I have Java FX app which is available for download on my site. I am looking for a way how to remotely and uniquely identify each downloaded application. Is it possible to store the id (for ex. in txt file) into a package of the Java FX app immediately before download?
Thanks for any suggestions
Each time you distribute it, you could try signing and timestamping the jar file for distribution. That way you can ensure that the file is not tampered with and validate it's signature and timestamp either locally or in a callback to a service you provide if necessary.
Also consider java-webstart cited here.
Yes, signing and webstart technologies can be used together if desired. Those two technologies can be used separately or together, so you can choose what is appropriate for your app. See the javapackager documentation for more details of the packaging process for web start (go through the documentation and refer to the sections that reference jnlp). Be aware that web start currently only works with Oracle JDK (as far as I know).
For your purposes, you would create a script that executes on each download request to generate a unique id or timestamp (or gets a timestamp from a timestamp service) and adds that to the package before signing and offering the package for download. You could add the download instance UUID and timestamp together with the referring IP address or user id (if you have a login system on your website), to a server-side database to track who downloaded what at what time.
If using webstart, you use a JNLP deployment as mentioned in the linked documentation. There are options for the packaging the JNLP to interact with some Javascript on a webpage, which can reduce network traffic and speed up the download and usage process. Sophisticated deployment mechanisms can dynamically generate that download package, and the download page with Javascript calls which embed JNLP data. Details or samples of such systems are outside the scope of the information I can provide here.
Related
I have a big Monolithic Oracle DB. I may end up creating around 20 System APIs to get Various data from this DB. So instead of configuring DB connection in all 20 system APIs, like to create a DB connector and make it as a jar file. So that every system APIs can add this in their POM and use that for connection.
Is that something possible or is there any better approach to handle it?
One method if all applications are in the same server is to create a domain and share the configuration by placing it in the domain. This is usually the recommended approach. This method is documented at https://docs.mulesoft.com/mule-runtime/4.3/shared-resources
If that's not possible (for example CloudHub doesn't support domains) or desired, then you have to package the flow in a jar by following the instructions in this KB article: https://help.mulesoft.com/s/article/How-to-add-a-call-to-an-external-flow-in-Mule-4. Note that while the article title mentions flows, the method works with both configurations and flows.
I have problem with node-red.
I have a server and i have node-red running on it, i know how to create user authentification by editing setting.js file but what i want to do is that i want to be able to create other users from a webpage that is running on the same server.
I can run a python script that edit the setting.js file and i can edit it mannualy,
but i want to be able to create and remove users from the webpage that is running on the same server.
i am using ubuntu and ngninx on my server.
The Node-RED security documentation includes a section on adding custom user authentication here. It explains how you can replace the hard coded user information with a module that will authenticate a given user. Editing the settings.js is probably not the right approach, especially as it will require you to restart Node-RED after each change.
With this approach you can build your own back end to store and manage users. There are a couple of examples of such code available, including this one that I have written that uses MongoDB to hold the user information. The management app that creates users can be found here, but you can write your own in Python if you want.
Just as a reminder, Node-RED is not a true multi-user environment, even if you declare a number of users, they will all only have shared access to one instance and set of flows. If you want a truly multi-tenant (each user has their own instance and flows) deployment you should probably look at the entire series of posts in that collection that explains how to build such a system. You can start here.
I need to store my user id and password in a python variable file in robot framework. This credential will be utilized to login to website to test it. No other person should be able to view my credential (even in git also). Hence, I have to lock this variable file. Is there any way to lock this python variable file?
Due to their nature Source Code Repository systems are public in nature. So, either you lock the repository or it's open to everyone. This makes storing any type of sensitive data in such a system a bad idea.
For these types of information it is typically best to have a separate file and refer to that file when executing the run. In Robot Framework this can be done using Variable files. These can be referred to using the Variables myvariables.<ext>. There is support for Python and YAML files.
Securing these files can be as easy as placing them in a location that only few can access to setting up tools to store them encrypted and only make them available when having the right key. This is a separate topic on it's own with it's own challenges.
I am about to embark on the development of a line of business application using the Universal Windows Platform (Windows 10). One of the requirements of the application is the synchronisation of data from a server to a local SQLite database; this is required because the application needs to be usable where there is no network connectivity.
It is likely that multiple (windows domain) users will be accessing the application on the same device, sometimes simply by "swapping users", other times by logging off the first user and logging on as a new user.
I realise that UWP applications are installed at a user level, however I would like to be able to share the SQLite database between these users instead of forcing each user to download their own copy of the data.
Is this possible? I am struggling to find any reference to this kind of sharing within the Microsoft documentation - but of course that documentation is new and far from complete!
I guess at the end of the day I am looking for access to a folder that is accessible by any user running that application on the same device, such as the "x:\Users\Public" folders that are available from the desktop, but without having to ask the user to provide access to that folder via any picker control - instead simply being able to "open" it.
Thanks.
In case anyone runs across this, this functionality is now available as described in this blog post:
We introduced a new storage location Windows 10, ApplicationData.SharedLocalFolder, that allows multiple users of one app to share local data. Obviously this feature is only interesting with devices that will be used by more than one person. For such scenarios, for example in educational uses, it may make sense to place any large downloads in Shared Local. The benefits will be two-fold: any user can access these files without the need to re-download them, also there will be storage space savings
Keep in mind that Shared Local is only available if the machine has the right group policy, otherwise when you call ApplicationData.Current.SharedLocalFolder you will get back a null result.
In order to enable Shared Local the machine administrator should enable the corresponding policy.
Alternatively, the administrator could create a REG_DWORD value called AllowSharedLocalAppData with a value of 1 under HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\AppModel\StateManager
Note that data store in ShareLocal will only be persisted as long as the app is installed on the device and won’t be backed up by the system.
In Solution Explorer , Right click on Package.appxmanifest then click on ViewCode , end of this file in both projects add below code :
<Extensions>
<Extension Category="windows.publisherCacheFolders">
<PublisherCacheFolders>
<Folder Name="FolderName" />
</PublisherCacheFolders>
</Extension>
</Extensions>
After that in code you can access this folder with below line of code :
StorageFolder sharedDownloadsFolder = ApplicationData.Current.GetPublisherCacheFolder("FolderName");
It`s so important that the folder you will share between two these Apps depend on same publisher info at Certificate File [ProjectName]_TemporaryKey.pfx , if this Certificate File and publisher Info of app is same in both Projects , then you can access the same SharedFolder in both application and use it for create or use dataBase file(like SQLite Database file) or other files that need to be share in both applications.
I have developed a web based application in ASP.NET and C# where users have the facility to upload files on the server through this application I want the application to Scan the uploaded files for viruses before saving on the server. Same like when we attach files with our email in Yahoo. Please guide me how I can achieve this functionality Any API which can be integrated in ASP.NET application or any other way you can suggest. We can purchase the licensed version of a product which can achieve this. I have googled but did not find specific results.
Thanks in advance!
First of all the file must be saved onto the server before you can scan it. If you notice Yahoo will upload the file first - but not allow the attachment to be sent until scanned.
Then you can use an antivirus with a command line interface or some other kind of API. Both of these can be called via C# and should provide the functionality you require. Parhaps write a wrapper class that takes a file and returns true or false depending on whether a virus was detected.
Other applications that provide you with a command line interface:
Microsoft Security Essentials
clamAv
I believe MS AV provides better results.
Just purchase antivirus software that has a command-line interface (several popular packages include this). Once the file has been uploaded, run the scan.
I would think, in order to upload and scan at the same time, you might need to implement your own antivirus software as I'm not familiar with any package that would provide that sort of interface.
I run a shareware site. It doesn't work as you described, but I download each file to my local computer and run a scan on them. You would be doing something similar.