Replace "weblogic.security.Security.getCurrentSubject()"

In weblogic,we can use "weblogic.security.Security.getCurrentSubject()" method
to get a javax.security.auth.Subject object,this object contains the security
information of the current user that call this method."Security.getCurrentSubject()"
is a static method and has no parameter,so it's easy for us to get the security
information anywhere.
But this API is provided by BEA weblogic,it's not a standard J2EE API,so it's
hard for me to change the APP Server to others like WebSphere or Oracle IAS.
Another way is use getUserPrincipal() of HttpRequest and getCallerPrincipal()
of EJBContext,but these two methods need a reference to the HttpRequest object
and EjbConext object,and is restrict use in Servlet and EJB,hard to use in normal
java classes.
I want to find a standard J2EE API to do the same thing,can anyone help me?
Any suggestion is welcome.
thanks

J2EE provides no standard way of getting the current Subject. In WebLogic
the Subject returned by Subject.getSubject(AccessController.getContext()) is
not necessarily the same as the current user.
- Neil
"Lloyd Fernandes" <[email protected]> wrote in message
news:3ffd46f1$[email protected]..
>
"Jason Shi" <[email protected]> wrote:
I have try this method,but the return subject is null.
"Lloyd Fernandes" <[email protected]> wrote:
"Jason Shi" <[email protected]> wrote:
In weblogic,we can use "weblogic.security.Security.getCurrentSubject()"
method
to get a javax.security.auth.Subject object,this object contains the
security
information of the current user that call this
method."Security.getCurrentSubject()"
is a static method and has no parameter,so it's easy for us to getthe
security
information anywhere.
But this API is provided by BEA weblogic,it's not a standard J2EE
API,so
it's
hard for me to change the APP Server to others like WebSphere or Oracle
IAS.
Another way is use getUserPrincipal() of HttpRequest andgetCallerPrincipal()
of EJBContext,but these two methods need a reference to the HttpRequest
object
and EjbConext object,and is restrict use in Servlet and EJB,hard touse
in normal
java classes.
I want to find a standard J2EE API to do the same thing,can anyone
help
me?
Any suggestion is welcome.
thanks
Subject.getSubject(AccessController.getContext());
- lloyd
I noticed that too. I have escalated it to weblogic. Hopefully I will getan answer
in a couple of days.

Similar Messages

  • Weblogic.security.acl in Weblogic 6

    I came across the following in the migration documention
    (http://edocs.bea.com/wls/docs60/notes/migrate.html#1026915):
    I'm assuming that this is just a typo or wording issue but it currently
    reads "weblogic.security.acl" is deprecated? Can't be the whole package.
    Anyone else notice this?
    Deprecated APIs and Features
    The following APIs and features are deprecated in anticipation of future
    removal from the product:
    a.. weblogic.security.acl
    b.. WebLogic Events
    WebLogic Events are deprecated and should be replaced by JMS messages with
    NO_ACKNOWLEDGE or MULTICAST_NO_ACKNOWLEDGE delivery modes. See Programming
    WebLogic JMS for more information.
    c.. WebLogic HTMLKona
    d.. T3 Driver

    request.getRemoteUser() still works fine for me after I implented a custom
    Autthenication / LoginModule.
    "patrik" <[email protected]> wrote in message
    news:[email protected]..
    >
    Yes, I have. see:
    http://newsgroups.bea.com/cgi-bin/dnewsweb?cmd=article&group=weblogic.develo
    per.interest.security&item=8553&utag=
    >
    But if you've managed to get out the information from it I'd be gratefulto know
    how.
    /Patrik
    "Utpal" <[email protected]> wrote:
    Have you tried weblogic.security.Security.getCurrentSubject() ??
    -utpal

  • Weblogic.security.internal.SerializedSystemIniException

    While starting weblogic server, I am getting the following error,
    Exception raised:
    weblogic.security.internal.SerializedSystemIniException: Version mismatch. have
    0, expected 1
         at weblogic.security.internal.SerializedSystemIni.<init>(SerializedSystemIni.java:119)
         at weblogic.security.internal.SerializedSystemIni.getEncryptionService(SerializedSystemIni.java:208)
         at weblogic.management.internal.EncryptedData.getEncryptionService(EncryptedData.java:82)
    Can anybody give a clue in this to resolve urgently?

    It seems like your SerializedSystemIni.dat is currupted.
    Do you have SerializedSystemIni.dat and fileRealm.property from any other
    working domain?
    Please try to replace both of them and see if this fixes the problem.
    -utpal
    "Ramanan " <[email protected]> wrote in message
    news:[email protected]..
    >
    While starting weblogic server, I am getting the following error,
    Exception raised:
    weblogic.security.internal.SerializedSystemIniException: Version mismatch.have
    0, expected 1
    atweblogic.security.internal.SerializedSystemIni.<init>(SerializedSystemIni.ja
    va:119)
    atweblogic.security.internal.SerializedSystemIni.getEncryptionService(Serializ
    edSystemIni.java:208)
    atweblogic.management.internal.EncryptedData.getEncryptionService(EncryptedDat
    a.java:82)
    >
    Can anybody give a clue in this to resolve urgently?

  • Weblogic.security.service.NotAuthorizedRuntimeException

    We see the following exception occur at random. We are trying to access a CMP ejb
    that connects to an Oracle db. It works fine at times.
    Any help would be appreciated.
    Thanks.
    weblogic.security.service.NotAuthorizedRuntimeException: [Security:090419]Subjec
    t "<null>" is not the kernel identity
    at weblogic.security.service.SubjectManagerImpl.checkKernelIdentity(Subj
    ectManagerImpl.java:215)
    at weblogic.security.subject.DelegatingSubjectStack.getCurrentSubject(De
    legatingSubjectStack.java:31)
    at weblogic.security.service.SubjectManagerImpl.getCurrentSubject(Subjec
    tManagerImpl.java:61)
    at weblogic.security.service.SecurityManager.getCurrentSubject(SecurityM
    anager.java:43)
    at weblogic.rjvm.JVMID.getClusterURL(JVMID.java:1204)
    at weblogic.rjvm.JVMID.getClusterURL(JVMID.java:1192)
    at weblogic.rjvm.RJVMImpl.getClusterURL(RJVMImpl.java:596)
    at weblogic.rmi.cluster.ClusterActivatableRemoteRef.readExternal(Cluster
    ActivatableRemoteRef.java:124)
    at java.io.ObjectInputStream.readExternalData(ObjectInputStream.java:168
    6)
    at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1
    644)
    at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1274)
    at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:18
    45)
    at java.io.ObjectInputStream.defaultReadObject(ObjectInputStream.java:45
    2)
    at weblogic.rmi.internal.StubInfo.readObject(StubInfo.java:116)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
    java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
    sorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:324)
    at java.io.ObjectStreamClass.invokeReadObject(ObjectStreamClass.java:838
    at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:1746)
    at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1
    646)
    at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1274)
    at java.io.ObjectInputStream.readObject(ObjectInputStream.java:324)
    at weblogic.common.internal.ChunkedObjectInputStream.readObject(ChunkedO
    bjectInputStream.java:119)
    at weblogic.rjvm.MsgAbbrevInputStream.readObject(MsgAbbrevInputStream.ja
    va:112)
    at weblogic.rmi.internal.ObjectIO.readObject(ObjectIO.java:56)
    at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:159)
    at weblogic.rmi.cluster.ReplicaAwareRemoteRef.invoke(ReplicaAwareRemoteR
    ef.java:285)
    at weblogic.rmi.cluster.ReplicaAwareRemoteRef.invoke(ReplicaAwareRemoteR
    ef.java:244)
    at com.sun.j2ee.blueprints.customer.ejb.CustomerEJB_tzvy3k_HomeImpl_811_
    WLStub.findByPrimaryKey(Unknown Source)
    at com.kinzan.library.ecm.login.LoginAction.handleEvent(Unknown Source)

    Balaji Rajasekaran <> writes:
    i couln't find that in weblogic.jar ( WLS 10 )In 10 it will probably be in the css implementation. I'm not sure what
    the name of the jar is.
    andy

  • Weblogic.security.provider.PrincipalValidatorImpl deprecated

    http://edocs.bea.com/wls/docs103/javadocs/weblogic/security/provider/PrincipalValidatorImpl.html says the class is deprecated though the documentation(http://edocs.bea.com/wls/docs103/dvspisec/atn.html#wp1089150) suggests its use.
    Anyone have any knowledge of the replacement api usage (com.bea.common.security.provider.PrincipalValidatorImpl) which does not seem to have a default constructor..

    Same Problem here. It seems com.bea.common.security.provider.PrincipalValidatorImpl has no API Reference. and weblogic.security.provider.PrincipalValidatorImpl which is obviously for the WLS 8 release is deprecated.
    Where to find an API Reference or some other documentation to com.bea.common.security.provider.PrincipalValidatorImpl ?

  • Error:- weblogic.security.SecurityInitializationException: Authentication

    Hi,
    I am getting below error when ever i am trying to start the Managed server in cluster environment(unix).
    I am able to start the server on local machine but in case of remote machine its not gettig started.
    I have tried most of the steps as mentioned below:-
    1) Changed the weblogic passowrd.
    2) Delete boot.properties.
    3) deleted $DOMAIN_DIR\servers\<admin-server-name>\data\ldap
    4) Followed below post also but nothing worked:-
    https://forums.oracle.com/forums/thread.jspa?threadID=956750&start=30&tstart=0
    ####<Nov 14, 2011 7:41:28 PM IST> <Info> <WebLogicServer> <infva05177.vshodc.lntinfotech.com> <> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <> <> <> <1321279888310> <BEA-000000> <WebLogic Server "soa_server2" version:
    WebLogic Server 10.3.5.0 Fri Apr 1 20:20:06 PDT 2011 1398638 Copyright (c) 1995, 2009, Oracle and/or its affiliates. All rights reserved.>
    ####<Nov 14, 2011 7:41:28 PM IST> <Notice> <Log Management> <infva05177.vshodc.lntinfotech.com> <> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <> <> <> <1321279888419> <BEA-170019> <The server log file /home/oracle/Oracle/Middleware/user_projects/domains/domain_cluster/servers/soa_server2/logs/soa_server2.log is opened. All server side log events will be written to this file.>
    ####<Nov 14, 2011 7:41:28 PM IST> <Info> <Log Management> <infva05177.vshodc.lntinfotech.com> <> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <> <> <> <1321279888426> <BEA-170023> <The Server Logging is initialized with Java Logging API implementation.>
    ####<Nov 14, 2011 7:41:28 PM IST> <Info> <Diagnostics> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888494> <BEA-320001> <The ServerDebug service initialized successfully.>
    ####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888560> <BEA-002622> <The protocol "t3" is now configured.>
    ####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888560> <BEA-002622> <The protocol "t3s" is now configured.>
    ####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888560> <BEA-002622> <The protocol "http" is now configured.>
    ####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888560> <BEA-002622> <The protocol "https" is now configured.>
    ####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888561> <BEA-002622> <The protocol "iiop" is now configured.>
    ####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888562> <BEA-002622> <The protocol "iiops" is now configured.>
    ####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888562> <BEA-002622> <The protocol "ldap" is now configured.>
    ####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888562> <BEA-002622> <The protocol "ldaps" is now configured.>
    ####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888564> <BEA-002622> <The protocol "cluster" is now configured.>
    ####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888565> <BEA-002622> <The protocol "clusters" is now configured.>
    ####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888568> <BEA-002622> <The protocol "snmp" is now configured.>
    ####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888568> <BEA-002622> <The protocol "admin" is now configured.>
    ####<Nov 14, 2011 7:41:28 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888569> <BEA-002624> <The administration protocol is "t3s" and is now configured.>
    ####<Nov 14, 2011 7:41:28 PM IST> <Info> <RJVM> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279888583> <BEA-000570> <Network Configuration for Channel "soa_server2"
    Listen Address          172.17.103.42:8101
    Public Address          N/A
    Http Enabled          true
    Tunneling Enabled     false
    Outbound Enabled     false
    Admin Traffic Enabled     true>
    ####<Nov 14, 2011 7:41:29 PM IST> <Info> <Server> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279889336> <BEA-002609> <Channel Service initialized.>
    ####<Nov 14, 2011 7:41:29 PM IST> <Info> <Socket> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279889410> <BEA-000436> <Allocating 4 reader threads.>
    ####<Nov 14, 2011 7:41:29 PM IST> <Info> <Socket> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279889412> <BEA-000446> <Native IO Enabled.>
    ####<Nov 14, 2011 7:41:29 PM IST> <Info> <IIOP> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279889612> <BEA-002014> <IIOP subsystem enabled.>
    ####<Nov 14, 2011 7:41:32 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279892649> <BEA-090894> <Successfully loaded the OPSS Policy Provider using oracle.security.jps.internal.policystore.JavaPolicyProvider.>
    ####<Nov 14, 2011 7:41:33 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279893102> <BEA-000000> <Starting OpenJPA 1.1.1-SNAPSHOT>
    ####<Nov 14, 2011 7:41:33 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279893224> <BEA-000000> <StoreServiceImpl.initJDO - StoreService is initialized with Id = ldap_qMT60FRl3kIPYftFoWhBFbhSxuY=>
    ####<Nov 14, 2011 7:41:33 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279893501> <BEA-000000> <BootStrapServiceImpl.loadLDIFTemplate - Did not find /home/oracle/Oracle/Middleware/user_projects/domains/domain_cluster/servers/soa_server2/data/ldap/XACMLAuthorizermyrealmInit.initialized, will load full LDIFT.>
    ####<Nov 14, 2011 7:41:33 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279893509> <BEA-090074> <Initializing Authorizer provider using LDIF template file /home/oracle/Oracle/Middleware/wlserver_10.3/server/lib/XACMLAuthorizerInit.ldift.>
    ####<Nov 14, 2011 7:41:33 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279893921> <BEA-090075> <The Authorizer provider has had its LDIF information loaded from: /home/oracle/Oracle/Middleware/wlserver_10.3/server/lib/XACMLAuthorizerInit.ldift>
    ####<Nov 14, 2011 7:41:34 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279894240> <BEA-000000> <BootStrapServiceImpl.loadLDIFTemplate - Did not find /home/oracle/Oracle/Middleware/user_projects/domains/domain_cluster/servers/soa_server2/data/ldap/DefaultCredentialMappermyrealmInit.initialized, will load full LDIFT.>
    ####<Nov 14, 2011 7:41:34 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279894240> <BEA-090827> <LDIF template file /home/oracle/Oracle/Middleware/wlserver_10.3/server/lib/DefaultCredentialMapperInit.ldift was empty. The WebLogic provider CredentialMapper has been bootstrapped but has not been initialized with any LDIF data.>
    ####<Nov 14, 2011 7:41:34 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279894250> <BEA-000000> <BootStrapServiceImpl.loadLDIFTemplate - Did not find /home/oracle/Oracle/Middleware/user_projects/domains/domain_cluster/servers/soa_server2/data/ldap/XACMLRoleMappermyrealmInit.initialized, will load full LDIFT.>
    ####<Nov 14, 2011 7:41:34 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279894251> <BEA-090074> <Initializing RoleMapper provider using LDIF template file /home/oracle/Oracle/Middleware/user_projects/domains/domain_cluster/security/XACMLRoleMapperInit.ldift.>
    ####<Nov 14, 2011 7:41:34 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279894265> <BEA-090075> <The RoleMapper provider has had its LDIF information loaded from: /home/oracle/Oracle/Middleware/user_projects/domains/domain_cluster/security/XACMLRoleMapperInit.ldift>
    ####<Nov 14, 2011 7:41:34 PM IST> <Info> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279894442> <BEA-090093> <No pre-WLS 8.1 Keystore providers are configured for server soa_server2 for security realm myrealm.>
    ####<Nov 14, 2011 7:41:34 PM IST> <Notice> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279894442> <BEA-090082> <Security initializing using security realm myrealm.>
    ####<Nov 14, 2011 7:41:34 PM IST> <Critical> <Security> <infva05177.vshodc.lntinfotech.com> <soa_server2> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1321279894594> <BEA-090403> <Authentication for user weblogic denied>
    ####<Nov 14, 2011 7:41:34 PM IST> <Critical> <WebLogicServer> <infva05177.vshodc.lntinfotech.com> <soa_server2> <Main Thread> <<WLS Kernel>> <> <> <1321279894596> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: Authentication for user weblogic denied
    weblogic.security.SecurityInitializationException: Authentication for user weblogic denied
         at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:965)
         at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1050)
         at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:873)
         at weblogic.security.SecurityService.start(SecurityService.java:141)
         at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
         at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
         at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
    Caused By: javax.security.auth.login.FailedLoginException: [Security:090303]Authentication Failed: User weblogic weblogic.security.providers.authentication.LDAPAtnDelegateException: [Security:090295]caught unexpected exception
         at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:251)
         at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
         at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
         at java.lang.reflect.Method.invoke(Method.java:597)
         at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
         at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
         at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
         at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
         at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
         at com.bea.common.security.internal.service.JAASLoginServiceImpl.login(JAASLoginServiceImpl.java:113)
         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
         at java.lang.reflect.Method.invoke(Method.java:597)
         at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
         at $Proxy28.login(Unknown Source)
         at weblogic.security.service.internal.WLSJAASLoginServiceImpl$ServiceImpl.login(WLSJAASLoginServiceImpl.java:89)
         at com.bea.common.security.internal.service.JAASAuthenticationServiceImpl.authenticate(JAASAuthenticationServiceImpl.java:82)
         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
         at java.lang.reflect.Method.invoke(Method.java:597)
         at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
         at $Proxy46.authenticate(Unknown Source)
         at weblogic.security.service.WLSJAASAuthenticationServiceWrapper.authenticate(WLSJAASAuthenticationServiceWrapper.java:40)
         at weblogic.security.service.PrincipalAuthenticator.authenticate(PrincipalAuthenticator.java:348)
         at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:929)
         at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1050)
         at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:873)
         at weblogic.security.SecurityService.start(SecurityService.java:141)
         at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
         at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
         at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
    >
    ####<Nov 14, 2011 7:41:34 PM IST> <Notice> <WebLogicServer> <infva05177.vshodc.lntinfotech.com> <soa_server2> <Main Thread> <<WLS Kernel>> <> <> <1321279894605> <BEA-000365> <Server state changed to FAILED>
    ####<Nov 14, 2011 7:41:34 PM IST> <Error> <WebLogicServer> <infva05177.vshodc.lntinfotech.com> <soa_server2> <Main Thread> <<WLS Kernel>> <> <> <1321279894605> <BEA-000383> <A critical service failed. The server will shut itself down>
    ####<Nov 14, 2011 7:41:34 PM IST> <Notice> <WebLogicServer> <infva05177.vshodc.lntinfotech.com> <soa_server2> <Main Thread> <<WLS Kernel>> <> <> <1321279894608> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>
    ####<Nov 14, 2011 7:41:34 PM IST> <Info> <WebLogicServer> <infva05177.vshodc.lntinfotech.com> <soa_server2> <Main Thread> <<WLS Kernel>> <> <> <1321279894618> <BEA-000236> <Stopping execute threads.>
    Please help.
    thanks in advance

    I've tried every trick in the book but no luck and finally I found a solution for this problem. Maybe it is not the best practice but it works:
    1-Uninstall JDeveloper.
    2-Delete Oracle Middleware file located in C:\Oracle
    3-Delete the JDeveloper file located in C:\Users\MyUser\AppData\Roaming (Because the integrated Weblogic server is actually there)
    4-Reinstall JDeveloper
    That solved the issue.
    Thanks

  • Error in Admin and manager server startup - BEA-149205-  due to error weblogic.security.internal.encryption.EncryptionServiceException

    Hi -
    I have installed OIM 11g r2 ps2, I an tring to start my Admin and SOA server :
    1. Though my admin server is coming up fine, but I am getting the following error when I am trying to start Admin server.
    ####<Apr 22, 2015 12:22:27 AM PDT> <Error> <Deployer> <devoimx003> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS
    Kernel>> <> <> <1429687347654> <BEA-149205> <Failed to initialize the application 'opss-DBDS' due to error weblogic.security.internal.encryption.EncryptionServiceException.
    weblogic.security.internal.encryption.EncryptionServiceException
            at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptBytes(JSafeEncryptionServiceImpl.java:139)
            at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptString(JSafeEncryptionServiceImpl.java:187)
            at weblogic.security.internal.encryption.ClearOrEncryptedService.decrypt(ClearOrEncryptedService.java:96)
            at sun.reflect.GeneratedMethodAccessor143.invoke(Unknown Source)
            at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
            at java.lang.reflect.Method.invoke(Method.java:597)
            at weblogic.descriptor.DescriptorManager$SecurityServiceImpl$SecurityProxy._invokeServiceMethod(DescriptorManager.java:173)
            at weblogic.descriptor.DescriptorManager$SecurityServiceImpl$SecurityProxy.decrypt(DescriptorManager.java:192)
            at weblogic.descriptor.DescriptorManager$SecurityServiceImpl.decrypt(DescriptorManager.java:114)
            at weblogic.descriptor.internal.AbstractDescriptorBean._decrypt(AbstractDescriptorBean.java:1092)
            at weblogic.j2ee.descriptor.wl.JDBCDriverParamsBeanImpl.getPassword(JDBCDriverParamsBeanImpl.java:337)
            at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.getDriverProperties(DataSourceConnectionPoolConfig.java:368)
            at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig$2.run(DataSourceConnectionPoolConfig.java:304)
            at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
            at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
            at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.initJDBCParameters(DataSourceConnectionPoolConfig.java:300)
            at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.access$000(DataSourceConnectionPoolConfig.java:24)
            at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig$1.run(DataSourceConnectionPoolConfig.java:78)
            at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
            at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
            at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.getPoolProperties(DataSourceConnectionPoolConfig.java:75)
            at weblogic.jdbc.common.internal.ConnectionPool.doStart(ConnectionPool.java:1329)
            at weblogic.jdbc.common.internal.ConnectionPool.start(ConnectionPool.java:176)
            at weblogic.jdbc.common.internal.ConnectionPoolManager.createAndStartPool(ConnectionPoolManager.java:507)
            at weblogic.jdbc.common.internal.ConnectionPoolManager.createAndStartPool(ConnectionPoolManager.java:428)
            at weblogic.jdbc.module.JDBCModule.prepare(JDBCModule.java:280)
            at weblogic.application.internal.flow.ModuleListenerInvoker.prepare(ModuleListenerInvoker.java:199)
            at weblogic.application.internal.flow.DeploymentCallbackFlow$1.next(DeploymentCallbackFlow.java:517)
            at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
            at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:159)
            at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:45)
            at weblogic.application.internal.BaseDeployment$1.next(BaseDeployment.java:648)
            at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
            at weblogic.application.internal.BaseDeployment.prepare(BaseDeployment.java:191)
            at weblogic.application.internal.SingleModuleDeployment.prepare(SingleModuleDeployment.java:44)
            at weblogic.application.internal.DeploymentStateChecker.prepare(DeploymentStateChecker.java:154)
            at weblogic.deploy.internal.targetserver.AppContainerInvoker.prepare(AppContainerInvoker.java:60)
        at weblogic.deploy.internal.targetserver.SystemResourceDeployment.prepare(SystemResourceDeployment.java:55)
            at weblogic.management.deploy.internal.DeploymentAdapter$1.doPrepare(DeploymentAdapter.java:39)
            at weblogic.management.deploy.internal.DeploymentAdapter.prepare(DeploymentAdapter.java:191)
            at weblogic.management.deploy.internal.AppTransition$1.transitionApp(AppTransition.java:21)
            at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:240)
            at weblogic.management.deploy.internal.ConfiguredDeployments.prepare(ConfiguredDeployments.java:165)
            at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:122)
            at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:180)
            at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:96)
            at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
            at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
            at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
    Caused By: weblogic.security.internal.encryption.EncryptionServiceException
            at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptBytes(JSafeEncryptionServiceImpl.java:139)
            at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptString(JSafeEncryptionServiceImpl.java:187)
            at weblogic.security.internal.encryption.ClearOrEncryptedService.decrypt(ClearOrEncryptedService.java:96)
            at sun.reflect.GeneratedMethodAccessor143.invoke(Unknown Source)
            at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
            at java.lang.reflect.Method.invoke(Method.java:597)
            at weblogic.descriptor.DescriptorManager$SecurityServiceImpl$SecurityProxy._invokeServiceMethod(DescriptorManager.java:173)
            at weblogic.descriptor.DescriptorManager$SecurityServiceImpl$SecurityProxy.decrypt(DescriptorManager.java:192)
            at weblogic.descriptor.DescriptorManager$SecurityServiceImpl.decrypt(DescriptorManager.java:114)
            at weblogic.descriptor.internal.AbstractDescriptorBean._decrypt(AbstractDescriptorBean.java:1092)
            at weblogic.j2ee.descriptor.wl.JDBCDriverParamsBeanImpl.getPassword(JDBCDriverParamsBeanImpl.java:337)
            at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.getDriverProperties(DataSourceConnectionPoolConfig.java:368)
            at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig$2.run(DataSourceConnectionPoolConfig.java:304)
            at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
            at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
            at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.initJDBCParameters(DataSourceConnectionPoolConfig.java:300)
            at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.access$000(DataSourceConnectionPoolConfig.java:24)
            at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig$1.run(DataSourceConnectionPoolConfig.java:78)
            at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
            at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
            at weblogic.jdbc.common.internal.DataSourceConnectionPoolConfig.getPoolProperties(DataSourceConnectionPoolConfig.java:75)
            at weblogic.jdbc.common.internal.ConnectionPool.doStart(ConnectionPool.java:1329)
            at weblogic.jdbc.common.internal.ConnectionPool.start(ConnectionPool.java:176)
            at weblogic.jdbc.common.internal.ConnectionPoolManager.createAndStartPool(ConnectionPoolManager.java:507)
            at weblogic.jdbc.common.internal.ConnectionPoolManager.createAndStartPool(ConnectionPoolManager.java:428)
            at weblogic.jdbc.module.JDBCModule.prepare(JDBCModule.java:280)
            at weblogic.application.internal.flow.ModuleListenerInvoker.prepare(ModuleListenerInvoker.java:199)
            at weblogic.application.internal.flow.DeploymentCallbackFlow$1.next(DeploymentCallbackFlow.java:517)
            at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
          at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:159)
            at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:45)
            at weblogic.application.internal.BaseDeployment$1.next(BaseDeployment.java:648)
            at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
            at weblogic.application.internal.BaseDeployment.prepare(BaseDeployment.java:191)
            at weblogic.application.internal.SingleModuleDeployment.prepare(SingleModuleDeployment.java:44)
            at weblogic.application.internal.DeploymentStateChecker.prepare(DeploymentStateChecker.java:154)
            at weblogic.deploy.internal.targetserver.AppContainerInvoker.prepare(AppContainerInvoker.java:60)
            at weblogic.deploy.internal.targetserver.SystemResourceDeployment.prepare(SystemResourceDeployment.java:55)
            at weblogic.management.deploy.internal.DeploymentAdapter$1.doPrepare(DeploymentAdapter.java:39)
            at weblogic.management.deploy.internal.DeploymentAdapter.prepare(DeploymentAdapter.java:191)
            at weblogic.management.deploy.internal.AppTransition$1.transitionApp(AppTransition.java:21)
            at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:240)
            at weblogic.management.deploy.internal.ConfiguredDeployments.prepare(ConfiguredDeployments.java:165)
            at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:122)
            at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:180)
            at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:96)
            at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
            at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
            at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
    2. My SOA server is coming up but in admin mode and giving OPSS connections errors.
    Any help is really appreciated!
    Thanks,
    SK

    Hi Faisal -
    is your domain in development mode or production mode?
         - While configuring my domian , I had selected Prod Mode, but pon start up when I see in admin server console, it is starting in developement mode already ?
    Any idea how, why ?
    if its production mode you can switch to development mode, change all the credentials in the config.xml and configurations under sub folders to cleartext and start the server..
    - Let me still try these and get back to you.
    Thanks,
    SK

  • The weblogic.security.Security.runAs() and JAAS Subject

    Let say that I have Java client with some JAAS code that authenticates
    the user. The LoginContext generates a Subject containing the Principal
    name of the authenticated user, but also some private credentials that
    makes the Subject secure.
    Now I want to call an EJB on WLS.
    Having JNDI (EJB) code inside a PriviledgesAction and using the
    weblogic.security.Security.runAs() method, I assume that the Subject is
    sent over the wire with the EJB call. If not, please correct me.
    Question is: How does WLS authenticate this call? What modules are
    called? IdentityAsserter? LoginModule? Is the Subject simply assumed
    "valid"? Any documentation describing how this is done?
    /Bo

    Hi,
    Problem is solved, we also got security exception when we tried to call MBeans.For this to work we have to set
    -Dweblogic.disableMBeanAuthorization=true in weblogic startup script so that our application can access MBeans.
    Thanks
    girish

  • New to Weblogic Security

    I have an ORACLE database which contains a table of 100s of users and passwords with their group information. I developed a Webapplication (in Tomcat) in which one of the servlets works as authenticator for the user logging in by fetching row from the datbase and validating him.(This is a simple authentication)
    Now I have switched to Weblogic platform 8.1 SP2 and am completely new to Weblogic Security. I want to use Weblogic security features for my application and the users & groups should be retrieved from the database for authentication.
    How can I do this ? Any clear-cut steps ?
    Where can I find them in documentation ?
    Please help me...Urgent !!

    I found it in
    Weblogic Administration Console Home -> Summary of  Security Realms->myrealm->Providers.
    Click on new Authentication provider button-> you will see 'TrustServiceIdentityAsserter' as one of the types.

  • Weblogic security authentication; question to interact with the realm

    Hi, I have a quick question about weblogic security authentication....
    We are using weblogic 81sp3. We have user-group info in an Novell eDirectory LDAP server.
    Currently, a Novell Authenticator provider is configured under : Security > Realms > myRealm > Providers > Authentication This tells Weblogic from where to get the user and groups. Weblogic caches this information of the logged on users for certain time ( example : 60 secs ) after which it cleans the cache for all inactive users. We want to interact with the Weblogic cache. Add more user profile information to this cache and use it in our application .
    Does somebody know how to programmatically interact with Weblogic user-group cache - read , write , update and delete user-group info in cache and control time to live for the cache ?

    already checked
    TTLCache class which weblogic provides. But they seem to depracetd it
    help ?

  • Weblogic security: coping URL into other tab

    Hi,
    We have two Weblogic servers on two phisically different locations.
    First of them, WLS A, have perfect security. When you login into any application that is deployed on it, and try:
    - copy URL into another tab or browser window, you are getting returned at login page
    - when you close browser (without logout), and try to start application from history, you are getting login page, again
    So, URL that you have when you enter the application is absolutely useless. Closing the browser, or tab with application have practicaly same meaning as logout.
    Second of them, WLS B, have not that security. When you login into any application that is deployed on it, and:
    - copy URL into another tab or browser window, you are getting application without need to login! So that URL can be very dangerous, because it is possible to misuse it, if the user don't make logout
    - closing browser without logout: it is possible to find out the URL in history and go back into application without login!
    It is obvious that the problem is some setting on weblogic server. We tried to compare the settings on WLS A and WLS B but we have not found the setting that we have search for. The programmer that have found and set that property on WLS A working not more in our company.
    Can anybody help, we will be very greatful!
    Thanks,

    Hi,
    The authenticate method would take the user and the password details from the environment
    (env) that is passed and after successful authentication would populate the subject with
    the principals (i.e user, group the user belongs to ..)
    It should work with any user that is defined in the WLS not just weblogic/weblogic.
    Do you have any other users defined and which group do they belong to?
    Vimala
    Khalid Rizvi wrote:
    I am playing (learning) with weblogic.security.auth.login.UsernamePasswordLoginModule
    as a LoginModule using JAAS based authentication. Surprisingly, the only userid
    and password combination acceptable is uid=weblogic, pw=weblogic combination.
    I went through and looked at the example code under
    http://e-docs.bea.com/wls/docs70/security/cli_apps.html#1042212. I found that
    the UsernamePasswordLoginModule.login calls into
    if (url != null) {
    Environment env = new Environment();
    env.setProviderUrl(url);
    env.setSecurityPrincipal(username);
    env.setSecurityCredentials(password);
    try {
    Authenticate.authenticate(env, subject);
    Seems like UsernamePasswordLoginModule only is a router, as it instantiates an
    instance of Environemt using the userid and password and passes this Environemtn
    instance (env) to Authenticate.authenticate along with the empty Subject instance.
    I read about that the Subject instance will be filled in with Principals by the
    WL Server.
    My question is that firstly,
    1. As Authenticate.authenticate is not passed in the uid and pw, will it pick
    those from the env?
    2. Secondly, why does it only accept uid=weblogic & pw=weblogic.
    I will appreciate if some one can put me in the right direction.
    Khalid R. Rizvi
    508-641-1192
    [email protected]

  • SOAP handlers and the WebLogic Security Provider Framework

    I am new to WebLogic... I am trying to understand the Weblogic security framework in terms of how a SOAP message would be processed. Do SOAP handlers get called before the configured security providers? after being processed by the Authentication provider? after being processed by the Authorization provider? or at some other point?

    Thanks. But I have some questions about the seed:
    - where is it stored?
    - how is it encrypted?
    - is the seed regenerated periodically? or under certain circumstances?
    Regards,
    Janice Pang
    "Tom Hegadorn" <[email protected]> wrote:
    >
    >
    Hi Janice,
    If you choose to use the PrincipalValidatorImpl class in the
    weblogic.security.provider package, the sign() implementation
    will be the internal weblogic implementation. This implementation
    generates a random seed and computes a digest based on the
    random seed. I hope that helps you.
    Regards,
    Tom Hegadorn
    Sr. Developer Relations Engineer
    BEA Support
    "Janice Pang" <[email protected]> wrote:
    From the online documentations, it is said that this weblogic.security.provider.PrincipalValidatorImpl
    "signs" the authenticated principals to make sure they are not altered
    while they
    are transported on the network.
    The document also mentioned, as a suggested way to develop a customprincipal
    validation provider, to use this class and extend the capabilities of
    user and
    group classes. What kind of private information from the server isused
    for the
    signature and where is that information stored?

  • How to create default groups in Weblogic- Security Realms -- Groups

    Hi Team,
    Unfortunately I have deleted some default groups from Weblogic->Security Realms --> Groups. How to add the groups.
    Regards,
    Ravi.

    Hi Ravi,
    These are the defaults groups present inside Security Realms ,you can manually create them by
    Going inside Security Realms-->Users and Groups-->Groups-->New
    Administrators----Administrators can view and modify all resource attributes and start and stop servers-----------------------DefaultAuthenticator
    Deployers---------Deployers can view all resource attributes and deploy applications.---------------------------------------------DefaultAuthenticator
    Monitors-----------Monitors can view and modify all resource attributes and perform operations not restricted by roles.------DefaultAuthenticator
    Operators---------Operators can view and modify all resource attributes and perform server lifecycle operations.-------------DefaultAuthenticator
    Restart the Admin Server
    Regards
    FAbian

  • OWSM security for a OSB service- authenticate from weblogic security realms

    Hello,
    I have a requirement to add security to a OSB service.
    The user details are configured in weblogic security realms. lets say there are ten different users.
    I need to protect my osb service using OWSM policy & the policy should be configured to authenticate the user from realms.
    I am new to OWSM & wondering if this is possible?
    Can the experts please direct me to any docs or steps?
    Thanks
    Ganesh

    Hi,
    Thanks for the links.
    I followed the blog and configured it using oracle/wss_username_token_service_policy.
    Now my requirement is to send the username,password from proxy to business and to the BPEL. (the bpel needs this username /password & and in header)
    The issue I am facing is the proxy service is not sending the soap header details to business service.
    I dont want to make the proxy as passthrough. (ie set Process WS-Security Header to NO)
    I have to authorize on proxy level and then send the same credential details to business service?
    So the question is, how can I retrieve the header after osb process it?
    Can anyone please help me here?
    Thanks
    Ganesh

  • Oracle Application Express (APEX) and WebLogic Security

    Hi,
    Has anyone tried integrating Oracle APEX (custom authentication) with WebLogic Security as the user store?
    Thanks
    Joel

    Hi
    Depending on your architecture - APEX in EBS database - or APEX in it's own database instance you're going to have to change a couple of things.
    Most importantly - EBS R12 has removed MOd-PLSQL from the Apps menus and from the HTTP listener.
    You will need another HTTP listener - Apache with mod-plsql or Database R11 with Embedded Plsql Gateway - EPG.
    Second the way that APEX is called from EBS using the Web PLSQL functions in EBS menus is no longer supported in R12.
    Check out https://sites.google.com/a/popay.be/apex-on-apps/apps - follow the contacts there - they have also developed a Java utility to call APEX from EBS R12.
    In short - depsite Oracle's 'statement of direction' to move away from mod-plsql and removing this from EBS R12 (just what motivates this wierd thinking???)- APEX is still the most flexible and cost-effective means to extend EBS functionality - especially in reporting - and it works just fine in R12.
    Good luck
    Mike

Maybe you are looking for

  • Can't connect to shared printer on Windows 7 Pro x64

    I have a print server on Windows 2008 Standard and I have drivers installed for both x86 and x64 archs. The ricoh printer seems to work fine on windows 7 pro x64 but the hp printer will not work correctly. It seems to download/install the drivers but

  • Cisco ASA 5505 IOS 9.2(1), ASDM 7.3(2) NAT issues

    Hey all, I am really new to Cisco and am trying to get this Cisco ASA 5505 configured that I bought recently configured properly. Things I have successfully been able to do: 1. Configure static WAN IP on WAN port e0/0 (I have a /29 block of addresses

  • Does anybody have a WLST script for step-by-step cluster restart?

    Does anybody have a WLST script for step-by-step "smart" cluster restart?

  • Where do I find my iweb files on my computer?

    Help! My 17" PB suffered a hard drive failure and I had to have it replaced. A local (independent) shop recovered some of my files and copied them to dvd's but I don't know where to look for my iweb files on the dvd's. I have visited the sites that I

  • Stacked photos in LR

    Greetings, I had worked on a photo for LR in Silver Effects Pro. The photo in LR showed that there were 2 photos stacked together but I tried to unstack them and I can not find the photo I saved after working on it in SE. Thanks for any help on this.