makes your question somewhat irrelevant to this issue. Imagine someone asking: "How can I protect my home directory from access by other users?" You would then probably ask: "Do said users have the ability to pull out the hard drive and mount it on their computer?"
Even if the users had physical access to the ACPI buttons, rebooting the computer by mistake (via software) would still be much more likely than pressing (or even holding) the ACPI buttons by mistake.
If I call rm -Rf / as a normal user, nothing should happen to the system in terms of availability to other users. Only my home directory and temporary files would vanish, but that's all. This is what permissions are there for. Similarly, when I type reboot as a normal user (no matter if I'm on SSH, on a local terminal or logged into KDE), it should be possible to simply disallow rebooting.
The idea that users logged in locally can restart the computer may be fine for laptops under certain conditions, but it is a bad idea in almost all other cases. In a "kiosk" type environment, for example, the ability to reboot and get to the bootloader can be a huge security hole, unless all your disks are encrypted, and a huge "reliability hole" in any case. Suppose you use a desktop as a home server. You want everyone to be able to log in and to connect a USB flash drive (using polkit and udisks). But you simply don't want the machine to be rebooted. Why is such a simple thing so hard to do?
Last edited by andrej.podzimek (2014-03-10 02:15:35) -
How to prevent a portal user from using the BEx Analyzer ?
Hi,
we have different type of users : most users may use the portal as well
as the analyzer ;
we have one special user with extended authorizations : this user
should use the portal , where he has a limited set of queries to run
with hardcoded filters ==> this user should not be able to use the
analyzer however, since he then would be able to call all other queries
by using the find function ;
how can we make sure this user cannot use the analyzer , using SAP
authorizations ?
best regards,
Erwin Van Giel.Hi,
if I remove the complete S_RFC authorization for the user then the BEx Analyzer cannot connect anymore to the BW system, but neither can the user run reports from the portal : it needs the S_RFC with 'SYST'.
If I only remove the RRMX from the S_TCODE and from the S_RFC, it does not prevent the user from starting the BEx Analyzer and connecting to the BW system. It only stops the user if he would start the RRMX transaction from within an SAPGUI session.
Perhaps there should be a value in the S_RFC that allows connections from the portal but not from the BEx Analyzer .... ?
so not solved yet ....
best regards,
Erwin. -
Stop user from cliking back button after logging out
How can I stop the user from clicking the back when they had clicked the log out link...?
<%@ page language="java" %>
<html>
<head>
<title></title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
</body>
<script language="JavaScript" type="text/JavaScript">
function refreshIt() {
setTimeout('window.parent.location.reload()', 7 * 1000);
<%
session.removeAttribute("username");
session.invalidate();
response.sendRedirect( response.encodeRedirectUrl("index.jsp?message=You had logged out from the system"));
%>
document.onload = refreshIt();
</script>
</html>You can NOT stop the user from clicking the "back" button.
However, all is not lost.
Since you're invalidating the session, simply have every page that requires the user to be logged in check for a valid session before proceeding. Put that code into an "include" file. If the session is invalidated, redirect the user back to the "Please Login" page. Do this IMMEDIATELY before doing ANYTHING.
Another technique, but is essentially the same thing, is to "logout" to a page with javascript that redirects the user to the "You are Now Logged Out" page, with either a "redirect" or a "window.forward()" call. When the user clicks "back", they'll return to the page with the javascript that redirects the user to the "You are Now Logged Out" page. The only problem with that is that savvy users using IE can click the "history" portion of the "back" button, and go back 2, 3, 4, etc. pages if they want to.
Therefore, you'll still have to write the code at the beginning of every page that kicks the user back to "Please Login" if the session was invalidated. -
Hi,
After speaking with a Microsoft engineer over the phone, I've been told that there is no way to prevent users to go to their OWA and manually Purge specific items from the ''Recover deleted items''. The Microsoft tech told us to place the desired mailboxes
on a litigation-hold and that all data will be recoverable... but only from the time you place the mailbox onto Litigation-Hold and previous items, which doesn't take effect for new-coming emails.
1- From what I understand, any new items coming in the mailbox after the Litigation-Hold is put in place will still be ''purgeable'', right?
2- Is there a way (PowerShell, Security group, etc.) that can prevent a user from using the Purge option?
We are very surprised that there is absolutely no thread that talks about this issue, which in our opinion, is a major legal and security flaw from Office 365. This is a main concern for us to actually go with Office365. For instance, this means that at
any given time, if a user exchanges emails with a competitor, they can manually purge emails sent and receive as soon as it is sent/received, even after Litigation-Hold is in place.
Thank you for your reply and let us know if you have more questions.
Normand Bessette, IT support technician, Newad MediaThank you for the reply.
Is there still a way to prevent users from using the Purge option, like with a Powershell script to disable Purge? -
Refer ResourceBundle/external resources like icons from outside the Jar
Hi,
I have a swing application and I am using ResourceBundle to support internationalization. I also refer some icons.
Now I have packaged my class file in a jar and I want to refer ResourceBundle and icons from outside the jar. This is to support runtime changing of values and icons without needing to recompile.
When my code is in Eclipse and I try to refer the resource bundle, it is working fine. But as soon as I have a jar and try to refer the resource bundle from the class path, I am getting MissingResourceException.
Please help.
Regards,
ManuAs per my actual requirement, I wanted to have these properties files (resource bundles) and icons directly on the classpath, so that user has the convenience to modify them.
I am not able to do so. I included the directory containing icons and resource bundle on the classpath, but i am not able to refer these icons from the main jar.So it works when the resources are in a 2nd jar, but not when they are in a folder that is in the classpath?
Is the relative path of the resource files the same in both cases?
In the simplest case (no nested folder), the icons are in the root of the jar, and the folder-equivalent is that they should be straight in the folder which you added in the classpath.
Or are they (frequent case) in a nested folder, along your package structure, such as com/yourcompany/yourapp/gui/icon.jpg?
In this latter case, you must not put folder "gui" in your classpath, but merely the folder which contains "com".
I am just wild-guessing of course, for a more specific reply could you post a sketch of your jar/folder structure (in tags) and your command line, including
the classpath part, in both the case that works and the one that doesn't? -
How to stop mail from recovering the same message over and over again to the extent that it has wiped out all start up disk memory?
You need to find and delete (move to the Trash) the offline mail cache (.offline cache.) It's a hidden folder (files and folders with a preceding dot are hidden) inside the Mail folder (inside IMAP) in your user library. Since it's hidden, in order to see it run the following command in Terminal in Applications>Utilities. Hit return/enter once you have pasted in the command.
defaults write com.apple.finder AppleShowAllFiles -bool true ; killall Finder
To reverse this and hide all those hidden files and folders again
defaults write com.apple.finder AppleShowAllFiles -bool false ; killall Finder
Leave hidden files/folders enabled until you finish emptying the Trash so you know it's gone. -
WRV54V how to filter or stop users from downloading videos
I don't know how to configure this router to stop users from downloading video like from Google, Torren. I've heard people is using DD-WRT firmware for some linksys routers, but not with this model. I don't want to stop my users from browsing internet, read news, social networking but they watch online video and download stuffs like 10Gbs a day. It doesn't work for me. Thanks
You can block the video files by managing the firewall on the computer in such way that the video extension files would be blocked....
Maybe you are looking for
-
Why can I only organize pics in a slideshow and not an album. Yes, I went to view > sort photos > manual and I was still unable to drag & drop. iMac G5 Mac OS X (10.4.6)
-
Illustrator keeps saying "Can't save illustration" and this assignment is due tomorrow - I'm worried
Illustrator keeps saying "Can't save illustration" and this assignment is due tomorrow - I'm worried
-
The home button is not working, does anyone know how to fix it?
how can I make the home button work?
-
I would like to upgrade from Lightroom 2 to LR4 based on my iMac technical capabilities and LR4 technical requirements. Where do I find a LR4 download to purchase?
-
I installed Leopard weeks ago on my MacBook, and have since update to v. 10.5.1. Since the original install (and still), I have had a problem shutting down. When I do, my desktop clears and I am left with my background image. A few seconds later, the