Realm

Similar Messages

• Management and creation of realms

  I have the following situation and problem:
  i have a realm that is, for example, mydomain.net. In this realm i have inserted people who have to use OCS (that don't belong to my company) registered into a group and also people of my company registered in an other group but under the same domain. Now i think that is better make a division but i haven't understood how i can do this division. For example can i create another realm for example mydomain.it and move user about my company in this other realm?
  For you which is the better solution for my problem?
  Help me.
  Best Giorgio

  >>>Can 2008r2 and 2012 client tools co-exist on the same development machine?
  Yes, they can , but you can develop SSIS 2012  to work against SS2008R2
  Best Regards,Uri Dimant SQL Server MVP,
  http://sqlblog.com/blogs/uri_dimant/
  MS SQL optimization: MS SQL Development and Optimization
  MS SQL Consulting:
  Large scale of database and data cleansing
  Remote DBA Services:
  Improves MS SQL Database Performance
  SQL Server Integration Services:
  Business Intelligence

• Weblogic realm authentication failure getting connection from pool

  We are getting this error when we try to get a connection from the
  pool for a Tx Data Source. We are successfully getting connections
  from a (non-Tx) Data Source.
  java.lang.SecurityException: Authentication for user Fitness_demo
  denied in realm weblogic
  at weblogic.security.acl.Realm.authenticate(Realm.java:212)
  at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
  at weblogic.security.acl.internal.Security.authenticate(Security.java:125)
  at weblogic.security.acl.Security.doAsPrivileged(Security.java:481)
  at weblogic.jdbc.common.internal.RmiDataSource.getConnection(RmiDataSource.java:127)
  We have added the DB user as a user in the realm, which usually does
  the trick; but in this case it does not. We are using Merant's
  JSQLConnect type 2 driver for SQL Server, and we are running on
  Solaris. The scenario works fine using Oracle Thin driver on Windows.
  Do we need ACL entries or something? We do not have any ACL entries
  now.
  Thanks,
  -wes

  We are getting this error when we try to get a connection from the
  pool for a Tx Data Source. We are successfully getting connections
  from a (non-Tx) Data Source.
  java.lang.SecurityException: Authentication for user Fitness_demo
  denied in realm weblogic
  at weblogic.security.acl.Realm.authenticate(Realm.java:212)
  at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
  at weblogic.security.acl.internal.Security.authenticate(Security.java:125)
  at weblogic.security.acl.Security.doAsPrivileged(Security.java:481)
  at weblogic.jdbc.common.internal.RmiDataSource.getConnection(RmiDataSource.java:127)
  We have added the DB user as a user in the realm, which usually does
  the trick; but in this case it does not. We are using Merant's
  JSQLConnect type 2 driver for SQL Server, and we are running on
  Solaris. The scenario works fine using Oracle Thin driver on Windows.
  Do we need ACL entries or something? We do not have any ACL entries
  now.
  Thanks,
  -wes

• I have a problem with JDBC Realm in Tomcat/Oracle/Win XP

  I have a problem with JDBC Realm in Tomcat.
  I have attached my server.xml file located in the
  C:\Program Files\Apache Software Foundation\Tomcat 5.5\conf\server.xml
  The Problem is that when I login I get the user name and password prompt but it does not resolve.
  When I enter in the tomcat-users.xml password with memory realm uncommented it works fine.
  C:\Program Files\Apache Software Foundation\Tomcat 5.5\conf\tomcat-users.xml
  Is there a cache or something I need to reset for the JDBC Realm to work?
  I have attached my tables and contents as well...
  Did I miss something????
  Thanks
  Phil
  server.xml
  <Server port="8005" shutdown="SHUTDOWN">
  <Listener className="org.apache.catalina.mbeans.ServerLifecycleListener" />
  <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
  <Listener className="org.apache.catalina.storeconfig.StoreConfigLifecycleListener"/>
  <!-- Global JNDI resources -->
  <GlobalNamingResources>
  <!-- Test entry for demonstration purposes -->
  <Environment name="simpleValue" type="java.lang.Integer" value="30"/>
  </GlobalNamingResources>
  <!-- Define the Tomcat Stand-Alone Service -->
  <Service name="Catalina">
  <!-- Define a non-SSL HTTP/1.1 Connector on port 8080 -->
  <Connector
  port="8080" maxHttpHeaderSize="8192"
  maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
  enableLookups="false" redirectPort="8443" acceptCount="100"
  connectionTimeout="20000" disableUploadTimeout="true" />
  <!-- Define an AJP 1.3 Connector on port 8009 -->
  <Connector port="8009"
  enableLookups="false" redirectPort="8443" protocol="AJP/1.3" />
  <!-- Define the top level container in our container hierarchy -->
  <Engine name="Catalina" defaultHost="localhost">
  <!--
  <Realm className="org.apache.catalina.realm.MemoryRealm" />
  -->
  <Realm className="org.apache.catalina.realm.JDBCRealm"
  driverName="oracle.jdbc.driver.OracleDriver"
  connectionURL="jdbc:oracle:thin:@localhost:1521:orcl"
  connectionName="testName" connectionPassword="testPass"
  userTable="users"
  userNameCol="user_name"
  userCredCol="user_pass"
  userRoleTable="user_roles"
  roleNameCol="role_name" />
  <!-- Define the default virtual host
  Note: XML Schema validation will not work with Xerces 2.2.
  -->
  <Host name="localhost" appBase="webapps"
  unpackWARs="true" autoDeploy="true"
  xmlValidation="false" xmlNamespaceAware="false">
  </Host>
  </Engine>
  </Service>
  </Server>
  Tables
  create table users
  user_name varchar(15) not null primary key,
  user_pass varchar(15) not null
  create table roles
  role_name varchar(15) not null primary key
  create table user_roles
  user_name varchar(15) not null,
  role_name varchar(15) not null,
  primary key( user_name, role_name )
  select * from users;
  ----------------------+
  | user_name | user_pass |
  ----------------------+
  | tomcat | tomcat |
  | user1 | tomcat |
  | user2 | tomcat |
  | user3 | tomcat |
  ----------------------+
  select * from roles;
  | role_name |
  | tomcat |
  | role1 |
  select * from user_roles;
  -----------------------+
  | role_name | user_name |
  -----------------------+
  | tomcat | user1 |
  | role1 | user2 |
  | tomcat | tomcat |
  | role1 | tomcat |
  -----------------------+

  Jan 2, 2008 11:49:35 AM org.apache.coyote.http11.Http11Protocol init
  INFO: Initializing Coyote HTTP/1.1 on http-8080
  Jan 2, 2008 11:49:35 AM org.apache.catalina.startup.Catalina load
  INFO: Initialization processed in 734 ms
  Jan 2, 2008 11:49:35 AM org.apache.catalina.core.StandardService start
  INFO: Starting service Catalina
  Jan 2, 2008 11:49:35 AM org.apache.catalina.core.StandardEngine start
  INFO: Starting Servlet Engine: Apache Tomcat/5.5.9
  Jan 2, 2008 11:49:35 AM org.apache.catalina.realm.JDBCRealm start
  SEVERE: Exception opening database connection
  java.sql.SQLException: oracle.jdbc.driver.OracleDriver
       at org.apache.catalina.realm.JDBCRealm.open(JDBCRealm.java:684)
       at org.apache.catalina.realm.JDBCRealm.start(JDBCRealm.java:758)
       at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1004)
       at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:442)
       at org.apache.catalina.core.StandardService.start(StandardService.java:450)
       at org.apache.catalina.core.StandardServer.start(StandardServer.java:683)
       at org.apache.catalina.startup.Catalina.start(Catalina.java:537)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:585)
       at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:271)
       at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:409)
  Jan 2, 2008 11:49:35 AM org.apache.catalina.core.StandardHost start
  INFO: XML validation disabled
  Jan 2, 2008 11:49:36 AM org.apache.catalina.core.StandardContext resourcesStart

• Want to pass Realm login username to php web page

  I have a web directory set up as a Realm via Server Admin. I'd like to grab the authentication info (really just the username) and use it via PHP to compare against a mysql table of users to pull out username and real name so the user doesn't have to log in twice (once to access the Realm, once to authenticate to Mysql in a php form.)
  I've searched the web and these discussions but have not found any documentation that tells me that I can access or display the Realm authentication username.
  Is this even possible?

  The PHP documentation seems to have this covered:
  http://us3.php.net/manual/en/features.http-auth.php
  Once the user has filled in a username and a password, the URL containing the PHP script will be called again with the predefined variables PHPAUTHUSER, PHPAUTHPW, and AUTH_TYPE set to the user name, password and authentication type respectively.
  echo "<p>Hello {$SERVER['PHP_AUTHUSER']}.</p>";
  echo "<p>You entered {$SERVER['PHP_AUTHPW']} as your password.</p>";

• OID Realm Setup for Partner Application in another application server

  This message was also posted under the Identity Management thread.
  We currently have 10.1.2 SSO running and configured to accept a partner application from another app server (10.1.3). A sample application attempts to authenticate a user and then use JAZN to confirm whether the user is in the correct OID group. The user can authenticate successfully, which shows up in the SSO audit table, but the group check fails. I believe this is due to the realm not being visible to the other app server? How do I go about setting up the app server or application on the 10.1.3 platform to be able to check the 10.1.2 SSO server for the right OID group when the user authenticates? I have tried to set up the file-based permissions through the EM console, but seems to be only valid for the local setup. My thought was that the system-jazn-data.xml file would need to identify and point to the SSO server? When I troubleshoot that file, I see the correct realm entry and also the correct JAZN group and the OID GUID for the group. Any suggestions?
  Thanks,
  Leif

  Hi Amit,
  I am also facing the same issue. Could you please share the work around you around to get rid of this issue?
  Mahendra.

• b OID Realm setup for partner application server /b

  We currently have 10.1.2 SSO running and configured to accept a partner application from another app server (10.1.3). A sample application attempts to authenticate a user and then use JAZN to confirm whether the user is in the correct OID group. The user can authenticate successfully, which shows up in the SSO audit table, but the group check fails. I believe this is due to the realm not being visible to the other app server? How do I go about setting up the app server or application on the 10.1.3 platform to be able to check the 10.1.2 SSO server for the right OID group when the user authenticates? I have tried to set up the file-based permissions through the EM console, but seems to be only valid for the local setup. My thought was that the system-jazn-data.xml file would need to identify and point to the SSO server? When I troubleshoot that file, I see the correct realm entry and also the correct JAZN group and the OID GUID for the group. Any suggestions?
  Thanks,
  Leif

  Hi Amit,
  I am also facing the same issue. Could you please share the work around you around to get rid of this issue?
  Mahendra.

• URGENT HELP NEEDED ... Tomcat Realm and JRE1.4 plug-in problem

  I have tried the Security Realm of Tomcat. Since I do not have
  an LDAP server, I decided to use the Tomcat-users.xml file in
  Tomcat\conf directory.
  I added the following lines of code in the web.xml file.
  <security-constraint>
  <web-resource-collection>
  <web-resource-name>Entire Application</web-resource-name>
  <url-pattern>/*</url-pattern>
  </web-resource-collection>
  <auth-constraint>
  <!-- NOTE: This role is not present in the default users file -->
  <role-name>webviewer</role-name>
  </auth-constraint>
  </security-constraint>
  <login-config>
  <auth-method>BASIC</auth-method>
  <realm-name>Tomcat Manager Application</realm-name>
  </login-config>
  The <role-name> "webviewer" is added into "Tomcat-Users.xml" as the following:
  <tomcat-users>
  <user name="test" password="password" roles="webviewer" />
  </tomcat-users>
  So, now when we type the url: http://localhost:8080/adbpdbre/default.htm, TOMCAT shows a dialog box asking for UserName: and Password:Now, only when we give the username and password, it shows the page. This is exactly what we want.
  But the problem now is, this default.htm page, has 5 links to 5 applets. The first time that I click on one of these links, the JRE plug of 1.4 shows a dialog again asking for the username and password. Till I dont provide the username and password the system doesnt go ahead and applet doesnt load. I do not want the JRE to ask me for the username/passwords again..How to avoid this ?
  Can you give me some more information on this. Ultimately in the production usage, we will be using LDAP and not Tomcat's memory realm.
  URGENT HELP NEEDED ... I need to get back to my client on this.
  Help would be v. much appreciated.

  In the config file, you 're essentially saying that you want Tomcat to prompt for usr/passw on every request (url-pattern = /*) made by a 'webviewer', and that's exactly what Tomcat is doing.
  Consider using specific url-patterns & roles for resources to be protected. If for now, all you need is to protect the first page, use a more specific url-pattern.
  Just an advice : if you'll be using LDAP in production, do not waste time with Tomcat's Security Realm and the BASIC authentication type, since the two have not much in common. Start reading doc on LDAP, and code a prototype, or even better, a vertical slice of the app (i.e a proof of concept).

• Oracle not Available, Shared Memory realm doesn't exist

  Hi,
  I have problem during XE installation on Windows 2003 R2 SP 2 Enterprise edition. I have uninstall the oracle xe and the result still the same. Finally I uninstall the windows and start all over again, surprisingly the result still the same. FYI, we normally has no issue during installation because this is part of our system we sell to our customer which require oracle xe. This is the first time we have seen this issue.
  ORA-01034 : Oracle Not available
  ORA-27101 : Shared memory realm doesn't exist.
  Oracle XE and listener services is started in the windows services.
  if we try to do startup the following message occured.
  SQL> connect /as sysdba
  Connected to an idle instance.
  SQL> startup
  ORA-44412: XE edition memory parameter invalid or not specified
  SQL>
  I can send you the oracle_xe log, init ora, and OpsBuildAll.log to create the database.
  When we compare with the working installation, we saw that the size of oraclexe folder is less, it's just 233MB while the working one is over 1GB. After investigation, found out that the .dbf files is not avaiable in the oradata folder, i have tried to copy those files from the working one but the problem stay the same, probably there are a lot of files more missing.
  Appreciate your help on this.
  Thanks,
  Agus

  Hi,
  Please find the log below
  SQL> startup nomount pfile="C:\oraclexe\app\oracle\product\10.2.0\server\config\scripts\init.ora";
  ORA-44412: XE edition memory parameter invalid or not specified
  SQL> @C:\oraclexe\app\oracle\product\10.2.0\server\config\scripts\rmanRestoreDatafiles.sql;
  SQL> set echo off;
  select TO_CHAR(systimestamp,'YYYYMMDD HH:MI:SS') from dual
  ERROR at line 1:
  ORA-01034: ORACLE not available
  declare
  ERROR at line 1:
  ORA-01034: ORACLE not available
  select TO_CHAR(systimestamp,'YYYYMMDD HH:MI:SS') from dual
  ERROR at line 1:
  ORA-01034: ORACLE not available
  Connected to an idle instance.
  SQL> spool C:\oraclexe\app\oracle\product\10.2.0\server\config\log\cloneDBCreation.log
  I have css log as well if you are interesting to see.
  Dump file c:\oraclexe\app\oracle\admin\xe\bdump\alert_xe.log
  Tue Mar 20 14:13:29 2012
  ORACLE V10.2.0.1.0 - Production vsnsta=0
  vsnsql=14 vsnxtr=3
  Windows NT Version V5.2 Service Pack 2
  CPU : 24 - type 586, 2 Physical Cores
  Process Affinity : 0x00000000
  Memory (Avail/Total): Ph:5308M/6133M, Ph+PgF:7152M/8000M, VA:1933M/2047M
  Tue Mar 20 14:13:29 2012
  Starting ORACLE instance (normal)
  Tue Mar 20 14:13:30 2012
  Starting ORACLE instance (normal)
  Tue Mar 20 14:13:31 2012
  Starting ORACLE instance (normal)
  Dump file c:\oraclexe\app\oracle\admin\xe\bdump\alert_xe.log
  Tue Mar 20 19:43:31 2012
  ORACLE V10.2.0.1.0 - Production vsnsta=0
  vsnsql=14 vsnxtr=3
  Windows NT Version V5.2 Service Pack 2
  CPU : 24 - type 586, 2 Physical Cores
  Process Affinity : 0x00000000
  Memory (Avail/Total): Ph:5351M/6133M, Ph+PgF:7150M/8000M, VA:1932M/2047M
  Tue Mar 20 19:43:31 2012
  Starting ORACLE instance (normal)
  Dump file c:\oraclexe\app\oracle\admin\xe\bdump\alert_xe.log
  Tue Mar 20 19:55:39 2012
  ORACLE V10.2.0.1.0 - Production vsnsta=0
  vsnsql=14 vsnxtr=3
  Windows NT Version V5.2 Service Pack 2
  CPU : 24 - type 586, 2 Physical Cores
  Process Affinity : 0x00000000
  Memory (Avail/Total): Ph:5254M/6133M, Ph+PgF:7052M/8000M, VA:1932M/2047M
  Tue Mar 20 19:55:39 2012
  Starting ORACLE instance (normal)
  Dump file c:\oraclexe\app\oracle\admin\xe\bdump\alert_xe.log
  Wed Mar 21 05:23:41 2012
  ORACLE V10.2.0.1.0 - Production vsnsta=0
  vsnsql=14 vsnxtr=3
  Windows NT Version V5.2 Service Pack 2
  CPU : 24 - type 586, 2 Physical Cores
  Process Affinity : 0x00000000
  Memory (Avail/Total): Ph:5259M/6133M, Ph+PgF:6894M/8000M, VA:1932M/2047M
  Wed Mar 21 05:23:41 2012
  Starting ORACLE instance (normal)
  Wed Mar 21 05:29:12 2012
  Starting ORACLE instance (normal)
  Wed Mar 21 05:31:42 2012
  Starting ORACLE instance (normal)
  Dump file c:\oraclexe\app\oracle\admin\xe\bdump\alert_xe.log
  Wed Mar 21 05:50:45 2012
  ORACLE V10.2.0.1.0 - Production vsnsta=0
  vsnsql=14 vsnxtr=3
  Windows NT Version V5.2 Service Pack 2
  CPU : 24 - type 586, 2 Physical Cores
  Process Affinity : 0x00000000
  Memory (Avail/Total): Ph:5143M/6133M, Ph+PgF:6768M/8000M, VA:1932M/2047M
  Wed Mar 21 05:50:45 2012
  Starting ORACLE instance (normal)
  Wed Mar 21 06:02:38 2012
  Starting ORACLE instance (normal)
  Dump file c:\oraclexe\app\oracle\admin\xe\bdump\alert_xe.log
  Wed Mar 21 06:04:03 2012
  ORACLE V10.2.0.1.0 - Production vsnsta=0
  vsnsql=14 vsnxtr=3
  Windows NT Version V5.2 Service Pack 2
  CPU : 24 - type 586, 2 Physical Cores
  Process Affinity : 0x00000000
  Memory (Avail/Total): Ph:5205M/6133M, Ph+PgF:6866M/8000M, VA:1944M/2047M
  Wed Mar 21 06:04:03 2012
  Starting ORACLE instance (normal)
  Dump file c:\oraclexe\app\oracle\admin\xe\bdump\alert_xe.log
  Wed Mar 21 06:06:00 2012
  ORACLE V10.2.0.1.0 - Production vsnsta=0
  vsnsql=14 vsnxtr=3
  Windows NT Version V5.2 Service Pack 2
  CPU : 24 - type 586, 2 Physical Cores
  Process Affinity : 0x00000000
  Memory (Avail/Total): Ph:5195M/6133M, Ph+PgF:6837M/8000M, VA:1944M/2047M
  Wed Mar 21 06:06:00 2012
  Starting ORACLE instance (normal)
  Dump file c:\oraclexe\app\oracle\admin\xe\bdump\alert_xe.log
  Wed Mar 21 06:06:11 2012
  ORACLE V10.2.0.1.0 - Production vsnsta=0
  vsnsql=14 vsnxtr=3
  Windows NT Version V5.2 Service Pack 2
  CPU : 24 - type 586, 2 Physical Cores
  Process Affinity : 0x00000000
  Memory (Avail/Total): Ph:5195M/6133M, Ph+PgF:6836M/8000M, VA:1944M/2047M
  Wed Mar 21 06:06:11 2012
  Starting ORACLE instance (normal)
  Dump file c:\oraclexe\app\oracle\admin\xe\bdump\alert_xe.log
  Wed Mar 21 06:06:40 2012
  ORACLE V10.2.0.1.0 - Production vsnsta=0
  vsnsql=14 vsnxtr=3
  Windows NT Version V5.2 Service Pack 2
  CPU : 24 - type 586, 2 Physical Cores
  Process Affinity : 0x00000000
  Memory (Avail/Total): Ph:5191M/6133M, Ph+PgF:6832M/8000M, VA:1944M/2047M
  Wed Mar 21 06:06:40 2012
  Starting ORACLE instance (normal)
  Dump file c:\oraclexe\app\oracle\admin\xe\bdump\alert_xe.log
  Wed Mar 21 06:07:18 2012
  ORACLE V10.2.0.1.0 - Production vsnsta=0
  vsnsql=14 vsnxtr=3
  Windows NT Version V5.2 Service Pack 2
  CPU : 24 - type 586, 2 Physical Cores
  Process Affinity : 0x00000000
  Memory (Avail/Total): Ph:5191M/6133M, Ph+PgF:6831M/8000M, VA:1932M/2047M
  Wed Mar 21 06:07:18 2012
  Starting ORACLE instance (normal)
  Wed Mar 21 06:07:38 2012
  Shutting down instance (abort)
  Wed Mar 21 06:07:51 2012
  Starting ORACLE instance (normal)
  Wed Mar 21 06:13:31 2012
  Starting ORACLE instance (normal)
  I have finished installing the XE on windows but result is the same, dbf file is not created on oradata folder.
  Thanks,
  Agus

• NTLM Authentication : why is it not possible to create more than one NTLM realm ?

  Hello,
  I'm wondering why it is not possible to create more than one NTLM realm on a wsa.
  Can you explain exactly what is the blocking point ?
  Thanks in advance
  Regards

  Well, at this point (pre 7.5), there isn't an agent, the WSA is joined to the domain, just like a Windows box, it authenticates via that trust relationship.  From that point it is all based on how NT/Active Directory domains work.   As long as there is a trust between the domains, you can can auth users from as many domains as you like.
  There is an agent in the works.  The ADAgent will be released with 7.5.  The code is already available, it was released with the ASA ver 8.4, and it will be used to pass authentication info to the WSA.  At this point, current versions still require trust relationships between all of the domains touched.
  Taken from the setup guide: http://www.cisco.com/en/US/docs/security/ibf/setup_guide/ibf10_install.html#wp1054011
  Before you configure even a single domain controller machine using the
  adacfg dc create
  command, ensure that the AD Agent machine is first joined to a domain (for example, domain
  J
  ) that has a trust relationship with each and every domain (for example, domain
  D[i]
  ) that it will monitor for user authentications (through the domain controller machines that you will be configuring on the AD Agent machine).
  Depending on your Active Directory domain structure, the following scenarios are possible:
  1. Single Forest, Single Domain—There is only one domain, D[i] for all domain controller machines, which is one and the same as domain J. The AD Agent machine must first be joined to this single domain, and since no other domains are involved, there is no need to configure any trust relationship with any other domain.
  2. Single Forest, Multiple Domains—All the domains in a single forest already have an inherent two-way trust relationship with each other. Thus, the AD Agent must first be joined to one of the domains, J, in this forest, with this domain J not necessarily being identical to any of the domains D[i] corresponding to the domain controller machines. Because of the inherent trust relationship between domain J and each of the domains D[i], there is no need to explicitly configure any trust relationships.
  3. Multiple Forests, Multiple Domains—It is possible that domain J might belong to a forest that is different than the forest to which one or more of the domains D[i] corresponding to the domain controller machines belong. In this case, you must explicitly ensure that each of the domains D[i] has an effective trust relationship with domain J, in at least one of the following two ways:
  a. A two-way external trust relationship can be established between the two domains, D[i] and J
  b. A two-way forest trust relationship can be established between the the forest corresponding to domain D[i] and the forest corresponding to domain J

• Access to a Tomcat Realm

  HI! I am trying to get the following code to run, but I still get a nullpointer exception.
  This code is in a servlets init method, and should be loaded on tomcats startup.
  Server server = ServerFactory.getServer();
  //Note, this assumes the Container is "Catalina"
  Service service = server.findService("Catalina");
  Engine engine = (Engine) service.getContainer();
  Host host = (Host) engine.findChild(engine.getDefaultHost());
  //Note, this assumes your context is "myContext"
  Context context = (Context) host.findChild("myContext");
  Realm realm = context.getRealm();I've set the privileged parameter in the webapp/webcontent/meta-inf/context.xml file.
  Why I could'nt access this classes?? Where is my misstake?
  Thank you for your answer!

  Yeah, it looks like we may have to alter the client code to basically pass their login via a "form"....but we'd rather not do that.
  BTW, this is a SOAP server we'll building...so not only would it been a real pain to alter the client's XML output (and therefore our corresponding remote method), but the login data would be even more in plain view.
  :: still searching for a wildard possibility ::

• How to change user password from default realm programaticaly

  Hello,
  I would like to know if there are any ways to change a users password from a file
  realm through java classes ie . programaticaly.

  Thank you for the support.
  After looking at the code, I noticed RealmManager is not documented in the BEA
  Javadocs. Am I missing something or is it not documented. Lot of other methods
  also not documented. Do you have the latest Javadocs?
  Thanks
  John
  "Tom Moreau" <[email protected]> wrote:
  >
  See message #4589 - it posts the code magic needed
  to change the password. The caller doesn't have to
  be aware of which realm is being used - that's taken
  care of for you.
  -Tom
  "John M" <[email protected]> wrote:
  Hello,
  I would like to know if there are any ways to change a users passwordfrom
  a file
  realm through java classes ie . programaticaly.

• Security realm - Security:097533 - Developing own authentication provider

  hi everyone,
  i Developing own authentication provider and i installed a security patch, so while i restarting the weblogic server  encountered the below Exeption:
  <10/05/2013 05:54:33 PM COT> <Error> <Security> <BEA-090870> <The realm "myrealm" failed to be loaded: weblogic.security.service.SecurityServiceException: com.bea.common.engine.ServiceInitializationException: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for AS400Realm is not specified..
  weblogic.security.service.SecurityServiceException: com.bea.common.engine.ServiceInitializationException: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for AS400Realm is not specified.
  at weblogic.security.service.CSSWLSDelegateImpl.initializeServiceEngine(CSSWLSDelegateImpl.java:341)
  at weblogic.security.service.CSSWLSDelegateImpl.initialize(CSSWLSDelegateImpl.java:220)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.InitializeServiceEngine(CommonSecurityServiceManagerDelegateImpl.java:1789)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealm(CommonSecurityServiceManagerDelegateImpl.java:443)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadRealm(CommonSecurityServiceManagerDelegateImpl.java:841)
  Truncated. see log file for complete stacktrace
  Caused By: com.bea.common.engine.ServiceInitializationException: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for AS400Realm is not specified.
  at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:365)
  at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:315)
  at com.bea.common.engine.internal.ServiceEngineImpl.lookupService(ServiceEngineImpl.java:257)
  at com.bea.common.engine.internal.ServicesImpl.getService(ServicesImpl.java:72)
  at weblogic.security.service.internal.WLSIdentityServiceImpl.initialize(WLSIdentityServiceImpl.java:46)
  Truncated. see log file for complete stacktrace
  Caused By: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for AS400Realm is not specified.
  at com.bea.common.security.internal.legacy.service.SecurityProviderImpl.init(SecurityProviderImpl.java:42)
  at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:363)
  at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:315)
  at com.bea.common.engine.internal.ServiceEngineImpl.lookupService(ServiceEngineImpl.java:257)
  at com.bea.common.engine.internal.ServicesImpl.getService(ServicesImpl.java:72)
  Truncated. see log file for complete stacktrace
  this is the config.xml :
  <domain xmlns="http://xmlns.oracle.com/weblogic/domain" xmlns:sec="http://xmlns.oracle.com/weblogic/security" xmlns:wls="http://xmlns.oracle.com/weblogic/security/wls" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.oracle.com/weblogic/security/xacml http://xmlns.oracle.com/weblogic/security/xacml/1.0/xacml.xsd http://xmlns.oracle.com/weblogic/security/providers/passwordvalidator http://xmlns.oracle.com/weblogic/security/providers/passwordvalidator/1.0/passwordvalidator.xsd http://xmlns.oracle.com/weblogic/domain http://xmlns.oracle.com/weblogic/1.0/domain.xsd http://xmlns.oracle.com/weblogic/security http://xmlns.oracle.com/weblogic/1.0/security.xsd http://xmlns.oracle.com/weblogic/security/wls http://xmlns.oracle.com/weblogic/security/wls/1.0/wls.xsd http://xmlns.oracle.com/weblogic/security/extension http://xmlns.oracle.com/weblogic/1.0/security.xsd">
  <name>base_domain</name>
  <domain-version>12.1.1.0</domain-version>
  <security-configuration>
  <name>base_domain</name>
  <realm>
  <sec:authentication-provider xsi:type="wls:default-authenticatorType"></sec:authentication-provider>
  <sec:authentication-provider xsi:type="wls:default-identity-asserterType">
  <sec:active-type>AuthenticatedUser</sec:active-type>
  </sec:authentication-provider>
  <sec:authentication-provider xmlns:ext="http://xmlns.oracle.com/weblogic/security/extension" xsi:type="ext:as400-realmType">
  <sec:name>AS400Realm</sec:name>
  <sec:control-flag>OPTIONAL</sec:control-flag>
  </sec:authentication-provider>
  <sec:role-mapper xmlns:xac="http://xmlns.oracle.com/weblogic/security/xacml" xsi:type="xac:xacml-role-mapperType"></sec:role-mapper>
  <sec:authorizer xmlns:xac="http://xmlns.oracle.com/weblogic/security/xacml" xsi:type="xac:xacml-authorizerType"></sec:authorizer>
  <sec:adjudicator xsi:type="wls:default-adjudicatorType"></sec:adjudicator>
  <sec:credential-mapper xsi:type="wls:default-credential-mapperType"></sec:credential-mapper>
  <sec:cert-path-provider xsi:type="wls:web-logic-cert-path-providerType"></sec:cert-path-provider>
  <sec:cert-path-builder>WebLogicCertPathProvider</sec:cert-path-builder>
  <sec:user-lockout-manager>
  <sec:lockout-enabled>false</sec:lockout-enabled>
  </sec:user-lockout-manager>
  <sec:deploy-role-ignored>false</sec:deploy-role-ignored>
  <sec:deploy-policy-ignored>false</sec:deploy-policy-ignored>
  <sec:security-dd-model>DDOnly</sec:security-dd-model>
  <sec:name>myrealm</sec:name>
  <sec:password-validator xmlns:pas="http://xmlns.oracle.com/weblogic/security/providers/passwordvalidator" xsi:type="pas:system-password-validatorType">
  <sec:name>SystemPasswordValidator</sec:name>
  <pas:min-password-length>8</pas:min-password-length>
  <pas:min-numeric-or-special-characters>1</pas:min-numeric-or-special-characters>
  </sec:password-validator>
  </realm>
  <default-realm>myrealm</default-realm>
  <credential-encrypted>{AES}kyVB/9J9Fbvp11tAnYgn6grV6wQwNZZGHSh2JLQtesxS46Re+QCfIAttNE5JugllQvUHOhE+pz0AnEfYL2p5q2oeRsjqoQz2/1Lg8x+3WMoKic0xnRzw2RWoFjQo3F9x</credential-encrypted>
  <node-manager-username>weblogic</node-manager-username>
  <node-manager-password-encrypted>{AES}4jkSbv5dMOl6cRpRa4QwB83XVavtq168cV4L+NSFDcI=</node-manager-password-encrypted>
  <cross-domain-security-enabled>true</cross-domain-security-enabled>
  </security-configuration>
  <server>
  <name>AdminServer</name>
  <listen-address>localhost</listen-address>
  <staging-mode>nostage</staging-mode>
  </server>
  <embedded-ldap>
  <name>base_domain</name>
  <credential-encrypted>{AES}9YeG1UFRNQzM0v6/j8cFvT9x9fkJUl1FJOWGInl5dax26FgMNEVwKNxOBHvW2opm</credential-encrypted>
  </embedded-ldap>
  <configuration-version>12.1.1.0</configuration-version>
  this is the mbean xml (A400Realmmbean.xml):
  <?xml version="1.0" ?>
  <!DOCTYPE MBeanType SYSTEM "commo.dtd">
  <MBeanType Name = "AS400Realm" DisplayName = "AS400Realm"
  Package = "co.com.claro.security"
  Extends = "weblogic.management.security.authentication.Authenticator"
  PersistPolicy = "OnUpdate"
  >
  <MbeanAttribute Name = "ProviderClassName" Type = "java.lang.String"
  Writeable = "false"
  Default =
  "&quot;co.com.claro.AS400Realm&quot;"
  />
  <MBeanAttribute Name = "Description" Type = "java.lang.String"
  Writeable = "false" Default = "&quot;My Identity Assertion Provider&quot;"
  />
  <MBeanAttribute Name = "Version" Type = "java.lang.String"
  Writeable = "false" Default = "&quot;1.0&quot;"
  />
  </MBeanType>
  and the runtime class:
  AS400Realm.java:
  * To change this template, choose Tools | Templates
  * and open the template in the editor.
  package co.com.claro.security;
  import java.util.HashMap;
  import javax.security.auth.login.AppConfigurationEntry;
  import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
  import weblogic.management.security.ProviderMBean;
  import weblogic.security.provider.PrincipalValidatorImpl;
  import weblogic.security.spi.AuthenticationProviderV2;
  import weblogic.security.spi.IdentityAsserterV2;
  import weblogic.security.spi.PrincipalValidator;
  import weblogic.security.spi.SecurityServices;
  import weblogic.security.principal.WLSGroupImpl;
  import weblogic.security.principal.WLSUserImpl;
  public final class AS400Realm implements AuthenticationProviderV2
  private String description;
  // private SimpleSampleAuthenticatorDatabase database;
  private LoginModuleControlFlag controlFlag;
  // public String PARAM_JAAS_CONTEXT = "jaas-context";
  // public String PARAM_DATASOURCE_NAME = "jdbc/Oracle";
  // public String DEFAULT_GROUP_NAME = "default";
  public void initialize(ProviderMBean mbean, SecurityServices services)
  System.out.println("AS400Realm.initialize");
  AS400RealmMBean myMBean = (AS400RealmMBean)mbean;
  description = myMBean.getDescription() + "\n" + myMBean.getVersion();
  // database = new SimpleSampleAuthenticatorDatabase(myMBean);
  String flag = myMBean.getControlFlag();
  if (flag.equalsIgnoreCase("REQUIRED")) {
  controlFlag = LoginModuleControlFlag.REQUIRED;
  } else if (flag.equalsIgnoreCase("OPTIONAL")) {
  controlFlag = LoginModuleControlFlag.OPTIONAL;
  } else if (flag.equalsIgnoreCase("REQUISITE")) {
  controlFlag = LoginModuleControlFlag.REQUISITE;
  } else if (flag.equalsIgnoreCase("SUFFICIENT")) {
  controlFlag = LoginModuleControlFlag.SUFFICIENT;
  } else {
  throw new IllegalArgumentException("invalid flag value" + flag);
  public String getDescription()
  return description;
  public void shutdown()
  System.out.println("AS400Realm.shutdown");
  private AppConfigurationEntry getConfiguration(HashMap options)
  options.put("PARAM_DATASOURCE_NAME", "jdbc/Oracle");
  return new
  AppConfigurationEntry(
  "co.com.claro.security.AS400LoginModule",
  controlFlag,
  options
  public AppConfigurationEntry getLoginModuleConfiguration()
  HashMap options = new HashMap();
  return getConfiguration(options);
  public AppConfigurationEntry getAssertionModuleConfiguration()
  HashMap options = new HashMap();
  options.put("IdentityAssertion","true");
  return getConfiguration(options);
  public PrincipalValidator getPrincipalValidator()
  return new PrincipalValidatorImpl();
  public IdentityAsserterV2 getIdentityAsserter()
  return null;
  AS400LoginModule.java :
  * To change this template, choose Tools | Templates
  * and open the template in the editor.
  package co.com.claro.security;
  import com.ibm.as400.access.AS400;
  import java.io.IOException;
  import java.sql.Connection;
  import java.sql.PreparedStatement;
  import java.sql.ResultSet;
  import java.sql.SQLException;
  import java.util.Enumeration;
  import java.util.Map;
  import java.util.Vector;
  import java.util.logging.Level;
  import java.util.logging.Logger;
  import javax.naming.Context;
  import javax.naming.InitialContext;
  import javax.naming.NamingException;
  import javax.security.auth.Subject;
  import javax.security.auth.callback.Callback;
  import javax.security.auth.callback.CallbackHandler;
  import javax.security.auth.callback.NameCallback;
  import javax.security.auth.callback.PasswordCallback;
  import javax.security.auth.callback.UnsupportedCallbackException;
  import javax.security.auth.login.LoginException;
  import javax.security.auth.login.FailedLoginException;
  import javax.security.auth.spi.LoginModule;
  import javax.sql.DataSource;
  import weblogic.security.spi.WLSGroup;
  import weblogic.security.spi.WLSUser;
  import weblogic.security.principal.WLSGroupImpl;
  import weblogic.security.principal.WLSUserImpl;
  * @author dmunoz
  final public class AS400LoginModule implements LoginModule {
  private Subject subject;
  private CallbackHandler callbackHandler;
  private String PARAM_DATASOURCE_NAME = "jdbc/Oracle";
  private String DEFAULT_GROUP_NAME = "default";
  // Determine whether this is a login or assert identity
  private boolean isIdentityAssertion;
  // Authentication status
  private boolean loginSucceeded;
  private boolean principalsInSubject;
  private Vector principalsForSubject = new Vector();
  public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) {
  // only called (once!) after the constructor and before login
  System.out.println("SimpleSampleLoginModuleImpl.initialize");
  this.subject = subject;
  this.callbackHandler = callbackHandler;
  // Check for Identity Assertion option
  isIdentityAssertion =
  "true".equalsIgnoreCase((String) options.get("IdentityAssertion"));
  private boolean authenticateAS400(String user, String passwd) throws Exception {
  String host ="172.31.2.80";//Config.getProperty(Config.AS400_AUTHENTICATION_HOST);
  AS400 as400System;
  as400System = new AS400(host, user, passwd);
  return as400System.validateSignon();
  public boolean login() throws LoginException {
  // only called (once!) after initialize
  System.out.println("SimpleSampleLoginModuleImpl.login");
  // loginSucceeded should be false
  // principalsInSubject should be false
  Callback[] callbacks = getCallbacks();
  String userName = getUserName(callbacks);
  if (userName.length() > 0) {       
  if (!isIdentityAssertion) {               
  String passwordHave = getPasswordHave(userName, callbacks);
  try{
  loginSucceeded = authenticateAS400(userName, passwordHave);
  }catch(Exception e){
  Logger.getLogger(AS400LoginModule.class.getName()).log(Level.WARNING, null, e);
  throw new LoginException(e.getMessage());
  } else {
  // anonymous login - let it through?
  System.out.println("\tempty userName");
  if (loginSucceeded) {
  principalsForSubject.add(new WLSUserImpl(userName));
  addGroupsForSubject(userName);
  return loginSucceeded;
  public boolean commit() throws LoginException {
  // only called (once!) after login
  // loginSucceeded should be true or false
  // principalsInSubject should be false
  // user should be null if !loginSucceeded, null or not-null otherwise
  // group should be null if user == null, null or not-null otherwise
  System.out.println("SimpleSampleLoginModule.commit");
  if (loginSucceeded) {
  subject.getPrincipals().addAll(principalsForSubject);
  principalsInSubject = true;
  return true;
  } else {
  return false;
  public boolean abort() throws LoginException {
  // The abort method is called to abort the authentication process. This is
  // phase 2 of authentication when phase 1 fails. It is called if the
  // LoginContext's overall authentication failed.
  // loginSucceeded should be true or false
  // user should be null if !loginSucceeded, otherwise null or not-null
  // group should be null if user == null, otherwise null or not-null
  // principalsInSubject should be false if user is null, otherwise true
  // or false
  System.out.println("SimpleSampleLoginModule.abort");
  if (principalsInSubject) {
  subject.getPrincipals().removeAll(principalsForSubject);
  principalsInSubject = false;
  return true;
  public boolean logout() throws LoginException {
  // should never be called
  System.out.println("SimpleSampleLoginModule.logout");
  return true;
  private void throwLoginException(String msg) throws LoginException {
  System.out.println("Throwing LoginException(" + msg + ")");
  throw new LoginException(msg);
  private void throwFailedLoginException(String msg) throws FailedLoginException {
  System.out.println("Throwing FailedLoginException(" + msg + ")");
  throw new FailedLoginException(msg);
  private Callback[] getCallbacks() throws LoginException {
  if (callbackHandler == null) {
  throwLoginException("No CallbackHandler Specified");
  Callback[] callbacks;
  if (isIdentityAssertion) {
  callbacks = new Callback[1];
  } else {
  callbacks = new Callback[2];
  callbacks[1] = new PasswordCallback("password: ", false);
  callbacks[0] = new NameCallback("username: ");
  try {
  callbackHandler.handle(callbacks);
  } catch (IOException e) {
  throw new LoginException(e.toString());
  } catch (UnsupportedCallbackException e) {
  throwLoginException(e.toString() + " " + e.getCallback().toString());
  return callbacks;
  private String getUserName(Callback[] callbacks) throws LoginException {
  String userName = ((NameCallback) callbacks[0]).getName();
  if (userName == null) {
  throwLoginException("Username not supplied.");
  System.out.println("\tuserName\t= " + userName);
  return userName;
  private void addGroupsForSubject(String userName) {
  try {
  for (Enumeration e = getGroupNamesAS400(userName);
  e.hasMoreElements();) {
  String groupName = (String) e.nextElement();
  System.out.println("\tgroupName\t= " + groupName);
  principalsForSubject.add(new WLSGroupImpl(groupName));
  } catch (Exception ex) {
  Logger.getLogger(AS400LoginModule.class.getName()).log(Level.SEVERE, null, ex);
  public Enumeration getGroupNamesAS400(String usuario)
  throws Exception {
  if(usuario == null) {
  throw new Exception("Usuario no puede ser vacio");
  Vector<String> grupos = new Vector<String>();
  grupos.add(DEFAULT_GROUP_NAME);
  Connection conn = null;
  ResultSet rs = null;
  PreparedStatement statement = null;
  try {
  Context c = new InitialContext();
  DataSource dst = (DataSource) c.lookup(PARAM_DATASOURCE_NAME);
  conn = dst.getConnection();
  String query = "SELECT COD_ROL AS ROL " +
  "FROM gestionnew.us_rol_perfil " +
  "JOIN gestionnew.usuarios " +
  "ON us_rol_perfil.id_perfil = usuarios.id_perfil " +
  "WHERE upper(usuarios.usuariorr) = ?";
  statement = conn.prepareStatement(query);
  statement.setString(1, usuario.toUpperCase());
  rs = statement.executeQuery();
  while (rs.next()) {
  grupos.add(rs.getString("ROL"));
  } catch (SQLException ex) {
  Logger.getLogger(AS400LoginModule.class.getName()).log(Level.SEVERE, null, ex);
  } catch (NamingException ex) {
  Logger.getLogger(AS400LoginModule.class.getName()).log(Level.SEVERE, null, ex);
  } finally {
  if (conn != null) {
  try {
  conn.close();
  } catch (SQLException ex) {
  Logger.getLogger(AS400LoginModule.class.getName()).log(Level.SEVERE, null, ex);
  if (rs != null) {
  try {
  rs.close();
  } catch (SQLException ex) {
  Logger.getLogger(AS400LoginModule.class.getName()).log(Level.SEVERE, null, ex);
  if (statement != null) {
  try {
  statement.close();
  } catch (SQLException ex) {
  Logger.getLogger(AS400LoginModule.class.getName()).log(Level.SEVERE, null, ex);
  return grupos.elements();
  private String getPasswordHave(String userName, Callback[] callbacks) throws
  LoginException {
  PasswordCallback passwordCallback = (PasswordCallback) callbacks[1];
  char[] password = passwordCallback.getPassword();
  passwordCallback.clearPassword();
  if (password == null || password.length < 1) {
  throwLoginException("Authentication Failed: User " + userName +
  ". Password not supplied");
  String passwd = new String(password);
  System.out.println("\tpasswordHave\t= " + passwd);
  return passwd;
  thanks

  hi everyone,
  i Developing own authentication provider and i installed a security patch, so while i restarting the weblogic server  encountered the below Exeption:
  <10/05/2013 05:54:33 PM COT> <Error> <Security> <BEA-090870> <The realm "myrealm" failed to be loaded: weblogic.security.service.SecurityServiceException: com.bea.common.engine.ServiceInitializationException: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for AS400Realm is not specified..
  weblogic.security.service.SecurityServiceException: com.bea.common.engine.ServiceInitializationException: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for AS400Realm is not specified.
  at weblogic.security.service.CSSWLSDelegateImpl.initializeServiceEngine(CSSWLSDelegateImpl.java:341)
  at weblogic.security.service.CSSWLSDelegateImpl.initialize(CSSWLSDelegateImpl.java:220)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.InitializeServiceEngine(CommonSecurityServiceManagerDelegateImpl.java:1789)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealm(CommonSecurityServiceManagerDelegateImpl.java:443)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadRealm(CommonSecurityServiceManagerDelegateImpl.java:841)
  Truncated. see log file for complete stacktrace
  Caused By: com.bea.common.engine.ServiceInitializationException: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for AS400Realm is not specified.
  at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:365)
  at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:315)
  at com.bea.common.engine.internal.ServiceEngineImpl.lookupService(ServiceEngineImpl.java:257)
  at com.bea.common.engine.internal.ServicesImpl.getService(ServicesImpl.java:72)
  at weblogic.security.service.internal.WLSIdentityServiceImpl.initialize(WLSIdentityServiceImpl.java:46)
  Truncated. see log file for complete stacktrace
  Caused By: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for AS400Realm is not specified.
  at com.bea.common.security.internal.legacy.service.SecurityProviderImpl.init(SecurityProviderImpl.java:42)
  at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:363)
  at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:315)
  at com.bea.common.engine.internal.ServiceEngineImpl.lookupService(ServiceEngineImpl.java:257)
  at com.bea.common.engine.internal.ServicesImpl.getService(ServicesImpl.java:72)
  Truncated. see log file for complete stacktrace
  this is the config.xml :
  <domain xmlns="http://xmlns.oracle.com/weblogic/domain" xmlns:sec="http://xmlns.oracle.com/weblogic/security" xmlns:wls="http://xmlns.oracle.com/weblogic/security/wls" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.oracle.com/weblogic/security/xacml http://xmlns.oracle.com/weblogic/security/xacml/1.0/xacml.xsd http://xmlns.oracle.com/weblogic/security/providers/passwordvalidator http://xmlns.oracle.com/weblogic/security/providers/passwordvalidator/1.0/passwordvalidator.xsd http://xmlns.oracle.com/weblogic/domain http://xmlns.oracle.com/weblogic/1.0/domain.xsd http://xmlns.oracle.com/weblogic/security http://xmlns.oracle.com/weblogic/1.0/security.xsd http://xmlns.oracle.com/weblogic/security/wls http://xmlns.oracle.com/weblogic/security/wls/1.0/wls.xsd http://xmlns.oracle.com/weblogic/security/extension http://xmlns.oracle.com/weblogic/1.0/security.xsd">
  <name>base_domain</name>
  <domain-version>12.1.1.0</domain-version>
  <security-configuration>
  <name>base_domain</name>
  <realm>
  <sec:authentication-provider xsi:type="wls:default-authenticatorType"></sec:authentication-provider>
  <sec:authentication-provider xsi:type="wls:default-identity-asserterType">
  <sec:active-type>AuthenticatedUser</sec:active-type>
  </sec:authentication-provider>
  <sec:authentication-provider xmlns:ext="http://xmlns.oracle.com/weblogic/security/extension" xsi:type="ext:as400-realmType">
  <sec:name>AS400Realm</sec:name>
  <sec:control-flag>OPTIONAL</sec:control-flag>
  </sec:authentication-provider>
  <sec:role-mapper xmlns:xac="http://xmlns.oracle.com/weblogic/security/xacml" xsi:type="xac:xacml-role-mapperType"></sec:role-mapper>
  <sec:authorizer xmlns:xac="http://xmlns.oracle.com/weblogic/security/xacml" xsi:type="xac:xacml-authorizerType"></sec:authorizer>
  <sec:adjudicator xsi:type="wls:default-adjudicatorType"></sec:adjudicator>
  <sec:credential-mapper xsi:type="wls:default-credential-mapperType"></sec:credential-mapper>
  <sec:cert-path-provider xsi:type="wls:web-logic-cert-path-providerType"></sec:cert-path-provider>
  <sec:cert-path-builder>WebLogicCertPathProvider</sec:cert-path-builder>
  <sec:user-lockout-manager>
  <sec:lockout-enabled>false</sec:lockout-enabled>
  </sec:user-lockout-manager>
  <sec:deploy-role-ignored>false</sec:deploy-role-ignored>
  <sec:deploy-policy-ignored>false</sec:deploy-policy-ignored>
  <sec:security-dd-model>DDOnly</sec:security-dd-model>
  <sec:name>myrealm</sec:name>
  <sec:password-validator xmlns:pas="http://xmlns.oracle.com/weblogic/security/providers/passwordvalidator" xsi:type="pas:system-password-validatorType">
  <sec:name>SystemPasswordValidator</sec:name>
  <pas:min-password-length>8</pas:min-password-length>
  <pas:min-numeric-or-special-characters>1</pas:min-numeric-or-special-characters>
  </sec:password-validator>
  </realm>
  <default-realm>myrealm</default-realm>
  <credential-encrypted>{AES}kyVB/9J9Fbvp11tAnYgn6grV6wQwNZZGHSh2JLQtesxS46Re+QCfIAttNE5JugllQvUHOhE+pz0AnEfYL2p5q2oeRsjqoQz2/1Lg8x+3WMoKic0xnRzw2RWoFjQo3F9x</credential-encrypted>
  <node-manager-username>weblogic</node-manager-username>
  <node-manager-password-encrypted>{AES}4jkSbv5dMOl6cRpRa4QwB83XVavtq168cV4L+NSFDcI=</node-manager-password-encrypted>
  <cross-domain-security-enabled>true</cross-domain-security-enabled>
  </security-configuration>
  <server>
  <name>AdminServer</name>
  <listen-address>localhost</listen-address>
  <staging-mode>nostage</staging-mode>
  </server>
  <embedded-ldap>
  <name>base_domain</name>
  <credential-encrypted>{AES}9YeG1UFRNQzM0v6/j8cFvT9x9fkJUl1FJOWGInl5dax26FgMNEVwKNxOBHvW2opm</credential-encrypted>
  </embedded-ldap>
  <configuration-version>12.1.1.0</configuration-version>
  this is the mbean xml (A400Realmmbean.xml):
  <?xml version="1.0" ?>
  <!DOCTYPE MBeanType SYSTEM "commo.dtd">
  <MBeanType Name = "AS400Realm" DisplayName = "AS400Realm"
  Package = "co.com.claro.security"
  Extends = "weblogic.management.security.authentication.Authenticator"
  PersistPolicy = "OnUpdate"
  >
  <MbeanAttribute Name = "ProviderClassName" Type = "java.lang.String"
  Writeable = "false"
  Default =
  "&quot;co.com.claro.AS400Realm&quot;"
  />
  <MBeanAttribute Name = "Description" Type = "java.lang.String"
  Writeable = "false" Default = "&quot;My Identity Assertion Provider&quot;"
  />
  <MBeanAttribute Name = "Version" Type = "java.lang.String"
  Writeable = "false" Default = "&quot;1.0&quot;"
  />
  </MBeanType>
  and the runtime class:
  AS400Realm.java:
  * To change this template, choose Tools | Templates
  * and open the template in the editor.
  package co.com.claro.security;
  import java.util.HashMap;
  import javax.security.auth.login.AppConfigurationEntry;
  import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
  import weblogic.management.security.ProviderMBean;
  import weblogic.security.provider.PrincipalValidatorImpl;
  import weblogic.security.spi.AuthenticationProviderV2;
  import weblogic.security.spi.IdentityAsserterV2;
  import weblogic.security.spi.PrincipalValidator;
  import weblogic.security.spi.SecurityServices;
  import weblogic.security.principal.WLSGroupImpl;
  import weblogic.security.principal.WLSUserImpl;
  public final class AS400Realm implements AuthenticationProviderV2
  private String description;
  // private SimpleSampleAuthenticatorDatabase database;
  private LoginModuleControlFlag controlFlag;
  // public String PARAM_JAAS_CONTEXT = "jaas-context";
  // public String PARAM_DATASOURCE_NAME = "jdbc/Oracle";
  // public String DEFAULT_GROUP_NAME = "default";
  public void initialize(ProviderMBean mbean, SecurityServices services)
  System.out.println("AS400Realm.initialize");
  AS400RealmMBean myMBean = (AS400RealmMBean)mbean;
  description = myMBean.getDescription() + "\n" + myMBean.getVersion();
  // database = new SimpleSampleAuthenticatorDatabase(myMBean);
  String flag = myMBean.getControlFlag();
  if (flag.equalsIgnoreCase("REQUIRED")) {
  controlFlag = LoginModuleControlFlag.REQUIRED;
  } else if (flag.equalsIgnoreCase("OPTIONAL")) {
  controlFlag = LoginModuleControlFlag.OPTIONAL;
  } else if (flag.equalsIgnoreCase("REQUISITE")) {
  controlFlag = LoginModuleControlFlag.REQUISITE;
  } else if (flag.equalsIgnoreCase("SUFFICIENT")) {
  controlFlag = LoginModuleControlFlag.SUFFICIENT;
  } else {
  throw new IllegalArgumentException("invalid flag value" + flag);
  public String getDescription()
  return description;
  public void shutdown()
  System.out.println("AS400Realm.shutdown");
  private AppConfigurationEntry getConfiguration(HashMap options)
  options.put("PARAM_DATASOURCE_NAME", "jdbc/Oracle");
  return new
  AppConfigurationEntry(
  "co.com.claro.security.AS400LoginModule",
  controlFlag,
  options
  public AppConfigurationEntry getLoginModuleConfiguration()
  HashMap options = new HashMap();
  return getConfiguration(options);
  public AppConfigurationEntry getAssertionModuleConfiguration()
  HashMap options = new HashMap();
  options.put("IdentityAssertion","true");
  return getConfiguration(options);
  public PrincipalValidator getPrincipalValidator()
  return new PrincipalValidatorImpl();
  public IdentityAsserterV2 getIdentityAsserter()
  return null;
  AS400LoginModule.java :
  * To change this template, choose Tools | Templates
  * and open the template in the editor.
  package co.com.claro.security;
  import com.ibm.as400.access.AS400;
  import java.io.IOException;
  import java.sql.Connection;
  import java.sql.PreparedStatement;
  import java.sql.ResultSet;
  import java.sql.SQLException;
  import java.util.Enumeration;
  import java.util.Map;
  import java.util.Vector;
  import java.util.logging.Level;
  import java.util.logging.Logger;
  import javax.naming.Context;
  import javax.naming.InitialContext;
  import javax.naming.NamingException;
  import javax.security.auth.Subject;
  import javax.security.auth.callback.Callback;
  import javax.security.auth.callback.CallbackHandler;
  import javax.security.auth.callback.NameCallback;
  import javax.security.auth.callback.PasswordCallback;
  import javax.security.auth.callback.UnsupportedCallbackException;
  import javax.security.auth.login.LoginException;
  import javax.security.auth.login.FailedLoginException;
  import javax.security.auth.spi.LoginModule;
  import javax.sql.DataSource;
  import weblogic.security.spi.WLSGroup;
  import weblogic.security.spi.WLSUser;
  import weblogic.security.principal.WLSGroupImpl;
  import weblogic.security.principal.WLSUserImpl;
  * @author dmunoz
  final public class AS400LoginModule implements LoginModule {
  private Subject subject;
  private CallbackHandler callbackHandler;
  private String PARAM_DATASOURCE_NAME = "jdbc/Oracle";
  private String DEFAULT_GROUP_NAME = "default";
  // Determine whether this is a login or assert identity
  private boolean isIdentityAssertion;
  // Authentication status
  private boolean loginSucceeded;
  private boolean principalsInSubject;
  private Vector principalsForSubject = new Vector();
  public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) {
  // only called (once!) after the constructor and before login
  System.out.println("SimpleSampleLoginModuleImpl.initialize");
  this.subject = subject;
  this.callbackHandler = callbackHandler;
  // Check for Identity Assertion option
  isIdentityAssertion =
  "true".equalsIgnoreCase((String) options.get("IdentityAssertion"));
  private boolean authenticateAS400(String user, String passwd) throws Exception {
  String host ="172.31.2.80";//Config.getProperty(Config.AS400_AUTHENTICATION_HOST);
  AS400 as400System;
  as400System = new AS400(host, user, passwd);
  return as400System.validateSignon();
  public boolean login() throws LoginException {
  // only called (once!) after initialize
  System.out.println("SimpleSampleLoginModuleImpl.login");
  // loginSucceeded should be false
  // principalsInSubject should be false
  Callback[] callbacks = getCallbacks();
  String userName = getUserName(callbacks);
  if (userName.length() > 0) {       
  if (!isIdentityAssertion) {               
  String passwordHave = getPasswordHave(userName, callbacks);
  try{
  loginSucceeded = authenticateAS400(userName, passwordHave);
  }catch(Exception e){
  Logger.getLogger(AS400LoginModule.class.getName()).log(Level.WARNING, null, e);
  throw new LoginException(e.getMessage());
  } else {
  // anonymous login - let it through?
  System.out.println("\tempty userName");
  if (loginSucceeded) {
  principalsForSubject.add(new WLSUserImpl(userName));
  addGroupsForSubject(userName);
  return loginSucceeded;
  public boolean commit() throws LoginException {
  // only called (once!) after login
  // loginSucceeded should be true or false
  // principalsInSubject should be false
  // user should be null if !loginSucceeded, null or not-null otherwise
  // group should be null if user == null, null or not-null otherwise
  System.out.println("SimpleSampleLoginModule.commit");
  if (loginSucceeded) {
  subject.getPrincipals().addAll(principalsForSubject);
  principalsInSubject = true;
  return true;
  } else {
  return false;
  public boolean abort() throws LoginException {
  // The abort method is called to abort the authentication process. This is
  // phase 2 of authentication when phase 1 fails. It is called if the
  // LoginContext's overall authentication failed.
  // loginSucceeded should be true or false
  // user should be null if !loginSucceeded, otherwise null or not-null
  // group should be null if user == null, otherwise null or not-null
  // principalsInSubject should be false if user is null, otherwise true
  // or false
  System.out.println("SimpleSampleLoginModule.abort");
  if (principalsInSubject) {
  subject.getPrincipals().removeAll(principalsForSubject);
  principalsInSubject = false;
  return true;
  public boolean logout() throws LoginException {
  // should never be called
  System.out.println("SimpleSampleLoginModule.logout");
  return true;
  private void throwLoginException(String msg) throws LoginException {
  System.out.println("Throwing LoginException(" + msg + ")");
  throw new LoginException(msg);
  private void throwFailedLoginException(String msg) throws FailedLoginException {
  System.out.println("Throwing FailedLoginException(" + msg + ")");
  throw new FailedLoginException(msg);
  private Callback[] getCallbacks() throws LoginException {
  if (callbackHandler == null) {
  throwLoginException("No CallbackHandler Specified");
  Callback[] callbacks;
  if (isIdentityAssertion) {
  callbacks = new Callback[1];
  } else {
  callbacks = new Callback[2];
  callbacks[1] = new PasswordCallback("password: ", false);
  callbacks[0] = new NameCallback("username: ");
  try {
  callbackHandler.handle(callbacks);
  } catch (IOException e) {
  throw new LoginException(e.toString());
  } catch (UnsupportedCallbackException e) {
  throwLoginException(e.toString() + " " + e.getCallback().toString());
  return callbacks;
  private String getUserName(Callback[] callbacks) throws LoginException {
  String userName = ((NameCallback) callbacks[0]).getName();
  if (userName == null) {
  throwLoginException("Username not supplied.");
  System.out.println("\tuserName\t= " + userName);
  return userName;
  private void addGroupsForSubject(String userName) {
  try {
  for (Enumeration e = getGroupNamesAS400(userName);
  e.hasMoreElements();) {
  String groupName = (String) e.nextElement();
  System.out.println("\tgroupName\t= " + groupName);
  principalsForSubject.add(new WLSGroupImpl(groupName));
  } catch (Exception ex) {
  Logger.getLogger(AS400LoginModule.class.getName()).log(Level.SEVERE, null, ex);
  public Enumeration getGroupNamesAS400(String usuario)
  throws Exception {
  if(usuario == null) {
  throw new Exception("Usuario no puede ser vacio");
  Vector<String> grupos = new Vector<String>();
  grupos.add(DEFAULT_GROUP_NAME);
  Connection conn = null;
  ResultSet rs = null;
  PreparedStatement statement = null;
  try {
  Context c = new InitialContext();
  DataSource dst = (DataSource) c.lookup(PARAM_DATASOURCE_NAME);
  conn = dst.getConnection();
  String query = "SELECT COD_ROL AS ROL " +
  "FROM gestionnew.us_rol_perfil " +
  "JOIN gestionnew.usuarios " +
  "ON us_rol_perfil.id_perfil = usuarios.id_perfil " +
  "WHERE upper(usuarios.usuariorr) = ?";
  statement = conn.prepareStatement(query);
  statement.setString(1, usuario.toUpperCase());
  rs = statement.executeQuery();
  while (rs.next()) {
  grupos.add(rs.getString("ROL"));
  } catch (SQLException ex) {
  Logger.getLogger(AS400LoginModule.class.getName()).log(Level.SEVERE, null, ex);
  } catch (NamingException ex) {
  Logger.getLogger(AS400LoginModule.class.getName()).log(Level.SEVERE, null, ex);
  } finally {
  if (conn != null) {
  try {
  conn.close();
  } catch (SQLException ex) {
  Logger.getLogger(AS400LoginModule.class.getName()).log(Level.SEVERE, null, ex);
  if (rs != null) {
  try {
  rs.close();
  } catch (SQLException ex) {
  Logger.getLogger(AS400LoginModule.class.getName()).log(Level.SEVERE, null, ex);
  if (statement != null) {
  try {
  statement.close();
  } catch (SQLException ex) {
  Logger.getLogger(AS400LoginModule.class.getName()).log(Level.SEVERE, null, ex);
  return grupos.elements();
  private String getPasswordHave(String userName, Callback[] callbacks) throws
  LoginException {
  PasswordCallback passwordCallback = (PasswordCallback) callbacks[1];
  char[] password = passwordCallback.getPassword();
  passwordCallback.clearPassword();
  if (password == null || password.length < 1) {
  throwLoginException("Authentication Failed: User " + userName +
  ". Password not supplied");
  String passwd = new String(password);
  System.out.println("\tpasswordHave\t= " + passwd);
  return passwd;
  thanks

• ORA-01034: ORACLE not available ORA-27101: shared memory realm does not exi

  Hi all,
  suddenly our oracle 10g database stopped working. When we tried export the database following was the output
  C:\Documents and Settings\Administrator>EXP PMIS/PMIS FILE=C:\PMIS.DMP
  Export: Release 10.2.0.1.0 - Production on Wed Mar 25 16:15:08 2009
  Copyright (c) 1982, 2005, Oracle. All rights reserved.
  EXP-00056: ORACLE error 1034 encountered
  ORA-01034: ORACLE not available
  ORA-27101: shared memory realm does not exist
  EXP-00005: all allowable logon attempts failed
  EXP-00000: Export terminated unsuccessfullyalert log file had the output as
  Wed Mar 25 16:02:12 2009
  Starting ORACLE instance (normal)
  LICENSE_MAX_SESSION = 0
  LICENSE_SESSIONS_WARNING = 0
  Picked latch-free SCN scheme 2
  Using LOG_ARCHIVE_DEST_10 parameter default value as USE_DB_RECOVERY_FILE_DEST
  Autotune of undo retention is turned on.
  IMODE=BR
  ILAT =10
  LICENSE_MAX_USERS = 0
  SYS auditing is disabled
  ksdpec: called for event 13740 prior to event group initialization
  Starting up ORACLE RDBMS Version: 10.2.0.1.0.
  System parameters with non-default values:>sessions = 49
  >__shared_pool_size = 71303168
  >__large_pool_size = 8388608
  >__java_pool_size = 4194304
  >__streams_pool_size = 0
  >spfile = C:\ORACLEXE\APP\ORACLE\PRODUCT\10.2.0\SERVER\DBS\SPFILEXE.ORA
  >sga_target = 146800640
  >control_files = C:\ORACLEXE\ORADATA\XE\CONTROL.DBF
  >__db_cache_size = 58720256
  >compatible = 10.2.0.1.0
  >db_recovery_file_dest = C:\oraclexe\app\oracle\flash_recovery_area
  >db_recovery_file_dest_size= 10737418240
  >undo_management = AUTO
  >undo_tablespace = UNDO
  >remote_login_passwordfile= EXCLUSIVE
  >dispatchers = (PROTOCOL=TCP) (SERVICE=XEXDB)
  >shared_servers = 4
  >job_queue_processes = 4
  >audit_file_dest = C:\ORACLEXE\APP\ORACLE\ADMIN\XE\ADUMP
  >background_dump_dest = C:\ORACLEXE\APP\ORACLE\ADMIN\XE\BDUMP
  >user_dump_dest = C:\ORACLEXE\APP\ORACLE\ADMIN\XE\UDUMP
  >core_dump_dest = C:\ORACLEXE\APP\ORACLE\ADMIN\XE\CDUMP
  >db_name = XE
  >open_cursors = 300
  >os_authent_prefix =
  >pga_aggregate_target = 41943040
  PMON started with pid=2, OS id=1632
  PSP0 started with pid=3, OS id=1312
  MMAN started with pid=4, OS id=200
  DBW0 started with pid=5, OS id=1864
  LGWR started with pid=6, OS id=188
  CKPT started with pid=7, OS id=1328
  SMON started with pid=8, OS id=1848
  RECO started with pid=9, OS id=1760
  CJQ0 started with pid=10, OS id=1920
  MMON started with pid=11, OS id=768
  MMNL started with pid=12, OS id=948
  Wed Mar 25 16:02:13 2009
  starting up 1 dispatcher(s) for network address '(ADDRESS=(PARTIAL=YES)(PROTOCOL=TCP))'...
  starting up 4 shared server(s) ...
  Oracle Data Guard is not available in this edition of Oracle.
  Wed Mar 25 16:02:13 2009
  alter database mount exclusive
  Wed Mar 25 16:02:17 2009
  Setting recovery target incarnation to 2
  Wed Mar 25 16:02:17 2009
  Successful mount of redo thread 1, with mount id 2563569989
  Wed Mar 25 16:02:17 2009
  Database mounted in Exclusive Mode
  Completed: alter database mount exclusive
  Wed Mar 25 16:02:17 2009
  alter database open
  Wed Mar 25 16:02:18 2009
  Errors in file c:\oraclexe\app\oracle\admin\xe\bdump\xe_lgwr_188.trc:
  ORA-00600: internal error code, arguments: [3700], [1], [15], [2], [2], [], [], []
  Wed Mar 25 16:02:18 2009
  Errors in file c:\oraclexe\app\oracle\admin\xe\bdump\xe_lgwr_188.trc:
  ORA-00600: internal error code, arguments: [3700], [1], [15], [2], [2], [], [], []
  Wed Mar 25 16:02:18 2009
  LGWR: terminating instance due to error 470
  Wed Mar 25 16:02:19 2009
  Errors in file c:\oraclexe\app\oracle\admin\xe\bdump\xe_dbw0_1864.trc:
  ORA-00470: LGWR process terminated with error
  Wed Mar 25 16:02:19 2009
  Errors in file c:\oraclexe\app\oracle\admin\xe\bdump\xe_ckpt_1328.trc:
  ORA-00470: LGWR process terminated with error
  Wed Mar 25 16:02:19 2009
  Errors in file c:\oraclexe\app\oracle\admin\xe\bdump\xe_psp0_1312.trc:
  ORA-00470: LGWR process terminated with error
  Wed Mar 25 16:02:19 2009
  Errors in file c:\oraclexe\app\oracle\admin\xe\bdump\xe_mman_200.trc:
  ORA-00470: LGWR process terminated with error
  Wed Mar 25 16:02:19 2009
  Errors in file c:\oraclexe\app\oracle\admin\xe\bdump\xe_pmon_1632.trc:
  ORA-00470: LGWR process terminated with error
  Wed Mar 25 16:02:19 2009
  Errors in file c:\oraclexe\app\oracle\admin\xe\bdump\xe_reco_1760.trc:
  ORA-00470: LGWR process terminated with error
  Wed Mar 25 16:02:19 2009
  Errors in file c:\oraclexe\app\oracle\admin\xe\bdump\xe_smon_1848.trc:
  ORA-00470: LGWR process terminated with error
  Instance terminated by LGWR, pid = 188Again when we tried by connecting sqlplus following was output
  SQL> connect sys/manager as sysdba
  Connected to an idle instance.
  SQL> startup
  ORACLE instance started.
  Total System Global Area 146800640 bytes
  Fixed Size 1286220 bytes
  Variable Size 83890100 bytes
  Database Buffers 58720256 bytes
  Redo Buffers 2904064 bytes
  Database mounted.
  ORA-03113: end-of-file on communication channelWe actually need database dump for user PMIS, any help would be highly appreciated

  Hi Wim
  You should say that "It may be Control File problem", but you shouldn't say that "it's due to Control File" problem
  Please refer to Errors Documentation for more information on ORA-00600
  http://download.oracle.com/docs/cd/B19306_01/server.102/b14219/e0.htm#sthref371
  ORA-00600: internal error code, arguments: [string], [string], [string], [string], [string], [string], [string], [string]
  Cause: This is the generic internal error number for Oracle program exceptions. This indicates that a process has encountered an exceptional condition.
  Action: Report as a bug - the first argument is the internal error number
  Kamran Agayev A. (10g OCP)
  http://kamranagayev.wordpress.com

• ORA-01031: insufficient privileges and shared memory realm does not exist

  Hi all,
  I came to a dead end to start oracle 10.2 database. I have searched on google and this forum, none of these solutions work for me. PS, I have installed 11g on my machine too.
  I have set up ORACLE_SID,ORACLE_HOME to 10.2 database based on the tnsnames.ora.
  follow is error message：
  sqlplus sys as sysdba
  SQL*Plus: Release 10.2.0.1.0 - Production on Wed Apr 3 02:09:54 2013
  Copyright (c) 1982, 2005, Oracle. All rights reserved.
  Enter password:
  ERROR:
  ORA-01031: insufficient privileges
  sqlplus /nolog
  SQL*Plus: Release 10.2.0.1.0 - Production on Wed Apr 3 02:10:55 2013
  Copyright (c) 1982, 2005, Oracle. All rights reserved.
  SQL> conn / as sysdba
  ERROR:
  ORA-01031: insufficient privileges
  SQL> conn scott/tiger
  ERROR:
  ORA-01034: ORACLE not available
  ORA-27101: shared memory realm does not exist
  Linux-x86_64 Error: 2: No such file or directory
  First I thought the instance has been start yet, but since I can't login with sysdba. I don't know what other options.
  For 10.2, the tnsnames.ora
  ORA102 =
  +(DESCRIPTION =+
  +(ADDRESS = (PROTOCOL = TCP)(HOST =XXX)(PORT = 1523))+
  +(CONNECT_DATA =+
  +(SERVER = DEDICATED)+
  +(SERVICE_NAME = ora102)+
  +)+
  +)+
  LISTENER_ORA102 =
  +(ADDRESS = (PROTOCOL = TCP)(HOST =XXX)(PORT = 1523))+
  EXTPROC_CONNECTION_DATA =
  +(DESCRIPTION =+
  +(ADDRESS_LIST =+
  +(ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC2))+
  +)+
  +(CONNECT_DATA =+
  +(SID = PLSExtProc)+
  +(PRESENTATION = RO)+
  +)+
  +)+
  listener.ora:
  SID_LIST_LISTENER =
  (SID_LIST =
  (SID_DESC =
  (SID_NAME = PLSExtProc)
  (ORACLE_HOME = /data/oracle/ora102)
  (PROGRAM = extproc)
  LISTENER =
  (DESCRIPTION_LIST =
  (DESCRIPTION =
  (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC2))
  (ADDRESS = (PROTOCOL = TCP)(HOST =XXXXX)(PORT = 1523))
  EXTPROC_CONNECTION_DATA =
  (DESCRIPTION =
  (ADDRESS_LIST =
  (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC))
  (CONNECT_DATA =
  (SID = PLSExtProc)
  (PRESENTATION = RO)
  )

  try do this steps on server side:
  1) sqlplus sys as sysdba
  2) select open_mode from v$database;
  show result 2 step

• Error Security BEA-090870 The realm "myrealm" failed to be loaded:

  Hi, I am setting up Identity Manager on centos 4.7 with weblogic 10.3. I've followed "Installation and Configuration Guide for BEA WebLogic Server Release 9.1.0.pdf" document. After increasing the memory and setting up the java option, it required post installation tasks. My weblogic domain was unable to start. Please see the error logs below. Thanks in advance.
  JAVA Memory arguments: -Xms256m -Xmx512m -XX:CompileThreshold=8000 -XX:PermSize=48m -XX:MaxPermSize=128m
  WLS Start Mode=Development
  CLASSPATH=:/u01/app/oracle/bea/patch_wlw1030/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/u01/app/oracle/bea/patch_wls1030/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/u01/app/oracle/bea/patch_cie660/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/u01/app/oracle/bea/jdk160_05/lib/tools.jar:/u01/app/oracle/bea/wlserver_10.3/server/lib/weblogic_sp.jar:/u01/app/oracle/bea/wlserver_10.3/server/lib/weblogic.jar:/u01/app/oracle/bea/modules/features/weblogic.server.modules_10.3.0.0.jar:/u01/app/oracle/bea/wlserver_10.3/server/lib/webservices.jar:/u01/app/oracle/bea/modules/org.apache.ant_1.6.5/lib/ant-all.jar:/u01/app/oracle/bea/modules/net.sf.antcontrib_1.0.0.0_1-0b2/lib/ant-contrib.jar::/u01/app/oracle/bea/wlserver_10.3/common/eval/pointbase/lib/pbclient57.jar:/u01/app/oracle/bea/wlserver_10.3/server/lib/xqrl.jar::
  PATH=/u01/app/oracle/bea/wlserver_10.3/server/bin:/u01/app/oracle/bea/modules/org.apache.ant_1.6.5/bin:/u01/app/oracle/bea/jdk160_05/jre/bin:/u01/app/oracle/bea/jdk160_05/bin:/u01/app/oracle/product/10.2.0/db_1/bin:/usr/sbin:/usr/kerberos/bin:/usr/local/bin:/bin:/usr/bin:/usr/X11R6/bin
  * To start WebLogic Server, use a username and *
  * password assigned to an admin-level user. For *
  * server administration, use the WebLogic Server *
  * console at http://hostname:port/console *
  starting weblogic with Java version:
  java version "1.6.0_05"
  Java(TM) SE Runtime Environment (build 1.6.0_05-b13)
  Java HotSpot(TM) Client VM (build 10.0-b19, mixed mode)
  Starting WLS with line:
  /u01/app/oracle/bea/jdk160_05/bin/java -client -Xms256m -Xmx512m -XX:CompileThreshold=8000 -XX:PermSize=48m -XX:MaxPermSize=128m -Xverify:none -da -Dplatform.home=/u01/app/oracle/bea/wlserver_10.3 -Dwls.home=/u01/app/oracle/bea/wlserver_10.3/server -Dweblogic.home=/u01/app/oracle/bea/wlserver_10.3/server -Dweblogic.management.discover=true -Dwlw.iterativeDev= -Dwlw.testConsole= -Dwlw.logErrorsToConsole= -Dweblogic.ext.dirs=/u01/app/oracle/bea/patch_wlw1030/profiles/default/sysext_manifest_classpath:/u01/app/oracle/bea/patch_wls1030/profiles/default/sysext_manifest_classpath:/u01/app/oracle/bea/patch_cie660/profiles/default/sysext_manifest_classpath -Dweblogic.Name=AdminServer -Djava.security.policy=/u01/app/oracle/bea/wlserver_10.3/server/lib/weblogic.policy weblogic.Server
  <May 25, 2009 2:23:51 PM PHT> <Notice> <WebLogicServer> <BEA-000395> <Following extensions directory contents added to the end of the classpath:
  /u01/app/oracle/bea/user_projects/domains/identitymanager/lib/log4j-1.2.8.jar:/u01/app/oracle/bea/user_projects/domains/identitymanager/lib/mbeantypes/XL10SecurityProviders.jar:/u01/app/oracle/bea/user_projects/domains/identitymanager/lib/nexaweb-common.jar>
  <May 25, 2009 2:23:51 PM PHT> <Info> <WebLogicServer> <BEA-000377> <Starting WebLogic Server with Java HotSpot(TM) Client VM Version 10.0-b19 from Sun Microsystems Inc.>
  <May 25, 2009 2:23:51 PM PHT> <Info> <Management> <BEA-141107> <Version: WebLogic Server 10.3 Fri Jul 25 16:30:05 EDT 2008 1137967 >
  <May 25, 2009 2:23:52 PM PHT> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to STARTING>
  <May 25, 2009 2:23:52 PM PHT> <Info> <WorkManager> <BEA-002900> <Initializing self-tuning thread pool>
  <May 25, 2009 2:23:52 PM PHT> <Notice> <Log Management> <BEA-170019> <The server log file /u01/app/oracle/bea/user_projects/domains/identitymanager/servers/AdminServer/logs/AdminServer.log is opened. All server side log events will be written to this file.>
  <May 25, 2009 2:23:58 PM PHT> <Error> <Security> <BEA-090870> <The realm "myrealm" failed to be loaded: weblogic.security.service.SecurityServiceException: java.lang.NoClassDefFoundError: com/thortech/util/logging/Logger.
  weblogic.security.service.SecurityServiceException: java.lang.NoClassDefFoundError: com/thortech/util/logging/Logger
  at weblogic.security.service.CSSWLSDelegateImpl.initializeServiceEngine(Unknown Source)
  at weblogic.security.service.CSSWLSDelegateImpl.initialize(Unknown Source)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.InitializeServiceEngine(Unknown Source)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealm(Unknown Source)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadRealm(Unknown Source)
  Truncated. see log file for complete stacktrace
  java.lang.NoClassDefFoundError: com/thortech/util/logging/Logger
  at com.thortech.xl.security.wl.XellerateAuthenticationProviderImpl.<clinit>(XellerateAuthenticationProviderImpl.java:73)
  at java.lang.Class.forName0(Native Method)
  at java.lang.Class.forName(Class.java:247)
  at com.bea.common.security.internal.legacy.service.SecurityProviderImpl.init(SecurityProviderImpl.java:51)
  at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:363)
  Truncated. see log file for complete stacktrace
  java.lang.ClassNotFoundException: com.thortech.util.logging.Logger
  at java.net.URLClassLoader$1.run(URLClassLoader.java:200)
  at java.security.AccessController.doPrivileged(Native Method)
  at java.net.URLClassLoader.findClass(URLClassLoader.java:188)
  at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
  at java.lang.ClassLoader.loadClass(ClassLoader.java:251)
  Truncated. see log file for complete stacktrace
  >
  <May 25, 2009 2:23:58 PM PHT> <Notice> <Security> <BEA-090082> <Security initializing using security realm myrealm.>
  <May 25, 2009 2:23:58 PM PHT> <Critical> <WebLogicServer> <BEA-000362> <Server failed. Reason:
  There are 1 nested errors:
  weblogic.security.service.SecurityServiceRuntimeException: [Security:090399]Security Services Unavailable
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(Unknown Source)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(Unknown Source)
  at weblogic.security.service.SecurityServiceManager.initialize(Unknown Source)
  at weblogic.security.SecurityService.start(SecurityService.java:141)
  at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
  at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
  at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
  >
  <May 25, 2009 2:23:58 PM PHT> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FAILED>
  <May 25, 2009 2:23:58 PM PHT> <Error> <WebLogicServer> <BEA-000383> <A critical service failed. The server will shut itself down>
  <May 25, 2009 2:23:58 PM PHT> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>

  I had the same error while trying to start the weblogic admin server for my IDM domain to allow me configure OIM server and OIM Design Console on my Window 7 box. What I did were the following steps.
  1. I changed to the IDM domain bin directory <MiddlewareHome>\user_projects\domains\idm1_domain\bin
  2. I ran the secureWeblogic.bat file as administrator
  3. I ran the setDomainEnv.cmd file as administrator
  4. I ran the setSOADomainEnv.cmd file as administrator
  5. Started my weblogic admin server and it worked.