In the case proposed by Diony , signing multiple elements by id, simply change the newSignedInfo to: // Create the SignedInfo final List transforms0... I must admit that I don't understand transformations, so take my example code with a grain of salt. Also, signing a doc fragment by PATH does not work, simply because there's no way to identify the fragment with a URI without referring to it by id. Reference ode from org.jcp.xml.dsig.internal.dom.DOMURIDereferencer : // Check if same-document URI and register...

After a user resets a password, I want to force the user to change the password before she gets access to secured content. This is usually done with a servlet filter. But with Spring MVC, you can also use a HandlerInterceptor . According to Spring JavaDoc: HandlerInterceptor is basically similar to a Servlet 2.3 Filter, but in contrast to the latter it just allows custom pre-processing with the option of prohibiting the execution of the handler itself, and custom post-processing. Filters are more powerful, for example they allow for exchanging the request and response objects that are handed down the chain. Note that a filter gets configured in web.xml, a HandlerInterceptor in the application context. As a basic guideline, fine-grained handler-related preprocessing tasks are candidates...

Thank you. Is there any way to show permissions which are actualy used by an app (should I say "active permissions") in a period of time and they may not be listed in the list of permissions when we install this app (mallware, etc.)? Thanks.

Example 1, from the pipe man page. The parent then writes the string contained in the program's command-line argument to the pipe, and the child reads this string a byte at a time from the pipe and echoes it on standard output. #include <sys/wait.h> #include <stdio.h> #in... Example 2, child execs command given at the command line, then writes to stdout (of child), which is piped to parent. Parent reads from pipe and writes to stdout (of parent). #include <sys/wait.h> #include <stdio.h> #in...

When one element overlaps another, which one gets the event when you click on it? The top one, of course! Not so for IE. If the top element is transparent, the click falls through on areas in the bottom element where there's "content". Try the simple HTML below. When you click on the letter "A", the bottom DIV gets the event in IE. <!doctype html> <html> <head> <style ... There's a CSS property pointer-events which controls click through behavior in case of overlay, but it doesn't have any effect in IE.

Exerpt from bash documentation. HISTORY EXPANSION The bash shell supports a history expansion feature that is similar to the history expansion in csh. This feature is enabled by default for interactive shells, and can be disabled using the +H option to the set builtin command. Non-interactive shells do not perform history expansion by default. History expansions introduce words from the history list into the input stream, making it easy to repeat commands, insert the arguments to a previous command into the current input line, or fix errors in previous commands quickly. History expansion is performed immediately after a complete line is read, before the shell breaks it into words. It takes place in two parts. The first is to determine which line from the history...

Because of the utilization of HTTP pipelining, Ubuntu APT had problems working with web proxies like Squid . The problem was fully documented in this bug report: disable apt http pipelining in quantal which also provided a way to turn off pipelining manually: apt-get -o Acquire::http::Pipeline-Depth="0" -y up... Pipelining is turned off by default as of apt (0.9.6ubuntu1) - Ubuntu Linux 12.10 'Quantal Quetzal' - see link above.

I have two sites: site1 and site2 . I want to render some content from site2 on site1 . The content is different depending on whether the user is logged in site2 . For example, display Login button when user is not logged in, My Account link when user is logged in. I can inject content into the page on site1 by including a JavaScript generated from site2 : <script type="text/javascript" src="http://site2/c... This works because when the JavaScript is requested from site2 , the session cookie is sent along with the request, which is used by site2 to generate different content depending on the session status. However, for IE 9, this scheme breaks when site1 and site2 are in different security zones and IE protected...

IE categorizes web sites into different security zones . You can put specific sites into a certain zone with the "Security" tab in the "Internet Options" dialog. If a site is not specifically configured, IE has default algorithm to assign it to a zone. which can have unexpected results. For example: http://myserver is in the Intranet zone because the name does not contain a dot (.). But if you are using the IP address of myserver , then it goes to the Internet zone, even though myserver may have an internal IP address, or even on the same subnet: http://192.168.2.1 . IE8 and before displays the Zone of a web site in the status bar. IE9 removed the Zone info from the status bar. You...

Spring MVC 3.1 can send either JSON or HTML response on the same URL, depending on the type of response requested. With this mechanism, a page can be sent when directly requested from a link, but a JSON response can be sent in response to an AJAX request. This is the controller code: package com.example; import java.util.Map; ... In the above example, JSON response will be sent when the HTTP request contains header "Accept: application/json". HTML response will be sent then the header is "Accept: */*", or "Accept: text/html", or anything else. You can add a limitation that the HTML response does not produce "application/json". But then the question is which response will be sent when the HTTP header is "Accept: */*"? Both methods will...