|
I work a company, they want to create an ecommerce, offering to buy their product through to Internet. we are preparing to join the ecommerce site with our internal system.
we have developed our structure and we have different DMZ
DMZ1 - application server(server 2008 and apache)
DMZ2 - layer business web services (server 2008 and iis, aspnet 2.0)
DMZ3 - partial data base (server 2008 and Sybase) This data base will be connected to our data base internal.
i omit details of configuration of communication equipment
Mode to connect
DMZ1 connect to DMZ 2 , DMZ 2 connect to DMZ 3 , DMZ3 connect with internal system
In this moment the web services only accept call from DMZ1(application php) but in the future the company can offer services to other company o user.
I am investigating how to secure web services according to my stage
How use php client to use a Microsoft WSE 2.0 services? If found “WSO2 Web Services Framework for PHP (WSO2 WSF/PHP), is an open source, enterprise grade, PHP extension for providing and consuming Web Services in PHP. WSO2 WSF/PHP is a complete solution for building and deploying Web services, and is the only PHP extension with the widest range of WS-* specification implementations.”
should use Microsoft WSE 2.0 services according ? in the case no what can I use for this?
if this is correct what specifications ws-* I should use?
Thanks for the time
regards,
Miguel
|
|
|
|
|
hello
some one can give comment about this
thanks
|
|
|
|
|
Hi all,
My application is an asp.net web application which deals with different user logins(user types like Gatekeeper and Pde users).
Here only i am facing one peculiar problem that In Gatekeeper (login) uploaded one txt document in the application.After uploading QA team taking the copy of URL of uploaded document.
Let say URL be like :http://localhost/cms/UI/Documents/BoltonCMS11102009112303PM.txt
Now QA team they are login as Pde user and trying to paste the above URL in Home page,at this moment the uploaded document that is the txt file is opening which is a bug we need to restrict to open that uploaded document .
Could any one help on this?
thanks in advance,
Eswar.
|
|
|
|
|
Instead of a direct link to a file, have a link to a page which takes an id on the query string, uses the id to lookup the file, and fails to do so if the permissions check fails. Or write a HTTP Handler for the file type which first checks permissions. I'd go the former, if you can hide the actual file path, it's harder to hack.
Christian Graus
Driven to the arms of OSX by Vista.
Read my blog to find out how I've worked around bugs in Microsoft tools and frameworks.
|
|
|
|
|
Dear All,
Related to one of my below questions, does somebody know how to create a transparent pop-up..
(I sometimes see in web-pages, page gets dark (a transparent one, and a notification appears in the middle of the page(ofcourse the note is not dark))
Thanks in advance.
|
|
|
|
|
That is achieved using css. See this[^] page.
It's not necessary to be so stupid, either, but people manage it. - Christian Graus, 2009 AD
|
|
|
|
|
Dear Christian,
Thanks for the answer
|
|
|
|
|
Ersan Ercek wrote: Christian
I am not Christian. He[^] is.
It's not necessary to be so stupid, either, but people manage it. - Christian Graus, 2009 AD
|
|
|
|
|
okay... for me you are christian, why are you using what he says than? He is founder of the site right?
|
|
|
|
|
Ersan Ercek wrote: He is founder of the site right?
Chris Maunder[^]
Abhijit Jana | Codeproject MVP
Web Site : abhijitjana.net
Don't forget to click "Good Answer" on the post(s) that helped you.
|
|
|
|
|
Ersan Ercek wrote: why are you using what he says than?
It is the quote that I like.
Ersan Ercek wrote: He is founder of the site right?
Chris[^] is the co-founder of this site.
It's not necessary to be so stupid, either, but people manage it. - Christian Graus, 2009 AD
|
|
|
|
|
Dear All,
before going any further I would like to consult you (experts).
once customer access the page, system will check whether or not customer gives a score to his last order, if not I want to open a page (may be pop-up) where he will score it. Since I have not worked with pop-ups before, do you suggest it?
would you suggest a better way?
Thanks alot..
|
|
|
|
|
If you need to force the user to furnish the score and then redirect back to the initial page, I would say use ModalPopUpExtender.
It's not necessary to be so stupid, either, but people manage it. - Christian Graus, 2009 AD
|
|
|
|
|
Hi,
I am working on an ASP.net application with 3.5 framework.
I need to implement control level role management i.e: the ability to hide or disable a control based on the users role or group credentials. Since I need to do this across all controls in the page I want a simple framework based on which I can implement this across the application without much effort and uniform accross the app. I am using windows authentication and sql server provided role management for authentication and role management.
Pointers and references in this directions will be deeply appreciated.
J.Anandarajeshwaran
WWW.BeginWithDisbelief.com
hi hi hi hi
|
|
|
|
|
|
No I am not looking for loginviewcontrol.
say for example:-
let us have 2 roles clerk and approver.
say clerk has rights to create order and edit order
approver has rights to only approve order
when a user with clerk credentials logs in only create and edit buttons to be available
if he is approver only approve button to be available.
lovinviewcontrol will do the trick for implementing this. but my requirement is if someone with the role of clerk and approver(multiple roles to the same user) logs in he must have create,edit and approve all the buttons available.
how can I implement this????
hi hi hi hi
|
|
|
|
|
You can create user groups, roles and controls. Roles could basically have permissions so when you are about to show any control go through the roles or security list and check which ones are applied.
|
|
|
|
|
|
Well, during the user creation you can define the user by assignning it to a specific group, authentication type like windows or application, and roles. You may want to store them in the database and should be have normalize tables. Furthermore, You may perhaps have a group mainteance page or role maintenance where these could be maintained. So when the specific user is logged in to the system. You through the groups and roles and check what kinds of layout this user should be able to view.
|
|
|
|
|
Hi all,
As i am using asp.net web application with c#.Net, as i need to disable address bar for my entire web application.
I visited alot of sites for this but all of them are dealing with opening one window setting only but i need to disable entire application.
Can any body help on these.
thanks in advance,
eswar.
|
|
|
|
|
|
|
Even if you see somewhere addressbar is hidden, it is actually impossible to do.
most of the browsers like Mozilla, IE 7 and above doesnt allow open window without address bar.
So sorry.
Better you might use AJAX to get the content of the page and load it into your floating container produced using div.
|
|
|
|
|
open the browser in full screen mode (F11).. use javascript fot it
|
|
|
|
|
i have an text file with some data. i want load the text file in mu sql server 2005 database by using vb.net.
can any one plzz help me...
Regards,
S.Inayat Basha.
|
|
|
|