security

问题 I have an location element in my web.config like so: <location path="Admin"> <system.web> <authorization> <allow roles="Domain\Development"/> <deny users="*" /> </authorization> </system.web> </location> This works to only allow members of the development group access to this folder. I was wondering if there is a way to simply test if a user has access to this folder? One scenario is creating menu items. I'd simply like to hide or not render links to pages in this folder if the user does not

问题 I have an location element in my web.config like so: <location path="Admin"> <system.web> <authorization> <allow roles="Domain\Development"/> <deny users="*" /> </authorization> </system.web> </location> This works to only allow members of the development group access to this folder. I was wondering if there is a way to simply test if a user has access to this folder? One scenario is creating menu items. I'd simply like to hide or not render links to pages in this folder if the user does not

问题 My website users login using accounts they setup in my website. I of course store their login info in a db table and this table is accessed when they fill out the login form. This is just a proprietary system I created. When users are logged in , they can see a list of documents that are stored in a folder on my website. If they are not logged in, they don't have access to this list. However, if someone knows the direct URL of one of the documents, they can download it without logging in. I

问题 Im being a few days struggling to create my first Security realm in glassfish V3. My problem is that it looks like for some reason, the application does not see the one of the coulmns in the database, and my console keeps telling me that there is a syntax error. I think the table that is making me trouble is the join column(Below you will see my DB implementation). Here i will copy the hold stack trace so you will see what is going on: FINE: [Web-Security] Setting Policy Context ID: old =

问题 Is there any way to assure that my application's window is not obscured by any other application's view using with SYSTEM_ALERT_WINDOW permission? If not, then is there any better way to assure that my app is not obscured by such window apart from obtaining the same permission and refreshing/showing/whatever my own view (of course shown in alert window) every 100ms or so to keep it visible? Eventual flickering, in case my application is obscured, is actually a good thing and an indicator to

问题 Is there any way to assure that my application's window is not obscured by any other application's view using with SYSTEM_ALERT_WINDOW permission? If not, then is there any better way to assure that my app is not obscured by such window apart from obtaining the same permission and refreshing/showing/whatever my own view (of course shown in alert window) every 100ms or so to keep it visible? Eventual flickering, in case my application is obscured, is actually a good thing and an indicator to

问题 It looks like the Jenkins Scriptler plugin is no longer available, due to security reasons: https://wiki.jenkins-ci.org/display/JENKINS/Scriptler+Plugin "Distribution of This Plugin Has Been Suspended" Is there a similar plugin that I could use to run saved Groovy scripts? 回答1: Hi you can store your groovy scripts in Managed Files and pass the parameters to groovy script through Extended Choice Parameters Plugin. Or else you can download Scriptler plugin source code and add it to your /var

问题 after trying to merge changes to an svn trunk back to the branch with the following command: ../branches/myBranch$ svn merge -r 94:171 https://.../trunk --dry-run I get the following error from SVN: svn: REPORT of '/svnroot/simspark/!svn/vcc/default': Could not read chunk size: Secure connection truncated (https://simspark.svn.sourceforge.net) We already tried to google this for quite a while and concluded that this is kinda pointless. I won't stop you from trying yourself of course, but you

问题 after trying to merge changes to an svn trunk back to the branch with the following command: ../branches/myBranch$ svn merge -r 94:171 https://.../trunk --dry-run I get the following error from SVN: svn: REPORT of '/svnroot/simspark/!svn/vcc/default': Could not read chunk size: Secure connection truncated (https://simspark.svn.sourceforge.net) We already tried to google this for quite a while and concluded that this is kinda pointless. I won't stop you from trying yourself of course, but you

问题 What are the security considerations when a server fetches a file from an untrusted domain? What are the security considerations when resizing an image that you don't trust with PHPs GD2 library? The file will be stored on the server machine, and will be offered for download. I know I can't trust the MIME-Type header. Is there anything else I should be aware of? I have a webservice that looks like this: input An http-URL (or a String that is expected to be a URL) output A meta description of