AclEntry.setNegativePermissions() implemented by weblogic.security.acl.AclEntryImpl?

I've implemented a custom realm on wl6.1 sp1 which extends the LDAPv2 realm
(implementing the ManageableRealm interface) for users and groups and
delegates to a rdbms delegate for aclentry management. I read an earlier
post about revoking a permission which requires a custom realm to augment
the weblogic.security.acl.AclImpl class. My question is similar in nature.
In a situation where a positive AclEntry needs to be changed to a negative
entry, what are the requirements imposed on the custom realm implementer?
Do I need to worry about the checkPermission call on the Acl implementation?
On the AclEntry implementation? Is there a BEA recommended path similar to
that for revoking permissions?
I would also recommend that the BEA responses to the revoking permissions
post and this be included in the documentation outlining the
responsibilities for implementing a custom realm.
Thanks!
Jon
Jon Wilmoth
Software Architect
eSage Group
(206) 264-5675 (Voice & Fax)
[email protected]
http://www.esagegroup.com

Hi Jon,
Your issue should be raised with BEA support. With regard to your second isssue:
"and this be included in the documentation outlining the
responsibilities for implementing a custom realm."
You should raise this as an enhancement either via the support channels or via
[email protected]
Kind Regards,
Richard Wallace.
Senior Developer Relations Engineer.
BEA Support.
"Jon Wilmoth" <[email protected]> wrote:
I've implemented a custom realm on wl6.1 sp1 which extends the LDAPv2
realm
(implementing the ManageableRealm interface) for users and groups and
delegates to a rdbms delegate for aclentry management. I read an earlier
post about revoking a permission which requires a custom realm to augment
the weblogic.security.acl.AclImpl class. My question is similar in nature.
In a situation where a positive AclEntry needs to be changed to a negative
entry, what are the requirements imposed on the custom realm implementer?
Do I need to worry about the checkPermission call on the Acl implementation?
On the AclEntry implementation? Is there a BEA recommended path similar
to
that for revoking permissions?
I would also recommend that the BEA responses to the revoking permissions
post and this be included in the documentation outlining the
responsibilities for implementing a custom realm.
Thanks!
Jon
Jon Wilmoth
Software Architect
eSage Group
(206) 264-5675 (Voice & Fax)
[email protected]
http://www.esagegroup.com

Similar Messages

Weblogic.security.acl.realm.authentication... Exception

Hello All
the reason I'm moving a post-question from JMS to this section is people there
suggested this. anyway,
when I tried to use an applet which implemented MessageListener to send message,
I got the following exception ( the port 7001 had been granted to connect, resolve
in java.policy)
javax.naming.AuthenticationException [root exception is java.lang.SecurityException:Authentication
for user admin denied in realm webogic start server side trace: java.lang.SecurityException:Authentication
for user admin denied in realm weblogic at weblogic.security.acl.Realm.authentication(Realm.java
212) at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java 233) at weblogic.security.acl.internal.Security.authenticate(Security.java
135) at weblogic.kernel.bootSevicesImp.authenticat(BootServicesImp.java 119) at
weblogic.kernel.ExecuteThread.run(ExcuteThread.java:120 ..
My Question is why servlet or swing or other application out of applet don't generate
such exceptions even most codes are similar ? How to deal with this?
Thanks
John

Hello All
the reason I'm moving a post-question from JMS to this section is people there
suggested this. anyway,
when I tried to use an applet which implemented MessageListener to send message,
I got the following exception ( the port 7001 had been granted to connect, resolve
in java.policy)
javax.naming.AuthenticationException [root exception is java.lang.SecurityException:Authentication
for user admin denied in realm webogic start server side trace: java.lang.SecurityException:Authentication
for user admin denied in realm weblogic at weblogic.security.acl.Realm.authentication(Realm.java
212) at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java 233) at weblogic.security.acl.internal.Security.authenticate(Security.java
135) at weblogic.kernel.bootSevicesImp.authenticat(BootServicesImp.java 119) at
weblogic.kernel.ExecuteThread.run(ExcuteThread.java:120 ..
My Question is why servlet or swing or other application out of applet don't generate
such exceptions even most codes are similar ? How to deal with this?
Thanks
John

Weblogic.security.acl.DefaultRealmImpl missing

I try to implement a custom realm. I get an Exception because
weblogic.security.acl.Realm tries to use the class
weblogic.security.acl.DefaultRealmImpl which is missing. Instead the
class seems to exists in the package weblogic.security.acl.internal. Is
there a workaround out there to make the whole thing work. Or do I have
to wait for the next service pack (how long)?
Thanks, Bodo.

solved!
simply import weblogic.jar in the project

Weblogic.security.acl.internal.AuthenticatedSubject not resolved

Hi guys,
when I try to implement that code:
CallbackHandler handler = new URLCallbackHandler(username,
password);
Subject mySubject =
weblogic.security.services.Authentication.login(handler);
weblogic.servlet.security.ServletAuthentication.runAs(mySubject, request);
// Where request is the httpservletrequest object.
in my servlet I get that issue in workshop 9.2:
The type weblogic.security.acl.internal.AuthenticatedSubject cannot be resolved. It is indirectly
referenced from required .class files
Any idea??
Thanks a lot
L.

solved!
simply import weblogic.jar in the project

Javax.security.auth.Subject and weblogic.security.acl.User

Hello,
We are trying to move some old authentication code (Weblogic 5.1) to JAAS
which comes with Weblogic 6.1. Here is my problem:
I can succesfully authenticate the Subject through my RDBMS Realm. But then, the rest of my code uses weblogic.security.acl.User
and not javax.security.auth.Subject for authorization and other tasks. So, how can I extract weblogic.security.acl.User from javax.security.auth.Subject?
I tried subject.getPrincipals(), since User indirectly implements Principal, but it comes back empty.
Any suggestions?

Hello,
We are trying to move some old authentication code (Weblogic 5.1) to JAAS
which comes with Weblogic 6.1. Here is my problem:
I can succesfully authenticate the Subject through my RDBMS Realm. But then, the rest of my code uses weblogic.security.acl.User
and not javax.security.auth.Subject for authorization and other tasks. So, how can I extract weblogic.security.acl.User from javax.security.auth.Subject?
I tried subject.getPrincipals(), since User indirectly implements Principal, but it comes back empty.
Any suggestions?

Weblogic.security.acl in Weblogic 6

I came across the following in the migration documention
(http://edocs.bea.com/wls/docs60/notes/migrate.html#1026915):
I'm assuming that this is just a typo or wording issue but it currently
reads "weblogic.security.acl" is deprecated? Can't be the whole package.
Anyone else notice this?
Deprecated APIs and Features
The following APIs and features are deprecated in anticipation of future
removal from the product:
a.. weblogic.security.acl
b.. WebLogic Events
WebLogic Events are deprecated and should be replaced by JMS messages with
NO_ACKNOWLEDGE or MULTICAST_NO_ACKNOWLEDGE delivery modes. See Programming
WebLogic JMS for more information.
c.. WebLogic HTMLKona
d.. T3 Driver

request.getRemoteUser() still works fine for me after I implented a custom
Autthenication / LoginModule.
"patrik" <[email protected]> wrote in message
news:[email protected]..
>
Yes, I have. see:
http://newsgroups.bea.com/cgi-bin/dnewsweb?cmd=article&group=weblogic.develo
per.interest.security&item=8553&utag=
>
But if you've managed to get out the information from it I'd be gratefulto know
how.
/Patrik
"Utpal" <[email protected]> wrote:
Have you tried weblogic.security.Security.getCurrentSubject() ??
-utpal

Location of weblogic.security.acl.internal.AuthenticatedSubject

I'm trying to compile this code:
CallbackHandler handler = new URLCallbackHandler(userName, password);
Subject subject = Authentication.login(handler);
ServletAuthentication.runAs(subject, request);
But ServletAuthentication.runAs complains that it relies on class weblogic.security.acl.internal.AuthenticatedSubject which is not found.
i agree, i don't find it in either weblogic.jar or wls-api.jar from the 10.3.4 lib directory.
Where do i get this code?

Found it!
It's in
com.bea.core.weblogic.security.identity.jar in the Middleware/modules directory

ClassCastException: weblogic.security.acl.internal.FileRealm

Hi,
I am trying to create new user through the CachingRealm.newUser(?,?,?) method..What
I do is -
weblogic.security.acl.BasicRealm baseRealm =
(weblogic.security.acl.BasicRealm)weblogic.security.acl.Security.getRealm();
weblogic.security.acl.CachingRealm realm = (weblogic.security.acl.CachingRealm)
baseRealm;
However it is not able to classcast to CachingRealm , it gives the exception -
java.lang.ClassCastException: weblogic.security.acl.internal.FileRealm..
Do I need to do anything else ?
Thx

Hi Kumar,
I took a look at config.xml
Looks like you do not have an alternate realm hooked into WebLogic and that is the
source of the problem.
If you try to cast anything to CachingRealm and call methods on it, when you don't have
an alternate realm, then the cast will fail with ClassCastException.
For example, take a look at the very, very simple JSP code
<%@ page import="
import java.util.*,
import weblogic.common.*,
import javax.servlet.*,
import javax.servlet.http.*,
import java.io.*,
import weblogic.security.*,
import weblogic.security.acl.User,
import weblogic.security.acl.Security,
import weblogic.security.acl.Realm,
import weblogic.security.acl.CachingRealm,
import weblogic.security.acl.*,
import java.security.acl.*,
import java.security.acl.Permission,
import java.security.Principal,
import javax.servlet.http.*,
import weblogic.html.*,
import weblogic.common.internal.WLColor
"%>
<%
response.setContentType("text/html");
BasicRealm basicRealm = Security.getRealm();
try {
((CachingRealm) basicRealm).clearCaches();
} catch (ClassCastException ce) {
out.println("There is a class cast.. getRealm ain't no returned a
CachingRealm");
out.println("This probably means that you don't have a pluggable realm hooked
into WebLogic.");
out.println("No pluggable Realm = no Cachingrealm!");
%>
This JSP will give you a class cast if you do not have some alternate realm hooked up
(LDAP, NTREalm, UnixRealm, RDBMSRealm)
But will work just fine if you do have an alternate realm hooked up .
I think that this is what you are seeing.
Hope this helps
Joe Jerry
kumar wrote:
Hi Jerry,
Thanks for your response.
I have attached my config.xml . It is a very small config.xml with all the default
configurations. Please look at it ..
Thx
Jerry <[email protected]> wrote:
Hi Kumar,
Do you have an alternate realm hooked into WebLogic (LDAP, UNIXrealm,
NTRealm,
CustomRealm)?
Thanks,
Joe Jerry
kumar wrote:
Hi,
I am trying to create new user through the CachingRealm.newUser(?,?,?)method..What
I do is -
weblogic.security.acl.BasicRealm baseRealm =
(weblogic.security.acl.BasicRealm)weblogic.security.acl.Security.getRealm();
weblogic.security.acl.CachingRealm realm = (weblogic.security.acl.CachingRealm)
baseRealm;
However it is not able to classcast to CachingRealm , it gives theexception -
java.lang.ClassCastException: weblogic.security.acl.internal.FileRealm..
Do I need to do anything else ?
Thx
Name: config.xml
config.xml Type: XML Document (text/xml)
Encoding: base64

Weblogic implementation of java.security.acl.Group

hi guys
Do you know of any specific reason why there isnt a implementation of the
java.security.acl.Group interface in the weblogic jar.
I am trying to create a simple user manager service which uses the mbeans
exposed by weblogic. However the interface I am coding to expects me to return
java.security.acl.Group when I create a Group. This has resulted in a deadlock
as I havent been able to locate a non deprecated implementation.
Thanks
anand

Yes, you can do this.
Alexandre Vauthey wrote:
Hi,
If I write my own securrity realm, am I able to use my own implementaion of
'java.security.acl.Acl' and 'java.security.acl.AclEntry' or do I have to use
the implementation provided by weblogic ? When Security.checkPermission() is
called, does it solely rely on APIs defined in 'java.security.acl' or does
it really expect to talk to an instance of weblogic 'AclImpl' ?
Thanks, Alexandre.
Alexandre Vauthey
Software Engineer
Application Networks
444 Ramona street
Palo Alto, CA 94301

Can I provide my own implementation of java.security.acl.Acl ?

Hi,
If I write my own securrity realm, am I able to use my own implementaion of
'java.security.acl.Acl' and 'java.security.acl.AclEntry' or do I have to use
the implementation provided by weblogic ? When Security.checkPermission() is
called, does it solely rely on APIs defined in 'java.security.acl' or does
it really expect to talk to an instance of weblogic 'AclImpl' ?
Thanks, Alexandre.
Alexandre Vauthey
Software Engineer
Application Networks
444 Ramona street
Palo Alto, CA 94301

Yes, you can do this.
Alexandre Vauthey wrote:
Hi,
If I write my own securrity realm, am I able to use my own implementaion of
'java.security.acl.Acl' and 'java.security.acl.AclEntry' or do I have to use
the implementation provided by weblogic ? When Security.checkPermission() is
called, does it solely rely on APIs defined in 'java.security.acl' or does
it really expect to talk to an instance of weblogic 'AclImpl' ?
Thanks, Alexandre.
Alexandre Vauthey
Software Engineer
Application Networks
444 Ramona street
Palo Alto, CA 94301

Weblogic.security.acl.User extends java.security.Identity which is deprecated

I have been developing a custom realm for WLS5.1 and I discovered that the
weblogic classes seem to be based on JDK1.1 classes some of which
have been deprecated (e.g. java.security.Identity). I checked the docs
for WLS6.0 and it also uses the same classes.
When do you (BEA) intend to bring the weblogic security classes up
to date? JDK 1.2 has been out for a LONG time!

The WLS security group is currently looking into this.
-Nelson

Error in Admin and manager server startup - BEA-149205- due to error weblogic.security.internal.encryption.EncryptionServiceException

Hi -
I have installed OIM 11g r2 ps2, I an tring to start my Admin and SOA server :
1. Though my admin server is coming up fine, but I am getting the following error when I am trying to start Admin server.
####<Apr 22, 2015 12:22:27 AM PDT> <Error> <Deployer> <devoimx003> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS
Kernel>> <> <> <1429687347654> <BEA-149205> <Failed to initialize the application 'opss-DBDS' due to error weblogic.security.internal.encryption.EncryptionServiceException.
weblogic.security.internal.encryption.EncryptionServiceException
        at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptBytes(JSafeEncryptionServiceImpl.java:139)
        at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptString(JSafeEncryptionServiceImpl.java:187)
        at weblogic.security.internal.encryption.ClearOrEncryptedService.decrypt(ClearOrEncryptedService.java:96)
        at sun.reflect.GeneratedMethodAccessor143.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at weblogic.descriptor.DescriptorManager$SecurityServiceImpl$SecurityProxy._invokeServiceMethod(DescriptorManager.java:173)
        at weblogic.descriptor.DescriptorManager$SecurityServiceImpl$SecurityProxy.decrypt(DescriptorManager.java:192)
        at weblogic.descriptor.DescriptorManager$SecurityServiceImpl.decrypt(DescriptorManager.java:114)
        at weblogic.descriptor.internal.AbstractDescriptorBean._decrypt(AbstractDescriptorBean.java:1092)
        at weblogic.j2ee.descriptor.wl.JDBCDriverParamsBeanImpl.getPassword(JDBCDriverParamsBeanImpl.java:337)
        at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.getDriverProperties(DataSourceConnectionPoolConfig.java:368)
        at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig$2.run(DataSourceConnectionPoolConfig.java:304)
        at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
        at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
        at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.initJDBCParameters(DataSourceConnectionPoolConfig.java:300)
        at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.access$000(DataSourceConnectionPoolConfig.java:24)
        at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig$1.run(DataSourceConnectionPoolConfig.java:78)
        at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
        at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
        at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.getPoolProperties(DataSourceConnectionPoolConfig.java:75)
        at weblogic.jdbc.common.internal.ConnectionPool.doStart(ConnectionPool.java:1329)
        at weblogic.jdbc.common.internal.ConnectionPool.start(ConnectionPool.java:176)
        at weblogic.jdbc.common.internal.ConnectionPoolManager.createAndStartPool(ConnectionPoolManager.java:507)
        at weblogic.jdbc.common.internal.ConnectionPoolManager.createAndStartPool(ConnectionPoolManager.java:428)
        at weblogic.jdbc.module.JDBCModule.prepare(JDBCModule.java:280)
        at weblogic.application.internal.flow.ModuleListenerInvoker.prepare(ModuleListenerInvoker.java:199)
        at weblogic.application.internal.flow.DeploymentCallbackFlow$1.next(DeploymentCallbackFlow.java:517)
        at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
        at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:159)
        at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:45)
        at weblogic.application.internal.BaseDeployment$1.next(BaseDeployment.java:648)
        at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
        at weblogic.application.internal.BaseDeployment.prepare(BaseDeployment.java:191)
        at weblogic.application.internal.SingleModuleDeployment.prepare(SingleModuleDeployment.java:44)
        at weblogic.application.internal.DeploymentStateChecker.prepare(DeploymentStateChecker.java:154)
        at weblogic.deploy.internal.targetserver.AppContainerInvoker.prepare(AppContainerInvoker.java:60)
    at weblogic.deploy.internal.targetserver.SystemResourceDeployment.prepare(SystemResourceDeployment.java:55)
        at weblogic.management.deploy.internal.DeploymentAdapter$1.doPrepare(DeploymentAdapter.java:39)
        at weblogic.management.deploy.internal.DeploymentAdapter.prepare(DeploymentAdapter.java:191)
        at weblogic.management.deploy.internal.AppTransition$1.transitionApp(AppTransition.java:21)
        at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:240)
        at weblogic.management.deploy.internal.ConfiguredDeployments.prepare(ConfiguredDeployments.java:165)
        at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:122)
        at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:180)
        at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:96)
        at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
        at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
        at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
Caused By: weblogic.security.internal.encryption.EncryptionServiceException
        at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptBytes(JSafeEncryptionServiceImpl.java:139)
        at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptString(JSafeEncryptionServiceImpl.java:187)
        at weblogic.security.internal.encryption.ClearOrEncryptedService.decrypt(ClearOrEncryptedService.java:96)
        at sun.reflect.GeneratedMethodAccessor143.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at weblogic.descriptor.DescriptorManager$SecurityServiceImpl$SecurityProxy._invokeServiceMethod(DescriptorManager.java:173)
        at weblogic.descriptor.DescriptorManager$SecurityServiceImpl$SecurityProxy.decrypt(DescriptorManager.java:192)
        at weblogic.descriptor.DescriptorManager$SecurityServiceImpl.decrypt(DescriptorManager.java:114)
        at weblogic.descriptor.internal.AbstractDescriptorBean._decrypt(AbstractDescriptorBean.java:1092)
        at weblogic.j2ee.descriptor.wl.JDBCDriverParamsBeanImpl.getPassword(JDBCDriverParamsBeanImpl.java:337)
        at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.getDriverProperties(DataSourceConnectionPoolConfig.java:368)
        at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig$2.run(DataSourceConnectionPoolConfig.java:304)
        at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
        at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
        at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.initJDBCParameters(DataSourceConnectionPoolConfig.java:300)
        at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.access$000(DataSourceConnectionPoolConfig.java:24)
        at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig$1.run(DataSourceConnectionPoolConfig.java:78)
        at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
        at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
        at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.getPoolProperties(DataSourceConnectionPoolConfig.java:75)
        at weblogic.jdbc.common.internal.ConnectionPool.doStart(ConnectionPool.java:1329)
        at weblogic.jdbc.common.internal.ConnectionPool.start(ConnectionPool.java:176)
        at weblogic.jdbc.common.internal.ConnectionPoolManager.createAndStartPool(ConnectionPoolManager.java:507)
        at weblogic.jdbc.common.internal.ConnectionPoolManager.createAndStartPool(ConnectionPoolManager.java:428)
        at weblogic.jdbc.module.JDBCModule.prepare(JDBCModule.java:280)
        at weblogic.application.internal.flow.ModuleListenerInvoker.prepare(ModuleListenerInvoker.java:199)
        at weblogic.application.internal.flow.DeploymentCallbackFlow$1.next(DeploymentCallbackFlow.java:517)
        at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
      at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:159)
        at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:45)
        at weblogic.application.internal.BaseDeployment$1.next(BaseDeployment.java:648)
        at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
        at weblogic.application.internal.BaseDeployment.prepare(BaseDeployment.java:191)
        at weblogic.application.internal.SingleModuleDeployment.prepare(SingleModuleDeployment.java:44)
        at weblogic.application.internal.DeploymentStateChecker.prepare(DeploymentStateChecker.java:154)
        at weblogic.deploy.internal.targetserver.AppContainerInvoker.prepare(AppContainerInvoker.java:60)
        at weblogic.deploy.internal.targetserver.SystemResourceDeployment.prepare(SystemResourceDeployment.java:55)
        at weblogic.management.deploy.internal.DeploymentAdapter$1.doPrepare(DeploymentAdapter.java:39)
        at weblogic.management.deploy.internal.DeploymentAdapter.prepare(DeploymentAdapter.java:191)
        at weblogic.management.deploy.internal.AppTransition$1.transitionApp(AppTransition.java:21)
        at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:240)
        at weblogic.management.deploy.internal.ConfiguredDeployments.prepare(ConfiguredDeployments.java:165)
        at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:122)
        at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:180)
        at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:96)
        at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
        at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
        at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
2. My SOA server is coming up but in admin mode and giving OPSS connections errors.
Any help is really appreciated!
Thanks,
SK

Hi Faisal -
is your domain in development mode or production mode?
     - While configuring my domian , I had selected Prod Mode, but pon start up when I see in admin server console, it is starting in developement mode already ?
Any idea how, why ?
if its production mode you can switch to development mode, change all the credentials in the config.xml and configurations under sub folders to cleartext and start the server..
- Let me still try these and get back to you.
Thanks,
SK

Java.security.acl.NotOwnerException when Administration Port is set

I get the NOE, posted below, when I start some of my managed servers, while other managed servers
start fine. After some scrutiny I discover the differences is that in /console, I've set some of my
managed server's Administration Port to that of my admin server, and these are the ones that are
busted! Those that I left as default '0' start up just fine. Hence the question: "What the heck
is the use of this field???"
<Apr 3, 2001 3:12:02 PM PDT> <Info> <WebLogicServer> <IIOP subsystem enabled.>
<Apr 3, 2001 3:12:02 PM PDT> <Emergency> <Server> <Unable to initialize the server: 'Fatal
initialization exception
Throwable: java.lang.IllegalAccessError: java.security.acl.NotOwnerException
java.lang.IllegalAccessError: java.security.acl.NotOwnerException
at weblogic.security.acl.Realm.getRealm(Realm.java:91)
at weblogic.security.acl.Realm.getRealm(Realm.java:36)
at weblogic.security.acl.Realm.authenticate(Realm.java:183)
at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
at weblogic.security.acl.internal.Security.authenticate(Security.java:116)
at
weblogic.jndi.WLInitialContextFactoryDelegate.pushUser(WLInitialContextFactoryDelegate.java:429)
at
weblogic.jndi.WLInitialContextFactoryDelegate.newContext(WLInitialContextFactoryDelegate.java:272)
at
weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java
:244)
at weblogic.jndi.Environment.getContext(Environment.java:135)
at weblogic.jndi.Environment.getInitialContext(Environment.java:118)
at weblogic.management.Admin.initializeRemoteAdminHome(Admin.java:894)
at weblogic.management.Admin.start(Admin.java:311)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:331)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
'>
The WebLogic Server did not start up properly.
Exception raised: java.lang.IllegalAccessError: java.security.acl.NotOwnerException
java.lang.IllegalAccessError: java.security.acl.NotOwnerException
at weblogic.security.acl.Realm.getRealm(Realm.java:91)
at weblogic.security.acl.Realm.getRealm(Realm.java:36)
at weblogic.security.acl.Realm.authenticate(Realm.java:183)
at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
at weblogic.security.acl.internal.Security.authenticate(Security.java:116)
at
weblogic.jndi.WLInitialContextFactoryDelegate.pushUser(WLInitialContextFactoryDelegate.java:429)
at
weblogic.jndi.WLInitialContextFactoryDelegate.newContext(WLInitialContextFactoryDelegate.java:272)
at
weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java
:244)
at weblogic.jndi.Environment.getContext(Environment.java:135)
at weblogic.jndi.Environment.getInitialContext(Environment.java:118)
at weblogic.management.Admin.initializeRemoteAdminHome(Admin.java:894)
at weblogic.management.Admin.start(Admin.java:311)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:331)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
Reason: Fatal initialization exception
Gene Chuang
Join Kiko.com!

Ah, I see! The introduction of an "admin server" in 6.0 caused the confusion for me. The
Administration Port is NOT the port number of the admin server!
Gene
"Kumar Allamraju" <[email protected]> wrote in message news:[email protected]...
This is equivalent to weblogic.system.AdministrationPort in 451/510.
In 451/51 if you start WLS server with
java -Dweblogic.system.administrativePort=2000 weblogic.Server
and then executing
D:\releases\510>java weblogic.Admin admin://localhost:2000 VERSION
returns the WLS version.
WebLogic Build: 5.1.0 Service Pack 8 12/20/2000 16:34:54 #95137
Bottom line is, once you set admin port, all admin stuff can be done on admin protocol only.
It appears this is not happening/broken in 6.0 . There's already an engg issue filed on thisproblem.
>
Kumar
Gene Chuang wrote:
I get the NOE, posted below, when I start some of my managed servers, while other managed
servers
start fine. After some scrutiny I discover the differences is that in /console, I've set someof my
managed server's Administration Port to that of my admin server, and these are the ones that are
busted! Those that I left as default '0' start up just fine. Hence the question: "What theheck
is the use of this field???"
<Apr 3, 2001 3:12:02 PM PDT> <Info> <WebLogicServer> <IIOP subsystem enabled.>
<Apr 3, 2001 3:12:02 PM PDT> <Emergency> <Server> <Unable to initialize the server: 'Fatal
initialization exception
Throwable: java.lang.IllegalAccessError: java.security.acl.NotOwnerException
java.lang.IllegalAccessError: java.security.acl.NotOwnerException
at weblogic.security.acl.Realm.getRealm(Realm.java:91)
at weblogic.security.acl.Realm.getRealm(Realm.java:36)
at weblogic.security.acl.Realm.authenticate(Realm.java:183)
at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
at weblogic.security.acl.internal.Security.authenticate(Security.java:116)
at
weblogic.jndi.WLInitialContextFactoryDelegate.pushUser(WLInitialContextFactoryDelegate.java:429)
at
weblogic.jndi.WLInitialContextFactoryDelegate.newContext(WLInitialContextFactoryDelegate.java:272)
at
weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java
:244)
at weblogic.jndi.Environment.getContext(Environment.java:135)
at weblogic.jndi.Environment.getInitialContext(Environment.java:118)
at weblogic.management.Admin.initializeRemoteAdminHome(Admin.java:894)
at weblogic.management.Admin.start(Admin.java:311)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:331)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
'>
The WebLogic Server did not start up properly.
Exception raised: java.lang.IllegalAccessError: java.security.acl.NotOwnerException
java.lang.IllegalAccessError: java.security.acl.NotOwnerException
at weblogic.security.acl.Realm.getRealm(Realm.java:91)
at weblogic.security.acl.Realm.getRealm(Realm.java:36)
at weblogic.security.acl.Realm.authenticate(Realm.java:183)
at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
at weblogic.security.acl.internal.Security.authenticate(Security.java:116)
at
weblogic.jndi.WLInitialContextFactoryDelegate.pushUser(WLInitialContextFactoryDelegate.java:429)
at
weblogic.jndi.WLInitialContextFactoryDelegate.newContext(WLInitialContextFactoryDelegate.java:272)
at
weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java
:244)
at weblogic.jndi.Environment.getContext(Environment.java:135)
at weblogic.jndi.Environment.getInitialContext(Environment.java:118)
at weblogic.management.Admin.initializeRemoteAdminHome(Admin.java:894)
at weblogic.management.Admin.start(Admin.java:311)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:331)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
Reason: Fatal initialization exception
Gene Chuang
Join Kiko.com!

Weblogic security error

          Hi folks,
          I'm not especially proficient with Weblogic, I haven't really done any development
          with it but I am a little familiar with configuring some pieces. Bearing this
          in mind, what follows is pretty sparse on details.
          My department has two deployments of the same application but one works and one
          doesn't. The error is below:
          Start server side stack trace:
          java.lang.ClassCastException: weblogic.security.acl.DefaultUserInfoImpl
               at weblogic.kernel.BootServicesImpl.authenticate(BootServicesImpl.java:189)
               at weblogic.kernel.BootServicesImpl.invoke(BootServicesImpl.java:145)
               at weblogic.rjvm.RJVMImpl.dispatchRequest(RJVMImpl.java:620)
               at weblogic.rjvm.RJVMImpl.dispatch(RJVMImpl.java:581)
               at weblogic.rjvm.ConnectionManagerServer.handleRJVM(ConnectionManagerServer.java:164)
               at weblogic.rjvm.ConnectionManager.dispatch(ConnectionManager.java:640)
               at weblogic.rjvm.t3.T3JVMConnection.dispatch(T3JVMConnection.java:454)
               at weblogic.socket.PosixSocketMuxer.deliverGoodNews(PosixSocketMuxer.java:456)
               at weblogic.socket.PosixSocketMuxer.processSockets(PosixSocketMuxer.java:385)
               at weblogic.socket.SocketReaderRequest.execute(SocketReaderRequest.java:24)
               at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
               at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
          End server side stack trace
          I'm not hoping that from this VERY limited information anybody can offer a solution,
          I'm not expecting that, I'm just hoping that someone can point me in a general
          direction i.e. the ACLS are corrupt, or something like that. Sorry for the lack
          of details. I'm testing the back end application and our front end app cannot
          see the back end, I've been tasked to find out why.
          Cheers, Max


          me again. :-) I just wanted to add that I posted this in the jms forum because
          the back/front ends communicate over JMS.
          - Max

Weblogic.security.service.NotYetInitializedException using JMX

Hi there,
I'm trying to use JMX to add a notification listener to listen for attribute changes to a WLS 8.1 MBean. My code when setting up the listener is as so:
String url = "t3://localhost:7001";
String serverName = "Server1";
String userName = "weblogic";
String password = "weblogic";
MBeanHome home = null;
RemoteMBeanServer rmbs = null;
Environment env = new Environment();
env.setProviderUrl(url);
env.setSecurityPrincipal(userName);
env.setSecurityCredentials(password);
try {
     Context ctx = env.getInitialContext();
     home = (MBeanHome) ctx.lookup(MBeanHome.ADMIN_JNDI_NAME);
} catch (NamingException e) {
     e.printStackTrace();
rmbs = home.getMBeanServer();
WLListener listener = new WLListener();
WebLogicObjectName mbeanName = new WebLogicObjectName("examplesServer", "Server", "examples");
rmbs.addNotificationListener(mbeanName, listener, null, null);This seems to work fine, I do not get any error messages. As you can see I'm using the server started through the examples, and I'm adding a notification listener to the ServerMBean.
My notification listener code is as so:
public void handleNotification(Notification notification, Object arg1) {
     AttributeChangeNotification changedAttrib = (AttributeChangeNotification) notification;
     try {
          System.out.println("Changed value from: " + changedAttrib.getOldValue() + " to " + changedAttrib.getNewValue());
     } catch (Exception ex) {
          ex.printStackTrace();
public boolean isNotificationEnabled(Notification arg0) {
     return true;
}Only when a notification happens and I call getOldValue() I get:
weblogic.security.service.NotYetInitializedException: [Security:090392]SecurityServiceManager not yet initialized.
     at weblogic.security.service.SecurityServiceManagerDelegateImpl.getSecurityService(SecurityServiceManagerDelegateImpl.java:156)
     at weblogic.security.service.SecurityServiceManager.getSecurityService(SecurityServiceManager.java:175)
     at weblogic.management.internal.SecurityHelper.getRoleManager(SecurityHelper.java:402)
     at weblogic.management.internal.SecurityHelper.access$100(SecurityHelper.java:54)
     at weblogic.management.internal.SecurityHelper$IsAccessAllowedPrivilegeAction.run(SecurityHelper.java:493)
     at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
     at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:118)
     at weblogic.management.internal.SecurityHelper.isAccessAllowed(SecurityHelper.java:393)
     at weblogic.management.internal.AttributeChangeNotification.getOldValue(AttributeChangeNotification.java:136)
     at com.xxxx.password.PasswordBme$WLListener.handleNotification(PasswordBme.java:76)
     at com.xxxx.password.PasswordBme$WLListener_WLSkel.invoke(Unknown Source)
     at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:477)
     at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:420)
     at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
     at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:144)
     at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:415)
     at weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java:30)
     at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:219)
     at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178)Is there a step I'm missing out? The entry for this message in the documentation suggests calling BEA support.

Hi there,
I'm trying to use JMX to add a notification listener to listen for attribute changes to a WLS 8.1 MBean. My code when setting up the listener is as so:
String url = "t3://localhost:7001";
String serverName = "Server1";
String userName = "weblogic";
String password = "weblogic";
MBeanHome home = null;
RemoteMBeanServer rmbs = null;
Environment env = new Environment();
env.setProviderUrl(url);
env.setSecurityPrincipal(userName);
env.setSecurityCredentials(password);
try {
     Context ctx = env.getInitialContext();
     home = (MBeanHome) ctx.lookup(MBeanHome.ADMIN_JNDI_NAME);
} catch (NamingException e) {
     e.printStackTrace();
rmbs = home.getMBeanServer();
WLListener listener = new WLListener();
WebLogicObjectName mbeanName = new WebLogicObjectName("examplesServer", "Server", "examples");
rmbs.addNotificationListener(mbeanName, listener, null, null);This seems to work fine, I do not get any error messages. As you can see I'm using the server started through the examples, and I'm adding a notification listener to the ServerMBean.
My notification listener code is as so:
public void handleNotification(Notification notification, Object arg1) {
     AttributeChangeNotification changedAttrib = (AttributeChangeNotification) notification;
     try {
          System.out.println("Changed value from: " + changedAttrib.getOldValue() + " to " + changedAttrib.getNewValue());
     } catch (Exception ex) {
          ex.printStackTrace();
public boolean isNotificationEnabled(Notification arg0) {
     return true;
}Only when a notification happens and I call getOldValue() I get:
weblogic.security.service.NotYetInitializedException: [Security:090392]SecurityServiceManager not yet initialized.
     at weblogic.security.service.SecurityServiceManagerDelegateImpl.getSecurityService(SecurityServiceManagerDelegateImpl.java:156)
     at weblogic.security.service.SecurityServiceManager.getSecurityService(SecurityServiceManager.java:175)
     at weblogic.management.internal.SecurityHelper.getRoleManager(SecurityHelper.java:402)
     at weblogic.management.internal.SecurityHelper.access$100(SecurityHelper.java:54)
     at weblogic.management.internal.SecurityHelper$IsAccessAllowedPrivilegeAction.run(SecurityHelper.java:493)
     at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
     at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:118)
     at weblogic.management.internal.SecurityHelper.isAccessAllowed(SecurityHelper.java:393)
     at weblogic.management.internal.AttributeChangeNotification.getOldValue(AttributeChangeNotification.java:136)
     at com.xxxx.password.PasswordBme$WLListener.handleNotification(PasswordBme.java:76)
     at com.xxxx.password.PasswordBme$WLListener_WLSkel.invoke(Unknown Source)
     at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:477)
     at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:420)
     at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
     at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:144)
     at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:415)
     at weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java:30)
     at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:219)
     at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178)Is there a step I'm missing out? The entry for this message in the documentation suggests calling BEA support.

AclEntry.setNegativePermissions() implemented by weblogic.security.acl.AclEntryImpl?

Similar Messages

Maybe you are looking for