Jar security urgent

Hi All,
Tried to get this info over the web , but found none.
We have web application bundled in a war file which is distributed to our clients. But we dont want anybody to alter our war file , like add/delete contents from that. So we thought of jar signing....
here are the questions which I am not clear...
1. I have signed the war (JDK1.3 ) using the instructions on
http://forum.java.sun.com/thread.jsp?forum=63&thread=132769. Then verified using Jarsigner, everything seems to be fine. But if I delete/add any files to the war file it still seems to verify without any errors. I am surprised by this............... any ideas on this.... isnt it suppose to throw exceptions is the war is changed ??????????????
2. Since this war is going to be behind a server who verifies the integrity of the war , how can we stop the server from loading a tampered war file. The server can be any server since we support all java application server.
Please reply .
Thanks,
Darshan

Jar signing not going to help with this problem.
The only product I heard that could almost handle this is the recently released Saffeine 2.0. It will not protect all resources in your war, but can hide jar's and precompiled JSP's from a war file. http://www.saffeine.com/
Unfortunately the product might be costly...

Similar Messages

Unable to load jar file-Urgent

Hi all,
I am using AltaVista search engine in my project. I have uploaded the jar file related to this into Weblogic 8.1. But many times application doesn�t able to take files from mentioned jar and gives me an error message that couldn't find the class. I always need to start the weblogic again & again to start the search engine functionality. Please help me out why it doesn�t pick the jar file.
Thanks & Regards
Sachin

Hi Guys
Please help me out from this problem.............. I am still getting same error.
"javs.sdk.AvsSdkException: Developer's Kit error returned from Index (avs_open):
can't create index"
But when i restart the weblogic, it is working fine..................................
PLS Save me
Sachin

Urgent Issue:Err-REP-50125 : java.lang.ClassNotFoundException - 11.1.1.3.0

I'm trying to use custom destination with oracle fusion middleware 11.1.1.3.0 In-Process report server. I have added a custom destination section in the rwserver.conf file. Added the (customdest.jar - my jar file) jar file to the system classpath and reports_classpath. Still receiving class not found error.
Here are the details:
rwserver.conf:/opt/oracle/Middleware/user_projects/domains/ReportsDomain/config/fmwconfig/servers/WLS_REPORTS/applications/reports_11.1.1.2.0/configuration/rwserver.conf
<?xml version = '1.0' encoding = 'UTF-8'?>
<server xmlns="http://xmlns.oracle.com/reports/server" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="11.1.1.2.0" xsi:schemaLocation="http://xmlns.oracle.com/reports/server file:/opt/oracle/Middleware/as_1/reports/dtd/rwserverconf.xsd">
<cache class="oracle.reports.cache.RWCache">
<property name="cacheSize" value="50"/>


</cache>


*<engine class="oracle.reports.engine.EngineImpl" engLife="50" id="rwEng" maxEngine="1" minEngine="1" jvmOptions="-Xmx512M" classPath="/opt/oracle/Middleware/as_1/jlib/jsp-api-2.1-6.0.1.jar:/opt/oracle/Middleware/as_1/jlib/jsch-0.1.26.jar:/opt/oracle/Middleware/as_1/reports/jlib/customdest.jar">*
<property name="sourceDir" value="/opt/ogreports/catalog:/opt/ogreports/catalog/img"/>


</engine>
<engine class="oracle.reports.urlengine.URLEngineImpl" engLife="50" id="rwURLEng" maxEngine="1" minEngine="0" classPath="/opt/oracle/Middleware/as_1/jlib/jsp-api-2.1-6.0.1.jar:/opt/oracle/Middleware/as_1/jlib/jsch-0.1.26.jar:/opt/oracle/Middleware/as_1/reports/jlib/customdest.jar"/>
<security class="oracle.reports.server.RWJAZNSecurity" id="rwJaznSec"/>

<destination class="oracle.reports.plugin.destination.ftp.DesFTP" destype="ftp"/>
<destination class="oracle.reports.plugin.destination.webdav.DesWebDAV" destype="WebDav"/>
*<destination destype="rcpfile" class="com.ubizen.og.offline.reporting.oracle.RcpDestination">*
*<property name="user" value="tomcat"/>*
*<property name="destype" value="rcpfile"/>*
*</destination>*
<job engineId="rwEng" jobType="report"/>
<job engineId="rwURLEng" jobType="rwurl"/>
<notification class="oracle.reports.server.MailNotify" id="mailNotify">
<property name="succnotefile" value="succnote.txt"/>
<property name="failnotefile" value="failnote.txt"/>
</notification>
Error:/opt/oracle/Middleware/user_projects/domains/ReportsDomain/servers/WLS_REPORTS/logs/reports/rwserver_diagnostic.log
[2011-09-29T10:52:26.871-04:00] [WLS_REPORTS] [INCIDENT_ERROR] [REP-50125] [oracle.reports.server] [tid: 46] [userId: <anonymous>] [ecid: 0000JApf0iF9XbpSoQjc4m1EOGV800001d,1:18769] [APP: reports#11.1.1.2.0] [dcid: fa0c1bc817f5aeb4:-3e9d1a3b:1322b067681:-7fff-000000000000876f] REP-50125 : java.lang.ClassNotFoundException: com.ubizen.og.offline.reporting.oracle.RcpDestination [[
java.lang.ClassNotFoundException: com.ubizen.og.offline.reporting.oracle.RcpDestination
at java.net.URLClassLoader$1.run(URLClassLoader.java:202)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:190)
at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301)
at java.lang.ClassLoader.loadClass(ClassLoader.java:247)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Class.java:169)
at oracle.reports.server.Destination.invokeShutdown(Destination.java:492)
at oracle.reports.server.Destination.shutdownDest(Destination.java:125)
at oracle.reports.server.RWServer.shutdown(RWServer.java:463)
at oracle.reports.server.RWServer.run(RWServer.java:364)
at java.lang.Thread.run(Thread.java:662)
ClassPath:.:/opt/oracle/Middleware/as_1/jlib:/opt/oracle/Middleware/as_1/reports/jlib
File in classpath: /opt/oracle/Middleware/as_1/reports/jlib
aolj.jar customdest.jar rwadmin.jar rwenv.jar rwxdo.jar
confmbean.jar runtimembean.jar rwbuilder.jar rwrun.jar
Relates to Oracle Bug:
https://support.oracle.com/CSP/ui/flash.html#tab=KBHome(page=KBHome&id=()),(page=KBNavigator&id=(viewingMode=1143&from=BOOKMARK&bmDocTitle=Can%20Not%20Find%20Class%20From%20Custom%20Destinations%20Jar%20File%20-%20REP-50125%20:%20java.lang.ClassNotFoundException&bmDocID=1263455.1&bmDocType=PROBLEM&bmDocDsrc=KB))
Note:
I'm not sure where the In-Process report server is looking for the classpath. I added them in all possible classpaths ans none of them worked.
This is an urgent issue in our team. We are migrating from 10g oracle application server to fusion middleware 11g report server. This functionality is working in 10g report server but not in 11g due to classpath issues.
Please let me know if additional info needed. Please respond.

Hi,
Thanks very much for responding. I added my jar file(customdest.jar) as you have suggested to setDomainEnv.sh. Now the In-Process report server just hangs when I try to bring it up through em and I don't see any errors in the log files. Any ideas where to look for errors? The jar files were created for 10g , we are just migrating them to 11g. I have setup the trace at highest level still don't see any error in rwserver_diagnostic.log.
Here is the details:
/opt/oracle/Middleware/user_projects/domains/ReportsDomain/bin/setDomainEnv.sh :
if [ "${SERVER_NAME}" = "WLS_REPORTS" ] ; then
POST_CLASSPATH="/opt/oracle/Middleware/wlserver_10.3/server/lib/weblogic.jar:/opt/oracle/Middleware/as_1/opmn/lib/nonj2eembeans.jar:/opt/oracle/Middleware/as_1/jdbc/lib/ojdbc6.jar:/opt/oracle/Middleware/as_1/opmn/lib/optic.jar:/opt/oracle/Middleware/as_1/opmn/lib/iasprovision.jar:/opt/oracle/Middleware/oracle_common/modules/oracle.adf.share_11.1.1/commons-el.jar:/opt/oracle/Middleware/as_1/jlib/dfc.jar:/opt/oracle/Middleware/as_1/dvt/lib/dvt-jclient.jar:/opt/oracle/Middleware/as_1/dvt/lib/dvt-utils.jar:/opt/oracle/Middleware/oracle_common/jlib/ewt3.jar:/opt/oracle/Middleware/oracle_common/modules/oracle.iau_11.1.1/fmw_audit.jar:/opt/oracle/Middleware/as_1/oui/jlib/http_client.jar:/opt/oracle/Middleware/oracle_common/modules/oracle.idm_11.1.1/identitystore.jar:/opt/oracle/Middleware/oracle_common/modules/oracle.idm_11.1.1/identityutils.jar:/opt/oracle/Middleware/oracle_common/modules/oracle.jps_11.1.1/jaccprovider.jar:/opt/oracle/Middleware/oracle_common/modules/oracle.jps_11.1.1/jacc-spi.jar:/opt/oracle/Middleware/as_1/ord/jlib/jai_codec.jar:/opt/oracle/Middleware/as_1/ord/jlib/jai_core.jar:/opt/oracle/Middleware/oracle_common/modules/oracle.oc4j-obsolete_11.1.1/jazn.jar:/opt/oracle/Middleware/oracle_common/modules/oracle.oc4j-obsolete_11.1.1/jazncore.jar:/opt/oracle/Middleware/oracle_common/jlib/jewt4.jar:/opt/oracle/Middleware/as_1/jlib/jta.jar:/opt/oracle/Middleware/oracle_common/modules/oracle.ldap_11.1.1/ldapjclnt11.jar:/opt/oracle/Middleware/as_1/lib/mail.jar:/opt/oracle/Middleware/as_1/jlib/netcfg.jar:/opt/oracle/Middleware/as_1/jlib/oracle_ice.jar:/opt/oracle/Middleware/oracle_common/jlib/share.jar:/opt/oracle/Middleware/as_1/jlib/zrclient.jar:/opt/oracle/Middleware/as_1/reports/jlib/aolj.jar:/opt/oracle/Middleware/as_1/reports/jlib/confmbean.jar:/opt/oracle/Middleware/as_1/reports/jlib/runtimembean.jar:/opt/oracle/Middleware/as_1/reports/jlib/rwadmin.jar:/opt/oracle/Middleware/as_1/reports/jlib/rwbuilder.jar:/opt/oracle/Middleware/as_1/reports/jlib/rwenv.jar:/opt/oracle/Middleware/as_1/reports/jlib/rwrun.jar:/opt/oracle/Middleware/as_1/reports/jlib/rwxdo.jar:/opt/oracle/Middleware/as_1/jlib/rts2.jar:*/opt/oracle/Middleware/as_1/reports/jlib/customdest.jar*:${CLASSPATHSEP}${POST_CLASSPATH}"
export POST_CLASSPATH
Log file: rwserver_diagnostic.log
/opt/oracle/Middleware/user_projects/domains/ReportsDomain/servers/WLS_REPORTS/logs/reports
<destination class="oracle.reports.plugin.destination.ftp.DesFTP" destype="ftp"/>
<destination class="oracle.reports.plugin.destination.webdav.DesWebDAV" destype="WebDav"/>
<destination destype="rcpfile" class="com.ubizen.og.offline.reporting.oracle.RcpDestination">
<property name="user" value="tomcat"/>
<property name="destype" value="rcpfile"/>
</destination>
<job engineId="rwEng" jobType="report"/>
<job engineId="rwURLEng" jobType="rwurl"/>
<notification class="oracle.reports.server.MailNotify" id="mailNotify">
<property name="succnotefile" value="succnote.txt"/>
<property name="failnotefile" value="failnote.txt"/>
</notification>


<connection idleTimeOut="15" maxConnect="50"/>
<queue maxQueueSize="1000"/>

<pluginParam name="mailServer" value="%MAILSERVER_NAME%">




</pluginParam>
</server>
[2011-10-02T23:31:51.431-04:00] [WLS_REPORTS] [TRACE:32] [REP-56025] [oracle.reports.server] [tid: 22] [userId: weblogic] [ecid: 0000JB7par79XbpSoQjc4m1EYIaI00000F,0] [SRC_CLASS: oracle.reports.utility.RWLogger] [APP: reports#11.1.1.2.0] [dcid: fa0c1bc817f5aeb4:7b3253ab:132c7c7f2e9:-8000-00000000000000fa] [SRC_METHOD: writeln] RWServer:startServer Reports Server is starting up.
[2011-10-02T23:31:51.435-04:00] [WLS_REPORTS] [TRACE:16] [] [oracle.reports.server] [tid: 22] [userId: weblogic] [ecid: 0000JB7par79XbpSoQjc4m1EYIaI00000F,0] [SRC_CLASS: oracle.reports.utility.RWLogger] [APP: reports#11.1.1.2.0] [dcid: fa0c1bc817f5aeb4:7b3253ab:132c7c7f2e9:-8000-00000000000000fa] [SRC_METHOD: writeln] Multicast:registerReceiver Packet handler registered
[2011-10-02T23:31:51.435-04:00] [WLS_REPORTS] [NOTIFICATION:16] [] [oracle.reports.server] [tid: 22] [userId: weblogic] [ecid: 0000JB7par79XbpSoQjc4m1EYIaI00000F,0] [APP: reports#11.1.1.2.0] [dcid: fa0c1bc817f5aeb4:7b3253ab:132c7c7f2e9:-8000-00000000000000fa] ServerPacketHandler:start ServerPacketHandler started successfully
[2011-10-02T23:31:51.441-04:00] [WLS_REPORTS] [NOTIFICATION:16] [] [oracle.reports.server] [tid: 22] [userId: weblogic] [ecid: 0000JB7par79XbpSoQjc4m1EYIaI00000F,0] [APP: reports#11.1.1.2.0] [dcid: fa0c1bc817f5aeb4:7b3253ab:132c7c7f2e9:-8000-00000000000000fa] SecurityHelper:start Security system rwJaznSec successfully started.
No more error logged after this line. but in-process server just hung up indefinitely when I tried stating via the em and also via getserverinfo URL.
In rwserver.conf: I have defined the following for custom destination
/opt/oracle/Middleware/user_projects/domains/Repdomain/config/fmwconfig/servers/WLS_REPORTS/applications/reports_11.1.1.2.0/configuration/rwserver.conf
<destination destype="rcpfile" class="com.ubizen.og.offline.reporting.oracle.RcpDestination">
<property name="user" value="tomcat"/>
<property name="destype" value="rcpfile"/>
</destination>

How to get Java source in applet stack trace to debug Java security manager

How can I get line numbers for Java source in stack traces for my applet? I'm having a problem with my code-signing certificate. On one of my applets, I consistently get a NullPointerException inside the security dialog code in the JDK. As a result, either the "trust this applet" dialog never appears, or even though it appears, it defaults to untrusted because of the exception, so I can't access any local files (and that's a bit of a problem for an applet whose sole purpose is to upload files to our server). I unzipped src.zip in my JDK directory and set the debug flag for my Ant <javac> task as well as set debuglevel to "lines." Anything else? Here's the trace that I'm getting so far. See that after the NullPointerException it assumes that the user has denied permission. If I could read this Java source maybe I could figure out why it hates my code-signing certificate (jarsigner, BTW, never complains when I verify my jar).
security: Blacklist file not found or revocation check is disabled
security: Accessing keys and certificate in Mozilla user profile: null
security: Loading Root CA certificates from D:\Program Files (x86)\Java\jre6\lib\security\cacerts
security: Loaded Root CA certificates from D:\Program Files (x86)\Java\jre6\lib\security\cacerts
security: Loading Deployment certificates from C:\Users\Rich\AppData\LocalLow\Sun\Java\Deployment\security\trusted.certs
security: Loaded Deployment certificates from C:\Users\Rich\AppData\LocalLow\Sun\Java\Deployment\security\trusted.certs
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Validate the certificate chain using CertPath API
security: Obtain certificate collection in Root CA certificate store
security: Obtain certificate collection in Root CA certificate store
security: Start to check whether root CA is replaced
security: The root CA has been replaced
security: No timestamping info available
security: Found jurisdiction list file
security: Start checking trusted extension for this certificate
security: Start comparing to jurisdiction list with this certificate
security: The CRL support is disabled
security: The OCSP support is disabled
security: This OCSP End Entity validation is disabled
security: Checking if certificate is in Deployment denied certificate store
security: Checking if certificate is in Deployment permanent certificate store
security: Checking if certificate is in Deployment session certificate store
java.lang.NullPointerException
     at com.sun.deploy.ui.UIFactory.showSecurityDialog(Unknown Source)
     at com.sun.deploy.security.TrustDeciderDialog.showDialog(Unknown Source)
     at com.sun.deploy.security.X509Util.showSecurityDialog(Unknown Source)
     at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)
     at sun.plugin2.applet.Plugin2ClassLoader.isTrustedByTrustDecider(Unknown Source)
     at sun.plugin2.applet.Plugin2ClassLoader.getTrustedCodeSources(Unknown Source)
     at com.sun.deploy.security.CPCallbackHandler$ParentCallback.strategy(Unknown Source)
     at com.sun.deploy.security.CPCallbackHandler$ParentCallback.openClassPathElement(Unknown Source)
     at com.sun.deploy.security.DeployURLClassPath$JarLoader.getJarFile(Unknown Source)
     at com.sun.deploy.security.DeployURLClassPath$JarLoader.access$700(Unknown Source)
     at com.sun.deploy.security.DeployURLClassPath$JarLoader$1.run(Unknown Source)
     at java.security.AccessController.doPrivileged(Native Method)
     at com.sun.deploy.security.DeployURLClassPath$JarLoader.ensureOpen(Unknown Source)
     at com.sun.deploy.security.DeployURLClassPath$JarLoader.<init>(Unknown Source)
     at com.sun.deploy.security.DeployURLClassPath$3.run(Unknown Source)
     at java.security.AccessController.doPrivileged(Native Method)
     at com.sun.deploy.security.DeployURLClassPath.getLoader(Unknown Source)
     at com.sun.deploy.security.DeployURLClassPath.getLoader(Unknown Source)
     at com.sun.deploy.security.DeployURLClassPath.getResource(Unknown Source)
     at sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source)
     at java.security.AccessController.doPrivileged(Native Method)
     at sun.plugin2.applet.Plugin2ClassLoader.findClassHelper(Unknown Source)
     at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
     at java.lang.ClassLoader.loadClass(Unknown Source)
     at java.lang.ClassLoader.loadClass(Unknown Source)
     at java.lang.ClassLoader.loadClass(Unknown Source)
     at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source)
     at sun.plugin2.applet.Plugin2Manager.createApplet(Unknown Source)
     at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
     at java.lang.Thread.run(Unknown Source)
security: User has denied the priviledges to the code
security: Adding certificate in Deployment denied certificate store
security: Added certificate in Deployment denied certificate store
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Validate the certificate chain using CertPath API
security: Obtain certificate collection in Root CA certificate store
security: Obtain certificate collection in Root CA certificate store
security: Start to check whether root CA is replaced
security: The root CA has been replaced
security: No timestamping info available
security: Found jurisdiction list file
security: Start checking trusted extension for this certificate
security: Start comparing to jurisdiction list with this certificate
security: The CRL support is disabled
security: The OCSP support is disabled
security: This OCSP End Entity validation is disabled
security: Checking if certificate is in Deployment denied certificate store
security: Checking if certificate is in Deployment denied certificate store

Rats, now that I look at the stack trace and compare to what's in the JDK srce.zip, it appears that most of this code is not part of the JDK source. I don't see any com/sun/deploy, etc.

Cursorpos.jar not working in 11gR1 (11.1.1.4) forms

Has anyone tried or gotten corsorpos to work with 11g and a standard JVM?
I know in 10g I had it working with Jinitiator. I'm guessing since Jinit is gone that cursorpos may not work anymore. However it is still in the Forms 11g demo pack.
Any help would be great.

There is no error in the java console when running the cursorpos.fmb. I just ran the form, tabbed through the fields, which highlighted the whole text like it normally does, except for the text area in the Range Selection tab.
Java Plug-in 1.6.0_22
Using JRE version 1.6.0_22-b04 Java HotSpot(TM) Client VM
User home directory = C:\Documents and Settings\Administrator
c: clear console window
f: finalize objects on finalization queue
g: garbage collect
h: display this help message
l: dump classloader list
m: print memory usage
o: trigger logging
q: hide console
r: reload policy configuration
s: dump system and deployment properties
t: dump thread list
v: dump thread stack
x: clear classloader cache
0-5: set trace level to <n>
security: property package.access value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.
security: property package.access new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.javaws
security: property package.access value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.javaws
security: property package.access new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.javaws,com.sun.deploy
security: property package.access value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.javaws,com.sun.deploy
security: property package.access new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.javaws,com.sun.deploy,com.sun.jnlp
security: property package.definition value null
security: property package.definition new value com.sun.javaws
security: property package.definition value com.sun.javaws
security: property package.definition new value com.sun.javaws,com.sun.deploy
security: property package.definition value com.sun.javaws,com.sun.deploy
security: property package.definition new value com.sun.javaws,com.sun.deploy,com.sun.jnlp
security: property package.access value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.javaws,com.sun.deploy,com.sun.jnlp
security: property package.access new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.javaws,com.sun.deploy,com.sun.jnlp,org.mozilla.jss
security: property package.definition value com.sun.javaws,com.sun.deploy,com.sun.jnlp
security: property package.definition new value com.sun.javaws,com.sun.deploy,com.sun.jnlp,org.mozilla.jss
basic: Added progress listener: sun.plugin.util.GrayBoxPainter$GrayBoxProgressListener@f73c1
basic: Plugin2ClassLoader.addURL parent called for http://famisdev-int-c:9001/forms/java/frmall.jar
basic: Plugin2ClassLoader.addURL parent called for http://famisdev-int-c:9001/forms/java/cursorpos.jar
basic: Plugin2ClassLoader.addURL parent called for http://famisdev-int-c:9001/forms/java/rolloverbutton.jar
security: Blacklist revocation check is enabled
security: Trusted libraries list check is enabled
network: Cache entry found [url: http://famisdev-int-c:9001/forms/java/frmall.jar, version: null] prevalidated=false/0
network: Connecting http://famisdev-int-c:9001/forms/java/frmall.jar with proxy=DIRECT
network: Connecting http://famisdev-int-c:9001/ with proxy=DIRECT
network: ResponseCode for http://famisdev-int-c:9001/forms/java/frmall.jar : 304
network: Encoding for http://famisdev-int-c:9001/forms/java/frmall.jar : null
network: Disconnect connection to http://famisdev-int-c:9001/forms/java/frmall.jar
cache: Reading Signers from 3307 http://famisdev-int-c:9001/forms/java/frmall.jar | C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\30\344979de-4ce8bcfa.idx
cache: Read manifest for http://famisdev-int-c:9001/forms/java/frmall.jar: read=89 full=41294
security: Loading Root CA certificates from C:\Program Files\Java\jre6\lib\security\cacerts
security: Loaded Root CA certificates from C:\Program Files\Java\jre6\lib\security\cacerts
security: Loading Deployment certificates from C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\security\trusted.certs
security: Loaded Deployment certificates from C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\security\trusted.certs
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Loading certificates from Internet Explorer ROOT certificate store
security: Loaded certificates from Internet Explorer ROOT certificate store
security: Loading certificates from Internet Explorer TrustedPublisher certificate store
security: Loaded certificates from Internet Explorer TrustedPublisher certificate store
security: Validate the certificate chain using CertPath API
security: Obtain certificate collection in Root CA certificate store
security: Obtain certificate collection in Root CA certificate store
security: No timestamping info available
security: Found jurisdiction list file
security: No need to checking trusted extension for this certificate
security: The CRL support is disabled
security: The OCSP support is disabled
security: This OCSP End Entity validation is disabled
security: Checking if certificate is in Deployment denied certificate store
security: Checking if certificate is in Deployment permanent certificate store
security: Checking if certificate is in Deployment permanent certificate store
basic: updateValidationResultsForApplet update
cache: Mark prevalidated: http://famisdev-int-c:9001/forms/java/frmall.jar true tm=1342710775587 cert=1301011199000
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Loading certificates from Internet Explorer TrustedPublisher certificate store
security: Loaded certificates from Internet Explorer TrustedPublisher certificate store
security: Validate the certificate chain using CertPath API
security: Obtain certificate collection in Root CA certificate store
security: Obtain certificate collection in Root CA certificate store
security: No timestamping info available
security: Found jurisdiction list file
security: No need to checking trusted extension for this certificate
security: The CRL support is disabled
security: The OCSP support is disabled
security: This OCSP End Entity validation is disabled
security: Checking if certificate is in Deployment denied certificate store
security: Checking if certificate is in Deployment permanent certificate store
security: Checking if certificate is in Deployment permanent certificate store
basic: updateValidationResultsForApplet update
cache: Mark prevalidated: http://famisdev-int-c:9001/forms/java/frmall.jar true tm=1342710775618 cert=1301011199000
basic: Plugin2ClassLoader.getPermissions CeilingPolicy allPerms
basic: Applet loaded.
basic: Applet resized and added to parent container
basic: PERF: AppletExecutionRunnable - applet.init() BEGIN ; jvmLaunch dt 188020 us, pluginInit dt 1051249 us, TotalTime: 1239269 us
basic: Applet initialized
basic: Removed progress listener: sun.plugin.util.GrayBoxPainter$GrayBoxProgressListener@f73c1
basic: Applet made visible
basic: Starting applet
basic: completed perf rollup
Loaded image: jar:http://famisdev-int-c:9001/forms/java/frmall.jar!/oracle/forms/icons/oracle_logo.gif
network: Cache entry found [url: http://famisdev-int-c:9001/forms/java/cursorpos.jar, version: null] prevalidated=false/0
network: Connecting http://famisdev-int-c:9001/forms/java/cursorpos.jar with proxy=DIRECT
network: ResponseCode for http://famisdev-int-c:9001/forms/java/cursorpos.jar : 304
network: Encoding for http://famisdev-int-c:9001/forms/java/cursorpos.jar : null
network: Disconnect connection to http://famisdev-int-c:9001/forms/java/cursorpos.jar
cache: Reading Signers from 0 http://famisdev-int-c:9001/forms/java/cursorpos.jar | C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\19\b852713-3a4b4880.idx
network: No certificate info for unsigned JAR file: http://famisdev-int-c:9001/forms/java/cursorpos.jar
network: No certificate info for unsigned JAR file: http://famisdev-int-c:9001/forms/java/cursorpos.jar
cache: Read manifest for http://famisdev-int-c:9001/forms/java/cursorpos.jar: read=84 full=84
network: Cache entry found [url: http://famisdev-int-c:9001/forms/java/rolloverbutton.jar, version: null] prevalidated=true/0
network: Connecting http://famisdev-int-c:9001/forms/java/rolloverbutton.jar with proxy=DIRECT
network: ResponseCode for http://famisdev-int-c:9001/forms/java/rolloverbutton.jar : 304
network: Encoding for http://famisdev-int-c:9001/forms/java/rolloverbutton.jar : null
network: Disconnect connection to http://famisdev-int-c:9001/forms/java/rolloverbutton.jar
cache: Reading Signers from 835 http://famisdev-int-c:9001/forms/java/rolloverbutton.jar | C:\Documents and Settings\Administrator\Application Data\Sun\Java\Deployment\cache\6.0\21\ababf55-5f718284.idx
cache: Read manifest for http://famisdev-int-c:9001/forms/java/rolloverbutton.jar: read=89 full=1127
network: Cache entry not found [url: http://famisdev-int-c:9001/forms/java/, version: null]
network: Connecting http://famisdev-int-c:9001/formsdemo/images/blue.gif with proxy=DIRECT
Loaded image: http://famisdev-int-c:9001/formsdemo/images/blue.gif
network: Cache entry not found [url: http://famisdev-int-c:9001/formsdemo/images/blue.gif, version: null]
network: Connecting http://famisdev-int-c:9001/formsdemo/images/blue.gif with proxy=DIRECT
network: Connecting http://famisdev-int-c:9001/ with proxy=DIRECT
Forms Session ID is formsapp.8
network: Cache entry found [url: http://famisdev-int-c:9001/forms/registry/oracle/forms/registry/Registry.dat, version: null] prevalidated=false/0
network: Connecting http://famisdev-int-c:9001/forms/registry/oracle/forms/registry/Registry.dat with proxy=DIRECT
network: Connecting http://famisdev-int-c:9001/ with proxy=DIRECT
network: ResponseCode for http://famisdev-int-c:9001/forms/registry/oracle/forms/registry/Registry.dat : 304
network: Encoding for http://famisdev-int-c:9001/forms/registry/oracle/forms/registry/Registry.dat : null
network: Disconnect connection to http://famisdev-int-c:9001/forms/registry/oracle/forms/registry/Registry.dat
network: Cache entry not found [url: http://famisdev-int-c:9001/forms/registry/oracle/forms/registry/default.dat, version: null]
network: Connecting http://famisdev-int-c:9001/forms/registry/oracle/forms/registry/default.dat with proxy=DIRECT
The proxy host is null, and the proxy port is 0.
Native HTTP implementation is being used for the connection.
The connection mode is HTTP.
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8&ifcmd=getinfo&iflocale=en-US&ifhost=famisdev-int-c&ifip=10.10.131.67 with proxy=DIRECT
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8 with proxy=DIRECT
Forms Applet version is 11.1.1.2
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8 with proxy=DIRECT
Loaded image: jar:http://famisdev-int-c:9001/forms/java/frmall.jar!/oracle/forms/icons/frame.gif
basic: Plugin2ClassLoader.getPermissions CeilingPolicy allPerms
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8 with proxy=DIRECT
basic: Applet started
basic: Told clients applet is started
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8 with proxy=DIRECT
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8 with proxy=DIRECT
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8 with proxy=DIRECT
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8 with proxy=DIRECT
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8 with proxy=DIRECT
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8 with proxy=DIRECT
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8 with proxy=DIRECT
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8 with proxy=DIRECT
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8 with proxy=DIRECT
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8 with proxy=DIRECT
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8 with proxy=DIRECT
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8 with proxy=DIRECT
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8 with proxy=DIRECT
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8 with proxy=DIRECT
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8 with proxy=DIRECT
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8 with proxy=DIRECT
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8 with proxy=DIRECT
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8 with proxy=DIRECT
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8 with proxy=DIRECT
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8 with proxy=DIRECT
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8 with proxy=DIRECT
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8 with proxy=DIRECT
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8 with proxy=DIRECT
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8 with proxy=DIRECT
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8 with proxy=DIRECT
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8 with proxy=DIRECT
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8 with proxy=DIRECT
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8 with proxy=DIRECT
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8 with proxy=DIRECT
network: Connecting http://famisdev-int-c:9001/forms/lservlet;jsessionid=yjnGQLjWJCVP2bjSCHFLnyPGzQqLjvy9wzpptb9x5gLspkCvktYw!733318167?ifsessid=formsapp.8 with proxy=DIRECT

JNLP: Signed jars but still not trusted

I have an applet that has signed jars that were signed by the same key, the applet shows the correct warnings on startup and works fine (allows access to the local file system, etc), however there still exists the 'yellow triangle warning' on one of two popups frames that the applet produces (but not the other one).
The applet does use native code (packaged in a signed jar and referenced in the JNLP). The jars are all signed by the same certificate from a CA. I originally didn't have the JNLP signed (by placing it in the main jar in JNLP-INF/APPLICATION.JNLP) but this didn't help. Also I didn't have the JNLP codebase set to a real URL (and really cant in production because its a solution we deploy to customers servers - its packaged software not hosted) but even after I tested with a codebase to a test server, it still didnt remove the famed yellow triangle. I have all-permissions set in the JNLP.
So two related questions:
1) Other than having not having signed jars (or not signed correctly), what other reasons cause the 'yellow triangle'?
2) The warning only appears on one of the popup Frames. What could be the possible reasons for that? Are there some privileges that show the icon whether the applet is signed or not?
Note: While changing the client policy setting (showWindowWithoutWarningBanner) works, this cant be a solution.
From the Java Console:
...It goes through all the jars (I only included one for brevity - there are 23 of them). Note it says 'have 1 common certificates'.. which I think indicates everything is signed by the same cert.
Is there any indication in the console logs I can use to determine why it is not trusted? It looks (to me) that everything is OK, until it says 'istrusted=false'.
security: Validating cached jar url=http://10.192.252.26/QMDesktop/native.jar ffile=C:\Documents and Settings\bunkowm\Application Data\Sun\Java\Deployment\cache\6.0\34\1df0b62-2c3ce377 com.sun.deploy.cache.CachedJarFile@d964af
cache: Reading Signers from 995 http://10.192.252.26/QMDesktop/native.jar | C:\Documents and Settings\bunkowm\Application Data\Sun\Java\Deployment\cache\6.0\34\1df0b62-2c3ce377.idx
security: Have 1 common certificates after processing http://10.192.252.26/QMDesktop/native.jar
security: Istrusted: null false
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Validate the certificate chain using CertPath API
security: Obtain certificate collection in Root CA certificate store
security: Obtain certificate collection in Root CA certificate store
security: Start to check whether root CA is replaced
security: The root CA hasnt been replaced
security: No timestamping info available
security: Found jurisdiction list file
security: No need to checking trusted extension for this certificate
security: The CRL support is disabled
security: The OCSP support is disabled
security: This OCSP End Entity validation is disabled
security: Checking if certificate is in Deployment denied certificate store
security: Checking if certificate is in Deployment permanent certificate store
security: Checking if certificate is in Deployment session certificate store
security: Mark trusted: null

Andrew - of course you were correct about the signed cert - I misspoke when the CA signed applet didn't show a warning. (You were also right that I must have checked 'always accept' the certificate on the server I had the CA signed cert on).
I think you guys are on to something about the privileged actions. It would explain where one popup has the icon and the other doesn't. We have Javascript making calls into the applet and we do use JNI (although I don't think there are any calls back). We do wrap these calls in privileged actions but maybe we missed something. What I've seen before is a security exception is thrown if we don't wrap them - but maybe there are areas where we don't and it doesn't throw an exception or it does and we eat it somehow (and for whatever reason doesn't cause anything noticeable).
Now that I know it could likely be the applet code and not necessarily a build issue with signing the jars, I have another place to look...
I'll check it out and let you know what I find.

Use of externally-defined/ in weblogic-ejb-jar.xml

I am trying to use Global Roles defined via the Weblogic console to control access to EJB methods.
I am using the <externally-defined/> tag in security role assignments, however when I deploy to Weblogic I get the following error :
<8/09/2004 04:21:42 PM GMT+10:00> <Error> <Deployer> <BEA-149205> <Failed to initialize the application appsdirmars-marketdata_ear due to error weblogic.manag
ement.ApplicationException: Prepare failed. Task Id = null
Module Name: ejb-marketdata.jar, Error: [EJB:011024]The XML parser encountered an error in your deployment descriptor. Please ensure that your deployment descriptor corresponds to the format in the DTD. The error was:
Error parsing file 'META-INF/weblogic-ejb-jar.xml' at line: 51 column: 26. Element type "externally-defined" must be declared..
at weblogic.j2ee.J2EEApplicationContainer.checkForErrors(J2EEApplication
Container.java:1612)
at weblogic.j2ee.J2EEApplicationContainer.prepare(J2EEApplicationContain
er.java:1207)
at weblogic.j2ee.J2EEApplicationContainer.prepare(J2EEApplicationContain
er.java:1051)
at weblogic.j2ee.J2EEApplicationContainer.prepare(J2EEApplicationContain
er.java:823)
at weblogic.management.deploy.slave.SlaveDeployer$Application.prepare(Sl
aveDeployer.java:2925)
at weblogic.management.deploy.slave.SlaveDeployer.prepareAllApplications
(SlaveDeployer.java:967)
at weblogic.management.deploy.slave.SlaveDeployer.resume(SlaveDeployer.j
ava:349)
at weblogic.management.deploy.DeploymentManagerServerLifeCycleImpl.resum
e(DeploymentManagerServerLifeCycleImpl.java:229)
at weblogic.t3.srvr.SubsystemManager.resume(SubsystemManager.java:131)
at weblogic.t3.srvr.T3Srvr.resume(T3Srvr.java:966)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:361)
at weblogic.Server.main(Server.java:32)
I am running Weblogic 8.1 SP3 on Windows XP Pro.
The XML is valid for the specified DTD according to my XML editor.
The relevevant fragment from weblogic-ejb-jar.xml is included below.
Any help much appreciated.
Gavin.
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE weblogic-ejb-jar PUBLIC "-//BEA Systems, Inc.//DTD WebLogic 8.1.0 EJB//EN" "http://www.bea.com/servers/wls810/dtd/weblogic-ejb-jar.dtd">
<weblogic-ejb-jar>
<security-role-assignment>
<role-name>MarsAdmin</role-name>
<externally-defined/>
</security-role-assignment>
<security-role-assignment>
<role-name>MarsViewer</role-name>
<externally-defined/>
</security-role-assignment>
</weblogic-ejb-jar>

I tried using the <global-role/> tag instead - this does deploy without any errors - but when I call the secure EJB method I get the Security Violation error below.
The DTD says using the <global-role/> tag is fine, albeit deprecated, but the Weblogic 8.1 manual says this has been replaced by <externally-defined/>, so I'm not sure if this should work or not.
[EJB:010160]Security Violation: User: 'ghughes' has insufficient permission to access EJB: type=<ejb>, application=_appsdir_mars-marketdata_ear, module=ejb-marketdata.jar, ejb=marketdata.MarketDataManager, method=getEnergyOverview, methodInterface=Remote, signature={java.util.Date}.
So on the whole I'd prefer to work out why Weblogic isn't recognising <externally-defined/> - I've included the full deployment descriptor below - I'm generating it using the latest snapshot of XDoclet - is the DTD specified correct for Weblogic 8.1 SP3 ? (It matches the one specified in http://e-docs.bea.com/wls/docs81/ejb/DDreference-ejb-jar.html - but I can't think of anything else that could be wrong).
Any tips much appreciated as I need to enable an administrator to customise these roles at runtime rather than hard-coding the role - group mappings into the deployment descriptors.
Thanks,
Gavin.
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE weblogic-ejb-jar PUBLIC "-//BEA Systems, Inc.//DTD WebLogic 8.1.0 EJB//EN" "http://www.bea.com/servers/wls810/dtd/weblogic-ejb-jar.dtd">
<weblogic-ejb-jar>
<description><![CDATA[Generated by XDoclet]]></description>
<weblogic-enterprise-bean>
<ejb-name>marketdata.MarketDataManager</ejb-name>
<stateless-session-descriptor>
</stateless-session-descriptor>
<reference-descriptor>
</reference-descriptor>
<jndi-name>marketdata.MarketDataManager</jndi-name>
<local-jndi-name>marketdata.MarketDataManagerLocal</local-jndi-name>
</weblogic-enterprise-bean>
<weblogic-enterprise-bean>
<ejb-name>marketdata.MessageManager</ejb-name>
<message-driven-descriptor>
<pool>
<max-beans-in-free-pool>5</max-beans-in-free-pool>
<initial-beans-in-free-pool>1</initial-beans-in-free-pool>
</pool>
<destination-jndi-name>FileTopic</destination-jndi-name>
<connection-factory-jndi-name>JMSConnectionFactory</connection-factory-jndi-name>
<jms-polling-interval-seconds>10</jms-polling-interval-seconds>
<jms-client-id>1</jms-client-id>
</message-driven-descriptor>
<transaction-descriptor>
<trans-timeout-seconds>10</trans-timeout-seconds>
</transaction-descriptor>
<reference-descriptor>
</reference-descriptor>
<enable-call-by-reference>True</enable-call-by-reference>
</weblogic-enterprise-bean>


<security-role-assignment>
<role-name>MarsAdmin</role-name>
<externally-defined/>
</security-role-assignment>
<security-role-assignment>
<role-name>MarsViewer</role-name>
<externally-defined/>
</security-role-assignment>
<idempotent-methods>
</idempotent-methods>
</weblogic-ejb-jar>
Message was edited by [email protected] at Sep 8, 2004 8:45 PM

Sample weblogic-ejb-jar.xml for Resource-ref EJB 3.0

I am trying to create an MDB that can be re-used under different names.
@MessageDriven(description = "An MDB that transfers messages from one Queue to another", activationConfig = { @ActivationConfigProperty(propertyName = "destinationType", propertyValue = "javax.jms.Queue") })
@TransactionAttribute(TransactionAttributeType.REQUIRED)
public class TransferMdb implements MessageListener {
private static final Logger LOG = Logger.getLogger(TransferMdb.class);
@Resource(name = "jms/connfactory")
private ConnectionFactory connectionFactory;
@Resource(name = "jms/targetDestination")
private Queue targetDestination;
<ejb-jar version="3.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/ejb-jar_3_0.xsd">
<enterprise-beans>
<message-driven>
<ejb-name>TransferMdb</ejb-name>
<ejb-class>TransferMdb</ejb-class>
</message-driven>
</enterprise-beans>
</ejb-jar>
<weblogic-ejb-jar>
<weblogic-enterprise-bean>
<ejb-name>TransferMdb</ejb-name>
<message-driven-descriptor>
<pool>
<max-beans-in-free-pool>200</max-beans-in-free-pool>
<initial-beans-in-free-pool>5</initial-beans-in-free-pool>
</pool>
<destination-jndi-name>test_queue</destination-jndi-name>
<transaction-descriptor>
<trans-timeout-seconds>20</trans-timeout-seconds>
</transaction-descriptor>
</message-driven-descriptor>
<reference-descriptor>
<resource-description>
<res-ref-name>jms/connectionfactory</res-ref-name>
<jndi-name>connectionfactory</jndi-name>
</resource-description>
<resource-description>
<res-ref-name>jms/targetDestination</res-ref-name>
<jndi-name>reply_queue</jndi-name>
</resource-description>
</reference-descriptor>
</weblogic-enterprise-bean>
</weblogic-ejb-jar>
However when I deploy the above, I get exceptions such as:
problem: cvc-complex-type.2.4a: Expected elements 'initial-context-factory@http://www.bea.com/ns/weblogic/weblogic-ejb-jar provider-url@http://www.bea.com/ns/weblogic/weblogic-ejb-jar connection-factory-jndi-name@http://www.bea.com/ns/weblogic/weblogic-ejb-jar jms-polling-interval-seconds@http://www.bea.com/ns/weblogic/weblogic-ejb-jar jms-client-id@http://www.bea.com/ns/weblogic/weblogic-ejb-jar generate-unique-jms-client-id@http://www.bea.com/ns/weblogic/weblogic-ejb-jar durable-subscription-deletion@http://www.bea.com/ns/weblogic/weblogic-ejb-jar max-messages-in-transaction@http://www.bea.com/ns/weblogic/weblogic-ejb-jar distributed-destination-connection@http://www.bea.com/ns/weblogic/weblogic-ejb-jar use81-style-polling@http://www.bea.com/ns/weblogic/weblogic-ejb-jar init-suspend-seconds@http://www.bea.com/ns/weblogic/weblogic-ejb-jar max-suspend-seconds@http://www.bea.com/ns/weblogic/weblogic-ejb-jar security-plugin@http://www.bea.com/ns/weblogic/weblogic-ejb-jar' instead of 'transaction-descriptor@http://www.bea.com/ns/weblogic/weblogic-ejb-jar' here in element message-driven-descriptor@http://www.bea.com/ns/weblogic/weblogic-ejb-jar:<null>
problem: cvc-complex-type.2.4a: Expected elements 'transaction-descriptor@http://www.bea.com/ns/weblogic/weblogic-ejb-jar iiop-security-descriptor@http://www.bea.com/ns/weblogic/weblogic-ejb-jar resource-description@http://www.bea.com/ns/weblogic/weblogic-ejb-jar resource-env-description@http://www.bea.com/ns/weblogic/weblogic-ejb-jar ejb-reference-description@http://www.bea.com/ns/weblogic/weblogic-ejb-jar service-reference-description@http://www.bea.com/ns/weblogic/weblogic-ejb-jar enable-call-by-reference@http://www.bea.com/ns/weblogic/weblogic-ejb-jar network-access-point@http://www.bea.com/ns/weblogic/weblogic-ejb-jar clients-on-same-server@http://www.bea.com/ns/weblogic/weblogic-ejb-jar run-as-principal-name@http://www.bea.com/ns/weblogic/weblogic-ejb-jar create-as-principal-name@http://www.bea.com/ns/weblogic/weblogic-ejb-jar remove-as-principal-name@http://www.bea.com/ns/weblogic/weblogic-ejb-jar passivate-as-principal-name@http://www.bea.com/ns/weblogic/weblogic-ejb-jar jndi-name@http://www.bea.com/ns/weblogic/weblogic-ejb-jar local-jndi-name@http://www.bea.com/ns/weblogic/weblogic-ejb-jar dispatch-policy@http://www.bea.com/ns/weblogic/weblogic-ejb-jar remote-client-timeout@http://www.bea.com/ns/weblogic/weblogic-ejb-jar stick-to-first-server@http://www.bea.com/ns/weblogic/weblogic-ejb-jar' instead of 'reference-descriptor@http://www.bea.com/ns/weblogic/weblogic-ejb-jar' here in element weblogic-enterprise-bean@http://www.bea.com/ns/weblogic/weblogic-ejb-jar:<null>
at weblogic.descriptor.internal.MarshallerFactory$1.evaluateResults(MarshallerFactory.java:234)
at weblogic.descriptor.internal.MarshallerFactory$1.evaluateResults(MarshallerFactory.java:221)
at weblogic.descriptor.internal.MarshallerFactory$1.createDescriptor(MarshallerFactory.java:146)
at weblogic.descriptor.BasicDescriptorManager.createDescriptor(BasicDescriptorManager.java:306)
at weblogic.application.descriptor.AbstractDescriptorLoader2.getDescriptorBeanFromReader(AbstractDescriptorLoader2.java:788)
Truncated. see log file for complete stacktrace
I am clearly missing items in the weblogic-ejb-jar.xml. If anyone has a sample or tips, that would be awesome as a starting point.

Those tags just declare that you are using our CMP provider and that
your descriptor is in META-INF/weblogic-cmp-rdbms-jar.xml.
FWIW, you might also want to check out EJBGen. It tends to keep more up
to date with WLS than xdoclet.
-- Rob
Gen wrote:
I am using xdoclets to generate descriptor file weblogic-ejb-jar.xml
for a BMP entity bean. Xdoclet is generating the descriptor file
alright, but is putting the following extra tags. This happens even
for samples which come with the download, so my tags in java file are
not wrong.
My question is, are the extra tags below harmless, or should I
manually go to each desciptor file and remove them?
Thanks.
----------- EXTRA TAGS GENERATED START ---------
persistence> <persistence-type>
<type-identifier>WebLogic_CMP_RDBMS</type-identifier>
<type-version>6.0</type-version>
<type-storage>META-INF/weblogic-cmp-rdbms-jar.xml</type-storage>
</persistence-type>
<persistence-use>
<type-identifier>WebLogic_CMP_RDBMS</type-identifier>
<type-version>6.0</type-version>
</persistence-use>
</persistence>
----------- EXTRA TAGS GENERATED END ---------
----------- TAGS I PUT IN JAVA CLASS START --------
* @ejb:bean name="com.ejb.entity.Customer"
* jndi-name="com.ejb.entity.CustomerHome"
* view-type="remote"
* type="BMP"
* primkey-field="com.ejb.entity.CustomerPK"
* reentrant="false"
* @weblogic:cache
* max-beans-in-cache="1000"
* read-timeout-seconds="900"
* concurrency-strategy="ReadOnly"
----------- TAGS I PUT IN JAVA CLASS END --------

Permissions on Postx Jar for CRES

Hi,
When I try to read an incoming secure message (CRES Registered Envelope) using a browser, I get the following error regarding missing permissions on a Postx jar:
If I continue to run, I get the following second message. I cannot decrypted the message locally on my desktop.
I installed Java and the CRES toolkit (can't remember the exact name) some time ago as I was prompted to do so on my first attempt to read a registered envelope.
Any idea how to recover from this? Is there a newer version of the toolkit for CRES/PostX that may solve this problem?
Thanks.

Hi David,
Thanks for your response. Here are some more detail:
I saved the attachment on disk and then tried opening it with couple of browsers (Firefox and Chrome), all with same result. I'd rather not use the Online option as that is against our policy (i.e. sending the encrypted envelop to Cisco for decryption). But I turned on full debug/trace and a complete report is attached. In a nutshell:
- The following jar seems to be causing the problem:
http://applet.postx.com/dist/EnvelopeTools51.jar
- Per trace messages, the Jar is built for Java 1.6.0.31 which I don;t have on my system. I'm running
1.7.0_45. The warnings indicate missing permission manifest attribute and potential problems with newer versions of Java
Missing Application-Name: manifest attribute for: http://applet.postx.com/dist/EnvelopeTools51.jar?1384829604624
Missing Permissions manifest attribute for: http://applet.postx.com/dist/EnvelopeTools51.jar?1384829604624
Missing Codebase manifest attribute for: http://applet.postx.com/dist/EnvelopeTools51.jar?1384829604624
- And finllay, a NullPointerExceptopn occurs at:
com.postx.client.Tools.genBaseDir(Tools.java:2075)
I wonder why others don't see the same issue? Is it just the matter of folks upgrading to the newer Java environments to get the same error or somthing in my environment is can cause the exception?
I tried lowering the security level for applets from Java console to Medium (from High), I got an additional prompt asking me if I would run the applet with an older Java environment on my system (1.6.0.45), but it didn't help. Had the same result.
Any help is appreciated.
John
PS - oops! just noticed I cannot attach a file on reply. So I append the trace file below
=-=-=-=-=-=-=-=-=
=-=-=-=-=-=-=-=-=
Java Plug-in 10.45.2.18
Using JRE version 1.7.0_45-b18 Java HotSpot(TM) Client VM
User home directory = C:\Users\john
c:   clear console window
f:   finalize objects on finalization queue
g:   garbage collect
h:   display this help message
l:   dump classloader list
m:   print memory usage
o:   trigger logging
q:   hide console
r:   reload policy configuration
s:   dump system and deployment properties
t:   dump thread list
v:   dump thread stack
x:   clear classloader cache
0-5: set trace level to
cache: Initialize resource manager: com.sun.deploy.cache.ResourceProviderImpl@ba074a
basic: Added progress listener: sun.plugin.util.ProgressMonitorAdapter@1a80fb8
basic: Plugin2ClassLoader.addURL parent called for http://applet.postx.com/dist/EnvelopeTools51.jar?1384828210677
security: Blacklist revocation check is enabled
security: blacklist: Reconstruct cache
security: blacklist: created: NEED_CREATE, lastModified: 1384828211442
security: blacklist: hasBeenModifiedSince 1384827946764 (we have 1384828211442)
cache: Trying to update in place C:\Users\john\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\73851b8f-4ce570b3.idx
cache: Upgrade writing to disk for C:\Users\john\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\73851b8f-4ce570b3
security: blacklist: check contains 3037+iVeU8fGjcXsuZLW/Iv5Ey0=, state now NEED_CREATE
security: blacklist: check raw C:\Users\john\AppData\LocalLow\Sun\Java\Deployment\security\blacklist.dynamic, false
security: blacklist: check raw C:\Program Files (x86)\Java\jre7\lib\security\blacklist, false
security: blacklist: check raw C:\Users\john\AppData\LocalLow\Sun\Java\Deployment\security\blacklist, false
security: blacklist: save cache to C:\Users\john\AppData\LocalLow\Sun\Java\Deployment\cache\security\blacklist.cache
security: Trusted libraries list check is enabled
security: Trusted libraries list file not found
cache: Create from verifier: JarSigningData{hasOnlySignedEntries=true, hasSingleCodeSource=true, hasMissingSignedEntries=false}
cache: Upgrade of entry done
cache: readIndexFile returning success
network: Remove cache entry: http://applet.postx.com/dist/EnvelopeTools51.jar?1384827885778
network: Cache entry not found [url: http://applet.postx.com/dist/EnvelopeTools51.jar?1384828210677, version: null]
network: Connecting http://applet.postx.com/dist/EnvelopeTools51.jar?1384828210677 with proxy=DIRECT
network: Connecting http://applet.postx.com:80/ with proxy=DIRECT
network: CleanupThread used 49324 us
network: CleanupThread used 2 us
network: Downloading resource: http://applet.postx.com/dist/EnvelopeTools51.jar?1384828210677
               Content-Length: 162,928
               Content-Encoding: null
network: Wrote URL http://applet.postx.com/dist/EnvelopeTools51.jar?1384828210677 to File C:\Users\john\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\73851b8f-331fcc0a-temp
security: blacklist: check contains 3037+iVeU8fGjcXsuZLW/Iv5Ey0=, state now IN_MEMORY
security: blacklist: not found in cache
security: Trusted libraries list file not found
cache: Create from verifier: JarSigningData{hasOnlySignedEntries=true, hasSingleCodeSource=true, hasMissingSignedEntries=false}
network: CleanupThread used 1 us
cache: Adding MemoryCache entry: http://applet.postx.com/dist/EnvelopeTools51.jar
security: blacklist: hasBeenModifiedSince 1384828213748 (we have 1384828211442)
network: Cache entry found [url: http://applet.postx.com/dist/EnvelopeTools51.jar?1384828210677, version: null] prevalidated=false/0
cache: Adding MemoryCache entry: http://applet.postx.com/dist/EnvelopeTools51.jar?1384828210677
cache: Read manifest for http://applet.postx.com/dist/EnvelopeTools51.jar?1384828210677: read=89 full=2225
cache: Loading full manifest for http://applet.postx.com/dist/EnvelopeTools51.jar?1384828210677cache: Reading Signers from 5516 http://applet.postx.com/dist/EnvelopeTools51.jar?1384828210677 | C:\Users\john\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\73851b8f-331fcc0a.idx
cache: Done readSigners(http://applet.postx.com/dist/EnvelopeTools51.jar?1384828210677)
security: Trust for: http://applet.postx.com/dist/EnvelopeTools51.jar?1384828210677 has ended: Wed Dec 31 19:00:00 EST 1969
security: Accessing keys and certificate in Mozilla user profile: null
Missing Application-Name: manifest attribute for: http://applet.postx.com/dist/EnvelopeTools51.jar?1384828210677
Missing Permissions manifest attribute for: http://applet.postx.com/dist/EnvelopeTools51.jar?1384828210677
Missing Codebase manifest attribute for: http://applet.postx.com/dist/EnvelopeTools51.jar?1384828210677
security: Loading Deployment certificates from C:\Users\john\AppData\LocalLow\Sun\Java\Deployment\security\trusted.certs
security: Loaded Deployment certificates from C:\Users\john\AppData\LocalLow\Sun\Java\Deployment\security\trusted.certs
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Validate the certificate chain using CertPath API
security: Loading blacklisted.certs file: C:\Users\john\AppData\LocalLow\Sun\Java\Deployment\security\blacklisted.certs
security: SHA-256Certificate finger print: 24A257718B2EDA924A30EC15806F46E277735B6F53C551EA2DEC224D154FD171
security: SHA-256Certificate finger print: AF840CA2B9DFB776BF81AA94C401BC440C52E5C590C43607A13D6680D83E3349
security: SHA-256Certificate finger print: C99157DF28D28EBD87B8B041AACCF023CF1C9AD0D21FD7116149D7F96484FA51
security: SHA-256Certificate finger print: 3F9F27D583204B9E09C8A3D2066C4B57D3A2479C3693650880505698105DBCE9
security: Loading Root CA certificates from C:\Program Files (x86)\Java\jre7\lib\security\cacerts
security: Loaded Root CA certificates from C:\Program Files (x86)\Java\jre7\lib\security\cacerts
security: Obtain certificate collection in Root CA certificate store
security: Obtain certificate collection in Root CA certificate store
security: Obtain certificate collection in Root CA certificate store
security: Obtain certificate collection in Root CA certificate store
security: The OCSP support is enabled
security: The CRL support is enabled
security: Failing over to CRLs: Certificate does not specify OCSP responder
network: Cache entry found [url: http://crl.thawte.com/ThawtePremiumServerCA.crl, version: null] prevalidated=false/0
cache: Adding MemoryCache entry: http://crl.thawte.com/ThawtePremiumServerCA.crl
cache: Resource http://crl.thawte.com/ThawtePremiumServerCA.crl has expired.
network: Connecting http://crl.thawte.com/ThawtePremiumServerCA.crl with proxy=DIRECT
network: Connecting http://crl.thawte.com:80/ with proxy=DIRECT
network: ResponseCode for http://crl.thawte.com/ThawtePremiumServerCA.crl : 304
network: Encoding for http://crl.thawte.com/ThawtePremiumServerCA.crl : null
network: Disconnect connection to http://crl.thawte.com/ThawtePremiumServerCA.crl
network: Connecting http://ocsp.thawte.com/ with proxy=DIRECT
network: Connecting http://ocsp.thawte.com:80/ with proxy=DIRECT
security: OCSP Response: GOOD
network: Connecting http://ocsp.thawte.com/ with proxy=DIRECT
network: Connecting http://ocsp.thawte.com:80/ with proxy=DIRECT
security: OCSP Response: GOOD
security: Certificate validation succeeded using OCSP/CRL
basic: Dialog type is not candidate for embedding
security: User has granted the privileges to the code for this session only
security: Saving certificates in Deployment session certificate store
security: Saved certificates in Deployment session certificate store
security: Grant socket perm for http://applet.postx.com/dist/EnvelopeTools51.jar?1384828210677 : java.security.Permissions@1f3cb0e (
("java.net.SocketPermission" "applet.postx.com" "connect,accept,resolve")
security: Trust for: http://applet.postx.com/dist/EnvelopeTools51.jar?1384828210677 has ended: Wed Dec 31 19:00:00 EST 1969
Missing Application-Name: manifest attribute for: http://applet.postx.com/dist/EnvelopeTools51.jar?1384828210677
Missing Permissions manifest attribute for: http://applet.postx.com/dist/EnvelopeTools51.jar?1384828210677
Missing Codebase manifest attribute for: http://applet.postx.com/dist/EnvelopeTools51.jar?1384828210677
security: Validate the certificate chain using CertPath API
basic: Plugin2ClassLoader.getPermissions CeilingPolicy allPerms
security: SHA-256Certificate finger print: 24A257718B2EDA924A30EC15806F46E277735B6F53C551EA2DEC224D154FD171
security: SHA-256Certificate finger print: AF840CA2B9DFB776BF81AA94C401BC440C52E5C590C43607A13D6680D83E3349
security: SHA-256Certificate finger print: C99157DF28D28EBD87B8B041AACCF023CF1C9AD0D21FD7116149D7F96484FA51
security: SHA-256Certificate finger print: 3F9F27D583204B9E09C8A3D2066C4B57D3A2479C3693650880505698105DBCE9
Missing Application-Name: manifest attribute for: http://applet.postx.com/dist/EnvelopeTools51.jar?1384828210677
Missing Permissions manifest attribute for: http://applet.postx.com/dist/EnvelopeTools51.jar?1384828210677
Missing Codebase manifest attribute for: http://applet.postx.com/dist/EnvelopeTools51.jar?1384828210677
security: Validate the certificate chain using CertPath API
security: SSV validation:
    running: 1.7.0_45
    requested: 1.6.0.31
    range: null
    javaVersionParam: null
    Rule Set version: null
network: Created version ID: 1.7.0.45
network: Created version ID: 1.6.0.31
security: Ask user to use: 1.6.0.31
network: Created version ID: 1.7.0.45+
network: Created version ID: 1.6.0.31
network: Created version ID: 1.6.0.31
network: Created version ID: 1.6.0.65
network: Created version ID: 1.7.0.45
network: Created version ID: 1.7
network: Created version ID: 2.2.45
basic: Applet loaded.
basic: Applet resized and added to parent container
basic: PERF: AppletExecutionRunnable - applet.init() BEGIN ; jvmLaunch dt 175756 us, pluginInit dt 10604238 us, TotalTime: 10779994 us
2013-11-18 21:30:21.676: Ident: $Id: EnvelopeTools.java,v 1.17 2011/04/05 21:18:39 blm Exp $
2013-11-18 21:30:21.677: build: 57
2013-11-18 21:30:21.677: build time: Wed Apr 06 02:37:22 EDT 2011
2013-11-18 21:30:21.710: Raw document.URL: file:///C:/Users/john/Downloads/securedoc_20131110T081336.html
2013-11-18 21:30:21.714: documentBase: null
2013-11-18 21:30:21.714: documentURL: file:///C:/Users/john/Downloads/securedoc_20131110T081336.html
2013-11-18 21:30:21.714: documentCharset: UTF-8
2013-11-18 21:30:21.714: codeBase: http://applet.postx.com/dist/
2013-11-18 21:30:21.714: appletName: EnvelopeTools51
2013-11-18 21:30:21.714: Ident: $Id: Tools.java,v 1.4 2011/04/06 02:49:34 blm Exp $
2013-11-18 21:30:21.714: Java: Oracle Corporation 1.7.0_45
2013-11-18 21:30:21.714: OS: Windows 8 6.2
2013-11-18 21:30:21.714: userAgent: mozilla/5.0 (windows nt 6.2; wow64; rv:25.0) gecko/20100101 firefox/25.0
2013-11-18 21:30:21.714: sunJava: true
2013-11-18 21:30:21.714: inIE: false
2013-11-18 21:30:21.714: OSMacOSX: false
2013-11-18 21:30:21.714: OSVista: true
2013-11-18 21:30:21.714: haveMSSecurity: false
2013-11-18 21:30:21.714: Free memory: 7904920
2013-11-18 21:30:21.715: Total memory: 16252928
java.lang.NullPointerException
               at com.postx.client.Tools.genBaseDir(Tools.java:2075)
network: Created version ID: 1.7.0.45
network: Created version ID: 1.7.0.45
               at com.postx.client.Tools.run(Tools.java:394)
               at com.postx.client.EnvelopeTools.init(EnvelopeTools.java:73)
               at com.sun.deploy.uitoolkit.impl.awt.AWTAppletAdapter.init(Unknown Source)
               at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
               at java.lang.Thread.run(Unknown Source)
Ignored exception: java.lang.NullPointerException
network: Created version ID: 1.7.0.45
network: Created version ID: 1.7.0.45
basic: Dialog type is not candidate for embedding
basic: Removed progress listener: sun.plugin.util.ProgressMonitorAdapter@1a80fb8
security: Reset deny session certificate store

Warning: EJB referenced an unknown security role?

Hello,
I get a weird error from WL 5.1 (SP6), using the default WLPropertyRealm.
In the EJB I have the following check:
if (ctx.isCallerInRole("ConspiratorRole"))
System.out.println ("the user is in the ConspiratorRole role");
At run time, I get the following warning in the WL window:
Fri Nov 10 12:56:58 EST 2000:<I>
<EJB JAR deployment D:/weblogic/myserver/myBean.jar>
Warning: EJB "unu" referenced an unknown security role
However:
- the role IS defined (see ejb-jar.xml)
- has an associated principal (see weblogic-ejb-jar.xml)
- there is a principal defined in weblogic.properties
- this principal (and this role) is actually used in practice to access the
bean. Which works.
So why the warning?
Any hint appreciated,
Thanks.
ejb-jar.xml:
<assembly-descriptor>
<security-role>
<description>description of the ConspiratorRole</description>
<role-name>ConspiratorRole</role-name>
</security-role>
</assembly-descriptor>
weblogic-ejb-jar.xml:
<weblogic-ejb-jar>
<security-role-assignment>
<role-name>ConspiratorRole</role-name>
<principal-name>Conspirator</principal-name>
</security-role-assignment>
</weblogic-ejb-jar>

You should not reference the role link in you code.The role link is used to
connect the role name in you code to the
role name in your deployment descripment. Only if this link is set up as you
have done below, will the isCallerInRole return true.
- Sri
Alf wrote:
I reviewed older postings and found indications of what appears to be a bug
in WL: that isCallerInRole always return false for role names but returns
correct values if the role names are linked with a reference in
<security-role-ref>. So, according to the DTD at
http://edocs.bea.com/wle/dd/ddref.htm#1038338 I added the following in
ejb-jar.xml:
<ejb-jar>
<enterprise-beans>
<session>
<security-role-ref>
<role-name>ConspiratorRole</role-name>
<role-link>ConspiratorRoleLink</role-link>
</security-role-ref>
and added 2 lines in the bean to test the both the role and the reference
if (ctx.isCallerInRole("ConspiratorRole"))
System.out.println ("the user is in the ConspiratorRole role");
if (ctx.isCallerInRole("ConspiratorRoleLink"))
System.out.println ("the user is in the ConspiratorRoleLink
role");
The unexpected result was a NullPointerException at
weblogic.ejb.internal.BaseEJBContext.isCallerInRole(BaseEJBContext.java:665)
Can anyone shed some light? Thanks.
"Alf" <alf> wrote in message news:[email protected]...
Hello,
I get a weird error from WL 5.1 (SP6), using the default WLPropertyRealm.
In the EJB I have the following check:
if (ctx.isCallerInRole("ConspiratorRole"))
System.out.println ("the user is in the ConspiratorRole role");
At run time, I get the following warning in the WL window:
Fri Nov 10 12:56:58 EST 2000:<I>
<EJB JAR deployment D:/weblogic/myserver/myBean.jar>
Warning: EJB "unu" referenced an unknown security role
However:
- the role IS defined (see ejb-jar.xml)
- has an associated principal (see weblogic-ejb-jar.xml)
- there is a principal defined in weblogic.properties
- this principal (and this role) is actually used in practice to accessthe
bean. Which works.
So why the warning?
Any hint appreciated,
Thanks.
ejb-jar.xml:
<assembly-descriptor>
<security-role>
<description>description of the ConspiratorRole</description>
<role-name>ConspiratorRole</role-name>
</security-role>
</assembly-descriptor>
weblogic-ejb-jar.xml:
<weblogic-ejb-jar>
<security-role-assignment>
<role-name>ConspiratorRole</role-name>
<principal-name>Conspirator</principal-name>
</security-role-assignment>
</weblogic-ejb-jar>

Need JAR files for load testing the dicoverer plus 9.0.4

I am able to capture the Applet events in oracle discoverer plus 9.0.4 using loadrunner. But i am not able to replay the script. For replaying the script it needs some jar files to be included in the classpath. Source.jar,Xmlparserv2.jar,inner.jar and remoteclient.jar files. I am not able to find out the source.jar and remoteclient.jar in server.
Any one help me out to get all these jar files with complete stuff to include in classpath and replay that is run the script in loadrunner.
i need these jar files urgently. Version is discoverer plus 9.0.4

Hi, Bhushan and all!!
I have the dll's needed for the connection:
- GxSiebelBridge.dll
- Interop.SiebelApplicationServer.dll
- Interop.SiebelBusObjectInterfaces.dll
- Interop.SiebelDataServer.dll
Tell me if you want it. You can implement these dll's with JNI (Java Native Interface).
I need the jars, too. If anyone have it, please send me.
Thanks!!

Applet is not looking for the classes in the jar

I have an applet that uses 2 jar files (Jasplet.jar and WinLS.jar). They are downloaded fine, but then java look for the classes in a URL instead of using the jar:
network: Cache entry found [url: http://localhost:8000/reportes/Jasplet.jar, version: null]
network: Connecting http://localhost:8000/reportes/Jasplet.jar with proxy=DIRECT
network: Connecting http://localhost:8000/reportes/Jasplet.jar with cookie "JSESSIONID=573b1fbfcd200059b8bbbfa92b95"
network: ResponseCode for http://localhost:8000/reportes/Jasplet.jar : 304
network: Encoding for http://localhost:8000/reportes/Jasplet.jar : null
network: Disconnect connection to http://localhost:8000/reportes/Jasplet.jar
security: Loading Root CA certificates from /usr/lib/jvm/java-6-sun-1.6.0.07/jre/lib/security/cacerts
security: Loaded Root CA certificates from /usr/lib/jvm/java-6-sun-1.6.0.07/jre/lib/security/cacerts
security: Loading Deployment certificates from /home/santiago/.java/deployment/security/trusted.certs
security: Loaded Deployment certificates from /home/santiago/.java/deployment/security/trusted.certs
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Validate the certificate chain using CertPath API
security: Obtain certificate collection in Root CA certificate store
security: Obtain certificate collection in Root CA certificate store
security: The CRL support is disabled
security: The OCSP support is disabled
security: No timestamping info available
security: Checking if certificate is in Deployment denied certificate store
security: Checking if certificate is in Deployment permanent certificate store
network: Cache entry found [url: http://localhost:8000/reportes/lib/WinLS.jar, version: null]
network: Connecting http://localhost:8000/reportes/lib/WinLS.jar with proxy=DIRECT
network: Connecting http://localhost:8000/reportes/lib/WinLS.jar with cookie "JSESSIONID=573b1fbfcd200059b8bbbfa92b95"
network: ResponseCode for http://localhost:8000/reportes/lib/WinLS.jar : 304
network: Encoding for http://localhost:8000/reportes/lib/WinLS.jar : null
network: Disconnect connection to http://localhost:8000/reportes/lib/WinLS.jar
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Validate the certificate chain using CertPath API
security: Obtain certificate collection in Root CA certificate store
security: Obtain certificate collection in Root CA certificate store
security: The CRL support is disabled
security: The OCSP support is disabled
security: No timestamping info available
security: Checking if certificate is in Deployment denied certificate store
security: Checking if certificate is in Deployment permanent certificate store
network: Cache entry not found [url: http://localhost:8000/reportes/winls/resource/engine.class, version: null]
network: Connecting http://localhost:8000/reportes/winls/resource/engine.class with proxy=DIRECT
network: Connecting http://localhost:8000/reportes/winls/resource/engine.class with cookie "JSESSIONID=573b1fbfcd200059b8bbbfa92b95"
network: Cache entry not found [url: http://localhost:8000/reportes/winls/resource/engine_en.class, version: null]
network: Connecting http://localhost:8000/reportes/winls/resource/engine_en.class with proxy=DIRECT
network: Connecting http://localhost:8000/reportes/winls/resource/engine_en.class with cookie "JSESSIONID=573b1fbfcd200059b8bbbfa92b95"
network: Cache entry not found [url: http://localhost:8000/reportes/winls/resource/engine_en.properties, version: null]
network: Connecting http://localhost:8000/reportes/winls/resource/engine_en.properties with proxy=DIRECT
network: Connecting http://localhost:8000/reportes/winls/resource/engine_en.properties with cookie "JSESSIONID=573b1fbfcd200059b8bbbfa92b95"
network: Cache entry not found [url: http://localhost:8000/reportes/winls/resource/engine_en_US.class, version: null]
network: Connecting http://localhost:8000/reportes/winls/resource/engine_en_US.class with proxy=DIRECT
network: Connecting http://localhost:8000/reportes/winls/resource/engine_en_US.class with cookie "JSESSIONID=573b1fbfcd200059b8bbbfa92b95"
network: Connecting socket://localhost:5432 with proxy=DIRECT
select relname,attname,typname,atttypmod-4 as length from pg_class c , pg_attribute a ,pg_type t where c.oid=a.attrelid and a.atttypid=t.oid and (typname='varchar' or typname='bpchar') and relkind='r' and substring(relname from 1 for 4)!='sql_' and substring(relname from 1 for 3)!='pg_'
network: Connecting socket://localhost:5432 with proxy=DIRECT
Oct 22, 2008 11:52:20 AM winls.dbdata.DataEmployee getEmployee():505
INFO: Connected to:jdbc:postgresql://localhost:5432/wmc
Oct 22, 2008 11:52:20 AM winls.dbdata.DataEmployee getEmployee():505
INFO: Connected to:jdbc:postgresql://localhost:5432/wmc
select * from employees where empusername = 'jw1' and emppassword = 'YW5jeA=='
network: Cache entry not found [url: http://localhost:8000/reportes/winls/resource/resource.class, version: null]
network: Connecting http://localhost:8000/reportes/winls/resource/resource.class with proxy=DIRECT
network: Connecting http://localhost:8000/reportes/winls/resource/resource.class with cookie "JSESSIONID=573b1fbfcd200059b8bbbfa92b95"
network: Cache entry not found [url: http://localhost:8000/reportes/winls/resource/resource_en.class, version: null]
network: Connecting http://localhost:8000/reportes/winls/resource/resource_en.class with proxy=DIRECT
network: Connecting http://localhost:8000/reportes/winls/resource/resource_en.class with cookie "JSESSIONID=573b1fbfcd200059b8bbbfa92b95"
network: Cache entry not found [url: http://localhost:8000/reportes/winls/resource/resource_en.properties, version: null]
network: Connecting http://localhost:8000/reportes/winls/resource/resource_en.properties with proxy=DIRECT
network: Connecting http://localhost:8000/reportes/winls/resource/resource_en.properties with cookie "JSESSIONID=573b1fbfcd200059b8bbbfa92b95"
network: Cache entry not found [url: http://localhost:8000/reportes/winls/resource/resource_en_US.class, version: null]
network: Connecting http://localhost:8000/reportes/winls/resource/resource_en_US.class with proxy=DIRECT
network: Connecting http://localhost:8000/reportes/winls/resource/resource_en_US.class with cookie "JSESSIONID=573b1fbfcd200059b8bbbfa92b95"
network: Connecting socket://localhost:5432 with proxy=DIRECT
LISTEN companyPostDate
network: Cache entry not found [url: http://localhost:8000/reportes/org/postgresql/errors.class, version: null]
java.lang.NullPointerException
     at winls.gui.WinLSFrame.loadCompany(WinLSFrame.java:365)
     at winls.gui.WinLSFrame.<init>(WinLSFrame.java:250)
     at winls.gui.WinLSDesktop$2.run(WinLSDesktop.java:141)
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:597)
     at spin.Invocation.evaluate(Invocation.java:122)
     at spin.off.OffInvocation.spin(OffInvocation.java:78)
     at spin.Invocation.start(Invocation.java:100)
     at spin.Interceptor.intercept(Interceptor.java:52)
     at spin.Spin$AbstractInvocationHandler.invoke(Spin.java:411)
     at $Proxy1.run(Unknown Source)
     at winls.gui.WinLSDesktop.<init>(WinLSDesktop.java:137)
     at jasplet.Main.init(Main.java:38)
     at sun.applet.AppletPanel.run(AppletPanel.java:425)
     at java.lang.Thread.run(Thread.java:619)
basic: Exception: java.lang.NullPointerException
network: Connecting http://localhost:8000/reportes/org/postgresql/errors.class with proxy=DIRECT
network: Connecting http://localhost:8000/reportes/org/postgresql/errors.class with cookie "JSESSIONID=573b1fbfcd200059b8bbbfa92b95"
network: Cache entry not found [url: http://localhost:8000/reportes/org/postgresql/errors_en.class, version: null]
network: Connecting http://localhost:8000/reportes/org/postgresql/errors_en.class with proxy=DIRECT
network: Connecting http://localhost:8000/reportes/org/postgresql/errors_en.class with cookie "JSESSIONID=573b1fbfcd200059b8bbbfa92b95"
network: Cache entry not found [url: http://localhost:8000/reportes/org/postgresql/errors_en.properties, version: null]
network: Connecting http://localhost:8000/reportes/org/postgresql/errors_en.properties with proxy=DIRECT
network: Connecting http://localhost:8000/reportes/org/postgresql/errors_en.properties with cookie "JSESSIONID=573b1fbfcd200059b8bbbfa92b95"
network: Cache entry not found [url: http://localhost:8000/reportes/org/postgresql/errors_en_US.class, version: null]
network: Connecting http://localhost:8000/reportes/org/postgresql/errors_en_US.class with proxy=DIRECT
network: Connecting http://localhost:8000/reportes/org/postgresql/errors_en_US.class with cookie "JSESSIONID=573b1fbfcd200059b8bbbfa92b95"
network: Cache entry not found [url: http://localhost:8000/reportes/org/postgresql/errors_en_US.properties, version: null]
network: Connecting http://localhost:8000/reportes/org/postgresql/errors_en_US.properties with proxy=DIRECT
network: Connecting http://localhost:8000/reportes/org/postgresql/errors_en_US.properties with cookie "JSESSIONID=573b1fbfcd200059b8bbbfa92b95"
network: Connecting socket://localhost:5432 with proxy=DIRECTThe lines like network: Cache entry not found [url: http://localhost:8000/reportes/winls/resource/engine.class, version: null] are the ones that seems to cause the problem.
I have tried to clear the cache. I even deleted mi ~/.java/deployment directory. Any idea of what could be the problem?

Your applet appears to be asking for https:// protocol security.
Is there a certificate should be in your localhost server and https enabled and supported
(the applet continually asks for "https protocol" types of information and your using standard http)?
Other protocols for such use are ssl:// and tls://
Dependent the server configuration you may or may not require the port number on the end of the domain
e.g. something like.
ssl://mydomain.com:443 or https://mydomain.com:8080 or tls://mydomain.com:989
And be sure there program if its an extra such as ssl:// has its service started.
Edited by: nicephotog on Oct 28, 2008 4:09 AM

Maven and "adf library jar"

Hi,
I'm trying to create an "adf library jar" using maven in jdev 11gR2 : how to have the same jar with "jdev deployment" and "maven-->package" ? Is it possible?
Thanks
Clément

Hi,
In order to determine which jars are needed for ADF, you need to check the dependencies in JDeveloper and write each jar down.
If by any chance you are using JDev 11.1.3, its the following jars:
CONTROLLER
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.controller_11.1.1\adf-controller.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.controller_11.1.1\adf-controller-api.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.controller_11.1.1\adf-controller-rt-common.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.controller_11.1.1\adf-controller-rt-common.jar
MANAGEMENT
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.management_11.1.1\adf-em-config.jar
MODEL.GENERIC
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.model.generic_11.1.1\bc4jdomgnrc.jar
ADF.MODEL
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.model_11.1.1\adfbcsvc.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.model_11.1.1\adfbcsvc-client.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.model_11.1.1\adfbcsvc-share.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.model_11.1.1\adf-controller-schema.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.model_11.1.1\adfdt_common.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.model_11.1.1\adflibfilter.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.model_11.1.1\adflibrary.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.model_11.1.1\adfm.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.model_11.1.1\adfm-debugger.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.model_11.1.1\adfmportlet.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.model_11.1.1\adfmweb.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.model_11.1.1\adf-runtime-mbean.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.model_11.1.1\adf-sec-idm-dc.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.model_11.1.1\adftags.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.model_11.1.1\adftransactionsdt.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.model_11.1.1\bc4jhtml.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.model_11.1.1\bc4jimdomains.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.model_11.1.1\bc4j-mbeans.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.model_11.1.1\bc4jsyscat.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.model_11.1.1\bc4jwizard.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.model_11.1.1\datatags.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.model_11.1.1\db-ca.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.model_11.1.1\jdev-cm.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.model_11.1.1\jmxdc.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.model_11.1.1\jr_dav.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.model_11.1.1\oicons.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.model_11.1.1\ordhttp.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.model_11.1.1\ordim.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.model_11.1.1\rcs-adflib-rt.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.model_11.1.1\rcsrt.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.model_11.1.1\regexp.jar
PAGEFLOW
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.pageflow_11.1.1\adf-pageflow-dtrt.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.pageflow_11.1.1\adf-pageflow-fwk.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.pageflow_11.1.1\adf-pageflow-impl.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.pageflow_11.1.1\adf-pageflow-rc.jar
SECURITY
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.security_11.1.1\adf-controller-security.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.security_11.1.1\adf-share-security.jar
SHARE.CA
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.share.ca_11.1.1\adf-share-base.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.share.ca_11.1.1\adf-share-ca.jar
ADF.SHARE
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.share_11.1.1\adflogginghandler.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.share_11.1.1\adfsharembean.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.share_11.1.1\adf-share-support.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.share_11.1.1\adf-share-wls.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.share_11.1.1\jsp-el-api.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.share_11.1.1\oracle-el.jar
ADF.VIEW
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.view_11.1.1\adf-dt-at-rt.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.view_11.1.1\adf-dynamic-faces.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.view_11.1.1\adf-faces-changemanager-rt.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.view_11.1.1\adf-faces-databinding-dt-core.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.view_11.1.1\adf-faces-databinding-rt.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.view_11.1.1\adf-faces-registration.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.view_11.1.1\adf-faces-templating-dt-core.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.view_11.1.1\adf-faces-templating-dtrt.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.view_11.1.1\adf-richclient-api-11.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.view_11.1.1\adf-richclient-automation-11.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.view_11.1.1\adf-richclient-impl-11.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.view_11.1.1\adf-share-web.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.view_11.1.1\adf-view-databinding-dt-core.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.view_11.1.1\dvt-databindings.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.view_11.1.1\dvt-faces.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.view_11.1.1\dvt-facesbindings.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.view_11.1.1\dvt-jclient.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.view_11.1.1\dvt-trinidad.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.view_11.1.1\dvt-utils.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.view_11.1.1\oracle-page-templates.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.view_11.1.1\trinidad-api.jar
%MIDDLEWARE_HOME%\oracle_common\modules\oracle.adf.view_11.1.1\trinidad-impl.jar                             -Anton

Deployment Plan / weblogic-ejb-jar.xml: Problem

Hello,
I am trying to use a deployment plan to override the principal name in the weblogic-ejb-jar.xml.
The deployment-plan looks like this (showing only the important sections)
<variable-definition>
<variable>
<name>SecurityRoleAssignment_ejbRole_PrincipalNames_1</name>
<value>MY PRINCIPAL 1</value>
</variable>
</variable-definition>
<variable-assignment>
<name>SecurityRoleAssignment_ejbRole_PrincipalNames_1</name>
<xpath>/weblogic-ejb-jar/security-role-assignment/[role-name="View-Role"]/externally-defined</xpath>
<operation>replace</operation>
</variable-assignment>
The security-role assignment in the weblogic-ejb-jar.xml looks like this:
<security-role-assignment>
<role-name>View-Role</role-name>
<externally-defined/>
</security-role-assignment>
I 've tried to override the element-value of <externally-defined> (a valid tag in the weblogic-ejb-jar.xml ) with help of a deployment-plan.
When trying to deploy my application (which is organised in the directory-structure: inst_dir/APP inst_dir/PLAN
the following error occurs:
VALIDATION PROBLEMS WERE FOUND problem: cvc-complex-type.2.4a: Expected element 'principal-name@http://www.bea.com/ns/weblogic/10.0' instead of 'externally-defined@http://www.bea.com/ns/weblogic/10.0' here in element security-role-assignment@http://www.bea.com/ns/weblogic/10.0:
This has surprised me, as externally-defined is (according to the documentation) a valid tag.
I have tried to replace <externally-defined> with an empty <principal-name> tag (which works fine when deploying the application), but causes a security exception, when trying to use the EJB.
Has anybody an idea if there is a workaround for this problem?
IMHO the Validatio Problem is not justified at this place then why should an otherwise valid weblogic-ejb-jar.xml (when not using a deployment-plan) suddenly become invalid when a deployment plan is used?
Thanx a lot in advance!
Edited by: user10672779 on 02.12.2008 04:09

Hi again,
I tried it with the weblogic 10 Namespace Declaration but got then this error:
failed to load java type corresponding to e=weblogic-ejb-jar@http://www.bea.com/ns/weblogic/weblogic-ejb-jar/1.0/weblogic-ejb-jar.xsd
and following Exception:
<02.12.2008 20.00 Uhr CET> <Error> <J2EE> <BEA-160197> <Unable to load descriptor D:\exportapps\tb.ear\app\tb_flowcontrol.jar/META-INF/weblogic-ejb-jar.xml of module tb_flowcontrol.jar. The error is weblogic.descriptor.DescriptorException: Unmarshaller failed
at weblogic.descriptor.internal.MarshallerFactory$1.createDescriptor(MarshallerFactory.java:152)
at weblogic.descriptor.BasicDescriptorManager.createDescriptor(BasicDescriptorManager.java:292)
at weblogic.descriptor.BasicDescriptorManager.createDescriptor(BasicDescriptorManager.java:260)
at weblogic.application.descriptor.AbstractDescriptorLoader2.getDescriptorBeanFromReader(AbstractDescriptorLoader2.java:774)
at weblogic.application.descriptor.AbstractDescriptorLoader2.createDescriptorBean(AbstractDescriptorLoader2.java:395)
at weblogic.application.descriptor.AbstractDescriptorLoader2.loadDescriptorBeanWithoutPlan(AbstractDescriptorLoader2.java:745)
Caused by: com.bea.xml.XmlException: failed to load java type corresponding to e=weblogic-ejb-jar@http://www.bea.com/ns/weblogic/weblogic-ejb-jar/1.0/weblogic-ejb-jar.xsd
at com.bea.staxb.runtime.internal.UnmarshalResult.getPojoBindingType(UnmarshalResult.java:329)
at com.bea.staxb.runtime.internal.UnmarshalResult.determineTypeForGlobalElement(UnmarshalResult.java:296)
at com.bea.staxb.runtime.internal.UnmarshalResult.determineTypeForGlobalElement(UnmarshalResult.java:306)
at com.bea.staxb.runtime.internal.UnmarshalResult.determineRootType(UnmarshalResult.java:287)
at com.bea.staxb.runtime.internal.UnmarshalResult.unmarshalDocument(UnmarshalResult.java:153)
at com.bea.staxb.runtime.internal.UnmarshallerImpl.unmarshal(UnmarshallerImpl.java:65)
at weblogic.descriptor.internal.MarshallerFactory$1.createDescriptor(MarshallerFactory.java:141)
Searching the net couldn't supply me with another answer as to use the 90 Namespace Declaration again...
I think I forgot to mention I am using an exploded directory.
This all seems very strange.
cheers.

Applet hangs web server when upgrading from 1.6 to 1.7

I've got a client-side printing application which works fine on 1.6 and fails on 1.7 where it essentially hang the server on the connect option to the server and loading the jar file. Specifics:
PC Client running windows 7 x64
Browser versions IE9, IE10, Firefox 17.0.1 (PC-client) all fail
Client PC has latest Java 1.7.0 10-b 18 installed
Web server is Apache2.4.3 x64 running on Windows 2008 Server R2 through the network
Jar file is signed and the certificate is loaded
Apache server is sitting on another server through a network connection. Backrev java to 1.6 and it passes. I've specified the -Djava.net.prefIPv4Stack=true option in the applet call but it doesn't fix the issue.
The java console loads but then hangs on the connecting portion:
Java Plug-in 10.10.2.18
Using JRE version 1.7.0_10-b18 Java HotSpot(TM) Client VM
User home directory = C:\Users\user
c: clear console window
f: finalize objects on finalization queue
g: garbage collect
h: display this help message
l: dump classloader list
m: print memory usage
o: trigger logging
q: hide console
r: reload policy configuration
s: dump system and deployment properties
t: dump thread list
v: dump thread stack
x: clear classloader cache
0-5: set trace level to <n>
cache: Initialize resource manager: com.sun.deploy.cache.ResourceProviderImpl@1ae81ab
security: property package.access value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.org.glassfish.external.,com.sun.org.glassfish.gmbal.
security: property package.access new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.org.glassfish.external.,com.sun.org.glassfish.gmbal.,com.sun.javaws
security: property package.access value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.org.glassfish.external.,com.sun.org.glassfish.gmbal.,com.sun.javaws
security: property package.access new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.org.glassfish.external.,com.sun.org.glassfish.gmbal.,com.sun.javaws,com.sun.deploy
security: property package.access value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.org.glassfish.external.,com.sun.org.glassfish.gmbal.,com.sun.javaws,com.sun.deploy
security: property package.access new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.org.glassfish.external.,com.sun.org.glassfish.gmbal.,com.sun.javaws,com.sun.deploy,com.sun.jnlp
security: property package.definition value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.org.glassfish.external.,com.sun.org.glassfish.gmbal.
security: property package.definition new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.org.glassfish.external.,com.sun.org.glassfish.gmbal.,com.sun.javaws
security: property package.definition value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.org.glassfish.external.,com.sun.org.glassfish.gmbal.,com.sun.javaws
security: property package.definition new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.org.glassfish.external.,com.sun.org.glassfish.gmbal.,com.sun.javaws,com.sun.deploy
security: property package.definition value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.org.glassfish.external.,com.sun.org.glassfish.gmbal.,com.sun.javaws,com.sun.deploy
security: property package.definition new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.org.glassfish.external.,com.sun.org.glassfish.gmbal.,com.sun.javaws,com.sun.deploy,com.sun.jnlp
security: property package.access value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.org.glassfish.external.,com.sun.org.glassfish.gmbal.,com.sun.javaws,com.sun.deploy,com.sun.jnlp
security: property package.access new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.org.glassfish.external.,com.sun.org.glassfish.gmbal.,com.sun.javaws,com.sun.deploy,com.sun.jnlp,org.mozilla.jss
security: property package.definition value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.org.glassfish.external.,com.sun.org.glassfish.gmbal.,com.sun.javaws,com.sun.deploy,com.sun.jnlp
security: property package.definition new value sun.,com.sun.xml.internal.ws.,com.sun.xml.internal.bind.,com.sun.imageio.,com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils.,com.sun.org.glassfish.external.,com.sun.org.glassfish.gmbal.,com.sun.javaws,com.sun.deploy,com.sun.jnlp,org.mozilla.jss
security: --- parseCommandLine converted : -Djava.net.preferIPv4Stack=true
into:
[-Djava.net.preferIPv4Stack=true]
basic: Added progress listener: sun.plugin.util.ProgressMonitorAdapter@8bbbf4
basic: Plugin2ClassLoader.addURL parent called for http://10.100.1.61/patholog/java/patholog/dist/PathologLibS.jar
security: Blacklist revocation check is enabled
security: Trusted libraries list check is enabled
network: Cache entry found [url: http://10.100.1.61/patholog/java/patholog/dist/PathologLibS.jar, version: null] prevalidated=true/0
cache: Adding MemoryCache entry: http://10.100.1.61/patholog/java/patholog/dist/PathologLibS.jar
cache: Resource http://10.100.1.61/patholog/java/patholog/dist/PathologLibS.jar has expired.
network: Connecting http://10.100.1.61/patholog/java/patholog/dist/PathologLibS.jar with proxy=DIRECT
network: Connecting http://10.100.1.61:80/ with proxy=DIRECT
network: Connecting http://10.100.1.61/patholog/java/patholog/dist/PathologLibS.jar with cookie "Patholog=vl141e491gffhpc07aupt0rnq5"
What is most irritating is that a local instance for debugging (i.e. apache2.4.3 x64) running locally and running the application on the same machine) passes perfectly so it appears that it involves a network connection rather than a localhost operation.
I noticed on a good connection the server returns with ResponseCode 304. I do not see that line in the log on the failing applet load. Apache logs set at debug show no errors even though the operation hangs the server.
Anyone got any ideas on how to debug and resolve this?
-Thanks
-G

More information:
Installed jre.1.6.37 (x32 version) along with 1.7.10 (x32 version) and the applet loads. Installed 1.7.10 (x32 version) only on the windows 7 x64 client fails. I've done both the x-java-applet method and the JNLP method and both hang. The JNLP j2se version is set to "1.6+" so in theory 1.7 should jre should work fine without a 1.6.37 loaded.
I've got wireshark dumps that I'm analyzing and noticed that there two OCSP responses (successful) but nothing after that, specifically where it hangs. Any ideas on how to debug this further?

Jar security urgent

Similar Messages

Maybe you are looking for