Renovator Certification

first_imgPainters, carpenters or anyone who renovates homes should attend a training June 29 in Oconee County that will explain new Environmental Protection Agency regulations for lead-based paints.Located at the Oconee County Civic Center, the training will be 8 a.m. until 5 p.m. and offered by University of Georgia Cooperative Extension through a partnership with Greenville Tech.The EPA Renovation, Repair and Painting Rule took effect April 22 and affects contractors, property managers and others who work in housing or childcare centers built before 1978.Participants will learn how to minimize lead dust generation and soil contamination during maintenance, renovation and remodeling activities. Following these procedures will reduce the risk of lead exposure to employees, children and residents.Participants in the class will perform hands-on activities and will be tested at the end of class.Those who earn a passing score will be certified as renovators, a certification that is valid for five years. The class, which costs $260, is limited to the first 20 registrants. For more information, or to register, go to the website www.fcs.uga.edu/ext/housing.last_img read more

Read more →

Feds Fine NY $150K for Environmental Violations at Long Island State Parks

first_imgSign up for our COVID-19 newsletter to stay up-to-date on the latest coronavirus news throughout New York New York State was fined $150,000 for a decade-long delay in closing three dozen large-capacity cesspools that violate federal environmental law at seven New York State parks on Long Island, officials said.The state is also required to spend $8.8 million to replace them and another 18 prohibited cesspools at upstate parks, plus spend more than $1 million on projects designed to mitigate water pollution in order to settle a lawsuit in which the U.S. Environmental Protection Agency alleged that New York violated Safe Drinking Water Act deadlines to correct the problem, prosecutors announced Wednesday.“Public parks and water pollution don’t go together,” said Judith Enck, the EPA regional administrator. “After years of being out of compliance with federal law, New York State will finally close the numerous cesspools found in state parks, helping protect groundwater from nitrogen and other pollutants.”The EPA alleged that the state Office of Parks, Recreation and Historic Preservation and the Palisades Interstate Park Commission failed to close a total of 54 antiquated oversized cesspools by the federal deadline of April 5, 2005. Such cesspools leach raw sewage, causing nitrogen pollution that can compromise the aquifers that serve as drinking water reserves for most of LI’s 3 million residents and produce brown tides that kill marine life in local bays.Six of the prohibited cesspools are in the process of being replaced. Plans have been submitted to close the other 29, officials said. Most on LI will be closed by next September with the remainder slated for closure by September 2018, officials added. The parks will either divert urine to sewage treatment facilities or install nitrogen-reducing technology.The parks on LI that are in violation include Robert Moses State Park in Babylon, Sunken Meadow State Park in Kings Park, Wildwood State Park in Wading River, Caumsett State Historic Park in Lloyd Harbor, Connetquot River State Park Preserve in North Great River, Captree State Park in Babylon and Hallock State Park in Wading River.The settlement agreement is subject to a 30-day public comment period before the EPA and prosecutors for the Eastern District of New York will decide whether to ask a federal judge to finalize the settlement.last_img read more

Read more →

Mamata postpones visit to TN given panchayat polls

first_imgKolkata: Chief Minister Mamata Banerjee on Wednesday called off her next week’s visit to Tamil Nadu for meeting top leaders of the DMK given the impending panchayat elections in the state.According to a senior official at the state secretariat, the chief minister has expressed her willingness to visit Tamil Nadu after the panchayat elections in West Bengal are over.”She has asked to call off her plans to visit Tamil Nadu scheduled next week. She may visit the state after the elections are over,” the official said, adding Banerjee was very much concerned about the ongoing protests in the southern state over the Cauvery issue. Also Read – Heavy rain hits traffic, flightsPanchayat polls in West Bengal are scheduled on May 1, 3 and 5. Results would be declared on May 8.The Trinamool Congress chief was expected to meet DMK president M Karunanidhi and working president MK Stalin during her visit to Chennai.Last month, Banerjee had visited New Delhi to meet senior leaders of prominent anti-BJP parties. She met UPA chairperson Sonia Gandhi in addition to a host of other important leaders.Telangana Chief Minister K Chandrasekhar Rao had met her in Kolkata recently. She has also met NCP chief Sharad Pawar, supremo Uddhav Thackeray and AAP national convener Arvind Kejriwal in pursuance of the political efforts.last_img read more

Read more →

Whats the difference between OAuth 10 and OAuth 20

first_imgThe OAuth protocol specifies a process for resource owners to authorize third-party applications in accessing their server resources without sharing their credentials. This tutorial will take you through understanding OAuth protocol and introduce you to the offerings of OAuth 2.0 in a practical manner. This article is an excerpt from a book written by Balachandar Bogunuva Mohanram, titled RESTful Java Web Services, Second Edition. Consider a scenario where Jane (the user of an application) wants to let an application access her private data, which is stored in a third-party service provider. Before OAuth 1.0 or other similar open source protocols, such as Google AuthSub and FlickrAuth, if Jane wanted to let a consumer service use her data stored on some third-party service provider, she would need to give her user credentials to the consumer service to access data from the third-party service via appropriate service calls. Instead of Jane passing her login information to multiple consumer applications, OAuth 1.0 solves this problem by letting the consumer applications request authorization from the service provider on Jane’s behalf. Jane does not divulge her login information; authorization is granted by the service provider, where both her data and credentials are stored. The consumer application (or consumer service) only receives an authorization token that can be used to access data from the service provider. Note that the user (Jane) has full control of the transaction and can invalidate the authorization token at any time during the signup process, or even after the two services have been used together. The typical example used to explain OAuth 1.0 is that of a service provider that stores pictures on the web (let’s call the service StorageInc) and a fictional consumer service that is a picture printing service (let’s call the service PrintInc). On its own, PrintInc is a full-blown web service, but it does not offer picture storage; its business is only printing pictures. For convenience, PrintInc has created a web service that lets its users download their pictures from StorageInc for printing. This is what happens when a user (the resource owner) decides to use PrintInc (the client application) to print his/her images stored in StorageInc (the service provider): The user creates an account in PrintInc. Let’s call the user Jane, to keep things simple. PrintInc asks whether Jane wants to use her pictures stored in StorageInc and presents a link to get the authorization to download her pictures (the protected resources). Jane is the resource owner here. Jane decides to let PrintInc connect to StorageInc on her behalf and clicks on the authorization link. Both PrintInc and StorageInc have implemented the OAuth protocol, so StorageInc asks Jane whether she wants to let PrintInc use her pictures. If she says yes, then StorageInc asks Jane to provide her username and password. Note, however, that her credentials are being used at StorageInc’s site and PrintInc has no knowledge of her credentials. Once Jane provides her credentials, StorageInc passes PrintInc an authorization token, which is stored as a part of Jane’s account on PrintInc. Now, we are back at PrintInc’s web application, and Jane can now print any of her pictures stored in StorageInc’s web service. Finally, every time Jane wants to print more pictures, all she needs to do is come back to PrintInc’s website and download her pictures from StorageInc without providing the username and password again, as she has already authorized these two web services to exchange data on her behalf. The preceding example clearly portrays the authorization flow in OAuth 1.0 protocol. Before getting deeper into OAuth 1.0, here is a brief overview of the common terminologies and roles that we saw in this example: Client (consumer): This refers to an application (service) that tries to access a protected resource on behalf of the resource owner and with the resource owner’s consent. A client can be a business service, mobile, web, or desktop application. In the previous example, PrintInc is the client application. Server (service provider): This refers to an HTTP server that understands the OAuth protocol. It accepts and responds to the requests authenticated with the OAuth protocol from various client applications (consumers). If you relate this with the previous example, StorageInc is the service provider. Protected resource: Protected resources are resources hosted on servers (the service providers) that are access-restricted. The server validates all incoming requests and grants access to the resource, as appropriate. Resource owner: This refers to an entity capable of granting access to a protected resource. Mostly, it refers to an end user who owns the protected resource. In the previous example, Jane is the resource owner. Consumer key and secret (client credentials): These two strings are used to identify and authenticate the client application (the consumer) making the request. Request token (temporary credentials): This is a temporary credential provided by the server when the resource owner authorizes the client application to use the resource. As the next step, the client will send this request token to the server to get authorized. On successful authorization, the server returns an access token. The access token is explained next. Access token (token credentials): The server returns an access token to the client when the client submits the temporary credentials obtained from the server during the resource grant approval by the user. The access token is a string that identifies a client that requests for protected resources. Once the access token is obtained, the client passes it along with each resource request to the server. The server can then verify the identity of the client by checking this access token. The following sequence diagram shows the interactions between the various parties involved in the OAuth 1.0 protocol: You can get more information about the OAuth 1.0 protocol here. What is OAuth 2.0? OAuth 2.0 is the latest release of the OAuth protocol, mainly focused on simplifying the client-side development. Note that OAuth 2.0 is a completely new protocol, and this release is not backwards-compatible with OAuth 1.0. It offers specific authorization flows for web applications, desktop applications, mobile phones, and living room devices. The following are some of the major improvements in OAuth 2.0, as compared to the previous release: The complexity involved in signing each request: OAuth 1.0 mandates that the client must generate a signature on every API call to the server resource using the token secret. On the receiving end, the server must regenerate the same signature, and the client will be given access only if both the signatures match. OAuth 2.0 requires neither the client nor the server to generate any signature for securing the messages. Security is enforced via the use of TLS/SSL (HTTPS) for all communication. Addressing non-browser client applications: Many features of OAuth 1.0 are designed by considering the way a web client application interacts with the inbound and outbound messages. This has proven to be inefficient while using it with non-browser clients such as on-device mobile applications. OAuth 2.0 addresses this issue by accommodating more authorization flows suitable for specific client needs that do not use any web UI, such as on-device (native) mobile applications or API services. This makes the protocol very flexible. The separation of roles: OAuth 2.0 clearly defines the roles for all parties involved in the communication, such as the client, resource owner, resource server, and authorization server. The specification is clear on which parts of the protocol are expected to be implemented by the resource owner, authorization server, and resource server. The short-lived access token: Unlike in the previous version, the access token in OAuth 2.0 can contain an expiration time, which improves the security and reduces the chances of illegal access. The refresh token: OAuth 2.0 offers a refresh token that can be used for getting a new access token on the expiry of the current one, without going through the entire authorization process again. Before we get into the details of OAuth 2.0, let’s take a quick look at how OAuth 2.0 defines roles for each party involved in the authorization process. Though you might have seen similar roles while discussing OAuth 1.0 in last section, it does not clearly define which part of the protocol is expected to be implemented by each one: The resource owner: This refers to an entity capable of granting access to a protected resource. In a real-life scenario, this can be an end user who owns the resource. The resource server: This hosts the protected resources. The resource server validates and authorizes the incoming requests for the protected resource by contacting the authorization server. The client (consumer): This refers to an application that tries to access protected resources on behalf of the resource owner. It can be a business service, mobile, web, or desktop application. Authorization server: This, as the name suggests, is responsible for authorizing the client that needs access to a resource. After successful authentication, the access token is issued to the client by the authorization server. In a real-life scenario, the authorization server may be either the same as the resource server or a separate entity altogether. The OAuth 2.0 specification does not really enforce anything on this part. It would be interesting to learn how these entities talk with each other to complete the authorization flow. The following is a quick summary of the authorization flow in a typical OAuth 2.0 implementation: Let’s understand the diagram in more detail: The client application requests authorization to access the protected resources from the resource owner (user). The client can either directly make the authorization request to the resource owner or via the authorization server by redirecting the resource owner to the authorization server endpoint. The resource owner authenticates and authorizes the resource access request from the client application and returns the authorization grant to the client. The authorization grant type returned by the resource owner depends on the type of client application that tries to access the OAuth protected resource. Note that the OAuth 2.0 protocol defines four types of grants in order to authorize access to protected resources. The client application requests an access token from the authorization server by passing the authorization grant along with other details for authentication, such as the client ID, client secret, and grant type. On successful authentication, the authorization server issues an access token (and, optionally, a refresh token) to the client application. The client application requests the protected resource (RESTful web API) from the resource server by presenting the access token for authentication. On successful authentication of the client request, the resource server returns the requested resource. The sequence of interaction that we just discussed is of a very high level. Depending upon the grant type used by the client, the details of the interaction may change. The following section will help you understand the basics of grant types. Understanding grant types in OAuth 2.0 Grant types in the OAuth 2.0 protocol are, in essence, different ways to authorize access to protected resources using different security credentials (for each type). The OAuth 2.0 protocol defines four types of grants, as listed here; each can be used in different scenarios, as appropriate: Authorization code: This is obtained from the authentication server instead of directly requesting it from the resource owner. In this case, the client directs the resource owner to the authorization server, which returns the authorization code to the client. This is very similar to OAuth 1.0, except that the cryptographic signing of messages is not required in OAuth 2.0. Implicit: This grant is a simplified version of the authorization code grant type flow. In the implicit grant flow, the client is issued an access token directly as the result of the resource owner’s authorization. This is less secure, as the client is not authenticated. This is commonly used for client-side devices, such as mobile, where the client credentials cannot be stored securely. Resource owner password credentials: The resource owner’s credentials, such as username and password, are used by the client for directly obtaining the access token during the authorization flow. The access code is used thereafter for accessing resources. This grant type is only used with trusted client applications. This is suitable for legacy applications that use the HTTP basic authentication to incrementally transition to OAuth 2.0. Client credentials: These are used directly for getting access tokens. This grant type is used when the client is also the resource owner. This is commonly used for embedded services and backend applications, where the client has an account (direct access rights). Read Next: Understanding OAuth Authentication methods – Tutorial OAuth 2.0 – Gaining Consent – Tutoriallast_img read more

Read more →

Air Canada and WestJet make flights available through Hopper at secret low

first_img Share Thursday, May 3, 2018 MONTREAL – Canada’s two largest airlines are using an airfare prediction app to unload some of their seats via “secret fares” at discounts of up to 35%.Air Canada and WestJet are among the first global airlines to make their flights available for the large discounts, starting Wednesday.Montreal-based app developer Hopper said other airlines such as LATAM, Turkish, Copa and Air China will be joined by other carriers in the coming weeks.The discounts are available on more than 60,000 routes to international destinations such as Tokyo, Melbourne, Paris, Barcelona, Rio De Janeiro and Costa Rica. There are currently no domestic routes.The app will alert users to secret fares that could result in savings of up to $500 on long-haul flights.Hopper said these low fares aren’t available online.Instead, it communicates directly with app users to avoid triggering a competitive reaction that could lead to a fare war among airlines.Airlines largely see secret fares as a complementary distribution channel, said Dakota Smith, Hopper’s head of growth and business.More news:  Can you guess the one and only hotel company to rank on Indeed’s Top Workplaces in Canada list?“Being a mobile-only, closed environment puts Hopper in an extremely unique position to offer a new way to reach brand-neutral consumers who do most of their shopping on the phone,” he said in an email.Hopper sends personalized recommendations and data-driven results using push notifications. It sends more than 400 million push notifications a year.Smith said airlines give the heavily discounted rates to fill planes and increase their bookings beyond their fair share – the percentage of seats an airline flies on a route.“To increase their share, they need to stand out from competing airlines in a way that cannot be publicly replicated,” he added.Air Canada didn’t respond to requests for comment, but WestJet said mobile use is an important way for it to connect with potential customers, along with its own website and travel agents.“Hopper, as with other online travel agents that WestJet works with, sells both published and private fares,” said spokeswoman Lauren Stewart in an email.More news:  Windstar celebrates record-breaking bookings in JulyShe said private fares are provided to travel agencies at a discounted rate depending on the needs of the airline.“This is standard and a long-standing practice in the commercial aviation industry,” she added.Smith said the Hopper hopes to offer secret fares soon from U.S. and European airlines.Hopper said more than 20% of its sales are generated by its artificial intelligence algorithms that make recommendations for trips that passengers may not have even searched for.Unlike some online searches that don’t identify the provider, the secret fares provide all details about the flight such as the airline, departure time and arrival time before booking.Hopper said more than 60% of its users are millennials, 90% are leisure travellers and 52% are travelling internationally. Air Canada and WestJet make flights available through Hopper at secret low fares Posted by Travelweek Group << Previous PostNext Post >>last_img read more

Read more →